-36

butane/fcos.yml.tftpl

··· 365 365 inline: | 366 366 [Service] 367 367 StateDirectory=vector 368 368 - - path: /etc/vector/vector.yaml 369 369 - contents: 370 370 - inline: | 371 371 - secret 372 372 - bitwarden 373 373 - type: exec 374 374 - command: ["get_secret.sh"] 375 375 - sources: 376 376 - journald: 377 377 - type: journald 378 378 - include_units: ["sshd.service"] 379 379 - transforms: 380 380 - remap: 381 381 - type: "remap" 382 382 - inputs: 383 383 - - journald 384 384 - source: | 385 385 - .level = to_syslog_level!(.PRIORITY) 386 386 - sinks: 387 387 - victorialogs: 388 388 - inputs: 389 389 - - remap 390 390 - type: elasticsearch 391 391 - endpoints: 392 392 - - https://logs.krasovs.ky/insert/elasticsearch/ 393 393 - api_version: v8 394 394 - compression: gzip 395 395 - healthcheck: 396 396 - enabled: false 397 397 - query: 398 398 - _msg_field: message 399 399 - _time_field: timestamp 400 400 - _stream_fields: host,container_name 401 401 - request: 402 402 - headers: 403 403 - - Authorization: "Bearer" 404 368 405 369 # download systemd_exporter and create systemd user service 406 370 - path: /var/home/core/.local/bin/systemd_exporter.tar.gz

+2

configs/containers/systemd/glance.container.tftpl

··· 33 33 Volume=%t/podman/podman.sock:/var/run/docker.sock 34 34 35 35 Network=reverse-proxy.network 36 36 + AddHost=pve.${base_domain}:host-gateway 37 37 + AddHost=truenas.${base_domain}:host-gateway 36 38 37 39 # Disable label security to access Podman socket. 38 40 SecurityLabelDisable=true

+1 -1

configs/containers/systemd/opencloud/opencloud-server.container.tftpl

··· 55 55 Label="traefik.http.routers.opencloud.service=opencloud" 56 56 Label="traefik.http.services.opencloud.loadbalancer.server.port=9200" 57 57 58 58 - Label="traefik.http.routers.opencloud-monitoring.rule=Host(`cloud.krasovs.ky`) && PathPrefix(`/debug`)" 58 58 + Label="traefik.http.routers.opencloud-monitoring.rule=Host(`cloud.${base_domain}`) && PathPrefix(`/debug`)" 59 59 Label="traefik.http.routers.opencloud-monitoring.service=opencloud-monitoring" 60 60 Label="traefik.http.routers.opencloud-monitoring.middlewares=strip-debug-prefix" 61 61 Label="traefik.http.middlewares.strip-debug-prefix.stripprefix.prefixes=/debug"

+2

configs/containers/systemd/pods/matrix.pod.tftpl

··· 7 7 Network=matrix.network 8 8 Network=reverse-proxy.network 9 9 AddHost=id.${base_domain}:host-gateway 10 10 + AddHost=matrix.${base_domain}:host-gateway 11 11 + AddHost=matrix-account.${base_domain}:host-gateway

+1

configs/containers/systemd/remnawave-node-2.container.tftpl

··· 12 12 Network=reverse-proxy.network 13 13 PublishPort=8443:8443/tcp 14 14 PublishPort=8443:8443/udp 15 15 + AddHost=crypto1.${base_domain}:host-gateway 15 16 16 17 [Service] 17 18 TimeoutStartSec=900

+1 -1

configs/containers/systemd/tangled.container.tftpl

··· 11 11 Environment=KNOT_REPO_SCAN_PATH=/home/git/repositories 12 12 Environment=KNOT_SERVER_HOSTNAME=knot.${base_domain} 13 13 Environment=KNOT_SERVER_DB_PATH=/app/knotserver.db 14 14 - Environment=KNOT_SERVER_OWNER="did:web:krasovs.ky" 14 14 + Environment=KNOT_SERVER_OWNER="did:web:${base_domain}" 15 15 16 16 Label="glance.name=Tangled Knot" 17 17 Label="glance.url=https://knot.${base_domain}"

+1 -1

configs/element/web.json.tftpl

··· 62 62 "feature_element_call_video_rooms": true 63 63 }, 64 64 "element_call": { 65 65 - "url": "https://call.element.krasovs.ky" 65 65 + "url": "https://call.element.${base_domain}" 66 66 } 67 67 }

+2 -2

configs/matrix/mas.yaml.tftpl

··· 51 51 endpoint: http://grafana-alloy:4318/v1/metrics 52 52 53 53 email: 54 54 - from: '"Matrix Authentication Service" <noreply+matrix@krasovs.ky>' 55 55 - reply_to: '"Matrix Authentication Service" <noreply+matrix@krasovs.ky>' 54 54 + from: '"Matrix Authentication Service" <noreply+matrix@${base_domain}>' 55 55 + reply_to: '"Matrix Authentication Service" <noreply+matrix@${base_domain}>' 56 56 transport: smtp 57 57 mode: tls 58 58 hostname: smtps-proxy.fastmail.com