Configured synapse
This commit is contained in:
		| @@ -20,10 +20,12 @@ directory: | ||||
|  | ||||
| cat: | ||||
|   movies: /data/torrents/movies | ||||
|   movies.cross-seed: /data/torrents/movies | ||||
|   tv: /data/torrents/tv | ||||
|   tv.cross-seed: /data/torrents/tv | ||||
|   music: /data/torrents/music | ||||
|   music.cross-seed: /data/torrents/music | ||||
|  | ||||
|   torrents: /data/torrents/ | ||||
| tracker: | ||||
|   digitalcore: | ||||
|     tag: DigitalCore | ||||
| @@ -52,6 +54,8 @@ tracker: | ||||
|     tag: RuTracker | ||||
|   rarbg: | ||||
|     tag: RarBG | ||||
|   reelflix: | ||||
|     tag: ReelFlix | ||||
|  | ||||
| nohardlinks: | ||||
|   movies: | ||||
| @@ -61,6 +65,13 @@ nohardlinks: | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|   movies.cross-seed: | ||||
|     cleanup: true | ||||
|     max_ratio: 4.0 | ||||
|     max_seeding_time: 43200 # 30 days | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|   tv: | ||||
|     cleanup: true | ||||
|     max_ratio: 4.0 | ||||
| @@ -68,6 +79,13 @@ nohardlinks: | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|   tv.cross-seed: | ||||
|     cleanup: true | ||||
|     max_ratio: 4.0 | ||||
|     max_seeding_time: 43200 | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|   music: | ||||
|     cleanup: true | ||||
|     max_ratio: 4.0 | ||||
| @@ -75,6 +93,13 @@ nohardlinks: | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|   music.cross-seed: | ||||
|     cleanup: true | ||||
|     max_ratio: 4.0 | ||||
|     max_seeding_time: 43200 | ||||
|     min_seeding_time: 43200 | ||||
|     resume_torrent_after_untagging_noHL: true | ||||
|     exclude_tags: | ||||
|  | ||||
| recyclebin: | ||||
|   enabled: true | ||||
|   | ||||
							
								
								
									
										4
									
								
								ansible/roles/qbittorrent/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								ansible/roles/qbittorrent/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| - name: restart qbittorrent | ||||
|   community.docker.docker_compose: | ||||
|     project_src: "{{ install_directory }}/qbittorrent" | ||||
|     restarted: true | ||||
| @@ -30,6 +30,7 @@ | ||||
|     dest: "{{ data_dir }}/qbitmanage/config.yml" | ||||
|     owner: "{{ service_user.uid }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   notify: restart qbittorrent | ||||
|   become: true | ||||
|  | ||||
| - name: Create cross-seed config directory | ||||
| @@ -46,6 +47,7 @@ | ||||
|     dest: "{{ data_dir }}/cross-seed/config.js" | ||||
|     owner: "{{ service_user.uid }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   notify: restart qbittorrent | ||||
|   become: true | ||||
|  | ||||
| - name: Start docker containers | ||||
|   | ||||
| @@ -10,6 +10,7 @@ module.exports = { | ||||
| 	    "http://prowlarr.local.{{ personal_domain }}/4/api?apikey={{ prowlarr_api_key }}", // TorrentSeeds | ||||
| 	    "http://prowlarr.local.{{ personal_domain }}/5/api?apikey={{ prowlarr_api_key }}", // AnimeTosho | ||||
| 	    "http://prowlarr.local.{{ personal_domain }}/6/api?apikey={{ prowlarr_api_key }}", // Aither | ||||
| 	    "http://prowlarr.local.{{ personal_domain }}/7/api?apikey={{ prowlarr_api_key }}", // Reelflix | ||||
|     ], | ||||
|  | ||||
|     torrentDir: "/torrents", | ||||
| @@ -23,7 +24,7 @@ module.exports = { | ||||
|     rtorrentRpcUrl: undefined, | ||||
|     qbittorrentUrl: "https://qbittorrent.local.{{ personal_domain }}", | ||||
|     duplicateCategories: true, | ||||
|     notificationWebhookUrl: undefined, | ||||
|     notificationWebhookUrl: "ntfy://push.{{ personal_domain }}/{{ ntfy_crossseed_topic }}", | ||||
|     port: 2468, | ||||
|     rssCadence: "2w", | ||||
|     searchCadence: "6w", | ||||
|   | ||||
| @@ -29,9 +29,11 @@ services: | ||||
|     container_name: qbitmanage | ||||
|     image: cr.hotio.dev/hotio/qbitmanage | ||||
|     restart: unless-stopped | ||||
|     depends_on: | ||||
|       - qbittorrent | ||||
|     environment: | ||||
|       PUID: "{{ service_user.uid }}" | ||||
|       PGID: "{{ service_user.uid }}" | ||||
|       PGID: "{{ media_gid }}" | ||||
|       UMASK: 002 | ||||
|       TZ: "{{ timezone }}" | ||||
|       QBT_DRY_RUN: "False" | ||||
|   | ||||
| @@ -6,3 +6,11 @@ prowlarr_api_key: !vault | | ||||
|   6236313433373065640a393262613061613739626636653162653963663236303834376366626234 | ||||
|   65316164613935376234356466333666316531353565393034353032653136376530663634383061 | ||||
|   6335326539333362316333353131303533353537623232343637 | ||||
|  | ||||
| ntfy_crossseed_topic: !vault | | ||||
|   $ANSIBLE_VAULT;1.1;AES256 | ||||
|   61393334343262366334353030356132383433333531643735316662386465636261333432623530 | ||||
|   3435623363346365633331396163653737313330353464630a616438386338393063343863316664 | ||||
|   34396438643564626662666138333535363365376661303462323735386166396633643530636439 | ||||
|   6433346365653830340a383864643730313664306531613238363436346634393166373237623361 | ||||
|   30613664643637323566323939666665323532383237353533653135343936303661 | ||||
|   | ||||
							
								
								
									
										4
									
								
								ansible/roles/synapse/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								ansible/roles/synapse/handlers/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| - name: restart synapse | ||||
|   community.docker.docker_compose: | ||||
|     project_src: "{{ install_directory }}/{{ role_name }}" | ||||
|     restarted: true | ||||
							
								
								
									
										77
									
								
								ansible/roles/synapse/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										77
									
								
								ansible/roles/synapse/tasks/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,77 @@ | ||||
| - name: Create service user | ||||
|   user: | ||||
|     name: "{{ role_name }}" | ||||
|     system: true | ||||
|   register: service_user | ||||
|   become: true | ||||
|  | ||||
| - name: Create install directory | ||||
|   file: | ||||
|     path: "{{ install_directory }}/{{ role_name }}" | ||||
|     state: directory | ||||
|     owner: "{{ docker_user }}" | ||||
|     mode: "{{ docker_compose_directory_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Copy docker-compose file to destination | ||||
|   template: | ||||
|     src: docker-compose.yml | ||||
|     dest: "{{ install_directory }}/{{ role_name }}/docker-compose.yml" | ||||
|     owner: "{{ docker_user }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|     validate: docker-compose -f %s config | ||||
|   become: true | ||||
|  | ||||
| - name: Copy homeserver.yaml to destination | ||||
|   template: | ||||
|     src: homeserver.yaml | ||||
|     dest: "{{ install_directory }}/synapse/homeserver.yaml" | ||||
|     owner: "{{ service_user.uid }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   notify: restart synapse | ||||
|   become: true | ||||
|  | ||||
| - name: Create config directory and set synapse user to owner | ||||
|   file: | ||||
|     path: "{{ data_dir }}/synapse" | ||||
|     state: directory | ||||
|     owner: "{{ service_user.uid }}" | ||||
|     mode: "{{ docker_compose_directory_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Create nginx config directory | ||||
|   file: | ||||
|     path: "{{ data_dir }}/nginx/synapse/www/.well-known/matrix/" | ||||
|     state: directory | ||||
|     mode: "{{ docker_compose_directory_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Install nginx config file | ||||
|   template: | ||||
|     src: nginx/matrix.conf | ||||
|     dest: "{{ data_dir }}/nginx/synapse/matrix.conf" | ||||
|     owner: "{{ docker_user }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Install well known client file | ||||
|   template: | ||||
|     src: nginx/client.json | ||||
|     dest: "{{ data_dir }}/nginx/synapse/www/.well-known/matrix/client" | ||||
|     owner: "{{ docker_user }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Install well known server file | ||||
|   template: | ||||
|     src: nginx/server.json | ||||
|     dest: "{{ data_dir }}/nginx/synapse/www/.well-known/matrix/server" | ||||
|     owner: "{{ docker_user }}" | ||||
|     mode: "{{ docker_compose_file_mask }}" | ||||
|   become: true | ||||
|  | ||||
| - name: Start docker container | ||||
|   community.docker.docker_compose: | ||||
|     project_src: "{{ install_directory }}/{{ role_name }}" | ||||
|     pull: true | ||||
|     remove_orphans: yes | ||||
							
								
								
									
										68
									
								
								ansible/roles/synapse/templates/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										68
									
								
								ansible/roles/synapse/templates/docker-compose.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,68 @@ | ||||
| version: "{{ docker_compose_version }}" | ||||
|  | ||||
| networks: | ||||
|   traefik: | ||||
|     external: true | ||||
|  | ||||
| services: | ||||
|   synapse: | ||||
|     container_name: "synapse" | ||||
|     image: matrixdotorg/synapse | ||||
|     restart: unless-stopped | ||||
|     depends_on: | ||||
|       - db | ||||
|     networks: | ||||
|       - traefik | ||||
|       - default | ||||
|     environment: | ||||
|       - "UID={{ service_user.uid }}" | ||||
|       - "GID={{ service_user.uid }}" | ||||
|       - "TZ={{ timezone }}" | ||||
|     volumes: | ||||
|       - "{{ data_dir }}/{{ role_name }}:/data" | ||||
|       - ./homeserver.yaml:/data/homeserver.yaml | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.routers.synapse.rule: "Host(`matrix.{{ personal_domain }}`) || (Host(`{{ personal_domain }}`) && PathPrefix(`/_matrix/`))" | ||||
|  | ||||
|   db: | ||||
|     image: postgres:14-alpine | ||||
|     restart: unless-stopped | ||||
|     networks: | ||||
|       - default | ||||
|     environment: | ||||
|       - POSTGRES_USER=synapse | ||||
|       - POSTGRES_PASSWORD=synapse | ||||
|       - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C | ||||
|     volumes: | ||||
|       - "{{ data_dir }}/postgres/synapse:/var/lib/postgresql/data" | ||||
|  | ||||
|   redis: | ||||
|     networks: | ||||
|       - default | ||||
|     image: redis:7-alpine | ||||
|     restart: unless-stopped | ||||
|     volumes: | ||||
|       - "{{ data_dir }}/redis/synapse:/data" | ||||
|  | ||||
|   admin: | ||||
|     image: awesometechnologies/synapse-admin:latest | ||||
|     restart: unless-stopped | ||||
|     networks: | ||||
|       - traefik | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.routers.synapse-admin.rule: "Host(`synapse-admin.local.{{ personal_domain }}`)" | ||||
|       traefik.http.routers.synapse-admin.middlewares: lan-whitelist@file | ||||
|  | ||||
|   nginx: | ||||
|     image: nginx:latest | ||||
|     restart: unless-stopped | ||||
|     networks: | ||||
|       - traefik | ||||
|     volumes: | ||||
|       - "{{ data_dir }}/nginx/synapse/matrix.conf:/etc/nginx/conf.d/matrix.conf" | ||||
|       - "{{ data_dir }}/nginx/synapse/www:/var/www" | ||||
|     labels: | ||||
|       traefik.enable: true | ||||
|       traefik.http.routers.matrix.rule: "Host(`{{ personal_domain }}`)" | ||||
							
								
								
									
										39
									
								
								ansible/roles/synapse/templates/homeserver.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										39
									
								
								ansible/roles/synapse/templates/homeserver.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,39 @@ | ||||
| server_name: "{{ personal_domain }}" | ||||
| pid_file: /data/homeserver.pid | ||||
| public_baseurl: "https://matrix.{{ personal_domain }}" | ||||
|  | ||||
| acme: | ||||
|   enabled: false | ||||
|  | ||||
| database: | ||||
|   name: psycopg2 | ||||
|   args: | ||||
|     user: synapse | ||||
|     password: synapse | ||||
|     database: synapse | ||||
|     host: db | ||||
|  | ||||
| redis: | ||||
|   enabled: true | ||||
|   host: redis | ||||
|   port: 6379 | ||||
|  | ||||
| listeners: | ||||
|   - port: 8008 | ||||
|     tls: false | ||||
|     type: http | ||||
|     x_forwarded: true | ||||
|     resources: | ||||
|       - names: [client, federation] | ||||
|         compress: false | ||||
|  | ||||
| registration_shared_secret: "{{ synapse_registration_shared_secret }}" | ||||
|  | ||||
| report_stats: true | ||||
|  | ||||
| media_store_path: /data/media_store | ||||
| uploads_path: /data/uploads | ||||
|  | ||||
| trusted_key_servers: | ||||
|   - server_name: matrix.org | ||||
| suppress_key_server_warning: true | ||||
							
								
								
									
										5
									
								
								ansible/roles/synapse/templates/nginx/client.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										5
									
								
								ansible/roles/synapse/templates/nginx/client.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,5 @@ | ||||
| { | ||||
|   "m.homeserver": { | ||||
|     "base_url": "https://matrix.{{ personal_domain }}" | ||||
|   } | ||||
| } | ||||
							
								
								
									
										17
									
								
								ansible/roles/synapse/templates/nginx/matrix.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								ansible/roles/synapse/templates/nginx/matrix.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| server { | ||||
|   listen         80 default_server; | ||||
|   server_name    matrix.{{ personal_domain }}; | ||||
|  | ||||
|  # Traefik -> nginx -> synapse | ||||
|  location /_matrix { | ||||
|     proxy_pass http://synapse:8008; | ||||
|     proxy_set_header X-Forwarded-For $remote_addr; | ||||
|     client_max_body_size 128m; | ||||
|   } | ||||
|  | ||||
|   location /.well-known/matrix/ { | ||||
|     root /var/www/; | ||||
|     default_type application/json; | ||||
|     add_header Access-Control-Allow-Origin  *; | ||||
|   } | ||||
| } | ||||
							
								
								
									
										4
									
								
								ansible/roles/synapse/templates/nginx/server.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								ansible/roles/synapse/templates/nginx/server.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| { | ||||
|   "m.server": "matrix.mjwilson.org:443" | ||||
| } | ||||
|  | ||||
							
								
								
									
										13
									
								
								ansible/roles/synapse/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								ansible/roles/synapse/vars/main.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| synapse_registration_shared_secret: !vault | | ||||
|   $ANSIBLE_VAULT;1.1;AES256 | ||||
|   65393839306334366466313761336630626238333832636161646464386333363363633562656232 | ||||
|   3066613635656566656266616138323539366665313962340a366366383262353365326339633039 | ||||
|   66646531313534336335666461656663376566626332633534303065646136623437313463616535 | ||||
|   3466376465313533650a663639346638626634343536333030383763383563303738616135303135 | ||||
|   33623766343365626139323238373765363162373066396361303636656264363337393232306530 | ||||
|   35633363656164636535616435393131333634343764653535316238616631623563363266653262 | ||||
|   36646261623832343232623064653436616365613539616262613937336138666462353139663363 | ||||
|   30313237666630346638386132616331323930383638353365343439383166333365316539643731 | ||||
|   36343636343434373466306237316163613363353063613261373135623037366537353065623961 | ||||
|   63396132306132333162316165393463396136303161373064376237303137373766383632643965 | ||||
|   383035353564306238663965653166336566 | ||||
		Reference in New Issue
	
	Block a user
	 Mike Wilson
					Mike Wilson