wip-mcaptcha-mcaptcha #4
10 changed files with 74 additions and 79 deletions
|
@ -5,7 +5,6 @@
|
|||
---
|
||||
- name: Install and enable firewall
|
||||
hosts: all
|
||||
remote_user: atm
|
||||
pre_tasks:
|
||||
- name: Ensure all VMs are reachable
|
||||
ansible.builtin.ping:
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
|
||||
- name: Install redis cache
|
||||
hosts: mcaptcha_hosts
|
||||
remote_user: atm
|
||||
pre_tasks:
|
||||
- name: Ensure all VMs are reachable
|
||||
ansible.builtin.ping:
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
|
||||
- name: Configure Locust instances
|
||||
hosts: [mcaptcha_dos]
|
||||
remote_user: atm
|
||||
pre_tasks:
|
||||
- name: Ensure all VMs are reachable
|
||||
ansible.builtin.ping:
|
||||
|
|
|
@ -10,7 +10,6 @@
|
|||
become: yes
|
||||
vars_files:
|
||||
- vars/mcaptcha/vars.yml
|
||||
- vars/mcaptcha/db-common.yml
|
||||
- vars/mcaptcha/postgresql.yml
|
||||
tasks:
|
||||
- ansible.builtin.include_role:
|
||||
|
@ -23,7 +22,6 @@
|
|||
become: yes
|
||||
vars_files:
|
||||
- vars/mcaptcha/vars.yml
|
||||
- vars/mcaptcha/db-common.yml
|
||||
- vars/mcaptcha/mariadb.yml.yml
|
||||
tasks:
|
||||
- ansible.builtin.include_role:
|
||||
|
@ -44,11 +42,8 @@
|
|||
|
||||
- name: Install mCaptcha binary
|
||||
hosts: mcaptcha_hosts
|
||||
remote_user: atm
|
||||
vars_files:
|
||||
- vars/mcaptcha/vars.yml
|
||||
- vars/mcaptcha/db-common.yml
|
||||
- vars/mcaptcha/mcaptcha.yml
|
||||
roles:
|
||||
- mcaptcha
|
||||
tasks:
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
---
|
||||
- name: Ping all servers
|
||||
hosts: all
|
||||
remote_user: atm
|
||||
|
||||
tasks:
|
||||
- name: Ensure all VMs are reachable
|
||||
|
|
|
@ -39,8 +39,8 @@
|
|||
name: docker
|
||||
state: present
|
||||
|
||||
- name: Add user atm to docker group
|
||||
- name: Add user to docker group
|
||||
become: true
|
||||
ansible.builtin.user:
|
||||
name: atm # TODO: add admin user to docker group
|
||||
name: "{{ ansible_user_id }}"
|
||||
groups: docker,users,admin
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
database_owner: "mcaptcha"
|
||||
database_name: "mcaptcha"
|
||||
database_password: "{{ lookup('ansible.builtin.password', 'credentials/database_password', chars=['ascii_leters', 'digits'], length=32) }}"
|
|
@ -1,8 +1,8 @@
|
|||
---
|
||||
# Set this to the user ansible is logging in as - should have root
|
||||
# or sudo access
|
||||
mysql_user_home: /home/atm
|
||||
mysql_user_name: atm
|
||||
mysql_user_home: "/home/{{ ansible_user_id }}"
|
||||
mysql_user_name: "{{ ansible_user_id }}"
|
||||
|
||||
# The default root user installed by mysql - almost always root
|
||||
mysql_root_home: /root
|
||||
|
|
|
@ -1,61 +0,0 @@
|
|||
mcaptcha_debug: false
|
||||
# mcaptcha_source_code: 'https://github.com/mCaptcha/mCaptcha'
|
||||
mcaptcha_commercial: false
|
||||
mcaptcha_allow_demo: false
|
||||
mcaptcha_allow_registration: false
|
||||
|
||||
# Please set a unique value, your mCaptcha instance's security depends on this being
|
||||
# unique
|
||||
mcaptcha_server_cookie_secret: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_server_cookie_secret', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||
mcaptcha_server_port: 7000
|
||||
mcaptcha_server_bind: "127.0.0.1"
|
||||
mcaptcha_server_hostname: "mcaptcha.local"
|
||||
# Set true if you have setup TLS with a reverse proxy like Nginx.
|
||||
# Does HTTPS redirect and sends additional headers that can only be used if
|
||||
# HTTPS available to improve security
|
||||
#mcaptcha_proxy_has_tls: false
|
||||
|
||||
# Please set a unique value, your mCaptcha instance's security depends on this being
|
||||
# unique
|
||||
mcaptcha_captcha_salt: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_captha_salt', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||
# garbage collection period to manage mCaptcha system
|
||||
# leave untouched if you don't know what you are doing
|
||||
# mcaptcha_captcha_gc: 30
|
||||
# mcaptcha_captcha_runners: 4
|
||||
# mcaptcha_captcha_queue_length: 2000
|
||||
mcaptcha_captcha_enable_stats: true
|
||||
|
||||
#mcaptcha_captcha_default_difficulty_strategy_avg_traffic_difficulty: 50000 # almost instant solution
|
||||
#mcaptcha_captcha_default_difficulty_strategy_peak_sustainable_traffic_difficulty: 3000000 # roughly 1.5s
|
||||
#mcaptcha_captcha_default_difficulty_strategy_broke_my_site_traffic_difficulty: 5000000 # greater than 3.5s
|
||||
# cooldown period in seconds
|
||||
mcaptcha_captcha_default_difficulty_strategy_avg_duration: 30
|
||||
|
||||
#{% if database_type == 'postgres' %}
|
||||
# {% set mcaptcha_database_url = "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}" %}
|
||||
#{% else %}
|
||||
# {% set mcaptcha_database_url = "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}" %}
|
||||
#{% endif %}
|
||||
#mcaptcha_database_url: "mysql://{{ database_owner }}:{{ database_password }}@localhost/{{ database_name }}"
|
||||
#mcaptcha_database_url: "postgres://{{ database_owner }}:{{ database_password }}@localhost:5432/{{ database_name }}"
|
||||
# mysql://mcaptcha:password@localhost/mcaptcha"
|
||||
mcaptcha_database_pool: 4
|
||||
#mcaptcha_database_url: "{{ mcaptcha_database_url }}"
|
||||
|
||||
mcaptcha_redis_url: "redis://127.0.0.1"
|
||||
mcaptcha_redis_pool: 4
|
||||
|
||||
mcaptcha_redis_url: "redis://127.0.0.1"
|
||||
mcaptcha_redis_pool: 4
|
||||
|
||||
|
||||
mcaptcha_smtp_from: "admin@localhost"
|
||||
mcaptcha_smtp_reply: "admin@localhost"
|
||||
mcaptcha_smtp_url: "127.0.0.1"
|
||||
mcaptcha_smtp_port: 10025
|
||||
mcaptcha_smtp_username: "admin"
|
||||
mcaptcha_smtp_password: "password"
|
||||
#[survey]
|
||||
#nodes = ["http://localhost:7001"]
|
||||
#rate_limit = 10 # upload every hour
|
||||
#instance_root_url = "http://localhost:7000"
|
|
@ -1,2 +1,70 @@
|
|||
database_type: "postgres" # options: "mariadb", "postgres"
|
||||
cache_type: "redis" # options: "embedded", "redis"
|
||||
database_type: "postgres" # REQUIRED. options: "mariadb", "postgres"
|
||||
cache_type: "redis" # REQUIRED. options: "embedded", "redis"
|
||||
|
||||
# database user
|
||||
database_owner: "mcaptcha"
|
||||
database_name: "mcaptcha"
|
||||
# AUTO-GENERATED. database password
|
||||
database_password: "{{ lookup('ansible.builtin.password', 'credentials/database_password', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||
|
||||
# Database connection pool
|
||||
mcaptcha_database_pool: 4
|
||||
|
||||
# debug logging
|
||||
mcaptcha_debug: false
|
||||
# doens't do anything at the moment
|
||||
mcaptcha_commercial: false
|
||||
# create demo user and allow demo login
|
||||
mcaptcha_allow_demo: false
|
||||
# allow registration of new accounts. Required for the first user account.
|
||||
# Please edit to set to "false" and re-rerun playbook if registration is
|
||||
# undesirable.
|
||||
mcaptcha_allow_registration: true
|
||||
|
||||
# AUTO-GENERATED. Randomly generated unique value for signing cookies.
|
||||
mcaptcha_server_cookie_secret: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_server_cookie_secret', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||
# REQUIRED. mcaptcha server port. Won't be exposed to internet, change if something else
|
||||
# is listening on binding IP and port combination.
|
||||
mcaptcha_server_port: 7000
|
||||
# REQUIRED. bind to IP. If using reverse proxy (playbook installs and configures nginx), set to 127.0.0.1.
|
||||
mcaptcha_server_bind: "127.0.0.1"
|
||||
# REQUIRED. hostname of the mcaptcha installation. Incorrect hostname will cause login failures.
|
||||
mcaptcha_server_hostname: "mcaptcha.local"
|
||||
|
||||
# AUTO-GENERATED. IGNORE if unfamiliar.
|
||||
mcaptcha_captcha_salt: "{{ lookup('ansible.builtin.password', 'credentials/mcaptcha_captha_salt', chars=['ascii_leters', 'digits'], length=32) }}"
|
||||
# IGNORE if unfamiliar. # garbage collection period to manage mCaptcha system
|
||||
# mcaptcha_captcha_gc: 30
|
||||
# IGNORE if unfamiliar. Number of threads used to validate Proof-of-Work (PoW)
|
||||
# mcaptcha_captcha_runners: 4
|
||||
# IGNORE if unfamiliar. Maximum pending jobs in queue for PoW validation
|
||||
# mcaptcha_captcha_queue_length: 2000
|
||||
# Store PoW compute time statistics
|
||||
mcaptcha_captcha_enable_stats: true
|
||||
|
||||
# IGNORE if unfamiliar. Difficulty factor for average traffic. Used in "easy mode" CAPTCHA configuration generation.
|
||||
#mcaptcha_captcha_default_difficulty_strategy_avg_traffic_difficulty: 50000 # almost instant solution
|
||||
# IGNORE if unfamiliar. Difficulty factor for peak traffic levels. Used in "easy mode" CAPTCHA configuration generation.
|
||||
#mcaptcha_captcha_default_difficulty_strategy_peak_sustainable_traffic_difficulty: 3000000 # roughly 1.5s
|
||||
# IGNORE if unfamiliar. Difficulty factor for maximum traffic levels. Used in "easy mode" CAPTCHA configuration generation.
|
||||
#mcaptcha_captcha_default_difficulty_strategy_broke_my_site_traffic_difficulty: 5000000 # greater than 3.5s
|
||||
# IGNORE if unfamiliar. Default cooldown period in seconds for "easy mode".
|
||||
mcaptcha_captcha_default_difficulty_strategy_avg_duration: 30
|
||||
|
||||
|
||||
# Redis instance URL
|
||||
mcaptcha_redis_url: "redis://127.0.0.1"
|
||||
# Redis connection pool
|
||||
mcaptcha_redis_pool: 4
|
||||
|
||||
# smtp configuration
|
||||
mcaptcha_smtp_from: "admin@localhost"
|
||||
mcaptcha_smtp_reply: "admin@localhost"
|
||||
mcaptcha_smtp_url: "127.0.0.1"
|
||||
mcaptcha_smtp_port: 10025
|
||||
mcaptcha_smtp_username: "admin"
|
||||
mcaptcha_smtp_password: "password"
|
||||
#[survey]
|
||||
#nodes = ["http://localhost:7001"]
|
||||
#rate_limit = 10 # upload every hour
|
||||
#instance_root_url = "http://localhost:7000"
|
||||
|
|
Loading…
Reference in a new issue