add floating ip for git hosting and upgrade matrix services

3 years ago · 7ef2ad3c70
parent f3ea03b0ad
commit 7ef2ad3c70
3 changed files with 19 additions and 6 deletions
--- a/nixos_configs/git.nix
+++ b/nixos_configs/git.nix
@ -42,7 +42,7 @@ in
    # only send cookies over tls
    cookieSecure = true;

-    disableRegistration = false;
+    disableRegistration = true;

    settings.server.LANDING_PAGE = "explore";
  };
--- a/nixos_configs/matrix.nix
+++ b/nixos_configs/matrix.nix
@ -169,22 +169,26 @@ in {
  users.users.matrix-registration = {
    home = matrix-reg-dir;
    createHome = true;
+    isNormalUser = true;
  };

  systemd.services.matrix-registration = let
  configFile = pkgs.writeText "matrix-reg-config.yaml" ''
 server_location: 'https://matrix.waffle.farm:443'
-base_url: 'waffle.farm'
+base_url: ""
 server_name: 'waffle.farm'
-shared_secret: '${secrets.matrix.registration_secret}'
-riot_instance: 'chat.waffle.farm'
+registration_shared_secret: '${secrets.matrix.registration_secret}'
+admin_api_shared_secret: '${secrets.matrix.admin_api_secret}'
+client_redirect: 'chat.waffle.farm'
+client_logo: 'static/images/element-logo.png'
 db: 'sqlite:///${matrix-reg-dir}/db.sqlite3'
 host: 'localhost'
 port: 5000
-rate_limit: ["100 per day", "10 per minute"]
+rate_limit: ["1000 per day", "100 per minute"]
 allow_cors: false
+ip_logging: false
 logging:
-  disable_existing_loggers: False
+  disable_existing_loggers: false
  version: 1
  root:
    level: DEBUG
@ -202,6 +206,9 @@ logging:
      stream: ext://sys.stdout
 password:
  min_length: 8
+username:
+  validation_regex: [] #list of regexes that the selected username must match.        Example: '[a-zA-Z]\.[a-zA-Z]'
+  invalidation_regex: [] #list of regexes that the selected username must NOT match.  Example: '(admin|support)'
  '';
  in {
    enable = true;
@ -221,6 +228,7 @@ password:
  users.users.slackbridge = {
    home = slackbridge-dir;
    createHome = true;
+    isNormalUser = true;
  };

  systemd.services.matrix-appservice-slack = let
--- a/terraform/git.tf
+++ b/terraform/git.tf
@ -15,6 +15,11 @@ resource "digitalocean_droplet" "git-1" {
  ssh_keys = [data.digitalocean_ssh_key.mops.id]
 }

+resource "digitalocean_floating_ip" "code_betamike_com" {
+  droplet_id = digitalocean_droplet.git-1.id
+  region     = digitalocean_droplet.git-1.region
+}
+
 resource "digitalocean_volume_attachment" "git" {
  droplet_id = digitalocean_droplet.git-1.id
  volume_id = digitalocean_volume.git.id