heroes / salt

Clone
Source Code
GIT

Blame pillar/role/matrix.sls

adjust-ci-pipeline anikitin/mirrorcache anikitin/t_allow_jinja_in_secrets anikitin/web_mirrors__proxy_mirrorcache bootloader cboltz-borgbackup cboltz-relnotes-15.3 cboltz-scar-sshd doc-o-o gateway hellcp/matrix-synapse-workers-syntax hellcp/paste-sync ifconfig infra libvirt lrupp-production-patch-08358 lrupp/add_identification lrupp/remove_login_interface lrupp/retire lrupp/serve_www mailman micro monitoring-restart paste-socket postfix-aliases production repositories set-secret-detection-config-1 sysctl update-access-crtmgr
  1.   25af9f49cf73414c0a91ba16ff2feeb435732774
  2.   pillar
  3.   role
  4.   matrix.sls
Blob History Raw
Stasiek Michalski 73f0a6 
include:
Stasiek Michalski 449672 
  {% if salt['grains.get']('include_secrets', True) %}
Stasiek Michalski 73f0a6 
  - secrets.role.matrix
Stasiek Michalski 449672 
  {% endif %}
Stasiek Michalski 449672 
  - role.common.nginx
Stasiek Michalski dcada2
Stasiek Michalski dcada2 
profile:
Stasiek Michalski dcada2 
  matrix:
Jacob Michalskie cef71d 
    database_host: 192.168.47.4
Stasiek Michalski a58913 
    database_name: matrix
Stasiek Michalski a58913 
    database_user: matrix
Sasi Olin c44f14 
    workers:
Sasi Olin c44f14 
      generic_worker:
Sasi Olin c44f14 
        - rest:
Sasi Olin c44f14 
            - ^/_matrix/client/(v2_alpha|r0|v3)/sync$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|v2_alpha|r0|v3)/events$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3)/initialSync$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$
Sasi Olin c44f14 
          workers:
Sasi Olin 6725c7 
            sync1: 8501
Sasi Olin c44f14 
        - rest:
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/event/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/state/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/state_ids/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/backfill/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/get_missing_events/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/publicRooms
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/query/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/make_join/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/make_leave/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/send_join/
Sasi Olin c44f14 
            - ^/_matrix/federation/v2/send_join/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/send_leave/
Sasi Olin c44f14 
            - ^/_matrix/federation/v2/send_leave/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/invite/
Sasi Olin c44f14 
            - ^/_matrix/federation/v2/invite/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/query_auth/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/event_auth/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/exchange_third_party_invite/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/user/devices/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/get_groups_publicised$
Sasi Olin c44f14 
            - ^/_matrix/key/v2/query
Sasi Olin c44f14 
            - ^/_matrix/federation/unstable/org.matrix.msc2946/spaces/
Sasi Olin c44f14 
            - ^/_matrix/federation/(v1|unstable/org.matrix.msc2946)/hierarchy/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/send/
Sasi Olin c44f14 
            - ^/_matrix/federation/v1/groups/
Sasi Olin c44f14 
          workers:
Sasi Olin 6725c7 
            federation_requests1: 8511
Sasi Olin 6725c7 
            federation_requests2: 8512
Sasi Olin c44f14 
          upstream_balancing: ip_hash;
Sasi Olin c44f14 
        - rest:
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$
Sasi Olin c44f14 
            - ^/_matrix/client/unstable/org.matrix.msc2946/rooms/.*/spaces$
Sasi Olin c44f14 
            - ^/_matrix/client/(v1|unstable/org.matrix.msc2946)/rooms/.*/hierarchy$
Sasi Olin c44f14 
            - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/account/3pid$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/devices$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/changes$
Sasi Olin c44f14 
            - ^/_matrix/client/versions$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_groups$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicised_groups/
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$
Sasi Olin c44f14 
          workers:
Sasi Olin 6725c7 
            client1: 8521
Sasi Olin 6725c7 
            client2: 8522
Sasi Olin c44f14 
        - rest:
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$
Sasi Olin c44f14 
            - ^/_matrix/client/(r0|v3|unstable)/register$
Sasi Olin c44f14 
            - ^/_matrix/client/v1/register/m.login.registration_token/validity$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect
Sasi Olin c44f14 
            - ^/_synapse/client/pick_idp$
Sasi Olin c44f14 
            - ^/_synapse/client/pick_username
Sasi Olin c44f14 
            - ^/_synapse/client/new_user_consent$
Sasi Olin c44f14 
            - ^/_synapse/client/sso_register$
Sasi Olin c44f14 
            - ^/_synapse/client/oidc/callback$
Sasi Olin c44f14 
            - ^/_synapse/client/saml2/authn_response$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$
Sasi Olin c44f14 
          workers:
Sasi Olin 6725c7 
            login: 8531 # There can be only one login worker
Sasi Olin c44f14 
        - rest:
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/
Sasi Olin c44f14 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/
Sasi Olin c44f14 
          workers:
Sasi Olin 6725c7 
            event1: 8541
Sasi Olin 6725c7 
            event2: 8542
Sasi Olin c44f14 
      pusher:
Sasi Olin 6725c7 
        - workers:
Sasi Olin 6725c7 
            pusher1: 8551
Sasi Olin 6725c7 
            pusher2: 8552
Sasi Olin c44f14 
      federation_sender:
Sasi Olin 6725c7 
        - workers:
Sasi Olin 6725c7 
            federation_sender1: 8571
Sasi Olin 6725c7 
            federation_sender2: 8572
Sasi Olin c44f14 
      media_repository:
Sasi Olin 6725c7 
        - rest:
Sasi Olin 6725c7 
            - ^/_matrix/media/
Sasi Olin 6725c7 
          workers:
Sasi Olin 6725c7 
            media1: 8581
Sasi Olin 6725c7 
            media2: 8582
Sasi Olin 6725c7 
          resources:
Sasi Olin 6725c7 
          - media
Sasi Olin c44f14 
      frontend_proxy:
Sasi Olin 6725c7 
        - rest:
Sasi Olin 6725c7 
            - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/upload
Sasi Olin 6725c7 
          workers:
Sasi Olin 6725c7 
            frontend_proxy: 8601
Sasi Olin 6725c7 
          config:
Sasi Olin 6725c7 
            - worker_main_http_uri: http://127.0.0.1:8008
Sasi Olin c44f14
Sasi Olin c44f14
Stasiek Michalski 7bfc09 
    appservices:
Stasiek Michalski 7bfc09 
      discord:
Stasiek Michalski 7bfc09 
        repo: https://github.com/Half-Shot/matrix-appservice-discord.git
Stasiek Michalski dfe3e2 
        branch: develop
Stasiek Michalski 7bfc09 
        client_id: 672058964707377152
Stasiek Michalski 7bfc09 
        appservice_id: 330d1b6dcdf6a2217454f8227d2a960030d341a8baca5fa5c40f4081b6f40acd
Stasiek Michalski 7a486f 
        build: True
Stasiek Michalski 97438a 
        script: /usr/bin/node build/src/discordas.js -c config.yaml -f discord-registration.yaml -p 9001
Jacob Michalskie 923bf0 
      hookshot:
Sasi Olin 136178 
        repo: https://github.com/matrix-org/matrix-hookshot.git
Jacob Michalskie 2c2b59 
        branch: main
Jacob Michalskie 923bf0 
        appservice_id: 752272fc2ad36c461fb148792d197040668adda278cc3e4a247eb977519f58e5
Jacob Michalskie 923bf0 
        build: False # It uses yarn instead of npm
Jacob Michalskie 923bf0 
        script: /usr/bin/node lib/App/BridgeApp.js config.yaml hookshot-registration.yaml
Stasiek Michalski 3b66c9 
    telegram:
Stasiek Michalski 3b66c9 
      appservice_id: oepzkscngbyqvopzn773ns7whfxyfslgjhy7mumy7syurqp3f4kvb4sgufz9nfsw
Stasiek Michalski fe5ed2 
      api_id: 1331253
Stasiek Michalski 187e05
Stasiek Michalski 0fbf50 
nginx:
Stasiek Michalski 0fbf50 
  ng:
Stasiek Michalski 0fbf50 
    servers:
Stasiek Michalski 0fbf50 
      managed:
Stasiek Michalski 0fbf50 
        chat.opensuse.org.conf:
Stasiek Michalski 0fbf50 
          config:
Stasiek Michalski 0fbf50 
            - server:
Stasiek Michalski 0fbf50 
                - server_name: chat.opensuse.org
Stasiek Michalski 0fbf50 
                - listen:
Stasiek Michalski 0fbf50 
                    - 80
Stasiek Michalski 0fbf50 
                    - default_server
Sasi Olin 136178 
                - root: /usr/share/webapps/element
Stasiek Michalski 0fbf50 
                - gzip_vary: 'on'
Stasiek Michalski 0fbf50 
                - gzip_min_length: 1000
Stasiek Michalski 0fbf50 
                - gzip_comp_level: 5
Stasiek Michalski 0fbf50 
                - gzip_types:
Stasiek Michalski 0fbf50 
                    - text/plain
Stasiek Michalski 449672 
                    - text/xml
Stasiek Michalski 449672 
                    - text/x-js
Stasiek Michalski 0fbf50 
                    - application/json
Stasiek Michalski 0fbf50 
                    - text/css
Stasiek Michalski 0fbf50 
                    - application/x-javascript
Stasiek Michalski 0fbf50 
                    - application/javascript
Stasiek Michalski 0fbf50 
                - location /:
Stasiek Michalski 0fbf50 
                    - index:
Stasiek Michalski 0fbf50 
                        - index.html
Stasiek Michalski 0fbf50 
                        - index.htm
Stasiek Michalski 48ba30 
                - location /vector-icons/:
Stasiek Michalski 235425 
                    - rewrite: ^(.*?)\..*?(\..*?)$ $1$2 last
Stasiek Michalski df62b8 
                    - proxy_set_header: Host static.opensuse.org
Stasiek Michalski 48ba30 
                    - proxy_pass: https://static.opensuse.org/chat/favicons/
Stasiek Michalski 0fbf50 
                - location ~* \.(?:ttf|otf|eot|woff)$:
Stasiek Michalski 0fbf50 
                    - add_header: Access-Control-Allow-Origin "*"
Stasiek Michalski 0fbf50 
                - access_log: /var/log/nginx/chat.access.log combined
Stasiek Michalski 0fbf50 
                - error_log: /var/log/nginx/chat.error.log
Stasiek Michalski f0e51b 
          enabled: True
Jacob Michalskie 659a6b 
        dimension.opensuse.org.conf:
Stasiek Michalski 97438a 
          config:
Stasiek Michalski 0fbf50 
            - server:
Stasiek Michalski 0fbf50 
                - server_name: dimension.opensuse.org
Stasiek Michalski 0fbf50 
                - listen:
Stasiek Michalski 0fbf50 
                    - 80
Stasiek Michalski 0fbf50 
                - location /:
Stasiek Michalski 5f0bd9 
                    - return: 301 https://chat.opensuse.org
Stasiek Michalski 529b25 
                - location ~ "/..*":
Stasiek Michalski f0e51b 
                    - proxy_set_header: X-Forwarded-For $remote_addr
Stasiek Michalski 0fbf50 
                    - proxy_pass: http://localhost:8184
Stasiek Michalski 48ba30 
                - location /img/avatars/:
Stasiek Michalski df62b8 
                    - proxy_set_header: Host static.opensuse.org
Stasiek Michalski 48ba30 
                    - proxy_pass: https://static.opensuse.org/chat/integrations/
Stasiek Michalski 0fbf50 
          enabled: True
Jacob Michalskie 659a6b 
        matrix.opensuse.org.conf:
Stasiek Michalski 97438a 
          config:
Jacob Michalskie 25af9f 
            - include: /etc/matrix-synapse/workers/upstreams.conf
Stasiek Michalski 97438a 
            - server:
Stasiek Michalski 97438a 
                - server_name: matrix.opensuse.org
Stasiek Michalski 97438a 
                - listen:
Stasiek Michalski 97438a 
                    - 80
Stasiek Michalski 5f0bd9 
                - location /:
Stasiek Michalski 5f0bd9 
                    - return: 301 https://chat.opensuse.org
Stasiek Michalski 97438a 
                - location /_matrix:
Stasiek Michalski 97438a 
                    - proxy_set_header: X-Forwarded-For $remote_addr
Stasiek Michalski 97438a 
                    - proxy_pass: http://localhost:8008
Sasi Olin 08cea7 
                - include: /etc/matrix-synapse/workers/nginx.conf
Stasiek Michalski 97438a 
          enabled: True
Jacob Michalskie 659a6b 
        webhook.opensuse.org.conf:
Stasiek Michalski 97438a 
          config:
Stasiek Michalski 97438a 
            - server:
Stasiek Michalski 97438a 
                - server_name: webhook.opensuse.org
Stasiek Michalski 97438a 
                - listen:
Stasiek Michalski 97438a 
                    - 80
Stasiek Michalski 97438a 
                - location /:
Stasiek Michalski 5f0bd9 
                    - return: 301 https://chat.opensuse.org
Stasiek Michalski 529b25 
                - location ~ "/..*":
Stasiek Michalski 97438a 
                    - proxy_set_header: X-Forwarded-For $remote_addr
Sasi Olin 136178 
                    - proxy_pass: http://localhost:9005
Stasiek Michalski 97438a 
          enabled: True
Stasiek Michalski 0fbf50
Stasiek Michalski 187e05 
sudoers:
Stasiek Michalski 187e05 
  included_files:
Stasiek Michalski 187e05 
    /etc/sudoers.d/group_matrix-admins:
Stasiek Michalski 187e05 
      groups:
Stasiek Michalski 187e05 
        matrix-admins:
Stasiek Michalski 187e05 
          - 'ALL=(ALL) ALL'
Stasiek Michalski f5e2b9
Stasiek Michalski ed486e 
apparmor:
Stasiek Michalski ed486e 
  profiles:
Stasiek Michalski ed486e 
    matrix-synapse:
Stasiek Michalski ed486e 
      source: salt://profile/matrix/files/matrix-synapse.apparmor
Stasiek Michalski 7491bc
Stasiek Michalski f5e2b9 
zypper:
Stasiek Michalski f5e2b9 
  repositories:
Stasiek Michalski f5e2b9 
    openSUSE:infrastructure:matrix:
Christian Boltz e15791 
      baseurl: http://download.infra.opensuse.org/repositories/openSUSE:/infrastructure:/matrix/openSUSE_Tumbleweed/
Stasiek Michalski f5e2b9 
      priority: 100
Stasiek Michalski 7491bc 
      refresh: True
Christian Boltz e15791 
#   devel:languages:python:backports:
Christian Boltz e15791 
#     baseurl: https://download.opensuse.org/repositories/devel:/languages:/python:/backports/openSUSE_Leap_$releasever/
Christian Boltz e15791 
#     refresh: True
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.