diff --git a/README.md b/README.md index c1ad26b..da01c22 100644 --- a/README.md +++ b/README.md @@ -177,6 +177,8 @@ Then create the [user](https://docs.ansible.com/ansible/latest/collections/commu lc_ctype: "C" ``` +If postgres coplains about encoding, you can also add `template: template0` to the above dictionnary. + To create the user and the database you will need to `become` the postgres user on the server, you can achieve this by adding the `become: true` and `become_user: postgres` directives to your relevant tasks. Bonus point if you store the password in an encrypted fashion in your repository with either [ansible vault](https://docs.ansible.com/ansible/latest/vault_guide/vault_managing_passwords.html) or [sops](https://github.com/getsops/sops). @@ -191,7 +193,7 @@ You need to install nginx (or apache2, or traefik, whichever you are more comfor While you are at it you might as well create a DNS `A` fields to point at OpenWRT (which will forward it to nginx). To do this use Gandi and one of the domains you probably already have from other labs. -We need to use a certificate to secure HTTPS communication, the Matrix protocols require it. This can be done manually for the moment and automated later, as it is not super straightforward. I refer you to the [documentation on certbot + nginx](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04) I would recommend that you create a `matrix.` certificate, then back them up somewhere safe as Letsencrypt has pretty aggressive rate limiting with regard to certificate creations. +We need to use a certificate to secure HTTPS communication, the Matrix protocols require it. This can be done manually for the moment and automated later, as it is not super straightforward. I refer you to the [documentation on certbot + nginx](https://galaxy.ansible.com/ui/standalone/roles/geerlingguy/certbot/) I would recommend that you create a `matrix.` certificate, then back them up somewhere safe as Letsencrypt has pretty aggressive rate limiting with regard to certificate creations. ## Let's install Synapse