From 865e2f05621fc10f3d332d3840707997c0b94abf Mon Sep 17 00:00:00 2001 From: Stonewall Jackson Date: Mon, 12 Jun 2023 21:02:22 -0400 Subject: add mastodon role --- inventory-example/group_vars/all/firefox.yml | 2 ++ inventory-example/group_vars/all/freeipa.yml | 3 +++ inventory-example/group_vars/all/mastodon.yml | 13 +++++++++++++ inventory-example/group_vars/all/nsd.yml | 1 + inventory-example/group_vars/all/postgres.yml | 1 + inventory-example/group_vars/all/vault.yml | 7 +++++++ 6 files changed, 27 insertions(+) create mode 100644 inventory-example/group_vars/all/mastodon.yml (limited to 'inventory-example/group_vars') diff --git a/inventory-example/group_vars/all/firefox.yml b/inventory-example/group_vars/all/firefox.yml index 07d227b..36d7b1f 100644 --- a/inventory-example/group_vars/all/firefox.yml +++ b/inventory-example/group_vars/all/firefox.yml @@ -49,6 +49,8 @@ firefox_managed_bookmarks: url: 'https://invidious.{{ domain }}' - name: Jellyfin url: 'https://jellyfin.{{ domain }}' + - name: Mastodon + url: 'https://mastodon.{{ domain }}' - name: Matrix url: 'https://matrix.{{ domain }}' - name: Nagios diff --git a/inventory-example/group_vars/all/freeipa.yml b/inventory-example/group_vars/all/freeipa.yml index 15b7259..5026212 100644 --- a/inventory-example/group_vars/all/freeipa.yml +++ b/inventory-example/group_vars/all/freeipa.yml @@ -131,6 +131,9 @@ freeipa_groups: - name: role-matrix-access group: doefamily + - name: role-mastodon-access + group: doefamily + freeipa_hbac_rules: - name: sysadmins_ssh_and_console_to_all description: allow sysadmins to ssh to all hosts diff --git a/inventory-example/group_vars/all/mastodon.yml b/inventory-example/group_vars/all/mastodon.yml new file mode 100644 index 0000000..932d51d --- /dev/null +++ b/inventory-example/group_vars/all/mastodon.yml @@ -0,0 +1,13 @@ +mastodon_domain: example.com +mastodon_web_domain: mastodon.example.com +mastodon_db_name: mastodon +mastodon_db_user: s-mastodon +mastodon_db_password: '{{ vault_mastodon_db_password }}' +mastodon_sysaccount_password: '{{ vault_mastodon_sysaccount_password }}' +mastodon_login_cidrs: + - '{{ vlans.trusted.cidr }}' + +mastodon_secret_key_base: '{{ vault_mastodon_secret_key_base }}' +mastodon_otp_secret: '{{ vault_mastodon_otp_secret }}' +mastodon_vapid_private_key: '{{ vault_mastodon_vapid_private_key }}' +mastodon_vapid_public_key: changeme diff --git a/inventory-example/group_vars/all/nsd.yml b/inventory-example/group_vars/all/nsd.yml index d40351b..2c21a70 100644 --- a/inventory-example/group_vars/all/nsd.yml +++ b/inventory-example/group_vars/all/nsd.yml @@ -35,6 +35,7 @@ nsd_zones: turn1 IN A 203.0.113.58 pbx1 IN A 203.0.113.59 matrix IN A 203.0.113.60 + mastodon IN A 203.0.113.61 www IN CNAME www1 xmpp IN CNAME xmpp1 conference IN CNAME xmpp1 diff --git a/inventory-example/group_vars/all/postgres.yml b/inventory-example/group_vars/all/postgres.yml index be90568..b38f4c0 100644 --- a/inventory-example/group_vars/all/postgres.yml +++ b/inventory-example/group_vars/all/postgres.yml @@ -2,3 +2,4 @@ postgresql_host: postgres.{{ domain }} postgresql_inventory_host: "{{ postgresql_host.split('.')[0] }}" postgresql_password_users: - '{{ invidious_db_user }}' + - '{{ mastodon_db_user }}' diff --git a/inventory-example/group_vars/all/vault.yml b/inventory-example/group_vars/all/vault.yml index 58b597a..18b57bb 100644 --- a/inventory-example/group_vars/all/vault.yml +++ b/inventory-example/group_vars/all/vault.yml @@ -65,6 +65,13 @@ vault_invidious_hmac_key: changeme vault_jellyfin_sysaccount_password: changeme +# mastodon +vault_mastodon_sysaccount_password: changeme +vault_mastodon_secret_key_base: changeme +vault_mastodon_otp_secret: changeme +vault_mastodon_vapid_private_key: changeme + + # mediawiki vault_mediawiki_admin_password: changeme vault_mediawiki_upgrade_key: changeme -- cgit