diff --git a/PORT_MAP.md b/PORT_MAP.md index e15cfec..003339b 100644 --- a/PORT_MAP.md +++ b/PORT_MAP.md @@ -26,11 +26,11 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports. | 6667 | | bitlbee | | 8010 | | matrix-media-repo | | 8086 | influxdb2 | influx | -| 8184 | | matrix-dimension | | 11332-11334 | rspamd | rspamd | | 20000 | mx-puppet-discord | Bridge | | 20010 | mautrix-telegram | Bridge | | 20020 | mautrix-whatsapp | Bridge | +| 20030 | matrix-dimension | Matrix Integrations Manager| | 20080 | matrix-synapse | client, federation | | 20081 | matrix-synapse | prometheus metrics | | 20090 | matrix-media-repo | media_repo | diff --git a/bundles/element-web/items.py b/bundles/element-web/items.py index 42247dd..190bf3e 100644 --- a/bundles/element-web/items.py +++ b/bundles/element-web/items.py @@ -2,14 +2,12 @@ from bundlewrap.metadata import metadata_to_json repo.libs.tools.require_bundle(node, 'nodejs') -element_web_root = '/var/www/{}'.format(node.metadata['element-web']['url']) - directories = { - element_web_root: {} + '/opt/element-web': {} } git_deploy = { - element_web_root: { + '/opt/element-web': { 'rev': node.metadata['element-web']['version'], 'repo': 'https://github.com/vector-im/element-web.git', 'triggers': { @@ -19,7 +17,7 @@ git_deploy = { } files = { - element_web_root + '/webapp/config.json': { + '/opt/element-web/webapp/config.json': { 'content': metadata_to_json(node.metadata['element-web']['config']), 'needs': { 'action:element-web_yarn', @@ -29,7 +27,7 @@ files = { actions = { 'element-web_yarn': { - 'command': 'cd ' + element_web_root + ' && npm install yarn && node_modules/yarn/bin/yarn install && node_modules/yarn/bin/yarn build', + 'command': 'cd /opt/element-web && npm install yarn && node_modules/yarn/bin/yarn install && node_modules/yarn/bin/yarn build', 'needs': { 'pkg_apt:nodejs', }, diff --git a/bundles/element-web/metadata.py b/bundles/element-web/metadata.py index 6b3caf4..04fefb1 100644 --- a/bundles/element-web/metadata.py +++ b/bundles/element-web/metadata.py @@ -1,3 +1,16 @@ +defaults = { + 'zfs': { + 'datasets': { + 'tank/element-web': { + 'mountpoint': '/opt/element-web', + 'needed_by': { + 'directory:/opt/element-web', + }, + }, + }, + }, +} + @metadata_reactor.provides( 'nginx/vhosts', ) @@ -5,8 +18,9 @@ def nginx_config(metadata): return { 'nginx': { 'vhosts': { - metadata.get('element-web/url'): { - 'webroot': '/var/www/{}/webapp/'.format(metadata.get('element-web/url')), + 'element-web': { + 'domain': metadata.get('element-web/url'), + 'webroot': '/opt/element-web/webapp/', }, }, }, diff --git a/bundles/matrix-dimension/files/matrix-dimension.service b/bundles/matrix-dimension/files/matrix-dimension.service new file mode 100644 index 0000000..9d2bebc --- /dev/null +++ b/bundles/matrix-dimension/files/matrix-dimension.service @@ -0,0 +1,14 @@ +[Unit] +Description=Matrix Dimension +After=network.target + +[Service] +User=matrix-dimension +Group=matrix-dimension +Environment="NODE_ENV=production" +ExecStart=/usr/bin/node ${config['install_dir']}/build/app/index.js +WorkingDirectory=${config['install_dir']} +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml new file mode 100644 index 0000000..321f6d2 --- /dev/null +++ b/bundles/matrix-dimension/files/production.yaml @@ -0,0 +1,93 @@ +# The web settings for the service (API and UI). +# It is best to have this run on localhost and use a reverse proxy to access Dimension. +web: + port: 20030 + address: '127.0.0.1' + +# Homeserver configuration +homeserver: + # The domain name of the homeserver. This is used in many places, such as with go-neb + # setups, to identify the homeserver. + name: "${config['homeserver']['name']}" + + # The URL that Dimension, go-neb, and other services provisioned by Dimension should + # use to access the homeserver with. + clientServerUrl: "${config['homeserver']['clientServerUrl']}" + + # The URL that Dimension should use when trying to communicate with federated APIs on + # the homeserver. If not supplied or left empty Dimension will try to resolve the address + # through the normal federation process. + #federationUrl: "https://t2bot.io:8448" + + # The URL that Dimension will redirect media requests to for downloading media such as + # stickers. If not supplied or left empty Dimension will use the clientServerUrl. + #mediaUrl: "https://t2bot.io" + + # The access token Dimension should use for miscellaneous access to the homeserver, and + # for tracking custom sticker pack updates. This should be a user configured on the homeserver + # and be dedicated to Dimension (create a user named "dimension" on your homeserver). For + # information on how to acquire an access token, visit https://t2bot.io/docs/access_tokens + accessToken: "${config['homeserver']['accessToken']}" + +# These users can modify the integrations this Dimension supports. +# To access the admin interface, open Dimension in Riot and click the settings icon. +admins: +% for i in config['admins']: + - "${i}" +% endfor +# IPs and CIDR ranges listed here will be blocked from being widgets. +# Note: Widgets may still be embedded with restricted content, although not through Dimension directly. +widgetBlacklist: + - 10.0.0.0/8 + - 172.16.0.0/12 + - 192.168.0.0/16 + - 127.0.0.0/8 + +database: + # Where the database for Dimension is + uri: "postgres://${node.metadata['matrix-dimension']['database']['user']}:${node.metadata['matrix-dimension']['database']['password']}@${node.metadata['matrix-dimension']['database'].get('host', 'localhost')}/${node.metadata['matrix-dimension']['database']['database']}" + + # Where to store misc information for the utility bot account. + botData: "${config['data_dir']}/dimension.bot.json" + +# Display settings that apply to self-hosted go-neb instances +goneb: + # The avatars to set for each bot. Usually these don't need to be changed, however if your homeserver + # is not able to reach t2bot.io then you should specify your own here. To not use an avatar for a bot, + # make the bot's avatar an empty string. + avatars: + giphy: "mxc://t2bot.io/c5eaab3ef0133c1a61d3c849026deb27" + imgur: "mxc://t2bot.io/6749eaf2b302bb2188ae931b2eeb1513" + github: "mxc://t2bot.io/905b64b3cd8e2347f91a60c5eb0832e1" + wikipedia: "mxc://t2bot.io/7edfb54e9ad9e13fec0df22636feedf1" + travisci: "mxc://t2bot.io/7f4703126906fab8bb27df34a17707a8" + rss: "mxc://t2bot.io/aace4fcbd045f30afc1b4e5f0928f2f3" + google: "mxc://t2bot.io/636ad10742b66c4729bf89881a505142" + guggy: "mxc://t2bot.io/e7ef0ed0ba651aaf907655704f9a7526" + echo: "mxc://t2bot.io/3407ff2db96b4e954fcbf2c6c0415a13" + circleci: "mxc://t2bot.io/cf7d875845a82a6b21f5f66de78f6bee" + jira: "mxc://t2bot.io/f4a38ebcc4280ba5b950163ca3e7c329" + +# Settings for interacting with Telegram. Currently only applies for importing +# sticker packs from Telegram. +telegram: + # Talk to @BotFather on Telegram to get a token + botToken: "${config['telegram']['botToken']}" + +# Custom sticker pack options. +# Largely based on https://github.com/turt2live/matrix-sticker-manager +stickers: + # Whether or not to allow people to add custom sticker packs + enabled: true + + # The sticker manager bot to promote + stickerBot: "@stickers:t2bot.io" + + # The sticker manager URL to promote + managerUrl: "https://stickers.t2bot.io" + + +# Settings for controlling how logging works +logging: + console: true + consoleLevel: info diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py new file mode 100644 index 0000000..a8a9a5c --- /dev/null +++ b/bundles/matrix-dimension/items.py @@ -0,0 +1,74 @@ +repo.libs.tools.require_bundle(node, 'nodejs') + + +directories = { + node.metadata['matrix-dimension']['install_dir']: { + 'owner': 'matrix-dimension', + 'group': 'matrix-dimension', + }, +} + +git_deploy = { + node.metadata['matrix-dimension']['install_dir']: { + 'rev': node.metadata.get('matrix-dimension/version', 'master'), # doesn't have releases yet + 'repo': 'https://github.com/turt2live/matrix-dimension.git', + 'triggers': { + 'action:matrix_dimension_build', + }, + 'needs': { + 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir')), + 'directory:{}'.format(node.metadata.get('matrix-dimension/data_dir')), + }, + }, +} + +files = { + '{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')): { + 'owner': 'matrix-dimension', + 'group': 'matrix-dimension', + 'content_type': 'mako', + 'context': { + 'config': node.metadata.get('matrix-dimension', {}), + }, + 'needs': { + 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir')), + }, + 'triggers': { + 'svc_systemd:matrix-dimension:restart', + }, + }, + '/etc/systemd/system/matrix-dimension.service': { + 'content_type': 'mako', + 'context': { + 'config': node.metadata.get('matrix-dimension', {}), + }, + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:matrix-dimension:restart', + }, + }, +} + +actions = { + 'matrix_dimension_build': { + 'command': 'cd ' + node.metadata.get('matrix-dimension/install_dir') + ' && sudo -u matrix-dimension npm install && sudo -u matrix-dimension npm run build', + 'needs': { + 'pkg_apt:nodejs', + }, + 'triggered': True, + 'triggers': { + 'svc_systemd:matrix-dimension:restart', + }, + }, +} + +svc_systemd = { + 'matrix-dimension': { + 'needs': { + 'action:matrix_dimension_build', + 'file:{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')), + 'postgres_db:matrix-dimension', + 'postgres_role:matrix-dimension', + }, + }, +} diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py new file mode 100644 index 0000000..2d41180 --- /dev/null +++ b/bundles/matrix-dimension/metadata.py @@ -0,0 +1,77 @@ +defaults = { + 'backups': { + 'paths': { + '/opt/matrix-dimension', + '/var/opt/matrix-dimension', + }, + }, + 'matrix-dimension': { + 'install_dir': '/opt/matrix-dimension', + 'data_dir': '/var/opt/matrix-dimension', + 'database': { + 'user': 'matrix-dimension', + 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), + 'database': 'matrix-dimension', + }, + }, + 'postgresql': { + 'roles': { + 'matrix-dimension': { + 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), + }, + }, + 'databases': { + 'matrix-dimension': { + 'owner': 'matrix-dimension', + }, + }, + }, + 'users': { + 'matrix-dimension': { + 'home': '/var/opt/matrix-dimension', + }, + }, +} + +@metadata_reactor.provides( + 'nginx/vhosts/matrix-dimension', +) +def nginx_config(metadata): + return { + 'nginx': { + 'vhosts': { + 'matrix-dimension': { + 'domain': metadata.get('matrix-dimension/url'), + 'do_not_set_content_security_headers': True, + 'max_body_size': '50M', + 'locations': { + '/': { + 'target': 'http://127.0.0.1:20030', + }, + }, + }, + }, + }, + } + + +@metadata_reactor.provides( + 'icinga2_api/matrix-dimension/services', +) +def icinga_check_for_new_release(metadata): + return { + 'icinga2_api': { + 'matrix-dimension': { + 'services': { + 'MATRIX-DIMENSION UPDATE': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release turt2live/matrix-dimension {}'.format(metadata.get('matrix-dimension/version')), + 'vars.notification.mail': True, + 'check_interval': '60m', + }, + 'MATRIX-DIMENSION PROCESS': { + 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a matrix-dimension -c 1:', + }, + }, + }, + }, + } diff --git a/bundles/mx-puppet-discord/files/config.yaml b/bundles/mx-puppet-discord/files/config.yaml index 6be98d2..6f3f160 100644 --- a/bundles/mx-puppet-discord/files/config.yaml +++ b/bundles/mx-puppet-discord/files/config.yaml @@ -19,7 +19,7 @@ provisioning: namePatterns: user: ":name (Discord)" userOverride: ":displayname (Discord)" - room: "#:name (Discord - :guild)" + room: "#:name (:guild)" group: ":name" database: diff --git a/bundles/unbound/files/unbound.conf b/bundles/unbound/files/unbound.conf index 31188c9..d3269dc 100644 --- a/bundles/unbound/files/unbound.conf +++ b/bundles/unbound/files/unbound.conf @@ -23,6 +23,10 @@ server: access-control: ::1 allow % endif +% if node.has_bundle('pppd'): + prefer-ip4: yes +% endif + msg-cache-size: ${cache_size} msg-cache-slabs: ${cache_slabs} rrset-cache-size: ${cache_size} diff --git a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu b/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu deleted file mode 100644 index aa5cff2..0000000 --- a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu +++ /dev/null @@ -1,6 +0,0 @@ - add_header Content-Security-Policy "frame-ancestors 'self' chat.sophies-kitchen.eu"; - - location /.well-known/matrix/ { - alias /etc/matrix-synapse/wellknown/; - add_header Access-Control-Allow-Origin *; - } diff --git a/data/nginx/files/extras/htz-cloud.miniserver/matrix-dimension b/data/nginx/files/extras/htz-cloud.miniserver/matrix-dimension new file mode 100644 index 0000000..e13c482 --- /dev/null +++ b/data/nginx/files/extras/htz-cloud.miniserver/matrix-dimension @@ -0,0 +1 @@ +add_header Content-Security-Policy "frame-ancestors 'self' chat.sophies-kitchen.eu"; diff --git a/data/powerdns/files/bind-zones/franzi.business b/data/powerdns/files/bind-zones/franzi.business index b811603..3f51f55 100644 --- a/data/powerdns/files/bind-zones/franzi.business +++ b/data/powerdns/files/bind-zones/franzi.business @@ -8,8 +8,7 @@ $ORIGIN franzi.business. IN MX 10 mx0.kunbox.net. IN TXT "v=spf1 mx ~all" -chat IN A 94.130.52.224 -chat IN AAAA 2a01:4f8:10b:2a5f::2 +chat IN CNAME rx300.kunbox.net. dimension IN A 94.130.52.224 dimension IN AAAA 2a01:4f8:10b:2a5f::2 diff --git a/data/ssl/_.home.kunbox.net.crt.pem b/data/ssl/_.home.kunbox.net.crt.pem index 7fd031e..5dcc429 100644 --- a/data/ssl/_.home.kunbox.net.crt.pem +++ b/data/ssl/_.home.kunbox.net.crt.pem @@ -1,27 +1,27 @@ -----BEGIN CERTIFICATE----- -MIIEiDCCA3CgAwIBAgISBBs1tXfwOmn7KkgoBobxBZB5MA0GCSqGSIb3DQEBCwUA +MIIEiTCCA3GgAwIBAgISBK7LyZgSsIGYVyvtZegOm/EYMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD -EwJSMzAeFw0yMTA0MjUwNTM4MzVaFw0yMTA3MjQwNTM4MzVaMBoxGDAWBgNVBAMT -D2hvbWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABK1au63mFbRf -yIdtADRlTonFn78I9BO7dbcCroupIGSVAHrcK4TeSvwdEzfRgFurGKBwuG/q69aM -zmGNlZT7V7XriV9ugYugiryG5BXU65WVMktdIsor3zdb52MRtBkIeKOCAlwwggJY +EwJSMzAeFw0yMTA3MTUxNTIzMzFaFw0yMTEwMTMxNTIzMzBaMBoxGDAWBgNVBAMT +D2hvbWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABLNBvsnDsPhe ++NADf9B8VSCCqTb4Qno914E480Of42j85E3YK+iFN6qJhn5SWwhejnyucqpa/UhH ++PI5GQnbIsk+P8OwexFyHKJiph7WXS1icf0Tdxk/Aeudcp5gNkDWkaOCAl0wggJZ MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw -DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULT1Xhf+4vDvCaX+c3TTnZo3ew9gwHwYD +DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUzCC4AfStIjmj9DiVKTMHSBS6uX8wHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5u ZXSCD2hvbWUua3VuYm94Lm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y -ZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AJQgvB6O1Y1siHMfgosiLA3R2k1e -bE+UPWHbTi9YTaLCAAABeQfAUowAAAQDAEcwRQIgBB+xeDqOU8y7t2WY+BdG13T/ -SI0MH66aZ/9NLeVJIM8CIQCrR6cT8lsYXHYGJ4QthxfaDuS4e/aNq0TW6z84WQod -YAB1AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABeQfAUyMAAAQD -AEYwRAIgBWcJFwzDbdRTC0NUMCyU7kUd9zr3Dlja1Olkyu3cZN0CIBxvYC1I5tuz -iBlnrFYxeDC8muxbJcffqGfNlR8regRsMA0GCSqGSIb3DQEBCwUAA4IBAQBqJGqV -RRjcmWj9wbgb6ysn3arUR4bYnRanid5sKTLpoUgeBNHViyrsKhWmAFk93PBfgYxq -rLcCAOCIeFl1DPvtYYBCu2H3szeHgjf7yq85pZFFTl9iwPNJ3QIJv1XNNSi0lR31 -67kZPqrwXjYUAqT94dNsDbvw5IobhFXvTzWzi1iY8rB19GIXeAZdxmfRHj4sYDDO -mWDGU1lsXvKNzFqff99O0UtbFVJAtfDcX3KHZK0Lw9MfyOg8MBO73gLLD0sGRow5 -jsi7Dcg0MUig0N1gQ20QoH5pU/blpFS9mTtbn3aF1XSa7+wi9sUpT7D5zGbWGUcD -/vzvyvzSD4THVy/T +ZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AJQgvB6O1Y1siHMfgosiLA3R2k1e +bE+UPWHbTi9YTaLCAAABeqr69dMAAAQDAEYwRAIgZlJNlWSNhIwF4rMYWoZz2ipv +r/KERY361jwWbrXkYi8CIB7wDYerS3Gp7uojHSfZ6LCQjm/TrQpWPxGa2rDEEr6L +AHcA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF6qvr1xAAABAMA +SDBGAiEAj0dvzU4wFLbcyuvtodJk0DJU9tLyd0zsnpb4DyZrObUCIQC7nRaJ4Jpj +mnXrNNRdyG16j3Y9snEfP0WNG8W8U7TjgDANBgkqhkiG9w0BAQsFAAOCAQEAY7Wa +Jj/agc7bLBjr6cRugq/7l/MeYwIZ7ubHsyDlh7kSb6dlBxDFjepRrz88cBGdmEfn +kA0Cqcgdbafl+/EcQuXsVF9/G/1UdxP1QTEpWbii9Xf6bcJvzFZ1wAHkavlBRbHI +V0UgRpaE6G3i66AKQGp3jKdrpV7VKKcF3o7gD7tXC2eM6+TJKoaqCmTdrO7Qd2f9 +eZ0mqgChhwRn4hOXJX3Wu60UgmIkvAujKEItXEpDWleqC+tZCf82p9aEA4B6P/1L +ZHWXHomhgJ9kkYSAmucDUvD8Bq7od7rlwms9vYv8q5RQYZ26O45FTtZXZ8/Pb9W8 +JjFyznrcZSyIR+McNA== -----END CERTIFICATE----- diff --git a/data/ssl/_.home.kunbox.net.crt_intermediate.pem b/data/ssl/_.home.kunbox.net.crt_intermediate.pem index c47729f..efd07a1 100644 --- a/data/ssl/_.home.kunbox.net.crt_intermediate.pem +++ b/data/ssl/_.home.kunbox.net.crt_intermediate.pem @@ -1,27 +1,63 @@ -----BEGIN CERTIFICATE----- -MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow -MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT -AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs -jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp -Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB -U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 -gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel -/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R -oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E -BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p -ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE -p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE -AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu -Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 -LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf -r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B -AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH -ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 -S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL -qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p -O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw -UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC +ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL +wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D +LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK +4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 +bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y +sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ +Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 +FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc +SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql +PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND +TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw +SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 +c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx ++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB +ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu +b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E +U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu +MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC +5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW +9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG +WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O +he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC +Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 -----END CERTIFICATE----- diff --git a/data/ssl/_.home.kunbox.net.key.pem.vault b/data/ssl/_.home.kunbox.net.key.pem.vault index 74524d8..02a8abf 100644 --- a/data/ssl/_.home.kunbox.net.key.pem.vault +++ b/data/ssl/_.home.kunbox.net.key.pem.vault @@ -1 +1 @@ -encrypt$gAAAAABghQ5uRvwa78y-BVzSKONUlH2ATUDOR6kQzM46pCLqld3o48H2HCW13q8IIFTUIHWHCICW6O9_Gw6B_j2sqZwnZlGFqsyQTUl6nSLcR5oJky6pMRpQat3fEUxrJqDL-6d5KyitC7UWgiAkjaZbbpVshy7RIztS9ocXVrGcqNNM4u_-F7dKTo1ZMnhx5FuUZBrybNMX_sF7gHJxhVbJzpk-JKLgzWH9AchR3BJ4tPb03JANForaIsa219UjWtxtGCeiKLZoLQ-1LtJkWKKAEG_BjG_8JIQGiC6_x7jiI-h5HHPoahVXnkMP3J46CWCxt0gUYnX05iNrgI-UxoOWyDMqGDTXA5cyblfsG-LqJvo0Cjvr2V0wl0cxObaP5P9JFDUiIiH-VgI2g3esLRFFMw_Qm0fvlb9C8n8LA3mQxljVU3bdlWv1MNAAwgzBJrSTWPqnBb4F49JwQSM70VgFD5ukF42oYdMxSZkKR4zlgJ8q9pMD7R0mWrq4A6ZE4fQ4s9rPSwMXmPGzcu1KWCrU9FsL0e86UK0YfKXv85i5qdhqh1FXOAA= \ No newline at end of file +encrypt$gAAAAABg8GEGSkxHqfC9tZmqfKE0f0pNZYXedHKriXaGeo2DJwoUArTI3j6rY5l5jX01KP9mpslYPLewjmlUtExYDqzVg1yJ21oiJciri8mFoYqJe4uWgkpwVC-M8O9AJCklSi2Iq1JPztz4x5H0m9hKUjJ_hrZzOtu1bMtX8A_vqGCElcVUJGVtrkEkBqvditwi7uQ__WKTEOfzVhOALcYyc4elyQvxrEUHlyLI9_8ws8iYEKUTzSfcf63AgZ9nmK1VK0miwk1zguIIJ73LnDiF3wVCvre_6nzgadD_mS07bheqUvdeTbwVgiwHsVczxn9H8q8BBx8GXBOHJEwU_S6rfroqZftWyARPlU1uEa1WxpSOwdi0C_ntLA3nQn52ipBhrgdzdA_4TrlLMr1seUPo3Slt2i4YbuCl3x1tSJRY19uwIpr9pDxUKNKg4nuCcHt5ttj-C6D1QcjRRvXRETbKhw45-7zF97UPa7-b_NVB9NdGBJ7Xv4aD2p7ILfPnM0Zt5eL-gN3j7WKWq1YSdDzuDDc4SLhy63t4gkq0N0YgaPBp1i06VQs= \ No newline at end of file diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 1085b16..f28568c 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -4,6 +4,7 @@ nodes['htz-cloud.miniserver'] = { 'bundles': { 'element-web', + 'matrix-dimension', 'matrix-media-repo', 'matrix-synapse', 'nodejs', @@ -58,7 +59,7 @@ nodes['htz-cloud.miniserver'] = { }, 'element-web': { 'url': 'chat.sophies-kitchen.eu', - 'version': 'v1.7.31', + 'version': 'v1.7.32', 'config': { 'default_server_config': { 'm.homeserver': { @@ -68,10 +69,10 @@ nodes['htz-cloud.miniserver'] = { }, 'brand': 'sophies-kitchen.eu', 'showLabsSettings': True, - 'integrations_ui_url': 'https://dimension.franzi.business/riot', - 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', + 'integrations_ui_url': 'https://dimension.sophies-kitchen.eu/riot', + 'integrations_rest_url': 'https://dimension.sophies-kitchen.eu/api/v1/scalar', 'integrations_widgets_urls': { - 'https://dimension.franzi.business/widgets' + 'https://dimension.sophies-kitchen.eu/widgets' }, 'default_theme': 'dark', 'defaultCountryCode': 'DE', @@ -103,6 +104,21 @@ nodes['htz-cloud.miniserver'] = { }, }, }, + 'matrix-dimension': { + 'url': 'dimension.sophies-kitchen.eu', + 'version': 'master', # doesn't have releases yet + 'homeserver': { + 'name': 'sophies-kitchen.eu', + 'clientServerUrl': 'https://matrix.sophies-kitchen.eu', + 'accessToken': vault.decrypt('encrypt$gAAAAABg4btB0KGk068ahGZzR0w_Lm1bj1wUbB2WfNNs2bp3PwM4Ftp6MjQnrF-CejZfrF0NjPJw9Z4MrgileHP0sVw04mvgKSHfTf8gv4kTB6WuCIxHeMWHUDx00LTWL73fSlhCK0o1'), + }, + 'admins': [ + '@sophie:sophies-kitchen.eu', + ], + 'telegram': { + 'botToken': vault.decrypt('encrypt$gAAAAABg4bcQVzBF_iXdDtjRQD-O37GHdbHwWXyhCLPOuJLbv3ezUeXKR203hkCXkjfItSHi4NiTEgQPadDZTRkavaRpvAoaQV1a4srCS_Y-NU4RiOmkrVFJ_Xhw6UZvwjQUQ0QPOx9t'), + }, + }, 'matrix-media-repo': { 'version': 'v1.2.8', 'homeservers': { @@ -144,6 +160,14 @@ nodes['htz-cloud.miniserver'] = { 'bot_token': '""', }, }, + 'nameservers': { + '213.133.98.98', + '213.133.99.99', + '213.133.100.100', + '2a01:4f8:0:1::add:1010', + '2a01:4f8:0:1::add:9999', + '2a01:4f8:0:1::add:9898', + }, 'nftables': { 'rules': { 'input': { @@ -156,16 +180,9 @@ nodes['htz-cloud.miniserver'] = { }, 'nginx': { 'vhosts': { - #'dimension.sophies-kitchen.eu': { - # 'extras': True, - # 'do_not_set_content_security_headers': True, - # 'max_body_size': '50M', - # 'locations': { - # '/': { - # 'target': 'http://127.0.0.1:8184', - # }, - # }, - #}, + 'matrix-dimension': { + 'extras': True, + }, 'sophies-kitchen.eu': { 'webroot': '/var/www/sophies-kitchen.eu/_site/', 'extras': True, diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index cae81bf..fa4c436 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -2,15 +2,11 @@ nodes['htz.ex42-1048908'] = { 'bundles': { 'check-mail-received', 'dovecot', - 'element-web', -# 'gitea', -# 'jenkins-ci', 'lm-sensors', 'matrix-media-repo', 'matrix-synapse', 'mautrix-telegram', 'mautrix-whatsapp', -# 'miniflux', 'mx-puppet-discord', 'nodejs', 'oidentd', @@ -22,7 +18,6 @@ nodes['htz.ex42-1048908'] = { 'radicale', 'unbound', 'smartd', -# 'travelynx', 'vmhost', }, 'groups': { @@ -46,9 +41,6 @@ nodes['htz.ex42-1048908'] = { # TODO 'php-imagick': {}, - # Jenkins build dependencies - 'rustc': {}, - # No need to create a bundle just to install packages, # configs will be managed by users nevertheless. 'mosh': {}, @@ -94,51 +86,6 @@ nodes['htz.ex42-1048908'] = { 'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'), }, }, - 'element-web': { - 'url': 'chat.franzi.business', - 'version': 'v1.7.30', - 'config': { - 'default_server_config': { - 'm.homeserver': { - 'base_url': 'https://matrix.franzi.business', - 'server_name': 'franzi.business', - }, - }, - 'brand': 'franzi.business', - 'showLabsSettings': True, - 'integrations_ui_url': 'https://dimension.franzi.business/riot', - 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', - 'integrations_widgets_urls': { - 'https://dimension.franzi.business/widgets' - }, - 'default_theme': 'dark', - 'defaultCountryCode': 'DE', - 'jitsi': { - 'preferredDomain': 'meet.ffmuc.net', - }, - }, - }, -# 'gitea': { -# 'version': '1.14.3', -# 'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2', -# 'domain': 'git.kunsmann.eu', -# 'email_domain_blocklist': { -# 'gmail.com', -# 'yahoo.com', -# 'aol.com', -# 'comcast.net', -# 'verizon.net', -# 'hotmail.com', -# 'cox.net', -# 'msn.com', -# }, -# 'enable_git_hooks': True, -# 'install_ssh_key': True, -# 'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='), -# 'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'), -# 'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'), -# 'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='), -# }, 'icinga_options': { 'pretty_name': 'kunsmann.eu', }, @@ -222,9 +169,6 @@ nodes['htz.ex42-1048908'] = { "'@kunsi:franzi.business'": 100, }, }, -# 'miniflux': { -# 'domain': 'rss.kunsmann.eu', -# }, 'mx-puppet-discord': { 'homeserver': { 'domain': 'franzi.business', @@ -300,37 +244,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'franzi.business': { -# 'webroot': '/var/www/franzi.business/_site/', -# 'locations': { -# '/.well-known/matrix/client': { -# 'return': json_dumps({ -# 'm.homeserver': { -# 'base_url': 'https://matrix.franzi.business', -# }, -# 'm.identity_server': { -# 'base_url': 'https://matrix.org', -# }, -# 'im.vector.riot.jitsi': { -# 'preferredDomain': 'meet.ffmuc.net', -# }, -# }, sort_keys=True), -# 'additional_config': { -# 'default_type application/json', -# 'add_header Access-Control-Allow-Origin *', -# }, -# }, -# '/.well-known/matrix/server': { -# 'return': json_dumps({ -# 'm.server': 'matrix.franzi.business:443', -# }, sort_keys=True), -# 'additional_config': { -# 'default_type application/json', -# 'add_header Access-Control-Allow-Origin *', -# }, -# }, -# }, -# }, 'git.kunsmann.eu': { 'locations': { '/': { @@ -338,15 +251,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'jenkins.kunsmann.eu': { -# 'locations': { -# '/': { -# 'target': 'http://localhost:22010/', -# }, -# }, -# 'website_check_path': '/login', -# 'website_check_string': 'Welcome to Jenkins', -# }, 'kunbox.net': {}, 'kunsmann.eu': { 'locations': { @@ -435,22 +339,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'travelynx.franzi.business': { -# 'locations': { -# '/': { -# 'target': 'http://127.0.0.1:22020', -# }, -# }, -# 'extras': True, -# }, -# 'unicornsden': { -# 'domain': 'unicornsden.franzi.business', -# 'webroot_config': { -# 'owner': 'kunsi', -# 'group': 'kunsi', -# 'mode': '0755', -# }, -# }, 'vliedel.random.franzi.business': { 'webroot_config': { 'mode': '0775', @@ -558,10 +446,6 @@ nodes['htz.ex42-1048908'] = { 'maxuse': '2G', }, }, -# 'travelynx': { -# 'version': '1.20.1', -# 'mail_from': 'travelynx@franzi.business', -# }, 'users': { 'kunsi': { 'groups': [ diff --git a/nodes/rx300.py b/nodes/rx300.py index d66a7b0..d418315 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -8,10 +8,12 @@ nodes['rx300'] = { 'hostname': '31.47.232.106', 'bundles': { 'check-mail-received', + 'element-web', 'gitea', 'jenkins-ci', 'lm-sensors', 'miniflux', + 'nodejs', 'php', 'postgresql', 'smartd', @@ -63,6 +65,30 @@ nodes['rx300'] = { 'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'), }, }, + 'element-web': { + 'url': 'chat.franzi.business', + 'version': 'v1.7.32', + 'config': { + 'default_server_config': { + 'm.homeserver': { + 'base_url': 'https://matrix.franzi.business', + 'server_name': 'franzi.business', + }, + }, + 'brand': 'franzi.business', + 'showLabsSettings': True, + 'integrations_ui_url': 'https://dimension.franzi.business/riot', + 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', + 'integrations_widgets_urls': { + 'https://dimension.franzi.business/widgets' + }, + 'default_theme': 'dark', + 'defaultCountryCode': 'DE', + 'jitsi': { + 'preferredDomain': 'meet.ffmuc.net', + }, + }, + }, 'gitea': { 'version': '1.14.4', 'sha256': 'e1ce2fadcf6561cb2543b44b9f1382d6ce4be29ed8edd6d9d7080a218aa114b0', @@ -95,6 +121,7 @@ nodes['rx300'] = { }, 'nginx': { 'vhosts': { + 'element-web': {'ssl': '_.franzi.business'}, 'gitea': {'ssl': '_.franzi.business'}, 'miniflux': {'ssl': '_.franzi.business'}, 'franzi.business': { @@ -206,7 +233,7 @@ nodes['rx300'] = { }, }, 'travelynx': { - 'version': '1.20.2', + 'version': '1.20.3', 'mail_from': 'travelynx@franzi.business', }, 'users': {