From 65a1919c97089a276baa029d6f0a8b533a5895ac Mon Sep 17 00:00:00 2001
From: "n.simonov" <n.simonov@scalablesolutions.io>
Date: Tue, 26 Aug 2025 19:17:06 +0500
Subject: [PATCH] first commit

---
 host_vars/matrix.homedungeon.xyz/vars.yml  | 70 ++++++++++++++++++++++
 host_vars/matrix.homedungeon.xyz/vault.yml | 16 +++++
 hosts                                      | 21 +++++++
 3 files changed, 107 insertions(+)
 create mode 100644 host_vars/matrix.homedungeon.xyz/vars.yml
 create mode 100644 host_vars/matrix.homedungeon.xyz/vault.yml
 create mode 100644 hosts

diff --git a/host_vars/matrix.homedungeon.xyz/vars.yml b/host_vars/matrix.homedungeon.xyz/vars.yml
new file mode 100644
index 0000000..562035c
--- /dev/null
+++ b/host_vars/matrix.homedungeon.xyz/vars.yml
@@ -0,0 +1,70 @@
+---
+# The bare domain name which represents your Matrix identity.
+# Matrix user IDs for your server will be of the form (`@alice:example.com`).
+#
+# Note: this playbook does not touch the server referenced here.
+# Installation happens on another server ("matrix.example.com", see `matrix_server_fqn_matrix`).
+#
+# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
+# because you can't change the Domain after deployment.
+matrix_domain: homedungeon.xyz
+
+# The Matrix homeserver software to install.
+# See:
+#  - `roles/custom/matrix-base/defaults/main.yml` for valid options
+#  - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice
+#
+# By default, we use Synapse, because it's the only full-featured Matrix server at the moment.
+#
+# Note that the homeserver implementation of a server will not be able to be changed without data loss.
+matrix_homeserver_implementation: synapse
+
+# A secret used as a base, for generating various other secrets.
+# You can put any string here, but generating a strong one is preferred. You can create one with a command like `pwgen -s 64 1`.
+matrix_homeserver_generic_secret_key: '{{ vault.matrix_homeserver_generic_secret_key }}'
+
+# By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server.
+# It will retrieve SSL certificates for you on-demand and forward requests to all other components.
+# For alternatives, see `docs/configuring-playbook-own-webserver.md`.
+matrix_playbook_reverse_proxy_type: playbook-managed-traefik
+
+# Controls whether container networks will be created with IPv6 support.
+#
+# If you also have IPv6 support on your server/network and AAAA DNS records pointing to the server,
+# enabling this will effectively give you full public IPv6 connectivity (powered by NAT66).
+#
+# We recommend leaving this enabled even if you don't currently have IPv6 connectivity on your server/network.
+# This way, once you eventually get IPv6 connectivity, you won't have to change anything (besides DNS records).
+#
+# Flipping this setting later on requires manual work (stopping services, deleting and recreating all container networks).
+#
+# In the future, this setting will likely default to `true`, so if you really want IPv6 disabled, explicitly set this to `false`.
+#
+# People managing Docker themselves and running an older Docker version will need additional configuration.
+#
+# Learn more in `docs/configuring-ipv6.md`.
+devture_systemd_docker_base_ipv6_enabled: true
+
+# A Postgres password to use for the superuser Postgres user (called `matrix` by default).
+#
+# The playbook creates additional Postgres users and databases (one for each enabled service) using this superuser account.
+#
+# Changing this value subsequently requires manual work.
+# The value used here must be shorter than 100 characters.
+postgres_connection_password: '{{ vault.postgres_connection_password }}'
+
+# By default, we configure coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file.
+# If this value is an external IP address, you can skip this section.
+#
+# If `ansible_host` is not the server's external IP address, you have 2 choices:
+# 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below)
+# 2. Uncomment and adjust the line below to specify an IP address manually
+#
+# By default, auto-detection will be attempted using the `https://ifconfig.co/json` API.
+# Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the coturn role
+# (see `roles/custom/matrix-coturn/defaults/main.yml`).
+#
+# If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses.
+# Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
+#
+# matrix_coturn_turn_external_ip_address: ''
diff --git a/host_vars/matrix.homedungeon.xyz/vault.yml b/host_vars/matrix.homedungeon.xyz/vault.yml
new file mode 100644
index 0000000..f962652
--- /dev/null
+++ b/host_vars/matrix.homedungeon.xyz/vault.yml
@@ -0,0 +1,16 @@
+$ANSIBLE_VAULT;1.1;AES256
+39653135653738653531666266643263623165313335623338663238663732363965646430356632
+3465633266363065336565633733616365613535633936340a303431383366623839626236653236
+36643063316438383862623430633533353538393234363666373932333461326132306435666562
+3934393538383634370a336663306263303431373035333164626133366434383365616636353261
+34383463623766386565636436353161643464306366383366653961623563323264396434643138
+64646136346161343735616536343632333033663533663435326530396630653465653564363030
+38386634386465656632666530353164333331376235376561633564393036653535343834363137
+32333537343166346335303339626636663966373962393262323936373331633164333430336438
+39616436353534313339343235643539633833303663653533326461343337626234383861313535
+65643938323863383030313165353165333730373135613530323837356162356366643265636462
+32333839623631303036643836623666666432353961333764326365383266626432333465383864
+62383633616631343438356337643333386537323033373133636135343532386561666238303563
+36313665356161653765363939653635316235393930333062326331303530616565323937303663
+32626163613761643533373739373233383466613833623931326434663535336661663265363235
+636133643138663130623132363566656230
diff --git a/hosts b/hosts
new file mode 100644
index 0000000..9b1c49e
--- /dev/null
+++ b/hosts
@@ -0,0 +1,21 @@
+# We explicitly ask for your server's external IP address, because the same value is used for configuring coturn.
+# If you'd rather use a local IP here, make sure to set up `matrix_coturn_turn_external_ip_address`.
+#
+# To connect using a non-root user (and elevate to root with sudo later),
+# replace `ansible_ssh_user=root` with something like this: `ansible_ssh_user=username ansible_become=true ansible_become_user=root`.
+# If sudo requires a password, either add `ansible_become_password=PASSWORD_HERE` to the host line
+# or tell Ansible to ask you for the password interactively by adding a `--ask-become-pass` (`-K`) flag to all `ansible-playbook` (or `just`) commands.
+#
+# For improved Ansible performance, SSH pipelining is enabled by default in `ansible.cfg`.
+# If this causes SSH connection troubles, disable it by adding `ansible_ssh_pipelining=False`
+# to the host line below or by adding `ansible_ssh_pipelining: False` to your variables file.
+#
+# If you're running this Ansible playbook on the same server as the one you're installing to,
+# consider adding an additional `ansible_connection=local` argument to the host line below.
+#
+# Ansible may fail to discover which Python interpreter to use on the host for some distros (like Ubuntu 20.04).
+# You may sometimes need to explicitly add the argument `ansible_python_interpreter=/usr/bin/python3`
+# to the host line below.
+
+[matrix_servers]
+matrix.homedungeon.xyz ansible_host=31.59.41.105 ansible_ssh_user=reaper