diff options
Diffstat (limited to 'chaos-at-home')
-rw-r--r-- | chaos-at-home/ch-equinox-ws.yml | 23 | ||||
-rw-r--r-- | chaos-at-home/ch-http-proxy.yml | 41 |
2 files changed, 47 insertions, 17 deletions
diff --git a/chaos-at-home/ch-equinox-ws.yml b/chaos-at-home/ch-equinox-ws.yml index f5cbd4cf..3cabbaeb 100644 --- a/chaos-at-home/ch-equinox-ws.yml +++ b/chaos-at-home/ch-equinox-ws.yml @@ -34,3 +34,26 @@ fstype: nfs4 opts: nodev,x-systemd.automount,nofail state: mounted + + - name: create pulse daemon config directory + file: + path: /etc/pulse/daemon.conf.d + state: directory + + - name: force pulseaudio sample rates to 48kHz (workadournd for Motu M4) + copy: + content: | + resample-method = speex-float-10 + avoid-resampling = false + + default-sample-format = float32le + default-sample-rate = 48000 + alternate-sample-rate = 48000 + dest: /etc/pulse/daemon.conf.d/motu-m4.conf + + - name: disable USB Powermanagement for Motu M4 + copy: + content: | + ## workaround for spurious audio issues with Motu M4 + ATTRS{idVendor}=="07fd", ATTRS{idProduct}=="0008", ATTR{power/control}="on", ATTR{power/persist}="0" + dest: /etc/udev/rules.d/90-motu-m4-power.rules diff --git a/chaos-at-home/ch-http-proxy.yml b/chaos-at-home/ch-http-proxy.yml index 9b731bfb..507e8906 100644 --- a/chaos-at-home/ch-http-proxy.yml +++ b/chaos-at-home/ch-http-proxy.yml @@ -111,10 +111,12 @@ acme: yes hostnames: - passwd.chaos-at-home.org - proxy_pass: "https://{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-auth-legacy']) | ipaddr('address') }}/" - proxy_ssl: - verify: "on" - trusted_certificate: /etc/ssl/whawty-auth-ca/ca.pem + locations: + '/': + proxy_pass: "https://{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-auth-legacy']) | ipaddr('address') }}/" + proxy_ssl: + verify: "on" + trusted_certificate: /etc/ssl/whawty-auth-ca/ca.pem acmetool_cert_config: request: challenge: @@ -176,13 +178,16 @@ acme: yes hostnames: - webmail.chaos-at-home.org - client_max_body_size: "200M" - proxy_pass: "https://{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus-legacy']) | ipaddr('address') }}/" - proxy_ssl: - verify: "on" - trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem - protocols: TLSv1 - ciphers: "DEFAULT@SECLEVEL=1" + locations: + '/': + proxy_pass: "https://{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus-legacy']) | ipaddr('address') }}/" + proxy_ssl: + verify: "on" + trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem + protocols: TLSv1 + ciphers: "DEFAULT@SECLEVEL=1" + extra_directives: |- + client_max_body_size 200M; acmetool_cert_config: request: challenge: @@ -198,12 +203,14 @@ acme: yes hostnames: - webdav.chaos-at-home.org - proxy_pass: "https://{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus-legacy']) | ipaddr('address') }}/" - proxy_ssl: - verify: "on" - trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem - protocols: TLSv1 - ciphers: "DEFAULT@SECLEVEL=1" + locations: + '/': + proxy_pass: "https://{{ network_zones.lan.prefix | ipaddr(network_zones.lan.offsets['ch-prometheus-legacy']) | ipaddr('address') }}/" + proxy_ssl: + verify: "on" + trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem + protocols: TLSv1 + ciphers: "DEFAULT@SECLEVEL=1" acmetool_cert_config: request: challenge: |