Tons of updates to fix migration to new server.
--- a/certbot-dns-cloudflare/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/certbot-dns-cloudflare/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -13,6 +13,12 @@
owner: "root"
group: "root"
+- name: make renewal dir
+ become: yes
+ file:
+ path: "/etc/letsencrypt/renewal/"
+ state: "directory"
+
- name: configure renewal
become: yes
template:
@@ -24,11 +30,11 @@
- name: check if cert exists
become: yes
- stat: path="/etc/letsencrypt/live/{{certbot_dns_cloudflare_domain}}/cert.pem"
+ stat: path="/etc/letsencrypt/live/{{certbot_dns_cloudflare_domain}}-0001/cert.pem"
register: cert
- name: run certbot
become: yes
- command: "certbot certonly -n --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cred.conf -d {{certbot_dns_cloudflare_domain}}"
+ command: "certbot certonly -n --agree-tos --email {{certbot_dns_cloudflare_email}} --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cred.conf -d {{certbot_dns_cloudflare_domain}} -d \"*.{{certbot_dns_cloudflare_domain}}\""
when: not cert.stat.exists
changed_when: false
--- a/dendrite/build/defaults/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/dendrite/build/defaults/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -1,6 +1,6 @@
---
-dendrite_version: "0.13.5"
+dendrite_version: "0.13.6"
# https://github.com/matrix-org/dendrite/releases
dendrite_tar: "https://github.com/matrix-org/dendrite/archive/refs/tags/v{{dendrite_version}}.tar.gz"
dendrite_build_dir: "/tmp/dendrite-{{dendrite_version}}"
--- a/dendrite/server/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/dendrite/server/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -17,6 +17,7 @@
remote_src: yes
src: "{{dendrite_tar}}"
dest: "/tmp/dendrite/"
+ notify: restart service
- name: install dendrite binary
become: yes
@@ -34,6 +35,7 @@
- {"src": "generate-config" , "dest": "dendrite-generate-config"}
- {"src": "generate-keys" , "dest": "dendrite-generate-keys"}
- {"src": "resolve-state" , "dest": "dendrite-resolve-state"}
+ notify: restart service
- name: create instance dir
become: yes
--- a/dendrite/server/templates/dendrite.yaml.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/dendrite/server/templates/dendrite.yaml.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -68,6 +68,10 @@
# The base URL to delegate client-server communications to e.g. https://localhost
well_known_client_name: ""
+ # The server name to delegate sliding sync communications to, with optional port.
+ # Requires `well_known_client_name` to also be configured.
+ well_known_sliding_sync_proxy: ""
+
# Lists of domains that the server will trust as identity servers to verify third
# party identifiers such as phone numbers and email addresses.
trusted_third_party_id_servers:
@@ -146,6 +150,13 @@
# to be sent to an insecure endpoint.
disable_tls_validation: false
+ # Send the access_token query parameter with appservice requests in addition
+ # to the Authorization header. This can cause hs_tokens to be saved to logs,
+ # so it should not be enabled unless absolutely necessary.
+ legacy_auth: false
+ # Use the legacy unprefixed paths for appservice requests.
+ legacy_paths: false
+
# Appservice configuration files to load into this homeserver.
config_files:
# - /path/to/appservice_registration.yaml
@@ -312,6 +323,10 @@
auto_join_rooms:
# - "#main:matrix.org"
+ # The number of workers to start for the DeviceListUpdater. Defaults to 8.
+ # This only needs updating if the "InputDeviceListUpdate" stream keeps growing indefinitely.
+ # worker_count: 8
+
# Configuration for Opentracing.
# See https://github.com/matrix-org/dendrite/tree/master/docs/tracing for information on
# how this works and how to set it up.
--- a/dendrite/server/templates/setup_db.psql.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/dendrite/server/templates/setup_db.psql.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -1,2 +1,3 @@
-CREATE USER {{dendrite_db_user}} WITH ENCRYPTED PASSWORD '{{dendrite_db_pass}}';
+CREATE USER {{dendrite_db_user}};
+ALTER USER {{dendrite_db_user}} WITH PASSWORD '{{dendrite_db_pass}}'
CREATE DATABASE {{dendrite_db}} WITH OWNER {{dendrite_db_user}};
--- a/mercurial/web/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/mercurial/web/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -10,6 +10,12 @@
- "python3-pygments"
notify: restart uwsgi
+- name: make hgweb dir
+ become: yes
+ file:
+ path: "{{mercurial_uwsgi_root}}"
+ state: "directory"
+
- name: configure hgweb
become: yes
template: src="{{item}}.j2" dest="{{mercurial_uwsgi_root}}/{{item}}"
--- a/miniflux/templates/setup_db.psql.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/miniflux/templates/setup_db.psql.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -1,4 +1,5 @@
-CREATE USER miniflux WITH ENCRYPTED PASSWORD '{{miniflux_db_pass}}';
+CREATE USER miniflux;
+ALTER USER miniflux WITH PASSWORD '{{miniflux_db_pass}}';
CREATE DATABASE miniflux WITH OWNER miniflux;
\c miniflux;
--Extensions made by miniflux that need superuser access
--- a/nostr/relayer/templates/setup_db.psql.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/nostr/relayer/templates/setup_db.psql.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -1,2 +1,3 @@
-CREATE USER {{relayer_db_user}} WITH ENCRYPTED PASSWORD '{{relayer_db_pass}}';
+CREATE USER {{relayer_db_user}};
+ALTER USER {{relayer_db_user}} WITH PASSWORD '{{relayer_db_pass}}';
CREATE DATABASE {{relayer_db}} WITH OWNER {{relayer_db_user}};
--- a/pleroma/otp/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/pleroma/otp/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -11,6 +11,10 @@
- "libmagic-dev"
- "libtinfo5"
+- name: install libssl1.1 deb
+ become: yes
+ apt: deb="http://ports.ubuntu.com/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_{{arch}}.deb"
+
- name: create pleroma config and data directories
become: yes
file:
--- a/pleroma/otp/templates/setup_db.psql.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/pleroma/otp/templates/setup_db.psql.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -1,4 +1,5 @@
-CREATE USER {{pleroma_db_user}} WITH ENCRYPTED PASSWORD '{{pleroma_db_passwd}}';
+CREATE USER {{pleroma_db_user}};
+ALTER USER {{pleroma_db_user}} WITH ENCRYPTED PASSWORD '{{pleroma_db_passwd}}';
CREATE DATABASE {{pleroma_db}} WITH OWNER {{pleroma_db_user}};
\c {{pleroma_db}};
--Extensions made by ecto.migrate that need superuser access
--- a/postgresql/defaults/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/postgresql/defaults/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -2,6 +2,7 @@
# migrate PG version with pg_upgradecluster (see manpage)
postgresql_version: "14"
+postgresql_initidb_path: "/usr/lib/postgresql/{{postgresql_version}}/bin/initdb"
postgresql_config_path: "/etc/postgresql/{{postgresql_version}}/main/postgresql.conf"
postgresql_data_dir: "/var/lib/postgresql/{{postgresql_version}}/main"
postgresql_apt_packages:
--- a/postgresql/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/postgresql/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -22,6 +22,17 @@
group: "postgres"
notify: restart postgres
+- name: check if postgresql data dir is new
+ become: yes
+ find: path='{{postgresql_data_dir}}'
+ register: filesFound
+
+- name: initialize pg data dir
+ become: yes
+ become_user: "postgres"
+ command: "{{postgresql_initidb_path}} -D {{postgresql_data_dir}}"
+ when: filesFound == 0
+
- name: ensure postgresql is started
become: yes
systemd: name="postgresql" enabled="yes" state="started"
--- a/prosody/templates/setup_db.psql.j2 Sun Jan 21 15:58:58 2024 -0600
+++ b/prosody/templates/setup_db.psql.j2 Sun Feb 04 20:27:19 2024 -0600
@@ -1,2 +1,3 @@
-CREATE USER {{prosody_db}} WITH ENCRYPTED PASSWORD '{{prosody_db_pass}}';
+CREATE USER {{prosody_db}};
+ALTER USER {{prosody_db}} WITH PASSWORD '{{prosody_db_pass}}';
CREATE DATABASE {{prosody_db}} ENCODING 'UTF8' LC_COLLATE='C.UTF-8' LC_CTYPE='C.UTF-8' template=template0 OWNER {{prosody_db}};
--- a/rpi-base/defaults/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/rpi-base/defaults/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -4,6 +4,7 @@
rpi_base_timezone: "America/Chicago"
rpi_base_log_size: "100M"
rpi_base_apt_packages:
+ - "mosh"
- "avahi-daemon"
- "log2ram"
- "fail2ban"
--- a/unifi/tasks/main.yaml Sun Jan 21 15:58:58 2024 -0600
+++ b/unifi/tasks/main.yaml Sun Feb 04 20:27:19 2024 -0600
@@ -13,7 +13,7 @@
- name: install libssl1.1 deb
become: yes
- apt: deb="http://ports.ubuntu.com/pool/main/o/openssl1.0/libssl1.0.0_1.0.2n-1ubuntu5_arm64.deb"
+ apt: deb="http://ports.ubuntu.com/pool/main/o/openssl1.0/libssl1.0.0_1.0.2n-1ubuntu5_{{arch}}.deb"
# To accept codename change:
# 1. sudo apt update