kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity
1,666 Commits 7 Branches 0 Tags
Commit Graph

1666 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Râu Cao
e54112418e
Upgrade Gitea 1.18.0 
Requires some config changes for the mailer.
 2022-12-30 23:05:40 +07:00
raucao
0c37504ac6 Merge pull request 'Set up lndhub.go' (#457) from feature/454-lndhub.go into master 
Reviewed-on: #457
 2022-12-27 06:29:09 +00:00
raucao
d8e0124c46 Merge pull request 'Set up PeerSwap for LND' (#459) from feature/peerswap into feature/454-lndhub.go 
Reviewed-on: #459
 2022-12-27 06:23:09 +00:00
Râu Cao
176dd64438
Remove peerswap policy file from recipe 
This will be auto-created anyway, and we don't want to overwrite changes
added by the CLI.
 2022-12-26 11:29:17 +07:00
Râu Cao
4f1b1aff30
Set up PeerSwap 
Allows to swap sats in and out of Lightning channels without a 3rd party
(and their fees). Instead, swaps can be initiated directly with the
channel peer.

https://www.peerswap.dev/
 2022-12-26 11:16:22 +07:00
Râu Cao
b3465e186f
Fix comment 2022-12-26 11:16:01 +07:00
Râu Cao
ea635a52e9
Formatting 2022-12-26 11:14:40 +07:00
Râu Cao
90e17b0abc
Rename bitcoind recipe 
Was still using a name from when the cookbook didn't set up anything
else
 2022-12-25 16:28:14 +07:00
Râu Cao
8c8e978ae9
Update node configs 2022-12-24 00:58:31 +07:00
Râu Cao
3d7b4df376
Add rate limit config for lndhub-go 2022-12-24 00:58:11 +07:00
Râu Cao
b738dc1e80
Add nginx proxy hosts for Garage Web access 
The respective bucket needs to be configured with a domain alias. When a
new alias is added to the `s3_web_domains` config, a new nginx site can
then be deployed to the `nginx_proxy` hosts.
 2022-12-23 18:07:39 +07:00
Râu Cao
3641ea7a60
Deploy lndhub.go branch of akkounts 2022-12-23 18:02:42 +07:00
Râu Cao
a7e04f4e63
Exclude lndhub backups in dev 2022-12-23 14:17:43 +07:00
Râu Cao
e0c400c007
Use correct asset URL for lndhub logo 2022-12-22 20:03:58 +07:00
Râu Cao
7802ea25e6
Ignore chef environment when looking up primary 
We use mixed environments still, not everything is in "production" yet.
 2022-12-22 19:45:45 +07:00
Râu Cao
fb1206d03f
Refactor bitcoin-related roles and node config 2022-12-22 19:35:41 +07:00
Râu Cao
379a503dd0
Move lndhub nginx site to proxy 
And configure for lndhub-go. Also configure branding for public lndhub
dashboard
 2022-12-22 19:35:30 +07:00
Râu Cao
7d11450c4e
Set up lndhub.go 
closes #454
 2022-12-11 14:30:27 +01:00
greg
430f8b36b6 Merge pull request 'Set up LDAP/dirsrv replication' (#453) from feature/ldap_replication into master 
Reviewed-on: #453
 2022-12-08 13:12:22 +00:00
greg
26a34a69d3 Merge branch 'master' into feature/ldap_replication 2022-12-08 13:08:00 +00:00
greg
98785a1a86 Merge pull request 'Move Mastodon nginx to proxy/LB' (#452) from feature/mastodon_nginx into master 
Reviewed-on: #452
 2022-12-08 13:07:35 +00:00
greg
66c91b5a7f Merge branch 'master' into feature/mastodon_nginx 2022-12-08 13:07:09 +00:00
Râu Cao
a460302728
Add missing sidekiq queue 2022-12-01 17:08:17 +01:00
greg
f8fd10c4c2 Merge pull request 'Upgrade Mastodon to 4.0' (#456) from chore/upgrade_mastodon into feature/mastodon_nginx 
Reviewed-on: #456
 2022-12-01 14:33:20 +00:00
Râu Cao
2ecb4e2385
Upgrade Ruby to 3.0.4 2022-12-01 15:29:38 +01:00
Râu Cao
cdd3f026c4
Always use config for skipping post-deployment migrations 2022-12-01 15:05:24 +01:00
Râu Cao
5d05d5c187
Move Mastodon nginx to proxy/LB 2022-11-30 12:07:54 +01:00
Râu Cao
f3ca307e64
Fix Tor access 
Configure alternate_domains for Rails app to re-enable Tor access (was
throwing 403s without this config)
 2022-11-30 12:06:25 +01:00
Râu Cao
66f5217a41
Refactor Mastodon nginx recipe for proxy usage 
Works both as local deployment and proxy (via roles and environments)

* Use upstreams for proxy_pass
* Access static assets from proxy, configure caching for them
* Move Tor config to environment, install via role
* ...
 2022-11-30 12:02:17 +01:00
Râu Cao
83e55c84a2 Use domain name for log file paths 2022-11-30 12:00:01 +01:00
Râu Cao
83513dbd9d Remove request limits for ipfs proxy 
In favor of fail2ban
 2022-11-30 11:58:22 +01:00
Râu Cao
c4d43b7f4e Make Mastodon services listen on private IP in prod 
And allow access to them from the private network
 2022-11-30 11:57:51 +01:00
greg
83fea1026c Merge pull request 'Install/configure Garage (S3-compatible object storage cluster)' (#450) from feature/garage into master 
Reviewed-on: #450
 2022-11-28 17:38:41 +00:00
greg
3df9611a9d Merge pull request 'Store Gitea data (avatars, attachments, etc.) in Garage/S3' (#451) from feature/gitea_s3 into feature/garage 
Reviewed-on: #451
 2022-11-26 16:19:19 +00:00
Râu Cao
c3e98688fd
Deploy second dirsrv supplier 
Manually configured (once) to replicate data from and to the first
supplier on `ldap-3`.
 2022-11-26 16:47:55 +01:00
Râu Cao
2958ba4b81
Use *.kosmos.local hostnames for LDAP nodes 2022-11-26 16:47:28 +01:00
Râu Cao
991458208d
Use a role for configuring LDAP hostname on clients 
This way it's also easy to converge all LDAP clients at once.
 2022-11-26 16:45:45 +01:00
Râu Cao
8d4db7290e
Rename dirsrv_primary role 
The term used in 389 docs is "supplier" instead (ex "master")
 2022-11-26 16:44:05 +01:00
Râu Cao
e0fb84e56c
Store Gitea data (avatars, attachments, etc.) in Garage/S3 
Also adds a new garage gateway role, which only allows RPC (inter-node)
traffic to Garage.
 2022-11-26 13:05:07 +01:00
Râu Cao
9a89af0fe3 Add basic Garage doc 2022-11-25 10:56:22 +00:00
Râu Cao
20e6bdb7f9 Add production environment, replication for garage 
Also deploy a third node in a different data center
 2022-11-25 10:56:22 +00:00
Râu Cao
b5ff60214c Install/configure Garage 
Add a garage cookbook that installs the garage binary distribution and
creates the necessary configuration and system service.

Also deploy two new VMs to act as storage nodes.

refs #428
 2022-11-25 10:56:22 +00:00
greg
34bd187e3e Merge pull request 'Set up fail2ban for nginx, move IPFS gateway to proxy role' (#449) from feature/fail2ban_nginx into master 
Reviewed-on: #449
 2022-11-24 15:09:05 +00:00
Râu Cao
d06f5d7723
Set up fail2ban for nginx, move IPFS gateway to proxy role 2022-11-24 14:02:43 +01:00
Râu Cao
7f545404b1
Update node info 2022-11-22 21:23:39 +01:00
raucao
9dc2b387d1 Merge pull request 'Upgrade kosmos.social to Mastodon 3.5.3' (#448) from chore/upgrade_mastodon into master 
Reviewed-on: #448
 2022-11-22 20:19:52 +00:00
Greg Karékinian
5a5f8425af Add missing postgresql-client package for backup gem 2022-11-07 16:30:45 +01:00
Greg Karékinian
97fe328312 Add missing pg_db recipe on postgresql_primary role 2022-11-07 16:30:02 +01:00
Greg Karékinian
ed04753318 Update mastodon-3 node after chef run 2022-11-07 16:28:09 +01:00
Greg Karékinian
4bfb7d5f5d Extract mastodon db backup to its own recipe 2022-11-07 16:22:15 +01:00