From 3c2f245b710e228b0be8963657e04bac9a098b4b Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sun, 11 Jul 2021 16:38:59 +0200 Subject: [PATCH 01/24] bundles/mx-puppet-discord: remove "Discord" in room name for now --- bundles/mx-puppet-discord/files/config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundles/mx-puppet-discord/files/config.yaml b/bundles/mx-puppet-discord/files/config.yaml index 6be98d2..6f3f160 100644 --- a/bundles/mx-puppet-discord/files/config.yaml +++ b/bundles/mx-puppet-discord/files/config.yaml @@ -19,7 +19,7 @@ provisioning: namePatterns: user: ":name (Discord)" userOverride: ":displayname (Discord)" - room: "#:name (Discord - :guild)" + room: "#:name (:guild)" group: ":name" database: From 133627ace22905af50846fae49fe7c728eeed92e Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Tue, 13 Jul 2021 20:51:58 +0200 Subject: [PATCH 02/24] bundles/unbound: prefer ipv4 if using pppoe --- bundles/unbound/files/unbound.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/bundles/unbound/files/unbound.conf b/bundles/unbound/files/unbound.conf index 31188c9..d3269dc 100644 --- a/bundles/unbound/files/unbound.conf +++ b/bundles/unbound/files/unbound.conf @@ -23,6 +23,10 @@ server: access-control: ::1 allow % endif +% if node.has_bundle('pppd'): + prefer-ip4: yes +% endif + msg-cache-size: ${cache_size} msg-cache-slabs: ${cache_slabs} rrset-cache-size: ${cache_size} From 1d2ff1744f5813e4b5aab4a1b2110057521c7afb Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Tue, 13 Jul 2021 21:12:40 +0200 Subject: [PATCH 03/24] nodes/rx300: update travelynx to 1.20.3 --- nodes/rx300.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nodes/rx300.py b/nodes/rx300.py index d66a7b0..dc5b7aa 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -206,7 +206,7 @@ nodes['rx300'] = { }, }, 'travelynx': { - 'version': '1.20.2', + 'version': '1.20.3', 'mail_from': 'travelynx@franzi.business', }, 'users': { From afdfc0f8f26afa723256f423a8b98a5eeca8eac5 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 15 Jul 2021 18:23:45 +0200 Subject: [PATCH 04/24] data/ssl: bump _.home.kunbox.net --- data/ssl/_.home.kunbox.net.crt.pem | 36 ++++---- .../_.home.kunbox.net.crt_intermediate.pem | 84 +++++++++++++------ data/ssl/_.home.kunbox.net.key.pem.vault | 2 +- 3 files changed, 79 insertions(+), 43 deletions(-) diff --git a/data/ssl/_.home.kunbox.net.crt.pem b/data/ssl/_.home.kunbox.net.crt.pem index 7fd031e..5dcc429 100644 --- a/data/ssl/_.home.kunbox.net.crt.pem +++ b/data/ssl/_.home.kunbox.net.crt.pem @@ -1,27 +1,27 @@ -----BEGIN CERTIFICATE----- -MIIEiDCCA3CgAwIBAgISBBs1tXfwOmn7KkgoBobxBZB5MA0GCSqGSIb3DQEBCwUA +MIIEiTCCA3GgAwIBAgISBK7LyZgSsIGYVyvtZegOm/EYMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD -EwJSMzAeFw0yMTA0MjUwNTM4MzVaFw0yMTA3MjQwNTM4MzVaMBoxGDAWBgNVBAMT -D2hvbWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABK1au63mFbRf -yIdtADRlTonFn78I9BO7dbcCroupIGSVAHrcK4TeSvwdEzfRgFurGKBwuG/q69aM -zmGNlZT7V7XriV9ugYugiryG5BXU65WVMktdIsor3zdb52MRtBkIeKOCAlwwggJY +EwJSMzAeFw0yMTA3MTUxNTIzMzFaFw0yMTEwMTMxNTIzMzBaMBoxGDAWBgNVBAMT +D2hvbWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABLNBvsnDsPhe ++NADf9B8VSCCqTb4Qno914E480Of42j85E3YK+iFN6qJhn5SWwhejnyucqpa/UhH ++PI5GQnbIsk+P8OwexFyHKJiph7WXS1icf0Tdxk/Aeudcp5gNkDWkaOCAl0wggJZ MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw -DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULT1Xhf+4vDvCaX+c3TTnZo3ew9gwHwYD +DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUzCC4AfStIjmj9DiVKTMHSBS6uX8wHwYD VR0jBBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEG CCsGAQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0 dHA6Ly9yMy5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5u ZXSCD2hvbWUua3VuYm94Lm5ldDBMBgNVHSAERTBDMAgGBmeBDAECATA3BgsrBgEE AYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9y -ZzCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB2AJQgvB6O1Y1siHMfgosiLA3R2k1e -bE+UPWHbTi9YTaLCAAABeQfAUowAAAQDAEcwRQIgBB+xeDqOU8y7t2WY+BdG13T/ -SI0MH66aZ/9NLeVJIM8CIQCrR6cT8lsYXHYGJ4QthxfaDuS4e/aNq0TW6z84WQod -YAB1AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDXAAABeQfAUyMAAAQD -AEYwRAIgBWcJFwzDbdRTC0NUMCyU7kUd9zr3Dlja1Olkyu3cZN0CIBxvYC1I5tuz -iBlnrFYxeDC8muxbJcffqGfNlR8regRsMA0GCSqGSIb3DQEBCwUAA4IBAQBqJGqV -RRjcmWj9wbgb6ysn3arUR4bYnRanid5sKTLpoUgeBNHViyrsKhWmAFk93PBfgYxq -rLcCAOCIeFl1DPvtYYBCu2H3szeHgjf7yq85pZFFTl9iwPNJ3QIJv1XNNSi0lR31 -67kZPqrwXjYUAqT94dNsDbvw5IobhFXvTzWzi1iY8rB19GIXeAZdxmfRHj4sYDDO -mWDGU1lsXvKNzFqff99O0UtbFVJAtfDcX3KHZK0Lw9MfyOg8MBO73gLLD0sGRow5 -jsi7Dcg0MUig0N1gQ20QoH5pU/blpFS9mTtbn3aF1XSa7+wi9sUpT7D5zGbWGUcD -/vzvyvzSD4THVy/T +ZzCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AJQgvB6O1Y1siHMfgosiLA3R2k1e +bE+UPWHbTi9YTaLCAAABeqr69dMAAAQDAEYwRAIgZlJNlWSNhIwF4rMYWoZz2ipv +r/KERY361jwWbrXkYi8CIB7wDYerS3Gp7uojHSfZ6LCQjm/TrQpWPxGa2rDEEr6L +AHcA9lyUL9F3MCIUVBgIMJRWjuNNExkzv98MLyALzE7xZOMAAAF6qvr1xAAABAMA +SDBGAiEAj0dvzU4wFLbcyuvtodJk0DJU9tLyd0zsnpb4DyZrObUCIQC7nRaJ4Jpj +mnXrNNRdyG16j3Y9snEfP0WNG8W8U7TjgDANBgkqhkiG9w0BAQsFAAOCAQEAY7Wa +Jj/agc7bLBjr6cRugq/7l/MeYwIZ7ubHsyDlh7kSb6dlBxDFjepRrz88cBGdmEfn +kA0Cqcgdbafl+/EcQuXsVF9/G/1UdxP1QTEpWbii9Xf6bcJvzFZ1wAHkavlBRbHI +V0UgRpaE6G3i66AKQGp3jKdrpV7VKKcF3o7gD7tXC2eM6+TJKoaqCmTdrO7Qd2f9 +eZ0mqgChhwRn4hOXJX3Wu60UgmIkvAujKEItXEpDWleqC+tZCf82p9aEA4B6P/1L +ZHWXHomhgJ9kkYSAmucDUvD8Bq7od7rlwms9vYv8q5RQYZ26O45FTtZXZ8/Pb9W8 +JjFyznrcZSyIR+McNA== -----END CERTIFICATE----- diff --git a/data/ssl/_.home.kunbox.net.crt_intermediate.pem b/data/ssl/_.home.kunbox.net.crt_intermediate.pem index c47729f..efd07a1 100644 --- a/data/ssl/_.home.kunbox.net.crt_intermediate.pem +++ b/data/ssl/_.home.kunbox.net.crt_intermediate.pem @@ -1,27 +1,63 @@ -----BEGIN CERTIFICATE----- -MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/ -MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT -DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow -MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT -AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs -jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp -Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB -U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7 -gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel -/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R -oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E -BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p -ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE -p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE -AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu -Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0 -LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf -r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B -AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH -ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8 -S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL -qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p -O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw -UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg== +MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw +WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg +RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP +R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx +sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm +NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg +Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG +/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB +Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA +FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw +AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw +Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB +gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W +PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl +ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz +CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm +lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 +avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 +yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O +yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids +hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ +HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv +MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX +nLRbwHOoq7hHwg== +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC +ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL +wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D +LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK +4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 +bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y +sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ +Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 +FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc +SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql +PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND +TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw +SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 +c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx ++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB +ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu +b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E +U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu +MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC +5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW +9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG +WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O +he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC +Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 -----END CERTIFICATE----- diff --git a/data/ssl/_.home.kunbox.net.key.pem.vault b/data/ssl/_.home.kunbox.net.key.pem.vault index 74524d8..02a8abf 100644 --- a/data/ssl/_.home.kunbox.net.key.pem.vault +++ b/data/ssl/_.home.kunbox.net.key.pem.vault @@ -1 +1 @@ -encrypt$gAAAAABghQ5uRvwa78y-BVzSKONUlH2ATUDOR6kQzM46pCLqld3o48H2HCW13q8IIFTUIHWHCICW6O9_Gw6B_j2sqZwnZlGFqsyQTUl6nSLcR5oJky6pMRpQat3fEUxrJqDL-6d5KyitC7UWgiAkjaZbbpVshy7RIztS9ocXVrGcqNNM4u_-F7dKTo1ZMnhx5FuUZBrybNMX_sF7gHJxhVbJzpk-JKLgzWH9AchR3BJ4tPb03JANForaIsa219UjWtxtGCeiKLZoLQ-1LtJkWKKAEG_BjG_8JIQGiC6_x7jiI-h5HHPoahVXnkMP3J46CWCxt0gUYnX05iNrgI-UxoOWyDMqGDTXA5cyblfsG-LqJvo0Cjvr2V0wl0cxObaP5P9JFDUiIiH-VgI2g3esLRFFMw_Qm0fvlb9C8n8LA3mQxljVU3bdlWv1MNAAwgzBJrSTWPqnBb4F49JwQSM70VgFD5ukF42oYdMxSZkKR4zlgJ8q9pMD7R0mWrq4A6ZE4fQ4s9rPSwMXmPGzcu1KWCrU9FsL0e86UK0YfKXv85i5qdhqh1FXOAA= \ No newline at end of file +encrypt$gAAAAABg8GEGSkxHqfC9tZmqfKE0f0pNZYXedHKriXaGeo2DJwoUArTI3j6rY5l5jX01KP9mpslYPLewjmlUtExYDqzVg1yJ21oiJciri8mFoYqJe4uWgkpwVC-M8O9AJCklSi2Iq1JPztz4x5H0m9hKUjJ_hrZzOtu1bMtX8A_vqGCElcVUJGVtrkEkBqvditwi7uQ__WKTEOfzVhOALcYyc4elyQvxrEUHlyLI9_8ws8iYEKUTzSfcf63AgZ9nmK1VK0miwk1zguIIJ73LnDiF3wVCvre_6nzgadD_mS07bheqUvdeTbwVgiwHsVczxn9H8q8BBx8GXBOHJEwU_S6rfroqZftWyARPlU1uEa1WxpSOwdi0C_ntLA3nQn52ipBhrgdzdA_4TrlLMr1seUPo3Slt2i4YbuCl3x1tSJRY19uwIpr9pDxUKNKg4nuCcHt5ttj-C6D1QcjRRvXRETbKhw45-7zF97UPa7-b_NVB9NdGBJ7Xv4aD2p7ILfPnM0Zt5eL-gN3j7WKWq1YSdDzuDDc4SLhy63t4gkq0N0YgaPBp1i06VQs= \ No newline at end of file From f7098b0d35e7f7de320eda39d085580f879709c4 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 15 Jul 2021 18:40:48 +0200 Subject: [PATCH 05/24] bundles/element-web: move to /opt (and zfs, if we have that) --- bundles/element-web/items.py | 10 ++++------ bundles/element-web/metadata.py | 18 ++++++++++++++++-- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/bundles/element-web/items.py b/bundles/element-web/items.py index 42247dd..190bf3e 100644 --- a/bundles/element-web/items.py +++ b/bundles/element-web/items.py @@ -2,14 +2,12 @@ from bundlewrap.metadata import metadata_to_json repo.libs.tools.require_bundle(node, 'nodejs') -element_web_root = '/var/www/{}'.format(node.metadata['element-web']['url']) - directories = { - element_web_root: {} + '/opt/element-web': {} } git_deploy = { - element_web_root: { + '/opt/element-web': { 'rev': node.metadata['element-web']['version'], 'repo': 'https://github.com/vector-im/element-web.git', 'triggers': { @@ -19,7 +17,7 @@ git_deploy = { } files = { - element_web_root + '/webapp/config.json': { + '/opt/element-web/webapp/config.json': { 'content': metadata_to_json(node.metadata['element-web']['config']), 'needs': { 'action:element-web_yarn', @@ -29,7 +27,7 @@ files = { actions = { 'element-web_yarn': { - 'command': 'cd ' + element_web_root + ' && npm install yarn && node_modules/yarn/bin/yarn install && node_modules/yarn/bin/yarn build', + 'command': 'cd /opt/element-web && npm install yarn && node_modules/yarn/bin/yarn install && node_modules/yarn/bin/yarn build', 'needs': { 'pkg_apt:nodejs', }, diff --git a/bundles/element-web/metadata.py b/bundles/element-web/metadata.py index 6b3caf4..c8fb99c 100644 --- a/bundles/element-web/metadata.py +++ b/bundles/element-web/metadata.py @@ -1,3 +1,16 @@ +defaults = { + 'zfs': { + 'datasets': { + 'tank/element-web': { + 'mountpoint': '/opt/element-web', + 'needed_by': { + 'directory:/opt/element-web', + }, + }, + }, + }, +} + @metadata_reactor.provides( 'nginx/vhosts', ) @@ -5,8 +18,9 @@ def nginx_config(metadata): return { 'nginx': { 'vhosts': { - metadata.get('element-web/url'): { - 'webroot': '/var/www/{}/webapp/'.format(metadata.get('element-web/url')), + 'element-web': { + 'domain': metadata.get('element-web/url'), + 'webroot': '/opt/element-web', }, }, }, From 7d73c29ccd3747ce552872167d0a68aceb5b2b39 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 15 Jul 2021 18:41:27 +0200 Subject: [PATCH 06/24] move element-web to rx300 --- .../powerdns/files/bind-zones/franzi.business | 3 +-- nodes/rx300.py | 27 +++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/data/powerdns/files/bind-zones/franzi.business b/data/powerdns/files/bind-zones/franzi.business index b811603..3f51f55 100644 --- a/data/powerdns/files/bind-zones/franzi.business +++ b/data/powerdns/files/bind-zones/franzi.business @@ -8,8 +8,7 @@ $ORIGIN franzi.business. IN MX 10 mx0.kunbox.net. IN TXT "v=spf1 mx ~all" -chat IN A 94.130.52.224 -chat IN AAAA 2a01:4f8:10b:2a5f::2 +chat IN CNAME rx300.kunbox.net. dimension IN A 94.130.52.224 dimension IN AAAA 2a01:4f8:10b:2a5f::2 diff --git a/nodes/rx300.py b/nodes/rx300.py index dc5b7aa..d418315 100644 --- a/nodes/rx300.py +++ b/nodes/rx300.py @@ -8,10 +8,12 @@ nodes['rx300'] = { 'hostname': '31.47.232.106', 'bundles': { 'check-mail-received', + 'element-web', 'gitea', 'jenkins-ci', 'lm-sensors', 'miniflux', + 'nodejs', 'php', 'postgresql', 'smartd', @@ -63,6 +65,30 @@ nodes['rx300'] = { 'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'), }, }, + 'element-web': { + 'url': 'chat.franzi.business', + 'version': 'v1.7.32', + 'config': { + 'default_server_config': { + 'm.homeserver': { + 'base_url': 'https://matrix.franzi.business', + 'server_name': 'franzi.business', + }, + }, + 'brand': 'franzi.business', + 'showLabsSettings': True, + 'integrations_ui_url': 'https://dimension.franzi.business/riot', + 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', + 'integrations_widgets_urls': { + 'https://dimension.franzi.business/widgets' + }, + 'default_theme': 'dark', + 'defaultCountryCode': 'DE', + 'jitsi': { + 'preferredDomain': 'meet.ffmuc.net', + }, + }, + }, 'gitea': { 'version': '1.14.4', 'sha256': 'e1ce2fadcf6561cb2543b44b9f1382d6ce4be29ed8edd6d9d7080a218aa114b0', @@ -95,6 +121,7 @@ nodes['rx300'] = { }, 'nginx': { 'vhosts': { + 'element-web': {'ssl': '_.franzi.business'}, 'gitea': {'ssl': '_.franzi.business'}, 'miniflux': {'ssl': '_.franzi.business'}, 'franzi.business': { From 8aac46206a93f62affbd4f8b022171a294d0eb2c Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 15 Jul 2021 18:41:43 +0200 Subject: [PATCH 07/24] remove obsolete metadata from htz.ex42-1048908 --- nodes/htz/ex42-1048908.py | 116 -------------------------------------- 1 file changed, 116 deletions(-) diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index cae81bf..fa4c436 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -2,15 +2,11 @@ nodes['htz.ex42-1048908'] = { 'bundles': { 'check-mail-received', 'dovecot', - 'element-web', -# 'gitea', -# 'jenkins-ci', 'lm-sensors', 'matrix-media-repo', 'matrix-synapse', 'mautrix-telegram', 'mautrix-whatsapp', -# 'miniflux', 'mx-puppet-discord', 'nodejs', 'oidentd', @@ -22,7 +18,6 @@ nodes['htz.ex42-1048908'] = { 'radicale', 'unbound', 'smartd', -# 'travelynx', 'vmhost', }, 'groups': { @@ -46,9 +41,6 @@ nodes['htz.ex42-1048908'] = { # TODO 'php-imagick': {}, - # Jenkins build dependencies - 'rustc': {}, - # No need to create a bundle just to install packages, # configs will be managed by users nevertheless. 'mosh': {}, @@ -94,51 +86,6 @@ nodes['htz.ex42-1048908'] = { 'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'), }, }, - 'element-web': { - 'url': 'chat.franzi.business', - 'version': 'v1.7.30', - 'config': { - 'default_server_config': { - 'm.homeserver': { - 'base_url': 'https://matrix.franzi.business', - 'server_name': 'franzi.business', - }, - }, - 'brand': 'franzi.business', - 'showLabsSettings': True, - 'integrations_ui_url': 'https://dimension.franzi.business/riot', - 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', - 'integrations_widgets_urls': { - 'https://dimension.franzi.business/widgets' - }, - 'default_theme': 'dark', - 'defaultCountryCode': 'DE', - 'jitsi': { - 'preferredDomain': 'meet.ffmuc.net', - }, - }, - }, -# 'gitea': { -# 'version': '1.14.3', -# 'sha256': '50c25c094ae109f49e276cd00ddc48a0a240b7670e487ae1286cc116d4cdbcf2', -# 'domain': 'git.kunsmann.eu', -# 'email_domain_blocklist': { -# 'gmail.com', -# 'yahoo.com', -# 'aol.com', -# 'comcast.net', -# 'verizon.net', -# 'hotmail.com', -# 'cox.net', -# 'msn.com', -# }, -# 'enable_git_hooks': True, -# 'install_ssh_key': True, -# 'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='), -# 'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'), -# 'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'), -# 'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='), -# }, 'icinga_options': { 'pretty_name': 'kunsmann.eu', }, @@ -222,9 +169,6 @@ nodes['htz.ex42-1048908'] = { "'@kunsi:franzi.business'": 100, }, }, -# 'miniflux': { -# 'domain': 'rss.kunsmann.eu', -# }, 'mx-puppet-discord': { 'homeserver': { 'domain': 'franzi.business', @@ -300,37 +244,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'franzi.business': { -# 'webroot': '/var/www/franzi.business/_site/', -# 'locations': { -# '/.well-known/matrix/client': { -# 'return': json_dumps({ -# 'm.homeserver': { -# 'base_url': 'https://matrix.franzi.business', -# }, -# 'm.identity_server': { -# 'base_url': 'https://matrix.org', -# }, -# 'im.vector.riot.jitsi': { -# 'preferredDomain': 'meet.ffmuc.net', -# }, -# }, sort_keys=True), -# 'additional_config': { -# 'default_type application/json', -# 'add_header Access-Control-Allow-Origin *', -# }, -# }, -# '/.well-known/matrix/server': { -# 'return': json_dumps({ -# 'm.server': 'matrix.franzi.business:443', -# }, sort_keys=True), -# 'additional_config': { -# 'default_type application/json', -# 'add_header Access-Control-Allow-Origin *', -# }, -# }, -# }, -# }, 'git.kunsmann.eu': { 'locations': { '/': { @@ -338,15 +251,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'jenkins.kunsmann.eu': { -# 'locations': { -# '/': { -# 'target': 'http://localhost:22010/', -# }, -# }, -# 'website_check_path': '/login', -# 'website_check_string': 'Welcome to Jenkins', -# }, 'kunbox.net': {}, 'kunsmann.eu': { 'locations': { @@ -435,22 +339,6 @@ nodes['htz.ex42-1048908'] = { }, }, }, -# 'travelynx.franzi.business': { -# 'locations': { -# '/': { -# 'target': 'http://127.0.0.1:22020', -# }, -# }, -# 'extras': True, -# }, -# 'unicornsden': { -# 'domain': 'unicornsden.franzi.business', -# 'webroot_config': { -# 'owner': 'kunsi', -# 'group': 'kunsi', -# 'mode': '0755', -# }, -# }, 'vliedel.random.franzi.business': { 'webroot_config': { 'mode': '0775', @@ -558,10 +446,6 @@ nodes['htz.ex42-1048908'] = { 'maxuse': '2G', }, }, -# 'travelynx': { -# 'version': '1.20.1', -# 'mail_from': 'travelynx@franzi.business', -# }, 'users': { 'kunsi': { 'groups': [ From 9e305fc8540bf4ede154cf46d9bcc3462427e564 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Thu, 15 Jul 2021 18:44:02 +0200 Subject: [PATCH 08/24] bundles/element-web: fix nginx webroot path --- bundles/element-web/metadata.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundles/element-web/metadata.py b/bundles/element-web/metadata.py index c8fb99c..04fefb1 100644 --- a/bundles/element-web/metadata.py +++ b/bundles/element-web/metadata.py @@ -20,7 +20,7 @@ def nginx_config(metadata): 'vhosts': { 'element-web': { 'domain': metadata.get('element-web/url'), - 'webroot': '/opt/element-web', + 'webroot': '/opt/element-web/webapp/', }, }, }, From c52482e98b8858a9ecdcf7c30d2cedb66d2e637b Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 16:36:43 +0200 Subject: [PATCH 09/24] bw/bundle matrix-dimension add first draft --- .../files/matrix-dimension.service | 14 +++ .../matrix-dimension/files/production.yaml | 98 +++++++++++++++++++ bundles/matrix-dimension/items.py | 68 +++++++++++++ bundles/matrix-dimension/metadata.py | 75 ++++++++++++++ .../dimension.sophies-kitchen.eu | 13 ++- nodes/htz-cloud/miniserver.py | 35 ++++--- 6 files changed, 288 insertions(+), 15 deletions(-) create mode 100644 bundles/matrix-dimension/files/matrix-dimension.service create mode 100644 bundles/matrix-dimension/files/production.yaml create mode 100644 bundles/matrix-dimension/items.py create mode 100644 bundles/matrix-dimension/metadata.py diff --git a/bundles/matrix-dimension/files/matrix-dimension.service b/bundles/matrix-dimension/files/matrix-dimension.service new file mode 100644 index 0000000..1b9333f --- /dev/null +++ b/bundles/matrix-dimension/files/matrix-dimension.service @@ -0,0 +1,14 @@ +[Unit] +Description=Matrix Dimension +After=network.target + +[Service] +User=matrix-support +Group=matrix-support +Environment="NODE_ENV=production" +ExecStart=/usr/bin/node /opt/matrix/matrix-dimension/build/app/index.js +WorkingDirectory=${config['install_dir']} +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml new file mode 100644 index 0000000..bb67228 --- /dev/null +++ b/bundles/matrix-dimension/files/production.yaml @@ -0,0 +1,98 @@ +# The web settings for the service (API and UI). +# It is best to have this run on localhost and use a reverse proxy to access Dimension. +web: + port: 8184 + address: '127.0.0.1' + +# Homeserver configuration +homeserver: + # The domain name of the homeserver. This is used in many places, such as with go-neb + # setups, to identify the homeserver. + name: "${config['homserver']['name']}" + + # The URL that Dimension, go-neb, and other services provisioned by Dimension should + # use to access the homeserver with. + clientServerUrl: "${config['homserver']['clientServeUrl']}" + + # The URL that Dimension should use when trying to communicate with federated APIs on + # the homeserver. If not supplied or left empty Dimension will try to resolve the address + # through the normal federation process. + #federationUrl: "https://t2bot.io:8448" + + # The URL that Dimension will redirect media requests to for downloading media such as + # stickers. If not supplied or left empty Dimension will use the clientServerUrl. + #mediaUrl: "https://t2bot.io" + + # The access token Dimension should use for miscellaneous access to the homeserver, and + # for tracking custom sticker pack updates. This should be a user configured on the homeserver + # and be dedicated to Dimension (create a user named "dimension" on your homeserver). For + # information on how to acquire an access token, visit https://t2bot.io/docs/access_tokens + accessToken: "${config['homserver']['accessToken']}" + +# These users can modify the integrations this Dimension supports. +# To access the admin interface, open Dimension in Riot and click the settings icon. +admins: +% for i in config['admins']: + - "${i}" +% endfor +# IPs and CIDR ranges listed here will be blocked from being widgets. +# Note: Widgets may still be embedded with restricted content, although not through Dimension directly. +widgetBlacklist: + - 10.0.0.0/8 + - 172.16.0.0/12 + - 192.168.0.0/16 + - 127.0.0.0/8 + +database: + # Where the database for Dimension is + uri: "postgres://${node.metadata['matrix-dimension']['database']['user']}:${node.metadata['matrix-dimension']['database']['password']}@${node.metadata['matrix-dimension']['database'].get('host', 'localhost')}/${node.metadata['matrix-dimension']['database']['database']}" + + # Where to store misc information for the utility bot account. + botData: "${config['data_dir']}/dimension.bot.json" + +# Display settings that apply to self-hosted go-neb instances +goneb: + # The avatars to set for each bot. Usually these don't need to be changed, however if your homeserver + # is not able to reach t2bot.io then you should specify your own here. To not use an avatar for a bot, + # make the bot's avatar an empty string. + avatars: + giphy: "mxc://t2bot.io/c5eaab3ef0133c1a61d3c849026deb27" + imgur: "mxc://t2bot.io/6749eaf2b302bb2188ae931b2eeb1513" + github: "mxc://t2bot.io/905b64b3cd8e2347f91a60c5eb0832e1" + wikipedia: "mxc://t2bot.io/7edfb54e9ad9e13fec0df22636feedf1" + travisci: "mxc://t2bot.io/7f4703126906fab8bb27df34a17707a8" + rss: "mxc://t2bot.io/aace4fcbd045f30afc1b4e5f0928f2f3" + google: "mxc://t2bot.io/636ad10742b66c4729bf89881a505142" + guggy: "mxc://t2bot.io/e7ef0ed0ba651aaf907655704f9a7526" + echo: "mxc://t2bot.io/3407ff2db96b4e954fcbf2c6c0415a13" + circleci: "mxc://t2bot.io/cf7d875845a82a6b21f5f66de78f6bee" + jira: "mxc://t2bot.io/f4a38ebcc4280ba5b950163ca3e7c329" + +# Settings for interacting with Telegram. Currently only applies for importing +# sticker packs from Telegram. +telegram: + # Talk to @BotFather on Telegram to get a token + botToken: "${config['telegram']['botToken']}" + +# Custom sticker pack options. +# Largely based on https://github.com/turt2live/matrix-sticker-manager +stickers: + # Whether or not to allow people to add custom sticker packs + enabled: true + + # The sticker manager bot to promote + stickerBot: "@stickers:t2bot.io" + + # The sticker manager URL to promote + managerUrl: "https://stickers.t2bot.io" + + +# Settings for controlling how logging works +logging: + file: "${config['data_dir']}/logs/dimension.log" + console: true + consoleLevel: info + fileLevel: verbose + rotate: + size: 52428800 # bytes, default is 50mb + count: 5 diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py new file mode 100644 index 0000000..68375ea --- /dev/null +++ b/bundles/matrix-dimension/items.py @@ -0,0 +1,68 @@ +repo.libs.tools.require_bundle(node, 'nodejs') + + +directories = { + node.metadata['matrix-dimension']['install_dir']: {}, + node.metadata['matrix-dimension']['data_dir']: {}, +} + +git_deploy = { + node.metadata['matrix-dimension']['install_dir']: { + 'rev': node.metadata.get('matrix-dimension', {}).get('version', 'master'), # doesn't have releases yet + 'repo': 'https://github.com/turt2live/matrix-dimension.git', + 'triggers': { + 'action:matrix_dimension_build', + }, + 'needs': { + 'directory:{}'.format(node.metadata['matrix-dimension']['install_dir']), + 'directory:{}'.format(node.metadata['matrix-dimension']['data_dir']), + }, + }, +} + +files = { + '{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']): { + 'content_type': 'mako', + 'context': { + 'config': node.metadata.get('matrix-dimension', {}), + }, + 'needs': { + 'action:element-web_yarn', + 'directory:{}'.format(node.metadata['matrix-dimension']['install_dir']), + }, + }, + '/etc/systemd/system/matrix-dimension.service': { + 'content_type': 'mako', + 'context': { + 'config': node.metadata.get('matrix-dimension', {}), + }, + 'triggers': { + 'action:systemd-reload', + 'svc_systemd:matrix-dimension:restart', + }, + }, +} + +actions = { + 'matrix_dimenson_build': { + 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && npm install && npm run build', + 'needs': { + 'pkg_apt:nodejs', + }, + 'triggered': True, + 'triggers': { + 'svc_systemd:matrix-dimension:restart', + }, + }, +} + +svc_systemd = { + 'matrix-dimension': { + 'needs': { + 'action:matrix-dimension_build', + 'file:{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']), + 'postgres_db:matrix-dimension', + 'postgres_role:matrix-dimension', + }, + }, +} diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py new file mode 100644 index 0000000..6db7c86 --- /dev/null +++ b/bundles/matrix-dimension/metadata.py @@ -0,0 +1,75 @@ +defaults = { + 'matrix-dimension': { + 'install_dir': '/opt/matrix-dimension', + 'data_dir': '/var/opt/dimension', + 'database': { + 'user': 'matrix-dimension', + 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), + 'database': 'matrix-dimension', + }, + }, + 'postgresql': { + 'roles': { + 'matrix-dimension': { + 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), + }, + }, + 'databases': { + 'matrix-dimension': { + 'owner': 'matrix-dimension', + }, + }, + }, + 'icinga2_api': { + 'mautrix-telegram': { + 'services': { + 'MAUTRIX-TELEGRAM PROCESS': { + 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a mautrix-telegram -c 1:', + }, + }, + }, + }, +} + +@metadata_reactor.provides( + 'nginx/vhosts', +) +def nginx_config(metadata): + return { + 'nginx': { + 'vhosts': { + metadata.get('matrix-dimension/url'): { + 'webroot': '/var/www/{}/webapp/'.format(metadata.get('element-web/url')), + 'do_not_set_content_security_headers': True, + 'max_body_size': '50M', + 'proxy': { + '/': { + 'target': 'http://127.0.0.1:8184', + }, + }, + }, + }, + }, + } + + +@metadata_reactor.provides( + 'icinga2_api/matrix-dimension/services', +) +def icinga_check_for_new_release(metadata): + return { + 'icinga2_api': { + 'matrix-dimension': { + 'services': { + 'MATRIX-DIMENSION UPDATE': { + 'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release turt2live/matrix-dimension {}'.format(metadata.get('matrix-dimension/version')), + 'vars.notification.mail': True, + 'check_interval': '60m', + }, + #'MATRIX-DIMENSION PROCESS': { + # 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a mautrix-telegram -c 1:', + #}, + }, + }, + }, + } diff --git a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu b/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu index aa5cff2..b20254d 100644 --- a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu +++ b/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu @@ -1,6 +1,15 @@ + add_header Content-Security-Policy "frame-ancestors 'self' chat.sophies-kitchen.eu"; - location /.well-known/matrix/ { - alias /etc/matrix-synapse/wellknown/; + location /.well-known/matrix/client { + return 200 '{"m.homeserver": {"base_url": "https://matrix.sophies-kitchen.eu"},"m.identity_server": {"base_url": "https://matrix.org"},"im.vector.riot.jitsi": {"preferredDomain": "meet.ffmuc.net"}}'; + default_type application/json; add_header Access-Control-Allow-Origin *; } + + location /.well-known/matrix/server { + return 200 '{"m.server": "matrix.sophies-kitchen.eu:443"}'; + default_type application/json; + add_header Access-Control-Allow-Origin *; + } + diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 1085b16..06eddd4 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -4,6 +4,7 @@ nodes['htz-cloud.miniserver'] = { 'bundles': { 'element-web', + 'matrix-dimension', 'matrix-media-repo', 'matrix-synapse', 'nodejs', @@ -68,10 +69,10 @@ nodes['htz-cloud.miniserver'] = { }, 'brand': 'sophies-kitchen.eu', 'showLabsSettings': True, - 'integrations_ui_url': 'https://dimension.franzi.business/riot', - 'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar', + 'integrations_ui_url': 'https://dimension.sophies-kitchen.eu/riot', + 'integrations_rest_url': 'https://dimension.sophies-kitchen.eu/api/v1/scalar', 'integrations_widgets_urls': { - 'https://dimension.franzi.business/widgets' + 'https://dimension.sophies-kitchen.eu/widgets' }, 'default_theme': 'dark', 'defaultCountryCode': 'DE', @@ -103,6 +104,21 @@ nodes['htz-cloud.miniserver'] = { }, }, }, + 'matrix-dimension': { + 'url': 'dimension.sophies-kitchen.eu', + 'version': 'master', # doesn't have releases yet + 'homserver': { + 'name': 'sophies-kitchen.eu', + 'clientServeUrl': 'https://matrix.sophies-kitchen.eu', + 'accessToken': vault.decrypt('encrypt$gAAAAABg4btB0KGk068ahGZzR0w_Lm1bj1wUbB2WfNNs2bp3PwM4Ftp6MjQnrF-CejZfrF0NjPJw9Z4MrgileHP0sVw04mvgKSHfTf8gv4kTB6WuCIxHeMWHUDx00LTWL73fSlhCK0o1'), + }, + 'admins': [ + '@sophie:sophies-kitchen.eu', + ], + 'telegram': { + 'botToken': vault.decrypt('encrypt$gAAAAABg4bcQVzBF_iXdDtjRQD-O37GHdbHwWXyhCLPOuJLbv3ezUeXKR203hkCXkjfItSHi4NiTEgQPadDZTRkavaRpvAoaQV1a4srCS_Y-NU4RiOmkrVFJ_Xhw6UZvwjQUQ0QPOx9t'), + }, + }, 'matrix-media-repo': { 'version': 'v1.2.8', 'homeservers': { @@ -156,16 +172,9 @@ nodes['htz-cloud.miniserver'] = { }, 'nginx': { 'vhosts': { - #'dimension.sophies-kitchen.eu': { - # 'extras': True, - # 'do_not_set_content_security_headers': True, - # 'max_body_size': '50M', - # 'locations': { - # '/': { - # 'target': 'http://127.0.0.1:8184', - # }, - # }, - #}, + 'dimension.sophies-kitchen.eu': { + 'extras': True, + }, 'sophies-kitchen.eu': { 'webroot': '/var/www/sophies-kitchen.eu/_site/', 'extras': True, From a5b6250c866232f7bc5ec09691707f96a05fabac Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 18:04:48 +0200 Subject: [PATCH 10/24] bw/bundle matrix-dimension this might actually work --- .../files/matrix-dimension.service | 2 +- bundles/matrix-dimension/files/production.yaml | 2 +- bundles/matrix-dimension/items.py | 14 +++++++++----- bundles/matrix-dimension/metadata.py | 14 +++++--------- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/bundles/matrix-dimension/files/matrix-dimension.service b/bundles/matrix-dimension/files/matrix-dimension.service index 1b9333f..14b91f4 100644 --- a/bundles/matrix-dimension/files/matrix-dimension.service +++ b/bundles/matrix-dimension/files/matrix-dimension.service @@ -6,7 +6,7 @@ After=network.target User=matrix-support Group=matrix-support Environment="NODE_ENV=production" -ExecStart=/usr/bin/node /opt/matrix/matrix-dimension/build/app/index.js +ExecStart=/usr/bin/node ${config['install_dir']}/build/app/index.js WorkingDirectory=${config['install_dir']} Restart=on-failure diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml index bb67228..738b1d9 100644 --- a/bundles/matrix-dimension/files/production.yaml +++ b/bundles/matrix-dimension/files/production.yaml @@ -45,7 +45,7 @@ widgetBlacklist: database: # Where the database for Dimension is - uri: "postgres://${node.metadata['matrix-dimension']['database']['user']}:${node.metadata['matrix-dimension']['database']['password']}@${node.metadata['matrix-dimension']['database'].get('host', 'localhost')}/${node.metadata['matrix-dimension']['database']['database']}" + uri: "postgres://${node.metadata['matrix-dimension']['database']['user']}:${node.metadata['matrix-dimension']['database']['password']}@${node.metadata['matrix-dimension']['database'].get('host', 'localhost')}/${node.metadata['matrix-dimension']['database']['database']}" # Where to store misc information for the utility bot account. botData: "${config['data_dir']}/dimension.bot.json" diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py index 68375ea..594ba89 100644 --- a/bundles/matrix-dimension/items.py +++ b/bundles/matrix-dimension/items.py @@ -2,8 +2,10 @@ repo.libs.tools.require_bundle(node, 'nodejs') directories = { - node.metadata['matrix-dimension']['install_dir']: {}, - node.metadata['matrix-dimension']['data_dir']: {}, + node.metadata['matrix-dimension']['install_dir']: { + 'owner': 'matrix-support', + 'group': 'matrix-support', + }, } git_deploy = { @@ -22,6 +24,8 @@ git_deploy = { files = { '{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']): { + 'owner': 'matrix-support', + 'group': 'matrix-support', 'content_type': 'mako', 'context': { 'config': node.metadata.get('matrix-dimension', {}), @@ -44,8 +48,8 @@ files = { } actions = { - 'matrix_dimenson_build': { - 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && npm install && npm run build', + 'matrix_dimension_build': { + 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && sudo -u matrix-support npm install && sudo -u matrix-support npm run build', 'needs': { 'pkg_apt:nodejs', }, @@ -59,7 +63,7 @@ actions = { svc_systemd = { 'matrix-dimension': { 'needs': { - 'action:matrix-dimension_build', + 'action:matrix_dimension_build', 'file:{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']), 'postgres_db:matrix-dimension', 'postgres_role:matrix-dimension', diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index 6db7c86..6172b56 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -1,7 +1,7 @@ defaults = { 'matrix-dimension': { 'install_dir': '/opt/matrix-dimension', - 'data_dir': '/var/opt/dimension', + 'data_dir': '/var/opt/matrix-dimension', 'database': { 'user': 'matrix-dimension', 'password': repo.vault.password_for('{} postgresql matrix-dimension'.format(node.name)), @@ -20,13 +20,9 @@ defaults = { }, }, }, - 'icinga2_api': { - 'mautrix-telegram': { - 'services': { - 'MAUTRIX-TELEGRAM PROCESS': { - 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a mautrix-telegram -c 1:', - }, - }, + 'users': { + 'matrix-support': { + 'home': '/var/opt/matrix-dimension', }, }, } @@ -39,7 +35,7 @@ def nginx_config(metadata): 'nginx': { 'vhosts': { metadata.get('matrix-dimension/url'): { - 'webroot': '/var/www/{}/webapp/'.format(metadata.get('element-web/url')), + 'webroot': '/var/www/{}/webapp/'.format(metadata.get('matrix-dimension/url')), 'do_not_set_content_security_headers': True, 'max_body_size': '50M', 'proxy': { From fd6f42cef7a8705b3671f6c10fc1a366442b6718 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 18:48:22 +0200 Subject: [PATCH 11/24] bw/htz-cloud.miniserver set differend recursors --- nodes/htz-cloud/miniserver.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 06eddd4..50478cd 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -160,6 +160,14 @@ nodes['htz-cloud.miniserver'] = { 'bot_token': '""', }, }, + 'nameservers': { + '213.133.98.98', + '213.133.99.99', + '213.133.100.100', + '2a01:4f8:0:1::add:1010', + '2a01:4f8:0:1::add:9999', + '2a01:4f8:0:1::add:9898', + }, 'nftables': { 'rules': { 'input': { From 8ee59cd0369710e5d3e0806e32ed4269c33fa720 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:15:19 +0200 Subject: [PATCH 12/24] bundle/matrix-dimension enable backups --- bundles/matrix-dimension/metadata.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index 6172b56..23627ae 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -1,4 +1,10 @@ defaults = { + 'backups': { + 'paths': { + '/opt/matrix-dimension', + '/var/opt/matrix-dimension', + }, + }, 'matrix-dimension': { 'install_dir': '/opt/matrix-dimension', 'data_dir': '/var/opt/matrix-dimension', @@ -38,7 +44,7 @@ def nginx_config(metadata): 'webroot': '/var/www/{}/webapp/'.format(metadata.get('matrix-dimension/url')), 'do_not_set_content_security_headers': True, 'max_body_size': '50M', - 'proxy': { + 'locations': { '/': { 'target': 'http://127.0.0.1:8184', }, From ebee3b3de524e61efec6772f2eaee08681bf1c9f Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:21:19 +0200 Subject: [PATCH 13/24] bw/matrix-dimension witespaaaaaaaace --- bundles/matrix-dimension/files/production.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml index 738b1d9..426af52 100644 --- a/bundles/matrix-dimension/files/production.yaml +++ b/bundles/matrix-dimension/files/production.yaml @@ -22,7 +22,7 @@ homeserver: # The URL that Dimension will redirect media requests to for downloading media such as # stickers. If not supplied or left empty Dimension will use the clientServerUrl. #mediaUrl: "https://t2bot.io" - + # The access token Dimension should use for miscellaneous access to the homeserver, and # for tracking custom sticker pack updates. This should be a user configured on the homeserver # and be dedicated to Dimension (create a user named "dimension" on your homeserver). For From 2a78fa95a136a49ec933e9421d2396318abcc5c3 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:28:48 +0200 Subject: [PATCH 14/24] bw/htz-cloud.miniserver cleanup extras --- .../dimension.sophies-kitchen.eu | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu b/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu index b20254d..e13c482 100644 --- a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu +++ b/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu @@ -1,15 +1 @@ - - add_header Content-Security-Policy "frame-ancestors 'self' chat.sophies-kitchen.eu"; - - location /.well-known/matrix/client { - return 200 '{"m.homeserver": {"base_url": "https://matrix.sophies-kitchen.eu"},"m.identity_server": {"base_url": "https://matrix.org"},"im.vector.riot.jitsi": {"preferredDomain": "meet.ffmuc.net"}}'; - default_type application/json; - add_header Access-Control-Allow-Origin *; - } - - location /.well-known/matrix/server { - return 200 '{"m.server": "matrix.sophies-kitchen.eu:443"}'; - default_type application/json; - add_header Access-Control-Allow-Origin *; - } - +add_header Content-Security-Policy "frame-ancestors 'self' chat.sophies-kitchen.eu"; From 9fb5293c8083e1690665d1b1a9aa2e83ad141d67 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:38:27 +0200 Subject: [PATCH 15/24] bw/matrix-dimension switch to dedicated user --- .../matrix-dimension/files/matrix-dimension.service | 4 ++-- bundles/matrix-dimension/items.py | 10 +++++----- bundles/matrix-dimension/metadata.py | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/bundles/matrix-dimension/files/matrix-dimension.service b/bundles/matrix-dimension/files/matrix-dimension.service index 14b91f4..9d2bebc 100644 --- a/bundles/matrix-dimension/files/matrix-dimension.service +++ b/bundles/matrix-dimension/files/matrix-dimension.service @@ -3,8 +3,8 @@ Description=Matrix Dimension After=network.target [Service] -User=matrix-support -Group=matrix-support +User=matrix-dimension +Group=matrix-dimension Environment="NODE_ENV=production" ExecStart=/usr/bin/node ${config['install_dir']}/build/app/index.js WorkingDirectory=${config['install_dir']} diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py index 594ba89..8bdf28f 100644 --- a/bundles/matrix-dimension/items.py +++ b/bundles/matrix-dimension/items.py @@ -3,8 +3,8 @@ repo.libs.tools.require_bundle(node, 'nodejs') directories = { node.metadata['matrix-dimension']['install_dir']: { - 'owner': 'matrix-support', - 'group': 'matrix-support', + 'owner': 'matrix-dimension', + 'group': 'matrix-dimension', }, } @@ -24,8 +24,8 @@ git_deploy = { files = { '{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']): { - 'owner': 'matrix-support', - 'group': 'matrix-support', + 'owner': 'matrix-dimension', + 'group': 'matrix-dimension', 'content_type': 'mako', 'context': { 'config': node.metadata.get('matrix-dimension', {}), @@ -49,7 +49,7 @@ files = { actions = { 'matrix_dimension_build': { - 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && sudo -u matrix-support npm install && sudo -u matrix-support npm run build', + 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && sudo -u matrix-dimension npm install && sudo -u matrix-dimension npm run build', 'needs': { 'pkg_apt:nodejs', }, diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index 23627ae..b9cf3df 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -27,7 +27,7 @@ defaults = { }, }, 'users': { - 'matrix-support': { + 'matrix-dimension': { 'home': '/var/opt/matrix-dimension', }, }, From 568a73efafd03b11d9e10fe3a64bbe2e0c40e6b3 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:41:17 +0200 Subject: [PATCH 16/24] bw/matrix-dimension switch listening port --- PORT_MAP.md | 2 +- bundles/matrix-dimension/files/production.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PORT_MAP.md b/PORT_MAP.md index e15cfec..003339b 100644 --- a/PORT_MAP.md +++ b/PORT_MAP.md @@ -26,11 +26,11 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports. | 6667 | | bitlbee | | 8010 | | matrix-media-repo | | 8086 | influxdb2 | influx | -| 8184 | | matrix-dimension | | 11332-11334 | rspamd | rspamd | | 20000 | mx-puppet-discord | Bridge | | 20010 | mautrix-telegram | Bridge | | 20020 | mautrix-whatsapp | Bridge | +| 20030 | matrix-dimension | Matrix Integrations Manager| | 20080 | matrix-synapse | client, federation | | 20081 | matrix-synapse | prometheus metrics | | 20090 | matrix-media-repo | media_repo | diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml index 426af52..305ba54 100644 --- a/bundles/matrix-dimension/files/production.yaml +++ b/bundles/matrix-dimension/files/production.yaml @@ -1,7 +1,7 @@ # The web settings for the service (API and UI). # It is best to have this run on localhost and use a reverse proxy to access Dimension. web: - port: 8184 + port: 20030 address: '127.0.0.1' # Homeserver configuration From f40036422ffb38c2fcfa648f50461d47b9e92972 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:44:17 +0200 Subject: [PATCH 17/24] bw/matrix-dimensions fix typos --- bundles/matrix-dimension/files/production.yaml | 6 +++--- nodes/htz-cloud/miniserver.py | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml index 305ba54..5bfcfdd 100644 --- a/bundles/matrix-dimension/files/production.yaml +++ b/bundles/matrix-dimension/files/production.yaml @@ -8,11 +8,11 @@ web: homeserver: # The domain name of the homeserver. This is used in many places, such as with go-neb # setups, to identify the homeserver. - name: "${config['homserver']['name']}" + name: "${config['homeserver']['name']}" # The URL that Dimension, go-neb, and other services provisioned by Dimension should # use to access the homeserver with. - clientServerUrl: "${config['homserver']['clientServeUrl']}" + clientServerUrl: "${config['homeserver']['clientServerUrl']}" # The URL that Dimension should use when trying to communicate with federated APIs on # the homeserver. If not supplied or left empty Dimension will try to resolve the address @@ -27,7 +27,7 @@ homeserver: # for tracking custom sticker pack updates. This should be a user configured on the homeserver # and be dedicated to Dimension (create a user named "dimension" on your homeserver). For # information on how to acquire an access token, visit https://t2bot.io/docs/access_tokens - accessToken: "${config['homserver']['accessToken']}" + accessToken: "${config['homeserver']['accessToken']}" # These users can modify the integrations this Dimension supports. # To access the admin interface, open Dimension in Riot and click the settings icon. diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 50478cd..0a104d4 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -107,7 +107,7 @@ nodes['htz-cloud.miniserver'] = { 'matrix-dimension': { 'url': 'dimension.sophies-kitchen.eu', 'version': 'master', # doesn't have releases yet - 'homserver': { + 'homeserver': { 'name': 'sophies-kitchen.eu', 'clientServeUrl': 'https://matrix.sophies-kitchen.eu', 'accessToken': vault.decrypt('encrypt$gAAAAABg4btB0KGk068ahGZzR0w_Lm1bj1wUbB2WfNNs2bp3PwM4Ftp6MjQnrF-CejZfrF0NjPJw9Z4MrgileHP0sVw04mvgKSHfTf8gv4kTB6WuCIxHeMWHUDx00LTWL73fSlhCK0o1'), From 71a1a4d59b5e1a8d3b986fdf15b23fe112d3e060 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:47:40 +0200 Subject: [PATCH 18/24] bw/matrix-dimension enable process monitoring --- bundles/matrix-dimension/metadata.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index b9cf3df..ed7392a 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -68,9 +68,9 @@ def icinga_check_for_new_release(metadata): 'vars.notification.mail': True, 'check_interval': '60m', }, - #'MATRIX-DIMENSION PROCESS': { - # 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a mautrix-telegram -c 1:', - #}, + 'MATRIX-DIMENSION PROCESS': { + 'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -a matrix-dimension -c 1:', + }, }, }, }, From aa639dc913a8d392202c6de6f96cf8e0e44158a5 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 20:58:56 +0200 Subject: [PATCH 19/24] bw/matrix-dimension switch to generic vhost name --- bundles/matrix-dimension/metadata.py | 5 +++-- .../{dimension.sophies-kitchen.eu => matrix-dimension} | 0 nodes/htz-cloud/miniserver.py | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) rename data/nginx/files/extras/htz-cloud.miniserver/{dimension.sophies-kitchen.eu => matrix-dimension} (100%) diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index ed7392a..ddcdbd0 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -34,13 +34,14 @@ defaults = { } @metadata_reactor.provides( - 'nginx/vhosts', + 'nginx/vhosts/matrix-dimension', ) def nginx_config(metadata): return { 'nginx': { 'vhosts': { - metadata.get('matrix-dimension/url'): { + 'matrix-dimension': { + 'domain': metadata.get('matrix-dimension/url'), 'webroot': '/var/www/{}/webapp/'.format(metadata.get('matrix-dimension/url')), 'do_not_set_content_security_headers': True, 'max_body_size': '50M', diff --git a/data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu b/data/nginx/files/extras/htz-cloud.miniserver/matrix-dimension similarity index 100% rename from data/nginx/files/extras/htz-cloud.miniserver/dimension.sophies-kitchen.eu rename to data/nginx/files/extras/htz-cloud.miniserver/matrix-dimension diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index 0a104d4..cb2ec71 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -109,7 +109,7 @@ nodes['htz-cloud.miniserver'] = { 'version': 'master', # doesn't have releases yet 'homeserver': { 'name': 'sophies-kitchen.eu', - 'clientServeUrl': 'https://matrix.sophies-kitchen.eu', + 'clientServerUrl': 'https://matrix.sophies-kitchen.eu', 'accessToken': vault.decrypt('encrypt$gAAAAABg4btB0KGk068ahGZzR0w_Lm1bj1wUbB2WfNNs2bp3PwM4Ftp6MjQnrF-CejZfrF0NjPJw9Z4MrgileHP0sVw04mvgKSHfTf8gv4kTB6WuCIxHeMWHUDx00LTWL73fSlhCK0o1'), }, 'admins': [ @@ -180,7 +180,7 @@ nodes['htz-cloud.miniserver'] = { }, 'nginx': { 'vhosts': { - 'dimension.sophies-kitchen.eu': { + 'matrix-dimension': { 'extras': True, }, 'sophies-kitchen.eu': { From 2b1c53e47a2ebe94bc1cfe533a02b98bf1708d93 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 21:06:51 +0200 Subject: [PATCH 20/24] bw/matrix-dimension disable logfile --- bundles/matrix-dimension/files/production.yaml | 5 ----- bundles/matrix-dimension/items.py | 3 +++ 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/bundles/matrix-dimension/files/production.yaml b/bundles/matrix-dimension/files/production.yaml index 5bfcfdd..321f6d2 100644 --- a/bundles/matrix-dimension/files/production.yaml +++ b/bundles/matrix-dimension/files/production.yaml @@ -89,10 +89,5 @@ stickers: # Settings for controlling how logging works logging: - file: "${config['data_dir']}/logs/dimension.log" console: true consoleLevel: info - fileLevel: verbose - rotate: - size: 52428800 # bytes, default is 50mb - count: 5 diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py index 8bdf28f..8af625b 100644 --- a/bundles/matrix-dimension/items.py +++ b/bundles/matrix-dimension/items.py @@ -34,6 +34,9 @@ files = { 'action:element-web_yarn', 'directory:{}'.format(node.metadata['matrix-dimension']['install_dir']), }, + 'triggers': { + 'svc_systemd:matrix-dimension:restart', + }, }, '/etc/systemd/system/matrix-dimension.service': { 'content_type': 'mako', From 6ceb47a92e0f0da6bc21b5283bc316c26e6d1b85 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 21:11:23 +0200 Subject: [PATCH 21/24] bw/matrix-dimension get all the things --- bundles/matrix-dimension/items.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py index 8af625b..5fbb7d6 100644 --- a/bundles/matrix-dimension/items.py +++ b/bundles/matrix-dimension/items.py @@ -10,20 +10,20 @@ directories = { git_deploy = { node.metadata['matrix-dimension']['install_dir']: { - 'rev': node.metadata.get('matrix-dimension', {}).get('version', 'master'), # doesn't have releases yet + 'rev': node.metadata.get('matrix-dimension/version', 'master'), # doesn't have releases yet 'repo': 'https://github.com/turt2live/matrix-dimension.git', 'triggers': { 'action:matrix_dimension_build', }, 'needs': { - 'directory:{}'.format(node.metadata['matrix-dimension']['install_dir']), - 'directory:{}'.format(node.metadata['matrix-dimension']['data_dir']), + 'directory:{}'.format(node.metadatai.get('matrix-dimension/install_dir'), + 'directory:{}'.format(node.metadata.get('matrix-dimension/data_dir'), }, }, } files = { - '{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']): { + '{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir'): { 'owner': 'matrix-dimension', 'group': 'matrix-dimension', 'content_type': 'mako', @@ -32,7 +32,7 @@ files = { }, 'needs': { 'action:element-web_yarn', - 'directory:{}'.format(node.metadata['matrix-dimension']['install_dir']), + 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir'), }, 'triggers': { 'svc_systemd:matrix-dimension:restart', @@ -52,7 +52,7 @@ files = { actions = { 'matrix_dimension_build': { - 'command': 'cd ' + node.metadata['matrix-dimension']['install_dir'] + ' && sudo -u matrix-dimension npm install && sudo -u matrix-dimension npm run build', + 'command': 'cd ' + node.metadata.get('matrix-dimension/install_dir') + ' && sudo -u matrix-dimension npm install && sudo -u matrix-dimension npm run build', 'needs': { 'pkg_apt:nodejs', }, @@ -67,7 +67,7 @@ svc_systemd = { 'matrix-dimension': { 'needs': { 'action:matrix_dimension_build', - 'file:{}/config/production.yaml'.format(node.metadata['matrix-dimension']['install_dir']), + 'file:{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir'), 'postgres_db:matrix-dimension', 'postgres_role:matrix-dimension', }, From d076384eade598db82a44d2d5b15079d9ac15d29 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 21:17:12 +0200 Subject: [PATCH 22/24] bw/matrix-dimension remove unneeded metadata --- bundles/matrix-dimension/metadata.py | 1 - 1 file changed, 1 deletion(-) diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index ddcdbd0..524e291 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -42,7 +42,6 @@ def nginx_config(metadata): 'vhosts': { 'matrix-dimension': { 'domain': metadata.get('matrix-dimension/url'), - 'webroot': '/var/www/{}/webapp/'.format(metadata.get('matrix-dimension/url')), 'do_not_set_content_security_headers': True, 'max_body_size': '50M', 'locations': { From 58691904fc6ec04a6bc223bdc332385fe2b83c04 Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Sun, 4 Jul 2021 21:32:10 +0200 Subject: [PATCH 23/24] bw/matrix-dimension repair syntax errors --- bundles/matrix-dimension/items.py | 11 +++++------ bundles/matrix-dimension/metadata.py | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/bundles/matrix-dimension/items.py b/bundles/matrix-dimension/items.py index 5fbb7d6..a8a9a5c 100644 --- a/bundles/matrix-dimension/items.py +++ b/bundles/matrix-dimension/items.py @@ -16,14 +16,14 @@ git_deploy = { 'action:matrix_dimension_build', }, 'needs': { - 'directory:{}'.format(node.metadatai.get('matrix-dimension/install_dir'), - 'directory:{}'.format(node.metadata.get('matrix-dimension/data_dir'), + 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir')), + 'directory:{}'.format(node.metadata.get('matrix-dimension/data_dir')), }, }, } files = { - '{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir'): { + '{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')): { 'owner': 'matrix-dimension', 'group': 'matrix-dimension', 'content_type': 'mako', @@ -31,8 +31,7 @@ files = { 'config': node.metadata.get('matrix-dimension', {}), }, 'needs': { - 'action:element-web_yarn', - 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir'), + 'directory:{}'.format(node.metadata.get('matrix-dimension/install_dir')), }, 'triggers': { 'svc_systemd:matrix-dimension:restart', @@ -67,7 +66,7 @@ svc_systemd = { 'matrix-dimension': { 'needs': { 'action:matrix_dimension_build', - 'file:{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir'), + 'file:{}/config/production.yaml'.format(node.metadata.get('matrix-dimension/install_dir')), 'postgres_db:matrix-dimension', 'postgres_role:matrix-dimension', }, diff --git a/bundles/matrix-dimension/metadata.py b/bundles/matrix-dimension/metadata.py index 524e291..2d41180 100644 --- a/bundles/matrix-dimension/metadata.py +++ b/bundles/matrix-dimension/metadata.py @@ -46,7 +46,7 @@ def nginx_config(metadata): 'max_body_size': '50M', 'locations': { '/': { - 'target': 'http://127.0.0.1:8184', + 'target': 'http://127.0.0.1:20030', }, }, }, From 07dbcb51f4b145893d7feed8e13bfabde73e86aa Mon Sep 17 00:00:00 2001 From: Sophie Schiller Date: Mon, 5 Jul 2021 19:57:44 +0200 Subject: [PATCH 24/24] bw/htz-cloud.miniserver bump element-web version --- nodes/htz-cloud/miniserver.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nodes/htz-cloud/miniserver.py b/nodes/htz-cloud/miniserver.py index cb2ec71..f28568c 100644 --- a/nodes/htz-cloud/miniserver.py +++ b/nodes/htz-cloud/miniserver.py @@ -59,7 +59,7 @@ nodes['htz-cloud.miniserver'] = { }, 'element-web': { 'url': 'chat.sophies-kitchen.eu', - 'version': 'v1.7.31', + 'version': 'v1.7.32', 'config': { 'default_server_config': { 'm.homeserver': {