Greg Karékinian
db4e2777d4
Fix a bug preventing nginx from being reloaded after generating a cert
...
Change the notifies property to :immediately in nginx_certbot_site. This
way the vhost template is recreated and then triggers a reload of the
nginx service. The previous code resulted in nginx not being reloaded,
as the action had already been queued earlier.
2019-11-22 14:37:29 +01:00
d5fc7ad105
Remove tweet reading from IRC Hubot
...
Because of the wormhole feature between XMPP and IRC, any links to
tweets will be read by the hal8000 bots on both platforms.
This change removes the Tweet reading extension from the IRC version of
the bot.
2019-11-14 19:00:04 +01:00
Greg Karékinian
0b579b1fea
Remove the redirection from HTTP to HTTPS from the mastodon vhost
...
This is already done in the certbot vhost
(https://gitea.kosmos.org/kosmos/chef/src/branch/master/site-cookbooks/kosmos-nginx/templates/default/nginx_conf_certbot.erb )
and it redirects every request to HTTPS, breaking Let's Encrypt
validation
Fixes #110
2019-10-28 11:18:31 +01:00
Greg Karékinian
2c20fa4a2f
Fix the nginx vhost for akkounts-api
...
Listening on port 80 when there is no TLS cert prevented Let's Encrypt
to generate a cert
2019-10-18 13:26:04 +02:00
f8af66a532
Add/fix akkounts credentials
2019-10-18 13:10:43 +02:00
Greg Karékinian
2104e81250
Add the kosmos-akkounts::nginx recipe to kosmos-akkounts::default
2019-10-18 12:30:26 +02:00
Greg Karékinian
6bb93eb5f5
Fix the path to index.js
2019-10-18 12:27:33 +02:00
Greg Karékinian
c5eeab3606
Remove typescript and the compilation step
...
The app is now compiled during the release phase:
https://github.com/67P/akkounts-api/pull/6
2019-10-18 12:24:47 +02:00
Greg Karékinian
185982ff9f
Add the initial kosmos-akkounts cookbook to deploy akkounts-api
...
Includes a recipe to set up nginx as a reverse proxy with a TLS
certificate for api.accounts.kosmos.org
Closes #18
Closes #20
2019-10-17 14:56:48 +02:00
c7d91f68f9
Fix Mastodon Web systemd service
...
Removes a legacy property from the config, which made the service fail
to start after having upgraded systemd on Andromeda.
2019-10-16 08:29:34 +02:00
76c8120058
Set up XMPP/IRC integration for Sockethub rooms
2019-10-13 21:32:12 +02:00
66782f1f05
Update installed Ruby version for Mastodon 3.x
2019-10-13 20:16:54 +02:00
Greg Karékinian
2c2ae596ed
Don't update chef using the chef_client_updater cookbook
...
It only makes sense when using Chef Server, which we don't
2019-10-08 18:17:34 +02:00
Greg Karékinian
34d69dbca1
Add missing application_javascript dependency
2019-09-27 11:07:15 +02:00
Greg Karékinian
3be9b2fb44
Update yarn to the latest version
2019-09-27 10:57:58 +02:00
Greg Karékinian
438c5ff72d
Fix the services restarting every time the recipe is executed
...
* Manually send a restart action from the application_git resource
* Do not depend on application_ruby anymore
2019-09-27 10:57:35 +02:00
Greg Karékinian
4b39ea60dd
Set the NODE_ENV variable when running yarn
...
The assets precompilation task runs yarn with NODE_ENV=production,
before this change yarn would install a different set of packages, with
this change the run from the assets precompilation is idempotent
2019-09-27 10:55:32 +02:00
Greg Karékinian
b1cfa6f6f7
Install Java for Elasticsearch
...
It was missing from the recipe
2019-09-27 10:51:26 +02:00
Greg Karékinian
dace5672e4
Move the java heap size to an attribute
2019-09-27 10:50:56 +02:00
Greg Karékinian
9d68d3c4da
Link to the new ops Mastodon account
2019-09-19 16:02:41 +02:00
Greg Karékinian
cd9a7dd3dc
Use the new kosmos.chat MUC domain on the maintenance page
2019-09-19 16:00:01 +02:00
Greg Karékinian
f49dd5e6d4
Switch the MUC host for kosmos.org to kosmos.chat
2019-09-19 15:58:53 +02:00
Greg Karékinian
544f4b78f4
Change the MUC domain for the kosmos.org XMPP server to kosmos.chat
2019-09-19 15:57:54 +02:00
Greg Karékinian
4685b16573
Add kosmos.chat to the list of Kosmos XMPP domains with a TLS cert
2019-09-19 15:56:49 +02:00
0ca002c67c
Merge branch 'bugfix/tor_attributes' of kosmos/chef into master
2019-09-11 12:53:50 +00:00
Greg Karékinian
2ecc128abd
Move the hidden service attributes to the attributes file
...
When it is set in the recipe the hidden service dir doesn't get set
correctly (nil), resulting in a broken torrc file
2019-09-11 13:47:42 +02:00
Greg Karékinian
fdb4353ac0
Raise the memory limit for Elasticsearch
2019-09-11 11:21:10 +02:00
Greg Karékinian
245392c4ad
Install Elasticsearch 6.8.2
...
Version 7 isn't compatible with Mastodon yet
2019-09-10 12:29:24 +02:00
Greg Karékinian
efa958a374
Merge branch 'master' into feature/96-elasticsearch_mastodon
2019-09-09 16:20:46 +02:00
79b1025836
Merge branch 'feature/tor_hidden_services' of kosmos/chef into master
2019-09-09 11:38:28 +00:00
40eb94f091
Move Tor attributes to recipe files
2019-09-09 13:36:49 +02:00
Greg Karékinian
039da3d35a
Install Elasticsearch and enable it in Mastodon
...
Refs #96
2019-09-06 17:26:06 +02:00
03b3b2de91
Add hidden service for ejabberd
2019-09-03 19:47:52 +02:00
10b6f6370e
Configure Mastodon to use its Tor hidden service
2019-09-02 14:39:25 +02:00
3b1c7a0817
Fix more hash accessors
...
These aren't available as methods (anymore?).
2019-09-02 13:26:27 +02:00
4d24e6a7cc
Fix Tor repo key not working
...
For some reason it's not correct on the keyservers, so we import it
directly from the repo. Sketchy af.
2019-09-02 13:23:50 +02:00
c493602d1e
Move tor-full to site cookbooks
2019-09-02 12:23:50 +02:00
070a1d1889
Configure Kredits signup for hal8000_xmpp
2019-09-01 17:15:56 +02:00
0d20cddbf5
Prep cookbooks for Tor hidden services for Mastodon
2019-08-31 15:37:50 +02:00
Greg Karékinian
dfa709c9df
Update nginx to 1.17.3, enable TLS 1.3
...
Uses the current intermediate recommended config from
https://ssl-config.mozilla.org
Closes #92
2019-08-30 11:57:38 +02:00
c50c68b50c
Configure hubot/wormhole deployment
...
Adding another node.js hubot app. Wormhole is our new IRC/XMPP bridge.
2019-07-30 09:09:19 +02:00
Greg Karékinian
0fa9e6cbb7
Set the uploads dir inside of /opt/ejabberd instead of /var/www
...
/var/www is intended for nginx/apache
I have copied over the old directories manually on Andromeda before
running this code
Fixes #80
2019-07-19 12:47:42 +02:00
Greg Karékinian
9c8befc179
Move attributes from the ipfs cookbook to kosmos-ipfs
...
The default attributes set in the ipfs cookbook do not include
attributes that are specific to Kosmos anymore
2019-07-05 15:38:30 +02:00
Greg Karékinian
cf4e567dcb
Get rid of the letsencrypt recipe
...
Its content has been moved to the public_gateway recipe
2019-07-04 10:24:33 +02:00
f4990a8066
Switch from IPFS cluster to kredits-ipfs-pinner
...
This removes the cluster configuration and adds deployment of Kredits
IPFS Pinner. It also switches hubot-kredits to use the normal API
endpoint again (instead of the cluster port).
Furthermore, it upgrades go-ipfs to the latest version.
2019-07-03 15:34:42 +02:00
f1d58f6172
Add IPFS gateway for document GETs
...
This adds a gateway endpoint for `http://ipfs.kosmos.org ` on port 443
with support for `/ipfs/$objectHash` in order to GET documents from the
local gateway API.
2019-07-01 15:14:06 +02:00
d3b07c59bf
Don't notify on minor wiki edits
...
New config available, which prevents chat notifications on minor edits.
2019-06-25 14:29:55 +02:00
fff5a044fe
Update/fix hubot URL, move variables to attributes
2019-06-25 14:29:11 +02:00
Greg Karékinian
3a693efcd6
Add email notifications for failed certbot runs
...
Based on https://wiki.archlinux.org/index.php/Systemd/Timers#MAILTO
This can easily be used by other services, with one line added to the
[Unit] section of a service:
OnFailure=status-email-ops@%n.service
Refs #3
2019-06-20 12:46:27 +02:00
Greg Karékinian
b01985ec4f
Fix the permissions for the ejabberd upload folders
2019-06-14 16:38:49 +02:00
