From 10de6fac7f31b3e2143a591be3cc392692f946ef Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Wed, 7 May 2025 08:31:12 -0400 Subject: [PATCH 01/13] InvoiceNinja config and re-adding WhoDB. --- .../invoice-ninja_invoice-ninja.env.j2 | 24 +++--- docker-compose.yml | 74 +++++++++++++------ 2 files changed, 62 insertions(+), 36 deletions(-) diff --git a/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 b/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 index 284dcb14..2c8dc97a 100644 --- a/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 +++ b/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 @@ -2,8 +2,8 @@ {% set secrets_path = 'rinoa-docker/env' %} # IN application vars -IN_APP_URL=http://in.localhost:8003 -IN_APP_KEY= +IN_APP_URL=https://biz.trez.wtf +IN_APP_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_APP_KEY'] }} IN_APP_DEBUG=true IN_REQUIRE_HTTPS=false IN_PHANTOMJS_PDF_GENERATION=false @@ -14,11 +14,11 @@ IN_TRUSTED_PROXIES='*' IN_QUEUE_CONNECTION=database # DB connection -IN_DB_HOST=db +IN_DB_HOST=mariadb IN_DB_PORT=3306 -IN_DB_DATABASE=ninja -IN_DB_USERNAME=ninja -IN_DB_PASSWORD=ninja +IN_DB_DATABASE=invoice_ninja +IN_DB_USERNAME=ininja +IN_DB_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_MYSQL_PASSWORD'] }} # Create initial user # Default to these values if empty @@ -29,13 +29,13 @@ IN_PASSWORD= # Mail options IN_MAIL_MAILER=log -IN_MAIL_HOST=smtp.mailtrap.io -IN_MAIL_PORT=2525 -IN_MAIL_USERNAME=null -IN_MAIL_PASSWORD=null +IN_MAIL_HOST=postal-smtp +IN_MAIL_PORT=25 +IN_MAIL_USERNAME={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }} +IN_MAIL_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} IN_MAIL_ENCRYPTION=null -IN_MAIL_FROM_ADDRESS='user@example.com' -IN_MAIL_FROM_NAME='Self Hosted User' +IN_MAIL_FROM_ADDRESS='noreply@trez.wtf' +IN_MAIL_FROM_NAME='Treasured IT' # MySQL IN_MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword diff --git a/docker-compose.yml b/docker-compose.yml index ecbfcc1d..032e671f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -616,30 +616,6 @@ services: networks: default: null restart: unless-stopped - bytebase: - container_name: bytebase - image: bytebase/bytebase:3.5.0 - labels: - homepage.group: System Administration - homepage.name: Bytebase - homepage.href: https://dbs.${MY_TLD} - homepage.icon: /icons/bytebase.png - homepage.description: Database-as-Code CI/CD - swag: enable - swag_port: 8080 - swag_proto: http - swag_url: dbs.${MY_TLD} - swag_server_custom_directive: | - access_log /config/log/$$host_access.log ; - error_log /config/log/$$host_error.log ; - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} - swag.uptime-kuma.monitor.interval: 300 - ports: - - 49054:8080 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/bytebase:/var/opt/bytebase bytestash: container_name: bytestash environment: @@ -1351,6 +1327,27 @@ services: source: /home/charish/.config/appdata target: /source type: bind + excalidraw: + container_name: excalidraw + image: 'excalidraw/excalidraw:latest' + labels: + homepage.group: Personal/Professional Services + homepage.name: Excalidraw + homepage.href: https://draw.${MY_TLD} + homepage.icon: excalidraw.svg + homepage.description: Virtual whiteboard for sketching hand-drawn like diagrams + swag: enable + swag_proto: http + swag_url: draw.${MY_TLD} + swag_server_custom_directive: | + access_log /config/log/$$host_access.log ; + error_log /config/log/$$host_error.log ; + swag.uptime-kuma.enabled: true + swag.uptime-kuma.monitor.url: https://draw.${MY_TLD} + swag.uptime-kuma.monitor.interval: 300 + ports: + - 53721:80 + restart: unless-stopped explo: container_name: explo environment: @@ -5351,6 +5348,35 @@ services: ports: - 3010:3000 restart: unless-stopped + whodb: + container_name: whodb + image: clidey/whodb + environment: + WHODB_POSTGRES_1: '[{"host":"authelia-pg","user":"authelia","password":"${AUTHELIA_STORAGE_POSTGRES_PASSWORD}","database":"authelia"},{"host":"bitmagnet-pg-db","user":"bitmagnet","password":"${BITMAGNET_POSTGRESQL_PASSWORD}","database":"bitmagnet"},{"host":"dawarich-pg-db","user":"dawarich","password":"${DAWARICH_PG_PASSWORD}","database":"dawarich"},{"host":"gitea-db","user":"gitea","password":"${GITEA_PG_DB_PASSWORD}","database":"gitea"},{"host":"immich-pg-db","user":"immich","password":"${IMMICH_DB_PASSWORD}","database":"immich"},{"host":"invidious-db","user":"kemal","password":"${INVID_PG_DB_PASSWORD}","database":"invidious"},{"host":"librechat-vectordb","user":"librechat","password":"${LIBRECHAT_PG_DB_PASSWD}","database":"librechat"},{"host":"mastodon-pg-db","user":"mastodon","password":"${MASTODON_PG_DB_PASSWORD}","database":"mastodon"},{"host":"reactive-resume-pg","user":"reactiveresume","password":"${REACTIVE_RESUME_PGSQL_PASSWORD}","database":"reactiveresume"},{"host":"sonarqube-pg-db","user":"sonar","password":"${SONARQUBE_POSTGRES_PASSWORD}","database":"sonar"},{"host":"tandoor-pg","user":"tandoor","password":"${TANDOOR_POSTGRES_PASSWORD}","database":"tandoor"},{"host":"zammad-postgresql","user":"zammad","password":"${ZAMMAD_POSTGRES_PASS}","database":"zammad_production"}]' + WHODB_MARIADB_1: '[{"host":"mariadb","user":"root","password":"${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}","database":"mysql"}]' + WHODB_MONGODB_1: '{"host":"mongodb:27017/admin?replicaSet=rinoa","user":"root","password":"${MONGO_INITDB_ROOT_PASSWORD}"}' + WHODB_OLLAMA_HOST: ollama + WHODB_OLLAMA_PORT: 11434 + WHODB_ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY} + WHODB_OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY} + expose: + - 8080 + labels: + homepage.group: System Administration + homepage.name: WhoDB + homepage.href: https://dbs.${MY_TLD} + homepage.icon: whodb.png + homepage.description: Database-as-Code CI/CD + swag: enable + swag_port: 8080 + swag_proto: http + swag_url: dbs.${MY_TLD} + swag_server_custom_directive: | + access_log /config/log/$$host_access.log ; + error_log /config/log/$$host_error.log ; + swag.uptime-kuma.enabled: true + swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} + swag.uptime-kuma.monitor.interval: 300 youtubedl: container_name: youtubedl environment: From 99624f27b670eccb5d5bef7fe56273afdde80835 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 8 May 2025 08:45:10 -0400 Subject: [PATCH 02/13] Ansiblee token. --- ansible/group_vars/all.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 023817ab..c3a3a4da 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,14 +1,14 @@ vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 64633862363730303434663261343764323731376539646264333339303234333733306234616462 - 6634333934373065633632376165636432346330396538330a626633666365353362656139643362 - 38636133326633316339346237326438626538613433656364333132333630366135663836396131 - 6132316130623936660a353432653864366539616433356537386633633437626133313262353363 - 65356538666366393934316231313037393061373763313164643331396331326533613132303531 - 39623836313031343034353163353339653330623139663266303836643632323237353335303361 - 66353833643564653666323835613863313232626538626163333231306461393535376338646633 - 64303965653730313565613735386230616137393034613437353261333737313236386530383163 - 65393238623237616135356361353836343532396137323734346136313466663036 + 62333037633764373439393139343164393061303233373639313836373531376231393735623730 + 3237663231326262333965346264316539336230383739380a633739643639333938393130336262 + 62366233653161366438386337636633336561313338306139343261333039623363666631346433 + 3039656434366566620a376330346437623431383339363037333762633837383362336537346266 + 63383736633562373932653933373039636230303033643838393731306234333661386435373731 + 35323031393562653836303233316631623631346634363665646362643434363732363262313233 + 38613536636166363632353763386361653337653630386431613830643232623762313461316665 + 65373965336433636437346662353531326266656162663765313737633434666663653465393765 + 66646232323830326366323461633666386532356164393266386134343733343837 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}" secrets_path: "rinoa-docker/env" From 5e923a076ec07ba9d0234d54a58ea3b4595c1137 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 8 May 2025 12:34:35 -0400 Subject: [PATCH 03/13] Updating Ansible vars. --- ansible/group_vars/all.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index c3a3a4da..922e8d8f 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,14 +1,14 @@ vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 62333037633764373439393139343164393061303233373639313836373531376231393735623730 - 3237663231326262333965346264316539336230383739380a633739643639333938393130336262 - 62366233653161366438386337636633336561313338306139343261333039623363666631346433 - 3039656434366566620a376330346437623431383339363037333762633837383362336537346266 - 63383736633562373932653933373039636230303033643838393731306234333661386435373731 - 35323031393562653836303233316631623631346634363665646362643434363732363262313233 - 38613536636166363632353763386361653337653630386431613830643232623762313461316665 - 65373965336433636437346662353531326266656162663765313737633434666663653465393765 - 66646232323830326366323461633666386532356164393266386134343733343837 + 61343666636564663533636435656630376236346332306433656336303736366132303032663764 + 3835353364306230383738653761383139636133396266330a326161326533376162363266623461 + 30313164626432313064366534356261353235313439363533373566336430653437343831316162 + 3165663238643262640a313335316332313463333339373639393036306266376431613933643739 + 63653462383738363838303939306566613638313366613565363364633133313632626665356631 + 31623137363436653236396237643136313164383739303364663532646161336239333831393532 + 65643963623863636463313335353566643466363963633561363931353636333565633636626637 + 64393631353237636161653738343765396434313861636361663239613663333239346535643230 + 34363631333461656331643066386638323439656463393839326662396464353339 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}" secrets_path: "rinoa-docker/env" From 27cf4bbb4add474576ae509d861e33a61c0b2ccf Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 8 May 2025 18:47:13 -0400 Subject: [PATCH 04/13] Removing Homepage labels from Immich PT. --- docker-compose.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 032e671f..7f21433d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1998,12 +1998,6 @@ services: IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY} IMMICH_URL: http://immich-server:2283 image: ghcr.io/varun-raj/immich-power-tools:latest - labels: - homepage.group: Lifestyle - homepage.name: Immich Power Tools - homepage.href: https://pics.${MY_TLD}/tools - homepage.icon: sh-immich-power-tools.png - homepage.description: Tools for Immich ports: - 54018:3000 restart: unless-stopped From 1d1f7dce5d4b30dbeeac40d4f99ff9c6cb2acd7a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Thu, 8 May 2025 20:12:19 -0400 Subject: [PATCH 05/13] Updating Ansible vars. --- ansible/group_vars/all.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 922e8d8f..61790d42 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,14 +1,14 @@ vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 61343666636564663533636435656630376236346332306433656336303736366132303032663764 - 3835353364306230383738653761383139636133396266330a326161326533376162363266623461 - 30313164626432313064366534356261353235313439363533373566336430653437343831316162 - 3165663238643262640a313335316332313463333339373639393036306266376431613933643739 - 63653462383738363838303939306566613638313366613565363364633133313632626665356631 - 31623137363436653236396237643136313164383739303364663532646161336239333831393532 - 65643963623863636463313335353566643466363963633561363931353636333565633636626637 - 64393631353237636161653738343765396434313861636361663239613663333239346535643230 - 34363631333461656331643066386638323439656463393839326662396464353339 + 36646134303531336661343065376164323064356362333966333334616530613430656330666231 + 3239616565653332613539356231316337323638306463320a616137396534653839383039393465 + 31666566393063356534613364633732623365376163346534383363333333383237376563646261 + 6538633764633666360a333730313262613431346239386131636338663835306235613961613562 + 63343662656139333037366366346364393863353764353134666337326534333361373062343930 + 30653534336532393234343466343039303163626434633337613831363961323964633830663639 + 31653936353236623834303364306534623032626530396463623132303232366139633563306664 + 39393462353239313737346563376436336463616561326130303366613663313366663063646437 + 66656637383736313461363963316335663665373735316537393338626436343262 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}" secrets_path: "rinoa-docker/env" From 0cd160ace60200d2d0a9df7fd28e671a21857b9f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 9 May 2025 13:04:55 -0400 Subject: [PATCH 06/13] ... --- .gitguardian.yaml | 7 ++ ansible/app-configs/invidious_config.yml.j2 | 3 + jitsiadminenv | 87 +++++++++++++++++++++ 3 files changed, 97 insertions(+) create mode 100644 .gitguardian.yaml create mode 100644 jitsiadminenv diff --git a/.gitguardian.yaml b/.gitguardian.yaml new file mode 100644 index 00000000..aa33f42c --- /dev/null +++ b/.gitguardian.yaml @@ -0,0 +1,7 @@ +secret: + ignored_matches: + - match: d2ce934bc4bb8262e33b0dfd8cc43f9c8e3178e7154f880f1725359f2aa2dbcd + name: Cloudflare API Token - rinoa-terraform/cloudflare/.tfvars:l.3 + - match: 3d3a5780c31d730d80581a0f4d2e0a27eb986a6f6427192741fa8db06226d691 + name: Generic High Entropy Secret - rinoa-terraform/cloudflare/.tfvars:l.6 +version: 2 diff --git a/ansible/app-configs/invidious_config.yml.j2 b/ansible/app-configs/invidious_config.yml.j2 index a1c0574a..7aff109b 100644 --- a/ansible/app-configs/invidious_config.yml.j2 +++ b/ansible/app-configs/invidious_config.yml.j2 @@ -1,3 +1,6 @@ +{% set vault_addr = 'https://vault.trez.wtf' %} +{% set secrets_path = 'rinoa-docker/env' %} + ######################################### # # Database and other external servers diff --git a/jitsiadminenv b/jitsiadminenv new file mode 100644 index 00000000..6f7a6394 --- /dev/null +++ b/jitsiadminenv @@ -0,0 +1,87 @@ +###> SYMFONY/FRAMEWORK-BUNDLE ### +APP_ENV: prod +APP_DEBUG: 0 +APP_SECRET: ${JITSI_ADMIN_APP_SECRET} + +###ODC PARAMETERS### +IMPRINT: rinoa +DATAPRIVACY: rinoa +HELPURL: + +###CRON PARAMETERS### +CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN} +CRON_IPADRESS: 127.0.0.1 + +###EMAILS### +DEV_EMAIL: noreply@${MY_TLD} + +TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16 + +###> DEMO ### +DEMO_INSTALLATION: PROD +###< DEMO ### + +###> MATOMO ### +MATOMO_ENABLE: 0 +MATOMO_ID: 1 +matomo_url: analytics.local.com +###< MATOMO ### + + +###> LAF ### +LAF_BBB: 0 +LAF_STARTPAGE: FALSE +LAF_ONLYREGISTEREDPARTICIPENTS: 0 +LAF_VERSION: 2.0.0-DEV +LAF_PEXEL_API_KEY: #ENTERAPIKEYHERE +LAF_PEXEL_REFRESH_TIME: 1200 +LAF_EMAILTEXTLOGIN: 1 +LAF_CREATESERVEROPENTOEVERYONE: 1 +LAF_KEYCLOAKGROUPTOCREATESERVER: /user +LAF_ADMINISTRATOREMAIL: charish.patel@${MY_TLD} +LAF_NOTIFICATIONURL: "" +LAF_BBB_URL: "" +LAF_MAX_REPEAT: 56 +LAF_REFRESHTIMEDASHBOARD: 10000 +LAF_DARKMODEASDEFAULT: 0 +LAF_SHOWNAME: "user.username$" +LAF_SHOWNAMEFRONTEND: "user.firstname$ user.lastname$" +LAF_ADDPARTICIPANTSNOINPUT: 0 +LAF_ROOMSMOREOPTIONSCOLLAPSED: 1 +LAF_LOBBY_REKNOCKTIME: 60 +LAF_LOBBY_POPUPDURATION: 3000 +###< LAF ### + +###> DEFAULT JITSI SERVER ### +DEFAULT_JITSI_SERVER_ID: 0 +###< DEFAULT JITSI SERVER ### + +### ENTERPRISE SETTINGS ### +ENTERPRISE_NOEXTERNAL: 0 +ALLOWTIMEZONESWITCH: 0 +EMAILSENDERISMODERATOR: 0 +###### + +### LDAP SETTINGS ### +LDAP_URL: 'ldap://lldap:3890' +LDAP_BIND_DN: 'uid: admin,ou: system;uid: admin,ou: system' +LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD} +LDAP_USER_DN: 'ou=people,dc=trez,dc=wtf' +LDAP_USER_OBJECT_CLASSES: 'person,organizationalperson,user;person,organizationalperson,user' +LDAP_SEARCH_SCOPE: 'sub;ONE' +LDAP_USERNAME_ATTRIBUTE: 'uid;UID' +LDAP_ATTRIBUTE_MAPPER: '{"firstname":"givenname", "lastname":"sn", "email":"uid"};{"firstname":"givenname", "lastname":"sn", "email":"uid"}' +LDAP_BIND_TYPE: simple +LDAP_FILTER: ';' +LDAP_RDN_LDAP_ATTRIBUTE: uid,uid +LDAP_UUID_LDAP_ATTRIBUTE: objectguid +LDAP_SERVER_INDIVIDUALNAME: ldap +###### + +### UPLOADSETTING +AWS_BUCKET_NAME: jitsi-admin +AWS_BASE_URL: http://minio:9000 +AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY} +AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY} +### + From c340713d5586db7b734f82add35d01f7ae75da53 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 9 May 2025 13:05:36 -0400 Subject: [PATCH 07/13] ... --- .gitguardian.yaml | 7 ---- jitsiadminenv | 87 ----------------------------------------------- 2 files changed, 94 deletions(-) delete mode 100644 .gitguardian.yaml delete mode 100644 jitsiadminenv diff --git a/.gitguardian.yaml b/.gitguardian.yaml deleted file mode 100644 index aa33f42c..00000000 --- a/.gitguardian.yaml +++ /dev/null @@ -1,7 +0,0 @@ -secret: - ignored_matches: - - match: d2ce934bc4bb8262e33b0dfd8cc43f9c8e3178e7154f880f1725359f2aa2dbcd - name: Cloudflare API Token - rinoa-terraform/cloudflare/.tfvars:l.3 - - match: 3d3a5780c31d730d80581a0f4d2e0a27eb986a6f6427192741fa8db06226d691 - name: Generic High Entropy Secret - rinoa-terraform/cloudflare/.tfvars:l.6 -version: 2 diff --git a/jitsiadminenv b/jitsiadminenv deleted file mode 100644 index 6f7a6394..00000000 --- a/jitsiadminenv +++ /dev/null @@ -1,87 +0,0 @@ -###> SYMFONY/FRAMEWORK-BUNDLE ### -APP_ENV: prod -APP_DEBUG: 0 -APP_SECRET: ${JITSI_ADMIN_APP_SECRET} - -###ODC PARAMETERS### -IMPRINT: rinoa -DATAPRIVACY: rinoa -HELPURL: - -###CRON PARAMETERS### -CRON_TOKEN: ${JITSI_ADMIN_CRON_TOKEN} -CRON_IPADRESS: 127.0.0.1 - -###EMAILS### -DEV_EMAIL: noreply@${MY_TLD} - -TRUSTED_PROXIES: 127.0.0.1,172.18.0.0/16 - -###> DEMO ### -DEMO_INSTALLATION: PROD -###< DEMO ### - -###> MATOMO ### -MATOMO_ENABLE: 0 -MATOMO_ID: 1 -matomo_url: analytics.local.com -###< MATOMO ### - - -###> LAF ### -LAF_BBB: 0 -LAF_STARTPAGE: FALSE -LAF_ONLYREGISTEREDPARTICIPENTS: 0 -LAF_VERSION: 2.0.0-DEV -LAF_PEXEL_API_KEY: #ENTERAPIKEYHERE -LAF_PEXEL_REFRESH_TIME: 1200 -LAF_EMAILTEXTLOGIN: 1 -LAF_CREATESERVEROPENTOEVERYONE: 1 -LAF_KEYCLOAKGROUPTOCREATESERVER: /user -LAF_ADMINISTRATOREMAIL: charish.patel@${MY_TLD} -LAF_NOTIFICATIONURL: "" -LAF_BBB_URL: "" -LAF_MAX_REPEAT: 56 -LAF_REFRESHTIMEDASHBOARD: 10000 -LAF_DARKMODEASDEFAULT: 0 -LAF_SHOWNAME: "user.username$" -LAF_SHOWNAMEFRONTEND: "user.firstname$ user.lastname$" -LAF_ADDPARTICIPANTSNOINPUT: 0 -LAF_ROOMSMOREOPTIONSCOLLAPSED: 1 -LAF_LOBBY_REKNOCKTIME: 60 -LAF_LOBBY_POPUPDURATION: 3000 -###< LAF ### - -###> DEFAULT JITSI SERVER ### -DEFAULT_JITSI_SERVER_ID: 0 -###< DEFAULT JITSI SERVER ### - -### ENTERPRISE SETTINGS ### -ENTERPRISE_NOEXTERNAL: 0 -ALLOWTIMEZONESWITCH: 0 -EMAILSENDERISMODERATOR: 0 -###### - -### LDAP SETTINGS ### -LDAP_URL: 'ldap://lldap:3890' -LDAP_BIND_DN: 'uid: admin,ou: system;uid: admin,ou: system' -LDAP_PASSWORD: ${JITSI_ADMIN_LDAP_BIND_PASSWORD} -LDAP_USER_DN: 'ou=people,dc=trez,dc=wtf' -LDAP_USER_OBJECT_CLASSES: 'person,organizationalperson,user;person,organizationalperson,user' -LDAP_SEARCH_SCOPE: 'sub;ONE' -LDAP_USERNAME_ATTRIBUTE: 'uid;UID' -LDAP_ATTRIBUTE_MAPPER: '{"firstname":"givenname", "lastname":"sn", "email":"uid"};{"firstname":"givenname", "lastname":"sn", "email":"uid"}' -LDAP_BIND_TYPE: simple -LDAP_FILTER: ';' -LDAP_RDN_LDAP_ATTRIBUTE: uid,uid -LDAP_UUID_LDAP_ATTRIBUTE: objectguid -LDAP_SERVER_INDIVIDUALNAME: ldap -###### - -### UPLOADSETTING -AWS_BUCKET_NAME: jitsi-admin -AWS_BASE_URL: http://minio:9000 -AWS_KEY: ${JITSI_ADMIN_S3_ACCESS_KEY} -AWS_SECRET_KEY: ${JITSI_ADMIN_S3_SECRET_KEY} -### - From a34043b4a871b94e1f13f8cd82402000d86b1886 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 9 May 2025 14:38:29 -0400 Subject: [PATCH 08/13] ..... --- .gitea/workflows/pr-cloudflare-docker-deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/pr-cloudflare-docker-deploy.yml b/.gitea/workflows/pr-cloudflare-docker-deploy.yml index 648041b8..dc73ac6e 100644 --- a/.gitea/workflows/pr-cloudflare-docker-deploy.yml +++ b/.gitea/workflows/pr-cloudflare-docker-deploy.yml @@ -95,6 +95,7 @@ jobs: options: | --inventory inventory/hosts.yml --check + -vvv requirements: collections/requirements.yml vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} - name: Gotify Notification From 00174fb46cfbfc3bf8623de8af917cfb4ad5d6fa Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Fri, 9 May 2025 15:25:29 -0400 Subject: [PATCH 09/13] Ansible... --- ansible/inventory/host_vars.yml | 24 ++++++++++++------------ ansible/ssh_pass.yml | 12 ++++++------ 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/ansible/inventory/host_vars.yml b/ansible/inventory/host_vars.yml index 24038d37..66f9c289 100644 --- a/ansible/inventory/host_vars.yml +++ b/ansible/inventory/host_vars.yml @@ -1,13 +1,13 @@ rinoa: - ansible_host: 192.168.1.254 - ansible_python_interpreter: /usr/bin/python3 - ansible_ssh_port: 22 - ansible_ssh_user: charish - ansible_ssh_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 38346631616139316365316566386362396661323163306339303635646331373061323531626431 - 3435373031363739356261656239633835393963636663370a613166653463656337666366633639 - 37373637326633363430633336646165343764303063663636313835326130663532323037663331 - 6332353339656134370a353435396532663932313535646636333262353238386331313764633635 - 63383065623930653134666261353439366535646661383434386261393232373432353937636535 - 3432336137393737643735346665303832653630316439333565 + ansible_host: 192.168.1.254 + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_port: 22 + ansible_ssh_user: charish + ansible_ssh_pass: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32303262303733356636343163363062383539623938383439373166623236366664333830653163 + 3134323461373461663638333265643631666437306362350a353632313337316535633838343137 + 37353139396531613763393139653231333666363935613462343831303866363863653161636138 + 3438316261363139650a313161643039366438356462383730663839366562333464636130346132 + 31363235326362396630313966303064373532306638383739373739336661346438336534366537 + 6565643866333964353563346433323861346262323933333732 diff --git a/ansible/ssh_pass.yml b/ansible/ssh_pass.yml index 9b502d17..78cc163c 100644 --- a/ansible/ssh_pass.yml +++ b/ansible/ssh_pass.yml @@ -1,7 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -65353131326537376561616630666531353731653835306564323565383332653437633533313932 -6239663065306339366536326432323534303364663862350a353034623936363066303164333434 -32666331326332363463383234316136323031626330366132643034376439616339396662636236 -3633393039376438630a326138653031656465373966356564336463643465613638313838393166 -36626366356266636535613862333631386231626134376264363731353264613261633037646662 -6431393837653564366531316332616232336365636533643036 +32303262303733356636343163363062383539623938383439373166623236366664333830653163 +3134323461373461663638333265643631666437306362350a353632313337316535633838343137 +37353139396531613763393139653231333666363935613462343831303866363863653161636138 +3438316261363139650a313161643039366438356462383730663839366562333464636130346132 +31363235326362396630313966303064373532306638383739373739336661346438336534366537 +6565643866333964353563346433323861346262323933333732 From 1757a7b682f5e9ebac996e334f3e1e9a90a4fcdc Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 10 May 2025 16:44:47 -0400 Subject: [PATCH 10/13] Updating Ansible vars. --- ansible/group_vars/all.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 61790d42..b34e7e6d 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,14 +1,14 @@ vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 36646134303531336661343065376164323064356362333966333334616530613430656330666231 - 3239616565653332613539356231316337323638306463320a616137396534653839383039393465 - 31666566393063356534613364633732623365376163346534383363333333383237376563646261 - 6538633764633666360a333730313262613431346239386131636338663835306235613961613562 - 63343662656139333037366366346364393863353764353134666337326534333361373062343930 - 30653534336532393234343466343039303163626434633337613831363961323964633830663639 - 31653936353236623834303364306534623032626530396463623132303232366139633563306664 - 39393462353239313737346563376436336463616561326130303366613663313366663063646437 - 66656637383736313461363963316335663665373735316537393338626436343262 + 39306238386563313462666238333237346239326636633731326263653639646235363937386333 + 6138653434613437643134653463363230303038373765380a636162663734393632396638313261 + 39613730633935373063663030616131653731376461333762633131633066366165343536323031 + 3539373461383138310a383734313237313231363539383632323130336536656662313861336261 + 65393033633461363837366462656134386430353236343136616161663364376261623834366466 + 30303765393039376666303937663839663630623063666135313636353432396161333434653435 + 32623634313531343466613966663139333234616137646636636134373264333263343533393331 + 32313530373164653730656662383837626139643364376134376634613237323063343731663734 + 36306335303936633334353564306239663563366435316464343039373965383032 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}" secrets_path: "rinoa-docker/env" From a80adc4b979d9ca5168f44e475310d5b61a593f0 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 10 May 2025 17:26:42 -0400 Subject: [PATCH 11/13] Removing verbosity from Ansible dry run. --- .gitea/workflows/pr-cloudflare-docker-deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitea/workflows/pr-cloudflare-docker-deploy.yml b/.gitea/workflows/pr-cloudflare-docker-deploy.yml index dc73ac6e..648041b8 100644 --- a/.gitea/workflows/pr-cloudflare-docker-deploy.yml +++ b/.gitea/workflows/pr-cloudflare-docker-deploy.yml @@ -95,7 +95,6 @@ jobs: options: | --inventory inventory/hosts.yml --check - -vvv requirements: collections/requirements.yml vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} - name: Gotify Notification From c1e930d678297c329123cb5aa116c7525a29c1e8 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 11 May 2025 21:02:51 -0400 Subject: [PATCH 12/13] Removing verbosity from Ansible dry run. --- .gitea/workflows/pr-cloudflare-docker-deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/pr-cloudflare-docker-deploy.yml b/.gitea/workflows/pr-cloudflare-docker-deploy.yml index 648041b8..a37febe7 100644 --- a/.gitea/workflows/pr-cloudflare-docker-deploy.yml +++ b/.gitea/workflows/pr-cloudflare-docker-deploy.yml @@ -95,6 +95,7 @@ jobs: options: | --inventory inventory/hosts.yml --check + --vvv requirements: collections/requirements.yml vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} - name: Gotify Notification From c0ea7027b3402e6af8a11fdbdcfd7b0d8dbfeb16 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 11 May 2025 21:05:24 -0400 Subject: [PATCH 13/13] Removing verbosity from Ansible dry run. --- .gitea/workflows/pr-cloudflare-docker-deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitea/workflows/pr-cloudflare-docker-deploy.yml b/.gitea/workflows/pr-cloudflare-docker-deploy.yml index a37febe7..648041b8 100644 --- a/.gitea/workflows/pr-cloudflare-docker-deploy.yml +++ b/.gitea/workflows/pr-cloudflare-docker-deploy.yml @@ -95,7 +95,6 @@ jobs: options: | --inventory inventory/hosts.yml --check - --vvv requirements: collections/requirements.yml vault_password: ${{ secrets.ANSIBLE_VAULT_PASSWORD }} - name: Gotify Notification