bundlewrap/nodes/htz-cloud/miniserver.py

262 lines
9 KiB
Python
Raw Normal View History

2021-02-20 14:56:54 +00:00
# sophie's miniserver
nodes['htz-cloud.miniserver'] = {
'bundles': {
'element-web',
'hedgedoc',
'matrix-media-repo',
'matrix-synapse',
2023-12-13 20:31:51 +00:00
"matrix-stickerpicker",
'nodejs',
2022-10-19 13:24:39 +00:00
'ntfy',
'mautrix-telegram',
'postgresql',
2022-10-23 13:13:13 +00:00
'zfs',
},
2021-02-20 14:56:54 +00:00
'groups': {
'debian-bookworm',
2021-02-20 14:56:54 +00:00
'webserver',
},
'metadata': {
'interfaces': {
'eth0': {
'ips': {
'157.90.20.62',
'2a01:4f8:c2c:840f::1/64',
},
'gateway4': '172.31.1.1',
'gateway6': 'fe80::1',
},
},
'apt': {
'packages': {
2021-02-20 17:12:17 +00:00
'mosh': {},
2021-02-20 14:56:54 +00:00
'weechat': {},
'weechat-core': {},
'weechat-curses': {},
'weechat-perl': {},
'weechat-plugins': {},
'weechat-python': {},
'weechat-ruby': {},
},
2021-02-20 17:12:17 +00:00
'repos': {
'weechat': {
'items': {
'deb https://weechat.org/debian {os_release} main',
},
},
},
2021-02-20 14:56:54 +00:00
},
2021-05-16 17:54:18 +00:00
'backup-client': {
'pre-hooks': {
'sophie-weechat': \
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
},
2022-01-04 16:29:27 +00:00
'target': "htz-hel.backup-sophie",
2021-05-16 17:54:18 +00:00
},
2021-02-20 14:56:54 +00:00
'backups': {
2021-05-16 17:54:18 +00:00
'paths': {
'/home/sophie/.weechat',
},
2021-02-20 14:56:54 +00:00
},
'element-web': {
'url': 'chat.sophies-kitchen.eu',
2024-02-29 06:40:19 +00:00
'version': 'v1.11.59',
'config': {
'default_server_config': {
'm.homeserver': {
'base_url': 'https://matrix.sophies-kitchen.eu',
'server_name': 'sophies-kitchen.eu',
},
},
'brand': 'sophies-kitchen.eu',
'showLabsSettings': True,
'default_theme': 'dark',
'defaultCountryCode': 'DE',
'jitsi': {
'preferredDomain': 'meet.ffmuc.net',
},
'map_style_url': "https://api.maptiler.com/maps/openstreetmap/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
},
},
'hedgedoc': {
'version': '1.9.9',
'config': {
'production': {
2021-10-26 22:08:27 +00:00
'allowAnonymousEdits': True,
'domain': 'pad.sophies-kitchen.eu',
},
},
},
2021-02-20 16:32:09 +00:00
'icinga_options': {
'pretty_name': 'sophies-kitchen.eu',
'vars.notification.sms': False,
2021-02-20 16:32:09 +00:00
},
2021-02-20 15:50:42 +00:00
'letsencrypt': {
'concat_and_deploy': {
'sophie-weechat': {
'match_domain': 'i.sophies-kitchen.eu',
'target': '/home/sophie/.weechat/ssl/relay.pem',
'chown': 'sophie:sophie',
'chmod': '0440',
'commands': [
'echo \'core.weechat */relay sslcertkey\' >> /home/sophie/.weechat/weechat_fifo'
],
},
},
'domains': {
'i.sophies-kitchen.eu': set(),
2021-03-13 12:31:28 +00:00
'webdump.sophies-kitchen.eu': set(),
'matrix.sophies-kitchen.eu': {
'sophies-kitchen.eu',
},
},
},
'matrix-media-repo': {
2024-02-13 13:14:34 +00:00
'version': 'v1.3.4',
2023-09-09 18:39:23 +00:00
'datastore_id': '99c09e24edc4e9be6c4c9486bc147e385bc87044',
2024-02-13 13:14:34 +00:00
'sha1': '55d353b472894547c61b11567089eb2cf40ce5ba',
'homeservers': {
'sophies-kitchen.eu': {
'domain': 'http://[::1]:20080/',
'api': 'synapse',
},
},
'admins': {
'@sophie:sophies-kitchen.eu',
},
'upload_max_mb': 500,
},
2023-12-13 20:31:51 +00:00
'matrix-stickerpicker': {
# use this bot token for telegram import: encrypt$gAAAAABg4bcQVzBF_iXdDtjRQD-O37GHdbHwWXyhCLPOuJLbv3ezUeXKR203hkCXkjfItSHi4NiTEgQPadDZTRkavaRpvAoaQV1a4srCS_Y-NU4RiOmkrVFJ_Xhw6UZvwjQUQ0QPOx9t
'domain': "matrix-stickers.sophies-kitchen.eu",
'config': {
'access_token': vault.decrypt('encrypt$gAAAAABg4btB0KGk068ahGZzR0w_Lm1bj1wUbB2WfNNs2bp3PwM4Ftp6MjQnrF-CejZfrF0NjPJw9Z4MrgileHP0sVw04mvgKSHfTf8gv4kTB6WuCIxHeMWHUDx00LTWL73fSlhCK0o1'),
'homeserver': "https://matrix.sophies-kitchen.eu",
'user_id': "@dimension:sophies-kitchen.eu",
},
},
'matrix-synapse': {
'server_name': 'sophies-kitchen.eu',
'baseurl': 'matrix.sophies-kitchen.eu',
'admin_contact': 'mailto:foobar@sophies-kitchen.eu',
'trusted_key_servers': {
'matrix.org',
},
},
'mautrix-telegram': {
2024-01-01 09:12:03 +00:00
'version': 'v0.15.1',
'homeserver': {
'domain': 'sophies-kitchen.eu',
'url': 'https://matrix.sophies-kitchen.eu',
},
'provisioning': {
'enabled': False,
'shared_secret': '""',
},
'permissions': {
'sophies-kitchen.eu': 'full',
"'@sophie:sophies-kitchen.eu'": 'admin',
},
'telegram': {
'api_id': vault.decrypt('encrypt$gAAAAABgnqdXhCTwtCXJhSaCZsiNfHPtjwlYtV1sUAux7JZdejN3xItU9RJLeNu4gUniv36XbBoxKwVtqqyV3RcAs-PgumcfYQ=='),
'api_token': vault.decrypt('encrypt$gAAAAABgnqd5IdpYRmW-C4ONBSXQfiJrpTVQX0rP0eKoDnLnVTLg-5olSjcw2gVvEKWLnsGEZIgVcG7yEs-sqYRxeiQLFFpSn-Z4We0mhj0CUeFoD-eXJsp-bAgLv9PJoMv5Gjb8r9i6'),
'bot_token': '""',
2021-02-20 15:50:42 +00:00
},
},
'nameservers': {
'213.133.98.98',
'213.133.99.99',
'213.133.100.100',
'2a01:4f8:0:1::add:1010',
'2a01:4f8:0:1::add:9999',
'2a01:4f8:0:1::add:9898',
},
'nftables': {
2023-09-24 18:59:58 +00:00
'input': {
'50-sophie-weechat': [
2023-09-24 18:59:58 +00:00
'udp dport { 60000-61000 } accept',
'tcp dport 9001 accept',
],
},
},
2021-02-20 14:56:54 +00:00
'nginx': {
'vhosts': {
'sophies-kitchen.eu': {
'webroot': '/var/www/sophies-kitchen.eu/_site/',
'extras': True,
},
'matrix-synapse': {
'domain': 'matrix.sophies-kitchen.eu',
},
2021-03-13 12:31:28 +00:00
'webdump.sophies-kitchen.eu': {
2021-02-20 16:32:09 +00:00
'webroot_config': {
'owner': 'sophie',
'group': 'sophie',
'mode': '0755',
},
2021-03-13 12:31:28 +00:00
'extras': True,
2021-02-20 14:56:54 +00:00
},
2021-09-02 12:24:49 +00:00
'recipes.sophies-kitchen.eu': {
'webroot_config': {
'owner': 'sophie',
'group': 'sophie',
'mode': '0755',
},
},
2021-02-20 14:56:54 +00:00
},
},
2022-11-16 18:19:41 +00:00
'nodejs': {
2023-07-22 13:52:28 +00:00
'version': 18,
2022-11-16 18:19:41 +00:00
},
2022-10-19 13:24:39 +00:00
'ntfy': {
2022-10-19 13:38:10 +00:00
'domain': 'ntfy.sophies-kitchen.eu',
'allow_unauthorized_write': True,
2022-10-19 13:24:39 +00:00
},
'postgresql': {
'version': '11',
},
2021-06-04 05:27:49 +00:00
'sysctl': {
'options': {
# XXX find out if this is really needed
'net.ipv4.ip_forward': '1',
'net.ipv6.conf.all.forwarding': '1',
},
},
2021-02-20 14:56:54 +00:00
'vm': {
'cpu': 2,
'ram': 4,
2021-03-11 21:27:30 +00:00
},
'users': {
'sophie': {
'enable_linger': True,
2021-03-11 21:27:30 +00:00
'ssh_pubkey': [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDILcYrMQNRVXAm5L+7No1ZumqfCyRc1QZmTY3O7Q8hsE4+fCAvwsWm2aSMfLL3NnIl8Nm1Rixzic5jdYKYNIY3SlX1wvTB+MhGb2eyVSd7c/Y98aCLSlDkQ2sebjpdA1FoJOeGD3qxqDwj0+KckXU2ZaSSQY7CxVsjH65UxCHqVAg+6uLdNbj7j850s1B9NXVXef+sBQ5jUngXxnqQWwNh2Mn8auwumkeEG4SYf96wyFkLvmBitOng/GyLWl9YPnXXHHDnatcVipy7y34qw4CQ4P84anecbA+Bqr9IcxBW6qYmYgRKEnAcmEfjQd+BI1gCLB1BBEmb/qp+mVLd4tOh sophie@carbon"
],
},
},
2022-10-23 13:13:13 +00:00
'zfs': {
2023-08-24 17:30:25 +00:00
"datasets": {
"tank/webdump": {
"mountpoint": "/var/www/webdump.sophies-kitchen.eu",
"needed_by": [
"directory:/var/www/webdump.sophies-kitchen.eu"
]
}
},
2022-10-23 13:13:13 +00:00
'pools': {
'tank': {
'when_creating': {
'config': [{
'devices': {
'/dev/disk/by-id/scsi-0HC_Volume_23952298',
},
}]
},
},
},
},
2021-02-20 14:56:54 +00:00
},
}