2023-07-13 18:09:04 +00:00
hostname = "193.135.9.29"
groups = [
"debian-bookworm" ,
2023-07-15 05:01:00 +00:00
"webserver" ,
2023-07-13 18:09:04 +00:00
]
bundles = [
2023-09-01 03:55:27 +00:00
"check-mail-received" ,
"dovecot" ,
2023-07-23 13:48:07 +00:00
"element-web" ,
2023-08-02 14:38:32 +00:00
"forgejo" ,
2023-07-15 05:01:00 +00:00
"matrix-media-repo" ,
2023-09-02 11:35:04 +00:00
"matrix-stickerpicker" ,
2023-07-15 05:01:00 +00:00
"matrix-synapse" ,
"mautrix-telegram" ,
"mautrix-whatsapp" ,
2023-08-27 07:17:55 +00:00
"miniflux" ,
2023-08-02 06:07:36 +00:00
"netbox" ,
2023-09-02 19:14:38 +00:00
"nextcloud" ,
2023-07-23 13:48:07 +00:00
"nodejs" ,
2023-08-27 07:38:06 +00:00
"ntfy" ,
2023-09-24 08:40:47 +00:00
"oidentd" ,
2023-09-01 03:55:27 +00:00
"php" ,
"postfixadmin" ,
"postgresql" ,
2023-07-15 05:01:00 +00:00
"redis" ,
2023-09-01 03:55:27 +00:00
"rspamd" ,
2023-07-13 19:31:44 +00:00
"smartd" ,
2023-08-01 19:22:28 +00:00
"travelynx" ,
2023-08-25 10:51:19 +00:00
"weechat" ,
2023-07-13 18:09:04 +00:00
"zfs" ,
]
2023-09-09 18:39:23 +00:00
# for auto-deployment of salonkatrin.de
[ metadata . apt . packages . jekyll ]
2023-07-13 18:28:33 +00:00
[ metadata . check-mail-received . t-online ]
email = "franzi.kunsmann@t-online.de"
imap_host = "secureimap.t-online.de"
imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
2023-07-23 13:48:07 +00:00
[ metadata . element-web ]
url = "chat.franzi.business"
2023-10-10 14:29:50 +00:00
version = "v1.11.46"
2023-07-23 13:48:07 +00:00
[ metadata . element-web . config ]
default_server_config . 'm.homeserver' . base_url = "https://matrix.franzi.business"
default_server_config . 'm.homeserver' . server_name = "franzi.business"
brand = "franzi.business"
defaultCountryCode = "DE"
jitsi . preferredDomain = "meet.ffmuc.net"
2023-08-02 14:38:32 +00:00
[ metadata . forgejo ]
2023-10-09 05:35:22 +00:00
version = "1.20.5-1"
2023-09-23 08:13:56 +00:00
sha1 = "9650694ec7969643ebb4dbdf2f27462af57284e6"
2023-08-02 14:38:32 +00:00
domain = "git.franzi.business"
enable_git_hooks = true
install_ssh_key = true
internal_token = "!decrypt:encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=="
lfs_secret_key = "!decrypt:encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr"
oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz"
security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4="
2023-07-23 11:58:02 +00:00
[ metadata . interfaces . eno2 ]
2023-07-13 18:09:04 +00:00
ips = [
"193.135.9.29/24" ,
2023-07-15 05:01:00 +00:00
"2a0a:51c0:0:225::2/64" ,
2023-07-13 18:09:04 +00:00
]
gateway4 = "193.135.9.1"
2023-07-15 05:01:00 +00:00
gateway6 = "2a0a:51c0:0:225::1"
[ metadata . matrix-media-repo ]
admins = [ "@kunsi:franzi.business" ]
2023-09-09 18:39:23 +00:00
datastore_id = "3fff5da324ed784c771d638bb6be5917"
2023-09-16 11:07:50 +00:00
sha1 = "7a9976b09f6835171c610624f51b3cbf429bc0cf"
2023-07-15 05:01:00 +00:00
upload_max_mb = 500
2023-09-16 11:07:50 +00:00
version = "v1.3.2"
2023-07-15 05:01:00 +00:00
[ metadata . matrix-media-repo . homeservers . 'franzi.business' ]
api = "synapse"
domain = "http://[::1]:20080/"
2023-09-02 11:35:04 +00:00
[ metadata . matrix-stickerpicker ]
# use this bot token: encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q
domain = "matrix-stickers.franzi.business"
[ metadata . matrix-stickerpicker . config ]
access_token = "!decrypt:encrypt$gAAAAABg-wBmGbAy-Ou1mkG2w5UyoqWmWYzDr4ZavyUQdmG_VtrUSmwHjx-qcBGIz_7NniD3zKm9GGvzRZItDu5zYiojcudYr74TkWJKhdDrgFbcWlfJJ_m3bWzrSORaTYzBGRckp2Vz_8xHgDk1W03vpT6mdIPMDzjuINssIcPs0YDth25W942tMfPA2csvLADY50qVRMJpdBOVIWba55o0g6-mAAQLOz6Ld4cCvYqZsqXsxjT8JUytJv_uSG4zgCS_aX20JlAyJWpJgT8FQF5HzIbsko_-Z9-TwtY7yllJp5Ri3n0WaDaWoMmUfhLvkMJeymmOc32A4WJBAePQ_2F-_oUDE7t97A-m3ZiMVAEefDnH5MkoiQEJTfHrJsXRkdBT_BnJlY1CoAuXpRYDdvbVDwN_qZHHHtqsno437l9S6GgDK_-sKBiojYkYsfHcJCdSEqeFGuxT"
homeserver = "https://matrix.franzi.business"
user_id = "@dimension:franzi.business"
2023-07-15 05:01:00 +00:00
[ metadata . matrix-synapse ]
admin_contact = "mailto:hostmaster@kunbox.net"
baseurl = "matrix.franzi.business"
server_name = "franzi.business"
trusted_key_servers = [ "matrix.org" , "finallycoffee.eu" ]
additional_client_config . 'im.vector.riot.jitsi' . preferredDomain = "meet.ffmuc.net"
2023-09-03 16:25:48 +00:00
wellknown_also_on_vhosts = [ "franzi.business" ]
2023-07-15 05:01:00 +00:00
[ metadata . mautrix-telegram ]
2023-09-20 12:43:02 +00:00
version = "v0.14.2"
2023-07-15 05:01:00 +00:00
homeserver . domain = "franzi.business"
homeserver . url = "https://matrix.franzi.business"
telegram . api_id = "!decrypt:encrypt$gAAAAABfVK5SmDDru-UQxitkE5VhPArnUBhaRbAqQPvAW2Fh3fd1XDrWxa3Qn4BSnJAPNWglH5wil_SXUMcIm95FMhPe8dVeMQ=="
telegram . api_token = "!decrypt:encrypt$gAAAAABfVK5jHuUly1xr9Iku362k7oF4ZYRhLGzNJh3aJpiNrLfAy_DJpTwucx4FV_g45dyQF5boqG2rgdDfwsJN_Ab95es6T4SPGiXIxJOBlvIln1Torwh16pXKchhUTn_PQ077Ll1W"
# same as for matrix-dimension
telegram . bot_token = "!decrypt:encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q"
provisioning . enabled = true
provisioning . shared_secret = "!decrypt:encrypt$gAAAAABfVKflEMAi07C_QGP8cy97hF-4gGPym0oF6p4WSMdAveTpx-hFsZd2s7v9ubw99yIsyKx0dHOJI0UND7hV1rKZdvjy4Qa642abZ2wwW7SWTqvuP_qVtrf6-klc2QKTzeD9c_LVsyZ2dqz_JxRPq3MRXgkubZuWOZ6FmFlAlteTffoGfWE="
[ metadata . mautrix-telegram . permissions ]
"'*'" = "relaybot"
'franzi.business' = "full"
"'@kunsi:franzi.business'" = "admin"
[ metadata . mautrix-whatsapp ]
2023-10-22 06:59:29 +00:00
version = "v0.10.3"
sha1 = "b7456543b2abd0ef5e303acc438e84adca4a7582"
2023-07-15 05:01:00 +00:00
permissions . "'@kunsi:franzi.business'" = "admin"
[ metadata . mautrix-whatsapp . homeserver ]
domain = "franzi.business"
url = "https://matrix.franzi.business"
2023-08-27 07:17:55 +00:00
[ metadata . miniflux ]
domain = "rss.franzi.business"
2023-08-02 06:07:36 +00:00
[ metadata . netbox ]
domain = "netbox.franzi.business"
2023-09-30 15:38:54 +00:00
version = "v3.6.3"
2023-08-02 06:07:36 +00:00
admins . kunsi = "hostmaster@kunbox.net"
2023-09-02 19:14:38 +00:00
[ metadata . nextcloud ]
domain = "warnochwas.de"
2023-09-01 03:55:27 +00:00
[ metadata . nginx . 'security.txt' ]
contact = "mailto:security@kunsmann.eu"
Encryption = "https://franzi.business/gpg_hi-kunsmann.eu.asc"
2023-09-09 14:44:04 +00:00
[ metadata . nginx . vhosts . daskritzelt-redirect ]
domain = "die-brontosaurier-waren-es.org"
ssl = false
locations . '/' . redirect = "https://twitter.com/daskritzelt/status/1259167444373028864"
locations . '/' . mode = 302
2023-09-03 16:25:48 +00:00
[ metadata . nginx . vhosts . 'franzi.business' ]
domain = "franzi.business"
2023-08-23 10:19:24 +00:00
[ metadata . nginx . vhosts . 'gaenseblum.eu' . webroot_config ]
owner = "skye"
2023-09-03 16:25:48 +00:00
[ metadata . nginx . vhosts . mta-sts ]
domain = "mta-sts.kunbox.net"
domain_aliases = [
"mta-sts.franzi.business" ,
"mta-sts.kunsmann.eu" ,
]
[ metadata . nginx . vhosts . redirector ]
domain = "kunbox.net"
domain_aliases = [
"carlene.kunbox.net" ,
"kunsmann.eu" ,
]
[ metadata . nginx . vhosts . redirector . locations . '/' ]
redirect = "https://franzi.business/"
[ metadata . nginx . vhosts . redirector . locations . '/.well-known/openpgpkey/' ]
alias = "/var/www/franzi.business/.well-known/openpgpkey"
additional_config = [
"add_header Access-Control-Allow-Origin *" ,
"default_type application/octet-stream" ,
]
2023-08-27 07:38:06 +00:00
[ metadata . ntfy ]
domain = "ntfy.franzi.business"
ratelimit-exempt-hosts = [
"carlene" ,
2023-09-09 13:28:07 +00:00
"icinga2" ,
2023-08-27 07:38:06 +00:00
]
2023-09-01 03:55:27 +00:00
[ metadata . php ]
version = "8.2"
packages = [
'gd' ,
'imagick' ,
'imap' ,
'intl' ,
'mbstring' ,
'opcache' ,
'pgsql' ,
'readline' ,
'xml' ,
'yaml' ,
]
[ metadata . postfix ]
message_size_limit_mb = 100
myhostname = "mail.franzi.business"
2023-09-24 08:34:54 +00:00
mynetworks = [ "gce" ]
2023-09-01 03:55:27 +00:00
[ metadata . postfixadmin ]
domain = "postfixadmin.franzi.business"
setup_password = "!decrypt:encrypt$gAAAAABgnNGpAqUs--qBXII9ZPcHtxaELy9e2Dx9O44n4l0O4nMHPoIyaPW5HkvpQ2zWTlh5OfjjOgunRtE_voJuY0Kdtji37ixAnuL9ErOJ0LDY5QfMkNPUgPs5alwz1baqYq6rqJ7NDmB0gHraY46v5eG79R2EyQ=="
version = "3.3.13"
2023-07-15 05:01:00 +00:00
[ metadata . postgresql ]
version = 15
2023-07-13 18:09:04 +00:00
2023-09-01 03:55:27 +00:00
[ metadata . rspamd ]
ignore_spam_check_for_ips = [
# entropia
'45.140.180.32/27' , # Entropia e. V.
'45.140.180.112/28' , # MicroPOC
'2a0e:c5c0:0:201::/64' , # Entropia e. V.
'2a0e:c5c0:0:307::/64' , # MicroPOC
# c3kl
'116.202.19.236' ,
'2a01:4f8:1c17:cc52::/64' ,
# ccc
'212.12.55.65' ,
'212.12.55.67' ,
'2a00:14b0:4200:3000:23:55:0:65' ,
# IN-Berlin mailman
'130.133.8.35' ,
'192.109.42.28' ,
'192.109.42.122' ,
'193.29.188.9' ,
'217.197.80.23' ,
'217.197.80.134' ,
'2001:bf0:c000:a::2:134' ,
# c3voc
'185.106.84.32/26' ,
'2001:67c:20a0:e::/64' ,
# DENOG
'195.20.121.100' ,
'2001:1440:201:101::5' ,
]
password = "!bwpass:bw/rx300/rspamd"
dkim = "uO4aNejDvVdw8BKne3KJIqAvCQMJ0416"
2023-07-13 19:31:44 +00:00
[ metadata . smartd ]
disks = [
"/dev/nvme0" ,
"/dev/nvme1" ,
]
2023-08-01 19:22:28 +00:00
[ metadata . travelynx ]
2023-10-09 05:35:35 +00:00
version = "2.4.1"
2023-08-01 19:22:28 +00:00
mail_from = "travelynx@franzi.business"
domain = "travelynx.franzi.business"
# the old one from rx300, XXX remove 2024-01-01
additional_cookie_secrets = [ "!decrypt:encrypt$gAAAAABkyVq1Eena0FVcAW1V456-QrEtKL_fU7RSGr9mZTSBG28bk5bHJdqkvxrr4rOXNCnreJY7AsJSw-h7yrbzTNa9CUzOtt_a0caQIi7Qnen5k_TI_hTa08jViYLu3WrRxLPknpU_" ]
2023-08-23 10:19:24 +00:00
[ metadata . users . skye ]
ssh_pubkey = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCO0KG3/hnMO6UsReyEHvV4y7fYmJGQeCVnmw2xUoM4so2ZacWDi27aQbMq6wWb/JsUh4j3OOvEfNvf27LU6wpqcxM/QO22YjLsOtVzVnGjupsKAnN/nKy+X7KhspaF9qKFpmseBpuEAAnaxnreEFNC2tHarzJzgj+Y+Bmkg4tnMWsVc6EoBp1R2xmsdeRtgcQwms3xX9COeAjkFNgniGfqigO2AxPgC68h3GqSlcPzgpJ7ukvtCRCs/g3R+9GCnxsamd3AYhaRCIKauIyA44WqtH8lAH5+g16tU8WYcK1KySuwLt418kXDDJrZXaOLbxRl+jrShIdPoGhqs1y6KlOVTbj9TBVGt8CtV8JsLwzH2GCdLjImcXWUob2j2sxgBGTWiTfWf98XBLmBQwbAlBJ01gsHhJxDx0E2ttxueSjyg4hTzWCH0TlRmbpUDdIlqLgwHxmh97YFF5oqkgWGjSt7jxrW8Q9+FeMi5L2qHzKez5Z3quOhDIXWjEcpxqQQ2Lc=" ,
]
2023-08-25 10:51:19 +00:00
[ metadata . weechat ]
user = "kunsi"
relay_domain = "irc.franzi.business"
2023-07-13 18:09:04 +00:00
[ [ metadata . zfs . pools . tank . when_creating . config ] ]
devices = [
"/dev/nvme0n1p3" ,
"/dev/nvme1n1p3" ,
]
type = "mirror"
2023-07-15 05:01:00 +00:00
[ metadata . zfs . datasets . tank ]
primarycache = "metadata"
2023-07-13 18:09:04 +00:00
[ metadata . vm ]
cpu = 24
ram = 64