Adding Jitsi admin services (WIP).

2025-05-19 10:39:12 -04:00
18 changed files with 1278 additions and 2518 deletions
@@ -1,6 +1,5 @@
 name: Gitea Branch PR & Ansible Deployment
 on:
-  workflow_dispatch:
  push:
    branches-ignore:
      - 'main'
@@ -49,7 +48,7 @@ jobs:
          tea login default gitea-rinoa
          pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
          pr_index_new=$(expr ${pr_index_old} + 1)
-          tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Ansible Configs.j2"
+          tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose, Ansible Configs.j2"
      - name: Gotify Notification
        uses: eikendev/gotify-action@master
        with:
@@ -140,8 +139,8 @@ jobs:
          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
          notification_title: 'GITEA: PR Merge Successful'
          notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
-  ansible-config-deploy:
-    name: Ansible Config Deployment
+  ansible-config-docker-compose-deploy:
+    name: Ansible Configs & Docker Compose Deployment
    runs-on: ubuntu-latest
    needs: [pr-merge]
    env:
@@ -174,7 +173,7 @@ jobs:
          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
          notification_title: 'GITEA: Ansible Config Deployment @ Rinoa'
          notification_message: 'Starting config deployment with Ansible...'
-      - name: Ansible Playbook Config Deploy
+      - name: Ansible Playbook Dry Run
        uses: arillso/action.playbook@0.1.0
        with:
          check: false
@@ -1,12 +1,10 @@
 name: Gitea Branch PR, Cloudflare DNS, README generation, & Docker Deployment
 on:
-  workflow_dispatch:
  push:
    branches-ignore:
      - 'main'
    paths:
      - '**/docker-compose.yml'
-      - '**/pr-cloudflare-docker-deploy.yml'
      - '!ansible/**.yml'
 jobs:
  check-and-create-pr:
@@ -50,7 +48,7 @@ jobs:
          tea login default gitea-rinoa
          pr_index_old=$(tea pr ls --repo ${{ github.repository }} --state all --fields index,title,head --output csv | sed -e 's|"||g' | egrep '^[0-9]' | head -1 | awk -F"," '{print $1}')
          pr_index_new=$(expr ${pr_index_old} + 1)
-          tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose"
+          tea pr c -r ${{ github.repository }} -t "Automated PR for ${{ github.ref_name }} - #${pr_index_new}" -d "Automatically created PR for branch: ${{ github.ref_name }}" -a ${{ github.actor }} -L "Docker Compose, Ansible Configs.j2"
      - name: Gotify Notification
        uses: eikendev/gotify-action@master
        with:
@@ -58,26 +56,20 @@ jobs:
          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
          notification_title: 'GITEA: PR Check'
          notification_message: 'PR Created 🎟️'
-  docker-compose-dry-run:
-    name: Docker Compose Dry Run
+  docker-compose-ansible-lints:
+    name: Docker Compose & Ansible Lints
    needs: [check-and-create-pr]
    runs-on: ubuntu-latest
    env:
      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
      VAULT_NAMESPACE: ""
-      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
-    outputs:
-      svc_deploy_list: ${{ steps.modded_svcs.outputs.rinoa_svcs }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Fetch base branch
        run: |
          git fetch origin ${{ github.event.pull_request.base.ref }}
-      - name: Login to Gitea Container Registry
-        run: |
-          docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
      - name: Save both versions of docker-compose.yml
        run: |
          git show origin/main:docker-compose.yml > docker-compose-main.yml || touch docker-compose-main.yml
@@ -130,23 +122,17 @@ jobs:
          echo ${mod_svcs}
          vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
          echo "rinoa_svcs=${mod_svcs}" >> "$GITHUB_OUTPUT"
-      - name: Testing service list output
-        run: |
-          echo ${{ steps.modded_svcs.outputs.rinoa_svcs }}
      - name: Docker Compose Dry Run
        timeout-minutes: 360
        continue-on-error: true
-        uses: chaplyk/docker-compose-remote-action@v1.1
+        uses: keatonLiu/docker-compose-remote-action@v1.2
        with:
-          ssh_host: 192.168.1.254
-          ssh_port: 22
+          docker_compose_file: docker-compose.yml
+          docker_args: -d --remove-orphans --pull missing --no-recreate ${{ steps.modded_svcs.rinoa_svcs.output }}
          ssh_user: gitea-deploy
-          ssh_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
-          service: ${{ steps.modded_svcs.outputs.rinoa_svcs }}
-          compose_file: docker-compose.yml
-          pull: false
-          build: false
-          options: -d --remove-orphans
+          ssh_host: 192.168.1.254
+          ssh_host_public_key: ${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}
+          ssh_private_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
        env:
          DOCKER_HOST: tcp://dockerproxy:2375
      - name: Gotify Notification
@@ -296,16 +282,14 @@ jobs:
          gotify_app_token: '${{ secrets.RINOA_RUNNER_GOTIFY_TOKEN }}'
          notification_title: 'GITEA: PR Merge Successful'
          notification_message: 'PR #${{ steps.pr_merge.outputs.pr_index }} merged.'
-  docker-compose-deploy:
-    name: Docker Compose Deployment
+  ansible-config-docker-compose-deploy:
+    name: Ansible Configs & Docker Compose Deployment
    runs-on: ubuntu-latest
-    needs: [docker-compose-dry-run, pr-merge]
+    needs: [pr-merge]
    env:
      VAULT_ADDR: ${{ secrets.RINOA_VAULT_ADDR }}
      VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }}
      DOCKER_HOST: tcp://dockerproxy:2375
-      RINOA_REGISTRY_PASSWORD: ${{ secrets.BOT_GITEA_PASSWORD }}
-      DOCKER_SVC_LIST: ${{ needs.docker-compose-dry-run.outputs.svc_deploy_list }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
@@ -324,8 +308,11 @@ jobs:
      - name: Install Vault
        uses: cpanato/vault-installer@main
      - name: Login to Gitea Container Registry
-        run: |
-          docker login -u gitea-sonarqube-bot -p ${RINOA_REGISTRY_PASSWORD} git.trez.wtf
+        uses: docker/login-action@v3
+        with:
+          registry: git.trez.wtf
+          username: gitea-sonarqube-bot
+          password: ${{ secrets.BOT_GITEA_TOKEN }}
      - name: Gotify Notification
        uses: eikendev/gotify-action@master
        with:
@@ -336,22 +323,17 @@ jobs:
      - name: Generate .env file for deployment
        run: |
           vault kv get -format=json rinoa-docker/env | jq -r '.data.data' | jq -r 'keys[] as $k | "\($k)='\''\(.[$k])'\''"' > .env
-      - name: Docker Compose Dry Run
+      - name: Docker Compose Deployment
        timeout-minutes: 360
        continue-on-error: true
-        uses: chaplyk/docker-compose-remote-action@v1.1
-        env:
-          DOCKER_HOST: tcp://dockerproxy:2375
+        uses: keatonLiu/docker-compose-remote-action@v1.2
        with:
-          ssh_host: 192.168.1.254
-          ssh_port: 22
+          docker_compose_file: docker-compose.yml
+          docker_args: -d --remove-orphans --pull missing --no-recreate
          ssh_user: gitea-deploy
-          ssh_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
-          service: ${DOCKER_SVC_LIST}
-          compose_file: docker-compose.yml
-          pull: false
-          build: false
-          options: -d --remove-orphans
+          ssh_host: 192.168.1.254
+          ssh_host_public_key: ${{ secrets.RINOA_GITEA_PUBLIC_SSH_KEY }}
+          ssh_private_key: ${{ secrets.RINOA_GITEA_PRIVATE_SSH_KEY }}
      - name: Gotify Notification
        uses: eikendev/gotify-action@master
        with:
@@ -14,11 +14,14 @@
 | bazarr | lscr.io/linuxserver/bazarr:latest |
 | beszel | henrygd/beszel:latest |
 | beszel-agent | henrygd/beszel-agent:latest |
+| bitmagnet | ghcr.io/bitmagnet-io/bitmagnet:latest |
+| bitmagnet-pg-db | postgres:17-alpine |
 | bitwarden | vaultwarden/server:latest |
 | bluesky-pds | code.modernleft.org/gravityfargo/bluesky-pds:v0.4.98 |
 | browserless | ghcr.io/browserless/chromium:latest |
 | bytestash | ghcr.io/jordan-dalby/bytestash:latest |
 | castopod | castopod/castopod:latest |
+| cloudflared | cloudflare/cloudflared:latest |
 | cloudflareddns | ghcr.io/hotio/cloudflareddns:latest |
 | convertx | ghcr.io/c4illin/convertx |
 | cronicle | elestio/cronicle:latest |
@@ -30,14 +33,13 @@
 | dawarich-pg-db | postgis/postgis:17-3.5-alpine |
 | dawarich-sidekiq | freikin/dawarich:latest |
 | dead-man-hand | ghcr.io/bkupidura/dead-man-hand:latest |
+| delugevpn | ghcr.io/binhex/arch-delugevpn:latest |
 | docker-socket-proxy | ghcr.io/tecnativa/docker-socket-proxy:latest |
-| dockflare | alplat/dockflare:stable |
 | duplicati | lscr.io/linuxserver/duplicati:latest |
 | excalidraw | excalidraw/excalidraw:latest |
 | explo | ghcr.io/lumepart/explo:latest |
 | fastenhealth | ghcr.io/fastenhealth/fasten-onprem:main |
 | flaresolverr | ghcr.io/flaresolverr/flaresolverr:latest |
-| freescout | tiredofit/freescout:latest |
 | ghost | ghost:latest |
 | gitea | gitea/gitea:1.23.1 |
 | gitea-db | postgres:14 |
@@ -87,11 +89,8 @@
 | mariadb | linuxserver/mariadb |
 | mastodon | lscr.io/linuxserver/mastodon:latest |
 | mastodon-pg-db | postgres:17-alpine |
-| maxun-backend | getmaxun/maxun-backend:latest |
-| maxun-frontend | getmaxun/maxun-frontend:latest |
-| maxun-pg-db | postgres:13-alpine |
 | meilisearch | getmeili/meilisearch:v1.12.3 |
-| minio | minio/minio:RELEASE.2025-04-22T22-12-26Z |
+| minio | minio/minio |
 | mixpost | inovector/mixpost:latest |
 | mongodb | bitnami/mongodb:7.0 |
 | multi-scrobbler | foxxmd/multi-scrobbler |
@@ -115,7 +114,6 @@
 | postal-web | ghcr.io/postalserver/postal:latest |
 | postal-worker | ghcr.io/postalserver/postal:latest |
 | prowlarr | lscr.io/linuxserver/prowlarr:latest |
-| qbittorrentvpn | ghcr.io/binhex/arch-qbittorrentvpn:latest |
 | radarec | thewicklowwolf/radarec:latest |
 | radarr | lscr.io/linuxserver/radarr:latest |
 | reactive-resume | amruthpillai/reactive-resume:latest |
@@ -124,19 +122,12 @@
 | redis | redis:alpine |
 | redlib | quay.io/redlib/redlib:latest |
 | rocketchat | registry.rocket.chat/rocketchat/rocket.chat:latest |
-| romm | rommapp/romm:latest |
 | sabnzbdvpn | ghcr.io/binhex/arch-sabnzbdvpn:latest |
-| sablier | sablierapp/sablier:latest |
+| scraperr | jpyles0524/scraperr:latest |
+| scraperr-api | jpyles0524/scraperr_api:latest |
 | scrutiny | ghcr.io/analogj/scrutiny:master-omnibus |
 | searxng | searxng/searxng:latest |
 | semaphore | semaphoreui/semaphore:v2.12.14 |
-| signoz-init-clickhouse | clickhouse/clickhouse-server:24.1.2-alpine |
-| signoz-zookeeper-1 | bitnami/zookeeper:3.7.1 |
-| signoz-clickhouse | clickhouse/clickhouse-server:24.1.2-alpine |
-| signoz-app | signoz/signoz:v0.86.2 |
-| signoz-otel-collector | signoz/signoz-otel-collector:v0.111.42 |
-| signoz-schema-migrator-sync | signoz/signoz-schema-migrator:v0.111.42 |
-| signoz-schema-migrator-async | signoz/signoz-schema-migrator:v0.111.42 |
 | sonarqube | mc1arke/sonarqube-with-community-branch-plugin:lts |
 | sonarqube-pg-db | postgres:17-alpine |
 | sonarr | lscr.io/linuxserver/sonarr:latest |
@@ -157,4 +148,14 @@
 | web-check | lissy93/web-check |
 | whodb | clidey/whodb |
 | youtubedl | nbr23/youtube-dl-server:latest |
+| zammad-backup | ghcr.io/zammad/zammad:6.5.0-15 |
+| zammad-elasticsearch | bitnami/elasticsearch:8.17.4 |
+| zammad-init | ghcr.io/zammad/zammad:6.5.0-15 |
+| zammad-memcached | memcached:1.6.38-alpine |
+| zammad-nginx | ghcr.io/zammad/zammad:6.5.0-15 |
+| zammad-postgresql | postgres:17.4-alpine |
+| zammad-railsserver | ghcr.io/zammad/zammad:6.5.0-15 |
+| zammad-redis | redis:7.4.2-alpine |
+| zammad-scheduler | ghcr.io/zammad/zammad:6.5.0-15 |
+| zammad-websocket | ghcr.io/zammad/zammad:6.5.0-15 |

@@ -1,199 +0,0 @@
-{% set vault_addr = 'https://vault.trez.wtf' %}
-{% set secrets_path = 'rinoa-docker/env' %}
-
-http:
-  pprof:
-    port: 6060
-    enabled: false
-  address: 0.0.0.0:8008
-  session_ttl: 720h
-users:
-  - name: admin
-    password: {{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['ADGUARD_BCRYPT'] }}
-auth_attempts: 5
-block_auth_min: 15
-http_proxy: ""
-language: ""
-theme: auto
-dns:
-  bind_hosts:
-    - 0.0.0.0
-  port: 53
-  anonymize_client_ip: false
-  ratelimit: 20
-  ratelimit_subnet_len_ipv4: 24
-  ratelimit_subnet_len_ipv6: 56
-  ratelimit_whitelist: []
-  refuse_any: true
-  upstream_dns:
-    - 94.140.14.14
-    - 94.140.15.15
-    - https://dns.adguard-dns.com/dns-query
-    - tls://dns.adguard-dns.com
-    - quic://dns.adguard-dns.com
-    - 1.1.1.1
-    - 1.0.0.1
-    - 1.1.1.2
-    - 1.0.0.2
-    - 185.228.168.9
-    - 185.228.169.9
-    - 76.76.2.3
-    - tls://getdnsapi.net
-    - 185.49.141.37
-    - tls://dot.seby.io
-  upstream_dns_file: ""
-  bootstrap_dns:
-    - 9.9.9.10
-    - 149.112.112.10
-    - 2620:fe::10
-    - 2620:fe::fe:10
-  fallback_dns: []
-  upstream_mode: load_balance
-  fastest_timeout: 1s
-  allowed_clients: []
-  disallowed_clients: []
-  blocked_hosts:
-    - version.bind
-    - id.server
-    - hostname.bind
-  trusted_proxies:
-    - 127.0.0.0/8
-    - ::1/128
-  cache_size: 4194304
-  cache_ttl_min: 0
-  cache_ttl_max: 0
-  cache_optimistic: false
-  bogus_nxdomain: []
-  aaaa_disabled: false
-  enable_dnssec: false
-  edns_client_subnet:
-    custom_ip: ""
-    enabled: false
-    use_custom: false
-  max_goroutines: 300
-  handle_ddr: true
-  ipset: []
-  ipset_file: ""
-  bootstrap_prefer_ipv6: false
-  upstream_timeout: 10s
-  private_networks: []
-  use_private_ptr_resolvers: false
-  local_ptr_upstreams: []
-  use_dns64: false
-  dns64_prefixes: []
-  serve_http3: false
-  use_http3_upstreams: false
-  serve_plain_dns: true
-  hostsfile_enabled: true
-  pending_requests:
-    enabled: true
-tls:
-  enabled: true
-  server_name: ""
-  force_https: false
-  port_https: 446
-  port_dns_over_tls: 853
-  port_dns_over_quic: 853
-  port_dnscrypt: 0
-  dnscrypt_config_file: ""
-  allow_unencrypted_doh: false
-  certificate_chain: ""
-  private_key: ""
-  certificate_path: /opt/adguardhome/certs/live/trez.wtf/priv-fullchain-bundle.pem
-  private_key_path: /opt/adguardhome/certs/live/trez.wtf/priv-fullchain-bundle.pem
-  strict_sni_check: false
-querylog:
-  dir_path: ""
-  ignored: []
-  interval: 2160h
-  size_memory: 1000
-  enabled: true
-  file_enabled: true
-statistics:
-  dir_path: ""
-  ignored: []
-  interval: 24h
-  enabled: true
-filters:
-  - enabled: true
-    url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt
-    name: AdGuard DNS filter
-    id: 1
-  - enabled: false
-    url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
-    name: AdAway Default Blocklist
-    id: 2
-whitelist_filters: []
-user_rules: []
-dhcp:
-  enabled: false
-  interface_name: ""
-  local_domain_name: lan
-  dhcpv4:
-    gateway_ip: 192.168.1.1
-    subnet_mask: 255.255.255.0
-    range_start: 192.168.1.2
-    range_end: 192.168.1.240
-    lease_duration: 86400
-    icmp_timeout_msec: 1000
-    options: []
-  dhcpv6:
-    range_start: ""
-    lease_duration: 86400
-    ra_slaac_only: false
-    ra_allow_slaac: false
-filtering:
-  blocking_ipv4: ""
-  blocking_ipv6: ""
-  blocked_services:
-    schedule:
-      time_zone: America/New_York
-    ids: []
-  protection_disabled_until: null
-  safe_search:
-    enabled: false
-    bing: true
-    duckduckgo: true
-    ecosia: true
-    google: true
-    pixabay: true
-    yandex: true
-    youtube: true
-  blocking_mode: default
-  parental_block_host: family-block.dns.adguard.com
-  safebrowsing_block_host: standard-block.dns.adguard.com
-  rewrites: []
-  safe_fs_patterns:
-    - /opt/adguardhome/work/userfilters/*
-  safebrowsing_cache_size: 1048576
-  safesearch_cache_size: 1048576
-  parental_cache_size: 1048576
-  cache_time: 30
-  filters_update_interval: 24
-  blocked_response_ttl: 10
-  filtering_enabled: true
-  parental_enabled: false
-  safebrowsing_enabled: false
-  protection_enabled: true
-clients:
-  runtime_sources:
-    whois: true
-    arp: true
-    rdns: true
-    dhcp: true
-    hosts: true
-  persistent: []
-log:
-  enabled: true
-  file: ""
-  max_backups: 0
-  max_size: 100
-  max_age: 3
-  compress: false
-  local_time: false
-  verbose: false
-os:
-  group: ""
-  user: ""
-  rlimit_nofile: 0
-schema_version: 29
@@ -3,4 +3,4 @@

 urls:
  - gotify://gotify/{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['APPRISE_GOTIFY_TOKEN'] }}
-  - mailto://{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}@trez.wtf25?smtp=postal-smtp&from=noreply@trez.wtf
+  - mailtos://{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }}:{{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }}@trez.wtf25?smtp=postal-smtp&from=noreply@trez.wtf
@@ -53,4 +53,4 @@ layout:
    columns: 2
  Media Library:
    style: row
-    columns: 3
+    columns: 4
@@ -1,48 +0,0 @@
-# This is a generic example of a configuration file
-# Rename this file to `config.yml`, copy it to a `config` folder, and mount that folder as per the docker-compose.example.yml
-# Only uncomment the lines you want to use/modify, or add new ones where needed
-
-exclude:
-  # Exclude platforms to be scanned
-  platforms: [] # ['my_excluded_platform_1', 'my_excluded_platform_2']
-
-  # Exclude roms or parts of roms to be scanned
-  roms:
-    # Single file games section.
-    # Will not apply to files that are in sub-folders (multi-disc roms, games with updates, DLC, patches, etc.)
-    single_file:
-      # Exclude all files with certain extensions to be scanned
-      extensions: [] # ['xml', 'txt']
-
-      # Exclude matched file names to be scanned.
-      # Supports unix filename pattern matching
-      # Can also exclude files by extension
-      names: [] # ['info.txt', '._*', '*.nfo']
-
-    # Multi files games section
-    # Will apply to files that are in sub-folders (multi-disc roms, games with updates, DLC, patches, etc.)
-    multi_file:
-      # Exclude matched 'folder' names to be scanned (RomM identifies folders as multi file games)
-      names: [] # ['my_multi_file_game', 'DLC']
-
-      # Exclude files within sub-folders.
-      parts:
-        # Exclude matched file names to be scanned from multi file roms
-        # Keep in mind that RomM doesn't scan folders inside multi files games,
-        # so there is no need to exclude folders from inside of multi files games.
-        names: [] # ['data.xml', '._*'] # Supports unix filename pattern matching
-
-        # Exclude all files with certain extensions to be scanned from multi file roms
-        extensions: [] # ['xml', 'txt']
-
-system:
-  # Asociate different platform names to your current file system platform names
-  # [your custom platform folder name]: [RomM platform name]
-  # In this example if you have a 'gc' folder, RomM will treat it like the 'ngc' folder and if you have a 'psx' folder, RomM will treat it like the 'ps' folder
-  platforms: {} # { gc: 'ngc', psx: 'ps' }
-
-  # Asociate one platform to it's main version
-  versions: {} # { naomi: 'arcade' }
-
-# The folder name where your roms are located
-filesystem: {} # { roms_folder: 'roms' } For example if your folder structure is /home/user/library/roms_folder
@@ -1,75 +0,0 @@
-<?xml version="1.0"?>
-<clickhouse>
-    <!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
-         Optional. If you don't use replicated tables, you could omit that.
-
-         See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
-      -->
-    <zookeeper>
-        <node index="1">
-            <host>signoz-zookeeper-1</host>
-            <port>2181</port>
-        </node>
-        <node index="2">
-            <host>zookeeper-2</host>
-            <port>2181</port>
-        </node>
-        <node index="3">
-            <host>zookeeper-3</host>
-            <port>2181</port>
-        </node>
-    </zookeeper>
-
-    <!-- Configuration of clusters that could be used in Distributed tables.
-         https://clickhouse.com/docs/en/operations/table_engines/distributed/
-      -->
-    <remote_servers>
-        <cluster>
-            <!-- Inter-server per-cluster secret for Distributed queries
-                 default: no secret (no authentication will be performed)
-
-                 If set, then Distributed queries will be validated on shards, so at least:
-                 - such cluster should exist on the shard,
-                 - such cluster should have the same secret.
-
-                 And also (and which is more important), the initial_user will
-                 be used as current user for the query.
-
-                 Right now the protocol is pretty simple and it only takes into account:
-                 - cluster name
-                 - query
-
-                 Also it will be nice if the following will be implemented:
-                 - source hostname (see interserver_http_host), but then it will depends from DNS,
-                   it can use IP address instead, but then the you need to get correct on the initiator node.
-                 - target hostname / ip address (same notes as for source hostname)
-                 - time-based security tokens
-            -->
-            <!-- <secret></secret> -->
-            <shard>
-                <!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
-                <!-- <internal_replication>false</internal_replication> -->
-                <!-- Optional. Shard weight when writing data. Default: 1. -->
-                <!-- <weight>1</weight> -->
-                <replica>
-                    <host>signoz-clickhouse</host>
-                    <port>9000</port>
-                    <!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
-                    <!-- <priority>1</priority> -->
-                </replica>
-            </shard>
-            <shard>
-                <replica>
-                    <host>clickhouse-2</host>
-                    <port>9000</port>
-                </replica>
-            </shard>
-            <shard>
-                <replica>
-                    <host>clickhouse-3</host>
-                    <port>9000</port>
-                </replica>
-            </shard>
-        </cluster>
-    </remote_servers>
-</clickhouse>
@@ -1,75 +0,0 @@
-<?xml version="1.0"?>
-<clickhouse>
-    <!-- ZooKeeper is used to store metadata about replicas, when using Replicated tables.
-         Optional. If you don't use replicated tables, you could omit that.
-
-         See https://clickhouse.com/docs/en/engines/table-engines/mergetree-family/replication/
-      -->
-    <zookeeper>
-        <node index="1">
-            <host>signoz-zookeeper-1</host>
-            <port>2181</port>
-        </node>
-        <!-- <node index="2">
-            <host>zookeeper-2</host>
-            <port>2181</port>
-        </node>
-        <node index="3">
-            <host>zookeeper-3</host>
-            <port>2181</port>
-        </node> -->
-    </zookeeper>
-
-    <!-- Configuration of clusters that could be used in Distributed tables.
-         https://clickhouse.com/docs/en/operations/table_engines/distributed/
-      -->
-    <remote_servers>
-        <cluster>
-            <!-- Inter-server per-cluster secret for Distributed queries
-                 default: no secret (no authentication will be performed)
-
-                 If set, then Distributed queries will be validated on shards, so at least:
-                 - such cluster should exist on the shard,
-                 - such cluster should have the same secret.
-
-                 And also (and which is more important), the initial_user will
-                 be used as current user for the query.
-
-                 Right now the protocol is pretty simple and it only takes into account:
-                 - cluster name
-                 - query
-
-                 Also it will be nice if the following will be implemented:
-                 - source hostname (see interserver_http_host), but then it will depends from DNS,
-                   it can use IP address instead, but then the you need to get correct on the initiator node.
-                 - target hostname / ip address (same notes as for source hostname)
-                 - time-based security tokens
-            -->
-            <!-- <secret></secret> -->
-            <shard>
-                <!-- Optional. Whether to write data to just one of the replicas. Default: false (write data to all replicas). -->
-                <!-- <internal_replication>false</internal_replication> -->
-                <!-- Optional. Shard weight when writing data. Default: 1. -->
-                <!-- <weight>1</weight> -->
-                <replica>
-                    <host>signoz-clickhouse</host>
-                    <port>9000</port>
-                    <!-- Optional. Priority of the replica for load_balancing. Default: 1 (less value has more priority). -->
-                    <!-- <priority>1</priority> -->
-                </replica>
-            </shard>
-            <!-- <shard>
-                <replica>
-                    <host>clickhouse-2</host>
-                    <port>9000</port>
-                </replica>
-            </shard>
-            <shard>
-                <replica>
-                    <host>clickhouse-3</host>
-                    <port>9000</port>
-                </replica>
-            </shard> -->
-        </cluster>
-    </remote_servers>
-</clickhouse>
@@ -1,21 +0,0 @@
-<functions>
-    <function>
-        <type>executable</type>
-        <name>histogramQuantile</name>
-        <return_type>Float64</return_type>
-        <argument>
-            <type>Array(Float64)</type>
-            <name>buckets</name>
-        </argument>
-        <argument>
-            <type>Array(Float64)</type>
-            <name>counts</name>
-        </argument>
-        <argument>
-            <type>Float64</type>
-            <name>quantile</name>
-        </argument>
-        <format>CSV</format>
-        <command>./histogramQuantile</command>
-    </function>
-</functions>
@@ -1,41 +0,0 @@
-<?xml version="1.0"?>
-<clickhouse>
-<storage_configuration>
-    <disks>
-        <default>
-            <keep_free_space_bytes>10485760</keep_free_space_bytes>
-        </default>
-        <s3>
-            <type>s3</type>
-            <!-- For S3 cold storage,
-                    if region is us-east-1, endpoint can be https://<bucket-name>.s3.amazonaws.com
-                    if region is not us-east-1, endpoint should be https://<bucket-name>.s3-<region>.amazonaws.com
-                For GCS cold storage,
-                    endpoint should be https://storage.googleapis.com/<bucket-name>/data/
-                -->
-            <endpoint>https://BUCKET-NAME.s3-REGION-NAME.amazonaws.com/data/</endpoint>
-            <access_key_id>ACCESS-KEY-ID</access_key_id>
-            <secret_access_key>SECRET-ACCESS-KEY</secret_access_key>
-            <!-- In case of S3, uncomment the below configuration in case you want to read
-                AWS credentials from the Environment variables if they exist. -->
-            <!-- <use_environment_credentials>true</use_environment_credentials> -->
-            <!-- In case of GCS, uncomment the below configuration, since GCS does
-                not support batch deletion and result in error messages in logs. -->
-            <!-- <support_batch_delete>false</support_batch_delete> -->
-        </s3>
-   </disks>
-   <policies>
-       <tiered>
-           <volumes>
-                <default>
-                    <disk>default</disk>
-                </default>
-                <s3>
-                    <disk>s3</disk>
-                    <perform_ttl_move_on_insert>0</perform_ttl_move_on_insert>
-                </s3>
-            </volumes>
-        </tiered>
-    </policies>
-</storage_configuration>
-</clickhouse>
@@ -1,123 +0,0 @@
-<?xml version="1.0"?>
-<clickhouse>
-    <!-- See also the files in users.d directory where the settings can be overridden. -->
-
-    <!-- Profiles of settings. -->
-    <profiles>
-        <!-- Default settings. -->
-        <default>
-            <!-- Maximum memory usage for processing single query, in bytes. -->
-            <max_memory_usage>10000000000</max_memory_usage>
-
-            <!-- How to choose between replicas during distributed query processing.
-                 random - choose random replica from set of replicas with minimum number of errors
-                 nearest_hostname - from set of replicas with minimum number of errors, choose replica
-                  with minimum number of different symbols between replica's hostname and local hostname
-                  (Hamming distance).
-                 in_order - first live replica is chosen in specified order.
-                 first_or_random - if first replica one has higher number of errors, pick a random one from replicas with minimum number of errors.
-            -->
-            <load_balancing>random</load_balancing>
-        </default>
-
-        <!-- Profile that allows only read queries. -->
-        <readonly>
-            <readonly>1</readonly>
-        </readonly>
-    </profiles>
-
-    <!-- Users and ACL. -->
-    <users>
-        <!-- If user name was not specified, 'default' user is used. -->
-        <default>
-            <!-- See also the files in users.d directory where the password can be overridden.
-
-                 Password could be specified in plaintext or in SHA256 (in hex format).
-
-                 If you want to specify password in plaintext (not recommended), place it in 'password' element.
-                 Example: <password>qwerty</password>.
-                 Password could be empty.
-
-                 If you want to specify SHA256, place it in 'password_sha256_hex' element.
-                 Example: <password_sha256_hex>65e84be33532fb784c48129675f9eff3a682b27168c0ea744b2cf58ee02337c5</password_sha256_hex>
-                 Restrictions of SHA256: impossibility to connect to ClickHouse using MySQL JS client (as of July 2019).
-
-                 If you want to specify double SHA1, place it in 'password_double_sha1_hex' element.
-                 Example: <password_double_sha1_hex>e395796d6546b1b65db9d665cd43f0e858dd4303</password_double_sha1_hex>
-
-                 If you want to specify a previously defined LDAP server (see 'ldap_servers' in the main config) for authentication,
-                  place its name in 'server' element inside 'ldap' element.
-                 Example: <ldap><server>my_ldap_server</server></ldap>
-
-                 If you want to authenticate the user via Kerberos (assuming Kerberos is enabled, see 'kerberos' in the main config),
-                  place 'kerberos' element instead of 'password' (and similar) elements.
-                 The name part of the canonical principal name of the initiator must match the user name for authentication to succeed.
-                 You can also place 'realm' element inside 'kerberos' element to further restrict authentication to only those requests
-                  whose initiator's realm matches it.
-                 Example: <kerberos />
-                 Example: <kerberos><realm>EXAMPLE.COM</realm></kerberos>
-
-                 How to generate decent password:
-                 Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha256sum | tr -d '-'
-                 In first line will be password and in second - corresponding SHA256.
-
-                 How to generate double SHA1:
-                 Execute: PASSWORD=$(base64 < /dev/urandom | head -c8); echo "$PASSWORD"; echo -n "$PASSWORD" | sha1sum | tr -d '-' | xxd -r -p | sha1sum | tr -d '-'
-                 In first line will be password and in second - corresponding double SHA1.
-            -->
-            <password></password>
-
-            <!-- List of networks with open access.
-
-                 To open access from everywhere, specify:
-                    <ip>::/0</ip>
-
-                 To open access only from localhost, specify:
-                    <ip>::1</ip>
-                    <ip>127.0.0.1</ip>
-
-                 Each element of list has one of the following forms:
-                 <ip> IP-address or network mask. Examples: 213.180.204.3 or 10.0.0.1/8 or 10.0.0.1/255.255.255.0
-                     2a02:6b8::3 or 2a02:6b8::3/64 or 2a02:6b8::3/ffff:ffff:ffff:ffff::.
-                 <host> Hostname. Example: server01.clickhouse.com.
-                     To check access, DNS query is performed, and all received addresses compared to peer address.
-                 <host_regexp> Regular expression for host names. Example, ^server\d\d-\d\d-\d\.clickhouse\.com$
-                     To check access, DNS PTR query is performed for peer address and then regexp is applied.
-                     Then, for result of PTR query, another DNS query is performed and all received addresses compared to peer address.
-                     Strongly recommended that regexp is ends with $
-                 All results of DNS requests are cached till server restart.
-            -->
-            <networks>
-                <ip>::/0</ip>
-            </networks>
-
-            <!-- Settings profile for user. -->
-            <profile>default</profile>
-
-            <!-- Quota for user. -->
-            <quota>default</quota>
-
-            <!-- User can create other users and grant rights to them. -->
-            <!-- <access_management>1</access_management> -->
-        </default>
-    </users>
-
-    <!-- Quotas. -->
-    <quotas>
-        <!-- Name of quota. -->
-        <default>
-            <!-- Limits for time interval. You could specify many intervals with different limits. -->
-            <interval>
-                <!-- Length of interval. -->
-                <duration>3600</duration>
-
-                <!-- No limits. Just calculate resource usage for time interval. -->
-                <queries>0</queries>
-                <errors>0</errors>
-                <result_rows>0</result_rows>
-                <read_rows>0</read_rows>
-                <execution_time>0</execution_time>
-            </interval>
-        </default>
-    </quotas>
-</clickhouse>
@@ -1 +0,0 @@
-server_endpoint: ws://signoz:4320/v1/opamp
@@ -1 +0,0 @@
-server_endpoint: ws://signoz:4320/v1/opamp
@@ -1,25 +0,0 @@
-# my global config
-global:
-  scrape_interval:     5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
-  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
-  # scrape_timeout is set to the global default (10s).
-
-# Alertmanager configuration
-alerting:
-  alertmanagers:
-  - static_configs:
-    - targets:
-      - alertmanager:9093
-
-# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
-rule_files: []
-  # - "first_rules.yml"
-  # - "second_rules.yml"
-  # - 'alerts.yml'
-
-# A scrape configuration containing exactly one endpoint to scrape:
-# Here it's Prometheus itself.
-scrape_configs: []
-
-remote_read:
-  - url: tcp://clickhouse:9000/signoz_metrics
@@ -1,14 +1,14 @@
 vault_addr: "https://vault.trez.wtf"
 vault_token: !vault |
  $ANSIBLE_VAULT;1.1;AES256
-  62353532343234343230663331623062376533346166343963383464303535646362376233663361
-  3532343530653365663331393339646337653564316337390a646264353561623132366635343032
-  63326535376434353837663334366336613631346161363034646134333439613531376362646161
-  6438316662626566340a346665666234386630633764376336333063363934643162393565386330
-  35333139303939613232303264646236326637613862303339353334623066393966353032333839
-  33323962303635333335376364366336663035303530396262356130373537363134303937353433
-  34393338336666396338616465666466613931373461663761366235643437646136373039353939
-  33643133313264303637646336653537383337336661313765663366356262343064316334313337
-  35306232303132653566356130343366313139336665313737363732613261623439
+  39306238386563313462666238333237346239326636633731326263653639646235363937386333
+  6138653434613437643134653463363230303038373765380a636162663734393632396638313261
+  39613730633935373063663030616131653731376461333762633131633066366165343536323031
+  3539373461383138310a383734313237313231363539383632323130336536656662313861336261
+  65393033633461363837366462656134386430353236343136616161663364376261623834366466
+  30303765393039376666303937663839663630623063666135313636353432396161333434653435
+  32623634313531343466613966663139333234616137646636636134373264333263343533393331
+  32313530373164653730656662383837626139643364376134376634613237323063343731663734
+  36306335303936633334353564306239663563366435316464343039373965383032
 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}"
 secrets_path: "rinoa-docker/env"