Compare commits
15 Commits
notes/ejab
...
301596500d
| Author | SHA1 | Date | |
|---|---|---|---|
|
301596500d
|
|||
|
8a2bfb6b18
|
|||
|
846bf3483a
|
|||
| e3ef1dc3b3 | |||
|
2089999cc8
|
|||
|
a4aa29de0c
|
|||
| 98be234a4f | |||
|
|
7dc4f674a0 | ||
|
|
49b636305e | ||
|
|
3e2ee30334 | ||
| d00072ee5a | |||
|
14687558fe
|
|||
|
de7cc69505
|
|||
|
|
b01315f998 | ||
|
160134bd86
|
@@ -38,6 +38,7 @@
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
|
||||
@@ -8,26 +8,27 @@
|
||||
"automatic": {
|
||||
"fqdn": "drone-1",
|
||||
"os": "linux",
|
||||
"os_version": "5.4.0-1058-kvm",
|
||||
"os_version": "5.4.0-1133-kvm",
|
||||
"hostname": "drone-1",
|
||||
"ipaddress": "192.168.122.200",
|
||||
"roles": [
|
||||
"kvm_guest",
|
||||
"drone",
|
||||
"postgresql_client",
|
||||
"kvm_guest"
|
||||
"postgresql_client"
|
||||
],
|
||||
"recipes": [
|
||||
"kosmos-base",
|
||||
"kosmos-base::default",
|
||||
"kosmos_kvm::guest",
|
||||
"kosmos_postgresql::hostsfile",
|
||||
"kosmos_drone",
|
||||
"kosmos_drone::default",
|
||||
"kosmos_kvm::guest",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
@@ -43,13 +44,13 @@
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"chef": {
|
||||
"version": "17.9.52",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/chef-17.9.52/lib",
|
||||
"version": "18.7.10",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.7.10/lib",
|
||||
"chef_effortless": null
|
||||
},
|
||||
"ohai": {
|
||||
"version": "17.9.0",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.0.0/gems/ohai-17.9.0/lib/ohai"
|
||||
"version": "18.2.5",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.2.5/lib/ohai"
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -58,4 +59,4 @@
|
||||
"role[kvm_guest]",
|
||||
"role[drone]"
|
||||
]
|
||||
}
|
||||
}
|
||||
@@ -37,6 +37,7 @@
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
|
||||
@@ -29,6 +29,7 @@
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
|
||||
2
site-cookbooks/kosmos-base/attributes/default.rb
Normal file
2
site-cookbooks/kosmos-base/attributes/default.rb
Normal file
@@ -0,0 +1,2 @@
|
||||
node.default["kosmos-base"]["journald"]["system_max_use"] = "256M"
|
||||
node.default["kosmos-base"]["journald"]["max_retention_sec"] = "7d"
|
||||
@@ -27,6 +27,7 @@
|
||||
include_recipe 'apt'
|
||||
include_recipe 'timezone_iii'
|
||||
include_recipe 'ntp'
|
||||
include_recipe 'kosmos-base::journald_conf'
|
||||
include_recipe 'kosmos-base::systemd_emails'
|
||||
|
||||
node.override["apt"]["unattended_upgrades"]["allowed_origins"] = [
|
||||
|
||||
14
site-cookbooks/kosmos-base/recipes/journald_conf.rb
Normal file
14
site-cookbooks/kosmos-base/recipes/journald_conf.rb
Normal file
@@ -0,0 +1,14 @@
|
||||
#
|
||||
# Cookbook Name:: kosmos-base
|
||||
# Recipe:: journald_conf
|
||||
#
|
||||
|
||||
service "systemd-journald"
|
||||
|
||||
template "/etc/systemd/journald.conf" do
|
||||
source "journald.conf.erb"
|
||||
variables system_max_use: node["kosmos-base"]["journald"]["system_max_use"],
|
||||
max_retention_sec: node["kosmos-base"]["journald"]["max_retention_sec"]
|
||||
# Restarting journald is required
|
||||
notifies :restart, "service[systemd-journald]", :delayed
|
||||
end
|
||||
@@ -0,0 +1,6 @@
|
||||
[Journal]
|
||||
# Set the maximum size of the journal logs in bytes
|
||||
SystemMaxUse=<%= @system_max_use %>
|
||||
|
||||
# Set the number of days after which logs will be deleted
|
||||
MaxRetentionSec=<%= @max_retention_sec %>
|
||||
@@ -1,5 +1,5 @@
|
||||
node.default['bitcoin']['version'] = '28.0'
|
||||
node.default['bitcoin']['checksum'] = '700ae2d1e204602eb07f2779a6e6669893bc96c0dca290593f80ff8e102ff37f'
|
||||
node.default['bitcoin']['version'] = '29.0'
|
||||
node.default['bitcoin']['checksum'] = '882c782c34a3bf2eacd1fae5cdc58b35b869883512f197f7d6dc8f195decfdaa'
|
||||
node.default['bitcoin']['username'] = 'satoshi'
|
||||
node.default['bitcoin']['usergroup'] = 'bitcoin'
|
||||
node.default['bitcoin']['network'] = 'mainnet'
|
||||
@@ -90,7 +90,7 @@ node.default['dotnet']['ms_packages_src_url'] = "https://packages.microsoft.com/
|
||||
node.default['dotnet']['ms_packages_src_checksum'] = "4df5811c41fdded83eb9e2da9336a8dfa5594a79dc8a80133bd815f4f85b9991"
|
||||
|
||||
node.default['nbxplorer']['repo'] = 'https://github.com/dgarage/NBXplorer'
|
||||
node.default['nbxplorer']['revision'] = 'v2.5.23'
|
||||
node.default['nbxplorer']['revision'] = 'v2.5.26'
|
||||
node.default['nbxplorer']['source_dir'] = '/opt/nbxplorer'
|
||||
node.default['nbxplorer']['config_path'] = "/home/#{node['bitcoin']['username']}/.nbxplorer/Main/settings.config"
|
||||
node.default['nbxplorer']['port'] = '24445'
|
||||
@@ -98,7 +98,7 @@ node.default['nbxplorer']['postgres']['database'] = 'nbxplorer'
|
||||
node.default['nbxplorer']['postgres']['user'] = 'nbxplorer'
|
||||
|
||||
node.default['btcpay']['repo'] = 'https://github.com/btcpayserver/btcpayserver'
|
||||
node.default['btcpay']['revision'] = 'v2.0.7'
|
||||
node.default['btcpay']['revision'] = 'v2.1.1'
|
||||
node.default['btcpay']['source_dir'] = '/opt/btcpay'
|
||||
node.default['btcpay']['config_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/Main/settings.config"
|
||||
node.default['btcpay']['log_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/debug.log"
|
||||
|
||||
@@ -34,7 +34,7 @@ end
|
||||
execute "compile_bitcoin-core_dependencies" do
|
||||
cwd "/usr/local/bitcoind/depends"
|
||||
environment ({'CC' => 'gcc-13', 'CXX' => 'g++-13', 'NO_QT' => '1'})
|
||||
command "make -j 2"
|
||||
command "make -j $(($(nproc)/2))"
|
||||
action :nothing
|
||||
notifies :run, 'bash[compile_bitcoin-core]', :immediately
|
||||
end
|
||||
@@ -43,21 +43,13 @@ bash "compile_bitcoin-core" do
|
||||
cwd "/usr/local/bitcoind"
|
||||
environment ({'CC' => 'gcc-13', 'CXX' => 'g++-13', 'NO_QT' => '1'})
|
||||
code <<-EOH
|
||||
./autogen.sh
|
||||
./configure --prefix=$PWD/depends/x86_64-pc-linux-gnu
|
||||
make
|
||||
cmake -B build --toolchain depends/x86_64-pc-linux-gnu/toolchain.cmake
|
||||
cmake --build build -j $(($(nproc)/2))
|
||||
cmake --install build
|
||||
EOH
|
||||
action :nothing
|
||||
end
|
||||
|
||||
link "/usr/local/bin/bitcoind" do
|
||||
to "/usr/local/bitcoind/src/bitcoind"
|
||||
end
|
||||
|
||||
link "/usr/local/bin/bitcoin-cli" do
|
||||
to "/usr/local/bitcoind/src/bitcoin-cli"
|
||||
end
|
||||
|
||||
bitcoin_user = node['bitcoin']['username']
|
||||
bitcoin_group = node['bitcoin']['usergroup']
|
||||
bitcoin_datadir = node['bitcoin']['datadir']
|
||||
|
||||
@@ -110,6 +110,7 @@ hosts = [
|
||||
access_persistent: muc_create
|
||||
access_register: muc_create
|
||||
max_user_conferences: 1000
|
||||
max_users: 2000
|
||||
default_room_options:
|
||||
mam: true
|
||||
preload_rooms: true
|
||||
|
||||
@@ -185,8 +185,11 @@ api_permissions:
|
||||
what:
|
||||
- "add_rosteritem"
|
||||
- "delete_rosteritem"
|
||||
- "send_message"
|
||||
- "get_vcard2"
|
||||
- "muc_register_nick"
|
||||
- "private_set"
|
||||
- "send_message"
|
||||
- "send_stanza"
|
||||
|
||||
language: "en"
|
||||
|
||||
|
||||
@@ -265,6 +265,44 @@ service "mastodon-streaming" do
|
||||
action [:enable, :start]
|
||||
end
|
||||
|
||||
#
|
||||
# Delete cached remote media older than 30 days
|
||||
# Will be re-fetched if necessary
|
||||
#
|
||||
|
||||
systemd_unit 'mastodon-delete-old-media-cache.service' do
|
||||
content({
|
||||
Unit: {
|
||||
Description: 'Delete old Mastodon media cache'
|
||||
},
|
||||
Service: {
|
||||
Type: "oneshot",
|
||||
WorkingDirectory: mastodon_path,
|
||||
Environment: "RAILS_ENV=#{rails_env}",
|
||||
ExecStart: "#{bundle_path} exec bin/tootctl media remove --days 30",
|
||||
}
|
||||
})
|
||||
triggers_reload true
|
||||
action [:create]
|
||||
end
|
||||
|
||||
systemd_unit 'mastodon-delete-old-media-cache.timer' do
|
||||
content({
|
||||
Unit: {
|
||||
Description: 'Delete old Mastodon media cache'
|
||||
},
|
||||
Timer: {
|
||||
OnCalendar: '*-*-* 00:00:00',
|
||||
Persistent: 'true'
|
||||
},
|
||||
Install: {
|
||||
WantedBy: 'timer.target'
|
||||
}
|
||||
})
|
||||
triggers_reload true
|
||||
action [:create, :enable, :start]
|
||||
end
|
||||
|
||||
firewall_rule "mastodon_app" do
|
||||
port node['kosmos-mastodon']['app_port']
|
||||
source "10.1.1.0/24"
|
||||
|
||||
@@ -26,7 +26,7 @@ template "#{deploy_path}/docker-compose.yml" do
|
||||
mode 0640
|
||||
variables domain: node["kosmos_drone"]["domain"],
|
||||
upstream_port: node["kosmos_drone"]["upstream_port"],
|
||||
gitea_server: "https://#{node["kosmos_gitea"]["nginx"]["domain"]}",
|
||||
gitea_server: "https://#{node["gitea"]["domain"]}",
|
||||
client_id: credentials['client_id'],
|
||||
client_secret: credentials['client_secret'],
|
||||
rpc_secret: credentials['rpc_secret'],
|
||||
|
||||
Reference in New Issue
Block a user