From 3fb8ecb72ffdb43377e67c6f95adf0f151e3dfb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Sat, 17 Dec 2022 21:27:01 +0100 Subject: [PATCH 1/9] Bump matrix client_max_body_size to 1GB --- roles/docker/files/configs/matrix/vhost-matrix | 2 +- roles/docker/files/configs/matrix/vhost-riot | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/docker/files/configs/matrix/vhost-matrix b/roles/docker/files/configs/matrix/vhost-matrix index a5977708..b65c59c3 100644 --- a/roles/docker/files/configs/matrix/vhost-matrix +++ b/roles/docker/files/configs/matrix/vhost-matrix @@ -1,2 +1,2 @@ listen 8008; -client_max_body_size 50M; # default is 1M +client_max_body_size 1G; # default is 1M diff --git a/roles/docker/files/configs/matrix/vhost-riot b/roles/docker/files/configs/matrix/vhost-riot index 66b77edc..dec55e84 100644 --- a/roles/docker/files/configs/matrix/vhost-riot +++ b/roles/docker/files/configs/matrix/vhost-riot @@ -1 +1 @@ -client_max_body_size 50M; # default is 1M +client_max_body_size 1G; # default is 1M From 7851fe3522cbb250a9e76dd9212046b4d1c0ec7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Reynir=20Bj=C3=B6rnsson?= Date: Sat, 17 Dec 2022 21:43:18 +0100 Subject: [PATCH 2/9] Bump max upload size --- roles/docker/files/configs/matrix/homeserver.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/files/configs/matrix/homeserver.yaml.j2 b/roles/docker/files/configs/matrix/homeserver.yaml.j2 index 4b8c3aa2..73ba3f3e 100644 --- a/roles/docker/files/configs/matrix/homeserver.yaml.j2 +++ b/roles/docker/files/configs/matrix/homeserver.yaml.j2 @@ -416,7 +416,7 @@ uploads_path: "/data/uploads" # The largest allowed upload size in bytes # -max_upload_size: "50M" +max_upload_size: "512M" # Maximum number of pixels that will be thumbnailed # From a7776ab30afa3e6eebf0480092e8bf64495c0859 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Wed, 28 Dec 2022 20:58:59 +0100 Subject: [PATCH 3/9] Add a new ssh key for valberg. --- group_vars/all/vars.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index b665dc0c..8ba83418 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -13,6 +13,7 @@ users: - sudo ssh_keys: - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4FRrbTpxwGdlF6RVi/thJaMlaEE0Z9YCQA4Y+KnHbBoVWMjzgbIkSWw3MM+E/iiVnix8SFh4tjDSdFjb8lCvHt/PqhMFhZJ02vhVgSwyU+Ji5ur23i202LB9ua54NLN4kNG8K47U0tKi2/EV6LWl2QdRviAcOUctz6u9XDkkMLUgPEYH384XSTRRj4GJ8+0LRzB2rXqetH3gBe9v1vlv0ETYWvzTnpfZUxcrrqEGtXV9Wa0BZoWLos2oKOsYVjNdLZMoFpmyBxPnqzAi1hr7beblFZKqBkvD7XA9RnERbZn1nxkWufVahppPjKQ+se3esWJCp6ri/vNP4WNKY3hiIoekBLbpvGcP1Te7cAIQXiZOilN92NKKYrzN2gAtsxgqGZw7lI1PE71luGdPir2Evl6hPj6/nnNdEHZWgcmBSPy17uCpVvZYBcDDzj8L3hbkLVQ3kcLZTz6I8BXvuGqoeLvRQpBtn5EaLpCCOmXuKqm+dzHzsOIwh+SA5NA8M3P0= - name: reynir comment: Reynir Björnsson From b6f30af8ba162029e9bc50b48e9e2899970616ba Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 29 Dec 2022 17:52:12 +0100 Subject: [PATCH 4/9] Edit SSH key for samsapti --- group_vars/all/vars.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 8ba83418..f69bc093 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -30,4 +30,4 @@ users: groups: - sudo ssh_keys: - - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPd/4fQV7CL8/KVwbo/phiV5UdXFBIDlkZ+ps8C7FeRf samsapti + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPd/4fQV7CL8/KVwbo/phiV5UdXFBIDlkZ+ps8C7FeRf From f02440048cd1542c1a050a2f5d15c222e1540990 Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 29 Dec 2022 17:55:59 +0100 Subject: [PATCH 5/9] Add a way to only deploy users --- deploy.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy.sh b/deploy.sh index d66caa28..5777829c 100755 --- a/deploy.sh +++ b/deploy.sh @@ -37,6 +37,9 @@ else "base") $BASE_CMD --tags base_only ;; + "users") + $BASE_CMD --tags setup-users + ;; *) usage exit 1 From 5bcba6fa59eb7f08e3124d014d7bd49bc70f4160 Mon Sep 17 00:00:00 2001 From: Sam A Date: Thu, 29 Dec 2022 21:13:31 +0000 Subject: [PATCH 6/9] QoL changes for *Vim users (#144) Co-authored-by: Sam Al-Sapti Reviewed-on: https://git.data.coop/data.coop/ansible/pulls/144 --- group_vars/all/vars.yml | 1 + playbook.yml | 1 + roles/docker/defaults/main.yml | 1 + roles/docker/handlers/main.yml | 3 ++- roles/docker/tasks/main.yml | 1 + roles/docker/tasks/services.yml | 1 + roles/docker/tasks/services/codimd.yml | 1 + roles/docker/tasks/services/docker_registry.yml | 1 + roles/docker/tasks/services/drone.yml | 1 + roles/docker/tasks/services/gitea.yml | 1 + roles/docker/tasks/services/hedgedoc.yml | 1 + roles/docker/tasks/services/keycloak.yml | 2 ++ roles/docker/tasks/services/mailu.yml | 1 + roles/docker/tasks/services/mastodon.yml | 2 ++ roles/docker/tasks/services/matrix_riot.yml | 1 + roles/docker/tasks/services/membersystem.yml | 2 +- roles/docker/tasks/services/netdata.yml | 2 +- roles/docker/tasks/services/nextcloud.yml | 1 + roles/docker/tasks/services/nginx_proxy.yml | 2 +- roles/docker/tasks/services/openldap.yml | 1 + roles/docker/tasks/services/passit.yml | 2 +- roles/docker/tasks/services/pinafore.yml | 2 ++ roles/docker/tasks/services/portainer.yml | 2 +- roles/docker/tasks/services/postfix.yml | 2 +- roles/docker/tasks/services/privatebin.yml | 2 +- roles/docker/tasks/services/rallly.yml | 2 ++ roles/docker/tasks/services/restic_backup.yml | 1 + roles/docker/tasks/services/watchtower.yml | 1 + roles/docker/tasks/services/websites/2022.slides.data.coop.yml | 1 + roles/docker/tasks/services/websites/cryptoaarhus.dk.yml | 2 +- roles/docker/tasks/services/websites/cryptohagen.dk.yml | 2 +- roles/docker/tasks/services/websites/data.coop.yml | 1 + roles/docker/tasks/services/websites/new.data.coop.yml | 1 + roles/docker/tasks/services/websites/ulovliglogning.dk.yml | 2 ++ roles/ubuntu_base/tasks/base.yml | 1 + roles/ubuntu_base/tasks/dell-apt-repo.yml | 1 + roles/ubuntu_base/tasks/firewall.yml | 1 + roles/ubuntu_base/tasks/main.yml | 1 + roles/ubuntu_base/tasks/ssh-port.yml | 1 + roles/ubuntu_base/tasks/upgrade.yml | 1 + roles/ubuntu_base/tasks/users.yml | 1 + 41 files changed, 47 insertions(+), 10 deletions(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index f69bc093..b811cfbc 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- users: - name: graffen diff --git a/playbook.yml b/playbook.yml index f2c5a1dd..d2ce5af8 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - hosts: all gather_facts: true diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 9779f1e6..8fe76a28 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- volume_root_folder: "/docker-volumes" diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 8958588d..e37a19f9 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -1,7 +1,8 @@ +# vim: ft=yaml.ansible --- - name: "restart nginx" community.docker.docker_container: name: "nginx-proxy" restart: "yes" state: "started" - \ No newline at end of file + diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 148ff671..6b1b29b3 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: add docker gpg key apt_key: diff --git a/roles/docker/tasks/services.yml b/roles/docker/tasks/services.yml index c41f5e46..c05c6b6e 100644 --- a/roles/docker/tasks/services.yml +++ b/roles/docker/tasks/services.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup external services network docker_network: diff --git a/roles/docker/tasks/services/codimd.yml b/roles/docker/tasks/services/codimd.yml index 6e13c21a..55fb18ab 100644 --- a/roles/docker/tasks/services/codimd.yml +++ b/roles/docker/tasks/services/codimd.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: codimd network docker_network: diff --git a/roles/docker/tasks/services/docker_registry.yml b/roles/docker/tasks/services/docker_registry.yml index 660e6846..79c03b7f 100644 --- a/roles/docker/tasks/services/docker_registry.yml +++ b/roles/docker/tasks/services/docker_registry.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: copy docker registry nginx configuration copy: diff --git a/roles/docker/tasks/services/drone.yml b/roles/docker/tasks/services/drone.yml index 874ce03e..157b2a0e 100644 --- a/roles/docker/tasks/services/drone.yml +++ b/roles/docker/tasks/services/drone.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: set up drone with docker runner docker_compose: diff --git a/roles/docker/tasks/services/gitea.yml b/roles/docker/tasks/services/gitea.yml index 514cc9e7..e0234b8b 100644 --- a/roles/docker/tasks/services/gitea.yml +++ b/roles/docker/tasks/services/gitea.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: gitea network docker_network: diff --git a/roles/docker/tasks/services/hedgedoc.yml b/roles/docker/tasks/services/hedgedoc.yml index 7508535c..7e0826c4 100644 --- a/roles/docker/tasks/services/hedgedoc.yml +++ b/roles/docker/tasks/services/hedgedoc.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create hedgedoc volume folders file: diff --git a/roles/docker/tasks/services/keycloak.yml b/roles/docker/tasks/services/keycloak.yml index 3f2da44b..2cb47843 100644 --- a/roles/docker/tasks/services/keycloak.yml +++ b/roles/docker/tasks/services/keycloak.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: setup keycloak containers for sso.data.coop docker_compose: project_name: "keycloak" diff --git a/roles/docker/tasks/services/mailu.yml b/roles/docker/tasks/services/mailu.yml index 745f040b..9cc449a7 100644 --- a/roles/docker/tasks/services/mailu.yml +++ b/roles/docker/tasks/services/mailu.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create mailu volume folders file: diff --git a/roles/docker/tasks/services/mastodon.yml b/roles/docker/tasks/services/mastodon.yml index eae1546f..18d81337 100644 --- a/roles/docker/tasks/services/mastodon.yml +++ b/roles/docker/tasks/services/mastodon.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: create mastodon volume folders file: name: "{{ services.mastodon.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/matrix_riot.yml b/roles/docker/tasks/services/matrix_riot.yml index 34f302d4..7571adc2 100644 --- a/roles/docker/tasks/services/matrix_riot.yml +++ b/roles/docker/tasks/services/matrix_riot.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create matrix volume folders file: diff --git a/roles/docker/tasks/services/membersystem.yml b/roles/docker/tasks/services/membersystem.yml index ca63851e..bf084fe8 100644 --- a/roles/docker/tasks/services/membersystem.yml +++ b/roles/docker/tasks/services/membersystem.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: run membersystem containers docker_compose: project_name: "member.data.coop" diff --git a/roles/docker/tasks/services/netdata.yml b/roles/docker/tasks/services/netdata.yml index e1a7bbe5..3b45b65e 100644 --- a/roles/docker/tasks/services/netdata.yml +++ b/roles/docker/tasks/services/netdata.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup netdata docker container for system monitoring docker_container: name: netdata diff --git a/roles/docker/tasks/services/nextcloud.yml b/roles/docker/tasks/services/nextcloud.yml index d36f8def..1e06a268 100644 --- a/roles/docker/tasks/services/nextcloud.yml +++ b/roles/docker/tasks/services/nextcloud.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: upload vhost config for cloud.data.coop template: diff --git a/roles/docker/tasks/services/nginx_proxy.yml b/roles/docker/tasks/services/nginx_proxy.yml index 8081ab6d..2f92611e 100644 --- a/roles/docker/tasks/services/nginx_proxy.yml +++ b/roles/docker/tasks/services/nginx_proxy.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create nginx-proxy volume folders file: name: "{{ services.nginx_proxy.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/openldap.yml b/roles/docker/tasks/services/openldap.yml index a7682351..4aace814 100644 --- a/roles/docker/tasks/services/openldap.yml +++ b/roles/docker/tasks/services/openldap.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: create ldap volume folders file: diff --git a/roles/docker/tasks/services/passit.yml b/roles/docker/tasks/services/passit.yml index 300c0996..c04f266b 100644 --- a/roles/docker/tasks/services/passit.yml +++ b/roles/docker/tasks/services/passit.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup passit containers docker_compose: project_name: "passit" diff --git a/roles/docker/tasks/services/pinafore.yml b/roles/docker/tasks/services/pinafore.yml index a275f3a1..1234329b 100644 --- a/roles/docker/tasks/services/pinafore.yml +++ b/roles/docker/tasks/services/pinafore.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: Set up Pinafore docker_container: name: pinafore diff --git a/roles/docker/tasks/services/portainer.yml b/roles/docker/tasks/services/portainer.yml index 005da7f4..dae0e871 100644 --- a/roles/docker/tasks/services/portainer.yml +++ b/roles/docker/tasks/services/portainer.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create portainer volume folder file: name: "{{ services.portainer.volume_folder }}" diff --git a/roles/docker/tasks/services/postfix.yml b/roles/docker/tasks/services/postfix.yml index 1fb67df8..f44da25a 100644 --- a/roles/docker/tasks/services/postfix.yml +++ b/roles/docker/tasks/services/postfix.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup network for postfix docker_network: name: postfix diff --git a/roles/docker/tasks/services/privatebin.yml b/roles/docker/tasks/services/privatebin.yml index bede1758..fbbad291 100644 --- a/roles/docker/tasks/services/privatebin.yml +++ b/roles/docker/tasks/services/privatebin.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: create privatebin volume folders file: name: "{{ services.privatebin.volume_folder }}/{{ volume }}" diff --git a/roles/docker/tasks/services/rallly.yml b/roles/docker/tasks/services/rallly.yml index b5e9d2f2..13ce7b97 100644 --- a/roles/docker/tasks/services/rallly.yml +++ b/roles/docker/tasks/services/rallly.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: Create rallly volume folders file: name: "{{ services.rallly.volume_folder }}/postgres" diff --git a/roles/docker/tasks/services/restic_backup.yml b/roles/docker/tasks/services/restic_backup.yml index 9dddb49e..655ddb6d 100644 --- a/roles/docker/tasks/services/restic_backup.yml +++ b/roles/docker/tasks/services/restic_backup.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Setup restic backup docker_compose: diff --git a/roles/docker/tasks/services/watchtower.yml b/roles/docker/tasks/services/watchtower.yml index 7641b0b6..1a656563 100644 --- a/roles/docker/tasks/services/watchtower.yml +++ b/roles/docker/tasks/services/watchtower.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: watchtower container docker_container: diff --git a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml b/roles/docker/tasks/services/websites/2022.slides.data.coop.yml index 36cf17dd..09e06904 100644 --- a/roles/docker/tasks/services/websites/2022.slides.data.coop.yml +++ b/roles/docker/tasks/services/websites/2022.slides.data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup 2022.slides.data.coop website using unipi docker_container: diff --git a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml b/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml index 28d6997d..d059c3c0 100644 --- a/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml +++ b/roles/docker/tasks/services/websites/cryptoaarhus.dk.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup cryptoaarhus.dk website docker container docker_container: name: cryptoaarhus_website diff --git a/roles/docker/tasks/services/websites/cryptohagen.dk.yml b/roles/docker/tasks/services/websites/cryptohagen.dk.yml index dcca2182..b65794f0 100644 --- a/roles/docker/tasks/services/websites/cryptohagen.dk.yml +++ b/roles/docker/tasks/services/websites/cryptohagen.dk.yml @@ -1,5 +1,5 @@ +# vim: ft=yaml.ansible --- - - name: setup cryptohagen.dk website docker container docker_container: name: cryptohagen_website diff --git a/roles/docker/tasks/services/websites/data.coop.yml b/roles/docker/tasks/services/websites/data.coop.yml index 58d8af06..475240f8 100644 --- a/roles/docker/tasks/services/websites/data.coop.yml +++ b/roles/docker/tasks/services/websites/data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Upload vhost config for root domain copy: diff --git a/roles/docker/tasks/services/websites/new.data.coop.yml b/roles/docker/tasks/services/websites/new.data.coop.yml index 90ba65c4..aa89969f 100644 --- a/roles/docker/tasks/services/websites/new.data.coop.yml +++ b/roles/docker/tasks/services/websites/new.data.coop.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: setup new data.coop website using hugo docker_container: diff --git a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml b/roles/docker/tasks/services/websites/ulovliglogning.dk.yml index 7abec88f..4f4c8ca1 100644 --- a/roles/docker/tasks/services/websites/ulovliglogning.dk.yml +++ b/roles/docker/tasks/services/websites/ulovliglogning.dk.yml @@ -1,3 +1,5 @@ +# vim: ft=yaml.ansible +--- - name: setup ulovliglogning.dk website docker container docker_container: name: ulovliglogning_website diff --git a/roles/ubuntu_base/tasks/base.yml b/roles/ubuntu_base/tasks/base.yml index 3289b2c8..f53f924c 100644 --- a/roles/ubuntu_base/tasks/base.yml +++ b/roles/ubuntu_base/tasks/base.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Install necessary packages via apt apt: diff --git a/roles/ubuntu_base/tasks/dell-apt-repo.yml b/roles/ubuntu_base/tasks/dell-apt-repo.yml index b7d9d48c..2472e919 100644 --- a/roles/ubuntu_base/tasks/dell-apt-repo.yml +++ b/roles/ubuntu_base/tasks/dell-apt-repo.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Import dell apt signing key apt_key: diff --git a/roles/ubuntu_base/tasks/firewall.yml b/roles/ubuntu_base/tasks/firewall.yml index 17860a86..85c359a2 100644 --- a/roles/ubuntu_base/tasks/firewall.yml +++ b/roles/ubuntu_base/tasks/firewall.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Setup firewall with UFW community.general.ufw: diff --git a/roles/ubuntu_base/tasks/main.yml b/roles/ubuntu_base/tasks/main.yml index a34d5b09..e6a1f155 100644 --- a/roles/ubuntu_base/tasks/main.yml +++ b/roles/ubuntu_base/tasks/main.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - import_tasks: ssh-port.yml tags: [change-ssh-port] diff --git a/roles/ubuntu_base/tasks/ssh-port.yml b/roles/ubuntu_base/tasks/ssh-port.yml index 1935168d..e02302b5 100644 --- a/roles/ubuntu_base/tasks/ssh-port.yml +++ b/roles/ubuntu_base/tasks/ssh-port.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: Change SSH port on host lineinfile: diff --git a/roles/ubuntu_base/tasks/upgrade.yml b/roles/ubuntu_base/tasks/upgrade.yml index c4cd33b5..0ccc7d68 100644 --- a/roles/ubuntu_base/tasks/upgrade.yml +++ b/roles/ubuntu_base/tasks/upgrade.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: update and upgrade system via apt apt: diff --git a/roles/ubuntu_base/tasks/users.yml b/roles/ubuntu_base/tasks/users.yml index deea3393..8ef07b60 100644 --- a/roles/ubuntu_base/tasks/users.yml +++ b/roles/ubuntu_base/tasks/users.yml @@ -1,3 +1,4 @@ +# vim: ft=yaml.ansible --- - name: "Add users" user: From 5b2f460cad1d075851058f91b3b9685712f5c1aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Mon, 2 Jan 2023 22:19:39 +0100 Subject: [PATCH 7/9] Bump gitea til 1.18.0. --- roles/docker/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index 8fe76a28..bc88a267 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -74,7 +74,7 @@ services: file: gitea.yml domain: "git.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/gitea" - version: 1.17.4 + version: 1.18.0 allowed_sender_domain: true passit: From 99e2d0482931e497fe6720869027a09b400972ed Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Thu, 5 Jan 2023 16:10:44 +0100 Subject: [PATCH 8/9] Set up DKIM for Postfix --- roles/docker/defaults/main.yml | 1 + roles/docker/tasks/services/postfix.yml | 12 ++++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index bc88a267..f43f9a35 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -8,6 +8,7 @@ services: postfix: file: postfix.yml domain: "smtp.{{ base_domain }}" + volume_folder: "{{ volume_root_folder }}/postfix" version: "v3.5.1-alpine" nginx_proxy: diff --git a/roles/docker/tasks/services/postfix.yml b/roles/docker/tasks/services/postfix.yml index f44da25a..ece525e3 100644 --- a/roles/docker/tasks/services/postfix.yml +++ b/roles/docker/tasks/services/postfix.yml @@ -1,20 +1,28 @@ # vim: ft=yaml.ansible --- -- name: setup network for postfix +- name: Set up network for postfix docker_network: name: postfix ipam_config: - subnet: '172.16.0.0/16' gateway: 172.16.0.1 -- name: setup postfix docker container for outgoing mail +- name: Create volume folders for Postfix + file: + name: "{{ services.postfix.volume_folder }}/dkim" + state: directory + +- name: Set up Postfix Docker container for outgoing mail from services docker_container: name: postfix image: boky/postfix:{{ services.postfix.version }} restart_policy: always networks: - name: postfix + volumes: + - "{{ services.postfix.volume_folder }}/dkim:/etc/opendkim/keys" env: # Get all services which have allowed_sender_domain defined ALLOWED_SENDER_DOMAINS: "{{ services | dict2items | selectattr('value.allowed_sender_domain', 'true') | map(attribute='value.domain') | join(' ') }}" HOSTNAME: "{{ services.postfix.domain }}" # the name the smtp server will identify itself as + DKIM_AUTOGENERATE: "true" From 1bbf1edf571a430e2e524519b66650874843074f Mon Sep 17 00:00:00 2001 From: Sam Al-Sapti Date: Fri, 6 Jan 2023 14:49:23 +0100 Subject: [PATCH 9/9] Upgrade Rallly --- roles/docker/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker/defaults/main.yml b/roles/docker/defaults/main.yml index f43f9a35..99b57d3c 100644 --- a/roles/docker/defaults/main.yml +++ b/roles/docker/defaults/main.yml @@ -176,7 +176,7 @@ services: file: rallly.yml domain: "when.{{ base_domain }}" volume_folder: "{{ volume_root_folder }}/rallly" - version: ac55701890cd866ee946deb25e2b2839fb14900e + version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114 allowed_sender_domain: true pinafore: