2023-07-13 18:09:04 +00:00
hostname = "193.135.9.29"
groups = [
"debian-bookworm" ,
2023-07-15 05:01:00 +00:00
"webserver" ,
2023-07-13 18:09:04 +00:00
]
bundles = [
2023-09-01 03:55:27 +00:00
"check-mail-received" ,
"dovecot" ,
2023-07-23 13:48:07 +00:00
"element-web" ,
2023-08-02 14:38:32 +00:00
"forgejo" ,
2023-07-15 05:01:00 +00:00
"matrix-media-repo" ,
2023-09-02 11:35:04 +00:00
"matrix-stickerpicker" ,
2023-07-15 05:01:00 +00:00
"matrix-synapse" ,
"mautrix-telegram" ,
"mautrix-whatsapp" ,
2023-08-27 07:17:55 +00:00
"miniflux" ,
2023-08-02 06:07:36 +00:00
"netbox" ,
2023-09-02 19:14:38 +00:00
"nextcloud" ,
2023-07-23 13:48:07 +00:00
"nodejs" ,
2023-08-27 07:38:06 +00:00
"ntfy" ,
2023-09-24 08:40:47 +00:00
"oidentd" ,
2023-09-01 03:55:27 +00:00
"php" ,
"postfixadmin" ,
"postgresql" ,
2023-07-15 05:01:00 +00:00
"redis" ,
2023-09-01 03:55:27 +00:00
"rspamd" ,
2023-07-13 19:31:44 +00:00
"smartd" ,
2023-08-01 19:22:28 +00:00
"travelynx" ,
2023-08-25 10:51:19 +00:00
"weechat" ,
2023-07-13 18:09:04 +00:00
"zfs" ,
]
2023-09-09 18:39:23 +00:00
# for auto-deployment of salonkatrin.de
[ metadata . apt . packages . jekyll ]
2023-07-13 18:28:33 +00:00
[ metadata . check-mail-received . t-online ]
email = "franzi.kunsmann@t-online.de"
imap_host = "secureimap.t-online.de"
imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
2023-07-23 13:48:07 +00:00
[ metadata . element-web ]
url = "chat.franzi.business"
2024-11-30 10:34:20 +00:00
version = "v1.11.86"
2023-07-23 13:48:07 +00:00
[ metadata . element-web . config ]
default_server_config . 'm.homeserver' . base_url = "https://matrix.franzi.business"
default_server_config . 'm.homeserver' . server_name = "franzi.business"
brand = "franzi.business"
defaultCountryCode = "DE"
jitsi . preferredDomain = "meet.ffmuc.net"
2023-08-02 14:38:32 +00:00
[ metadata . forgejo ]
2024-11-16 11:11:01 +00:00
version = "9.0.2"
sha1 = "5aecc64f93e8ef05c6d6f83d4b647bdb2c831d9f"
2023-08-02 14:38:32 +00:00
domain = "git.franzi.business"
enable_git_hooks = true
install_ssh_key = true
internal_token = "!decrypt:encrypt$gAAAAABfPncYwCX-NdBr9LdxLyGqmjRJqhmwMnWsdZy6kVOWdKrScW78xaqbJ1tpL1J4qa2hcZ7TQj3l-2mkyJNJOenGzU3TsI-gYMj9vC4m8Bhur5zboxjD4dQXaJbD1WSyHJ9sPJYsWP3Gjg6I19xeq9xMlAI6xaS9vOfuoI8nZnnQPx1NjfQEj03Jxf8a0-3F20sfICst1xRa5K48bpq1PFkK_oRojg=="
lfs_secret_key = "!decrypt:encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76klDv-ZcwxP1ryJzqJ7qnfaTe_6DYCfc82gEzvVDsyBlCoAkGpt1AI2_LCKetuSCnDPjtGvwdQl3A53lFEdG2UJl1uUiR7f8Vr"
oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz"
security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4="
2024-08-10 17:12:55 +00:00
[ metadata . interfaces . 'eno*' ]
2023-07-13 18:09:04 +00:00
ips = [
"193.135.9.29/24" ,
2023-07-15 05:01:00 +00:00
"2a0a:51c0:0:225::2/64" ,
2023-07-13 18:09:04 +00:00
]
gateway4 = "193.135.9.1"
2023-07-15 05:01:00 +00:00
gateway6 = "2a0a:51c0:0:225::1"
[ metadata . matrix-media-repo ]
admins = [ "@kunsi:franzi.business" ]
2023-09-09 18:39:23 +00:00
datastore_id = "3fff5da324ed784c771d638bb6be5917"
2024-08-10 17:13:48 +00:00
sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
2023-07-15 05:01:00 +00:00
upload_max_mb = 500
2024-08-10 17:13:48 +00:00
version = "v1.3.7"
2023-07-15 05:01:00 +00:00
[ metadata . matrix-media-repo . homeservers . 'franzi.business' ]
api = "synapse"
domain = "http://[::1]:20080/"
2024-07-12 16:46:10 +00:00
signing_key_path = "/etc/matrix-synapse/mmr.signing.key"
2023-07-15 05:01:00 +00:00
2023-09-02 11:35:04 +00:00
[ metadata . matrix-stickerpicker ]
# use this bot token: encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q
domain = "matrix-stickers.franzi.business"
[ metadata . matrix-stickerpicker . config ]
access_token = "!decrypt:encrypt$gAAAAABg-wBmGbAy-Ou1mkG2w5UyoqWmWYzDr4ZavyUQdmG_VtrUSmwHjx-qcBGIz_7NniD3zKm9GGvzRZItDu5zYiojcudYr74TkWJKhdDrgFbcWlfJJ_m3bWzrSORaTYzBGRckp2Vz_8xHgDk1W03vpT6mdIPMDzjuINssIcPs0YDth25W942tMfPA2csvLADY50qVRMJpdBOVIWba55o0g6-mAAQLOz6Ld4cCvYqZsqXsxjT8JUytJv_uSG4zgCS_aX20JlAyJWpJgT8FQF5HzIbsko_-Z9-TwtY7yllJp5Ri3n0WaDaWoMmUfhLvkMJeymmOc32A4WJBAePQ_2F-_oUDE7t97A-m3ZiMVAEefDnH5MkoiQEJTfHrJsXRkdBT_BnJlY1CoAuXpRYDdvbVDwN_qZHHHtqsno437l9S6GgDK_-sKBiojYkYsfHcJCdSEqeFGuxT"
homeserver = "https://matrix.franzi.business"
user_id = "@dimension:franzi.business"
2023-07-15 05:01:00 +00:00
[ metadata . matrix-synapse ]
admin_contact = "mailto:hostmaster@kunbox.net"
baseurl = "matrix.franzi.business"
server_name = "franzi.business"
2024-09-30 08:20:01 +00:00
trusted_key_servers = [ "matrix.org" , "161.rocks" ]
2023-07-15 05:01:00 +00:00
additional_client_config . 'im.vector.riot.jitsi' . preferredDomain = "meet.ffmuc.net"
2023-09-03 16:25:48 +00:00
wellknown_also_on_vhosts = [ "franzi.business" ]
2024-03-17 17:32:28 +00:00
[ metadata . matrix-synapse . sliding_sync ]
version = "v0.99.15"
sha1 = "cecb371ff5f1dd528cfc490484a0967dcc28cd82"
secret = "!decrypt:encrypt$gAAAAABl9yJlbEZafJ2mumtg03rW0-440NIgFcgdWGMo3Axrypugwctacy9Cq7MYtCBGjnDyNvVLI5B2QMJ9ssCD46NCsFRN3-X4u9rDtxPhRZV7rls_LQ_Csc_GsffJfvpmHbn_wsljd3I74h4ouWlYhhEQUIKwb3eErSZ_VTZhu_bC4jTa0FY="
2023-07-15 05:01:00 +00:00
[ metadata . mautrix-telegram ]
2024-07-19 17:21:50 +00:00
version = "v0.15.2"
2023-07-15 05:01:00 +00:00
homeserver . domain = "franzi.business"
homeserver . url = "https://matrix.franzi.business"
telegram . api_id = "!decrypt:encrypt$gAAAAABfVK5SmDDru-UQxitkE5VhPArnUBhaRbAqQPvAW2Fh3fd1XDrWxa3Qn4BSnJAPNWglH5wil_SXUMcIm95FMhPe8dVeMQ=="
telegram . api_token = "!decrypt:encrypt$gAAAAABfVK5jHuUly1xr9Iku362k7oF4ZYRhLGzNJh3aJpiNrLfAy_DJpTwucx4FV_g45dyQF5boqG2rgdDfwsJN_Ab95es6T4SPGiXIxJOBlvIln1Torwh16pXKchhUTn_PQ077Ll1W"
# same as for matrix-dimension
telegram . bot_token = "!decrypt:encrypt$gAAAAABfVK51ErJ6gfsOOkbRxSHDnVYmf7EihAQf7Uwj9og3TlAw64WRsA6ZVEgTSvOdLB3SMKZ-cTEhwkCOpbymq-_WLhes-hZALhN-H_oXHaxTQErJ0lARynKmjM-4ZhoGlUWlfh4Q"
provisioning . enabled = true
provisioning . shared_secret = "!decrypt:encrypt$gAAAAABfVKflEMAi07C_QGP8cy97hF-4gGPym0oF6p4WSMdAveTpx-hFsZd2s7v9ubw99yIsyKx0dHOJI0UND7hV1rKZdvjy4Qa642abZ2wwW7SWTqvuP_qVtrf6-klc2QKTzeD9c_LVsyZ2dqz_JxRPq3MRXgkubZuWOZ6FmFlAlteTffoGfWE="
[ metadata . mautrix-telegram . permissions ]
"'*'" = "relaybot"
'franzi.business' = "full"
"'@kunsi:franzi.business'" = "admin"
[ metadata . mautrix-whatsapp ]
2024-11-17 10:48:08 +00:00
version = "v0.11.1"
sha1 = "ada2dc6acfd5cb15fae341266b383d3f6e8b42bd"
2023-07-15 05:01:00 +00:00
permissions . "'@kunsi:franzi.business'" = "admin"
[ metadata . mautrix-whatsapp . homeserver ]
domain = "franzi.business"
url = "https://matrix.franzi.business"
2023-08-27 07:17:55 +00:00
[ metadata . miniflux ]
domain = "rss.franzi.business"
2023-08-02 06:07:36 +00:00
[ metadata . netbox ]
domain = "netbox.franzi.business"
2024-11-30 10:34:39 +00:00
version = "v4.1.7"
2023-08-02 06:07:36 +00:00
admins . kunsi = "hostmaster@kunbox.net"
2023-09-02 19:14:38 +00:00
[ metadata . nextcloud ]
domain = "warnochwas.de"
2023-09-01 03:55:27 +00:00
[ metadata . nginx . 'security.txt' ]
contact = "mailto:security@kunsmann.eu"
Encryption = "https://franzi.business/gpg_hi-kunsmann.eu.asc"
2024-09-29 11:46:21 +00:00
[ metadata . nginx . vhosts . 'afra.berlin' . locations . '/' ]
redirect = "https://afra-berlin.de"
mode = 302
2024-02-13 12:47:55 +00:00
[ metadata . nginx . vhosts . forgejo ]
domain_aliases = [ "git.kunsmann.eu" ]
2023-09-03 16:25:48 +00:00
[ metadata . nginx . vhosts . 'franzi.business' ]
domain = "franzi.business"
2024-03-16 09:51:56 +00:00
webroot_config . owner = "kunsi"
2023-09-03 16:25:48 +00:00
2023-08-23 10:19:24 +00:00
[ metadata . nginx . vhosts . 'gaenseblum.eu' . webroot_config ]
owner = "skye"
2024-05-12 17:43:07 +00:00
[ metadata . nginx . vhosts . kunsitracker ]
domain = "kunsitracker.de"
2024-10-26 06:20:01 +00:00
locations . '/' . target = "https://travelynx.franzi.business/"
locations . '/' . proxy_pass_host = "travelynx.franzi.business"
locations . '= /' . target = "https://travelynx.franzi.business/p/Kunsi"
locations . '= /' . proxy_pass_host = "travelynx.franzi.business"
2024-05-12 17:43:07 +00:00
2023-09-03 16:25:48 +00:00
[ metadata . nginx . vhosts . mta-sts ]
domain = "mta-sts.kunbox.net"
domain_aliases = [
"mta-sts.franzi.business" ,
"mta-sts.kunsmann.eu" ,
]
2024-02-13 13:01:40 +00:00
force_domain = false
2023-09-03 16:25:48 +00:00
[ metadata . nginx . vhosts . redirector ]
domain = "kunbox.net"
domain_aliases = [
"carlene.kunbox.net" ,
"kunsmann.eu" ,
]
[ metadata . nginx . vhosts . redirector . locations . '/' ]
redirect = "https://franzi.business/"
[ metadata . nginx . vhosts . redirector . locations . '/.well-known/openpgpkey/' ]
alias = "/var/www/franzi.business/.well-known/openpgpkey"
additional_config = [
"add_header Access-Control-Allow-Origin *" ,
"default_type application/octet-stream" ,
]
2023-08-27 07:38:06 +00:00
[ metadata . ntfy ]
domain = "ntfy.franzi.business"
ratelimit-exempt-hosts = [
"carlene" ,
2023-09-09 13:28:07 +00:00
"icinga2" ,
2023-08-27 07:38:06 +00:00
]
2023-09-01 03:55:27 +00:00
[ metadata . php ]
version = "8.2"
packages = [
'gd' ,
'imagick' ,
'imap' ,
'intl' ,
'mbstring' ,
'opcache' ,
'pgsql' ,
'readline' ,
'xml' ,
'yaml' ,
]
[ metadata . postfix ]
message_size_limit_mb = 100
myhostname = "mail.franzi.business"
2024-01-23 08:31:02 +00:00
blocked_recipients = [
"!decrypt:encrypt$gAAAAABlrPHMqx7o9pscfSx4Elayrzwun9jcTYOM4XrcAoUWaHJ9vP_7P5G7V3nwdB8pWfObNew-2IOihn5EPS-0ej2gn9rI4iDnMG_6S2IBCDYMqZMn1W0=" , # deadname
"tectu@kunsmann.eu" ,
]
2023-09-01 03:55:27 +00:00
[ metadata . postfixadmin ]
domain = "postfixadmin.franzi.business"
setup_password = "!decrypt:encrypt$gAAAAABgnNGpAqUs--qBXII9ZPcHtxaELy9e2Dx9O44n4l0O4nMHPoIyaPW5HkvpQ2zWTlh5OfjjOgunRtE_voJuY0Kdtji37ixAnuL9ErOJ0LDY5QfMkNPUgPs5alwz1baqYq6rqJ7NDmB0gHraY46v5eG79R2EyQ=="
2024-11-30 10:34:53 +00:00
version = "3.3.14"
2023-09-01 03:55:27 +00:00
2023-07-15 05:01:00 +00:00
[ metadata . postgresql ]
version = 15
2023-07-13 18:09:04 +00:00
2023-09-01 03:55:27 +00:00
[ metadata . rspamd ]
ignore_spam_check_for_ips = [
# entropia
'45.140.180.32/27' , # Entropia e. V.
'45.140.180.112/28' , # MicroPOC
'2a0e:c5c0:0:201::/64' , # Entropia e. V.
'2a0e:c5c0:0:307::/64' , # MicroPOC
# c3kl
'116.202.19.236' ,
'2a01:4f8:1c17:cc52::/64' ,
# ccc
'212.12.55.65' ,
'212.12.55.67' ,
'2a00:14b0:4200:3000:23:55:0:65' ,
# IN-Berlin mailman
'130.133.8.35' ,
'192.109.42.28' ,
'192.109.42.122' ,
'193.29.188.9' ,
'217.197.80.23' ,
'217.197.80.134' ,
'2001:bf0:c000:a::2:134' ,
# c3voc
'185.106.84.32/26' ,
'2001:67c:20a0:e::/64' ,
# DENOG
'195.20.121.100' ,
'2001:1440:201:101::5' ,
]
password = "!bwpass:bw/rx300/rspamd"
dkim = "uO4aNejDvVdw8BKne3KJIqAvCQMJ0416"
2023-07-13 19:31:44 +00:00
[ metadata . smartd ]
disks = [
2024-10-24 17:25:00 +00:00
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NF0W508470" ,
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NX0W114380" ,
2023-07-13 19:31:44 +00:00
]
2023-08-01 19:22:28 +00:00
[ metadata . travelynx ]
2024-12-12 10:02:14 +00:00
version = "2.9.6"
2023-08-01 19:22:28 +00:00
mail_from = "travelynx@franzi.business"
domain = "travelynx.franzi.business"
2023-08-23 10:19:24 +00:00
[ metadata . users . skye ]
ssh_pubkey = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCO0KG3/hnMO6UsReyEHvV4y7fYmJGQeCVnmw2xUoM4so2ZacWDi27aQbMq6wWb/JsUh4j3OOvEfNvf27LU6wpqcxM/QO22YjLsOtVzVnGjupsKAnN/nKy+X7KhspaF9qKFpmseBpuEAAnaxnreEFNC2tHarzJzgj+Y+Bmkg4tnMWsVc6EoBp1R2xmsdeRtgcQwms3xX9COeAjkFNgniGfqigO2AxPgC68h3GqSlcPzgpJ7ukvtCRCs/g3R+9GCnxsamd3AYhaRCIKauIyA44WqtH8lAH5+g16tU8WYcK1KySuwLt418kXDDJrZXaOLbxRl+jrShIdPoGhqs1y6KlOVTbj9TBVGt8CtV8JsLwzH2GCdLjImcXWUob2j2sxgBGTWiTfWf98XBLmBQwbAlBJ01gsHhJxDx0E2ttxueSjyg4hTzWCH0TlRmbpUDdIlqLgwHxmh97YFF5oqkgWGjSt7jxrW8Q9+FeMi5L2qHzKez5Z3quOhDIXWjEcpxqQQ2Lc=" ,
]
2023-08-25 10:51:19 +00:00
[ metadata . weechat ]
user = "kunsi"
relay_domain = "irc.franzi.business"
2023-07-13 18:09:04 +00:00
[ [ metadata . zfs . pools . tank . when_creating . config ] ]
devices = [
"/dev/nvme0n1p3" ,
"/dev/nvme1n1p3" ,
]
type = "mirror"
2023-07-15 05:01:00 +00:00
[ metadata . zfs . datasets . tank ]
primarycache = "metadata"
2024-03-03 11:47:24 +00:00
[ metadata . zfs . datasets . 'tank/sewfile' ]
mountpoint = "/mnt/sewfile/"
2023-07-13 18:09:04 +00:00
[ metadata . vm ]
cpu = 24
ram = 64