Commit Graph

27 Commits

Author SHA1 Message Date
0a3d34d962
Adjust themis httpd directory options
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Some directory options are not needed and were listed with syntax
issues. Set to false to prevent "Options" from
being added, which equals "Options +FollowSymLinks".

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 18:16:35 +02:00
b685f16c91
Add manage_firewall conditional
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Allow us to enroll machines in Salt which do not yet have their firewall
configuration imported without having their rules overwritten.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-30 16:07:21 +02:00
b1249e69eb Merge pull request 'Import themis / PrivateBin' (#40) from privatebin into production
Some checks failed
ci/lysergic/push/pipeline Pipeline failed
Reviewed-on: #40
2023-04-30 14:37:12 +02:00
f32d814658
id.themis: import backend firewall rules
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Allow HTTPS traffic.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-29 18:39:30 +02:00
9d9e61d51d
Add tg lucy channel mapping
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-14 18:45:51 +05:30
508c0dc1b2
Add Chillnet to matterbridge
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-10 00:25:14 +05:30
6ebd02042f
Refactor matterbridge_media macro
Signed-off-by: Pratyush Desai <pratyush.desai@liberta.casa>
2023-04-10 00:18:59 +05:30
4ff7a39f0e
id.themis: import PrivateBin httpd vhost
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-12 17:21:32 +01:00
bf3aaa5ff1
id.themis: import PrivateBin configuration
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-03-12 17:01:17 +01:00
d8d848055f
id.themis: add BookStack configuration
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:28 +01:00
e36d40dbc3
id.themis: add BookStack httpd configuration
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-26 13:14:28 +01:00
cade9c0aca
Moni: Read Blackbox targets as JSON
Use uniform JSON target files instead of a JSON/YAML mix.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-21 19:06:03 +01:00
979021f5c4
Import Prometheus server configuration
* add new roles:
  - monitoring.prometheus
  - monitoring.prometheus-alertmanager
  - monitoring.prometheus-exporter-blackbox
* add common Prometheus and Prometheus Alertmanager pillar data
* add moni.lysergic.dev specific Prometheus pillar data

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-21 19:05:03 +01:00
18d28c3b7f
Address salt-lint errors/warnings
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
- remove trailing whitespaces
- format octal modes correctly

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-15 23:18:54 +01:00
a0a21a17db
nemesis/hubris: include denc.web-proxy
Add shared nginx configuration to nemesis/hubris HA pair nodes.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 05:21:42 +01:00
1f8d8b642c
dericom02: manage web firewall zone
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Import locally configured web zone into Salt. This zone allows the web
proxy to reach http for serving Matterbridge media.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 03:49:40 +01:00
16c8cd3dd5
dericom02: disable matterbridge XMPP debug
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
It's very noisy - one can enable it on demand if needed.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:53:04 +01:00
1302e06486
Disable "aithunder" Discord bridge
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Discord room does not exist.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:25:55 +01:00
12c47a346b
dericom02: quote matterbridge booleans
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
TOML configuration format needs lowercase boolean values.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 02:13:03 +01:00
1aacd3f340
dericom02: manage matterbridge media
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
- move base media directory to variable
- add lighttpd vhosts to pillar

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-12 00:51:59 +01:00
07d325d777
dericom02: import Matterbridge configuration
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 22:29:02 +01:00
f678de8560
derimisc01: import Tor configuration
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-07 18:35:40 +01:00
70ca4fabc8
Set webirc backend to https
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Ergo rightfully does not accept plain text websocket connections.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:20:19 +01:00
82cad3b099
Include libertacasa for liberta.casa
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Fallout from 77fa39e59c - libertacasa
nginx snippet needs to be included in liberta.casa server for main
website to operate on the clearnet.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:10:14 +01:00
df3eeede1d
Repair liberta.casa TLS include
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Accidentally mixed up the libertacasa with the libertacasa2 nginx
TLS snippet.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-06 14:01:23 +01:00
1b619358a8
deriweb01: import nginx configuration
All checks were successful
ci/lysergic/push/pipeline Pipeline was successful
Transfer local/manual nginx configuration structure into pillar.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-05 11:56:27 +01:00
8c72e7c63a
Add id/role pillar README's
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-01-21 18:28:54 +01:00