diff options
| -rwxr-xr-x | chroot/steam_wrapper | 4 | ||||
| -rw-r--r-- | terminaldweller.com/ejabberd/docker-compose.yaml | 14 | ||||
| -rw-r--r-- | terminaldweller.com/ejabberd/ejabberd.yml | 12 | ||||
| -rw-r--r-- | terminaldweller.com/haproxy/haproxy.cfg | 3 |
4 files changed, 20 insertions, 13 deletions
diff --git a/chroot/steam_wrapper b/chroot/steam_wrapper index 2354c3b..4a147d5 100755 --- a/chroot/steam_wrapper +++ b/chroot/steam_wrapper @@ -3,4 +3,6 @@ # xhost + # enable anyone to use pulseaudio over tcp: # load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1;192.168.1.0/24 auth-anonymous=1 -env DISPLAY=:0.0 PULSE_SERVER=127.0.0.1 steam +# +# also make sure we are using quad9, not pihole. pihole doesnt like steam. +env DISPLAY=:0.0 PULSE_SERVER=127.0.0.1 steam -tcp -no-cef-sandbox diff --git a/terminaldweller.com/ejabberd/docker-compose.yaml b/terminaldweller.com/ejabberd/docker-compose.yaml index 4a6f2fe..3e6de12 100644 --- a/terminaldweller.com/ejabberd/docker-compose.yaml +++ b/terminaldweller.com/ejabberd/docker-compose.yaml @@ -8,18 +8,22 @@ services: - "80:80" - "5222:5222" - "127.0.0.1:5269:5269" - - "127.0.0.1:5280:5280" + - "5280:5280" - "5443:5443" - - "127.0.0.1:1883:1883" + - "1883:1883" - "127.0.0.1:5080:5080" - - "127.0.0.1:3478:3478/udp" - - "127.0.0.1:5349:5349" restart: unless-stopped volumes: - ./ejabberd.yml:/home/ejabberd/conf/ejabberd.yml - ./acme:/var/lib/ejabberd/acme - ./dh:/usr/local/etc/ejabberd + - confs_certs:/home/ejabberd/conf/ + - mnesia_db:/home/ejabberd/database/ networks: ejabberdnet: +volumes: + confs_certs: + mnesia_db: # openssl dhparam -out dhparams.pem 4096 -# sudo certbot certonly --standalone --email devi@terminaldweller.com --non-interactive --agree-tos -d chat.terminaldweller.com --preferred-challenges http +# certbot certonly --standlone -d chat.terminaldweller.com -e devi@terminaldweller.com --agree-tos --noninteractive --dry-run +# docker exec -it 6eebd16a2385 bin/ejabberdctl register admin chat.terminaldweller.com password diff --git a/terminaldweller.com/ejabberd/ejabberd.yml b/terminaldweller.com/ejabberd/ejabberd.yml index 87eb940..90d0207 100644 --- a/terminaldweller.com/ejabberd/ejabberd.yml +++ b/terminaldweller.com/ejabberd/ejabberd.yml @@ -19,10 +19,8 @@ c2s_ciphers: 'TLS_CIPHERS' s2s_ciphers: 'TLS_CIPHERS' c2s_protocol_options: 'TLS_OPTIONS' s2s_protocol_options: 'TLS_OPTIONS' -certfiles: - - '/var/lib/ejabberd/acme/ejabberd.pem' - -auth_password_format: scram +#certfiles: +# - '/var/lib/ejabberd/acme/ejabberd.pem' listen: - port: 5222 @@ -179,9 +177,11 @@ shaper_rules: max_fsm_queue: 10000 acme: + # for auto ACME requests, we need this to be true auto: false - contact: 'mailto:devi@terminaldweller.com' - ca_url: 'https://acme-staging-v02.api.letsencrypt.org' + contact: + - mailto:devi@terminaldweller.com + ca_url: https://acme-v02.api.letsencrypt.org/directory oauth_expire: 31536000 oauth_access: all diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg index 5247f4c..9930fe6 100644 --- a/terminaldweller.com/haproxy/haproxy.cfg +++ b/terminaldweller.com/haproxy/haproxy.cfg @@ -26,7 +26,7 @@ resolvers docker_resolver resolve_retries 3 timeout retry 1000ms timeout resolve 1000ms - + #Frontends frontend http bind *:80 @@ -52,6 +52,7 @@ frontend http use_backend blog-backend-cert if letsencrypt-acl editor-host use_backend blog-backend-cert if letsencrypt-acl editorsave-host use_backend cloud-one-cert if letsencrypt-acl devourer-host + use_backend cloud-one-cert if letsencrypt-acl chat-host use_backend api-crypto-backend-cert if letsencrypt-acl api-host use_backend api-mila-backend-cert if letsencrypt-acl api-host use_backend searx-backend-cert if letsencrypt-acl searx-host |