kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity
1,925 Commits 7 Branches 0 Tags
Commit Graph

1198 Commits

Author SHA1 Message Date
Râu Cao
5a4cdf9c30
Prevent local users from impersonating other local users 2023-12-06 12:27:38 +01:00
Râu Cao
b3f2ca415e
Set up SpamAssassin 
Scan incoming and outgoing email for spam. Use a local Unbound for DNS,
so we don't run into blocks for RBL queries.
 2023-12-06 12:22:24 +01:00
Râu Cao
05ccbcc58f
Merge branch 'master' into feature/email 2023-12-05 18:37:43 +01:00
Râu Cao
cc6cebb8a2
Increase TURN throughput allowance 2023-12-05 18:20:27 +01:00
Râu Cao
4dbc960eed
Switch ejabberd node handling TURN 
Should use the same outgoing IP as for incoming
 2023-12-05 18:19:48 +01:00
Râu Cao
7805182457
Change borg backup default interval to 3 hrs 2023-12-05 18:16:15 +01:00
Râu Cao
769ac4a081
Support node-specific borg repo config 2023-12-05 18:09:44 +01:00
Râu Cao
b1763cd032
Pattern-match node names for VM backup exclusion 2023-12-05 18:04:57 +01:00
Râu Cao
42c04538d8
Set up DKIM signing and verification 2023-12-04 13:40:37 +01:00
Râu Cao
c9ad3c2d18
Create/configure common default mailboxes 2023-12-04 13:33:23 +01:00
Râu Cao
fbad0bf896
More explicit postfix configs 2023-12-03 18:33:12 +01:00
Râu Cao
8a7eeb1dd9
Change INBOX location 2023-12-03 18:32:55 +01:00
Râu Cao
568197737a
Fix SMTP connection delay when peer hostname cannot be resolved 2023-12-03 18:31:47 +01:00
Râu Cao
738e96f7e4
Fix auth for SMTP submission on port 465 2023-12-03 18:31:12 +01:00
Râu Cao
ce00852bba
Remove obsolete config file 2023-12-01 12:19:21 +01:00
Râu Cao
e4abfb1b75 Use more reasonable priority for attributes in recipe 2023-12-01 10:01:34 +01:00
Râu Cao
9d0ff358ef Only use certbot deploy hook when applicable 2023-12-01 10:00:07 +01:00
Râu Cao
fbcf1ed5e7
WIP Add initial cookbook and roles for email service 2023-12-01 09:56:54 +01:00
Râu Cao
cbeddefa34 Merge pull request 'Set max size for external S3 upload requests' (#525) from bugfix/s3_nginx_max_upload_size into master 
Reviewed-on: #525
 2023-11-15 13:04:34 +00:00
Râu Cao
5765c08d6e
Fail over to next node when and RSK backend is down 2023-11-15 13:21:46 +01:00
Râu Cao
aaae90bc0d
Don't exit VM backup scripts immediately on failures 2023-11-15 13:20:42 +01:00
Râu Cao
087616b6b6
Set max size for external S3 upload requests 
Fix uploads failing when exceeding the default nginx limit
 2023-11-08 21:44:49 +01:00
Râu Cao
390753faa3
Increase update delay for Gandi DNS records 2023-11-05 01:01:16 +01:00
Râu Cao
8071f44f41
Upgrade Mastodon to 4.2.1 2023-11-05 00:57:43 +01:00
Râu Cao
9fa7d8b28f
Upgrade Gitea to 1.20.5 2023-11-04 15:14:58 +01:00
Râu Cao
925a5da239
Upgrade RSKj to 5.3.0, deploy new nodes 
Adapted the cookbook for new nodes running on Jammy.
 2023-11-04 15:06:31 +01:00
Râu Cao
abc168ebf1
Upgrade ejabberd to 23.10, enable anonymous occupant IDs 2023-11-01 12:29:23 +01:00
greg
873c235539 Merge pull request 'Migrate ejabberd uploads to mod_s3_upload and Garage' (#518) from feature/469-ejabberd_s3 into master 
Reviewed-on: #518
 2023-10-17 19:07:23 +00:00
Râu Cao
65d71d6a73
Migrate ejabberd uploads to mod_s3_upload and Garage 
In addition to installing and configuring the new module, this also
enables public access to the S3 API via `bucket-name.s3.kosmos.org` as
well as Web access on `bucket-name.web.s3.kosmos.org` (when enabled).

Also includes some drive-by improvements to Chef attribute naming and
usage.

Co-authored-by: Greg Karékinian <greg@karekinian.com>
 2023-10-10 17:55:55 +02:00
Râu Cao
832075dfb2
Shorten root domains for external Garage S3 and Web access 
And move the configuration-specific preceding dot to the config
template.
 2023-10-10 16:34:23 +02:00
greg
1c9e28448f Merge pull request 'Improve PostgreSQL streaming replication in production' (#516) from feature/keep_wal_segments into master 
Reviewed-on: #516
 2023-10-07 08:18:24 +00:00
Râu Cao
3505212e92
Add missing header to RS discourse proxy config 2023-10-04 12:36:07 +02:00
Râu Cao
eb1303a8da
Fix postgres primary not holding onto any WAL segments for later sync 
closes #515
 2023-10-02 15:46:26 +02:00
Râu Cao
08d9819fd2
Upgrade bitcoind, LND, dotnet, NBXplorer, and BTCPay 2023-09-28 16:41:44 +02:00
Râu Cao
f0968aae5b
Add Drone CI config for akkounts 2023-09-01 12:51:40 +02:00
Râu Cao
e65c58ff6c
Upgrade Gitea to 1.20.3, Chef client to 18.x 2023-08-25 17:12:33 +02:00
Râu Cao
123b304dd0
Use correct node attributes 2023-07-31 15:57:07 +02:00
Râu Cao
bbd25ebb9c
Add nginx logs for gitea 2023-07-31 15:56:40 +02:00
Râu Cao
ec43f4ee0f
Update openresty cookbook 2023-07-31 15:56:20 +02:00
Râu Cao
eab94090e8
Use openresty node attributes in openresty templates 2023-07-31 15:07:35 +02:00
Râu Cao
7f2805831c
Remove obsolete cookbook 2023-07-31 15:07:18 +02:00
Râu Cao
0f12a54eab
Refactor tor usage entirely 
Use a custom resource and separate recipe for service configs with
pre-set keys and hostnames
 2023-07-30 12:39:41 +02:00
Râu Cao
68b56789c5
Migrate ejabberd UDP streams to openresty 
And remove the other streams in the process, in favor of running haproxy
on all LBs.
 2023-07-30 12:39:36 +02:00
Râu Cao
438ee4ace0
Migrate Gitea SSH stream to openresty 2023-07-30 12:35:21 +02:00
Râu Cao
27bdc1f60d
Update openresty cookbook 2023-07-30 12:34:21 +02:00
Râu Cao
cb0fc27134
Refactor tor usage, set up new tor proxy on draco 2023-07-29 16:26:20 +02:00
Râu Cao
b149264919
Use paths from node attributes 2023-07-29 14:30:46 +02:00
Râu Cao
53c35fda51
Migrate garage proxies to openresty 2023-07-26 16:42:48 +02:00
Râu Cao
bb2f41fdb3
Migrate hubot proxies to openresty 2023-07-26 16:21:03 +02:00
Râu Cao
027d0ed570
Migrate IPFS proxies to openresty 2023-07-26 16:12:33 +02:00