forked from Deuxfleurs/infrastructure
Merge branch 'main' of git.deuxfleurs.fr:Deuxfleurs/infrastructure into main
This commit is contained in:
commit
0a6ffcacd2
7 changed files with 46 additions and 89 deletions
|
@ -69,7 +69,7 @@ job "directory" {
|
|||
task "guichet" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "lxpz/guichet_amd64:10"
|
||||
image = "lxpz/guichet_amd64:11"
|
||||
readonly_rootfs = true
|
||||
ports = [ "web_port" ]
|
||||
volumes = [
|
||||
|
|
|
@ -35,6 +35,9 @@ job "garage" {
|
|||
"secrets/garage.crt:/garage/garage.crt",
|
||||
"secrets/garage.key:/garage/garage.key",
|
||||
]
|
||||
logging {
|
||||
type = "journald"
|
||||
}
|
||||
}
|
||||
|
||||
template {
|
||||
|
@ -61,8 +64,8 @@ job "garage" {
|
|||
cpu = 1000
|
||||
}
|
||||
|
||||
kill_signal = "SIGINT"
|
||||
kill_timeout = "20s"
|
||||
kill_signal = "SIGINT"
|
||||
kill_timeout = "20s"
|
||||
|
||||
service {
|
||||
tags = [
|
||||
|
@ -106,6 +109,13 @@ job "garage" {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
restart {
|
||||
interval = "30m"
|
||||
attempts = 10
|
||||
delay = "15s"
|
||||
mode = "delay"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -314,7 +314,7 @@ bcrypt_rounds: 12
|
|||
# Allows users to register as guests without a password/email/etc, and
|
||||
# participate in rooms hosted on this server which have been made
|
||||
# accessible to anonymous users.
|
||||
allow_guest_access: True
|
||||
allow_guest_access: False
|
||||
|
||||
# The list of identity servers trusted to verify third party
|
||||
# identifiers by this server.
|
||||
|
@ -469,5 +469,20 @@ report_stats: false
|
|||
suppress_key_server_warning: true
|
||||
enable_group_creation: true
|
||||
|
||||
experimental_features:
|
||||
spaces_enabled: true
|
||||
#experimental_features:
|
||||
# spaces_enabled: true
|
||||
|
||||
presence:
|
||||
enabled: false
|
||||
limit_remote_rooms:
|
||||
enabled: true
|
||||
complexity: 3.0
|
||||
complexity_error: "Ce salon de discussion a trop d'activité, le serveur n'est pas assez puissant pour le rejoindre. N'hésitez pas à remonter l'information à l'équipe technique, nous pourrons ajuster la limitation au besoin."
|
||||
admins_can_join: false
|
||||
retention:
|
||||
enabled: true
|
||||
# no default policy for now, this is intended.
|
||||
# DO NOT ADD ONE BECAUSE THIS IS DANGEROUS AND WILL DELETE CONTENT WE WANT TO KEEP!
|
||||
purge_jobs:
|
||||
- interval: 1d
|
||||
|
||||
|
|
|
@ -86,7 +86,7 @@ job "im" {
|
|||
|
||||
resources {
|
||||
cpu = 1000
|
||||
memory = 4000
|
||||
memory = 2000
|
||||
}
|
||||
|
||||
service {
|
||||
|
@ -97,7 +97,7 @@ job "im" {
|
|||
"matrix",
|
||||
"traefik.enable=true",
|
||||
"traefik.frontend.entryPoints=https",
|
||||
"traefik.frontend.rule=Host:im.deuxfleurs.fr;PathPrefix:/_matrix",
|
||||
"traefik.frontend.rule=Host:im.deuxfleurs.fr;PathPrefix:/_matrix,/_synapse",
|
||||
"traefik.frontend.headers.customResponseHeaders=Access-Control-Allow-Origin: *",
|
||||
"traefik.frontend.priority=100"
|
||||
]
|
||||
|
@ -129,86 +129,6 @@ job "im" {
|
|||
}
|
||||
}
|
||||
|
||||
group "easybridge" {
|
||||
count = 1
|
||||
|
||||
network {
|
||||
port "api_port" {
|
||||
static = 8321
|
||||
to = 8321
|
||||
}
|
||||
port "web_port" { to = 8281 }
|
||||
}
|
||||
|
||||
task "easybridge" {
|
||||
driver = "docker"
|
||||
config {
|
||||
image = "lxpz/easybridge_amd64:35"
|
||||
ports = [ "api_port", "web_port" ]
|
||||
volumes = [
|
||||
"secrets/conf:/data"
|
||||
]
|
||||
args = [ "./easybridge", "-config", "/data/config.json" ]
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/easybridge/registration.yaml.tpl")
|
||||
destination = "secrets/conf/registration.yaml"
|
||||
}
|
||||
|
||||
template {
|
||||
data = file("../config/easybridge/config.json.tpl")
|
||||
destination = "secrets/conf/config.json"
|
||||
}
|
||||
|
||||
resources {
|
||||
memory = 250
|
||||
cpu = 100
|
||||
}
|
||||
|
||||
service {
|
||||
name = "easybridge-api"
|
||||
tags = ["easybridge-api"]
|
||||
port = "api_port"
|
||||
address_mode = "host"
|
||||
check {
|
||||
type = "tcp"
|
||||
port = "api_port"
|
||||
interval = "60s"
|
||||
timeout = "5s"
|
||||
check_restart {
|
||||
limit = 3
|
||||
grace = "90s"
|
||||
ignore_warnings = false
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
service {
|
||||
name = "easybridge-web"
|
||||
tags = [
|
||||
"easybridge-web",
|
||||
"traefik.enable=true",
|
||||
"traefik.frontend.entryPoints=https,http",
|
||||
"traefik.frontend.rule=Host:easybridge.deuxfleurs.fr",
|
||||
]
|
||||
port = "web_port"
|
||||
address_mode = "host"
|
||||
check {
|
||||
type = "tcp"
|
||||
port = "web_port"
|
||||
interval = "60s"
|
||||
timeout = "5s"
|
||||
check_restart {
|
||||
limit = 3
|
||||
grace = "90s"
|
||||
ignore_warnings = false
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
group "riotweb" {
|
||||
count = 1
|
||||
|
|
|
@ -110,7 +110,7 @@ job "postgres9.6" {
|
|||
}
|
||||
|
||||
resources {
|
||||
memory = 500
|
||||
memory = 1000
|
||||
}
|
||||
|
||||
service {
|
||||
|
|
|
@ -29,6 +29,7 @@
|
|||
- iftop
|
||||
- iotop
|
||||
- docker.io
|
||||
- locales
|
||||
- unzip
|
||||
- tar
|
||||
- tcpdump
|
||||
|
|
|
@ -39,3 +39,14 @@ telemetry {
|
|||
publish_allocation_metrics = true
|
||||
publish_node_metrics = true
|
||||
}
|
||||
|
||||
plugin "docker" {
|
||||
config {
|
||||
pull_activity_timeout = "15m"
|
||||
volumes {
|
||||
enabled = true
|
||||
}
|
||||
allow_privileged = true
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue