aboutsummaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-10-28 16:55:11 +0100
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-10-28 16:55:11 +0100
commit03680a992b627cda620ad3a3fd1ba9c725bfc371 (patch)
treef677bd98d510faf0345133f369fc02676ffee586 /app
parentaba3ba723ca23d2da2e6fb59700c033f2d6775c0 (diff)
downloadinfrastructure-03680a992b627cda620ad3a3fd1ba9c725bfc371.tar.gz
infrastructure-03680a992b627cda620ad3a3fd1ba9c725bfc371.zip
Switch Matrix+Plume to IPv6, Add Trusted Net to ip6tables
Diffstat (limited to 'app')
-rw-r--r--app/config/configuration/plume/app.env2
-rw-r--r--app/deployment/im.hcl20
-rw-r--r--app/deployment/plume.hcl11
3 files changed, 13 insertions, 20 deletions
diff --git a/app/config/configuration/plume/app.env b/app/config/configuration/plume/app.env
index 78eccfe..4a6adb4 100644
--- a/app/config/configuration/plume/app.env
+++ b/app/config/configuration/plume/app.env
@@ -16,7 +16,7 @@ DATABASE_URL=postgres://plume:{{ key "secrets/plume/pgsql_pw" | trimSpace }}@psq
MIGRATION_DIRECTORY=migrations/postgres
USE_HTTPS=0
-ROCKET_ADDRESS=0.0.0.0
+ROCKET_ADDRESS=::
ROCKET_PORT=7878
MEDIA_UPLOAD_DIRECTORY=/app/static/media
diff --git a/app/deployment/im.hcl b/app/deployment/im.hcl
index f76fb73..dfff98b 100644
--- a/app/deployment/im.hcl
+++ b/app/deployment/im.hcl
@@ -9,11 +9,8 @@ job "im" {
config {
image = "superboum/amd64_synapse:v36"
+ network_mode = "host"
readonly_rootfs = true
- port_map {
- client_port = 8008
- federation_port = 8448
- }
command = "python"
args = [
"-m", "synapse.app.homeserver",
@@ -95,16 +92,12 @@ job "im" {
resources {
cpu = 1000
memory = 4000
- network {
- port "client_port" { }
- port "federation_port" { }
- }
}
service {
name = "synapse-client"
- port = "client_port"
- address_mode = "host"
+ port = 8008
+ address_mode = "driver"
tags = [
"matrix",
"traefik.enable=true",
@@ -115,7 +108,8 @@ job "im" {
]
check {
type = "tcp"
- port = "client_port"
+ port = 8008
+ address_mode = "driver"
interval = "60s"
timeout = "5s"
check_restart {
@@ -128,8 +122,8 @@ job "im" {
service {
name = "synapse-federation"
- port = "federation_port"
- address_mode = "host"
+ port = 8448
+ address_mode = "driver"
tags = [
"matrix",
"traefik.enable=true",
diff --git a/app/deployment/plume.hcl b/app/deployment/plume.hcl
index 376789b..88110da 100644
--- a/app/deployment/plume.hcl
+++ b/app/deployment/plume.hcl
@@ -13,9 +13,7 @@ job "plume" {
driver = "docker"
config {
image = "superboum/plume:v1"
- port_map {
- web_port = 7878
- }
+ network_mode = "host"
#command = "cat"
#args = [ "/dev/stdout" ]
volumes = [
@@ -51,11 +49,12 @@ job "plume" {
"traefik.frontend.entryPoints=https,http",
"traefik.frontend.rule=Host:plume.deuxfleurs.fr",
]
- port = "web_port"
- address_mode = "host"
+ port = 7878
+ address_mode = "driver"
check {
type = "tcp"
- port = "web_port"
+ port = 7878
+ address_mode = "driver"
interval = "60s"
timeout = "5s"
check_restart {