diff --git a/bundles/weechat/metadata.py b/bundles/weechat/metadata.py new file mode 100644 index 0000000..939bc74 --- /dev/null +++ b/bundles/weechat/metadata.py @@ -0,0 +1,98 @@ +defaults = { + 'apt': { + 'packages': { + 'libpod-parser-perl': {}, + 'mosh': {}, + 'weechat': {}, + 'weechat-core': {}, + 'weechat-curses': {}, + 'weechat-perl': {}, + 'weechat-plugins': {}, + 'weechat-python': {}, + 'weechat-ruby': {}, + }, + 'repos': { + 'weechat': { + 'items': { + 'deb https://weechat.org/{os} {os_release} main', + }, + }, + }, + }, + 'nftables': { + 'rules': { + 'weechat-mosh': { + 'inet filter input udp dport { 60000-61000 } accept', + }, + }, + }, +} + + +@metadata_reactor.provides( + 'backup-client/pre-hooks', + 'backups/paths', + 'users', + 'zfs/datasets', +) +def paths(metadata): + user = metadata.get('weechat/user') + + return { + 'backup-client': { + 'pre-hooks': { + 'weechat': f""" + echo 'core.weechat */layout store' >> /home/{user}/.weechat/fifo + echo 'core.weechat */save' >> /home/{user}/.weechat/fifo + """, + }, + }, + 'backups': { + 'paths': { + f'/home/{user}/.weechat', + }, + }, + 'users': { + user: { + 'enable_linger': True, + }, + }, + 'zfs': { + 'datasets': { + f'tank/{user}': {}, + f'tank/{user}/weechat': { + 'mountpoint': f'/home/{user}/.weechat', + 'compression': 'on', + }, + }, + }, + } + + +@metadata_reactor.provides( + 'nginx/vhosts', +) +def relay_vhost(metadata): + if not node.has_bundle('nginx'): + raise DoNotRunAgain + + relay_domain = metadata.get('weechat/relay_domain', None) + if relay_domain is None: + return {} + + return { + 'nginx': { + 'vhosts': { + 'weechat': { + 'domain': relay_domain, + 'locations': { + '/weechat': { + 'proxy_read_timeout': '12h', + 'target': 'http://[::1]:9000', + 'websockets': True, + }, + }, + }, + }, + }, + } diff --git a/nodes/carlene.toml b/nodes/carlene.toml index ce1ba64..14132c0 100644 --- a/nodes/carlene.toml +++ b/nodes/carlene.toml @@ -17,9 +17,15 @@ bundles = [ "check-mail-received", "postgresql", "travelynx", + "weechat", "zfs", ] +[metadata.backups] +paths = [ + "/var/www/paste.franzi.business/", +] + [metadata.check-mail-received.t-online] email = "franzi.kunsmann@t-online.de" imap_host = "secureimap.t-online.de" @@ -123,6 +129,10 @@ ssh_pubkey = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCO0KG3/hnMO6UsReyEHvV4y7fYmJGQeCVnmw2xUoM4so2ZacWDi27aQbMq6wWb/JsUh4j3OOvEfNvf27LU6wpqcxM/QO22YjLsOtVzVnGjupsKAnN/nKy+X7KhspaF9qKFpmseBpuEAAnaxnreEFNC2tHarzJzgj+Y+Bmkg4tnMWsVc6EoBp1R2xmsdeRtgcQwms3xX9COeAjkFNgniGfqigO2AxPgC68h3GqSlcPzgpJ7ukvtCRCs/g3R+9GCnxsamd3AYhaRCIKauIyA44WqtH8lAH5+g16tU8WYcK1KySuwLt418kXDDJrZXaOLbxRl+jrShIdPoGhqs1y6KlOVTbj9TBVGt8CtV8JsLwzH2GCdLjImcXWUob2j2sxgBGTWiTfWf98XBLmBQwbAlBJ01gsHhJxDx0E2ttxueSjyg4hTzWCH0TlRmbpUDdIlqLgwHxmh97YFF5oqkgWGjSt7jxrW8Q9+FeMi5L2qHzKez5Z3quOhDIXWjEcpxqQQ2Lc=", ] +[metadata.weechat] +user = "kunsi" +relay_domain = "irc.franzi.business" + [[metadata.zfs.pools.tank.when_creating.config]] devices = [ "/dev/nvme0n1p3", @@ -133,6 +143,9 @@ type = "mirror" [metadata.zfs.datasets.tank] primarycache = "metadata" +[metadata.zfs.datasets.'tank/kunsi/webdump'] +mountpoint = "/var/www/paste.franzi.business" + [metadata.vm] cpu = 24 ram = 64 diff --git a/nodes/rx300.py b/nodes/rx300.py index 4a15b0c..505e1df 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -54,38 +54,6 @@ nodes['rx300'] = { # for `bw test` on jenkins 'bind9utils': {}, - - # used by user:kunsi - 'mosh': {}, - 'weechat': {}, - 'weechat-core': {}, - 'weechat-curses': {}, - 'weechat-perl': {}, - 'weechat-plugins': {}, - 'weechat-python': {}, - 'weechat-ruby': {}, - - # for weechat scripts - 'libpod-parser-perl': {}, - }, - 'repos': { - 'weechat': { - 'items': { - 'deb https://weechat.org/debian {os_release} main', - }, - }, - }, - }, - 'backup-client': { - 'pre-hooks': { - 'kunsi-weechat': \ - 'echo \'core.weechat */layout store\' >> /home/kunsi/.weechat/weechat_fifo\n' \ - 'echo \'core.weechat */save\' >> /home/kunsi/.weechat/weechat_fifo\n', - }, - }, - 'backups': { - 'paths': { - '/home/kunsi/.weechat', }, }, 'check-mail-received': { @@ -109,22 +77,6 @@ nodes['rx300'] = { 'allowed_hosts': ['jh.franzi.business'], 'timezone': 'Europe/Berlin', }, - 'letsencrypt': { - 'concat_and_deploy': { - 'kunsi-weechat': { - 'match_domain': 'rx300.kunbox.net', - 'target': '/home/kunsi/.weechat/ssl/relay.pem', - 'chown': 'kunsi:kunsi', - 'chmod': '0440', - 'commands': [ - 'echo \'core.weechat */relay sslcertkey\' >> /home/kunsi/.weechat/weechat_fifo' - ], - }, - }, - 'domains': { - 'rx300.kunbox.net': set(), - }, - }, 'matrix-dimension': { 'url': 'dimension.franzi.business', 'version': 'c6d047c', # XXX master is broken as of 2021-11-27 @@ -175,14 +127,6 @@ nodes['rx300'] = { 'kunsi': 'hostmaster@kunbox.net', }, }, - 'nftables': { - 'rules': { - '50-kunsi-weechat': [ - 'inet filter input udp dport { 60000-61000 } accept', - 'inet filter input tcp dport 9001 accept', - ], - }, - }, 'nginx': { 'security.txt': { 'contact': 'mailto:security@kunsmann.eu', @@ -426,11 +370,6 @@ nodes['rx300'] = { 'threads': 8, 'cache_slabs': 8, }, - 'users': { - 'kunsi': { - 'enable_linger': True, - }, - }, 'zfs': { 'module_options': { 'zfs_arc_max_gb': 48,