Compare commits
3 Commits
ecc1141bf9
...
1f31491f49
Author | SHA1 | Date | |
---|---|---|---|
1f31491f49 | |||
2b16d4de8c | |||
4660d2f567 |
@ -13,6 +13,8 @@ playbook configuration:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mx_puppet_discord_enabled: true
|
matrix_mx_puppet_discord_enabled: true
|
||||||
|
matrix_mx_puppet_discord_client_id: ""
|
||||||
|
matrix_mx_puppet_discord_client_secret: ""
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
@ -11,6 +11,8 @@ playbook configuration:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mx_puppet_groupme_enabled: true
|
matrix_mx_puppet_groupme_enabled: true
|
||||||
|
matrix_mx_puppet_groupme_client_id: ""
|
||||||
|
matrix_mx_puppet_groupme_client_secret: ""
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
@ -13,6 +13,8 @@ playbook configuration:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mx_puppet_slack_enabled: true
|
matrix_mx_puppet_slack_enabled: true
|
||||||
|
matrix_mx_puppet_slack_client_id: ""
|
||||||
|
matrix_mx_puppet_slack_client_secret: ""
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
@ -11,6 +11,8 @@ playbook configuration:
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_mx_puppet_steam_enabled: true
|
matrix_mx_puppet_steam_enabled: true
|
||||||
|
matrix_mx_puppet_steam_client_id: ""
|
||||||
|
matrix_mx_puppet_steam_client_secret: ""
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
@ -80,8 +80,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
|
|||||||
matrix_host_command_systemctl: "/usr/bin/env systemctl"
|
matrix_host_command_systemctl: "/usr/bin/env systemctl"
|
||||||
matrix_host_command_sh: "/usr/bin/env sh"
|
matrix_host_command_sh: "/usr/bin/env sh"
|
||||||
|
|
||||||
matrix_ntpd_package: "{{ 'systemd-timesyncd' if ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7' else 'ntp' }}"
|
matrix_ntpd_package: "ntp"
|
||||||
matrix_ntpd_service: "{{ 'systemd-timesyncd' if ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7' else ('ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp') }}"
|
matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"
|
||||||
|
|
||||||
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
||||||
|
|
||||||
|
@ -1,10 +1,7 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml"
|
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml"
|
||||||
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version < '8'
|
when: ansible_distribution == 'CentOS'
|
||||||
|
|
||||||
- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos8.yml"
|
|
||||||
when: ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7'
|
|
||||||
|
|
||||||
- block:
|
- block:
|
||||||
# ansible_lsb is only available if lsb-release is installed.
|
# ansible_lsb is only available if lsb-release is installed.
|
||||||
|
@ -1,47 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Ensure Docker repository is enabled
|
|
||||||
template:
|
|
||||||
src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
|
|
||||||
dest: "/etc/yum.repos.d/{{ item }}"
|
|
||||||
owner: "root"
|
|
||||||
group: "root"
|
|
||||||
mode: 0644
|
|
||||||
with_items:
|
|
||||||
- docker-ce.repo
|
|
||||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
|
||||||
|
|
||||||
- name: Ensure Docker's RPM key is trusted
|
|
||||||
rpm_key:
|
|
||||||
state: present
|
|
||||||
key: https://download.docker.com/linux/centos/gpg
|
|
||||||
when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
|
|
||||||
|
|
||||||
- name: Ensure EPEL is installed
|
|
||||||
yum:
|
|
||||||
name:
|
|
||||||
- epel-release
|
|
||||||
state: latest
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Ensure yum packages are installed
|
|
||||||
yum:
|
|
||||||
name:
|
|
||||||
- "{{ matrix_ntpd_package }}"
|
|
||||||
- fuse
|
|
||||||
state: latest
|
|
||||||
update_cache: yes
|
|
||||||
|
|
||||||
- name: Ensure Docker is installed
|
|
||||||
yum:
|
|
||||||
name:
|
|
||||||
- "{{ matrix_docker_package_name }}"
|
|
||||||
- python3-pip
|
|
||||||
state: latest
|
|
||||||
when: matrix_docker_installation_enabled|bool
|
|
||||||
|
|
||||||
- name: Ensure Docker-Py is installed
|
|
||||||
pip:
|
|
||||||
name: docker-py
|
|
||||||
state: latest
|
|
||||||
when: matrix_docker_installation_enabled|bool
|
|
@ -27,6 +27,9 @@ matrix_mx_puppet_discord_homeserver_address: "{{ matrix_homeserver_container_url
|
|||||||
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
|
||||||
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
|
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
|
||||||
|
|
||||||
|
matrix_mx_puppet_discord_client_id: ''
|
||||||
|
matrix_mx_puppet_discord_client_secret: ''
|
||||||
|
|
||||||
# "@user:server.com" to allow specific user
|
# "@user:server.com" to allow specific user
|
||||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||||
# "@.*" to allow anyone
|
# "@.*" to allow anyone
|
||||||
|
@ -27,6 +27,9 @@ matrix_mx_puppet_groupme_homeserver_address: "{{ matrix_homeserver_container_url
|
|||||||
matrix_mx_puppet_groupme_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mx_puppet_groupme_homeserver_domain: '{{ matrix_domain }}'
|
||||||
matrix_mx_puppet_groupme_appservice_address: 'http://matrix-mx-puppet-groupme:{{ matrix_mx_puppet_groupme_appservice_port }}'
|
matrix_mx_puppet_groupme_appservice_address: 'http://matrix-mx-puppet-groupme:{{ matrix_mx_puppet_groupme_appservice_port }}'
|
||||||
|
|
||||||
|
matrix_mx_puppet_groupme_client_id: ''
|
||||||
|
matrix_mx_puppet_groupme_client_secret: ''
|
||||||
|
|
||||||
# "@user:server.com" to allow specific user
|
# "@user:server.com" to allow specific user
|
||||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||||
# "@.*" to allow anyone
|
# "@.*" to allow anyone
|
||||||
|
@ -27,6 +27,8 @@ matrix_mx_puppet_slack_homeserver_address: "{{ matrix_homeserver_container_url }
|
|||||||
matrix_mx_puppet_slack_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mx_puppet_slack_homeserver_domain: '{{ matrix_domain }}'
|
||||||
matrix_mx_puppet_slack_appservice_address: 'http://matrix-mx-puppet-slack:{{ matrix_mx_puppet_slack_appservice_port }}'
|
matrix_mx_puppet_slack_appservice_address: 'http://matrix-mx-puppet-slack:{{ matrix_mx_puppet_slack_appservice_port }}'
|
||||||
|
|
||||||
|
matrix_mx_puppet_slack_client_id: ''
|
||||||
|
matrix_mx_puppet_slack_client_secret: ''
|
||||||
matrix_mx_puppet_slack_redirect_path: '/slack/oauth'
|
matrix_mx_puppet_slack_redirect_path: '/slack/oauth'
|
||||||
matrix_mx_puppet_slack_redirect_uri: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mx_puppet_slack_redirect_path }}'
|
matrix_mx_puppet_slack_redirect_uri: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mx_puppet_slack_redirect_path }}'
|
||||||
|
|
||||||
|
@ -18,6 +18,10 @@ bridge:
|
|||||||
# Slack OAuth settings. Create a slack app at https://api.slack.com/apps
|
# Slack OAuth settings. Create a slack app at https://api.slack.com/apps
|
||||||
oauth:
|
oauth:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
# Slack app credentials.
|
||||||
|
# N.B. This must be quoted so YAML wouldn't parse it as a float.
|
||||||
|
clientId: "{{ matrix_mx_puppet_slack_client_id }}"
|
||||||
|
clientSecret: {{ matrix_mx_puppet_slack_client_secret }}
|
||||||
# Path where to listen for OAuth redirect callbacks.
|
# Path where to listen for OAuth redirect callbacks.
|
||||||
redirectPath: {{ matrix_mx_puppet_slack_redirect_path }}
|
redirectPath: {{ matrix_mx_puppet_slack_redirect_path }}
|
||||||
# Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path,
|
# Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path,
|
||||||
|
@ -27,6 +27,9 @@ matrix_mx_puppet_steam_homeserver_address: "{{ matrix_homeserver_container_url }
|
|||||||
matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mx_puppet_steam_homeserver_domain: '{{ matrix_domain }}'
|
||||||
matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}'
|
matrix_mx_puppet_steam_appservice_address: 'http://matrix-mx-puppet-steam:{{ matrix_mx_puppet_steam_appservice_port }}'
|
||||||
|
|
||||||
|
matrix_mx_puppet_steam_client_id: ''
|
||||||
|
matrix_mx_puppet_steam_client_secret: ''
|
||||||
|
|
||||||
# "@user:server.com" to allow specific user
|
# "@user:server.com" to allow specific user
|
||||||
# "@.*:yourserver.com" to allow users on a specific homeserver
|
# "@.*:yourserver.com" to allow users on a specific homeserver
|
||||||
# "@.*" to allow anyone
|
# "@.*" to allow anyone
|
||||||
|
@ -3,7 +3,7 @@ matrix_client_element_enabled: true
|
|||||||
matrix_client_element_container_image_self_build: false
|
matrix_client_element_container_image_self_build: false
|
||||||
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
|
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
|
||||||
|
|
||||||
matrix_client_element_version: v1.7.31
|
matrix_client_element_version: v1.7.30
|
||||||
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
|
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
|
||||||
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||||
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
||||||
|
@ -2,10 +2,10 @@ matrix_coturn_enabled: true
|
|||||||
|
|
||||||
matrix_coturn_container_image_self_build: false
|
matrix_coturn_container_image_self_build: false
|
||||||
matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn"
|
matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn"
|
||||||
matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}-r2"
|
matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}-r1"
|
||||||
matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile"
|
matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile"
|
||||||
|
|
||||||
matrix_coturn_version: 4.5.2-r2
|
matrix_coturn_version: 4.5.2
|
||||||
matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine"
|
matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine"
|
||||||
matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||||
matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}"
|
matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}"
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
matrix_grafana_enabled: false
|
matrix_grafana_enabled: false
|
||||||
|
|
||||||
matrix_grafana_version: 8.0.3
|
matrix_grafana_version: 8.0.2
|
||||||
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
|
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
|
||||||
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
|
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -7,7 +7,7 @@ matrix_mailer_container_image_self_build_repository_url: "https://github.com/dev
|
|||||||
matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
|
matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
|
||||||
matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
|
matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
|
||||||
|
|
||||||
matrix_mailer_version: 4.94.2-r0-2
|
matrix_mailer_version: 4.94.2-r0-1
|
||||||
matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
|
matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
|
||||||
matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||||
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
|
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
add_header X-Content-Type-Options nosniff;
|
add_header X-Content-Type-Options nosniff;
|
||||||
add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}";
|
add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}";
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
|
||||||
|
|
||||||
{% if matrix_nginx_proxy_floc_optout_enabled %}
|
{% if matrix_nginx_proxy_floc_optout_enabled %}
|
||||||
add_header Permissions-Policy interest-cohort=() always;
|
add_header Permissions-Policy interest-cohort=() always;
|
||||||
|
Loading…
Reference in New Issue
Block a user