kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity
1,500 Commits 7 Branches 0 Tags
Commit Graph

1500 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Râu Cao
379a503dd0
Move lndhub nginx site to proxy 
And configure for lndhub-go. Also configure branding for public lndhub
dashboard
 2022-12-22 19:35:30 +07:00
Râu Cao
7d11450c4e
Set up lndhub.go 
closes #454
 2022-12-11 14:30:27 +01:00
greg
430f8b36b6 Merge pull request 'Set up LDAP/dirsrv replication' (#453) from feature/ldap_replication into master 
Reviewed-on: #453
 2022-12-08 13:12:22 +00:00
greg
26a34a69d3 Merge branch 'master' into feature/ldap_replication 2022-12-08 13:08:00 +00:00
greg
98785a1a86 Merge pull request 'Move Mastodon nginx to proxy/LB' (#452) from feature/mastodon_nginx into master 
Reviewed-on: #452
 2022-12-08 13:07:35 +00:00
greg
66c91b5a7f Merge branch 'master' into feature/mastodon_nginx 2022-12-08 13:07:09 +00:00
Râu Cao
a460302728
Add missing sidekiq queue 2022-12-01 17:08:17 +01:00
greg
f8fd10c4c2 Merge pull request 'Upgrade Mastodon to 4.0' (#456) from chore/upgrade_mastodon into feature/mastodon_nginx 
Reviewed-on: #456
 2022-12-01 14:33:20 +00:00
Râu Cao
2ecb4e2385
Upgrade Ruby to 3.0.4 2022-12-01 15:29:38 +01:00
Râu Cao
cdd3f026c4
Always use config for skipping post-deployment migrations 2022-12-01 15:05:24 +01:00
Râu Cao
5d05d5c187
Move Mastodon nginx to proxy/LB 2022-11-30 12:07:54 +01:00
Râu Cao
f3ca307e64
Fix Tor access 
Configure alternate_domains for Rails app to re-enable Tor access (was
throwing 403s without this config)
 2022-11-30 12:06:25 +01:00
Râu Cao
66f5217a41
Refactor Mastodon nginx recipe for proxy usage 
Works both as local deployment and proxy (via roles and environments)

* Use upstreams for proxy_pass
* Access static assets from proxy, configure caching for them
* Move Tor config to environment, install via role
* ...
 2022-11-30 12:02:17 +01:00
Râu Cao
83e55c84a2 Use domain name for log file paths 2022-11-30 12:00:01 +01:00
Râu Cao
83513dbd9d Remove request limits for ipfs proxy 
In favor of fail2ban
 2022-11-30 11:58:22 +01:00
Râu Cao
c4d43b7f4e Make Mastodon services listen on private IP in prod 
And allow access to them from the private network
 2022-11-30 11:57:51 +01:00
greg
83fea1026c Merge pull request 'Install/configure Garage (S3-compatible object storage cluster)' (#450) from feature/garage into master 
Reviewed-on: #450
 2022-11-28 17:38:41 +00:00
greg
3df9611a9d Merge pull request 'Store Gitea data (avatars, attachments, etc.) in Garage/S3' (#451) from feature/gitea_s3 into feature/garage 
Reviewed-on: #451
 2022-11-26 16:19:19 +00:00
Râu Cao
c3e98688fd
Deploy second dirsrv supplier 
Manually configured (once) to replicate data from and to the first
supplier on `ldap-3`.
 2022-11-26 16:47:55 +01:00
Râu Cao
2958ba4b81
Use *.kosmos.local hostnames for LDAP nodes 2022-11-26 16:47:28 +01:00
Râu Cao
991458208d
Use a role for configuring LDAP hostname on clients 
This way it's also easy to converge all LDAP clients at once.
 2022-11-26 16:45:45 +01:00
Râu Cao
8d4db7290e
Rename dirsrv_primary role 
The term used in 389 docs is "supplier" instead (ex "master")
 2022-11-26 16:44:05 +01:00
Râu Cao
e0fb84e56c
Store Gitea data (avatars, attachments, etc.) in Garage/S3 
Also adds a new garage gateway role, which only allows RPC (inter-node)
traffic to Garage.
 2022-11-26 13:05:07 +01:00
Râu Cao
9a89af0fe3 Add basic Garage doc 2022-11-25 10:56:22 +00:00
Râu Cao
20e6bdb7f9 Add production environment, replication for garage 
Also deploy a third node in a different data center
 2022-11-25 10:56:22 +00:00
Râu Cao
b5ff60214c Install/configure Garage 
Add a garage cookbook that installs the garage binary distribution and
creates the necessary configuration and system service.

Also deploy two new VMs to act as storage nodes.

refs #428
 2022-11-25 10:56:22 +00:00
greg
34bd187e3e Merge pull request 'Set up fail2ban for nginx, move IPFS gateway to proxy role' (#449) from feature/fail2ban_nginx into master 
Reviewed-on: #449
 2022-11-24 15:09:05 +00:00
Râu Cao
d06f5d7723
Set up fail2ban for nginx, move IPFS gateway to proxy role 2022-11-24 14:02:43 +01:00
Râu Cao
7f545404b1
Update node info 2022-11-22 21:23:39 +01:00
raucao
9dc2b387d1 Merge pull request 'Upgrade kosmos.social to Mastodon 3.5.3' (#448) from chore/upgrade_mastodon into master 
Reviewed-on: #448
 2022-11-22 20:19:52 +00:00
Greg Karékinian
5a5f8425af Add missing postgresql-client package for backup gem 2022-11-07 16:30:45 +01:00
Greg Karékinian
97fe328312 Add missing pg_db recipe on postgresql_primary role 2022-11-07 16:30:02 +01:00
Greg Karékinian
ed04753318 Update mastodon-3 node after chef run 2022-11-07 16:28:09 +01:00
Greg Karékinian
4bfb7d5f5d Extract mastodon db backup to its own recipe 2022-11-07 16:22:15 +01:00
Râu Cao
4188b2976b
Use Ruby 3.0.3, skip post-deployment migrations 2022-11-07 14:53:52 +01:00
Râu Cao
3620a43190
Upgrade Elasticsearch from 6.x to latest 7.x 2022-11-06 13:56:15 +01:00
greg
5a94050555 Merge pull request 'Prune VM backups after every run' (#447) from feature/439-prune_backups into master 
Reviewed-on: #447
 2022-11-05 20:42:31 +00:00
Râu Cao
28454c0849
Change VM backup schedule for draco 2022-11-05 17:43:53 +01:00
Râu Cao
6df168f32f
Prune VM backups after every run 2022-11-05 17:43:48 +01:00
greg
9c0764a2eb Merge pull request 'Migrate hal8000 to new kredits and nodejs VM' (#445) from feature/migrate_hal8000 into master 
Reviewed-on: #445
 2022-11-04 18:14:17 +00:00
Râu Cao
65933bef4b Move hubot nginx sites to proxy role, deploy to fornax 2022-11-04 14:41:21 +01:00
Râu Cao
6cce1d9df8 Upgrade hal8000 setup for new hubot-kredits 2022-11-04 14:41:12 +01:00
Râu Cao
534f23eebc Remove obsolete recipes 2022-11-04 14:38:51 +01:00
Râu Cao
37710be28b
Bundle main IPFS node recipes in a role 
So we can find the VM/IP
 2022-11-04 14:37:23 +01:00
raucao
1c17906a41 Merge pull request 'Deploy new kredits ipfs-pinner' (#444) from feature/deploy_new_kredits_pinner into master 
Reviewed-on: #444
 2022-11-03 13:17:47 +00:00
Râu Cao
76fd629e40
Deploy new kredits ipfs-pinner 
refs kredits/meta#10
 2022-11-03 14:16:37 +01:00
raucao
88fa0f12dd Merge pull request 'Upgrade LND to 0.15.4' (#443) from chore/upgrade_lnd into master 
Reviewed-on: #443
 2022-11-03 10:04:05 +00:00
Râu Cao
0297298ce0
Upgrade LND to 0.15.4 
Fixes a critical issue that prevents block sync in production
 2022-11-03 11:02:52 +01:00
raucao
08bcdcc395 Merge pull request 'Fix IPFS node connectivity from the outside as well as the private network' (#442) from bugfix/ipfs_connectivity into master 
Reviewed-on: #442
 2022-11-02 18:32:44 +00:00
Râu Cao
90b62e3fc1
Remove ufw logging for ipfs 2022-11-02 19:27:09 +01:00