kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity
1,755 Commits 7 Branches 0 Tags
Commit Graph

106 Commits

Author SHA1 Message Date
Râu Cao
51068e5259 Add email credentials 2023-12-01 09:58:25 +01:00
Râu Cao
65d71d6a73
Migrate ejabberd uploads to mod_s3_upload and Garage 
In addition to installing and configuring the new module, this also
enables public access to the S3 API via `bucket-name.s3.kosmos.org` as
well as Web access on `bucket-name.web.s3.kosmos.org` (when enabled).

Also includes some drive-by improvements to Chef attribute naming and
usage.

Co-authored-by: Greg Karékinian <greg@karekinian.com>
 2023-10-10 17:55:55 +02:00
Râu Cao
0f12a54eab
Refactor tor usage entirely 
Use a custom resource and separate recipe for service configs with
pre-set keys and hostnames
 2023-07-30 12:39:41 +02:00
Râu Cao
cb0fc27134
Refactor tor usage, set up new tor proxy on draco 2023-07-29 16:26:20 +02:00
Râu Cao
ec77e19ab0
Update SMTP credentials 2023-07-23 12:56:46 +02:00
Râu Cao
9648e071ca
Configure akkounts for Discourse Connect 2023-06-04 15:24:06 +03:00
Râu Cao
f36268e906
Update ejabberd admin list 2023-04-04 10:14:50 +02:00
greg
ac00aa9def Merge pull request 'Upgrade Gitea to 1.19, configure Gitea Actions, set up Actions runners' (#482) from chore/upgrade_gitea into master 
Reviewed-on: #482
 2023-04-02 13:57:45 +00:00
Râu Cao
059812524e
Set up Gitea Actions runners 2023-04-01 12:56:21 +02:00
Râu Cao
99d985c0d5
Configure Sentry for akkounts 2023-03-27 19:10:48 +02:00
Râu Cao
9f886cc286
Configure Sentry DSN for lndhub-go 2023-03-27 19:04:03 +02:00
Râu Cao
8ae7cdfafd
Switch Discourse uploads and backups to Garage/S3 2023-03-17 19:13:04 +07:00
greg
7549164a2e Merge branch 'master' into feature/462_akkounts_config 2023-02-14 13:04:00 +00:00
Râu Cao
a1ec9b4d6a
Write akkounts .env config, add config for lndhub admin UI 
closes #462
 2023-02-13 22:39:11 +08:00
Râu Cao
99e029a5ca
Switch NBXplorer to Postgres 2023-02-08 15:30:44 +08:00
Râu Cao
f777af22b8
Finish up Garage S3 config for kosmos.social 2023-01-14 15:59:47 +08:00
Râu Cao
345ba14f0e
Add garage S3 config for Mastodon 2023-01-14 15:03:38 +08:00
Râu Cao
7d11450c4e
Set up lndhub.go 
closes #454
 2022-12-11 14:30:27 +01:00
Râu Cao
e0fb84e56c
Store Gitea data (avatars, attachments, etc.) in Garage/S3 
Also adds a new garage gateway role, which only allows RPC (inter-node)
traffic to Garage.
 2022-11-26 13:05:07 +01:00
Râu Cao
b5ff60214c Install/configure Garage 
Add a garage cookbook that installs the garage binary distribution and
creates the necessary configuration and system service.

Also deploy two new VMs to act as storage nodes.

refs #428
 2022-11-25 10:56:22 +00:00
Râu Cao
756382ec9f
Move block data files to CIFS share 
This is the vast majority of disk space used on the host currently.
 2022-10-26 15:49:03 +02:00
Râu Cao
063e9e070c
Add borg credentials 2022-10-19 12:08:04 +02:00
Sebastian Kippe
48cdd62973
Upgrade ejabberd to 22.05 
Tested/running on all cluster nodes. Due to changes in the upstream
package we were able to remove some complexity from the recipe. Deleting
code FTW!

closes #334
 2022-05-31 16:27:07 +02:00
Greg Karékinian
0d133de1b8 New config and credentials for LDAP connection in mediawiki 2022-05-11 16:23:17 +02:00
Sebastian Kippe
c158f845f0
Configure STUN/TURN for ejabberd and nginx proxy 2022-05-11 15:27:49 +02:00
Greg Karékinian
1502d1956d Set new passwords for the LDAP service accounts 2022-05-11 14:47:32 +02:00
Sebastian Kippe
b270a2c1fd
Add database secret for Drone CI 
closes #388
 2022-03-12 15:05:16 -06:00
Sebastian Kippe
f35fb638d1
Adapt Drone recipes for VM setup, use PostgreSQL 2022-03-12 14:46:48 -06:00
Sebastian Kippe
f6fe3bab0f
Connect to IRC bouncer instead of directly 
Changes botka on libera to connect to a bouncer, which also uses SASL,
in order to fix the connection issues and keep a stable connection with
minimal maintenance.
 2022-01-06 08:12:42 -06:00
Sebastian Kippe
ee0a587dad
Upgrade botka, deploy for Libera.Chat to nodejs-2 
Note: Temporarily disables wormhole, because it's still on Freenode,
where its credentials have been deleted by the new "management".
 2021-09-13 18:21:46 +02:00
Sebastian Kippe
37873fb881
Add data bag for LND credentials 2021-07-01 13:17:51 +02:00
Greg Karékinian
9415b71965 Deploy hubot with new hubot-kredits 
It includes a script for creating Kredits for reviews

Refs #135
 2021-03-30 12:11:03 +02:00
Sebastian Kippe
fd901f6e64
Update Zoom JWT 2021-02-18 18:51:36 +01:00
Greg Karékinian
6ec747d416 Add missing credentials for zerotier 2021-01-22 18:43:05 +01:00
Sebastian Kippe
2b765e744a
Configure and run RTL 
Ride The Lightning is a Web UI for Lightning Network nodes. It is
accessible via the bitcoin VM's private zerotier IP on port 3000.
 2021-01-01 17:42:57 +01:00
Sebastian Kippe
bbd5500982
Configure and run BTCPay Server 2020-12-21 13:50:28 +01:00
Greg Karékinian
8b1f90c568 Use the same Erlang cookie to enable clustering 
Refs #243
 2020-11-25 16:35:37 +01:00
greg
134493d2d6 Merge branch 'master' into feature/http_upload_service 2020-11-25 09:46:31 +00:00
Sebastian Kippe
0e29c930ed
Configure subdirectory level for upload.pm 
This allows to post to per-domain subdirectories from XMPP clients.
 2020-11-24 15:33:34 +01:00
Sebastian Kippe
9efb9cd78c
Configure/deploy HTTP upload service on uploads.kosmos.chat 
https://xmpp.org/extensions/xep-0363.html

(Does not contain the config for ejabberd itself yet.)
 2020-11-23 17:37:14 +01:00
Sebastian Kippe
d384f69139
Configure/deploy new akkounts app 2020-11-21 15:12:31 +01:00
Greg Karékinian
ebf5f405f5 Initial kosmos_drone cookbook 
Closes #235
 2020-11-19 12:59:15 +01:00
Sebastian Kippe
9795e77fde
Bitcoin source recipe 2020-08-17 10:45:15 +02:00
Greg Karékinian
1e60722ec4 Create an initial encfs cookbook 
Usage: Add the kosmos_encfs::default recipe to the run list of a node.
Creating the encrypted directory will keep it mounted. After a reboot,
start the encfs service and enter the password:

```
$ systemctl start encfs
encfs password:
```

For now postgresql@12-main is a hardcoded dependency of the encfs
Systemd unit that is automatically started once the user inputs the
correct password. This list of dependency will need to be different for
every server, based on the services it is running
 2020-06-04 19:50:20 +02:00
Greg Karékinian
eded62a3ec Merge branch 'master' into feature/pg_encfs 2020-06-04 15:13:53 +02:00
Greg Karékinian
27845525da Use the same JWT_SECRET as on our previous Gitea 
A different one breaks 2FA
 2020-06-02 12:12:59 +02:00
Greg Karékinian
51d4d88568 Initial kosmos_gitea cookbook 
The default recipe deploys the gitea binary, generates a config file and
our custom Kosmos label set. The service runs as a Systemd unit.

The pg_db recipe needs to run on the primary PostgreSQL (currently
andromeda).

The backup recipe is empty for now

Refs #147
 2020-05-18 19:39:43 +02:00
Greg Karékinian
d0daa9cee7 Add the encryption password for encfs to the data bag 2020-05-15 18:46:24 +02:00
Greg Karékinian
8d2ab785fc Use a self-signed TLS certificate for PostgreSQL 2020-05-13 19:10:14 +02:00
Greg Karékinian
f3f8e47cce Add replication_password to the postgresql credentials 2020-05-13 15:35:34 +02:00