From 3fb8ecb72ffdb43377e67c6f95adf0f151e3dfb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Sat, 17 Dec 2022 21:27:01 +0100 Subject: [PATCH 01/10] Bump matrix client_max_body_size to 1GB --- roles/docker/files/configs/matrix/vhost-matrix | 2 +- roles/docker/files/configs/matrix/vhost-riot | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/docker/files/configs/matrix/vhost-matrix b/roles/docker/files/configs/matrix/vhost-matrix index a597770..b65c59c 100644 --- a/roles/docker/files/configs/matrix/vhost-matrix +++ b/roles/docker/files/configs/matrix/vhost-matrix @@ -1,2 +1,2 @@ listen 8008; -client_max_body_size 50M; # default is 1M +client_max_body_size 1G; # default is 1M diff --git a/roles/docker/files/configs/matrix/vhost-riot b/roles/docker/files/configs/matrix/vhost-riot index 66b77ed..dec55e8 100644 --- a/roles/docker/files/configs/matrix/vhost-riot +++ b/roles/docker/files/configs/matrix/vhost-riot @@ -1 +1 @@ -client_max_body_size 50M; # default is 1M +client_max_body_size 1G; # default is 1M From 7851fe3522cbb250a9e76dd9212046b4d1c0ec7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Sat, 17 Dec 2022 21:43:18 +0100 Subject: [PATCH 02/10] Bump max upload size --- roles/docker/files/configs/matrix/homeserver.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/files/configs/matrix/homeserver.yaml.j2 b/roles/docker/files/configs/matrix/homeserver.yaml.j2 index 4b8c3aa..73ba3f3 100644 --- a/roles/docker/files/configs/matrix/homeserver.yaml.j2 +++ b/roles/docker/files/configs/matrix/homeserver.yaml.j2 @@ -416,7 +416,7 @@ uploads_path: "/data/uploads" # The largest allowed upload size in bytes # -max_upload_size: "50M" +max_upload_size: "512M" # Maximum number of pixels that will be thumbnailed # From ad9a42f223e34818dd03b95b26bfbd67e97ab762 Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Tue, 27 Dec 2022 21:50:12 +0100 Subject: [PATCH 03/10] Add Nextcloud to allowed sender domains --- roles/docker/defaults/main.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 4266323..9779f1e 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -67,6 +67,7 @@ services: domain: "cloud.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/nextcloud" version: 25-apache + allowed_sender_domain: true gitea: file: gitea.yml @@ -87,11 +88,12 @@ services: domain: "matrix.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/matrix" version: v1.63.1 + allowed_sender_domain: true riot: domains: - - "riot.{{ base_domain }}" - - "element.{{ base_domain }}" + - "riot.{{ base_domain }}" + - "element.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/riot" version: v1.11.8 From a7776ab30afa3e6eebf0480092e8bf64495c0859 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Wed, 28 Dec 2022 20:58:59 +0100 Subject: [PATCH 04/10] Add a new ssh key for valberg. --- group_vars/all/vars.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index b665dc0..8ba8341 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -13,6 +13,7 @@ users: - sudo ssh_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4FRrbTpxwGdlF6RVi/thJaMlaEE0Z9YCQA4Y+KnHbBoVWMjzgbIkSWw3MM+E/iiVnix8SFh4tjDSdFjb8lCvHt/PqhMFhZJ02vhVgSwyU+Ji5ur23i202LB9ua54NLN4kNG8K47U0tKi2/EV6LWl2QdRviAcOUctz6u9XDkkMLUgPEYH384XSTRRj4GJ8+0LRzB2rXqetH3gBe9v1vlv0ETYWvzTnpfZUxcrrqEGtXV9Wa0BZoWLos2oKOsYVjNdLZMoFpmyBxPnqzAi1hr7beblFZKqBkvD7XA9RnERbZn1nxkWufVahppPjKQ+se3esWJCp6ri/vNP4WNKY3hiIoekBLbpvGcP1Te7cAIQXiZOilN92NKKYrzN2gAtsxgqGZw7lI1PE71luGdPir2Evl6hPj6/nnNdEHZWgcmBSPy17uCpVvZYBcDDzj8L3hbkLVQ3kcLZTz6I8BXvuGqoeLvRQpBtn5EaLpCCOmXuKqm+dzHzsOIwh+SA5NA8M3P0= - name: reynir comment: Reynir Björnsson From b6f30af8ba162029e9bc50b48e9e2899970616ba Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 29 Dec 2022 17:52:12 +0100 Subject: [PATCH 05/10] Edit SSH key for samsapti --- group_vars/all/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 8ba8341..f69bc09 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -30,4 +30,4 @@ users: groups: - sudo ssh_keys: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPd/4fQV7CL8/KVwbo/phiV5UdXFBIDlkZ+ps8C7FeRf samsapti + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPd/4fQV7CL8/KVwbo/phiV5UdXFBIDlkZ+ps8C7FeRf From f02440048cd1542c1a050a2f5d15c222e1540990 Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 29 Dec 2022 17:55:59 +0100 Subject: [PATCH 06/10] Add a way to only deploy users --- deploy.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy.sh b/deploy.sh index d66caa2..5777829 100755 --- a/deploy.sh +++ b/deploy.sh @@ -37,6 +37,9 @@ else "base") $BASE_CMD --tags base_only ;; + "users") + $BASE_CMD --tags setup-users + ;; *) usage exit 1 From 5bcba6fa59eb7f08e3124d014d7bd49bc70f4160 Mon Sep 17 00:00:00 2001 From: Sam A Date: Thu, 29 Dec 2022 21:13:31 +0000 Subject: [PATCH 07/10] QoL changes for *Vim users (#144) Co-authored-by: Sam Al-Sapti Reviewed-on: https://git.data.coop/data.coop/ansible/pulls/144 --- group_vars/all/vars.yml | 1 + playbook.yml | 1 + roles/docker/defaults/main.yml | 1 + roles/docker/handlers/main.yml | 3 ++- roles/docker/tasks/main.yml | 1 + roles/docker/tasks/services.yml | 1 + roles/docker/tasks/services/codimd.yml | 1 + roles/docker/tasks/services/docker_registry.yml | 1 + roles/docker/tasks/services/drone.yml | 1 + roles/docker/tasks/services/gitea.yml | 1 + roles/docker/tasks/services/hedgedoc.yml | 1 + roles/docker/tasks/services/keycloak.yml | 2 ++ roles/docker/tasks/services/mailu.yml | 1 + roles/docker/tasks/services/mastodon.yml | 2 ++ roles/docker/tasks/services/matrix_riot.yml | 1 + roles/docker/tasks/services/membersystem.yml | 2 +- roles/docker/tasks/services/netdata.yml | 2 +- roles/docker/tasks/services/nextcloud.yml | 1 + roles/docker/tasks/services/nginx_proxy.yml | 2 +- roles/docker/tasks/services/openldap.yml | 1 + roles/docker/tasks/services/passit.yml | 2 +- roles/docker/tasks/services/pinafore.yml | 2 ++ roles/docker/tasks/services/portainer.yml | 2 +- roles/docker/tasks/services/postfix.yml | 2 +- roles/docker/tasks/services/privatebin.yml | 2 +- roles/docker/tasks/services/rallly.yml | 2 ++ roles/docker/tasks/services/restic_backup.yml | 1 + roles/docker/tasks/services/watchtower.yml | 1 + roles/docker/tasks/services/websites/2022.slides.data.coop.yml | 1 + roles/docker/tasks/services/websites/cryptoaarhus.dk.yml | 2 +- roles/docker/tasks/services/websites/cryptohagen.dk.yml | 2 +- roles/docker/tasks/services/websites/data.coop.yml | 1 + roles/docker/tasks/services/websites/new.data.coop.yml | 1 + roles/docker/tasks/services/websites/ulovliglogning.dk.yml | 2 ++ roles/ubuntu_base/tasks/base.yml | 1 + roles/ubuntu_base/tasks/dell-apt-repo.yml | 1 + roles/ubuntu_base/tasks/firewall.yml | 1 + roles/ubuntu_base/tasks/main.yml | 1 + roles/ubuntu_base/tasks/ssh-port.yml | 1 + roles/ubuntu_base/tasks/upgrade.yml | 1 + roles/ubuntu_base/tasks/users.yml | 1 + 41 files changed, 47 insertions(+), 10 deletions(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index f69bc09..b811cfb 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- users: - name: graffen diff --git a/playbook.yml b/playbook.yml index f2c5a1d..d2ce5af 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - hosts: all gather_facts: true diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 9779f1e..8fe76a2 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- volume_root_folder: "/docker-volumes" diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 8958588..e37a19f 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -1,7 +1,8 @@ +# vim: ft=yaml.ansible --- - name: "restart nginx" community.docker.docker_container: name: "nginx-proxy" restart: "yes" state: "started" - \ No newline at end of file + diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 148ff67..6b1b29b 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: add docker gpg key apt_key: diff --git a/roles/docker/tasks/services.yml b/roles/docker/tasks/services.yml index c41f5e4..c05c6b6 100644 --- a/roles/docker/tasks/services.yml +++ b/roles/docker/tasks/services.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup external services network docker_network: diff --git a/roles/docker/tasks/services/codimd.yml b/roles/docker/tasks/services/codimd.yml index 6e13c21..55fb18a 100644 --- a/roles/docker/tasks/services/codimd.yml +++ b/roles/docker/tasks/services/codimd.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: codimd network docker_network: diff --git a/roles/docker/tasks/services/docker_registry.yml b/roles/docker/tasks/services/docker_registry.yml index 660e684..79c03b7 100644 --- a/roles/docker/tasks/services/docker_registry.yml +++ b/roles/docker/tasks/services/docker_registry.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: copy docker registry nginx configuration copy: diff --git a/roles/docker/tasks/services/drone.yml b/roles/docker/tasks/services/drone.yml index 874ce03..157b2a0 100644 --- a/roles/docker/tasks/services/drone.yml +++ b/roles/docker/tasks/services/drone.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: set up drone with docker runner docker_compose: diff --git a/roles/docker/tasks/services/gitea.yml b/roles/docker/tasks/services/gitea.yml index 514cc9e..e0234b8 100644 --- a/roles/docker/tasks/services/gitea.yml +++ b/roles/docker/tasks/services/gitea.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: gitea network docker_network: diff --git a/roles/docker/tasks/services/hedgedoc.yml b/roles/docker/tasks/services/hedgedoc.yml index 7508535..7e0826c 100644 --- a/roles/docker/tasks/services/hedgedoc.yml +++ b/roles/docker/tasks/services/hedgedoc.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create hedgedoc volume folders file: diff --git a/roles/docker/tasks/services/keycloak.yml b/roles/docker/tasks/services/keycloak.yml index 3f2da44..2cb4784 100644 --- a/roles/docker/tasks/services/keycloak.yml +++ b/roles/docker/tasks/services/keycloak.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: setup keycloak containers for sso.data.coop docker_compose: project_name: "keycloak" diff --git a/roles/docker/tasks/services/mailu.yml b/roles/docker/tasks/services/mailu.yml index 745f040..9cc449a 100644 --- a/roles/docker/tasks/services/mailu.yml +++ b/roles/docker/tasks/services/mailu.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create mailu volume folders file: diff --git a/roles/docker/tasks/services/mastodon.yml b/roles/docker/tasks/services/mastodon.yml index eae1546..18d8133 100644 --- a/roles/docker/tasks/services/mastodon.yml +++ b/roles/docker/tasks/services/mastodon.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: create mastodon volume folders file: name: "{{ services.mastodon.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/matrix_riot.yml b/roles/docker/tasks/services/matrix_riot.yml index 34f302d..7571adc 100644 --- a/roles/docker/tasks/services/matrix_riot.yml +++ b/roles/docker/tasks/services/matrix_riot.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create matrix volume folders file: diff --git a/roles/docker/tasks/services/membersystem.yml b/roles/docker/tasks/services/membersystem.yml index ca63851..bf084fe 100644 --- a/roles/docker/tasks/services/membersystem.yml +++ b/roles/docker/tasks/services/membersystem.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: run membersystem containers docker_compose: project_name: "member.data.coop" diff --git a/roles/docker/tasks/services/netdata.yml b/roles/docker/tasks/services/netdata.yml index e1a7bbe..3b45b65 100644 --- a/roles/docker/tasks/services/netdata.yml +++ b/roles/docker/tasks/services/netdata.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup netdata docker container for system monitoring docker_container: name: netdata diff --git a/roles/docker/tasks/services/nextcloud.yml b/roles/docker/tasks/services/nextcloud.yml index d36f8de..1e06a26 100644 --- a/roles/docker/tasks/services/nextcloud.yml +++ b/roles/docker/tasks/services/nextcloud.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: upload vhost config for cloud.data.coop template: diff --git a/roles/docker/tasks/services/nginx_proxy.yml b/roles/docker/tasks/services/nginx_proxy.yml index 8081ab6..2f92611 100644 --- a/roles/docker/tasks/services/nginx_proxy.yml +++ b/roles/docker/tasks/services/nginx_proxy.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create nginx-proxy volume folders file: name: "{{ services.nginx_proxy.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/openldap.yml b/roles/docker/tasks/services/openldap.yml index a768235..4aace81 100644 --- a/roles/docker/tasks/services/openldap.yml +++ b/roles/docker/tasks/services/openldap.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create ldap volume folders file: diff --git a/roles/docker/tasks/services/passit.yml b/roles/docker/tasks/services/passit.yml index 300c099..c04f266 100644 --- a/roles/docker/tasks/services/passit.yml +++ b/roles/docker/tasks/services/passit.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup passit containers docker_compose: project_name: "passit" diff --git a/roles/docker/tasks/services/pinafore.yml b/roles/docker/tasks/services/pinafore.yml index a275f3a..1234329 100644 --- a/roles/docker/tasks/services/pinafore.yml +++ b/roles/docker/tasks/services/pinafore.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: Set up Pinafore docker_container: name: pinafore diff --git a/roles/docker/tasks/services/portainer.yml b/roles/docker/tasks/services/portainer.yml index 005da7f..dae0e87 100644 --- a/roles/docker/tasks/services/portainer.yml +++ b/roles/docker/tasks/services/portainer.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create portainer volume folder file: name: "{{ services.portainer.volume_folder }}" diff --git a/roles/docker/tasks/services/postfix.yml b/roles/docker/tasks/services/postfix.yml index 1fb67df..f44da25 100644 --- a/roles/docker/tasks/services/postfix.yml +++ b/roles/docker/tasks/services/postfix.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup network for postfix docker_network: name: postfix diff --git a/roles/docker/tasks/services/privatebin.yml b/roles/docker/tasks/services/privatebin.yml index bede175..fbbad29 100644 --- a/roles/docker/tasks/services/privatebin.yml +++ b/roles/docker/tasks/services/privatebin.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create privatebin volume folders file: name: "{{ services.privatebin.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/rallly.yml b/roles/docker/tasks/services/rallly.yml index b5e9d2f..13ce7b9 100644 --- a/roles/docker/tasks/services/rallly.yml +++ b/roles/docker/tasks/services/rallly.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: Create rallly volume folders file: name: "{{ services.rallly.volume_folder }}/postgres" diff --git a/roles/docker/tasks/services/restic_backup.yml b/roles/docker/tasks/services/restic_backup.yml index 9dddb49..655ddb6 100644 --- a/roles/docker/tasks/services/restic_backup.yml +++ b/roles/docker/tasks/services/restic_backup.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Setup restic backup docker_compose: diff --git a/roles/docker/tasks/services/watchtower.yml b/roles/docker/tasks/services/watchtower.yml index 7641b0b..1a65656 100644 --- a/roles/docker/tasks/services/watchtower.yml +++ b/roles/docker/tasks/services/watchtower.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: watchtower container docker_container: diff --git a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml b/roles/docker/tasks/services/websites/2022.slides.data.coop.yml index 36cf17d..09e0690 100644 --- a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml +++ b/roles/docker/tasks/services/websites/2022.slides.data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup 2022.slides.data.coop website using unipi docker_container: diff --git a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml b/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml index 28d6997..d059c3c 100644 --- a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml +++ b/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup cryptoaarhus.dk website docker container docker_container: name: cryptoaarhus_website diff --git a/roles/docker/tasks/services/websites/cryptohagen.dk.yml b/roles/docker/tasks/services/websites/cryptohagen.dk.yml index dcca218..b65794f 100644 --- a/roles/docker/tasks/services/websites/cryptohagen.dk.yml +++ b/roles/docker/tasks/services/websites/cryptohagen.dk.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup cryptohagen.dk website docker container docker_container: name: cryptohagen_website diff --git a/roles/docker/tasks/services/websites/data.coop.yml b/roles/docker/tasks/services/websites/data.coop.yml index 58d8af0..475240f 100644 --- a/roles/docker/tasks/services/websites/data.coop.yml +++ b/roles/docker/tasks/services/websites/data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Upload vhost config for root domain copy: diff --git a/roles/docker/tasks/services/websites/new.data.coop.yml b/roles/docker/tasks/services/websites/new.data.coop.yml index 90ba65c..aa89969 100644 --- a/roles/docker/tasks/services/websites/new.data.coop.yml +++ b/roles/docker/tasks/services/websites/new.data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup new data.coop website using hugo docker_container: diff --git a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml b/roles/docker/tasks/services/websites/ulovliglogning.dk.yml index 7abec88..4f4c8ca 100644 --- a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml +++ b/roles/docker/tasks/services/websites/ulovliglogning.dk.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: setup ulovliglogning.dk website docker container docker_container: name: ulovliglogning_website diff --git a/roles/ubuntu_base/tasks/base.yml b/roles/ubuntu_base/tasks/base.yml index 3289b2c..f53f924 100644 --- a/roles/ubuntu_base/tasks/base.yml +++ b/roles/ubuntu_base/tasks/base.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Install necessary packages via apt apt: diff --git a/roles/ubuntu_base/tasks/dell-apt-repo.yml b/roles/ubuntu_base/tasks/dell-apt-repo.yml index b7d9d48..2472e91 100644 --- a/roles/ubuntu_base/tasks/dell-apt-repo.yml +++ b/roles/ubuntu_base/tasks/dell-apt-repo.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Import dell apt signing key apt_key: diff --git a/roles/ubuntu_base/tasks/firewall.yml b/roles/ubuntu_base/tasks/firewall.yml index 17860a8..85c359a 100644 --- a/roles/ubuntu_base/tasks/firewall.yml +++ b/roles/ubuntu_base/tasks/firewall.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Setup firewall with UFW community.general.ufw: diff --git a/roles/ubuntu_base/tasks/main.yml b/roles/ubuntu_base/tasks/main.yml index a34d5b0..e6a1f15 100644 --- a/roles/ubuntu_base/tasks/main.yml +++ b/roles/ubuntu_base/tasks/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - import_tasks: ssh-port.yml tags: [change-ssh-port] diff --git a/roles/ubuntu_base/tasks/ssh-port.yml b/roles/ubuntu_base/tasks/ssh-port.yml index 1935168..e02302b 100644 --- a/roles/ubuntu_base/tasks/ssh-port.yml +++ b/roles/ubuntu_base/tasks/ssh-port.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Change SSH port on host lineinfile: diff --git a/roles/ubuntu_base/tasks/upgrade.yml b/roles/ubuntu_base/tasks/upgrade.yml index c4cd33b..0ccc7d6 100644 --- a/roles/ubuntu_base/tasks/upgrade.yml +++ b/roles/ubuntu_base/tasks/upgrade.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: update and upgrade system via apt apt: diff --git a/roles/ubuntu_base/tasks/users.yml b/roles/ubuntu_base/tasks/users.yml index deea339..8ef07b6 100644 --- a/roles/ubuntu_base/tasks/users.yml +++ b/roles/ubuntu_base/tasks/users.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: "Add users" user: From 5b2f460cad1d075851058f91b3b9685712f5c1aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Mon, 2 Jan 2023 22:19:39 +0100 Subject: [PATCH 08/10] Bump gitea til 1.18.0. --- roles/docker/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 8fe76a2..bc88a26 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -74,7 +74,7 @@ services: file: gitea.yml domain: "git.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/gitea" - version: 1.17.4 + version: 1.18.0 allowed_sender_domain: true passit: From 99e2d0482931e497fe6720869027a09b400972ed Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 5 Jan 2023 16:10:44 +0100 Subject: [PATCH 09/10] Set up DKIM for Postfix --- roles/docker/defaults/main.yml | 1 + roles/docker/tasks/services/postfix.yml | 12 ++++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index bc88a26..f43f9a3 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -8,6 +8,7 @@ services: postfix: file: postfix.yml domain: "smtp.{{ base_domain }}" + volume_folder: "{{ volume_root_folder }}/postfix" version: "v3.5.1-alpine" nginx_proxy: diff --git a/roles/docker/tasks/services/postfix.yml b/roles/docker/tasks/services/postfix.yml index f44da25..ece525e 100644 --- a/roles/docker/tasks/services/postfix.yml +++ b/roles/docker/tasks/services/postfix.yml @@ -1,20 +1,28 @@ # vim: ft=yaml.ansible --- -- name: setup network for postfix +- name: Set up network for postfix docker_network: name: postfix ipam_config: - subnet: '172.16.0.0/16' gateway: 172.16.0.1 -- name: setup postfix docker container for outgoing mail +- name: Create volume folders for Postfix + file: + name: "{{ services.postfix.volume_folder }}/dkim" + state: directory + +- name: Set up Postfix Docker container for outgoing mail from services docker_container: name: postfix image: boky/postfix:{{ services.postfix.version }} restart_policy: always networks: - name: postfix + volumes: + - "{{ services.postfix.volume_folder }}/dkim:/etc/opendkim/keys" env: # Get all services which have allowed_sender_domain defined ALLOWED_SENDER_DOMAINS: "{{ services | dict2items | selectattr('value.allowed_sender_domain', 'true') | map(attribute='value.domain') | join(' ') }}" HOSTNAME: "{{ services.postfix.domain }}" # the name the smtp server will identify itself as + DKIM_AUTOGENERATE: "true" From 1bbf1edf571a430e2e524519b66650874843074f Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Fri, 6 Jan 2023 14:49:23 +0100 Subject: [PATCH 10/10] Upgrade Rallly --- roles/docker/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index f43f9a3..99b57d3 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -176,7 +176,7 @@ services: file: rallly.yml domain: "when.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/rallly" - version: ac55701890cd866ee946deb25e2b2839fb14900e + version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114 allowed_sender_domain: true pinafore: