130 lines
3.3 KiB
Python
130 lines
3.3 KiB
Python
defaults = {
|
|
'backups': {
|
|
'paths': {
|
|
'/var/opt/hedgedoc',
|
|
},
|
|
},
|
|
'hedgedoc': {
|
|
'config': {
|
|
"production": {
|
|
"loglevel": "info",
|
|
"hsts": {
|
|
"enable": False,
|
|
},
|
|
"csp": {
|
|
"enable": True,
|
|
"directives": {
|
|
},
|
|
"upgradeInsecureRequests": "auto",
|
|
"addDefaults": True,
|
|
"addDisqus": False,
|
|
"addGoogleAnalytics": False
|
|
},
|
|
"cookiePolicy": "lax",
|
|
"db": {
|
|
"username": "hedgedoc",
|
|
"password": repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
|
|
"database": "hedgedoc",
|
|
"host": "localhost",
|
|
"port": "5432",
|
|
"dialect": "postgres"
|
|
},
|
|
'imageUploadType': 'filesystem',
|
|
'uploadsPath': '/var/opt/hedgedoc',
|
|
'allowAnonymous': False,
|
|
'allowFreeURL': True,
|
|
'requireFreeURLAuthentication': True,
|
|
'sessionSecret': repo.vault.password_for('{} hedgedoc sessionSecret'.format(node.name)),
|
|
'allowEmailRegister': False,
|
|
'protocolUseSSL': True,
|
|
},
|
|
},
|
|
},
|
|
'postgresql': {
|
|
'roles': {
|
|
'hedgedoc': {
|
|
'password': repo.vault.password_for('{} postgresql hedgedoc'.format(node.name)),
|
|
},
|
|
},
|
|
'databases': {
|
|
'hedgedoc': {
|
|
'owner': 'hedgedoc',
|
|
},
|
|
},
|
|
},
|
|
'zfs': {
|
|
'datasets': {
|
|
'tank/hedgedoc': {},
|
|
'tank/hedgedoc/install': {
|
|
'mountpoint': '/opt/hedgedoc',
|
|
'needed_by': {
|
|
'directory:/opt/hedgedoc',
|
|
},
|
|
},
|
|
'tank/hedgedoc/uploads': {
|
|
'mountpoint': '/var/opt/hedgedoc',
|
|
'needed_by': {
|
|
'directory:/var/opt/hedgedoc',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'icinga2_api/hedgedoc/services',
|
|
)
|
|
def icinga_check_for_new_release(metadata):
|
|
return {
|
|
'icinga2_api': {
|
|
'hedgedoc': {
|
|
'services': {
|
|
'HEDGEDOC UPDATE': {
|
|
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_github_for_new_release hedgedoc/hedgedoc {}'.format(metadata.get('hedgedoc/version')),
|
|
'vars.notification.mail': True,
|
|
'check_interval': '60m',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
|
|
@metadata_reactor.provides(
|
|
'nginx/vhosts',
|
|
)
|
|
def nginx(metadata):
|
|
if not node.has_bundle('nginx'):
|
|
raise DoNotRunAgain
|
|
|
|
locations = {
|
|
'/': {
|
|
'target': 'http://127.0.0.1:3000',
|
|
'proxy_set_header': {
|
|
'X-Real-IP': '$remote_addr',
|
|
},
|
|
},
|
|
'/socket.io/': {
|
|
'target': 'http://127.0.0.1:3000',
|
|
'websockets': True,
|
|
'proxy_set_header': {
|
|
'X-Real-IP': '$remote_addr',
|
|
},
|
|
},
|
|
}
|
|
|
|
vhosts = {
|
|
'hedgedoc': {
|
|
'domain': metadata.get('hedgedoc/config/production/domain'),
|
|
'locations': locations,
|
|
'website_check_path': '/_matrix/static/',
|
|
'website_check_string': 'Synapse is running',
|
|
},
|
|
}
|
|
|
|
return {
|
|
'nginx': {
|
|
'vhosts': vhosts
|
|
},
|
|
}
|