diff --git a/base.yml b/base.yml
index c1d118c..36fb358 100644
--- a/base.yml
+++ b/base.yml
@@ -18,6 +18,7 @@
services:
- { name: "netfilter-persistent", enabled: true, action: restarted }
- { name: "fail2ban", enabled: true, action: restarted }
+ - { name: "ssh", enabled: true, action: restarted }
vault:
roles:
- "common"
diff --git a/dns.yml b/dns.yml
index 1a57823..01e1912 100644
--- a/dns.yml
+++ b/dns.yml
@@ -42,12 +42,12 @@
- { service: "seedown", port: "{{ global.seedbox.darkhttpd.port }}", group: "seedbox" }
- { service: "transmission", port: "{{ global.seedbox.transmission.port }}", group: "seedbox" }
- { service: "grafana", port: "{{ global.monitoring.grafana.port }}", group: "monitoring" }
+ - { service: "pleroma", port: "{{ global.social.pleroma.listen.port }}", group: "social" }
+ - { service: "homepage", port: "{{ global.homepage.port }}", group: "homepage" }
A: # Wish these would support SRV, would ease a lot of configuration management
- { service: "postgres", group: "backend" }
- { service: "redis", group: "backend" }
- { service: "influxdb", group: "backend" }
- remote:
- - { service: "homepage", port: "80", domain: "rxhome.s3-website.eu-central-1.amazonaws.com." }
public:
SRV:
- { service: "mumble", proto: "tcp", host: "n0.redxen.eu", port: 64738 }
@@ -60,26 +60,23 @@
- { name: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou._domainkey.", pointer: "jqo2wv2wek7sh26vmc2tdzc4gdco6uou.dkim.amazonses.com" }
- { name: "edzxe6qpinwhafgwlt6b44yarhhfn3xl._domainkey.", pointer: "edzxe6qpinwhafgwlt6b44yarhhfn3xl.dkim.amazonses.com" }
A:
- - { name: "", addr: "88.198.95.52" }
- { name: "nbg0.", addr: "88.198.95.52" }
- - { name: "", addr: "88.198.95.107" }
- { name: "nbg1.", addr: "88.198.95.107" }
- - { name: "", addr: "88.198.95.106" }
- { name: "nbg2.", addr: "88.198.95.106" }
- - { name: "", addr: "88.198.95.100" }
- { name: "nbg3.", addr: "88.198.95.100" }
- - { name: "", addr: "88.198.95.63" }
- { name: "nbg4.", addr: "88.198.95.63" }
group:
A:
- - { domain: "stats", group: "frontend" }
- - { domain: "git", group: "frontend" }
- - { domain: "seed", group: "frontend" }
- - { domain: "sd", group: "frontend" }
+ - { domain: "stats.", group: "frontend" }
+ - { domain: "git.", group: "frontend" }
+ - { domain: "seed.", group: "frontend" }
+ - { domain: "sd.", group: "frontend" }
+ - { domain: "social.", group: "frontend" }
+ - { domain: "", group: "frontend" }
roles:
- file
- apt
diff --git a/frontend.yml b/frontend.yml
index f24f759..1668df4 100644
--- a/frontend.yml
+++ b/frontend.yml
@@ -39,10 +39,11 @@
public:
# These are load balanced, it doesn't matter what IP they point to
- {domain: "stats", count: 5, service: "grafana", httpchk: true}
- - {domain: "social", count: 1, service: "pleroma", httpchk: true}
- {domain: "git", count: 1, service: "gitea", httpchk: true}
- {domain: "seed", count: 1, service: "transmission", httpchk: false}
- {domain: "sd", count: 1, service: "seedown", httpchk: true}
+ - {domain: "social", count: 1, service: "pleroma", httpchk: true}
+ - {domain: "root", count: 1, service: "homepage", httpchk: true} # Homepage
varnish:
backend:
sock: '{{ haproxy.socketroot }}/haproxy.sock'
diff --git a/group_vars/all b/group_vars/all
index 593c9bd..d1a664c 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -13,11 +13,17 @@ global:
murmur:
configpath: "/etc/murmur"
port: 6401
+ pleroma:
+ listen:
+ domain: "social.redxen.eu"
+ port: "8088"
seedbox:
darkhttpd:
port: 8082
transmission:
port: 8081
+ homepage:
+ port: 5353
dev:
gitea:
user: "git"
diff --git a/homepage.yml b/homepage.yml
index a940a49..39b8b47 100644
--- a/homepage.yml
+++ b/homepage.yml
@@ -1,11 +1,15 @@
---
- hosts: homepage
vars:
+ apt:
+ packages:
+ - { package: "make", state: present }
+ - { package: "gcc", state: present }
systemd:
services:
- { name: "darkhttpd", enabled: true, action: restarted }
file:
- - { path: "{{ homepage.root }}", owner: "nobody", group: "nogroup", mode: "655", state: directory }
+ - { path: "{{ homepage.root }}", owner: "root", group: "root", mode: "655", state: directory }
darkhttpd:
port: "{{ global.homepage.port }}"
@@ -13,8 +17,11 @@
servepath: "{{ homepage.root }}"
homepage:
root: "/srv/homepage"
+ git_clone:
+ - { dest: "{{ homepage.root }}", repo: "https://git.redxen.eu/RedXen/Homepage", branch: "master" }
roles:
+ - apt
+ - git-clone
- darkhttpd
- file
- - homepage
- systemd
diff --git a/production b/production
index a6caf4e..936d164 100644
--- a/production
+++ b/production
@@ -42,3 +42,6 @@ n4
[social]
n0
+
+[homepage]
+n1
diff --git a/roles/common b/roles/common
index bad44f0..de20aa6 160000
--- a/roles/common
+++ b/roles/common
@@ -1 +1 @@
-Subproject commit bad44f0d33f85e9d119628ac39d2090e36b0e6b0
+Subproject commit de20aa655ac266eb57c06cc0b99042359ac0db83
diff --git a/roles/haproxy b/roles/haproxy
index 7100274..70eb2a6 160000
--- a/roles/haproxy
+++ b/roles/haproxy
@@ -1 +1 @@
-Subproject commit 7100274321bf0cf46288f7fb9bc124b97a31a84c
+Subproject commit 70eb2a6e5730aa7188d1835b8b80e39549639e3d
diff --git a/roles/homepage b/roles/homepage
deleted file mode 160000
index 1ba7d59..0000000
--- a/roles/homepage
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 1ba7d5996bfc8d597f1fbff2d4dc6cb919c6d7b5
diff --git a/roles/pleroma b/roles/pleroma
index 8c8ee89..b1b681d 160000
--- a/roles/pleroma
+++ b/roles/pleroma
@@ -1 +1 @@
-Subproject commit 8c8ee895ea8312e890d3603ac2d5cecaf6adfb3d
+Subproject commit b1b681d8a0e373a70d4d92a4103b38ce4b5131d7
diff --git a/roles/unbound b/roles/unbound
index 5e0c364..1af5356 160000
--- a/roles/unbound
+++ b/roles/unbound
@@ -1 +1 @@
-Subproject commit 5e0c3647e4ac083898b13fb784cf5e5ac2fa554a
+Subproject commit 1af5356b4d580997e1f007cb1a8f74f363bfa425
diff --git a/social.yml b/social.yml
index af81fc9..4526e92 100644
--- a/social.yml
+++ b/social.yml
@@ -2,28 +2,28 @@
- hosts: social
vars:
git_clone:
-# - { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
+ - { dest: "/home/repositories/pleroma", repo: "https://git.pleroma.social/pleroma/pleroma.git", branch: "develop" }
# - { dest: "{{ inspircd.paths.build }}", repo: "https://github.com/inspircd/inspircd.git", branch: "insp3" }
file:
- { path: '/etc/murmur', owner: 'root', group: 'root', mode: '600', state: directory }
# - { path: '{{ inspircd.paths.build }}/.configure', owner: 'root', group: 'root', mode: '600', state: directory }
# - { path: '{{ inspircd.paths.config }}/conf', owner: 'nobody', group: 'nogroup', mode: '600', state: directory }
apt:
-# sign_keys:
-# - "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
+ sign_keys:
+ - "https://packages.erlang-solutions.com/ubuntu/erlang_solutions.asc"
packages:
- { package: "git", state: present }
- { package: "gcc", state: present }
- { package: "build-essential", state: present }
# - { package: "musl-dev", state: present }
# Pleroma (Elixir)
-# - { package: "libncurses6", state: present }
-# - { package: "postgresql-client", state: present }
-# - { package: "elixir", state: present }
-# - { package: "erlang-dev", state: present }
-# - { package: "erlang-parsetools", state: present }
-# - { package: "erlang-eldap", state: present }
-# - { package: "erlang-xmerl", state: present }
+ - { package: "libncurses6", state: present }
+ - { package: "postgresql-client", state: present }
+ - { package: "elixir", state: present }
+ - { package: "erlang-dev", state: present }
+ - { package: "erlang-parsetools", state: present }
+ - { package: "erlang-eldap", state: present }
+ - { package: "erlang-xmerl", state: present }
# Mumble
- { package: "libqt5sql5-psql", state: present }
- { package: "mumble-server", state: present }
@@ -33,7 +33,7 @@
# - { package: "libpq-dev", state: present }
systemd:
services:
-# - { name: "pleroma", enabled: true, action: restarted }
+ - { name: "pleroma", enabled: true, action: restarted }
- { name: "murmur", enabled: true, action: restarted }
- { name: "mumble-server", action: stopped }
# - { name: "inspircd", enabled: true, action: restarted }
@@ -63,9 +63,31 @@
Enjoy your stay!
Have a group that you want to represent or a question? Contact me at caskd@gmx.de
-# pleroma:
-# root: "/etc/pleroma"
-# data: "/mnt/pleroma"
+ pleroma:
+ root: "/etc/pleroma"
+ data: "/var/lib/pleroma"
+ listen:
+ domain: "{{ global.social.pleroma.listen.domain }}"
+ port: "{{ global.social.pleroma.listen.port }}"
+ instance:
+ name: "RedXen Fedi"
+ email:
+ admin: "caskd@420blaze.it"
+ notify: "fedi@redxen.eu"
+ description: "The social center for the fediverse"
+ federating: "true"
+ invites: "true"
+ registrations: "false"
+ frontend:
+ theme: "redxen"
+ logo: "/static/logo.png"
+ logomask: "false"
+ bg: "/static/background.jpg"
+ media_proxy: "true"
+ database_configurable: "false"
+ imports:
+ - "/etc/pleroma/secret.exs"
+ - "/etc/pleroma/mrf.exs"
# inspircd:
# server:
# name: "redxen.eu"
@@ -75,7 +97,7 @@
# - { address: "", port: 6667, tls: false, type: "clients" }
# - { address: "", port: 6697, tls: true, type: "clients" }
# #- { address: "", port: 7000, tls: false, type: "servers" }
-# #- { address: "", port: 70001, tls: true, type: "servers" }
+# #- { address: "", port: 7001, tls: true, type: "servers" }
# paths:
# config: '/etc/inspircd'
# build: '/home/repositories/inspircd'
@@ -84,17 +106,18 @@
# - { channel: "support", topic: "Have patience when asking, it can take some time until someone answers your question", modes: "+nt *!*@*!*" }
vault:
roles:
-# - "pleroma"
- "murmur"
- "postgresql"
-# - "inspircd"
-#
+ #- "inspircd"
+ mounts:
+ - { uuid: '01ce4924-7200-41bd-ba0e-b52ec9f58a00', dest: "{{ pleroma.data }}", state: 'mounted', fstype: "xfs" }
roles:
+ - mounts
- vault
- #- git-clone
+ - git-clone
- apt
- file
- murmur
-# - pleroma
+ - pleroma
# - inspircd
- systemd