Compare commits
7 Commits
notes/ejab
...
7d22686bc4
| Author | SHA1 | Date | |
|---|---|---|---|
|
7d22686bc4 | ||
|
|
ce5b47e718 | ||
| d00072ee5a | |||
14687558fe
|
|||
|
de7cc69505
|
|||
|
|
b01315f998 | ||
|
160134bd86
|
@@ -37,6 +37,7 @@
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::journald_conf",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
|
||||
@@ -27,6 +27,7 @@
|
||||
include_recipe 'apt'
|
||||
include_recipe 'timezone_iii'
|
||||
include_recipe 'ntp'
|
||||
include_recipe 'kosmos-base::journald_conf'
|
||||
include_recipe 'kosmos-base::systemd_emails'
|
||||
|
||||
node.override["apt"]["unattended_upgrades"]["allowed_origins"] = [
|
||||
@@ -37,6 +38,14 @@ node.override["apt"]["unattended_upgrades"]["mail"] = "ops@kosmos.org"
|
||||
node.override["apt"]["unattended_upgrades"]["syslog_enable"] = true
|
||||
include_recipe 'apt::unattended-upgrades'
|
||||
|
||||
node.override["apt"]["unattended_upgrades"]["allowed_origins"] = [
|
||||
"${distro_id}:${distro_codename}-security",
|
||||
"${distro_id}:${distro_codename}-updates"
|
||||
]
|
||||
node.override["apt"]["unattended_upgrades"]["mail"] = "ops@kosmos.org"
|
||||
node.override["apt"]["unattended_upgrades"]["syslog_enable"] = true
|
||||
include_recipe 'apt::unattended-upgrades'
|
||||
|
||||
package 'mailutils'
|
||||
package 'mosh'
|
||||
package 'vim'
|
||||
|
||||
@@ -110,6 +110,7 @@ hosts = [
|
||||
access_persistent: muc_create
|
||||
access_register: muc_create
|
||||
max_user_conferences: 1000
|
||||
max_users: 2000
|
||||
default_room_options:
|
||||
mam: true
|
||||
preload_rooms: true
|
||||
|
||||
@@ -185,8 +185,11 @@ api_permissions:
|
||||
what:
|
||||
- "add_rosteritem"
|
||||
- "delete_rosteritem"
|
||||
- "send_message"
|
||||
- "get_vcard2"
|
||||
- "muc_register_nick"
|
||||
- "private_set"
|
||||
- "send_message"
|
||||
- "send_stanza"
|
||||
|
||||
language: "en"
|
||||
|
||||
|
||||
@@ -265,6 +265,44 @@ service "mastodon-streaming" do
|
||||
action [:enable, :start]
|
||||
end
|
||||
|
||||
#
|
||||
# Delete cached remote media older than 30 days
|
||||
# Will be re-fetched if necessary
|
||||
#
|
||||
|
||||
systemd_unit 'mastodon-delete-old-media-cache.service' do
|
||||
content({
|
||||
Unit: {
|
||||
Description: 'Delete old Mastodon media cache'
|
||||
},
|
||||
Service: {
|
||||
Type: "oneshot",
|
||||
WorkingDirectory: mastodon_path,
|
||||
Environment: "RAILS_ENV=#{rails_env}",
|
||||
ExecStart: "#{bundle_path} exec bin/tootctl media remove --days 30",
|
||||
}
|
||||
})
|
||||
triggers_reload true
|
||||
action [:create]
|
||||
end
|
||||
|
||||
systemd_unit 'mastodon-delete-old-media-cache.timer' do
|
||||
content({
|
||||
Unit: {
|
||||
Description: 'Delete old Mastodon media cache'
|
||||
},
|
||||
Timer: {
|
||||
OnCalendar: '*-*-* 00:00:00',
|
||||
Persistent: 'true'
|
||||
},
|
||||
Install: {
|
||||
WantedBy: 'timer.target'
|
||||
}
|
||||
})
|
||||
triggers_reload true
|
||||
action [:create, :enable, :start]
|
||||
end
|
||||
|
||||
firewall_rule "mastodon_app" do
|
||||
port node['kosmos-mastodon']['app_port']
|
||||
source "10.1.1.0/24"
|
||||
|
||||
Reference in New Issue
Block a user