diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:23:43 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:52:13 -0500 |
commit | 0261e875679f1bf63c8d689da7fc7e014597885d (patch) | |
tree | 3f19cd74a0c1070944f75437f30b098d6ef2ffcb /roles/syncthing/vars | |
download | selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.tar.gz selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.zip |
initial commit
Diffstat (limited to 'roles/syncthing/vars')
-rw-r--r-- | roles/syncthing/vars/main.yml | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/roles/syncthing/vars/main.yml b/roles/syncthing/vars/main.yml new file mode 100644 index 0000000..2f15f87 --- /dev/null +++ b/roles/syncthing/vars/main.yml @@ -0,0 +1,46 @@ +syncthing_packages: + - syncthing + - syncthing-tools + - httpd + +syncthing_home: /var/lib/syncthing +syncthing_runtime_dir: /var/run/syncthing + +syncthing_max_udp_buffer_size: 2500000 + +syncthing_archive_shell: >- + TIMESTAMP=$(date +%Y%m%d%H%M%S); + tar czf "syncthing-${TIMESTAMP}.tar.gz" + --transform "s|^\.|syncthing-${TIMESTAMP}|" + --exclude="*/index-*.db*" + -C "{{ syncthing_home }}" . + +syncthing_selinux_policy_te: | + require { + type httpd_t; + type unconfined_service_t; + class unix_stream_socket connectto; + } + + #============= httpd_t ============== + allow httpd_t unconfined_service_t:unix_stream_socket connectto; + +syncthing_apache_config: | + {{ apache_proxy_vhost_config }} + + {% for user in syncthing_users %} + <Location /{{ user }}/> + AuthType GSSAPI + AuthName "FreeIPA Single Sign-On" + GssapiLocalName On + {{ apache_gssapi_session_config }} + + Require user {{ user }} + + ProxyPass unix:{{ syncthing_runtime_dir }}/{{ user }}/gui.sock|http://{{ user }}/ + ProxyPassReverse unix:{{ syncthing_runtime_dir }}/{{ user }}/gui.sock|http://{{ user }}/ + + {{ apache_proxy_header_config }} + </Location> + + {% endfor %} |