7d0490f3da
Merge branch 'master' into bugfix/postgresql_client_firewall
2020-12-22 17:16:49 +00:00
5892e3c0ab
Configure and run c-lightning daemon
2020-12-22 12:28:29 +01:00
f88354c67c
Compile and install c-lightning
2020-12-21 16:53:22 +01:00
bbd5500982
Configure and run BTCPay Server
2020-12-21 13:50:28 +01:00
ca373a1503
Don't require auth cookie for nbxplorer API
2020-12-21 12:25:13 +01:00
570a692bb2
Configure and run nbxplorer
2020-12-21 12:19:30 +01:00
5277bce20b
Formatting
2020-12-21 11:14:19 +01:00
aa2aa59e28
Download and build NBXplorer and BTCPay
2020-12-21 11:12:14 +01:00
a2b76c7d76
New recipe: Install .NET Core SDK
2020-12-21 11:01:20 +01:00
Greg Karékinian
c700f98976
Add a firewall rule to allow clients to connect
...
Previously it was not an issue because services that connected to the
PostgreSQL primary were also on the same server as a standby server.
2020-12-18 17:53:28 +01:00
Greg Karékinian
f75aeaf9b5
Always set the promote trigger file config
...
Only setting it for standby servers isn't useful, as we need to be able
to touch this file to trigger the promotion of a new primary server
after running Chef on it.
2020-12-18 17:02:13 +01:00
db51f1f332
Add new Zoom meeting ID to whitelist
2020-12-17 14:09:41 +01:00
95c8b9fea9
Merge pull request 'Migrate to self-hosted zerotier network' ( #265 ) from chore/zerotier_migration into master
...
Reviewed-on: #265
2020-12-13 12:39:14 +00:00
fb996e9abf
Join new zerotier network on VM creation
2020-12-11 19:07:11 +01:00
c4dbed8d65
Fix zerotier network creation
...
Using outdated/invalid rules syntax. Remove the property entirely, so
the API will create the default rule (which is the same) on creation.
Co-authored-by: Greg Karékinian <greg@karekinian.com>
2020-12-11 17:42:25 +01:00
2de9d5fe17
Fix typo
2020-12-11 17:40:40 +01:00
cb8fc25fc8
Configure a zerotier-one network controller
2020-12-10 22:51:35 +01:00
a06223d764
Merge branch 'master' into feature/akkounts_xmpp_host
2020-12-10 13:27:37 +00:00
f1c8faff85
Merge branch 'master' into feature/api_permissions
2020-12-10 13:26:48 +00:00
Greg Karékinian
a92205bd65
Fix the VM creation script
...
Also join the zerotier network
2020-12-09 16:29:15 +01:00
Greg Karékinian
7ceb9af3ed
Rename the kosmos_kvm default recipe to host
...
It makes it clear it is meant for KVM hosts
2020-12-09 11:19:13 +01:00
12125bf0b2
Add hosts entries for ejabberd private IPs
2020-12-08 20:31:01 +01:00
239b6aed51
Add API permissions for akkounts VMs
...
Using the zerotier IP, which is the same as the knife-zero host.
2020-12-08 20:00:31 +01:00
Greg Karékinian
6c907419aa
Set the VM name from the script argument
2020-12-08 17:10:40 +01:00
Greg Karékinian
8f304d00ce
Remove unused kitchen.yml files
2020-12-08 16:34:24 +01:00
Greg Karékinian
94a34e4758
Add arguments for RAM and number of CPUs
2020-12-08 16:33:27 +01:00
Greg Karékinian
b3c1f81ec6
Set the description of the kosmos_zerotier cookbook
2020-12-08 16:26:14 +01:00
Greg Karékinian
6f7b493173
Create the base Ubuntu 20.04 cloud image with code
2020-12-08 16:25:32 +01:00
Greg Karékinian
176083497c
Install the libvirt-daemon-system package
...
It creates the libvirt-qemu user
2020-12-08 16:25:04 +01:00
Greg Karékinian
89c8f42a46
Set the description for the kosmos_kvm cookbook
2020-12-08 16:03:18 +01:00
56d9144ad6
Disable ACME
...
Throws a warning when reloading the config, because it is enabled by
default, but not configured entirely. Disabling it explicitly removes
the warning.
2020-12-08 14:30:29 +01:00
Greg Karékinian
ee7a117d63
Add initial kosmos_zerotier cookbook
...
For now it only includes the firewall rule
Refs #244
2020-12-04 16:29:22 +01:00
Greg Karékinian
e6b7794e20
Extract firewall definitions to their own recipe
...
This allows us to use them for KVM hosts as well. Until now we had set
up ufw rules manually on the two KVM hosts (draco and centaurus)
Refs #244
2020-12-04 16:27:42 +01:00
Greg Karékinian
9dbe5bcfcb
Deploy a script to create new VMs
...
It uses `virt-install` with the official Ubuntu 20.04 cloud image as a
starting point, with cloud-init to add our SSH keys to the ubuntu user
and set up Zerotier.
USAGE: create_vm VMNAME
Closes #244
2020-12-04 16:21:52 +01:00
58c5fad2a7
Add new nickname config for wormhole
2020-11-27 13:22:09 +01:00
8c60279fe1
Add cluster configs to ejabberd recipe
2020-11-25 21:02:46 +01:00
Greg Karékinian
613b316588
Add comment about needing to run Chef a second time...
...
... after the TLS certs are generated
2020-11-25 16:36:07 +01:00
Greg Karékinian
3a8af26b5f
Remove firewall rule for an unused port
2020-11-25 16:36:07 +01:00
Greg Karékinian
23ca3552d2
Remove the absolute path of certbot to use the new package
2020-11-25 16:36:07 +01:00
Greg Karékinian
ddb706b61c
Add a missing dependency on kosmos-dirsrv
2020-11-25 16:36:07 +01:00
Greg Karékinian
085bd8abd5
Move TURN port to a different range
...
It landed on a port used by PostgreSQL. Also switch STUN/TURN to TCP
because HAProxy does not support UDP.
Closes #240
2020-11-25 16:36:07 +01:00
Greg Karékinian
7636f6ed19
Move the Gandi DNS certbot hook to kosmos-ejabberd
2020-11-25 16:36:07 +01:00
Greg Karékinian
8b1f90c568
Use the same Erlang cookie to enable clustering
...
Refs #243
2020-11-25 16:35:37 +01:00
134493d2d6
Merge branch 'master' into feature/http_upload_service
2020-11-25 09:46:31 +00:00
f39f953b8a
Configure ejabberd nodes for HTTP upload service
2020-11-24 15:44:59 +01:00
0e29c930ed
Configure subdirectory level for upload.pm
...
This allows to post to per-domain subdirectories from XMPP clients.
2020-11-24 15:33:34 +01:00
0aef830aa3
Fix upload folder permissions
...
Uploads are failing with the current mode.
2020-11-23 20:50:01 +01:00
0bebdf7635
Do not require nginx from certbot recipe
...
In order to be able to use different nginx install recipes, we must not
require a specific one from this recipe.
2020-11-23 17:40:14 +01:00
9efb9cd78c
Configure/deploy HTTP upload service on uploads.kosmos.chat
...
https://xmpp.org/extensions/xep-0363.html
(Does not contain the config for ejabberd itself yet.)
2020-11-23 17:37:14 +01:00
c26fcd5b26
Remove obsolete manual daemon reload
2020-11-22 20:26:56 +01:00
