kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

Compare commits

base: kunsi:main
Branches Tags
kunsi:main
kunsi:new-wildcard-sophies-kitchen
kunsi:updates
kunsi:update-miniserver
kunsi:vmhostumzug
kunsi:jhtoolz
kunsi:sophiesheomenetwork
kunsi:feature/kunsi-ipv6-only-vlan
kunsi:sophie-dimension-cleanup
kunsi:kunsi-woodpecker
kunsi:kunsi-junos
kunsi:loudness-monitoring-gstreamer
..
compare: kunsi:update-miniserver
Branches Tags
kunsi:main
kunsi:new-wildcard-sophies-kitchen
kunsi:updates
kunsi:update-miniserver
kunsi:vmhostumzug
kunsi:jhtoolz
kunsi:sophiesheomenetwork
kunsi:feature/kunsi-ipv6-only-vlan
kunsi:sophie-dimension-cleanup
kunsi:kunsi-woodpecker
kunsi:kunsi-junos
kunsi:loudness-monitoring-gstreamer

No commits in common. "main" and "update-miniserver" have entirely different histories.
main ... update-min

53 changed files with 620 additions and 984 deletions
Show stats Expand all files Collapse all files

2
bundles/arch-with-gui/metadata.py
View file

@ -33,7 +33,7 @@ defaults = {
# networking
'avahi': {},
'netctl': {},
'util-linux': {}, # provides rfkill
'rfkill': {},
'wpa_supplicant': {},
'wpa_actiond': {},

2
bundles/backup-server/metadata.py
View file

@ -160,7 +160,7 @@ def monitoring(metadata):
client,
config['one_backup_every_hours'],
),
'vars.sshmon_timeout': 40,
'vars.sshmon_timeout': 20,
}
return {

7
bundles/c3voc-addons/items.py
View file

@ -7,6 +7,9 @@ supported_os = {
12: 'bookworm',
99: 'unstable',
},
'raspbian': {
10: 'buster',
},
}
try:
@ -79,10 +82,6 @@ actions = {
'triggered': True,
'cascade_skip': False,
},
'apt_execute_update_commands': {
'command': ' && '.join(sorted(node.metadata.get('apt/additional_update_commands', {'true'}))),
'triggered': True,
},
}
directories = {

8
bundles/icinga2/files/check_spam_blocklist
View file

@ -50,13 +50,17 @@ def check_list(ip_list, blocklist, warn_ips):
]).decode().splitlines()
for item in result:
if item.startswith(';;'):
continue
msgs.append('{} - {}'.format(
blocklist,
item,
))
else:
msgs.append('{} listed in {} as {}'.format(
ip,
blocklist,
item,
))
if item in warn_ips and returncode < 2:
if (item in warn_ips or item.startswith(';;')) and returncode < 2:
returncode = 1
else:
returncode = 2

2
bundles/icinga2/files/scripts/icinga_notification_wrapper
View file

@ -199,7 +199,7 @@ if __name__ == '__main__':
notify_per_mail()
if args.sms:
if not args.service_name:
if args.service_name:
notify_per_sms()
if CONFIG['ntfy']['user']:
notify_per_ntfy()

5
bundles/infobeamer-monitor/files/monitor.py
View file

@ -140,12 +140,13 @@ while True:
if device["is_online"]:
if device["maintenance"]:
mqtt_out(
"maintenance required: {}".format(' '.join(
"maintenance required: {}".join(
sorted(device["maintenance"])
)),
),
level="WARN",
device=device,
)
must_dump_state = True
if (
device["is_synced"] != state[did]["is_synced"]

6
bundles/matrix-media-repo/files/config.yaml
View file

@ -31,7 +31,7 @@ homeservers:
% endfor
accessTokens:
maxCacheTimeSeconds: 10
maxCacheTimeSeconds: 0
useLocalAppserviceConfig: false
admins:
@ -137,8 +137,8 @@ thumbnails:
rateLimit:
enabled: true
requestsPerSecond: 100
burst: 5000
requestsPerSecond: 10
burst: 50
identicons:
enabled: true

13
bundles/proftpd/items.py
View file

@ -1,13 +0,0 @@
files['/etc/proftpd/proftpd.conf'] = {
'source': f'{node.name}.conf',
'triggers': {
'svc_systemd:proftpd:restart',
},
}
svc_systemd['proftpd'] = {
'needs': {
'file:/etc/proftpd/proftpd.conf',
'pkg_apt:proftpd-core',
},
}

26
bundles/proftpd/metadata.py
View file

@ -1,26 +0,0 @@
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'proftpd-core': {},
},
},
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
sources = atomic(metadata.get('mosquitto/restrict-to', set()))
return {
'firewall': {
'port_rules': {
'20/tcp': sources,
'21/tcp': sources,
'49152-50192/tcp': sources,
},
},
}

5
bundles/rsyslogd/metadata.py
View file

@ -6,11 +6,6 @@ defaults = {
'rsyslog': {},
},
},
'backups': {
'paths': {
'/var/log/rsyslog',
},
},
'icinga2_api': {
'rsyslog': {
'services': {

3
bundles/samba/files/override.conf
View file

@ -1,3 +0,0 @@
[Service]
RestartSec=10
Restart=on-failure

39
bundles/samba/files/smb.conf
View file

@ -1,39 +0,0 @@
[global]
workgroup = KUNBOX
server string = ${node.name} samba
dns proxy = no
max log size = 1000
syslog = 1
syslog only = 1
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
map to guest = bad user
load printers = no
usershare allow guests = yes
allow insecure wide links = yes
% for name, opts in sorted(node.metadata.get('samba/shares', {}).items()):
[${name}]
browseable = yes
comment = ${opts.get('comment', f'share of {opts["path"]}')}
fake oplocks = yes
force group = ${opts.get('force_group', 'nogroup')}
force user = ${opts.get('force_user', 'nobody')}
% if opts.get('guest_ok', True):
guest ok = yes
% else:
guest ok = no
% endif
locking = no
path = ${opts['path']}
printable = no
read only = no
vfs objects = catia fruit
writable = ${'yes' if opts.get('writable', False) else 'no'}
% if opts.get('follow_symlinks', True):
follow symlinks = yes
wide links = yes
% endif
% endfor

59
bundles/samba/items.py
View file

@ -1,59 +0,0 @@
svc_systemd = {
'nmbd': {
'needs': {
'pkg_apt:samba',
},
},
'smbd': {
'needs': {
'pkg_apt:samba',
},
},
}
files = {
'/etc/samba/smb.conf': {
'content_type': 'mako',
'triggers': {
'svc_systemd:nmbd:restart',
'svc_systemd:smbd:restart',
},
},
'/etc/systemd/system/nmbd.service.d/bundlewrap.conf': {
'source': 'override.conf',
'triggers': {
'action:systemd-reload',
'svc_systemd:nmbd:restart',
},
},
'/etc/systemd/system/smbd.service.d/bundlewrap.conf': {
'source': 'override.conf',
'triggers': {
'action:systemd-reload',
'svc_systemd:smbd:restart',
},
},
}
last_action = set()
for user, uconfig in node.metadata.get('users', {}).items():
if (
'password' not in uconfig
or uconfig.get('delete')
or user in ('root',)
):
continue
actions[f'smbpasswd_for_user_{user}'] = {
'command': f'smbpasswd -a -s {user}',
'unless': f'pdbedit -L | grep -E "^{user}:"',
'data_stdin': uconfig['password'] + '\n' + uconfig['password'],
'needs': {
'pkg_apt:samba',
f'user:{user}',
},
'after': last_action,
}
last_action = {
f'action:smbpasswd_for_user_{user}',
}

26
bundles/samba/metadata.py
View file

@ -1,26 +0,0 @@
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'samba': {},
'samba-vfs-modules': {},
}
}
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
return {
'firewall': {
'port_rules': {
'137/udp': atomic(metadata.get('samba/restrict-to', set())),
'138/udp': atomic(metadata.get('samba/restrict-to', set())),
'139/tcp': atomic(metadata.get('samba/restrict-to', set())),
'445/tcp': atomic(metadata.get('samba/restrict-to', set())),
},
},
}

21
bundles/scansnap/files/ocr.sh Normal file
View file

@ -0,0 +1,21 @@
#!/bin/bash
set -euo pipefail
DATE=$(date +%F_%H-%M-%S)
cd "$1"
convert *.tiff no_ocr.pdf
ocrmypdf -l deu no_ocr.pdf has_ocr.pdf
rm -f *.tiff
rm -f no_ocr.pdf
chown nobody:nogroup has_ocr.pdf
mv has_ocr.pdf "/srv/scansnap/${DATE}.pdf"
cd /
rm -r "$1"

9
bundles/scansnap/files/scan.sh Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
set -euo pipefail
OUTFILE=$(mktemp -d)
scanimage --source 'ADF Duplex' --format tiff --mode Color --brightness 23 --resolution 300 --page-width 210 --page-height 297.3 -x 210 -y 297.3 --batch=${OUTFILE}/p%04d.tiff
/etc/scanbd/scripts/ocr.sh "$OUTFILE" &

52
bundles/scansnap/files/scanbd.conf Normal file
View file

@ -0,0 +1,52 @@
global {
debug = true
debug-level = 2
user = saned
group = scanner
saned = "/usr/sbin/saned"
saned_opt = {}
saned_env = { "SANE_CONFIG_DIR=/etc/scanbd" }
scriptdir = /etc/scanbd/scripts
timeout = 500
pidfile = "/var/run/scanbd.pid"
environment {
device = "SCANBD_DEVICE"
action = "SCANBD_ACTION"
}
function function_knob {
filter = "^message.*"
desc = "The value of the function knob / wheel / selector"
env = "SCANBD_FUNCTION"
}
function function_mode {
filter = "^mode.*"
desc = "Color mode"
env = "SCANBD_FUNCTION_MODE"
}
multiple_actions = false
action scan {
filter = "^scan.*"
numerical-trigger {
from-value = 0
to-value = 1
}
desc = "Scan to file"
script = "scan.sh"
}
}
include(scanner.d/avision.conf)
include(scanner.d/fujitsu.conf)
include(scanner.d/hp.conf)
include(scanner.d/pixma.conf)
include(scanner.d/snapscan.conf)
include(scanner.d/canon.conf)
include(scanner.d/plustek.conf)

39
bundles/scansnap/items.py Normal file
View file

@ -0,0 +1,39 @@
directories = {
'/etc/scanbd/scripts': {
'purge': True,
},
'/srv/scansnap': {
'owner': 'nobody',
'group': 'nogroup',
},
}
files = {
'/etc/scanbd/scanbd.conf': {
'triggers': {
'svc_systemd:scanbd:restart',
},
},
'/etc/scanbd/scripts/ocr.sh': {
'mode': '0755',
'needs': {
'directory:/srv/scansnap',
},
},
'/etc/scanbd/scripts/scan.sh': {
'mode': '0755',
'needs': {
'directory:/srv/scansnap',
'file:/etc/scanbd/scripts/ocr.sh',
},
},
}
svc_systemd = {
'scanbd': {
'needs': {
'file:/etc/scanbd/scanbd.conf',
'pkg_apt:scanbd',
},
},
}

22
bundles/scansnap/metadata.py Normal file
View file

@ -0,0 +1,22 @@
defaults = {
'apt': {
'packages': {
'sane-utils': {},
'scanbd': {},
'imagemagick': {},
'ocrmypdf': {},
'tesseract-ocr-deu': {},
},
},
'backups': {
'paths': {
'/srv/scansnap',
},
},
'cron': {
'jobs': {
# Automatically remove files which are older than 14 days
'scansnap_cleanup': '00 00 * * * root /usr/bin/find /srv/scansnap/ -mindepth 1 -mtime +14 -delete',
},
},
}

21
bundles/sdm630_mqtt/files/sdm630_printout.service
View file

@ -1,21 +0,0 @@
[Unit]
Description=SDM630 stats printout
Conflicts=getty@tty1.service
After=systemd-user-sessions.service getty@tty1.service plymouth-quit.service
[Service]
User=sdm630_mqtt
Group=sdm630_mqtt
ExecStart=/opt/sdm630_mqtt/venv/bin/python printout.py /opt/sdm630_mqtt/config.toml
WorkingDirectory=/opt/sdm630_mqtt/src
Restart=always
RestartSec=10
StandardInput=tty
StandardOutput=tty
StandardError=journal
TTYPath=/dev/tty1
TTYReset=yes
TTYVHangup=yes
[Install]
WantedBy=multi-user.target

14
bundles/sdm630_mqtt/files/sdm630_to_mqtt.service
View file

@ -1,14 +0,0 @@
[Unit]
Description=SDM630-to-MQTT bridge
After=network.target
[Service]
User=sdm630_mqtt
Group=sdm630_mqtt
ExecStart=/opt/sdm630_mqtt/venv/bin/python sdm630_mqtt.py /opt/sdm630_mqtt/config.toml
WorkingDirectory=/opt/sdm630_mqtt/src
Restart=always
RestartSec=1
[Install]
WantedBy=multi-user.target

76
bundles/sdm630_mqtt/items.py
View file

@ -1,76 +0,0 @@
directories['/opt/sdm630_mqtt/src'] = {}
git_deploy['/opt/sdm630_mqtt/src'] = {
'repo': 'https://git.franzi.business/kunsi/sdm630_mqtt.git',
'rev': 'main',
'triggers': {
'action:sdm630_mqtt_install_deps',
},
}
actions['sdm630_mqtt_create_virtualenv'] = {
'command': 'python3 -m virtualenv /opt/sdm630_mqtt/venv',
'unless': 'test -x /opt/sdm630_mqtt/venv/bin/python3',
'needs': {
'directory:/opt/sdm630_mqtt/src',
},
}
actions['sdm630_mqtt_install_deps'] = {
'command': 'cd /opt/sdm630_mqtt/src && /opt/sdm630_mqtt/venv/bin/pip install -r requirements.txt',
'triggered': True,
'needs': {
'action:sdm630_mqtt_create_virtualenv',
},
}
users['sdm630_mqtt'] = {
'home': '/opt/sdm630_mqtt',
}
files['/opt/sdm630_mqtt/config.toml'] = {
'content': repo.libs.faults.dict_as_toml(node.metadata.get('sdm630_mqtt/config')),
'triggers': set(),
}
if node.has_bundle('telegraf'):
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:telegraf:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:telegraf:restart')
if node.metadata.get('sdm630_mqtt/enable_stats_collection', True):
files['/usr/local/lib/systemd/system/sdm630_to_mqtt.service'] = {
'triggers': {
'action:systemd-reload',
'svc_systemd:sdm630_to_mqtt:restart',
},
}
svc_systemd['sdm630_to_mqtt'] = {
'needs': {
'git_deploy:/opt/sdm630_mqtt/src',
'action:sdm630_mqtt_install_deps',
'file:/usr/local/lib/systemd/system/sdm630_to_mqtt.service',
},
}
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
if node.metadata.get('sdm630_mqtt/enable_local_printout', False):
files['/usr/local/lib/systemd/system/sdm630_printout.service'] = {
'triggers': {
'action:systemd-reload',
'svc_systemd:sdm630_printout:restart',
},
}
svc_systemd['sdm630_printout'] = {
'needs': {
'git_deploy:/opt/sdm630_mqtt/src',
'action:sdm630_mqtt_install_deps',
'file:/usr/local/lib/systemd/system/sdm630_printout.service',
},
}
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_printout:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_printout:restart')

38
bundles/sdm630_mqtt/metadata.py
View file

@ -1,38 +0,0 @@
defaults = {
'sdm630_mqtt': {
'config': {
'modbus': {
'host': '127.0.0.1',
'port': 501,
'unit_id': 1,
},
'mqtt': {
'prefix': 'sdm630',
'host': '127.0.0.1',
'port': 1883,
},
'printout': {
'title': 'SDM630',
},
'telegraf': {
'identifier': 'unknown',
},
},
},
'telegraf': {
'input_plugins': {
'execd': {
'sdm630_mqtt': {
'command': [
'/opt/sdm630_mqtt/venv/bin/python',
'/opt/sdm630_mqtt/src/telegraf.py',
'/opt/sdm630_mqtt/config.toml',
],
'signal': 'none',
'restart_delay': '1s',
'data_format': 'influx',
},
},
},
},
}

3
bundles/sshmon/files/check_https_certificate_at_url
View file

@ -21,8 +21,7 @@ case "$issuer_hash" in
# 8d33f237: issuer=C = US, O = Let's Encrypt, CN = R3
# 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5
# 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6
# 31dfb39d: issuer=C = US, O = Let's Encrypt, CN = R11
4f06f81d|8d33f237|462422cf|9aad238c|31dfb39d)
4f06f81d|8d33f237|462422cf|9aad238c)
warn_days=10
crit_days=3
;;

3
bundles/systemd-networkd/files/template-bridge.network
View file

@ -3,6 +3,3 @@ Name=${' '.join(sorted(match))}
[Network]
Bridge=${bridge}
[Link]
ActivationPolicy=always-up

3
bundles/systemd-networkd/metadata.py
View file

@ -4,9 +4,6 @@ defaults = {
'isc-dhcp-client': {
'installed': False,
},
'network-manager': {
'installed': False,
},
'resolvconf': {
'installed': False,
},

26
bundles/telegraf/items.py
View file

@ -11,19 +11,7 @@ telegraf_config = {
'quiet': False,
'round_interval': False,
},
'outputs': {
'influxdb_v2': [{
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
}],
},
'inputs': {},
}
if node.metadata.get('telegraf/collect_default_metrics', True):
telegraf_config['inputs'] = {
'inputs': {
'cpu': [{
'percpu': False,
'totalcpu': True,
@ -55,10 +43,18 @@ if node.metadata.get('telegraf/collect_default_metrics', True):
'nstat': [{}],
'processes': [{}],
'system': [{}],
**node.metadata.get('telegraf/input_plugins/builtin', {}),
},
'outputs': {
'influxdb_v2': [{
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
}],
},
}
telegraf_config['inputs'].update(node.metadata.get('telegraf/input_plugins/builtin', {}))
# Bundlewrap can't merge lists. To work around this, telegraf/input_plugins/exec(d)
# is a dict, of which we only use the value of it. This also allows us
# to overwrite values set by metadata defaults/reactors in node and group

2
bundles/zfs/metadata.py
View file

@ -170,7 +170,7 @@ def scrub_timer(metadata):
'systemd-timers': {
'timers': {
'zfs-scrub': {
'when': metadata.get('zfs/scrub_when', 'Sun 02:00:00 UTC'),
'when': 'Sun 02:00:00 UTC',
'command': scrubs,
},
},

178
configs/as3320.txt
View file

@ -1,7 +1,5 @@
109.237.176.0/20
109.72.116.0/24
116.50.16.0/21
128.65.164.0/22
129.181.208.0/21
129.181.216.0/22
137.170.112.0/24
@ -17,12 +15,13 @@
139.12.4.0/24
141.169.240.0/20
141.77.0.0/16
141.98.44.0/24
143.99.213.0/24
145.225.16.0/23
146.247.58.0/24
147.136.84.0/22
147.161.22.0/24
147.78.17.0/24
147.79.8.0/21
149.208.250.0/23
149.208.252.0/24
149.208.253.0/24
@ -35,7 +34,6 @@
149.249.244.0/22
149.249.244.0/23
149.249.246.0/23
153.17.244.8/29
153.17.249.0/24
153.17.250.0/24
153.17.251.0/24
@ -48,11 +46,7 @@
153.97.32.0/24
158.116.231.0/24
160.211.126.0/24
163.5.156.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
163.5.66.0/24
163.5.168.0/24
164.133.10.0/24
164.133.11.0/24
164.133.150.0/24
@ -66,9 +60,11 @@
168.199.192.0/22
168.199.212.0/22
170.237.92.0/23
171.25.178.0/24
176.221.24.0/24
176.221.25.0/24
176.53.136.0/24
176.53.137.0/24
176.57.59.0/24
185.100.160.0/22
185.101.244.0/23
185.101.246.0/23
@ -80,38 +76,45 @@
185.131.239.0/24
185.133.12.0/22
185.136.115.0/24
185.149.25.0/24
185.149.26.0/24
185.149.27.0/24
185.149.52.0/24
185.157.101.0/24
185.161.176.0/22
185.162.72.0/23
185.163.76.0/24
185.163.77.0/24
185.163.78.0/24
185.163.79.0/24
185.172.38.0/24
185.172.39.0/24
185.180.224.0/24
185.183.212.0/23
185.183.214.0/23
185.188.64.0/24
185.195.239.0/24
185.198.13.0/24
185.202.32.0/21
185.203.148.0/22
185.207.46.0/24
185.21.247.0/24
185.235.71.0/24
185.237.0.0/24
185.237.1.0/24
185.237.2.0/24
185.240.85.0/24
185.242.224.0/24
185.243.44.0/22
185.243.44.0/24
185.243.45.0/24
185.243.46.0/24
185.243.47.0/24
185.250.42.0/23
185.28.208.0/22
185.39.12.0/22
185.48.0.0/22
185.57.231.0/24
185.57.24.0/24
185.82.160.0/23
188.214.139.0/24
185.91.204.0/22
192.109.121.0/24
192.109.122.0/24
192.109.124.0/24
@ -173,6 +176,7 @@
193.110.102.0/23
193.110.102.0/24
193.110.103.0/24
193.124.35.0/24
193.138.91.0/24
193.141.143.0/24
193.141.180.0/23
@ -239,6 +243,7 @@
193.41.10.0/23
193.47.164.0/24
193.53.93.0/24
193.56.21.0/24
193.58.253.0/24
193.84.136.0/22
193.96.230.0/24
@ -248,7 +253,6 @@
193.98.224.0/24
193.99.96.0/20
194.0.151.0/24
194.0.232.0/24
194.110.133.0/24
194.113.160.0/22
194.113.20.0/23
@ -291,13 +295,6 @@
194.15.64.0/21
194.15.72.0/22
194.150.228.0/23
194.152.128.0/24
194.152.129.0/24
194.152.132.0/24
194.152.141.0/24
194.152.142.0/24
194.152.154.0/24
194.152.155.0/24
194.153.86.0/24
194.156.128.0/22
194.156.148.0/24
@ -340,20 +337,26 @@
194.39.63.0/24
194.39.88.0/21
194.39.97.0/24
194.45.144.0/21
194.49.110.0/24
194.49.117.0/24
194.49.118.0/23
194.49.125.0/24
194.49.48.0/24
194.49.54.0/24
194.49.72.0/24
194.49.73.0/24
194.49.74.0/23
194.49.85.0/24
194.55.158.0/24
194.55.180.0/24
194.55.183.0/24
194.55.192.0/19
194.55.63.0/24
194.55.64.0/20
194.55.87.0/24
194.58.40.0/24
194.58.56.0/23
194.59.143.0/24
194.59.150.0/24
194.59.151.0/24
@ -379,22 +382,34 @@
194.76.52.0/24
194.77.41.0/24
194.77.42.0/24
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.255.0/24
194.87.77.0/24
194.88.112.0/20
194.88.16.0/21
194.88.24.0/23
194.88.26.0/24
194.88.28.0/23
194.88.96.0/21
194.99.118.0/24
194.99.34.0/24
194.99.76.0/23
194.99.83.0/24
194.99.92.0/22
195.133.20.0/24
195.133.64.0/22
195.133.7.0/24
195.133.76.0/24
195.137.216.0/23
195.138.223.0/24
195.144.15.0/24
195.145.0.0/16
195.149.79.0/24
195.160.248.0/22
195.178.132.0/22
195.190.2.0/24
195.192.254.0/24
195.200.207.0/24
@ -421,14 +436,12 @@
198.40.90.0/24
198.57.10.0/24
2.160.0.0/12
2.58.100.0/24
2.58.102.0/24
204.52.120.0/24
204.52.121.0/24
204.69.32.0/24
205.142.63.0/24
212.184.0.0/15
212.185.0.0/16
212.87.217.0/24
213.145.90.0/23
213.145.92.0/23
213.173.0.0/19
@ -437,7 +450,6 @@
213.209.156.0/24
217.0.0.0/13
217.117.96.0/24
217.198.189.0/24
217.224.0.0/11
217.24.32.0/20
217.24.33.0/24
@ -447,21 +459,35 @@
31.224.0.0/11
31.6.56.0/23
37.143.0.0/22
37.230.56.0/24
37.230.57.0/24
37.230.58.0/23
37.230.60.0/24
37.230.63.0/24
37.46.11.0/24
37.50.0.0/15
37.80.0.0/12
45.128.14.0/23
45.132.217.0/24
45.132.80.0/22
45.141.54.0/24
45.145.16.0/24
45.140.208.0/24
45.141.130.0/24
45.142.236.0/24
45.145.241.0/24
45.145.243.0/24
45.147.227.0/24
45.155.77.0/24
45.81.255.0/24
45.83.136.0/22
45.84.214.0/24
45.93.186.0/23
46.20.216.0/21
46.250.224.0/21
46.250.232.0/21
46.78.0.0/15
46.80.0.0/12
5.10.208.0/24
5.10.209.0/24
5.10.220.0/24
5.133.112.0/24
5.249.188.0/22
5.35.192.0/21
@ -477,11 +503,14 @@
64.137.119.0/24
64.137.125.0/24
64.137.127.0/24
77.242.149.0/24
77.47.152.0/22
77.83.136.0/23
77.83.138.0/23
77.83.32.0/22
77.90.156.0/24
77.90.184.0/24
79.139.52.0/22
79.192.0.0/10
80.128.0.0/11
80.128.0.0/12
@ -493,47 +522,38 @@
80.157.8.0/21
80.187.0.0/16
80.187.160.0/20
80.244.13.0/24
80.64.240.0/22
80.71.231.0/24
80.71.233.0/24
80.71.235.0/24
80.71.236.0/24
80.71.238.0/24
80.83.80.0/21
81.201.32.0/20
81.31.210.0/23
82.163.104.0/21
81.30.96.0/20
82.152.178.0/24
82.163.60.0/22
82.206.32.0/21
82.206.40.0/21
82.206.48.0/21
82.215.70.0/24
83.136.208.0/22
83.147.36.0/22
83.243.48.0/21
84.128.0.0/10
84.234.16.0/20
84.246.108.0/24
84.32.108.0/22
84.32.48.0/22
84.55.0.0/24
84.55.1.0/24
84.55.2.0/24
84.55.3.0/24
84.55.4.0/24
84.55.5.0/24
84.55.6.0/24
84.55.7.0/24
85.116.28.0/24
85.116.29.0/24
85.116.30.0/24
85.116.31.0/24
85.119.160.0/23
85.204.181.0/24
85.204.160.0/22
85.208.248.0/24
85.208.249.0/24
85.208.250.0/24
85.208.251.0/24
86.105.211.0/24
86.107.164.0/24
85.237.76.0/22
86.38.248.0/21
86.38.37.0/24
87.128.0.0/10
@ -544,40 +564,10 @@
88.216.60.0/22
89.116.64.0/22
89.213.186.0/23
89.39.97.0/24
89.35.127.0/24
89.43.34.0/24
91.0.0.0/10
91.103.240.0/21
91.124.135.0/24
91.124.19.0/24
91.124.20.0/24
91.124.21.0/24
91.124.22.0/24
91.124.23.0/24
91.124.24.0/24
91.124.26.0/24
91.124.27.0/24
91.124.28.0/24
91.124.31.0/24
91.124.32.0/24
91.124.33.0/24
91.124.34.0/24
91.124.36.0/24
91.124.37.0/24
91.124.38.0/24
91.124.39.0/24
91.124.40.0/24
91.124.41.0/24
91.124.42.0/24
91.124.43.0/24
91.124.44.0/24
91.124.45.0/24
91.124.46.0/24
91.124.47.0/24
91.124.50.0/24
91.124.51.0/24
91.124.6.0/24
91.124.7.0/24
91.189.192.0/21
91.194.232.0/23
91.198.113.0/24
@ -602,40 +592,19 @@
91.216.242.0/24
91.216.45.0/24
91.217.214.0/24
91.221.12.0/23
91.222.232.0/22
91.227.98.0/23
91.232.136.0/22
91.232.54.0/24
92.112.128.0/24
92.112.155.0/24
92.112.157.0/24
92.112.16.0/22
92.112.160.0/24
92.112.162.0/24
92.112.165.0/24
92.112.167.0/24
92.112.20.0/22
92.112.48.0/24
92.112.49.0/24
92.112.52.0/24
92.112.54.0/24
92.112.59.0/24
92.112.63.0/24
92.112.64.0/24
92.112.67.0/24
92.112.79.0/24
92.112.81.0/24
92.112.83.0/24
92.112.94.0/24
92.114.44.0/22
92.119.164.0/22
92.119.208.0/24
92.119.209.0/24
92.119.210.0/24
92.119.211.0/24
93.113.70.0/24
93.119.201.0/24
93.119.184.0/21
93.192.0.0/10
93.95.119.0/24
94.126.98.0/24
94.26.110.0/23
94.26.64.0/23
@ -651,6 +620,7 @@
2001:678:b38::/48
2001:678:bdc::/48
2001:678:d4c::/48
2001:678:e9c::/48
2001:678:ff0::/48
2001:67c:11a4::/48
2001:67c:14c4::/48
@ -671,7 +641,6 @@
2001:67c:b80::/48
2001:67c:c84::/48
2001:67c:c9c::/48
2001:67c:ec0::/48
2003:3c0::/28
2003:3e0::/28
2003:8:1800::/48
@ -694,8 +663,6 @@
2003::/19
2003::/20
2003::/23
2a00:5c60:3::/48
2a00:5c60:a::/48
2a00:6680::/46
2a01:598::/29
2a01:8fa0::/32
@ -727,11 +694,8 @@
2a0d:480::/29
2a0d:480::/30
2a0d:484::/30
2a0e:cbc4::/32
2a0e:cbc5::/32
2a0e:cbc6::/32
2a0e:cbc7::/32
2a0e:eb40::/32
2a0f:15c0::/32
2a10:cd80::/29
2a11:7400:d1::/48
2a12:6900:1000::/40

315
configs/as8881.txt
View file

@ -1,13 +1,19 @@
104.151.0.0/17
109.250.0.0/16
109.250.0.0/18
109.250.0.0/20
109.250.128.0/19
109.250.16.0/20
109.250.160.0/19
109.250.192.0/19
109.250.224.0/19
109.250.64.0/18
109.250.32.0/19
109.250.64.0/19
109.250.80.0/22
109.250.84.0/22
109.250.88.0/22
109.250.92.0/22
109.250.96.0/19
134.101.0.0/21
14.102.90.0/24
143.58.64.0/18
149.233.32.0/19
153.94.0.0/20
@ -29,7 +35,6 @@
185.151.201.0/24
185.151.203.0/24
185.158.48.0/22
185.187.122.0/24
185.199.205.0/24
185.235.232.0/22
185.8.230.0/23
@ -40,13 +45,13 @@
192.166.84.0/22
192.166.87.0/24
192.166.88.0/21
192.189.14.0/24
193.101.4.0/23
193.102.10.0/24
193.101.5.0/24
193.111.212.0/22
193.111.212.0/24
193.163.13.0/24
193.17.225.0/24
193.163.13.0/25
193.163.13.128/25
193.219.15.0/24
193.22.120.0/21
193.22.120.0/24
@ -87,7 +92,7 @@
194.127.144.0/21
194.127.203.0/24
194.139.55.0/24
194.145.218.0/23
194.145.230.0/24
194.156.216.0/21
194.156.232.0/23
194.156.233.0/24
@ -110,23 +115,24 @@
194.99.0.0/21
195.149.80.0/23
195.167.208.0/20
195.191.20.0/23
195.202.32.0/19
195.226.160.0/19
195.226.96.0/19
195.234.139.0/24
195.238.233.0/24
195.238.238.0/24
195.244.10.0/23
195.64.176.0/23
195.93.158.0/23
202.71.128.0/20
202.71.141.0/24
212.204.0.0/19
212.7.128.0/19
212.8.0.0/19
212.80.224.0/19
212.80.224.0/20
212.80.240.0/20
212.93.0.0/19
213.138.32.0/19
213.138.35.0/24
213.139.128.0/19
213.182.128.0/19
213.30.192.0/18
@ -143,155 +149,307 @@
45.13.15.0/24
46.142.0.0/16
46.142.0.0/19
46.142.112.0/20
46.142.128.0/19
46.142.160.0/19
46.142.194.0/24
46.142.214.0/24
46.142.224.0/19
46.142.32.0/19
46.142.32.0/20
46.142.48.0/20
46.142.64.0/19
46.142.96.0/19
46.142.96.0/20
46.189.0.0/17
46.189.116.0/24
61.8.128.0/19
61.8.128.0/22
61.8.132.0/22
61.8.136.0/22
61.8.144.0/22
61.8.152.0/22
61.8.156.0/24
61.8.157.0/24
62.214.0.0/16
62.214.213.0/24
62.214.224.0/19
62.217.32.0/19
62.220.0.0/19
62.68.82.0/24
62.72.64.0/19
62.72.70.0/24
62.72.88.0/22
62.72.92.0/23
62.72.94.0/24
77.74.136.0/21
77.87.190.0/24
80.241.192.0/20
80.242.160.0/19
82.119.160.0/19
82.140.0.0/18
82.140.48.0/20
82.140.2.0/23
82.140.2.0/24
82.140.3.0/24
82.140.48.0/21
82.144.32.0/19
82.144.34.0/24
82.144.35.0/24
82.144.36.0/24
82.144.37.0/24
82.145.0.0/19
82.194.96.0/19
82.207.128.0/17
82.207.192.0/19
82.207.224.0/21
82.207.232.0/22
82.207.236.0/24
82.207.240.0/20
82.207.244.0/24
82.207.245.0/24
82.207.246.0/24
82.207.247.0/24
82.207.248.0/24
82.207.249.0/24
82.207.250.0/24
82.207.251.0/24
82.207.252.0/24
82.207.253.0/24
82.207.254.0/24
82.207.255.0/24
83.135.0.0/16
83.135.0.0/20
83.135.0.0/22
83.135.112.0/20
83.135.128.0/19
83.135.16.0/22
83.135.160.0/21
83.135.164.0/22
83.135.168.0/21
83.135.176.0/22
83.135.180.0/22
83.135.184.0/21
83.135.192.0/20
83.135.20.0/24
83.135.208.0/20
83.135.21.0/24
83.135.22.0/24
83.135.224.0/22
83.135.23.0/24
83.135.230.0/23
83.135.232.0/21
83.135.24.0/24
83.135.240.0/22
83.135.244.0/24
83.135.245.0/24
83.135.248.0/24
83.135.249.0/24
83.135.25.0/24
83.135.250.0/24
83.135.251.0/24
83.135.252.0/24
83.135.253.0/24
83.135.254.0/24
83.135.255.0/24
83.135.26.0/24
83.135.27.0/24
83.135.28.0/24
83.135.29.0/24
83.135.30.0/24
83.135.31.0/24
83.135.32.0/19
83.135.4.0/22
83.135.64.0/19
83.135.8.0/21
83.135.96.0/20
84.19.192.0/19
84.19.192.0/20
84.19.208.0/20
87.122.0.0/15
87.122.0.0/16
87.122.0.0/20
87.122.128.0/21
87.122.136.0/22
87.122.144.0/20
87.122.16.0/20
87.122.160.0/20
87.122.176.0/21
87.122.184.0/24
87.122.185.0/24
87.122.186.0/24
87.122.187.0/24
87.122.188.0/24
87.122.189.0/24
87.122.190.0/24
87.122.191.0/24
87.122.192.0/19
87.122.224.0/19
87.122.32.0/19
87.122.64.0/19
87.122.96.0/19
87.123.0.0/16
87.123.0.0/19
87.123.112.0/20
87.123.128.0/19
87.123.160.0/20
87.123.176.0/20
87.123.194.0/24
87.123.196.0/24
87.123.203.0/24
87.123.192.0/20
87.123.208.0/22
87.123.216.0/21
87.123.224.0/20
87.123.240.0/21
87.123.240.0/22
87.123.244.0/22
87.123.248.0/22
87.123.252.0/24
87.123.253.0/24
87.123.254.0/24
87.123.255.0/24
87.123.32.0/19
87.123.64.0/20
87.123.80.0/20
87.123.96.0/19
87.123.96.0/20
88.130.0.0/16
88.130.0.0/19
88.130.130.0/23
88.130.132.0/22
88.130.136.0/21
88.130.144.0/20
88.130.144.0/21
88.130.152.0/24
88.130.153.0/24
88.130.154.0/24
88.130.155.0/24
88.130.156.0/22
88.130.156.0/24
88.130.157.0/24
88.130.158.0/24
88.130.159.0/24
88.130.160.0/21
88.130.172.0/22
88.130.176.0/21
88.130.192.0/23
88.130.194.0/23
88.130.180.0/24
88.130.181.0/24
88.130.182.0/24
88.130.183.0/24
88.130.184.0/24
88.130.185.0/24
88.130.186.0/24
88.130.187.0/24
88.130.188.0/24
88.130.189.0/24
88.130.190.0/24
88.130.191.0/24
88.130.192.0/21
88.130.200.0/21
88.130.208.0/21
88.130.216.0/21
88.130.216.0/22
88.130.220.0/24
88.130.221.0/24
88.130.222.0/24
88.130.223.0/24
88.130.32.0/20
88.130.48.0/24
88.130.49.0/24
88.130.50.0/24
88.130.51.0/24
88.130.52.0/24
88.130.53.0/24
88.130.54.0/23
88.130.54.0/24
88.130.55.0/24
88.130.56.0/24
88.130.57.0/24
88.130.58.0/24
88.130.59.0/24
88.130.60.0/24
88.130.61.0/24
88.130.62.0/24
88.130.63.0/24
88.130.64.0/19
88.130.96.0/19
89.207.200.0/21
89.244.0.0/14
89.244.0.0/16
89.244.112.0/21
89.244.120.0/21
89.244.120.0/22
89.244.124.0/24
89.244.126.0/24
89.244.127.0/24
89.244.160.0/21
89.244.164.0/22
89.244.168.0/21
89.244.176.0/20
89.244.192.0/19
89.244.224.0/20
89.244.76.0/24
89.244.78.0/23
89.244.240.0/20
89.244.64.0/21
89.244.72.0/22
89.244.80.0/20
89.244.96.0/22
89.244.96.0/20
89.245.0.0/16
89.245.0.0/20
89.245.112.0/20
89.245.158.0/24
89.245.159.0/24
89.245.16.0/20
89.245.160.0/20
89.245.176.0/21
89.245.184.0/24
89.245.185.0/24
89.245.186.0/24
89.245.187.0/24
89.245.188.0/24
89.245.189.0/24
89.245.190.0/24
89.245.191.0/24
89.245.192.0/19
89.245.224.0/19
89.245.32.0/19
89.245.64.0/19
89.245.32.0/20
89.245.64.0/20
89.245.80.0/20
89.245.96.0/20
89.246.0.0/16
89.246.0.0/19
89.246.104.0/23
89.246.106.0/24
89.246.107.0/24
89.246.108.0/24
89.246.109.0/24
89.246.110.0/24
89.246.111.0/24
89.246.112.0/22
89.246.116.0/22
89.246.120.0/24
89.246.121.0/24
89.246.122.0/24
89.246.123.0/24
89.246.124.0/22
89.246.160.0/20
89.246.160.0/21
89.246.176.0/22
89.246.180.0/22
89.246.184.0/21
89.246.192.0/19
89.246.32.0/19
89.246.32.0/20
89.246.48.0/21
89.246.56.0/21
89.246.96.0/21
89.247.0.0/16
89.247.0.0/19
89.247.112.0/21
89.247.112.0/22
89.247.120.0/22
89.247.124.0/24
89.247.125.0/24
89.247.126.0/24
89.247.127.0/24
89.247.144.0/20
89.247.160.0/20
89.247.179.0/24
89.247.192.0/20
89.247.208.0/21
89.247.216.0/22
89.247.228.0/22
89.247.224.0/21
89.247.232.0/21
89.247.232.0/22
89.247.236.0/22
89.247.252.0/22
89.247.240.0/21
89.247.240.0/22
89.247.252.0/24
89.247.253.0/24
89.247.254.0/24
89.247.255.0/24
89.247.32.0/19
89.247.32.0/20
89.247.64.0/20
89.247.80.0/20
89.247.96.0/20
89.27.128.0/17
89.27.153.0/24
91.194.180.0/23
91.198.67.0/24
91.199.158.0/24
@ -310,7 +468,8 @@
92.116.120.0/21
92.116.128.0/18
92.116.16.0/20
92.116.192.0/18
92.116.192.0/19
92.116.224.0/19
92.116.32.0/19
92.116.64.0/18
92.116.96.0/19
@ -324,34 +483,67 @@
92.117.240.0/21
92.117.248.0/21
92.117.64.0/19
92.117.96.0/19
94.134.0.0/15
94.134.0.0/18
94.134.112.0/22
94.134.100.0/22
94.134.112.0/21
94.134.120.0/24
94.134.121.0/24
94.134.122.0/24
94.134.123.0/24
94.134.124.0/24
94.134.125.0/24
94.134.126.0/24
94.134.127.0/24
94.134.128.0/20
94.134.144.0/20
94.134.160.0/21
94.134.168.0/22
94.134.172.0/22
94.134.176.0/20
94.134.176.0/21
94.134.192.0/22
94.134.192.0/20
94.134.208.0/21
94.134.216.0/21
94.134.64.0/22
94.134.68.0/22
94.134.224.0/19
94.134.64.0/20
94.134.80.0/22
94.134.88.0/22
94.134.94.0/23
94.134.84.0/24
94.134.85.0/24
94.134.86.0/24
94.134.87.0/24
94.134.88.0/24
94.134.89.0/24
94.134.90.0/24
94.134.91.0/24
94.134.92.0/24
94.134.93.0/24
94.134.94.0/24
94.134.95.0/24
94.134.96.0/20
94.134.96.0/22
2001:1438:1000::/36
2001:1438:1:100::/56
2001:1438:1:200::/56
2001:1438:1:300::/56
2001:1438:1:400::/56
2001:1438:1:900::/56
2001:1438:1:a00::/56
2001:1438:2000::/36
2001:1438:3000::/36
2001:1438:4000::/36
2001:1438::/32
2001:1438:f000::/36
2001:1438:fff:10::/64
2001:1438:fff:11::/64
2001:1438:fff:12::/64
2001:1438:fff:3::/64
2001:1438:fff:4::/64
2001:1438:fff:5::/64
2001:1438:fff:6::/64
2001:1438:fff:7::/64
2001:1438:fff:8::/64
2001:1438:fff:9::/64
2001:1438:fff:a::/64
2001:1438:fff:b::/64
2001:1438:fff:c::/64
2001:1438:fff:d::/64
2001:1438:fff:e::/64
2001:1438:fff:f::/64
2001:16b8:1000::/40
2001:16b8:100::/40
2001:16b8:1100::/40
@ -401,14 +593,12 @@
2001:16b8:a000::/35
2001:16b8:a00::/40
2001:16b8:b00::/40
2001:16b8:c000::/35
2001:678:c74::/48
2001:67c:27ac::/48
2001:67c:2878::/48
2001:67c:2e8c::/48
2001:67c:660::/48
2001:67c:888::/48
2001:67c:ed8::/48
2001:7b0::/32
2001:9e8:2000::/35
2001:9e8:4000::/35
@ -425,11 +615,10 @@
2a00:fb8:4000::/35
2a00:fb8:6000::/35
2a00:fb8::/29
2a00:fb8::/32
2a00:fb8::/35
2a03:3fc0:2000::/48
2a07:9400::/29
2a0a:ed40::/29
2a0b:9e80:1000::/36
2a0d:240::/29
2a0d:ad00::/29
2a11:d00::/32

98
data/apt/files/gpg-keys/grafana.asc
View file

@ -1,46 +1,4 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQENBFiHXVIBCADr3VDEAGpq9Sg/xrPVu1GGqWGXdbnTbbNKeveCtFHZz7/GSATW
iwiY1skvlAOBiIKCqJEji0rZZgd8WxuhdfugiCBk1hDTMWCpjI0P+YymV77jHjYB
jHrKNlhb+aLjEd9Gf2EtbKUT1fvGUkzlVrcRGSX/XR9MBZlgja7NIyuVbn3uwZQ4
jflWSNSlvMpohNxTFkrBFTRrCJXhbDLfCS46+so22CP3+1VQyqJ7/6RWK9v9KYdS
AVNgILXMggSrMqha4WA1a/ktczVQXNtP8IuPxTdp9pNYsklOTmrFVeq3mXsvWh9Q
lIhpYHIZlTZ5wVBq4wTRchsXC5MubIhz+ASDABEBAAG0GkdyYWZhbmEgPGluZm9A
Z3JhZmFuYS5jb20+iQE4BBMBAgAiBQJYh11SAhsDBgsJCAcDAgYVCAIJCgsEFgID
AQIeAQIXgAAKCRCMjDTFJAmMthxJB/9Id6JrwqRkJW+eSBb71FGQmRsJvNFR8J+3
NPVhJNkTFFOM7TnjAMUIv+LYEURqGcceTNAN1aHq/7n/8ybXucCS0CnDYyNYpyVs
tWJ3FOQK3jPrmziDCWPQATqMM/Z2auXVFWrDFqfh2xKZNjuix0w2nyuWB8U0CG2U
89w+ksPJblGGU5xLPPzDQoAqyZXY3gpGGTkCuohMq2RWYbp/QJSQagYhQkKZoJhr
XJlnw4At6R1A5UUPzDw6WJqMRkGrkieE6ApIgf1vZSmnLRpXkqquRTAEyGT8Pugg
ee6YkD19/LK6ED6gn32StY770U9ti560U7oRjrOPK/Kjp4+qBtkQuQENBFiHXVIB
CACz4hO1g/4fKO9QWLcbSWpB75lbNgt1kHXP0UcW8TE0DIgqrifod09lC85adIz0
zdhs+00lLqckM5wNbp2r+pd5rRaxOsMw2V+c/y1Pt3qZxupmPc5l5lL6jzbEVR9g
ygPaE+iabTk9Np2OZQ7Qv5gIDzivqK2mRHXaHTzoQn2dA/3xpFcxnen9dvu7LCpA
CdScSj9/UIRKk9PHIgr2RJhcjzLx0u1PxN9MEqfIsIJUUgZOoDsr8oCs44PGGIMm
cK1CKALLLiC4ZM58B56jRyXo18MqB6VYsC1X9wkcIs72thL3tThXO70oDGcoXzoo
ywAHBH63EzEyduInOhecDIKlABEBAAGJAR8EGAECAAkFAliHXVICGwwACgkQjIw0
xSQJjLbWSwf/VIM5wEFBY4QLGUAfqfjDyfGXpcha58Y24Vv3n6MwJqnCIbTAaeWf
30CZ/wHg3NNIMB7I31vgmMOEbHQdv0LPTi9TG205VQeehcpNtZRZQ0D8TIetbxyi
Emmn9osig9U3/7jaAWBabE/9bGx4TF3eLlEH9wmFrNYeXvgRqmyqVoqhIMCNAAOY
REYyHyy9mzr9ywkwl0aroBqhzKIPyFlatZy9oRKllY/CCKO9RJy4DZidLphuwzqU
ymdQ1sqe5nKvwG5GvcncPc3O7LMevDBWnpNNkgERnVxCqpm90TuE3ONbirnU4+/S
tUsVU1DERc1fjOCnAm4pKIlNYphISIE7OQ==
=0pMC
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate
iQE2BCABCgAgFiEETkDd9tduKEpKZ4DkjIw0xSQJjLYFAmO9q0cCHQIACgkQjIw0
xSQJjLarJAf+JJU0CHTMSSs5WH6ohVy54HN+ev7p7vfcgvvFBAWZLTLrG5+eFUH0
w0m9KegxAs+H/H/68ld1jY/P62fvkOR7WCWQ7HH+8ClKLwuWS4DpOHK9IOkHDK0w
0pVJ6NBiwhv8/B7EmiBf9zndjMtYa/wf8JZYVOXb0XE0L+Ec0WZSRZH+/WGA1E1s
MSgPwqDF7RKXDCJ65elYxi9CPZvXhj6RVldn/aRuHf5/SCDE/HmnDB9+v6ReEsWV
r/Xis2J0pWphpF/xtYxGf+Iy5fAHwDd4z9uKs9mBHSR0aDisuAW/eHF6KvBzQ7y0
Yf3KxEyDvLwuAA5NBi7Xsd2wSKdfBGUGcQ==
=KTb+
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGO4aiUBDAC82zo3vUyQH3yTCabQ7ZpospBg/xXBbJWbQNksIbEP/+I12CjB
zac1QcMFd27MJlyXpsTqqSo1ZHOisNy0Tmyl/WlqMyoMeChg+LmIHLNbvAK0jPOX
@ -81,59 +39,3 @@ Fj8eP2CocfRC+Lqv0azQwyEVMkYSMKoFbhXmjiBZn9JxblndKnVbByA1/nMAa0Q7
HTJC50jDJfpM9d1xQW/W5LBSQjd3czM6zlRXsliX
=lSMJ
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate
iQG2BCABCAAgFiEEDiLriOOeEid6d2CunkObECzzwMYFAmO4amECHQAACgkQnkOb
ECzzwMYiDQv/bbRnEhrFhr5XyA2vnu6nTZezbMwArC/ZwtFxtnj2iAwGZYY/pbPx
L8cHTpvK99I6J02SBHpmzthwHSindddPjuuQENdqH/TDlGvPH/mECJVTN9/kpjlg
HtO0MVKAKyXGbij7fR8prfPMRqOFbo4Rn9nQZZ/eY9KwkKVKxKHymppNbUbvv1qQ
NGfOi2QWkF+T8dbihbJHJgYpPb7uEmJ2EOX0KHu9nlYGX4jxtql+M3yeOi3juaXH
hLFWqVn3FkQW7N4IV+bVTkYcxQg01rWqY/h7BvL88AiMoiUXhOvE5iAS4sJe+EVB
bDfRaLr1Ju1CXYm5B+Q9b2pU0SWAbBNlVxYGs+NOeBh9YzwdGTFW2l/S/VLLv0bE
hBYuLwOIs0BqrL4TWwlB1ucEikg+r3O7OZL8Dnw0mnBVBmQxKhl1p8dLcYtylG3B
aEIbN6wHQe03xYvAmaHDdG0kjPiwhOlpZ+YU3ux8F2YnENXm9J+25GMyTXqybKQl
ltTE4hHgRH2v
=n71X
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGTnhmkBDADUE+SzjRRyitIm1siGxiHlIlnn6KO4C4GfEuV+PNzqxvwYO+1r
mcKlGDU0ugo8ohXruAOC77Kwc4keVGNU89BeHvrYbIftz/yxEneuPsCbGnbDMIyC
k44UOetRtV9/59Gj5YjNqnsZCr+e5D/JfrHUJTTwKLv88A9eHKxskrlZr7Un7j3i
Ef3NChlOh2Zk9Wfk8IhAqMMTferU4iTIhQk+5fanShtXIuzBaxU3lkzFSG7VuAH4
CBLPWitKRMn5oqXUE0FZbRYL/6Qz0Gt6YCJsZbaQ3Am7FCwWCp9+ZHbR9yU+bkK0
Dts4PNx4Wr9CktHIvbypT4Lk2oJEPWjcCJQHqpPQZXbnclXRlK5Ea0NVpaQdGK+v
JS4HGxFFjSkvTKAZYgwOk93qlpFeDML3TuSgWxuw4NIDitvewudnaWzfl9tDIoVS
Bb16nwJ8bMDzovC/RBE14rRKYtMLmBsRzGYHWd0NnX+FitAS9uURHuFxghv9GFPh
eTaXvc4glM94HBUAEQEAAbQmR3JhZmFuYSBMYWJzIDxlbmdpbmVlcmluZ0BncmFm
YW5hLmNvbT6JAdQEEwEKAD4WIQS1Oud7rbYwpoMEYAWWP6J3EEWFRQUCZOeGaQIb
AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCWP6J3EEWFRUiADACa
i+xytv2keEFJWjXNnFAx6/obnHRcXOI3w6nH/zL8gNI7YN5jcdQT2NYvKVYTb3fW
GuMsjHWgat5Gq3AtJrOKABpZ6qeYNPk0Axn/dKtOTwXjZ4pKX3bbUYvVfs0fCEZv
B0HHIj2wI9kgMpoTrkj22LE8layZTPOoQ+3/FbLzS8hN3CYZj25mHN7bpZq8EbV3
8FW9EU0HM0tg6CvoxkRiVqAuAC0KnVIZAdhD4dlYKuncq64nMvT1A5wxSYbnE+uf
mnWQQhhS6BOwRqN054yw1FrWNDFsvnOSHmr8dIiriv+aZYvx5JQFJ7oZP3LwdYyg
ocQcAJA8HFTIk3P6uJiIF/zdDzocgdKs+IYDoId0hxX7sGCvqdrsveq8n3m7uQiN
7FvSiV0eXIdV4F7340kc8EKiYwpuYSaZX0UWKLenzlUvD+W4pZCWtoXzPsW7PKUt
q1xdW0+NY+AGLCvSJCc5F4S5kFCObfBAYBbldjwwJFocdq/YOvvWYTPyV7kJeJS5
AY0EZOeGaQEMALNIFUricEIwtZiX7vSDjwxobbqPKqzdek8x3ud0CyYlrbGHy0k+
FDEXstjJQQ1s9rjJSu3sv5wyg9GDAUH3nzO976n/ZZvKPti3p2XU2UFx5gYkaaFV
D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu
8JvvSq9xbsK9CfoQDkIcoQOixPuI4P7eHtswCeYR/1LUTWEnYQWsBCf57cEpzR6t
7mlQnzQo9z4i/kp4S0ybDB77wnn+isMADOS+/VpXO+M7Zj5tpfJ6PkKch3SGXdUy
3zht8luFOYpJr2lVzp7n3NwB4zW08RptTzTgFAaW/NH2JjYI+rDvQm4jNs08Dtsp
nm4OQvBA9Df/6qwMEOZ9i10ixqk+55UpQFJ3nf4uKlSUM7bKXXVcD/odq804Y/K4
y3csE059YVIyaPexEvYSYlHE2odJWRg2Q1VehmrOSC8Qps3xpU7dTHXD74ZpaYbr
haViRS5v/lCsiwARAQABiQG8BBgBCgAmFiEEtTrne622MKaDBGAFlj+idxBFhUUF
AmTnhmkCGwwFCQPCZwAACgkQlj+idxBFhUUNbQv8DCcfi3GbWfvp9pfY0EJuoFJX
LNgci7z7smXq7aqDp2huYQ+MulnPAydjRCVW2fkHItF2Ks6l+2/8t5Xz0eesGxST
xTyR31ARENMXaq78Lq+itZ+usOSDNuwJcEmJM6CceNMLs4uFkX2GRYhchkry7P0C
lkLxUTiB43ooi+CqILtlNxH7kM1O4Ncs6UGZMXf2IiG9s3JDCsYVPkC5QDMOPkTy
2ZriF56uPerlJveF0dC61RZ6RlM3iSJ9Fwvea0Oy4rwkCcs5SHuwoDTFyxiyz0QC
9iqi3fG3iSbLvY9UtJ6X+BtDqdXLAT9Pq527mukPP3LwpEqFVyNQKnGLdLOu2YXc
TWWWseSQkHRzBmjD18KTD74mg4aXxEabyT4snrXpi5+UGLT4KXGV5syQO6Lc0OGw
9O/0qAIU+YW7ojbKv8fr+NB31TGhGYWASjYlN1NvPotRAK6339O0/Rqr9xGgy3AY
SR+ic2Y610IM7xccKuTVAW9UofKQwJZChqae9VVZ
=J9CI
-----END PGP PUBLIC KEY BLOCK-----

74
data/proftpd/files/home.paperless.conf
View file

@ -1,74 +0,0 @@
Include /etc/proftpd/modules.conf
UseIPv6 on
<IfModule mod_ident.c>
IdentLookups off
</IfModule>
ServerName "home.paperless"
ServerType standalone
DeferWelcome off
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
RequireValidShell off
Port 21
PassivePorts 49152 50192
MaxInstances 30
User proftpd
Group nogroup
Umask 022 022
AllowOverwrite on
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
<Anonymous /mnt/paperless/consume/>
User nobody
Group nogroup
UserAlias anonymous ftp
<Directory *>
AllowAll
</Directory>
</Anonymous>

34
data/ssl/_.home.kunbox.net.crt.pem
View file

@ -1,22 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDsDCCAzWgAwIBAgISBIi3muU9O51f4fWWUXJHNgRHMAoGCCqGSM49BAMDMDIx
MIIDsDCCAzWgAwIBAgISBMRgrLMPa1cucom1daU3fmCaMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NjAeFw0yNDA5MDQxNjA1MThaFw0yNDEyMDMxNjA1MTdaMBoxGDAWBgNVBAMTD2hv
bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABA5vskMN8tWHCOsv
aUojW+t8otSpRgcU0tLsONhzQ7GhG5tC5DQ5pN7HiG14eejONQE4hRWC4rkP/e47
EVQd/rFK5m0lQesR68zogtW9KfQZUoINhlOuR4CxpBY1LrG5laOCAiQwggIgMA4G
NTAeFw0yNDA2MTExNDQyMzdaFw0yNDA5MDkxNDQyMzZaMBoxGDAWBgNVBAMTD2hv
bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABGlCPITmq729xoLb
DkSn6SYxnP7Mns9dBSqUv1WktnYjwbavlbXKN3Bz0yCGcXSCZA+Nq576DBK9L9X6
tTeIvqG1akyNxY+1eDK3vhH4FKmZE6oOyh1jqfG2LY7dvLYCQKOCAiQwggIgMA4G
A1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQU3iCazGKeVwzCa84zl+qckbspEmEwHwYDVR0j
BBgwFoAUkydGmAOpUWiOmNbEQkjbI79YlNIwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vZTYuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9lNi5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC
VR0TAQH/BAIwADAdBgNVHQ4EFgQUt6i+27R0AAj+AUgSNg3Gmm5GzLYwHwYDVR0j
BBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vZTUuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9lNS5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC
D2hvbWUua3VuYm94Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRu
AAABkb3+C2AAAAQDAEcwRQIhAMwv6NjH3Ggd1WfeSVvyToVaM15glwfSJcAW8+40
XbCKAiABUoDmQjhKi5VfwZ7e0WX5XjEmgBN2qTafK5RqlaCDJgB2AO7N0GTV2xrO
xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABkb3+C3IAAAQDAEcwRQIgU9sxMGOG
aP3npu7vw3G9TiFRxuZRCI96My34WVSCOcsCIQDhDjS9QhJGtNT68Z0sx6DJCcco
L1AXGWwojxizcx48bTAKBggqhkjOPQQDAwNpADBmAjEA/SOZeiZrClB5EJlZFdQy
hrt2qh4HC5zvHdSLTWI4GAxDy8xRg/ANO6fp0Sb7Q7jdAjEAhiQgQfgUln08i/tv
3TGjVRIT/Y4A4QadodTROpfmFDH3QIsNwRPRhQUUSscBavK9
1nkCBAIEgfUEgfIA8AB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb
AAABkAf3K9YAAAQDAEcwRQIhAPFpuj8ZoOmqhDNJDSuJ3BWyUuOUyY2QXjIVRHop
dKyPAiAa2cwsyBFOjWOEYRCZ/7UgBA5axt8ZCrRYseefFwpvSQB2AN/hVuuqBa+1
nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABkAf3LJ8AAAQDAEcwRQIhAL9+dxTj
34moGhk32PnQZg2+nVNiVxLxYjDL9fk1R+bXAiAA7EjWqcZgktinTpt1pVQMmuUn
FQ1IRh5AdycNn0lL2jAKBggqhkjOPQQDAwNpADBmAjEAubnofDBEyrcSJAiGxlqc
EpUndlnkT/irfl/As8EUt0KMSPhnV3i7oEq89bi0KDghAjEA+XHccaWUi7BJEoV7
nCUOCct64mb2LmXkvYiFVicsV9ubp4kVbziWjLgng6TC3HoM
-----END CERTIFICATE-----

36
data/ssl/_.home.kunbox.net.crt_intermediate.pem
View file

@ -1,27 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
Ig46v9mFmBvyH04=
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

2
data/ssl/_.home.kunbox.net.key.pem.vault
View file

@ -1 +1 @@
encrypt$gAAAAABm2JL0vVqh3Zut-a1Gfn8iOtDZS8aBpGobV3-d3u8My0MPunYmbQ6kXUAw7U0Bu87AAPXNsmi1pxrxcu8vXvhw4uM445WwKj-UqaV5fmk-ZasHGq-O6K52YqEgK6wo-9u_sOBubbwJSwFVaHxT3gczLW_GVRHhFIFGgdnRlz4YoAz4NXcos_uNO9GMEOGhfGx9e2c2GOIg64vXkj_1LjXEDoV9HYMzy-2wLt4A6q-ZiZwCoKl8-lt8sY_rLk_yfmy3sMvzqg8JaE7T4sunmXDdf4HQlnvl_cu1uW33Rrsq4-080HKx6rKNsZQGhWD2yls016xBAYZvQbDjHd6-7bld1bs5RUF5tfEC3Kx567TBdMaf5C7-PnNB7O_MC4I6SkmUElGRdYyCHuP5HXf9dKtiGCtjHyfEzqTBrcI0xPt631_IGPWMNId7zyLqfLHpMFTPS9jgGVKoT1TXwKe4NSHaGxXO-A==
encrypt$gAAAAABmaHBwHXKZDN_8bEa47lNIX25-wvvW1RcC689Hod4HAsY2tT6fd9k7zdnbK8KWedRNopdRIlhQUkU0xBVh5J5maiYfn5R8Kp_VpkXiWY0LVY3XMWjB4oHmU29VEbl490oesAhUUH6hb7lwfvsbV4WTM_7aL0_sPfF1udxO89gg-9z2nbl-7zmTdSBY651fZQngd4SlwK17N1fedkHgYamGLdgE10oPZiRsOJKrUGv-Pxi4ICQ7J_AF6bO05PyZkeNqqUP19g2f5EsKNnT0bxQHCP5sbofvYzli-fU2bW-leuvm-VU8lV27t39lQZyF-WcWnB7626w0semrg7cCJ4qoHJVekEFWzJBLhagSNdCDWHAwdV2_MHzSgbXvyXz0maga8-1wBoa8Ueinp2oPQMPaUsVzy6NVX7mAsB6Rw9CXDSEf8WPSKWaz7324qhxKmhMHt0r68z0qM28mHb98F_vbS6geCw==

3
groups/locations.py
View file

@ -68,9 +68,6 @@ groups['sophie'] = {
'icinga_options': {
'exclude_from_monitoring': True,
},
'backup-client': {
'target': 'htz-hel.backup-sohpie',
},
'users': {
'sophie': {},
},

2
libs/s2s.py
View file

@ -17,7 +17,7 @@ WG_AUTOGEN_NODES = [
'home.router',
'htz-cloud.wireguard',
'icinga2',
None, # daisy
'daisy',
]
WG_AUTOGEN_SETTINGS = {

16
nodes/carlene.toml
View file

@ -40,7 +40,7 @@ imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
[metadata.element-web]
url = "chat.franzi.business"
version = "v1.11.77"
version = "v1.11.71"
[metadata.element-web.config]
default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business"
default_server_config.'m.homeserver'.server_name = "franzi.business"
@ -49,8 +49,8 @@ defaultCountryCode = "DE"
jitsi.preferredDomain = "meet.ffmuc.net"
[metadata.forgejo]
version = "8.0.3"
sha1 = "a19aa24f26c1ff5a38cf12619b6a6064242d0cf2"
version = "7.0.5"
sha1 = "8dc0526cdd886d5bc96ce96841202c2800029e68"
domain = "git.franzi.business"
enable_git_hooks = true
install_ssh_key = true
@ -59,7 +59,7 @@ lfs_secret_key = "!decrypt:encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76kl
oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz"
security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4="
[metadata.interfaces.'eno*']
[metadata.interfaces.eno2]
ips = [
"193.135.9.29/24",
"2a0a:51c0:0:225::2/64",
@ -70,9 +70,9 @@ gateway6 = "2a0a:51c0:0:225::1"
[metadata.matrix-media-repo]
admins = ["@kunsi:franzi.business"]
datastore_id = "3fff5da324ed784c771d638bb6be5917"
sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59"
upload_max_mb = 500
version = "v1.3.7"
version = "v1.3.6"
[metadata.matrix-media-repo.homeservers.'franzi.business']
api = "synapse"
domain = "http://[::1]:20080/"
@ -126,7 +126,7 @@ domain = "rss.franzi.business"
[metadata.netbox]
domain = "netbox.franzi.business"
version = "v4.1.1"
version = "v4.0.7"
admins.kunsi = "hostmaster@kunbox.net"
[metadata.nextcloud]
@ -256,7 +256,7 @@ disks = [
]
[metadata.travelynx]
version = "2.8.39"
version = "2.7.7"
mail_from = "travelynx@franzi.business"
domain = "travelynx.franzi.business"

23
nodes/daisy.toml Normal file
View file

@ -0,0 +1,23 @@
hostname = "2a11:f2c0:3:4::120"
bundles = [
"bird",
"wireguard",
]
groups = [
"debian-bookworm",
]
[metadata]
location = "glauca"
nameservers = [
"2606:4700::1111",
"2606:4700:4700::1001",
]
backups.exclude_from_backups = true
icinga_options.period = "daytime"
[metadata.interfaces.ens18]
ips = [
"2a11:f2c0:3:4::120/64",
]
gateway6 = "fe80::220:91ff:fe45:e19e"

9
nodes/home.appletv-wohnzimmer.toml
View file

@ -1,9 +0,0 @@
dummy = true
[metadata.interfaces.default]
ips = ["172.19.138.73"]
dhcp = true
mac = "c0:95:6d:5e:82:47"
[metadata.icinga_options]
exclude_from_monitoring = true

2
nodes/home.encoder96.toml → nodes/home.ejgwdesk.toml
View file

@ -3,7 +3,7 @@ dummy = true
[metadata.interfaces.default]
ips = ["172.19.138.99"]
dhcp = true
mac = "6c:4b:90:5c:e3:6d"
mac = "54:04:A6:EF:A8:01"
[metadata.icinga_options]
exclude_from_monitoring = true

9
nodes/home.fujitsu-n7100.toml
View file

@ -1,9 +0,0 @@
dummy = true
[metadata.interfaces.default]
ips = ["172.19.138.75"]
dhcp = true
mac = "00:01:29:59:a9:8c"
[metadata.icinga_options]
exclude_from_monitoring = true

7
nodes/home.r630.toml
View file

@ -11,13 +11,6 @@ ips = [
gateway4 = "172.19.138.1"
ipv6_accept_ra = true
[metadata.nftable.forward]
50-local-forward = [
'ct state { related, established } accept',
'iifname eno3 accept',
'ip6 nexthdr ipv6-icmp accept',
]
[metadata.users.molly]
password = "!decrypt:dummy$no"

130
nodes/home/nas.py
View file

@ -11,7 +11,7 @@ nodes['home.nas'] = {
'mosquitto',
'nfs-server',
'rsyslogd',
'samba',
'scansnap',
'smartd',
'vmhost',
'zfs',
@ -67,22 +67,6 @@ nodes['home.nas'] = {
'/storage/nas/normen',
},
},
'dm-crypt': {
'encrypted-devices': {
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K': {
'dm-name': 'sam-S5SSNJ0X409404K',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409404K'),
},
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F': {
'dm-name': 'sam-S5SSNJ0X409845F',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409845F'),
},
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J': {
'dm-name': 'sam-S5SSNJ0X409870J',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409870J'),
},
},
},
'groups': {
'nas': {},
},
@ -112,6 +96,11 @@ nodes['home.nas'] = {
},
},
},
'jellyfin': {
'restrict-to': {
'home.lgtv-wohnzimmer',
},
},
'mixcloud-downloader': {
'netrc': {
'soundcloud': {
@ -160,6 +149,9 @@ nodes['home.nas'] = {
'/srv/paperless': {
'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
},
'/srv/scansnap': {
'172.19.138.0/24': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
},
},
},
'nginx': {
@ -175,25 +167,13 @@ nodes['home.nas'] = {
'home',
},
},
'samba': {
'shares': {
'music': {
'path': '/storage/nas/Musik',
'force_group': 'nas',
},
},
'restrict-to': {
'172.19.138.0/24',
},
},
'smartd': {
'disks': {
'/dev/nvme0',
# encrypted disks
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K',
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F',
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J',
# ZFS cache disks
#'/dev/disk/by-id/ata-TS64GSSD370_B807810503',
#'/dev/disk/by-id/ata-TS64GSSD370_B807810527',
},
},
'systemd-networkd': {
@ -208,11 +188,6 @@ nodes['home.nas'] = {
'br0.1138',
},
},
'br1139': {
'match': {
'br0.1139',
},
},
},
},
'systemd-timers': {
@ -262,49 +237,26 @@ nodes['home.nas'] = {
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
},
},
# {
# 'type': 'log',
# 'devices': {
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part1',
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part1',
# },
# },
# {
# 'type': 'cache',
# 'devices': {
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part2',
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part2',
# },
# },
],
'ashift': 12,
},
},
'encrypted': {
'when_creating': {
'config': [
{
'type': 'raidz',
'devices': {
'/dev/mapper/sam-S5SSNJ0X409404K',
'/dev/mapper/sam-S5SSNJ0X409845F',
'/dev/mapper/sam-S5SSNJ0X409870J',
},
},
],
'ashift': 12,
},
'needs': {
'action:dm-crypt_open_sam-S5SSNJ0X409404K',
'action:dm-crypt_open_sam-S5SSNJ0X409845F',
'action:dm-crypt_open_sam-S5SSNJ0X409870J',
},
# see comment in bundle:backup-server
'unless': 'zpool import encrypted',
},
},
'datasets': {
'encrypted': {
'primarycache': 'metadata',
},
'encrypted/download': {
'mountpoint': '/media/download',
},
'encrypted/nas': {
'acltype': 'off',
'atime': 'off',
'compression': 'off',
'mountpoint': '/media/nas',
},
'encrypted/paperless': {
'mountpoint': '/media/paperless',
},
'storage': {
'primarycache': 'metadata',
},
@ -314,6 +266,10 @@ nodes['home.nas'] = {
'storage/download': {
'mountpoint': '/storage/download',
},
'storage/inbox': {
'quota': str(1024*1024*1024*1024), # 1TB
'mountpoint': '/storage/inbox',
},
'storage/nas': {
'acltype': 'off',
'atime': 'off',
@ -323,26 +279,12 @@ nodes['home.nas'] = {
'storage/paperless': {
'mountpoint': '/srv/paperless',
},
'storage/scan': {
'mountpoint': '/srv/scansnap',
},
},
'snapshots': {
'retain_per_dataset': {
'encrypted/download': {
'hourly': 6,
'daily': 0,
'weekly': 0,
'monthly': 0,
},
'encrypted/nas': {
# juuuuuuuust to be sure.
'daily': 14,
'weekly': 6,
'monthly': 12,
},
'encrypted/paperless': {
'daily': 14,
'weekly': 6,
'monthly': 24,
},
'storage/download': {
'hourly': 48,
'daily': 0,
@ -360,6 +302,12 @@ nodes['home.nas'] = {
'weekly': 6,
'monthly': 24,
},
'storage/scan': {
'hourly': 6,
'daily': 0,
'weekly': 0,
'monthly': 0,
},
},
},
},

8
nodes/home/paperless.py
View file

@ -6,7 +6,6 @@ nodes['home.paperless'] = {
'redis',
'postgresql',
'paperless-ng',
'proftpd',
},
'groups': {
'debian-bookworm',
@ -48,17 +47,12 @@ nodes['home.paperless'] = {
},
'paperless': {
'domain': 'paperless.home.kunbox.net',
'version': 'v2.12.0',
'version': 'v2.11.0',
'timezone': 'Europe/Berlin',
},
'postgresql': {
'version': 15,
},
'proftpd': {
'restrict-to': {
'home.fujitsu-n7100',
},
},
'vm': {
'cpu': 2,
'ram': 2,

6
nodes/htz-cloud.afra.toml
View file

@ -32,7 +32,7 @@ routes.'172.19.128.0/20'.via = "172.19.137.1"
[metadata.element-web]
url = "element.afra.berlin"
version = "v1.11.77"
version = "v1.11.71"
[metadata.element-web.config]
default_server_config.'m.homeserver'.base_url = "https://matrix.afra.berlin"
@ -44,9 +44,9 @@ jitsi.preferredDomain = "meet.ffmuc.net"
[metadata.matrix-media-repo]
admins = ['@administress:afra.berlin']
datastore_id = "e33b50474021fba9977f912414cdd7fe8890ed57"
sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59"
upload_max_mb = 50
version = "v1.3.7"
version = "v1.3.6"
[metadata.matrix-media-repo.homeservers.'afra.berlin']
domain = "http://[::1]:20080/"

3
nodes/htz-hel/backup-kunsi.py
View file

@ -33,8 +33,5 @@ nodes['htz-hel.backup-kunsi'] = {
'/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'),
},
},
'zfs': {
'scrub_when': 'Wed 08:00 Europe/Berlin',
},
},
}

11
nodes/htz-hel/proxmox-backupstorage.toml
View file

@ -1,6 +1,5 @@
hostname = "2a01:4f9:6b:2d99::c0ff:ee"
#dummy = true
bundles = ["sshmon", "smartd"]
dummy = true
# How to install:
# - Get server at Hetzner (no IPv4)
@ -18,11 +17,3 @@ bundles = ["sshmon", "smartd"]
# - IPv6 only
# - IP from the /64 hetzner gives us
# - Gateway is the host itself, to work around the MAC filter hetzner uses
[metadata.smartd]
disks = [
"/dev/sda",
"/dev/sdb",
"/dev/sdc",
"/dev/sdd",
]

2
nodes/kunsi-p14s.py
View file

@ -101,7 +101,7 @@ nodes['kunsi-p14s'] = {
'apachedirectorystudio': {},
'claws-mail': {},
'claws-mail-themes': {},
'ferdium-bin': {},
'ferdi-bin': {},
'gumbo-parser': {}, # for claws litehtml
'inkstitch': {}, # for RZL embroidery machine
'obs-studio': {},

40
nodes/rottenraptor-stromdisplay.toml
View file

@ -1,40 +0,0 @@
hostname = "192.168.1.252"
os = "debian"
os_version = [12,]
bundles = [
"apt",
"basic",
"kernel-modules",
"openssh",
"raspberrypi",
"sdm630_mqtt",
"sudo",
"sysctl",
"systemd",
"systemd-networkd",
"users",
]
[metadata.apt.unattended-upgrades]
enabled = false
[metadata.icinga_options]
exclude_from_monitoring = true
[metadata.interfaces.eth0]
ips = [
"192.168.1.252/24",
]
dhcp = true
[metadata.raspberrypi]
enable_display = true
[metadata.sdm630_mqtt]
enable_stats_collection = false
enable_local_printout = true
config.mqtt.host = "192.168.1.253"
[metadata.users.kutscher]
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
sudo_commands = ["ALL"]

46
nodes/rottenraptor-stromzaehler.toml
View file

@ -1,46 +0,0 @@
hostname = "192.168.1.253"
os = "debian"
os_version = [12,]
bundles = [
"apt",
"basic",
"kernel-modules",
"mosquitto",
"openssh",
"raspberrypi",
"sdm630_mqtt",
"sudo",
"sysctl",
"systemd",
"systemd-networkd",
"telegraf",
"users",
]
[metadata.apt.unattended-upgrades]
enabled = false
[metadata.icinga_options]
exclude_from_monitoring = true
[metadata.interfaces.eth0]
ips = [
"192.168.1.253/24",
]
dhcp = true
[metadata.sdm630_mqtt]
enable_local_printout = true
config.modbus.host = "192.168.1.254"
config.modbus.port = 4196
config.telegraf.identifier = 'rottenraptor_truck'
[metadata.sysctl.options]
'net.ipv6.conf.all.disable_ipv6' = '1'
[metadata.telegraf]
collect_default_metrics = false
[metadata.users.kutscher]
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
sudo_commands = ["ALL"]

4
nodes/sophie/miniserver.py
View file

@ -54,6 +54,7 @@ nodes['htz-cloud.miniserver'] = {
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
},
'target': "htz-hel.backup-sophie",
},
'backups': {
'paths': {
@ -62,7 +63,7 @@ nodes['htz-cloud.miniserver'] = {
},
'element-web': {
'url': 'chat.sophies-kitchen.eu',
'version': 'v1.11.76',
'version': 'v1.11.72',
'config': {
'default_server_config': {
'm.homeserver': {
@ -117,7 +118,6 @@ nodes['htz-cloud.miniserver'] = {
'sophies-kitchen.eu': {
'domain': 'http://[::1]:20080/',
'api': 'synapse',
'signing_key_path': "/etc/matrix-synapse/mmr.signing.key"
},
},
'admins': {

2
nodes/voc/pretalx.py
View file

@ -49,7 +49,7 @@ nodes['voc.pretalx'] = {
},
},
'pretalx': {
'version': 'v2024.2.1',
'version': 'v2024.1.0',
'domain': 'pretalx.c3voc.de',
'mail_from': 'pretalx@c3voc.de',
'administrators-from-group-id': 1,