From 396fe6e71477ae1fe0f9e4e76bcfdec4ad51a123 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Fri, 11 Dec 2020 18:44:17 +0100 Subject: [PATCH 1/5] Whitelist ejabberd custom node attributes fixes #256 --- .chef/config.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.chef/config.rb b/.chef/config.rb index 96bb67b..0609bb3 100644 --- a/.chef/config.rb +++ b/.chef/config.rb @@ -26,5 +26,5 @@ knife[:automatic_attribute_whitelist] = %w[ chef_packages ] knife[:default_attribute_whitelist] = [] -knife[:normal_attribute_whitelist] = ['knife_zero'] +knife[:normal_attribute_whitelist] = ['knife_zero','kosmos-ejabberd'] knife[:override_attribute_whitelist] = [] From fb996e9abfd5373467f3af2c98e80a9c72fc0af2 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Fri, 11 Dec 2020 18:44:41 +0100 Subject: [PATCH 2/5] Join new zerotier network on VM creation --- site-cookbooks/kosmos_kvm/files/create_vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/site-cookbooks/kosmos_kvm/files/create_vm b/site-cookbooks/kosmos_kvm/files/create_vm index 93375da..db4cf8e 100644 --- a/site-cookbooks/kosmos_kvm/files/create_vm +++ b/site-cookbooks/kosmos_kvm/files/create_vm @@ -57,7 +57,7 @@ runcmd: - curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import - curl -s -o /tmp/install_zerotier 'https://install.zerotier.com/' - cat /tmp/install_zerotier | gpg && bash /tmp/install_zerotier - - zerotier-cli join 12ac4a1e719d706e + - zerotier-cli join 8541e5153eb4327c EOS cat > meta-data <<-EOS From 4b9dfd9c60ee45c542b15bb1eac767352760132b Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Fri, 11 Dec 2020 19:24:12 +0100 Subject: [PATCH 3/5] Update node configs --- nodes/akkounts-1.json | 7 ++++--- nodes/bitcoin-2.json | 4 ++-- nodes/ejabberd-1.json | 3 ++- nodes/ejabberd-2.json | 3 ++- nodes/ipfs-1.json | 4 ++-- nodes/uploads-1.json | 3 ++- nodes/wiki-1.json | 5 +++-- nodes/zerotier-1.json | 2 +- 8 files changed, 18 insertions(+), 13 deletions(-) diff --git a/nodes/akkounts-1.json b/nodes/akkounts-1.json index b85f6d1..27dd090 100644 --- a/nodes/akkounts-1.json +++ b/nodes/akkounts-1.json @@ -2,7 +2,7 @@ "name": "akkounts-1", "normal": { "knife_zero": { - "host": "10.147.20.144" + "host": "10.1.1.144" } }, "automatic": { @@ -12,7 +12,7 @@ "hostname": "akkounts-1", "ipaddress": "192.168.122.160", "roles": [ - + "akkounts" ], "recipes": [ "kosmos-base", @@ -48,6 +48,7 @@ "nginx::commons_dir", "nginx::commons_script", "nginx::commons_conf", + "kosmos-nginx::firewall", "git::default", "git::package", "kosmos-base::letsencrypt" @@ -70,4 +71,4 @@ "recipe[kosmos-base]", "role[akkounts]" ] -} +} \ No newline at end of file diff --git a/nodes/bitcoin-2.json b/nodes/bitcoin-2.json index c888e0c..2290685 100644 --- a/nodes/bitcoin-2.json +++ b/nodes/bitcoin-2.json @@ -2,7 +2,7 @@ "name": "bitcoin-2", "normal": { "knife_zero": { - "host": "10.147.20.163" + "host": "10.1.1.163" } }, "automatic": { @@ -57,4 +57,4 @@ "recipe[kosmos-bitcoin::source]", "recipe[kosmos-bitcoin::lnd]" ] -} \ No newline at end of file +} diff --git a/nodes/ejabberd-1.json b/nodes/ejabberd-1.json index 296c803..713af49 100644 --- a/nodes/ejabberd-1.json +++ b/nodes/ejabberd-1.json @@ -2,7 +2,7 @@ "name": "ejabberd-1", "normal": { "knife_zero": { - "host": "10.147.20.166" + "host": "10.1.1.166" }, "kosmos-ejabberd": { "erlang_node": "ejabberd@draco.kosmos.org" @@ -39,6 +39,7 @@ "postfix::_attributes", "postfix::sasl_auth", "hostname::default", + "kosmos-ejabberd::firewall", "tor-full::default", "kosmos-base::letsencrypt", "backup::default", diff --git a/nodes/ejabberd-2.json b/nodes/ejabberd-2.json index 5e7726c..31f8b9b 100644 --- a/nodes/ejabberd-2.json +++ b/nodes/ejabberd-2.json @@ -2,7 +2,7 @@ "name": "ejabberd-2", "normal": { "knife_zero": { - "host": "10.147.20.44" + "host": "10.1.1.44" }, "kosmos-ejabberd": { "erlang_node": "ejabberd@centaurus.kosmos.org" @@ -39,6 +39,7 @@ "postfix::_attributes", "postfix::sasl_auth", "hostname::default", + "kosmos-ejabberd::firewall", "tor-full::default", "kosmos-base::letsencrypt", "backup::default", diff --git a/nodes/ipfs-1.json b/nodes/ipfs-1.json index 5428880..2e9ba52 100644 --- a/nodes/ipfs-1.json +++ b/nodes/ipfs-1.json @@ -2,7 +2,7 @@ "name": "ipfs-1", "normal": { "knife_zero": { - "host": "10.147.20.198" + "host": "10.1.1.198" } }, "automatic": { @@ -72,4 +72,4 @@ "recipe[kosmos-ipfs]", "recipe[kosmos-ipfs::public_gateway]" ] -} \ No newline at end of file +} diff --git a/nodes/uploads-1.json b/nodes/uploads-1.json index bb43002..3c65fbf 100644 --- a/nodes/uploads-1.json +++ b/nodes/uploads-1.json @@ -2,7 +2,7 @@ "name": "uploads-1", "normal": { "knife_zero": { - "host": "10.147.20.98" + "host": "10.1.1.98" } }, "automatic": { @@ -41,6 +41,7 @@ "nginx::commons_dir", "nginx::commons_script", "nginx::commons_conf", + "kosmos-nginx::firewall", "kosmos-base::letsencrypt" ], "platform": "ubuntu", diff --git a/nodes/wiki-1.json b/nodes/wiki-1.json index b69ecff..d4ef9fb 100644 --- a/nodes/wiki-1.json +++ b/nodes/wiki-1.json @@ -2,13 +2,13 @@ "name": "wiki-1", "normal": { "knife_zero": { - "host": "10.147.20.206" + "host": "10.1.1.206" } }, "automatic": { "fqdn": "wiki-1", "os": "linux", - "os_version": "5.4.0-45-generic", + "os_version": "5.4.0-54-generic", "hostname": "wiki-1", "ipaddress": "192.168.122.26", "roles": [ @@ -51,6 +51,7 @@ "nginx::commons_dir", "nginx::commons_script", "nginx::commons_conf", + "kosmos-nginx::firewall", "mediawiki::nginx", "backup::default", "logrotate::default", diff --git a/nodes/zerotier-1.json b/nodes/zerotier-1.json index 685171d..355a4f8 100644 --- a/nodes/zerotier-1.json +++ b/nodes/zerotier-1.json @@ -2,7 +2,7 @@ "name": "zerotier-1", "normal": { "knife_zero": { - "host": "10.147.20.147" + "host": "10.1.1.147" } }, "automatic": { From 83736d2a8566c32dccd57e9737921bf2f8b9244d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Fri, 11 Dec 2020 19:28:34 +0100 Subject: [PATCH 4/5] Update the bitcoin-2 node file after running chef --- nodes/bitcoin-2.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/nodes/bitcoin-2.json b/nodes/bitcoin-2.json index 2290685..9bd540c 100644 --- a/nodes/bitcoin-2.json +++ b/nodes/bitcoin-2.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "bitcoin-2", "os": "linux", - "os_version": "5.4.0-42-generic", + "os_version": "5.4.0-54-generic", "hostname": "bitcoin-2", "ipaddress": "192.168.122.148", "roles": [ @@ -34,6 +34,7 @@ "postfix::sasl_auth", "hostname::default", "ark::default", + "kosmos-bitcoin::firewall", "git::default", "git::package", "golang::default" @@ -57,4 +58,4 @@ "recipe[kosmos-bitcoin::source]", "recipe[kosmos-bitcoin::lnd]" ] -} +} \ No newline at end of file From 1551fe6d1befbdf40fc420a52f4cb9e84a053364 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Fri, 11 Dec 2020 19:29:56 +0100 Subject: [PATCH 5/5] Update the ipfs-1 node file after running chef --- nodes/ipfs-1.json | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/nodes/ipfs-1.json b/nodes/ipfs-1.json index 2e9ba52..13008a6 100644 --- a/nodes/ipfs-1.json +++ b/nodes/ipfs-1.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "ipfs-1", "os": "linux", - "os_version": "5.4.0-52-generic", + "os_version": "5.4.0-54-generic", "hostname": "ipfs-1", "ipaddress": "192.168.122.195", "roles": [ @@ -40,6 +40,7 @@ "kosmos-nodejs::default", "nodejs::nodejs_from_package", "nodejs::repo", + "kosmos-ipfs::firewall_swarm", "firewall::default", "chef-sugar::default", "kosmos-nginx::default", @@ -51,6 +52,8 @@ "nginx::commons_dir", "nginx::commons_script", "nginx::commons_conf", + "kosmos-nginx::firewall", + "kosmos-ipfs::firewall_public_gateway", "kosmos-base::letsencrypt" ], "platform": "ubuntu", @@ -72,4 +75,4 @@ "recipe[kosmos-ipfs]", "recipe[kosmos-ipfs::public_gateway]" ] -} +} \ No newline at end of file