kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests 1 Releases Activity

Compare commits

merge into: kunsi:update-miniserver
Branches Tags
kunsi:main
kunsi:new-wildcard-sophies-kitchen
kunsi:updates
kunsi:update-miniserver
kunsi:vmhostumzug
kunsi:jhtoolz
kunsi:sophiesheomenetwork
kunsi:feature/kunsi-ipv6-only-vlan
kunsi:sophie-dimension-cleanup
kunsi:kunsi-woodpecker
kunsi:kunsi-junos
kunsi:loudness-monitoring-gstreamer
...
pull from: kunsi:main
Branches Tags
kunsi:main
kunsi:new-wildcard-sophies-kitchen
kunsi:updates
kunsi:update-miniserver
kunsi:vmhostumzug
kunsi:jhtoolz
kunsi:sophiesheomenetwork
kunsi:feature/kunsi-ipv6-only-vlan
kunsi:sophie-dimension-cleanup
kunsi:kunsi-woodpecker
kunsi:kunsi-junos
kunsi:loudness-monitoring-gstreamer

56 commits
update-min ... main

Author SHA1 Message Date
Franziska Kunsmann
c6421c7bd4
update travelynx to 2.8.39 2024-09-20 15:34:14 +02:00
Franziska Kunsmann
95c5b28469
basic monitoring for proxmox-backupstorage 2024-09-20 15:34:12 +02:00
Sophie Schiller
7dc0afe299 Merge pull request 'miniserver: element-web update' (#71) from updates into main 
Reviewed-on: #71
 2024-09-19 20:59:48 +00:00
Franziska Kunsmann
9415b281ce
update travelynx to 2.8.38 2024-09-15 13:33:23 +02:00
Franziska Kunsmann
64fb1906d1
htz-hel.backup-kunsi: move scrub to wednesday 2024-09-15 10:27:08 +02:00
Franziska Kunsmann
ce76b03fe7
bundles/zfs: configurable scrub time 2024-09-15 10:26:51 +02:00
Franziska Kunsmann
a712c098c6
update netbox to 4.1.1 2024-09-14 18:32:39 +02:00
Franziska Kunsmann
ec834f2a92
update element-web to 1.11.77 2024-09-14 18:32:27 +02:00
Franziska Kunsmann
aa30b78fcf
remove daisy 2024-09-14 18:29:55 +02:00
Franziska Kunsmann
be3a7a44d6
home.nas: new ssd-based pool 2024-09-12 19:58:15 +02:00
Franziska Kunsmann
2e72f107e9
update paperles to 2.12.0 2024-09-10 06:15:48 +02:00
Franziska Kunsmann
07f6fb99f2
bundles/backup-server: more time for monitoring please 2024-09-10 06:14:55 +02:00
Franziska Kunsmann
3f9f84f230
home.paperless: add proftpd for paperless ingest 2024-09-08 19:42:27 +02:00
Franziska Kunsmann
40fcaf56ee
add home.fujitsu-n7100 2024-09-08 19:42:15 +02:00
Franziska Kunsmann
06a94d7cba
home.nas: clean up nodefile 2024-09-08 17:19:13 +02:00
Franziska Kunsmann
6483f863ff
bundles/rsyslogd: add backups 2024-09-08 17:19:03 +02:00
Franziska Kunsmann
3a52cf55c4
remove bundle:scansnap 2024-09-08 17:17:25 +02:00
Franziska Kunsmann
455c5c5ce5
update as3320 and as8881 2024-09-07 13:01:37 +02:00
Franziska Kunsmann
5e55dc6fb9
update forgejo to 8.0.3 2024-09-07 09:09:03 +02:00
Franziska Kunsmann
d5881da154
fix sophie backup locations 2024-09-07 09:07:40 +02:00
Sophie Schiller
121a261ecd miniserver: actually use signing key 2024-09-04 23:06:23 +02:00
Sophie Schiller
b9216f230b matrix-media-repo: extend rate limits 2024-09-04 23:06:07 +02:00
Sophie Schiller
497d4fff30 miniserver: element-web update 2024-09-04 21:25:50 +02:00
Franziska Kunsmann
9f1dc01d6b
bundles/arch-with-gui: s/rfkill/util-linux/ 2024-09-04 20:02:18 +02:00
Franziska Kunsmann
a7baf225ff
kunsi-p14s: s/ferdi/ferdium/ 2024-09-04 20:00:54 +02:00
Franziska Kunsmann
331d363a45
bump _.home.kunbox.net 2024-09-04 19:04:47 +02:00
Franziska Kunsmann
3f02f7b8f5
bundles/icinga2: ignore lines starting with ;; in check_spam_blocklist 2024-09-04 18:56:48 +02:00
Franziska Kunsmann
b73ac2b7ce
update paperless to 2.11.6 2024-09-04 18:54:18 +02:00
Franziska Kunsmann
41b76aec9c
update forgejo to 8.0.2 2024-09-04 18:52:10 +02:00
Franziska Kunsmann
2b5a76ffb0
update netbox to 4.1.0 2024-09-04 18:50:58 +02:00
Franziska Kunsmann
319dc8ad21
icinga: fix logic error, do not send sms for service problems 2024-09-03 21:09:17 +02:00
Franziska Kunsmann
bfbbffe22c
home.r630: allow forwarding traffic 
So i can actually reach the docker containers running on there
 2024-08-31 19:12:05 +02:00
Franziska Kunsmann
23fb2aba1c
home.nas: add br1139 2024-08-31 13:14:24 +02:00
Franziska Kunsmann
3d86923e9e
update travelynx to 2.8.35 2024-08-28 15:42:07 +02:00
Franziska Kunsmann
2fbf122660
update netbox to 4.0.9 2024-08-28 15:41:54 +02:00
Franziska Kunsmann
4234070514
update element-web to 1.11.76 2024-08-28 15:41:39 +02:00
Franziska Kunsmann
13bae5c993
bundles/samba: fix typo 2024-08-23 19:47:19 +02:00
Franziska Kunsmann
aff1329122
add rottenraptor devices 2024-08-23 19:43:27 +02:00
Franziska Kunsmann
82aeeb585d
add samba share for music on nas 2024-08-23 19:43:04 +02:00
Franziska Kunsmann
e8983829ed
bundles/infobeamer-monitor: fix maintenance warnings 2024-08-16 14:35:33 +02:00
Franziska Kunsmann
10b1fb8a5b
remove legacy nodes 2024-08-12 19:39:57 +02:00
Franziska Kunsmann
c66bc8b5eb
add home.{appletv-wohnzimmer,encoder96} 2024-08-12 19:36:32 +02:00
Franziska Kunsmann
422303ee5b update pretalx to 2024.2.1 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
c48e11d787 update paperless to 2.11.4 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
a8678fc01b update netbox to 4.0.8 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
6fe0598032 update matrix-media-repo to 1.3.7 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
6fb8d81159 carlene: fix network config 
Apparently, the DC technicians are unable to plug in a server into the
correct network ports after changing disks ...
 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
e4eb00bdbe update forgejo to 8.0.1 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
94e56fd92d update element-web to 1.11.73 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
01a8d7a6db add bundle:sdm630_mqtt 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
f0ebed5dba bundles/sshmon: yet another letsencrypt hash 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
30cf20c28d bundles/c3voc-addons: add action:apt_execute_update_commands 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
5af7b92663 bw/data/apt: grafana changed their gpg key 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
5a1e37a41c bundles/systemd-networkd: remove networkmanager 2024-08-10 19:14:57 +02:00
Franziska Kunsmann
a1eb9cb3fc bundles/telegraf: add option to opt-out of default metrics 2024-08-10 19:14:57 +02:00
Sophie Schiller
6854bd55ff Merge pull request 'update-miniserver' (#70) from update-miniserver into main 
Reviewed-on: #70
 2024-08-09 01:00:17 +00:00
53 changed files with 984 additions and 620 deletions
Show stats Expand all files Collapse all files

2
bundles/arch-with-gui/metadata.py
View file

@ -33,7 +33,7 @@ defaults = {
# networking # networking
'avahi': {}, 'avahi': {},
'netctl': {}, 'netctl': {},
'rfkill': {}, 'util-linux': {}, # provides rfkill
'wpa_supplicant': {}, 'wpa_supplicant': {},
'wpa_actiond': {}, 'wpa_actiond': {},

2
bundles/backup-server/metadata.py
View file

@ -160,7 +160,7 @@ def monitoring(metadata):
client, client,
config['one_backup_every_hours'], config['one_backup_every_hours'],
), ),
'vars.sshmon_timeout': 20, 'vars.sshmon_timeout': 40,
} }
return { return {

7
bundles/c3voc-addons/items.py
View file

@ -7,9 +7,6 @@ supported_os = {
12: 'bookworm', 12: 'bookworm',
99: 'unstable', 99: 'unstable',
}, },
'raspbian': {
10: 'buster',
},
} }
try: try:
@ -82,6 +79,10 @@ actions = {
'triggered': True, 'triggered': True,
'cascade_skip': False, 'cascade_skip': False,
}, },
'apt_execute_update_commands': {
'command': ' && '.join(sorted(node.metadata.get('apt/additional_update_commands', {'true'}))),
'triggered': True,
},
} }
directories = { directories = {

8
bundles/icinga2/files/check_spam_blocklist
View file

@ -50,17 +50,13 @@ def check_list(ip_list, blocklist, warn_ips):
]).decode().splitlines() ]).decode().splitlines()
for item in result: for item in result:
if item.startswith(';;'): if item.startswith(';;'):
msgs.append('{} - {}'.format( continue
blocklist,
item,
))
else:
msgs.append('{} listed in {} as {}'.format( msgs.append('{} listed in {} as {}'.format(
ip, ip,
blocklist, blocklist,
item, item,
)) ))
if (item in warn_ips or item.startswith(';;')) and returncode < 2: if item in warn_ips and returncode < 2:
returncode = 1 returncode = 1
else: else:
returncode = 2 returncode = 2

2
bundles/icinga2/files/scripts/icinga_notification_wrapper
View file

@ -199,7 +199,7 @@ if __name__ == '__main__':
notify_per_mail() notify_per_mail()
if args.sms: if args.sms:
if args.service_name: if not args.service_name:
notify_per_sms() notify_per_sms()
if CONFIG['ntfy']['user']: if CONFIG['ntfy']['user']:
notify_per_ntfy() notify_per_ntfy()

5
bundles/infobeamer-monitor/files/monitor.py
View file

@ -140,13 +140,12 @@ while True:
if device["is_online"]: if device["is_online"]:
if device["maintenance"]: if device["maintenance"]:
mqtt_out( mqtt_out(
"maintenance required: {}".join( "maintenance required: {}".format(' '.join(
sorted(device["maintenance"]) sorted(device["maintenance"])
), )),
level="WARN", level="WARN",
device=device, device=device,
) )
must_dump_state = True
if ( if (
device["is_synced"] != state[did]["is_synced"] device["is_synced"] != state[did]["is_synced"]

6
bundles/matrix-media-repo/files/config.yaml
View file

@ -31,7 +31,7 @@ homeservers:
% endfor % endfor
accessTokens: accessTokens:
maxCacheTimeSeconds: 0 maxCacheTimeSeconds: 10
useLocalAppserviceConfig: false useLocalAppserviceConfig: false
admins: admins:
@ -137,8 +137,8 @@ thumbnails:
rateLimit: rateLimit:
enabled: true enabled: true
requestsPerSecond: 10 requestsPerSecond: 100
burst: 50 burst: 5000
identicons: identicons:
enabled: true enabled: true

13
bundles/proftpd/items.py Normal file
View file

@ -0,0 +1,13 @@
files['/etc/proftpd/proftpd.conf'] = {
'source': f'{node.name}.conf',
'triggers': {
'svc_systemd:proftpd:restart',
},
}
svc_systemd['proftpd'] = {
'needs': {
'file:/etc/proftpd/proftpd.conf',
'pkg_apt:proftpd-core',
},
}

26
bundles/proftpd/metadata.py Normal file
View file

@ -0,0 +1,26 @@
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'proftpd-core': {},
},
},
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
sources = atomic(metadata.get('mosquitto/restrict-to', set()))
return {
'firewall': {
'port_rules': {
'20/tcp': sources,
'21/tcp': sources,
'49152-50192/tcp': sources,
},
},
}

5
bundles/rsyslogd/metadata.py
View file

@ -6,6 +6,11 @@ defaults = {
'rsyslog': {}, 'rsyslog': {},
}, },
}, },
'backups': {
'paths': {
'/var/log/rsyslog',
},
},
'icinga2_api': { 'icinga2_api': {
'rsyslog': { 'rsyslog': {
'services': { 'services': {

3
bundles/samba/files/override.conf Normal file
View file

@ -0,0 +1,3 @@
[Service]
RestartSec=10
Restart=on-failure

39
bundles/samba/files/smb.conf Normal file
View file

@ -0,0 +1,39 @@
[global]
workgroup = KUNBOX
server string = ${node.name} samba
dns proxy = no
max log size = 1000
syslog = 1
syslog only = 1
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
map to guest = bad user
load printers = no
usershare allow guests = yes
allow insecure wide links = yes
% for name, opts in sorted(node.metadata.get('samba/shares', {}).items()):
[${name}]
browseable = yes
comment = ${opts.get('comment', f'share of {opts["path"]}')}
fake oplocks = yes
force group = ${opts.get('force_group', 'nogroup')}
force user = ${opts.get('force_user', 'nobody')}
% if opts.get('guest_ok', True):
guest ok = yes
% else:
guest ok = no
% endif
locking = no
path = ${opts['path']}
printable = no
read only = no
vfs objects = catia fruit
writable = ${'yes' if opts.get('writable', False) else 'no'}
% if opts.get('follow_symlinks', True):
follow symlinks = yes
wide links = yes
% endif
% endfor

59
bundles/samba/items.py Normal file
View file

@ -0,0 +1,59 @@
svc_systemd = {
'nmbd': {
'needs': {
'pkg_apt:samba',
},
},
'smbd': {
'needs': {
'pkg_apt:samba',
},
},
}
files = {
'/etc/samba/smb.conf': {
'content_type': 'mako',
'triggers': {
'svc_systemd:nmbd:restart',
'svc_systemd:smbd:restart',
},
},
'/etc/systemd/system/nmbd.service.d/bundlewrap.conf': {
'source': 'override.conf',
'triggers': {
'action:systemd-reload',
'svc_systemd:nmbd:restart',
},
},
'/etc/systemd/system/smbd.service.d/bundlewrap.conf': {
'source': 'override.conf',
'triggers': {
'action:systemd-reload',
'svc_systemd:smbd:restart',
},
},
}
last_action = set()
for user, uconfig in node.metadata.get('users', {}).items():
if (
'password' not in uconfig
or uconfig.get('delete')
or user in ('root',)
):
continue
actions[f'smbpasswd_for_user_{user}'] = {
'command': f'smbpasswd -a -s {user}',
'unless': f'pdbedit -L | grep -E "^{user}:"',
'data_stdin': uconfig['password'] + '\n' + uconfig['password'],
'needs': {
'pkg_apt:samba',
f'user:{user}',
},
'after': last_action,
}
last_action = {
f'action:smbpasswd_for_user_{user}',
}

26
bundles/samba/metadata.py Normal file
View file

@ -0,0 +1,26 @@
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'samba': {},
'samba-vfs-modules': {},
}
}
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
return {
'firewall': {
'port_rules': {
'137/udp': atomic(metadata.get('samba/restrict-to', set())),
'138/udp': atomic(metadata.get('samba/restrict-to', set())),
'139/tcp': atomic(metadata.get('samba/restrict-to', set())),
'445/tcp': atomic(metadata.get('samba/restrict-to', set())),
},
},
}

21
bundles/scansnap/files/ocr.sh
View file

@ -1,21 +0,0 @@
#!/bin/bash
set -euo pipefail
DATE=$(date +%F_%H-%M-%S)
cd "$1"
convert *.tiff no_ocr.pdf
ocrmypdf -l deu no_ocr.pdf has_ocr.pdf
rm -f *.tiff
rm -f no_ocr.pdf
chown nobody:nogroup has_ocr.pdf
mv has_ocr.pdf "/srv/scansnap/${DATE}.pdf"
cd /
rm -r "$1"

9
bundles/scansnap/files/scan.sh
View file

@ -1,9 +0,0 @@
#!/bin/bash
set -euo pipefail
OUTFILE=$(mktemp -d)
scanimage --source 'ADF Duplex' --format tiff --mode Color --brightness 23 --resolution 300 --page-width 210 --page-height 297.3 -x 210 -y 297.3 --batch=${OUTFILE}/p%04d.tiff
/etc/scanbd/scripts/ocr.sh "$OUTFILE" &

52
bundles/scansnap/files/scanbd.conf
View file

@ -1,52 +0,0 @@
global {
debug = true
debug-level = 2
user = saned
group = scanner
saned = "/usr/sbin/saned"
saned_opt = {}
saned_env = { "SANE_CONFIG_DIR=/etc/scanbd" }
scriptdir = /etc/scanbd/scripts
timeout = 500
pidfile = "/var/run/scanbd.pid"
environment {
device = "SCANBD_DEVICE"
action = "SCANBD_ACTION"
}
function function_knob {
filter = "^message.*"
desc = "The value of the function knob / wheel / selector"
env = "SCANBD_FUNCTION"
}
function function_mode {
filter = "^mode.*"
desc = "Color mode"
env = "SCANBD_FUNCTION_MODE"
}
multiple_actions = false
action scan {
filter = "^scan.*"
numerical-trigger {
from-value = 0
to-value = 1
}
desc = "Scan to file"
script = "scan.sh"
}
}
include(scanner.d/avision.conf)
include(scanner.d/fujitsu.conf)
include(scanner.d/hp.conf)
include(scanner.d/pixma.conf)
include(scanner.d/snapscan.conf)
include(scanner.d/canon.conf)
include(scanner.d/plustek.conf)

39
bundles/scansnap/items.py
View file

@ -1,39 +0,0 @@
directories = {
'/etc/scanbd/scripts': {
'purge': True,
},
'/srv/scansnap': {
'owner': 'nobody',
'group': 'nogroup',
},
}
files = {
'/etc/scanbd/scanbd.conf': {
'triggers': {
'svc_systemd:scanbd:restart',
},
},
'/etc/scanbd/scripts/ocr.sh': {
'mode': '0755',
'needs': {
'directory:/srv/scansnap',
},
},
'/etc/scanbd/scripts/scan.sh': {
'mode': '0755',
'needs': {
'directory:/srv/scansnap',
'file:/etc/scanbd/scripts/ocr.sh',
},
},
}
svc_systemd = {
'scanbd': {
'needs': {
'file:/etc/scanbd/scanbd.conf',
'pkg_apt:scanbd',
},
},
}

22
bundles/scansnap/metadata.py
View file

@ -1,22 +0,0 @@
defaults = {
'apt': {
'packages': {
'sane-utils': {},
'scanbd': {},
'imagemagick': {},
'ocrmypdf': {},
'tesseract-ocr-deu': {},
},
},
'backups': {
'paths': {
'/srv/scansnap',
},
},
'cron': {
'jobs': {
# Automatically remove files which are older than 14 days
'scansnap_cleanup': '00 00 * * * root /usr/bin/find /srv/scansnap/ -mindepth 1 -mtime +14 -delete',
},
},
}

21
bundles/sdm630_mqtt/files/sdm630_printout.service Normal file
View file

@ -0,0 +1,21 @@
[Unit]
Description=SDM630 stats printout
Conflicts=getty@tty1.service
After=systemd-user-sessions.service getty@tty1.service plymouth-quit.service
[Service]
User=sdm630_mqtt
Group=sdm630_mqtt
ExecStart=/opt/sdm630_mqtt/venv/bin/python printout.py /opt/sdm630_mqtt/config.toml
WorkingDirectory=/opt/sdm630_mqtt/src
Restart=always
RestartSec=10
StandardInput=tty
StandardOutput=tty
StandardError=journal
TTYPath=/dev/tty1
TTYReset=yes
TTYVHangup=yes
[Install]
WantedBy=multi-user.target

14
bundles/sdm630_mqtt/files/sdm630_to_mqtt.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=SDM630-to-MQTT bridge
After=network.target
[Service]
User=sdm630_mqtt
Group=sdm630_mqtt
ExecStart=/opt/sdm630_mqtt/venv/bin/python sdm630_mqtt.py /opt/sdm630_mqtt/config.toml
WorkingDirectory=/opt/sdm630_mqtt/src
Restart=always
RestartSec=1
[Install]
WantedBy=multi-user.target

76
bundles/sdm630_mqtt/items.py Normal file
View file

@ -0,0 +1,76 @@
directories['/opt/sdm630_mqtt/src'] = {}
git_deploy['/opt/sdm630_mqtt/src'] = {
'repo': 'https://git.franzi.business/kunsi/sdm630_mqtt.git',
'rev': 'main',
'triggers': {
'action:sdm630_mqtt_install_deps',
},
}
actions['sdm630_mqtt_create_virtualenv'] = {
'command': 'python3 -m virtualenv /opt/sdm630_mqtt/venv',
'unless': 'test -x /opt/sdm630_mqtt/venv/bin/python3',
'needs': {
'directory:/opt/sdm630_mqtt/src',
},
}
actions['sdm630_mqtt_install_deps'] = {
'command': 'cd /opt/sdm630_mqtt/src && /opt/sdm630_mqtt/venv/bin/pip install -r requirements.txt',
'triggered': True,
'needs': {
'action:sdm630_mqtt_create_virtualenv',
},
}
users['sdm630_mqtt'] = {
'home': '/opt/sdm630_mqtt',
}
files['/opt/sdm630_mqtt/config.toml'] = {
'content': repo.libs.faults.dict_as_toml(node.metadata.get('sdm630_mqtt/config')),
'triggers': set(),
}
if node.has_bundle('telegraf'):
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:telegraf:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:telegraf:restart')
if node.metadata.get('sdm630_mqtt/enable_stats_collection', True):
files['/usr/local/lib/systemd/system/sdm630_to_mqtt.service'] = {
'triggers': {
'action:systemd-reload',
'svc_systemd:sdm630_to_mqtt:restart',
},
}
svc_systemd['sdm630_to_mqtt'] = {
'needs': {
'git_deploy:/opt/sdm630_mqtt/src',
'action:sdm630_mqtt_install_deps',
'file:/usr/local/lib/systemd/system/sdm630_to_mqtt.service',
},
}
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_to_mqtt:restart')
if node.metadata.get('sdm630_mqtt/enable_local_printout', False):
files['/usr/local/lib/systemd/system/sdm630_printout.service'] = {
'triggers': {
'action:systemd-reload',
'svc_systemd:sdm630_printout:restart',
},
}
svc_systemd['sdm630_printout'] = {
'needs': {
'git_deploy:/opt/sdm630_mqtt/src',
'action:sdm630_mqtt_install_deps',
'file:/usr/local/lib/systemd/system/sdm630_printout.service',
},
}
files['/opt/sdm630_mqtt/config.toml']['triggers'].add('svc_systemd:sdm630_printout:restart')
git_deploy['/opt/sdm630_mqtt/src']['triggers'].add('svc_systemd:sdm630_printout:restart')

38
bundles/sdm630_mqtt/metadata.py Normal file
View file

@ -0,0 +1,38 @@
defaults = {
'sdm630_mqtt': {
'config': {
'modbus': {
'host': '127.0.0.1',
'port': 501,
'unit_id': 1,
},
'mqtt': {
'prefix': 'sdm630',
'host': '127.0.0.1',
'port': 1883,
},
'printout': {
'title': 'SDM630',
},
'telegraf': {
'identifier': 'unknown',
},
},
},
'telegraf': {
'input_plugins': {
'execd': {
'sdm630_mqtt': {
'command': [
'/opt/sdm630_mqtt/venv/bin/python',
'/opt/sdm630_mqtt/src/telegraf.py',
'/opt/sdm630_mqtt/config.toml',
],
'signal': 'none',
'restart_delay': '1s',
'data_format': 'influx',
},
},
},
},
}

3
bundles/sshmon/files/check_https_certificate_at_url
View file

@ -21,7 +21,8 @@ case "$issuer_hash" in
# 8d33f237: issuer=C = US, O = Let's Encrypt, CN = R3 # 8d33f237: issuer=C = US, O = Let's Encrypt, CN = R3
# 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5 # 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5
# 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6 # 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6
4f06f81d|8d33f237|462422cf|9aad238c) # 31dfb39d: issuer=C = US, O = Let's Encrypt, CN = R11
4f06f81d|8d33f237|462422cf|9aad238c|31dfb39d)
warn_days=10 warn_days=10
crit_days=3 crit_days=3
;; ;;

3
bundles/systemd-networkd/files/template-bridge.network
View file

@ -3,3 +3,6 @@ Name=${' '.join(sorted(match))}
[Network] [Network]
Bridge=${bridge} Bridge=${bridge}
[Link]
ActivationPolicy=always-up

3
bundles/systemd-networkd/metadata.py
View file

@ -4,6 +4,9 @@ defaults = {
'isc-dhcp-client': { 'isc-dhcp-client': {
'installed': False, 'installed': False,
}, },
'network-manager': {
'installed': False,
},
'resolvconf': { 'resolvconf': {
'installed': False, 'installed': False,
}, },

26
bundles/telegraf/items.py
View file

@ -11,7 +11,19 @@ telegraf_config = {
'quiet': False, 'quiet': False,
'round_interval': False, 'round_interval': False,
}, },
'inputs': { 'outputs': {
'influxdb_v2': [{
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
}],
},
'inputs': {},
}
if node.metadata.get('telegraf/collect_default_metrics', True):
telegraf_config['inputs'] = {
'cpu': [{ 'cpu': [{
'percpu': False, 'percpu': False,
'totalcpu': True, 'totalcpu': True,
@ -43,18 +55,10 @@ telegraf_config = {
'nstat': [{}], 'nstat': [{}],
'processes': [{}], 'processes': [{}],
'system': [{}], 'system': [{}],
**node.metadata.get('telegraf/input_plugins/builtin', {}),
},
'outputs': {
'influxdb_v2': [{
'urls': [node.metadata.get('telegraf/influxdb_url', repo.libs.defaults.influxdb_url)],
'token': node.metadata.get('telegraf/influxdb_token', repo.vault.decrypt(repo.libs.defaults.influxdb_token)),
'organization': node.metadata.get('telegraf/influxdb_org', repo.vault.decrypt(repo.libs.defaults.influxdb_org)),
'bucket': node.metadata.get('telegraf/influxdb_bucket', repo.vault.decrypt(repo.libs.defaults.influxdb_bucket)),
}],
},
} }
telegraf_config['inputs'].update(node.metadata.get('telegraf/input_plugins/builtin', {}))
# Bundlewrap can't merge lists. To work around this, telegraf/input_plugins/exec(d) # Bundlewrap can't merge lists. To work around this, telegraf/input_plugins/exec(d)
# is a dict, of which we only use the value of it. This also allows us # is a dict, of which we only use the value of it. This also allows us
# to overwrite values set by metadata defaults/reactors in node and group # to overwrite values set by metadata defaults/reactors in node and group

2
bundles/zfs/metadata.py
View file

@ -170,7 +170,7 @@ def scrub_timer(metadata):
'systemd-timers': { 'systemd-timers': {
'timers': { 'timers': {
'zfs-scrub': { 'zfs-scrub': {
'when': 'Sun 02:00:00 UTC', 'when': metadata.get('zfs/scrub_when', 'Sun 02:00:00 UTC'),
'command': scrubs, 'command': scrubs,
}, },
}, },

178
configs/as3320.txt
View file

@ -1,5 +1,7 @@
109.237.176.0/20 109.237.176.0/20
109.72.116.0/24
116.50.16.0/21 116.50.16.0/21
128.65.164.0/22
129.181.208.0/21 129.181.208.0/21
129.181.216.0/22 129.181.216.0/22
137.170.112.0/24 137.170.112.0/24
@ -15,13 +17,12 @@
139.12.4.0/24 139.12.4.0/24
141.169.240.0/20 141.169.240.0/20
141.77.0.0/16 141.77.0.0/16
141.98.44.0/24
143.99.213.0/24 143.99.213.0/24
145.225.16.0/23 145.225.16.0/23
146.247.58.0/24 146.247.58.0/24
147.136.84.0/22
147.161.22.0/24 147.161.22.0/24
147.78.17.0/24 147.78.17.0/24
147.79.8.0/21
149.208.250.0/23 149.208.250.0/23
149.208.252.0/24 149.208.252.0/24
149.208.253.0/24 149.208.253.0/24
@ -34,6 +35,7 @@
149.249.244.0/22 149.249.244.0/22
149.249.244.0/23 149.249.244.0/23
149.249.246.0/23 149.249.246.0/23
153.17.244.8/29
153.17.249.0/24 153.17.249.0/24
153.17.250.0/24 153.17.250.0/24
153.17.251.0/24 153.17.251.0/24
@ -46,7 +48,11 @@
153.97.32.0/24 153.97.32.0/24
158.116.231.0/24 158.116.231.0/24
160.211.126.0/24 160.211.126.0/24
163.5.168.0/24 163.5.156.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
163.5.66.0/24
164.133.10.0/24 164.133.10.0/24
164.133.11.0/24 164.133.11.0/24
164.133.150.0/24 164.133.150.0/24
@ -60,11 +66,9 @@
168.199.192.0/22 168.199.192.0/22
168.199.212.0/22 168.199.212.0/22
170.237.92.0/23 170.237.92.0/23
171.25.178.0/24
176.221.24.0/24
176.221.25.0/24
176.53.136.0/24 176.53.136.0/24
176.53.137.0/24 176.53.137.0/24
176.57.59.0/24
185.100.160.0/22 185.100.160.0/22
185.101.244.0/23 185.101.244.0/23
185.101.246.0/23 185.101.246.0/23
@ -76,45 +80,38 @@
185.131.239.0/24 185.131.239.0/24
185.133.12.0/22 185.133.12.0/22
185.136.115.0/24 185.136.115.0/24
185.149.25.0/24
185.149.26.0/24
185.149.27.0/24
185.149.52.0/24 185.149.52.0/24
185.157.101.0/24 185.157.101.0/24
185.161.176.0/22 185.161.176.0/22
185.162.72.0/23
185.163.76.0/24 185.163.76.0/24
185.163.77.0/24 185.163.77.0/24
185.163.78.0/24 185.163.78.0/24
185.163.79.0/24 185.163.79.0/24
185.172.38.0/24
185.172.39.0/24
185.180.224.0/24 185.180.224.0/24
185.183.212.0/23 185.183.212.0/23
185.183.214.0/23 185.183.214.0/23
185.188.64.0/24 185.188.64.0/24
185.195.239.0/24
185.198.13.0/24 185.198.13.0/24
185.202.32.0/21 185.202.32.0/21
185.203.148.0/22
185.207.46.0/24 185.207.46.0/24
185.235.71.0/24 185.21.247.0/24
185.237.0.0/24 185.237.0.0/24
185.237.1.0/24 185.237.1.0/24
185.237.2.0/24 185.237.2.0/24
185.240.85.0/24
185.242.224.0/24 185.242.224.0/24
185.243.44.0/22 185.243.44.0/22
185.243.44.0/24 185.243.44.0/24
185.243.45.0/24 185.243.45.0/24
185.243.46.0/24 185.243.46.0/24
185.243.47.0/24 185.243.47.0/24
185.250.42.0/23
185.28.208.0/22 185.28.208.0/22
185.39.12.0/22 185.39.12.0/22
185.48.0.0/22 185.48.0.0/22
185.57.231.0/24
185.57.24.0/24 185.57.24.0/24
185.82.160.0/23 185.82.160.0/23
185.91.204.0/22 188.214.139.0/24
192.109.121.0/24 192.109.121.0/24
192.109.122.0/24 192.109.122.0/24
192.109.124.0/24 192.109.124.0/24
@ -176,7 +173,6 @@
193.110.102.0/23 193.110.102.0/23
193.110.102.0/24 193.110.102.0/24
193.110.103.0/24 193.110.103.0/24
193.124.35.0/24
193.138.91.0/24 193.138.91.0/24
193.141.143.0/24 193.141.143.0/24
193.141.180.0/23 193.141.180.0/23
@ -243,7 +239,6 @@
193.41.10.0/23 193.41.10.0/23
193.47.164.0/24 193.47.164.0/24
193.53.93.0/24 193.53.93.0/24
193.56.21.0/24
193.58.253.0/24 193.58.253.0/24
193.84.136.0/22 193.84.136.0/22
193.96.230.0/24 193.96.230.0/24
@ -253,6 +248,7 @@
193.98.224.0/24 193.98.224.0/24
193.99.96.0/20 193.99.96.0/20
194.0.151.0/24 194.0.151.0/24
194.0.232.0/24
194.110.133.0/24 194.110.133.0/24
194.113.160.0/22 194.113.160.0/22
194.113.20.0/23 194.113.20.0/23
@ -295,6 +291,13 @@
194.15.64.0/21 194.15.64.0/21
194.15.72.0/22 194.15.72.0/22
194.150.228.0/23 194.150.228.0/23
194.152.128.0/24
194.152.129.0/24
194.152.132.0/24
194.152.141.0/24
194.152.142.0/24
194.152.154.0/24
194.152.155.0/24
194.153.86.0/24 194.153.86.0/24
194.156.128.0/22 194.156.128.0/22
194.156.148.0/24 194.156.148.0/24
@ -337,26 +340,20 @@
194.39.63.0/24 194.39.63.0/24
194.39.88.0/21 194.39.88.0/21
194.39.97.0/24 194.39.97.0/24
194.45.144.0/21
194.49.110.0/24
194.49.117.0/24 194.49.117.0/24
194.49.118.0/23 194.49.118.0/23
194.49.125.0/24 194.49.125.0/24
194.49.48.0/24 194.49.48.0/24
194.49.54.0/24 194.49.54.0/24
194.49.72.0/24
194.49.73.0/24 194.49.73.0/24
194.49.74.0/23 194.49.74.0/23
194.49.85.0/24 194.49.85.0/24
194.55.158.0/24
194.55.180.0/24 194.55.180.0/24
194.55.183.0/24 194.55.183.0/24
194.55.192.0/19 194.55.192.0/19
194.55.63.0/24 194.55.63.0/24
194.55.64.0/20 194.55.64.0/20
194.55.87.0/24 194.55.87.0/24
194.58.40.0/24
194.58.56.0/23
194.59.143.0/24 194.59.143.0/24
194.59.150.0/24 194.59.150.0/24
194.59.151.0/24 194.59.151.0/24
@ -382,34 +379,22 @@
194.76.52.0/24 194.76.52.0/24
194.77.41.0/24 194.77.41.0/24
194.77.42.0/24 194.77.42.0/24
194.85.248.0/24
194.85.251.0/24
194.87.10.0/24
194.87.17.0/24
194.87.255.0/24
194.87.77.0/24
194.88.112.0/20
194.88.16.0/21 194.88.16.0/21
194.88.24.0/23 194.88.24.0/23
194.88.26.0/24 194.88.26.0/24
194.88.28.0/23 194.88.28.0/23
194.88.96.0/21
194.99.118.0/24 194.99.118.0/24
194.99.34.0/24 194.99.34.0/24
194.99.76.0/23 194.99.76.0/23
194.99.83.0/24 194.99.83.0/24
194.99.92.0/22 194.99.92.0/22
195.133.20.0/24
195.133.64.0/22
195.133.7.0/24 195.133.7.0/24
195.133.76.0/24
195.137.216.0/23 195.137.216.0/23
195.138.223.0/24 195.138.223.0/24
195.144.15.0/24 195.144.15.0/24
195.145.0.0/16 195.145.0.0/16
195.149.79.0/24 195.149.79.0/24
195.160.248.0/22 195.160.248.0/22
195.178.132.0/22
195.190.2.0/24 195.190.2.0/24
195.192.254.0/24 195.192.254.0/24
195.200.207.0/24 195.200.207.0/24
@ -436,12 +421,14 @@
198.40.90.0/24 198.40.90.0/24
198.57.10.0/24 198.57.10.0/24
2.160.0.0/12 2.160.0.0/12
2.58.100.0/24
2.58.102.0/24 2.58.102.0/24
204.52.120.0/24
204.52.121.0/24
204.69.32.0/24 204.69.32.0/24
205.142.63.0/24 205.142.63.0/24
212.184.0.0/15 212.184.0.0/15
212.185.0.0/16 212.185.0.0/16
212.87.217.0/24
213.145.90.0/23 213.145.90.0/23
213.145.92.0/23 213.145.92.0/23
213.173.0.0/19 213.173.0.0/19
@ -450,6 +437,7 @@
213.209.156.0/24 213.209.156.0/24
217.0.0.0/13 217.0.0.0/13
217.117.96.0/24 217.117.96.0/24
217.198.189.0/24
217.224.0.0/11 217.224.0.0/11
217.24.32.0/20 217.24.32.0/20
217.24.33.0/24 217.24.33.0/24
@ -459,35 +447,21 @@
31.224.0.0/11 31.224.0.0/11
31.6.56.0/23 31.6.56.0/23
37.143.0.0/22 37.143.0.0/22
37.230.56.0/24
37.230.57.0/24
37.230.58.0/23
37.230.60.0/24
37.230.63.0/24
37.46.11.0/24 37.46.11.0/24
37.50.0.0/15 37.50.0.0/15
37.80.0.0/12 37.80.0.0/12
45.128.14.0/23
45.132.217.0/24
45.132.80.0/22 45.132.80.0/22
45.140.208.0/24 45.141.54.0/24
45.141.130.0/24 45.145.16.0/24
45.142.236.0/24
45.145.241.0/24
45.145.243.0/24
45.147.227.0/24 45.147.227.0/24
45.155.77.0/24
45.81.255.0/24 45.81.255.0/24
45.83.136.0/22 45.83.136.0/22
45.84.214.0/24
45.93.186.0/23 45.93.186.0/23
46.20.216.0/21
46.250.224.0/21 46.250.224.0/21
46.250.232.0/21 46.250.232.0/21
46.78.0.0/15 46.78.0.0/15
46.80.0.0/12 46.80.0.0/12
5.10.208.0/24
5.10.209.0/24
5.10.220.0/24
5.133.112.0/24 5.133.112.0/24
5.249.188.0/22 5.249.188.0/22
5.35.192.0/21 5.35.192.0/21
@ -503,14 +477,11 @@
64.137.119.0/24 64.137.119.0/24
64.137.125.0/24 64.137.125.0/24
64.137.127.0/24 64.137.127.0/24
77.242.149.0/24
77.47.152.0/22 77.47.152.0/22
77.83.136.0/23 77.83.136.0/23
77.83.138.0/23 77.83.138.0/23
77.83.32.0/22
77.90.156.0/24 77.90.156.0/24
77.90.184.0/24 77.90.184.0/24
79.139.52.0/22
79.192.0.0/10 79.192.0.0/10
80.128.0.0/11 80.128.0.0/11
80.128.0.0/12 80.128.0.0/12
@ -522,38 +493,47 @@
80.157.8.0/21 80.157.8.0/21
80.187.0.0/16 80.187.0.0/16
80.187.160.0/20 80.187.160.0/20
80.244.13.0/24
80.64.240.0/22 80.64.240.0/22
80.71.231.0/24 80.71.231.0/24
80.71.233.0/24 80.71.233.0/24
80.71.235.0/24 80.71.235.0/24
80.71.236.0/24 80.71.236.0/24
80.71.238.0/24 80.71.238.0/24
80.83.80.0/21
81.201.32.0/20 81.201.32.0/20
81.30.96.0/20 81.31.210.0/23
82.152.178.0/24 82.163.104.0/21
82.163.60.0/22 82.163.60.0/22
82.206.32.0/21 82.206.32.0/21
82.206.40.0/21 82.206.40.0/21
82.206.48.0/21
82.215.70.0/24 82.215.70.0/24
83.136.208.0/22
83.147.36.0/22
83.243.48.0/21 83.243.48.0/21
84.128.0.0/10 84.128.0.0/10
84.234.16.0/20
84.246.108.0/24 84.246.108.0/24
84.32.108.0/22 84.32.108.0/22
84.32.48.0/22 84.32.48.0/22
84.55.0.0/24
84.55.1.0/24
84.55.2.0/24
84.55.3.0/24
84.55.4.0/24
84.55.5.0/24
84.55.6.0/24
84.55.7.0/24
85.116.28.0/24 85.116.28.0/24
85.116.29.0/24 85.116.29.0/24
85.116.30.0/24 85.116.30.0/24
85.116.31.0/24 85.116.31.0/24
85.119.160.0/23 85.119.160.0/23
85.204.160.0/22 85.204.181.0/24
85.208.248.0/24 85.208.248.0/24
85.208.249.0/24 85.208.249.0/24
85.208.250.0/24 85.208.250.0/24
85.208.251.0/24 85.208.251.0/24
85.237.76.0/22 86.105.211.0/24
86.107.164.0/24
86.38.248.0/21 86.38.248.0/21
86.38.37.0/24 86.38.37.0/24
87.128.0.0/10 87.128.0.0/10
@ -564,10 +544,40 @@
88.216.60.0/22 88.216.60.0/22
89.116.64.0/22 89.116.64.0/22
89.213.186.0/23 89.213.186.0/23
89.35.127.0/24 89.39.97.0/24
89.43.34.0/24 89.43.34.0/24
91.0.0.0/10 91.0.0.0/10
91.103.240.0/21 91.103.240.0/21
91.124.135.0/24
91.124.19.0/24
91.124.20.0/24
91.124.21.0/24
91.124.22.0/24
91.124.23.0/24
91.124.24.0/24
91.124.26.0/24
91.124.27.0/24
91.124.28.0/24
91.124.31.0/24
91.124.32.0/24
91.124.33.0/24
91.124.34.0/24
91.124.36.0/24
91.124.37.0/24
91.124.38.0/24
91.124.39.0/24
91.124.40.0/24
91.124.41.0/24
91.124.42.0/24
91.124.43.0/24
91.124.44.0/24
91.124.45.0/24
91.124.46.0/24
91.124.47.0/24
91.124.50.0/24
91.124.51.0/24
91.124.6.0/24
91.124.7.0/24
91.189.192.0/21 91.189.192.0/21
91.194.232.0/23 91.194.232.0/23
91.198.113.0/24 91.198.113.0/24
@ -592,19 +602,40 @@
91.216.242.0/24 91.216.242.0/24
91.216.45.0/24 91.216.45.0/24
91.217.214.0/24 91.217.214.0/24
91.221.12.0/23
91.222.232.0/22 91.222.232.0/22
91.227.98.0/23 91.227.98.0/23
91.232.136.0/22
91.232.54.0/24 91.232.54.0/24
92.112.128.0/24
92.112.155.0/24
92.112.157.0/24
92.112.16.0/22
92.112.160.0/24
92.112.162.0/24
92.112.165.0/24
92.112.167.0/24
92.112.20.0/22
92.112.48.0/24
92.112.49.0/24
92.112.52.0/24
92.112.54.0/24
92.112.59.0/24
92.112.63.0/24
92.112.64.0/24
92.112.67.0/24
92.112.79.0/24
92.112.81.0/24
92.112.83.0/24
92.112.94.0/24
92.114.44.0/22 92.114.44.0/22
92.119.164.0/22 92.119.164.0/22
92.119.208.0/24 92.119.208.0/24
92.119.209.0/24 92.119.209.0/24
92.119.210.0/24 92.119.210.0/24
92.119.211.0/24 92.119.211.0/24
93.119.184.0/21 93.113.70.0/24
93.119.201.0/24
93.192.0.0/10 93.192.0.0/10
93.95.119.0/24
94.126.98.0/24 94.126.98.0/24
94.26.110.0/23 94.26.110.0/23
94.26.64.0/23 94.26.64.0/23
@ -620,7 +651,6 @@
2001:678:b38::/48 2001:678:b38::/48
2001:678:bdc::/48 2001:678:bdc::/48
2001:678:d4c::/48 2001:678:d4c::/48
2001:678:e9c::/48
2001:678:ff0::/48 2001:678:ff0::/48
2001:67c:11a4::/48 2001:67c:11a4::/48
2001:67c:14c4::/48 2001:67c:14c4::/48
@ -641,6 +671,7 @@
2001:67c:b80::/48 2001:67c:b80::/48
2001:67c:c84::/48 2001:67c:c84::/48
2001:67c:c9c::/48 2001:67c:c9c::/48
2001:67c:ec0::/48
2003:3c0::/28 2003:3c0::/28
2003:3e0::/28 2003:3e0::/28
2003:8:1800::/48 2003:8:1800::/48
@ -663,6 +694,8 @@
2003::/19 2003::/19
2003::/20 2003::/20
2003::/23 2003::/23
2a00:5c60:3::/48
2a00:5c60:a::/48
2a00:6680::/46 2a00:6680::/46
2a01:598::/29 2a01:598::/29
2a01:8fa0::/32 2a01:8fa0::/32
@ -694,8 +727,11 @@
2a0d:480::/29 2a0d:480::/29
2a0d:480::/30 2a0d:480::/30
2a0d:484::/30 2a0d:484::/30
2a0e:cbc4::/32
2a0e:cbc5::/32
2a0e:cbc6::/32
2a0e:cbc7::/32
2a0e:eb40::/32 2a0e:eb40::/32
2a0f:15c0::/32
2a10:cd80::/29 2a10:cd80::/29
2a11:7400:d1::/48 2a11:7400:d1::/48
2a12:6900:1000::/40 2a12:6900:1000::/40

315
configs/as8881.txt
View file

@ -1,19 +1,13 @@
104.151.0.0/17 104.151.0.0/17
109.250.0.0/16 109.250.0.0/16
109.250.0.0/20 109.250.0.0/18
109.250.128.0/19 109.250.128.0/19
109.250.16.0/20
109.250.160.0/19 109.250.160.0/19
109.250.192.0/19 109.250.192.0/19
109.250.224.0/19 109.250.224.0/19
109.250.32.0/19 109.250.64.0/18
109.250.64.0/19
109.250.80.0/22
109.250.84.0/22
109.250.88.0/22
109.250.92.0/22
109.250.96.0/19
134.101.0.0/21 134.101.0.0/21
14.102.90.0/24
143.58.64.0/18 143.58.64.0/18
149.233.32.0/19 149.233.32.0/19
153.94.0.0/20 153.94.0.0/20
@ -35,6 +29,7 @@
185.151.201.0/24 185.151.201.0/24
185.151.203.0/24 185.151.203.0/24
185.158.48.0/22 185.158.48.0/22
185.187.122.0/24
185.199.205.0/24 185.199.205.0/24
185.235.232.0/22 185.235.232.0/22
185.8.230.0/23 185.8.230.0/23
@ -45,13 +40,13 @@
192.166.84.0/22 192.166.84.0/22
192.166.87.0/24 192.166.87.0/24
192.166.88.0/21 192.166.88.0/21
192.189.14.0/24
193.101.4.0/23 193.101.4.0/23
193.101.5.0/24 193.102.10.0/24
193.111.212.0/22 193.111.212.0/22
193.111.212.0/24 193.111.212.0/24
193.163.13.0/24 193.163.13.0/24
193.163.13.0/25 193.17.225.0/24
193.163.13.128/25
193.219.15.0/24 193.219.15.0/24
193.22.120.0/21 193.22.120.0/21
193.22.120.0/24 193.22.120.0/24
@ -92,7 +87,7 @@
194.127.144.0/21 194.127.144.0/21
194.127.203.0/24 194.127.203.0/24
194.139.55.0/24 194.139.55.0/24
194.145.230.0/24 194.145.218.0/23
194.156.216.0/21 194.156.216.0/21
194.156.232.0/23 194.156.232.0/23
194.156.233.0/24 194.156.233.0/24
@ -115,24 +110,23 @@
194.99.0.0/21 194.99.0.0/21
195.149.80.0/23 195.149.80.0/23
195.167.208.0/20 195.167.208.0/20
195.191.20.0/23
195.202.32.0/19 195.202.32.0/19
195.226.160.0/19 195.226.160.0/19
195.226.96.0/19 195.226.96.0/19
195.234.139.0/24 195.234.139.0/24
195.238.233.0/24 195.238.233.0/24
195.244.10.0/23 195.238.238.0/24
195.64.176.0/23 195.64.176.0/23
195.93.158.0/23 195.93.158.0/23
202.71.128.0/20 202.71.128.0/20
202.71.141.0/24
212.204.0.0/19 212.204.0.0/19
212.7.128.0/19 212.7.128.0/19
212.8.0.0/19 212.8.0.0/19
212.80.224.0/19 212.80.224.0/19
212.80.224.0/20
212.80.240.0/20
212.93.0.0/19 212.93.0.0/19
213.138.32.0/19 213.138.32.0/19
213.138.35.0/24
213.139.128.0/19 213.139.128.0/19
213.182.128.0/19 213.182.128.0/19
213.30.192.0/18 213.30.192.0/18
@ -149,307 +143,155 @@
45.13.15.0/24 45.13.15.0/24
46.142.0.0/16 46.142.0.0/16
46.142.0.0/19 46.142.0.0/19
46.142.112.0/20
46.142.128.0/19 46.142.128.0/19
46.142.160.0/19 46.142.160.0/19
46.142.194.0/24
46.142.214.0/24 46.142.214.0/24
46.142.224.0/19 46.142.224.0/19
46.142.32.0/20 46.142.32.0/19
46.142.48.0/20
46.142.64.0/19 46.142.64.0/19
46.142.96.0/19
46.142.96.0/20 46.142.96.0/20
46.189.0.0/17 46.189.0.0/17
46.189.116.0/24
61.8.128.0/19 61.8.128.0/19
61.8.128.0/22
61.8.132.0/22
61.8.136.0/22
61.8.144.0/22
61.8.152.0/22
61.8.156.0/24
61.8.157.0/24
62.214.0.0/16 62.214.0.0/16
62.214.213.0/24
62.214.224.0/19 62.214.224.0/19
62.217.32.0/19 62.217.32.0/19
62.220.0.0/19 62.220.0.0/19
62.68.82.0/24 62.68.82.0/24
62.72.64.0/19 62.72.64.0/19
62.72.88.0/22 62.72.70.0/24
62.72.92.0/23
62.72.94.0/24
77.74.136.0/21 77.74.136.0/21
77.87.190.0/24 77.87.190.0/24
80.241.192.0/20
80.242.160.0/19 80.242.160.0/19
82.119.160.0/19 82.119.160.0/19
82.140.0.0/18 82.140.0.0/18
82.140.2.0/23 82.140.48.0/20
82.140.2.0/24
82.140.3.0/24
82.140.48.0/21
82.144.32.0/19 82.144.32.0/19
82.144.34.0/24
82.144.35.0/24
82.144.36.0/24
82.144.37.0/24
82.145.0.0/19 82.145.0.0/19
82.194.96.0/19 82.194.96.0/19
82.207.128.0/17 82.207.128.0/17
82.207.192.0/19 82.207.192.0/19
82.207.224.0/21
82.207.232.0/22
82.207.236.0/24
82.207.240.0/20
82.207.244.0/24
82.207.245.0/24
82.207.246.0/24
82.207.247.0/24
82.207.248.0/24
82.207.249.0/24
82.207.250.0/24
82.207.251.0/24
82.207.252.0/24
82.207.253.0/24
82.207.254.0/24
82.207.255.0/24
83.135.0.0/16 83.135.0.0/16
83.135.0.0/22 83.135.0.0/20
83.135.112.0/20 83.135.112.0/20
83.135.128.0/19 83.135.128.0/19
83.135.16.0/22
83.135.160.0/21 83.135.160.0/21
83.135.164.0/22
83.135.168.0/21 83.135.168.0/21
83.135.176.0/22 83.135.176.0/22
83.135.180.0/22
83.135.184.0/21 83.135.184.0/21
83.135.192.0/20 83.135.192.0/20
83.135.20.0/24
83.135.208.0/20 83.135.208.0/20
83.135.21.0/24
83.135.22.0/24
83.135.224.0/22 83.135.224.0/22
83.135.23.0/24
83.135.230.0/23
83.135.232.0/21 83.135.232.0/21
83.135.24.0/24
83.135.240.0/22 83.135.240.0/22
83.135.244.0/24
83.135.245.0/24
83.135.248.0/24
83.135.249.0/24
83.135.25.0/24
83.135.250.0/24
83.135.251.0/24
83.135.252.0/24
83.135.253.0/24
83.135.254.0/24
83.135.255.0/24
83.135.26.0/24
83.135.27.0/24
83.135.28.0/24
83.135.29.0/24
83.135.30.0/24
83.135.31.0/24
83.135.32.0/19
83.135.4.0/22
83.135.64.0/19 83.135.64.0/19
83.135.8.0/21
83.135.96.0/20 83.135.96.0/20
84.19.192.0/19 84.19.192.0/19
84.19.192.0/20
84.19.208.0/20
87.122.0.0/15 87.122.0.0/15
87.122.0.0/16
87.122.0.0/20 87.122.0.0/20
87.122.128.0/21 87.122.128.0/21
87.122.136.0/22
87.122.144.0/20 87.122.144.0/20
87.122.16.0/20 87.122.16.0/20
87.122.160.0/20 87.122.160.0/20
87.122.176.0/21 87.122.176.0/21
87.122.184.0/24
87.122.185.0/24
87.122.186.0/24
87.122.187.0/24
87.122.188.0/24
87.122.189.0/24
87.122.190.0/24
87.122.191.0/24
87.122.192.0/19 87.122.192.0/19
87.122.224.0/19 87.122.224.0/19
87.122.32.0/19 87.122.32.0/19
87.122.64.0/19 87.122.64.0/19
87.122.96.0/19 87.122.96.0/19
87.123.0.0/16
87.123.0.0/19 87.123.0.0/19
87.123.112.0/20
87.123.128.0/19 87.123.128.0/19
87.123.160.0/20 87.123.160.0/20
87.123.176.0/20 87.123.176.0/20
87.123.192.0/20 87.123.194.0/24
87.123.208.0/22 87.123.196.0/24
87.123.203.0/24
87.123.216.0/21 87.123.216.0/21
87.123.224.0/20 87.123.224.0/20
87.123.240.0/22 87.123.240.0/21
87.123.244.0/22
87.123.248.0/22
87.123.252.0/24
87.123.253.0/24
87.123.254.0/24
87.123.255.0/24
87.123.32.0/19 87.123.32.0/19
87.123.64.0/20 87.123.64.0/20
87.123.80.0/20 87.123.80.0/20
87.123.96.0/19 87.123.96.0/19
87.123.96.0/20
88.130.0.0/16 88.130.0.0/16
88.130.0.0/19
88.130.130.0/23
88.130.132.0/22
88.130.136.0/21 88.130.136.0/21
88.130.144.0/21 88.130.144.0/20
88.130.152.0/24
88.130.153.0/24
88.130.154.0/24
88.130.155.0/24
88.130.156.0/22
88.130.156.0/24
88.130.157.0/24
88.130.158.0/24
88.130.159.0/24
88.130.160.0/21
88.130.172.0/22
88.130.176.0/21 88.130.176.0/21
88.130.180.0/24 88.130.192.0/23
88.130.181.0/24 88.130.194.0/23
88.130.182.0/24
88.130.183.0/24
88.130.184.0/24
88.130.185.0/24
88.130.186.0/24
88.130.187.0/24
88.130.188.0/24
88.130.189.0/24
88.130.190.0/24
88.130.191.0/24
88.130.192.0/21
88.130.200.0/21
88.130.208.0/21
88.130.216.0/21 88.130.216.0/21
88.130.216.0/22
88.130.220.0/24
88.130.221.0/24
88.130.222.0/24
88.130.223.0/24
88.130.32.0/20
88.130.48.0/24 88.130.48.0/24
88.130.49.0/24 88.130.49.0/24
88.130.50.0/24 88.130.50.0/24
88.130.51.0/24
88.130.52.0/24 88.130.52.0/24
88.130.53.0/24 88.130.53.0/24
88.130.54.0/24 88.130.54.0/23
88.130.55.0/24
88.130.56.0/24 88.130.56.0/24
88.130.57.0/24 88.130.57.0/24
88.130.58.0/24 88.130.58.0/24
88.130.59.0/24 88.130.59.0/24
88.130.60.0/24
88.130.61.0/24 88.130.61.0/24
88.130.62.0/24
88.130.63.0/24 88.130.63.0/24
88.130.64.0/19 88.130.64.0/19
88.130.96.0/19 88.130.96.0/19
89.207.200.0/21
89.244.0.0/14 89.244.0.0/14
89.244.0.0/16
89.244.112.0/21
89.244.120.0/21 89.244.120.0/21
89.244.120.0/22
89.244.124.0/24
89.244.126.0/24
89.244.127.0/24
89.244.160.0/21 89.244.160.0/21
89.244.164.0/22
89.244.168.0/21
89.244.176.0/20 89.244.176.0/20
89.244.192.0/19 89.244.192.0/19
89.244.224.0/20 89.244.224.0/20
89.244.240.0/20 89.244.76.0/24
89.244.64.0/21 89.244.78.0/23
89.244.72.0/22
89.244.80.0/20 89.244.80.0/20
89.244.96.0/20 89.244.96.0/22
89.245.0.0/16
89.245.0.0/20 89.245.0.0/20
89.245.112.0/20
89.245.158.0/24
89.245.159.0/24
89.245.16.0/20 89.245.16.0/20
89.245.160.0/20 89.245.160.0/20
89.245.176.0/21 89.245.176.0/21
89.245.184.0/24
89.245.185.0/24
89.245.186.0/24
89.245.187.0/24
89.245.188.0/24
89.245.189.0/24
89.245.190.0/24
89.245.191.0/24
89.245.192.0/19 89.245.192.0/19
89.245.224.0/19 89.245.224.0/19
89.245.32.0/19 89.245.32.0/19
89.245.32.0/20 89.245.64.0/19
89.245.64.0/20
89.245.80.0/20
89.245.96.0/20 89.245.96.0/20
89.246.0.0/16
89.246.0.0/19 89.246.0.0/19
89.246.104.0/23
89.246.106.0/24
89.246.107.0/24
89.246.108.0/24
89.246.109.0/24
89.246.110.0/24
89.246.111.0/24
89.246.112.0/22 89.246.112.0/22
89.246.116.0/22
89.246.120.0/24
89.246.121.0/24
89.246.122.0/24 89.246.122.0/24
89.246.123.0/24
89.246.124.0/22 89.246.124.0/22
89.246.160.0/20
89.246.160.0/21 89.246.160.0/21
89.246.176.0/22
89.246.180.0/22
89.246.184.0/21 89.246.184.0/21
89.246.192.0/19 89.246.192.0/19
89.246.32.0/20 89.246.32.0/19
89.246.48.0/21
89.246.56.0/21
89.246.96.0/21 89.246.96.0/21
89.247.0.0/16
89.247.0.0/19 89.247.0.0/19
89.247.112.0/21 89.247.112.0/21
89.247.112.0/22
89.247.120.0/22 89.247.120.0/22
89.247.124.0/24
89.247.125.0/24
89.247.126.0/24
89.247.127.0/24
89.247.144.0/20 89.247.144.0/20
89.247.160.0/20 89.247.160.0/20
89.247.179.0/24
89.247.192.0/20 89.247.192.0/20
89.247.208.0/21
89.247.216.0/22 89.247.216.0/22
89.247.224.0/21 89.247.228.0/22
89.247.232.0/21 89.247.232.0/21
89.247.232.0/22
89.247.236.0/22 89.247.236.0/22
89.247.240.0/21 89.247.252.0/22
89.247.240.0/22
89.247.252.0/24
89.247.253.0/24
89.247.254.0/24
89.247.255.0/24
89.247.32.0/19 89.247.32.0/19
89.247.32.0/20 89.247.32.0/20
89.247.64.0/20 89.247.64.0/20
89.247.80.0/20 89.247.80.0/20
89.247.96.0/20
89.27.128.0/17 89.27.128.0/17
89.27.153.0/24
91.194.180.0/23 91.194.180.0/23
91.198.67.0/24 91.198.67.0/24
91.199.158.0/24 91.199.158.0/24
@ -468,8 +310,7 @@
92.116.120.0/21 92.116.120.0/21
92.116.128.0/18 92.116.128.0/18
92.116.16.0/20 92.116.16.0/20
92.116.192.0/19 92.116.192.0/18
92.116.224.0/19
92.116.32.0/19 92.116.32.0/19
92.116.64.0/18 92.116.64.0/18
92.116.96.0/19 92.116.96.0/19
@ -483,67 +324,34 @@
92.117.240.0/21 92.117.240.0/21
92.117.248.0/21 92.117.248.0/21
92.117.64.0/19 92.117.64.0/19
92.117.96.0/19
94.134.0.0/15 94.134.0.0/15
94.134.0.0/18 94.134.0.0/18
94.134.100.0/22 94.134.112.0/22
94.134.112.0/21
94.134.120.0/24
94.134.121.0/24
94.134.122.0/24
94.134.123.0/24
94.134.124.0/24
94.134.125.0/24
94.134.126.0/24
94.134.127.0/24
94.134.128.0/20
94.134.144.0/20 94.134.144.0/20
94.134.160.0/21 94.134.160.0/21
94.134.168.0/22 94.134.168.0/22
94.134.172.0/22 94.134.172.0/22
94.134.176.0/20
94.134.176.0/21 94.134.176.0/21
94.134.192.0/20 94.134.192.0/22
94.134.208.0/21
94.134.216.0/21 94.134.216.0/21
94.134.224.0/19 94.134.64.0/22
94.134.64.0/20 94.134.68.0/22
94.134.80.0/22 94.134.80.0/22
94.134.84.0/24 94.134.88.0/22
94.134.85.0/24 94.134.94.0/23
94.134.86.0/24
94.134.87.0/24
94.134.88.0/24
94.134.89.0/24
94.134.90.0/24
94.134.91.0/24
94.134.92.0/24
94.134.93.0/24
94.134.94.0/24
94.134.95.0/24
94.134.96.0/20 94.134.96.0/20
94.134.96.0/22
2001:1438:1000::/36 2001:1438:1000::/36
2001:1438:1:100::/56
2001:1438:1:200::/56
2001:1438:1:300::/56
2001:1438:1:400::/56
2001:1438:1:900::/56
2001:1438:1:a00::/56
2001:1438:2000::/36 2001:1438:2000::/36
2001:1438:3000::/36 2001:1438:3000::/36
2001:1438:4000::/36 2001:1438:4000::/36
2001:1438::/32 2001:1438::/32
2001:1438:f000::/36
2001:1438:fff:10::/64
2001:1438:fff:11::/64
2001:1438:fff:12::/64
2001:1438:fff:3::/64
2001:1438:fff:4::/64
2001:1438:fff:5::/64
2001:1438:fff:6::/64
2001:1438:fff:7::/64
2001:1438:fff:8::/64
2001:1438:fff:9::/64
2001:1438:fff:a::/64
2001:1438:fff:b::/64
2001:1438:fff:c::/64
2001:1438:fff:d::/64
2001:1438:fff:e::/64
2001:1438:fff:f::/64
2001:16b8:1000::/40 2001:16b8:1000::/40
2001:16b8:100::/40 2001:16b8:100::/40
2001:16b8:1100::/40 2001:16b8:1100::/40
@ -593,12 +401,14 @@
2001:16b8:a000::/35 2001:16b8:a000::/35
2001:16b8:a00::/40 2001:16b8:a00::/40
2001:16b8:b00::/40 2001:16b8:b00::/40
2001:16b8:c000::/35
2001:678:c74::/48 2001:678:c74::/48
2001:67c:27ac::/48 2001:67c:27ac::/48
2001:67c:2878::/48 2001:67c:2878::/48
2001:67c:2e8c::/48 2001:67c:2e8c::/48
2001:67c:660::/48 2001:67c:660::/48
2001:67c:888::/48 2001:67c:888::/48
2001:67c:ed8::/48
2001:7b0::/32 2001:7b0::/32
2001:9e8:2000::/35 2001:9e8:2000::/35
2001:9e8:4000::/35 2001:9e8:4000::/35
@ -615,10 +425,11 @@
2a00:fb8:4000::/35 2a00:fb8:4000::/35
2a00:fb8:6000::/35 2a00:fb8:6000::/35
2a00:fb8::/29 2a00:fb8::/29
2a00:fb8::/32
2a00:fb8::/35 2a00:fb8::/35
2a03:3fc0:2000::/48 2a03:3fc0:2000::/48
2a07:9400::/29 2a07:9400::/29
2a0a:ed40::/29 2a0a:ed40::/29
2a0b:9e80:1000::/36
2a0d:240::/29 2a0d:240::/29
2a0d:ad00::/29 2a0d:ad00::/29
2a11:d00::/32

98
data/apt/files/gpg-keys/grafana.asc
View file

@ -1,4 +1,46 @@
-----BEGIN PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQENBFiHXVIBCADr3VDEAGpq9Sg/xrPVu1GGqWGXdbnTbbNKeveCtFHZz7/GSATW
iwiY1skvlAOBiIKCqJEji0rZZgd8WxuhdfugiCBk1hDTMWCpjI0P+YymV77jHjYB
jHrKNlhb+aLjEd9Gf2EtbKUT1fvGUkzlVrcRGSX/XR9MBZlgja7NIyuVbn3uwZQ4
jflWSNSlvMpohNxTFkrBFTRrCJXhbDLfCS46+so22CP3+1VQyqJ7/6RWK9v9KYdS
AVNgILXMggSrMqha4WA1a/ktczVQXNtP8IuPxTdp9pNYsklOTmrFVeq3mXsvWh9Q
lIhpYHIZlTZ5wVBq4wTRchsXC5MubIhz+ASDABEBAAG0GkdyYWZhbmEgPGluZm9A
Z3JhZmFuYS5jb20+iQE4BBMBAgAiBQJYh11SAhsDBgsJCAcDAgYVCAIJCgsEFgID
AQIeAQIXgAAKCRCMjDTFJAmMthxJB/9Id6JrwqRkJW+eSBb71FGQmRsJvNFR8J+3
NPVhJNkTFFOM7TnjAMUIv+LYEURqGcceTNAN1aHq/7n/8ybXucCS0CnDYyNYpyVs
tWJ3FOQK3jPrmziDCWPQATqMM/Z2auXVFWrDFqfh2xKZNjuix0w2nyuWB8U0CG2U
89w+ksPJblGGU5xLPPzDQoAqyZXY3gpGGTkCuohMq2RWYbp/QJSQagYhQkKZoJhr
XJlnw4At6R1A5UUPzDw6WJqMRkGrkieE6ApIgf1vZSmnLRpXkqquRTAEyGT8Pugg
ee6YkD19/LK6ED6gn32StY770U9ti560U7oRjrOPK/Kjp4+qBtkQuQENBFiHXVIB
CACz4hO1g/4fKO9QWLcbSWpB75lbNgt1kHXP0UcW8TE0DIgqrifod09lC85adIz0
zdhs+00lLqckM5wNbp2r+pd5rRaxOsMw2V+c/y1Pt3qZxupmPc5l5lL6jzbEVR9g
ygPaE+iabTk9Np2OZQ7Qv5gIDzivqK2mRHXaHTzoQn2dA/3xpFcxnen9dvu7LCpA
CdScSj9/UIRKk9PHIgr2RJhcjzLx0u1PxN9MEqfIsIJUUgZOoDsr8oCs44PGGIMm
cK1CKALLLiC4ZM58B56jRyXo18MqB6VYsC1X9wkcIs72thL3tThXO70oDGcoXzoo
ywAHBH63EzEyduInOhecDIKlABEBAAGJAR8EGAECAAkFAliHXVICGwwACgkQjIw0
xSQJjLbWSwf/VIM5wEFBY4QLGUAfqfjDyfGXpcha58Y24Vv3n6MwJqnCIbTAaeWf
30CZ/wHg3NNIMB7I31vgmMOEbHQdv0LPTi9TG205VQeehcpNtZRZQ0D8TIetbxyi
Emmn9osig9U3/7jaAWBabE/9bGx4TF3eLlEH9wmFrNYeXvgRqmyqVoqhIMCNAAOY
REYyHyy9mzr9ywkwl0aroBqhzKIPyFlatZy9oRKllY/CCKO9RJy4DZidLphuwzqU
ymdQ1sqe5nKvwG5GvcncPc3O7LMevDBWnpNNkgERnVxCqpm90TuE3ONbirnU4+/S
tUsVU1DERc1fjOCnAm4pKIlNYphISIE7OQ==
=0pMC
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate
iQE2BCABCgAgFiEETkDd9tduKEpKZ4DkjIw0xSQJjLYFAmO9q0cCHQIACgkQjIw0
xSQJjLarJAf+JJU0CHTMSSs5WH6ohVy54HN+ev7p7vfcgvvFBAWZLTLrG5+eFUH0
w0m9KegxAs+H/H/68ld1jY/P62fvkOR7WCWQ7HH+8ClKLwuWS4DpOHK9IOkHDK0w
0pVJ6NBiwhv8/B7EmiBf9zndjMtYa/wf8JZYVOXb0XE0L+Ec0WZSRZH+/WGA1E1s
MSgPwqDF7RKXDCJ65elYxi9CPZvXhj6RVldn/aRuHf5/SCDE/HmnDB9+v6ReEsWV
r/Xis2J0pWphpF/xtYxGf+Iy5fAHwDd4z9uKs9mBHSR0aDisuAW/eHF6KvBzQ7y0
Yf3KxEyDvLwuAA5NBi7Xsd2wSKdfBGUGcQ==
=KTb+
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGO4aiUBDAC82zo3vUyQH3yTCabQ7ZpospBg/xXBbJWbQNksIbEP/+I12CjB mQGNBGO4aiUBDAC82zo3vUyQH3yTCabQ7ZpospBg/xXBbJWbQNksIbEP/+I12CjB
zac1QcMFd27MJlyXpsTqqSo1ZHOisNy0Tmyl/WlqMyoMeChg+LmIHLNbvAK0jPOX zac1QcMFd27MJlyXpsTqqSo1ZHOisNy0Tmyl/WlqMyoMeChg+LmIHLNbvAK0jPOX
@ -39,3 +81,59 @@ Fj8eP2CocfRC+Lqv0azQwyEVMkYSMKoFbhXmjiBZn9JxblndKnVbByA1/nMAa0Q7
HTJC50jDJfpM9d1xQW/W5LBSQjd3czM6zlRXsliX HTJC50jDJfpM9d1xQW/W5LBSQjd3czM6zlRXsliX
=lSMJ =lSMJ
-----END PGP PUBLIC KEY BLOCK----- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: This is a revocation certificate
iQG2BCABCAAgFiEEDiLriOOeEid6d2CunkObECzzwMYFAmO4amECHQAACgkQnkOb
ECzzwMYiDQv/bbRnEhrFhr5XyA2vnu6nTZezbMwArC/ZwtFxtnj2iAwGZYY/pbPx
L8cHTpvK99I6J02SBHpmzthwHSindddPjuuQENdqH/TDlGvPH/mECJVTN9/kpjlg
HtO0MVKAKyXGbij7fR8prfPMRqOFbo4Rn9nQZZ/eY9KwkKVKxKHymppNbUbvv1qQ
NGfOi2QWkF+T8dbihbJHJgYpPb7uEmJ2EOX0KHu9nlYGX4jxtql+M3yeOi3juaXH
hLFWqVn3FkQW7N4IV+bVTkYcxQg01rWqY/h7BvL88AiMoiUXhOvE5iAS4sJe+EVB
bDfRaLr1Ju1CXYm5B+Q9b2pU0SWAbBNlVxYGs+NOeBh9YzwdGTFW2l/S/VLLv0bE
hBYuLwOIs0BqrL4TWwlB1ucEikg+r3O7OZL8Dnw0mnBVBmQxKhl1p8dLcYtylG3B
aEIbN6wHQe03xYvAmaHDdG0kjPiwhOlpZ+YU3ux8F2YnENXm9J+25GMyTXqybKQl
ltTE4hHgRH2v
=n71X
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGTnhmkBDADUE+SzjRRyitIm1siGxiHlIlnn6KO4C4GfEuV+PNzqxvwYO+1r
mcKlGDU0ugo8ohXruAOC77Kwc4keVGNU89BeHvrYbIftz/yxEneuPsCbGnbDMIyC
k44UOetRtV9/59Gj5YjNqnsZCr+e5D/JfrHUJTTwKLv88A9eHKxskrlZr7Un7j3i
Ef3NChlOh2Zk9Wfk8IhAqMMTferU4iTIhQk+5fanShtXIuzBaxU3lkzFSG7VuAH4
CBLPWitKRMn5oqXUE0FZbRYL/6Qz0Gt6YCJsZbaQ3Am7FCwWCp9+ZHbR9yU+bkK0
Dts4PNx4Wr9CktHIvbypT4Lk2oJEPWjcCJQHqpPQZXbnclXRlK5Ea0NVpaQdGK+v
JS4HGxFFjSkvTKAZYgwOk93qlpFeDML3TuSgWxuw4NIDitvewudnaWzfl9tDIoVS
Bb16nwJ8bMDzovC/RBE14rRKYtMLmBsRzGYHWd0NnX+FitAS9uURHuFxghv9GFPh
eTaXvc4glM94HBUAEQEAAbQmR3JhZmFuYSBMYWJzIDxlbmdpbmVlcmluZ0BncmFm
YW5hLmNvbT6JAdQEEwEKAD4WIQS1Oud7rbYwpoMEYAWWP6J3EEWFRQUCZOeGaQIb
AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRCWP6J3EEWFRUiADACa
i+xytv2keEFJWjXNnFAx6/obnHRcXOI3w6nH/zL8gNI7YN5jcdQT2NYvKVYTb3fW
GuMsjHWgat5Gq3AtJrOKABpZ6qeYNPk0Axn/dKtOTwXjZ4pKX3bbUYvVfs0fCEZv
B0HHIj2wI9kgMpoTrkj22LE8layZTPOoQ+3/FbLzS8hN3CYZj25mHN7bpZq8EbV3
8FW9EU0HM0tg6CvoxkRiVqAuAC0KnVIZAdhD4dlYKuncq64nMvT1A5wxSYbnE+uf
mnWQQhhS6BOwRqN054yw1FrWNDFsvnOSHmr8dIiriv+aZYvx5JQFJ7oZP3LwdYyg
ocQcAJA8HFTIk3P6uJiIF/zdDzocgdKs+IYDoId0hxX7sGCvqdrsveq8n3m7uQiN
7FvSiV0eXIdV4F7340kc8EKiYwpuYSaZX0UWKLenzlUvD+W4pZCWtoXzPsW7PKUt
q1xdW0+NY+AGLCvSJCc5F4S5kFCObfBAYBbldjwwJFocdq/YOvvWYTPyV7kJeJS5
AY0EZOeGaQEMALNIFUricEIwtZiX7vSDjwxobbqPKqzdek8x3ud0CyYlrbGHy0k+
FDEXstjJQQ1s9rjJSu3sv5wyg9GDAUH3nzO976n/ZZvKPti3p2XU2UFx5gYkaaFV
D56yYxqGY0YU5ft6BG+RUz3iEPg3UBUzt0sCIYnG9+CsDqGOnRYIIa46fu2/H9Vu
8JvvSq9xbsK9CfoQDkIcoQOixPuI4P7eHtswCeYR/1LUTWEnYQWsBCf57cEpzR6t
7mlQnzQo9z4i/kp4S0ybDB77wnn+isMADOS+/VpXO+M7Zj5tpfJ6PkKch3SGXdUy
3zht8luFOYpJr2lVzp7n3NwB4zW08RptTzTgFAaW/NH2JjYI+rDvQm4jNs08Dtsp
nm4OQvBA9Df/6qwMEOZ9i10ixqk+55UpQFJ3nf4uKlSUM7bKXXVcD/odq804Y/K4
y3csE059YVIyaPexEvYSYlHE2odJWRg2Q1VehmrOSC8Qps3xpU7dTHXD74ZpaYbr
haViRS5v/lCsiwARAQABiQG8BBgBCgAmFiEEtTrne622MKaDBGAFlj+idxBFhUUF
AmTnhmkCGwwFCQPCZwAACgkQlj+idxBFhUUNbQv8DCcfi3GbWfvp9pfY0EJuoFJX
LNgci7z7smXq7aqDp2huYQ+MulnPAydjRCVW2fkHItF2Ks6l+2/8t5Xz0eesGxST
xTyR31ARENMXaq78Lq+itZ+usOSDNuwJcEmJM6CceNMLs4uFkX2GRYhchkry7P0C
lkLxUTiB43ooi+CqILtlNxH7kM1O4Ncs6UGZMXf2IiG9s3JDCsYVPkC5QDMOPkTy
2ZriF56uPerlJveF0dC61RZ6RlM3iSJ9Fwvea0Oy4rwkCcs5SHuwoDTFyxiyz0QC
9iqi3fG3iSbLvY9UtJ6X+BtDqdXLAT9Pq527mukPP3LwpEqFVyNQKnGLdLOu2YXc
TWWWseSQkHRzBmjD18KTD74mg4aXxEabyT4snrXpi5+UGLT4KXGV5syQO6Lc0OGw
9O/0qAIU+YW7ojbKv8fr+NB31TGhGYWASjYlN1NvPotRAK6339O0/Rqr9xGgy3AY
SR+ic2Y610IM7xccKuTVAW9UofKQwJZChqae9VVZ
=J9CI
-----END PGP PUBLIC KEY BLOCK-----

74
data/proftpd/files/home.paperless.conf Normal file
View file

@ -0,0 +1,74 @@
Include /etc/proftpd/modules.conf
UseIPv6 on
<IfModule mod_ident.c>
IdentLookups off
</IfModule>
ServerName "home.paperless"
ServerType standalone
DeferWelcome off
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
RequireValidShell off
Port 21
PassivePorts 49152 50192
MaxInstances 30
User proftpd
Group nogroup
Umask 022 022
AllowOverwrite on
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
<Anonymous /mnt/paperless/consume/>
User nobody
Group nogroup
UserAlias anonymous ftp
<Directory *>
AllowAll
</Directory>
</Anonymous>

34
data/ssl/_.home.kunbox.net.crt.pem
View file

@ -1,22 +1,22 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIDsDCCAzWgAwIBAgISBMRgrLMPa1cucom1daU3fmCaMAoGCCqGSM49BAMDMDIx MIIDsDCCAzWgAwIBAgISBIi3muU9O51f4fWWUXJHNgRHMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDA2MTExNDQyMzdaFw0yNDA5MDkxNDQyMzZaMBoxGDAWBgNVBAMTD2hv NjAeFw0yNDA5MDQxNjA1MThaFw0yNDEyMDMxNjA1MTdaMBoxGDAWBgNVBAMTD2hv
bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABGlCPITmq729xoLb bWUua3VuYm94Lm5ldDB2MBAGByqGSM49AgEGBSuBBAAiA2IABA5vskMN8tWHCOsv
DkSn6SYxnP7Mns9dBSqUv1WktnYjwbavlbXKN3Bz0yCGcXSCZA+Nq576DBK9L9X6 aUojW+t8otSpRgcU0tLsONhzQ7GhG5tC5DQ5pN7HiG14eejONQE4hRWC4rkP/e47
tTeIvqG1akyNxY+1eDK3vhH4FKmZE6oOyh1jqfG2LY7dvLYCQKOCAiQwggIgMA4G EVQd/rFK5m0lQesR68zogtW9KfQZUoINhlOuR4CxpBY1LrG5laOCAiQwggIgMA4G
A1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD A1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD
VR0TAQH/BAIwADAdBgNVHQ4EFgQUt6i+27R0AAj+AUgSNg3Gmm5GzLYwHwYDVR0j VR0TAQH/BAIwADAdBgNVHQ4EFgQU3iCazGKeVwzCa84zl+qckbspEmEwHwYDVR0j
BBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wVQYIKwYBBQUHAQEESTBHMCEGCCsG BBgwFoAUkydGmAOpUWiOmNbEQkjbI79YlNIwVQYIKwYBBQUHAQEESTBHMCEGCCsG
AQUFBzABhhVodHRwOi8vZTUuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 AQUFBzABhhVodHRwOi8vZTYuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6
Ly9lNS5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC Ly9lNi5pLmxlbmNyLm9yZy8wLQYDVR0RBCYwJIIRKi5ob21lLmt1bmJveC5uZXSC
D2hvbWUua3VuYm94Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB D2hvbWUua3VuYm94Lm5ldDATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB
1nkCBAIEgfUEgfIA8AB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7Wb 1nkCBAIEgfUEgfIA8AB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRu
AAABkAf3K9YAAAQDAEcwRQIhAPFpuj8ZoOmqhDNJDSuJ3BWyUuOUyY2QXjIVRHop AAABkb3+C2AAAAQDAEcwRQIhAMwv6NjH3Ggd1WfeSVvyToVaM15glwfSJcAW8+40
dKyPAiAa2cwsyBFOjWOEYRCZ/7UgBA5axt8ZCrRYseefFwpvSQB2AN/hVuuqBa+1 XbCKAiABUoDmQjhKi5VfwZ7e0WX5XjEmgBN2qTafK5RqlaCDJgB2AO7N0GTV2xrO
nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABkAf3LJ8AAAQDAEcwRQIhAL9+dxTj xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABkb3+C3IAAAQDAEcwRQIgU9sxMGOG
34moGhk32PnQZg2+nVNiVxLxYjDL9fk1R+bXAiAA7EjWqcZgktinTpt1pVQMmuUn aP3npu7vw3G9TiFRxuZRCI96My34WVSCOcsCIQDhDjS9QhJGtNT68Z0sx6DJCcco
FQ1IRh5AdycNn0lL2jAKBggqhkjOPQQDAwNpADBmAjEAubnofDBEyrcSJAiGxlqc L1AXGWwojxizcx48bTAKBggqhkjOPQQDAwNpADBmAjEA/SOZeiZrClB5EJlZFdQy
EpUndlnkT/irfl/As8EUt0KMSPhnV3i7oEq89bi0KDghAjEA+XHccaWUi7BJEoV7 hrt2qh4HC5zvHdSLTWI4GAxDy8xRg/ANO6fp0Sb7Q7jdAjEAhiQgQfgUln08i/tv
nCUOCct64mb2LmXkvYiFVicsV9ubp4kVbziWjLgng6TC3HoM 3TGjVRIT/Y4A4QadodTROpfmFDH3QIsNwRPRhQUUSscBavK9
-----END CERTIFICATE----- -----END CERTIFICATE-----

36
data/ssl/_.home.kunbox.net.crt_intermediate.pem
View file

@ -1,27 +1,27 @@
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw 6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+ MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
VQD9F6Na/+zmXCc= Ig46v9mFmBvyH04=
-----END CERTIFICATE----- -----END CERTIFICATE-----

2
data/ssl/_.home.kunbox.net.key.pem.vault
View file

@ -1 +1 @@
encrypt$gAAAAABmaHBwHXKZDN_8bEa47lNIX25-wvvW1RcC689Hod4HAsY2tT6fd9k7zdnbK8KWedRNopdRIlhQUkU0xBVh5J5maiYfn5R8Kp_VpkXiWY0LVY3XMWjB4oHmU29VEbl490oesAhUUH6hb7lwfvsbV4WTM_7aL0_sPfF1udxO89gg-9z2nbl-7zmTdSBY651fZQngd4SlwK17N1fedkHgYamGLdgE10oPZiRsOJKrUGv-Pxi4ICQ7J_AF6bO05PyZkeNqqUP19g2f5EsKNnT0bxQHCP5sbofvYzli-fU2bW-leuvm-VU8lV27t39lQZyF-WcWnB7626w0semrg7cCJ4qoHJVekEFWzJBLhagSNdCDWHAwdV2_MHzSgbXvyXz0maga8-1wBoa8Ueinp2oPQMPaUsVzy6NVX7mAsB6Rw9CXDSEf8WPSKWaz7324qhxKmhMHt0r68z0qM28mHb98F_vbS6geCw== encrypt$gAAAAABm2JL0vVqh3Zut-a1Gfn8iOtDZS8aBpGobV3-d3u8My0MPunYmbQ6kXUAw7U0Bu87AAPXNsmi1pxrxcu8vXvhw4uM445WwKj-UqaV5fmk-ZasHGq-O6K52YqEgK6wo-9u_sOBubbwJSwFVaHxT3gczLW_GVRHhFIFGgdnRlz4YoAz4NXcos_uNO9GMEOGhfGx9e2c2GOIg64vXkj_1LjXEDoV9HYMzy-2wLt4A6q-ZiZwCoKl8-lt8sY_rLk_yfmy3sMvzqg8JaE7T4sunmXDdf4HQlnvl_cu1uW33Rrsq4-080HKx6rKNsZQGhWD2yls016xBAYZvQbDjHd6-7bld1bs5RUF5tfEC3Kx567TBdMaf5C7-PnNB7O_MC4I6SkmUElGRdYyCHuP5HXf9dKtiGCtjHyfEzqTBrcI0xPt631_IGPWMNId7zyLqfLHpMFTPS9jgGVKoT1TXwKe4NSHaGxXO-A==

3
groups/locations.py
View file

@ -68,6 +68,9 @@ groups['sophie'] = {
'icinga_options': { 'icinga_options': {
'exclude_from_monitoring': True, 'exclude_from_monitoring': True,
}, },
'backup-client': {
'target': 'htz-hel.backup-sohpie',
},
'users': { 'users': {
'sophie': {}, 'sophie': {},
}, },

2
libs/s2s.py
View file

@ -17,7 +17,7 @@ WG_AUTOGEN_NODES = [
'home.router', 'home.router',
'htz-cloud.wireguard', 'htz-cloud.wireguard',
'icinga2', 'icinga2',
'daisy', None, # daisy
] ]
WG_AUTOGEN_SETTINGS = { WG_AUTOGEN_SETTINGS = {

16
nodes/carlene.toml
View file

@ -40,7 +40,7 @@ imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
[metadata.element-web] [metadata.element-web]
url = "chat.franzi.business" url = "chat.franzi.business"
version = "v1.11.71" version = "v1.11.77"
[metadata.element-web.config] [metadata.element-web.config]
default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business" default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business"
default_server_config.'m.homeserver'.server_name = "franzi.business" default_server_config.'m.homeserver'.server_name = "franzi.business"
@ -49,8 +49,8 @@ defaultCountryCode = "DE"
jitsi.preferredDomain = "meet.ffmuc.net" jitsi.preferredDomain = "meet.ffmuc.net"
[metadata.forgejo] [metadata.forgejo]
version = "7.0.5" version = "8.0.3"
sha1 = "8dc0526cdd886d5bc96ce96841202c2800029e68" sha1 = "a19aa24f26c1ff5a38cf12619b6a6064242d0cf2"
domain = "git.franzi.business" domain = "git.franzi.business"
enable_git_hooks = true enable_git_hooks = true
install_ssh_key = true install_ssh_key = true
@ -59,7 +59,7 @@ lfs_secret_key = "!decrypt:encrypt$gAAAAABfPnd1vgNDt86-91YhviQw8Z0djSp4f_tBt76kl
oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz" oauth_secret_key = "!decrypt:encrypt$gAAAAABfPnbfTISbldhS0WyxVKBHVVoOMcar7Kxmh1kkmiUGd-RzbbnNzzhEER_owjttPQcACPfGKZ6WklaSsXjLq8km4P6A9QmPbC06GmHbc91m0odCb1KiY7SZeUD35PiRiGSq50dz"
security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4=" security_secret_key = "!decrypt:encrypt$gAAAAABfPnc-R7pkDj4pQgHDb6pzlNYNJgiWdeBFsX7IsHSnCtNPbZxCdtSL8cHtQzVO1KbSxS7zCwssmgiR8Kj54Z-koD-FQbjpbKWoIPw8SsyeqBVlZhIeEzhw_1t7_7ZTvv1O8AePdNYel9JJb_TaAZ8Vx46ZfsEPy8zaaHrqOekHC6RAnB4="
[metadata.interfaces.eno2] [metadata.interfaces.'eno*']
ips = [ ips = [
"193.135.9.29/24", "193.135.9.29/24",
"2a0a:51c0:0:225::2/64", "2a0a:51c0:0:225::2/64",
@ -70,9 +70,9 @@ gateway6 = "2a0a:51c0:0:225::1"
[metadata.matrix-media-repo] [metadata.matrix-media-repo]
admins = ["@kunsi:franzi.business"] admins = ["@kunsi:franzi.business"]
datastore_id = "3fff5da324ed784c771d638bb6be5917" datastore_id = "3fff5da324ed784c771d638bb6be5917"
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59" sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
upload_max_mb = 500 upload_max_mb = 500
version = "v1.3.6" version = "v1.3.7"
[metadata.matrix-media-repo.homeservers.'franzi.business'] [metadata.matrix-media-repo.homeservers.'franzi.business']
api = "synapse" api = "synapse"
domain = "http://[::1]:20080/" domain = "http://[::1]:20080/"
@ -126,7 +126,7 @@ domain = "rss.franzi.business"
[metadata.netbox] [metadata.netbox]
domain = "netbox.franzi.business" domain = "netbox.franzi.business"
version = "v4.0.7" version = "v4.1.1"
admins.kunsi = "hostmaster@kunbox.net" admins.kunsi = "hostmaster@kunbox.net"
[metadata.nextcloud] [metadata.nextcloud]
@ -256,7 +256,7 @@ disks = [
] ]
[metadata.travelynx] [metadata.travelynx]
version = "2.7.7" version = "2.8.39"
mail_from = "travelynx@franzi.business" mail_from = "travelynx@franzi.business"
domain = "travelynx.franzi.business" domain = "travelynx.franzi.business"

23
nodes/daisy.toml
View file

@ -1,23 +0,0 @@
hostname = "2a11:f2c0:3:4::120"
bundles = [
"bird",
"wireguard",
]
groups = [
"debian-bookworm",
]
[metadata]
location = "glauca"
nameservers = [
"2606:4700::1111",
"2606:4700:4700::1001",
]
backups.exclude_from_backups = true
icinga_options.period = "daytime"
[metadata.interfaces.ens18]
ips = [
"2a11:f2c0:3:4::120/64",
]
gateway6 = "fe80::220:91ff:fe45:e19e"

9
nodes/home.appletv-wohnzimmer.toml Normal file
View file

@ -0,0 +1,9 @@
dummy = true
[metadata.interfaces.default]
ips = ["172.19.138.73"]
dhcp = true
mac = "c0:95:6d:5e:82:47"
[metadata.icinga_options]
exclude_from_monitoring = true

2
nodes/home.ejgwdesk.toml → nodes/home.encoder96.toml
View file

@ -3,7 +3,7 @@ dummy = true
[metadata.interfaces.default] [metadata.interfaces.default]
ips = ["172.19.138.99"] ips = ["172.19.138.99"]
dhcp = true dhcp = true
mac = "54:04:A6:EF:A8:01" mac = "6c:4b:90:5c:e3:6d"
[metadata.icinga_options] [metadata.icinga_options]
exclude_from_monitoring = true exclude_from_monitoring = true

9
nodes/home.fujitsu-n7100.toml Normal file
View file

@ -0,0 +1,9 @@
dummy = true
[metadata.interfaces.default]
ips = ["172.19.138.75"]
dhcp = true
mac = "00:01:29:59:a9:8c"
[metadata.icinga_options]
exclude_from_monitoring = true

7
nodes/home.r630.toml
View file

@ -11,6 +11,13 @@ ips = [
gateway4 = "172.19.138.1" gateway4 = "172.19.138.1"
ipv6_accept_ra = true ipv6_accept_ra = true
[metadata.nftable.forward]
50-local-forward = [
'ct state { related, established } accept',
'iifname eno3 accept',
'ip6 nexthdr ipv6-icmp accept',
]
[metadata.users.molly] [metadata.users.molly]
password = "!decrypt:dummy$no" password = "!decrypt:dummy$no"

130
nodes/home/nas.py
View file

@ -11,7 +11,7 @@ nodes['home.nas'] = {
'mosquitto', 'mosquitto',
'nfs-server', 'nfs-server',
'rsyslogd', 'rsyslogd',
'scansnap', 'samba',
'smartd', 'smartd',
'vmhost', 'vmhost',
'zfs', 'zfs',
@ -67,6 +67,22 @@ nodes['home.nas'] = {
'/storage/nas/normen', '/storage/nas/normen',
}, },
}, },
'dm-crypt': {
'encrypted-devices': {
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K': {
'dm-name': 'sam-S5SSNJ0X409404K',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409404K'),
},
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F': {
'dm-name': 'sam-S5SSNJ0X409845F',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409845F'),
},
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J': {
'dm-name': 'sam-S5SSNJ0X409870J',
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409870J'),
},
},
},
'groups': { 'groups': {
'nas': {}, 'nas': {},
}, },
@ -96,11 +112,6 @@ nodes['home.nas'] = {
}, },
}, },
}, },
'jellyfin': {
'restrict-to': {
'home.lgtv-wohnzimmer',
},
},
'mixcloud-downloader': { 'mixcloud-downloader': {
'netrc': { 'netrc': {
'soundcloud': { 'soundcloud': {
@ -149,9 +160,6 @@ nodes['home.nas'] = {
'/srv/paperless': { '/srv/paperless': {
'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check', 'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
}, },
'/srv/scansnap': {
'172.19.138.0/24': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
},
}, },
}, },
'nginx': { 'nginx': {
@ -167,13 +175,25 @@ nodes['home.nas'] = {
'home', 'home',
}, },
}, },
'samba': {
'shares': {
'music': {
'path': '/storage/nas/Musik',
'force_group': 'nas',
},
},
'restrict-to': {
'172.19.138.0/24',
},
},
'smartd': { 'smartd': {
'disks': { 'disks': {
'/dev/nvme0', '/dev/nvme0',
# ZFS cache disks # encrypted disks
#'/dev/disk/by-id/ata-TS64GSSD370_B807810503', '/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K',
#'/dev/disk/by-id/ata-TS64GSSD370_B807810527', '/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F',
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J',
}, },
}, },
'systemd-networkd': { 'systemd-networkd': {
@ -188,6 +208,11 @@ nodes['home.nas'] = {
'br0.1138', 'br0.1138',
}, },
}, },
'br1139': {
'match': {
'br0.1139',
},
},
}, },
}, },
'systemd-timers': { 'systemd-timers': {
@ -237,26 +262,49 @@ nodes['home.nas'] = {
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR', '/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
}, },
}, },
# {
# 'type': 'log',
# 'devices': {
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part1',
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part1',
# },
# },
# {
# 'type': 'cache',
# 'devices': {
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part2',
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part2',
# },
# },
], ],
'ashift': 12, 'ashift': 12,
}, },
}, },
'encrypted': {
'when_creating': {
'config': [
{
'type': 'raidz',
'devices': {
'/dev/mapper/sam-S5SSNJ0X409404K',
'/dev/mapper/sam-S5SSNJ0X409845F',
'/dev/mapper/sam-S5SSNJ0X409870J',
},
},
],
'ashift': 12,
},
'needs': {
'action:dm-crypt_open_sam-S5SSNJ0X409404K',
'action:dm-crypt_open_sam-S5SSNJ0X409845F',
'action:dm-crypt_open_sam-S5SSNJ0X409870J',
},
# see comment in bundle:backup-server
'unless': 'zpool import encrypted',
},
}, },
'datasets': { 'datasets': {
'encrypted': {
'primarycache': 'metadata',
},
'encrypted/download': {
'mountpoint': '/media/download',
},
'encrypted/nas': {
'acltype': 'off',
'atime': 'off',
'compression': 'off',
'mountpoint': '/media/nas',
},
'encrypted/paperless': {
'mountpoint': '/media/paperless',
},
'storage': { 'storage': {
'primarycache': 'metadata', 'primarycache': 'metadata',
}, },
@ -266,10 +314,6 @@ nodes['home.nas'] = {
'storage/download': { 'storage/download': {
'mountpoint': '/storage/download', 'mountpoint': '/storage/download',
}, },
'storage/inbox': {
'quota': str(1024*1024*1024*1024), # 1TB
'mountpoint': '/storage/inbox',
},
'storage/nas': { 'storage/nas': {
'acltype': 'off', 'acltype': 'off',
'atime': 'off', 'atime': 'off',
@ -279,12 +323,26 @@ nodes['home.nas'] = {
'storage/paperless': { 'storage/paperless': {
'mountpoint': '/srv/paperless', 'mountpoint': '/srv/paperless',
}, },
'storage/scan': {
'mountpoint': '/srv/scansnap',
},
}, },
'snapshots': { 'snapshots': {
'retain_per_dataset': { 'retain_per_dataset': {
'encrypted/download': {
'hourly': 6,
'daily': 0,
'weekly': 0,
'monthly': 0,
},
'encrypted/nas': {
# juuuuuuuust to be sure.
'daily': 14,
'weekly': 6,
'monthly': 12,
},
'encrypted/paperless': {
'daily': 14,
'weekly': 6,
'monthly': 24,
},
'storage/download': { 'storage/download': {
'hourly': 48, 'hourly': 48,
'daily': 0, 'daily': 0,
@ -302,12 +360,6 @@ nodes['home.nas'] = {
'weekly': 6, 'weekly': 6,
'monthly': 24, 'monthly': 24,
}, },
'storage/scan': {
'hourly': 6,
'daily': 0,
'weekly': 0,
'monthly': 0,
},
}, },
}, },
}, },

8
nodes/home/paperless.py
View file

@ -6,6 +6,7 @@ nodes['home.paperless'] = {
'redis', 'redis',
'postgresql', 'postgresql',
'paperless-ng', 'paperless-ng',
'proftpd',
}, },
'groups': { 'groups': {
'debian-bookworm', 'debian-bookworm',
@ -47,12 +48,17 @@ nodes['home.paperless'] = {
}, },
'paperless': { 'paperless': {
'domain': 'paperless.home.kunbox.net', 'domain': 'paperless.home.kunbox.net',
'version': 'v2.11.0', 'version': 'v2.12.0',
'timezone': 'Europe/Berlin', 'timezone': 'Europe/Berlin',
}, },
'postgresql': { 'postgresql': {
'version': 15, 'version': 15,
}, },
'proftpd': {
'restrict-to': {
'home.fujitsu-n7100',
},
},
'vm': { 'vm': {
'cpu': 2, 'cpu': 2,
'ram': 2, 'ram': 2,

6
nodes/htz-cloud.afra.toml
View file

@ -32,7 +32,7 @@ routes.'172.19.128.0/20'.via = "172.19.137.1"
[metadata.element-web] [metadata.element-web]
url = "element.afra.berlin" url = "element.afra.berlin"
version = "v1.11.71" version = "v1.11.77"
[metadata.element-web.config] [metadata.element-web.config]
default_server_config.'m.homeserver'.base_url = "https://matrix.afra.berlin" default_server_config.'m.homeserver'.base_url = "https://matrix.afra.berlin"
@ -44,9 +44,9 @@ jitsi.preferredDomain = "meet.ffmuc.net"
[metadata.matrix-media-repo] [metadata.matrix-media-repo]
admins = ['@administress:afra.berlin'] admins = ['@administress:afra.berlin']
datastore_id = "e33b50474021fba9977f912414cdd7fe8890ed57" datastore_id = "e33b50474021fba9977f912414cdd7fe8890ed57"
sha1 = "ef9e8624e70714e4d421ece0c27f2974f55c0e59" sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
upload_max_mb = 50 upload_max_mb = 50
version = "v1.3.6" version = "v1.3.7"
[metadata.matrix-media-repo.homeservers.'afra.berlin'] [metadata.matrix-media-repo.homeservers.'afra.berlin']
domain = "http://[::1]:20080/" domain = "http://[::1]:20080/"

3
nodes/htz-hel/backup-kunsi.py
View file

@ -33,5 +33,8 @@ nodes['htz-hel.backup-kunsi'] = {
'/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'), '/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'),
}, },
}, },
'zfs': {
'scrub_when': 'Wed 08:00 Europe/Berlin',
},
}, },
} }

11
nodes/htz-hel/proxmox-backupstorage.toml
View file

@ -1,5 +1,6 @@
hostname = "2a01:4f9:6b:2d99::c0ff:ee" hostname = "2a01:4f9:6b:2d99::c0ff:ee"
dummy = true #dummy = true
bundles = ["sshmon", "smartd"]
# How to install: # How to install:
# - Get server at Hetzner (no IPv4) # - Get server at Hetzner (no IPv4)
@ -17,3 +18,11 @@ dummy = true
# - IPv6 only # - IPv6 only
# - IP from the /64 hetzner gives us # - IP from the /64 hetzner gives us
# - Gateway is the host itself, to work around the MAC filter hetzner uses # - Gateway is the host itself, to work around the MAC filter hetzner uses
[metadata.smartd]
disks = [
"/dev/sda",
"/dev/sdb",
"/dev/sdc",
"/dev/sdd",
]

2
nodes/kunsi-p14s.py
View file

@ -101,7 +101,7 @@ nodes['kunsi-p14s'] = {
'apachedirectorystudio': {}, 'apachedirectorystudio': {},
'claws-mail': {}, 'claws-mail': {},
'claws-mail-themes': {}, 'claws-mail-themes': {},
'ferdi-bin': {}, 'ferdium-bin': {},
'gumbo-parser': {}, # for claws litehtml 'gumbo-parser': {}, # for claws litehtml
'inkstitch': {}, # for RZL embroidery machine 'inkstitch': {}, # for RZL embroidery machine
'obs-studio': {}, 'obs-studio': {},

40
nodes/rottenraptor-stromdisplay.toml Normal file
View file

@ -0,0 +1,40 @@
hostname = "192.168.1.252"
os = "debian"
os_version = [12,]
bundles = [
"apt",
"basic",
"kernel-modules",
"openssh",
"raspberrypi",
"sdm630_mqtt",
"sudo",
"sysctl",
"systemd",
"systemd-networkd",
"users",
]
[metadata.apt.unattended-upgrades]
enabled = false
[metadata.icinga_options]
exclude_from_monitoring = true
[metadata.interfaces.eth0]
ips = [
"192.168.1.252/24",
]
dhcp = true
[metadata.raspberrypi]
enable_display = true
[metadata.sdm630_mqtt]
enable_stats_collection = false
enable_local_printout = true
config.mqtt.host = "192.168.1.253"
[metadata.users.kutscher]
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
sudo_commands = ["ALL"]

46
nodes/rottenraptor-stromzaehler.toml Normal file
View file

@ -0,0 +1,46 @@
hostname = "192.168.1.253"
os = "debian"
os_version = [12,]
bundles = [
"apt",
"basic",
"kernel-modules",
"mosquitto",
"openssh",
"raspberrypi",
"sdm630_mqtt",
"sudo",
"sysctl",
"systemd",
"systemd-networkd",
"telegraf",
"users",
]
[metadata.apt.unattended-upgrades]
enabled = false
[metadata.icinga_options]
exclude_from_monitoring = true
[metadata.interfaces.eth0]
ips = [
"192.168.1.253/24",
]
dhcp = true
[metadata.sdm630_mqtt]
enable_local_printout = true
config.modbus.host = "192.168.1.254"
config.modbus.port = 4196
config.telegraf.identifier = 'rottenraptor_truck'
[metadata.sysctl.options]
'net.ipv6.conf.all.disable_ipv6' = '1'
[metadata.telegraf]
collect_default_metrics = false
[metadata.users.kutscher]
password = "!decrypt:encrypt$gAAAAABmqQgvrVuPqFJWJSu8Yxd9NV4ppo5STfCPFqUWn0KepLRdFCktEMla0EJPPxZR5HbNnD6K2Vp-c63raeWwahFUT24SUrAoBFeWfToYWaRDi5WeXJU="
sudo_commands = ["ALL"]

4
nodes/sophie/miniserver.py
View file

@ -54,7 +54,6 @@ nodes['htz-cloud.miniserver'] = {
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \ 'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n', 'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
}, },
'target': "htz-hel.backup-sophie",
}, },
'backups': { 'backups': {
'paths': { 'paths': {
@ -63,7 +62,7 @@ nodes['htz-cloud.miniserver'] = {
}, },
'element-web': { 'element-web': {
'url': 'chat.sophies-kitchen.eu', 'url': 'chat.sophies-kitchen.eu',
'version': 'v1.11.72', 'version': 'v1.11.76',
'config': { 'config': {
'default_server_config': { 'default_server_config': {
'm.homeserver': { 'm.homeserver': {
@ -118,6 +117,7 @@ nodes['htz-cloud.miniserver'] = {
'sophies-kitchen.eu': { 'sophies-kitchen.eu': {
'domain': 'http://[::1]:20080/', 'domain': 'http://[::1]:20080/',
'api': 'synapse', 'api': 'synapse',
'signing_key_path': "/etc/matrix-synapse/mmr.signing.key"
}, },
}, },
'admins': { 'admins': {

2
nodes/voc/pretalx.py
View file

@ -49,7 +49,7 @@ nodes['voc.pretalx'] = {
}, },
}, },
'pretalx': { 'pretalx': {
'version': 'v2024.1.0', 'version': 'v2024.2.1',
'domain': 'pretalx.c3voc.de', 'domain': 'pretalx.c3voc.de',
'mail_from': 'pretalx@c3voc.de', 'mail_from': 'pretalx@c3voc.de',
'administrators-from-group-id': 1, 'administrators-from-group-id': 1,