From 236d813994acd076ce96d764d569ee6bb3da98f9 Mon Sep 17 00:00:00 2001 From: Stonewall Jackson Date: Wed, 31 May 2023 21:35:04 -0400 Subject: add synapse role --- inventory-example/group_vars/all/firefox.yml | 2 ++ inventory-example/group_vars/all/freeipa.yml | 6 ++++++ inventory-example/group_vars/all/nsd.yml | 3 +++ inventory-example/group_vars/all/synapse.yml | 8 ++++++++ inventory-example/group_vars/all/vault.yml | 9 +++++++++ 5 files changed, 28 insertions(+) create mode 100644 inventory-example/group_vars/all/synapse.yml (limited to 'inventory-example/group_vars') diff --git a/inventory-example/group_vars/all/firefox.yml b/inventory-example/group_vars/all/firefox.yml index 5ebc61b..07d227b 100644 --- a/inventory-example/group_vars/all/firefox.yml +++ b/inventory-example/group_vars/all/firefox.yml @@ -49,6 +49,8 @@ firefox_managed_bookmarks: url: 'https://invidious.{{ domain }}' - name: Jellyfin url: 'https://jellyfin.{{ domain }}' + - name: Matrix + url: 'https://matrix.{{ domain }}' - name: Nagios url: 'https://nagios.{{ domain }}' - name: Nitter diff --git a/inventory-example/group_vars/all/freeipa.yml b/inventory-example/group_vars/all/freeipa.yml index 3501061..15b7259 100644 --- a/inventory-example/group_vars/all/freeipa.yml +++ b/inventory-example/group_vars/all/freeipa.yml @@ -12,6 +12,7 @@ freeipa_users: sn: Doe mail: john@example.com jid: john@example.com + mxid: johnnybravo mail_aliases: - john.nickname@example.com - john.alias@exmaple.com @@ -21,12 +22,14 @@ freeipa_users: sn: Tables mail: btables@example.com jid: btables@example.com + mxid: aMatrixUsername - name: janedoe givenname: Jane sn: Doe mail: jane@example.com jid: jane@example.com + mxid: plainjane freeipa_groups: # built-in freeipa admin group - be careful! @@ -125,6 +128,9 @@ freeipa_groups: - name: role-git-admin group: sysadmins + - name: role-matrix-access + group: doefamily + freeipa_hbac_rules: - name: sysadmins_ssh_and_console_to_all description: allow sysadmins to ssh to all hosts diff --git a/inventory-example/group_vars/all/nsd.yml b/inventory-example/group_vars/all/nsd.yml index ff1afe6..d40351b 100644 --- a/inventory-example/group_vars/all/nsd.yml +++ b/inventory-example/group_vars/all/nsd.yml @@ -34,6 +34,7 @@ nsd_zones: xmpp1 IN A 203.0.113.57 turn1 IN A 203.0.113.58 pbx1 IN A 203.0.113.59 + matrix IN A 203.0.113.60 www IN CNAME www1 xmpp IN CNAME xmpp1 conference IN CNAME xmpp1 @@ -52,3 +53,5 @@ nsd_zones: _sip._udp IN SRV 0 5 5060 pbx1 _sip._tcp IN SRV 0 5 5060 pbx1 _sip._tls IN SRV 0 5 5061 pbx1 + + _matrix._tcp IN SRV 0 5 8448 matrix diff --git a/inventory-example/group_vars/all/synapse.yml b/inventory-example/group_vars/all/synapse.yml new file mode 100644 index 0000000..ac3b4d5 --- /dev/null +++ b/inventory-example/group_vars/all/synapse.yml @@ -0,0 +1,8 @@ +synapse_registration_shared_secret: '{{ vault_synapse_registration_shared_secret }}' +synapse_macaroon_secret_key: '{{ vault_synapse_macaroon_secret_key }}' +synapse_form_secret: '{{ vault_synapse_form_secret }}' +synapse_sysaccount_password: '{{ vault_synapse_sysaccount_password }}' + +synapse_domain: example.com +synapse_server_name: matrix.example.com +synapse_enable_registration: no diff --git a/inventory-example/group_vars/all/vault.yml b/inventory-example/group_vars/all/vault.yml index c3e29c5..58b597a 100644 --- a/inventory-example/group_vars/all/vault.yml +++ b/inventory-example/group_vars/all/vault.yml @@ -117,8 +117,17 @@ vault_rspamd_dkim_keys: # generate with `rspamadm dkim_keygen` AAAAAAAAAAAAAAAAchangeme -----END RSA PRIVATE KEY----- + +# synapse +vault_synapse_sysaccount_password: changeme +vault_synapse_registration_shared_secret: changeme +vault_synapse_macaroon_secret_key: changeme +vault_synapse_form_secret: changeme + + # teddit vault_teddit_reddit_app_id: changeme + # vaultwarden vault_vaultwarden_admin_token: changeme # generate with `openssl rand -base64 48` -- cgit