Merge branch 'master' of github.com:kevinveenbirkenbach/server-playbook

This commit is contained in:
Kevin Veen-Birkenbach 2023-08-22 18:10:02 +02:00
commit dbbaa48e44
19 changed files with 205 additions and 95 deletions

View File

@ -84,6 +84,9 @@ Run:
ansible-galaxy collection install -r requirements.yml ansible-galaxy collection install -r requirements.yml
``` ```
## todo
- implement: https://archlinux.org/packages/extra/x86_64/signal-desktop/
## See ## See
- https://www.middlewareinventory.com/blog/run-ansible-playbook-locally/ - https://www.middlewareinventory.com/blog/run-ansible-playbook-locally/
- https://stackoverflow.com/questions/30533372/run-an-ansible-task-only-when-the-hostname-contains-a-string - https://stackoverflow.com/questions/30533372/run-an-ansible-task-only-when-the-hostname-contains-a-string

View File

@ -1,11 +1,8 @@
- name: install psutil - name: install lsof and python-psutil
pip:
name: psutil
- name: install lsof
community.general.pacman: community.general.pacman:
name: name:
- lsof - lsof
- python-psutil
state: present state: present
- name: "create {{docker_backups_cleanup}}" - name: "create {{docker_backups_cleanup}}"

View File

@ -2,11 +2,11 @@
community.general.pacman: community.general.pacman:
name: name:
- ttf-liberation - ttf-liberation
- libreoffice-fresh - libreoffice-still
state: present state: present
- name: install libreoffice language packages - name: install libreoffice language packages
community.general.pacman: community.general.pacman:
name: "libreoffice-fresh-{{ item }}" name: "libreoffice-still-{{ item }}"
state: present state: present
loop: "{{libreoffice_languages}}" loop: "{{libreoffice_languages}}"

View File

@ -5,10 +5,10 @@
- libaacs - libaacs
- libbluray - libbluray
state: present state: present
- name: install AUR packages to play blu ray #- name: install AUR packages to play blu ray
kewlfft.aur.aur: # kewlfft.aur.aur:
use: yay # use: yay
name: # name:
- aacskeys # - aacskeys
- libbdplus # - libbdplus
become: false # become: false

View File

@ -3,3 +3,4 @@
use: yay use: yay
name: name:
- zoom - zoom
become: false

View File

@ -3,7 +3,8 @@
- https://bernhardsteindl.at/epson-ecotank-et-3600-unter-arch-linux-einrichten/ - https://bernhardsteindl.at/epson-ecotank-et-3600-unter-arch-linux-einrichten/
- http://download.ebz.epson.net/dsc/search/01/search/searchModule - http://download.ebz.epson.net/dsc/search/01/search/searchModule
- https://aur.archlinux.org/packages/epson-inkjet-printer-escpr - https://aur.archlinux.org/packages/epson-inkjet-printer-escpr
- https://forum.manjaro.org/t/probleme-mit-epson-et-2820/109777/2 - https://forum.manjaro.org/t/probleme-mit-epson-et-2820/109777
- https://www.ordinatechnic.com/distribution-specific-guides/Arch/installing-an-epson-multifunction-printer-on-arch-linux-and-derivatives - https://www.ordinatechnic.com/distribution-specific-guides/Arch/installing-an-epson-multifunction-printer-on-arch-linux-and-derivatives
- http://localhost:631/admin - http://localhost:631/admin
- https://wiki.archlinux.org/title/SANE/Scanner-specific_problems - https://wiki.archlinux.org/title/SANE/Scanner-specific_problems
- https://wiki.archlinux.org/title/SANE

View File

@ -0,0 +1,10 @@
# Bus 003 Device 089: ID 04b8:1186 Seiko Epson Corp. ET-2820 Series
[devices]
dev1.udi = esci:usb:04b8:1186
dev1.name = EPSON ET-2821 USB
dev1.model = ET-2821
myscanner.udi = esci:networkscan://192.168.0.181:1865
myscanner.name = EPSON ET-2821 Network
myscanner.vendor = Epson
myscanner.model = ET-2821

View File

@ -6,6 +6,7 @@
- imagescan-plugin-networkscan - imagescan-plugin-networkscan
- epson-inkjet-printer-escpr - epson-inkjet-printer-escpr
- epson-inkjet-printer-escpr2 - epson-inkjet-printer-escpr2
become: false
- name: install imagescan - name: install imagescan
community.general.pacman: community.general.pacman:
name: imagescan name: imagescan

View File

@ -38,7 +38,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=attendize --password={{attendize_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=attendize --password={{attendize_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -45,7 +45,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=gitea --password={{gitea_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=gitea --password={{gitea_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -1,99 +1,145 @@
# role server_docker-mailu # Mailu Server Docker Role
## setup This guide provides instructions for setting up, operating, and maintaining the Mailu server docker role.
### bugs
#### fetchmail ## Table of Contents
Fetchmail doesn't work with big amounts of data.
For further information see this issue: https://github.com/Mailu/Mailu/issues/1719.
##### deactivation - [Setup](#setup)
If you have fetchmail installed and want to deinstall it keep in mind to delete all fetched accounts from the administration panel before you delete fetchmail. - [Fetchmail Issues](#fetchmail-issues)
- [Data Deletion](#data-deletion)
- [Port Management](#port-management)
- [Admin Account Creation](#admin-account-creation)
- [CLI User Management](#cli-user-management)
- [Starting the Server](#starting-the-server)
- [Debugging](#debugging)
- [Testing](#testing)
- [Updates](#updates)
- [To-Do](#to-do)
- [References](#references)
##### security concerns ## Setup
The [german wikipedia tells that there are some security concern with fetchmail](https://de.wikipedia.org/wiki/Fetchmail). If in the future a customer needs to functions of fetchmail, it could be better to write a docker container for [getmail](https://en.wikipedia.org/wiki/Getmail) instead because it should be more secure.
##### workaround ### Fetchmail Issues
If you need to receive emails from another account this should help:
- Redirect to your new email account Fetchmail might not work properly with large amounts of data. For more information, refer to this [issue](https://github.com/Mailu/Mailu/issues/1719).
- Export all data from your original account
- Import all data from your original account to your new account
### delete data #### Deactivating Fetchmail
To delete all volumes and data execute:
Before uninstalling Fetchmail, ensure to remove all fetched accounts from the administration panel.
#### Fetchmail Security Concerns
There are known security concerns with Fetchmail as stated in the [German Wikipedia](https://de.wikipedia.org/wiki/Fetchmail). If you require Fetchmail functions in the future, consider creating a Docker container for [Getmail](https://en.wikipedia.org/wiki/Getmail) as it is considered more secure.
#### Fetchmail Workaround
If you need to receive emails from another account, follow these steps:
1. Redirect your emails to your new email account.
2. Export all data from your original account.
3. Import all data to your new account.
### Data Deletion
To delete all volumes and data, execute the following command with caution:
```bash ```bash
rm -vr /etc/mailu/; docker volume rm $(docker volume ls -q | grep mailu_) rm -vr /etc/mailu/; docker volume rm $(docker volume ls -q | grep mailu_)
``` ```
Be careful!
### ports ### Port Management
Keep in mind to change the conflicting ports manual.
Execute Check for any port conflicts and manually change the conflicting ports if necessary. Use the following command to verify:
```bash ```bash
netstat -tulpn netstat -tulpn
``` ```
to verify that there aren't port conflicts ### Admin Account Creation
### admin account To use Mailu, create the primary administrator user account, `admin@{{hostname}}`, using the command below. Replace `PASSWORD` with your preferred password:
Before you can use Mailu, you must create the primary administrator user account. This should be admin@{{hostname}}. Use the following command, changing PASSWORD to your liking:
```bash ```bash
docker-compose -p mailu exec admin flask mailu admin {{admin}} {{hostname}} PASSWORD docker-compose -p mailu exec admin flask mailu admin {{admin}} {{hostname}} PASSWORD
``` ```
### cli user management ### CLI User Management
How to manage users is described here: https://mailu.io/master/cli.html
### Up For managing users, follow the instructions in the official [Mailu CLI documentation](https://mailu.io/master/cli.html).
### Starting the Server
To start the server, use the following command:
```bash ```bash
docker-compose -p mailu up -d docker-compose -p mailu up -d
``` ```
## debug
## database ## Debugging
### database access
To access the database execute
```bash
docker exec -it mailu-database-1 mysql -u root -D mailu -p
```
### mailu_front_1 ### Database Access
To access the database, use the following command:
```bash ```bash
sudo docker container exec -it mailu_front_1 /bin/bash docker-compose exec -it database mysql -u root -D mailu -p
``` ```
### restart everything
### Container Access
To access the front container, use this command:
```bash ```bash
sudo docker restart mailu_smtp_1 mailu_imap_1 mailu_antispam_1 mailu_redis_1 mailu_webdav_1 mailu_front_1 mailu_database_1 mailu_webmail_1 mailu_admin_1 mailu_antivirus_1 docker-compose exec -it front /bin/bash
``` ```
## resend queued mails ### Restarting Services
To restart all services, use the following command:
```bash
docker-compose restart
```
### Resending Queued Mails
To resend queued mails, use this command:
```bash ```bash
docker-compose exec -it smtp postqueue -f docker-compose exec -it smtp postqueue -f
``` ```
## update ## Testing
For update instructions follow:
- https://mailu.io/master/maintain.html
## todo Use the following tools for testing:
- https://blog.kuepper.nrw/2019/03/30/roundcube-webmail-mit-zwei-faktor-authentifizierung/
- https://mailu.io/master/faq.html#i-want-to-integrate-nextcloud-15-and-newer-with-mailu
- https://docs.nextcloud.com/server/9.0/admin_manual/configuration_user/user_auth_ftp_smb_imap.html
## See
- https://gist.github.com/marienfressinaud/f284a59b18aad395eb0de2d22836ae6b
- https://mailu.io/1.7/compose/setup.html - SSL-Tools Mailserver Test (URL: https://de.ssl-tools.net/mailservers/)
- https://github.com/nuxsmin/sysPass/issues/1299 - TestEmail.de (URL: http://testemail.de/)
- https://github.com/Mailu/Mailu/issues/1171
- https://support.plesk.com/hc/en-us/articles/115001264814-Unable-to-log-into-RoundCube-Connection-to-storage-server-failed ## Updates
- https://github.com/Mailu/Mailu
- https://github.com/Mailu/Mailu/issues/2135 For instructions on updating your Mailu setup, follow the official [Mailu maintenance guide](https://mailu.io/master/maintain.html).
- https://github.com/Mailu/Mailu/issues/2827
## To-Do
- Implement two-factor authentication in Roundcube Webmail. More information can be found [here](https://blog.kuepper.nrw/2019/03/30/roundcube-webmail-mit-zwei-faktor-authentifizierung/).
- Integrate Nextcloud 15 and newer with Mailu. Learn more about this [here](https://mailu.io/master/faq.html#i-want-to-integrate-nextcloud-15-and-newer-with-mailu).
- User authentication with Nextcloud. Find more information [here](https://docs.nextcloud.com/server/9.0/admin_manual/configuration_user/user_auth_ftp_smb_imap.html).
## References
- [Mailu compose setup guide](https://mailu.io/1.7/compose/setup.html)
- [SysPass issue #1299](https://github.com/nuxsmin/sysPass/issues/1299)
- [Mailu issue #1719](https://github.com/Mailu/Mailu/issues/1719)
- [Mailu issue #1171](https://github.com/Mailu/Mailu/issues/1171)
- [Mailu issue #2135](https://github.com/Mailu/Mailu/issues/2135)
- [Mailu issue #2827](https://github.com/Mailu/Mailu/issues/2827)
- [Mailu GitHub repository](https://github.com/Mailu/Mailu)
- [Plesk support article on RoundCube connection issue](https://support.plesk.com/hc/en-us/articles/115001264814-Unable-to-log-into-RoundCube-Connection-to-storage-server-failed)
- [Gist by marienfressinaud](https://gist.github.com/marienfressinaud/f284a59b18aad395eb0de2d22836ae6b)
For more information about this role, visit the [GitHub repository](https://github.com/kevinveenbirkenbach/computer-playbook/tree/master/roles/server_docker-mailu).
This README.md was optimized with [Chat-GPT](https://chat.openai.com/share/d1ad5ce7-3aa1-4a14-a959-63393b39374a)

View File

@ -33,7 +33,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=mailu --password={{mailu_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=mailu --password={{mailu_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -30,7 +30,7 @@ services:
- database:/var/lib/mysql - database:/var/lib/mysql
restart: always restart: always
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=nextcloud --password={{nextcloud_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=nextcloud --password={{nextcloud_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -1,12 +1,53 @@
# role server_docker-pixelfed # Pixelfed Docker Server Role
## hard cleanup This README details the steps to manage your Pixelfed instance running in a Docker container. This setup is part of the server_docker-pixelfed role within Kevin Veen-Birkenbach's computer-playbook located at [this GitHub repository](https://github.com/kevinveenbirkenbach/computer-playbook/tree/master/roles/server_docker-pixelfed).
## Accessing Services
### Application Access
To gain shell access to the application container, run the following command:
```bash
docker-compose exec -it application bash
```
### Database Access
To access the MariaDB instance in the database container, run the following command:
```bash
docker-compose exec -it database mariadb -u pixelfed -p
```
## Instagram Import Cleanup
If you have imported posts from Instagram, you can clean up the imported data and files as follows:
### Database Cleanup
Run these commands inside your MariaDB shell to remove import related data:
```bash
DELETE from import_posts WHERE 1;
DELETE from import_jobs WHERE 1;
DELETE from import_datas WHERE 1;
DELETE from statuses where created_at < "2022-12-01 22:15:39";
DELETE from media where deleted_at >= "2023-07-28 14:39:05";
```
### File System Cleanup
Run these commands to remove the imported files and trigger the cleanup job:
```bash
docker-compose exec -u "www-data" application rm -rv "/var/www/storage/app/imports/1"
docker-compose exec -u "www-data" application php artisan schedule:run
```
## Full Cleanup (Reset)
For a hard reset, which will delete all data and stop all services, use the following commands:
```bash ```bash
docker-compose down docker-compose down
docker volume rm pixelfed_application_data pixelfed_database pixelfed_redis_data docker volume rm pixelfed_application_data pixelfed_database pixelfed_redis_data
``` ```
## update ## Update Procedure
To update your Pixelfed instance, navigate to the directory where your `docker-compose.yml` file is located and run these commands:
```bash ```bash
cd {{path_docker_compose_files}}pixelfed/ && cd {{path_docker_compose_files}}pixelfed/ &&
docker-compose down && docker-compose down &&
@ -16,13 +57,19 @@ docker-compose build &&
docker-compose -p pixelfed up -d --force-recreate docker-compose -p pixelfed up -d --force-recreate
``` ```
## inspect ## Inspecting the Services
To see the status of all services or follow the logs, use these commands:
```bash ```bash
docker-compose ps -a docker-compose ps -a
docker-compose logs -f docker-compose logs -f
``` ```
## further information ## Further Reading
- https://hub.docker.com/r/zknt/pixelfed For additional information, refer to these resources:
- https://blog.pixelfed.de/2020/05/29/pixelfed-in-docker/ - [Docker image on Docker Hub](https://hub.docker.com/r/zknt/pixelfed)
- [Blog Post about running Pixelfed in Docker](https://blog.pixelfed.de/2020/05/29/pixelfed-in-docker/)
Author: Kevin Veen-Birkenbach, [https://www.veen.world](https://www.veen.world), [kevin@veen.world](mailto:kevin@veen.world)
This README was optimized with the help of OpenAI's ChatGPT. You can view the conversation [here](https://chat.openai.com/share/3daea33f-2e30-46e9-a709-a9c93e823ed9).

View File

@ -46,7 +46,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=pixelfed --password={{pixelfed_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=pixelfed --password={{pixelfed_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -33,7 +33,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=wordpress --password={{wordpress_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=wordpress --password={{wordpress_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -34,7 +34,7 @@ services:
volumes: volumes:
- database:/var/lib/mysql - database:/var/lib/mysql
healthcheck: healthcheck:
test: "/usr/bin/mysql --user=yourls --password={{yourls_database_password}} --execute \"SHOW DATABASES;\"" test: "/usr/bin/mariadb --user=yourls --password={{yourls_database_password}} --execute \"SHOW DATABASES;\""
interval: 3s interval: 3s
timeout: 1s timeout: 1s
retries: 5 retries: 5

View File

@ -1,6 +1,9 @@
- name: install pandas python package - name: install pandas system wide
pip: community.general.pacman:
name: pandas name:
- lsof
- python-pandas
state: present
- name: pull docker-volume-backup.git - name: pull docker-volume-backup.git
git: git:

View File

@ -4,6 +4,7 @@
state: reloaded state: reloaded
enabled: yes enabled: yes
daemon_reload: yes daemon_reload: yes
ignore_errors: true
- name: "restart journalctl-health-check.timer" - name: "restart journalctl-health-check.timer"
systemd: systemd:
name: journalctl-health-check.timer name: journalctl-health-check.timer