pythonnz
diff --git a/‎.gitignore
+2 b/‎.gitignore
+2
diff --git a/‎README.md
+3 b/‎README.md
+3
diff --git a/‎infrastructure/main.tf
+143 b/‎infrastructure/main.tf
+143
diff --git a/‎infrastructure/terraform.tfvars
+19 b/‎infrastructure/terraform.tfvars
+19
diff --git a/‎infrastructure/variables.tf
+56 b/‎infrastructure/variables.tf
+56
diff --git a/‎openrc.sh
+20 b/‎openrc.sh
+20
diff --git a/‎provisioning/ansible.cfg
+3 b/‎provisioning/ansible.cfg
+3
diff --git a/‎provisioning/files/favicon.ico
1.12 KB b/‎provisioning/files/favicon.ico
1.12 KB
diff --git a/‎provisioning/files/img/logo-small.png
8.11 KB b/‎provisioning/files/img/logo-small.png
8.11 KB
diff --git a/‎provisioning/files/img/logo.png
8.11 KB b/‎provisioning/files/img/logo.png
8.11 KB
diff --git a/‎provisioning/host_vars/chat.python.nz
+13 b/‎provisioning/host_vars/chat.python.nz
+13
diff --git a/‎provisioning/hosts
+1 b/‎provisioning/hosts
+1
@@ -0,0 +1,2 @@
+.terraform
+*.retry
@@ -0,0 +1,3 @@
+# Chat
+
+Synapse server for https://chat.python.nz.
@@ -0,0 +1,143 @@
+terraform {
+  backend "swift" {
+    region_name = "nz-hlz-1"
+
+    container = "terraform-state/chat/"
+  }
+}
+
+provider "openstack" {
+  region = "nz-hlz-1"
+}
+
+#--------------------------------------------------------------
+# Networking
+#--------------------------------------------------------------
+resource "openstack_networking_router_v2" "router" {
+  name                = "${var.router_name}"
+  external_network_id = "${var.external_network_id}"
+}
+
+resource "openstack_networking_network_v2" "private_net" {
+  name           = "${var.network_name}"
+  admin_state_up = "${var.admin_state_up}"
+}
+
+resource "openstack_networking_subnet_v2" "subnet" {
+  name       = "${var.subnet_name}"
+  network_id = "${openstack_networking_network_v2.private_net.id}"
+
+  allocation_pools {
+    start = "${var.pool_start}"
+    end   = "${var.pool_end}"
+  }
+
+  enable_dhcp = "${var.enable_dchp}"
+  cidr        = "${var.cidr}"
+  ip_version  = "${var.ip_version}"
+}
+
+resource "openstack_networking_router_interface_v2" "router_interface" {
+  router_id = "${openstack_networking_router_v2.router.id}"
+  subnet_id = "${openstack_networking_subnet_v2.subnet.id}"
+}
+
+#--------------------------------------------------------------
+# Security Groups
+#--------------------------------------------------------------
+resource "openstack_networking_secgroup_v2" "base" {
+  name        = "base"
+  description = "Allow port 22 ingress and egress to internet"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = "${openstack_networking_secgroup_v2.base.id}"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "egress" {
+  direction         = "egress"
+  ethertype         = "IPv4"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = "${openstack_networking_secgroup_v2.base.id}"
+}
+
+# Synapes Homeserver Security Group
+resource "openstack_networking_secgroup_v2" "synapse_homeserver" {
+  name        = "synapse-homeserver"
+  description = "Allow ports for synapse homeserver"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "http" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 80
+  port_range_max    = 80
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = "${openstack_networking_secgroup_v2.synapse_homeserver.id}"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "https" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 443
+  port_range_max    = 443
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = "${openstack_networking_secgroup_v2.synapse_homeserver.id}"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "synapse_federation" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 8448
+  port_range_max    = 8448
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = "${openstack_networking_secgroup_v2.synapse_homeserver.id}"
+}
+
+resource "openstack_compute_keypair_v2" "erp_deploy" {
+  name = "${var.public_key_name}"
+  public_key = "${var.public_key_value}"
+}
+
+#--------------------------------------------------------------
+# Instances
+#--------------------------------------------------------------
+resource "openstack_compute_instance_v2" "synapse_homeserver" {
+  name            = "${var.name}"
+  image_name      = "${var.image}"
+  flavor_name     = "${var.flavor}"
+  key_pair        = "${openstack_compute_keypair_v2.erp_deploy.name}"
+  security_groups = [
+    "${openstack_networking_secgroup_v2.base.name}",
+    "${openstack_networking_secgroup_v2.synapse_homeserver.name}"
+  ]
+}
+
+resource "openstack_networking_floatingip_v2" "floating_ip" {
+  pool = "public-net"
+}
+
+resource "openstack_compute_floatingip_associate_v2" "floating_ip" {
+  floating_ip = "${openstack_networking_floatingip_v2.floating_ip.address}"
+  instance_id = "${openstack_compute_instance_v2.synapse_homeserver.id}"
+}
+
+resource "openstack_blockstorage_volume_v2" "synapse_homeserver" {
+  name = "synapse-homeserver-volume"
+  size = "${var.volume_size}"
+}
+
+resource "openstack_compute_volume_attach_v2" "synapse_homeserver" {
+  instance_id = "${openstack_compute_instance_v2.synapse_homeserver.id}"
+  volume_id   = "${openstack_blockstorage_volume_v2.synapse_homeserver.id}"
+  device      = "${var.volume_device}"
+}
@@ -0,0 +1,19 @@
+#--------------------------------------------------------------
+# Network
+#--------------------------------------------------------------
+external_network_id = "f10ad6de-a26d-4c29-8c64-2a7418d47f8f"
+
+#--------------------------------------------------------------
+# Instances
+#--------------------------------------------------------------
+name = "synapse-homeserver"
+image = "ubuntu-18.04-x86_64"
+flavor = "c1.c1r4"
+public_key_name = "chris"
+public_key_value = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwcdE5l07+no9EccvG4ZDoi9EM3+3DY0QQgGsETMamogHsthiQOJBsDPHrWR57KI8QJxn4d+kaBRpFqexn4XziFUGrJEVgRyAXY3Qt7fwSHFDdU6o+aoRTZfH8eiPpBe4UYF6JE9KXsMOQHuIza4HLHJ/agxuB17Kteq6BBCT08yzgYYkJvjJQ72TbR+i5HyB72OMctAQeolLcIA2AW4iTYfmcHLopT4mrtzyFKD99zsjPFZP1UPfYrJzIivu8F7i5JjApO6hy11KbdKJeb3jYLWjCSp6/+OLo75nwcwe6f4R2pk1L7QT/z5ZvidzEBfljKoU7ouBbwTs2jnGlafB7BdZBkVHzBkInfHN6paWZRhzEL5txEllAd2uZqzQ/3zlsfMQLfKfKP5ODK7JPBHRxaIW41gNuR/BYHDbWuutSLae9niM8cVB/JwfMyqZjzXrvcBBoDqUanJ2TsPo6l3DQwvKcXQ9n48WGMnEA2mLfc0e29PPJZkXh0bZmJVeA+40aVXzLEIMkW7dHQuCNEV49qntGfFz6gazQyfzxOpV1nx5cfzZ9r5lku09R7QIQDJ1MhVUym6tOkYW1QveoIlZBQccEnh6gyo7rF4qgOLQXhoAp889CR55Nudvd/TpaGwiQ2N8Cng85fJCVenPH6t0tRt3uYq0JPzUf8bLmZPcBKQ== chrisherrmann@chrisherrmann-pc"
+
+#--------------------------------------------------------------
+# Volume
+#--------------------------------------------------------------
+volume_size = 100
+volume_device = "/dev/vdb"
@@ -0,0 +1,56 @@
+#--------------------------------------------------------------
+# Network
+#--------------------------------------------------------------
+variable "external_network_id" {}
+
+variable "router_name" {
+  default = "border-router"
+}
+
+variable "network_name" {
+  default = "private-net"
+}
+
+variable "admin_state_up" {
+  default = "true"
+}
+
+variable "subnet_name" {
+  default = "private-subnet"
+}
+
+variable "pool_start" {
+  default = "10.0.0.10"
+}
+
+variable "pool_end" {
+  default = "10.0.0.200"
+}
+
+variable "enable_dchp" {
+  default = "true"
+}
+
+variable "cidr" {
+  default = "10.0.0.0/24"
+}
+
+variable "ip_version" {
+  default = "4"
+}
+
+variable "public_key_name" {}
+variable "public_key_value" {}
+
+#--------------------------------------------------------------
+# Instances
+#--------------------------------------------------------------
+variable "name" {}
+variable "image" {}
+variable "flavor" {}
+
+#--------------------------------------------------------------
+# Volume
+#--------------------------------------------------------------
+variable "volume_size" {}
+variable "volume_device" {}
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+export OS_AUTH_URL=https://api.cloud.catalyst.net.nz:5000/v2.0
+export OS_TENANT_ID=b25589432c544c0e8ae266b9871532e8
+export OS_TENANT_NAME="new-zealand-python-user-group-incorporated"
+
+echo "Please enter your OpenStack Username for project $OS_TENANT_NAME: "
+read -r OS_USERNAME_INPUT
+export OS_USERNAME=${OS_USERNAME_INPUT}
+
+echo "Please enter your OpenStack Password for project $OS_TENANT_NAME: "
+read -sr OS_PASSWORD_INPUT
+export OS_PASSWORD=${OS_PASSWORD_INPUT}
+
+export OS_REGION_NAME="nz-hlz-1"
+
+if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
+
+export OS_ENDPOINT_TYPE=publicURL
+export OS_IDENTITY_API_VERSION=2
@@ -0,0 +1,3 @@
+[defaults]
+inventory = hosts
+host_key_checking = False
@@ -0,0 +1,13 @@
+remote_user: ubuntu
+home: /home/ubuntu
+
+synapse_path: "{{ home }}/synapse"
+synapse_config_path: "{{ synapse_path }}/homeserver.yaml"
+logo_path: /data/_matrix/client/img
+
+images:
+  - favicon.ico
+  - img/logo.png
+  - img/logo-small.png
+
+volume_device: /dev/vdb  # As per the value in Terraform
@@ -0,0 +1 @@
+chat.python.nz
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# Chat`
	`2`	`+`
	`3`	`+Synapse server for https://chat.python.nz.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+[defaults]`
	`2`	`+inventory = hosts`
	`3`	`+host_key_checking = False`