From 6f2824b3014dff5726f0e24d5cd82c223cb5abe9 Mon Sep 17 00:00:00 2001 From: Opnxng Date: Wed, 22 Nov 2023 08:37:19 +0800 Subject: [PATCH] Scribe: switched to Lomanic's image --- README.md | 6 +++--- config-tasks/gitea-netrc.yaml | 1 + templates/compose/libreddit.yaml.j2 | 4 ++-- templates/compose/scribe.yaml.j2 | 6 +++--- vars/services.yaml | 22 +++++++++++++++++----- 5 files changed, 26 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 5106b7b..2eaa2ee 100644 --- a/README.md +++ b/README.md @@ -14,11 +14,11 @@ They are deployed with [Compose files](templates/compose) and load balanced acco ## Configurations -Our SearXNG instance uses a custom [settings.yaml](templates/conf/settings.yaml.j2) that always include upstream changes. It is updated by hand with reference to [Pussthecat.org's configuration](https://github.com/PussTheCat-org/PussTheCat.org-Configs/tree/master/Services/SearXNG). Thanks to [TheFrenchGhosty](https://github.com/PussTheCat-org). +Our SearXNG instance uses a custom [settings.yml](templates/conf/settings.yml.j2) that always include upstream changes. It is updated by hand with reference to [Pussthecat.org's configuration](https://github.com/PussTheCat-org/PussTheCat.org-Configs/tree/master/Services/SearXNG). Thanks to [TheFrenchGhosty](https://github.com/PussTheCat-org). -Data of our Privatebin, Etherpad, and Gitea instance are backed up periodically. +Data of our Privatebin, Etherpad, and Gitea instances are backed up periodically. Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yaml](vars/secrets.example.yaml). We host an Authelia and Firefox stack that is restricted to specific users only. Their related files are also kept locally. ## Contact -Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it. \ No newline at end of file +Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it. diff --git a/config-tasks/gitea-netrc.yaml b/config-tasks/gitea-netrc.yaml index 94a26c8..339e630 100644 --- a/config-tasks/gitea-netrc.yaml +++ b/config-tasks/gitea-netrc.yaml @@ -1,3 +1,4 @@ +--- # Define the location of the gnupg folder vars: gnupg_folder: "/home/{{ control_user }}/.gnupg" diff --git a/templates/compose/libreddit.yaml.j2 b/templates/compose/libreddit.yaml.j2 index cce385c..8045a0c 100644 --- a/templates/compose/libreddit.yaml.j2 +++ b/templates/compose/libreddit.yaml.j2 @@ -12,7 +12,7 @@ services: - TZ=Asia/Singapore - LIBREDDIT_DEFAULT_THEME=black - LIBREDDIT_DEFAULT_SHOW_NSFW=on - restart: unless-stopped + restart: unless-stopped healthcheck: test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"] interval: 5m @@ -24,4 +24,4 @@ services: networks: libreddit: - name: libreddit \ No newline at end of file + name: libreddit diff --git a/templates/compose/scribe.yaml.j2 b/templates/compose/scribe.yaml.j2 index caa0e69..89b3688 100644 --- a/templates/compose/scribe.yaml.j2 +++ b/templates/compose/scribe.yaml.j2 @@ -3,7 +3,7 @@ version: '3.7' services: scribe: container_name: scribe - image: git.opnxng.com/opnxng/scribe:latest + image: registry.gitlab.com/lomanic/scribe-binaries:latest security_opt: - no-new-privileges environment: @@ -17,7 +17,7 @@ services: - LUCKY_ENV=production - APP_DOMAIN=m.opnxng.com - SECRET_KEY_BASE="{{ scribe_jwt_secret }}" - restart: unless-stopped + restart: unless-stopped ports: - 8890:8088 networks: @@ -25,4 +25,4 @@ services: networks: scribe: - name: scribe \ No newline at end of file + name: scribe diff --git a/vars/services.yaml b/vars/services.yaml index d3723ad..ad9ae71 100644 --- a/vars/services.yaml +++ b/vars/services.yaml @@ -1,10 +1,22 @@ -compose: - oracle4: - - caddy - config: + oracle1: + - scribe + oracle2: + - scribe + oracle3: + - scribe oracle4: - - caddy + - scribe + +compose: + oracle1: + - scribe + oracle2: + - scribe + oracle3: + - scribe + oracle4: + - scribe # ----------------------------------------------------------------------------------------------------