Compare commits
No commits in common. "main" and "update-miniserver" have entirely different histories.
main
...
update-min
99 changed files with 947 additions and 1758 deletions
|
@ -33,7 +33,7 @@ defaults = {
|
|||
# networking
|
||||
'avahi': {},
|
||||
'netctl': {},
|
||||
'util-linux': {}, # provides rfkill
|
||||
'rfkill': {},
|
||||
'wpa_supplicant': {},
|
||||
'wpa_actiond': {},
|
||||
|
||||
|
|
|
@ -160,7 +160,7 @@ def monitoring(metadata):
|
|||
client,
|
||||
config['one_backup_every_hours'],
|
||||
),
|
||||
'vars.sshmon_timeout': 40,
|
||||
'vars.sshmon_timeout': 20,
|
||||
}
|
||||
|
||||
return {
|
||||
|
|
|
@ -7,6 +7,9 @@ supported_os = {
|
|||
12: 'bookworm',
|
||||
99: 'unstable',
|
||||
},
|
||||
'raspbian': {
|
||||
10: 'buster',
|
||||
},
|
||||
}
|
||||
|
||||
try:
|
||||
|
@ -79,10 +82,6 @@ actions = {
|
|||
'triggered': True,
|
||||
'cascade_skip': False,
|
||||
},
|
||||
'apt_execute_update_commands': {
|
||||
'command': ' && '.join(sorted(node.metadata.get('apt/additional_update_commands', {'true'}))),
|
||||
'triggered': True,
|
||||
},
|
||||
}
|
||||
|
||||
directories = {
|
||||
|
|
|
@ -1,39 +0,0 @@
|
|||
#!/usr/bin/env python3
|
||||
|
||||
from json import loads
|
||||
from subprocess import check_output
|
||||
from sys import argv
|
||||
|
||||
try:
|
||||
container_name = argv[1]
|
||||
|
||||
docker_ps = check_output([
|
||||
'docker',
|
||||
'container',
|
||||
'ls',
|
||||
'--all',
|
||||
'--format',
|
||||
'json',
|
||||
'--filter',
|
||||
f'name={container_name}'
|
||||
])
|
||||
|
||||
containers = loads(f"[{','.join([l for l in docker_ps.decode().splitlines() if l])}]")
|
||||
|
||||
if not containers:
|
||||
print(f'CRITICAL: container {container_name} not found!')
|
||||
exit(2)
|
||||
|
||||
if len(containers) > 1:
|
||||
print(f'Found more than one container matching {container_name}!')
|
||||
print(docker_ps)
|
||||
exit(3)
|
||||
|
||||
if containers[0]['State'] != 'running':
|
||||
print(f'WARNING: container {container_name} not "running"')
|
||||
exit(2)
|
||||
|
||||
print(f"OK: {containers[0]['Status']}")
|
||||
except Exception as e:
|
||||
print(repr(e))
|
||||
exit(2)
|
|
@ -1,50 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
[[ -n "$DEBUG" ]] && set -x
|
||||
|
||||
ACTION="$1"
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
if [[ -z "$ACTION" ]]
|
||||
then
|
||||
echo "Usage: $0 start|stop"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PUID="$(id -u "docker-${name}")"
|
||||
PGID="$(id -g "docker-${name}")"
|
||||
|
||||
if [ "$ACTION" == "start" ]
|
||||
then
|
||||
docker run -d \
|
||||
--name "${name}" \
|
||||
--env "PUID=$PUID" \
|
||||
--env "PGID=$PGID" \
|
||||
--env "TZ=${timezone}" \
|
||||
% for k, v in sorted(environment.items()):
|
||||
--env "${k}=${v}" \
|
||||
% endfor
|
||||
--network host \
|
||||
% for host_port, container_port in sorted(ports.items()):
|
||||
--expose "127.0.0.1:${host_port}:${container_port}" \
|
||||
% endfor
|
||||
% for host_path, container_path in sorted(volumes.items()):
|
||||
--volume "/var/opt/docker-engine/${name}/${host_path}:${container_path}" \
|
||||
% endfor
|
||||
--restart unless-stopped \
|
||||
"${image}"
|
||||
|
||||
elif [ "$ACTION" == "stop" ]
|
||||
then
|
||||
docker stop "${name}"
|
||||
docker rm "${name}"
|
||||
|
||||
else
|
||||
echo "Unknown action $ACTION"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
% if node.has_bundle('nftables'):
|
||||
systemctl reload nftables
|
||||
% endif
|
|
@ -1,14 +0,0 @@
|
|||
[Unit]
|
||||
Description=docker-engine app ${name}
|
||||
After=network.target
|
||||
Requires=${' '.join(sorted(requires))}
|
||||
|
||||
[Service]
|
||||
WorkingDirectory=/var/opt/docker-engine/${name}/
|
||||
ExecStart=/opt/docker-engine/${name} start
|
||||
ExecStop=/opt/docker-engine/${name} stop
|
||||
Type=simple
|
||||
RemainAfterExit=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,99 +0,0 @@
|
|||
from bundlewrap.metadata import metadata_to_json
|
||||
|
||||
deps = {
|
||||
'pkg_apt:docker-ce',
|
||||
'pkg_apt:docker-ce-cli',
|
||||
}
|
||||
|
||||
directories['/opt/docker-engine'] = {
|
||||
'purge': True,
|
||||
}
|
||||
directories['/var/opt/docker-engine'] = {}
|
||||
|
||||
files['/etc/docker/daemon.json'] = {
|
||||
'content': metadata_to_json(node.metadata.get('docker-engine/config')),
|
||||
'triggers': {
|
||||
'svc_systemd:docker:restart',
|
||||
},
|
||||
# install config before installing packages to ensure the config is
|
||||
# applied to the first start as well
|
||||
'before': deps,
|
||||
}
|
||||
|
||||
svc_systemd['docker'] = {
|
||||
'needs': deps,
|
||||
}
|
||||
|
||||
files['/usr/local/share/icinga/plugins/check_docker_container'] = {
|
||||
'mode': '0755',
|
||||
}
|
||||
|
||||
for app, config in node.metadata.get('docker-engine/containers', {}).items():
|
||||
volumes = config.get('volumes', {})
|
||||
|
||||
files[f'/opt/docker-engine/{app}'] = {
|
||||
'source': 'docker-wrapper',
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'environment': config.get('environment', {}),
|
||||
'image': config['image'],
|
||||
'name': app,
|
||||
'ports': config.get('ports', {}),
|
||||
'timezone': node.metadata.get('timezone'),
|
||||
'volumes': volumes,
|
||||
},
|
||||
'mode': '0755',
|
||||
'triggers': {
|
||||
f'svc_systemd:docker-{app}:restart',
|
||||
},
|
||||
}
|
||||
|
||||
users[f'docker-{app}'] = {
|
||||
'home': f'/var/opt/docker-engine/{app}',
|
||||
'groups': {
|
||||
'docker',
|
||||
},
|
||||
'after': {
|
||||
# provides docker group
|
||||
'pkg_apt:docker-ce',
|
||||
},
|
||||
}
|
||||
|
||||
files[f'/usr/local/lib/systemd/system/docker-{app}.service'] = {
|
||||
'source': 'docker-wrapper.service',
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'name': app,
|
||||
'requires': {
|
||||
*set(config.get('requires', set())),
|
||||
'docker.service',
|
||||
}
|
||||
},
|
||||
'triggers': {
|
||||
'action:systemd-reload',
|
||||
f'svc_systemd:docker-{app}:restart',
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd[f'docker-{app}'] = {
|
||||
'needs': {
|
||||
*deps,
|
||||
f'file:/opt/docker-engine/{app}',
|
||||
f'file:/usr/local/lib/systemd/system/docker-{app}.service',
|
||||
f'user:docker-{app}',
|
||||
'svc_systemd:docker',
|
||||
*set(config.get('needs', set())),
|
||||
},
|
||||
}
|
||||
|
||||
for volume in volumes:
|
||||
directories[f'/var/opt/docker-engine/{app}/{volume}'] = {
|
||||
'owner': f'docker-{app}',
|
||||
'group': f'docker-{app}',
|
||||
'needed_by': {
|
||||
f'svc_systemd:docker-{app}',
|
||||
},
|
||||
# don't do anything if the directory exists, docker images
|
||||
# mangle owners
|
||||
'unless': f'test -d /var/opt/docker-engine/{app}/{volume}',
|
||||
}
|
|
@ -1,83 +0,0 @@
|
|||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'docker-ce': {},
|
||||
'docker-ce-cli': {},
|
||||
'docker-compose-plugin': {},
|
||||
},
|
||||
'repos': {
|
||||
'docker': {
|
||||
'items': {
|
||||
'deb https://download.docker.com/linux/debian {os_release} stable',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
'backups': {
|
||||
'paths': {
|
||||
'/var/opt/docker-engine',
|
||||
},
|
||||
},
|
||||
'hosts': {
|
||||
'entries': {
|
||||
'172.17.0.1': {
|
||||
'host.docker.internal',
|
||||
},
|
||||
},
|
||||
},
|
||||
'docker-engine': {
|
||||
'config': {
|
||||
'iptables': False,
|
||||
'no-new-privileges': True,
|
||||
},
|
||||
},
|
||||
'zfs': {
|
||||
'datasets': {
|
||||
'tank/docker-data': {
|
||||
'mountpoint': '/var/opt/docker-engine',
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'icinga2_api/docker-engine/services',
|
||||
)
|
||||
def monitoring(metadata):
|
||||
services = {
|
||||
'DOCKER PROCESS': {
|
||||
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -C dockerd -c 1:',
|
||||
},
|
||||
}
|
||||
|
||||
for app in metadata.get('docker-engine/containers', {}):
|
||||
services[f'DOCKER CONTAINER {app}'] = {
|
||||
'command_on_monitored_host': f'sudo /usr/local/share/icinga/plugins/check_docker_container {app}'
|
||||
}
|
||||
|
||||
return {
|
||||
'icinga2_api': {
|
||||
'docker-engine': {
|
||||
'services': services,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'zfs/datasets',
|
||||
)
|
||||
def zfs(metadata):
|
||||
datasets = {}
|
||||
|
||||
for app in metadata.get('docker-engine/containers', {}):
|
||||
datasets[f'tank/docker-data/{app}'] = {
|
||||
'mountpoint': f'/var/opt/docker-engine/{app}'
|
||||
}
|
||||
|
||||
return {
|
||||
'zfs': {
|
||||
'datasets': datasets,
|
||||
},
|
||||
}
|
|
@ -1,64 +0,0 @@
|
|||
assert node.has_bundle('docker-engine')
|
||||
assert node.has_bundle('redis')
|
||||
assert not node.has_bundle('postgresql') # docker container uses that port
|
||||
|
||||
defaults = {
|
||||
'docker-engine': {
|
||||
'containers': {
|
||||
'immich': {
|
||||
'image': 'ghcr.io/imagegenius/immich:latest',
|
||||
'environment': {
|
||||
'DB_DATABASE_NAME': 'immich',
|
||||
'DB_HOSTNAME': 'host.docker.internal',
|
||||
'DB_PASSWORD': repo.vault.password_for(f'{node.name} postgresql immich'),
|
||||
'DB_USERNAME': 'immich',
|
||||
'REDIS_HOSTNAME': 'host.docker.internal',
|
||||
},
|
||||
'volumes': {
|
||||
'config': '/config',
|
||||
'libraries': '/libraries',
|
||||
'photos': '/photos',
|
||||
},
|
||||
'needs': {
|
||||
'svc_systemd:docker-postgresql14',
|
||||
},
|
||||
'requires': {
|
||||
'docker-postgresql14.service',
|
||||
},
|
||||
},
|
||||
'postgresql14': {
|
||||
'image': 'tensorchord/pgvecto-rs:pg14-v0.2.0',
|
||||
'environment': {
|
||||
'POSTGRES_PASSWORD': repo.vault.password_for(f'{node.name} postgresql immich'),
|
||||
'POSTGRES_USER': 'immich',
|
||||
'POSTGRES_DB': 'immich',
|
||||
},
|
||||
'volumes': {
|
||||
'database': '/var/lib/postgresql/data',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
'nginx': {
|
||||
'vhosts': {
|
||||
'immich': {
|
||||
'locations': {
|
||||
'/': {
|
||||
'target': 'http://127.0.0.1:8080/',
|
||||
'websockets': True,
|
||||
'max_body_size': '500m',
|
||||
},
|
||||
#'/api/socket.io/': {
|
||||
# 'target': 'http://127.0.0.1:8081/',
|
||||
# 'websockets': True,
|
||||
#},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
'redis': {
|
||||
'bind': '0.0.0.0',
|
||||
},
|
||||
}
|
||||
|
||||
|
|
@ -29,8 +29,8 @@ mail_location = maildir:/var/mail/vmail/%d/%n
|
|||
protocols = imap lmtp sieve
|
||||
|
||||
ssl = required
|
||||
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
||||
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
||||
ssl_dh = </etc/ssl/certs/dhparam.pem
|
||||
ssl_min_protocol = TLSv1.2
|
||||
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
|
||||
|
|
|
@ -100,7 +100,7 @@ def nginx(metadata):
|
|||
},
|
||||
},
|
||||
'website_check_path': '/user/login',
|
||||
'website_check_string': 'Sign in',
|
||||
'website_check_string': 'Sign In',
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
|
@ -2,42 +2,48 @@
|
|||
|
||||
from sys import exit
|
||||
|
||||
from packaging.version import parse
|
||||
from requests import get
|
||||
import requests
|
||||
from packaging import version
|
||||
|
||||
API_TOKEN = "${token}"
|
||||
DOMAIN = "${domain}"
|
||||
bearer = "${bearer}"
|
||||
domain = "${domain}"
|
||||
OK = 0
|
||||
WARN = 1
|
||||
CRITICAL = 2
|
||||
UNKNOWN = 3
|
||||
|
||||
status = 3
|
||||
message = "Unknown Update Status"
|
||||
|
||||
|
||||
domain = "hass.home.kunbox.net"
|
||||
|
||||
s = requests.Session()
|
||||
s.headers.update({"Content-Type": "application/json"})
|
||||
|
||||
try:
|
||||
r = get("https://version.home-assistant.io/stable.json")
|
||||
r.raise_for_status()
|
||||
stable_version = parse(r.json()["homeassistant"]["generic-x86-64"])
|
||||
except Exception as e:
|
||||
print(f"Could not get stable version information from home-assistant.io: {e!r}")
|
||||
exit(3)
|
||||
|
||||
try:
|
||||
r = get(
|
||||
f"https://{DOMAIN}/api/config",
|
||||
headers={"Authorization": f"Bearer {API_TOKEN}", "Content-Type": "application/json"},
|
||||
stable_version = version.parse(
|
||||
s.get("https://version.home-assistant.io/stable.json").json()["homeassistant"][
|
||||
"generic-x86-64"
|
||||
]
|
||||
)
|
||||
r.raise_for_status()
|
||||
running_version = parse(r.json()["version"])
|
||||
except Exception as e:
|
||||
print(f"Could not get running version information from homeassistant: {e!r}")
|
||||
exit(3)
|
||||
|
||||
try:
|
||||
if stable_version > running_version:
|
||||
print(
|
||||
f"There is a newer version available: {stable_version} (currently installed: {running_version})"
|
||||
)
|
||||
exit(2)
|
||||
s.headers.update(
|
||||
{"Authorization": f"Bearer {bearer}", "Content-Type": "application/json"}
|
||||
)
|
||||
running_version = version.parse(
|
||||
s.get(f"https://{domain}/api/config").json()["version"]
|
||||
)
|
||||
if running_version == stable_version:
|
||||
status = 0
|
||||
message = f"OK - running version {running_version} equals stable version {stable_version}"
|
||||
elif running_version > stable_version:
|
||||
status = 1
|
||||
message = f"WARNING - stable version {stable_version} is lower than running version {running_version}, check if downgrade is necessary."
|
||||
else:
|
||||
print(
|
||||
f"Currently running version {running_version} matches newest release on home-assistant.io"
|
||||
)
|
||||
exit(0)
|
||||
status = 2
|
||||
message = f"CRITICAL - update necessary, running version {running_version} is lower than stable version {stable_version}"
|
||||
except Exception as e:
|
||||
print(repr(e))
|
||||
exit(3)
|
||||
message = f"{message}: {repr(e)}"
|
||||
|
||||
print(message)
|
||||
exit(status)
|
||||
|
|
|
@ -5,8 +5,6 @@ After=network-online.target
|
|||
[Service]
|
||||
Type=simple
|
||||
User=homeassistant
|
||||
Environment="VIRTUAL_ENV=/opt/homeassistant/venv"
|
||||
Environment="PATH=/opt/homeassistant/venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||
WorkingDirectory=/var/opt/homeassistant
|
||||
ExecStart=/opt/homeassistant/venv/bin/hass -c "/var/opt/homeassistant"
|
||||
RestartForceExitStatus=100
|
||||
|
|
|
@ -30,7 +30,7 @@ files = {
|
|||
'/usr/local/share/icinga/plugins/check_homeassistant_update': {
|
||||
'content_type': 'mako',
|
||||
'context': {
|
||||
'token': node.metadata.get('homeassistant/api_secret'),
|
||||
'bearer': repo.vault.decrypt(node.metadata.get('homeassistant/api_secret')),
|
||||
'domain': node.metadata.get('homeassistant/domain'),
|
||||
},
|
||||
'mode': '0755',
|
||||
|
|
|
@ -50,13 +50,17 @@ def check_list(ip_list, blocklist, warn_ips):
|
|||
]).decode().splitlines()
|
||||
for item in result:
|
||||
if item.startswith(';;'):
|
||||
continue
|
||||
msgs.append('{} listed in {} as {}'.format(
|
||||
ip,
|
||||
blocklist,
|
||||
item,
|
||||
))
|
||||
if item in warn_ips and returncode < 2:
|
||||
msgs.append('{} - {}'.format(
|
||||
blocklist,
|
||||
item,
|
||||
))
|
||||
else:
|
||||
msgs.append('{} listed in {} as {}'.format(
|
||||
ip,
|
||||
blocklist,
|
||||
item,
|
||||
))
|
||||
if (item in warn_ips or item.startswith(';;')) and returncode < 2:
|
||||
returncode = 1
|
||||
else:
|
||||
returncode = 2
|
||||
|
|
|
@ -199,7 +199,7 @@ if __name__ == '__main__':
|
|||
notify_per_mail()
|
||||
|
||||
if args.sms:
|
||||
if not args.service_name:
|
||||
if args.service_name:
|
||||
notify_per_sms()
|
||||
if CONFIG['ntfy']['user']:
|
||||
notify_per_ntfy()
|
||||
|
|
|
@ -17,6 +17,7 @@ defaults = {
|
|||
'icinga2': {},
|
||||
'icinga2-ido-pgsql': {},
|
||||
'icingaweb2': {},
|
||||
'icingaweb2-module-monitoring': {},
|
||||
'python3-easysnmp': {},
|
||||
'python3-flask': {},
|
||||
'snmp': {},
|
||||
|
|
|
@ -23,7 +23,7 @@ actions = {
|
|||
git_deploy = {
|
||||
'/opt/infobeamer-cms/src': {
|
||||
'rev': 'master',
|
||||
'repo': 'https://github.com/voc/infobeamer-cms.git',
|
||||
'repo': 'https://github.com/sophieschi/36c3-cms.git',
|
||||
'needs': {
|
||||
'directory:/opt/infobeamer-cms/src',
|
||||
},
|
||||
|
@ -96,6 +96,14 @@ files = {
|
|||
},
|
||||
}
|
||||
|
||||
pkg_pip = {
|
||||
'github-flask': {
|
||||
'needed_by': {
|
||||
'svc_systemd:infobeamer-cms',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd = {
|
||||
'infobeamer-cms': {
|
||||
'needs': {
|
||||
|
|
|
@ -61,6 +61,8 @@ def mqtt_dump_state(device):
|
|||
out.append("Location: {}".format(device["location"]))
|
||||
out.append("Setup: {} ({})".format(device["setup"]["name"], device["setup"]["id"]))
|
||||
out.append("Resolution: {}".format(device["run"].get("resolution", "unknown")))
|
||||
if not device["is_synced"]:
|
||||
out.append("syncing ...")
|
||||
|
||||
mqtt_out(
|
||||
" - ".join(out),
|
||||
|
@ -71,9 +73,6 @@ def mqtt_dump_state(device):
|
|||
mqtt_out("Monitor starting up")
|
||||
while True:
|
||||
try:
|
||||
online_devices = set()
|
||||
available_credits = None
|
||||
|
||||
try:
|
||||
r = get(
|
||||
"https://info-beamer.com/api/v1/device/list",
|
||||
|
@ -89,6 +88,7 @@ while True:
|
|||
)
|
||||
else:
|
||||
new_state = {}
|
||||
online_devices = set()
|
||||
for device in ib_state:
|
||||
did = str(device["id"])
|
||||
|
||||
|
@ -140,15 +140,17 @@ while True:
|
|||
if device["is_online"]:
|
||||
if device["maintenance"]:
|
||||
mqtt_out(
|
||||
"maintenance required: {}".format(
|
||||
" ".join(sorted(device["maintenance"]))
|
||||
"maintenance required: {}".join(
|
||||
sorted(device["maintenance"])
|
||||
),
|
||||
level="WARN",
|
||||
device=device,
|
||||
)
|
||||
must_dump_state = True
|
||||
|
||||
if (
|
||||
device["location"] != state[did]["location"]
|
||||
device["is_synced"] != state[did]["is_synced"]
|
||||
or device["location"] != state[did]["location"]
|
||||
or device["setup"]["id"] != state[did]["setup"]["id"]
|
||||
or device["run"].get("resolution")
|
||||
!= state[did]["run"].get("resolution")
|
||||
|
@ -170,56 +172,13 @@ while True:
|
|||
|
||||
state = new_state
|
||||
|
||||
try:
|
||||
r = get(
|
||||
"https://info-beamer.com/api/v1/account",
|
||||
auth=("", CONFIG["api_key"]),
|
||||
)
|
||||
r.raise_for_status()
|
||||
ib_account = r.json()
|
||||
except RequestException as e:
|
||||
LOG.exception("Could not get data from info-beamer")
|
||||
mqtt_out(
|
||||
f"Could not get data from info-beamer: {e!r}",
|
||||
level="WARN",
|
||||
)
|
||||
else:
|
||||
available_credits = ib_account["balance"]
|
||||
if available_credits < 50:
|
||||
mqtt_out(
|
||||
f"balance has dropped below 50 credits! (available: {available_credits})",
|
||||
level="ERROR",
|
||||
)
|
||||
elif available_credits < 100:
|
||||
mqtt_out(
|
||||
f"balance has dropped below 100 credits! (available: {available_credits})",
|
||||
level="WARN",
|
||||
)
|
||||
|
||||
for quota_name, quota_config in sorted(ib_account["quotas"].items()):
|
||||
value = quota_config["count"]["value"]
|
||||
limit = quota_config["count"]["limit"]
|
||||
if value > limit * 0.9:
|
||||
mqtt_out(
|
||||
f"quota {quota_name} is over 90% (limit {limit}, value {value})",
|
||||
level="ERROR",
|
||||
)
|
||||
elif value > limit * 0.8:
|
||||
mqtt_out(
|
||||
f"quota {quota_name} is over 80% (limit {limit}, value {value})",
|
||||
level="WARN",
|
||||
)
|
||||
|
||||
if datetime.now(timezone.utc).strftime("%H%M") == "1312":
|
||||
if available_credits is not None:
|
||||
mqtt_out(f"Available Credits: {available_credits}")
|
||||
|
||||
if online_devices:
|
||||
mqtt_out(
|
||||
"Online Devices: {}".format(", ".join(sorted(online_devices)))
|
||||
)
|
||||
|
||||
sleep(60)
|
||||
if (
|
||||
datetime.now(timezone.utc).strftime("%H%M") == "1312"
|
||||
and online_devices
|
||||
and int(datetime.now(timezone.utc).strftime("%S")) < 30
|
||||
):
|
||||
mqtt_out("Online Devices: {}".format(", ".join(sorted(online_devices))))
|
||||
sleep(30)
|
||||
except KeyboardInterrupt:
|
||||
break
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@ homeservers:
|
|||
% endfor
|
||||
|
||||
accessTokens:
|
||||
maxCacheTimeSeconds: 10
|
||||
maxCacheTimeSeconds: 0
|
||||
useLocalAppserviceConfig: false
|
||||
|
||||
admins:
|
||||
|
@ -137,8 +137,8 @@ thumbnails:
|
|||
|
||||
rateLimit:
|
||||
enabled: true
|
||||
requestsPerSecond: 100
|
||||
burst: 5000
|
||||
requestsPerSecond: 10
|
||||
burst: 50
|
||||
|
||||
identicons:
|
||||
enabled: true
|
||||
|
|
|
@ -23,8 +23,9 @@ table inet filter {
|
|||
|
||||
icmp type timestamp-request drop
|
||||
icmp type timestamp-reply drop
|
||||
meta l4proto {icmp, ipv6-icmp} accept
|
||||
ip protocol icmp accept
|
||||
|
||||
ip6 nexthdr ipv6-icmp accept
|
||||
% for ruleset, rules in sorted(input.items()):
|
||||
|
||||
# ${ruleset}
|
||||
|
|
|
@ -29,7 +29,7 @@ defaults = {
|
|||
},
|
||||
}
|
||||
|
||||
if not node.has_bundle('vmhost') and not node.has_bundle('docker-engine'):
|
||||
if not node.has_bundle('vmhost'):
|
||||
# see comment in bundles/vmhost/items.py
|
||||
defaults['apt']['packages']['iptables'] = {
|
||||
'installed': False,
|
||||
|
|
|
@ -11,7 +11,7 @@ events {
|
|||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
types {
|
||||
application/javascript mjs;
|
||||
application/javascript js mjs;
|
||||
}
|
||||
default_type application/octet-stream;
|
||||
charset UTF-8;
|
||||
|
|
|
@ -149,18 +149,18 @@ server {
|
|||
% if 'target' in options:
|
||||
proxy_pass ${options['target']};
|
||||
proxy_http_version ${options.get('http_version', '1.1')};
|
||||
proxy_set_header Host ${options.get('proxy_pass_host', domain)};
|
||||
proxy_set_header Host ${domain};
|
||||
% if options.get('websockets', False):
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
% endif
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host ${options.get('x_forwarded_host', options.get('proxy_pass_host', domain))};
|
||||
proxy_set_header X-Forwarded-Host ${options.get('x_forwarded_host', domain)};
|
||||
% for option, value in options.get('proxy_set_header', {}).items():
|
||||
proxy_set_header ${option} ${value};
|
||||
% endfor
|
||||
% if location != '/' and location != '= /':
|
||||
% if location != '/':
|
||||
proxy_set_header X-Script-Name ${location};
|
||||
% endif
|
||||
proxy_buffering off;
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
devnull@${node.metadata.get('postfix/myhostname')} DISCARD DEV-NULL
|
||||
|
||||
% for address in sorted(blocked):
|
||||
${address} REJECT
|
||||
% endfor
|
||||
|
|
|
@ -3,7 +3,7 @@ biff = no
|
|||
append_dot_mydomain = no
|
||||
readme_directory = no
|
||||
compatibility_level = 2
|
||||
myhostname = ${node.metadata.get('postfix/myhostname')}
|
||||
myhostname = ${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}
|
||||
myorigin = /etc/mailname
|
||||
mydestination = $myhostname, localhost
|
||||
mynetworks = ${' '.join(sorted(mynetworks))}
|
||||
|
@ -38,8 +38,8 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
|||
</%text>
|
||||
|
||||
% if node.has_bundle('postfixadmin'):
|
||||
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
||||
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
||||
<%text>
|
||||
smtpd_use_tls=yes
|
||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||
|
@ -48,7 +48,7 @@ smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
|
|||
smtpd_helo_required = yes
|
||||
smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname
|
||||
smtpd_data_restrictions = reject_unauth_pipelining
|
||||
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/blocked_recipients, permit_mynetworks
|
||||
smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access hash:/etc/postfix/blocked_recipients
|
||||
smtpd_relay_before_recipient_restrictions = yes
|
||||
|
||||
# https://ssl-config.mozilla.org/#server=postfix&version=3.7.10&config=intermediate&openssl=3.0.11&guideline=5.7
|
||||
|
|
|
@ -25,7 +25,7 @@ my_package = 'pkg_pacman:postfix' if node.os == 'arch' else 'pkg_apt:postfix'
|
|||
|
||||
files = {
|
||||
'/etc/mailname': {
|
||||
'content': node.metadata.get('postfix/myhostname'),
|
||||
'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']),
|
||||
'before': {
|
||||
my_package,
|
||||
},
|
||||
|
|
|
@ -87,7 +87,7 @@ def letsencrypt(metadata):
|
|||
}
|
||||
|
||||
result['domains'] = {
|
||||
metadata.get('postfix/myhostname'): set(),
|
||||
metadata.get('postfix/myhostname', metadata.get('hostname')): set(),
|
||||
}
|
||||
|
||||
return {
|
||||
|
@ -148,14 +148,3 @@ def icinga2(metadata):
|
|||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'postfix/myhostname',
|
||||
)
|
||||
def myhostname(metadata):
|
||||
return {
|
||||
'postfix': {
|
||||
'myhostname': metadata.get('hostname'),
|
||||
},
|
||||
}
|
||||
|
|
|
@ -57,7 +57,7 @@ files = {
|
|||
},
|
||||
}
|
||||
|
||||
if node.has_bundle('backup-client'):
|
||||
if node.has_bundle('backup-client') and not node.has_bundle('zfs'):
|
||||
files['/etc/backup-pre-hooks.d/90-postgresql-dump-all'] = {
|
||||
'source': 'backup-pre-hook',
|
||||
'content_type': 'mako',
|
||||
|
@ -67,6 +67,10 @@ if node.has_bundle('backup-client'):
|
|||
'mode': '0700',
|
||||
}
|
||||
directories['/var/tmp/postgresdumps'] = {}
|
||||
else:
|
||||
files['/var/tmp/postgresdumps'] = {
|
||||
'delete': True,
|
||||
}
|
||||
|
||||
postgres_roles = {
|
||||
'root': {
|
||||
|
|
|
@ -11,7 +11,6 @@ defaults = {
|
|||
'backups': {
|
||||
'paths': {
|
||||
'/var/lib/postgresql',
|
||||
'/var/tmp/postgresdumps',
|
||||
},
|
||||
},
|
||||
'bash_functions': {
|
||||
|
@ -75,6 +74,8 @@ if node.has_bundle('zfs'):
|
|||
},
|
||||
},
|
||||
}
|
||||
else:
|
||||
defaults['backups']['paths'].add('/var/tmp/postgresdumps')
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
|
|
|
@ -3,8 +3,6 @@ from os import listdir
|
|||
from os.path import isfile, join
|
||||
from subprocess import check_output
|
||||
|
||||
from bundlewrap.utils.ui import io
|
||||
|
||||
zone_path = join(repo.path, 'data', 'powerdns', 'files', 'bind-zones')
|
||||
|
||||
nameservers = set()
|
||||
|
@ -81,10 +79,9 @@ if node.metadata.get('powerdns/features/bind', False):
|
|||
continue
|
||||
|
||||
try:
|
||||
output = check_output(['git', 'log', '-1', '--pretty=%ci']).decode('utf-8').strip()
|
||||
output = check_output(['git', 'log', '-1', '--pretty=%ci', join(zone_path, zone)]).decode('utf-8').strip()
|
||||
serial = datetime.strptime(output, '%Y-%m-%d %H:%M:%S %z').strftime('%y%m%d%H%M')
|
||||
except Exception as e:
|
||||
io.stderr(f"Error while parsing commit time for {zone} serial: {e!r}")
|
||||
except:
|
||||
serial = datetime.now().strftime('%y%m%d0000')
|
||||
|
||||
primary_zones.add(zone)
|
||||
|
|
|
@ -71,8 +71,8 @@ actions = {
|
|||
'chown -R powerdnsadmin:powerdnsadmin /opt/powerdnsadmin/src/powerdnsadmin/static/',
|
||||
]),
|
||||
'needs': {
|
||||
'action:nodejs_install_yarn',
|
||||
'action:powerdnsadmin_install_deps',
|
||||
'bundle:nodejs',
|
||||
'pkg_apt:',
|
||||
},
|
||||
},
|
||||
|
|
|
@ -7,6 +7,7 @@ from subprocess import check_output
|
|||
|
||||
from requests import get
|
||||
|
||||
|
||||
UPDATE_URL = '${url}'
|
||||
USERNAME = '${username}'
|
||||
PASSWORD = '${password}'
|
||||
|
|
|
@ -5,6 +5,7 @@ from ipaddress import ip_address
|
|||
from json import loads
|
||||
from subprocess import check_output, run
|
||||
|
||||
|
||||
DOMAIN = '${domain}'
|
||||
|
||||
# <%text>
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
files['/etc/proftpd/proftpd.conf'] = {
|
||||
'source': f'{node.name}.conf',
|
||||
'triggers': {
|
||||
'svc_systemd:proftpd:restart',
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd['proftpd'] = {
|
||||
'needs': {
|
||||
'file:/etc/proftpd/proftpd.conf',
|
||||
'pkg_apt:proftpd-core',
|
||||
},
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
from bundlewrap.metadata import atomic
|
||||
|
||||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'proftpd-core': {},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'firewall/port_rules',
|
||||
)
|
||||
def firewall(metadata):
|
||||
sources = atomic(metadata.get('mosquitto/restrict-to', set()))
|
||||
|
||||
return {
|
||||
'firewall': {
|
||||
'port_rules': {
|
||||
'20/tcp': sources,
|
||||
'21/tcp': sources,
|
||||
'49152-50192/tcp': sources,
|
||||
},
|
||||
},
|
||||
}
|
|
@ -48,4 +48,3 @@ tcp-keepalive 0
|
|||
timeout 0
|
||||
zset-max-ziplist-entries 128
|
||||
zset-max-ziplist-value 64
|
||||
protected-mode no
|
||||
|
|
|
@ -2,6 +2,7 @@ import re
|
|||
from json import load
|
||||
from os.path import join
|
||||
|
||||
|
||||
with open(join(repo.path, 'configs', 'netbox', f'{node.name}.json')) as f:
|
||||
netbox = load(f)
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
reporting {
|
||||
enabled = true;
|
||||
email = 'devnull@${node.metadata.get('postfix/myhostname')}';
|
||||
domain = '${node.metadata.get('postfix/myhostname')}';
|
||||
email = 'dmarc+${node.name.replace('.', '-')}@kunbox.net';
|
||||
domain = '${node.metadata.get('hostname')}';
|
||||
org_name = 'kunbox.net';
|
||||
smtp = '127.0.0.1';
|
||||
smtp_port = 25;
|
||||
|
|
|
@ -6,11 +6,6 @@ defaults = {
|
|||
'rsyslog': {},
|
||||
},
|
||||
},
|
||||
'backups': {
|
||||
'paths': {
|
||||
'/var/log/rsyslog',
|
||||
},
|
||||
},
|
||||
'icinga2_api': {
|
||||
'rsyslog': {
|
||||
'services': {
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
[Service]
|
||||
RestartSec=10
|
||||
Restart=on-failure
|
|
@ -1,39 +0,0 @@
|
|||
[global]
|
||||
workgroup = KUNBOX
|
||||
server string = ${node.name} samba
|
||||
dns proxy = no
|
||||
max log size = 1000
|
||||
syslog = 1
|
||||
syslog only = 1
|
||||
panic action = /usr/share/samba/panic-action %d
|
||||
encrypt passwords = true
|
||||
passdb backend = tdbsam
|
||||
obey pam restrictions = yes
|
||||
map to guest = bad user
|
||||
load printers = no
|
||||
usershare allow guests = yes
|
||||
allow insecure wide links = yes
|
||||
% for name, opts in sorted(node.metadata.get('samba/shares', {}).items()):
|
||||
|
||||
[${name}]
|
||||
browseable = yes
|
||||
comment = ${opts.get('comment', f'share of {opts["path"]}')}
|
||||
fake oplocks = yes
|
||||
force group = ${opts.get('force_group', 'nogroup')}
|
||||
force user = ${opts.get('force_user', 'nobody')}
|
||||
% if opts.get('guest_ok', True):
|
||||
guest ok = yes
|
||||
% else:
|
||||
guest ok = no
|
||||
% endif
|
||||
locking = no
|
||||
path = ${opts['path']}
|
||||
printable = no
|
||||
read only = no
|
||||
vfs objects = catia fruit
|
||||
writable = ${'yes' if opts.get('writable', False) else 'no'}
|
||||
% if opts.get('follow_symlinks', True):
|
||||
follow symlinks = yes
|
||||
wide links = yes
|
||||
% endif
|
||||
% endfor
|
|
@ -1,59 +0,0 @@
|
|||
svc_systemd = {
|
||||
'nmbd': {
|
||||
'needs': {
|
||||
'pkg_apt:samba',
|
||||
},
|
||||
},
|
||||
'smbd': {
|
||||
'needs': {
|
||||
'pkg_apt:samba',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
files = {
|
||||
'/etc/samba/smb.conf': {
|
||||
'content_type': 'mako',
|
||||
'triggers': {
|
||||
'svc_systemd:nmbd:restart',
|
||||
'svc_systemd:smbd:restart',
|
||||
},
|
||||
},
|
||||
'/etc/systemd/system/nmbd.service.d/bundlewrap.conf': {
|
||||
'source': 'override.conf',
|
||||
'triggers': {
|
||||
'action:systemd-reload',
|
||||
'svc_systemd:nmbd:restart',
|
||||
},
|
||||
},
|
||||
'/etc/systemd/system/smbd.service.d/bundlewrap.conf': {
|
||||
'source': 'override.conf',
|
||||
'triggers': {
|
||||
'action:systemd-reload',
|
||||
'svc_systemd:smbd:restart',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
last_action = set()
|
||||
for user, uconfig in node.metadata.get('users', {}).items():
|
||||
if (
|
||||
'password' not in uconfig
|
||||
or uconfig.get('delete')
|
||||
or user in ('root',)
|
||||
):
|
||||
continue
|
||||
|
||||
actions[f'smbpasswd_for_user_{user}'] = {
|
||||
'command': f'smbpasswd -a -s {user}',
|
||||
'unless': f'pdbedit -L | grep -E "^{user}:"',
|
||||
'data_stdin': uconfig['password'] + '\n' + uconfig['password'],
|
||||
'needs': {
|
||||
'pkg_apt:samba',
|
||||
f'user:{user}',
|
||||
},
|
||||
'after': last_action,
|
||||
}
|
||||
last_action = {
|
||||
f'action:smbpasswd_for_user_{user}',
|
||||
}
|
|
@ -1,26 +0,0 @@
|
|||
from bundlewrap.metadata import atomic
|
||||
|
||||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'samba': {},
|
||||
'samba-vfs-modules': {},
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'firewall/port_rules',
|
||||
)
|
||||
def firewall(metadata):
|
||||
return {
|
||||
'firewall': {
|
||||
'port_rules': {
|
||||
'137/udp': atomic(metadata.get('samba/restrict-to', set())),
|
||||
'138/udp': atomic(metadata.get('samba/restrict-to', set())),
|
||||
'139/tcp': atomic(metadata.get('samba/restrict-to', set())),
|
||||
'445/tcp': atomic(metadata.get('samba/restrict-to', set())),
|
||||
},
|
||||
},
|
||||
}
|
21
bundles/scansnap/files/ocr.sh
Normal file
21
bundles/scansnap/files/ocr.sh
Normal file
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
DATE=$(date +%F_%H-%M-%S)
|
||||
|
||||
cd "$1"
|
||||
|
||||
convert *.tiff no_ocr.pdf
|
||||
ocrmypdf -l deu no_ocr.pdf has_ocr.pdf
|
||||
|
||||
rm -f *.tiff
|
||||
rm -f no_ocr.pdf
|
||||
|
||||
chown nobody:nogroup has_ocr.pdf
|
||||
|
||||
mv has_ocr.pdf "/srv/scansnap/${DATE}.pdf"
|
||||
|
||||
cd /
|
||||
|
||||
rm -r "$1"
|
9
bundles/scansnap/files/scan.sh
Normal file
9
bundles/scansnap/files/scan.sh
Normal file
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
OUTFILE=$(mktemp -d)
|
||||
|
||||
scanimage --source 'ADF Duplex' --format tiff --mode Color --brightness 23 --resolution 300 --page-width 210 --page-height 297.3 -x 210 -y 297.3 --batch=${OUTFILE}/p%04d.tiff
|
||||
|
||||
/etc/scanbd/scripts/ocr.sh "$OUTFILE" &
|
52
bundles/scansnap/files/scanbd.conf
Normal file
52
bundles/scansnap/files/scanbd.conf
Normal file
|
@ -0,0 +1,52 @@
|
|||
global {
|
||||
debug = true
|
||||
debug-level = 2
|
||||
|
||||
user = saned
|
||||
group = scanner
|
||||
|
||||
saned = "/usr/sbin/saned"
|
||||
saned_opt = {}
|
||||
saned_env = { "SANE_CONFIG_DIR=/etc/scanbd" }
|
||||
|
||||
scriptdir = /etc/scanbd/scripts
|
||||
|
||||
timeout = 500
|
||||
|
||||
pidfile = "/var/run/scanbd.pid"
|
||||
|
||||
environment {
|
||||
device = "SCANBD_DEVICE"
|
||||
action = "SCANBD_ACTION"
|
||||
}
|
||||
|
||||
function function_knob {
|
||||
filter = "^message.*"
|
||||
desc = "The value of the function knob / wheel / selector"
|
||||
env = "SCANBD_FUNCTION"
|
||||
}
|
||||
function function_mode {
|
||||
filter = "^mode.*"
|
||||
desc = "Color mode"
|
||||
env = "SCANBD_FUNCTION_MODE"
|
||||
}
|
||||
|
||||
multiple_actions = false
|
||||
action scan {
|
||||
filter = "^scan.*"
|
||||
numerical-trigger {
|
||||
from-value = 0
|
||||
to-value = 1
|
||||
}
|
||||
desc = "Scan to file"
|
||||
script = "scan.sh"
|
||||
}
|
||||
}
|
||||
|
||||
include(scanner.d/avision.conf)
|
||||
include(scanner.d/fujitsu.conf)
|
||||
include(scanner.d/hp.conf)
|
||||
include(scanner.d/pixma.conf)
|
||||
include(scanner.d/snapscan.conf)
|
||||
include(scanner.d/canon.conf)
|
||||
include(scanner.d/plustek.conf)
|
39
bundles/scansnap/items.py
Normal file
39
bundles/scansnap/items.py
Normal file
|
@ -0,0 +1,39 @@
|
|||
directories = {
|
||||
'/etc/scanbd/scripts': {
|
||||
'purge': True,
|
||||
},
|
||||
'/srv/scansnap': {
|
||||
'owner': 'nobody',
|
||||
'group': 'nogroup',
|
||||
},
|
||||
}
|
||||
|
||||
files = {
|
||||
'/etc/scanbd/scanbd.conf': {
|
||||
'triggers': {
|
||||
'svc_systemd:scanbd:restart',
|
||||
},
|
||||
},
|
||||
'/etc/scanbd/scripts/ocr.sh': {
|
||||
'mode': '0755',
|
||||
'needs': {
|
||||
'directory:/srv/scansnap',
|
||||
},
|
||||
},
|
||||
'/etc/scanbd/scripts/scan.sh': {
|
||||
'mode': '0755',
|
||||
'needs': {
|
||||
'directory:/srv/scansnap',
|
||||
'file:/etc/scanbd/scripts/ocr.sh',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd = {
|
||||
'scanbd': {
|
||||
'needs': {
|
||||
'file:/etc/scanbd/scanbd.conf',
|
||||
'pkg_apt:scanbd',
|
||||
},
|
||||
},
|
||||
}
|
22
bundles/scansnap/metadata.py
Normal file
22
bundles/scansnap/metadata.py
Normal file
|
@ -0,0 +1,22 @@
|
|||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'sane-utils': {},
|
||||
'scanbd': {},
|
||||
'imagemagick': {},
|
||||
'ocrmypdf': {},
|
||||
'tesseract-ocr-deu': {},
|
||||
},
|
||||
},
|
||||
'backups': {
|
||||
'paths': {
|
||||
'/srv/scansnap',
|
||||
},
|
||||
},
|
||||
'cron': {
|
||||
'jobs': {
|
||||
# Automatically remove files which are older than 14 days
|
||||
'scansnap_cleanup': '00 00 * * * root /usr/bin/find /srv/scansnap/ -mindepth 1 -mtime +14 -delete',
|
||||
},
|
||||
},
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
[Unit]
|
||||
Description=SDM630 stats printout
|
||||
Conflicts=getty@tty1.service
|
||||
After=systemd-user-sessions.service getty@tty1.service plymouth-quit.service
|
||||
|
||||
[Service]
|
||||
User=sdm630_mqtt
|
||||
Group=sdm630_mqtt
|
||||
ExecStart=/opt/sdm630_mqtt/venv/bin/python printout.py /opt/sdm630_mqtt/config.toml
|
||||
WorkingDirectory=/opt/sdm630_mqtt/src
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
StandardInput=tty
|
||||
StandardOutput=tty
|
||||
StandardError=journal
|
||||
TTYPath=/dev/tty1
|
||||
TTYReset=yes
|
||||
TTYVHangup=yes
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,14 +0,0 @@
|
|||
[Unit]
|
||||
Description=SDM630-to-MQTT bridge
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=sdm630_mqtt
|
||||
Group=sdm630_mqtt
|
||||
ExecStart=/opt/sdm630_mqtt/venv/bin/python sdm630_mqtt.py /opt/sdm630_mqtt/config.toml
|
||||
WorkingDirectory=/opt/sdm630_mqtt/src
|
||||
Restart=always
|
||||
RestartSec=1
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,76 +0,0 @@
|
|||
directories['/opt/sdm630_mqtt/src'] = {}
|
||||
|
||||
git_deploy['/opt/sdm630_mqtt/src'] = {
|
||||
'repo': 'https://git.franzi.business/kunsi/sdm630_mqtt.git',
|
||||
'rev': 'main',
|
||||
'triggers': {
|
||||
'action:sdm630_mqtt_install_deps',
|
||||
},
|
||||
}
|
||||
|
||||
actions['sdm630_mqtt_create_virtualenv'] = {
|
||||
'command': 'python3 -m virtualenv /opt/sdm630_mqtt/venv',
|
||||
'unless': 'test -x /opt/sdm630_mqtt/venv/bin/python3',
|
||||
'needs': {
|
||||
'directory:/opt/sdm630_mqtt/src',
|
||||
},
|
||||
}
|
||||
|
||||
actions['sdm630_mqtt_install_deps'] = {
|
||||
'command': 'cd /opt/sdm630_mqtt/src && /opt/sdm630_mqtt/venv/bin/pip install -r requirements.txt',
|
||||
'triggered': True,
|
||||
'needs': {
|
||||
'action:sdm630_mqtt_create_virtualenv',
|
||||
},
|
||||
}
|
||||
|
||||
users['sdm630_mqtt'] = {
|
||||
'home': '/opt/sdm630_mqtt',
|
||||
}
|
||||
|
||||
files['/opt/sdm630_mqtt/config.toml'] = {
|
||||
'content': repo.libs.faults.dict_as_toml(node.metadata.get('sdm630_mqtt/config')),
|
||||
'triggers': set(),
|
||||
}
|
||||
|
||||
if node.has_bundle('telegraf'):
|
||||
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:telegraf:restart')
|
||||
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:telegraf:restart')
|
||||
|
||||
if node.metadata.get('sdm630_mqtt/enable_stats_collection', True):
|
||||
files['/usr/local/lib/systemd/system/sdm630_to_mqtt.service'] = {
|
||||
'triggers': {
|
||||
'action:systemd-reload',
|
||||
'svc_systemd:sdm630_to_mqtt:restart',
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd['sdm630_to_mqtt'] = {
|
||||
'needs': {
|
||||
'git_deploy:/opt/sdm630_mqtt/src',
|
||||
'action:sdm630_mqtt_install_deps',
|
||||
'file:/usr/local/lib/systemd/system/sdm630_to_mqtt.service',
|
||||
},
|
||||
}
|
||||
|
||||
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
|
||||
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
|
||||
|
||||
if node.metadata.get('sdm630_mqtt/enable_local_printout', False):
|
||||
files['/usr/local/lib/systemd/system/sdm630_printout.service'] = {
|
||||
'triggers': {
|
||||
'action:systemd-reload',
|
||||
'svc_systemd:sdm630_printout:restart',
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd['sdm630_printout'] = {
|
||||
'needs': {
|
||||
'git_deploy:/opt/sdm630_mqtt/src',
|
||||
'action:sdm630_mqtt_install_deps',
|
||||
'file:/usr/local/lib/systemd/system/sdm630_printout.service',
|
||||
},
|
||||
}
|
||||
|
||||
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_printout:restart')
|
||||
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_printout:restart')
|
|
@ -1,38 +0,0 @@
|
|||
defaults = {
|
||||
'sdm630_mqtt': {
|
||||
'config': {
|
||||
'modbus': {
|
||||
'host': '127.0.0.1',
|
||||
'port': 501,
|
||||
'unit_id': 1,
|
||||
},
|
||||
'mqtt': {
|
||||
'prefix': 'sdm630',
|
||||
'host': '127.0.0.1',
|
||||
'port': 1883,
|
||||
},
|
||||
'printout': {
|
||||
'title': 'SDM630',
|
||||
},
|
||||
'telegraf': {
|
||||
'identifier': 'unknown',
|
||||
},
|
||||
},
|
||||
},
|
||||
'telegraf': {
|
||||
'input_plugins': {
|
||||
'execd': {
|
||||
'sdm630_mqtt': {
|
||||
'command': [
|
||||
'/opt/sdm630_mqtt/venv/bin/python',
|
||||
'/opt/sdm630_mqtt/src/telegraf.py',
|
||||
'/opt/sdm630_mqtt/config.toml',
|
||||
],
|
||||
'signal': 'none',
|
||||
'restart_delay': '1s',
|
||||
'data_format': 'influx',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
|
@ -43,6 +43,30 @@ if node.has_bundle('telegraf'):
|
|||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'smartd/disks',
|
||||
)
|
||||
def zfs_disks_to_metadata(metadata):
|
||||
disks = set()
|
||||
|
||||
for config in metadata.get('zfs/pools', {}).values():
|
||||
for option in config['when_creating']['config']:
|
||||
if option.get('type', '') in {'log', 'cache'}:
|
||||
continue
|
||||
|
||||
for disk in option['devices']:
|
||||
if search(r'p([0-9]+)$', disk) or disk.startswith('/dev/mapper/'):
|
||||
continue
|
||||
|
||||
disks.add(disk)
|
||||
|
||||
return {
|
||||
'smartd': {
|
||||
'disks': disks,
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'icinga2_api/smartd/services',
|
||||
)
|
||||
|
|
|
@ -4,30 +4,27 @@ from re import findall
|
|||
from subprocess import check_output
|
||||
from sys import exit
|
||||
|
||||
ITERATIONS = 10
|
||||
|
||||
try:
|
||||
top_output = None
|
||||
|
||||
top_output = check_output(rf"top -b -n{ITERATIONS} -d1 | grep -i '^%cpu'", shell=True).decode('UTF-8')
|
||||
for line in check_output(['top', '-b', '-n1', '-d1']).decode('UTF-8').splitlines():
|
||||
if line.lower().strip().startswith('%cpu'):
|
||||
top_output = line.lower().split(':', 2)[1]
|
||||
break
|
||||
|
||||
if not top_output:
|
||||
print('%cpu not found in top output')
|
||||
exit(3)
|
||||
|
||||
cpu_usage = {}
|
||||
for value, identifier in findall(r'([0-9\.\,]{3,5}) ([a-z]{2})', top_output):
|
||||
if identifier not in cpu_usage:
|
||||
cpu_usage[identifier] = 0.0
|
||||
cpu_usage[identifier] += float(value.replace(',', '.'))
|
||||
|
||||
output = []
|
||||
for identifier, value_added in cpu_usage.items():
|
||||
value = value_added / ITERATIONS
|
||||
output.append(f"{value:.2f} {identifier}")
|
||||
cpu_usage[identifier] = value
|
||||
|
||||
print(f"Average over {ITERATIONS} seconds: " + ", ".join(output))
|
||||
for value, identifier in findall('([0-9\.\,]{3,5}) ([a-z]{2})', top_output):
|
||||
cpu_usage[identifier] = float(value.replace(',', '.'))
|
||||
|
||||
warn = set()
|
||||
crit = set()
|
||||
|
||||
print(top_output)
|
||||
|
||||
# steal
|
||||
if cpu_usage['st'] > 10:
|
||||
crit.add('CPU steal is {}% (>10%)'.format(cpu_usage['st']))
|
||||
|
|
|
@ -21,9 +21,7 @@ case "$issuer_hash" in
|
|||
# 8d33f237: issuer=C = US, O = Let's Encrypt, CN = R3
|
||||
# 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5
|
||||
# 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6
|
||||
# 31dfb39d: issuer=C = US, O = Let's Encrypt, CN = R11
|
||||
# aa578057: issuer=C = US, O = Let's Encrypt, CN = R10
|
||||
4f06f81d|8d33f237|462422cf|9aad238c|31dfb39d|aa578057)
|
||||
4f06f81d|8d33f237|462422cf|9aad238c)
|
||||
warn_days=10
|
||||
crit_days=3
|
||||
;;
|
||||
|
|
|
@ -19,8 +19,6 @@ defaults = {
|
|||
'services': {
|
||||
'CPU': {
|
||||
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_cpu_stats',
|
||||
# takes samples over 10 seconds
|
||||
'vars.sshmon_timeout': 20
|
||||
},
|
||||
'LOAD': {
|
||||
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_load -r -w 4,2,1 -c 8,4,2',
|
||||
|
|
|
@ -3,6 +3,3 @@ Name=${' '.join(sorted(match))}
|
|||
|
||||
[Network]
|
||||
Bridge=${bridge}
|
||||
|
||||
[Link]
|
||||
ActivationPolicy=always-up
|
||||
|
|
|
@ -4,9 +4,6 @@ defaults = {
|
|||
'isc-dhcp-client': {
|
||||
'installed': False,
|
||||
},
|
||||
'network-manager': {
|
||||
'installed': False,
|
||||
},
|
||||
'resolvconf': {
|
||||
'installed': False,
|
||||
},
|
||||
|
|
|
@ -11,19 +11,7 @@ telegraf_config = {
|
|||
'quiet': False,
|
||||
'round_interval': False,
|
||||
},
|
||||
'outputs': {
|
||||
'influxdb_v2': [{
|
||||
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
|
||||
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
|
||||
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
|
||||
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
|
||||
}],
|
||||
},
|
||||
'inputs': {},
|
||||
}
|
||||
|
||||
if node.metadata.get('telegraf/collect_default_metrics', True):
|
||||
telegraf_config['inputs'] = {
|
||||
'inputs': {
|
||||
'cpu': [{
|
||||
'percpu': False,
|
||||
'totalcpu': True,
|
||||
|
@ -55,9 +43,17 @@ if node.metadata.get('telegraf/collect_default_metrics', True):
|
|||
'nstat': [{}],
|
||||
'processes': [{}],
|
||||
'system': [{}],
|
||||
}
|
||||
|
||||
telegraf_config['inputs'].update(node.metadata.get('telegraf/input_plugins/builtin', {}))
|
||||
**node.metadata.get('telegraf/input_plugins/builtin', {}),
|
||||
},
|
||||
'outputs': {
|
||||
'influxdb_v2': [{
|
||||
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
|
||||
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
|
||||
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
|
||||
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
|
||||
}],
|
||||
},
|
||||
}
|
||||
|
||||
# Bundlewrap can't merge lists. To work around this, telegraf/input_plugins/exec(d)
|
||||
# is a dict, of which we only use the value of it. This also allows us
|
||||
|
|
|
@ -170,7 +170,7 @@ def scrub_timer(metadata):
|
|||
'systemd-timers': {
|
||||
'timers': {
|
||||
'zfs-scrub': {
|
||||
'when': metadata.get('zfs/scrub_when', 'Sun 02:00:00 UTC'),
|
||||
'when': 'Sun 02:00:00 UTC',
|
||||
'command': scrubs,
|
||||
},
|
||||
},
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
109.237.176.0/20
|
||||
109.72.116.0/24
|
||||
116.50.16.0/21
|
||||
128.65.164.0/22
|
||||
129.181.208.0/21
|
||||
129.181.216.0/22
|
||||
137.170.112.0/24
|
||||
|
@ -17,12 +15,13 @@
|
|||
139.12.4.0/24
|
||||
141.169.240.0/20
|
||||
141.77.0.0/16
|
||||
141.98.44.0/24
|
||||
143.99.213.0/24
|
||||
145.225.16.0/23
|
||||
146.247.58.0/24
|
||||
147.136.84.0/22
|
||||
147.161.22.0/24
|
||||
147.78.17.0/24
|
||||
147.79.8.0/21
|
||||
149.208.250.0/23
|
||||
149.208.252.0/24
|
||||
149.208.253.0/24
|
||||
|
@ -35,7 +34,6 @@
|
|||
149.249.244.0/22
|
||||
149.249.244.0/23
|
||||
149.249.246.0/23
|
||||
153.17.244.8/29
|
||||
153.17.249.0/24
|
||||
153.17.250.0/24
|
||||
153.17.251.0/24
|
||||
|
@ -48,11 +46,7 @@
|
|||
153.97.32.0/24
|
||||
158.116.231.0/24
|
||||
160.211.126.0/24
|
||||
163.5.156.0/24
|
||||
163.5.170.0/24
|
||||
163.5.186.0/24
|
||||
163.5.220.0/24
|
||||
163.5.66.0/24
|
||||
163.5.168.0/24
|
||||
164.133.10.0/24
|
||||
164.133.11.0/24
|
||||
164.133.150.0/24
|
||||
|
@ -66,9 +60,11 @@
|
|||
168.199.192.0/22
|
||||
168.199.212.0/22
|
||||
170.237.92.0/23
|
||||
171.25.178.0/24
|
||||
176.221.24.0/24
|
||||
176.221.25.0/24
|
||||
176.53.136.0/24
|
||||
176.53.137.0/24
|
||||
176.57.59.0/24
|
||||
185.100.160.0/22
|
||||
185.101.244.0/23
|
||||
185.101.246.0/23
|
||||
|
@ -80,38 +76,45 @@
|
|||
185.131.239.0/24
|
||||
185.133.12.0/22
|
||||
185.136.115.0/24
|
||||
185.149.25.0/24
|
||||
185.149.26.0/24
|
||||
185.149.27.0/24
|
||||
185.149.52.0/24
|
||||
185.157.101.0/24
|
||||
185.161.176.0/22
|
||||
185.162.72.0/23
|
||||
185.163.76.0/24
|
||||
185.163.77.0/24
|
||||
185.163.78.0/24
|
||||
185.163.79.0/24
|
||||
185.172.38.0/24
|
||||
185.172.39.0/24
|
||||
185.180.224.0/24
|
||||
185.183.212.0/23
|
||||
185.183.214.0/23
|
||||
185.188.64.0/24
|
||||
185.195.239.0/24
|
||||
185.198.13.0/24
|
||||
185.202.32.0/21
|
||||
185.203.148.0/22
|
||||
185.207.46.0/24
|
||||
185.21.247.0/24
|
||||
185.235.71.0/24
|
||||
185.237.0.0/24
|
||||
185.237.1.0/24
|
||||
185.237.2.0/24
|
||||
185.240.85.0/24
|
||||
185.242.224.0/24
|
||||
185.243.44.0/22
|
||||
185.243.44.0/24
|
||||
185.243.45.0/24
|
||||
185.243.46.0/24
|
||||
185.243.47.0/24
|
||||
185.250.42.0/23
|
||||
185.28.208.0/22
|
||||
185.39.12.0/22
|
||||
185.48.0.0/22
|
||||
185.57.231.0/24
|
||||
185.57.24.0/24
|
||||
185.82.160.0/23
|
||||
188.214.139.0/24
|
||||
185.91.204.0/22
|
||||
192.109.121.0/24
|
||||
192.109.122.0/24
|
||||
192.109.124.0/24
|
||||
|
@ -173,6 +176,7 @@
|
|||
193.110.102.0/23
|
||||
193.110.102.0/24
|
||||
193.110.103.0/24
|
||||
193.124.35.0/24
|
||||
193.138.91.0/24
|
||||
193.141.143.0/24
|
||||
193.141.180.0/23
|
||||
|
@ -239,6 +243,7 @@
|
|||
193.41.10.0/23
|
||||
193.47.164.0/24
|
||||
193.53.93.0/24
|
||||
193.56.21.0/24
|
||||
193.58.253.0/24
|
||||
193.84.136.0/22
|
||||
193.96.230.0/24
|
||||
|
@ -248,7 +253,6 @@
|
|||
193.98.224.0/24
|
||||
193.99.96.0/20
|
||||
194.0.151.0/24
|
||||
194.0.232.0/24
|
||||
194.110.133.0/24
|
||||
194.113.160.0/22
|
||||
194.113.20.0/23
|
||||
|
@ -291,13 +295,6 @@
|
|||
194.15.64.0/21
|
||||
194.15.72.0/22
|
||||
194.150.228.0/23
|
||||
194.152.128.0/24
|
||||
194.152.129.0/24
|
||||
194.152.132.0/24
|
||||
194.152.141.0/24
|
||||
194.152.142.0/24
|
||||
194.152.154.0/24
|
||||
194.152.155.0/24
|
||||
194.153.86.0/24
|
||||
194.156.128.0/22
|
||||
194.156.148.0/24
|
||||
|
@ -340,20 +337,26 @@
|
|||
194.39.63.0/24
|
||||
194.39.88.0/21
|
||||
194.39.97.0/24
|
||||
194.45.144.0/21
|
||||
194.49.110.0/24
|
||||
194.49.117.0/24
|
||||
194.49.118.0/23
|
||||
194.49.125.0/24
|
||||
194.49.48.0/24
|
||||
194.49.54.0/24
|
||||
194.49.72.0/24
|
||||
194.49.73.0/24
|
||||
194.49.74.0/23
|
||||
194.49.85.0/24
|
||||
194.55.158.0/24
|
||||
194.55.180.0/24
|
||||
194.55.183.0/24
|
||||
194.55.192.0/19
|
||||
194.55.63.0/24
|
||||
194.55.64.0/20
|
||||
194.55.87.0/24
|
||||
194.58.40.0/24
|
||||
194.58.56.0/23
|
||||
194.59.143.0/24
|
||||
194.59.150.0/24
|
||||
194.59.151.0/24
|
||||
|
@ -379,22 +382,34 @@
|
|||
194.76.52.0/24
|
||||
194.77.41.0/24
|
||||
194.77.42.0/24
|
||||
194.85.248.0/24
|
||||
194.85.251.0/24
|
||||
194.87.10.0/24
|
||||
194.87.17.0/24
|
||||
194.87.255.0/24
|
||||
194.87.77.0/24
|
||||
194.88.112.0/20
|
||||
194.88.16.0/21
|
||||
194.88.24.0/23
|
||||
194.88.26.0/24
|
||||
194.88.28.0/23
|
||||
194.88.96.0/21
|
||||
194.99.118.0/24
|
||||
194.99.34.0/24
|
||||
194.99.76.0/23
|
||||
194.99.83.0/24
|
||||
194.99.92.0/22
|
||||
195.133.20.0/24
|
||||
195.133.64.0/22
|
||||
195.133.7.0/24
|
||||
195.133.76.0/24
|
||||
195.137.216.0/23
|
||||
195.138.223.0/24
|
||||
195.144.15.0/24
|
||||
195.145.0.0/16
|
||||
195.149.79.0/24
|
||||
195.160.248.0/22
|
||||
195.178.132.0/22
|
||||
195.190.2.0/24
|
||||
195.192.254.0/24
|
||||
195.200.207.0/24
|
||||
|
@ -421,14 +436,12 @@
|
|||
198.40.90.0/24
|
||||
198.57.10.0/24
|
||||
2.160.0.0/12
|
||||
2.58.100.0/24
|
||||
2.58.102.0/24
|
||||
204.52.120.0/24
|
||||
204.52.121.0/24
|
||||
204.69.32.0/24
|
||||
205.142.63.0/24
|
||||
212.184.0.0/15
|
||||
212.185.0.0/16
|
||||
212.87.217.0/24
|
||||
213.145.90.0/23
|
||||
213.145.92.0/23
|
||||
213.173.0.0/19
|
||||
|
@ -437,7 +450,6 @@
|
|||
213.209.156.0/24
|
||||
217.0.0.0/13
|
||||
217.117.96.0/24
|
||||
217.198.189.0/24
|
||||
217.224.0.0/11
|
||||
217.24.32.0/20
|
||||
217.24.33.0/24
|
||||
|
@ -447,21 +459,35 @@
|
|||
31.224.0.0/11
|
||||
31.6.56.0/23
|
||||
37.143.0.0/22
|
||||
37.230.56.0/24
|
||||
37.230.57.0/24
|
||||
37.230.58.0/23
|
||||
37.230.60.0/24
|
||||
37.230.63.0/24
|
||||
37.46.11.0/24
|
||||
37.50.0.0/15
|
||||
37.80.0.0/12
|
||||
45.128.14.0/23
|
||||
45.132.217.0/24
|
||||
45.132.80.0/22
|
||||
45.141.54.0/24
|
||||
45.145.16.0/24
|
||||
45.140.208.0/24
|
||||
45.141.130.0/24
|
||||
45.142.236.0/24
|
||||
45.145.241.0/24
|
||||
45.145.243.0/24
|
||||
45.147.227.0/24
|
||||
45.155.77.0/24
|
||||
45.81.255.0/24
|
||||
45.83.136.0/22
|
||||
45.84.214.0/24
|
||||
45.93.186.0/23
|
||||
46.20.216.0/21
|
||||
46.250.224.0/21
|
||||
46.250.232.0/21
|
||||
46.78.0.0/15
|
||||
46.80.0.0/12
|
||||
5.10.208.0/24
|
||||
5.10.209.0/24
|
||||
5.10.220.0/24
|
||||
5.133.112.0/24
|
||||
5.249.188.0/22
|
||||
5.35.192.0/21
|
||||
|
@ -477,11 +503,14 @@
|
|||
64.137.119.0/24
|
||||
64.137.125.0/24
|
||||
64.137.127.0/24
|
||||
77.242.149.0/24
|
||||
77.47.152.0/22
|
||||
77.83.136.0/23
|
||||
77.83.138.0/23
|
||||
77.83.32.0/22
|
||||
77.90.156.0/24
|
||||
77.90.184.0/24
|
||||
79.139.52.0/22
|
||||
79.192.0.0/10
|
||||
80.128.0.0/11
|
||||
80.128.0.0/12
|
||||
|
@ -493,47 +522,38 @@
|
|||
80.157.8.0/21
|
||||
80.187.0.0/16
|
||||
80.187.160.0/20
|
||||
80.244.13.0/24
|
||||
80.64.240.0/22
|
||||
80.71.231.0/24
|
||||
80.71.233.0/24
|
||||
80.71.235.0/24
|
||||
80.71.236.0/24
|
||||
80.71.238.0/24
|
||||
80.83.80.0/21
|
||||
81.201.32.0/20
|
||||
81.31.210.0/23
|
||||
82.163.104.0/21
|
||||
81.30.96.0/20
|
||||
82.152.178.0/24
|
||||
82.163.60.0/22
|
||||
82.206.32.0/21
|
||||
82.206.40.0/21
|
||||
82.206.48.0/21
|
||||
82.215.70.0/24
|
||||
83.136.208.0/22
|
||||
83.147.36.0/22
|
||||
83.243.48.0/21
|
||||
84.128.0.0/10
|
||||
84.234.16.0/20
|
||||
84.246.108.0/24
|
||||
84.32.108.0/22
|
||||
84.32.48.0/22
|
||||
84.55.0.0/24
|
||||
84.55.1.0/24
|
||||
84.55.2.0/24
|
||||
84.55.3.0/24
|
||||
84.55.4.0/24
|
||||
84.55.5.0/24
|
||||
84.55.6.0/24
|
||||
84.55.7.0/24
|
||||
85.116.28.0/24
|
||||
85.116.29.0/24
|
||||
85.116.30.0/24
|
||||
85.116.31.0/24
|
||||
85.119.160.0/23
|
||||
85.204.181.0/24
|
||||
85.204.160.0/22
|
||||
85.208.248.0/24
|
||||
85.208.249.0/24
|
||||
85.208.250.0/24
|
||||
85.208.251.0/24
|
||||
86.105.211.0/24
|
||||
86.107.164.0/24
|
||||
85.237.76.0/22
|
||||
86.38.248.0/21
|
||||
86.38.37.0/24
|
||||
87.128.0.0/10
|
||||
|
@ -544,40 +564,10 @@
|
|||
88.216.60.0/22
|
||||
89.116.64.0/22
|
||||
89.213.186.0/23
|
||||
89.39.97.0/24
|
||||
89.35.127.0/24
|
||||
89.43.34.0/24
|
||||
91.0.0.0/10
|
||||
91.103.240.0/21
|
||||
91.124.135.0/24
|
||||
91.124.19.0/24
|
||||
91.124.20.0/24
|
||||
91.124.21.0/24
|
||||
91.124.22.0/24
|
||||
91.124.23.0/24
|
||||
91.124.24.0/24
|
||||
91.124.26.0/24
|
||||
91.124.27.0/24
|
||||
91.124.28.0/24
|
||||
91.124.31.0/24
|
||||
91.124.32.0/24
|
||||
91.124.33.0/24
|
||||
91.124.34.0/24
|
||||
91.124.36.0/24
|
||||
91.124.37.0/24
|
||||
91.124.38.0/24
|
||||
91.124.39.0/24
|
||||
91.124.40.0/24
|
||||
91.124.41.0/24
|
||||
91.124.42.0/24
|
||||
91.124.43.0/24
|
||||
91.124.44.0/24
|
||||
91.124.45.0/24
|
||||
91.124.46.0/24
|
||||
91.124.47.0/24
|
||||
91.124.50.0/24
|
||||
91.124.51.0/24
|
||||
91.124.6.0/24
|
||||
91.124.7.0/24
|
||||
91.189.192.0/21
|
||||
91.194.232.0/23
|
||||
91.198.113.0/24
|
||||
|
@ -602,40 +592,19 @@
|
|||
91.216.242.0/24
|
||||
91.216.45.0/24
|
||||
91.217.214.0/24
|
||||
91.221.12.0/23
|
||||
91.222.232.0/22
|
||||
91.227.98.0/23
|
||||
91.232.136.0/22
|
||||
91.232.54.0/24
|
||||
92.112.128.0/24
|
||||
92.112.155.0/24
|
||||
92.112.157.0/24
|
||||
92.112.16.0/22
|
||||
92.112.160.0/24
|
||||
92.112.162.0/24
|
||||
92.112.165.0/24
|
||||
92.112.167.0/24
|
||||
92.112.20.0/22
|
||||
92.112.48.0/24
|
||||
92.112.49.0/24
|
||||
92.112.52.0/24
|
||||
92.112.54.0/24
|
||||
92.112.59.0/24
|
||||
92.112.63.0/24
|
||||
92.112.64.0/24
|
||||
92.112.67.0/24
|
||||
92.112.79.0/24
|
||||
92.112.81.0/24
|
||||
92.112.83.0/24
|
||||
92.112.94.0/24
|
||||
92.114.44.0/22
|
||||
92.119.164.0/22
|
||||
92.119.208.0/24
|
||||
92.119.209.0/24
|
||||
92.119.210.0/24
|
||||
92.119.211.0/24
|
||||
93.113.70.0/24
|
||||
93.119.201.0/24
|
||||
93.119.184.0/21
|
||||
93.192.0.0/10
|
||||
93.95.119.0/24
|
||||
94.126.98.0/24
|
||||
94.26.110.0/23
|
||||
94.26.64.0/23
|
||||
|
@ -651,6 +620,7 @@
|
|||
2001:678:b38::/48
|
||||
2001:678:bdc::/48
|
||||
2001:678:d4c::/48
|
||||
2001:678:e9c::/48
|
||||
2001:678:ff0::/48
|
||||
2001:67c:11a4::/48
|
||||
2001:67c:14c4::/48
|
||||
|
@ -671,7 +641,6 @@
|
|||
2001:67c:b80::/48
|
||||
2001:67c:c84::/48
|
||||
2001:67c:c9c::/48
|
||||
2001:67c:ec0::/48
|
||||
2003:3c0::/28
|
||||
2003:3e0::/28
|
||||
2003:8:1800::/48
|
||||
|
@ -694,8 +663,6 @@
|
|||
2003::/19
|
||||
2003::/20
|
||||
2003::/23
|
||||
2a00:5c60:3::/48
|
||||
2a00:5c60:a::/48
|
||||
2a00:6680::/46
|
||||
2a01:598::/29
|
||||
2a01:8fa0::/32
|
||||
|
@ -727,11 +694,8 @@
|
|||
2a0d:480::/29
|
||||
2a0d:480::/30
|
||||
2a0d:484::/30
|
||||
2a0e:cbc4::/32
|
||||
2a0e:cbc5::/32
|
||||
2a0e:cbc6::/32
|
||||
2a0e:cbc7::/32
|
||||
2a0e:eb40::/32
|
||||
2a0f:15c0::/32
|
||||
2a10:cd80::/29
|
||||
2a11:7400:d1::/48
|
||||
2a12:6900:1000::/40
|
||||
|
|
|
@ -1,13 +1,19 @@
|
|||
104.151.0.0/17
|
||||
109.250.0.0/16
|
||||
109.250.0.0/18
|
||||
109.250.0.0/20
|
||||
109.250.128.0/19
|
||||
109.250.16.0/20
|
||||
109.250.160.0/19
|
||||
109.250.192.0/19
|
||||
109.250.224.0/19
|
||||
109.250.64.0/18
|
||||
109.250.32.0/19
|
||||
109.250.64.0/19
|
||||
109.250.80.0/22
|
||||
109.250.84.0/22
|
||||
109.250.88.0/22
|
||||
109.250.92.0/22
|
||||
109.250.96.0/19
|
||||
134.101.0.0/21
|
||||
14.102.90.0/24
|
||||
143.58.64.0/18
|
||||
149.233.32.0/19
|
||||
153.94.0.0/20
|
||||
|
@ -29,7 +35,6 @@
|
|||
185.151.201.0/24
|
||||
185.151.203.0/24
|
||||
185.158.48.0/22
|
||||
185.187.122.0/24
|
||||
185.199.205.0/24
|
||||
185.235.232.0/22
|
||||
185.8.230.0/23
|
||||
|
@ -40,13 +45,13 @@
|
|||
192.166.84.0/22
|
||||
192.166.87.0/24
|
||||
192.166.88.0/21
|
||||
192.189.14.0/24
|
||||
193.101.4.0/23
|
||||
193.102.10.0/24
|
||||
193.101.5.0/24
|
||||
193.111.212.0/22
|
||||
193.111.212.0/24
|
||||
193.163.13.0/24
|
||||
193.17.225.0/24
|
||||
193.163.13.0/25
|
||||
193.163.13.128/25
|
||||
193.219.15.0/24
|
||||
193.22.120.0/21
|
||||
193.22.120.0/24
|
||||
|
@ -87,7 +92,7 @@
|
|||
194.127.144.0/21
|
||||
194.127.203.0/24
|
||||
194.139.55.0/24
|
||||
194.145.218.0/23
|
||||
194.145.230.0/24
|
||||
194.156.216.0/21
|
||||
194.156.232.0/23
|
||||
194.156.233.0/24
|
||||
|
@ -110,23 +115,24 @@
|
|||
194.99.0.0/21
|
||||
195.149.80.0/23
|
||||
195.167.208.0/20
|
||||
195.191.20.0/23
|
||||
195.202.32.0/19
|
||||
195.226.160.0/19
|
||||
195.226.96.0/19
|
||||
195.234.139.0/24
|
||||
195.238.233.0/24
|
||||
195.238.238.0/24
|
||||
195.244.10.0/23
|
||||
195.64.176.0/23
|
||||
195.93.158.0/23
|
||||
202.71.128.0/20
|
||||
202.71.141.0/24
|
||||
212.204.0.0/19
|
||||
212.7.128.0/19
|
||||
212.8.0.0/19
|
||||
212.80.224.0/19
|
||||
212.80.224.0/20
|
||||
212.80.240.0/20
|
||||
212.93.0.0/19
|
||||
213.138.32.0/19
|
||||
213.138.35.0/24
|
||||
213.139.128.0/19
|
||||
213.182.128.0/19
|
||||
213.30.192.0/18
|
||||
|
@ -143,155 +149,307 @@
|
|||
45.13.15.0/24
|
||||
46.142.0.0/16
|
||||
46.142.0.0/19
|
||||
46.142.112.0/20
|
||||
46.142.128.0/19
|
||||
46.142.160.0/19
|
||||
46.142.194.0/24
|
||||
46.142.214.0/24
|
||||
46.142.224.0/19
|
||||
46.142.32.0/19
|
||||
46.142.32.0/20
|
||||
46.142.48.0/20
|
||||
46.142.64.0/19
|
||||
46.142.96.0/19
|
||||
46.142.96.0/20
|
||||
46.189.0.0/17
|
||||
46.189.116.0/24
|
||||
61.8.128.0/19
|
||||
61.8.128.0/22
|
||||
61.8.132.0/22
|
||||
61.8.136.0/22
|
||||
61.8.144.0/22
|
||||
61.8.152.0/22
|
||||
61.8.156.0/24
|
||||
61.8.157.0/24
|
||||
62.214.0.0/16
|
||||
62.214.213.0/24
|
||||
62.214.224.0/19
|
||||
62.217.32.0/19
|
||||
62.220.0.0/19
|
||||
62.68.82.0/24
|
||||
62.72.64.0/19
|
||||
62.72.70.0/24
|
||||
62.72.88.0/22
|
||||
62.72.92.0/23
|
||||
62.72.94.0/24
|
||||
77.74.136.0/21
|
||||
77.87.190.0/24
|
||||
80.241.192.0/20
|
||||
80.242.160.0/19
|
||||
82.119.160.0/19
|
||||
82.140.0.0/18
|
||||
82.140.48.0/20
|
||||
82.140.2.0/23
|
||||
82.140.2.0/24
|
||||
82.140.3.0/24
|
||||
82.140.48.0/21
|
||||
82.144.32.0/19
|
||||
82.144.34.0/24
|
||||
82.144.35.0/24
|
||||
82.144.36.0/24
|
||||
82.144.37.0/24
|
||||
82.145.0.0/19
|
||||
82.194.96.0/19
|
||||
82.207.128.0/17
|
||||
82.207.192.0/19
|
||||
82.207.224.0/21
|
||||
82.207.232.0/22
|
||||
82.207.236.0/24
|
||||
82.207.240.0/20
|
||||
82.207.244.0/24
|
||||
82.207.245.0/24
|
||||
82.207.246.0/24
|
||||
82.207.247.0/24
|
||||
82.207.248.0/24
|
||||
82.207.249.0/24
|
||||
82.207.250.0/24
|
||||
82.207.251.0/24
|
||||
82.207.252.0/24
|
||||
82.207.253.0/24
|
||||
82.207.254.0/24
|
||||
82.207.255.0/24
|
||||
83.135.0.0/16
|
||||
83.135.0.0/20
|
||||
83.135.0.0/22
|
||||
83.135.112.0/20
|
||||
83.135.128.0/19
|
||||
83.135.16.0/22
|
||||
83.135.160.0/21
|
||||
83.135.164.0/22
|
||||
83.135.168.0/21
|
||||
83.135.176.0/22
|
||||
83.135.180.0/22
|
||||
83.135.184.0/21
|
||||
83.135.192.0/20
|
||||
83.135.20.0/24
|
||||
83.135.208.0/20
|
||||
83.135.21.0/24
|
||||
83.135.22.0/24
|
||||
83.135.224.0/22
|
||||
83.135.23.0/24
|
||||
83.135.230.0/23
|
||||
83.135.232.0/21
|
||||
83.135.24.0/24
|
||||
83.135.240.0/22
|
||||
83.135.244.0/24
|
||||
83.135.245.0/24
|
||||
83.135.248.0/24
|
||||
83.135.249.0/24
|
||||
83.135.25.0/24
|
||||
83.135.250.0/24
|
||||
83.135.251.0/24
|
||||
83.135.252.0/24
|
||||
83.135.253.0/24
|
||||
83.135.254.0/24
|
||||
83.135.255.0/24
|
||||
83.135.26.0/24
|
||||
83.135.27.0/24
|
||||
83.135.28.0/24
|
||||
83.135.29.0/24
|
||||
83.135.30.0/24
|
||||
83.135.31.0/24
|
||||
83.135.32.0/19
|
||||
83.135.4.0/22
|
||||
83.135.64.0/19
|
||||
83.135.8.0/21
|
||||
83.135.96.0/20
|
||||
84.19.192.0/19
|
||||
84.19.192.0/20
|
||||
84.19.208.0/20
|
||||
87.122.0.0/15
|
||||
87.122.0.0/16
|
||||
87.122.0.0/20
|
||||
87.122.128.0/21
|
||||
87.122.136.0/22
|
||||
87.122.144.0/20
|
||||
87.122.16.0/20
|
||||
87.122.160.0/20
|
||||
87.122.176.0/21
|
||||
87.122.184.0/24
|
||||
87.122.185.0/24
|
||||
87.122.186.0/24
|
||||
87.122.187.0/24
|
||||
87.122.188.0/24
|
||||
87.122.189.0/24
|
||||
87.122.190.0/24
|
||||
87.122.191.0/24
|
||||
87.122.192.0/19
|
||||
87.122.224.0/19
|
||||
87.122.32.0/19
|
||||
87.122.64.0/19
|
||||
87.122.96.0/19
|
||||
87.123.0.0/16
|
||||
87.123.0.0/19
|
||||
87.123.112.0/20
|
||||
87.123.128.0/19
|
||||
87.123.160.0/20
|
||||
87.123.176.0/20
|
||||
87.123.194.0/24
|
||||
87.123.196.0/24
|
||||
87.123.203.0/24
|
||||
87.123.192.0/20
|
||||
87.123.208.0/22
|
||||
87.123.216.0/21
|
||||
87.123.224.0/20
|
||||
87.123.240.0/21
|
||||
87.123.240.0/22
|
||||
87.123.244.0/22
|
||||
87.123.248.0/22
|
||||
87.123.252.0/24
|
||||
87.123.253.0/24
|
||||
87.123.254.0/24
|
||||
87.123.255.0/24
|
||||
87.123.32.0/19
|
||||
87.123.64.0/20
|
||||
87.123.80.0/20
|
||||
87.123.96.0/19
|
||||
87.123.96.0/20
|
||||
88.130.0.0/16
|
||||
88.130.0.0/19
|
||||
88.130.130.0/23
|
||||
88.130.132.0/22
|
||||
88.130.136.0/21
|
||||
88.130.144.0/20
|
||||
88.130.144.0/21
|
||||
88.130.152.0/24
|
||||
88.130.153.0/24
|
||||
88.130.154.0/24
|
||||
88.130.155.0/24
|
||||
88.130.156.0/22
|
||||
88.130.156.0/24
|
||||
88.130.157.0/24
|
||||
88.130.158.0/24
|
||||
88.130.159.0/24
|
||||
88.130.160.0/21
|
||||
88.130.172.0/22
|
||||
88.130.176.0/21
|
||||
88.130.192.0/23
|
||||
88.130.194.0/23
|
||||
88.130.180.0/24
|
||||
88.130.181.0/24
|
||||
88.130.182.0/24
|
||||
88.130.183.0/24
|
||||
88.130.184.0/24
|
||||
88.130.185.0/24
|
||||
88.130.186.0/24
|
||||
88.130.187.0/24
|
||||
88.130.188.0/24
|
||||
88.130.189.0/24
|
||||
88.130.190.0/24
|
||||
88.130.191.0/24
|
||||
88.130.192.0/21
|
||||
88.130.200.0/21
|
||||
88.130.208.0/21
|
||||
88.130.216.0/21
|
||||
88.130.216.0/22
|
||||
88.130.220.0/24
|
||||
88.130.221.0/24
|
||||
88.130.222.0/24
|
||||
88.130.223.0/24
|
||||
88.130.32.0/20
|
||||
88.130.48.0/24
|
||||
88.130.49.0/24
|
||||
88.130.50.0/24
|
||||
88.130.51.0/24
|
||||
88.130.52.0/24
|
||||
88.130.53.0/24
|
||||
88.130.54.0/23
|
||||
88.130.54.0/24
|
||||
88.130.55.0/24
|
||||
88.130.56.0/24
|
||||
88.130.57.0/24
|
||||
88.130.58.0/24
|
||||
88.130.59.0/24
|
||||
88.130.60.0/24
|
||||
88.130.61.0/24
|
||||
88.130.62.0/24
|
||||
88.130.63.0/24
|
||||
88.130.64.0/19
|
||||
88.130.96.0/19
|
||||
89.207.200.0/21
|
||||
89.244.0.0/14
|
||||
89.244.0.0/16
|
||||
89.244.112.0/21
|
||||
89.244.120.0/21
|
||||
89.244.120.0/22
|
||||
89.244.124.0/24
|
||||
89.244.126.0/24
|
||||
89.244.127.0/24
|
||||
89.244.160.0/21
|
||||
89.244.164.0/22
|
||||
89.244.168.0/21
|
||||
89.244.176.0/20
|
||||
89.244.192.0/19
|
||||
89.244.224.0/20
|
||||
89.244.76.0/24
|
||||
89.244.78.0/23
|
||||
89.244.240.0/20
|
||||
89.244.64.0/21
|
||||
89.244.72.0/22
|
||||
89.244.80.0/20
|
||||
89.244.96.0/22
|
||||
89.244.96.0/20
|
||||
89.245.0.0/16
|
||||
89.245.0.0/20
|
||||
89.245.112.0/20
|
||||
89.245.158.0/24
|
||||
89.245.159.0/24
|
||||
89.245.16.0/20
|
||||
89.245.160.0/20
|
||||
89.245.176.0/21
|
||||
89.245.184.0/24
|
||||
89.245.185.0/24
|
||||
89.245.186.0/24
|
||||
89.245.187.0/24
|
||||
89.245.188.0/24
|
||||
89.245.189.0/24
|
||||
89.245.190.0/24
|
||||
89.245.191.0/24
|
||||
89.245.192.0/19
|
||||
89.245.224.0/19
|
||||
89.245.32.0/19
|
||||
89.245.64.0/19
|
||||
89.245.32.0/20
|
||||
89.245.64.0/20
|
||||
89.245.80.0/20
|
||||
89.245.96.0/20
|
||||
89.246.0.0/16
|
||||
89.246.0.0/19
|
||||
89.246.104.0/23
|
||||
89.246.106.0/24
|
||||
89.246.107.0/24
|
||||
89.246.108.0/24
|
||||
89.246.109.0/24
|
||||
89.246.110.0/24
|
||||
89.246.111.0/24
|
||||
89.246.112.0/22
|
||||
89.246.116.0/22
|
||||
89.246.120.0/24
|
||||
89.246.121.0/24
|
||||
89.246.122.0/24
|
||||
89.246.123.0/24
|
||||
89.246.124.0/22
|
||||
89.246.160.0/20
|
||||
89.246.160.0/21
|
||||
89.246.176.0/22
|
||||
89.246.180.0/22
|
||||
89.246.184.0/21
|
||||
89.246.192.0/19
|
||||
89.246.32.0/19
|
||||
89.246.32.0/20
|
||||
89.246.48.0/21
|
||||
89.246.56.0/21
|
||||
89.246.96.0/21
|
||||
89.247.0.0/16
|
||||
89.247.0.0/19
|
||||
89.247.112.0/21
|
||||
89.247.112.0/22
|
||||
89.247.120.0/22
|
||||
89.247.124.0/24
|
||||
89.247.125.0/24
|
||||
89.247.126.0/24
|
||||
89.247.127.0/24
|
||||
89.247.144.0/20
|
||||
89.247.160.0/20
|
||||
89.247.179.0/24
|
||||
89.247.192.0/20
|
||||
89.247.208.0/21
|
||||
89.247.216.0/22
|
||||
89.247.228.0/22
|
||||
89.247.224.0/21
|
||||
89.247.232.0/21
|
||||
89.247.232.0/22
|
||||
89.247.236.0/22
|
||||
89.247.252.0/22
|
||||
89.247.240.0/21
|
||||
89.247.240.0/22
|
||||
89.247.252.0/24
|
||||
89.247.253.0/24
|
||||
89.247.254.0/24
|
||||
89.247.255.0/24
|
||||
89.247.32.0/19
|
||||
89.247.32.0/20
|
||||
89.247.64.0/20
|
||||
89.247.80.0/20
|
||||
89.247.96.0/20
|
||||
89.27.128.0/17
|
||||
89.27.153.0/24
|
||||
91.194.180.0/23
|
||||
91.198.67.0/24
|
||||
91.199.158.0/24
|
||||
|
@ -310,7 +468,8 @@
|
|||
92.116.120.0/21
|
||||
92.116.128.0/18
|
||||
92.116.16.0/20
|
||||
92.116.192.0/18
|
||||
92.116.192.0/19
|
||||
92.116.224.0/19
|
||||
92.116.32.0/19
|
||||
92.116.64.0/18
|
||||
92.116.96.0/19
|
||||
|
@ -324,34 +483,67 @@
|
|||
92.117.240.0/21
|
||||
92.117.248.0/21
|
||||
92.117.64.0/19
|
||||
92.117.96.0/19
|
||||
94.134.0.0/15
|
||||
94.134.0.0/18
|
||||
94.134.112.0/22
|
||||
94.134.100.0/22
|
||||
94.134.112.0/21
|
||||
94.134.120.0/24
|
||||
94.134.121.0/24
|
||||
94.134.122.0/24
|
||||
94.134.123.0/24
|
||||
94.134.124.0/24
|
||||
94.134.125.0/24
|
||||
94.134.126.0/24
|
||||
94.134.127.0/24
|
||||
94.134.128.0/20
|
||||
94.134.144.0/20
|
||||
94.134.160.0/21
|
||||
94.134.168.0/22
|
||||
94.134.172.0/22
|
||||
94.134.176.0/20
|
||||
94.134.176.0/21
|
||||
94.134.192.0/22
|
||||
94.134.192.0/20
|
||||
94.134.208.0/21
|
||||
94.134.216.0/21
|
||||
94.134.64.0/22
|
||||
94.134.68.0/22
|
||||
94.134.224.0/19
|
||||
94.134.64.0/20
|
||||
94.134.80.0/22
|
||||
94.134.88.0/22
|
||||
94.134.94.0/23
|
||||
94.134.84.0/24
|
||||
94.134.85.0/24
|
||||
94.134.86.0/24
|
||||
94.134.87.0/24
|
||||
94.134.88.0/24
|
||||
94.134.89.0/24
|
||||
94.134.90.0/24
|
||||
94.134.91.0/24
|
||||
94.134.92.0/24
|
||||
94.134.93.0/24
|
||||
94.134.94.0/24
|
||||
94.134.95.0/24
|
||||
94.134.96.0/20
|
||||
94.134.96.0/22
|
||||
2001:1438:1000::/36
|
||||
2001:1438:1:100::/56
|
||||
2001:1438:1:200::/56
|
||||
2001:1438:1:300::/56
|
||||
2001:1438:1:400::/56
|
||||
2001:1438:1:900::/56
|
||||
2001:1438:1:a00::/56
|
||||
2001:1438:2000::/36
|
||||
2001:1438:3000::/36
|
||||
2001:1438:4000::/36
|
||||
2001:1438::/32
|
||||
2001:1438:f000::/36
|
||||
2001:1438:fff:10::/64
|
||||
2001:1438:fff:11::/64
|
||||
2001:1438:fff:12::/64
|
||||
2001:1438:fff:3::/64
|
||||
2001:1438:fff:4::/64
|
||||
2001:1438:fff:5::/64
|
||||
2001:1438:fff:6::/64
|
||||
2001:1438:fff:7::/64
|
||||
2001:1438:fff:8::/64
|
||||
2001:1438:fff:9::/64
|
||||
2001:1438:fff:a::/64
|
||||
2001:1438:fff:b::/64
|
||||
2001:1438:fff:c::/64
|
||||
2001:1438:fff:d::/64
|
||||
2001:1438:fff:e::/64
|
||||
2001:1438:fff:f::/64
|
||||
2001:16b8:1000::/40
|
||||
2001:16b8:100::/40
|
||||
2001:16b8:1100::/40
|
||||
|
@ -401,14 +593,12 @@
|
|||
2001:16b8:a000::/35
|
||||
2001:16b8:a00::/40
|
||||
2001:16b8:b00::/40
|
||||
2001:16b8:c000::/35
|
||||
2001:678:c74::/48
|
||||
2001:67c:27ac::/48
|
||||
2001:67c:2878::/48
|
||||
2001:67c:2e8c::/48
|
||||
2001:67c:660::/48
|
||||
2001:67c:888::/48
|
||||
2001:67c:ed8::/48
|
||||
2001:7b0::/32
|
||||
2001:9e8:2000::/35
|
||||
2001:9e8:4000::/35
|
||||
|
@ -425,11 +615,10 @@
|
|||
2a00:fb8:4000::/35
|
||||
2a00:fb8:6000::/35
|
||||
2a00:fb8::/29
|
||||
2a00:fb8::/32
|
||||
2a00:fb8::/35
|
||||
2a03:3fc0:2000::/48
|
||||
2a07:9400::/29
|
||||
2a0a:ed40::/29
|
||||
2a0b:9e80:1000::/36
|
||||
2a0d:240::/29
|
||||
2a0d:ad00::/29
|
||||
2a11:d00::/32
|
||||
|
|
|
@ -1,62 +0,0 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
|
||||
lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
|
||||
38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
|
||||
L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
|
||||
UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
|
||||
cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
|
||||
ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
|
||||
vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
|
||||
G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
|
||||
XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
|
||||
q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
|
||||
tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
|
||||
BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
|
||||
v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
|
||||
tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
|
||||
jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
|
||||
6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
|
||||
XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
|
||||
FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
|
||||
g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
|
||||
ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
|
||||
9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
|
||||
G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
|
||||
FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
|
||||
EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
|
||||
M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
|
||||
Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
|
||||
w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
|
||||
z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
|
||||
eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
|
||||
VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
|
||||
1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
|
||||
zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
|
||||
pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
|
||||
ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
|
||||
BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
|
||||
1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
|
||||
YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
|
||||
mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
|
||||
KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
|
||||
JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
|
||||
cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
|
||||
6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
|
||||
U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
|
||||
VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
|
||||
irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
|
||||
SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
|
||||
QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
|
||||
9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
|
||||
24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
|
||||
dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
|
||||
Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
|
||||
H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
|
||||
/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
|
||||
M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
|
||||
xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
|
||||
jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
|
||||
YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
|
||||
=0YYh
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,46 +1,4 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1
|
||||
|
||||
mQENBFiHXVIBCADr3VDEAGpq9Sg/xrPVu1GGqWGXdbnTbbNKeveCtFHZz7/GSATW
|
||||
iwiY1skvlAOBiIKCqJEji0rZZgd8WxuhdfugiCBk1hDTMWCpjI0P+YymV77jHjYB
|
||||
jHrKNlhb+aLjEd9Gf2EtbKUT1fvGUkzlVrcRGSX/XR9MBZlgja7NIyuVbn3uwZQ4
|
||||
jflWSNSlvMpohNxTFkrBFTRrCJXhbDLfCS46+so22CP3+1VQyqJ7/6RWK9v9KYdS
|
||||
AVNgILXMggSrMqha4WA1a/ktczVQXNtP8IuPxTdp9pNYsklOTmrFVeq3mXsvWh9Q
|
||||
lIhpYHIZlTZ5wVBq4wTRchsXC5MubIhz+ASDABEBAAG0GkdyYWZhbmEgPGluZm9A
|
||||
Z3JhZmFuYS5jb20+iQE4BBMBAgAiBQJYh11SAhsDBgsJCAcDAgYVCAIJCgsEFgID
|
||||
AQIeAQIXgAAKCRCMjDTFJAmMthxJB/9Id6JrwqRkJW+eSBb71FGQmRsJvNFR8J+3
|
||||
NPVhJNkTFFOM7TnjAMUIv+LYEURqGcceTNAN1aHq/7n/8ybXucCS0CnDYyNYpyVs
|
||||
tWJ3FOQK3jPrmziDCWPQATqMM/Z2auXVFWrDFqfh2xKZNjuix0w2nyuWB8U0CG2U
|
||||
89w+ksPJblGGU5xLPPzDQoAqyZXY3gpGGTkCuohMq2RWYbp/QJSQagYhQkKZoJhr
|
||||
XJlnw4At6R1A5UUPzDw6WJqMRkGrkieE6ApIgf1vZSmnLRpXkqquRTAEyGT8Pugg
|
||||
ee6YkD19/LK6ED6gn32StY770U9ti560U7oRjrOPK/Kjp4+qBtkQuQENBFiHXVIB
|
||||
CACz4hO1g/4fKO9QWLcbSWpB75lbNgt1kHXP0UcW8TE0DIgqrifod09lC85adIz0
|
||||
zdhs+00lLqckM5wNbp2r+pd5rRaxOsMw2V+c/y1Pt3qZxupmPc5l5lL6jzbEVR9g
|
||||
ygPaE+iabTk9Np2OZQ7Qv5gIDzivqK2mRHXaHTzoQn2dA/3xpFcxnen9dvu7LCpA
|
||||
CdScSj9/UIRKk9PHIgr2RJhcjzLx0u1PxN9MEqfIsIJUUgZOoDsr8oCs44PGGIMm
|
||||
cK1CKALLLiC4ZM58B56jRyXo18MqB6VYsC1X9wkcIs72thL3tThXO70oDGcoXzoo
|
||||
ywAHBH63EzEyduInOhecDIKlABEBAAGJAR8EGAECAAkFAliHXVICGwwACgkQjIw0
|
||||
xSQJjLbWSwf/VIM5wEFBY4QLGUAfqfjDyfGXpcha58Y24Vv3n6MwJqnCIbTAaeWf
|
||||
30CZ/wHg3NNIMB7I31vgmMOEbHQdv0LPTi9TG205VQeehcpNtZRZQ0D8TIetbxyi
|
||||
Emmn9osig9U3/7jaAWBabE/9bGx4TF3eLlEH9wmFrNYeXvgRqmyqVoqhIMCNAAOY
|
||||
REYyHyy9mzr9ywkwl0aroBqhzKIPyFlatZy9oRKllY/CCKO9RJy4DZidLphuwzqU
|
||||
ymdQ1sqe5nKvwG5GvcncPc3O7LMevDBWnpNNkgERnVxCqpm90TuE3ONbirnU4+/S
|
||||
tUsVU1DERc1fjOCnAm4pKIlNYphISIE7OQ==
|
||||
=0pMC
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: This is a revocation certificate
|
||||
|
||||
iQE2BCABCgAgFiEETkDd9tduKEpKZ4DkjIw0xSQJjLYFAmO9q0cCHQIACgkQjIw0
|
||||
xSQJjLarJAf+JJU0CHTMSSs5WH6ohVy54HN+ev7p7vfcgvvFBAWZLTLrG5+eFUH0
|
||||
w0m9KegxAs+H/H/68ld1jY/P62fvkOR7WCWQ7HH+8ClKLwuWS4DpOHK9IOkHDK0w
|
||||
0pVJ6NBiwhv8/B7EmiBf9zndjMtYa/wf8JZYVOXb0XE0L+Ec0WZSRZH+/WGA1E1s
|
||||
MSgPwqDF7RKXDCJ65elYxi9CPZvXhj6RVldn/aRuHf5/SCDE/HmnDB9+v6ReEsWV
|
||||
r/Xis2J0pWphpF/xtYxGf+Iy5fAHwDd4z9uKs9mBHSR0aDisuAW/eHF6KvBzQ7y0
|
||||
Yf3KxEyDvLwuAA5NBi7Xsd2wSKdfBGUGcQ==
|
||||
=KTb+
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQGNBGO4aiUBDAC82zo3vUyQH3yTCabQ7ZpospBg/xXBbJWbQNksIbEP/+I12CjB
|
||||
zac1QcMFd27MJlyXpsTqqSo1ZHOisNy0Tmyl/WlqMyoMeChg+LmIHLNbvAK0jPOX
|
||||
|
@ -81,59 +39,3 @@ Fj8eP2CocfRC+Lqv0azQwyEVMkYSMKoFbhXmjiBZn9JxblndKnVbByA1/nMAa0Q7
|
|||
HTJC50jDJfpM9d1xQW/W5LBSQjd3czM6zlRXsliX
|
||||
=lSMJ
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Comment: This is a revocation certificate
|
||||
|
||||
iQG2BCABCAAgFiEEDiLriOOeEid6d2CunkObECzzwMYFAmO4amECHQAACgkQnkOb
|
||||
ECzzwMYiDQv/bbRnEhrFhr5XyA2vnu6nTZezbMwArC/ZwtFxtnj2iAwGZYY/pbPx
|
||||
L8cHTpvK99I6J02SBHpmzthwHSindddPjuuQENdqH/TDlGvPH/mECJVTN9/kpjlg
|
||||
HtO0MVKAKyXGbij7fR8prfPMRqOFbo4Rn9nQZZ/eY9KwkKVKxKHymppNbUbvv1qQ
|
||||
NGfOi2QWkF+T8dbihbJHJgYpPb7uEmJ2EOX0KHu9nlYGX4jxtql+M3yeOi3juaXH
|
||||
hLFWqVn3FkQW7N4IV+bVTkYcxQg01rWqY/h7BvL88AiMoiUXhOvE5iAS4sJe+EVB
|
||||
bDfRaLr1Ju1CXYm5B+Q9b2pU0SWAbBNlVxYGs+NOeBh9YzwdGTFW2l/S/VLLv0bE
|
||||
hBYuLwOIs0BqrL4TWwlB1ucEikg+r3O7OZL8Dnw0mnBVBmQxKhl1p8dLcYtylG3B
|
||||
aEIbN6wHQe03xYvAmaHDdG0kjPiwhOlpZ+YU3ux8F2YnENXm9J+25GMyTXqybKQl
|
||||
ltTE4hHgRH2v
|
||||
=n71X
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQGNBGTnhmkBDADUE+SzjRRyitIm1siGxiHlIlnn6KO4C4GfEuV+PNzqxvwYO+1r
|
||||
mcKlGDU0ugo8ohXruAOC77Kwc4keVGNU89BeHvrYbIftz/yxEneuPsCbGnbDMIyC
|
||||
k44UOetRtV9/59Gj5YjNqnsZCr+e5D/JfrHUJTTwKLv88A9eHKxskrlZr7Un7j3i
|
||||
Ef3NChlOh2Zk9Wfk8IhAqMMTferU4iTIhQk+5fanShtXIuzBaxU3lkzFSG7VuAH4
|
||||
CBLPWitKRMn5oqXUE0FZbRYL/6Qz0Gt6YCJsZbaQ3Am7FCwWCp9+ZHbR9yU+bkK0
|
||||
Dts4PNx4Wr9CktHIvbypT4Lk2oJEPWjcCJQHqpPQZXbnclXRlK5Ea0NVpaQdGK+v
|
||||
JS4HGxFFjSkvTKAZYgwOk93qlpFeDML3TuSgWxuw4NIDitvewudnaWzfl9tDIoVS
|
||||
Bb16nwJ8bMDzovC/RBE14rRKYtMLmBsRzGYHWd0NnX+FitAS9uURHuFxghv9GFPh
|
||||
eTaXvc4glM94HBUAEQEAAbQmR3JhZmFuYSBMYWJzIDxlbmdpbmVlcmluZ0BncmFm
|
||||
YW5hLmNvbT6JAdQEEwEKAD4WIQS1Oud7rbYwpoMEYAWWP6J3EEWFRQUCZOeGaQIb
|
||||
AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCWP6J3EEWFRUiADACa
|
||||
i+xytv2keEFJWjXNnFAx6/obnHRcXOI3w6nH/zL8gNI7YN5jcdQT2NYvKVYTb3fW
|
||||
GuMsjHWgat5Gq3AtJrOKABpZ6qeYNPk0Axn/dKtOTwXjZ4pKX3bbUYvVfs0fCEZv
|
||||
B0HHIj2wI9kgMpoTrkj22LE8layZTPOoQ+3/FbLzS8hN3CYZj25mHN7bpZq8EbV3
|
||||
8FW9EU0HM0tg6CvoxkRiVqAuAC0KnVIZAdhD4dlYKuncq64nMvT1A5wxSYbnE+uf
|
||||
mnWQQhhS6BOwRqN054yw1FrWNDFsvnOSHmr8dIiriv+aZYvx5JQFJ7oZP3LwdYyg
|
||||
ocQcAJA8HFTIk3P6uJiIF/zdDzocgdKs+IYDoId0hxX7sGCvqdrsveq8n3m7uQiN
|
||||
7FvSiV0eXIdV4F7340kc8EKiYwpuYSaZX0UWKLenzlUvD+W4pZCWtoXzPsW7PKUt
|
||||
q1xdW0+NY+AGLCvSJCc5F4S5kFCObfBAYBbldjwwJFocdq/YOvvWYTPyV7kJeJS5
|
||||
AY0EZOeGaQEMALNIFUricEIwtZiX7vSDjwxobbqPKqzdek8x3ud0CyYlrbGHy0k+
|
||||
FDEXstjJQQ1s9rjJSu3sv5wyg9GDAUH3nzO976n/ZZvKPti3p2XU2UFx5gYkaaFV
|
||||
D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu
|
||||
8JvvSq9xbsK9CfoQDkIcoQOixPuI4P7eHtswCeYR/1LUTWEnYQWsBCf57cEpzR6t
|
||||
7mlQnzQo9z4i/kp4S0ybDB77wnn+isMADOS+/VpXO+M7Zj5tpfJ6PkKch3SGXdUy
|
||||
3zht8luFOYpJr2lVzp7n3NwB4zW08RptTzTgFAaW/NH2JjYI+rDvQm4jNs08Dtsp
|
||||
nm4OQvBA9Df/6qwMEOZ9i10ixqk+55UpQFJ3nf4uKlSUM7bKXXVcD/odq804Y/K4
|
||||
y3csE059YVIyaPexEvYSYlHE2odJWRg2Q1VehmrOSC8Qps3xpU7dTHXD74ZpaYbr
|
||||
haViRS5v/lCsiwARAQABiQG8BBgBCgAmFiEEtTrne622MKaDBGAFlj+idxBFhUUF
|
||||
AmTnhmkCGwwFCQPCZwAACgkQlj+idxBFhUUNbQv8DCcfi3GbWfvp9pfY0EJuoFJX
|
||||
LNgci7z7smXq7aqDp2huYQ+MulnPAydjRCVW2fkHItF2Ks6l+2/8t5Xz0eesGxST
|
||||
xTyR31ARENMXaq78Lq+itZ+usOSDNuwJcEmJM6CceNMLs4uFkX2GRYhchkry7P0C
|
||||
lkLxUTiB43ooi+CqILtlNxH7kM1O4Ncs6UGZMXf2IiG9s3JDCsYVPkC5QDMOPkTy
|
||||
2ZriF56uPerlJveF0dC61RZ6RlM3iSJ9Fwvea0Oy4rwkCcs5SHuwoDTFyxiyz0QC
|
||||
9iqi3fG3iSbLvY9UtJ6X+BtDqdXLAT9Pq527mukPP3LwpEqFVyNQKnGLdLOu2YXc
|
||||
TWWWseSQkHRzBmjD18KTD74mg4aXxEabyT4snrXpi5+UGLT4KXGV5syQO6Lc0OGw
|
||||
9O/0qAIU+YW7ojbKv8fr+NB31TGhGYWASjYlN1NvPotRAK6339O0/Rqr9xGgy3AY
|
||||
SR+ic2Y610IM7xccKuTVAW9UofKQwJZChqae9VVZ
|
||||
=J9CI
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
|
|
@ -1,29 +1,30 @@
|
|||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v2.0.19 (GNU/Linux)
|
||||
|
||||
mQINBGZMb30BEAC6c5P5lo5cLN2wX9+jA7TEEJ/NiiOM9VxBwB/c2PFd6AjdGBbe
|
||||
28VcXWmFdETg1N3Woq08yNVXdxS1tMslyl9apmmyCiSC2OPMmTOveLzZ196IljYR
|
||||
DeZMF8C+rdzNKXZzn7+nEp9xRy34QUZRfx6pEnugMd0VK0d/ZKgMbcq2IvcRQwap
|
||||
60+9t8ppesXhgaRBsAzvrj1twngqXP90JwzKGaR+iaGzrvvJn6cgXkw3MyXhskKY
|
||||
4J0c7TV6DmTOIfL6RmBp8+SSco8xXD/O/YIpG8LWe+sbMqSaq7jFvKCINWgK4RAt
|
||||
7mBRHvx81Y8IwV6B2wch/lSyYxKXTbE7uMefy3vyP9A9IFhMbFpc0EJA/4tHYEL4
|
||||
qPZyR44mizsxa+1h6AXO258ERtzL+FoksXnWTcQqBKjd6SHhLwN4BLsjrlWsJ6lD
|
||||
VaSKsekEwMFTLvZiLxYXBLPU04dvGNgX7nbkFMEK6RxHqfMu+m6+0jPXzQ+ejuae
|
||||
xoBBT61O7v5PPTqbZFBKnVzQPf7fBIHW5/AGAc+qAI459viwcCSlJ21RCzirFYc0
|
||||
/KDuSoo61yyNcq4G271lbT5SNeMZNlDxKkiHjbCpIU6iEF7uK828F1ZGKOMRztok
|
||||
bzE7j1IDIfDQ3P/zfq73Rr2S9FfHlXvEmLIuj5G4PO7p0IwUlCD1a9oY+QARAQAB
|
||||
tCxJY2luZ2EgR21iSCAoQnVpbGQgc2VydmVyKSA8aW5mb0BpY2luZ2EuY29tPokC
|
||||
TgQTAQoAOBYhBN069hmO0AC0wLc5VswRb1WqfyOCBQJmTG99AhsDBQsJCAcCBhUK
|
||||
CQgLAgQWAgMBAh4BAheAAAoJEMwRb1WqfyOCGrIP/i/4fYEkdCi4nhQGMzSP0Eyh
|
||||
UhJjsUP9mEqSQRqOAplvjYa1yBbrSPLfkRE0oAL/o+4eUKcAQFeDQtDXJ/D4xl3Q
|
||||
J5MehRJYzklrSs5XkEscb73HoDBUfFSgCVM2zK+JkCX0CPJ4ZLWtZGJ+8pCLpnkH
|
||||
nCPonbGc6sS+m2JsPRwxyxAhdXxWSAesXd8dUSW3MOQz9JlC4/idQcCFs03fdhuZ
|
||||
4jGMry08OihWVudTDK8nkwRZLzNoOivAQ3mIeaTcRMmgPJfYN4k0o90lXJWAbG+2
|
||||
j8p7Pyjv71OctI8KUbS4+f2H8i6r5Pc4M4hlUQh6QAN9o1oPJrXxurdp0EXgQXSy
|
||||
rVH2MeguqprFJxGjdlTCSTYgQEmEXMixRAGzteEgCf/Qk9mPXoxFTNyNg4/Lkglb
|
||||
Nj6dY6or6w+IsbdrcePqDAs+j9t5B97vU7Ldquloj85myQjkWPP8kjlsOlsXBkQ/
|
||||
C+mD+5iW2AiWh+yCasf6mOZwUfINZF+VDpmfIsZZbWpcMgp1f32fpRFZ3ietnsnR
|
||||
+luNb19hUHKyyDDHMe/YM7H9P5vtX9BGz6O9kNpo1LAnigkSQSFBZlK3Po3Yk9eg
|
||||
XPbDT5HsU3TMyS5ZnSDRRPPJwsyGPXz+0pCADae9H9hCc2C2LZIrrtwlOFPWuViA
|
||||
ifY/dQmUP37n5XgMADRc
|
||||
=O0zm
|
||||
mQGiBFKHzk4RBACSHMIFTtfw4ZsNKAA03Gf5t7ovsKWnS7kcMYleAidypqhOmkGg
|
||||
0petiYsMPYT+MOepCJFGNzwQwJhZrdLUxxMSWay4Xj0ArgpD9vbvU+gj8Tb02l+x
|
||||
SqNGP8jXMV5UnK4gZsrYGLUPvx47uNNYRIRJAGOPYTvohhnFJiG402dzlwCg4u5I
|
||||
1RdFplkp9JM6vNM9VBIAmcED/2jr7UQGsPs8YOiPkskGHLh/zXgO8SvcNAxCLgbp
|
||||
BjGcF4Iso/A2TAI/2KGJW6kBW/Paf722ltU6s/6mutdXJppgNAz5nfpEt4uZKZyu
|
||||
oSWf77179B2B/Wl1BsX/Oc3chscAgQb2pD/qPF/VYRJU+hvdQkq1zfi6cVsxyREV
|
||||
k+IwA/46nXh51CQxE29ayuy1BoIOxezvuXFUXZ8rP6aCh4KaiN9AJoy7pBieCzsq
|
||||
d7rPEeGIzBjI+yhEu8p92W6KWzL0xduWfYg9I7a2GTk8CaLX2OCLuwnKd7RVDyyZ
|
||||
yzRjWs0T5U7SRAWspLStYxMdKert9lLyQiRHtLwmlgBPqa0gh7Q+SWNpbmdhIE9w
|
||||
ZW4gU291cmNlIE1vbml0b3JpbmcgKEJ1aWxkIHNlcnZlcikgPGluZm9AaWNpbmdh
|
||||
Lm9yZz6IYAQTEQIAIAUCUofOTgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJ
|
||||
EMbjGcM0QQaCgSQAnRjXdbsyqziqhmxfAKffNJYuMPwdAKCS/IRCVyQzApFBtIBQ
|
||||
1xuoym/4C7kCDQRSh85OEAgAvPwjlURCi8z6+7i60no4n16dNcSzd6AT8Kizpv2r
|
||||
9BmNBff/GNYGnHyob/DMtmO2esEuVG8w62rO9m1wzzXzjbtmtU7NZ1Tg+C+reU2I
|
||||
GNVu3SYtEVK/UTJHAhLcgry9yD99610tYPN2Fx33Efse94mXOreBfCvDsmFGSc7j
|
||||
GVNCWXpMR3jTYyGj1igYd5ztOzG63D8gPyOucTTl+RWN/G9EoGBv6sWqk5eCd1Fs
|
||||
JlWyQX4BJn3YsCZx3uj1DWL0dAl2zqcn6m1M4oj1ozW47MqM/efKOcV6VvCs9SL8
|
||||
F/NFvZcH4LKzeupCQ5jEONqcTlVlnLlIqId95Z4DI4AV9wADBQf/S6sKA4oH49tD
|
||||
Yb5xAfUyEp5ben05TzUJbXs0Z7hfRQzy9+vQbWGamWLgg3QRUVPx1e4IT+W5vEm5
|
||||
dggNTMEwlLMI7izCPDcD32B5oxNVxlfj428KGllYWCFj+edY+xKTvw/PHnn+drKs
|
||||
LE65Gwx4BPHm9EqWHIBX6aPzbgbJZZ06f6jWVBi/N7e/5n8lkxXqS23DBKemapyu
|
||||
S1i56sH7mQSMaRZP/iiOroAJemPNxv1IQkykxw2woWMmTLKLMCD/i+4DxejE50tK
|
||||
dxaOLTc4HDCsattw/RVJO6fwE414IXHMv330z4HKWJevMQ+CmQGfswvCwgeBP9n8
|
||||
PItLjBQAXIhJBBgRAgAJBQJSh85OAhsMAAoJEMbjGcM0QQaCzpAAmwUNoRyySf9p
|
||||
5G3/2UD1PMueIwOtAKDVVDXEq5LJPVg4iafNu0SRMwgP0Q==
|
||||
=icbY
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
|
|
|
@ -1,74 +0,0 @@
|
|||
Include /etc/proftpd/modules.conf
|
||||
|
||||
UseIPv6 on
|
||||
<IfModule mod_ident.c>
|
||||
IdentLookups off
|
||||
</IfModule>
|
||||
|
||||
ServerName "home.paperless"
|
||||
ServerType standalone
|
||||
DeferWelcome off
|
||||
|
||||
DefaultServer on
|
||||
ShowSymlinks on
|
||||
|
||||
TimeoutNoTransfer 600
|
||||
TimeoutStalled 600
|
||||
TimeoutIdle 1200
|
||||
|
||||
DisplayLogin welcome.msg
|
||||
DisplayChdir .message true
|
||||
ListOptions "-l"
|
||||
|
||||
DenyFilter \*.*/
|
||||
|
||||
RequireValidShell off
|
||||
|
||||
Port 21
|
||||
|
||||
PassivePorts 49152 50192
|
||||
|
||||
MaxInstances 30
|
||||
|
||||
User proftpd
|
||||
Group nogroup
|
||||
|
||||
Umask 022 022
|
||||
AllowOverwrite on
|
||||
|
||||
TransferLog /var/log/proftpd/xferlog
|
||||
SystemLog /var/log/proftpd/proftpd.log
|
||||
|
||||
<IfModule mod_quotatab.c>
|
||||
QuotaEngine off
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ratio.c>
|
||||
Ratios off
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_delay.c>
|
||||
DelayEngine on
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ctrls.c>
|
||||
ControlsEngine off
|
||||
ControlsMaxClients 2
|
||||
ControlsLog /var/log/proftpd/controls.log
|
||||
ControlsInterval 5
|
||||
ControlsSocket /var/run/proftpd/proftpd.sock
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ctrls_admin.c>
|
||||
AdminControlsEngine off
|
||||
</IfModule>
|
||||
|
||||
<Anonymous /mnt/paperless/consume/>
|
||||
User nobody
|
||||
Group nogroup
|
||||
UserAlias anonymous ftp
|
||||
|
||||
<Directory *>
|
||||
AllowAll
|
||||
</Directory>
|
||||
</Anonymous>
|
|
@ -1,22 +1,22 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDsDCCAzWgAwIBAgISBIi3muU9O51f4fWWUXJHNgRHMAoGCCqGSM49BAMDMDIx
|
||||
MIIDsDCCAzWgAwIBAgISBMRgrLMPa1cucom1daU3fmCaMAoGCCqGSM49BAMDMDIx
|
||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
||||
NjAeFw0yNDA5MDQxNjA1MThaFw0yNDEyMDMxNjA1MTdaMBoxGDAWBgNVBAMTD2hv
|
||||
bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABA5vskMN8tWHCOsv
|
||||
aUojW+t8otSpRgcU0tLsONhzQ7GhG5tC5DQ5pN7HiG14eejONQE4hRWC4rkP/e47
|
||||
EVQd/rFK5m0lQesR68zogtW9KfQZUoINhlOuR4CxpBY1LrG5laOCAiQwggIgMA4G
|
||||
NTAeFw0yNDA2MTExNDQyMzdaFw0yNDA5MDkxNDQyMzZaMBoxGDAWBgNVBAMTD2hv
|
||||
bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABGlCPITmq729xoLb
|
||||
DkSn6SYxnP7Mns9dBSqUv1WktnYjwbavlbXKN3Bz0yCGcXSCZA+Nq576DBK9L9X6
|
||||
tTeIvqG1akyNxY+1eDK3vhH4FKmZE6oOyh1jqfG2LY7dvLYCQKOCAiQwggIgMA4G
|
||||
A1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
|
||||
VR0TAQH/BAIwADAdBgNVHQ4EFgQU3iCazGKeVwzCa84zl+qckbspEmEwHwYDVR0j
|
||||
BBgwFoAUkydGmAOpUWiOmNbEQkjbI79YlNIwVQYIKwYBBQUHAQEESTBHMCEGCCsG
|
||||
AQUFBzABhhVodHRwOi8vZTYuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
|
||||
Ly9lNi5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC
|
||||
VR0TAQH/BAIwADAdBgNVHQ4EFgQUt6i+27R0AAj+AUgSNg3Gmm5GzLYwHwYDVR0j
|
||||
BBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wVQYIKwYBBQUHAQEESTBHMCEGCCsG
|
||||
AQUFBzABhhVodHRwOi8vZTUuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
|
||||
Ly9lNS5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC
|
||||
D2hvbWUua3VuYm94Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
|
||||
1nkCBAIEgfUEgfIA8AB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRu
|
||||
AAABkb3+C2AAAAQDAEcwRQIhAMwv6NjH3Ggd1WfeSVvyToVaM15glwfSJcAW8+40
|
||||
XbCKAiABUoDmQjhKi5VfwZ7e0WX5XjEmgBN2qTafK5RqlaCDJgB2AO7N0GTV2xrO
|
||||
xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABkb3+C3IAAAQDAEcwRQIgU9sxMGOG
|
||||
aP3npu7vw3G9TiFRxuZRCI96My34WVSCOcsCIQDhDjS9QhJGtNT68Z0sx6DJCcco
|
||||
L1AXGWwojxizcx48bTAKBggqhkjOPQQDAwNpADBmAjEA/SOZeiZrClB5EJlZFdQy
|
||||
hrt2qh4HC5zvHdSLTWI4GAxDy8xRg/ANO6fp0Sb7Q7jdAjEAhiQgQfgUln08i/tv
|
||||
3TGjVRIT/Y4A4QadodTROpfmFDH3QIsNwRPRhQUUSscBavK9
|
||||
1nkCBAIEgfUEgfIA8AB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb
|
||||
AAABkAf3K9YAAAQDAEcwRQIhAPFpuj8ZoOmqhDNJDSuJ3BWyUuOUyY2QXjIVRHop
|
||||
dKyPAiAa2cwsyBFOjWOEYRCZ/7UgBA5axt8ZCrRYseefFwpvSQB2AN/hVuuqBa+1
|
||||
nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABkAf3LJ8AAAQDAEcwRQIhAL9+dxTj
|
||||
34moGhk32PnQZg2+nVNiVxLxYjDL9fk1R+bXAiAA7EjWqcZgktinTpt1pVQMmuUn
|
||||
FQ1IRh5AdycNn0lL2jAKBggqhkjOPQQDAwNpADBmAjEAubnofDBEyrcSJAiGxlqc
|
||||
EpUndlnkT/irfl/As8EUt0KMSPhnV3i7oEq89bi0KDghAjEA+XHccaWUi7BJEoV7
|
||||
nCUOCct64mb2LmXkvYiFVicsV9ubp4kVbziWjLgng6TC3HoM
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
@ -1,27 +1,27 @@
|
|||
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
|
||||
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
|
||||
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
|
||||
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
||||
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
||||
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
|
||||
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
||||
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
|
||||
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
|
||||
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
|
||||
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
|
||||
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
|
||||
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
|
||||
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
|
||||
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
|
||||
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
|
||||
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
|
||||
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
|
||||
Ig46v9mFmBvyH04=
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
||||
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
||||
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
||||
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
||||
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
||||
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
||||
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
||||
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
||||
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
||||
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
||||
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
||||
VQD9F6Na/+zmXCc=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
@ -1 +1 @@
|
|||
encrypt$gAAAAABm2JL0vVqh3Zut-a1Gfn8iOtDZS8aBpGobV3-d3u8My0MPunYmbQ6kXUAw7U0Bu87AAPXNsmi1pxrxcu8vXvhw4uM445WwKj-UqaV5fmk-ZasHGq-O6K52YqEgK6wo-9u_sOBubbwJSwFVaHxT3gczLW_GVRHhFIFGgdnRlz4YoAz4NXcos_uNO9GMEOGhfGx9e2c2GOIg64vXkj_1LjXEDoV9HYMzy-2wLt4A6q-ZiZwCoKl8-lt8sY_rLk_yfmy3sMvzqg8JaE7T4sunmXDdf4HQlnvl_cu1uW33Rrsq4-080HKx6rKNsZQGhWD2yls016xBAYZvQbDjHd6-7bld1bs5RUF5tfEC3Kx567TBdMaf5C7-PnNB7O_MC4I6SkmUElGRdYyCHuP5HXf9dKtiGCtjHyfEzqTBrcI0xPt631_IGPWMNId7zyLqfLHpMFTPS9jgGVKoT1TXwKe4NSHaGxXO-A==
|
||||
encrypt$gAAAAABmaHBwHXKZDN_8bEa47lNIX25-wvvW1RcC689Hod4HAsY2tT6fd9k7zdnbK8KWedRNopdRIlhQUkU0xBVh5J5maiYfn5R8Kp_VpkXiWY0LVY3XMWjB4oHmU29VEbl490oesAhUUH6hb7lwfvsbV4WTM_7aL0_sPfF1udxO89gg-9z2nbl-7zmTdSBY651fZQngd4SlwK17N1fedkHgYamGLdgE10oPZiRsOJKrUGv-Pxi4ICQ7J_AF6bO05PyZkeNqqUP19g2f5EsKNnT0bxQHCP5sbofvYzli-fU2bW-leuvm-VU8lV27t39lQZyF-WcWnB7626w0semrg7cCJ4qoHJVekEFWzJBLhagSNdCDWHAwdV2_MHzSgbXvyXz0maga8-1wBoa8Ueinp2oPQMPaUsVzy6NVX7mAsB6Rw9CXDSEf8WPSKWaz7324qhxKmhMHt0r68z0qM28mHb98F_vbS6geCw==
|
|
@ -1,23 +1,23 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDxjCCA0ygAwIBAgISBIbwgyWchKDri2pD+Lk46M3eMAoGCCqGSM49BAMDMDIx
|
||||
MIIDxzCCA02gAwIBAgISBDW3AazQEdYbYaSrLIoUKbvsMAoGCCqGSM49BAMDMDIx
|
||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
||||
NTAeFw0yNDA5MTkxOTQ5NDFaFw0yNDEyMTgxOTQ5NDBaMCIxIDAeBgNVBAMTF2hv
|
||||
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4rKd
|
||||
PfAtfQts90WjdnsscizZzlUF/HZBx97kT4/eWgyU/MNOFGF4WqGA92OX0ymZVJ7l
|
||||
D4CnHq96odx0LqHBQ+W+MXNlsWnwBTUOPKp8XyUeDhZbkgNJDR8nGtHje9a8o4IC
|
||||
MzCCAi8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
||||
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSONIAWFPI0mqJYBqnWk1J0Ea27
|
||||
sDAfBgNVHSMEGDAWgBSfK1/PPCFPnQS37SssxMZwi9LXDTBVBggrBgEFBQcBAQRJ
|
||||
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNS5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
|
||||
AoYWaHR0cDovL2U1LmkubGVuY3Iub3JnLzA9BgNVHREENjA0ghkqLmhvbWUuc29w
|
||||
NjAeFw0yNDA2MjExNjUzNDBaFw0yNDA5MTkxNjUzMzlaMCIxIDAeBgNVBAMTF2hv
|
||||
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEQDuO
|
||||
QacqKUrKWbwBWgSqPkaBIb4t6f4kiRMvCyY8KiZmIvJadVD6iKnbcGzFQ0LRI+vt
|
||||
+O6ZVpwsUOXvgF3PB7o7OfODlVsKRc4pYJPvoRRaz1VlK6eZW20GGivBVgl0o4IC
|
||||
NDCCAjAwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
||||
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRScRdoEyCVXr1PC0yvKusaOO5i
|
||||
dTAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU0jBVBggrBgEFBQcBAQRJ
|
||||
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNi5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
|
||||
AoYWaHR0cDovL2U2LmkubGVuY3Iub3JnLzA9BgNVHREENjA0ghkqLmhvbWUuc29w
|
||||
aGllcy1raXRjaGVuLmV1ghdob21lLnNvcGhpZXMta2l0Y2hlbi5ldTATBgNVHSAE
|
||||
DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AEiw42vapkc0
|
||||
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkgwK350AAAQDAEYwRAIga5zPs7YZ
|
||||
mJqbxhinEJKKQ9XCe1w/MhBzFMzwHFGbaPgCIHeprkwET14Y3h5dmUF7szwTg1Ey
|
||||
zqLM+GQL3t7EAX2cAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4A
|
||||
AAGSDArfogAABAMARzBFAiEA0faR1cyqpmCyHo/0KCv04fkpwgzWdMY+WopJXDLD
|
||||
zz8CIEBKANatmiRstc5D69jKhq2beHldLZB3jRfm1WlWqmxJMAoGCCqGSM49BAMD
|
||||
A2gAMGUCMCrpe2jxoTH410jNJPOnbN4ae0Ng54JtRNcFWHlcwpk07NrByJSTPWDd
|
||||
zr7AYsbbVQIxAOGboJcIxsuf+rN30iWoe5KwCY3sd5XW8bEKFQnugIVHxAQKnHNc
|
||||
0InWz2sVWYKNBA==
|
||||
DDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AEiw42vapkc0
|
||||
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkDvuwaIAAAQDAEYwRAIgP3lyMqvr
|
||||
+a7XWoRLxzQzhv6umJ/hiQPTWen3qqTao34CIGLq9y9ZPZUuo2smf49h9v9I9B4t
|
||||
o6ihFaHoOB68q37DAHcA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwA
|
||||
AAGQO+7CZAAABAMASDBGAiEAjl1f87koOUNfTNL4IRO+BBEVeHCxPvYRaztVJoC0
|
||||
x6ECIQDblc+Snmea3OSqydLcyi8xgdtMySyQgPElXLtM7H+RUjAKBggqhkjOPQQD
|
||||
AwNoADBlAjA0FOSmTiYrA9Hd2T5DkI2TMOH2akk8SxXprkei6H37bI8O3br7ke8t
|
||||
jwHWVtvN4d8CMQDohhdWUQ3G8Fl4ektN34oX6U3NcywBm96U3RVt5JYcfnn8ea68
|
||||
Qboj263s/g0Ciqs=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
@ -1,27 +1,27 @@
|
|||
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
||||
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
|
||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
||||
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
||||
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
|
||||
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
|
||||
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
|
||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
||||
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
|
||||
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
||||
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
||||
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
||||
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
||||
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
||||
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
||||
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
||||
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
||||
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
||||
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
||||
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
||||
VQD9F6Na/+zmXCc=
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
|
||||
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
|
||||
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
|
||||
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
|
||||
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
|
||||
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
|
||||
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
|
||||
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
|
||||
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
|
||||
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
|
||||
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
|
||||
Ig46v9mFmBvyH04=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
@ -1 +1 @@
|
|||
encrypt$gAAAAABm7I7N50TwtCs2LUt_MArRJnLQ-xLFVhr-zDtdWUVMejViIN2O9h5d_RP45jWt5BpxIkTORarcULXprEXp7zbb-CR5CTwbsNK6HnvSHPwuwXuxJQKRJtT4wWfYEFOxY9aUR9gxvXc3arsYHwVsGyLOeWA_6YzjO5IpL1LfQrsJuUE_1p9sKRyPpslmOJtD5OihMtIfAJNzBDwOSE_gdtLa8iae3DHtSvmKbGKSvwQEZ0pkJxVTVXJY4wddQmdsuV0ky04ls_tUINH8t6IMTJCt_5_ELzpTSdcHgV6W4yh8r_LTEH38n2boYnz3fKgieHnDHDWxFW1EYA2JWjkamH7hQ8iOMl8bqQieFAENnYjF41iz6tSCjfxVyKt_OfJUAwMScVMhPsuaI_i_ZB0Ge6BLsMwkw0d3yw06CwRQ3N7PcPPJLhL_eQS3EuV7Y-7Vv64secplJJIkcFfm1t5zcGkkm4-pDw==
|
||||
encrypt$gAAAAABmdb4pdFakOuqHPRpEu_RjEPVVS9Ef0kuvWKKT3Gr3056e0nhinh_THX1w7CqiZ4CQlvSIH7vlDNUORFWlqDuZJOh8FYPSzjr78aK1MqVGZHxQBK8VVNd0K5m1U3z9_4W_pB7Zr_5fLXDqtIW-t68GQPEfxCwy2h2eBepQ2zJiLupWa7JwuqiXH6QyB4gD5Y-9F30RjH52WtJLrx6XtgClPG0p-6FrHcNHqmMYqgpt11zvLa88lOBUoDGFrrqqFRbY039ay2b1jrQOAhTQLDxnAMsbr5jTSbST1modE-1u_Wis-Km-jcMwkiViZpK-HC6Ce_TNdt1NDarBat6nRhTrpqHXENlroVixHmGl1_-Y6mc75tJ-KHQKRRzwK8V_X62iA3vfSz1Xps8B1FZqxJWA2EdM0JkQecCuC-bnpedEoumYnif3vLhe91NV8SQ5FBlkd3NFT8vBAWCgnqT_jDf5YQW70w==
|
|
@ -61,9 +61,6 @@ groups['home'] = {
|
|||
}
|
||||
|
||||
groups['sophie'] = {
|
||||
'supergroups': {
|
||||
'linux',
|
||||
},
|
||||
'member_patterns': {
|
||||
r"sophie\..*",
|
||||
},
|
||||
|
@ -71,9 +68,6 @@ groups['sophie'] = {
|
|||
'icinga_options': {
|
||||
'exclude_from_monitoring': True,
|
||||
},
|
||||
'backup-client': {
|
||||
'target': 'htz-hel.backup-sophie',
|
||||
},
|
||||
'users': {
|
||||
'sophie': {},
|
||||
},
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
import bwpass
|
||||
|
||||
|
||||
def demagify(something, vault):
|
||||
if isinstance(something, str):
|
||||
if something.startswith('!bwpass:'):
|
||||
|
|
|
@ -17,7 +17,7 @@ WG_AUTOGEN_NODES = [
|
|||
'home.router',
|
||||
'htz-cloud.wireguard',
|
||||
'icinga2',
|
||||
None, # daisy
|
||||
'daisy',
|
||||
]
|
||||
|
||||
WG_AUTOGEN_SETTINGS = {
|
||||
|
|
|
@ -4,9 +4,9 @@ from hashlib import sha3_224
|
|||
|
||||
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
|
||||
from cryptography.hazmat.primitives.serialization import (Encoding,
|
||||
NoEncryption,
|
||||
PrivateFormat,
|
||||
PublicFormat)
|
||||
NoEncryption,
|
||||
PrivateFormat,
|
||||
PublicFormat)
|
||||
|
||||
from bundlewrap.utils import Fault
|
||||
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
from bundlewrap.utils.scm import get_rev
|
||||
from bundlewrap.utils.text import bold, red
|
||||
from bundlewrap.utils.ui import io
|
||||
|
||||
from bundlewrap.utils.scm import get_rev
|
||||
from bundlewrap.utils.text import red, bold
|
||||
|
||||
@node_attribute
|
||||
def needs_apply(node):
|
||||
|
|
|
@ -40,7 +40,7 @@ imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
|
|||
|
||||
[metadata.element-web]
|
||||
url = "chat.franzi.business"
|
||||
version = "v1.11.82"
|
||||
version = "v1.11.71"
|
||||
[metadata.element-web.config]
|
||||
default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business"
|
||||
default_server_config.'m.homeserver'.server_name = "franzi.business"
|
||||
|
@ -49,8 +49,8 @@ defaultCountryCode = "DE"
|
|||
jitsi.preferredDomain = "meet.ffmuc.net"
|
||||
|
||||
[metadata.forgejo]
|
||||
version = "9.0.1"
|
||||
sha1 = "060d9f00aaf595875eaf1897cbb24e760ef54d64"
|
||||
version = "7.0.5"
|
||||
sha1 = "8dc0526cdd886d5bc96ce96841202c2800029e68"
|
||||
domain = "git.franzi.business"
|
||||
enable_git_hooks = true
|
||||
install_ssh_key = true
|
||||
|
@ -59,7 +59,7 @@ lfs_secret_key = "!decrypt:encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76kl
|
|||
oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz"
|
||||
security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4="
|
||||
|
||||
[metadata.interfaces.'eno*']
|
||||
[metadata.interfaces.eno2]
|
||||
ips = [
|
||||
"193.135.9.29/24",
|
||||
"2a0a:51c0:0:225::2/64",
|
||||
|
@ -70,9 +70,9 @@ gateway6 = "2a0a:51c0:0:225::1"
|
|||
[metadata.matrix-media-repo]
|
||||
admins = ["@kunsi:franzi.business"]
|
||||
datastore_id = "3fff5da324ed784c771d638bb6be5917"
|
||||
sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
|
||||
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59"
|
||||
upload_max_mb = 500
|
||||
version = "v1.3.7"
|
||||
version = "v1.3.6"
|
||||
[metadata.matrix-media-repo.homeservers.'franzi.business']
|
||||
api = "synapse"
|
||||
domain = "http://[::1]:20080/"
|
||||
|
@ -90,7 +90,7 @@ user_id = "@dimension:franzi.business"
|
|||
admin_contact = "mailto:hostmaster@kunbox.net"
|
||||
baseurl = "matrix.franzi.business"
|
||||
server_name = "franzi.business"
|
||||
trusted_key_servers = ["matrix.org", "161.rocks"]
|
||||
trusted_key_servers = ["matrix.org", "finallycoffee.eu"]
|
||||
additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net"
|
||||
wellknown_also_on_vhosts = ["franzi.business"]
|
||||
[metadata.matrix-synapse.sliding_sync]
|
||||
|
@ -114,8 +114,8 @@ provisioning.shared_secret = "!decrypt:encrypt$gAAAAABfVKflEMAi07C_QGP8cy97hF-4g
|
|||
"'@kunsi:franzi.business'" = "admin"
|
||||
|
||||
[metadata.mautrix-whatsapp]
|
||||
version = "v0.11.0"
|
||||
sha1 = "997c794eb246e6cc67ac050c106d54f88531f213"
|
||||
version = "v0.10.9"
|
||||
sha1 = "1619579ec6b9fca84fec085a94842d309d3f730c"
|
||||
permissions."'@kunsi:franzi.business'" = "admin"
|
||||
[metadata.mautrix-whatsapp.homeserver]
|
||||
domain = "franzi.business"
|
||||
|
@ -126,7 +126,7 @@ domain = "rss.franzi.business"
|
|||
|
||||
[metadata.netbox]
|
||||
domain = "netbox.franzi.business"
|
||||
version = "v4.1.4"
|
||||
version = "v4.0.7"
|
||||
admins.kunsi = "hostmaster@kunbox.net"
|
||||
|
||||
[metadata.nextcloud]
|
||||
|
@ -136,10 +136,6 @@ domain = "warnochwas.de"
|
|||
contact = "mailto:security@kunsmann.eu"
|
||||
Encryption = "https://franzi.business/gpg_hi-kunsmann.eu.asc"
|
||||
|
||||
[metadata.nginx.vhosts.'afra.berlin'.locations.'/']
|
||||
redirect = "https://afra-berlin.de"
|
||||
mode = 302
|
||||
|
||||
[metadata.nginx.vhosts.forgejo]
|
||||
domain_aliases = ["git.kunsmann.eu"]
|
||||
|
||||
|
@ -152,10 +148,8 @@ owner = "skye"
|
|||
|
||||
[metadata.nginx.vhosts.kunsitracker]
|
||||
domain = "kunsitracker.de"
|
||||
locations.'/'.target = "https://travelynx.franzi.business/"
|
||||
locations.'/'.proxy_pass_host = "travelynx.franzi.business"
|
||||
locations.'= /'.target = "https://travelynx.franzi.business/p/Kunsi"
|
||||
locations.'= /'.proxy_pass_host = "travelynx.franzi.business"
|
||||
locations.'/'.redirect = "https://travelynx.franzi.business/p/Kunsi"
|
||||
locations.'/'.mode = 302
|
||||
|
||||
[metadata.nginx.vhosts.mta-sts]
|
||||
domain = "mta-sts.kunbox.net"
|
||||
|
@ -257,12 +251,12 @@ dkim = "uO4aNejDvVdw8BKne3KJIqAvCQMJ0416"
|
|||
|
||||
[metadata.smartd]
|
||||
disks = [
|
||||
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NF0W508470",
|
||||
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NX0W114380",
|
||||
"/dev/nvme0",
|
||||
"/dev/nvme1",
|
||||
]
|
||||
|
||||
[metadata.travelynx]
|
||||
version = "2.8.40"
|
||||
version = "2.7.7"
|
||||
mail_from = "travelynx@franzi.business"
|
||||
domain = "travelynx.franzi.business"
|
||||
|
||||
|
|
23
nodes/daisy.toml
Normal file
23
nodes/daisy.toml
Normal file
|
@ -0,0 +1,23 @@
|
|||
hostname = "2a11:f2c0:3:4::120"
|
||||
bundles = [
|
||||
"bird",
|
||||
"wireguard",
|
||||
]
|
||||
groups = [
|
||||
"debian-bookworm",
|
||||
]
|
||||
|
||||
[metadata]
|
||||
location = "glauca"
|
||||
nameservers = [
|
||||
"2606:4700::1111",
|
||||
"2606:4700:4700::1001",
|
||||
]
|
||||
backups.exclude_from_backups = true
|
||||
icinga_options.period = "daytime"
|
||||
|
||||
[metadata.interfaces.ens18]
|
||||
ips = [
|
||||
"2a11:f2c0:3:4::120/64",
|
||||
]
|
||||
gateway6 = "fe80::220:91ff:fe45:e19e"
|
|
@ -1,9 +0,0 @@
|
|||
dummy = true
|
||||
|
||||
[metadata.interfaces.default]
|
||||
ips = ["172.19.138.73"]
|
||||
dhcp = true
|
||||
mac = "c0:95:6d:5e:82:47"
|
||||
|
||||
[metadata.icinga_options]
|
||||
exclude_from_monitoring = true
|
|
@ -3,7 +3,7 @@ dummy = true
|
|||
[metadata.interfaces.default]
|
||||
ips = ["172.19.138.99"]
|
||||
dhcp = true
|
||||
mac = "6c:4b:90:5c:e3:6d"
|
||||
mac = "54:04:A6:EF:A8:01"
|
||||
|
||||
[metadata.icinga_options]
|
||||
exclude_from_monitoring = true
|
|
@ -1,9 +0,0 @@
|
|||
dummy = true
|
||||
|
||||
[metadata.interfaces.default]
|
||||
ips = ["172.19.138.75"]
|
||||
dhcp = true
|
||||
mac = "00:01:29:59:a9:8c"
|
||||
|
||||
[metadata.icinga_options]
|
||||
exclude_from_monitoring = true
|
|
@ -22,7 +22,7 @@ ram = 2
|
|||
|
||||
[metadata.homeassistant]
|
||||
domain = 'hass.home.kunbox.net'
|
||||
api_secret = '!decrypt:encrypt$gAAAAABm9lNg_mNhyzb4S6WRtVRDmQFBnPpoCwyqMnilRrAFUXc-EDvv-nYXPbSIbjTf7ZReTPtqr8k3WrGPqiuqhJ60LVv4A5DMqT5c6hTVr4WbhP4DPEIPgfd5aq6U9_-H9WDyQYHKjnunLJEYtEREzmhTq3XsYeQ05DyE7hfnQ-zVoBb0CsAK7GdhihRTdvhXv2N9M04_rigyBP-roRcUgCqwyHuWJc0IPAyn3R4Mr43ZqgR2fn6dNV_YUVKn9c0nWxIwRnYy6Ff_Te9NoGVmXxkiNUX-90bBLKFiCzrRAtizxrTiQb2SRipaWbgOlV6wbMy2KNux'
|
||||
api_secret = 'encrypt$gAAAAABjpyuqXLoilokQW5c0zV8shHcOzN1zkEbS-I6WAAX-xDO_OF33YbjbkpELU2HGBzqiWX40J0hsaEbYJOnCHFk8gJ-Xt0vdqqbQ5vca_TGPNQHZPAS4qZoPTcUhmX_I-0EdT6ukhxejXFYBiYRZikTLjH3lcNM5qnckCm-H9NbRdjLb9hbCDIjbEglHmBl_g08S1_ukvX3dDSCIHIxgXXGsdK_Go1KxPJd8G22FL_MMhCfsTW-6ioIqoHSeSA1NGk3MZHEIM2errckiopKBxoBaROsacO9Uqk1zrrgXOs2NsgiTRtrbV1TNlFVaIX9mZdsUnMGZ'
|
||||
|
||||
[metadata.nginx]
|
||||
restrict-to = [
|
||||
|
|
|
@ -1,15 +1,9 @@
|
|||
hostname = "172.19.138.22"
|
||||
groups = ["debian-bookworm"]
|
||||
bundles = ["docker-engine", "nginx", "redis"]
|
||||
|
||||
[metadata]
|
||||
icinga_options.exclude_from_monitoring = true
|
||||
|
||||
[metadata.docker-engine.config]
|
||||
# this is a dev machine, it's fine if docker does shenanigans with
|
||||
# iptables
|
||||
iptables = true
|
||||
|
||||
[metadata.interfaces.eno3]
|
||||
ips = [
|
||||
"172.19.138.22/24",
|
||||
|
@ -17,13 +11,6 @@ ips = [
|
|||
gateway4 = "172.19.138.1"
|
||||
ipv6_accept_ra = true
|
||||
|
||||
[metadata.nftables.forward]
|
||||
50-local-forward = [
|
||||
'ct state { related, established } accept',
|
||||
'iifname eno3 accept',
|
||||
'ip6 nexthdr ipv6-icmp accept',
|
||||
]
|
||||
|
||||
[metadata.users.molly]
|
||||
password = "!decrypt:dummy$no"
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ nodes['home.nas'] = {
|
|||
'mosquitto',
|
||||
'nfs-server',
|
||||
'rsyslogd',
|
||||
'samba',
|
||||
'scansnap',
|
||||
'smartd',
|
||||
'vmhost',
|
||||
'zfs',
|
||||
|
@ -67,22 +67,6 @@ nodes['home.nas'] = {
|
|||
'/storage/nas/normen',
|
||||
},
|
||||
},
|
||||
'dm-crypt': {
|
||||
'encrypted-devices': {
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K': {
|
||||
'dm-name': 'sam-S5SSNJ0X409404K',
|
||||
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409404K'),
|
||||
},
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F': {
|
||||
'dm-name': 'sam-S5SSNJ0X409845F',
|
||||
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409845F'),
|
||||
},
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J': {
|
||||
'dm-name': 'sam-S5SSNJ0X409870J',
|
||||
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409870J'),
|
||||
},
|
||||
},
|
||||
},
|
||||
'groups': {
|
||||
'nas': {},
|
||||
},
|
||||
|
@ -112,6 +96,11 @@ nodes['home.nas'] = {
|
|||
},
|
||||
},
|
||||
},
|
||||
'jellyfin': {
|
||||
'restrict-to': {
|
||||
'home.lgtv-wohnzimmer',
|
||||
},
|
||||
},
|
||||
'mixcloud-downloader': {
|
||||
'netrc': {
|
||||
'soundcloud': {
|
||||
|
@ -160,6 +149,9 @@ nodes['home.nas'] = {
|
|||
'/srv/paperless': {
|
||||
'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
||||
},
|
||||
'/srv/scansnap': {
|
||||
'172.19.138.0/24': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
||||
},
|
||||
},
|
||||
},
|
||||
'nginx': {
|
||||
|
@ -175,33 +167,13 @@ nodes['home.nas'] = {
|
|||
'home',
|
||||
},
|
||||
},
|
||||
'samba': {
|
||||
'shares': {
|
||||
'music': {
|
||||
'path': '/storage/nas/Musik',
|
||||
'force_group': 'nas',
|
||||
},
|
||||
},
|
||||
'restrict-to': {
|
||||
'172.19.138.0/24',
|
||||
},
|
||||
},
|
||||
'smartd': {
|
||||
'disks': {
|
||||
'/dev/nvme0',
|
||||
|
||||
# old nas disks
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8GE15GR',
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJ406R',
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJBTLR',
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJGN6R',
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
|
||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V9JS5UYL',
|
||||
|
||||
# encrypted disks
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K',
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F',
|
||||
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J',
|
||||
# ZFS cache disks
|
||||
#'/dev/disk/by-id/ata-TS64GSSD370_B807810503',
|
||||
#'/dev/disk/by-id/ata-TS64GSSD370_B807810527',
|
||||
},
|
||||
},
|
||||
'systemd-networkd': {
|
||||
|
@ -216,11 +188,6 @@ nodes['home.nas'] = {
|
|||
'br0.1138',
|
||||
},
|
||||
},
|
||||
'br1139': {
|
||||
'match': {
|
||||
'br0.1139',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
'systemd-timers': {
|
||||
|
@ -270,49 +237,26 @@ nodes['home.nas'] = {
|
|||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
|
||||
},
|
||||
},
|
||||
# {
|
||||
# 'type': 'log',
|
||||
# 'devices': {
|
||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part1',
|
||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part1',
|
||||
# },
|
||||
# },
|
||||
# {
|
||||
# 'type': 'cache',
|
||||
# 'devices': {
|
||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part2',
|
||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part2',
|
||||
# },
|
||||
# },
|
||||
],
|
||||
'ashift': 12,
|
||||
},
|
||||
},
|
||||
'encrypted': {
|
||||
'when_creating': {
|
||||
'config': [
|
||||
{
|
||||
'type': 'raidz',
|
||||
'devices': {
|
||||
'/dev/mapper/sam-S5SSNJ0X409404K',
|
||||
'/dev/mapper/sam-S5SSNJ0X409845F',
|
||||
'/dev/mapper/sam-S5SSNJ0X409870J',
|
||||
},
|
||||
},
|
||||
],
|
||||
'ashift': 12,
|
||||
},
|
||||
'needs': {
|
||||
'action:dm-crypt_open_sam-S5SSNJ0X409404K',
|
||||
'action:dm-crypt_open_sam-S5SSNJ0X409845F',
|
||||
'action:dm-crypt_open_sam-S5SSNJ0X409870J',
|
||||
},
|
||||
# see comment in bundle:backup-server
|
||||
'unless': 'zpool import encrypted',
|
||||
},
|
||||
},
|
||||
'datasets': {
|
||||
'encrypted': {
|
||||
'primarycache': 'metadata',
|
||||
},
|
||||
'encrypted/download': {
|
||||
'mountpoint': '/media/download',
|
||||
},
|
||||
'encrypted/nas': {
|
||||
'acltype': 'off',
|
||||
'atime': 'off',
|
||||
'compression': 'off',
|
||||
'mountpoint': '/storage/nas',
|
||||
},
|
||||
'encrypted/paperless': {
|
||||
'mountpoint': '/media/paperless',
|
||||
},
|
||||
'storage': {
|
||||
'primarycache': 'metadata',
|
||||
},
|
||||
|
@ -322,35 +266,25 @@ nodes['home.nas'] = {
|
|||
'storage/download': {
|
||||
'mountpoint': '/storage/download',
|
||||
},
|
||||
'storage/inbox': {
|
||||
'quota': str(1024*1024*1024*1024), # 1TB
|
||||
'mountpoint': '/storage/inbox',
|
||||
},
|
||||
'storage/nas': {
|
||||
'acltype': 'off',
|
||||
'atime': 'off',
|
||||
'compression': 'off',
|
||||
'mountpoint': '/media/nas_old',
|
||||
'mountpoint': '/storage/nas',
|
||||
},
|
||||
'storage/paperless': {
|
||||
'mountpoint': '/srv/paperless',
|
||||
},
|
||||
'storage/scan': {
|
||||
'mountpoint': '/srv/scansnap',
|
||||
},
|
||||
},
|
||||
'snapshots': {
|
||||
'retain_per_dataset': {
|
||||
'encrypted/download': {
|
||||
'hourly': 6,
|
||||
'daily': 0,
|
||||
'weekly': 0,
|
||||
'monthly': 0,
|
||||
},
|
||||
'encrypted/nas': {
|
||||
# juuuuuuuust to be sure.
|
||||
'daily': 14,
|
||||
'weekly': 6,
|
||||
'monthly': 12,
|
||||
},
|
||||
'encrypted/paperless': {
|
||||
'daily': 14,
|
||||
'weekly': 6,
|
||||
'monthly': 24,
|
||||
},
|
||||
'storage/download': {
|
||||
'hourly': 48,
|
||||
'daily': 0,
|
||||
|
@ -368,6 +302,12 @@ nodes['home.nas'] = {
|
|||
'weekly': 6,
|
||||
'monthly': 24,
|
||||
},
|
||||
'storage/scan': {
|
||||
'hourly': 6,
|
||||
'daily': 0,
|
||||
'weekly': 0,
|
||||
'monthly': 0,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
|
@ -6,7 +6,6 @@ nodes['home.paperless'] = {
|
|||
'redis',
|
||||
'postgresql',
|
||||
'paperless-ng',
|
||||
'proftpd',
|
||||
},
|
||||
'groups': {
|
||||
'debian-bookworm',
|
||||
|
@ -48,17 +47,12 @@ nodes['home.paperless'] = {
|
|||
},
|
||||
'paperless': {
|
||||
'domain': 'paperless.home.kunbox.net',
|
||||
'version': 'v2.13.0',
|
||||
'version': 'v2.11.0',
|
||||
'timezone': 'Europe/Berlin',
|
||||
},
|
||||
'postgresql': {
|
||||
'version': 15,
|
||||
},
|
||||
'proftpd': {
|
||||
'restrict-to': {
|
||||
'home.fujitsu-n7100',
|
||||
},
|
||||
},
|
||||
'vm': {
|
||||
'cpu': 2,
|
||||
'ram': 2,
|
||||
|
|
100
nodes/htz-cloud.afra.toml
Normal file
100
nodes/htz-cloud.afra.toml
Normal file
|
@ -0,0 +1,100 @@
|
|||
hostname = "91.107.203.234"
|
||||
bundles = [
|
||||
"element-web",
|
||||
"matrix-media-repo",
|
||||
"matrix-registration",
|
||||
"matrix-synapse",
|
||||
"nodejs",
|
||||
"postgresql",
|
||||
"zfs",
|
||||
]
|
||||
groups = [
|
||||
"debian-bookworm",
|
||||
"webserver",
|
||||
]
|
||||
|
||||
[metadata.icinga_options]
|
||||
pretty_name = "afra.berlin"
|
||||
|
||||
[metadata.interfaces.eth0]
|
||||
ips = [
|
||||
"91.107.203.234/32",
|
||||
"2a01:4f8:c010:b0e1::1/64",
|
||||
]
|
||||
gateway4 = '172.31.1.1'
|
||||
gateway6 = 'fe80::1'
|
||||
|
||||
[metadata.interfaces.ens10]
|
||||
ips = [
|
||||
"172.19.137.7/32",
|
||||
]
|
||||
routes.'172.19.128.0/20'.via = "172.19.137.1"
|
||||
|
||||
[metadata.element-web]
|
||||
url = "element.afra.berlin"
|
||||
version = "v1.11.71"
|
||||
|
||||
[metadata.element-web.config]
|
||||
default_server_config.'m.homeserver'.base_url = "https://matrix.afra.berlin"
|
||||
default_server_config.'m.homeserver'.server_name = "afra.berlin"
|
||||
brand = "afra.berlin"
|
||||
defaultCountryCode = "DE"
|
||||
jitsi.preferredDomain = "meet.ffmuc.net"
|
||||
|
||||
[metadata.matrix-media-repo]
|
||||
admins = ['@administress:afra.berlin']
|
||||
datastore_id = "e33b50474021fba9977f912414cdd7fe8890ed57"
|
||||
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59"
|
||||
upload_max_mb = 50
|
||||
version = "v1.3.6"
|
||||
|
||||
[metadata.matrix-media-repo.homeservers.'afra.berlin']
|
||||
domain = "http://[::1]:20080/"
|
||||
api = "synapse"
|
||||
signing_key_path = "/etc/matrix-synapse/mmr.signing.key"
|
||||
|
||||
[metadata.matrix-registration]
|
||||
base_path = "/matrix"
|
||||
client_redirect = "https://element.afra.berlin"
|
||||
|
||||
[metadata.matrix-synapse]
|
||||
server_name = "afra.berlin"
|
||||
baseurl = "matrix.afra.berlin"
|
||||
admin_contact = 'mailto:hostmaster@kunbox.net'
|
||||
trusted_key_servers = [
|
||||
"matrix.org",
|
||||
"franzi.business",
|
||||
]
|
||||
wellknown_also_on_vhosts = ["redirect"]
|
||||
|
||||
[metadata.nginx.vhosts.redirect]
|
||||
domain = "afra.berlin"
|
||||
|
||||
[metadata.nginx.vhosts.redirect.locations.'/']
|
||||
redirect = "https://afra-berlin.de"
|
||||
mode = 302
|
||||
|
||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/host-meta']
|
||||
#redirect = "https://fedi.afra.berlin/.well-known/host-meta"
|
||||
#mode = 301
|
||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/nodeinfo']
|
||||
#redirect = "https://fedi.afra.berlin/.well-known/nodeinfo"
|
||||
#mode = 301
|
||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/webfinger']
|
||||
#redirect = "https://fedi.afra.berlin/.well-known/webfinger"
|
||||
#mode = 301
|
||||
|
||||
[metadata.nginx.vhosts.redirect.locations.'/matrix/']
|
||||
target = "http://127.0.0.1:20100/"
|
||||
|
||||
[metadata.postgresql]
|
||||
version = "15"
|
||||
work_mem = 1024
|
||||
cache_size = 2048
|
||||
|
||||
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||
devices = ["/dev/disk/by-id/scsi-0HC_Volume_32207877"]
|
||||
|
||||
[metadata.vm]
|
||||
cpu = 2
|
||||
ram = 8
|
|
@ -37,7 +37,6 @@ nodes['htz-cloud.wireguard'] = {
|
|||
'172.19.137.0/24',
|
||||
'172.19.136.62/31',
|
||||
'172.19.136.64/31',
|
||||
'192.168.100.0/24',
|
||||
},
|
||||
},
|
||||
'nftables': {
|
||||
|
@ -81,17 +80,6 @@ nodes['htz-cloud.wireguard'] = {
|
|||
'10.73.0.0/16',
|
||||
},
|
||||
},
|
||||
'fra-jana': {
|
||||
'endpoint': 'gw.as212226.net:40000',
|
||||
'my_ip': '192.168.48.11/24',
|
||||
'my_port': 51802,
|
||||
'their_ip': '192.168.48.1',
|
||||
'pubkey': vault.decrypt('encrypt$gAAAAABnCA7M0Jg0cQwIaYCYEYN74MOSQK30rbhxD6tDIi2VEBqPh-UHrt7MdRzI4AUZ-p0MzjIdsps_DdGBkUTwA_UKD15Q_tg_LJNwDb04zvgSqc3hnJ4jeS2ZZEED0T1dVJ7E0YNS'),
|
||||
'masquerade': True,
|
||||
'routes': {
|
||||
'192.168.100.0/24',
|
||||
},
|
||||
},
|
||||
'kunsi-oneplus7': {
|
||||
'endpoint': None,
|
||||
'exclude_from_monitoring': True,
|
||||
|
|
|
@ -33,8 +33,5 @@ nodes['htz-hel.backup-kunsi'] = {
|
|||
'/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'),
|
||||
},
|
||||
},
|
||||
'zfs': {
|
||||
'scrub_when': 'Wed 08:00 Europe/Berlin',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
hostname = "2a01:4f9:6b:2d99::c0ff:ee"
|
||||
#dummy = true
|
||||
bundles = ["sshmon", "smartd"]
|
||||
dummy = true
|
||||
|
||||
# How to install:
|
||||
# - Get server at Hetzner (no IPv4)
|
||||
|
@ -18,11 +17,3 @@ bundles = ["sshmon", "smartd"]
|
|||
# - IPv6 only
|
||||
# - IP from the /64 hetzner gives us
|
||||
# - Gateway is the host itself, to work around the MAC filter hetzner uses
|
||||
|
||||
[metadata.smartd]
|
||||
disks = [
|
||||
"/dev/sda",
|
||||
"/dev/sdb",
|
||||
"/dev/sdc",
|
||||
"/dev/sdd",
|
||||
]
|
||||
|
|
|
@ -97,15 +97,16 @@ nodes['kunsi-p14s'] = {
|
|||
'xf86-video-amdgpu': {},
|
||||
|
||||
# all that other random stuff one needs
|
||||
#'abcde': {},
|
||||
'abcde': {},
|
||||
'apachedirectorystudio': {},
|
||||
'claws-mail': {},
|
||||
'claws-mail-themes': {},
|
||||
'ferdium-bin': {},
|
||||
'ferdi-bin': {},
|
||||
'gumbo-parser': {}, # for claws litehtml
|
||||
'inkstitch': {}, # for RZL embroidery machine
|
||||
'obs-studio': {},
|
||||
#'perl-musicbrainz-discid': {}, # for abcde
|
||||
#'perl-webservice-musicbrainz': {}, # for abcde
|
||||
'perl-musicbrainz-discid': {}, # for abcde
|
||||
'perl-webservice-musicbrainz': {}, # for abcde
|
||||
'sdl_ttf': {}, # for compiling testcard
|
||||
'x32edit': {},
|
||||
},
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
dummy = true
|
||||
|
||||
[metadata.icinga_options]
|
||||
period = "daytime"
|
||||
|
||||
[metadata.interfaces.default]
|
||||
ips = ["192.168.100.27/24"]
|
|
@ -1,61 +0,0 @@
|
|||
hostname = "91.198.192.207"
|
||||
groups = [
|
||||
"debian-bookworm",
|
||||
"webserver",
|
||||
]
|
||||
bundles = [
|
||||
"docker-engine",
|
||||
"docker-immich",
|
||||
"ipmitool",
|
||||
"redis",
|
||||
"smartd",
|
||||
"zfs",
|
||||
]
|
||||
|
||||
[metadata.icinga_options]
|
||||
period = "daytime"
|
||||
|
||||
[metadata.interfaces.eno4]
|
||||
ips = [
|
||||
"91.198.192.207/27",
|
||||
"2001:67c:b54:1::e/64",
|
||||
]
|
||||
gateway4 = "91.198.192.193"
|
||||
gateway6 = "2001:67c:b54:1::1"
|
||||
|
||||
[metadata.nginx.vhosts.immich]
|
||||
domain = "rr-immich.franzi.business"
|
||||
|
||||
[metadata.smartd]
|
||||
disks = [
|
||||
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0287704",
|
||||
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0387139",
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321",
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103",
|
||||
"/dev/disk/by-id/nvme-TOSHIBA-RC100_58UPC29HPW5S",
|
||||
]
|
||||
|
||||
[metadata.zfs.pools.tank.when_creating]
|
||||
ashift = 12
|
||||
|
||||
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||
type = "mirror"
|
||||
devices = [
|
||||
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0287704",
|
||||
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0387139",
|
||||
]
|
||||
|
||||
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||
type = "log"
|
||||
devices = [
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321-part1",
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103-part1",
|
||||
]
|
||||
|
||||
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||
type = "cache"
|
||||
devices = [
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321-part2",
|
||||
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103-part2",
|
||||
]
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
hostname = "192.168.1.252"
|
||||
os = "debian"
|
||||
os_version = [12,]
|
||||
bundles = [
|
||||
"apt",
|
||||
"basic",
|
||||
"kernel-modules",
|
||||
"openssh",
|
||||
"raspberrypi",
|
||||
"sdm630_mqtt",
|
||||
"sudo",
|
||||
"sysctl",
|
||||
"systemd",
|
||||
"systemd-networkd",
|
||||
"users",
|
||||
]
|
||||
|
||||
[metadata.apt.unattended-upgrades]
|
||||
enabled = false
|
||||
|
||||
[metadata.icinga_options]
|
||||
exclude_from_monitoring = true
|
||||
|
||||
[metadata.interfaces.eth0]
|
||||
ips = [
|
||||
"192.168.1.252/24",
|
||||
]
|
||||
dhcp = true
|
||||
|
||||
[metadata.raspberrypi]
|
||||
enable_display = true
|
||||
|
||||
[metadata.sdm630_mqtt]
|
||||
enable_stats_collection = false
|
||||
enable_local_printout = true
|
||||
config.mqtt.host = "192.168.1.253"
|
||||
|
||||
[metadata.users.kutscher]
|
||||
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
|
||||
sudo_commands = ["ALL"]
|
|
@ -1,46 +0,0 @@
|
|||
hostname = "192.168.1.253"
|
||||
os = "debian"
|
||||
os_version = [12,]
|
||||
bundles = [
|
||||
"apt",
|
||||
"basic",
|
||||
"kernel-modules",
|
||||
"mosquitto",
|
||||
"openssh",
|
||||
"raspberrypi",
|
||||
"sdm630_mqtt",
|
||||
"sudo",
|
||||
"sysctl",
|
||||
"systemd",
|
||||
"systemd-networkd",
|
||||
"telegraf",
|
||||
"users",
|
||||
]
|
||||
|
||||
[metadata.apt.unattended-upgrades]
|
||||
enabled = false
|
||||
|
||||
[metadata.icinga_options]
|
||||
exclude_from_monitoring = true
|
||||
|
||||
[metadata.interfaces.eth0]
|
||||
ips = [
|
||||
"192.168.1.253/24",
|
||||
]
|
||||
dhcp = true
|
||||
|
||||
[metadata.sdm630_mqtt]
|
||||
enable_local_printout = true
|
||||
config.modbus.host = "192.168.1.254"
|
||||
config.modbus.port = 4196
|
||||
config.telegraf.identifier = 'rottenraptor_truck'
|
||||
|
||||
[metadata.sysctl.options]
|
||||
'net.ipv6.conf.all.disable_ipv6' = '1'
|
||||
|
||||
[metadata.telegraf]
|
||||
collect_default_metrics = false
|
||||
|
||||
[metadata.users.kutscher]
|
||||
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
|
||||
sudo_commands = ["ALL"]
|
|
@ -54,6 +54,7 @@ nodes['htz-cloud.miniserver'] = {
|
|||
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
|
||||
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
|
||||
},
|
||||
'target': "htz-hel.backup-sophie",
|
||||
},
|
||||
'backups': {
|
||||
'paths': {
|
||||
|
@ -62,7 +63,7 @@ nodes['htz-cloud.miniserver'] = {
|
|||
},
|
||||
'element-web': {
|
||||
'url': 'chat.sophies-kitchen.eu',
|
||||
'version': 'v1.11.76',
|
||||
'version': 'v1.11.72',
|
||||
'config': {
|
||||
'default_server_config': {
|
||||
'm.homeserver': {
|
||||
|
@ -117,7 +118,6 @@ nodes['htz-cloud.miniserver'] = {
|
|||
'sophies-kitchen.eu': {
|
||||
'domain': 'http://[::1]:20080/',
|
||||
'api': 'synapse',
|
||||
'signing_key_path': "/etc/matrix-synapse/mmr.signing.key"
|
||||
},
|
||||
},
|
||||
'admins': {
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
nodes['voc.infobeamer-cms'] = {
|
||||
'hostname': 'infobeamer.c3voc.de',
|
||||
'hostname': 'infobeamer-cms.c3voc.de',
|
||||
'bundles': {
|
||||
'infobeamer-cms',
|
||||
'infobeamer-monitor',
|
||||
'redis',
|
||||
},
|
||||
'groups': {
|
||||
'debian-bookworm',
|
||||
'debian-bullseye',
|
||||
'webserver',
|
||||
},
|
||||
'metadata': {
|
||||
|
@ -25,7 +25,7 @@ nodes['voc.infobeamer-cms'] = {
|
|||
},
|
||||
'infobeamer-cms': {
|
||||
'domain': 'infobeamer.c3voc.de',
|
||||
'event_start_date': '2024-12-26',
|
||||
'event_start_date': '2024-05-29',
|
||||
'event_duration_days': 5,
|
||||
'config': {
|
||||
'ADMIN_USERS': [
|
||||
|
@ -34,14 +34,18 @@ nodes['voc.infobeamer-cms'] = {
|
|||
'jwacalex',
|
||||
'kunsi',
|
||||
'sophieschi',
|
||||
'v0tti',
|
||||
],
|
||||
'GITHUB_CLIENT_ID': vault.decrypt('encrypt$gAAAAABiNwHfIu9PYFfJrF7qirn_9vdvvUlEhJnadoNSS5XlCDbI_aMyj21_ZYQxaCkc6_eVX6Cj1jEHZ7Vs6wM-XyQdW0nUOahtqG4uvnYCiM3GFKHW_wQ='),
|
||||
'GITHUB_CLIENT_SECRET': vault.decrypt('encrypt$gAAAAABiNwHtdZC2XQ8IjosL7vsmrxZMwDIM6AD5dUlLo996tJs4qV7KJETHgYYZil2aMzClwhcE6JmxdhARRp7IJQ4rQQibelTNmyYSzj_V4puVpvma7SU0UZkTIG95SdPpoHY--Zba'),
|
||||
'HOSTED_API_KEY': vault.decrypt('encrypt$gAAAAABhxJPH2sIGMAibU2Us1HoCVlNfF0SQQnVl0eiod48Zu8webL_-xk3wDw3yXw1Hkglj-2usl-D3Yd095yTSq0vZMCv2fh-JWwSPdJewQ45x9Ai4vXVD4CNz5vuJBESKS9xQWXTc'),
|
||||
'INTERRUPT_KEY': vault.human_password_for('infobeamer-cms interrupt key 38c3', words=1),
|
||||
'INTERRUPT_KEY': vault.human_password_for('infobeamer-cms interrupt key'),
|
||||
'MQTT_MESSAGE': '{{"level":"info","component":"infobeamer-cms","msg":"{asset} uploaded by {user}. Check it at {url}"}}',
|
||||
'MQTT_PASSWORD': vault.decrypt('encrypt$gAAAAABhxakfhhwWn0vxhoO1FiMEpdCkomWvo0dHIuBrqDKav8WDpI6dXpb0hoXiWRsPV6p5m-8RlbfFbjPhz47AY-nFOOAAW6Yis3-IVD-U-InKJo9dvms='),
|
||||
'MQTT_SERVER': 'mqtt.c3voc.de',
|
||||
'MQTT_TOPIC': '/voc/alert',
|
||||
'MQTT_USERNAME': vault.decrypt('encrypt$gAAAAABhxakKHC_kHmHP2mFHorb4niuNTH4F24w1D6m5JUxl117N7znlZA6fpMmY3_NcmBr2Ihw4hL3FjZr9Fm_1oUZ1ZQdADA=='),
|
||||
'SETUP_IDS': [
|
||||
253559,
|
||||
250294,
|
||||
],
|
||||
# 'EXTRA_ASSETS': [{
|
||||
# 'type': "image",
|
||||
|
@ -52,35 +56,17 @@ nodes['voc.infobeamer-cms'] = {
|
|||
# 'x2': 110,
|
||||
# 'y2': 1070,
|
||||
# }],
|
||||
'NOTIFIER': {
|
||||
'MQTT_PASSWORD': vault.decrypt('encrypt$gAAAAABhxakfhhwWn0vxhoO1FiMEpdCkomWvo0dHIuBrqDKav8WDpI6dXpb0hoXiWRsPV6p5m-8RlbfFbjPhz47AY-nFOOAAW6Yis3-IVD-U-InKJo9dvms='),
|
||||
'MQTT_HOST': 'mqtt.c3voc.de',
|
||||
'MQTT_TOPIC': '/voc/alert',
|
||||
'MQTT_USERNAME': vault.decrypt('encrypt$gAAAAABhxakKHC_kHmHP2mFHorb4niuNTH4F24w1D6m5JUxl117N7znlZA6fpMmY3_NcmBr2Ihw4hL3FjZr9Fm_1oUZ1ZQdADA=='),
|
||||
'NTFY': [
|
||||
vault.decrypt('encrypt$gAAAAABm_RXKqIgRfe24frA_uvUMwJECr0TmL6TWPOmrPlS0CJuuBlpN6vGHrMkm5pjD5c5h1brC-aqQavsTk_AHXwq8bHG1QiZtQwqPxGuD_fEVP4-xOZ3t-RjqG3kPLz6ebqPoqyPl'),
|
||||
],
|
||||
},
|
||||
'FAQ': {
|
||||
'SOURCE': 'https://github.com/voc/infobeamer-cms',
|
||||
'CONTACT': '''
|
||||
Please use the <a href="https://chat.hackint.org/?join=infobeamer">IRC
|
||||
Channel #infobeamer on irc.hackint.org</a> (also
|
||||
<a href="https://www.hackint.org/transport/matrix">bridged to matrix</a>)
|
||||
or #info-beamer on the cccv rocketchat instance.
|
||||
'''.strip(),
|
||||
},
|
||||
},
|
||||
'rooms': {
|
||||
# 'Saal 1': 34430,
|
||||
# 'Saal G': 26598,
|
||||
# 'Saal Z': 26610,
|
||||
# 'Saal E (SoS/Lightning-Talks)': 32814,
|
||||
# 'Saal F (Sendezentrum/DLF)': 9717,
|
||||
'Saal 1': 34430,
|
||||
'Saal G': 26598,
|
||||
'Saal Z': 26610,
|
||||
'Saal E (SoS/Lightning-Talks)': 32814,
|
||||
'Saal F (Sendezentrum/DLF)': 9717,
|
||||
},
|
||||
'interrupts': {
|
||||
# 'Questions': 'questions',
|
||||
# 'Translations': 'translations',
|
||||
'Questions': 'questions',
|
||||
'Translations': 'translations',
|
||||
},
|
||||
},
|
||||
'infobeamer-monitor': {
|
||||
|
|
|
@ -49,7 +49,7 @@ nodes['voc.pretalx'] = {
|
|||
},
|
||||
},
|
||||
'pretalx': {
|
||||
'version': 'v2024.2.1',
|
||||
'version': 'v2024.1.0',
|
||||
'domain': 'pretalx.c3voc.de',
|
||||
'mail_from': 'pretalx@c3voc.de',
|
||||
'administrators-from-group-id': 1,
|
||||
|
@ -64,7 +64,7 @@ nodes['voc.pretalx'] = {
|
|||
},
|
||||
'halfnarp': {
|
||||
'repo': 'https://github.com/seibert-media/pretalx-halfnarp.git',
|
||||
'rev': '1.1.2',
|
||||
'rev': '1.1.0',
|
||||
},
|
||||
'media.ccc.de': {
|
||||
'repo': 'https://github.com/pretalx/pretalx-media-ccc-de.git',
|
||||
|
|
Loading…
Reference in a new issue