src.nth.io/

summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--dendrite/server/tasks/main.yaml1
-rw-r--r--ergo/tasks/main.yaml3
-rw-r--r--ergo/templates/config.yaml.j22
-rw-r--r--miniflux/defaults/main.yaml2
-rw-r--r--miniflux/tasks/main.yaml6
-rw-r--r--nostr/relayer/defaults/main.yaml2
-rw-r--r--pleroma/otp/tasks/instance.yaml1
-rw-r--r--pleroma/otp/templates/config.exs.j22
-rw-r--r--prosody/tasks/main.yaml1
-rw-r--r--rpi-base/tasks/main.yaml1
-rw-r--r--transmission/defaults/main.yaml2
11 files changed, 15 insertions, 8 deletions
diff --git a/dendrite/server/tasks/main.yaml b/dendrite/server/tasks/main.yaml
index b2395d0..d81c11e 100644
--- a/dendrite/server/tasks/main.yaml
+++ b/dendrite/server/tasks/main.yaml
@@ -87,6 +87,7 @@
become_user: "postgres"
command: "psql -f /tmp/setup_db_dendrite_{{dendrite_instance}}.psql"
changed_when: false
+ no_log: true
- name: configure dendrite
become: yes
diff --git a/ergo/tasks/main.yaml b/ergo/tasks/main.yaml
index 5998713..72f0285 100644
--- a/ergo/tasks/main.yaml
+++ b/ergo/tasks/main.yaml
@@ -43,8 +43,9 @@
dest: "/etc/ergo/config.yaml"
owner: "ergo"
group: "ergo"
- mode: "0644"
+ mode: "0640"
notify: reload ergo
+ no_log: true
- name: copy motd file
become: yes
diff --git a/ergo/templates/config.yaml.j2 b/ergo/templates/config.yaml.j2
index c2e22a8..edc0bd0 100644
--- a/ergo/templates/config.yaml.j2
+++ b/ergo/templates/config.yaml.j2
@@ -77,7 +77,7 @@ server:
# the default is 0775 or 0755, which prevents other users/groups from connecting
# to the socket. With 0777, it behaves like a normal TCP socket
# where anyone can connect.
- unix-bind-mode: 0777
+ unix-bind-mode: 0770
# configure the behavior of Tor listeners (ignored if you didn't enable any):
tor-listeners:
diff --git a/miniflux/defaults/main.yaml b/miniflux/defaults/main.yaml
index 5061613..17788ef 100644
--- a/miniflux/defaults/main.yaml
+++ b/miniflux/defaults/main.yaml
@@ -1,7 +1,7 @@
---
miniflux_port: "8555"
-miniflux_admin_pass: "admin"
+# miniflux_admin_pass: — required, set in host_vars
miniflux_arch: "arm64"
# https://github.com/miniflux/miniflux/releases
miniflux_version: "2.2.18"
diff --git a/miniflux/tasks/main.yaml b/miniflux/tasks/main.yaml
index 2838824..ffa6d0f 100644
--- a/miniflux/tasks/main.yaml
+++ b/miniflux/tasks/main.yaml
@@ -11,7 +11,7 @@
dest: "/usr/local/bin/miniflux"
owner: "root"
group: "root"
- mode: "0755"
+ mode: "0600"
- name: configure miniflux
become: yes
@@ -20,8 +20,9 @@
dest: "/etc/miniflux.conf"
owner: "root"
group: "root"
- mode: "0755"
+ mode: "0600"
notify: restart miniflux service
+ no_log: true
- name: install miniflux schema file
become: yes
@@ -37,6 +38,7 @@
become_user: "postgres"
command: "psql -f /tmp/setup_db_miniflux.psql"
changed_when: false
+ no_log: true
- name: install systemd service
become: yes
diff --git a/nostr/relayer/defaults/main.yaml b/nostr/relayer/defaults/main.yaml
index 7d30aa6..c89e0e2 100644
--- a/nostr/relayer/defaults/main.yaml
+++ b/nostr/relayer/defaults/main.yaml
@@ -6,4 +6,4 @@ relayer_pubkey: ""
relayer_port: "7447"
relayer_db: "relayer"
relayer_db_user: "relayer"
-relayer_db_pass: "relayer"
+# relayer_db_pass: — required, set in host_vars
diff --git a/pleroma/otp/tasks/instance.yaml b/pleroma/otp/tasks/instance.yaml
index 9bb67ac..d8983e4 100644
--- a/pleroma/otp/tasks/instance.yaml
+++ b/pleroma/otp/tasks/instance.yaml
@@ -38,6 +38,7 @@
become_user: "{{pleroma_db_superuser}}"
command: "psql -f /tmp/setup_db_{{pleroma_instance}}.psql"
changed_when: false
+ no_log: true
- include_tasks: soapbox.yaml
when: pleroma_soapbox
diff --git a/pleroma/otp/templates/config.exs.j2 b/pleroma/otp/templates/config.exs.j2
index 05187cf..0db1828 100644
--- a/pleroma/otp/templates/config.exs.j2
+++ b/pleroma/otp/templates/config.exs.j2
@@ -2,7 +2,7 @@ import Config
config :pleroma, Pleroma.Web.Endpoint,
url: [host: "{{pleroma_link_host}}", scheme: "{{pleroma_link_scheme}}", port: {{pleroma_link_port}}],
- http: [port: {{pleroma_port}}, ip: {0, 0, 0, 0}],
+ http: [port: {{pleroma_port}}, ip: {127, 0, 0, 1}],
secret_key_base: "{{pleroma_secret_key}}",
secure_cookie_flag: true
diff --git a/prosody/tasks/main.yaml b/prosody/tasks/main.yaml
index 752e4b0..c515a24 100644
--- a/prosody/tasks/main.yaml
+++ b/prosody/tasks/main.yaml
@@ -47,6 +47,7 @@
become_user: "postgres"
command: "psql -f /tmp/setup_db_{{prosody_db}}.psql"
changed_when: false
+ no_log: true
- name: enable prosody site
become: yes
diff --git a/rpi-base/tasks/main.yaml b/rpi-base/tasks/main.yaml
index c2701bf..9be6aad 100644
--- a/rpi-base/tasks/main.yaml
+++ b/rpi-base/tasks/main.yaml
@@ -69,6 +69,7 @@
groups: "sudo,users"
shell: "/bin/bash"
append: yes
+ no_log: true
- name: authorize ssh keys
become: yes
diff --git a/transmission/defaults/main.yaml b/transmission/defaults/main.yaml
index 5ffae18..b616a3c 100644
--- a/transmission/defaults/main.yaml
+++ b/transmission/defaults/main.yaml
@@ -2,6 +2,6 @@
transmission_config: "/etc/transmission-daemon/settings.json"
transmission_port: "9091"
-transmission_passwd: "transmission"
+# transmission_passwd: — required, set in host_vars
transmission_download_dir: "/var/lib/transmission-daemon/downloads"
transmission_user: "debian-transmission"