14 changed files with 5 additions and 274 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1 @@
 *.secret.env
 serguzim.net.png
--- a/diagram.py
+++ b/diagram.py
@ -1,71 +0,0 @@
 """ Diagram to visualize serguzim.net """
 from diagrams import Cluster, Diagram
 from diagrams.oci.compute import Container, OCIRegistry
 from diagrams.oci.storage import ObjectStorage
 from diagrams.onprem.ci import Droneci
 from diagrams.onprem.database import Influxdb, Postgresql
 from diagrams.onprem.monitoring import Grafana, Prometheus
 from diagrams.onprem.network import Caddy
 from diagrams.onprem.vcs import Gitea
 def add_to_groups(service, *groups):
    """ Add a service to groups like 'db_users' """
    for group in groups:
        group.append(service)
 with Diagram("serguzim.net", show=False):
    node002 = Cluster("node002.serguzim.net")
    node004 = Cluster("node004.serguzim.net")
    exoscale_objectstore = ObjectStorage("Exoscale Object Storage")
    with node002:
        services = []
        db_users = []
        objectstore_users = []
        proxy = Caddy()
        ci = Droneci("ci.serguzim.me")
        add_to_groups(ci, services, db_users)
        db_time = Influxdb("tick.serguzim.me")
        add_to_groups(db_time, services, db_users)
        db = Postgresql("db.serguzim.me")
        graph = Grafana("graph.serguzim.me")
        add_to_groups(graph, services, db_users)
        mail = Container("mail.serguzim.me")
        add_to_groups(mail, services)
        matrix = Container("matrix.serguzim.me")
        add_to_groups(matrix, services, db_users, objectstore_users)
        prometheus = Prometheus("prometheus.serguzim.me")
        add_to_groups(prometheus, services)
        registry = OCIRegistry("registry.serguzim.me")
        add_to_groups(registry , services, db_users, objectstore_users)
        vcs = Gitea("git.serguzim.me")
        add_to_groups(vcs, services, db_users)
        db_users >> db
        proxy >> services
        objectstore_users >> exoscale_objectstore
    with node004:
        services = []
        proxy = Caddy()
        minecraft = Container("minecraft.serguzim.me")
        add_to_groups(minecraft, services)
        proxy >> services
--- a/gitea/.env
+++ b/gitea/.env
@ -4,16 +4,12 @@ GITEA__database__NAME="gitea"
 GITEA__database__USER="gitea"
 GITEA__database__PASSWD=""
 GITEA__database__SSL_MODE="verify-full"
 GITEA__repository__ENABLE_PUSH_CREATE_USER="true"
 GITEA__repository__ENABLE_PUSH_CREATE_ORG="true"
 GITEA__repository__DEFAULT_BRANCH="main"
 GITEA__cors__ENABLED="true"
 GITEA__cors__SCHEME="https"
 GITEA__ui__DEFAULT_THEME="arc-green"
 GITEA__server__DOMAIN="git.serguzim.me"
 GITEA__server__SSH_DOMAIN="git.serguzim.me"
 GITEA__server__SSH_PORT="22"
@ -21,41 +17,22 @@ GITEA__server__ROOT_URL="https://git.serguzim.me/"
 GITEA__server__OFFLINE_MODE="true"
 GITEA__server__LFS_JWT_SECRET=""
 GITEA__server__LFS_START_SERVER="true"
 GITEA__security__INSTALL_LOCK="true"
 GITEA__security__INTERNAL_TOKEN=""
 GITEA__security__SECRET_KEY=""
 GITEA__openid__ENABLE_OPENID_SIGNUP="true"
 GITEA__openid__ENABLE_OPENID_SIGNIN="false"
 GITEA__service__ALLOW_ONLY_EXTERNAL_REGISTRATION="true"
 GITEA__service__ENABLE_BASIC_AUTHENTICATION="false"
 GITEA__service__NO_REPLY_ADDRESS="discard.msrg.cc"
 GITEA__webhook__DELIVER_TIMEOUT="60"
 GITEA__mailer__ENABLED="true"
 GITEA__mailer__HOST="mail.serguzim.me:587"
 GITEA__mailer__FROM="Gitea <git@serguzim.me>"
 GITEA__mailer__USER="git@serguzim.me"
 GITEA__mailer__PASSWD=""
 GITEA__mailer__SEND_AS_PLAIN_TEXT="true"
 GITEA__picture__DISABLE_GRAVATAR="true"
 GITEA__oauth2__JWT_SECRET=""
 GITEA__metrics__ENABLED="true"
 GITEA__metrics__TOKEN=""
 GITEA__storage__STORAGE_TYPE="minio"
 GITEA__storage__MINIO_ENDPOINT="sos-de-fra-1.exo.io"
 GITEA__storage__MINIO_ACCESS_KEY_ID=""
 GITEA__storage__MINIO_SECRET_ACCESS_KEY=""
 GITEA__storage__MINIO_BUCKET="git.serguzim.me"
 GITEA__storage__MINIO_LOCATION="de-fra-1"
 GITEA__storage__MINIO_USE_SSL="true"
 GITEA__OTHER__SHOW_FOOTER_BRANDING="true"
 GITEA__OTHER__SHOW_FOOTER_TEMPLATE_LOAD_TIME="false"
--- a/gitea/docker-compose.yml
+++ b/gitea/docker-compose.yml
@ -2,7 +2,7 @@ version: "3"
 services:
  server:
-    image: gitea/gitea:1.17
+    image: gitea/gitea:1.16
    container_name: gitea
    env_file:
    - .env
--- a/monitoring/.env
+++ b/monitoring/.env
--- a/monitoring/docker-compose.yml
+++ b/monitoring/docker-compose.yml
@ -8,9 +8,10 @@ services:
      - .env
      - .secret.env
    volumes:
-      - grafana-data:/var/lib/grafana/
+      - data:/var/lib/grafana/
    user: "104"
    ports:
      - 3001:3000/tcp
 volumes:
-  grafana-data:
+  data:
--- a/synapse/data/.gitignore
+++ b/synapse/data/.gitignore
@ -1,2 +0,0 @@
 /secrets.yaml
 msrg.cc.signing.key
--- a/synapse/data/homeserver.yaml
+++ b/synapse/data/homeserver.yaml
@ -1,74 +0,0 @@
 # https://matrix-org.github.io/synapse/latest/usage/configuration/index.html
 server_name: "msrg.cc"
 pid_file: /data/homeserver.pid
 public_baseurl: https://matrix.msrg.cc/
 allow_public_rooms_without_auth: true
 allow_public_rooms_over_federation: true
 listeners:
  - port: 8008
    tls: false
    type: http
    x_forwarded: true
    resources:
      - names:
        - client
        - federation
        - metrics
        compress: false
 admin_contact: "mailto:tobias@msrg.cc"
 acme:
    enabled: false
 database:
 name: "psycopg2"
 args:
   user: "synapse"
   #password: ""
   database: "synapse"
   host: "node002.serguzim.me"
   cp_min: 5
   cp_max: 10
 log_config: "/data/msrg.cc.log.config"
 media_store_path: "/media_store"
 max_upload_size: 500M
 enable_registration: false
 enable_metrics: true
 report_stats: true
 #macaroon_secret_key: ""
 #form_secret: ""
 signing_key_path: "/data/msrg.cc.signing.key"
 trusted_key_servers:
  - server_name: "matrix.org"
 suppress_key_server_warning: true
 oidc_providers:
  - idp_id: "auth_serguzim_me"
    idp_name: "auth.serguzim.me"
    issuer: "https://auth.serguzim.me/application/o/matrix_serguzim_me/"
    #client_id: ""
    #client_secret: ""
    scopes:
      - "openid"
      - "profile"
      - "email"
    user_mapping_provider:
      config:
        localpart_template: "{{ user.preferred_username }}"
        display_name_template: "{{ user.name }}"
 email:
  smtp_host: mail.serguzim.me
  smtp_port: 587
  smtp_user: "matrix@serguzim.me"
  #smtp_pass: ""
  require_transport_security: true
  notif_from: "Matrix <matrix@serguzim.me>"
 # vim:ft=yaml
--- a/synapse/data/msrg.cc.log.config
+++ b/synapse/data/msrg.cc.log.config
@ -1,22 +0,0 @@
 version: 1
 formatters:
  precise:
   format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
 handlers:
  console:
    class: logging.StreamHandler
    formatter: precise
 loggers:
    synapse.storage.SQL:
        # beware: increasing this to DEBUG will make synapse log sensitive
        # information such as access tokens.
        level: INFO
 root:
    level: INFO
    handlers: [console]
 disable_existing_loggers: false
--- a/synapse/docker-compose.yml
+++ b/synapse/docker-compose.yml
@ -1,24 +0,0 @@
 version: '3'
 services:
  synapse:
    image: docker.io/matrixdotorg/synapse:latest
    restart: always
    environment:
      - SYNAPSE_CONFIG_PATH=/data/
    volumes:
      - ./data:/data
      - media_store:/media_store
    ports:
      - 8008:8008/tcp
  synapse-admin:
    image: awesometechnologies/synapse-admin:latest
    restart: always
    ports:
      - "8009:80"
    restart: always
 volumes:
  media_store:
--- a/tt-rss/.env
+++ b/tt-rss/.env
@ -1,17 +0,0 @@
 TTRSS_DB_USER=tinytinyrss
 TTRSS_DB_NAME=tinytinyrss
 TTRSS_DB_PASS=
 TTRSS_DB_TYPE=pgsql
 TTRSS_DB_HOST=db.serguzim.me
 TTRSS_SELF_URL_PATH=https://rss.serguzim.me/tt-rss/
 # You can customize other config.php defines by setting overrides here.
 # See app/Dockerfile for complete list. Examples:
 # TTRSS_PLUGINS=auth_remote
 # TTRSS_SINGLE_USER_MODE=true
 # TTRSS_SESSION_COOKIE_LIFETIME=2592000
 # TTRSS_FORCE_ARTICLE_PURGE=30
 # etc, etc.
 HTTP_PORT=8280
--- a/tt-rss/docker-compose.yml
+++ b/tt-rss/docker-compose.yml
@ -1,35 +0,0 @@
 version: '3'
 services:
  app:
    image: cthulhoo/ttrss-fpm-pgsql-static
    restart: always
    env_file:
      - .env
      - .secret.env
    volumes:
      - app:/var/www/html
  updater:
    image: cthulhoo/ttrss-fpm-pgsql-static
    restart: always
    env_file:
      - .env
    volumes:
      - app:/var/www/html
    depends_on:
      - app
    command: /opt/tt-rss/updater.sh
  web-nginx:
    image: cthulhoo/ttrss-web-nginx
    restart: always
    ports:
      - ${HTTP_PORT}:80
    volumes:
      - app:/var/www/html:ro
    depends_on:
      - app
 volumes:
  app:
--- a/webdis/docker-compose.yml
+++ b/webdis/docker-compose.yml
@ -4,7 +4,7 @@ services:
    restart: always
    command: /usr/local/bin/webdis /config/webdis.json
    volumes:
-      - ./webdis.json:/config/webdis.json
+      - ./:/config
    networks:
      - shared
    depends_on:
--- a/webdis/webdis.json
+++ b/webdis/webdis.json
`@ -1,3 +1 @@`
	`*.secret.env`	`*.secret.env`

	`serguzim.net.png`