From 6291b0089d1851086ab6cc5dca0bd1f4caa432b5 Mon Sep 17 00:00:00 2001 From: Jackie Makdah Date: Sun, 17 May 2026 13:49:47 -0700 Subject: [PATCH] add hazel server --- README.md | 1 + ...efik.hazel.resisttechmonopolies.online.env | 208 ++++++++++++++++++ 2 files changed, 209 insertions(+) create mode 100644 abra/servers/hazel.resisttechmonopolies.online/traefik.hazel.resisttechmonopolies.online.env diff --git a/README.md b/README.md index 4bf3a89..b020818 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,7 @@ $ cd rtm-config $ abra server add laylotta.resisttechmonopolies.online $ abra server add mango.resisttechmonmopolies.online $ abra server add sootie.resisttechmonopolies.online +$ abra server add hazel.resisttechmonopolies.online ``` If you skipped the `--recurse-submodules` flag, you can still do `git submodule update --init` later to get the rtm-astro-recipe recipe. diff --git a/abra/servers/hazel.resisttechmonopolies.online/traefik.hazel.resisttechmonopolies.online.env b/abra/servers/hazel.resisttechmonopolies.online/traefik.hazel.resisttechmonopolies.online.env new file mode 100644 index 0000000..ab01778 --- /dev/null +++ b/abra/servers/hazel.resisttechmonopolies.online/traefik.hazel.resisttechmonopolies.online.env @@ -0,0 +1,208 @@ +TYPE=traefik:5.1.1+v3.6.15 +TIMEOUT=300 +ENABLE_AUTO_UPDATE=true +ENABLE_BACKUPS=true + +DOMAIN=traefik.hazel.resisttechmonopolies.online +LETS_ENCRYPT_ENV=production + +LETS_ENCRYPT_EMAIL=besties@resisttechmonopolies.online +DASHBOARD_ENABLED=false +# WARN, INFO etc. +LOG_LEVEL=WARN +LOG_MAX_AGE=1 + +# This is here so later lines can extend it; you likely don't wanna edit +COMPOSE_FILE="compose.yml" + +##################################################################### +# General settings # +##################################################################### + +## Ingress-mode port publishing for ports 80 and 443 +## +## /!\ Using this prevents the use of any compose override adding +## published ports to the traefik_app service (almost all of them) +## and it prevents the use of IPv6 for ingress traffic. +## Do not uncomment unless you know exactly what you are doing +## +#COMPOSE_FILE="$COMPOSE_FILE:compose.no-host.yml" + +## "Headless mode" (no domain configured) +#COMPOSE_FILE="$COMPOSE_FILE:compose.headless.yml" + +##################################################################### +# Automatic DNS set-up for Letsencrypt # +##################################################################### + +## Enable dns challenge (for wildcard domains) +## https://go-acme.github.io/lego/dns/#dns-providers +#LETS_ENCRYPT_DNS_CHALLENGE_ENABLED=1 +## *Currently* one of ovh, gandi, gandiv5, digitalocean, azure, porkbun. +## Uncomment the corresponding provider below to insert your secret token/key. +#LETS_ENCRYPT_DNS_CHALLENGE_PROVIDER=ovh + +## OVH, https://ovh.com +#COMPOSE_FILE="$COMPOSE_FILE:compose.ovh.yml" +#OVH_ENABLED=1 +#OVH_APPLICATION_KEY= +#OVH_ENDPOINT= +#SECRET_OVH_APP_SECRET_VERSION=v1 +#SECRET_OVH_CONSUMER_KEY=v1 + +## Gandi, https://gandi.net +## note(3wc): only "V5" (new) API is supported, so far +#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-api-key.yml" +#GANDI_API_KEY_ENABLED=1 +#SECRET_GANDIV5_API_KEY_VERSION=v1 + +## Gandi, https://gandi.net +## note: uses GandiV5 Personal Access Token +#COMPOSE_FILE="$COMPOSE_FILE:compose.gandi-personal-access-token.yml" +#GANDI_PERSONAL_ACCESS_TOKEN_ENABLED=1 +#SECRET_GANDIV5_PERSONAL_ACCESS_TOKEN_VERSION=v1 + +## DigitalOcean, https://digitalocean.com +#COMPOSE_FILE="$COMPOSE_FILE:compose.digitalocean.yml" +#DIGITALOCEAN_ENABLED=1 +#SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION=v1 + +## Azure, https://azure.com +## To insert your Azure client secret: +## abra app secret insert {myapp.example.coop} azure_secret v1 "" +#COMPOSE_FILE="$COMPOSE_FILE:compose.azure.yml" +#AZURE_ENABLED=1 +#AZURE_TENANT_ID= +#AZURE_CLIENT_ID= +#AZURE_SUBSCRIPTION_ID= +#AZURE_RESOURCE_GROUP= +#SECRET_AZURE_SECRET_VERSION=v1 + +## Porkbun, https://porkbun.com +## To insert your secrets: +## abra app secret insert 1312.net pb_api_key v1 pk1_413 +## abra app secret insert 1312.net pb_s_api_key v1 sk1_612 +#COMPOSE_FILE="$COMPOSE_FILE:compose.porkbun.yml" +#SECRET_PORKBUN_API_KEY_VERSION=v1 +#SECRET_PORKBUN_SECRET_API_KEY_VERSION=v1 + +##################################################################### +# Manual wildcard certificate insertion # +##################################################################### + +# Set wildcards = 1, and uncomment compose_file to enable. +# Create your certs elsewhere and add them like: +# abra app secret insert {myapp.example.coop} ssl_cert v1 "$(cat /path/to/fullchain.pem)" +# abra app secret insert {myapp.example.coop} ssl_key v1 "$(cat /path/to/privkey.pem)" +#WILDCARDS_ENABLED=1 +#SECRET_WILDCARD_CERT_VERSION=v1 +#SECRET_WILDCARD_KEY_VERSION=v1 +#COMPOSE_FILE="$COMPOSE_FILE:compose.wildcard.yml" + +##################################################################### +# Authentication # +##################################################################### + +## Enable Keycloak +#COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml" +#KEYCLOAK_MIDDLEWARE_ENABLED=1 +#KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app +#KEYCLOAK_MIDDLEWARE_2_ENABLED=1 +#KEYCLOAK_TFA_SERVICE_2=traefik-forward-auth_app + +## BASIC_AUTH +## Use httpasswd to generate the secret +#COMPOSE_FILE="$COMPOSE_FILE:compose.basicauth.yml" +#BASIC_AUTH=1 +#SECRET_USERSFILE_VERSION=v1 + +##################################################################### +# Prometheus metrics # +##################################################################### + +## Enable prometheus metrics collection +## used used by the coop-cloud monitoring stack +## BASIC_AUTH should also be enabled +#COMPOSE_FILE="$COMPOSE_FILE:compose.metrics.yml" +#METRICS_ENABLED=1 +#METRICS_FQDN=metrics.traefik.hazel.resisttechmonopolies.online + +##################################################################### +# File provider directory configuration # +# (Route bare metal and non-docker services on the machine!) # +##################################################################### +#FILE_PROVIDER_DIRECTORY_ENABLED=1 + +##################################################################### +# Additional services # +##################################################################### + +## SMTP port 587 +#COMPOSE_FILE="$COMPOSE_FILE:compose.smtp.yml" +#SMTP_ENABLED=1 + +## Compy +#COMPOSE_FILE="$COMPOSE_FILE:compose.compy.yml" +#COMPY_ENABLED=1 + +## Gitea SSH +# COMPOSE_FILE="$COMPOSE_FILE:compose.gitea.yml" +# GITEA_SSH_ENABLED=1 + +## P2Panda UDP +# COMPOSE_FILE="$COMPOSE_FILE:compose.p2panda.yml" +# P2PANDA_ENABLED=1 + +## Foodsoft SMTP +# COMPOSE_FILE="$COMPOSE_FILE:compose.foodsoft.yml" +# FOODSOFT_SMTP_ENABLED=1 + +## Peertube RTMP +#COMPOSE_FILE="$COMPOSE_FILE:compose.peertube.yml" +#PEERTUBE_RTMP_ENABLED=1 + +## Secure Scuttlebutt MUXRPC +#COMPOSE_FILE="$COMPOSE_FILE:compose.ssb.yml" +#SSB_MUXRPC_ENABLED=1 + +## MSSQL +#COMPOSE_FILE="$COMPOSE_FILE:compose.mssql.yml" +#MSSQL_ENABLED=1 + +## Mumble +#COMPOSE_FILE="$COMPOSE_FILE:compose.mumble.yml" +#MUMBLE_ENABLED=1 + +## Matrix +#COMPOSE_FILE="$COMPOSE_FILE:compose.matrix.yml" +#MATRIX_FEDERATION_ENABLED=1 + +## "Web alt", an alternative web port +# NOTE(3wc): as of 2024-04-01 only the `icecast` recipe uses this +#COMPOSE_FILE="$COMPOSE_FILE:compose.web-alt.yml" +#WEB_ALT_ENABLED=1 + +## Matrix +#COMPOSE_FILE="$COMPOSE_FILE:compose.irc.yml" +#IRC_ENABLED=1 + +## Garage +#COMPOSE_FILE="$COMPOSE_FILE:compose.garage.yml" +#GARAGE_RPC_ENABLED=1 + +## Nextcloud Talk HPB +#COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud-talk-hpb.yml" +#NEXTCLOUD_TALK_HPB_ENABLED=1 + +## Anubis +#COMPOSE_FILE="$COMPOSE_FILE:compose.anubis.yml" +#ANUBIS_COOKIE_DOMAIN=example.com +#ANUBIS_DOMAIN=anubis.example.com +#ANUBIS_REDIRECT_DOMAINS= +#ANUBIS_OG_PASSTHROUGH=true +#ANUBIS_OG_EXPIRY_TIME=1h +#ANUBIS_OG_CACHE_CONSIDER_HOST=true +#ANUBIS_SERVE_ROBOTS_TXT=true + +## Enable onion service support +#ONION_ENABLED=1 \ No newline at end of file -- 2.49.0