Merge pull request 'wip-mcaptcha-mcaptcha' (#4) from wip-mcaptcha-mcaptcha into master
Reviewed-on: #4
This commit is contained in:
commit
50569c8a32
10 changed files with 74 additions and 79 deletions
|
@ -5,7 +5,6 @@
|
||||||
---
|
---
|
||||||
- name: Install and enable firewall
|
- name: Install and enable firewall
|
||||||
hosts: all
|
hosts: all
|
||||||
remote_user: atm
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Ensure all VMs are reachable
|
- name: Ensure all VMs are reachable
|
||||||
ansible.builtin.ping:
|
ansible.builtin.ping:
|
||||||
|
|
|
@ -7,7 +7,6 @@
|
||||||
|
|
||||||
- name: Install redis cache
|
- name: Install redis cache
|
||||||
hosts: mcaptcha_hosts
|
hosts: mcaptcha_hosts
|
||||||
remote_user: atm
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Ensure all VMs are reachable
|
- name: Ensure all VMs are reachable
|
||||||
ansible.builtin.ping:
|
ansible.builtin.ping:
|
||||||
|
|
|
@ -7,7 +7,6 @@
|
||||||
|
|
||||||
- name: Configure Locust instances
|
- name: Configure Locust instances
|
||||||
hosts: [mcaptcha_dos]
|
hosts: [mcaptcha_dos]
|
||||||
remote_user: atm
|
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: Ensure all VMs are reachable
|
- name: Ensure all VMs are reachable
|
||||||
ansible.builtin.ping:
|
ansible.builtin.ping:
|
||||||
|
|
|
@ -10,7 +10,6 @@
|
||||||
become: yes
|
become: yes
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/mcaptcha/vars.yml
|
- vars/mcaptcha/vars.yml
|
||||||
- vars/mcaptcha/db-common.yml
|
|
||||||
- vars/mcaptcha/postgresql.yml
|
- vars/mcaptcha/postgresql.yml
|
||||||
tasks:
|
tasks:
|
||||||
- ansible.builtin.include_role:
|
- ansible.builtin.include_role:
|
||||||
|
@ -23,7 +22,6 @@
|
||||||
become: yes
|
become: yes
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/mcaptcha/vars.yml
|
- vars/mcaptcha/vars.yml
|
||||||
- vars/mcaptcha/db-common.yml
|
|
||||||
- vars/mcaptcha/mariadb.yml.yml
|
- vars/mcaptcha/mariadb.yml.yml
|
||||||
tasks:
|
tasks:
|
||||||
- ansible.builtin.include_role:
|
- ansible.builtin.include_role:
|
||||||
|
@ -44,11 +42,8 @@
|
||||||
|
|
||||||
- name: Install mCaptcha binary
|
- name: Install mCaptcha binary
|
||||||
hosts: mcaptcha_hosts
|
hosts: mcaptcha_hosts
|
||||||
remote_user: atm
|
|
||||||
vars_files:
|
vars_files:
|
||||||
- vars/mcaptcha/vars.yml
|
- vars/mcaptcha/vars.yml
|
||||||
- vars/mcaptcha/db-common.yml
|
|
||||||
- vars/mcaptcha/mcaptcha.yml
|
|
||||||
roles:
|
roles:
|
||||||
- mcaptcha
|
- mcaptcha
|
||||||
tasks:
|
tasks:
|
||||||
|
|
|
@ -5,7 +5,6 @@
|
||||||
---
|
---
|
||||||
- name: Ping all servers
|
- name: Ping all servers
|
||||||
hosts: all
|
hosts: all
|
||||||
remote_user: atm
|
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Ensure all VMs are reachable
|
- name: Ensure all VMs are reachable
|
||||||
|
|
|
@ -39,8 +39,8 @@
|
||||||
name: docker
|
name: docker
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
- name: Add user atm to docker group
|
- name: Add user to docker group
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: atm # TODO: add admin user to docker group
|
name: "{{ ansible_user_id }}"
|
||||||
groups: docker,users,admin
|
groups: docker,users,admin
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
database_owner: "mcaptcha"
|
|
||||||
database_name: "mcaptcha"
|
|
||||||
database_password: "{{ lookup('ansible.builtin.password', 'credentials/database_password', chars=['ascii_leters', 'digits'], length=32) }}"
|
|
|
@ -1,8 +1,8 @@
|
||||||
---
|
---
|
||||||
# Set this to the user ansible is logging in as - should have root
|
# Set this to the user ansible is logging in as - should have root
|
||||||
# or sudo access
|
# or sudo access
|
||||||
mysql_user_home: /home/atm
|
mysql_user_home: "/home/{{ ansible_user_id }}"
|
||||||
mysql_user_name: atm
|
mysql_user_name: "{{ ansible_user_id }}"
|
||||||
|
|
||||||
# The default root user installed by mysql - almost always root
|
# The default root user installed by mysql - almost always root
|
||||||
mysql_root_home: /root
|
mysql_root_home: /root
|
||||||
|
|
|
@ -1,61 +0,0 @@
|
||||||
mcaptcha_debug: false
|
|
||||||
# mcaptcha_source_code: 'https://github.com/mCaptcha/mCaptcha'
|
|
||||||
mcaptcha_commercial: false
|
|
||||||
mcaptcha_allow_demo: false
|
|
||||||
mcaptcha_allow_registration: false
|
|
||||||
|
|
||||||
# Please set a unique value, your mCaptcha instance's security depends on this being
|
|
||||||
# unique
|
|
||||||
mcaptcha_server_cookie_secret: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_server_cookie_secret', chars=['ascii_leters', 'digits'], length=32) }}"
|
|
||||||
mcaptcha_server_port: 7000
|
|
||||||
mcaptcha_server_bind: "127.0.0.1"
|
|
||||||
mcaptcha_server_hostname: "mcaptcha.local"
|
|
||||||
# Set true if you have setup TLS with a reverse proxy like Nginx.
|
|
||||||
# Does HTTPS redirect and sends additional headers that can only be used if
|
|
||||||
# HTTPS available to improve security
|
|
||||||
#mcaptcha_proxy_has_tls: false
|
|
||||||
|
|
||||||
# Please set a unique value, your mCaptcha instance's security depends on this being
|
|
||||||
# unique
|
|
||||||
mcaptcha_captcha_salt: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_captha_salt', chars=['ascii_leters', 'digits'], length=32) }}"
|
|
||||||
# garbage collection period to manage mCaptcha system
|
|
||||||
# leave untouched if you don't know what you are doing
|
|
||||||
# mcaptcha_captcha_gc: 30
|
|
||||||
# mcaptcha_captcha_runners: 4
|
|
||||||
# mcaptcha_captcha_queue_length: 2000
|
|
||||||
mcaptcha_captcha_enable_stats: true
|
|
||||||
|
|
||||||
#mcaptcha_captcha_default_difficulty_strategy_avg_traffic_difficulty: 50000 # almost instant solution
|
|
||||||
#mcaptcha_captcha_default_difficulty_strategy_peak_sustainable_traffic_difficulty: 3000000 # roughly 1.5s
|
|
||||||
#mcaptcha_captcha_default_difficulty_strategy_broke_my_site_traffic_difficulty: 5000000 # greater than 3.5s
|
|
||||||
# cooldown period in seconds
|
|
||||||
mcaptcha_captcha_default_difficulty_strategy_avg_duration: 30
|
|
||||||
|
|
||||||
#{% if database_type == 'postgres' %}
|
|
||||||
# {% set mcaptcha_database_url = "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}" %}
|
|
||||||
#{% else %}
|
|
||||||
# {% set mcaptcha_database_url = "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}" %}
|
|
||||||
#{% endif %}
|
|
||||||
#mcaptcha_database_url: "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}"
|
|
||||||
#mcaptcha_database_url: "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}"
|
|
||||||
# mysql://mcaptcha:password@localhost/mcaptcha"
|
|
||||||
mcaptcha_database_pool: 4
|
|
||||||
#mcaptcha_database_url: "{{ mcaptcha_database_url }}"
|
|
||||||
|
|
||||||
mcaptcha_redis_url: "redis://127.0.0.1"
|
|
||||||
mcaptcha_redis_pool: 4
|
|
||||||
|
|
||||||
mcaptcha_redis_url: "redis://127.0.0.1"
|
|
||||||
mcaptcha_redis_pool: 4
|
|
||||||
|
|
||||||
|
|
||||||
mcaptcha_smtp_from: "admin@localhost"
|
|
||||||
mcaptcha_smtp_reply: "admin@localhost"
|
|
||||||
mcaptcha_smtp_url: "127.0.0.1"
|
|
||||||
mcaptcha_smtp_port: 10025
|
|
||||||
mcaptcha_smtp_username: "admin"
|
|
||||||
mcaptcha_smtp_password: "password"
|
|
||||||
#[survey]
|
|
||||||
#nodes = ["http://localhost:7001"]
|
|
||||||
#rate_limit = 10 # upload every hour
|
|
||||||
#instance_root_url = "http://localhost:7000"
|
|
|
@ -1,2 +1,70 @@
|
||||||
database_type: "postgres" # options: "mariadb", "postgres"
|
database_type: "postgres" # REQUIRED. options: "mariadb", "postgres"
|
||||||
cache_type: "redis" # options: "embedded", "redis"
|
cache_type: "redis" # REQUIRED. options: "embedded", "redis"
|
||||||
|
|
||||||
|
# database user
|
||||||
|
database_owner: "mcaptcha"
|
||||||
|
database_name: "mcaptcha"
|
||||||
|
# AUTO-GENERATED. database password
|
||||||
|
database_password: "{{ lookup('ansible.builtin.password', 'credentials/database_password', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||||
|
|
||||||
|
# Database connection pool
|
||||||
|
mcaptcha_database_pool: 4
|
||||||
|
|
||||||
|
# debug logging
|
||||||
|
mcaptcha_debug: false
|
||||||
|
# doens't do anything at the moment
|
||||||
|
mcaptcha_commercial: false
|
||||||
|
# create demo user and allow demo login
|
||||||
|
mcaptcha_allow_demo: false
|
||||||
|
# allow registration of new accounts. Required for the first user account.
|
||||||
|
# Please edit to set to "false" and re-rerun playbook if registration is
|
||||||
|
# undesirable.
|
||||||
|
mcaptcha_allow_registration: true
|
||||||
|
|
||||||
|
# AUTO-GENERATED. Randomly generated unique value for signing cookies.
|
||||||
|
mcaptcha_server_cookie_secret: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_server_cookie_secret', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||||
|
# REQUIRED. mcaptcha server port. Won't be exposed to internet, change if something else
|
||||||
|
# is listening on binding IP and port combination.
|
||||||
|
mcaptcha_server_port: 7000
|
||||||
|
# REQUIRED. bind to IP. If using reverse proxy (playbook installs and configures nginx), set to 127.0.0.1.
|
||||||
|
mcaptcha_server_bind: "127.0.0.1"
|
||||||
|
# REQUIRED. hostname of the mcaptcha installation. Incorrect hostname will cause login failures.
|
||||||
|
mcaptcha_server_hostname: "mcaptcha.local"
|
||||||
|
|
||||||
|
# AUTO-GENERATED. IGNORE if unfamiliar.
|
||||||
|
mcaptcha_captcha_salt: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_captha_salt', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||||
|
# IGNORE if unfamiliar. # garbage collection period to manage mCaptcha system
|
||||||
|
# mcaptcha_captcha_gc: 30
|
||||||
|
# IGNORE if unfamiliar. Number of threads used to validate Proof-of-Work (PoW)
|
||||||
|
# mcaptcha_captcha_runners: 4
|
||||||
|
# IGNORE if unfamiliar. Maximum pending jobs in queue for PoW validation
|
||||||
|
# mcaptcha_captcha_queue_length: 2000
|
||||||
|
# Store PoW compute time statistics
|
||||||
|
mcaptcha_captcha_enable_stats: true
|
||||||
|
|
||||||
|
# IGNORE if unfamiliar. Difficulty factor for average traffic. Used in "easy mode" CAPTCHA configuration generation.
|
||||||
|
#mcaptcha_captcha_default_difficulty_strategy_avg_traffic_difficulty: 50000 # almost instant solution
|
||||||
|
# IGNORE if unfamiliar. Difficulty factor for peak traffic levels. Used in "easy mode" CAPTCHA configuration generation.
|
||||||
|
#mcaptcha_captcha_default_difficulty_strategy_peak_sustainable_traffic_difficulty: 3000000 # roughly 1.5s
|
||||||
|
# IGNORE if unfamiliar. Difficulty factor for maximum traffic levels. Used in "easy mode" CAPTCHA configuration generation.
|
||||||
|
#mcaptcha_captcha_default_difficulty_strategy_broke_my_site_traffic_difficulty: 5000000 # greater than 3.5s
|
||||||
|
# IGNORE if unfamiliar. Default cooldown period in seconds for "easy mode".
|
||||||
|
mcaptcha_captcha_default_difficulty_strategy_avg_duration: 30
|
||||||
|
|
||||||
|
|
||||||
|
# Redis instance URL
|
||||||
|
mcaptcha_redis_url: "redis://127.0.0.1"
|
||||||
|
# Redis connection pool
|
||||||
|
mcaptcha_redis_pool: 4
|
||||||
|
|
||||||
|
# smtp configuration
|
||||||
|
mcaptcha_smtp_from: "admin@localhost"
|
||||||
|
mcaptcha_smtp_reply: "admin@localhost"
|
||||||
|
mcaptcha_smtp_url: "127.0.0.1"
|
||||||
|
mcaptcha_smtp_port: 10025
|
||||||
|
mcaptcha_smtp_username: "admin"
|
||||||
|
mcaptcha_smtp_password: "password"
|
||||||
|
#[survey]
|
||||||
|
#nodes = ["http://localhost:7001"]
|
||||||
|
#rate_limit = 10 # upload every hour
|
||||||
|
#instance_root_url = "http://localhost:7000"
|
||||||
|
|
Loading…
Reference in a new issue