forked from Deuxfleurs/infrastructure
Merge branch 'master' of gitlab.com:superboum/deuxfleurs.fr
This commit is contained in:
commit
0b3eb8ec1b
11 changed files with 178 additions and 9 deletions
133
consul/configuration/chat/fb2mx/config.yaml
Normal file
133
consul/configuration/chat/fb2mx/config.yaml
Normal file
|
@ -0,0 +1,133 @@
|
||||||
|
# Homeserver details
|
||||||
|
homeserver:
|
||||||
|
# The address that this appservice can use to connect to the homeserver.
|
||||||
|
address: https://im.deuxfleurs.fr
|
||||||
|
# The domain of the homeserver (for MXIDs, etc).
|
||||||
|
domain: deuxfleurs.fr
|
||||||
|
# Whether or not to verify the SSL certificate of the homeserver.
|
||||||
|
# Only applies if address starts with https://
|
||||||
|
verify_ssl: true
|
||||||
|
|
||||||
|
# Application service host/registration related details
|
||||||
|
# Changing these values requires regeneration of the registration.
|
||||||
|
appservice:
|
||||||
|
# The address that the homeserver can use to connect to this appservice.
|
||||||
|
address: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319
|
||||||
|
|
||||||
|
# The hostname and port where this appservice should listen.
|
||||||
|
hostname: 0.0.0.0
|
||||||
|
port: 29319
|
||||||
|
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
|
||||||
|
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
|
||||||
|
max_body_size: 1
|
||||||
|
|
||||||
|
# The full URI to the database. SQLite and Postgres are fully supported.
|
||||||
|
# Other DBMSes supported by SQLAlchemy may or may not work.
|
||||||
|
# Format examples:
|
||||||
|
# SQLite: sqlite:///filename.db
|
||||||
|
# Postgres: postgres://username:password@hostname/dbname
|
||||||
|
database: '{{ key "secrets/chat/fb2mx/db_url" | trimSpace }}'
|
||||||
|
|
||||||
|
# The unique ID of this appservice.
|
||||||
|
id: facebook
|
||||||
|
# Username of the appservice bot.
|
||||||
|
bot_username: facebookbot
|
||||||
|
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||||
|
# to leave display name/avatar as-is.
|
||||||
|
bot_displayname: Facebook bridge bot
|
||||||
|
bot_avatar: mxc://maunium.net/ddtNPZSKMNqaUzqrHuWvUADv
|
||||||
|
|
||||||
|
# Community ID for bridged users (changes registration file) and rooms.
|
||||||
|
# Must be created manually.
|
||||||
|
community_id: "+fbusers:deuxfleurs.fr"
|
||||||
|
|
||||||
|
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
||||||
|
as_token: "This value is generated when generating the registration"
|
||||||
|
hs_token: "This value is generated when generating the registration"
|
||||||
|
|
||||||
|
# Bridge config
|
||||||
|
bridge:
|
||||||
|
# Localpart template of MXIDs for Facebook users.
|
||||||
|
# {userid} is replaced with the user ID of the Facebook user.
|
||||||
|
username_template: "facebook_{userid}"
|
||||||
|
# Localpart template for per-user room grouping community IDs.
|
||||||
|
# The bridge will create these communities and add all of the specific user's portals to the community.
|
||||||
|
# {localpart} is the MXID localpart and {server} is the MXID server part of the user.
|
||||||
|
#
|
||||||
|
# `facebook_{localpart}={server}` is a good value.
|
||||||
|
community_template: "facebook_{localpart}={server}"
|
||||||
|
# Displayname template for Facebook users.
|
||||||
|
# {displayname} is replaced with the display name of the Facebook user
|
||||||
|
# as defined below in displayname_preference.
|
||||||
|
# Keys available for displayname_preference are also available here.
|
||||||
|
displayname_template: "{displayname} (FB)"
|
||||||
|
# Available keys:
|
||||||
|
# "name" (full name)
|
||||||
|
# "first_name"
|
||||||
|
# "last_name"
|
||||||
|
# "nickname"
|
||||||
|
# "own_nickname" (user-specific!)
|
||||||
|
displayname_preference:
|
||||||
|
- name
|
||||||
|
|
||||||
|
# The prefix for commands. Only required in non-management rooms.
|
||||||
|
command_prefix: "!fb"
|
||||||
|
|
||||||
|
# Number of chats to sync (and create portals for) on startup/login.
|
||||||
|
# Maximum 20, set 0 to disable automatic syncing.
|
||||||
|
initial_chat_sync: 10
|
||||||
|
# Whether or not the Facebook users of logged in Matrix users should be
|
||||||
|
# invited to private chats when the user sends a message from another client.
|
||||||
|
invite_own_puppet_to_pm: false
|
||||||
|
# Whether or not to use /sync to get presence, read receipts and typing notifications when using
|
||||||
|
# your own Matrix account as the Matrix puppet for your Facebook account.
|
||||||
|
sync_with_custom_puppets: true
|
||||||
|
# Whether or not to bridge presence in both directions. Facebook allows users not to broadcast
|
||||||
|
# presence, but then it won't send other users' presence to the client.
|
||||||
|
presence: true
|
||||||
|
# Whether or not to update avatars when syncing all contacts at startup.
|
||||||
|
update_avatar_initial_sync: true
|
||||||
|
|
||||||
|
# Permissions for using the bridge.
|
||||||
|
# Permitted values:
|
||||||
|
# user - Use the bridge with puppeting.
|
||||||
|
# admin - Use and administrate the bridge.
|
||||||
|
# Permitted keys:
|
||||||
|
# * - All Matrix users
|
||||||
|
# domain - All users on that homeserver
|
||||||
|
# mxid - Specific user
|
||||||
|
permissions:
|
||||||
|
"deuxfleurs.fr": "user"
|
||||||
|
|
||||||
|
# Python logging configuration.
|
||||||
|
#
|
||||||
|
# See section 16.7.2 of the Python documentation for more info:
|
||||||
|
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
|
||||||
|
logging:
|
||||||
|
version: 1
|
||||||
|
formatters:
|
||||||
|
colored:
|
||||||
|
(): mautrix_facebook.util.ColorFormatter
|
||||||
|
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
||||||
|
normal:
|
||||||
|
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
||||||
|
handlers:
|
||||||
|
file:
|
||||||
|
class: logging.handlers.RotatingFileHandler
|
||||||
|
formatter: normal
|
||||||
|
filename: ./mautrix-facebook.log
|
||||||
|
maxBytes: 10485760
|
||||||
|
backupCount: 10
|
||||||
|
console:
|
||||||
|
class: logging.StreamHandler
|
||||||
|
formatter: colored
|
||||||
|
loggers:
|
||||||
|
mau:
|
||||||
|
level: DEBUG
|
||||||
|
fbchat:
|
||||||
|
level: DEBUG
|
||||||
|
aiohttp:
|
||||||
|
level: INFO
|
||||||
|
root:
|
||||||
|
level: DEBUG
|
||||||
|
handlers: [file, console]
|
11
consul/configuration/chat/fb2mx/registration.yaml
Normal file
11
consul/configuration/chat/fb2mx/registration.yaml
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
id: facebook
|
||||||
|
as_token: '{{ key "secrets/chat/fb2mx/as_token" | trimSpace }}'
|
||||||
|
hs_token: '{{ key "secrets/chat/fb2mx/hs_token" | trimSpace }}'
|
||||||
|
namespaces:
|
||||||
|
users:
|
||||||
|
- exclusive: true
|
||||||
|
regex: '@facebook_.+:deuxfleurs.fr'
|
||||||
|
group_id: '+fbusers:deuxfleurs.fr'
|
||||||
|
url: http://fb2mx.service.2.cluster.deuxfleurs.fr:29319
|
||||||
|
sender_localpart: facebookbot
|
||||||
|
rate_limited: false
|
|
@ -307,7 +307,8 @@ room_invite_state_types:
|
||||||
|
|
||||||
|
|
||||||
# A list of application service config file to use
|
# A list of application service config file to use
|
||||||
app_service_config_files: []
|
app_service_config_files:
|
||||||
|
- "/etc/matrix-synapse/fb2mx_registration.yaml"
|
||||||
|
|
||||||
|
|
||||||
# macaroon_secret_key: <PRIVATE STRING>
|
# macaroon_secret_key: <PRIVATE STRING>
|
||||||
|
@ -402,4 +403,8 @@ password_config:
|
||||||
# notif_template_html: notif_mail.html
|
# notif_template_html: notif_mail.html
|
||||||
# notif_template_text: notif_mail.txt
|
# notif_template_text: notif_mail.txt
|
||||||
# notif_for_new_users: True
|
# notif_for_new_users: True
|
||||||
|
|
||||||
|
# Key that had to be added after some synapse updates to please matrix developers...
|
||||||
report_stats: false
|
report_stats: false
|
||||||
|
suppress_key_server_warning: true
|
||||||
|
enable_group_creation: true
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
find {configuration,secrets} -type f \
|
find {configuration,secrets}/$1 -type f \
|
||||||
| grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \
|
| grep --perl-regexp --invert-match "\.sample$|\.gen$|/.gitignore$" \
|
||||||
| while read filename; do
|
| while read filename; do
|
||||||
consul kv put "${filename}" "@${filename}"
|
consul kv put "${filename}" "@${filename}"
|
||||||
|
|
0
consul/secrets/chat/fb2mx/as_token.sample
Normal file
0
consul/secrets/chat/fb2mx/as_token.sample
Normal file
1
consul/secrets/chat/fb2mx/db_url.sample
Normal file
1
consul/secrets/chat/fb2mx/db_url.sample
Normal file
|
@ -0,0 +1 @@
|
||||||
|
postgres://username:password@hostname/dbname
|
0
consul/secrets/chat/fb2mx/hs_token.sample
Normal file
0
consul/secrets/chat/fb2mx/hs_token.sample
Normal file
|
@ -9,7 +9,7 @@ RUN apt-get update && \
|
||||||
tar xf ./seafile.tar.gz && \
|
tar xf ./seafile.tar.gz && \
|
||||||
mv seafile-server-${VERSION} seafile-server
|
mv seafile-server-${VERSION} seafile-server
|
||||||
|
|
||||||
FROM debian:buster
|
FROM amd64/debian:buster
|
||||||
|
|
||||||
COPY --from=builder ./seafile-server /srv/webstore/seafile-server
|
COPY --from=builder ./seafile-server /srv/webstore/seafile-server
|
||||||
|
|
||||||
|
@ -32,10 +32,11 @@ RUN apt-get update && \
|
||||||
pip install Pillow==4.3.0 && \
|
pip install Pillow==4.3.0 && \
|
||||||
pip install moviepy && \
|
pip install moviepy && \
|
||||||
useradd -u 1000 -d /srv/webstore seauser && \
|
useradd -u 1000 -d /srv/webstore seauser && \
|
||||||
chown -R seauser:1000 /srv/webstore/ && \
|
chown -R seauser:1000 /srv/webstore/
|
||||||
mkdir -p /usr/lib64/mysql/plugin/ && \
|
|
||||||
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/lib64/mysql/plugin/ && \
|
RUN mkdir -p /usr/local/lib/mariadb/plugin/ && \
|
||||||
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/lib64/mysql/plugin/
|
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/mysql_clear_password.so /usr/local/lib/mariadb/plugin/ && \
|
||||||
|
ln -s /usr/lib/x86_64-linux-gnu/mariadb*/plugin/dialog.so /usr/local/lib/mariadb/plugin/
|
||||||
|
|
||||||
WORKDIR /srv/webstore/seafile-server
|
WORKDIR /srv/webstore/seafile-server
|
||||||
COPY seadocker /usr/local/bin/seadocker
|
COPY seadocker /usr/local/bin/seadocker
|
||||||
|
|
|
@ -7,6 +7,7 @@ When upgrading, connect on a production server and run:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
nomad stop seafile
|
nomad stop seafile
|
||||||
|
sudo docker build -t superboum/amd64_seafile:v6 .
|
||||||
|
|
||||||
sudo docker run -t -i \
|
sudo docker run -t -i \
|
||||||
-v /mnt/glusterfs/seafile:/mnt/seafile-data \
|
-v /mnt/glusterfs/seafile:/mnt/seafile-data \
|
||||||
|
@ -23,3 +24,4 @@ sudo docker run -t -i \
|
||||||
nomad start seafile.hcl
|
nomad start seafile.hcl
|
||||||
```
|
```
|
||||||
|
|
||||||
|
when upgrading, change the command on start
|
||||||
|
|
|
@ -29,7 +29,7 @@ job "chat" {
|
||||||
}
|
}
|
||||||
|
|
||||||
artifact {
|
artifact {
|
||||||
source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw&a=a"
|
source = "http://127.0.0.1:8500/v1/kv/configuration/chat/synapse/homeserver.yaml?raw"
|
||||||
destination = "secrets/tpl/homeserver.yaml.tpl"
|
destination = "secrets/tpl/homeserver.yaml.tpl"
|
||||||
mode = "file"
|
mode = "file"
|
||||||
}
|
}
|
||||||
|
@ -37,6 +37,17 @@ job "chat" {
|
||||||
source = "secrets/tpl/homeserver.yaml.tpl"
|
source = "secrets/tpl/homeserver.yaml.tpl"
|
||||||
destination = "secrets/conf/homeserver.yaml"
|
destination = "secrets/conf/homeserver.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
artifact {
|
||||||
|
source = "http://127.0.0.1:8500/v1/kv/configuration/chat/fb2mx/registration.yaml?raw"
|
||||||
|
destination = "secrets/tpl/fb2mx_registration.yaml.tpl"
|
||||||
|
mode = "file"
|
||||||
|
}
|
||||||
|
template {
|
||||||
|
source = "secrets/tpl/fb2mx_registration.yaml.tpl"
|
||||||
|
destination = "secrets/conf/fb2mx_registration.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
template {
|
template {
|
||||||
data = "{{ key \"configuration/chat/synapse/log.yaml\" }}"
|
data = "{{ key \"configuration/chat/synapse/log.yaml\" }}"
|
||||||
destination = "secrets/conf/log.yaml"
|
destination = "secrets/conf/log.yaml"
|
||||||
|
|
|
@ -12,7 +12,12 @@ job "seafile" {
|
||||||
task "server" {
|
task "server" {
|
||||||
driver = "docker"
|
driver = "docker"
|
||||||
config {
|
config {
|
||||||
image = "superboum/amd64_seafile:v4"
|
image = "superboum/amd64_seafile:v6"
|
||||||
|
|
||||||
|
## cmd + args are used for running an instance attachable for update
|
||||||
|
# command = "/bin/sleep"
|
||||||
|
# args = ["999999"]
|
||||||
|
|
||||||
port_map {
|
port_map {
|
||||||
seahub_port = 8000
|
seahub_port = 8000
|
||||||
seafdav_port = 8084
|
seafdav_port = 8084
|
||||||
|
|
Loading…
Reference in a new issue