This commit is contained in:
nihilist 2024-02-26 11:43:56 +01:00
parent 4c961648ae
commit 64619635d2
7 changed files with 169 additions and 12 deletions

View File

@ -0,0 +1,13 @@
use-auth-secret
static-auth-secret=PASSWORDTOCHANGE
realm=m.datura.network
listening-port=3478
tls-listening-port=5349
min-port=47160
max-port=47200
verbose
allow-loopback-peers
cli-password=PASSWORDTOCHANGE
external-ip=116.202.216.190

View File

@ -0,0 +1,43 @@
# Configuration file for Synapse.
#
# This is a YAML file: see [1] for a quick introduction. Note in particular
# that *indentation is important*: all the elements of a list or dictionary
# should have the same indentation.
#
# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
#
# For more information on how to configure Synapse, including a complete accounting of
# each option, go to docs/usage/configuration/config_documentation.md or
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
server_name: "m.datura.network"
pid_file: /data/homeserver.pid
listeners:
- port: 8008
tls: false
type: http
x_forwarded: true
resources:
- names: [client, federation]
compress: false
database:
name: sqlite3
args:
database: /data/homeserver.db
log_config: "/data/m.datura.network.log.config"
media_store_path: /data/media_store
registration_shared_secret: "SOMETHING3"
report_stats: true
macaroon_secret_key: "SOMETHING2"
form_secret: "SOMETHING1"
signing_key_path: "/data/m.datura.network.signing.key"
trusted_key_servers:
- server_name: "matrix.org"
turn_uris: [ "turn:m.datura.network?transport=udp", "turn:m.datura.network?transport=tcp" ]
turn_shared_secret: "PASSWORDTOCHANGE"
turn_user_lifetime: 86400000
turn_allow_guests: true
# vim:ft=yaml

View File

@ -0,0 +1,36 @@
version: "3.3"
services:
synapse-admin:
image: awesometechnologies/synapse-admin
ports:
- 8009:80
restart: unless-stopped
synapse:
image: "matrixdotorg/synapse:latest"
container_name: "matrix_synapse"
ports:
- 8008:8008
volumes:
- "./data:/data" #it will look at the current directory where you save the file and look for the data folder inside
environment:
VIRTUAL_HOST: "m.datura.network"
VIRTUAL_PORT: 8008
LETSENCRYPT_HOST: "m.datura.network"
SYNAPSE_SERVER_NAME: "m.datura.network"
SYNAPSE_REPORT_STATS: "yes"
coturn:
image: instrumentisto/coturn:latest
restart: unless-stopped
volumes:
- ./coturn/turnserver.conf:/etc/coturn/turnserver.conf
ports:
- 47160-47200:47160-47200/udp
- 3478:3478
- 5349:5349
networks:
- mybridge
networks:
mybridge:
driver: bridge

View File

@ -0,0 +1,40 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# For the federation port
listen 8448 ssl http2;
listen [::]:8448 ssl http2;
server_name m.datura.network;
ssl_certificate /root/.acme.sh/m.datura.network/fullchain.cer;
ssl_certificate_key /root/.acme.sh/m.datura.network/m.datura.network.key;
#location ~ ^(/_matrix|/_synapse/client|/_synapse/admin) { # to enable remote administration
location ~ ^(/_matrix|/_synapse/client) {
# note: do not add a path (even a single /) after the port in `proxy_pass`,
# otherwise nginx will canonicalise the URI and cause signature verification
# errors.
proxy_pass http://localhost:8008;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
# Synapse responses may be chunked, which is an HTTP/1.1 feature.
proxy_http_version 1.1;
}
#location / {
# proxy_pass http://127.0.0.1:9090/;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Host $host;
# client_max_body_size 50M;
#}
}

View File

@ -0,0 +1,11 @@
version: '2'
services:
autoheal:
restart: always
image: willfarrell/autoheal
environment:
- AUTOHEAL_CONTAINER_LABEL=all
volumes:
- /var/run/docker.sock:/var/run/docker.sock

View File

@ -0,0 +1,7 @@
version: "3"
services:
watchtower:
image: containrrr/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock

View File

@ -8,23 +8,30 @@ Datura Network is a project aiming to bring as many privacy-protecting tools as
|Service |hosted? |public instance? |configs shared? |
|-|-|-|-|
|tor bridge |yes |yes |no |
|monero node |yes |yes |no |
|invidious |yes |yes |no |
|searxng |yes |pending |no |
|anonoverflow |yes |no |no |
|safetwitch |yes |yes |no |
|proxitok |yes |yes |no |
|4get |yes |yes |no |
|libremdb |yes |no |no |
|pixivfe |yes |no |no |
|binternet |yes |no |no |
|tor bridge |yes |yes |yes |
|monero node |yes |yes |yes |
|anonoverflow |yes |no |yes |
|binternet |yes |no |yes |
|proxitok |yes |yes |yes |
|invidious |yes |yes |yes |
|libmedium |yes |no |yes |
|libremdb |yes |no |yes |
|pixivfe |yes |no |yes |
|priviblur |yes |no |yes |
|redlib |yes |no |yes |
|safetwitch |yes |yes |yes |
|searxng |yes |pending |yes |
|gitea |yes |NA |yes |
|matrix |yes |NA |yes |
|uptimekuma |yes |NA |yes |
|watchtower |yes |NA |yes |
|autoheal |yes |NA |yes |
(configs will include nginx config, configs with passwords blurred, docker-compose.yml, and cronjobs)
```
Quarterly Transparency Reports (PGP signed):
Monthly Transparency Reports (PGP signed):
-latest news (recap of topics covered and their completion)
-Expenses
-list of servers, along with the following info: