Franziska Kunsmann
6a144cf991
All checks were successful
kunsi/bundlewrap/pipeline/head This commit looks good
337 lines
12 KiB
Python
337 lines
12 KiB
Python
# To use the serial console in iRMC, set up grub as follows:
|
|
# GRUB_TIMEOUT=30
|
|
# GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0,115200 console=tty0"
|
|
# GRUB_TERMINAL=serial
|
|
# GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
|
|
|
|
nodes['rx300'] = {
|
|
'hostname': '31.47.232.106',
|
|
'bundles': {
|
|
'check-mail-received',
|
|
'element-web',
|
|
'gitea',
|
|
'jenkins-ci',
|
|
'lm-sensors',
|
|
'miniflux',
|
|
'nodejs',
|
|
'php',
|
|
'postgresql',
|
|
'smartd',
|
|
'travelynx',
|
|
'vmhost',
|
|
'zfs',
|
|
},
|
|
'groups': {
|
|
'debian-bullseye',
|
|
'webserver',
|
|
},
|
|
'metadata': {
|
|
'interfaces': {
|
|
'br0': {
|
|
'ips': {
|
|
'31.47.232.106/29',
|
|
'2a00:f820:528::2/64',
|
|
},
|
|
'gateway4': '31.47.232.105',
|
|
'gateway6': '2a00:f820:528::1',
|
|
},
|
|
},
|
|
'apt': {
|
|
'packages': {
|
|
'ipmitool': {},
|
|
|
|
# for franzi.business deployment
|
|
'ruby': {},
|
|
'ruby-dev': {},
|
|
'ruby-bundler': {},
|
|
|
|
# more php
|
|
'php-imagick': {},
|
|
'php-yaml': {},
|
|
|
|
# used by user:kunsi
|
|
'mosh': {},
|
|
'weechat': {},
|
|
'weechat-core': {},
|
|
'weechat-curses': {},
|
|
'weechat-perl': {},
|
|
'weechat-plugins': {},
|
|
'weechat-python': {},
|
|
'weechat-ruby': {},
|
|
},
|
|
'repos': {
|
|
# XXX remove this once nginx.org has packages for debian bullseye
|
|
'nginx': {
|
|
'items': atomic({
|
|
'deb http://nginx.org/packages/debian buster nginx',
|
|
}),
|
|
},
|
|
'weechat': {
|
|
'items': {
|
|
'deb https://weechat.org/debian {os_release} main',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'backup-client': {
|
|
'pre-hooks': {
|
|
# 'kunsi-weechat': \
|
|
# 'echo \'core.weechat */layout store\' >> /home/kunsi/.weechat/weechat_fifo\n' \
|
|
# 'echo \'core.weechat */save\' >> /home/kunsi/.weechat/weechat_fifo\n',
|
|
},
|
|
},
|
|
'backups': {
|
|
'paths': {
|
|
'/home/kunsi/.weechat',
|
|
},
|
|
},
|
|
'check-mail-received': {
|
|
't-online': {
|
|
'email': 'franzi.kunsmann@t-online.de',
|
|
'imap_host': 'secureimap.t-online.de',
|
|
'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'),
|
|
},
|
|
},
|
|
'element-web': {
|
|
'url': 'chat.franzi.business',
|
|
'version': 'v1.7.32',
|
|
'config': {
|
|
'default_server_config': {
|
|
'm.homeserver': {
|
|
'base_url': 'https://matrix.franzi.business',
|
|
'server_name': 'franzi.business',
|
|
},
|
|
},
|
|
'brand': 'franzi.business',
|
|
'showLabsSettings': True,
|
|
'integrations_ui_url': 'https://dimension.franzi.business/riot',
|
|
'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar',
|
|
'integrations_widgets_urls': {
|
|
'https://dimension.franzi.business/widgets'
|
|
},
|
|
'default_theme': 'dark',
|
|
'defaultCountryCode': 'DE',
|
|
'jitsi': {
|
|
'preferredDomain': 'meet.ffmuc.net',
|
|
},
|
|
},
|
|
},
|
|
'gitea': {
|
|
'version': '1.14.5',
|
|
'sha256': '8a6f7983bd47690e6087e14b7a32d6fb0b8868b137da0ea5edff28c32763ca6d',
|
|
'domain': 'git.franzi.business',
|
|
'email_domain_blocklist': {
|
|
'gmail.com',
|
|
'yahoo.com',
|
|
'aol.com',
|
|
'comcast.net',
|
|
'verizon.net',
|
|
'hotmail.com',
|
|
'cox.net',
|
|
'msn.com',
|
|
},
|
|
'enable_git_hooks': True,
|
|
'install_ssh_key': True,
|
|
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
|
|
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
|
|
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
|
|
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
|
|
},
|
|
'icinga_options': {
|
|
'pretty_name': 'franzi.business',
|
|
},
|
|
'jenkins-ci': {
|
|
'install_ssh_key': True,
|
|
'domain': 'jenkins.franzi.business',
|
|
},
|
|
'letsencrypt': {
|
|
# 'concat_and_deploy': {
|
|
# 'kunsi-weechat': {
|
|
# 'match_domain': 'part.of.the.trans-agenda.eu',
|
|
# 'target': '/home/kunsi/.weechat/ssl/relay.pem',
|
|
# 'chown': 'kunsi:kunsi',
|
|
# 'chmod': '0440',
|
|
# 'commands': [
|
|
# 'echo \'core.weechat */relay sslcertkey\' >> /home/kunsi/.weechat/weechat_fifo'
|
|
# ],
|
|
# },
|
|
# },
|
|
# 'domains': {
|
|
# 'part.of.the.trans-agenda.eu': set(),
|
|
# },
|
|
},
|
|
'miniflux': {
|
|
'domain': 'rss.franzi.business',
|
|
},
|
|
'nginx': {
|
|
'vhosts': {
|
|
'element-web': {'ssl': '_.franzi.business'},
|
|
'gitea': {'ssl': '_.franzi.business'},
|
|
'jenkins-ci': {'ssl': '_.franzi.business'},
|
|
'miniflux': {'ssl': '_.franzi.business'},
|
|
'travelynx': {'ssl': '_.franzi.business'},
|
|
'daskritzelt-redirect': {
|
|
'domain': 'die-brontosaurier-waren-es.org',
|
|
'ssl': None,
|
|
'locations': {
|
|
'/': {
|
|
'redirect': 'https://twitter.com/daskritzelt/status/1259167444373028864',
|
|
},
|
|
},
|
|
},
|
|
'franzi.business': {
|
|
'webroot': '/var/www/franzi.business/_site/',
|
|
'ssl': '_.franzi.business',
|
|
'locations': {
|
|
'/.well-known/matrix/client': {
|
|
'return': json_dumps({
|
|
'm.homeserver': {
|
|
'base_url': 'https://matrix.franzi.business',
|
|
},
|
|
'm.identity_server': {
|
|
'base_url': 'https://matrix.org',
|
|
},
|
|
'im.vector.riot.jitsi': {
|
|
'preferredDomain': 'meet.ffmuc.net',
|
|
},
|
|
}, sort_keys=True),
|
|
'additional_config': {
|
|
'default_type application/json',
|
|
'add_header Access-Control-Allow-Origin *',
|
|
},
|
|
},
|
|
'/.well-known/matrix/server': {
|
|
'return': json_dumps({
|
|
'm.server': 'matrix.franzi.business:443',
|
|
}, sort_keys=True),
|
|
'additional_config': {
|
|
'default_type application/json',
|
|
'add_header Access-Control-Allow-Origin *',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'kunbox.net': {},
|
|
'kunsmann.eu': {
|
|
'locations': {
|
|
'/': {
|
|
'redirect': 'https://franzi.business$request_uri',
|
|
},
|
|
'/.well-known/openpgpkey': {
|
|
'alias': '/var/www/kunsmann.eu/.well-known/openpgpkey/',
|
|
'additional_config': {
|
|
'default_type application/octet-stream',
|
|
'add_header Access-Control-Allow-Origin *',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'paste.franzi.business': {
|
|
'webroot': '/home/kunsi/public_html',
|
|
'ssl': '_.franzi.business',
|
|
'extras': True,
|
|
},
|
|
'unicornsden-redirect': {
|
|
'domain': 'unicornsden.franzi.business',
|
|
'ssl': '_.franzi.business',
|
|
'locations': {
|
|
'/': {
|
|
'redirect': 'https://map.unicornsden.com/',
|
|
},
|
|
},
|
|
},
|
|
'unicornsden': {
|
|
'domain': 'map.unicornsden.com',
|
|
'php': True,
|
|
'webroot_config': {
|
|
'owner': 'jenkins',
|
|
'group': 'jenkins',
|
|
'mode': '0755',
|
|
},
|
|
},
|
|
'wiki.franzi.business': {
|
|
'ssl': '_.franzi.business',
|
|
'extras': True,
|
|
'php': True,
|
|
'webroot_config': {
|
|
'owner': 'www-data',
|
|
'group': 'www-data',
|
|
},
|
|
'website_check_path': '/start?do=login',
|
|
'website_check_string': 'Username',
|
|
},
|
|
},
|
|
},
|
|
'php': {
|
|
'version': '8.0',
|
|
'packages': {
|
|
'gd',
|
|
'imap',
|
|
'intl',
|
|
'mbstring',
|
|
'opcache',
|
|
'pgsql',
|
|
'readline',
|
|
'xml',
|
|
},
|
|
},
|
|
'postgresql': {
|
|
'version': '13',
|
|
},
|
|
'smartd': {
|
|
'disks': {
|
|
'/dev/nvme0',
|
|
},
|
|
},
|
|
'systemd-networkd': {
|
|
'bridges': {
|
|
'br0': {
|
|
'match': {
|
|
'eno1',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
'travelynx': {
|
|
'version': '1.20.3',
|
|
'mail_from': 'travelynx@franzi.business',
|
|
'domain': 'travelynx.franzi.business',
|
|
},
|
|
'users': {
|
|
'kunsi': {
|
|
'enable_linger': True,
|
|
'groups': {
|
|
'libvirt',
|
|
},
|
|
},
|
|
},
|
|
'zfs': {
|
|
'module_options': {
|
|
'zfs_arc_max_gb': 16,
|
|
},
|
|
'pools': {
|
|
'tank': {
|
|
'raidz': {
|
|
'/dev/sda',
|
|
'/dev/sdb',
|
|
'/dev/sdc',
|
|
'/dev/sdd',
|
|
},
|
|
},
|
|
},
|
|
'datasets': {
|
|
'tank/libvirt': {
|
|
'mountpoint': '/var/lib/libvirt',
|
|
'compression': 'on',
|
|
},
|
|
'tank/home-kunsi': {
|
|
'mountpoint': '/home/kunsi',
|
|
},
|
|
},
|
|
},
|
|
'vm': {
|
|
'cpu': 32,
|
|
'ram': 256,
|
|
},
|
|
},
|
|
}
|