commit 02663d74f44c3354c358f94c44f4c6127767e2f8
parent 8dba9a8b76894797e670d1f9ebadf3a8916092f9
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 22 Jul 2021 13:32:27 +0200
parent 8dba9a8b76894797e670d1f9ebadf3a8916092f9
Author: Leah (ctucx) <leah@ctu.cx>
Date: Thu, 22 Jul 2021 13:32:27 +0200
move the trans-agenda.de matrix and pleroma services to taurus
8 files changed, 168 insertions(+), 404 deletions(-)
D
|
287
-------------------------------------------------------------------------------
M
|
260
++++++++++++++++++++++++++++++++++++++++++++++++++-----------------------------
diff --git a/configuration/quitschi.yml b/configuration/quitschi.yml @@ -1,286 +0,0 @@ -system: - hostname: quitschi - domain: ctu.cx - timezone: Europe/Berlin - alpineVersion: v3.13 - enableOwnRepos: true - enableSudo: true - useNTP: true - extraPackages: - - iftop - - iotop - - htop - - rsync - - mtr - - bind-tools - - tar - - unzip - - wget - - curl - fstab: - - device: UUID=34aba55f-c986-4fec-aa9e-78032b28d3d6 - path: / - fstype: ext4 - options: rw,relatime - checks: 0 1 - - device: UUID=62813457-7966-4ee1-b71d-2be42a60586f - path: /boot - fstype: ext4 - options: rw,relatime - checks: 0 2 - nameservers: - - 1.1.1.1 - - 8.8.8.8 - users: - - name: root - allowedSshKeys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - - name: leah - groups: "wheel" - password: "{{ lookup('diskcache', 'passwordstore', 'Server/leah.password')}}" - allowedSshKeys: - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw/G6x8H3ojvHx3NsTswBMMmOhp48F3rea0GUniKSvRLMRIti5b7Q4P4FXnkQEtuNSR3u7gE5r4EacaLaIx7Az9SgHRoE+hdzSo4mPAwKTx/E3HZgIjdZhTDL8PAn4SZZT6RBqr/uGb+x9fdIjY0FbdNBLjq0MNnG3T+qd1joUL8JXoS7F//ac52RhHlsA5qJXFDOhpqR/7hRMwOFNH0GKaLN1xQKcOjhpIcdswpOf8kRDVpT7xOYwfXCFF4MaY2M8047WKarvEnGdADIIw6bvWsdJINehtOQmYEFRaMuaWp1d9bglZXZKPQKNubv5lqneMP4AI7ImDYjgW6eNLIT1 cardno:000603502829 - - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDb2eZ2ymt+Zsf0eTlmjW2jPdS013lbde1+EGkgu6bz9lVTR8aawshF2HcoaWp5a5dJr3SKyihDM8hbWSYB3qyTHihNGyCArqSvAtZRw301ailRVHGqiwUITTfcg1533TtmWvlJZgOIFM1VvSAfdueDRRRzbygmn749fS9nhUTDzLtjqX5LvhpqhzsD+eOqPrV6Ne8E1e42JxQb5AJPY1gj9mk6eAarvtEHQYEe+/hp9ERjtCdN5DfuOJnqfaKS0ytPj/NbQskbX/TMgeUVio11iC2NbXsnAtzMmtbLX4mxlDQrR6aZmU/rHQ4aeJqI/Tj2rrF46icri7s0tnnit1OjT5PSxXgifcOtn06qoxYZMT1x+Dyrt40vNkGmxmxCnirm8B+6MKXgd/Ys+7tnOm1ht8TmLm96x6KdOiF3Zq/tMxhPAzp8JriTKSo7k7U9XxStFghTbhhBNc7OX89ZbpalLEnvbQiz87gZxhcx8cLvzIjslOHmZOSWC5Pgr4wwuj3Akq63i4ya6/BzM6v4UoBuDAB6fz3NHKL4R5X20la7Pvt7OBysQkGClWfj6ipMR1bFE2mfYtlMioXNgTjC+NCpEl1+81MH7dv2565Hk8CLV8FMxv6GujbAZGjjcM47lpWM1cBQvpBMUA/lLkyiCPK0YxNWAB7Co+jYDl6CR0Ubew== cardno:000606445161 - -network: - nftables: - enable: true - interfaces: - - name: lo - loopback: true - - name: eth0 - ipv4: - dhcp: true - ipv6: - address: 2a02:c206:3007:0378::1 - gateway: fe80::1 - netmask: 64 - -files: - /var/lib/websites: - state: "directory" - mode: "0755" - owner: "leah" - group: "nginx" - /var/lib/websites/pleroma-cache: - state: "directory" - mode: "0755" - owner: "nginx" - group: "nginx" - /etc/nginx/passwd/synapse: - state: "file" - content: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/passwd/synapse returnall=true')}}" - mode: "0600" - owner: "nginx" - group: "nginx" - -services: - openssh: - enable: true - port: 22 - permitRootLogin: true - passwordAuthentication: false - - prometheus_node_exporter: - enable: true - - postgresql: - enable: true - - vnstat: - enable: true - - acme_redirect: - enable: true - email: lets-encrypt@ctu.cx - certs: - quitschi.ctu.cx: - renewTasks: - - sudo rc-service nginx restart - trans-agenda.de: - renewTasks: - - sudo rc-service nginx restart - matrix.trans-agenda.de: - renewTasks: - - sudo rc-service nginx restart - - nginx: - enable: true - user: nginx - group: nginx - sslOnly: true - extraConfig: " - proxy_cache_path /var/lib/websites/pleroma-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; - " - vhosts: - quitschi.ctu.cx: - defaultServer: true - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/quitschi.ctu.cx/fullchain" - privkey: "/var/lib/acme-redirect/live/quitschi.ctu.cx/privkey" - locations: - - path: /node-exporter - proxy: http://127.0.0.1:9100/metrics - - synapse: - enable: true - setupPostgreSQL: true - homeserverConfig: - suppress_key_server_warning: true - admin_contact: 'mailto:leah@ctu.cx' - no_tls: false - server_name: "trans-agenda.de" - pid_file: "/run/matrix-synapse.pid" - public_baseurl: "https://matrix.trans-agenda.de/" - listeners: - - port: 8008 - bind_address: "127.0.0.1" - type: http - tls: false - x_forwarded: true - resources: - - names: ["client", "metrics"] - compress: true - - names: ["federation"] - compress: false - database: - name: "psycopg2" - args: - database: "synapse" - event_cache_size: "10K" - verbose: 0 - rc_messages_per_second: 0.2 - rc_message_burst_count: 10.0 - federation_rc_window_size: 1000 - federation_rc_sleep_limit: 10 - federation_rc_sleep_delay: 500 - federation_rc_reject_limit: 50 - federation_rc_concurrent: 3 - media_store_path: "/var/lib/synapse/media" - uploads_path: "/var/lib/synapse/uploads" - max_upload_size: "150M" - max_image_pixels: "32M" - dynamic_thumbnails: true - url_preview_enabled: true - url_preview_ip_range_blacklist: ["127.0.0.0/8","10.0.0.0/8","172.16.0.0/12","192.168.0.0/16","100.64.0.0/10","169.254.0.0/16","::1/128","fe80::/64","fc00::/7"] - url_preview_ip_range_whitelist: [] - url_preview_url_blacklist: [] - enable_registration: true - registration_shared_secret: "{{ lookup('diskcache', 'passwordstore', 'Server/quitschi/synapse/secret')}}" - enable_registration_captcha: true - recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" - recaptcha_public_key: "{{ lookup('diskcache', 'passwordstore', 'Server/quitschi/synapse/recaptcha.pub')}}" - recaptcha_private_key: "{{ lookup('diskcache', 'passwordstore', 'Server/quitschi/synapse/recaptcha.priv')}}" - turn_uris: [] - turn_shared_secret: "" - turn_user_lifetime: "1h" - enable_metrics: true - user_creation_max_duration: 1209600000 - bcrypt_rounds: 12 - allow_guest_access: false - room_invite_state_types: ["m.room.join_rules", "m.room.canonical_alias", "m.room.avatar", "m.room.name"] - expire_access_token: false - report_stats: false - signing_key_path: "/var/lib/synapse/homeserver.signing.key" - key_refresh_interval: "1d" - redaction_retention_period: 7 - perspectives: - servers: - "matrix.org": - verify_keys: - "ed25519:auto": - key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" - email: - smtp_host: wanderduene.ctu.cx - smtp_port: 587 - smtp_user: "matrix@trans-agenda.de" - smtp_pass: "{{ lookup('diskcache', 'passwordstore', 'Server/quitschi/synapse/email.passwd')}}" - require_transport_security: true - notif_from: "trans-agenda.de Matrix Server <matrix@trans-agenda.de>" - app_name: Matrix - enable_notifs: true - notif_for_new_users: false - client_base_url: "https://matrix.trans-agenda.de" - validation_token_lifetime: 1h - logConfig: - version: 1 - formatters: - precise: - format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' - handlers: - file: - class: logging.handlers.TimedRotatingFileHandler - formatter: precise - filename: /var/log/synapse/homeserver.log - when: midnight - backupCount: 3 # Does not include the current log file. - encoding: utf8 - buffer: - class: logging.handlers.MemoryHandler - target: file - capacity: 10 - flushLevel: 30 # Flush for WARNING logs as well - console: - class: logging.StreamHandler - formatter: precise - loggers: - synapse.storage.SQL: - level: INFO - twisted: - handlers: [file] - propagate: false - root: - level: INFO - handlers: [buffer] - disable_existing_loggers: false - webClient: - enable: true - configFile: config-files/quitschi/schildichat-web.json - nginx: - enable: true - domain: "matrix.trans-agenda.de" - sslOnly: true - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/matrix.trans-agenda.de/fullchain" - privkey: "/var/lib/acme-redirect/live/matrix.trans-agenda.de/privkey" - extraConfig: " - location /_synapse { - proxy_pass http://127.0.0.1:8008; - proxy_set_header X-Forwarded-For $remote_addr; - auth_basic 'Authorization required'; - auth_basic_user_file /etc/nginx/passwd/synapse; - } - " - - pleroma: - enable: true - configFile: config-files/quitschi/pleroma.exs - secretsContent: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/pleroma.secrets returnall=true')}}" - nginx: - enable: true - domain: "trans-agenda.de" - sslOnly: true - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/trans-agenda.de/fullchain" - privkey: "/var/lib/acme-redirect/live/trans-agenda.de/privkey" - extraConfig: " - location /proxy { - proxy_cache pleroma_media_cache; - proxy_cache_lock on; - proxy_pass http://localhost:4000; - } - - location /.well-known/matrix/server { - add_header Content-Type application/json; - return 200 '{\"m.server\": \"matrix.trans-agenda.de:443\"}'; - } - - location /.well-known/matrix/client { - add_header Content-Type application/json; - return 200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.trans-agenda.de\"}}'; - } - "- \ No newline at end of file
diff --git a/configuration/taurus.yml b/configuration/taurus.yml @@ -2,7 +2,7 @@ system: hostname: taurus domain: ctu.cx timezone: Europe/Berlin - alpineVersion: v3.13 + alpineVersion: v3.14 enableOwnRepos: true enableSudo: true useNTP: true @@ -17,7 +17,6 @@ system: - unzip - wget - curl - - webmusic-nginx nameservers: - 1.1.1.1 - 8.8.8.8 @@ -60,14 +59,14 @@ files: mode: "0755" owner: "leah" group: "nginx" -# /var/lib/websites/photos.ctu.cx: -# state: "directory" -# mode: "0755" -# owner: "leah" -# group: "nginx" - /etc/nginx/passwd/music.ctu.cx: + /var/lib/websites/pleroma-cache: + state: "directory" + mode: "0755" + owner: "nginx" + group: "nginx" + /etc/nginx/passwd/synapse: state: "file" - content: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/passwd/music.ctu.cx returnall=true')}}" + content: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/passwd/synapse returnall=true')}}" mode: "0600" owner: "nginx" group: "nginx" @@ -82,6 +81,9 @@ services: prometheus_node_exporter: enable: true + postgresql: + enable: true + bind: enable: true zonesRepo: https://cgit.ctu.cx/dns-zones @@ -103,10 +105,10 @@ services: taurus.ctu.cx: renewTasks: - sudo rc-service nginx restart - syncthing.taurus.ctu.cx: + trans-agenda.de: renewTasks: - sudo rc-service nginx restart - music.ctu.cx: + matrix.trans-agenda.de: renewTasks: - sudo rc-service nginx restart @@ -117,27 +119,7 @@ services: group: nginx sslOnly: true extraConfig: " - server { - server_name webmusic.local; - listen 81; - - access_log off; - - allow 127.0.0.1; - deny all; - - root /var/lib/websites/music.ctu.cx; - - location / { - autoindex on; - autoindex_exact_size off; - - autoindex_format xml; - xslt_string_param domain $http_domain; - xslt_string_param path $uri; - xslt_stylesheet /usr/share/webapps/webmusic-nginx/webmusic-playlist.xslt; - } - } + proxy_cache_path /var/lib/websites/pleroma-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; " vhosts: taurus.ctu.cx: @@ -149,75 +131,164 @@ services: locations: - path: /node-exporter proxy: http://127.0.0.1:9100/metrics - music.ctu.cx: - root: /var/lib/websites/music.ctu.cx - ssl: - enable: true - cert: "/var/lib/acme-redirect/live/music.ctu.cx/fullchain" - privkey: "/var/lib/acme-redirect/live/music.ctu.cx/privkey" - extraConfig: " - satisfy any; - allow 2a0f:4ac0:acab::/48; - allow 195.39.246.32/28; - allow 195.39.247.48/29; - " - locations: - - path: "~ ^(.*/)$" - directoryListing: true - extraConfig: " - auth_basic 'Auth required'; - auth_basic_user_file /etc/nginx/passwd/music.ctu.cx; - autoindex_format xml; - xslt_string_param path $uri; - xslt_stylesheet /usr/share/webapps/webmusic-nginx/webmusic.xslt; - " - - path: "~(.*)playlist.m3u$" - extraConfig: " - set $url http://127.0.0.1:81$1; - proxy_pass $url; - proxy_set_header Domain $scheme://$host; - proxy_hide_header 'Content-Type'; - add_header 'Content-Type' 'text/plain'; - " - - path: /assets/ - extraConfig: "alias /usr/share/webapps/webmusic-nginx/;" + synapse: + enable: true + setupPostgreSQL: true + homeserverConfig: + suppress_key_server_warning: true + admin_contact: 'mailto:leah@ctu.cx' + no_tls: false + server_name: "trans-agenda.de" + pid_file: "/run/matrix-synapse.pid" + public_baseurl: "https://matrix.trans-agenda.de/" + listeners: + - port: 8008 + bind_address: "127.0.0.1" + type: http + tls: false + x_forwarded: true + resources: + - names: ["client", "metrics"] + compress: true + - names: ["federation"] + compress: false + database: + name: "psycopg2" + args: + database: "synapse" + event_cache_size: "10K" + verbose: 0 + rc_messages_per_second: 0.2 + rc_message_burst_count: 10.0 + federation_rc_window_size: 1000 + federation_rc_sleep_limit: 10 + federation_rc_sleep_delay: 500 + federation_rc_reject_limit: 50 + federation_rc_concurrent: 3 + media_store_path: "/var/lib/synapse/media" + uploads_path: "/var/lib/synapse/uploads" + max_upload_size: "150M" + max_image_pixels: "32M" + dynamic_thumbnails: true + url_preview_enabled: true + url_preview_ip_range_blacklist: ["127.0.0.0/8","10.0.0.0/8","172.16.0.0/12","192.168.0.0/16","100.64.0.0/10","169.254.0.0/16","::1/128","fe80::/64","fc00::/7"] + url_preview_ip_range_whitelist: [] + url_preview_url_blacklist: [] + enable_registration: true + registration_shared_secret: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/synapse/secret')}}" + enable_registration_captcha: true + recaptcha_siteverify_api: "https://www.google.com/recaptcha/api/siteverify" + recaptcha_public_key: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/synapse/recaptcha.pub')}}" + recaptcha_private_key: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/synapse/recaptcha.priv')}}" + turn_uris: [] + turn_shared_secret: "" + turn_user_lifetime: "1h" + enable_metrics: true + user_creation_max_duration: 1209600000 + bcrypt_rounds: 12 + allow_guest_access: false + room_invite_state_types: ["m.room.join_rules", "m.room.canonical_alias", "m.room.avatar", "m.room.name"] + expire_access_token: false + report_stats: false + signing_key_path: "/var/lib/synapse/homeserver.signing.key" + key_refresh_interval: "1d" + redaction_retention_period: 7 + perspectives: + servers: + "matrix.org": + verify_keys: + "ed25519:auto": + key: "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw" + email: + smtp_host: wanderduene.ctu.cx + smtp_port: 587 + smtp_user: "matrix@trans-agenda.de" + smtp_pass: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/synapse/email.passwd')}}" + require_transport_security: true + notif_from: "trans-agenda.de Matrix Server <matrix@trans-agenda.de>" + app_name: Matrix + enable_notifs: true + notif_for_new_users: false + client_base_url: "https://matrix.trans-agenda.de" + validation_token_lifetime: 1h + logConfig: + version: 1 + formatters: + precise: + format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' + handlers: + file: + class: logging.handlers.TimedRotatingFileHandler + formatter: precise + filename: /var/log/synapse/homeserver.log + when: midnight + backupCount: 3 # Does not include the current log file. + encoding: utf8 + buffer: + class: logging.handlers.MemoryHandler + target: file + capacity: 10 + flushLevel: 30 # Flush for WARNING logs as well + console: + class: logging.StreamHandler + formatter: precise + loggers: + synapse.storage.SQL: + level: INFO + twisted: + handlers: [file] + propagate: false + root: + level: INFO + handlers: [buffer] + disable_existing_loggers: false + webClient: + enable: true + configFile: config-files/taurus/schildichat-web.json + nginx: + enable: true + domain: "matrix.trans-agenda.de" + sslOnly: true + ssl: + enable: true + cert: "/var/lib/acme-redirect/live/matrix.trans-agenda.de/fullchain" + privkey: "/var/lib/acme-redirect/live/matrix.trans-agenda.de/privkey" + extraConfig: " + location /_synapse { + proxy_pass http://127.0.0.1:8008; + proxy_set_header X-Forwarded-For $remote_addr; + auth_basic 'Authorization required'; + auth_basic_user_file /etc/nginx/passwd/synapse; + } + " - syncthing: + pleroma: enable: true - user: leah + configFile: config-files/taurus/pleroma.exs + secretsContent: "{{ lookup('diskcache', 'passwordstore', 'Server/{{system.hostname}}/pleroma.secrets returnall=true')}}" nginx: enable: true - domain: "syncthing.taurus.ctu.cx" + domain: "trans-agenda.de" sslOnly: true ssl: enable: true - cert: "/var/lib/acme-redirect/live/syncthing.taurus.ctu.cx/fullchain" - privkey: "/var/lib/acme-redirect/live/syncthing.taurus.ctu.cx/privkey" + cert: "/var/lib/acme-redirect/live/trans-agenda.de/fullchain" + privkey: "/var/lib/acme-redirect/live/trans-agenda.de/privkey" + extraConfig: " + location /proxy { + proxy_cache pleroma_media_cache; + proxy_cache_lock on; + proxy_pass http://localhost:4000; + } -# rest_server: -# enable: true -# port: 8060 -# user: leah -# nginx: -# enable: true -# domain: "restic.ctu.cx" -# password: "{{ lookup('diskcache', 'passwordstore', 'Server/taurus/rest-server.htpasswd returnall=true') }}" -# sslOnly: true -# ssl: -# enable: true -# cert: "/var/lib/acme-redirect/live/restic.ctu.cx/fullchain" -# privkey: "/var/lib/acme-redirect/live/restic.ctu.cx/privkey" + location /.well-known/matrix/server { + add_header Content-Type application/json; + return 200 '{\"m.server\": \"matrix.trans-agenda.de:443\"}'; + } - nfsserver: - enable: true - exports: - - path: /srv/wanderduene/pleroma - address: 10.0.0.10 - options: rw,fsid=0,sync,no_subtree_check,no_auth_nlm,insecure,no_root_squash - - path: /srv/wanderduene/synapse - address: 10.0.0.10 - options: rw,fsid=1,sync,no_subtree_check,no_auth_nlm,insecure,no_root_squash - - path: /srv/wanderduene/oeffisearch - address: 10.0.0.10 - options: rw,fsid=2,sync,no_subtree_check,no_auth_nlm,insecure,no_root_squash + location /.well-known/matrix/client { + add_header Content-Type application/json; + return 200 '{\"m.homeserver\": {\"base_url\": \"https://matrix.trans-agenda.de\"}}'; + } + "+ \ No newline at end of file
diff --git a/playbook.yml b/playbook.yml @@ -66,27 +66,6 @@ tags: bind - role: vnstat tags: vnstat - - role: nfsserver - tags: nfs - - role: nginx - tags: nginx - - role: syncthing - tags: syncthing - - role: rest-server - tags: [ backup, rest-server, restic ] - -- hosts: quitschi - name: Install quitschi - vars_files: configuration/quitschi.yml - roles: - - role: common - tags: common - - role: openssh - tags: [ openssh, common ] - - role: files - tags: files - - role: vnstat - tags: vnstat - role: nginx tags: nginx - role: synapse
diff --git a/roles/backup/tasks/main.yml b/roles/backup/tasks/main.yml @@ -11,5 +11,5 @@ - import_tasks: osterei.yml when: system.hostname == "osterei" -- import_tasks: quitschi.yml - when: system.hostname == "quitschi" +- import_tasks: taurus.yml + when: system.hostname == "taurus"