Add homepage, pleroma stuff, ssh service and mounts
This commit is contained in:
Alex
parent
c15cba2d24
commit
34446e5a56
GPG Key ID:
F92BA85F61F4C173
1
base.yml
1
base.yml
@ -18,6 +18,7 @@
|
|||||||
services:
|
services:
|
||||||
- { name: "netfilter-persistent", enabled: true, action: restarted }
|
- { name: "netfilter-persistent", enabled: true, action: restarted }
|
||||||
- { name: "fail2ban", enabled: true, action: restarted }
|
- { name: "fail2ban", enabled: true, action: restarted }
|
||||||
|
- { name: "ssh", enabled: true, action: restarted }
|
||||||
vault:
|
vault:
|
||||||
roles:
|
roles:
|
||||||
- "common"
|
- "common"
|
||||||
|
|||||||
19
dns.yml
19
dns.yml
@ -42,12 +42,12 @@
|
|||||||
- { service: "seedown", port: "{{ global.seedbox.darkhttpd.port }}", group: "seedbox" }
|
- { service: "seedown", port: "{{ global.seedbox.darkhttpd.port }}", group: "seedbox" }
|
||||||
- { service: "transmission", port: "{{ global.seedbox.transmission.port }}", group: "seedbox" }
|
- { service: "transmission", port: "{{ global.seedbox.transmission.port }}", group: "seedbox" }
|
||||||
- { service: "grafana", port: "{{ global.monitoring.grafana.port }}", group: "monitoring" }
|
- { service: "grafana", port: "{{ global.monitoring.grafana.port }}", group: "monitoring" }
|
||||||
|
- { service: "pleroma", port: "{{ global.social.pleroma.listen.port }}", group: "social" }
|
||||||
|
- { service: "homepage", port: "{{ global.homepage.port }}", group: "homepage" }
|
||||||
A: # Wish these would support SRV, would ease a lot of configuration management
|
A: # Wish these would support SRV, would ease a lot of configuration management
|
||||||
- { service: "postgres", group: "backend" }
|
- { service: "postgres", group: "backend" }
|
||||||
- { service: "redis", group: "backend" }
|
- { service: "redis", group: "backend" }
|
||||||
- { service: "influxdb", group: "backend" }
|
- { service: "influxdb", group: "backend" }
|
||||||
remote:
|
|
||||||
- { service: "homepage", port: "80", domain: "rxhome.s3-website.eu-central-1.amazonaws.com." }
|
|
||||||
public:
|
public:
|
||||||
SRV:
|
SRV:
|
||||||
- { service: "mumble", proto: "tcp", host: "n0.redxen.eu", port: 64738 }
|
- { service: "mumble", proto: "tcp", host: "n0.redxen.eu", port: 64738 }
|
||||||
@ -60,26 +60,23 @@
|
|||||||
- { name: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.", pointer: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" }
|
- { name: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.", pointer: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" }
|
||||||
- { name: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.", pointer: "edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" }
|
- { name: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.", pointer: "edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" }
|
||||||
A:
|
A:
|
||||||
- { name: "", addr: "88.198.95.52" }
|
|
||||||
- { name: "nbg0.", addr: "88.198.95.52" }
|
- { name: "nbg0.", addr: "88.198.95.52" }
|
||||||
|
|
||||||
- { name: "", addr: "88.198.95.107" }
|
|
||||||
- { name: "nbg1.", addr: "88.198.95.107" }
|
- { name: "nbg1.", addr: "88.198.95.107" }
|
||||||
|
|
||||||
- { name: "", addr: "88.198.95.106" }
|
|
||||||
- { name: "nbg2.", addr: "88.198.95.106" }
|
- { name: "nbg2.", addr: "88.198.95.106" }
|
||||||
|
|
||||||
- { name: "", addr: "88.198.95.100" }
|
|
||||||
- { name: "nbg3.", addr: "88.198.95.100" }
|
- { name: "nbg3.", addr: "88.198.95.100" }
|
||||||
|
|
||||||
- { name: "", addr: "88.198.95.63" }
|
|
||||||
- { name: "nbg4.", addr: "88.198.95.63" }
|
- { name: "nbg4.", addr: "88.198.95.63" }
|
||||||
group:
|
group:
|
||||||
A:
|
A:
|
||||||
- { domain: "stats", group: "frontend" }
|
- { domain: "stats.", group: "frontend" }
|
||||||
- { domain: "git", group: "frontend" }
|
- { domain: "git.", group: "frontend" }
|
||||||
- { domain: "seed", group: "frontend" }
|
- { domain: "seed.", group: "frontend" }
|
||||||
- { domain: "sd", group: "frontend" }
|
- { domain: "sd.", group: "frontend" }
|
||||||
|
- { domain: "social.", group: "frontend" }
|
||||||
|
- { domain: "", group: "frontend" }
|
||||||
roles:
|
roles:
|
||||||
- file
|
- file
|
||||||
- apt
|
- apt
|
||||||
|
|||||||
@ -39,10 +39,11 @@
|
|||||||
public:
|
public:
|
||||||
# These are load balanced, it doesn't matter what IP they point to
|
# These are load balanced, it doesn't matter what IP they point to
|
||||||
- {domain: "stats", count: 5, service: "grafana", httpchk: true}
|
- {domain: "stats", count: 5, service: "grafana", httpchk: true}
|
||||||
- {domain: "social", count: 1, service: "pleroma", httpchk: true}
|
|
||||||
- {domain: "git", count: 1, service: "gitea", httpchk: true}
|
- {domain: "git", count: 1, service: "gitea", httpchk: true}
|
||||||
- {domain: "seed", count: 1, service: "transmission", httpchk: false}
|
- {domain: "seed", count: 1, service: "transmission", httpchk: false}
|
||||||
- {domain: "sd", count: 1, service: "seedown", httpchk: true}
|
- {domain: "sd", count: 1, service: "seedown", httpchk: true}
|
||||||
|
- {domain: "social", count: 1, service: "pleroma", httpchk: true}
|
||||||
|
- {domain: "root", count: 1, service: "homepage", httpchk: true} # Homepage
|
||||||
varnish:
|
varnish:
|
||||||
backend:
|
backend:
|
||||||
sock: '{{ haproxy.socketroot }}/haproxy.sock'
|
sock: '{{ haproxy.socketroot }}/haproxy.sock'
|
||||||
|
|||||||
@ -13,11 +13,17 @@ global:
|
|||||||
murmur:
|
murmur:
|
||||||
configpath: "/etc/murmur"
|
configpath: "/etc/murmur"
|
||||||
port: 6401
|
port: 6401
|
||||||
|
pleroma:
|
||||||
|
listen:
|
||||||
|
domain: "social.redxen.eu"
|
||||||
|
port: "8088"
|
||||||
seedbox:
|
seedbox:
|
||||||
darkhttpd:
|
darkhttpd:
|
||||||
port: 8082
|
port: 8082
|
||||||
transmission:
|
transmission:
|
||||||
port: 8081
|
port: 8081
|
||||||
|
homepage:
|
||||||
|
port: 5353
|
||||||
dev:
|
dev:
|
||||||
gitea:
|
gitea:
|
||||||
user: "git"
|
user: "git"
|
||||||
|
|||||||
11
homepage.yml
11
homepage.yml
@ -1,11 +1,15 @@
|
|||||||
---
|
---
|
||||||
- hosts: homepage
|
- hosts: homepage
|
||||||
vars:
|
vars:
|
||||||
|
apt:
|
||||||
|
packages:
|
||||||
|
- { package: "make", state: present }
|
||||||
|
- { package: "gcc", state: present }
|
||||||
systemd:
|
systemd:
|
||||||
services:
|
services:
|
||||||
- { name: "darkhttpd", enabled: true, action: restarted }
|
- { name: "darkhttpd", enabled: true, action: restarted }
|
||||||
file:
|
file:
|
||||||
- { path: "{{ homepage.root }}", owner: "nobody", group: "nogroup", mode: "655", state: directory }
|
- { path: "{{ homepage.root }}", owner: "root", group: "root", mode: "655", state: directory }
|
||||||
|
|
||||||
darkhttpd:
|
darkhttpd:
|
||||||
port: "{{ global.homepage.port }}"
|
port: "{{ global.homepage.port }}"
|
||||||
@ -13,8 +17,11 @@
|
|||||||
servepath: "{{ homepage.root }}"
|
servepath: "{{ homepage.root }}"
|
||||||
homepage:
|
homepage:
|
||||||
root: "/srv/homepage"
|
root: "/srv/homepage"
|
||||||
|
git_clone:
|
||||||
|
- { dest: "{{ homepage.root }}", repo: "https://git.redxen.eu/RedXen/Homepage", branch: "master" }
|
||||||
roles:
|
roles:
|
||||||
|
- apt
|
||||||
|
- git-clone
|
||||||
- darkhttpd
|
- darkhttpd
|
||||||
- file
|
- file
|
||||||
- homepage
|
|
||||||
- systemd
|
- systemd
|
||||||
|
|||||||
@ -42,3 +42,6 @@ n4
|
|||||||
|
|
||||||
[social]
|
[social]
|
||||||
n0
|
n0
|
||||||
|
|
||||||
|
[homepage]
|
||||||
|
n1
|
||||||
|
|||||||
@ -1 +1 @@
|
|||||||
Subproject commit bad44f0d33f85e9d119628ac39d2090e36b0e6b0
|
Subproject commit de20aa655ac266eb57c06cc0b99042359ac0db83
|
||||||
@ -1 +1 @@
|
|||||||
Subproject commit 7100274321bf0cf46288f7fb9bc124b97a31a84c
|
Subproject commit 70eb2a6e5730aa7188d1835b8b80e39549639e3d
|
||||||
@ -1 +0,0 @@
|
|||||||
Subproject commit 1ba7d5996bfc8d597f1fbff2d4dc6cb919c6d7b5
|
|
||||||
@ -1 +1 @@
|
|||||||
Subproject commit 8c8ee895ea8312e890d3603ac2d5cecaf6adfb3d
|
Subproject commit b1b681d8a0e373a70d4d92a4103b38ce4b5131d7
|
||||||
@ -1 +1 @@
|
|||||||
Subproject commit 5e0c3647e4ac083898b13fb784cf5e5ac2fa554a
|
Subproject commit 1af5356b4d580997e1f007cb1a8f74f363bfa425
|
||||||
63
social.yml
63
social.yml
@ -2,28 +2,28 @@
|
|||||||
- hosts: social
|
- hosts: social
|
||||||
vars:
|
vars:
|
||||||
git_clone:
|
git_clone:
|
||||||
# - { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
|
- { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
|
||||||
# - { dest: "{{ inspircd.paths.build }}", repo: "https://github.com/inspircd/inspircd.git", branch: "insp3" }
|
# - { dest: "{{ inspircd.paths.build }}", repo: "https://github.com/inspircd/inspircd.git", branch: "insp3" }
|
||||||
file:
|
file:
|
||||||
- { path: '/etc/murmur', owner: 'root', group: 'root', mode: '600', state: directory }
|
- { path: '/etc/murmur', owner: 'root', group: 'root', mode: '600', state: directory }
|
||||||
# - { path: '{{ inspircd.paths.build }}/.configure', owner: 'root', group: 'root', mode: '600', state: directory }
|
# - { path: '{{ inspircd.paths.build }}/.configure', owner: 'root', group: 'root', mode: '600', state: directory }
|
||||||
# - { path: '{{ inspircd.paths.config }}/conf', owner: 'nobody', group: 'nogroup', mode: '600', state: directory }
|
# - { path: '{{ inspircd.paths.config }}/conf', owner: 'nobody', group: 'nogroup', mode: '600', state: directory }
|
||||||
apt:
|
apt:
|
||||||
# sign_keys:
|
sign_keys:
|
||||||
# - "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
|
- "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
|
||||||
packages:
|
packages:
|
||||||
- { package: "git", state: present }
|
- { package: "git", state: present }
|
||||||
- { package: "gcc", state: present }
|
- { package: "gcc", state: present }
|
||||||
- { package: "build-essential", state: present }
|
- { package: "build-essential", state: present }
|
||||||
# - { package: "musl-dev", state: present }
|
# - { package: "musl-dev", state: present }
|
||||||
# Pleroma (Elixir)
|
# Pleroma (Elixir)
|
||||||
# - { package: "libncurses6", state: present }
|
- { package: "libncurses6", state: present }
|
||||||
# - { package: "postgresql-client", state: present }
|
- { package: "postgresql-client", state: present }
|
||||||
# - { package: "elixir", state: present }
|
- { package: "elixir", state: present }
|
||||||
# - { package: "erlang-dev", state: present }
|
- { package: "erlang-dev", state: present }
|
||||||
# - { package: "erlang-parsetools", state: present }
|
- { package: "erlang-parsetools", state: present }
|
||||||
# - { package: "erlang-eldap", state: present }
|
- { package: "erlang-eldap", state: present }
|
||||||
# - { package: "erlang-xmerl", state: present }
|
- { package: "erlang-xmerl", state: present }
|
||||||
# Mumble
|
# Mumble
|
||||||
- { package: "libqt5sql5-psql", state: present }
|
- { package: "libqt5sql5-psql", state: present }
|
||||||
- { package: "mumble-server", state: present }
|
- { package: "mumble-server", state: present }
|
||||||
@ -33,7 +33,7 @@
|
|||||||
# - { package: "libpq-dev", state: present }
|
# - { package: "libpq-dev", state: present }
|
||||||
systemd:
|
systemd:
|
||||||
services:
|
services:
|
||||||
# - { name: "pleroma", enabled: true, action: restarted }
|
- { name: "pleroma", enabled: true, action: restarted }
|
||||||
- { name: "murmur", enabled: true, action: restarted }
|
- { name: "murmur", enabled: true, action: restarted }
|
||||||
- { name: "mumble-server", action: stopped }
|
- { name: "mumble-server", action: stopped }
|
||||||
# - { name: "inspircd", enabled: true, action: restarted }
|
# - { name: "inspircd", enabled: true, action: restarted }
|
||||||
@ -63,9 +63,31 @@
|
|||||||
Enjoy your stay!<br />
|
Enjoy your stay!<br />
|
||||||
Have a group that you want to represent or a question? Contact me at caskd@gmx.de<br />
|
Have a group that you want to represent or a question? Contact me at caskd@gmx.de<br />
|
||||||
</center>
|
</center>
|
||||||
# pleroma:
|
pleroma:
|
||||||
# root: "/etc/pleroma"
|
root: "/etc/pleroma"
|
||||||
# data: "/mnt/pleroma"
|
data: "/var/lib/pleroma"
|
||||||
|
listen:
|
||||||
|
domain: "{{ global.social.pleroma.listen.domain }}"
|
||||||
|
port: "{{ global.social.pleroma.listen.port }}"
|
||||||
|
instance:
|
||||||
|
name: "RedXen Fedi"
|
||||||
|
email:
|
||||||
|
admin: "caskd@420blaze.it"
|
||||||
|
notify: "fedi@redxen.eu"
|
||||||
|
description: "The social center for the fediverse"
|
||||||
|
federating: "true"
|
||||||
|
invites: "true"
|
||||||
|
registrations: "false"
|
||||||
|
frontend:
|
||||||
|
theme: "redxen"
|
||||||
|
logo: "/static/logo.png"
|
||||||
|
logomask: "false"
|
||||||
|
bg: "/static/background.jpg"
|
||||||
|
media_proxy: "true"
|
||||||
|
database_configurable: "false"
|
||||||
|
imports:
|
||||||
|
- "/etc/pleroma/secret.exs"
|
||||||
|
- "/etc/pleroma/mrf.exs"
|
||||||
# inspircd:
|
# inspircd:
|
||||||
# server:
|
# server:
|
||||||
# name: "redxen.eu"
|
# name: "redxen.eu"
|
||||||
@ -75,7 +97,7 @@
|
|||||||
# - { address: "", port: 6667, tls: false, type: "clients" }
|
# - { address: "", port: 6667, tls: false, type: "clients" }
|
||||||
# - { address: "", port: 6697, tls: true, type: "clients" }
|
# - { address: "", port: 6697, tls: true, type: "clients" }
|
||||||
# #- { address: "", port: 7000, tls: false, type: "servers" }
|
# #- { address: "", port: 7000, tls: false, type: "servers" }
|
||||||
# #- { address: "", port: 70001, tls: true, type: "servers" }
|
# #- { address: "", port: 7001, tls: true, type: "servers" }
|
||||||
# paths:
|
# paths:
|
||||||
# config: '/etc/inspircd'
|
# config: '/etc/inspircd'
|
||||||
# build: '/home/repositories/inspircd'
|
# build: '/home/repositories/inspircd'
|
||||||
@ -84,17 +106,18 @@
|
|||||||
# - { channel: "support", topic: "Have patience when asking, it can take some time until someone answers your question", modes: "+nt *!*@*!*" }
|
# - { channel: "support", topic: "Have patience when asking, it can take some time until someone answers your question", modes: "+nt *!*@*!*" }
|
||||||
vault:
|
vault:
|
||||||
roles:
|
roles:
|
||||||
# - "pleroma"
|
|
||||||
- "murmur"
|
- "murmur"
|
||||||
- "postgresql"
|
- "postgresql"
|
||||||
# - "inspircd"
|
#- "inspircd"
|
||||||
#
|
mounts:
|
||||||
|
- { uuid: '01ce4924-7200-41bd-ba0e-b52ec9f58a00', dest: "{{ pleroma.data }}", state: 'mounted', fstype: "xfs" }
|
||||||
roles:
|
roles:
|
||||||
|
- mounts
|
||||||
- vault
|
- vault
|
||||||
#- git-clone
|
- git-clone
|
||||||
- apt
|
- apt
|
||||||
- file
|
- file
|
||||||
- murmur
|
- murmur
|
||||||
# - pleroma
|
- pleroma
|
||||||
# - inspircd
|
# - inspircd
|
||||||
- systemd
|
- systemd
|
||||||
|
|||||||
Reference in New Issue
Block a user