diff --git a/.gitguardian.yaml b/.gitguardian.yaml new file mode 100644 index 00000000..aa33f42c --- /dev/null +++ b/.gitguardian.yaml @@ -0,0 +1,7 @@ +secret: + ignored_matches: + - match: d2ce934bc4bb8262e33b0dfd8cc43f9c8e3178e7154f880f1725359f2aa2dbcd + name: Cloudflare API Token - rinoa-terraform/cloudflare/.tfvars:l.3 + - match: 3d3a5780c31d730d80581a0f4d2e0a27eb986a6f6427192741fa8db06226d691 + name: Generic High Entropy Secret - rinoa-terraform/cloudflare/.tfvars:l.6 +version: 2 diff --git a/ansible/app-configs/invidious_config.yml.j2 b/ansible/app-configs/invidious_config.yml.j2 index a1c0574a..7aff109b 100644 --- a/ansible/app-configs/invidious_config.yml.j2 +++ b/ansible/app-configs/invidious_config.yml.j2 @@ -1,3 +1,6 @@ +{% set vault_addr = 'https://vault.trez.wtf' %} +{% set secrets_path = 'rinoa-docker/env' %} + ######################################### # # Database and other external servers diff --git a/jitsiadminenv b/jitsiadminenv new file mode 100644 index 00000000..6f7a6394 --- /dev/null +++ b/jitsiadminenv @@ -0,0 +1,87 @@ +###> SYMFONY/FRAMEWORK-BUNDLE ### +APP_ENV: prod +APP_DEBUG: 0 +APP_SECRET: ${JITSI_ADMIN_APP_SECRET} + +###ODC PARAMETERS### +IMPRINT: rinoa +DATAPRIVACY: rinoa +HELPURL: + +###CRON PARAMETERS### +CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN} +CRON_IPADRESS: 127.0.0.1 + +###EMAILS### +DEV_EMAIL: noreply@${MY_TLD} + +TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16 + +###> DEMO ### +DEMO_INSTALLATION: PROD +###< DEMO ### + +###> MATOMO ### +MATOMO_ENABLE: 0 +MATOMO_ID: 1 +matomo_url: analytics.local.com +###< MATOMO ### + + +###> LAF ### +LAF_BBB: 0 +LAF_STARTPAGE: FALSE +LAF_ONLYREGISTEREDPARTICIPENTS: 0 +LAF_VERSION: 2.0.0-DEV +LAF_PEXEL_API_KEY: #ENTERAPIKEYHERE +LAF_PEXEL_REFRESH_TIME: 1200 +LAF_EMAILTEXTLOGIN: 1 +LAF_CREATESERVEROPENTOEVERYONE: 1 +LAF_KEYCLOAKGROUPTOCREATESERVER: /user +LAF_ADMINISTRATOREMAIL: charish.patel@${MY_TLD} +LAF_NOTIFICATIONURL: "" +LAF_BBB_URL: "" +LAF_MAX_REPEAT: 56 +LAF_REFRESHTIMEDASHBOARD: 10000 +LAF_DARKMODEASDEFAULT: 0 +LAF_SHOWNAME: "user.username$" +LAF_SHOWNAMEFRONTEND: "user.firstname$ user.lastname$" +LAF_ADDPARTICIPANTSNOINPUT: 0 +LAF_ROOMSMOREOPTIONSCOLLAPSED: 1 +LAF_LOBBY_REKNOCKTIME: 60 +LAF_LOBBY_POPUPDURATION: 3000 +###< LAF ### + +###> DEFAULT JITSI SERVER ### +DEFAULT_JITSI_SERVER_ID: 0 +###< DEFAULT JITSI SERVER ### + +### ENTERPRISE SETTINGS ### +ENTERPRISE_NOEXTERNAL: 0 +ALLOWTIMEZONESWITCH: 0 +EMAILSENDERISMODERATOR: 0 +###### + +### LDAP SETTINGS ### +LDAP_URL: 'ldap://lldap:3890' +LDAP_BIND_DN: 'uid: admin,ou: system;uid: admin,ou: system' +LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD} +LDAP_USER_DN: 'ou=people,dc=trez,dc=wtf' +LDAP_USER_OBJECT_CLASSES: 'person,organizationalperson,user;person,organizationalperson,user' +LDAP_SEARCH_SCOPE: 'sub;ONE' +LDAP_USERNAME_ATTRIBUTE: 'uid;UID' +LDAP_ATTRIBUTE_MAPPER: '{"firstname":"givenname", "lastname":"sn", "email":"uid"};{"firstname":"givenname", "lastname":"sn", "email":"uid"}' +LDAP_BIND_TYPE: simple +LDAP_FILTER: ';' +LDAP_RDN_LDAP_ATTRIBUTE: uid,uid +LDAP_UUID_LDAP_ATTRIBUTE: objectguid +LDAP_SERVER_INDIVIDUALNAME: ldap +###### + +### UPLOADSETTING +AWS_BUCKET_NAME: jitsi-admin +AWS_BASE_URL: http://minio:9000 +AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY} +AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY} +### +