forked from ss/sovereign-stack
Removed all Matrix/Synapse functionality. Going to integrate NOSTR instead.
Signed-off-by: Derek Smith <derek@farscapian.com>
This commit is contained in:
parent
90c7a72118
commit
05d23dabcb
37
go_www.sh
37
go_www.sh
@ -54,28 +54,6 @@ if [ "$RUN_RESTORE" = true ]; then
|
|||||||
./restore_www.sh
|
./restore_www.sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
NEW_MATRIX_DEPLOYMENT=false
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
if ! ssh "$FQDN" "[ -d $REMOTE_HOME/matrix ]"; then
|
|
||||||
NEW_MATRIX_DEPLOYMENT=true
|
|
||||||
ssh "$FQDN" "mkdir $REMOTE_HOME/matrix && mkdir $REMOTE_HOME/matrix/db && mkdir $REMOTE_HOME/matrix/data"
|
|
||||||
|
|
||||||
docker run -it --rm -v "$REMOTE_HOME/matrix/data":/data \
|
|
||||||
-e SYNAPSE_SERVER_NAME="${DOMAIN_NAME}" \
|
|
||||||
-e SYNAPSE_REGISTRATION_SHARED_SECRET="${MATRIX_SHARED_SECRET}" \
|
|
||||||
-e SYNAPSE_REPORT_STATS=yes \
|
|
||||||
-e POSTGRES_PASSWORD="${MATRIX_DB_PASSWORD}" \
|
|
||||||
-e SYNAPSE_NO_TLS=1 \
|
|
||||||
-e SYNAPSE_ENABLE_REGISTRATION=yes \
|
|
||||||
-e SYNAPSE_LOG_LEVEL=WARNING \
|
|
||||||
-e POSTGRES_DB=synapse \
|
|
||||||
-e POSTGRES_HOST=matrix-db \
|
|
||||||
-e POSTGRES_USER=synapse \
|
|
||||||
-e POSTGRES_PASSWORD="${MATRIX_DB_PASSWORD}" \
|
|
||||||
"$MATRIX_IMAGE" generate
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$DEPLOY_ONION_SITE" = true ]; then
|
if [ "$DEPLOY_ONION_SITE" = true ]; then
|
||||||
# ensure the tor image is built
|
# ensure the tor image is built
|
||||||
docker build -t tor:latest ./tor
|
docker build -t tor:latest ./tor
|
||||||
@ -105,19 +83,8 @@ if [ "$RUN_SERVICES" = true ]; then
|
|||||||
docker stack deploy -c "$DOCKER_YAML_PATH" webstack
|
docker stack deploy -c "$DOCKER_YAML_PATH" webstack
|
||||||
|
|
||||||
# start a browser session; point it to port 80 to ensure HTTPS redirect.
|
# start a browser session; point it to port 80 to ensure HTTPS redirect.
|
||||||
wait-for-it -t 320 "$DOMAIN_NAME:80"
|
wait-for-it -t 320 "$FQDN:80"
|
||||||
wait-for-it -t 320 "$DOMAIN_NAME:443"
|
wait-for-it -t 320 "$FQDN:443"
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
# If this is a new Matrix deployment, then we should add the default admin user.
|
|
||||||
if [ $NEW_MATRIX_DEPLOYMENT = true ]; then
|
|
||||||
# get the container ID for matrix/synapse.
|
|
||||||
MATRIX_CONTAINER_ID="$(docker ps | grep matrixdotorg | awk '{print $1;}')"
|
|
||||||
|
|
||||||
# create the user.
|
|
||||||
docker exec -it "$MATRIX_CONTAINER_ID" register_new_matrix_user http://localhost:8008 -u "$ADMIN_ACCOUNT_USERNAME" -p "$MATRIX_ADMIN_PASSWORD" -a --config /data/homeserver.yaml
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# open bowser tabs.
|
# open bowser tabs.
|
||||||
if [ "$DEPLOY_GHOST" = true ]; then
|
if [ "$DEPLOY_GHOST" = true ]; then
|
||||||
|
@ -35,8 +35,6 @@ if [ -z "$AWS_SECRET_ACCESS_KEY" ]; then
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# ports: All ports go to nginx; 8448 directs to the matrix federation servoce.
|
|
||||||
|
|
||||||
# Note, we assume the script has already made sure the machine doesn't exist.
|
# Note, we assume the script has already made sure the machine doesn't exist.
|
||||||
if [ "$APP_TO_DEPLOY" = www ] || [ "$APP_TO_DEPLOY" = certonly ]; then
|
if [ "$APP_TO_DEPLOY" = www ] || [ "$APP_TO_DEPLOY" = certonly ]; then
|
||||||
# creates a public VM in AWS and provisions the bcm website.
|
# creates a public VM in AWS and provisions the bcm website.
|
||||||
|
18
shared.sh
18
shared.sh
@ -33,15 +33,11 @@ export NEXTCLOUD_MYSQL_PASSWORD="$(new_pass)"
|
|||||||
export GITEA_MYSQL_PASSWORD="$(new_pass)"
|
export GITEA_MYSQL_PASSWORD="$(new_pass)"
|
||||||
export NEXTCLOUD_MYSQL_ROOT_PASSWORD="$(new_pass)"
|
export NEXTCLOUD_MYSQL_ROOT_PASSWORD="$(new_pass)"
|
||||||
#export GITEA_MYSQL_ROOT_PASSWORD="$(new_pass)"
|
#export GITEA_MYSQL_ROOT_PASSWORD="$(new_pass)"
|
||||||
export MATRIX_DB_PASSWORD="$(new_pass)"
|
|
||||||
export MATRIX_SHARED_SECRET="$(new_pass)"
|
|
||||||
export MATRIX_ADMIN_PASSWORD="$(new_pass)"
|
|
||||||
export DUPLICITY_BACKUP_PASSPHRASE="$(new_pass)"
|
export DUPLICITY_BACKUP_PASSPHRASE="$(new_pass)"
|
||||||
#export DEPLOY_WWW_SERVER=false
|
#export DEPLOY_WWW_SERVER=false
|
||||||
#export DEPLOY_BTCPAY_SERVER=false
|
#export DEPLOY_BTCPAY_SERVER=false
|
||||||
#export DEPLOY_UMBREL_VPS=false
|
#export DEPLOY_UMBREL_VPS=false
|
||||||
export DEPLOY_GHOST=true
|
export DEPLOY_GHOST=true
|
||||||
export DEPLOY_MATRIX=true
|
|
||||||
export DEPLOY_NOSTR=false
|
export DEPLOY_NOSTR=false
|
||||||
export DEPLOY_NEXTCLOUD=true
|
export DEPLOY_NEXTCLOUD=true
|
||||||
export DEPLOY_ONION_SITE=false
|
export DEPLOY_ONION_SITE=false
|
||||||
@ -93,7 +89,6 @@ fi
|
|||||||
|
|
||||||
# TODO, ensure VPS_HOSTING_TARGET is in range.
|
# TODO, ensure VPS_HOSTING_TARGET is in range.
|
||||||
export NEXTCLOUD_FQDN="$NEXTCLOUD_HOSTNAME.$DOMAIN_NAME"
|
export NEXTCLOUD_FQDN="$NEXTCLOUD_HOSTNAME.$DOMAIN_NAME"
|
||||||
export MATRIX_FQDN="$MATRIX_HOSTNAME.$DOMAIN_NAME"
|
|
||||||
export GITEA_FQDN="$GITEA_HOSTNAME.$DOMAIN_NAME"
|
export GITEA_FQDN="$GITEA_HOSTNAME.$DOMAIN_NAME"
|
||||||
export NOSTR_FQDN="$NOSTR_HOSTNAME.$DOMAIN_NAME"
|
export NOSTR_FQDN="$NOSTR_HOSTNAME.$DOMAIN_NAME"
|
||||||
|
|
||||||
@ -184,18 +179,6 @@ if [ "$DEPLOY_NEXTCLOUD" = true ]; then
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
if [ -z "$MATRIX_ADMIN_PASSWORD" ]; then
|
|
||||||
echo "ERROR: Ensure MATRIX_ADMIN_PASSWORD is configured in your site_definition."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "$MATRIX_DB_PASSWORD" ]; then
|
|
||||||
echo "ERROR: Ensure MATRIX_DB_PASSWORD is configured in your site_definition."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$DEPLOY_NOSTR" = true ]; then
|
if [ "$DEPLOY_NOSTR" = true ]; then
|
||||||
if [ -z "$NOSTR_ADMIN_ACCOUNT_PUBKEY" ]; then
|
if [ -z "$NOSTR_ADMIN_ACCOUNT_PUBKEY" ]; then
|
||||||
echo "ERROR: Ensure NOSTR_ADMIN_ACCOUNT_PUBKEY is configured in your site_definition."
|
echo "ERROR: Ensure NOSTR_ADMIN_ACCOUNT_PUBKEY is configured in your site_definition."
|
||||||
@ -249,3 +232,4 @@ if [ -z "$NOSTR_ACCOUNT_PUBKEY" ]; then
|
|||||||
echo "INFO: Go to your site_definition file and set the NOSTR_ACCOUNT_PUBKEY variable."
|
echo "INFO: Go to your site_definition file and set the NOSTR_ACCOUNT_PUBKEY variable."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -110,39 +110,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
|
||||||
matrix:
|
|
||||||
image: ${MATRIX_IMAGE}
|
|
||||||
volumes:
|
|
||||||
- ${REMOTE_HOME}/matrix/data:/data
|
|
||||||
networks:
|
|
||||||
- matrix-net
|
|
||||||
- matrixdb-net
|
|
||||||
deploy:
|
|
||||||
restart_policy:
|
|
||||||
condition: on-failure
|
|
||||||
|
|
||||||
matrix-db:
|
|
||||||
image: ${MATRIX_DB_IMAGE}
|
|
||||||
volumes:
|
|
||||||
- ${REMOTE_HOME}/matrix/db:/var/lib/postgresql/data
|
|
||||||
networks:
|
|
||||||
- matrixdb-net
|
|
||||||
environment:
|
|
||||||
- POSTGRES_PASSWORD=\${MATRIX_DB_PASSWORD}
|
|
||||||
- POSTGRES_USER=synapse
|
|
||||||
deploy:
|
|
||||||
restart_policy:
|
|
||||||
condition: on-failure
|
|
||||||
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if [ "$DEPLOY_NOSTR" = true ]; then
|
if [ "$DEPLOY_NOSTR" = true ]; then
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||||
# TODO
|
# TODO
|
||||||
@ -151,7 +118,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
if [ "$DEPLOY_GITEA" = true ]; then
|
if [ "$DEPLOY_GITEA" = true ]; then
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||||
gitea:
|
gitea:
|
||||||
@ -272,12 +238,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
|
||||||
- matrix-net
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$DEPLOY_ONION_SITE" = true ]; then
|
if [ "$DEPLOY_ONION_SITE" = true ]; then
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||||
- tor-net
|
- tor-net
|
||||||
@ -326,13 +286,6 @@ cat >>"$DOCKER_YAML_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
|
||||||
matrix-net:
|
|
||||||
matrixdb-net:
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ "$DEPLOY_GITEA" = true ]; then
|
if [ "$DEPLOY_GITEA" = true ]; then
|
||||||
cat >>"$DOCKER_YAML_PATH" <<EOL
|
cat >>"$DOCKER_YAML_PATH" <<EOL
|
||||||
gitea-net:
|
gitea-net:
|
||||||
|
@ -75,20 +75,6 @@ cat >>"$NGINX_CONF_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# matrix http to https redirect.
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
|
||||||
# http://${MATRIX_FQDN} redirect to https://${MATRIX_FQDN}
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name ${MATRIX_FQDN};
|
|
||||||
return 301 https://${MATRIX_FQDN}\$request_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
# gitea http to https redirect.
|
# gitea http to https redirect.
|
||||||
if [ "$DEPLOY_GITEA" = true ]; then
|
if [ "$DEPLOY_GITEA" = true ]; then
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
cat >>"$NGINX_CONF_PATH" <<EOL
|
||||||
@ -275,17 +261,6 @@ EOL
|
|||||||
# proxy_pass http://ghost:2368\$og_prefix\$request_uri;
|
# proxy_pass http://ghost:2368\$og_prefix\$request_uri;
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# setup delegation for matrix
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
|
||||||
# Set up delegation for matrix: https://github.com/matrix-org/synapse/blob/develop/docs/delegate.md
|
|
||||||
location /.well-known/matrix/server {
|
|
||||||
default_type application/json;
|
|
||||||
return 200 '{"m.server": "${MATRIX_FQDN}:8448"}';
|
|
||||||
}
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
# this is the closing server block for the ghost HTTPS segment
|
# this is the closing server block for the ghost HTTPS segment
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
cat >>"$NGINX_CONF_PATH" <<EOL
|
||||||
|
|
||||||
@ -348,31 +323,6 @@ cat >>"$NGINX_CONF_PATH" <<EOL
|
|||||||
EOL
|
EOL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$DEPLOY_MATRIX" = true ]; then
|
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
|
||||||
# TLS listener for ${MATRIX_FQDN} (matrix)
|
|
||||||
server {
|
|
||||||
# matrix RESTful calls.
|
|
||||||
listen 443 ssl http2;
|
|
||||||
listen [::]:443 ssl http2;
|
|
||||||
|
|
||||||
# for the federation port
|
|
||||||
listen 8448 ssl http2 default_server;
|
|
||||||
listen [::]:8448 ssl http2 default_server;
|
|
||||||
|
|
||||||
server_name ${MATRIX_FQDN};
|
|
||||||
|
|
||||||
location ~ ^(/_matrix|/_synapse/client) {
|
|
||||||
proxy_pass http://matrix:8008;
|
|
||||||
proxy_set_header X-Forwarded-For \$remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
||||||
proxy_set_header Host \$host;
|
|
||||||
client_max_body_size 50M;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
EOL
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
if [ "$DEPLOY_GITEA" = true ]; then
|
if [ "$DEPLOY_GITEA" = true ]; then
|
||||||
cat >>"$NGINX_CONF_PATH" <<EOL
|
cat >>"$NGINX_CONF_PATH" <<EOL
|
||||||
|
Loading…
Reference in New Issue
Block a user