This is an experimental, alpha Puppet module for setting up an Ubuntu server in the style of tilde.club.
What is in master is generally guaranteed to have been tested casually on an AWS EC2 micro running Ubuntu 14.04 at tilde.town, but aside from that, there are no guarantees about the code. YMMV. I'm trying to keep the README up to date as I change things / add features.
All of these steps assume you are running as the root
user.
- Install the
puppet
andpuppetmaster
packages (they can be on the same server). 3.4.x+ is required. puppet module install jfryman-nginx -v 0.0.10
(must install v0.0.10, see here)apt-get install -y puppetmaster puppet
.puppet module install camptocamp-postfix
- Set up hiera:
- add a hiera.yaml to
/etc/puppet/
ln -s /etc/puppet/hiera.yaml /etc/hiera.yaml
mkdir /etc/puppet/hieradata
- add and configure common.yaml to
/etc/puppet/hieradata/
cd /etc/puppet/modules
apt-get install -y git-core
git clone https://github.com/nathanielksmith/puppet-tilde.git tilde
git clone https://github.com/nathanielksmith/puppet-ngircd ngircd
- edit site.pp and save to
/etc/puppet/manifests/site.pp
puppet agent -t --server={your_tilde_host_name}
To add users to your tilde server, add them to your common.yaml
(or whatever) like so:
tilde::users:
vilmibm:
pubkey: '...'
cmr:
pubkey: '...'
datagrok:
pubkey: '...'
The module purges any non-system users not managed by Puppet; in other words,
to ban a user, simply delete them from the tilde::users
hash in common.yaml
.
You can also specify pubkey_type
in the user hash if the user is
fancy and not using ssh-rsa
. The supported types are whatever is
supported by puppet's
authorized key type
Password based logins are not currently supported. You'll have to manually enable that if you want it.
/etc/skel
is managed as a set of files in the module. If you'd like to
modify these, make a local branch on the module and edit away. You can
add or remove files from the directory (note, old users will not
retroactively get changes to /etc/skel
).
Currently, the module looks for tilde::hostname
(e.g. tilde.town
or tilde.farm or drawbridge.club) and sets up an Nginx virtual host with:
- a homepage for your tilde server (
/var/www/<your domain>/index.html
) - user directories (
/~<username>
) which map to/home/<username>/public_html
- server names
$hostname
andwww.$hostname
- IMPORTANT Make sure port 80 is open for your server.
The module sets up ngircd for you.
- localhost only
irc
alias added to users'.bashrc
file.- per-user
irssi
configuration this will auto-connect to the server and auto-join#<hostname>
where hostname is a .-less string substitution of the hostname you specified astilde::hostname
.
It does not set up an operator. IRC governance is up to the autonomous collective to determine.
The module sets up postfix for you. Just like tilde.club, it's local mail only. Alpine and mutt are installed by default.
There is basic Message of the Day support. To customize the motd, make
a branch of the checked out puppet module and edit
templates/motd.erb
. The default template just has a basic cowsay
with a few instructions (and shows your server's hostname).
A motd
alias that just runs cat /etc/motd
is also added by the
aliases file in /etc/skel
.
The program inn2
is set up and configured for local access. The clients slrn
, tin
, and alpine
are all installed by default. In order to transfer news with peers, you must enable both inbound and outbound traffic on TCP port 119 (for EC2 users, this may mean editing your security groups, for others it may mean editing iptables rules).
IMPORTANT: Make sure port 119 is open for your server.
IMPORTANT: Refer to the example common.yaml file to see how to configure newsgroups/peers. No groups are configured by default.
This module enables 3mb user quotas for all non-system users. You'll
need to add the usrquota option to your / mount with something like
this in your site.pp
, though, for it to work:
mount { '/':
ensure => 'mounted',
device => 'LABEL=cloudimg-rootfs',
dump => '0',
fstype => 'ext4',
options => 'defaults,discard,usrquota',
pass => '0',
target => '/etc/fstab',
}
}
If you do not want disk quotas, include the tilde class like this
in your site.pp
:
class { 'tilde':
use_quota => false,
}
Or configure common.yaml
with:
tilde::use_quota: false
- A "customization" section in this README on how to modify things
like the server's homepage or
/etc/skel
. - Flags for switching on/off various services from
common.yaml
(if you don't want NTTP, for example).
- Nathaniel Smith nks@lambdaphil.es
- Chris Roddy cmr@mdc2.org
This module is licensed under the terms of the GNU Public License version 3 (GPLv3)