Compare revisions

3309633c · 3309633c · 3309633c · 3309633c · 3309633c · 3309633c
--- a/webserver/docker_icinga/templates/etc/icinga/conf.d/users_groups.conf
+++ b/webserver/docker_icinga/templates/etc/icinga/conf.d/users_groups.conf
@@ -3,3 +3,18 @@ object UserGroup "icingaadmins" {
  display_name = "Icinga 2 Admin Group"
 }

+object User "matrix" {
+  import "generic-user"
+
+  display_name = "Matrix User"
+  vars.matrix = {
+    token = "{{ matrix_notification_access_token }}"
+    channel = "!iYefxbySFEfFQfUGEK:matrix.warpzone.ms"
+    server = "https://matrix.warpzone.ms"
+  }
+}
+
+object UserGroup "matrix" {
+  display_name = "Matrix Group"
+  assign where user.vars.matrix
+}
--- a/webserver/docker_mail/tasks/main.yaml
+++ b/webserver/docker_mail/tasks/main.yaml
@@ -69,6 +69,13 @@
    - mailu/overrides/postfix/postfix.cf
  register: config

+- name: "set local dns record"
+  become: true
+  blockinfile:
+    path: /etc/hosts
+    create: yes
+    block: |
+      {{ ext_ip4 }} mailserver.warpzone.ms

 # - name: deploy LogRotate configs
 #   template:

--- a/webserver/docker_mail/templates/docker-compose.yml
+++ b/webserver/docker_mail/templates/docker-compose.yml
@@ -48,7 +48,7 @@ services:
      - "traefik.http.routers.{{ servicename }}.tls"
      - "traefik.http.routers.{{ servicename }}.tls.certresolver=letsencrypt"
      - "traefik.http.routers.{{ servicename }}.tls.domains[0].main={{ domain }}"
-      - "traefik.http.routers.{{ servicename }}.tls.domains[0].sans={{ mailserver }}"
+      - "traefik.http.routers.{{ servicename }}.tls.domains[0].sans={{ mailserver }},imap.warpzone.ms,smtp.warpzone.ms"
      - "traefik.http.routers.{{ servicename }}.service={{ servicename }}"
      - "traefik.http.services.{{ servicename }}.loadbalancer.server.port=80"
    networks:
@@ -185,7 +185,7 @@ services:
      - "{{ basedir }}/mailman-web:/opt/mailman-web-data:rw,z"

  mailman-nginx:
-    image: nginx:1.19
+    image: nginx:1.25
    restart: always
    depends_on:
      - mailman-web

--- a/webserver/docker_mail/templates/mailu.env
+++ b/webserver/docker_mail/templates/mailu.env
@@ -3,7 +3,10 @@
 ###################################

 # Set Version 
-MAILU_VERSION=2.0.4
+MAILU_VERSION=2.0.16
+
+# enable IPv6
+SUBNET6=fd00:dead:beef:25::/64

 # Autocreate Admin User 
 INITIAL_ADMIN_ACCOUNT=mailadmin
@@ -24,9 +27,6 @@ SQLALCHEMY_DATABASE_URI_ROUNDCUBE=mysql://roundcube:{{ roundcube_db_pass }}@db/r
 # Common configuration variables
 ###################################

-# Set mailu version 
-MAILU_VERSION=2.0
-
 # Set to a randomly generated 16 bytes string
 SECRET_KEY={{ mailu_secret_key }}


--- a/webserver/docker_matrix/tasks/main.yml
+++ b/webserver/docker_matrix/tasks/main.yml
@@ -5,6 +5,7 @@
   - { path: /srv/shared/noreply_email_pass, length: -1 }
   - { path: /srv/ldap/secret/ldap_readonly_pass, length: -1 }
   - { path: /srv/matrix/postgres_user_pass,  length: 24 }
+   - { path: /srv/matrix/admin_access_token,  length: -1 } # Get in Element fo an Admin User: Settings > Help > Advanced 


 - name: create folder struct for matrix
@@ -31,7 +32,9 @@


 - name: Konfig-Dateien erstellen
-  template: src={{ item }} dest=/srv/matrix/{{ item }}
+  template: 
+    src: "{{ item }}" 
+    dest: "/srv/matrix/{{ item }}"
  with_items:
    - docker-compose.yml
    - rest_auth_provider.py
@@ -41,6 +44,15 @@
  register: configs


+- name: Script-Dateien erstellen 
+  template: 
+    src: "{{ item }}" 
+    dest: "/srv/matrix/{{ item }}"
+    mode: "ug+rwx"
+  with_items:
+    - purgemediacache.sh
+
+
 - name: stop matrix docker
  docker_compose:
    project_src: /srv/matrix/

--- a/webserver/docker_matrix/templates/docker-compose.yml
+++ b/webserver/docker_matrix/templates/docker-compose.yml
@@ -10,7 +10,7 @@ services:

  db:

-    image: postgres:13.6
+    image: postgres:13.11
    restart: always
    volumes:
      - /srv/matrix/db:/var/lib/postgresql/data
@@ -24,7 +24,7 @@ services:

  synapse:

-    image: matrixdotorg/synapse:v1.78.0
+    image: matrixdotorg/synapse:v1.83.0
    restart: always
    cpu_count: "1"
    cpuset: "0"
@@ -68,6 +68,21 @@ services:
      - default
      - web

+
+  purgemediacache:
+    
+    image: jsonfry/curl-cron:latest 
+    restart: always
+    depends_on:
+      - synapse
+    volumes:
+      - /srv/matrix/purgemediacache.sh:/curl.sh
+    environment:
+      CRON_SCHEDULE: "0 7 * * *"
+    networks:
+      - default
+
+
 networks:
  web:
    external: true
--- a/webserver/docker_matrix/templates/purgemediacache.sh
+++ b/webserver/docker_matrix/templates/purgemediacache.sh
+#!/bin/sh
+
+set -e
+
+echo "$(date) - Start"
+
+TS_NOW=$(date +%s)
+DELAY=$((30*24*60*60))
+TS=$((TS_NOW-$DELAY))
+
+curl -X POST --insecure --header "Authorization: Bearer {{ admin_access_token }}" https://{{ domain }}/_synapse/admin/v1/purge_media_cache?before_ts=$(($TS*1000))
+
+echo "$(date) End"
\ No newline at end of file
--- a/webserver/docker_matterbridge/templates/docker-compose.yml
+++ b/webserver/docker_matterbridge/templates/docker-compose.yml
@@ -27,7 +27,7 @@ services:

  web:

-    image: nginx:1.21.6-alpine
+    image: nginx:1.25.1
    restart: always
    volumes:
      - /srv/matterbridge/media/:/usr/share/nginx/html/matterbridge/:ro,z
No results found