RubyGems - ConfigLMM - Versions diffs - 0.3.0 → 0.5.0 - Mend

ConfigLMM 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +70 -0
data/CNAME +1 -0
data/Examples/.lmm.state.yaml +159 -0
data/Examples/ConfigLMM.mm.yaml +32 -0
data/Examples/Implemented.mm.yaml +252 -4
data/Examples/SmallBusiness.mm.yaml +492 -0
data/Plugins/Apps/Answer/answer.lmm.rb +165 -0
data/Plugins/Apps/Answer/answer@.service +40 -0
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.conf.erb +0 -3
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.lmm.rb +0 -1
data/Plugins/Apps/Authentik/Authentik-ProxyOutpost.container +20 -0
data/Plugins/Apps/Authentik/Authentik-Server.container +7 -1
data/Plugins/Apps/Authentik/Authentik-Worker.container +7 -1
data/Plugins/Apps/Authentik/Authentik.conf.erb +18 -6
data/Plugins/Apps/Authentik/Authentik.lmm.rb +232 -45
data/Plugins/Apps/BookStack/BookStack.conf.erb +38 -0
data/Plugins/Apps/BookStack/BookStack.container +20 -0
data/Plugins/Apps/BookStack/BookStack.lmm.rb +91 -0
data/Plugins/Apps/Cassandra/Cassandra.lmm.rb +9 -19
data/Plugins/Apps/ClickHouse/ClickHouse.container +28 -0
data/Plugins/Apps/ClickHouse/ClickHouse.lmm.rb +113 -0
data/Plugins/Apps/ClickHouse/Config/listen.yaml +2 -0
data/Plugins/Apps/ClickHouse/Config/logger.yaml +8 -0
data/Plugins/Apps/ClickHouse/Config/zookeepers.yaml +5 -0
data/Plugins/Apps/ClickHouse/Connection.rb +96 -0
data/Plugins/Apps/Discourse/Discourse-Sidekiq.container +22 -0
data/Plugins/Apps/Discourse/Discourse.conf.erb +38 -0
data/Plugins/Apps/Discourse/Discourse.container +21 -0
data/Plugins/Apps/Discourse/Discourse.lmm.rb +156 -0
data/Plugins/Apps/Dovecot/Dovecot.lmm.rb +87 -52
data/Plugins/Apps/ERPNext/ERPNext-Frontend.container +24 -0
data/Plugins/Apps/ERPNext/ERPNext-Queue.container +22 -0
data/Plugins/Apps/ERPNext/ERPNext-Scheduler.container +22 -0
data/Plugins/Apps/ERPNext/ERPNext-Websocket.container +24 -0
data/Plugins/Apps/ERPNext/ERPNext.container +23 -0
data/Plugins/Apps/ERPNext/ERPNext.lmm.rb +204 -0
data/Plugins/Apps/ERPNext/ERPNext.network +12 -0
data/Plugins/Apps/ERPNext/sites/apps.json +10 -0
data/Plugins/Apps/ERPNext/sites/apps.txt +3 -0
data/Plugins/Apps/ERPNext/sites/common_site_config.json +11 -0
data/Plugins/Apps/GitLab/GitLab.container +9 -2
data/Plugins/Apps/GitLab/GitLab.lmm.rb +52 -33
data/Plugins/Apps/Homepage/Homepage.conf.erb +86 -0
data/Plugins/Apps/Homepage/Homepage.container +19 -0
data/Plugins/Apps/Homepage/Homepage.lmm.rb +54 -0
data/Plugins/Apps/IPFS/IPFS.conf.erb +0 -3
data/Plugins/Apps/IPFS/IPFS.lmm.rb +0 -1
data/Plugins/Apps/InfluxDB/InfluxDB.conf.erb +0 -3
data/Plugins/Apps/InfluxDB/InfluxDB.lmm.rb +0 -1
data/Plugins/Apps/Jackett/Jackett.conf.erb +0 -3
data/Plugins/Apps/Jackett/Jackett.lmm.rb +0 -1
data/Plugins/Apps/Jellyfin/Jellyfin.conf.erb +0 -3
data/Plugins/Apps/Jellyfin/Jellyfin.lmm.rb +0 -1
data/Plugins/Apps/LetsEncrypt/LetsEncrypt.lmm.rb +78 -0
data/Plugins/Apps/LetsEncrypt/hooks/dovecot.sh +2 -0
data/Plugins/Apps/LetsEncrypt/hooks/nginx.sh +2 -0
data/Plugins/Apps/LetsEncrypt/hooks/postfix.sh +2 -0
data/Plugins/Apps/LetsEncrypt/renew-certificates.service +7 -0
data/Plugins/Apps/LetsEncrypt/renew-certificates.timer +12 -0
data/Plugins/Apps/LetsEncrypt/rfc2136.ini +11 -0
data/Plugins/Apps/LibreTranslate/LibreTranslate.container +21 -0
data/Plugins/Apps/LibreTranslate/LibreTranslate.lmm.rb +34 -0
data/Plugins/Apps/Lobsters/Containerfile +81 -0
data/Plugins/Apps/Lobsters/Lobsters-Tasks.container +26 -0
data/Plugins/Apps/Lobsters/Lobsters.conf.erb +99 -0
data/Plugins/Apps/Lobsters/Lobsters.container +27 -0
data/Plugins/Apps/Lobsters/Lobsters.lmm.rb +196 -0
data/Plugins/Apps/Lobsters/crontab +3 -0
data/Plugins/Apps/Lobsters/database.yml +26 -0
data/Plugins/Apps/Lobsters/entrypoint.sh +30 -0
data/Plugins/Apps/Lobsters/generateCredentials.rb +19 -0
data/Plugins/Apps/Lobsters/lobsters-cron.sh +25 -0
data/Plugins/Apps/Lobsters/lobsters-daily.sh +23 -0
data/Plugins/Apps/Lobsters/puma.rb +49 -0
data/Plugins/Apps/MariaDB/Connection.rb +55 -0
data/Plugins/Apps/MariaDB/MariaDB.lmm.rb +122 -0
data/Plugins/Apps/Mastodon/Mastodon-Sidekiq.container +22 -0
data/Plugins/Apps/Mastodon/Mastodon-Streaming.container +20 -0
data/Plugins/Apps/Mastodon/Mastodon.conf.erb +34 -45
data/Plugins/Apps/Mastodon/Mastodon.container +28 -0
data/Plugins/Apps/Mastodon/Mastodon.lmm.rb +240 -5
data/Plugins/Apps/Mastodon/configlmm.rake +30 -0
data/Plugins/Apps/Mastodon/entrypoint.sh +16 -0
data/Plugins/Apps/Matrix/Element.container +19 -0
data/Plugins/Apps/Matrix/Matrix.conf.erb +47 -9
data/Plugins/Apps/Matrix/Matrix.lmm.rb +119 -5
data/Plugins/Apps/Matrix/Synapse.container +22 -0
data/Plugins/Apps/Matrix/config.json +50 -0
data/Plugins/Apps/Matrix/homeserver.yaml +70 -0
data/Plugins/Apps/Matrix/log.config +30 -0
data/Plugins/Apps/Netdata/Netdata.conf.erb +0 -3
data/Plugins/Apps/Netdata/Netdata.lmm.rb +0 -1
data/Plugins/Apps/Nextcloud/Nextcloud.conf.erb +3 -4
data/Plugins/Apps/Nextcloud/Nextcloud.lmm.rb +155 -48
data/Plugins/Apps/Nextcloud/autoconfig.php +13 -0
data/Plugins/Apps/Nextcloud/config.php +10 -1
data/Plugins/Apps/Nextcloud/nextcloudcron.service +8 -0
data/Plugins/Apps/Nextcloud/nextcloudcron.timer +10 -0
data/Plugins/Apps/Nginx/Connection.rb +93 -0
data/Plugins/Apps/Nginx/conf.d/configlmm.conf +54 -4
data/Plugins/Apps/Nginx/conf.d/languages.conf +21 -0
data/Plugins/Apps/Nginx/config-lmm/errors.conf +33 -22
data/Plugins/Apps/Nginx/config-lmm/gateway-errors.conf +20 -0
data/Plugins/Apps/Nginx/config-lmm/proxy.conf +6 -2
data/Plugins/Apps/Nginx/main.conf.erb +7 -3
data/Plugins/Apps/Nginx/nginx.conf +2 -2
data/Plugins/Apps/Nginx/nginx.lmm.rb +103 -81
data/Plugins/Apps/Nginx/proxy.conf.erb +24 -6
data/Plugins/Apps/Odoo/Odoo.conf.erb +0 -3
data/Plugins/Apps/Odoo/Odoo.container +7 -1
data/Plugins/Apps/Odoo/Odoo.lmm.rb +4 -5
data/Plugins/Apps/Ollama/Ollama.container +26 -0
data/Plugins/Apps/Ollama/Ollama.lmm.rb +73 -0
data/Plugins/Apps/OpenTelemetry/Config/config.yaml +704 -0
data/Plugins/Apps/OpenTelemetry/OpenTelemetry.lmm.rb +154 -0
data/Plugins/Apps/OpenVidu/Ingress.container +23 -0
data/Plugins/Apps/{GitLab/GitLab.conf.erb → OpenVidu/OpenVidu.conf.erb} +8 -3
data/Plugins/Apps/OpenVidu/OpenVidu.container +21 -0
data/Plugins/Apps/OpenVidu/OpenVidu.lmm.rb +94 -0
data/Plugins/Apps/OpenVidu/OpenViduCall.conf.erb +32 -0
data/Plugins/Apps/OpenVidu/OpenViduCall.container +20 -0
data/Plugins/Apps/OpenVidu/ingress.yaml +10 -0
data/Plugins/Apps/OpenVidu/livekit.yaml +13 -0
data/Plugins/Apps/PHP-FPM/Connection.rb +91 -0
data/Plugins/Apps/PHP-FPM/PHP-FPM.lmm.rb +31 -4
data/Plugins/Apps/Peppermint/Peppermint.conf.erb +2 -9
data/Plugins/Apps/Peppermint/Peppermint.container +7 -1
data/Plugins/Apps/Peppermint/Peppermint.lmm.rb +29 -33
data/Plugins/Apps/Perplexica/Perplexica.container +25 -0
data/Plugins/Apps/Perplexica/Perplexica.lmm.rb +92 -0
data/Plugins/Apps/Perplexica/config.toml +26 -0
data/Plugins/Apps/Podman/Connection.rb +24 -0
data/Plugins/Apps/Podman/Podman.lmm.rb +80 -0
data/Plugins/Apps/Podman/storage.conf +6 -0
data/Plugins/Apps/Postfix/Postfix.lmm.rb +249 -145
data/Plugins/Apps/PostgreSQL/Connection.rb +97 -0
data/Plugins/Apps/PostgreSQL/PostgreSQL.lmm.rb +204 -99
data/Plugins/Apps/Pterodactyl/Pterodactyl.conf.erb +0 -3
data/Plugins/Apps/Pterodactyl/Pterodactyl.lmm.rb +0 -2
data/Plugins/Apps/Pterodactyl/Wings.conf.erb +0 -3
data/Plugins/Apps/RVM/RVM.lmm.rb +57 -0
data/Plugins/Apps/Roundcube/Roundcube.conf.erb +72 -0
data/Plugins/Apps/Roundcube/Roundcube.lmm.rb +141 -0
data/Plugins/Apps/SSH/SSH.lmm.rb +9 -15
data/Plugins/Apps/SearXNG/SearXNG.container +22 -0
data/Plugins/Apps/SearXNG/SearXNG.lmm.rb +79 -0
data/Plugins/Apps/SearXNG/limiter.toml +40 -0
data/Plugins/Apps/SearXNG/settings.yml +2 -0
data/Plugins/Apps/SigNoz/Config/alerts.yml +11 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-config.yaml +110 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-opamp-config.yaml +1 -0
data/Plugins/Apps/SigNoz/Config/prometheus.yml +18 -0
data/Plugins/Apps/SigNoz/SigNoz-Collector.container +23 -0
data/Plugins/Apps/SigNoz/SigNoz-Migrator.container +17 -0
data/Plugins/Apps/SigNoz/SigNoz.conf.erb +61 -0
data/Plugins/Apps/SigNoz/SigNoz.container +26 -0
data/Plugins/Apps/SigNoz/SigNoz.lmm.rb +319 -0
data/Plugins/Apps/Solr/log4j2.xml +89 -0
data/Plugins/Apps/Solr/solr.lmm.rb +82 -0
data/Plugins/Apps/Sunshine/Sunshine.conf.erb +0 -3
data/Plugins/Apps/Sunshine/Sunshine.lmm.rb +0 -1
data/Plugins/Apps/Tunnel/tunnel.lmm.rb +59 -0
data/Plugins/Apps/Tunnel/tunnelTCP.service +9 -0
data/Plugins/Apps/Tunnel/tunnelTCP.socket +9 -0
data/Plugins/Apps/Tunnel/tunnelUDP.service +9 -0
data/Plugins/Apps/Tunnel/tunnelUDP.socket +9 -0
data/Plugins/Apps/UVdesk/UVdesk.conf.erb +0 -3
data/Plugins/Apps/Umami/Umami.container +19 -0
data/Plugins/Apps/Umami/Umami.lmm.rb +108 -0
data/Plugins/Apps/Valkey/Valkey.lmm.rb +64 -20
data/Plugins/Apps/Vaultwarden/Vaultwarden.conf.erb +9 -6
data/Plugins/Apps/Vaultwarden/Vaultwarden.container +7 -1
data/Plugins/Apps/Vaultwarden/Vaultwarden.lmm.rb +67 -28
data/Plugins/Apps/Wiki.js/Wiki.js.conf.erb +39 -0
data/Plugins/Apps/Wiki.js/Wiki.js.container +20 -0
data/Plugins/Apps/Wiki.js/Wiki.js.lmm.rb +55 -0
data/Plugins/Apps/YaCy/YaCy.conf.erb +93 -0
data/Plugins/Apps/YaCy/YaCy.container +21 -0
data/Plugins/Apps/YaCy/YaCy.lmm.rb +160 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.container +24 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.lmm.rb +68 -0
data/Plugins/Apps/bitmagnet/bitmagnet.conf.erb +0 -3
data/Plugins/Apps/bitmagnet/bitmagnet.lmm.rb +0 -1
data/Plugins/Apps/gollum/gollum.conf.erb +40 -4
data/Plugins/Apps/gollum/gollum.container +10 -1
data/Plugins/Apps/gollum/gollum.lmm.rb +56 -47
data/Plugins/Apps/llama.cpp/llama.cpp.container +28 -0
data/Plugins/Apps/llama.cpp/llama.cpp.lmm.rb +90 -0
data/Plugins/Apps/vLLM/vLLM.container +32 -0
data/Plugins/Apps/vLLM/vLLM.lmm.rb +89 -0
data/Plugins/OS/General/Utils.lmm.rb +26 -0
data/Plugins/OS/Linux/Connection.rb +472 -0
data/Plugins/OS/Linux/Debian/preseed.cfg.erb +81 -0
data/Plugins/OS/Linux/Distributions.yaml +32 -0
data/Plugins/OS/Linux/Flavours.yaml +24 -0
data/Plugins/OS/Linux/Grub/grub.cfg +10 -0
data/Plugins/OS/Linux/HTTP.rb +32 -0
data/Plugins/OS/Linux/Linux.lmm.rb +708 -174
data/Plugins/OS/Linux/Packages.yaml +67 -3
data/Plugins/OS/Linux/Proxmox/answer.toml.erb +30 -0
data/Plugins/OS/Linux/Services.yaml +8 -0
data/Plugins/OS/Linux/Shell.rb +70 -0
data/Plugins/OS/Linux/Syslinux/default +8 -0
data/Plugins/OS/Linux/WireGuard/WireGuard.lmm.rb +93 -40
data/Plugins/OS/Linux/WireGuard/wg0.conf.erb +3 -0
data/Plugins/OS/Linux/openSUSE/autoinst.xml.erb +29 -3
data/Plugins/OS/Linux/systemd/systemd.lmm.rb +13 -11
data/Plugins/OS/Routers/Aruba/ArubaInstant.lmm.rb +6 -5
data/Plugins/Platforms/GitHub.lmm.rb +73 -28
data/Plugins/Platforms/GoDaddy/GoDaddy.lmm.rb +10 -7
data/Plugins/Platforms/Proxmox/Proxmox.lmm.rb +402 -0
data/Plugins/Platforms/Proxmox/XTerm.rb +321 -0
data/Plugins/Platforms/libvirt/libvirt.lmm.rb +41 -15
data/Plugins/Platforms/porkbun.lmm.rb +12 -2
data/Plugins/Platforms/porkbun_spec.rb +2 -2
data/Plugins/Services/DNS/AmberBit.lmm.rb +1 -1
data/Plugins/Services/DNS/ArubaItDNS.lmm.rb +1 -1
data/Plugins/Services/DNS/NICLV.lmm.rb +1 -1
data/Plugins/Services/DNS/PowerDNS.lmm.rb +130 -41
data/Plugins/Services/DNS/tonic.lmm.rb +22 -12
data/bootstrap.sh +41 -3
data/lib/ConfigLMM/Framework/plugins/dns.rb +4 -3
data/lib/ConfigLMM/Framework/plugins/linuxApp.rb +187 -144
data/lib/ConfigLMM/Framework/plugins/nginxApp.rb +54 -6
data/lib/ConfigLMM/Framework/plugins/plugin.rb +68 -140
data/lib/ConfigLMM/Framework/plugins/store.rb +4 -4
data/lib/ConfigLMM/Framework/variables.rb +75 -0
data/lib/ConfigLMM/Framework.rb +1 -0
data/lib/ConfigLMM/cli.rb +13 -5
data/lib/ConfigLMM/commands/cleanup.rb +1 -0
data/lib/ConfigLMM/commands/configsCommand.rb +38 -5
data/lib/ConfigLMM/commands/diff.rb +33 -9
data/lib/ConfigLMM/context.rb +22 -3
data/lib/ConfigLMM/io/configList.rb +85 -7
data/lib/ConfigLMM/io/connection.rb +143 -0
data/lib/ConfigLMM/io/dhcp.rb +330 -0
data/lib/ConfigLMM/io/http.rb +78 -0
data/lib/ConfigLMM/io/local.rb +207 -0
data/lib/ConfigLMM/io/pxe.rb +92 -0
data/lib/ConfigLMM/io/ssh.rb +156 -0
data/lib/ConfigLMM/io/tftp.rb +105 -0
data/lib/ConfigLMM/io.rb +2 -0
data/lib/ConfigLMM/secrets/envStore.rb +39 -0
data/lib/ConfigLMM/secrets/fileStore.rb +43 -0
data/lib/ConfigLMM/state.rb +12 -3
data/lib/ConfigLMM/version.rb +2 -1
data/lib/ConfigLMM.rb +1 -0
data/{Examples → scripts}/configlmmAuth.sh +7 -5
metadata +257 -9

data/Plugins/Apps/Matrix/Matrix.conf.erb CHANGED Viewed

@@ -1,12 +1,53 @@
 server {
+    <% if !config['TLS'] %>
+        listen       <%= config['Port'] %>;
+        listen  [::]:<%= config['Port'] %>;
+    <% else %>
+        <% if config['NginxVersion'] >= 1.25 %>
+            listen <%= config['Port'] %> ssl;
+            listen [::]:<%= config['Port'] %> ssl;
+            http2 on;
+            http3 on;
+            quic_retry on;
+            add_header Alt-Svc 'h3=":<%= config['Port'] %>"; ma=86400';
+        <% else %>
+            listen <%= config['Port'] %> ssl http2;
+            listen [::]:<%= config['Port'] %> ssl http2;
+        <% end %>
+        include config-lmm/ssl.conf;
+    <% end %>
+    server_name <%= config['Domain'] %>;
+    include config-lmm/errors.conf;
+    location / {
+        proxy_pass http://127.0.0.1:18300;
+        include config-lmm/proxy.conf;
+    }
+}
+server {
     <% if !config['TLS'] %>
         listen       <%= config['Port'] %>;
         listen  [::]:<%= config['Port'] %>;
     <% else %>
-        listen       <%= config['Port'] %> ssl;
-        listen  [::]:<%= config['Port'] %> ssl;
-        http2 on;
+        <% if config['NginxVersion'] >= 1.25 %>
+            listen <%= config['Port'] %> ssl;
+            listen [::]:<%= config['Port'] %> ssl;
+            http2 on;
+            http3 on;
+            quic_retry on;
+            add_header Alt-Svc 'h3=":<%= config['Port'] %>"; ma=86400';
+        <% else %>
+            listen <%= config['Port'] %> ssl http2;
+            listen [::]:<%= config['Port'] %> ssl http2;
+        <% end %>
         include config-lmm/ssl.conf;
     <% end %>
@@ -14,20 +55,17 @@ server {
     #listen 8448 ssl http2 default_server;
     #listen [::]:8448 ssl http2 default_server;
-    server_name <%= config['Domain'] %>;
-    access_log  /var/log/nginx/matrix.access.log;
-    error_log   /var/log/nginx/matrix.error.log;
+    server_name <%= config['SynapseDomain'] %>;
-    include config-lmm/private.conf;
     include config-lmm/errors.conf;
     location ~ ^(/_matrix|/_synapse/client) {
         # note: do not add a path (even a single /) after the port in `proxy_pass`,
         # otherwise nginx will canonicalise the URI and cause signature verification
         # errors.
-        proxy_pass http://localhost:8008;
+        proxy_pass http://127.0.0.1:8008;
         include config-lmm/proxy.conf;
+        proxy_intercept_errors off;
         # Nginx by default only allows file uploads up to 1M in size
         # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml

data/Plugins/Apps/Matrix/Matrix.lmm.rb CHANGED Viewed

@@ -1,10 +1,15 @@
 module ConfigLMM
     module LMM
-        class Matrix < Framework::NginxApp
+        class Matrix < Framework::Plugin
+            USER = 'matrix'
+            HOME_DIR = '/var/lib/matrix'
             def actionMatrixBuild(id, target, state, context, options)
-                writeNginxConfig(__dir__, 'Matrix', id, target, state, context, options)
+                Nginx.withConnection(local) do |nginxConnection|
+                    nginxConnection.writeConfig(__dir__, 'Matrix', target, state, context, options)
+                end
             end
             def actionMatrixDiff(id, target, activeState, context, options)
@@ -12,10 +17,119 @@ module ConfigLMM
             end
             def actionMatrixDeploy(id, target, activeState, context, options)
-                if !target['Location'] || target['Location'] == '@me'
-                    deployNginxConfig(id, target, activeState, context, options)
-                    activeState['Location'] = '@me'
+                raise Framework::PluginProcessError.new('Domain field must be set!') unless target['Domain']
+                raise Framework::PluginProcessError.new('ServerName field must be set!') unless target['ServerName']
+                target['Database'] ||= {}
+                self.withConnection(target['Location'], target) do |connection|
+                    Linux.withConnection(connection) do |linuxConnection|
+                        target['Database'] ||= {}
+                        dbPassword = self.configurePostgreSQL(target['Database'], linuxConnection, options)
+                        Podman.ensurePresent(linuxConnection, options)
+                        Podman.createUser(USER, HOME_DIR, 'Matrix', linuxConnection, options)
+                        linuxConnection.withUserShell(USER) do |shell|
+                            shell.createDirs(options, '~/data')
+                        end
+                        path = Podman.containersPath(HOME_DIR)
+                        linuxConnection.ensureFile("#{path}/Matrix.env", options)
+                        linuxConnection.setUserGroup("#{path}/Matrix.env", USER, USER, options)
+                        linuxConnection.setPrivate("#{path}/Matrix.env", options)
+                        homeserver = YAML.load_file(__dir__ + '/homeserver.yaml')
+                        configureHomeserver(homeserver, dbPassword, target)
+                        homeserverFile = options['output'] + '/homeserver.yaml'
+                        File.write(homeserverFile, homeserver.to_yaml)
+                        linuxConnection.upload(homeserverFile, HOME_DIR + '/data/', options)
+                        linuxConnection.upload(__dir__ + '/log.config', HOME_DIR + '/data/', options)
+                        linuxConnection.upload(__dir__ + '/config.json', HOME_DIR + '/', options)
+                        linuxConnection.setUserGroup("#{HOME_DIR}/data", USER, USER, options)
+                        linuxConnection.fileReplace("#{HOME_DIR}/config.json", '\$SYNAPSE_DOMAIN', target['SynapseDomain'], options)
+                        linuxConnection.fileReplace("#{HOME_DIR}/config.json", '\$SERVER_NAME', target['ServerName'], options)
+                        linuxConnection.upload(__dir__ + '/Synapse.container', path, options)
+                        linuxConnection.upload(__dir__ + '/Element.container', path, options)
+                        linuxConnection.reloadUserServices(USER, options)
+                        linuxConnection.restartUserService(USER, 'Synapse', options)
+                        linuxConnection.restartUserService(USER, 'Element', options)
+                        Nginx.withConnection(linuxConnection) do |nginxConnection|
+                            nginxConnection.provision(__dir__, 'Matrix', target, activeState, context, options)
+                        end
+                    end
+                end
+            end
+            def configureHomeserver(homeserver, dbPassword, target)
+                homeserver['server_name'] = target['ServerName']
+                homeserver['public_baseurl'] = "https://#{target['SynapseDomain'].downcase}/"
+                homeserver['database']['args']['password'] = dbPassword
+                homeserver['registration_shared_secret'] = SecureRandom.urlsafe_base64(45)
+                homeserver['macaroon_secret_key'] = SecureRandom.urlsafe_base64(45)
+                homeserver['form_secret'] = SecureRandom.urlsafe_base64(45)
+                if target['SMTP']
+                    host = target['SMTP']['Host']
+                    host = Podman::HOST_IP if host.to_s.empty? || ['localhost', '127.0.0.1'].include?(host)
+                    homeserver['email']['smtp_host'] = host
+                    if target['SMTP']['Port']
+                        homeserver['email']['smtp_port'] = target['SMTP']['Port']
+                    end
+                    if target['SMTP']['Username']
+                        homeserver['email']['smtp_user'] = target['SMTP']['Username']
+                        smtpPassword = nil
+                        if target['SMTP']['SecretId']
+                            smtpPassword = context.secrets.load(target['SMTP']['SecretId'], target['SMTP']['Username'].upcase + '_PASSWORD')
+                        end
+                        homeserver['email']['smtp_pass'] = smtpPassword if smtpPassword
+                    end
+                    homeserver['email']['notif_from'] = target['SMTP']['From']
+                    if target['SMTP']['Port'] == 465
+                        homeserver['email']['force_tls'] = true
+                    end
+                else
+                    homeserver.delete('email')
+                end
+                if target['OIDC']
+                    raise Framework::PluginProcessError.new('OIDC.SecretId must be set!') if target['OIDC']['SecretId'].to_s.empty?
+                    homeserver['oidc_providers'][0]['issuer'] = target['OIDC']['Issuer']
+                    clientId = context.secrets.load(target['OIDC']['SecretId'], 'MATRIX_CLIENT_ID')
+                    clientSecret = context.secrets.load(target['OIDC']['SecretId'], 'MATRIX_CLIENT_SECRET')
+                    if !clientId || !clientSecret
+                        prompt.say("Secrets #{context.secrets.getID(target['OIDC']['SecretId'], 'MATRIX_CLIENT_ID')} and #{context.secrets.getID(target['OIDC']['SecretId'], 'MATRIX_CLIENT_SECRET')} must be set!", :color => :magenta)
+                        raise 'Required secrets are missing!'
+                    end
+                    homeserver['oidc_providers'][0]['client_id'] = clientId
+                    homeserver['oidc_providers'][0]['client_secret'] = clientSecret
+                    homeserver['password_config']['enabled'] = false
+                else
+                    homeserver.delete('oidc_providers')
+                end
+            end
+            def configurePostgreSQL(dbSettings, linuxConnection, options)
+                password = SecureRandom.alphanumeric(20)
+                PostgreSQL.withConnection(dbSettings, linuxConnection) do |postgresConnection|
+                    postgresConnection.createUserAndDB(USER, password, options)
                 end
+                password
             end
         end

data/Plugins/Apps/Matrix/Synapse.container ADDED Viewed

@@ -0,0 +1,22 @@
+[Unit]
+Description=Matrix (Synapse) container
+After=local-fs.target
+[Container]
+ContainerName=Synapse
+Image=docker.io/matrixdotorg/synapse:latest
+EnvironmentFile=/var/lib/matrix/.config/containers/systemd/Matrix.env
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:8008:8008
+UserNS=keep-id:uid=991,gid=991
+Volume=/var/lib/matrix/data:/data
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/Matrix/config.json ADDED Viewed

@@ -0,0 +1,50 @@
+{
+    "default_server_config": {
+        "m.homeserver": {
+            "base_url": "https://$SYNAPSE_DOMAIN",
+            "server_name": "$SERVER_NAME"
+        },
+        "m.identity_server": {
+            "base_url": "https://matrix.org"
+        }
+    },
+    "disable_custom_urls": false,
+    "disable_guests": false,
+    "disable_login_language_selector": false,
+    "disable_3pid_login": false,
+    "brand": "Element",
+    "integrations_ui_url": "https://scalar.vector.im/",
+    "integrations_rest_url": "https://scalar.vector.im/api",
+    "integrations_widgets_urls": [
+        "https://scalar.vector.im/_matrix/integrations/v1",
+        "https://scalar.vector.im/api",
+        "https://scalar-staging.vector.im/_matrix/integrations/v1",
+        "https://scalar-staging.vector.im/api",
+        "https://scalar-staging.riot.im/scalar/api"
+    ],
+    "default_widget_height": 280,
+    "default_country_code": "GB",
+    "show_labs_settings": false,
+    "features": {},
+    "default_federate": true,
+    "default_theme": "light",
+    "room_directory": {
+        "servers": ["matrix.org"]
+    },
+    "enable_presence_by_hs_url": {
+        "https://matrix.org": false,
+        "https://matrix-client.matrix.org": false
+    },
+    "setting_defaults": {
+        "breadcrumbs": true
+    },
+    "jitsi": {
+        "preferred_domain": "meet.element.io"
+    },
+    "element_call": {
+        "url": "https://call.element.io",
+        "participant_limit": 8,
+        "brand": "Element Call"
+    },
+    "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"
+}

data/Plugins/Apps/Matrix/homeserver.yaml ADDED Viewed

@@ -0,0 +1,70 @@
+# Configuration file for Synapse.
+#
+# This is a YAML file: see [1] for a quick introduction. Note in particular
+# that *indentation is important*: all the elements of a list or dictionary
+# should have the same indentation.
+#
+# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
+#
+# For more information on how to configure Synapse, including a complete accounting of
+# each option, go to docs/usage/configuration/config_documentation.md or
+# https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html
+server_name: $SERVER_NAME
+public_baseurl: https://$SYNAPSE_DOMAIN/
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8008
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+database:
+  name: psycopg2
+  allow_unsafe_locale: true
+  args:
+    user: matrix
+    password: $DB_PASSWORD
+    dbname: matrix
+    host: 10.0.2.2
+email:
+    smtp_host: 10.0.2.2
+    smtp_port: 25
+    smtp_user:
+    smtp_pass:
+    force_tls: false
+    notif_from:
+password_config:
+   enabled: true
+oidc_providers:
+  - idp_id: OIDC
+    idp_name: OIDC
+    discover: true
+    issuer: $OIDC_ISSUER
+    client_id: $CLIENT_ID
+    client_secret: $CLIENT_SECRET
+    scopes:
+      - "openid"
+      - "profile"
+      - "email"
+    user_mapping_provider:
+      config:
+        localpart_template: "{{ user.preferred_username }}"
+        display_name_template: "{{ user.name|capitalize }}"
+log_config: "/data/log.config"
+media_store_path: /data/media_store
+registration_shared_secret: $SECRET1
+report_stats: false
+macaroon_secret_key: $SECRET2
+form_secret: $SECRET3
+report_stats: false
+signing_key_path: "/data/signing.key"
+trusted_key_servers:
+  - server_name: "matrix.org"
+suppress_key_server_warning: true

data/Plugins/Apps/Matrix/log.config ADDED Viewed

@@ -0,0 +1,30 @@
+version: 1
+formatters:
+  precise:
+    format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
+handlers:
+  console:
+    class: logging.StreamHandler
+    formatter: precise
+loggers:
+    # This is just here so we can leave `loggers` in the config regardless of whether
+    # we configure other loggers below (avoid empty yaml dict error).
+    _placeholder:
+        level: "INFO"
+    synapse.storage.SQL:
+        # beware: increasing this to DEBUG will make synapse log sensitive
+        # information such as access tokens.
+        level: INFO
+root:
+    level: INFO
+    handlers: [console]
+disable_existing_loggers: false

data/Plugins/Apps/Netdata/Netdata.conf.erb CHANGED Viewed

@@ -16,9 +16,6 @@ server {
     server_name <%= config['Domain'] %>;
-    access_log  /var/log/nginx/netdata.access.log;
-    error_log   /var/log/nginx/netdata.error.log;
     include config-lmm/private.conf;
     include config-lmm/errors.conf;

data/Plugins/Apps/Netdata/Netdata.lmm.rb CHANGED Viewed

@@ -14,7 +14,6 @@ module ConfigLMM
             def actionNetdataDeploy(id, target, activeState, context, options)
                 if !target['Location'] || target['Location'] == '@me'
                     deployNginxConfig(id, target, activeState, context, options)
-                    activeState['Location'] = '@me'
                 end
             end

data/Plugins/Apps/Nextcloud/Nextcloud.conf.erb CHANGED Viewed

@@ -31,10 +31,7 @@ server
     server_name <%= config['Domain'] %>;
-    access_log  /var/log/nginx/nextcloud.access.log;
-    error_log   /var/log/nginx/nextcloud.error.log;
-    root /usr/share/webapps/nextcloud;
+    root <%= config['Root'] %>;
     include config-lmm/private.conf;
     include config-lmm/errors.conf;
@@ -142,6 +139,8 @@ server
         fastcgi_request_buffering off;
         fastcgi_max_temp_file_size 0;
+        fastcgi_hide_header X-Powered-By;
     }
     # Rule borrowed from `.htaccess`