Update all the tor stuff

privfrontends/docker-tasks.yaml

@@ -1,12 +1,12 @@
 ---
-- name: Create directory for service
+- name: Create directory for {{item}}
   ansible.builtin.file:
     path: "{{ docker_dir }}/{{ item }}"
     state: directory
     mode: "0755"
   tags: docker,soleil,pizza
 
-- name: Copy docker-compose templates for the service
+- name: Copy docker-compose templates for the {{item}}
   ansible.builtin.template:
     src: "./compose/{{ item }}/compose.yml.j2"
     dest: "{{ docker_dir }}/{{ item }}/compose.yml"
@@ -15,7 +15,7 @@
   register: check_status
   tags: docker,soleil,pizza
 
-- name: Check if extras file exists for the service
+- name: Check if extras file exists for the {{item}}
   delegate_to: localhost
   ansible.builtin.stat:
     path: ./compose/{{ item }}/extras.conf.j2
@@ -31,7 +31,7 @@
   when: file.stat.exists
   tags: docker,soleil,pizza
 
-- name: "Update docker service image"
+- name: "Update docker {{item}} image"
   ansible.builtin.command:
     chdir: "{{ docker_dir }}/{{ item }}"
     cmd: docker compose pull
@@ -40,7 +40,7 @@
   changed_when: updateout.rc != 0
   tags: docker,soleil,pizza
 
-- name: "Stop docker service"
+- name: "Stop docker {{item}}"
   ansible.builtin.command:
     chdir: "{{ docker_dir }}/{{ item }}"
     cmd: docker compose down
@@ -49,7 +49,7 @@
   changed_when: stopout.rc != 0
   tags: docker,soleil,pizza
 
-- name: "Start docker service"
+- name: "Start docker {{item}}"
   ansible.builtin.command:
     chdir: "{{ docker_dir }}/{{ item }}"
     cmd: docker compose up -d --build --remove-orphans

privfrontends/templates/Caddyfile.j2

@@ -10,15 +10,15 @@
 
                 # clickjacking protection
                 X-Frame-Options SAMEORIGIN
-                Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
+                Onion-Location http://{args[0]}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
                 defer
         }
 }
 (torloc) {
-        header Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
+        header Onion-Location http://{args[0]}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
 }
 (i2ploc) {
-        header X-I2P-Location http://{args.0}{path}
+        header X-I2P-Location http://{args[0]}{path}
 }
 (acmedns) {
 	tls {
@@ -135,6 +135,7 @@ inv.{{ server_prefix }}.projectsegfau.lt inv.projectsegfau.lt invidious.projects
                 }
             }
         }
+		import torloc inv
 		{% if server_prefix == 'in' %}
         import acmedns
 		{% endif %}
@@ -169,10 +170,12 @@ scribe.{{ server_prefix }}.projectsegfau.lt scribe.projectsegfau.lt sc.psf.lt sc
 translate.{{ server_prefix }}.projectsegfau.lt translate.projectsegfau.lt tl.psf.lt tl.{{ server_prefix }}.psf.lt {
 	import def
 	reverse_proxy {% if inventory_hostname == 'core' %}192.168.5.2{% endif %}:5046
+	import torloc translate
 }
 safetwitch.{{ server_prefix }}.projectsegfau.lt safetwitch.projectsegfau.lt tw.psf.lt tw.{{ server_prefix }}.psf.lt {
 	import def
 	reverse_proxy {% if inventory_hostname == 'core' %}192.168.5.2{% endif %}:5070
+	import torloc safetwitch
 }
 api.safetwitch.{{ server_prefix }}.projectsegfau.lt {
 	reverse_proxy {% if inventory_hostname == 'core' %}192.168.5.2{% endif %}:5071
@@ -186,6 +189,7 @@ hyperpipebackend.{{ server_prefix }}.projectsegfau.lt {
 }
 search.{{ server_prefix }}.projectsegfau.lt search.projectsegfau.lt s.psf.lt s.{{ server_prefix }}.psf.lt {
         import def
+		import torloc search
         reverse_proxy {% if inventory_hostname == 'core' %}192.168.5.2{% endif %}:8081
         @api {
                 path /config

privfrontends/templates/core/apps.Caddyfile

@@ -252,6 +252,7 @@ xmpp-web.projectsegfau.lt, x.psf.lt {
 healthchecks.projectsegfau.lt, hc.psf.lt {
 	import def
 	reverse_proxy 192.168.5.2:8450
+	impor torloc healthchecks
 }
 # Pubthentik
 auth.p.projectsegfau.lt {
@@ -276,6 +277,7 @@ libretranslate.projectsegfau.lt lt.psf.lt libretranslate.in.projectsegfau.lt {
 gothub.dev.projectsegfau.lt gh.dev.psf.lt {
 	reverse_proxy 192.168.5.2:1025
 	import def
+	import torloc gothub.dev
 }
 ak.psf.lt {
 	redir https://social.projectsegfau.lt{uri}

privfrontends/templates/eu/darknet.Caddyfile

@@ -5,69 +5,48 @@ http://www.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http:/
 	import tor www
 	import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
 }
+# PUBNIX
+http://geminiproxy.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy 10.7.0.2:8000
+	import tor geminiproxy
+}
+http://cockpit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy 10.7.0.2:9090 {
+		transport http {
+			tls_insecure_skip_verify
+		}
+	}
+	import tor cockpit
+}
+http://*.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	@host header_regexp host Host ^([a-zA-Z0-9]+\-)?([A-Za-z0-9]+)\.p\.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad\.onion 
+	handle @host {
+		reverse_proxy 10.7.0.2:80 {
+			header_up Host "{re.host.1}{re.host.2}.p.projectsegfau.lt"
+		}
+		import tor {re.host.1}{re.host.2}.p
+	}
+}
+
 # Privacy Frontends
-http://scribe.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p {
-	reverse_proxy localhost:8006
-	import tor scribe
-	import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
-}
-http://translate.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	reverse_proxy localhost:5046
-	import tor translate
-}
-http://safetwitch.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	reverse_proxy localhost:5047
-	import tor safetwitch
-}
-http://nitter.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p {
-	reverse_proxy localhost:8387
-	import tor nitter
-	import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
-}
 http://lbry.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p {
 	import tor lbry
 	import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
-	reverse_proxy localhost:3550
+	reverse_proxy :3550
+}
+http://nitter.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p {
+	reverse_proxy :8387
+	import tor nitter
+	import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
 }
 http://libreddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p {
 	import tor libreddit
 	import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
-	reverse_proxy localhost:6464
+	reverse_proxy :6464
-}
-http://breezewiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p {
-	import tor breezewiki
-	import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
-	reverse_proxy localhost:10416
-}
-http://beatbump.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p {
-	import tor beatbump
-	import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
-	reverse_proxy localhost:3069
-}
-http://invbp.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p {
-	import tor invbp
-	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
-	reverse_proxy localhost:3000
-}
-http://rimgo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	import tor rimgo
-	reverse_proxy localhost:9016
 }
 http://teddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
 	import tor teddit
-	reverse_proxy localhost:9061
+	reverse_proxy :9061
-}
-http://overflow.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	import tor overflow
-	reverse_proxy localhost:8694
-}
-http://gothub.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	import tor gothub
-	reverse_proxy localhost:1024
-}
-http://gothub.dev.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
-	import tor gothub.dev
-	reverse_proxy localhost:1025
 }
 http://inv.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfhqamc7k6htnumrvn4cwqqdoggeepj7u5viyimgnxg3gar72q.b32.i2p {
 	import tor inv
@@ -76,6 +55,61 @@ http://inv.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http:/
 		header_up Host "invidious.projectsegfau.lt"
 	}
 }
+http://invbp.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p {
+	import tor invbp
+	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
+	reverse_proxy :7573
+}
+http://gothub.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor gothub
+	reverse_proxy https://gothub.projectsegfau.lt {
+		header_up Host "gothub.projectsegfau.lt"
+	}
+}
+http://gothub.dev.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor gothub.dev
+	reverse_proxy https://gothub.dev.projectsegfau.lt {
+		header_up Host "gothub.dev.projectsegfau.lt"
+	}
+}
+http://overflow.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor overflow
+	reverse_proxy https://overflow.projectsegfau.lt {
+		header_up Host "overflow.projectsegfau.lt"
+	}
+}
+http://rimgo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor rimgo
+	reverse_proxy https://rimgo.projectsegfau.lt {
+		header_up Host "rimgo.projectsegfau.lt"
+	}
+}
+http://breezewiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p {
+	import tor breezewiki
+	import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
+	reverse_proxy https://bw.projectsegfau.lt {
+		header_up Host "bw.projectsegfau.lt"
+	}
+}
+http://scribe.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p {
+	reverse_proxy https://scribe.projectsegfau.lt {
+		header_up Host "scribe.projectsegfau.lt"
+	}
+	import tor scribe
+	import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
+}
+http://translate.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy https://translate.projectsegfau.lt {
+		header_up Host "translate.projectsegfau.lt"
+	}
+	import tor translate
+}
+http://safetwitch.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy https://safetwitch.projectsegfau.lt {
+		header_up Host "safetwitch.projectsegfau.lt"
+	}
+	import tor safetwitch
+}
 http://search.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p {
 	import tor search
 	import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
@@ -83,6 +117,8 @@ http://search.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion htt
 		header_up Host "search.projectsegfau.lt"
 	}
 }
+
+
 http://git.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion http://pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p {
 	import tor git
 	import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
@@ -109,3 +145,9 @@ http://pass.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
 		header_up Host "pass.projectsegfau.lt"
 	}
 }
+http://healthchecks.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor healthchecks
+	reverse_proxy https://healthchecks.projectsegfau.lt {
+		header_up Host "healthchecks.projectsegfau.lt"
+	}
+}

privfrontends/templates/eu/pubnix.Caddyfile

@@ -9,6 +9,7 @@
 		reverse_proxy 10.7.0.2:80 {
 			header_up Host "{re.host.1}{re.host.2}.p.projectsegfau.lt"
 		}
+		import torloc {re.host.1}{re.host.2}.p
 	}
 	import acmedns
 }
@@ -25,7 +26,7 @@ cockpit.p.projectsegfau.lt {
 		}
 	}
 	import def
-	import torloc cockpit.p
+	import torloc cockpit
 }
 
 # PublAPI
@@ -33,14 +34,8 @@ publapi.p.projectsegfau.lt {
 	reverse_proxy 10.7.0.2:3000
 	import def
 }
-grafana.p.projectsegfau.lt {
-	reverse_proxy 10.7.0.2:6943 {
-		header_up X-Real-IP {remote_host}
-	}
-	import def
-}
 geminiproxy.projectsegfau.lt geminiproxy.p.projectsegfau.lt gp.p.psf.lt {
 	reverse_proxy 10.7.0.2:8000
 	import def
-	import torloc geminiproxy.p
+	import torloc geminiproxy
 }

privfrontends/templates/in/misc.Caddyfile

@@ -1,6 +1,3 @@
-bitpuit.in.projectsegfau.lt {
-	respond "Go fuck yourself devrand"
-}
 dd.psf.lt {
 	reverse_proxy :8008
 }