Sam A.
c6269636cd
Merge branch 'main' into vagrant
2022-11-22 22:10:27 +01:00
Sam A.
fc7ca37b07
Make TCP the default allowed firewall protocol
...
Custom protocol can still be specified by adding `proto: "proto"` to a
loop item.
2022-11-22 21:40:21 +01:00
Sam A.
71cc3e2241
Fix firewall ports format
2022-11-22 21:22:23 +01:00
Sam A.
d53c6d41dc
Merge pull request 'Firewall (UFW)' ( #107 ) from samsapti/ansible:main into main
...
Reviewed-on: #107
2022-11-22 20:05:00 +00:00
Sam A.
9852a42470
Upgrade Element to 1.11.8
2022-11-22 18:59:34 +01:00
Sam A.
efbdcc9a5a
Add missing postfix network to Nextcloud container
2022-11-22 17:45:13 +01:00
Sam A.
e0c0163aae
Add cron container to Nextcloud
2022-11-22 17:40:55 +01:00
Sam A.
fe4b3ede81
Add Redis memcache to Nextcloud
2022-11-22 17:15:59 +01:00
Sam A.
8180a736f7
Use Alpine-based nginx-proxy Docker image
2022-11-22 16:53:34 +01:00
reynir
728cffc453
Expose mastodon streaming api ( #124 )
...
Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Co-authored-by: Víðir Valberg Guðmundsson <valberg@orn.li>
Reviewed-on: #124
Co-authored-by: reynir <data.coop@reynir.dk>
Co-committed-by: reynir <data.coop@reynir.dk>
2022-11-22 13:38:46 +00:00
Víðir Valberg Guðmundsson
31a73f48fb
Upgrade and pin nginx-proxy and acme-companion.
2022-11-22 14:37:31 +01:00
Víðir Valberg Guðmundsson
d467084fb7
Bump mastodon sidekiq threads to 32.
2022-11-22 09:36:36 +01:00
Sam A.
20b977eacb
Upgrade Nextcloud to version 25
2022-11-21 23:42:20 +01:00
Sam A.
e917636d05
Upgrade Nextcloud to 24
2022-11-21 23:37:07 +01:00
Sam A.
1ebfab5abf
Upgrade one major version at a time, 23 now
2022-11-21 23:31:22 +01:00
Sam A.
12effe5673
Upgrade Nextcloud to 25.x.x
2022-11-21 21:34:07 +01:00
Sam A.
a67d82ad88
Some improvements
...
- Always use the new port if the VM is already provisioned
- We're not using a multi-VM setup, so no need to define VM "datacoop"
- Increase minimum required Vagrant version
- Add static IP for hopefully implementing some sort of DNS in the
future
- Hardcode registry domain to use the real registry in Vagrant
2022-11-18 23:35:20 +01:00
Sam A.
d48e684647
Remove notify
2022-11-17 22:17:51 +01:00
Sam A.
6e383d6afa
Simplify SSH configuration
...
Now that the Vagrantfile supplies SSH port information to Ansible, we no
longer need to figure it out in Ansible. Also, since gather_facts (which
requires an SSH connection) is set to true in playbook.yml, one needs to
supply --extra-vars "ansible_port=22" on the commandline when
provisioning for the first time on real hardware, because the port is
hardcoded in the inventory file.
2022-11-17 22:15:26 +01:00
Víðir Valberg Guðmundsson
2c9dce8600
Upgrade gitea to 1.17.3.
2022-11-17 20:50:38 +01:00
Víðir Valberg Guðmundsson
4bc69b49bb
Upgrade mastodon to 4.0.2
2022-11-17 20:40:59 +01:00
Víðir Valberg Guðmundsson
9a5d780f2b
Keep ansible "clean" and do ssh port magic in Vagrantfile.
2022-11-17 08:53:45 +01:00
Sam A.
57ca1e9233
Create separate role for SSH and Vagrant
...
- Added a separate role that first configures SSH, and after that
gathers the ansible_virtualization_role fact, due to gathering facts
requiring an SSH connection
- Renamed ssl_certs_enabled to letsencrypt_enabled and moved that
and the vagrant variable to the be supplied directly to the last two
roles in playbook.yml
- Added tags base_only and setup_services to the new role
ssh_and_vagrant so that it will always be run before anything else
when using deploy.sh
2022-11-16 20:31:44 +01:00
reynir
bcbe0a8285
Set up vhost for both {riot,element}.data.coop ( #121 )
...
A fix for #115 .
Co-authored-by: Reynir Björnsson <reynir@reynir.dk>
Reviewed-on: #121
Co-authored-by: reynir <data.coop@reynir.dk>
Co-committed-by: reynir <data.coop@reynir.dk>
2022-11-16 19:13:45 +00:00
reynir
a92d840ce0
Merge pull request 'Add root keys for all users' ( #120 ) from fix-root-keys into main
...
Reviewed-on: #120
2022-11-16 15:24:44 +00:00
Reynir Björnsson
5a54eb6b1e
Flatten the list
2022-11-16 16:24:22 +01:00
Reynir Björnsson
c802777867
Add root keys for all users
...
And not just the last user.
2022-11-16 16:10:10 +01:00
Reynir Björnsson
a03263b1f5
riot/element: expose port 8080
...
nginx-proxy uses this information to determine if the (in nginx
parlance) server is up.
2022-11-16 13:45:58 +01:00
Víðir Valberg Guðmundsson
253a21432e
Add ssl_certs_enabled variable and use it to avoid ssl certs when running on vagrant
2022-11-15 22:06:53 +00:00
Sam A.
a6cb0a8e65
Remove state: latest
2022-11-15 22:06:53 +00:00
Sam A.
c676d69fc0
Naming changes
2022-11-15 22:06:53 +00:00
Sam A.
c74cc4413a
Simplify config and rename some files
2022-11-15 22:06:53 +00:00
Sam A.
50fa65d55e
Don't use local config for Docker registry login
...
It doesn't work when deploying in Vagrant :(
2022-11-15 22:06:53 +00:00
Sam A.
eeecfca7ef
Vagrant: Use same Ubuntu version as in production
2022-11-15 22:06:53 +00:00
Sam A.
1744cf7585
Fix SSH port logic again
2022-11-15 22:06:53 +00:00
Sam A.
b310e191f8
Some Vagrant fixes
...
Only install Dell OpenManage if not running in a VM, and fix SSH port
logic.
2022-11-15 22:06:53 +00:00
Sam A.
b56690a33e
Make Ansible setup testable in Vagrant
...
Added logic to change the sshd port if not already configured,
configued Vagrantfile to work properly and fixed a couple of deploy
errors.
2022-11-15 22:06:53 +00:00
Sam A.
52ead4fee5
Remove volume_root_folder from vars.yml
...
It is defined later in the docker role already.
2022-11-15 20:52:38 +01:00
Sam A.
58dbf9ff22
Allow only TCP traffic on specified ports
2022-11-15 20:42:18 +01:00
Sam A.
ba44677cf3
Avoid conflicts with built-in function name keys
2022-11-15 20:28:34 +01:00
Sam A.
fc0c0c5036
Always update password and overwrite keys
2022-11-15 19:57:17 +01:00
valberg
5b2e2c0f60
Merge pull request 'Lock account 'graffen'' ( #102 ) from lock-graffen into main
...
Reviewed-on: #102
2022-11-13 12:28:38 +00:00
Sam A.
42e1900715
Delete unused secrets
2022-11-12 23:06:45 +01:00
Sam A.
d597a956ff
Add installation of community modules to deploy.sh
2022-11-12 19:41:57 +01:00
Sam A.
5f718e1027
Add firewall setup with UFW
2022-11-12 19:41:55 +01:00
Reynir Björnsson
536441d24b
Fix 2022.slides, and use git.data.coop repo
...
The ocaml-git fix has been released, and don't call the container
new-new.data.coop_website D:
2022-11-12 19:30:38 +01:00
Sam A.
bf60417904
Fix FIDO2 authentication in Passit
2022-11-12 19:21:58 +01:00
Víðir Valberg Guðmundsson
aecb929dbb
Add a way to only run the base role.
2022-11-11 22:16:22 +01:00
valberg
f905696264
Add admin user ( #108 )
...
Welcome aboard!
2022-11-11 18:05:10 +00:00
Sam A.
d4f8fbcebe
Add Sam as admin user
2022-11-11 18:33:18 +01:00