2020-11-08 14:05:17 +00:00
|
|
|
# To use the serial console in iRMC, set up grub as follows:
|
|
|
|
# GRUB_TIMEOUT=30
|
|
|
|
# GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0,115200 console=tty0"
|
|
|
|
# GRUB_TERMINAL=serial
|
|
|
|
# GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
|
|
|
|
|
2020-10-25 12:54:19 +00:00
|
|
|
nodes['rx300'] = {
|
2021-06-11 13:02:43 +00:00
|
|
|
'hostname': '31.47.232.106',
|
2020-10-25 15:46:45 +00:00
|
|
|
'bundles': {
|
2021-07-10 12:22:19 +00:00
|
|
|
'check-mail-received',
|
2021-08-21 05:34:18 +00:00
|
|
|
'dovecot',
|
2023-07-23 13:48:07 +00:00
|
|
|
#'element-web',
|
2021-07-09 13:56:26 +00:00
|
|
|
'gitea',
|
2021-10-18 17:42:27 +00:00
|
|
|
'ipmitool',
|
2021-07-11 13:24:08 +00:00
|
|
|
'jenkins-ci',
|
2023-05-06 15:26:25 +00:00
|
|
|
'jugendhackt_tools',
|
2021-06-05 10:23:09 +00:00
|
|
|
'lm-sensors',
|
2021-07-23 18:02:57 +00:00
|
|
|
'matrix-dimension',
|
2023-07-15 05:01:00 +00:00
|
|
|
#'matrix-media-repo',
|
|
|
|
#'matrix-synapse',
|
|
|
|
#'mautrix-telegram',
|
|
|
|
#'mautrix-whatsapp',
|
2021-07-01 14:10:06 +00:00
|
|
|
'miniflux',
|
2022-11-06 17:52:38 +00:00
|
|
|
'minecraft',
|
2023-07-15 05:01:00 +00:00
|
|
|
#'mx-puppet-discord',
|
2021-08-21 10:33:05 +00:00
|
|
|
'netbox',
|
2021-07-15 16:41:27 +00:00
|
|
|
'nodejs',
|
2023-04-09 10:10:04 +00:00
|
|
|
'ntfy',
|
2021-07-23 08:07:35 +00:00
|
|
|
'oidentd',
|
2021-07-11 13:23:49 +00:00
|
|
|
'php',
|
2021-08-21 05:34:18 +00:00
|
|
|
'postfixadmin',
|
2021-06-29 12:24:10 +00:00
|
|
|
'postgresql',
|
2021-07-23 10:58:53 +00:00
|
|
|
'radicale',
|
2021-07-18 05:56:49 +00:00
|
|
|
'redis',
|
2021-08-21 05:34:18 +00:00
|
|
|
'rspamd',
|
2021-05-20 16:24:23 +00:00
|
|
|
'smartd',
|
2021-07-02 14:15:31 +00:00
|
|
|
'travelynx',
|
2021-07-23 17:15:08 +00:00
|
|
|
'unbound',
|
2021-05-23 12:33:20 +00:00
|
|
|
'vmhost',
|
2020-10-25 15:46:45 +00:00
|
|
|
'zfs',
|
|
|
|
},
|
2020-11-21 09:55:09 +00:00
|
|
|
'groups': {
|
2021-07-01 16:23:30 +00:00
|
|
|
'debian-bullseye',
|
2021-06-29 12:24:10 +00:00
|
|
|
'webserver',
|
2020-11-21 09:55:09 +00:00
|
|
|
},
|
2020-10-25 15:46:45 +00:00
|
|
|
'metadata': {
|
2020-11-09 14:16:29 +00:00
|
|
|
'interfaces': {
|
2021-05-23 12:33:20 +00:00
|
|
|
'br0': {
|
2020-11-09 14:16:29 +00:00
|
|
|
'ips': {
|
2021-06-11 13:02:43 +00:00
|
|
|
'31.47.232.106/29',
|
|
|
|
'2a00:f820:528::2/64',
|
2020-11-09 14:16:29 +00:00
|
|
|
},
|
2021-06-11 13:02:43 +00:00
|
|
|
'gateway4': '31.47.232.105',
|
|
|
|
'gateway6': '2a00:f820:528::1',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'apt': {
|
|
|
|
'packages': {
|
2021-07-09 13:56:26 +00:00
|
|
|
# for franzi.business deployment
|
2021-07-09 14:38:26 +00:00
|
|
|
'ruby': {},
|
|
|
|
'ruby-dev': {},
|
|
|
|
'ruby-bundler': {},
|
2021-07-11 13:23:49 +00:00
|
|
|
|
2021-09-08 12:36:52 +00:00
|
|
|
# for `bw test` on jenkins
|
|
|
|
'bind9utils': {},
|
|
|
|
|
2021-07-17 09:33:43 +00:00
|
|
|
# used by user:kunsi
|
|
|
|
'mosh': {},
|
|
|
|
'weechat': {},
|
|
|
|
'weechat-core': {},
|
|
|
|
'weechat-curses': {},
|
|
|
|
'weechat-perl': {},
|
|
|
|
'weechat-plugins': {},
|
|
|
|
'weechat-python': {},
|
|
|
|
'weechat-ruby': {},
|
2021-07-24 05:18:35 +00:00
|
|
|
|
|
|
|
# for weechat scripts
|
|
|
|
'libpod-parser-perl': {},
|
2020-11-09 14:16:29 +00:00
|
|
|
},
|
2021-07-01 16:23:30 +00:00
|
|
|
'repos': {
|
2021-07-17 09:33:43 +00:00
|
|
|
'weechat': {
|
|
|
|
'items': {
|
|
|
|
'deb https://weechat.org/debian {os_release} main',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'backup-client': {
|
|
|
|
'pre-hooks': {
|
2021-07-23 08:04:32 +00:00
|
|
|
'kunsi-weechat': \
|
|
|
|
'echo \'core.weechat */layout store\' >> /home/kunsi/.weechat/weechat_fifo\n' \
|
|
|
|
'echo \'core.weechat */save\' >> /home/kunsi/.weechat/weechat_fifo\n',
|
2021-07-17 09:33:43 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
'backups': {
|
|
|
|
'paths': {
|
|
|
|
'/home/kunsi/.weechat',
|
2021-07-01 16:23:30 +00:00
|
|
|
},
|
2020-11-09 14:16:29 +00:00
|
|
|
},
|
2021-07-10 12:22:19 +00:00
|
|
|
'check-mail-received': {
|
|
|
|
't-online': {
|
|
|
|
'email': 'franzi.kunsmann@t-online.de',
|
|
|
|
'imap_host': 'secureimap.t-online.de',
|
|
|
|
'imap_pass': bwpass.attr('t-online.de/franzi.kunsmann@t-online.de', 'imap'),
|
|
|
|
},
|
2021-07-10 10:59:54 +00:00
|
|
|
},
|
2021-07-15 16:41:27 +00:00
|
|
|
'element-web': {
|
|
|
|
'url': 'chat.franzi.business',
|
2023-07-10 16:45:58 +00:00
|
|
|
'version': 'v1.11.35',
|
2021-07-15 16:41:27 +00:00
|
|
|
'config': {
|
|
|
|
'default_server_config': {
|
|
|
|
'm.homeserver': {
|
|
|
|
'base_url': 'https://matrix.franzi.business',
|
|
|
|
'server_name': 'franzi.business',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'brand': 'franzi.business',
|
|
|
|
'showLabsSettings': True,
|
|
|
|
'integrations_ui_url': 'https://dimension.franzi.business/riot',
|
|
|
|
'integrations_rest_url': 'https://dimension.franzi.business/api/v1/scalar',
|
|
|
|
'integrations_widgets_urls': {
|
|
|
|
'https://dimension.franzi.business/widgets'
|
|
|
|
},
|
|
|
|
'default_theme': 'dark',
|
|
|
|
'defaultCountryCode': 'DE',
|
|
|
|
'jitsi': {
|
|
|
|
'preferredDomain': 'meet.ffmuc.net',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-09 13:56:26 +00:00
|
|
|
'gitea': {
|
2023-07-11 03:54:44 +00:00
|
|
|
'url': 'https://codeberg.org/attachments/8aac5e74-a26b-44c9-83b8-267f114af958',
|
|
|
|
'sha1': '4dda6dd09e75e38e4f564bd8249d8fc3dc4a334a',
|
2021-07-09 13:56:26 +00:00
|
|
|
'domain': 'git.franzi.business',
|
|
|
|
'email_domain_blocklist': {
|
|
|
|
'aol.com',
|
2022-07-10 11:32:29 +00:00
|
|
|
'bamibi.com',
|
2022-03-19 06:13:17 +00:00
|
|
|
'beezom.buzz',
|
2022-07-10 11:32:29 +00:00
|
|
|
'block521.com',
|
|
|
|
'cloud-mail.top',
|
2021-07-09 13:56:26 +00:00
|
|
|
'comcast.net',
|
|
|
|
'cox.net',
|
2022-07-10 11:32:29 +00:00
|
|
|
'cupbest.com',
|
|
|
|
'dakcans.com',
|
2022-03-19 06:13:17 +00:00
|
|
|
'fitshot.xyz',
|
2022-07-12 18:30:35 +00:00
|
|
|
'gmail.co',
|
2022-03-19 06:13:17 +00:00
|
|
|
'gmail.com',
|
|
|
|
'grabmail.club',
|
2022-07-10 11:32:29 +00:00
|
|
|
'hbehs.com',
|
2022-03-19 06:13:17 +00:00
|
|
|
'hotmail.com',
|
2021-07-09 13:56:26 +00:00
|
|
|
'msn.com',
|
2022-07-10 11:32:29 +00:00
|
|
|
'nycexercise.com',
|
|
|
|
'oceore.com',
|
|
|
|
'popcornfly.com',
|
|
|
|
'qqhow.com',
|
|
|
|
'runqx.com',
|
|
|
|
'spicethainj.com',
|
2022-03-19 06:13:17 +00:00
|
|
|
'spruzme.com',
|
2022-07-10 11:32:29 +00:00
|
|
|
'syswift.com',
|
|
|
|
'tagbert.com',
|
2022-07-12 18:30:35 +00:00
|
|
|
'teleg.eu',
|
2022-03-19 06:13:17 +00:00
|
|
|
'tempinbox.xyz',
|
|
|
|
'verizon.net',
|
2022-07-10 11:32:29 +00:00
|
|
|
'vusra.com',
|
2022-03-19 06:13:17 +00:00
|
|
|
'yahoo.com',
|
2021-07-09 13:56:26 +00:00
|
|
|
},
|
|
|
|
'enable_git_hooks': True,
|
|
|
|
'install_ssh_key': True,
|
|
|
|
'internal_token': vault.decrypt('encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=='),
|
|
|
|
'lfs_secret_key': vault.decrypt('encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr'),
|
|
|
|
'oauth_secret_key': vault.decrypt('encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz'),
|
|
|
|
'security_secret_key': vault.decrypt('encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4='),
|
|
|
|
},
|
2021-07-01 14:15:03 +00:00
|
|
|
'icinga_options': {
|
|
|
|
'pretty_name': 'franzi.business',
|
|
|
|
},
|
2021-07-11 13:47:45 +00:00
|
|
|
'jenkins-ci': {
|
|
|
|
'install_ssh_key': True,
|
2021-07-16 12:20:01 +00:00
|
|
|
'domain': 'jenkins.franzi.business',
|
2022-02-19 17:53:49 +00:00
|
|
|
'writeable_paths': {
|
|
|
|
'/var/www/franzi.business', # for deployment task
|
|
|
|
},
|
2021-07-11 13:47:45 +00:00
|
|
|
},
|
2023-05-06 15:26:25 +00:00
|
|
|
'jugendhackt_tools': {
|
|
|
|
'allowed_hosts': ['jh.franzi.business'],
|
|
|
|
'timezone': 'Europe/Berlin',
|
|
|
|
},
|
2021-07-17 09:33:43 +00:00
|
|
|
'letsencrypt': {
|
2021-07-23 08:04:32 +00:00
|
|
|
'concat_and_deploy': {
|
|
|
|
'kunsi-weechat': {
|
|
|
|
'match_domain': 'rx300.kunbox.net',
|
|
|
|
'target': '/home/kunsi/.weechat/ssl/relay.pem',
|
|
|
|
'chown': 'kunsi:kunsi',
|
|
|
|
'chmod': '0440',
|
|
|
|
'commands': [
|
|
|
|
'echo \'core.weechat */relay sslcertkey\' >> /home/kunsi/.weechat/weechat_fifo'
|
|
|
|
],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'domains': {
|
|
|
|
'rx300.kunbox.net': set(),
|
|
|
|
},
|
2021-07-17 09:33:43 +00:00
|
|
|
},
|
2021-07-23 05:58:50 +00:00
|
|
|
'matrix-media-repo': {
|
2023-02-17 04:02:40 +00:00
|
|
|
'version': 'v1.2.13',
|
|
|
|
'sha1': '0915bdf7c461368859180419d1f66717969cbe32',
|
2021-07-23 05:58:50 +00:00
|
|
|
'homeservers': {
|
|
|
|
'franzi.business': {
|
|
|
|
'domain': 'http://[::1]:20080/',
|
|
|
|
'api': 'synapse',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'admins': {
|
|
|
|
'@kunsi:franzi.business',
|
|
|
|
},
|
|
|
|
'upload_max_mb': 500,
|
|
|
|
},
|
2021-07-23 18:02:57 +00:00
|
|
|
'matrix-dimension': {
|
|
|
|
'url': 'dimension.franzi.business',
|
2021-11-27 14:21:29 +00:00
|
|
|
'version': 'c6d047c', # XXX master is broken as of 2021-11-27
|
2021-07-23 18:02:57 +00:00
|
|
|
'homeserver': {
|
|
|
|
'name': 'franzi.business',
|
|
|
|
'clientServerUrl': 'https://matrix.franzi.business',
|
|
|
|
'accessToken': vault.decrypt('encrypt$gAAAAABg-wBmGbAy-Ou1mkG2w5UyoqWmWYzDr4ZavyUQdmG_VtrUSmwHjx-qcBGIz_7NniD3zKm9GGvzRZItDu5zYiojcudYr74TkWJKhdDrgFbcWlfJJ_m3bWzrSORaTYzBGRckp2Vz_8xHgDk1W03vpT6mdIPMDzjuINssIcPs0YDth25W942tMfPA2csvLADY50qVRMJpdBOVIWba55o0g6-mAAQLOz6Ld4cCvYqZsqXsxjT8JUytJv_uSG4zgCS_aX20JlAyJWpJgT8FQF5HzIbsko_-Z9-TwtY7yllJp5Ri3n0WaDaWoMmUfhLvkMJeymmOc32A4WJBAePQ_2F-_oUDE7t97A-m3ZiMVAEefDnH5MkoiQEJTfHrJsXRkdBT_BnJlY1CoAuXpRYDdvbVDwN_qZHHHtqsno437l9S6GgDK_-sKBiojYkYsfHcJCdSEqeFGuxT'),
|
|
|
|
},
|
|
|
|
'admins': [
|
|
|
|
'@kunsi:franzi.business',
|
|
|
|
],
|
|
|
|
'telegram': {
|
|
|
|
# same as for mautrix-telegram
|
|
|
|
'botToken': vault.decrypt('encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q'),
|
|
|
|
},
|
|
|
|
},
|
2021-07-23 05:58:50 +00:00
|
|
|
'matrix-synapse': {
|
|
|
|
'server_name': 'franzi.business',
|
|
|
|
'baseurl': 'matrix.franzi.business',
|
|
|
|
'admin_contact': 'mailto:hostmaster@kunbox.net',
|
|
|
|
'trusted_key_servers': {
|
|
|
|
'matrix.org',
|
|
|
|
'finallycoffee.eu',
|
|
|
|
'nyantec.com',
|
|
|
|
},
|
|
|
|
'additional_client_config': {
|
|
|
|
'im.vector.riot.jitsi': {
|
|
|
|
'preferredDomain': 'meet.ffmuc.net',
|
|
|
|
},
|
|
|
|
},
|
2021-07-29 15:33:48 +00:00
|
|
|
'wellknown_also_on_vhosts': {
|
|
|
|
'franzi.business',
|
|
|
|
},
|
2021-07-23 05:58:50 +00:00
|
|
|
},
|
|
|
|
'mautrix-telegram': {
|
2023-06-29 03:17:35 +00:00
|
|
|
'version': 'v0.14.1',
|
2021-07-23 05:58:50 +00:00
|
|
|
'homeserver': {
|
|
|
|
'domain': 'franzi.business',
|
|
|
|
'url': 'https://matrix.franzi.business',
|
|
|
|
},
|
|
|
|
'provisioning': {
|
|
|
|
'enabled': True,
|
|
|
|
'shared_secret': vault.decrypt('encrypt$gAAAAABfVKflEMAi07C_QGP8cy97hF-4gGPym0oF6p4WSMdAveTpx-hFsZd2s7v9ubw99yIsyKx0dHOJI0UND7hV1rKZdvjy4Qa642abZ2wwW7SWTqvuP_qVtrf6-klc2QKTzeD9c_LVsyZ2dqz_JxRPq3MRXgkubZuWOZ6FmFlAlteTffoGfWE='),
|
|
|
|
},
|
|
|
|
'permissions': {
|
|
|
|
"'*'": 'relaybot',
|
|
|
|
'nyantec.com': 'full',
|
|
|
|
'franzi.business': 'full',
|
|
|
|
"'@kunsi:franzi.business'": 'admin',
|
|
|
|
},
|
|
|
|
'telegram': {
|
|
|
|
'api_id': vault.decrypt('encrypt$gAAAAABfVK5SmDDru-UQxitkE5VhPArnUBhaRbAqQPvAW2Fh3fd1XDrWxa3Qn4BSnJAPNWglH5wil_SXUMcIm95FMhPe8dVeMQ=='),
|
|
|
|
'api_token': vault.decrypt('encrypt$gAAAAABfVK5jHuUly1xr9Iku362k7oF4ZYRhLGzNJh3aJpiNrLfAy_DJpTwucx4FV_g45dyQF5boqG2rgdDfwsJN_Ab95es6T4SPGiXIxJOBlvIln1Torwh16pXKchhUTn_PQ077Ll1W'),
|
2021-07-23 18:02:57 +00:00
|
|
|
# same as for matrix-dimension
|
2021-07-23 05:58:50 +00:00
|
|
|
'bot_token': vault.decrypt('encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q'),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'mautrix-whatsapp': {
|
2023-06-29 03:20:00 +00:00
|
|
|
'version': 'v0.8.6',
|
|
|
|
'sha1': 'aa3c25aa2f8d2ddd241e2f73eea473ecdbaf295d',
|
2021-07-23 05:58:50 +00:00
|
|
|
'homeserver': {
|
|
|
|
'domain': 'franzi.business',
|
|
|
|
'url': 'https://matrix.franzi.business',
|
|
|
|
},
|
|
|
|
'permissions': {
|
2022-03-19 06:02:11 +00:00
|
|
|
"'@kunsi:franzi.business'": 'admin',
|
2021-07-23 05:58:50 +00:00
|
|
|
},
|
|
|
|
},
|
2021-07-01 14:10:06 +00:00
|
|
|
'miniflux': {
|
|
|
|
'domain': 'rss.franzi.business',
|
|
|
|
},
|
2022-11-06 17:52:38 +00:00
|
|
|
'minecraft': {
|
|
|
|
'heap_mb': 16*1024,
|
|
|
|
'sha1': '82be5e1bbdfd1bcb001644780562282fd42ee5a9',
|
|
|
|
'version': ('1.19.2', '261'),
|
|
|
|
'allowlist': {
|
|
|
|
# use https://mcuuid.net/
|
|
|
|
'kunsi': 'a2b93640-9dff-4c3c-a6c7-bd75329d8997',
|
|
|
|
'sophie': '7e593cbb-9d61-4d46-a416-6edbcf8a2109',
|
|
|
|
},
|
|
|
|
'ops': {
|
|
|
|
'kunsi': 'a2b93640-9dff-4c3c-a6c7-bd75329d8997',
|
|
|
|
},
|
|
|
|
'restrict-to': {'*'},
|
|
|
|
},
|
2021-07-23 05:58:50 +00:00
|
|
|
'mx-puppet-discord': {
|
|
|
|
'homeserver': {
|
|
|
|
'domain': 'franzi.business',
|
|
|
|
'url': 'https://matrix.franzi.business',
|
|
|
|
},
|
|
|
|
'allowed-users': {
|
|
|
|
'@.*:franzi\\\\.business',
|
|
|
|
},
|
|
|
|
},
|
2021-08-21 10:33:05 +00:00
|
|
|
'netbox': {
|
|
|
|
'domain': 'netbox.franzi.business',
|
2023-07-11 03:55:11 +00:00
|
|
|
'version': 'v3.5.6',
|
2021-08-21 10:44:14 +00:00
|
|
|
'changelog_retention_days': 360,
|
|
|
|
'admins': {
|
|
|
|
'kunsi': 'hostmaster@kunbox.net',
|
|
|
|
},
|
2021-08-21 10:33:05 +00:00
|
|
|
},
|
2021-07-23 08:04:32 +00:00
|
|
|
'nftables': {
|
|
|
|
'rules': {
|
2021-12-14 13:03:13 +00:00
|
|
|
'50-kunsi-weechat': [
|
|
|
|
'inet filter input udp dport { 60000-61000 } accept',
|
|
|
|
'inet filter input tcp dport 9001 accept',
|
|
|
|
],
|
2021-07-23 08:04:32 +00:00
|
|
|
},
|
|
|
|
},
|
2021-07-01 14:10:06 +00:00
|
|
|
'nginx': {
|
2021-07-24 05:13:35 +00:00
|
|
|
'security.txt': {
|
|
|
|
'contact': 'mailto:security@kunsmann.eu',
|
|
|
|
'Encryption': 'https://franzi.business/gpg_hi-kunsmann.eu.asc',
|
|
|
|
},
|
2021-07-01 14:10:06 +00:00
|
|
|
'vhosts': {
|
2023-07-23 13:48:07 +00:00
|
|
|
#'element-web': {'ssl': '_.franzi.business'},
|
2023-01-29 08:42:36 +00:00
|
|
|
'forgejo': {'ssl': '_.franzi.business'},
|
2021-07-16 12:20:01 +00:00
|
|
|
'jenkins-ci': {'ssl': '_.franzi.business'},
|
2021-07-23 18:02:57 +00:00
|
|
|
'matrix-dimension': {'ssl': '_.franzi.business'},
|
2023-07-15 05:01:00 +00:00
|
|
|
#'matrix-synapse': {'ssl': '_.franzi.business'},
|
2021-07-09 13:56:26 +00:00
|
|
|
'miniflux': {'ssl': '_.franzi.business'},
|
2021-08-21 10:33:05 +00:00
|
|
|
'netbox': {'ssl': '_.franzi.business'},
|
2023-04-09 10:10:04 +00:00
|
|
|
'ntfy': {'ssl': '_.franzi.business'},
|
2021-07-23 10:58:53 +00:00
|
|
|
'radicale': {'ssl': '_.franzi.business'},
|
2021-07-16 12:20:01 +00:00
|
|
|
'travelynx': {'ssl': '_.franzi.business'},
|
2021-07-17 08:53:35 +00:00
|
|
|
'daskritzelt-redirect': {
|
|
|
|
'domain': 'die-brontosaurier-waren-es.org',
|
|
|
|
'ssl': None,
|
|
|
|
'locations': {
|
|
|
|
'/': {
|
|
|
|
'redirect': 'https://twitter.com/daskritzelt/status/1259167444373028864',
|
2021-08-22 05:20:45 +00:00
|
|
|
'mode': 302,
|
2021-07-17 08:53:35 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-09 14:11:53 +00:00
|
|
|
'franzi.business': {
|
|
|
|
'webroot': '/var/www/franzi.business/_site/',
|
|
|
|
'ssl': '_.franzi.business',
|
2021-09-25 12:42:00 +00:00
|
|
|
'extras': True,
|
2023-07-23 13:48:07 +00:00
|
|
|
"locations": {
|
|
|
|
"/.well-known/matrix/client": {
|
|
|
|
"additional_config": [
|
|
|
|
"add_header Access-Control-Allow-Origin *",
|
|
|
|
"default_type application/json"
|
|
|
|
],
|
|
|
|
"content": "{\"im.vector.riot.jitsi\": {\"preferredDomain\": \"meet.ffmuc.net\"}, \"m.homeserver\": {\"base_url\": \"https://matrix.franzi.business\"}, \"m.identity_server\": {\"base_url\": \"https://matrix.org\"}}",
|
|
|
|
"return": 200
|
|
|
|
},
|
|
|
|
"/.well-known/matrix/server": {
|
|
|
|
"additional_config": [
|
|
|
|
"add_header Access-Control-Allow-Origin *",
|
|
|
|
"default_type application/json"
|
|
|
|
],
|
|
|
|
"content": "{\"m.server\": \"matrix.franzi.business:443\"}",
|
|
|
|
"return": 200
|
|
|
|
}
|
|
|
|
},
|
2021-07-09 14:11:53 +00:00
|
|
|
},
|
2022-11-16 18:19:56 +00:00
|
|
|
'git.kunsmann.eu': {
|
|
|
|
'locations': {
|
|
|
|
'/': {
|
|
|
|
'redirect': 'https://git.franzi.business$request_uri',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2023-05-06 15:26:25 +00:00
|
|
|
'jugendhackt_tools': {
|
|
|
|
'domain': 'jh.franzi.business',
|
|
|
|
'ssl': '_.franzi.business',
|
|
|
|
'locations': {
|
|
|
|
'/': {
|
|
|
|
'target': 'http://127.0.0.1:22090/',
|
|
|
|
},
|
|
|
|
'/static/': {
|
2023-05-15 10:06:41 +00:00
|
|
|
'alias': '/opt/jugendhackt_tools/src/static/',
|
2023-05-06 15:26:25 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-17 08:26:38 +00:00
|
|
|
'kunbox.net': {},
|
|
|
|
'kunsmann.eu': {
|
|
|
|
'locations': {
|
|
|
|
'/': {
|
|
|
|
'redirect': 'https://franzi.business$request_uri',
|
|
|
|
},
|
|
|
|
'/.well-known/openpgpkey': {
|
|
|
|
'alias': '/var/www/kunsmann.eu/.well-known/openpgpkey/',
|
|
|
|
'additional_config': {
|
|
|
|
'default_type application/octet-stream',
|
|
|
|
'add_header Access-Control-Allow-Origin *',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-08-21 05:34:18 +00:00
|
|
|
'mta-sts': {
|
|
|
|
'domain': 'mta-sts.kunbox.net',
|
|
|
|
'domain_aliases': {
|
|
|
|
'mta-sts.franzi.business',
|
|
|
|
'mta-sts.kunsmann.eu',
|
|
|
|
'mta-sts.trans-agenda.eu',
|
|
|
|
},
|
|
|
|
},
|
2021-07-17 08:53:35 +00:00
|
|
|
'paste.franzi.business': {
|
|
|
|
'ssl': '_.franzi.business',
|
|
|
|
'extras': True,
|
2021-07-24 10:23:07 +00:00
|
|
|
'webroot_config': {
|
|
|
|
'owner': 'kunsi',
|
|
|
|
},
|
2021-07-17 08:53:35 +00:00
|
|
|
},
|
2021-08-21 05:34:18 +00:00
|
|
|
'postfixadmin': {
|
|
|
|
'domain': 'postfixadmin.franzi.business',
|
|
|
|
'ssl': '_.franzi.business',
|
|
|
|
'webroot': '/opt/postfixadmin/public/',
|
|
|
|
'php': True,
|
2021-10-31 17:34:33 +00:00
|
|
|
'locations': {
|
|
|
|
'/rspamd/': {
|
|
|
|
'target': 'http://localhost:11334/',
|
|
|
|
'websockets': True,
|
|
|
|
},
|
|
|
|
}
|
2021-08-21 05:34:18 +00:00
|
|
|
},
|
2021-07-16 11:34:20 +00:00
|
|
|
'wiki.franzi.business': {
|
|
|
|
'ssl': '_.franzi.business',
|
|
|
|
'extras': True,
|
|
|
|
'php': True,
|
|
|
|
'webroot_config': {
|
|
|
|
'owner': 'www-data',
|
|
|
|
'group': 'www-data',
|
|
|
|
},
|
|
|
|
'website_check_path': '/start?do=login',
|
|
|
|
'website_check_string': 'Username',
|
|
|
|
},
|
2021-07-01 14:10:06 +00:00
|
|
|
},
|
2021-07-23 17:15:08 +00:00
|
|
|
'worker_processes': 8,
|
2021-07-01 14:10:06 +00:00
|
|
|
},
|
2023-04-09 10:10:04 +00:00
|
|
|
'ntfy': {
|
|
|
|
'domain': 'ntfy.franzi.business',
|
|
|
|
'ratelimit-exempt-hosts': {
|
|
|
|
'ovh.icinga2',
|
|
|
|
'rx300',
|
|
|
|
},
|
|
|
|
},
|
2021-07-23 08:07:35 +00:00
|
|
|
'oidentd': {
|
|
|
|
'allows': {
|
|
|
|
'kunsi': {
|
|
|
|
'spoof',
|
|
|
|
'spoof_all',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-11 13:23:49 +00:00
|
|
|
'php': {
|
|
|
|
'version': '8.0',
|
|
|
|
'packages': {
|
|
|
|
'gd',
|
2021-11-22 19:34:02 +00:00
|
|
|
'imagick',
|
2021-07-11 13:23:49 +00:00
|
|
|
'imap',
|
|
|
|
'intl',
|
|
|
|
'mbstring',
|
|
|
|
'opcache',
|
|
|
|
'pgsql',
|
|
|
|
'readline',
|
|
|
|
'xml',
|
2021-11-22 19:34:02 +00:00
|
|
|
'yaml',
|
2021-07-11 13:23:49 +00:00
|
|
|
},
|
|
|
|
},
|
2021-07-18 05:56:49 +00:00
|
|
|
'postfix': {
|
2023-03-29 08:48:06 +00:00
|
|
|
'message_size_limit_mb': 75,
|
2021-07-18 05:56:49 +00:00
|
|
|
'mynetworks': {
|
2021-07-30 05:02:59 +00:00
|
|
|
'gce',
|
2021-07-18 05:56:49 +00:00
|
|
|
'ovh',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
'postfixadmin': {
|
2022-12-16 14:25:32 +00:00
|
|
|
'version': '3.3.13',
|
2021-07-18 05:56:49 +00:00
|
|
|
'setup_password': vault.decrypt('encrypt$gAAAAABgnNGpAqUs--qBXII9ZPcHtxaELy9e2Dx9O44n4l0O4nMHPoIyaPW5HkvpQ2zWTlh5OfjjOgunRtE_voJuY0Kdtji37ixAnuL9ErOJ0LDY5QfMkNPUgPs5alwz1baqYq6rqJ7NDmB0gHraY46v5eG79R2EyQ=='),
|
|
|
|
},
|
2021-06-29 12:24:10 +00:00
|
|
|
'postgresql': {
|
|
|
|
'version': '13',
|
2023-02-17 04:03:39 +00:00
|
|
|
'max_connections': 500,
|
2023-06-03 11:21:23 +00:00
|
|
|
'autovacuum_max_workers': 12,
|
|
|
|
'maintenance_work_mem': 2*1024,
|
|
|
|
'work_mem': 8*1024,
|
|
|
|
'cache_size': 32*1024,
|
2021-06-29 12:24:10 +00:00
|
|
|
},
|
2021-07-23 10:58:53 +00:00
|
|
|
'radicale': {
|
|
|
|
'domain': 'radicale.franzi.business',
|
|
|
|
'users': {
|
|
|
|
'kunsi': bwpass.password('radicale.franzi.business/kunsi'),
|
|
|
|
},
|
|
|
|
},
|
2021-07-18 05:56:49 +00:00
|
|
|
'rspamd': {
|
|
|
|
'ignore_spam_check_for_ips': {
|
|
|
|
# entropia
|
|
|
|
'45.140.180.32/27', # Entropia e. V.
|
|
|
|
'45.140.180.112/28', # MicroPOC
|
|
|
|
'2a0e:c5c0:0:201::/64', # Entropia e. V.
|
|
|
|
'2a0e:c5c0:0:307::/64', # MicroPOC
|
|
|
|
|
2022-05-14 07:22:19 +00:00
|
|
|
# c3kl
|
|
|
|
'116.202.19.236',
|
|
|
|
'2a01:4f8:1c17:cc52::/64',
|
|
|
|
|
2021-07-18 05:56:49 +00:00
|
|
|
# ccc
|
|
|
|
'212.12.55.65',
|
|
|
|
'212.12.55.67',
|
|
|
|
'2a00:14b0:4200:3000:23:55:0:65',
|
|
|
|
|
|
|
|
# IN-Berlin mailman
|
|
|
|
'130.133.8.35',
|
|
|
|
'192.109.42.28',
|
|
|
|
'192.109.42.122',
|
|
|
|
'193.29.188.9',
|
|
|
|
'217.197.80.23',
|
|
|
|
'217.197.80.134',
|
|
|
|
'2001:bf0:c000:a::2:134',
|
2021-08-21 05:48:31 +00:00
|
|
|
|
|
|
|
# c3voc
|
|
|
|
'185.106.84.32/26',
|
|
|
|
'2001:67c:20a0:e::/64',
|
2022-08-19 05:30:55 +00:00
|
|
|
|
|
|
|
# DENOG
|
|
|
|
'195.20.121.100',
|
|
|
|
'2001:1440:201:101::5',
|
2021-07-18 05:56:49 +00:00
|
|
|
},
|
2021-08-21 05:48:31 +00:00
|
|
|
'password': bwpass.password('bw/rx300/rspamd'),
|
2021-07-18 05:56:49 +00:00
|
|
|
'dkim': 'uO4aNejDvVdw8BKne3KJIqAvCQMJ0416',
|
|
|
|
},
|
2021-05-20 16:24:23 +00:00
|
|
|
'smartd': {
|
|
|
|
'disks': {
|
|
|
|
'/dev/nvme0',
|
|
|
|
},
|
|
|
|
},
|
2021-08-21 05:52:58 +00:00
|
|
|
'systemd': {
|
|
|
|
'journal': {
|
|
|
|
'maxuse': '4G',
|
|
|
|
},
|
|
|
|
},
|
2021-01-02 11:18:41 +00:00
|
|
|
'systemd-networkd': {
|
2021-05-23 12:33:20 +00:00
|
|
|
'bridges': {
|
|
|
|
'br0': {
|
|
|
|
'match': {
|
2021-06-28 17:41:00 +00:00
|
|
|
'eno1',
|
2021-05-23 12:33:20 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-01-02 11:18:41 +00:00
|
|
|
},
|
2022-02-06 12:41:09 +00:00
|
|
|
'systemd-timers': {
|
|
|
|
'timers': {
|
|
|
|
'cleanup-paste.franzi.business': {
|
|
|
|
'command': '/usr/bin/find /var/www/paste.franzi.business/ -maxdepth 1 -type d -mtime +60 -exec rm -r {} \;',
|
|
|
|
'user': 'kunsi',
|
|
|
|
'when': 'daily',
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2021-07-02 14:15:31 +00:00
|
|
|
'travelynx': {
|
2023-06-21 21:24:15 +00:00
|
|
|
'version': '1.32.0',
|
2021-07-02 14:15:31 +00:00
|
|
|
'mail_from': 'travelynx@franzi.business',
|
2021-07-16 12:20:01 +00:00
|
|
|
'domain': 'travelynx.franzi.business',
|
2021-07-02 14:15:31 +00:00
|
|
|
},
|
2021-07-23 17:15:08 +00:00
|
|
|
'unbound': {
|
|
|
|
'threads': 8,
|
|
|
|
'cache_slabs': 8,
|
|
|
|
},
|
2021-01-22 18:07:25 +00:00
|
|
|
'users': {
|
|
|
|
'kunsi': {
|
2021-07-17 09:33:43 +00:00
|
|
|
'enable_linger': True,
|
2021-01-22 18:07:25 +00:00
|
|
|
},
|
|
|
|
},
|
2020-10-25 15:46:45 +00:00
|
|
|
'zfs': {
|
2020-10-25 15:49:36 +00:00
|
|
|
'module_options': {
|
2023-06-03 11:21:23 +00:00
|
|
|
'zfs_arc_max_gb': 48,
|
2020-10-25 15:49:36 +00:00
|
|
|
},
|
2020-10-25 15:46:45 +00:00
|
|
|
'pools': {
|
2021-08-17 16:09:51 +00:00
|
|
|
'tank': {
|
|
|
|
'when_creating': {
|
|
|
|
'config': [{
|
|
|
|
'type': 'raidz',
|
|
|
|
'devices': {
|
|
|
|
'/dev/sda',
|
|
|
|
'/dev/sdb',
|
|
|
|
'/dev/sdc',
|
|
|
|
'/dev/sdd',
|
|
|
|
},
|
|
|
|
}],
|
|
|
|
'ashift': 12,
|
2020-10-25 15:46:45 +00:00
|
|
|
},
|
2021-08-17 16:09:51 +00:00
|
|
|
},
|
2020-10-25 15:46:45 +00:00
|
|
|
},
|
2021-05-23 12:33:20 +00:00
|
|
|
'datasets': {
|
|
|
|
'tank/libvirt': {
|
|
|
|
'mountpoint': '/var/lib/libvirt',
|
|
|
|
'compression': 'on',
|
2021-07-17 17:40:41 +00:00
|
|
|
'needed_by': {
|
|
|
|
'bundle:vmhost',
|
|
|
|
},
|
2021-05-23 12:33:20 +00:00
|
|
|
},
|
2021-07-17 08:53:35 +00:00
|
|
|
'tank/home-kunsi': {
|
|
|
|
'mountpoint': '/home/kunsi',
|
2021-07-17 17:40:41 +00:00
|
|
|
'needed_by': {
|
|
|
|
'directory:/home/kunsi',
|
|
|
|
},
|
2021-07-17 08:53:35 +00:00
|
|
|
},
|
2021-05-23 12:33:20 +00:00
|
|
|
},
|
2020-10-25 15:46:45 +00:00
|
|
|
},
|
|
|
|
'vm': {
|
|
|
|
'cpu': 32,
|
2021-05-20 15:51:50 +00:00
|
|
|
'ram': 256,
|
2020-10-25 15:46:45 +00:00
|
|
|
},
|
|
|
|
},
|
2020-10-25 12:54:19 +00:00
|
|
|
}
|