Compare commits
88 commits
Author | SHA1 | Date | |
---|---|---|---|
a9b16c18ad | |||
8f705fc8e3 | |||
b3070a8b8b | |||
6a203085b9 | |||
669b28f6ed | |||
9884b703cd | |||
fa63ad72d5 | |||
3a56995ab1 | |||
50b71bc8b8 | |||
fcd097599d | |||
563ba266ff | |||
209dedccf9 | |||
e51c24f837 | |||
72638e0856 | |||
2c83a5c4fc | |||
ec49c8d3ff | |||
46ec4cc2e7 | |||
e29a838fad | |||
f6cb540007 | |||
6eb2c6651b | |||
c006748165 | |||
1be5ab268b | |||
12c735f4aa | |||
9b0e627274 | |||
4f0ced4d9a | |||
af78e959ae | |||
58964cc10f | |||
ec8af84fb1 | |||
9bfb531214 | |||
84867ff1e6 | |||
6647e71484 | |||
2e8cbd6061 | |||
453d2a7889 | |||
4238eeb6d8 | |||
729b975b77 | |||
c4e3d0abc2 | |||
078d52c075 | |||
a83b380490 | |||
ed9607433d | |||
d1b369fb26 | |||
07a44598d2 | |||
e35fbdd183 | |||
c5fb1b8a28 | |||
814b67a9d0 | |||
3ff7db7d6d | |||
b57f205696 | |||
ef8d3368c1 | |||
a5ea87b4e9 | |||
df69b876a9 | |||
4fbbf83952 | |||
a1d1351411 | |||
e2b430fd0e | |||
663f7eec9f | |||
95860e978b | |||
52e891d3a7 | |||
8ba63e112c | |||
67f901c1c9 | |||
8c28d612cb | |||
54f669313a | |||
7b6d811128 | |||
2564f416c2 | |||
8a28886012 | |||
c699f0d510 | |||
4a28bc55c0 | |||
abdc7f751e | |||
423049667f | |||
c6421c7bd4 | |||
95c5b28469 | |||
7dc0afe299 | |||
|
0d28883da3 | ||
|
8980c05c74 | ||
9415b281ce | |||
64fb1906d1 | |||
ce76b03fe7 | |||
a712c098c6 | |||
ec834f2a92 | |||
aa30b78fcf | |||
be3a7a44d6 | |||
2e72f107e9 | |||
07f6fb99f2 | |||
3f9f84f230 | |||
40fcaf56ee | |||
06a94d7cba | |||
6483f863ff | |||
3a52cf55c4 | |||
455c5c5ce5 | |||
5e55dc6fb9 | |||
d5881da154 |
76 changed files with 1198 additions and 896 deletions
|
@ -160,7 +160,7 @@ def monitoring(metadata):
|
||||||
client,
|
client,
|
||||||
config['one_backup_every_hours'],
|
config['one_backup_every_hours'],
|
||||||
),
|
),
|
||||||
'vars.sshmon_timeout': 20,
|
'vars.sshmon_timeout': 40,
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
|
|
39
bundles/docker-engine/files/check_docker_container
Normal file
39
bundles/docker-engine/files/check_docker_container
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
from json import loads
|
||||||
|
from subprocess import check_output
|
||||||
|
from sys import argv
|
||||||
|
|
||||||
|
try:
|
||||||
|
container_name = argv[1]
|
||||||
|
|
||||||
|
docker_ps = check_output([
|
||||||
|
'docker',
|
||||||
|
'container',
|
||||||
|
'ls',
|
||||||
|
'--all',
|
||||||
|
'--format',
|
||||||
|
'json',
|
||||||
|
'--filter',
|
||||||
|
f'name={container_name}'
|
||||||
|
])
|
||||||
|
|
||||||
|
containers = loads(f"[{','.join([l for l in docker_ps.decode().splitlines() if l])}]")
|
||||||
|
|
||||||
|
if not containers:
|
||||||
|
print(f'CRITICAL: container {container_name} not found!')
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
if len(containers) > 1:
|
||||||
|
print(f'Found more than one container matching {container_name}!')
|
||||||
|
print(docker_ps)
|
||||||
|
exit(3)
|
||||||
|
|
||||||
|
if containers[0]['State'] != 'running':
|
||||||
|
print(f'WARNING: container {container_name} not "running"')
|
||||||
|
exit(2)
|
||||||
|
|
||||||
|
print(f"OK: {containers[0]['Status']}")
|
||||||
|
except Exception as e:
|
||||||
|
print(repr(e))
|
||||||
|
exit(2)
|
50
bundles/docker-engine/files/docker-wrapper
Normal file
50
bundles/docker-engine/files/docker-wrapper
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
[[ -n "$DEBUG" ]] && set -x
|
||||||
|
|
||||||
|
ACTION="$1"
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
if [[ -z "$ACTION" ]]
|
||||||
|
then
|
||||||
|
echo "Usage: $0 start|stop"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
PUID="$(id -u "docker-${name}")"
|
||||||
|
PGID="$(id -g "docker-${name}")"
|
||||||
|
|
||||||
|
if [ "$ACTION" == "start" ]
|
||||||
|
then
|
||||||
|
docker run -d \
|
||||||
|
--name "${name}" \
|
||||||
|
--env "PUID=$PUID" \
|
||||||
|
--env "PGID=$PGID" \
|
||||||
|
--env "TZ=${timezone}" \
|
||||||
|
% for k, v in sorted(environment.items()):
|
||||||
|
--env "${k}=${v}" \
|
||||||
|
% endfor
|
||||||
|
--network host \
|
||||||
|
% for host_port, container_port in sorted(ports.items()):
|
||||||
|
--expose "127.0.0.1:${host_port}:${container_port}" \
|
||||||
|
% endfor
|
||||||
|
% for host_path, container_path in sorted(volumes.items()):
|
||||||
|
--volume "/var/opt/docker-engine/${name}/${host_path}:${container_path}" \
|
||||||
|
% endfor
|
||||||
|
--restart unless-stopped \
|
||||||
|
"${image}"
|
||||||
|
|
||||||
|
elif [ "$ACTION" == "stop" ]
|
||||||
|
then
|
||||||
|
docker stop "${name}"
|
||||||
|
docker rm "${name}"
|
||||||
|
|
||||||
|
else
|
||||||
|
echo "Unknown action $ACTION"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
% if node.has_bundle('nftables'):
|
||||||
|
systemctl reload nftables
|
||||||
|
% endif
|
14
bundles/docker-engine/files/docker-wrapper.service
Normal file
14
bundles/docker-engine/files/docker-wrapper.service
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
[Unit]
|
||||||
|
Description=docker-engine app ${name}
|
||||||
|
After=network.target
|
||||||
|
Requires=${' '.join(sorted(requires))}
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
WorkingDirectory=/var/opt/docker-engine/${name}/
|
||||||
|
ExecStart=/opt/docker-engine/${name} start
|
||||||
|
ExecStop=/opt/docker-engine/${name} stop
|
||||||
|
Type=simple
|
||||||
|
RemainAfterExit=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
99
bundles/docker-engine/items.py
Normal file
99
bundles/docker-engine/items.py
Normal file
|
@ -0,0 +1,99 @@
|
||||||
|
from bundlewrap.metadata import metadata_to_json
|
||||||
|
|
||||||
|
deps = {
|
||||||
|
'pkg_apt:docker-ce',
|
||||||
|
'pkg_apt:docker-ce-cli',
|
||||||
|
}
|
||||||
|
|
||||||
|
directories['/opt/docker-engine'] = {
|
||||||
|
'purge': True,
|
||||||
|
}
|
||||||
|
directories['/var/opt/docker-engine'] = {}
|
||||||
|
|
||||||
|
files['/etc/docker/daemon.json'] = {
|
||||||
|
'content': metadata_to_json(node.metadata.get('docker-engine/config')),
|
||||||
|
'triggers': {
|
||||||
|
'svc_systemd:docker:restart',
|
||||||
|
},
|
||||||
|
# install config before installing packages to ensure the config is
|
||||||
|
# applied to the first start as well
|
||||||
|
'before': deps,
|
||||||
|
}
|
||||||
|
|
||||||
|
svc_systemd['docker'] = {
|
||||||
|
'needs': deps,
|
||||||
|
}
|
||||||
|
|
||||||
|
files['/usr/local/share/icinga/plugins/check_docker_container'] = {
|
||||||
|
'mode': '0755',
|
||||||
|
}
|
||||||
|
|
||||||
|
for app, config in node.metadata.get('docker-engine/containers', {}).items():
|
||||||
|
volumes = config.get('volumes', {})
|
||||||
|
|
||||||
|
files[f'/opt/docker-engine/{app}'] = {
|
||||||
|
'source': 'docker-wrapper',
|
||||||
|
'content_type': 'mako',
|
||||||
|
'context': {
|
||||||
|
'environment': config.get('environment', {}),
|
||||||
|
'image': config['image'],
|
||||||
|
'name': app,
|
||||||
|
'ports': config.get('ports', {}),
|
||||||
|
'timezone': node.metadata.get('timezone'),
|
||||||
|
'volumes': volumes,
|
||||||
|
},
|
||||||
|
'mode': '0755',
|
||||||
|
'triggers': {
|
||||||
|
f'svc_systemd:docker-{app}:restart',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
users[f'docker-{app}'] = {
|
||||||
|
'home': f'/var/opt/docker-engine/{app}',
|
||||||
|
'groups': {
|
||||||
|
'docker',
|
||||||
|
},
|
||||||
|
'after': {
|
||||||
|
# provides docker group
|
||||||
|
'pkg_apt:docker-ce',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
files[f'/usr/local/lib/systemd/system/docker-{app}.service'] = {
|
||||||
|
'source': 'docker-wrapper.service',
|
||||||
|
'content_type': 'mako',
|
||||||
|
'context': {
|
||||||
|
'name': app,
|
||||||
|
'requires': {
|
||||||
|
*set(config.get('requires', set())),
|
||||||
|
'docker.service',
|
||||||
|
}
|
||||||
|
},
|
||||||
|
'triggers': {
|
||||||
|
'action:systemd-reload',
|
||||||
|
f'svc_systemd:docker-{app}:restart',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
svc_systemd[f'docker-{app}'] = {
|
||||||
|
'needs': {
|
||||||
|
*deps,
|
||||||
|
f'file:/opt/docker-engine/{app}',
|
||||||
|
f'file:/usr/local/lib/systemd/system/docker-{app}.service',
|
||||||
|
f'user:docker-{app}',
|
||||||
|
'svc_systemd:docker',
|
||||||
|
*set(config.get('needs', set())),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for volume in volumes:
|
||||||
|
directories[f'/var/opt/docker-engine/{app}/{volume}'] = {
|
||||||
|
'owner': f'docker-{app}',
|
||||||
|
'group': f'docker-{app}',
|
||||||
|
'needed_by': {
|
||||||
|
f'svc_systemd:docker-{app}',
|
||||||
|
},
|
||||||
|
# don't do anything if the directory exists, docker images
|
||||||
|
# mangle owners
|
||||||
|
'unless': f'test -d /var/opt/docker-engine/{app}/{volume}',
|
||||||
|
}
|
83
bundles/docker-engine/metadata.py
Normal file
83
bundles/docker-engine/metadata.py
Normal file
|
@ -0,0 +1,83 @@
|
||||||
|
defaults = {
|
||||||
|
'apt': {
|
||||||
|
'packages': {
|
||||||
|
'docker-ce': {},
|
||||||
|
'docker-ce-cli': {},
|
||||||
|
'docker-compose-plugin': {},
|
||||||
|
},
|
||||||
|
'repos': {
|
||||||
|
'docker': {
|
||||||
|
'items': {
|
||||||
|
'deb https://download.docker.com/linux/debian {os_release} stable',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'backups': {
|
||||||
|
'paths': {
|
||||||
|
'/var/opt/docker-engine',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'hosts': {
|
||||||
|
'entries': {
|
||||||
|
'172.17.0.1': {
|
||||||
|
'host.docker.internal',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'docker-engine': {
|
||||||
|
'config': {
|
||||||
|
'iptables': False,
|
||||||
|
'no-new-privileges': True,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'zfs': {
|
||||||
|
'datasets': {
|
||||||
|
'tank/docker-data': {
|
||||||
|
'mountpoint': '/var/opt/docker-engine',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@metadata_reactor.provides(
|
||||||
|
'icinga2_api/docker-engine/services',
|
||||||
|
)
|
||||||
|
def monitoring(metadata):
|
||||||
|
services = {
|
||||||
|
'DOCKER PROCESS': {
|
||||||
|
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_procs -C dockerd -c 1:',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for app in metadata.get('docker-engine/containers', {}):
|
||||||
|
services[f'DOCKER CONTAINER {app}'] = {
|
||||||
|
'command_on_monitored_host': f'sudo /usr/local/share/icinga/plugins/check_docker_container {app}'
|
||||||
|
}
|
||||||
|
|
||||||
|
return {
|
||||||
|
'icinga2_api': {
|
||||||
|
'docker-engine': {
|
||||||
|
'services': services,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@metadata_reactor.provides(
|
||||||
|
'zfs/datasets',
|
||||||
|
)
|
||||||
|
def zfs(metadata):
|
||||||
|
datasets = {}
|
||||||
|
|
||||||
|
for app in metadata.get('docker-engine/containers', {}):
|
||||||
|
datasets[f'tank/docker-data/{app}'] = {
|
||||||
|
'mountpoint': f'/var/opt/docker-engine/{app}'
|
||||||
|
}
|
||||||
|
|
||||||
|
return {
|
||||||
|
'zfs': {
|
||||||
|
'datasets': datasets,
|
||||||
|
},
|
||||||
|
}
|
64
bundles/docker-immich/metadata.py
Normal file
64
bundles/docker-immich/metadata.py
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
assert node.has_bundle('docker-engine')
|
||||||
|
assert node.has_bundle('redis')
|
||||||
|
assert not node.has_bundle('postgresql') # docker container uses that port
|
||||||
|
|
||||||
|
defaults = {
|
||||||
|
'docker-engine': {
|
||||||
|
'containers': {
|
||||||
|
'immich': {
|
||||||
|
'image': 'ghcr.io/imagegenius/immich:latest',
|
||||||
|
'environment': {
|
||||||
|
'DB_DATABASE_NAME': 'immich',
|
||||||
|
'DB_HOSTNAME': 'host.docker.internal',
|
||||||
|
'DB_PASSWORD': repo.vault.password_for(f'{node.name} postgresql immich'),
|
||||||
|
'DB_USERNAME': 'immich',
|
||||||
|
'REDIS_HOSTNAME': 'host.docker.internal',
|
||||||
|
},
|
||||||
|
'volumes': {
|
||||||
|
'config': '/config',
|
||||||
|
'libraries': '/libraries',
|
||||||
|
'photos': '/photos',
|
||||||
|
},
|
||||||
|
'needs': {
|
||||||
|
'svc_systemd:docker-postgresql14',
|
||||||
|
},
|
||||||
|
'requires': {
|
||||||
|
'docker-postgresql14.service',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'postgresql14': {
|
||||||
|
'image': 'tensorchord/pgvecto-rs:pg14-v0.2.0',
|
||||||
|
'environment': {
|
||||||
|
'POSTGRES_PASSWORD': repo.vault.password_for(f'{node.name} postgresql immich'),
|
||||||
|
'POSTGRES_USER': 'immich',
|
||||||
|
'POSTGRES_DB': 'immich',
|
||||||
|
},
|
||||||
|
'volumes': {
|
||||||
|
'database': '/var/lib/postgresql/data',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'nginx': {
|
||||||
|
'vhosts': {
|
||||||
|
'immich': {
|
||||||
|
'locations': {
|
||||||
|
'/': {
|
||||||
|
'target': 'http://127.0.0.1:8080/',
|
||||||
|
'websockets': True,
|
||||||
|
'max_body_size': '500m',
|
||||||
|
},
|
||||||
|
#'/api/socket.io/': {
|
||||||
|
# 'target': 'http://127.0.0.1:8081/',
|
||||||
|
# 'websockets': True,
|
||||||
|
#},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'redis': {
|
||||||
|
'bind': '0.0.0.0',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -29,8 +29,8 @@ mail_location = maildir:/var/mail/vmail/%d/%n
|
||||||
protocols = imap lmtp sieve
|
protocols = imap lmtp sieve
|
||||||
|
|
||||||
ssl = required
|
ssl = required
|
||||||
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
ssl_cert = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||||
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
ssl_key = </var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||||
ssl_dh = </etc/ssl/certs/dhparam.pem
|
ssl_dh = </etc/ssl/certs/dhparam.pem
|
||||||
ssl_min_protocol = TLSv1.2
|
ssl_min_protocol = TLSv1.2
|
||||||
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
|
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
|
||||||
|
|
|
@ -100,7 +100,7 @@ def nginx(metadata):
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'website_check_path': '/user/login',
|
'website_check_path': '/user/login',
|
||||||
'website_check_string': 'Sign In',
|
'website_check_string': 'Sign in',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
@ -2,48 +2,42 @@
|
||||||
|
|
||||||
from sys import exit
|
from sys import exit
|
||||||
|
|
||||||
import requests
|
from packaging.version import parse
|
||||||
from packaging import version
|
from requests import get
|
||||||
|
|
||||||
bearer = "${bearer}"
|
API_TOKEN = "${token}"
|
||||||
domain = "${domain}"
|
DOMAIN = "${domain}"
|
||||||
OK = 0
|
|
||||||
WARN = 1
|
|
||||||
CRITICAL = 2
|
|
||||||
UNKNOWN = 3
|
|
||||||
|
|
||||||
status = 3
|
|
||||||
message = "Unknown Update Status"
|
|
||||||
|
|
||||||
|
|
||||||
domain = "hass.home.kunbox.net"
|
|
||||||
|
|
||||||
s = requests.Session()
|
|
||||||
s.headers.update({"Content-Type": "application/json"})
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
stable_version = version.parse(
|
r = get("https://version.home-assistant.io/stable.json")
|
||||||
s.get("https://version.home-assistant.io/stable.json").json()["homeassistant"][
|
r.raise_for_status()
|
||||||
"generic-x86-64"
|
stable_version = parse(r.json()["homeassistant"]["generic-x86-64"])
|
||||||
]
|
|
||||||
)
|
|
||||||
s.headers.update(
|
|
||||||
{"Authorization": f"Bearer {bearer}", "Content-Type": "application/json"}
|
|
||||||
)
|
|
||||||
running_version = version.parse(
|
|
||||||
s.get(f"https://{domain}/api/config").json()["version"]
|
|
||||||
)
|
|
||||||
if running_version == stable_version:
|
|
||||||
status = 0
|
|
||||||
message = f"OK - running version {running_version} equals stable version {stable_version}"
|
|
||||||
elif running_version > stable_version:
|
|
||||||
status = 1
|
|
||||||
message = f"WARNING - stable version {stable_version} is lower than running version {running_version}, check if downgrade is necessary."
|
|
||||||
else:
|
|
||||||
status = 2
|
|
||||||
message = f"CRITICAL - update necessary, running version {running_version} is lower than stable version {stable_version}"
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
message = f"{message}: {repr(e)}"
|
print(f"Could not get stable version information from home-assistant.io: {e!r}")
|
||||||
|
exit(3)
|
||||||
|
|
||||||
print(message)
|
try:
|
||||||
exit(status)
|
r = get(
|
||||||
|
f"https://{DOMAIN}/api/config",
|
||||||
|
headers={"Authorization": f"Bearer {API_TOKEN}", "Content-Type": "application/json"},
|
||||||
|
)
|
||||||
|
r.raise_for_status()
|
||||||
|
running_version = parse(r.json()["version"])
|
||||||
|
except Exception as e:
|
||||||
|
print(f"Could not get running version information from homeassistant: {e!r}")
|
||||||
|
exit(3)
|
||||||
|
|
||||||
|
try:
|
||||||
|
if stable_version > running_version:
|
||||||
|
print(
|
||||||
|
f"There is a newer version available: {stable_version} (currently installed: {running_version})"
|
||||||
|
)
|
||||||
|
exit(2)
|
||||||
|
else:
|
||||||
|
print(
|
||||||
|
f"Currently running version {running_version} matches newest release on home-assistant.io"
|
||||||
|
)
|
||||||
|
exit(0)
|
||||||
|
except Exception as e:
|
||||||
|
print(repr(e))
|
||||||
|
exit(3)
|
||||||
|
|
|
@ -5,6 +5,8 @@ After=network-online.target
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
User=homeassistant
|
User=homeassistant
|
||||||
|
Environment="VIRTUAL_ENV=/opt/homeassistant/venv"
|
||||||
|
Environment="PATH=/opt/homeassistant/venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
WorkingDirectory=/var/opt/homeassistant
|
WorkingDirectory=/var/opt/homeassistant
|
||||||
ExecStart=/opt/homeassistant/venv/bin/hass -c "/var/opt/homeassistant"
|
ExecStart=/opt/homeassistant/venv/bin/hass -c "/var/opt/homeassistant"
|
||||||
RestartForceExitStatus=100
|
RestartForceExitStatus=100
|
||||||
|
|
|
@ -30,7 +30,7 @@ files = {
|
||||||
'/usr/local/share/icinga/plugins/check_homeassistant_update': {
|
'/usr/local/share/icinga/plugins/check_homeassistant_update': {
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
'context': {
|
'context': {
|
||||||
'bearer': repo.vault.decrypt(node.metadata.get('homeassistant/api_secret')),
|
'token': node.metadata.get('homeassistant/api_secret'),
|
||||||
'domain': node.metadata.get('homeassistant/domain'),
|
'domain': node.metadata.get('homeassistant/domain'),
|
||||||
},
|
},
|
||||||
'mode': '0755',
|
'mode': '0755',
|
||||||
|
|
|
@ -17,7 +17,6 @@ defaults = {
|
||||||
'icinga2': {},
|
'icinga2': {},
|
||||||
'icinga2-ido-pgsql': {},
|
'icinga2-ido-pgsql': {},
|
||||||
'icingaweb2': {},
|
'icingaweb2': {},
|
||||||
'icingaweb2-module-monitoring': {},
|
|
||||||
'python3-easysnmp': {},
|
'python3-easysnmp': {},
|
||||||
'python3-flask': {},
|
'python3-flask': {},
|
||||||
'snmp': {},
|
'snmp': {},
|
||||||
|
|
|
@ -23,7 +23,7 @@ actions = {
|
||||||
git_deploy = {
|
git_deploy = {
|
||||||
'/opt/infobeamer-cms/src': {
|
'/opt/infobeamer-cms/src': {
|
||||||
'rev': 'master',
|
'rev': 'master',
|
||||||
'repo': 'https://github.com/sophieschi/36c3-cms.git',
|
'repo': 'https://github.com/voc/infobeamer-cms.git',
|
||||||
'needs': {
|
'needs': {
|
||||||
'directory:/opt/infobeamer-cms/src',
|
'directory:/opt/infobeamer-cms/src',
|
||||||
},
|
},
|
||||||
|
@ -96,14 +96,6 @@ files = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
pkg_pip = {
|
|
||||||
'github-flask': {
|
|
||||||
'needed_by': {
|
|
||||||
'svc_systemd:infobeamer-cms',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
svc_systemd = {
|
svc_systemd = {
|
||||||
'infobeamer-cms': {
|
'infobeamer-cms': {
|
||||||
'needs': {
|
'needs': {
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from datetime import datetime, timezone
|
from datetime import datetime
|
||||||
from json import dumps
|
from json import dumps
|
||||||
from time import sleep
|
from time import sleep
|
||||||
|
from zoneinfo import ZoneInfo
|
||||||
|
|
||||||
import paho.mqtt.client as mqtt
|
import paho.mqtt.client as mqtt
|
||||||
from requests import RequestException, get
|
from requests import RequestException, get
|
||||||
|
@ -61,8 +62,6 @@ def mqtt_dump_state(device):
|
||||||
out.append("Location: {}".format(device["location"]))
|
out.append("Location: {}".format(device["location"]))
|
||||||
out.append("Setup: {} ({})".format(device["setup"]["name"], device["setup"]["id"]))
|
out.append("Setup: {} ({})".format(device["setup"]["name"], device["setup"]["id"]))
|
||||||
out.append("Resolution: {}".format(device["run"].get("resolution", "unknown")))
|
out.append("Resolution: {}".format(device["run"].get("resolution", "unknown")))
|
||||||
if not device["is_synced"]:
|
|
||||||
out.append("syncing ...")
|
|
||||||
|
|
||||||
mqtt_out(
|
mqtt_out(
|
||||||
" - ".join(out),
|
" - ".join(out),
|
||||||
|
@ -73,6 +72,9 @@ def mqtt_dump_state(device):
|
||||||
mqtt_out("Monitor starting up")
|
mqtt_out("Monitor starting up")
|
||||||
while True:
|
while True:
|
||||||
try:
|
try:
|
||||||
|
online_devices = set()
|
||||||
|
available_credits = None
|
||||||
|
|
||||||
try:
|
try:
|
||||||
r = get(
|
r = get(
|
||||||
"https://info-beamer.com/api/v1/device/list",
|
"https://info-beamer.com/api/v1/device/list",
|
||||||
|
@ -88,7 +90,6 @@ while True:
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
new_state = {}
|
new_state = {}
|
||||||
online_devices = set()
|
|
||||||
for device in ib_state:
|
for device in ib_state:
|
||||||
did = str(device["id"])
|
did = str(device["id"])
|
||||||
|
|
||||||
|
@ -140,16 +141,15 @@ while True:
|
||||||
if device["is_online"]:
|
if device["is_online"]:
|
||||||
if device["maintenance"]:
|
if device["maintenance"]:
|
||||||
mqtt_out(
|
mqtt_out(
|
||||||
"maintenance required: {}".format(' '.join(
|
"maintenance required: {}".format(
|
||||||
sorted(device["maintenance"])
|
" ".join(sorted(device["maintenance"]))
|
||||||
)),
|
),
|
||||||
level="WARN",
|
level="WARN",
|
||||||
device=device,
|
device=device,
|
||||||
)
|
)
|
||||||
|
|
||||||
if (
|
if (
|
||||||
device["is_synced"] != state[did]["is_synced"]
|
device["location"] != state[did]["location"]
|
||||||
or device["location"] != state[did]["location"]
|
|
||||||
or device["setup"]["id"] != state[did]["setup"]["id"]
|
or device["setup"]["id"] != state[did]["setup"]["id"]
|
||||||
or device["run"].get("resolution")
|
or device["run"].get("resolution")
|
||||||
!= state[did]["run"].get("resolution")
|
!= state[did]["run"].get("resolution")
|
||||||
|
@ -171,13 +171,56 @@ while True:
|
||||||
|
|
||||||
state = new_state
|
state = new_state
|
||||||
|
|
||||||
if (
|
try:
|
||||||
datetime.now(timezone.utc).strftime("%H%M") == "1312"
|
r = get(
|
||||||
and online_devices
|
"https://info-beamer.com/api/v1/account",
|
||||||
and int(datetime.now(timezone.utc).strftime("%S")) < 30
|
auth=("", CONFIG["api_key"]),
|
||||||
):
|
)
|
||||||
mqtt_out("Online Devices: {}".format(", ".join(sorted(online_devices))))
|
r.raise_for_status()
|
||||||
sleep(30)
|
ib_account = r.json()
|
||||||
|
except RequestException as e:
|
||||||
|
LOG.exception("Could not get data from info-beamer")
|
||||||
|
mqtt_out(
|
||||||
|
f"Could not get data from info-beamer: {e!r}",
|
||||||
|
level="WARN",
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
available_credits = ib_account["balance"]
|
||||||
|
if available_credits < 50:
|
||||||
|
mqtt_out(
|
||||||
|
f"balance has dropped below 50 credits! (available: {available_credits})",
|
||||||
|
level="ERROR",
|
||||||
|
)
|
||||||
|
elif available_credits < 100:
|
||||||
|
mqtt_out(
|
||||||
|
f"balance has dropped below 100 credits! (available: {available_credits})",
|
||||||
|
level="WARN",
|
||||||
|
)
|
||||||
|
|
||||||
|
for quota_name, quota_config in sorted(ib_account["quotas"].items()):
|
||||||
|
value = quota_config["count"]["value"]
|
||||||
|
limit = quota_config["count"]["limit"]
|
||||||
|
if value > limit * 0.9:
|
||||||
|
mqtt_out(
|
||||||
|
f"quota {quota_name} is over 90% (limit {limit}, value {value})",
|
||||||
|
level="ERROR",
|
||||||
|
)
|
||||||
|
elif value > limit * 0.8:
|
||||||
|
mqtt_out(
|
||||||
|
f"quota {quota_name} is over 80% (limit {limit}, value {value})",
|
||||||
|
level="WARN",
|
||||||
|
)
|
||||||
|
|
||||||
|
if datetime.now(ZoneInfo("Europe/Berlin")).strftime("%H%M") == "0900":
|
||||||
|
if available_credits is not None:
|
||||||
|
mqtt_out(f"Available Credits: {available_credits}")
|
||||||
|
|
||||||
|
if online_devices:
|
||||||
|
mqtt_out(
|
||||||
|
"Online Devices: {}".format(", ".join(sorted(online_devices)))
|
||||||
|
)
|
||||||
|
|
||||||
|
sleep(60)
|
||||||
except KeyboardInterrupt:
|
except KeyboardInterrupt:
|
||||||
break
|
break
|
||||||
|
|
||||||
|
|
|
@ -23,9 +23,8 @@ table inet filter {
|
||||||
|
|
||||||
icmp type timestamp-request drop
|
icmp type timestamp-request drop
|
||||||
icmp type timestamp-reply drop
|
icmp type timestamp-reply drop
|
||||||
ip protocol icmp accept
|
meta l4proto {icmp, ipv6-icmp} accept
|
||||||
|
|
||||||
ip6 nexthdr ipv6-icmp accept
|
|
||||||
% for ruleset, rules in sorted(input.items()):
|
% for ruleset, rules in sorted(input.items()):
|
||||||
|
|
||||||
# ${ruleset}
|
# ${ruleset}
|
||||||
|
|
|
@ -29,7 +29,7 @@ defaults = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if not node.has_bundle('vmhost'):
|
if not node.has_bundle('vmhost') and not node.has_bundle('docker-engine'):
|
||||||
# see comment in bundles/vmhost/items.py
|
# see comment in bundles/vmhost/items.py
|
||||||
defaults['apt']['packages']['iptables'] = {
|
defaults['apt']['packages']['iptables'] = {
|
||||||
'installed': False,
|
'installed': False,
|
||||||
|
|
|
@ -11,7 +11,7 @@ events {
|
||||||
http {
|
http {
|
||||||
include /etc/nginx/mime.types;
|
include /etc/nginx/mime.types;
|
||||||
types {
|
types {
|
||||||
application/javascript js mjs;
|
application/javascript mjs;
|
||||||
}
|
}
|
||||||
default_type application/octet-stream;
|
default_type application/octet-stream;
|
||||||
charset UTF-8;
|
charset UTF-8;
|
||||||
|
|
|
@ -149,18 +149,18 @@ server {
|
||||||
% if 'target' in options:
|
% if 'target' in options:
|
||||||
proxy_pass ${options['target']};
|
proxy_pass ${options['target']};
|
||||||
proxy_http_version ${options.get('http_version', '1.1')};
|
proxy_http_version ${options.get('http_version', '1.1')};
|
||||||
proxy_set_header Host ${domain};
|
proxy_set_header Host ${options.get('proxy_pass_host', domain)};
|
||||||
% if options.get('websockets', False):
|
% if options.get('websockets', False):
|
||||||
proxy_set_header Connection "upgrade";
|
proxy_set_header Connection "upgrade";
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
% endif
|
% endif
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
proxy_set_header X-Forwarded-Host ${options.get('x_forwarded_host', domain)};
|
proxy_set_header X-Forwarded-Host ${options.get('x_forwarded_host', options.get('proxy_pass_host', domain))};
|
||||||
% for option, value in options.get('proxy_set_header', {}).items():
|
% for option, value in options.get('proxy_set_header', {}).items():
|
||||||
proxy_set_header ${option} ${value};
|
proxy_set_header ${option} ${value};
|
||||||
% endfor
|
% endfor
|
||||||
% if location != '/':
|
% if location != '/' and location != '= /':
|
||||||
proxy_set_header X-Script-Name ${location};
|
proxy_set_header X-Script-Name ${location};
|
||||||
% endif
|
% endif
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
devnull@${node.metadata.get('postfix/myhostname')} DISCARD DEV-NULL
|
||||||
|
|
||||||
% for address in sorted(blocked):
|
% for address in sorted(blocked):
|
||||||
${address} REJECT
|
${address} REJECT
|
||||||
% endfor
|
% endfor
|
||||||
|
|
|
@ -3,7 +3,7 @@ biff = no
|
||||||
append_dot_mydomain = no
|
append_dot_mydomain = no
|
||||||
readme_directory = no
|
readme_directory = no
|
||||||
compatibility_level = 2
|
compatibility_level = 2
|
||||||
myhostname = ${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}
|
myhostname = ${node.metadata.get('postfix/myhostname')}
|
||||||
myorigin = /etc/mailname
|
myorigin = /etc/mailname
|
||||||
mydestination = $myhostname, localhost
|
mydestination = $myhostname, localhost
|
||||||
mynetworks = ${' '.join(sorted(mynetworks))}
|
mynetworks = ${' '.join(sorted(mynetworks))}
|
||||||
|
@ -25,7 +25,6 @@ inet_interfaces = 127.0.0.1
|
||||||
% endif
|
% endif
|
||||||
|
|
||||||
<%text>
|
<%text>
|
||||||
smtp_use_tls = yes
|
|
||||||
smtp_tls_loglevel = 1
|
smtp_tls_loglevel = 1
|
||||||
smtp_tls_note_starttls_offer = yes
|
smtp_tls_note_starttls_offer = yes
|
||||||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
|
||||||
|
@ -38,8 +37,8 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
</%text>
|
</%text>
|
||||||
|
|
||||||
% if node.has_bundle('postfixadmin'):
|
% if node.has_bundle('postfixadmin'):
|
||||||
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/fullchain.pem
|
smtpd_tls_cert_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/fullchain.pem
|
||||||
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}/privkey.pem
|
smtpd_tls_key_file = /var/lib/dehydrated/certs/${node.metadata.get('postfix/myhostname')}/privkey.pem
|
||||||
<%text>
|
<%text>
|
||||||
smtpd_use_tls=yes
|
smtpd_use_tls=yes
|
||||||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
|
||||||
|
@ -48,7 +47,7 @@ smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
|
||||||
smtpd_helo_required = yes
|
smtpd_helo_required = yes
|
||||||
smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname
|
smtpd_helo_restrictions = permit_mynetworks reject_invalid_helo_hostname
|
||||||
smtpd_data_restrictions = reject_unauth_pipelining
|
smtpd_data_restrictions = reject_unauth_pipelining
|
||||||
smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access hash:/etc/postfix/blocked_recipients
|
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/blocked_recipients, permit_mynetworks
|
||||||
smtpd_relay_before_recipient_restrictions = yes
|
smtpd_relay_before_recipient_restrictions = yes
|
||||||
|
|
||||||
# https://ssl-config.mozilla.org/#server=postfix&version=3.7.10&config=intermediate&openssl=3.0.11&guideline=5.7
|
# https://ssl-config.mozilla.org/#server=postfix&version=3.7.10&config=intermediate&openssl=3.0.11&guideline=5.7
|
||||||
|
|
|
@ -25,7 +25,7 @@ my_package = 'pkg_pacman:postfix' if node.os == 'arch' else 'pkg_apt:postfix'
|
||||||
|
|
||||||
files = {
|
files = {
|
||||||
'/etc/mailname': {
|
'/etc/mailname': {
|
||||||
'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']),
|
'content': node.metadata.get('postfix/myhostname'),
|
||||||
'before': {
|
'before': {
|
||||||
my_package,
|
my_package,
|
||||||
},
|
},
|
||||||
|
|
|
@ -87,7 +87,7 @@ def letsencrypt(metadata):
|
||||||
}
|
}
|
||||||
|
|
||||||
result['domains'] = {
|
result['domains'] = {
|
||||||
metadata.get('postfix/myhostname', metadata.get('hostname')): set(),
|
metadata.get('postfix/myhostname'): set(),
|
||||||
}
|
}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
|
@ -148,3 +148,14 @@ def icinga2(metadata):
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@metadata_reactor.provides(
|
||||||
|
'postfix/myhostname',
|
||||||
|
)
|
||||||
|
def myhostname(metadata):
|
||||||
|
return {
|
||||||
|
'postfix': {
|
||||||
|
'myhostname': metadata.get('hostname'),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
|
@ -57,7 +57,7 @@ files = {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if node.has_bundle('backup-client') and not node.has_bundle('zfs'):
|
if node.has_bundle('backup-client'):
|
||||||
files['/etc/backup-pre-hooks.d/90-postgresql-dump-all'] = {
|
files['/etc/backup-pre-hooks.d/90-postgresql-dump-all'] = {
|
||||||
'source': 'backup-pre-hook',
|
'source': 'backup-pre-hook',
|
||||||
'content_type': 'mako',
|
'content_type': 'mako',
|
||||||
|
@ -67,10 +67,6 @@ if node.has_bundle('backup-client') and not node.has_bundle('zfs'):
|
||||||
'mode': '0700',
|
'mode': '0700',
|
||||||
}
|
}
|
||||||
directories['/var/tmp/postgresdumps'] = {}
|
directories['/var/tmp/postgresdumps'] = {}
|
||||||
else:
|
|
||||||
files['/var/tmp/postgresdumps'] = {
|
|
||||||
'delete': True,
|
|
||||||
}
|
|
||||||
|
|
||||||
postgres_roles = {
|
postgres_roles = {
|
||||||
'root': {
|
'root': {
|
||||||
|
|
|
@ -11,6 +11,7 @@ defaults = {
|
||||||
'backups': {
|
'backups': {
|
||||||
'paths': {
|
'paths': {
|
||||||
'/var/lib/postgresql',
|
'/var/lib/postgresql',
|
||||||
|
'/var/tmp/postgresdumps',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'bash_functions': {
|
'bash_functions': {
|
||||||
|
@ -74,8 +75,6 @@ if node.has_bundle('zfs'):
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
else:
|
|
||||||
defaults['backups']['paths'].add('/var/tmp/postgresdumps')
|
|
||||||
|
|
||||||
|
|
||||||
@metadata_reactor.provides(
|
@metadata_reactor.provides(
|
||||||
|
|
|
@ -3,6 +3,8 @@ from os import listdir
|
||||||
from os.path import isfile, join
|
from os.path import isfile, join
|
||||||
from subprocess import check_output
|
from subprocess import check_output
|
||||||
|
|
||||||
|
from bundlewrap.utils.ui import io
|
||||||
|
|
||||||
zone_path = join(repo.path, 'data', 'powerdns', 'files', 'bind-zones')
|
zone_path = join(repo.path, 'data', 'powerdns', 'files', 'bind-zones')
|
||||||
|
|
||||||
nameservers = set()
|
nameservers = set()
|
||||||
|
@ -79,9 +81,10 @@ if node.metadata.get('powerdns/features/bind', False):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
try:
|
try:
|
||||||
output = check_output(['git', 'log', '-1', '--pretty=%ci', join(zone_path, zone)]).decode('utf-8').strip()
|
output = check_output(['git', 'log', '-1', '--pretty=%ci']).decode('utf-8').strip()
|
||||||
serial = datetime.strptime(output, '%Y-%m-%d %H:%M:%S %z').strftime('%y%m%d%H%M')
|
serial = datetime.strptime(output, '%Y-%m-%d %H:%M:%S %z').strftime('%y%m%d%H%M')
|
||||||
except:
|
except Exception as e:
|
||||||
|
io.stderr(f"Error while parsing commit time for {zone} serial: {e!r}")
|
||||||
serial = datetime.now().strftime('%y%m%d0000')
|
serial = datetime.now().strftime('%y%m%d0000')
|
||||||
|
|
||||||
primary_zones.add(zone)
|
primary_zones.add(zone)
|
||||||
|
|
|
@ -71,8 +71,8 @@ actions = {
|
||||||
'chown -R powerdnsadmin:powerdnsadmin /opt/powerdnsadmin/src/powerdnsadmin/static/',
|
'chown -R powerdnsadmin:powerdnsadmin /opt/powerdnsadmin/src/powerdnsadmin/static/',
|
||||||
]),
|
]),
|
||||||
'needs': {
|
'needs': {
|
||||||
'action:nodejs_install_yarn',
|
|
||||||
'action:powerdnsadmin_install_deps',
|
'action:powerdnsadmin_install_deps',
|
||||||
|
'bundle:nodejs',
|
||||||
'pkg_apt:',
|
'pkg_apt:',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
@ -7,7 +7,6 @@ from subprocess import check_output
|
||||||
|
|
||||||
from requests import get
|
from requests import get
|
||||||
|
|
||||||
|
|
||||||
UPDATE_URL = '${url}'
|
UPDATE_URL = '${url}'
|
||||||
USERNAME = '${username}'
|
USERNAME = '${username}'
|
||||||
PASSWORD = '${password}'
|
PASSWORD = '${password}'
|
||||||
|
|
|
@ -5,7 +5,6 @@ from ipaddress import ip_address
|
||||||
from json import loads
|
from json import loads
|
||||||
from subprocess import check_output, run
|
from subprocess import check_output, run
|
||||||
|
|
||||||
|
|
||||||
DOMAIN = '${domain}'
|
DOMAIN = '${domain}'
|
||||||
|
|
||||||
# <%text>
|
# <%text>
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
assert node.has_bundle('redis'), f'{node.name}: pretalx needs redis'
|
assert node.has_bundle('redis'), f'{node.name}: pretalx needs redis'
|
||||||
assert node.has_bundle('nodejs'), f'{node.name}: pretalx needs nodejs for rebuild and regenerate_css step'
|
assert node.has_bundle('nodejs'), f'{node.name}: pretalx needs nodejs for rebuild step'
|
||||||
|
|
||||||
actions = {
|
actions = {
|
||||||
'pretalx_create_virtualenv': {
|
'pretalx_create_virtualenv': {
|
||||||
|
@ -53,17 +53,6 @@ actions = {
|
||||||
},
|
},
|
||||||
'triggered': True,
|
'triggered': True,
|
||||||
},
|
},
|
||||||
'pretalx_regenerate-css': {
|
|
||||||
'command': 'sudo -u pretalx PRETALX_CONFIG_FILE=/opt/pretalx/pretalx.cfg /opt/pretalx/venv/bin/python -m pretalx regenerate_css',
|
|
||||||
'needs': {
|
|
||||||
'action:pretalx_migrate',
|
|
||||||
'directory:/opt/pretalx/data',
|
|
||||||
'directory:/opt/pretalx/static',
|
|
||||||
'file:/opt/pretalx/pretalx.cfg',
|
|
||||||
'bundle:nodejs',
|
|
||||||
},
|
|
||||||
'triggered': True,
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
users = {
|
users = {
|
||||||
|
@ -90,7 +79,6 @@ git_deploy = {
|
||||||
'action:pretalx_install',
|
'action:pretalx_install',
|
||||||
'action:pretalx_migrate',
|
'action:pretalx_migrate',
|
||||||
'action:pretalx_rebuild',
|
'action:pretalx_rebuild',
|
||||||
'action:pretalx_regenerate-css',
|
|
||||||
'svc_systemd:pretalx-web:restart',
|
'svc_systemd:pretalx-web:restart',
|
||||||
'svc_systemd:pretalx-worker:restart',
|
'svc_systemd:pretalx-worker:restart',
|
||||||
},
|
},
|
||||||
|
@ -121,7 +109,6 @@ svc_systemd = {
|
||||||
'action:pretalx_install',
|
'action:pretalx_install',
|
||||||
'action:pretalx_migrate',
|
'action:pretalx_migrate',
|
||||||
'action:pretalx_rebuild',
|
'action:pretalx_rebuild',
|
||||||
'action:pretalx_regenerate-css',
|
|
||||||
'file:/etc/systemd/system/pretalx-web.service',
|
'file:/etc/systemd/system/pretalx-web.service',
|
||||||
'file:/opt/pretalx/pretalx.cfg',
|
'file:/opt/pretalx/pretalx.cfg',
|
||||||
},
|
},
|
||||||
|
@ -129,7 +116,8 @@ svc_systemd = {
|
||||||
'pretalx-worker': {
|
'pretalx-worker': {
|
||||||
'needs': {
|
'needs': {
|
||||||
'action:pretalx_install',
|
'action:pretalx_install',
|
||||||
'action:pretalx_migrate',
|
'action:pretalx_migrate',,
|
||||||
|
'action:pretalx_rebuild',
|
||||||
'file:/etc/systemd/system/pretalx-worker.service',
|
'file:/etc/systemd/system/pretalx-worker.service',
|
||||||
'file:/opt/pretalx/pretalx.cfg',
|
'file:/opt/pretalx/pretalx.cfg',
|
||||||
},
|
},
|
||||||
|
@ -204,7 +192,6 @@ for plugin_name, plugin_config in node.metadata.get('pretalx/plugins', {}).items
|
||||||
'triggers': {
|
'triggers': {
|
||||||
'action:pretalx_migrate',
|
'action:pretalx_migrate',
|
||||||
'action:pretalx_rebuild',
|
'action:pretalx_rebuild',
|
||||||
'action:pretalx_regenerate-css',
|
|
||||||
'svc_systemd:pretalx-web:restart',
|
'svc_systemd:pretalx-web:restart',
|
||||||
'svc_systemd:pretalx-worker:restart',
|
'svc_systemd:pretalx-worker:restart',
|
||||||
},
|
},
|
||||||
|
|
13
bundles/proftpd/items.py
Normal file
13
bundles/proftpd/items.py
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
files['/etc/proftpd/proftpd.conf'] = {
|
||||||
|
'source': f'{node.name}.conf',
|
||||||
|
'triggers': {
|
||||||
|
'svc_systemd:proftpd:restart',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
svc_systemd['proftpd'] = {
|
||||||
|
'needs': {
|
||||||
|
'file:/etc/proftpd/proftpd.conf',
|
||||||
|
'pkg_apt:proftpd-core',
|
||||||
|
},
|
||||||
|
}
|
26
bundles/proftpd/metadata.py
Normal file
26
bundles/proftpd/metadata.py
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
from bundlewrap.metadata import atomic
|
||||||
|
|
||||||
|
defaults = {
|
||||||
|
'apt': {
|
||||||
|
'packages': {
|
||||||
|
'proftpd-core': {},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@metadata_reactor.provides(
|
||||||
|
'firewall/port_rules',
|
||||||
|
)
|
||||||
|
def firewall(metadata):
|
||||||
|
sources = atomic(metadata.get('mosquitto/restrict-to', set()))
|
||||||
|
|
||||||
|
return {
|
||||||
|
'firewall': {
|
||||||
|
'port_rules': {
|
||||||
|
'20/tcp': sources,
|
||||||
|
'21/tcp': sources,
|
||||||
|
'49152-50192/tcp': sources,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
|
@ -48,3 +48,4 @@ tcp-keepalive 0
|
||||||
timeout 0
|
timeout 0
|
||||||
zset-max-ziplist-entries 128
|
zset-max-ziplist-entries 128
|
||||||
zset-max-ziplist-value 64
|
zset-max-ziplist-value 64
|
||||||
|
protected-mode no
|
||||||
|
|
|
@ -2,7 +2,6 @@ import re
|
||||||
from json import load
|
from json import load
|
||||||
from os.path import join
|
from os.path import join
|
||||||
|
|
||||||
|
|
||||||
with open(join(repo.path, 'configs', 'netbox', f'{node.name}.json')) as f:
|
with open(join(repo.path, 'configs', 'netbox', f'{node.name}.json')) as f:
|
||||||
netbox = load(f)
|
netbox = load(f)
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
reporting {
|
reporting {
|
||||||
enabled = true;
|
enabled = true;
|
||||||
email = 'dmarc+${node.name.replace('.', '-')}@kunbox.net';
|
email = 'devnull@${node.metadata.get('postfix/myhostname')}';
|
||||||
domain = '${node.metadata.get('hostname')}';
|
domain = '${node.metadata.get('postfix/myhostname')}';
|
||||||
org_name = 'kunbox.net';
|
org_name = 'kunbox.net';
|
||||||
smtp = '127.0.0.1';
|
smtp = '127.0.0.1';
|
||||||
smtp_port = 25;
|
smtp_port = 25;
|
||||||
|
|
|
@ -6,6 +6,11 @@ defaults = {
|
||||||
'rsyslog': {},
|
'rsyslog': {},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'backups': {
|
||||||
|
'paths': {
|
||||||
|
'/var/log/rsyslog',
|
||||||
|
},
|
||||||
|
},
|
||||||
'icinga2_api': {
|
'icinga2_api': {
|
||||||
'rsyslog': {
|
'rsyslog': {
|
||||||
'services': {
|
'services': {
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
DATE=$(date +%F_%H-%M-%S)
|
|
||||||
|
|
||||||
cd "$1"
|
|
||||||
|
|
||||||
convert *.tiff no_ocr.pdf
|
|
||||||
ocrmypdf -l deu no_ocr.pdf has_ocr.pdf
|
|
||||||
|
|
||||||
rm -f *.tiff
|
|
||||||
rm -f no_ocr.pdf
|
|
||||||
|
|
||||||
chown nobody:nogroup has_ocr.pdf
|
|
||||||
|
|
||||||
mv has_ocr.pdf "/srv/scansnap/${DATE}.pdf"
|
|
||||||
|
|
||||||
cd /
|
|
||||||
|
|
||||||
rm -r "$1"
|
|
|
@ -1,9 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
OUTFILE=$(mktemp -d)
|
|
||||||
|
|
||||||
scanimage --source 'ADF Duplex' --format tiff --mode Color --brightness 23 --resolution 300 --page-width 210 --page-height 297.3 -x 210 -y 297.3 --batch=${OUTFILE}/p%04d.tiff
|
|
||||||
|
|
||||||
/etc/scanbd/scripts/ocr.sh "$OUTFILE" &
|
|
|
@ -1,52 +0,0 @@
|
||||||
global {
|
|
||||||
debug = true
|
|
||||||
debug-level = 2
|
|
||||||
|
|
||||||
user = saned
|
|
||||||
group = scanner
|
|
||||||
|
|
||||||
saned = "/usr/sbin/saned"
|
|
||||||
saned_opt = {}
|
|
||||||
saned_env = { "SANE_CONFIG_DIR=/etc/scanbd" }
|
|
||||||
|
|
||||||
scriptdir = /etc/scanbd/scripts
|
|
||||||
|
|
||||||
timeout = 500
|
|
||||||
|
|
||||||
pidfile = "/var/run/scanbd.pid"
|
|
||||||
|
|
||||||
environment {
|
|
||||||
device = "SCANBD_DEVICE"
|
|
||||||
action = "SCANBD_ACTION"
|
|
||||||
}
|
|
||||||
|
|
||||||
function function_knob {
|
|
||||||
filter = "^message.*"
|
|
||||||
desc = "The value of the function knob / wheel / selector"
|
|
||||||
env = "SCANBD_FUNCTION"
|
|
||||||
}
|
|
||||||
function function_mode {
|
|
||||||
filter = "^mode.*"
|
|
||||||
desc = "Color mode"
|
|
||||||
env = "SCANBD_FUNCTION_MODE"
|
|
||||||
}
|
|
||||||
|
|
||||||
multiple_actions = false
|
|
||||||
action scan {
|
|
||||||
filter = "^scan.*"
|
|
||||||
numerical-trigger {
|
|
||||||
from-value = 0
|
|
||||||
to-value = 1
|
|
||||||
}
|
|
||||||
desc = "Scan to file"
|
|
||||||
script = "scan.sh"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
include(scanner.d/avision.conf)
|
|
||||||
include(scanner.d/fujitsu.conf)
|
|
||||||
include(scanner.d/hp.conf)
|
|
||||||
include(scanner.d/pixma.conf)
|
|
||||||
include(scanner.d/snapscan.conf)
|
|
||||||
include(scanner.d/canon.conf)
|
|
||||||
include(scanner.d/plustek.conf)
|
|
|
@ -1,39 +0,0 @@
|
||||||
directories = {
|
|
||||||
'/etc/scanbd/scripts': {
|
|
||||||
'purge': True,
|
|
||||||
},
|
|
||||||
'/srv/scansnap': {
|
|
||||||
'owner': 'nobody',
|
|
||||||
'group': 'nogroup',
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
files = {
|
|
||||||
'/etc/scanbd/scanbd.conf': {
|
|
||||||
'triggers': {
|
|
||||||
'svc_systemd:scanbd:restart',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'/etc/scanbd/scripts/ocr.sh': {
|
|
||||||
'mode': '0755',
|
|
||||||
'needs': {
|
|
||||||
'directory:/srv/scansnap',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'/etc/scanbd/scripts/scan.sh': {
|
|
||||||
'mode': '0755',
|
|
||||||
'needs': {
|
|
||||||
'directory:/srv/scansnap',
|
|
||||||
'file:/etc/scanbd/scripts/ocr.sh',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
svc_systemd = {
|
|
||||||
'scanbd': {
|
|
||||||
'needs': {
|
|
||||||
'file:/etc/scanbd/scanbd.conf',
|
|
||||||
'pkg_apt:scanbd',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
|
@ -1,22 +0,0 @@
|
||||||
defaults = {
|
|
||||||
'apt': {
|
|
||||||
'packages': {
|
|
||||||
'sane-utils': {},
|
|
||||||
'scanbd': {},
|
|
||||||
'imagemagick': {},
|
|
||||||
'ocrmypdf': {},
|
|
||||||
'tesseract-ocr-deu': {},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'backups': {
|
|
||||||
'paths': {
|
|
||||||
'/srv/scansnap',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'cron': {
|
|
||||||
'jobs': {
|
|
||||||
# Automatically remove files which are older than 14 days
|
|
||||||
'scansnap_cleanup': '00 00 * * * root /usr/bin/find /srv/scansnap/ -mindepth 1 -mtime +14 -delete',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
}
|
|
|
@ -43,30 +43,6 @@ if node.has_bundle('telegraf'):
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@metadata_reactor.provides(
|
|
||||||
'smartd/disks',
|
|
||||||
)
|
|
||||||
def zfs_disks_to_metadata(metadata):
|
|
||||||
disks = set()
|
|
||||||
|
|
||||||
for config in metadata.get('zfs/pools', {}).values():
|
|
||||||
for option in config['when_creating']['config']:
|
|
||||||
if option.get('type', '') in {'log', 'cache'}:
|
|
||||||
continue
|
|
||||||
|
|
||||||
for disk in option['devices']:
|
|
||||||
if search(r'p([0-9]+)$', disk) or disk.startswith('/dev/mapper/'):
|
|
||||||
continue
|
|
||||||
|
|
||||||
disks.add(disk)
|
|
||||||
|
|
||||||
return {
|
|
||||||
'smartd': {
|
|
||||||
'disks': disks,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@metadata_reactor.provides(
|
@metadata_reactor.provides(
|
||||||
'icinga2_api/smartd/services',
|
'icinga2_api/smartd/services',
|
||||||
)
|
)
|
||||||
|
|
|
@ -4,27 +4,30 @@ from re import findall
|
||||||
from subprocess import check_output
|
from subprocess import check_output
|
||||||
from sys import exit
|
from sys import exit
|
||||||
|
|
||||||
|
ITERATIONS = 10
|
||||||
|
|
||||||
try:
|
try:
|
||||||
top_output = None
|
top_output = None
|
||||||
|
|
||||||
for line in check_output(['top', '-b', '-n1', '-d1']).decode('UTF-8').splitlines():
|
top_output = check_output(rf"top -b -n{ITERATIONS} -d1 | grep -i '^%cpu'", shell=True).decode('UTF-8')
|
||||||
if line.lower().strip().startswith('%cpu'):
|
|
||||||
top_output = line.lower().split(':', 2)[1]
|
|
||||||
break
|
|
||||||
|
|
||||||
if not top_output:
|
|
||||||
print('%cpu not found in top output')
|
|
||||||
exit(3)
|
|
||||||
|
|
||||||
cpu_usage = {}
|
cpu_usage = {}
|
||||||
for value, identifier in findall('([0-9\.\,]{3,5}) ([a-z]{2})', top_output):
|
for value, identifier in findall(r'([0-9\.\,]{3,5}) ([a-z]{2})', top_output):
|
||||||
cpu_usage[identifier] = float(value.replace(',', '.'))
|
if identifier not in cpu_usage:
|
||||||
|
cpu_usage[identifier] = 0.0
|
||||||
|
cpu_usage[identifier] += float(value.replace(',', '.'))
|
||||||
|
|
||||||
|
output = []
|
||||||
|
for identifier, value_added in cpu_usage.items():
|
||||||
|
value = value_added / ITERATIONS
|
||||||
|
output.append(f"{value:.2f} {identifier}")
|
||||||
|
cpu_usage[identifier] = value
|
||||||
|
|
||||||
|
print(f"Average over {ITERATIONS} seconds: " + ", ".join(output))
|
||||||
|
|
||||||
warn = set()
|
warn = set()
|
||||||
crit = set()
|
crit = set()
|
||||||
|
|
||||||
print(top_output)
|
|
||||||
|
|
||||||
# steal
|
# steal
|
||||||
if cpu_usage['st'] > 10:
|
if cpu_usage['st'] > 10:
|
||||||
crit.add('CPU steal is {}% (>10%)'.format(cpu_usage['st']))
|
crit.add('CPU steal is {}% (>10%)'.format(cpu_usage['st']))
|
||||||
|
|
|
@ -22,7 +22,8 @@ case "$issuer_hash" in
|
||||||
# 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5
|
# 462422cf: issuer=C = US, O = Let's Encrypt, CN = E5
|
||||||
# 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6
|
# 9aad238c: issuer=C = US, O = Let's Encrypt, CN = E6
|
||||||
# 31dfb39d: issuer=C = US, O = Let's Encrypt, CN = R11
|
# 31dfb39d: issuer=C = US, O = Let's Encrypt, CN = R11
|
||||||
4f06f81d|8d33f237|462422cf|9aad238c|31dfb39d)
|
# aa578057: issuer=C = US, O = Let's Encrypt, CN = R10
|
||||||
|
4f06f81d|8d33f237|462422cf|9aad238c|31dfb39d|aa578057)
|
||||||
warn_days=10
|
warn_days=10
|
||||||
crit_days=3
|
crit_days=3
|
||||||
;;
|
;;
|
||||||
|
|
|
@ -19,6 +19,8 @@ defaults = {
|
||||||
'services': {
|
'services': {
|
||||||
'CPU': {
|
'CPU': {
|
||||||
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_cpu_stats',
|
'command_on_monitored_host': '/usr/local/share/icinga/plugins/check_cpu_stats',
|
||||||
|
# takes samples over 10 seconds
|
||||||
|
'vars.sshmon_timeout': 20
|
||||||
},
|
},
|
||||||
'LOAD': {
|
'LOAD': {
|
||||||
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_load -r -w 4,2,1 -c 8,4,2',
|
'command_on_monitored_host': '/usr/lib/nagios/plugins/check_load -r -w 4,2,1 -c 8,4,2',
|
||||||
|
|
|
@ -170,7 +170,7 @@ def scrub_timer(metadata):
|
||||||
'systemd-timers': {
|
'systemd-timers': {
|
||||||
'timers': {
|
'timers': {
|
||||||
'zfs-scrub': {
|
'zfs-scrub': {
|
||||||
'when': 'Sun 02:00:00 UTC',
|
'when': metadata.get('zfs/scrub_when', 'Sun 02:00:00 UTC'),
|
||||||
'command': scrubs,
|
'command': scrubs,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
109.237.176.0/20
|
109.237.176.0/20
|
||||||
|
109.72.116.0/24
|
||||||
116.50.16.0/21
|
116.50.16.0/21
|
||||||
|
128.65.164.0/22
|
||||||
129.181.208.0/21
|
129.181.208.0/21
|
||||||
129.181.216.0/22
|
129.181.216.0/22
|
||||||
137.170.112.0/24
|
137.170.112.0/24
|
||||||
|
@ -15,13 +17,12 @@
|
||||||
139.12.4.0/24
|
139.12.4.0/24
|
||||||
141.169.240.0/20
|
141.169.240.0/20
|
||||||
141.77.0.0/16
|
141.77.0.0/16
|
||||||
141.98.44.0/24
|
|
||||||
143.99.213.0/24
|
143.99.213.0/24
|
||||||
145.225.16.0/23
|
145.225.16.0/23
|
||||||
146.247.58.0/24
|
146.247.58.0/24
|
||||||
147.136.84.0/22
|
|
||||||
147.161.22.0/24
|
147.161.22.0/24
|
||||||
147.78.17.0/24
|
147.78.17.0/24
|
||||||
|
147.79.8.0/21
|
||||||
149.208.250.0/23
|
149.208.250.0/23
|
||||||
149.208.252.0/24
|
149.208.252.0/24
|
||||||
149.208.253.0/24
|
149.208.253.0/24
|
||||||
|
@ -34,6 +35,7 @@
|
||||||
149.249.244.0/22
|
149.249.244.0/22
|
||||||
149.249.244.0/23
|
149.249.244.0/23
|
||||||
149.249.246.0/23
|
149.249.246.0/23
|
||||||
|
153.17.244.8/29
|
||||||
153.17.249.0/24
|
153.17.249.0/24
|
||||||
153.17.250.0/24
|
153.17.250.0/24
|
||||||
153.17.251.0/24
|
153.17.251.0/24
|
||||||
|
@ -46,7 +48,11 @@
|
||||||
153.97.32.0/24
|
153.97.32.0/24
|
||||||
158.116.231.0/24
|
158.116.231.0/24
|
||||||
160.211.126.0/24
|
160.211.126.0/24
|
||||||
163.5.168.0/24
|
163.5.156.0/24
|
||||||
|
163.5.170.0/24
|
||||||
|
163.5.186.0/24
|
||||||
|
163.5.220.0/24
|
||||||
|
163.5.66.0/24
|
||||||
164.133.10.0/24
|
164.133.10.0/24
|
||||||
164.133.11.0/24
|
164.133.11.0/24
|
||||||
164.133.150.0/24
|
164.133.150.0/24
|
||||||
|
@ -60,11 +66,9 @@
|
||||||
168.199.192.0/22
|
168.199.192.0/22
|
||||||
168.199.212.0/22
|
168.199.212.0/22
|
||||||
170.237.92.0/23
|
170.237.92.0/23
|
||||||
171.25.178.0/24
|
|
||||||
176.221.24.0/24
|
|
||||||
176.221.25.0/24
|
|
||||||
176.53.136.0/24
|
176.53.136.0/24
|
||||||
176.53.137.0/24
|
176.53.137.0/24
|
||||||
|
176.57.59.0/24
|
||||||
185.100.160.0/22
|
185.100.160.0/22
|
||||||
185.101.244.0/23
|
185.101.244.0/23
|
||||||
185.101.246.0/23
|
185.101.246.0/23
|
||||||
|
@ -76,45 +80,38 @@
|
||||||
185.131.239.0/24
|
185.131.239.0/24
|
||||||
185.133.12.0/22
|
185.133.12.0/22
|
||||||
185.136.115.0/24
|
185.136.115.0/24
|
||||||
185.149.25.0/24
|
|
||||||
185.149.26.0/24
|
|
||||||
185.149.27.0/24
|
|
||||||
185.149.52.0/24
|
185.149.52.0/24
|
||||||
185.157.101.0/24
|
185.157.101.0/24
|
||||||
185.161.176.0/22
|
185.161.176.0/22
|
||||||
185.162.72.0/23
|
|
||||||
185.163.76.0/24
|
185.163.76.0/24
|
||||||
185.163.77.0/24
|
185.163.77.0/24
|
||||||
185.163.78.0/24
|
185.163.78.0/24
|
||||||
185.163.79.0/24
|
185.163.79.0/24
|
||||||
185.172.38.0/24
|
|
||||||
185.172.39.0/24
|
|
||||||
185.180.224.0/24
|
185.180.224.0/24
|
||||||
185.183.212.0/23
|
185.183.212.0/23
|
||||||
185.183.214.0/23
|
185.183.214.0/23
|
||||||
185.188.64.0/24
|
185.188.64.0/24
|
||||||
|
185.195.239.0/24
|
||||||
185.198.13.0/24
|
185.198.13.0/24
|
||||||
185.202.32.0/21
|
185.202.32.0/21
|
||||||
185.203.148.0/22
|
|
||||||
185.207.46.0/24
|
185.207.46.0/24
|
||||||
185.235.71.0/24
|
185.21.247.0/24
|
||||||
185.237.0.0/24
|
185.237.0.0/24
|
||||||
185.237.1.0/24
|
185.237.1.0/24
|
||||||
185.237.2.0/24
|
185.237.2.0/24
|
||||||
185.240.85.0/24
|
|
||||||
185.242.224.0/24
|
185.242.224.0/24
|
||||||
185.243.44.0/22
|
185.243.44.0/22
|
||||||
185.243.44.0/24
|
185.243.44.0/24
|
||||||
185.243.45.0/24
|
185.243.45.0/24
|
||||||
185.243.46.0/24
|
185.243.46.0/24
|
||||||
185.243.47.0/24
|
185.243.47.0/24
|
||||||
185.250.42.0/23
|
|
||||||
185.28.208.0/22
|
185.28.208.0/22
|
||||||
185.39.12.0/22
|
185.39.12.0/22
|
||||||
185.48.0.0/22
|
185.48.0.0/22
|
||||||
|
185.57.231.0/24
|
||||||
185.57.24.0/24
|
185.57.24.0/24
|
||||||
185.82.160.0/23
|
185.82.160.0/23
|
||||||
185.91.204.0/22
|
188.214.139.0/24
|
||||||
192.109.121.0/24
|
192.109.121.0/24
|
||||||
192.109.122.0/24
|
192.109.122.0/24
|
||||||
192.109.124.0/24
|
192.109.124.0/24
|
||||||
|
@ -176,7 +173,6 @@
|
||||||
193.110.102.0/23
|
193.110.102.0/23
|
||||||
193.110.102.0/24
|
193.110.102.0/24
|
||||||
193.110.103.0/24
|
193.110.103.0/24
|
||||||
193.124.35.0/24
|
|
||||||
193.138.91.0/24
|
193.138.91.0/24
|
||||||
193.141.143.0/24
|
193.141.143.0/24
|
||||||
193.141.180.0/23
|
193.141.180.0/23
|
||||||
|
@ -243,7 +239,6 @@
|
||||||
193.41.10.0/23
|
193.41.10.0/23
|
||||||
193.47.164.0/24
|
193.47.164.0/24
|
||||||
193.53.93.0/24
|
193.53.93.0/24
|
||||||
193.56.21.0/24
|
|
||||||
193.58.253.0/24
|
193.58.253.0/24
|
||||||
193.84.136.0/22
|
193.84.136.0/22
|
||||||
193.96.230.0/24
|
193.96.230.0/24
|
||||||
|
@ -253,6 +248,7 @@
|
||||||
193.98.224.0/24
|
193.98.224.0/24
|
||||||
193.99.96.0/20
|
193.99.96.0/20
|
||||||
194.0.151.0/24
|
194.0.151.0/24
|
||||||
|
194.0.232.0/24
|
||||||
194.110.133.0/24
|
194.110.133.0/24
|
||||||
194.113.160.0/22
|
194.113.160.0/22
|
||||||
194.113.20.0/23
|
194.113.20.0/23
|
||||||
|
@ -295,6 +291,13 @@
|
||||||
194.15.64.0/21
|
194.15.64.0/21
|
||||||
194.15.72.0/22
|
194.15.72.0/22
|
||||||
194.150.228.0/23
|
194.150.228.0/23
|
||||||
|
194.152.128.0/24
|
||||||
|
194.152.129.0/24
|
||||||
|
194.152.132.0/24
|
||||||
|
194.152.141.0/24
|
||||||
|
194.152.142.0/24
|
||||||
|
194.152.154.0/24
|
||||||
|
194.152.155.0/24
|
||||||
194.153.86.0/24
|
194.153.86.0/24
|
||||||
194.156.128.0/22
|
194.156.128.0/22
|
||||||
194.156.148.0/24
|
194.156.148.0/24
|
||||||
|
@ -337,26 +340,20 @@
|
||||||
194.39.63.0/24
|
194.39.63.0/24
|
||||||
194.39.88.0/21
|
194.39.88.0/21
|
||||||
194.39.97.0/24
|
194.39.97.0/24
|
||||||
194.45.144.0/21
|
|
||||||
194.49.110.0/24
|
|
||||||
194.49.117.0/24
|
194.49.117.0/24
|
||||||
194.49.118.0/23
|
194.49.118.0/23
|
||||||
194.49.125.0/24
|
194.49.125.0/24
|
||||||
194.49.48.0/24
|
194.49.48.0/24
|
||||||
194.49.54.0/24
|
194.49.54.0/24
|
||||||
194.49.72.0/24
|
|
||||||
194.49.73.0/24
|
194.49.73.0/24
|
||||||
194.49.74.0/23
|
194.49.74.0/23
|
||||||
194.49.85.0/24
|
194.49.85.0/24
|
||||||
194.55.158.0/24
|
|
||||||
194.55.180.0/24
|
194.55.180.0/24
|
||||||
194.55.183.0/24
|
194.55.183.0/24
|
||||||
194.55.192.0/19
|
194.55.192.0/19
|
||||||
194.55.63.0/24
|
194.55.63.0/24
|
||||||
194.55.64.0/20
|
194.55.64.0/20
|
||||||
194.55.87.0/24
|
194.55.87.0/24
|
||||||
194.58.40.0/24
|
|
||||||
194.58.56.0/23
|
|
||||||
194.59.143.0/24
|
194.59.143.0/24
|
||||||
194.59.150.0/24
|
194.59.150.0/24
|
||||||
194.59.151.0/24
|
194.59.151.0/24
|
||||||
|
@ -382,34 +379,22 @@
|
||||||
194.76.52.0/24
|
194.76.52.0/24
|
||||||
194.77.41.0/24
|
194.77.41.0/24
|
||||||
194.77.42.0/24
|
194.77.42.0/24
|
||||||
194.85.248.0/24
|
|
||||||
194.85.251.0/24
|
|
||||||
194.87.10.0/24
|
|
||||||
194.87.17.0/24
|
|
||||||
194.87.255.0/24
|
|
||||||
194.87.77.0/24
|
|
||||||
194.88.112.0/20
|
|
||||||
194.88.16.0/21
|
194.88.16.0/21
|
||||||
194.88.24.0/23
|
194.88.24.0/23
|
||||||
194.88.26.0/24
|
194.88.26.0/24
|
||||||
194.88.28.0/23
|
194.88.28.0/23
|
||||||
194.88.96.0/21
|
|
||||||
194.99.118.0/24
|
194.99.118.0/24
|
||||||
194.99.34.0/24
|
194.99.34.0/24
|
||||||
194.99.76.0/23
|
194.99.76.0/23
|
||||||
194.99.83.0/24
|
194.99.83.0/24
|
||||||
194.99.92.0/22
|
194.99.92.0/22
|
||||||
195.133.20.0/24
|
|
||||||
195.133.64.0/22
|
|
||||||
195.133.7.0/24
|
195.133.7.0/24
|
||||||
195.133.76.0/24
|
|
||||||
195.137.216.0/23
|
195.137.216.0/23
|
||||||
195.138.223.0/24
|
195.138.223.0/24
|
||||||
195.144.15.0/24
|
195.144.15.0/24
|
||||||
195.145.0.0/16
|
195.145.0.0/16
|
||||||
195.149.79.0/24
|
195.149.79.0/24
|
||||||
195.160.248.0/22
|
195.160.248.0/22
|
||||||
195.178.132.0/22
|
|
||||||
195.190.2.0/24
|
195.190.2.0/24
|
||||||
195.192.254.0/24
|
195.192.254.0/24
|
||||||
195.200.207.0/24
|
195.200.207.0/24
|
||||||
|
@ -436,12 +421,14 @@
|
||||||
198.40.90.0/24
|
198.40.90.0/24
|
||||||
198.57.10.0/24
|
198.57.10.0/24
|
||||||
2.160.0.0/12
|
2.160.0.0/12
|
||||||
|
2.58.100.0/24
|
||||||
2.58.102.0/24
|
2.58.102.0/24
|
||||||
|
204.52.120.0/24
|
||||||
|
204.52.121.0/24
|
||||||
204.69.32.0/24
|
204.69.32.0/24
|
||||||
205.142.63.0/24
|
205.142.63.0/24
|
||||||
212.184.0.0/15
|
212.184.0.0/15
|
||||||
212.185.0.0/16
|
212.185.0.0/16
|
||||||
212.87.217.0/24
|
|
||||||
213.145.90.0/23
|
213.145.90.0/23
|
||||||
213.145.92.0/23
|
213.145.92.0/23
|
||||||
213.173.0.0/19
|
213.173.0.0/19
|
||||||
|
@ -450,6 +437,7 @@
|
||||||
213.209.156.0/24
|
213.209.156.0/24
|
||||||
217.0.0.0/13
|
217.0.0.0/13
|
||||||
217.117.96.0/24
|
217.117.96.0/24
|
||||||
|
217.198.189.0/24
|
||||||
217.224.0.0/11
|
217.224.0.0/11
|
||||||
217.24.32.0/20
|
217.24.32.0/20
|
||||||
217.24.33.0/24
|
217.24.33.0/24
|
||||||
|
@ -459,35 +447,21 @@
|
||||||
31.224.0.0/11
|
31.224.0.0/11
|
||||||
31.6.56.0/23
|
31.6.56.0/23
|
||||||
37.143.0.0/22
|
37.143.0.0/22
|
||||||
37.230.56.0/24
|
|
||||||
37.230.57.0/24
|
|
||||||
37.230.58.0/23
|
|
||||||
37.230.60.0/24
|
|
||||||
37.230.63.0/24
|
|
||||||
37.46.11.0/24
|
37.46.11.0/24
|
||||||
37.50.0.0/15
|
37.50.0.0/15
|
||||||
37.80.0.0/12
|
37.80.0.0/12
|
||||||
45.128.14.0/23
|
|
||||||
45.132.217.0/24
|
|
||||||
45.132.80.0/22
|
45.132.80.0/22
|
||||||
45.140.208.0/24
|
45.141.54.0/24
|
||||||
45.141.130.0/24
|
45.145.16.0/24
|
||||||
45.142.236.0/24
|
|
||||||
45.145.241.0/24
|
|
||||||
45.145.243.0/24
|
|
||||||
45.147.227.0/24
|
45.147.227.0/24
|
||||||
|
45.155.77.0/24
|
||||||
45.81.255.0/24
|
45.81.255.0/24
|
||||||
45.83.136.0/22
|
45.83.136.0/22
|
||||||
45.84.214.0/24
|
|
||||||
45.93.186.0/23
|
45.93.186.0/23
|
||||||
46.20.216.0/21
|
|
||||||
46.250.224.0/21
|
46.250.224.0/21
|
||||||
46.250.232.0/21
|
46.250.232.0/21
|
||||||
46.78.0.0/15
|
46.78.0.0/15
|
||||||
46.80.0.0/12
|
46.80.0.0/12
|
||||||
5.10.208.0/24
|
|
||||||
5.10.209.0/24
|
|
||||||
5.10.220.0/24
|
|
||||||
5.133.112.0/24
|
5.133.112.0/24
|
||||||
5.249.188.0/22
|
5.249.188.0/22
|
||||||
5.35.192.0/21
|
5.35.192.0/21
|
||||||
|
@ -503,14 +477,11 @@
|
||||||
64.137.119.0/24
|
64.137.119.0/24
|
||||||
64.137.125.0/24
|
64.137.125.0/24
|
||||||
64.137.127.0/24
|
64.137.127.0/24
|
||||||
77.242.149.0/24
|
|
||||||
77.47.152.0/22
|
77.47.152.0/22
|
||||||
77.83.136.0/23
|
77.83.136.0/23
|
||||||
77.83.138.0/23
|
77.83.138.0/23
|
||||||
77.83.32.0/22
|
|
||||||
77.90.156.0/24
|
77.90.156.0/24
|
||||||
77.90.184.0/24
|
77.90.184.0/24
|
||||||
79.139.52.0/22
|
|
||||||
79.192.0.0/10
|
79.192.0.0/10
|
||||||
80.128.0.0/11
|
80.128.0.0/11
|
||||||
80.128.0.0/12
|
80.128.0.0/12
|
||||||
|
@ -522,38 +493,47 @@
|
||||||
80.157.8.0/21
|
80.157.8.0/21
|
||||||
80.187.0.0/16
|
80.187.0.0/16
|
||||||
80.187.160.0/20
|
80.187.160.0/20
|
||||||
|
80.244.13.0/24
|
||||||
80.64.240.0/22
|
80.64.240.0/22
|
||||||
80.71.231.0/24
|
80.71.231.0/24
|
||||||
80.71.233.0/24
|
80.71.233.0/24
|
||||||
80.71.235.0/24
|
80.71.235.0/24
|
||||||
80.71.236.0/24
|
80.71.236.0/24
|
||||||
80.71.238.0/24
|
80.71.238.0/24
|
||||||
|
80.83.80.0/21
|
||||||
81.201.32.0/20
|
81.201.32.0/20
|
||||||
81.30.96.0/20
|
81.31.210.0/23
|
||||||
82.152.178.0/24
|
82.163.104.0/21
|
||||||
82.163.60.0/22
|
82.163.60.0/22
|
||||||
82.206.32.0/21
|
82.206.32.0/21
|
||||||
82.206.40.0/21
|
82.206.40.0/21
|
||||||
|
82.206.48.0/21
|
||||||
82.215.70.0/24
|
82.215.70.0/24
|
||||||
83.136.208.0/22
|
|
||||||
83.147.36.0/22
|
|
||||||
83.243.48.0/21
|
83.243.48.0/21
|
||||||
84.128.0.0/10
|
84.128.0.0/10
|
||||||
84.234.16.0/20
|
|
||||||
84.246.108.0/24
|
84.246.108.0/24
|
||||||
84.32.108.0/22
|
84.32.108.0/22
|
||||||
84.32.48.0/22
|
84.32.48.0/22
|
||||||
|
84.55.0.0/24
|
||||||
|
84.55.1.0/24
|
||||||
|
84.55.2.0/24
|
||||||
|
84.55.3.0/24
|
||||||
|
84.55.4.0/24
|
||||||
|
84.55.5.0/24
|
||||||
|
84.55.6.0/24
|
||||||
|
84.55.7.0/24
|
||||||
85.116.28.0/24
|
85.116.28.0/24
|
||||||
85.116.29.0/24
|
85.116.29.0/24
|
||||||
85.116.30.0/24
|
85.116.30.0/24
|
||||||
85.116.31.0/24
|
85.116.31.0/24
|
||||||
85.119.160.0/23
|
85.119.160.0/23
|
||||||
85.204.160.0/22
|
85.204.181.0/24
|
||||||
85.208.248.0/24
|
85.208.248.0/24
|
||||||
85.208.249.0/24
|
85.208.249.0/24
|
||||||
85.208.250.0/24
|
85.208.250.0/24
|
||||||
85.208.251.0/24
|
85.208.251.0/24
|
||||||
85.237.76.0/22
|
86.105.211.0/24
|
||||||
|
86.107.164.0/24
|
||||||
86.38.248.0/21
|
86.38.248.0/21
|
||||||
86.38.37.0/24
|
86.38.37.0/24
|
||||||
87.128.0.0/10
|
87.128.0.0/10
|
||||||
|
@ -564,10 +544,40 @@
|
||||||
88.216.60.0/22
|
88.216.60.0/22
|
||||||
89.116.64.0/22
|
89.116.64.0/22
|
||||||
89.213.186.0/23
|
89.213.186.0/23
|
||||||
89.35.127.0/24
|
89.39.97.0/24
|
||||||
89.43.34.0/24
|
89.43.34.0/24
|
||||||
91.0.0.0/10
|
91.0.0.0/10
|
||||||
91.103.240.0/21
|
91.103.240.0/21
|
||||||
|
91.124.135.0/24
|
||||||
|
91.124.19.0/24
|
||||||
|
91.124.20.0/24
|
||||||
|
91.124.21.0/24
|
||||||
|
91.124.22.0/24
|
||||||
|
91.124.23.0/24
|
||||||
|
91.124.24.0/24
|
||||||
|
91.124.26.0/24
|
||||||
|
91.124.27.0/24
|
||||||
|
91.124.28.0/24
|
||||||
|
91.124.31.0/24
|
||||||
|
91.124.32.0/24
|
||||||
|
91.124.33.0/24
|
||||||
|
91.124.34.0/24
|
||||||
|
91.124.36.0/24
|
||||||
|
91.124.37.0/24
|
||||||
|
91.124.38.0/24
|
||||||
|
91.124.39.0/24
|
||||||
|
91.124.40.0/24
|
||||||
|
91.124.41.0/24
|
||||||
|
91.124.42.0/24
|
||||||
|
91.124.43.0/24
|
||||||
|
91.124.44.0/24
|
||||||
|
91.124.45.0/24
|
||||||
|
91.124.46.0/24
|
||||||
|
91.124.47.0/24
|
||||||
|
91.124.50.0/24
|
||||||
|
91.124.51.0/24
|
||||||
|
91.124.6.0/24
|
||||||
|
91.124.7.0/24
|
||||||
91.189.192.0/21
|
91.189.192.0/21
|
||||||
91.194.232.0/23
|
91.194.232.0/23
|
||||||
91.198.113.0/24
|
91.198.113.0/24
|
||||||
|
@ -592,19 +602,40 @@
|
||||||
91.216.242.0/24
|
91.216.242.0/24
|
||||||
91.216.45.0/24
|
91.216.45.0/24
|
||||||
91.217.214.0/24
|
91.217.214.0/24
|
||||||
|
91.221.12.0/23
|
||||||
91.222.232.0/22
|
91.222.232.0/22
|
||||||
91.227.98.0/23
|
91.227.98.0/23
|
||||||
91.232.136.0/22
|
|
||||||
91.232.54.0/24
|
91.232.54.0/24
|
||||||
|
92.112.128.0/24
|
||||||
|
92.112.155.0/24
|
||||||
|
92.112.157.0/24
|
||||||
|
92.112.16.0/22
|
||||||
|
92.112.160.0/24
|
||||||
|
92.112.162.0/24
|
||||||
|
92.112.165.0/24
|
||||||
|
92.112.167.0/24
|
||||||
|
92.112.20.0/22
|
||||||
|
92.112.48.0/24
|
||||||
|
92.112.49.0/24
|
||||||
|
92.112.52.0/24
|
||||||
|
92.112.54.0/24
|
||||||
|
92.112.59.0/24
|
||||||
|
92.112.63.0/24
|
||||||
|
92.112.64.0/24
|
||||||
|
92.112.67.0/24
|
||||||
|
92.112.79.0/24
|
||||||
|
92.112.81.0/24
|
||||||
|
92.112.83.0/24
|
||||||
|
92.112.94.0/24
|
||||||
92.114.44.0/22
|
92.114.44.0/22
|
||||||
92.119.164.0/22
|
92.119.164.0/22
|
||||||
92.119.208.0/24
|
92.119.208.0/24
|
||||||
92.119.209.0/24
|
92.119.209.0/24
|
||||||
92.119.210.0/24
|
92.119.210.0/24
|
||||||
92.119.211.0/24
|
92.119.211.0/24
|
||||||
93.119.184.0/21
|
93.113.70.0/24
|
||||||
|
93.119.201.0/24
|
||||||
93.192.0.0/10
|
93.192.0.0/10
|
||||||
93.95.119.0/24
|
|
||||||
94.126.98.0/24
|
94.126.98.0/24
|
||||||
94.26.110.0/23
|
94.26.110.0/23
|
||||||
94.26.64.0/23
|
94.26.64.0/23
|
||||||
|
@ -620,7 +651,6 @@
|
||||||
2001:678:b38::/48
|
2001:678:b38::/48
|
||||||
2001:678:bdc::/48
|
2001:678:bdc::/48
|
||||||
2001:678:d4c::/48
|
2001:678:d4c::/48
|
||||||
2001:678:e9c::/48
|
|
||||||
2001:678:ff0::/48
|
2001:678:ff0::/48
|
||||||
2001:67c:11a4::/48
|
2001:67c:11a4::/48
|
||||||
2001:67c:14c4::/48
|
2001:67c:14c4::/48
|
||||||
|
@ -641,6 +671,7 @@
|
||||||
2001:67c:b80::/48
|
2001:67c:b80::/48
|
||||||
2001:67c:c84::/48
|
2001:67c:c84::/48
|
||||||
2001:67c:c9c::/48
|
2001:67c:c9c::/48
|
||||||
|
2001:67c:ec0::/48
|
||||||
2003:3c0::/28
|
2003:3c0::/28
|
||||||
2003:3e0::/28
|
2003:3e0::/28
|
||||||
2003:8:1800::/48
|
2003:8:1800::/48
|
||||||
|
@ -663,6 +694,8 @@
|
||||||
2003::/19
|
2003::/19
|
||||||
2003::/20
|
2003::/20
|
||||||
2003::/23
|
2003::/23
|
||||||
|
2a00:5c60:3::/48
|
||||||
|
2a00:5c60:a::/48
|
||||||
2a00:6680::/46
|
2a00:6680::/46
|
||||||
2a01:598::/29
|
2a01:598::/29
|
||||||
2a01:8fa0::/32
|
2a01:8fa0::/32
|
||||||
|
@ -694,8 +727,11 @@
|
||||||
2a0d:480::/29
|
2a0d:480::/29
|
||||||
2a0d:480::/30
|
2a0d:480::/30
|
||||||
2a0d:484::/30
|
2a0d:484::/30
|
||||||
|
2a0e:cbc4::/32
|
||||||
|
2a0e:cbc5::/32
|
||||||
|
2a0e:cbc6::/32
|
||||||
|
2a0e:cbc7::/32
|
||||||
2a0e:eb40::/32
|
2a0e:eb40::/32
|
||||||
2a0f:15c0::/32
|
|
||||||
2a10:cd80::/29
|
2a10:cd80::/29
|
||||||
2a11:7400:d1::/48
|
2a11:7400:d1::/48
|
||||||
2a12:6900:1000::/40
|
2a12:6900:1000::/40
|
||||||
|
|
|
@ -1,19 +1,13 @@
|
||||||
104.151.0.0/17
|
104.151.0.0/17
|
||||||
109.250.0.0/16
|
109.250.0.0/16
|
||||||
109.250.0.0/20
|
109.250.0.0/18
|
||||||
109.250.128.0/19
|
109.250.128.0/19
|
||||||
109.250.16.0/20
|
|
||||||
109.250.160.0/19
|
109.250.160.0/19
|
||||||
109.250.192.0/19
|
109.250.192.0/19
|
||||||
109.250.224.0/19
|
109.250.224.0/19
|
||||||
109.250.32.0/19
|
109.250.64.0/18
|
||||||
109.250.64.0/19
|
|
||||||
109.250.80.0/22
|
|
||||||
109.250.84.0/22
|
|
||||||
109.250.88.0/22
|
|
||||||
109.250.92.0/22
|
|
||||||
109.250.96.0/19
|
|
||||||
134.101.0.0/21
|
134.101.0.0/21
|
||||||
|
14.102.90.0/24
|
||||||
143.58.64.0/18
|
143.58.64.0/18
|
||||||
149.233.32.0/19
|
149.233.32.0/19
|
||||||
153.94.0.0/20
|
153.94.0.0/20
|
||||||
|
@ -35,6 +29,7 @@
|
||||||
185.151.201.0/24
|
185.151.201.0/24
|
||||||
185.151.203.0/24
|
185.151.203.0/24
|
||||||
185.158.48.0/22
|
185.158.48.0/22
|
||||||
|
185.187.122.0/24
|
||||||
185.199.205.0/24
|
185.199.205.0/24
|
||||||
185.235.232.0/22
|
185.235.232.0/22
|
||||||
185.8.230.0/23
|
185.8.230.0/23
|
||||||
|
@ -45,13 +40,13 @@
|
||||||
192.166.84.0/22
|
192.166.84.0/22
|
||||||
192.166.87.0/24
|
192.166.87.0/24
|
||||||
192.166.88.0/21
|
192.166.88.0/21
|
||||||
|
192.189.14.0/24
|
||||||
193.101.4.0/23
|
193.101.4.0/23
|
||||||
193.101.5.0/24
|
193.102.10.0/24
|
||||||
193.111.212.0/22
|
193.111.212.0/22
|
||||||
193.111.212.0/24
|
193.111.212.0/24
|
||||||
193.163.13.0/24
|
193.163.13.0/24
|
||||||
193.163.13.0/25
|
193.17.225.0/24
|
||||||
193.163.13.128/25
|
|
||||||
193.219.15.0/24
|
193.219.15.0/24
|
||||||
193.22.120.0/21
|
193.22.120.0/21
|
||||||
193.22.120.0/24
|
193.22.120.0/24
|
||||||
|
@ -92,7 +87,7 @@
|
||||||
194.127.144.0/21
|
194.127.144.0/21
|
||||||
194.127.203.0/24
|
194.127.203.0/24
|
||||||
194.139.55.0/24
|
194.139.55.0/24
|
||||||
194.145.230.0/24
|
194.145.218.0/23
|
||||||
194.156.216.0/21
|
194.156.216.0/21
|
||||||
194.156.232.0/23
|
194.156.232.0/23
|
||||||
194.156.233.0/24
|
194.156.233.0/24
|
||||||
|
@ -115,24 +110,23 @@
|
||||||
194.99.0.0/21
|
194.99.0.0/21
|
||||||
195.149.80.0/23
|
195.149.80.0/23
|
||||||
195.167.208.0/20
|
195.167.208.0/20
|
||||||
195.191.20.0/23
|
|
||||||
195.202.32.0/19
|
195.202.32.0/19
|
||||||
195.226.160.0/19
|
195.226.160.0/19
|
||||||
195.226.96.0/19
|
195.226.96.0/19
|
||||||
195.234.139.0/24
|
195.234.139.0/24
|
||||||
195.238.233.0/24
|
195.238.233.0/24
|
||||||
195.244.10.0/23
|
195.238.238.0/24
|
||||||
195.64.176.0/23
|
195.64.176.0/23
|
||||||
195.93.158.0/23
|
195.93.158.0/23
|
||||||
202.71.128.0/20
|
202.71.128.0/20
|
||||||
|
202.71.141.0/24
|
||||||
212.204.0.0/19
|
212.204.0.0/19
|
||||||
212.7.128.0/19
|
212.7.128.0/19
|
||||||
212.8.0.0/19
|
212.8.0.0/19
|
||||||
212.80.224.0/19
|
212.80.224.0/19
|
||||||
212.80.224.0/20
|
|
||||||
212.80.240.0/20
|
|
||||||
212.93.0.0/19
|
212.93.0.0/19
|
||||||
213.138.32.0/19
|
213.138.32.0/19
|
||||||
|
213.138.35.0/24
|
||||||
213.139.128.0/19
|
213.139.128.0/19
|
||||||
213.182.128.0/19
|
213.182.128.0/19
|
||||||
213.30.192.0/18
|
213.30.192.0/18
|
||||||
|
@ -149,307 +143,155 @@
|
||||||
45.13.15.0/24
|
45.13.15.0/24
|
||||||
46.142.0.0/16
|
46.142.0.0/16
|
||||||
46.142.0.0/19
|
46.142.0.0/19
|
||||||
46.142.112.0/20
|
|
||||||
46.142.128.0/19
|
46.142.128.0/19
|
||||||
46.142.160.0/19
|
46.142.160.0/19
|
||||||
46.142.194.0/24
|
|
||||||
46.142.214.0/24
|
46.142.214.0/24
|
||||||
46.142.224.0/19
|
46.142.224.0/19
|
||||||
46.142.32.0/20
|
46.142.32.0/19
|
||||||
46.142.48.0/20
|
|
||||||
46.142.64.0/19
|
46.142.64.0/19
|
||||||
|
46.142.96.0/19
|
||||||
46.142.96.0/20
|
46.142.96.0/20
|
||||||
46.189.0.0/17
|
46.189.0.0/17
|
||||||
46.189.116.0/24
|
|
||||||
61.8.128.0/19
|
61.8.128.0/19
|
||||||
|
61.8.128.0/22
|
||||||
|
61.8.132.0/22
|
||||||
|
61.8.136.0/22
|
||||||
|
61.8.144.0/22
|
||||||
|
61.8.152.0/22
|
||||||
|
61.8.156.0/24
|
||||||
|
61.8.157.0/24
|
||||||
62.214.0.0/16
|
62.214.0.0/16
|
||||||
62.214.213.0/24
|
|
||||||
62.214.224.0/19
|
62.214.224.0/19
|
||||||
62.217.32.0/19
|
62.217.32.0/19
|
||||||
62.220.0.0/19
|
62.220.0.0/19
|
||||||
62.68.82.0/24
|
62.68.82.0/24
|
||||||
62.72.64.0/19
|
62.72.64.0/19
|
||||||
62.72.88.0/22
|
62.72.70.0/24
|
||||||
62.72.92.0/23
|
|
||||||
62.72.94.0/24
|
|
||||||
77.74.136.0/21
|
77.74.136.0/21
|
||||||
77.87.190.0/24
|
77.87.190.0/24
|
||||||
|
80.241.192.0/20
|
||||||
80.242.160.0/19
|
80.242.160.0/19
|
||||||
82.119.160.0/19
|
82.119.160.0/19
|
||||||
82.140.0.0/18
|
82.140.0.0/18
|
||||||
82.140.2.0/23
|
82.140.48.0/20
|
||||||
82.140.2.0/24
|
|
||||||
82.140.3.0/24
|
|
||||||
82.140.48.0/21
|
|
||||||
82.144.32.0/19
|
82.144.32.0/19
|
||||||
82.144.34.0/24
|
|
||||||
82.144.35.0/24
|
|
||||||
82.144.36.0/24
|
|
||||||
82.144.37.0/24
|
|
||||||
82.145.0.0/19
|
82.145.0.0/19
|
||||||
82.194.96.0/19
|
82.194.96.0/19
|
||||||
82.207.128.0/17
|
82.207.128.0/17
|
||||||
82.207.192.0/19
|
82.207.192.0/19
|
||||||
82.207.224.0/21
|
|
||||||
82.207.232.0/22
|
|
||||||
82.207.236.0/24
|
|
||||||
82.207.240.0/20
|
|
||||||
82.207.244.0/24
|
|
||||||
82.207.245.0/24
|
|
||||||
82.207.246.0/24
|
|
||||||
82.207.247.0/24
|
|
||||||
82.207.248.0/24
|
|
||||||
82.207.249.0/24
|
|
||||||
82.207.250.0/24
|
|
||||||
82.207.251.0/24
|
|
||||||
82.207.252.0/24
|
|
||||||
82.207.253.0/24
|
|
||||||
82.207.254.0/24
|
|
||||||
82.207.255.0/24
|
|
||||||
83.135.0.0/16
|
83.135.0.0/16
|
||||||
83.135.0.0/22
|
83.135.0.0/20
|
||||||
83.135.112.0/20
|
83.135.112.0/20
|
||||||
83.135.128.0/19
|
83.135.128.0/19
|
||||||
83.135.16.0/22
|
|
||||||
83.135.160.0/21
|
83.135.160.0/21
|
||||||
83.135.164.0/22
|
|
||||||
83.135.168.0/21
|
83.135.168.0/21
|
||||||
83.135.176.0/22
|
83.135.176.0/22
|
||||||
83.135.180.0/22
|
|
||||||
83.135.184.0/21
|
83.135.184.0/21
|
||||||
83.135.192.0/20
|
83.135.192.0/20
|
||||||
83.135.20.0/24
|
|
||||||
83.135.208.0/20
|
83.135.208.0/20
|
||||||
83.135.21.0/24
|
|
||||||
83.135.22.0/24
|
|
||||||
83.135.224.0/22
|
83.135.224.0/22
|
||||||
83.135.23.0/24
|
|
||||||
83.135.230.0/23
|
|
||||||
83.135.232.0/21
|
83.135.232.0/21
|
||||||
83.135.24.0/24
|
|
||||||
83.135.240.0/22
|
83.135.240.0/22
|
||||||
83.135.244.0/24
|
|
||||||
83.135.245.0/24
|
|
||||||
83.135.248.0/24
|
|
||||||
83.135.249.0/24
|
|
||||||
83.135.25.0/24
|
|
||||||
83.135.250.0/24
|
|
||||||
83.135.251.0/24
|
|
||||||
83.135.252.0/24
|
|
||||||
83.135.253.0/24
|
|
||||||
83.135.254.0/24
|
|
||||||
83.135.255.0/24
|
|
||||||
83.135.26.0/24
|
|
||||||
83.135.27.0/24
|
|
||||||
83.135.28.0/24
|
|
||||||
83.135.29.0/24
|
|
||||||
83.135.30.0/24
|
|
||||||
83.135.31.0/24
|
|
||||||
83.135.32.0/19
|
|
||||||
83.135.4.0/22
|
|
||||||
83.135.64.0/19
|
83.135.64.0/19
|
||||||
83.135.8.0/21
|
|
||||||
83.135.96.0/20
|
83.135.96.0/20
|
||||||
84.19.192.0/19
|
84.19.192.0/19
|
||||||
84.19.192.0/20
|
|
||||||
84.19.208.0/20
|
|
||||||
87.122.0.0/15
|
87.122.0.0/15
|
||||||
87.122.0.0/16
|
|
||||||
87.122.0.0/20
|
87.122.0.0/20
|
||||||
87.122.128.0/21
|
87.122.128.0/21
|
||||||
87.122.136.0/22
|
|
||||||
87.122.144.0/20
|
87.122.144.0/20
|
||||||
87.122.16.0/20
|
87.122.16.0/20
|
||||||
87.122.160.0/20
|
87.122.160.0/20
|
||||||
87.122.176.0/21
|
87.122.176.0/21
|
||||||
87.122.184.0/24
|
|
||||||
87.122.185.0/24
|
|
||||||
87.122.186.0/24
|
|
||||||
87.122.187.0/24
|
|
||||||
87.122.188.0/24
|
|
||||||
87.122.189.0/24
|
|
||||||
87.122.190.0/24
|
|
||||||
87.122.191.0/24
|
|
||||||
87.122.192.0/19
|
87.122.192.0/19
|
||||||
87.122.224.0/19
|
87.122.224.0/19
|
||||||
87.122.32.0/19
|
87.122.32.0/19
|
||||||
87.122.64.0/19
|
87.122.64.0/19
|
||||||
87.122.96.0/19
|
87.122.96.0/19
|
||||||
87.123.0.0/16
|
|
||||||
87.123.0.0/19
|
87.123.0.0/19
|
||||||
87.123.112.0/20
|
|
||||||
87.123.128.0/19
|
87.123.128.0/19
|
||||||
87.123.160.0/20
|
87.123.160.0/20
|
||||||
87.123.176.0/20
|
87.123.176.0/20
|
||||||
87.123.192.0/20
|
87.123.194.0/24
|
||||||
87.123.208.0/22
|
87.123.196.0/24
|
||||||
|
87.123.203.0/24
|
||||||
87.123.216.0/21
|
87.123.216.0/21
|
||||||
87.123.224.0/20
|
87.123.224.0/20
|
||||||
87.123.240.0/22
|
87.123.240.0/21
|
||||||
87.123.244.0/22
|
|
||||||
87.123.248.0/22
|
|
||||||
87.123.252.0/24
|
|
||||||
87.123.253.0/24
|
|
||||||
87.123.254.0/24
|
|
||||||
87.123.255.0/24
|
|
||||||
87.123.32.0/19
|
87.123.32.0/19
|
||||||
87.123.64.0/20
|
87.123.64.0/20
|
||||||
87.123.80.0/20
|
87.123.80.0/20
|
||||||
87.123.96.0/19
|
87.123.96.0/19
|
||||||
87.123.96.0/20
|
|
||||||
88.130.0.0/16
|
88.130.0.0/16
|
||||||
88.130.0.0/19
|
|
||||||
88.130.130.0/23
|
|
||||||
88.130.132.0/22
|
|
||||||
88.130.136.0/21
|
88.130.136.0/21
|
||||||
88.130.144.0/21
|
88.130.144.0/20
|
||||||
88.130.152.0/24
|
|
||||||
88.130.153.0/24
|
|
||||||
88.130.154.0/24
|
|
||||||
88.130.155.0/24
|
|
||||||
88.130.156.0/22
|
|
||||||
88.130.156.0/24
|
|
||||||
88.130.157.0/24
|
|
||||||
88.130.158.0/24
|
|
||||||
88.130.159.0/24
|
|
||||||
88.130.160.0/21
|
|
||||||
88.130.172.0/22
|
|
||||||
88.130.176.0/21
|
88.130.176.0/21
|
||||||
88.130.180.0/24
|
88.130.192.0/23
|
||||||
88.130.181.0/24
|
88.130.194.0/23
|
||||||
88.130.182.0/24
|
|
||||||
88.130.183.0/24
|
|
||||||
88.130.184.0/24
|
|
||||||
88.130.185.0/24
|
|
||||||
88.130.186.0/24
|
|
||||||
88.130.187.0/24
|
|
||||||
88.130.188.0/24
|
|
||||||
88.130.189.0/24
|
|
||||||
88.130.190.0/24
|
|
||||||
88.130.191.0/24
|
|
||||||
88.130.192.0/21
|
|
||||||
88.130.200.0/21
|
|
||||||
88.130.208.0/21
|
|
||||||
88.130.216.0/21
|
88.130.216.0/21
|
||||||
88.130.216.0/22
|
|
||||||
88.130.220.0/24
|
|
||||||
88.130.221.0/24
|
|
||||||
88.130.222.0/24
|
|
||||||
88.130.223.0/24
|
|
||||||
88.130.32.0/20
|
|
||||||
88.130.48.0/24
|
88.130.48.0/24
|
||||||
88.130.49.0/24
|
88.130.49.0/24
|
||||||
88.130.50.0/24
|
88.130.50.0/24
|
||||||
88.130.51.0/24
|
|
||||||
88.130.52.0/24
|
88.130.52.0/24
|
||||||
88.130.53.0/24
|
88.130.53.0/24
|
||||||
88.130.54.0/24
|
88.130.54.0/23
|
||||||
88.130.55.0/24
|
|
||||||
88.130.56.0/24
|
88.130.56.0/24
|
||||||
88.130.57.0/24
|
88.130.57.0/24
|
||||||
88.130.58.0/24
|
88.130.58.0/24
|
||||||
88.130.59.0/24
|
88.130.59.0/24
|
||||||
88.130.60.0/24
|
|
||||||
88.130.61.0/24
|
88.130.61.0/24
|
||||||
88.130.62.0/24
|
|
||||||
88.130.63.0/24
|
88.130.63.0/24
|
||||||
88.130.64.0/19
|
88.130.64.0/19
|
||||||
88.130.96.0/19
|
88.130.96.0/19
|
||||||
|
89.207.200.0/21
|
||||||
89.244.0.0/14
|
89.244.0.0/14
|
||||||
89.244.0.0/16
|
|
||||||
89.244.112.0/21
|
|
||||||
89.244.120.0/21
|
89.244.120.0/21
|
||||||
89.244.120.0/22
|
|
||||||
89.244.124.0/24
|
|
||||||
89.244.126.0/24
|
|
||||||
89.244.127.0/24
|
|
||||||
89.244.160.0/21
|
89.244.160.0/21
|
||||||
89.244.164.0/22
|
|
||||||
89.244.168.0/21
|
|
||||||
89.244.176.0/20
|
89.244.176.0/20
|
||||||
89.244.192.0/19
|
89.244.192.0/19
|
||||||
89.244.224.0/20
|
89.244.224.0/20
|
||||||
89.244.240.0/20
|
89.244.76.0/24
|
||||||
89.244.64.0/21
|
89.244.78.0/23
|
||||||
89.244.72.0/22
|
|
||||||
89.244.80.0/20
|
89.244.80.0/20
|
||||||
89.244.96.0/20
|
89.244.96.0/22
|
||||||
89.245.0.0/16
|
|
||||||
89.245.0.0/20
|
89.245.0.0/20
|
||||||
|
89.245.112.0/20
|
||||||
|
89.245.158.0/24
|
||||||
|
89.245.159.0/24
|
||||||
89.245.16.0/20
|
89.245.16.0/20
|
||||||
89.245.160.0/20
|
89.245.160.0/20
|
||||||
89.245.176.0/21
|
89.245.176.0/21
|
||||||
89.245.184.0/24
|
|
||||||
89.245.185.0/24
|
|
||||||
89.245.186.0/24
|
|
||||||
89.245.187.0/24
|
|
||||||
89.245.188.0/24
|
|
||||||
89.245.189.0/24
|
|
||||||
89.245.190.0/24
|
|
||||||
89.245.191.0/24
|
|
||||||
89.245.192.0/19
|
89.245.192.0/19
|
||||||
89.245.224.0/19
|
89.245.224.0/19
|
||||||
89.245.32.0/19
|
89.245.32.0/19
|
||||||
89.245.32.0/20
|
89.245.64.0/19
|
||||||
89.245.64.0/20
|
|
||||||
89.245.80.0/20
|
|
||||||
89.245.96.0/20
|
89.245.96.0/20
|
||||||
89.246.0.0/16
|
|
||||||
89.246.0.0/19
|
89.246.0.0/19
|
||||||
89.246.104.0/23
|
|
||||||
89.246.106.0/24
|
|
||||||
89.246.107.0/24
|
|
||||||
89.246.108.0/24
|
|
||||||
89.246.109.0/24
|
|
||||||
89.246.110.0/24
|
|
||||||
89.246.111.0/24
|
|
||||||
89.246.112.0/22
|
89.246.112.0/22
|
||||||
89.246.116.0/22
|
|
||||||
89.246.120.0/24
|
|
||||||
89.246.121.0/24
|
|
||||||
89.246.122.0/24
|
89.246.122.0/24
|
||||||
89.246.123.0/24
|
|
||||||
89.246.124.0/22
|
89.246.124.0/22
|
||||||
89.246.160.0/20
|
|
||||||
89.246.160.0/21
|
89.246.160.0/21
|
||||||
89.246.176.0/22
|
|
||||||
89.246.180.0/22
|
|
||||||
89.246.184.0/21
|
89.246.184.0/21
|
||||||
89.246.192.0/19
|
89.246.192.0/19
|
||||||
89.246.32.0/20
|
89.246.32.0/19
|
||||||
89.246.48.0/21
|
|
||||||
89.246.56.0/21
|
|
||||||
89.246.96.0/21
|
89.246.96.0/21
|
||||||
89.247.0.0/16
|
|
||||||
89.247.0.0/19
|
89.247.0.0/19
|
||||||
89.247.112.0/21
|
89.247.112.0/21
|
||||||
|
89.247.112.0/22
|
||||||
89.247.120.0/22
|
89.247.120.0/22
|
||||||
89.247.124.0/24
|
|
||||||
89.247.125.0/24
|
|
||||||
89.247.126.0/24
|
|
||||||
89.247.127.0/24
|
|
||||||
89.247.144.0/20
|
89.247.144.0/20
|
||||||
89.247.160.0/20
|
89.247.160.0/20
|
||||||
|
89.247.179.0/24
|
||||||
89.247.192.0/20
|
89.247.192.0/20
|
||||||
89.247.208.0/21
|
|
||||||
89.247.216.0/22
|
89.247.216.0/22
|
||||||
89.247.224.0/21
|
89.247.228.0/22
|
||||||
89.247.232.0/21
|
89.247.232.0/21
|
||||||
89.247.232.0/22
|
|
||||||
89.247.236.0/22
|
89.247.236.0/22
|
||||||
89.247.240.0/21
|
89.247.252.0/22
|
||||||
89.247.240.0/22
|
|
||||||
89.247.252.0/24
|
|
||||||
89.247.253.0/24
|
|
||||||
89.247.254.0/24
|
|
||||||
89.247.255.0/24
|
|
||||||
89.247.32.0/19
|
89.247.32.0/19
|
||||||
89.247.32.0/20
|
89.247.32.0/20
|
||||||
89.247.64.0/20
|
89.247.64.0/20
|
||||||
89.247.80.0/20
|
89.247.80.0/20
|
||||||
89.247.96.0/20
|
|
||||||
89.27.128.0/17
|
89.27.128.0/17
|
||||||
89.27.153.0/24
|
|
||||||
91.194.180.0/23
|
91.194.180.0/23
|
||||||
91.198.67.0/24
|
91.198.67.0/24
|
||||||
91.199.158.0/24
|
91.199.158.0/24
|
||||||
|
@ -468,8 +310,7 @@
|
||||||
92.116.120.0/21
|
92.116.120.0/21
|
||||||
92.116.128.0/18
|
92.116.128.0/18
|
||||||
92.116.16.0/20
|
92.116.16.0/20
|
||||||
92.116.192.0/19
|
92.116.192.0/18
|
||||||
92.116.224.0/19
|
|
||||||
92.116.32.0/19
|
92.116.32.0/19
|
||||||
92.116.64.0/18
|
92.116.64.0/18
|
||||||
92.116.96.0/19
|
92.116.96.0/19
|
||||||
|
@ -483,67 +324,34 @@
|
||||||
92.117.240.0/21
|
92.117.240.0/21
|
||||||
92.117.248.0/21
|
92.117.248.0/21
|
||||||
92.117.64.0/19
|
92.117.64.0/19
|
||||||
|
92.117.96.0/19
|
||||||
94.134.0.0/15
|
94.134.0.0/15
|
||||||
94.134.0.0/18
|
94.134.0.0/18
|
||||||
94.134.100.0/22
|
94.134.112.0/22
|
||||||
94.134.112.0/21
|
|
||||||
94.134.120.0/24
|
|
||||||
94.134.121.0/24
|
|
||||||
94.134.122.0/24
|
|
||||||
94.134.123.0/24
|
|
||||||
94.134.124.0/24
|
|
||||||
94.134.125.0/24
|
|
||||||
94.134.126.0/24
|
|
||||||
94.134.127.0/24
|
|
||||||
94.134.128.0/20
|
|
||||||
94.134.144.0/20
|
94.134.144.0/20
|
||||||
94.134.160.0/21
|
94.134.160.0/21
|
||||||
94.134.168.0/22
|
94.134.168.0/22
|
||||||
94.134.172.0/22
|
94.134.172.0/22
|
||||||
94.134.176.0/20
|
|
||||||
94.134.176.0/21
|
94.134.176.0/21
|
||||||
94.134.192.0/20
|
94.134.192.0/22
|
||||||
94.134.208.0/21
|
|
||||||
94.134.216.0/21
|
94.134.216.0/21
|
||||||
94.134.224.0/19
|
94.134.64.0/22
|
||||||
94.134.64.0/20
|
94.134.68.0/22
|
||||||
94.134.80.0/22
|
94.134.80.0/22
|
||||||
94.134.84.0/24
|
94.134.88.0/22
|
||||||
94.134.85.0/24
|
94.134.94.0/23
|
||||||
94.134.86.0/24
|
|
||||||
94.134.87.0/24
|
|
||||||
94.134.88.0/24
|
|
||||||
94.134.89.0/24
|
|
||||||
94.134.90.0/24
|
|
||||||
94.134.91.0/24
|
|
||||||
94.134.92.0/24
|
|
||||||
94.134.93.0/24
|
|
||||||
94.134.94.0/24
|
|
||||||
94.134.95.0/24
|
|
||||||
94.134.96.0/20
|
94.134.96.0/20
|
||||||
94.134.96.0/22
|
|
||||||
2001:1438:1000::/36
|
2001:1438:1000::/36
|
||||||
|
2001:1438:1:100::/56
|
||||||
|
2001:1438:1:200::/56
|
||||||
|
2001:1438:1:300::/56
|
||||||
|
2001:1438:1:400::/56
|
||||||
|
2001:1438:1:900::/56
|
||||||
|
2001:1438:1:a00::/56
|
||||||
2001:1438:2000::/36
|
2001:1438:2000::/36
|
||||||
2001:1438:3000::/36
|
2001:1438:3000::/36
|
||||||
2001:1438:4000::/36
|
2001:1438:4000::/36
|
||||||
2001:1438::/32
|
2001:1438::/32
|
||||||
2001:1438:f000::/36
|
|
||||||
2001:1438:fff:10::/64
|
|
||||||
2001:1438:fff:11::/64
|
|
||||||
2001:1438:fff:12::/64
|
|
||||||
2001:1438:fff:3::/64
|
|
||||||
2001:1438:fff:4::/64
|
|
||||||
2001:1438:fff:5::/64
|
|
||||||
2001:1438:fff:6::/64
|
|
||||||
2001:1438:fff:7::/64
|
|
||||||
2001:1438:fff:8::/64
|
|
||||||
2001:1438:fff:9::/64
|
|
||||||
2001:1438:fff:a::/64
|
|
||||||
2001:1438:fff:b::/64
|
|
||||||
2001:1438:fff:c::/64
|
|
||||||
2001:1438:fff:d::/64
|
|
||||||
2001:1438:fff:e::/64
|
|
||||||
2001:1438:fff:f::/64
|
|
||||||
2001:16b8:1000::/40
|
2001:16b8:1000::/40
|
||||||
2001:16b8:100::/40
|
2001:16b8:100::/40
|
||||||
2001:16b8:1100::/40
|
2001:16b8:1100::/40
|
||||||
|
@ -593,12 +401,14 @@
|
||||||
2001:16b8:a000::/35
|
2001:16b8:a000::/35
|
||||||
2001:16b8:a00::/40
|
2001:16b8:a00::/40
|
||||||
2001:16b8:b00::/40
|
2001:16b8:b00::/40
|
||||||
|
2001:16b8:c000::/35
|
||||||
2001:678:c74::/48
|
2001:678:c74::/48
|
||||||
2001:67c:27ac::/48
|
2001:67c:27ac::/48
|
||||||
2001:67c:2878::/48
|
2001:67c:2878::/48
|
||||||
2001:67c:2e8c::/48
|
2001:67c:2e8c::/48
|
||||||
2001:67c:660::/48
|
2001:67c:660::/48
|
||||||
2001:67c:888::/48
|
2001:67c:888::/48
|
||||||
|
2001:67c:ed8::/48
|
||||||
2001:7b0::/32
|
2001:7b0::/32
|
||||||
2001:9e8:2000::/35
|
2001:9e8:2000::/35
|
||||||
2001:9e8:4000::/35
|
2001:9e8:4000::/35
|
||||||
|
@ -615,10 +425,11 @@
|
||||||
2a00:fb8:4000::/35
|
2a00:fb8:4000::/35
|
||||||
2a00:fb8:6000::/35
|
2a00:fb8:6000::/35
|
||||||
2a00:fb8::/29
|
2a00:fb8::/29
|
||||||
2a00:fb8::/32
|
|
||||||
2a00:fb8::/35
|
2a00:fb8::/35
|
||||||
2a03:3fc0:2000::/48
|
2a03:3fc0:2000::/48
|
||||||
2a07:9400::/29
|
2a07:9400::/29
|
||||||
2a0a:ed40::/29
|
2a0a:ed40::/29
|
||||||
|
2a0b:9e80:1000::/36
|
||||||
2a0d:240::/29
|
2a0d:240::/29
|
||||||
2a0d:ad00::/29
|
2a0d:ad00::/29
|
||||||
|
2a11:d00::/32
|
||||||
|
|
62
data/apt/files/gpg-keys/docker.asc
Normal file
62
data/apt/files/gpg-keys/docker.asc
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
|
||||||
|
lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
|
||||||
|
38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq
|
||||||
|
L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7
|
||||||
|
UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N
|
||||||
|
cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht
|
||||||
|
ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo
|
||||||
|
vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD
|
||||||
|
G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ
|
||||||
|
XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj
|
||||||
|
q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB
|
||||||
|
tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3
|
||||||
|
BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO
|
||||||
|
v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd
|
||||||
|
tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk
|
||||||
|
jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m
|
||||||
|
6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P
|
||||||
|
XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc
|
||||||
|
FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8
|
||||||
|
g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm
|
||||||
|
ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh
|
||||||
|
9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5
|
||||||
|
G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW
|
||||||
|
FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB
|
||||||
|
EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF
|
||||||
|
M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx
|
||||||
|
Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu
|
||||||
|
w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk
|
||||||
|
z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8
|
||||||
|
eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb
|
||||||
|
VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa
|
||||||
|
1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X
|
||||||
|
zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ
|
||||||
|
pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7
|
||||||
|
ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ
|
||||||
|
BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY
|
||||||
|
1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp
|
||||||
|
YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI
|
||||||
|
mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES
|
||||||
|
KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7
|
||||||
|
JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ
|
||||||
|
cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0
|
||||||
|
6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5
|
||||||
|
U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z
|
||||||
|
VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f
|
||||||
|
irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk
|
||||||
|
SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz
|
||||||
|
QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W
|
||||||
|
9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw
|
||||||
|
24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe
|
||||||
|
dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y
|
||||||
|
Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR
|
||||||
|
H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh
|
||||||
|
/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ
|
||||||
|
M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S
|
||||||
|
xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O
|
||||||
|
jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
|
||||||
|
YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
|
||||||
|
=0YYh
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
|
@ -1,30 +1,29 @@
|
||||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
Version: GnuPG v2.0.19 (GNU/Linux)
|
|
||||||
|
|
||||||
mQGiBFKHzk4RBACSHMIFTtfw4ZsNKAA03Gf5t7ovsKWnS7kcMYleAidypqhOmkGg
|
mQINBGZMb30BEAC6c5P5lo5cLN2wX9+jA7TEEJ/NiiOM9VxBwB/c2PFd6AjdGBbe
|
||||||
0petiYsMPYT+MOepCJFGNzwQwJhZrdLUxxMSWay4Xj0ArgpD9vbvU+gj8Tb02l+x
|
28VcXWmFdETg1N3Woq08yNVXdxS1tMslyl9apmmyCiSC2OPMmTOveLzZ196IljYR
|
||||||
SqNGP8jXMV5UnK4gZsrYGLUPvx47uNNYRIRJAGOPYTvohhnFJiG402dzlwCg4u5I
|
DeZMF8C+rdzNKXZzn7+nEp9xRy34QUZRfx6pEnugMd0VK0d/ZKgMbcq2IvcRQwap
|
||||||
1RdFplkp9JM6vNM9VBIAmcED/2jr7UQGsPs8YOiPkskGHLh/zXgO8SvcNAxCLgbp
|
60+9t8ppesXhgaRBsAzvrj1twngqXP90JwzKGaR+iaGzrvvJn6cgXkw3MyXhskKY
|
||||||
BjGcF4Iso/A2TAI/2KGJW6kBW/Paf722ltU6s/6mutdXJppgNAz5nfpEt4uZKZyu
|
4J0c7TV6DmTOIfL6RmBp8+SSco8xXD/O/YIpG8LWe+sbMqSaq7jFvKCINWgK4RAt
|
||||||
oSWf77179B2B/Wl1BsX/Oc3chscAgQb2pD/qPF/VYRJU+hvdQkq1zfi6cVsxyREV
|
7mBRHvx81Y8IwV6B2wch/lSyYxKXTbE7uMefy3vyP9A9IFhMbFpc0EJA/4tHYEL4
|
||||||
k+IwA/46nXh51CQxE29ayuy1BoIOxezvuXFUXZ8rP6aCh4KaiN9AJoy7pBieCzsq
|
qPZyR44mizsxa+1h6AXO258ERtzL+FoksXnWTcQqBKjd6SHhLwN4BLsjrlWsJ6lD
|
||||||
d7rPEeGIzBjI+yhEu8p92W6KWzL0xduWfYg9I7a2GTk8CaLX2OCLuwnKd7RVDyyZ
|
VaSKsekEwMFTLvZiLxYXBLPU04dvGNgX7nbkFMEK6RxHqfMu+m6+0jPXzQ+ejuae
|
||||||
yzRjWs0T5U7SRAWspLStYxMdKert9lLyQiRHtLwmlgBPqa0gh7Q+SWNpbmdhIE9w
|
xoBBT61O7v5PPTqbZFBKnVzQPf7fBIHW5/AGAc+qAI459viwcCSlJ21RCzirFYc0
|
||||||
ZW4gU291cmNlIE1vbml0b3JpbmcgKEJ1aWxkIHNlcnZlcikgPGluZm9AaWNpbmdh
|
/KDuSoo61yyNcq4G271lbT5SNeMZNlDxKkiHjbCpIU6iEF7uK828F1ZGKOMRztok
|
||||||
Lm9yZz6IYAQTEQIAIAUCUofOTgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJ
|
bzE7j1IDIfDQ3P/zfq73Rr2S9FfHlXvEmLIuj5G4PO7p0IwUlCD1a9oY+QARAQAB
|
||||||
EMbjGcM0QQaCgSQAnRjXdbsyqziqhmxfAKffNJYuMPwdAKCS/IRCVyQzApFBtIBQ
|
tCxJY2luZ2EgR21iSCAoQnVpbGQgc2VydmVyKSA8aW5mb0BpY2luZ2EuY29tPokC
|
||||||
1xuoym/4C7kCDQRSh85OEAgAvPwjlURCi8z6+7i60no4n16dNcSzd6AT8Kizpv2r
|
TgQTAQoAOBYhBN069hmO0AC0wLc5VswRb1WqfyOCBQJmTG99AhsDBQsJCAcCBhUK
|
||||||
9BmNBff/GNYGnHyob/DMtmO2esEuVG8w62rO9m1wzzXzjbtmtU7NZ1Tg+C+reU2I
|
CQgLAgQWAgMBAh4BAheAAAoJEMwRb1WqfyOCGrIP/i/4fYEkdCi4nhQGMzSP0Eyh
|
||||||
GNVu3SYtEVK/UTJHAhLcgry9yD99610tYPN2Fx33Efse94mXOreBfCvDsmFGSc7j
|
UhJjsUP9mEqSQRqOAplvjYa1yBbrSPLfkRE0oAL/o+4eUKcAQFeDQtDXJ/D4xl3Q
|
||||||
GVNCWXpMR3jTYyGj1igYd5ztOzG63D8gPyOucTTl+RWN/G9EoGBv6sWqk5eCd1Fs
|
J5MehRJYzklrSs5XkEscb73HoDBUfFSgCVM2zK+JkCX0CPJ4ZLWtZGJ+8pCLpnkH
|
||||||
JlWyQX4BJn3YsCZx3uj1DWL0dAl2zqcn6m1M4oj1ozW47MqM/efKOcV6VvCs9SL8
|
nCPonbGc6sS+m2JsPRwxyxAhdXxWSAesXd8dUSW3MOQz9JlC4/idQcCFs03fdhuZ
|
||||||
F/NFvZcH4LKzeupCQ5jEONqcTlVlnLlIqId95Z4DI4AV9wADBQf/S6sKA4oH49tD
|
4jGMry08OihWVudTDK8nkwRZLzNoOivAQ3mIeaTcRMmgPJfYN4k0o90lXJWAbG+2
|
||||||
Yb5xAfUyEp5ben05TzUJbXs0Z7hfRQzy9+vQbWGamWLgg3QRUVPx1e4IT+W5vEm5
|
j8p7Pyjv71OctI8KUbS4+f2H8i6r5Pc4M4hlUQh6QAN9o1oPJrXxurdp0EXgQXSy
|
||||||
dggNTMEwlLMI7izCPDcD32B5oxNVxlfj428KGllYWCFj+edY+xKTvw/PHnn+drKs
|
rVH2MeguqprFJxGjdlTCSTYgQEmEXMixRAGzteEgCf/Qk9mPXoxFTNyNg4/Lkglb
|
||||||
LE65Gwx4BPHm9EqWHIBX6aPzbgbJZZ06f6jWVBi/N7e/5n8lkxXqS23DBKemapyu
|
Nj6dY6or6w+IsbdrcePqDAs+j9t5B97vU7Ldquloj85myQjkWPP8kjlsOlsXBkQ/
|
||||||
S1i56sH7mQSMaRZP/iiOroAJemPNxv1IQkykxw2woWMmTLKLMCD/i+4DxejE50tK
|
C+mD+5iW2AiWh+yCasf6mOZwUfINZF+VDpmfIsZZbWpcMgp1f32fpRFZ3ietnsnR
|
||||||
dxaOLTc4HDCsattw/RVJO6fwE414IXHMv330z4HKWJevMQ+CmQGfswvCwgeBP9n8
|
+luNb19hUHKyyDDHMe/YM7H9P5vtX9BGz6O9kNpo1LAnigkSQSFBZlK3Po3Yk9eg
|
||||||
PItLjBQAXIhJBBgRAgAJBQJSh85OAhsMAAoJEMbjGcM0QQaCzpAAmwUNoRyySf9p
|
XPbDT5HsU3TMyS5ZnSDRRPPJwsyGPXz+0pCADae9H9hCc2C2LZIrrtwlOFPWuViA
|
||||||
5G3/2UD1PMueIwOtAKDVVDXEq5LJPVg4iafNu0SRMwgP0Q==
|
ifY/dQmUP37n5XgMADRc
|
||||||
=icbY
|
=O0zm
|
||||||
-----END PGP PUBLIC KEY BLOCK-----
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
74
data/proftpd/files/home.paperless.conf
Normal file
74
data/proftpd/files/home.paperless.conf
Normal file
|
@ -0,0 +1,74 @@
|
||||||
|
Include /etc/proftpd/modules.conf
|
||||||
|
|
||||||
|
UseIPv6 on
|
||||||
|
<IfModule mod_ident.c>
|
||||||
|
IdentLookups off
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
ServerName "home.paperless"
|
||||||
|
ServerType standalone
|
||||||
|
DeferWelcome off
|
||||||
|
|
||||||
|
DefaultServer on
|
||||||
|
ShowSymlinks on
|
||||||
|
|
||||||
|
TimeoutNoTransfer 600
|
||||||
|
TimeoutStalled 600
|
||||||
|
TimeoutIdle 1200
|
||||||
|
|
||||||
|
DisplayLogin welcome.msg
|
||||||
|
DisplayChdir .message true
|
||||||
|
ListOptions "-l"
|
||||||
|
|
||||||
|
DenyFilter \*.*/
|
||||||
|
|
||||||
|
RequireValidShell off
|
||||||
|
|
||||||
|
Port 21
|
||||||
|
|
||||||
|
PassivePorts 49152 50192
|
||||||
|
|
||||||
|
MaxInstances 30
|
||||||
|
|
||||||
|
User proftpd
|
||||||
|
Group nogroup
|
||||||
|
|
||||||
|
Umask 022 022
|
||||||
|
AllowOverwrite on
|
||||||
|
|
||||||
|
TransferLog /var/log/proftpd/xferlog
|
||||||
|
SystemLog /var/log/proftpd/proftpd.log
|
||||||
|
|
||||||
|
<IfModule mod_quotatab.c>
|
||||||
|
QuotaEngine off
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mod_ratio.c>
|
||||||
|
Ratios off
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mod_delay.c>
|
||||||
|
DelayEngine on
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mod_ctrls.c>
|
||||||
|
ControlsEngine off
|
||||||
|
ControlsMaxClients 2
|
||||||
|
ControlsLog /var/log/proftpd/controls.log
|
||||||
|
ControlsInterval 5
|
||||||
|
ControlsSocket /var/run/proftpd/proftpd.sock
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<IfModule mod_ctrls_admin.c>
|
||||||
|
AdminControlsEngine off
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
<Anonymous /mnt/paperless/consume/>
|
||||||
|
User nobody
|
||||||
|
Group nogroup
|
||||||
|
UserAlias anonymous ftp
|
||||||
|
|
||||||
|
<Directory *>
|
||||||
|
AllowAll
|
||||||
|
</Directory>
|
||||||
|
</Anonymous>
|
|
@ -1,23 +1,23 @@
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIDxzCCA02gAwIBAgISBDW3AazQEdYbYaSrLIoUKbvsMAoGCCqGSM49BAMDMDIx
|
MIIDxjCCA0ygAwIBAgISBIbwgyWchKDri2pD+Lk46M3eMAoGCCqGSM49BAMDMDIx
|
||||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
||||||
NjAeFw0yNDA2MjExNjUzNDBaFw0yNDA5MTkxNjUzMzlaMCIxIDAeBgNVBAMTF2hv
|
NTAeFw0yNDA5MTkxOTQ5NDFaFw0yNDEyMTgxOTQ5NDBaMCIxIDAeBgNVBAMTF2hv
|
||||||
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEQDuO
|
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4rKd
|
||||||
QacqKUrKWbwBWgSqPkaBIb4t6f4kiRMvCyY8KiZmIvJadVD6iKnbcGzFQ0LRI+vt
|
PfAtfQts90WjdnsscizZzlUF/HZBx97kT4/eWgyU/MNOFGF4WqGA92OX0ymZVJ7l
|
||||||
+O6ZVpwsUOXvgF3PB7o7OfODlVsKRc4pYJPvoRRaz1VlK6eZW20GGivBVgl0o4IC
|
D4CnHq96odx0LqHBQ+W+MXNlsWnwBTUOPKp8XyUeDhZbkgNJDR8nGtHje9a8o4IC
|
||||||
NDCCAjAwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
MzCCAi8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
||||||
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRScRdoEyCVXr1PC0yvKusaOO5i
|
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSONIAWFPI0mqJYBqnWk1J0Ea27
|
||||||
dTAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU0jBVBggrBgEFBQcBAQRJ
|
sDAfBgNVHSMEGDAWgBSfK1/PPCFPnQS37SssxMZwi9LXDTBVBggrBgEFBQcBAQRJ
|
||||||
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNi5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
|
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNS5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
|
||||||
AoYWaHR0cDovL2U2LmkubGVuY3Iub3JnLzA9BgNVHREENjA0ghkqLmhvbWUuc29w
|
AoYWaHR0cDovL2U1LmkubGVuY3Iub3JnLzA9BgNVHREENjA0ghkqLmhvbWUuc29w
|
||||||
aGllcy1raXRjaGVuLmV1ghdob21lLnNvcGhpZXMta2l0Y2hlbi5ldTATBgNVHSAE
|
aGllcy1raXRjaGVuLmV1ghdob21lLnNvcGhpZXMta2l0Y2hlbi5ldTATBgNVHSAE
|
||||||
DDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB1AEiw42vapkc0
|
DDAKMAgGBmeBDAECATCCAQMGCisGAQQB1nkCBAIEgfQEgfEA7wB1AEiw42vapkc0
|
||||||
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkDvuwaIAAAQDAEYwRAIgP3lyMqvr
|
D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABkgwK350AAAQDAEYwRAIga5zPs7YZ
|
||||||
+a7XWoRLxzQzhv6umJ/hiQPTWen3qqTao34CIGLq9y9ZPZUuo2smf49h9v9I9B4t
|
mJqbxhinEJKKQ9XCe1w/MhBzFMzwHFGbaPgCIHeprkwET14Y3h5dmUF7szwTg1Ey
|
||||||
o6ihFaHoOB68q37DAHcA3+FW66oFr7WcD4ZxjajAMk6uVtlup/WlagHRwTu+UlwA
|
zqLM+GQL3t7EAX2cAHYAPxdLT9ciR1iUHWUchL4NEu2QN38fhWrrwb8ohez4ZG4A
|
||||||
AAGQO+7CZAAABAMASDBGAiEAjl1f87koOUNfTNL4IRO+BBEVeHCxPvYRaztVJoC0
|
AAGSDArfogAABAMARzBFAiEA0faR1cyqpmCyHo/0KCv04fkpwgzWdMY+WopJXDLD
|
||||||
x6ECIQDblc+Snmea3OSqydLcyi8xgdtMySyQgPElXLtM7H+RUjAKBggqhkjOPQQD
|
zz8CIEBKANatmiRstc5D69jKhq2beHldLZB3jRfm1WlWqmxJMAoGCCqGSM49BAMD
|
||||||
AwNoADBlAjA0FOSmTiYrA9Hd2T5DkI2TMOH2akk8SxXprkei6H37bI8O3br7ke8t
|
A2gAMGUCMCrpe2jxoTH410jNJPOnbN4ae0Ng54JtRNcFWHlcwpk07NrByJSTPWDd
|
||||||
jwHWVtvN4d8CMQDohhdWUQ3G8Fl4ektN34oX6U3NcywBm96U3RVt5JYcfnn8ea68
|
zr7AYsbbVQIxAOGboJcIxsuf+rN30iWoe5KwCY3sd5XW8bEKFQnugIVHxAQKnHNc
|
||||||
Qboj263s/g0Ciqs=
|
0InWz2sVWYKNBA==
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
|
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
|
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
||||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
||||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
|
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
||||||
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
|
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
||||||
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
|
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
||||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
||||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
|
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
||||||
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
||||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
||||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
|
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
||||||
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
|
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
||||||
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
|
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
||||||
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
|
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
||||||
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
|
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
||||||
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
|
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
||||||
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
|
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
||||||
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
|
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
||||||
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
|
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
||||||
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
|
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
||||||
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
|
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
||||||
Ig46v9mFmBvyH04=
|
VQD9F6Na/+zmXCc=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
encrypt$gAAAAABmdb4pdFakOuqHPRpEu_RjEPVVS9Ef0kuvWKKT3Gr3056e0nhinh_THX1w7CqiZ4CQlvSIH7vlDNUORFWlqDuZJOh8FYPSzjr78aK1MqVGZHxQBK8VVNd0K5m1U3z9_4W_pB7Zr_5fLXDqtIW-t68GQPEfxCwy2h2eBepQ2zJiLupWa7JwuqiXH6QyB4gD5Y-9F30RjH52WtJLrx6XtgClPG0p-6FrHcNHqmMYqgpt11zvLa88lOBUoDGFrrqqFRbY039ay2b1jrQOAhTQLDxnAMsbr5jTSbST1modE-1u_Wis-Km-jcMwkiViZpK-HC6Ce_TNdt1NDarBat6nRhTrpqHXENlroVixHmGl1_-Y6mc75tJ-KHQKRRzwK8V_X62iA3vfSz1Xps8B1FZqxJWA2EdM0JkQecCuC-bnpedEoumYnif3vLhe91NV8SQ5FBlkd3NFT8vBAWCgnqT_jDf5YQW70w==
|
encrypt$gAAAAABm7I7N50TwtCs2LUt_MArRJnLQ-xLFVhr-zDtdWUVMejViIN2O9h5d_RP45jWt5BpxIkTORarcULXprEXp7zbb-CR5CTwbsNK6HnvSHPwuwXuxJQKRJtT4wWfYEFOxY9aUR9gxvXc3arsYHwVsGyLOeWA_6YzjO5IpL1LfQrsJuUE_1p9sKRyPpslmOJtD5OihMtIfAJNzBDwOSE_gdtLa8iae3DHtSvmKbGKSvwQEZ0pkJxVTVXJY4wddQmdsuV0ky04ls_tUINH8t6IMTJCt_5_ELzpTSdcHgV6W4yh8r_LTEH38n2boYnz3fKgieHnDHDWxFW1EYA2JWjkamH7hQ8iOMl8bqQieFAENnYjF41iz6tSCjfxVyKt_OfJUAwMScVMhPsuaI_i_ZB0Ge6BLsMwkw0d3yw06CwRQ3N7PcPPJLhL_eQS3EuV7Y-7Vv64secplJJIkcFfm1t5zcGkkm4-pDw==
|
|
@ -61,6 +61,9 @@ groups['home'] = {
|
||||||
}
|
}
|
||||||
|
|
||||||
groups['sophie'] = {
|
groups['sophie'] = {
|
||||||
|
'supergroups': {
|
||||||
|
'linux',
|
||||||
|
},
|
||||||
'member_patterns': {
|
'member_patterns': {
|
||||||
r"sophie\..*",
|
r"sophie\..*",
|
||||||
},
|
},
|
||||||
|
@ -68,6 +71,9 @@ groups['sophie'] = {
|
||||||
'icinga_options': {
|
'icinga_options': {
|
||||||
'exclude_from_monitoring': True,
|
'exclude_from_monitoring': True,
|
||||||
},
|
},
|
||||||
|
'backup-client': {
|
||||||
|
'target': 'htz-hel.backup-sophie',
|
||||||
|
},
|
||||||
'users': {
|
'users': {
|
||||||
'sophie': {},
|
'sophie': {},
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import bwpass
|
import bwpass
|
||||||
|
|
||||||
|
|
||||||
def demagify(something, vault):
|
def demagify(something, vault):
|
||||||
if isinstance(something, str):
|
if isinstance(something, str):
|
||||||
if something.startswith('!bwpass:'):
|
if something.startswith('!bwpass:'):
|
||||||
|
|
|
@ -17,7 +17,7 @@ WG_AUTOGEN_NODES = [
|
||||||
'home.router',
|
'home.router',
|
||||||
'htz-cloud.wireguard',
|
'htz-cloud.wireguard',
|
||||||
'icinga2',
|
'icinga2',
|
||||||
'daisy',
|
None, # daisy
|
||||||
]
|
]
|
||||||
|
|
||||||
WG_AUTOGEN_SETTINGS = {
|
WG_AUTOGEN_SETTINGS = {
|
||||||
|
|
|
@ -4,9 +4,9 @@ from hashlib import sha3_224
|
||||||
|
|
||||||
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
|
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
|
||||||
from cryptography.hazmat.primitives.serialization import (Encoding,
|
from cryptography.hazmat.primitives.serialization import (Encoding,
|
||||||
NoEncryption,
|
NoEncryption,
|
||||||
PrivateFormat,
|
PrivateFormat,
|
||||||
PublicFormat)
|
PublicFormat)
|
||||||
|
|
||||||
from bundlewrap.utils import Fault
|
from bundlewrap.utils import Fault
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from bundlewrap.utils.ui import io
|
|
||||||
from bundlewrap.utils.scm import get_rev
|
from bundlewrap.utils.scm import get_rev
|
||||||
from bundlewrap.utils.text import red, bold
|
from bundlewrap.utils.text import bold, red
|
||||||
|
from bundlewrap.utils.ui import io
|
||||||
|
|
||||||
|
|
||||||
@node_attribute
|
@node_attribute
|
||||||
def needs_apply(node):
|
def needs_apply(node):
|
||||||
|
|
|
@ -40,7 +40,7 @@ imap_pass = "!bwpass_attr:t-online.de/franzi.kunsmann@t-online.de:imap"
|
||||||
|
|
||||||
[metadata.element-web]
|
[metadata.element-web]
|
||||||
url = "chat.franzi.business"
|
url = "chat.franzi.business"
|
||||||
version = "v1.11.76"
|
version = "v1.11.85"
|
||||||
[metadata.element-web.config]
|
[metadata.element-web.config]
|
||||||
default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business"
|
default_server_config.'m.homeserver'.base_url = "https://matrix.franzi.business"
|
||||||
default_server_config.'m.homeserver'.server_name = "franzi.business"
|
default_server_config.'m.homeserver'.server_name = "franzi.business"
|
||||||
|
@ -49,8 +49,8 @@ defaultCountryCode = "DE"
|
||||||
jitsi.preferredDomain = "meet.ffmuc.net"
|
jitsi.preferredDomain = "meet.ffmuc.net"
|
||||||
|
|
||||||
[metadata.forgejo]
|
[metadata.forgejo]
|
||||||
version = "8.0.2"
|
version = "9.0.2"
|
||||||
sha1 = "c842480b99445b70c314e20be144789711fa7deb"
|
sha1 = "5aecc64f93e8ef05c6d6f83d4b647bdb2c831d9f"
|
||||||
domain = "git.franzi.business"
|
domain = "git.franzi.business"
|
||||||
enable_git_hooks = true
|
enable_git_hooks = true
|
||||||
install_ssh_key = true
|
install_ssh_key = true
|
||||||
|
@ -90,7 +90,7 @@ user_id = "@dimension:franzi.business"
|
||||||
admin_contact = "mailto:hostmaster@kunbox.net"
|
admin_contact = "mailto:hostmaster@kunbox.net"
|
||||||
baseurl = "matrix.franzi.business"
|
baseurl = "matrix.franzi.business"
|
||||||
server_name = "franzi.business"
|
server_name = "franzi.business"
|
||||||
trusted_key_servers = ["matrix.org", "finallycoffee.eu"]
|
trusted_key_servers = ["matrix.org", "161.rocks"]
|
||||||
additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net"
|
additional_client_config.'im.vector.riot.jitsi'.preferredDomain = "meet.ffmuc.net"
|
||||||
wellknown_also_on_vhosts = ["franzi.business"]
|
wellknown_also_on_vhosts = ["franzi.business"]
|
||||||
[metadata.matrix-synapse.sliding_sync]
|
[metadata.matrix-synapse.sliding_sync]
|
||||||
|
@ -114,8 +114,8 @@ provisioning.shared_secret = "!decrypt:encrypt$gAAAAABfVKflEMAi07C_QGP8cy97hF-4g
|
||||||
"'@kunsi:franzi.business'" = "admin"
|
"'@kunsi:franzi.business'" = "admin"
|
||||||
|
|
||||||
[metadata.mautrix-whatsapp]
|
[metadata.mautrix-whatsapp]
|
||||||
version = "v0.10.9"
|
version = "v0.11.1"
|
||||||
sha1 = "1619579ec6b9fca84fec085a94842d309d3f730c"
|
sha1 = "ada2dc6acfd5cb15fae341266b383d3f6e8b42bd"
|
||||||
permissions."'@kunsi:franzi.business'" = "admin"
|
permissions."'@kunsi:franzi.business'" = "admin"
|
||||||
[metadata.mautrix-whatsapp.homeserver]
|
[metadata.mautrix-whatsapp.homeserver]
|
||||||
domain = "franzi.business"
|
domain = "franzi.business"
|
||||||
|
@ -126,7 +126,7 @@ domain = "rss.franzi.business"
|
||||||
|
|
||||||
[metadata.netbox]
|
[metadata.netbox]
|
||||||
domain = "netbox.franzi.business"
|
domain = "netbox.franzi.business"
|
||||||
version = "v4.1.0"
|
version = "v4.1.6"
|
||||||
admins.kunsi = "hostmaster@kunbox.net"
|
admins.kunsi = "hostmaster@kunbox.net"
|
||||||
|
|
||||||
[metadata.nextcloud]
|
[metadata.nextcloud]
|
||||||
|
@ -136,6 +136,10 @@ domain = "warnochwas.de"
|
||||||
contact = "mailto:security@kunsmann.eu"
|
contact = "mailto:security@kunsmann.eu"
|
||||||
Encryption = "https://franzi.business/gpg_hi-kunsmann.eu.asc"
|
Encryption = "https://franzi.business/gpg_hi-kunsmann.eu.asc"
|
||||||
|
|
||||||
|
[metadata.nginx.vhosts.'afra.berlin'.locations.'/']
|
||||||
|
redirect = "https://afra-berlin.de"
|
||||||
|
mode = 302
|
||||||
|
|
||||||
[metadata.nginx.vhosts.forgejo]
|
[metadata.nginx.vhosts.forgejo]
|
||||||
domain_aliases = ["git.kunsmann.eu"]
|
domain_aliases = ["git.kunsmann.eu"]
|
||||||
|
|
||||||
|
@ -148,8 +152,10 @@ owner = "skye"
|
||||||
|
|
||||||
[metadata.nginx.vhosts.kunsitracker]
|
[metadata.nginx.vhosts.kunsitracker]
|
||||||
domain = "kunsitracker.de"
|
domain = "kunsitracker.de"
|
||||||
locations.'/'.redirect = "https://travelynx.franzi.business/p/Kunsi"
|
locations.'/'.target = "https://travelynx.franzi.business/"
|
||||||
locations.'/'.mode = 302
|
locations.'/'.proxy_pass_host = "travelynx.franzi.business"
|
||||||
|
locations.'= /'.target = "https://travelynx.franzi.business/p/Kunsi"
|
||||||
|
locations.'= /'.proxy_pass_host = "travelynx.franzi.business"
|
||||||
|
|
||||||
[metadata.nginx.vhosts.mta-sts]
|
[metadata.nginx.vhosts.mta-sts]
|
||||||
domain = "mta-sts.kunbox.net"
|
domain = "mta-sts.kunbox.net"
|
||||||
|
@ -251,12 +257,12 @@ dkim = "uO4aNejDvVdw8BKne3KJIqAvCQMJ0416"
|
||||||
|
|
||||||
[metadata.smartd]
|
[metadata.smartd]
|
||||||
disks = [
|
disks = [
|
||||||
"/dev/nvme0",
|
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NF0W508470",
|
||||||
"/dev/nvme1",
|
"/dev/disk/by-id/nvme-SAMSUNG_MZVL22T0HBLB-00B00_S677NX0W114380",
|
||||||
]
|
]
|
||||||
|
|
||||||
[metadata.travelynx]
|
[metadata.travelynx]
|
||||||
version = "2.8.35"
|
version = "2.8.40"
|
||||||
mail_from = "travelynx@franzi.business"
|
mail_from = "travelynx@franzi.business"
|
||||||
domain = "travelynx.franzi.business"
|
domain = "travelynx.franzi.business"
|
||||||
|
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
hostname = "2a11:f2c0:3:4::120"
|
|
||||||
bundles = [
|
|
||||||
"bird",
|
|
||||||
"wireguard",
|
|
||||||
]
|
|
||||||
groups = [
|
|
||||||
"debian-bookworm",
|
|
||||||
]
|
|
||||||
|
|
||||||
[metadata]
|
|
||||||
location = "glauca"
|
|
||||||
nameservers = [
|
|
||||||
"2606:4700::1111",
|
|
||||||
"2606:4700:4700::1001",
|
|
||||||
]
|
|
||||||
backups.exclude_from_backups = true
|
|
||||||
icinga_options.period = "daytime"
|
|
||||||
|
|
||||||
[metadata.interfaces.ens18]
|
|
||||||
ips = [
|
|
||||||
"2a11:f2c0:3:4::120/64",
|
|
||||||
]
|
|
||||||
gateway6 = "fe80::220:91ff:fe45:e19e"
|
|
9
nodes/home.fujitsu-n7100.toml
Normal file
9
nodes/home.fujitsu-n7100.toml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
dummy = true
|
||||||
|
|
||||||
|
[metadata.interfaces.default]
|
||||||
|
ips = ["172.19.138.75"]
|
||||||
|
dhcp = true
|
||||||
|
mac = "00:01:29:59:a9:8c"
|
||||||
|
|
||||||
|
[metadata.icinga_options]
|
||||||
|
exclude_from_monitoring = true
|
|
@ -22,7 +22,7 @@ ram = 2
|
||||||
|
|
||||||
[metadata.homeassistant]
|
[metadata.homeassistant]
|
||||||
domain = 'hass.home.kunbox.net'
|
domain = 'hass.home.kunbox.net'
|
||||||
api_secret = 'encrypt$gAAAAABjpyuqXLoilokQW5c0zV8shHcOzN1zkEbS-I6WAAX-xDO_OF33YbjbkpELU2HGBzqiWX40J0hsaEbYJOnCHFk8gJ-Xt0vdqqbQ5vca_TGPNQHZPAS4qZoPTcUhmX_I-0EdT6ukhxejXFYBiYRZikTLjH3lcNM5qnckCm-H9NbRdjLb9hbCDIjbEglHmBl_g08S1_ukvX3dDSCIHIxgXXGsdK_Go1KxPJd8G22FL_MMhCfsTW-6ioIqoHSeSA1NGk3MZHEIM2errckiopKBxoBaROsacO9Uqk1zrrgXOs2NsgiTRtrbV1TNlFVaIX9mZdsUnMGZ'
|
api_secret = '!decrypt:encrypt$gAAAAABm9lNg_mNhyzb4S6WRtVRDmQFBnPpoCwyqMnilRrAFUXc-EDvv-nYXPbSIbjTf7ZReTPtqr8k3WrGPqiuqhJ60LVv4A5DMqT5c6hTVr4WbhP4DPEIPgfd5aq6U9_-H9WDyQYHKjnunLJEYtEREzmhTq3XsYeQ05DyE7hfnQ-zVoBb0CsAK7GdhihRTdvhXv2N9M04_rigyBP-roRcUgCqwyHuWJc0IPAyn3R4Mr43ZqgR2fn6dNV_YUVKn9c0nWxIwRnYy6Ff_Te9NoGVmXxkiNUX-90bBLKFiCzrRAtizxrTiQb2SRipaWbgOlV6wbMy2KNux'
|
||||||
|
|
||||||
[metadata.nginx]
|
[metadata.nginx]
|
||||||
restrict-to = [
|
restrict-to = [
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
hostname = "172.19.138.22"
|
hostname = "172.19.138.22"
|
||||||
groups = ["debian-bookworm"]
|
groups = ["debian-bookworm"]
|
||||||
|
bundles = ["docker-engine", "nginx", "redis"]
|
||||||
|
|
||||||
[metadata]
|
[metadata]
|
||||||
icinga_options.exclude_from_monitoring = true
|
icinga_options.exclude_from_monitoring = true
|
||||||
|
|
||||||
|
[metadata.docker-engine.config]
|
||||||
|
# this is a dev machine, it's fine if docker does shenanigans with
|
||||||
|
# iptables
|
||||||
|
iptables = true
|
||||||
|
|
||||||
[metadata.interfaces.eno3]
|
[metadata.interfaces.eno3]
|
||||||
ips = [
|
ips = [
|
||||||
"172.19.138.22/24",
|
"172.19.138.22/24",
|
||||||
|
@ -11,7 +17,7 @@ ips = [
|
||||||
gateway4 = "172.19.138.1"
|
gateway4 = "172.19.138.1"
|
||||||
ipv6_accept_ra = true
|
ipv6_accept_ra = true
|
||||||
|
|
||||||
[metadata.nftable.forward]
|
[metadata.nftables.forward]
|
||||||
50-local-forward = [
|
50-local-forward = [
|
||||||
'ct state { related, established } accept',
|
'ct state { related, established } accept',
|
||||||
'iifname eno3 accept',
|
'iifname eno3 accept',
|
||||||
|
|
|
@ -12,7 +12,6 @@ nodes['home.nas'] = {
|
||||||
'nfs-server',
|
'nfs-server',
|
||||||
'rsyslogd',
|
'rsyslogd',
|
||||||
'samba',
|
'samba',
|
||||||
'scansnap',
|
|
||||||
'smartd',
|
'smartd',
|
||||||
'vmhost',
|
'vmhost',
|
||||||
'zfs',
|
'zfs',
|
||||||
|
@ -68,6 +67,22 @@ nodes['home.nas'] = {
|
||||||
'/storage/nas/normen',
|
'/storage/nas/normen',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'dm-crypt': {
|
||||||
|
'encrypted-devices': {
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K': {
|
||||||
|
'dm-name': 'sam-S5SSNJ0X409404K',
|
||||||
|
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409404K'),
|
||||||
|
},
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F': {
|
||||||
|
'dm-name': 'sam-S5SSNJ0X409845F',
|
||||||
|
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409845F'),
|
||||||
|
},
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J': {
|
||||||
|
'dm-name': 'sam-S5SSNJ0X409870J',
|
||||||
|
'passphrase': bwpass.password('bw/home.nas/dmcrypt/S5SSNJ0X409870J'),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
'groups': {
|
'groups': {
|
||||||
'nas': {},
|
'nas': {},
|
||||||
},
|
},
|
||||||
|
@ -97,11 +112,6 @@ nodes['home.nas'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'jellyfin': {
|
|
||||||
'restrict-to': {
|
|
||||||
'home.lgtv-wohnzimmer',
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'mixcloud-downloader': {
|
'mixcloud-downloader': {
|
||||||
'netrc': {
|
'netrc': {
|
||||||
'soundcloud': {
|
'soundcloud': {
|
||||||
|
@ -150,9 +160,6 @@ nodes['home.nas'] = {
|
||||||
'/srv/paperless': {
|
'/srv/paperless': {
|
||||||
'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
'home.paperless': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
||||||
},
|
},
|
||||||
'/srv/scansnap': {
|
|
||||||
'172.19.138.0/24': 'rw,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'nginx': {
|
'nginx': {
|
||||||
|
@ -174,6 +181,10 @@ nodes['home.nas'] = {
|
||||||
'path': '/storage/nas/Musik',
|
'path': '/storage/nas/Musik',
|
||||||
'force_group': 'nas',
|
'force_group': 'nas',
|
||||||
},
|
},
|
||||||
|
'music_videos': {
|
||||||
|
'path': '/storage/nas/Musikvideos',
|
||||||
|
'force_group': 'nas',
|
||||||
|
},
|
||||||
},
|
},
|
||||||
'restrict-to': {
|
'restrict-to': {
|
||||||
'172.19.138.0/24',
|
'172.19.138.0/24',
|
||||||
|
@ -183,9 +194,18 @@ nodes['home.nas'] = {
|
||||||
'disks': {
|
'disks': {
|
||||||
'/dev/nvme0',
|
'/dev/nvme0',
|
||||||
|
|
||||||
# ZFS cache disks
|
# old nas disks
|
||||||
#'/dev/disk/by-id/ata-TS64GSSD370_B807810503',
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8GE15GR',
|
||||||
#'/dev/disk/by-id/ata-TS64GSSD370_B807810527',
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJ406R',
|
||||||
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJBTLR',
|
||||||
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8HJGN6R',
|
||||||
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
|
||||||
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V9JS5UYL',
|
||||||
|
|
||||||
|
# encrypted disks
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409404K',
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409845F',
|
||||||
|
'/dev/disk/by-id/ata-Samsung_SSD_870_QVO_8TB_S5SSNJ0X409870J',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'systemd-networkd': {
|
'systemd-networkd': {
|
||||||
|
@ -254,26 +274,49 @@ nodes['home.nas'] = {
|
||||||
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
|
'/dev/disk/by-id/ata-WDC_WD6003FFBX-68MU3N0_V8J8ZKRR',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
# {
|
|
||||||
# 'type': 'log',
|
|
||||||
# 'devices': {
|
|
||||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part1',
|
|
||||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part1',
|
|
||||||
# },
|
|
||||||
# },
|
|
||||||
# {
|
|
||||||
# 'type': 'cache',
|
|
||||||
# 'devices': {
|
|
||||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810503-part2',
|
|
||||||
# '/dev/disk/by-id/ata-TS64GSSD370_B807810527-part2',
|
|
||||||
# },
|
|
||||||
# },
|
|
||||||
],
|
],
|
||||||
'ashift': 12,
|
'ashift': 12,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'encrypted': {
|
||||||
|
'when_creating': {
|
||||||
|
'config': [
|
||||||
|
{
|
||||||
|
'type': 'raidz',
|
||||||
|
'devices': {
|
||||||
|
'/dev/mapper/sam-S5SSNJ0X409404K',
|
||||||
|
'/dev/mapper/sam-S5SSNJ0X409845F',
|
||||||
|
'/dev/mapper/sam-S5SSNJ0X409870J',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
],
|
||||||
|
'ashift': 12,
|
||||||
|
},
|
||||||
|
'needs': {
|
||||||
|
'action:dm-crypt_open_sam-S5SSNJ0X409404K',
|
||||||
|
'action:dm-crypt_open_sam-S5SSNJ0X409845F',
|
||||||
|
'action:dm-crypt_open_sam-S5SSNJ0X409870J',
|
||||||
|
},
|
||||||
|
# see comment in bundle:backup-server
|
||||||
|
'unless': 'zpool import encrypted',
|
||||||
|
},
|
||||||
},
|
},
|
||||||
'datasets': {
|
'datasets': {
|
||||||
|
'encrypted': {
|
||||||
|
'primarycache': 'metadata',
|
||||||
|
},
|
||||||
|
'encrypted/download': {
|
||||||
|
'mountpoint': '/media/download',
|
||||||
|
},
|
||||||
|
'encrypted/nas': {
|
||||||
|
'acltype': 'off',
|
||||||
|
'atime': 'off',
|
||||||
|
'compression': 'off',
|
||||||
|
'mountpoint': '/storage/nas',
|
||||||
|
},
|
||||||
|
'encrypted/paperless': {
|
||||||
|
'mountpoint': '/media/paperless',
|
||||||
|
},
|
||||||
'storage': {
|
'storage': {
|
||||||
'primarycache': 'metadata',
|
'primarycache': 'metadata',
|
||||||
},
|
},
|
||||||
|
@ -283,25 +326,35 @@ nodes['home.nas'] = {
|
||||||
'storage/download': {
|
'storage/download': {
|
||||||
'mountpoint': '/storage/download',
|
'mountpoint': '/storage/download',
|
||||||
},
|
},
|
||||||
'storage/inbox': {
|
|
||||||
'quota': str(1024*1024*1024*1024), # 1TB
|
|
||||||
'mountpoint': '/storage/inbox',
|
|
||||||
},
|
|
||||||
'storage/nas': {
|
'storage/nas': {
|
||||||
'acltype': 'off',
|
'acltype': 'off',
|
||||||
'atime': 'off',
|
'atime': 'off',
|
||||||
'compression': 'off',
|
'compression': 'off',
|
||||||
'mountpoint': '/storage/nas',
|
'mountpoint': '/media/nas_old',
|
||||||
},
|
},
|
||||||
'storage/paperless': {
|
'storage/paperless': {
|
||||||
'mountpoint': '/srv/paperless',
|
'mountpoint': '/srv/paperless',
|
||||||
},
|
},
|
||||||
'storage/scan': {
|
|
||||||
'mountpoint': '/srv/scansnap',
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
'snapshots': {
|
'snapshots': {
|
||||||
'retain_per_dataset': {
|
'retain_per_dataset': {
|
||||||
|
'encrypted/download': {
|
||||||
|
'hourly': 6,
|
||||||
|
'daily': 0,
|
||||||
|
'weekly': 0,
|
||||||
|
'monthly': 0,
|
||||||
|
},
|
||||||
|
'encrypted/nas': {
|
||||||
|
# juuuuuuuust to be sure.
|
||||||
|
'daily': 14,
|
||||||
|
'weekly': 6,
|
||||||
|
'monthly': 12,
|
||||||
|
},
|
||||||
|
'encrypted/paperless': {
|
||||||
|
'daily': 14,
|
||||||
|
'weekly': 6,
|
||||||
|
'monthly': 24,
|
||||||
|
},
|
||||||
'storage/download': {
|
'storage/download': {
|
||||||
'hourly': 48,
|
'hourly': 48,
|
||||||
'daily': 0,
|
'daily': 0,
|
||||||
|
@ -319,12 +372,6 @@ nodes['home.nas'] = {
|
||||||
'weekly': 6,
|
'weekly': 6,
|
||||||
'monthly': 24,
|
'monthly': 24,
|
||||||
},
|
},
|
||||||
'storage/scan': {
|
|
||||||
'hourly': 6,
|
|
||||||
'daily': 0,
|
|
||||||
'weekly': 0,
|
|
||||||
'monthly': 0,
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
@ -6,6 +6,7 @@ nodes['home.paperless'] = {
|
||||||
'redis',
|
'redis',
|
||||||
'postgresql',
|
'postgresql',
|
||||||
'paperless-ng',
|
'paperless-ng',
|
||||||
|
'proftpd',
|
||||||
},
|
},
|
||||||
'groups': {
|
'groups': {
|
||||||
'debian-bookworm',
|
'debian-bookworm',
|
||||||
|
@ -47,12 +48,17 @@ nodes['home.paperless'] = {
|
||||||
},
|
},
|
||||||
'paperless': {
|
'paperless': {
|
||||||
'domain': 'paperless.home.kunbox.net',
|
'domain': 'paperless.home.kunbox.net',
|
||||||
'version': 'v2.11.6',
|
'version': 'v2.13.5',
|
||||||
'timezone': 'Europe/Berlin',
|
'timezone': 'Europe/Berlin',
|
||||||
},
|
},
|
||||||
'postgresql': {
|
'postgresql': {
|
||||||
'version': 15,
|
'version': 15,
|
||||||
},
|
},
|
||||||
|
'proftpd': {
|
||||||
|
'restrict-to': {
|
||||||
|
'home.fujitsu-n7100',
|
||||||
|
},
|
||||||
|
},
|
||||||
'vm': {
|
'vm': {
|
||||||
'cpu': 2,
|
'cpu': 2,
|
||||||
'ram': 2,
|
'ram': 2,
|
||||||
|
|
|
@ -1,100 +0,0 @@
|
||||||
hostname = "91.107.203.234"
|
|
||||||
bundles = [
|
|
||||||
"element-web",
|
|
||||||
"matrix-media-repo",
|
|
||||||
"matrix-registration",
|
|
||||||
"matrix-synapse",
|
|
||||||
"nodejs",
|
|
||||||
"postgresql",
|
|
||||||
"zfs",
|
|
||||||
]
|
|
||||||
groups = [
|
|
||||||
"debian-bookworm",
|
|
||||||
"webserver",
|
|
||||||
]
|
|
||||||
|
|
||||||
[metadata.icinga_options]
|
|
||||||
pretty_name = "afra.berlin"
|
|
||||||
|
|
||||||
[metadata.interfaces.eth0]
|
|
||||||
ips = [
|
|
||||||
"91.107.203.234/32",
|
|
||||||
"2a01:4f8:c010:b0e1::1/64",
|
|
||||||
]
|
|
||||||
gateway4 = '172.31.1.1'
|
|
||||||
gateway6 = 'fe80::1'
|
|
||||||
|
|
||||||
[metadata.interfaces.ens10]
|
|
||||||
ips = [
|
|
||||||
"172.19.137.7/32",
|
|
||||||
]
|
|
||||||
routes.'172.19.128.0/20'.via = "172.19.137.1"
|
|
||||||
|
|
||||||
[metadata.element-web]
|
|
||||||
url = "element.afra.berlin"
|
|
||||||
version = "v1.11.76"
|
|
||||||
|
|
||||||
[metadata.element-web.config]
|
|
||||||
default_server_config.'m.homeserver'.base_url = "https://matrix.afra.berlin"
|
|
||||||
default_server_config.'m.homeserver'.server_name = "afra.berlin"
|
|
||||||
brand = "afra.berlin"
|
|
||||||
defaultCountryCode = "DE"
|
|
||||||
jitsi.preferredDomain = "meet.ffmuc.net"
|
|
||||||
|
|
||||||
[metadata.matrix-media-repo]
|
|
||||||
admins = ['@administress:afra.berlin']
|
|
||||||
datastore_id = "e33b50474021fba9977f912414cdd7fe8890ed57"
|
|
||||||
sha1 = "3e2bb7089b0898b86000243a82cc58ae998dc9d9"
|
|
||||||
upload_max_mb = 50
|
|
||||||
version = "v1.3.7"
|
|
||||||
|
|
||||||
[metadata.matrix-media-repo.homeservers.'afra.berlin']
|
|
||||||
domain = "http://[::1]:20080/"
|
|
||||||
api = "synapse"
|
|
||||||
signing_key_path = "/etc/matrix-synapse/mmr.signing.key"
|
|
||||||
|
|
||||||
[metadata.matrix-registration]
|
|
||||||
base_path = "/matrix"
|
|
||||||
client_redirect = "https://element.afra.berlin"
|
|
||||||
|
|
||||||
[metadata.matrix-synapse]
|
|
||||||
server_name = "afra.berlin"
|
|
||||||
baseurl = "matrix.afra.berlin"
|
|
||||||
admin_contact = 'mailto:hostmaster@kunbox.net'
|
|
||||||
trusted_key_servers = [
|
|
||||||
"matrix.org",
|
|
||||||
"franzi.business",
|
|
||||||
]
|
|
||||||
wellknown_also_on_vhosts = ["redirect"]
|
|
||||||
|
|
||||||
[metadata.nginx.vhosts.redirect]
|
|
||||||
domain = "afra.berlin"
|
|
||||||
|
|
||||||
[metadata.nginx.vhosts.redirect.locations.'/']
|
|
||||||
redirect = "https://afra-berlin.de"
|
|
||||||
mode = 302
|
|
||||||
|
|
||||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/host-meta']
|
|
||||||
#redirect = "https://fedi.afra.berlin/.well-known/host-meta"
|
|
||||||
#mode = 301
|
|
||||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/nodeinfo']
|
|
||||||
#redirect = "https://fedi.afra.berlin/.well-known/nodeinfo"
|
|
||||||
#mode = 301
|
|
||||||
#[metadata.nginx.vhosts.redirect.locations.'/.well-known/webfinger']
|
|
||||||
#redirect = "https://fedi.afra.berlin/.well-known/webfinger"
|
|
||||||
#mode = 301
|
|
||||||
|
|
||||||
[metadata.nginx.vhosts.redirect.locations.'/matrix/']
|
|
||||||
target = "http://127.0.0.1:20100/"
|
|
||||||
|
|
||||||
[metadata.postgresql]
|
|
||||||
version = "15"
|
|
||||||
work_mem = 1024
|
|
||||||
cache_size = 2048
|
|
||||||
|
|
||||||
[[metadata.zfs.pools.tank.when_creating.config]]
|
|
||||||
devices = ["/dev/disk/by-id/scsi-0HC_Volume_32207877"]
|
|
||||||
|
|
||||||
[metadata.vm]
|
|
||||||
cpu = 2
|
|
||||||
ram = 8
|
|
|
@ -37,6 +37,7 @@ nodes['htz-cloud.wireguard'] = {
|
||||||
'172.19.137.0/24',
|
'172.19.137.0/24',
|
||||||
'172.19.136.62/31',
|
'172.19.136.62/31',
|
||||||
'172.19.136.64/31',
|
'172.19.136.64/31',
|
||||||
|
'192.168.100.0/24',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'nftables': {
|
'nftables': {
|
||||||
|
@ -80,6 +81,17 @@ nodes['htz-cloud.wireguard'] = {
|
||||||
'10.73.0.0/16',
|
'10.73.0.0/16',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'fra-jana': {
|
||||||
|
'endpoint': 'gw.as212226.net:40000',
|
||||||
|
'my_ip': '192.168.48.11/24',
|
||||||
|
'my_port': 51802,
|
||||||
|
'their_ip': '192.168.48.1',
|
||||||
|
'pubkey': vault.decrypt('encrypt$gAAAAABnCA7M0Jg0cQwIaYCYEYN74MOSQK30rbhxD6tDIi2VEBqPh-UHrt7MdRzI4AUZ-p0MzjIdsps_DdGBkUTwA_UKD15Q_tg_LJNwDb04zvgSqc3hnJ4jeS2ZZEED0T1dVJ7E0YNS'),
|
||||||
|
'masquerade': True,
|
||||||
|
'routes': {
|
||||||
|
'192.168.100.0/24',
|
||||||
|
},
|
||||||
|
},
|
||||||
'kunsi-oneplus7': {
|
'kunsi-oneplus7': {
|
||||||
'endpoint': None,
|
'endpoint': None,
|
||||||
'exclude_from_monitoring': True,
|
'exclude_from_monitoring': True,
|
||||||
|
|
|
@ -33,5 +33,8 @@ nodes['htz-hel.backup-kunsi'] = {
|
||||||
'/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'),
|
'/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1-part1': bwpass.password('bw/backup-kunsi/encryption-passphrase'),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'zfs': {
|
||||||
|
'scrub_when': 'Wed 08:00 Europe/Berlin',
|
||||||
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
hostname = "2a01:4f9:6b:2d99::c0ff:ee"
|
hostname = "2a01:4f9:6b:2d99::c0ff:ee"
|
||||||
dummy = true
|
#dummy = true
|
||||||
|
bundles = ["sshmon", "smartd"]
|
||||||
|
|
||||||
# How to install:
|
# How to install:
|
||||||
# - Get server at Hetzner (no IPv4)
|
# - Get server at Hetzner (no IPv4)
|
||||||
|
@ -17,3 +18,11 @@ dummy = true
|
||||||
# - IPv6 only
|
# - IPv6 only
|
||||||
# - IP from the /64 hetzner gives us
|
# - IP from the /64 hetzner gives us
|
||||||
# - Gateway is the host itself, to work around the MAC filter hetzner uses
|
# - Gateway is the host itself, to work around the MAC filter hetzner uses
|
||||||
|
|
||||||
|
[metadata.smartd]
|
||||||
|
disks = [
|
||||||
|
"/dev/sda",
|
||||||
|
"/dev/sdb",
|
||||||
|
"/dev/sdc",
|
||||||
|
"/dev/sdd",
|
||||||
|
]
|
||||||
|
|
|
@ -97,16 +97,15 @@ nodes['kunsi-p14s'] = {
|
||||||
'xf86-video-amdgpu': {},
|
'xf86-video-amdgpu': {},
|
||||||
|
|
||||||
# all that other random stuff one needs
|
# all that other random stuff one needs
|
||||||
'abcde': {},
|
#'abcde': {},
|
||||||
'apachedirectorystudio': {},
|
|
||||||
'claws-mail': {},
|
'claws-mail': {},
|
||||||
'claws-mail-themes': {},
|
'claws-mail-themes': {},
|
||||||
'ferdium-bin': {},
|
'ferdium-bin': {},
|
||||||
'gumbo-parser': {}, # for claws litehtml
|
'gumbo-parser': {}, # for claws litehtml
|
||||||
'inkstitch': {}, # for RZL embroidery machine
|
'inkstitch': {}, # for RZL embroidery machine
|
||||||
'obs-studio': {},
|
'obs-studio': {},
|
||||||
'perl-musicbrainz-discid': {}, # for abcde
|
#'perl-musicbrainz-discid': {}, # for abcde
|
||||||
'perl-webservice-musicbrainz': {}, # for abcde
|
#'perl-webservice-musicbrainz': {}, # for abcde
|
||||||
'sdl_ttf': {}, # for compiling testcard
|
'sdl_ttf': {}, # for compiling testcard
|
||||||
'x32edit': {},
|
'x32edit': {},
|
||||||
},
|
},
|
||||||
|
|
7
nodes/rottenraptor-server-ipmi.toml
Normal file
7
nodes/rottenraptor-server-ipmi.toml
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
dummy = true
|
||||||
|
|
||||||
|
[metadata.icinga_options]
|
||||||
|
period = "daytime"
|
||||||
|
|
||||||
|
[metadata.interfaces.default]
|
||||||
|
ips = ["192.168.100.27/24"]
|
61
nodes/rottenraptor-server.toml
Normal file
61
nodes/rottenraptor-server.toml
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
hostname = "91.198.192.207"
|
||||||
|
groups = [
|
||||||
|
"debian-bookworm",
|
||||||
|
"webserver",
|
||||||
|
]
|
||||||
|
bundles = [
|
||||||
|
"docker-engine",
|
||||||
|
"docker-immich",
|
||||||
|
"ipmitool",
|
||||||
|
"redis",
|
||||||
|
"smartd",
|
||||||
|
"zfs",
|
||||||
|
]
|
||||||
|
|
||||||
|
[metadata.icinga_options]
|
||||||
|
period = "daytime"
|
||||||
|
|
||||||
|
[metadata.interfaces.eno4]
|
||||||
|
ips = [
|
||||||
|
"91.198.192.207/27",
|
||||||
|
"2001:67c:b54:1::e/64",
|
||||||
|
]
|
||||||
|
gateway4 = "91.198.192.193"
|
||||||
|
gateway6 = "2001:67c:b54:1::1"
|
||||||
|
|
||||||
|
[metadata.nginx.vhosts.immich]
|
||||||
|
domain = "rr-immich.franzi.business"
|
||||||
|
|
||||||
|
[metadata.smartd]
|
||||||
|
disks = [
|
||||||
|
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0287704",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0387139",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103",
|
||||||
|
"/dev/disk/by-id/nvme-TOSHIBA-RC100_58UPC29HPW5S",
|
||||||
|
]
|
||||||
|
|
||||||
|
[metadata.zfs.pools.tank.when_creating]
|
||||||
|
ashift = 12
|
||||||
|
|
||||||
|
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||||
|
type = "mirror"
|
||||||
|
devices = [
|
||||||
|
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0287704",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WD30EZRX-00DC0B0_WD-WMC1T0387139",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||||
|
type = "log"
|
||||||
|
devices = [
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321-part1",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103-part1",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[metadata.zfs.pools.tank.when_creating.config]]
|
||||||
|
type = "cache"
|
||||||
|
devices = [
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21133V800321-part2",
|
||||||
|
"/dev/disk/by-id/ata-WDC_WDS100T1R0A-68A4W0_21283J446103-part2",
|
||||||
|
]
|
||||||
|
|
|
@ -54,7 +54,6 @@ nodes['htz-cloud.miniserver'] = {
|
||||||
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
|
'echo \'core.weechat */layout store\' >> /home/sophie/.weechat/weechat_fifo\n' \
|
||||||
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
|
'echo \'core.weechat */save\' >> /home/sophie/.weechat/weechat_fifo\n',
|
||||||
},
|
},
|
||||||
'target': "htz-hel.backup-sophie",
|
|
||||||
},
|
},
|
||||||
'backups': {
|
'backups': {
|
||||||
'paths': {
|
'paths': {
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
nodes['voc.infobeamer-cms'] = {
|
nodes['voc.infobeamer-cms'] = {
|
||||||
'hostname': 'infobeamer-cms.c3voc.de',
|
'hostname': 'infobeamer.c3voc.de',
|
||||||
'bundles': {
|
'bundles': {
|
||||||
'infobeamer-cms',
|
'infobeamer-cms',
|
||||||
'infobeamer-monitor',
|
'infobeamer-monitor',
|
||||||
'redis',
|
'redis',
|
||||||
},
|
},
|
||||||
'groups': {
|
'groups': {
|
||||||
'debian-bullseye',
|
'debian-bookworm',
|
||||||
'webserver',
|
'webserver',
|
||||||
},
|
},
|
||||||
'metadata': {
|
'metadata': {
|
||||||
|
@ -25,7 +25,7 @@ nodes['voc.infobeamer-cms'] = {
|
||||||
},
|
},
|
||||||
'infobeamer-cms': {
|
'infobeamer-cms': {
|
||||||
'domain': 'infobeamer.c3voc.de',
|
'domain': 'infobeamer.c3voc.de',
|
||||||
'event_start_date': '2024-05-29',
|
'event_start_date': '2024-12-26',
|
||||||
'event_duration_days': 5,
|
'event_duration_days': 5,
|
||||||
'config': {
|
'config': {
|
||||||
'ADMIN_USERS': [
|
'ADMIN_USERS': [
|
||||||
|
@ -34,18 +34,14 @@ nodes['voc.infobeamer-cms'] = {
|
||||||
'jwacalex',
|
'jwacalex',
|
||||||
'kunsi',
|
'kunsi',
|
||||||
'sophieschi',
|
'sophieschi',
|
||||||
|
'v0tti',
|
||||||
],
|
],
|
||||||
'GITHUB_CLIENT_ID': vault.decrypt('encrypt$gAAAAABiNwHfIu9PYFfJrF7qirn_9vdvvUlEhJnadoNSS5XlCDbI_aMyj21_ZYQxaCkc6_eVX6Cj1jEHZ7Vs6wM-XyQdW0nUOahtqG4uvnYCiM3GFKHW_wQ='),
|
'GITHUB_CLIENT_ID': vault.decrypt('encrypt$gAAAAABiNwHfIu9PYFfJrF7qirn_9vdvvUlEhJnadoNSS5XlCDbI_aMyj21_ZYQxaCkc6_eVX6Cj1jEHZ7Vs6wM-XyQdW0nUOahtqG4uvnYCiM3GFKHW_wQ='),
|
||||||
'GITHUB_CLIENT_SECRET': vault.decrypt('encrypt$gAAAAABiNwHtdZC2XQ8IjosL7vsmrxZMwDIM6AD5dUlLo996tJs4qV7KJETHgYYZil2aMzClwhcE6JmxdhARRp7IJQ4rQQibelTNmyYSzj_V4puVpvma7SU0UZkTIG95SdPpoHY--Zba'),
|
'GITHUB_CLIENT_SECRET': vault.decrypt('encrypt$gAAAAABiNwHtdZC2XQ8IjosL7vsmrxZMwDIM6AD5dUlLo996tJs4qV7KJETHgYYZil2aMzClwhcE6JmxdhARRp7IJQ4rQQibelTNmyYSzj_V4puVpvma7SU0UZkTIG95SdPpoHY--Zba'),
|
||||||
'HOSTED_API_KEY': vault.decrypt('encrypt$gAAAAABhxJPH2sIGMAibU2Us1HoCVlNfF0SQQnVl0eiod48Zu8webL_-xk3wDw3yXw1Hkglj-2usl-D3Yd095yTSq0vZMCv2fh-JWwSPdJewQ45x9Ai4vXVD4CNz5vuJBESKS9xQWXTc'),
|
'HOSTED_API_KEY': vault.decrypt('encrypt$gAAAAABhxJPH2sIGMAibU2Us1HoCVlNfF0SQQnVl0eiod48Zu8webL_-xk3wDw3yXw1Hkglj-2usl-D3Yd095yTSq0vZMCv2fh-JWwSPdJewQ45x9Ai4vXVD4CNz5vuJBESKS9xQWXTc'),
|
||||||
'INTERRUPT_KEY': vault.human_password_for('infobeamer-cms interrupt key'),
|
'INTERRUPT_KEY': vault.human_password_for('infobeamer-cms interrupt key 38c3', words=1),
|
||||||
'MQTT_MESSAGE': '{{"level":"info","component":"infobeamer-cms","msg":"{asset} uploaded by {user}. Check it at {url}"}}',
|
|
||||||
'MQTT_PASSWORD': vault.decrypt('encrypt$gAAAAABhxakfhhwWn0vxhoO1FiMEpdCkomWvo0dHIuBrqDKav8WDpI6dXpb0hoXiWRsPV6p5m-8RlbfFbjPhz47AY-nFOOAAW6Yis3-IVD-U-InKJo9dvms='),
|
|
||||||
'MQTT_SERVER': 'mqtt.c3voc.de',
|
|
||||||
'MQTT_TOPIC': '/voc/alert',
|
|
||||||
'MQTT_USERNAME': vault.decrypt('encrypt$gAAAAABhxakKHC_kHmHP2mFHorb4niuNTH4F24w1D6m5JUxl117N7znlZA6fpMmY3_NcmBr2Ihw4hL3FjZr9Fm_1oUZ1ZQdADA=='),
|
|
||||||
'SETUP_IDS': [
|
'SETUP_IDS': [
|
||||||
250294,
|
253559,
|
||||||
],
|
],
|
||||||
# 'EXTRA_ASSETS': [{
|
# 'EXTRA_ASSETS': [{
|
||||||
# 'type': "image",
|
# 'type': "image",
|
||||||
|
@ -56,17 +52,35 @@ nodes['voc.infobeamer-cms'] = {
|
||||||
# 'x2': 110,
|
# 'x2': 110,
|
||||||
# 'y2': 1070,
|
# 'y2': 1070,
|
||||||
# }],
|
# }],
|
||||||
|
'NOTIFIER': {
|
||||||
|
'MQTT_PASSWORD': vault.decrypt('encrypt$gAAAAABhxakfhhwWn0vxhoO1FiMEpdCkomWvo0dHIuBrqDKav8WDpI6dXpb0hoXiWRsPV6p5m-8RlbfFbjPhz47AY-nFOOAAW6Yis3-IVD-U-InKJo9dvms='),
|
||||||
|
'MQTT_HOST': 'mqtt.c3voc.de',
|
||||||
|
'MQTT_TOPIC': '/voc/alert',
|
||||||
|
'MQTT_USERNAME': vault.decrypt('encrypt$gAAAAABhxakKHC_kHmHP2mFHorb4niuNTH4F24w1D6m5JUxl117N7znlZA6fpMmY3_NcmBr2Ihw4hL3FjZr9Fm_1oUZ1ZQdADA=='),
|
||||||
|
'NTFY': [
|
||||||
|
vault.decrypt('encrypt$gAAAAABm_RXKqIgRfe24frA_uvUMwJECr0TmL6TWPOmrPlS0CJuuBlpN6vGHrMkm5pjD5c5h1brC-aqQavsTk_AHXwq8bHG1QiZtQwqPxGuD_fEVP4-xOZ3t-RjqG3kPLz6ebqPoqyPl'),
|
||||||
|
],
|
||||||
|
},
|
||||||
|
'FAQ': {
|
||||||
|
'SOURCE': 'https://github.com/voc/infobeamer-cms',
|
||||||
|
'CONTACT': '''
|
||||||
|
Please use the <a href="https://chat.hackint.org/?join=infobeamer">IRC
|
||||||
|
Channel #infobeamer on irc.hackint.org</a> (also
|
||||||
|
<a href="https://www.hackint.org/transport/matrix">bridged to matrix</a>)
|
||||||
|
or #info-beamer on the cccv rocketchat instance.
|
||||||
|
'''.strip(),
|
||||||
|
},
|
||||||
},
|
},
|
||||||
'rooms': {
|
'rooms': {
|
||||||
'Saal 1': 34430,
|
# 'Saal 1': 34430,
|
||||||
'Saal G': 26598,
|
# 'Saal G': 26598,
|
||||||
'Saal Z': 26610,
|
# 'Saal Z': 26610,
|
||||||
'Saal E (SoS/Lightning-Talks)': 32814,
|
# 'Saal E (SoS/Lightning-Talks)': 32814,
|
||||||
'Saal F (Sendezentrum/DLF)': 9717,
|
# 'Saal F (Sendezentrum/DLF)': 9717,
|
||||||
},
|
},
|
||||||
'interrupts': {
|
'interrupts': {
|
||||||
'Questions': 'questions',
|
# 'Questions': 'questions',
|
||||||
'Translations': 'translations',
|
# 'Translations': 'translations',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'infobeamer-monitor': {
|
'infobeamer-monitor': {
|
||||||
|
|
|
@ -49,14 +49,15 @@ nodes['voc.pretalx'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'pretalx': {
|
'pretalx': {
|
||||||
'version': 'v2024.2.1',
|
# 2023.3.1 with some bugfixes
|
||||||
|
'version': '05e377398cecdd45d3ca6013040c5857bbe225d6',
|
||||||
'domain': 'pretalx.c3voc.de',
|
'domain': 'pretalx.c3voc.de',
|
||||||
'mail_from': 'pretalx@c3voc.de',
|
'mail_from': 'pretalx@c3voc.de',
|
||||||
'administrators-from-group-id': 1,
|
'administrators-from-group-id': 1,
|
||||||
'plugins': {
|
'plugins': {
|
||||||
'broadcast_tools': {
|
'broadcast_tools': {
|
||||||
'repo': 'https://github.com/Kunsi/pretalx-plugin-broadcast-tools.git',
|
'repo': 'https://github.com/Kunsi/pretalx-plugin-broadcast-tools.git',
|
||||||
'rev': 'main',
|
'rev': '2.4.0',
|
||||||
},
|
},
|
||||||
'downstream': {
|
'downstream': {
|
||||||
'repo': 'https://github.com/pretalx/pretalx-downstream.git',
|
'repo': 'https://github.com/pretalx/pretalx-downstream.git',
|
||||||
|
@ -64,7 +65,7 @@ nodes['voc.pretalx'] = {
|
||||||
},
|
},
|
||||||
'halfnarp': {
|
'halfnarp': {
|
||||||
'repo': 'https://github.com/seibert-media/pretalx-halfnarp.git',
|
'repo': 'https://github.com/seibert-media/pretalx-halfnarp.git',
|
||||||
'rev': '1.1.0',
|
'rev': '1.1.2',
|
||||||
},
|
},
|
||||||
'media.ccc.de': {
|
'media.ccc.de': {
|
||||||
'repo': 'https://github.com/pretalx/pretalx-media-ccc-de.git',
|
'repo': 'https://github.com/pretalx/pretalx-media-ccc-de.git',
|
||||||
|
@ -81,6 +82,6 @@ nodes['voc.pretalx'] = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'os': 'debian',
|
'os': 'debian',
|
||||||
'os_version': (11,),
|
'os_version': (12,),
|
||||||
'pip_command': 'pip3',
|
'pip_command': 'pip3',
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue