updated
This commit is contained in:
parent
4c961648ae
commit
64619635d2
13
2-Decentralization/matrix/coturn/turnserver.conf
Normal file
13
2-Decentralization/matrix/coturn/turnserver.conf
Normal file
@ -0,0 +1,13 @@
|
||||
use-auth-secret
|
||||
static-auth-secret=PASSWORDTOCHANGE
|
||||
realm=m.datura.network
|
||||
listening-port=3478
|
||||
tls-listening-port=5349
|
||||
min-port=47160
|
||||
max-port=47200
|
||||
verbose
|
||||
allow-loopback-peers
|
||||
cli-password=PASSWORDTOCHANGE
|
||||
external-ip=116.202.216.190
|
||||
|
||||
|
43
2-Decentralization/matrix/data/homeserver.yaml
Normal file
43
2-Decentralization/matrix/data/homeserver.yaml
Normal file
@ -0,0 +1,43 @@
|
||||
# Configuration file for Synapse.
|
||||
#
|
||||
# This is a YAML file: see [1] for a quick introduction. Note in particular
|
||||
# that *indentation is important*: all the elements of a list or dictionary
|
||||
# should have the same indentation.
|
||||
#
|
||||
# [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
|
||||
#
|
||||
# For more information on how to configure Synapse, including a complete accounting of
|
||||
# each option, go to docs/usage/configuration/config_documentation.md or
|
||||
# https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html
|
||||
server_name: "m.datura.network"
|
||||
pid_file: /data/homeserver.pid
|
||||
listeners:
|
||||
- port: 8008
|
||||
tls: false
|
||||
type: http
|
||||
x_forwarded: true
|
||||
resources:
|
||||
- names: [client, federation]
|
||||
compress: false
|
||||
database:
|
||||
name: sqlite3
|
||||
args:
|
||||
database: /data/homeserver.db
|
||||
log_config: "/data/m.datura.network.log.config"
|
||||
media_store_path: /data/media_store
|
||||
registration_shared_secret: "SOMETHING3"
|
||||
report_stats: true
|
||||
macaroon_secret_key: "SOMETHING2"
|
||||
form_secret: "SOMETHING1"
|
||||
signing_key_path: "/data/m.datura.network.signing.key"
|
||||
trusted_key_servers:
|
||||
- server_name: "matrix.org"
|
||||
|
||||
turn_uris: [ "turn:m.datura.network?transport=udp", "turn:m.datura.network?transport=tcp" ]
|
||||
turn_shared_secret: "PASSWORDTOCHANGE"
|
||||
turn_user_lifetime: 86400000
|
||||
turn_allow_guests: true
|
||||
|
||||
# vim:ft=yaml
|
||||
|
||||
|
36
2-Decentralization/matrix/docker-compose.yml
Normal file
36
2-Decentralization/matrix/docker-compose.yml
Normal file
@ -0,0 +1,36 @@
|
||||
version: "3.3"
|
||||
|
||||
services:
|
||||
synapse-admin:
|
||||
image: awesometechnologies/synapse-admin
|
||||
ports:
|
||||
- 8009:80
|
||||
restart: unless-stopped
|
||||
synapse:
|
||||
image: "matrixdotorg/synapse:latest"
|
||||
container_name: "matrix_synapse"
|
||||
ports:
|
||||
- 8008:8008
|
||||
volumes:
|
||||
- "./data:/data" #it will look at the current directory where you save the file and look for the data folder inside
|
||||
environment:
|
||||
VIRTUAL_HOST: "m.datura.network"
|
||||
VIRTUAL_PORT: 8008
|
||||
LETSENCRYPT_HOST: "m.datura.network"
|
||||
SYNAPSE_SERVER_NAME: "m.datura.network"
|
||||
SYNAPSE_REPORT_STATS: "yes"
|
||||
coturn:
|
||||
image: instrumentisto/coturn:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- ./coturn/turnserver.conf:/etc/coturn/turnserver.conf
|
||||
ports:
|
||||
- 47160-47200:47160-47200/udp
|
||||
- 3478:3478
|
||||
- 5349:5349
|
||||
networks:
|
||||
- mybridge
|
||||
networks:
|
||||
mybridge:
|
||||
driver: bridge
|
||||
|
40
2-Decentralization/matrix/nginx.conf
Normal file
40
2-Decentralization/matrix/nginx.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
# For the federation port
|
||||
listen 8448 ssl http2;
|
||||
listen [::]:8448 ssl http2;
|
||||
|
||||
server_name m.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/m.datura.network/fullchain.cer;
|
||||
ssl_certificate_key /root/.acme.sh/m.datura.network/m.datura.network.key;
|
||||
|
||||
#location ~ ^(/_matrix|/_synapse/client|/_synapse/admin) { # to enable remote administration
|
||||
location ~ ^(/_matrix|/_synapse/client) {
|
||||
# note: do not add a path (even a single /) after the port in `proxy_pass`,
|
||||
# otherwise nginx will canonicalise the URI and cause signature verification
|
||||
# errors.
|
||||
proxy_pass http://localhost:8008;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
# Nginx by default only allows file uploads up to 1M in size
|
||||
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
|
||||
client_max_body_size 50M;
|
||||
|
||||
# Synapse responses may be chunked, which is an HTTP/1.1 feature.
|
||||
proxy_http_version 1.1;
|
||||
}
|
||||
|
||||
#location / {
|
||||
# proxy_pass http://127.0.0.1:9090/;
|
||||
# proxy_set_header X-Forwarded-For $remote_addr;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
# proxy_set_header Host $host;
|
||||
# client_max_body_size 50M;
|
||||
#}
|
||||
}
|
||||
|
11
4-Scripts/autoheal/docker-compose.yml
Normal file
11
4-Scripts/autoheal/docker-compose.yml
Normal file
@ -0,0 +1,11 @@
|
||||
version: '2'
|
||||
services:
|
||||
autoheal:
|
||||
restart: always
|
||||
image: willfarrell/autoheal
|
||||
environment:
|
||||
- AUTOHEAL_CONTAINER_LABEL=all
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
||||
|
7
4-Scripts/watchtower/docker-compose.yml
Normal file
7
4-Scripts/watchtower/docker-compose.yml
Normal file
@ -0,0 +1,7 @@
|
||||
version: "3"
|
||||
services:
|
||||
watchtower:
|
||||
image: containrrr/watchtower
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
31
README.md
31
README.md
@ -8,23 +8,30 @@ Datura Network is a project aiming to bring as many privacy-protecting tools as
|
||||
|
||||
|Service |hosted? |public instance? |configs shared? |
|
||||
|-|-|-|-|
|
||||
|tor bridge |yes |yes |no |
|
||||
|monero node |yes |yes |no |
|
||||
|invidious |yes |yes |no |
|
||||
|searxng |yes |pending |no |
|
||||
|anonoverflow |yes |no |no |
|
||||
|safetwitch |yes |yes |no |
|
||||
|proxitok |yes |yes |no |
|
||||
|4get |yes |yes |no |
|
||||
|libremdb |yes |no |no |
|
||||
|pixivfe |yes |no |no |
|
||||
|binternet |yes |no |no |
|
||||
|tor bridge |yes |yes |yes |
|
||||
|monero node |yes |yes |yes |
|
||||
|anonoverflow |yes |no |yes |
|
||||
|binternet |yes |no |yes |
|
||||
|proxitok |yes |yes |yes |
|
||||
|invidious |yes |yes |yes |
|
||||
|libmedium |yes |no |yes |
|
||||
|libremdb |yes |no |yes |
|
||||
|pixivfe |yes |no |yes |
|
||||
|priviblur |yes |no |yes |
|
||||
|redlib |yes |no |yes |
|
||||
|safetwitch |yes |yes |yes |
|
||||
|searxng |yes |pending |yes |
|
||||
|gitea |yes |NA |yes |
|
||||
|matrix |yes |NA |yes |
|
||||
|uptimekuma |yes |NA |yes |
|
||||
|watchtower |yes |NA |yes |
|
||||
|autoheal |yes |NA |yes |
|
||||
|
||||
(configs will include nginx config, configs with passwords blurred, docker-compose.yml, and cronjobs)
|
||||
|
||||
|
||||
```
|
||||
Quarterly Transparency Reports (PGP signed):
|
||||
Monthly Transparency Reports (PGP signed):
|
||||
-latest news (recap of topics covered and their completion)
|
||||
-Expenses
|
||||
-list of servers, along with the following info:
|
||||
|
Loading…
Reference in New Issue
Block a user