From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <alviro.iskandar@gnuweeb.org>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org;
	s=default; t=1689262138;
	bh=11lHqCKfCQWxHqM9B8rTrbknGFZvvl95kD4n0keCJjQ=;
	h=From:To:Cc:Subject:Date;
	b=Rppwd+8Cr04BcaWbiaJGRKk2Z4TbS/Da+35AufSFKBXmtGdGfGdDe+vX/Cfl/vp/f
	 YtgmII1G/ScqUyc+80N+P3+AW08CGmp+V+19UHtCONoOMqFLS9+maySJlMEGB7Vh7O
	 ueBHNVs0p+f7Zm2J+TQNi0DEeJV5vFA+b0nbYB6LwSPWzc539ZQPrV1WQnAn5itX3I
	 zebeNKC2mYn/Wu5RC/Daf6VVO3CeW5FpMHc340iZ/NoQhyzmwtgWjC1oCasTyXYoeV
	 gOD3jidGhOLbmwNaVGu6HqOdDudC1uqvi5t1usfVPPJAPzD9g77LewJFJPer7o4vx0
	 WLVBsKtHZUSuQ==
Received: from server-haj002.. (server-haj002.gnuweeb.org [45.83.104.102])
	by gnuweeb.org (Postfix) with ESMTPSA id 768A524AC5B;
	Thu, 13 Jul 2023 22:28:57 +0700 (WIB)
From: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>
To: Ammar Faizi <ammarfaizi2@gnuweeb.org>,
	Michael William Jonathan <moe@gnuweeb.org>
Cc: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>,
	GNU/Weeb Mailing List <gwml@vger.gnuweeb.org>
Subject: [PATCH server-haj002 v1 0/6] Server update and new service elk.gnuweeb.org
Date: Thu, 13 Jul 2023 17:28:44 +0200
Message-Id: <20230713152850.5565-1-alviro.iskandar@gnuweeb.org>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
List-Id: <gwml.vger.gnuweeb.org>

Greetings,

This series contains server-haj002 fixes and a new service called
elk.gnuweeb.org as requested by chief in https://t.me/GNUWeeb/807595

elk is a nimble Mastodon web client. While it's currently not a
widely used app, it's already quite usable. More detail here:
https://github.com/elk-zone/elk

The elk service for GNU/Weeb is now up and ready to use at:

  https://elk.gnuweeb.org

There are 6 pathces in this series, summary:

# 1. Allow trusted traffic from/to local addresses.
Simplify iptables rules by allowing INPUT traffic from these CIDR
ranges:

  ip:
    10.0.0.0/8
    192.168.0.0/16
    172.16.0.0/12

  ip6:
    fc00::/7

Also, allow FORWARD from/to them.

# 2. Properly enable IPv6 for the masto-net network.
The IPv6 was not properly enabled. Enable it by adding
"enable_ipv6: true" in the network section in the docker-compose
file.

# 3. Fix DNS resolution error.
The default DNS system is not properly configured in this environment
and it leads to DNS resolution error. Provide custom resolv.conf file
and hosts file to satisfy the need of mastodon container.

The custom resolv.conf script will use the host IP address as the DNS
server. Therefore, the host must provide a working DNS server. It can
simply be done by adding these two lines to /etc/systemd/resolved.conf

   DNSStubListenerExtra=0.0.0.0:53
   DNSStubListenerExtra=[::]:53

# 4. Move data directory inside the git project
Move data directory inside the git project to allow the docker-comose.yml
file to use relative path. Then sync the docker-compose file with the
prod file (add hostname entry and DNS related changes).

# 5. Add elk server using docker.
Bash script to build and run the elk service using docker.

# 6. Add elk setup instructions.
Note crontab setup and nginx vhost config.

Signed-off-by: Alviro Iskandar Setiawan <alviro.iskandar@gnuweeb.org>
---

Alviro Iskandar Setiawan (6):
  init_net: Allow trusted traffic from/to local addresses
  mastodon: Enable IPv6 for the masto-net network
  mastodon: Fix DNS resolution error
  mastodon: Move data directory inside the git project
  Add elk server using docker
  setup.txt: Add elk setup instructions

 .gitmodules                         |  3 +++
 elk/.gitignore                      |  2 ++
 elk/docker-compose.yml              | 30 +++++++++++++++++++++++++++++
 elk/start.sh                        | 23 ++++++++++++++++++++++
 init_net.sh                         | 26 ++++++++++++++++++++++++-
 mastodon/.gitignore                 |  3 ++-
 mastodon/docker-compose.example.yml | 19 ++++++++++++------
 mastodon/docker-mastodon            |  1 +
 mastodon/hosts                      |  8 ++++++++
 mastodon/resolv.conf                |  3 +++
 setup.txt                           | 19 ++++++++++++++++++
 11 files changed, 129 insertions(+), 8 deletions(-)
 create mode 100644 .gitmodules
 create mode 100644 elk/.gitignore
 create mode 100644 elk/docker-compose.yml
 create mode 100644 elk/start.sh
 create mode 160000 mastodon/docker-mastodon
 create mode 100644 mastodon/hosts
 create mode 100644 mastodon/resolv.conf


base-commit: 9fb75192df6b55699b8716199b16b42d0b82e860
-- 
Alviro Iskandar Setiawan