add configs
This commit is contained in:
commit
0d0ab66586
77
caddy/Caddyfile
Normal file
77
caddy/Caddyfile
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
(tor) {
|
||||||
|
header {
|
||||||
|
-Strict-Transport-Security
|
||||||
|
-Referrer-Policy
|
||||||
|
-X-XSS-Protection
|
||||||
|
-Content-Security-Policy
|
||||||
|
# disable clients from sniffing the media type
|
||||||
|
X-Content-Type-Options nosniff
|
||||||
|
Permissions-Policy interest-cohort=()
|
||||||
|
# clickjacking protection
|
||||||
|
X-Frame-Options SAMEORIGIN
|
||||||
|
Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
|
||||||
|
defer
|
||||||
|
}
|
||||||
|
}
|
||||||
|
(torloc) {
|
||||||
|
header Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
|
||||||
|
}
|
||||||
|
(i2ploc) {
|
||||||
|
header X-I2P-Location http://{args.0}{path}
|
||||||
|
}
|
||||||
|
(def) {
|
||||||
|
header {
|
||||||
|
# disable FLoC tracking
|
||||||
|
Permissions-Policy interest-cohort=()
|
||||||
|
# enable HSTS
|
||||||
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
|
# disable clients from sniffing the media type
|
||||||
|
X-Content-Type-Options nosniff
|
||||||
|
# clickjacking protection
|
||||||
|
X-Frame-Options SAMEORIGIN
|
||||||
|
# keep referrer data off of HTTP connections
|
||||||
|
Referrer-Policy no-referrer-when-downgrade
|
||||||
|
X-XSS-Protection "1; mode=block"
|
||||||
|
defer
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
:80 {
|
||||||
|
redir https://wiki.projectsegfau.lt/index.php?title=Pizza-1
|
||||||
|
}
|
||||||
|
|
||||||
|
import /etc/private.caddy
|
||||||
|
import ./*.caddy
|
||||||
|
|
||||||
|
stats.eu.projectsegfau.lt {
|
||||||
|
import auth
|
||||||
|
reverse_proxy localhost:9100
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
arya.projectsegfau.lt aryak.me {
|
||||||
|
reverse_proxy https://arya.p.projectsegfau.lt {
|
||||||
|
header_up Host arya.p.projectsegfau.lt
|
||||||
|
}
|
||||||
|
}
|
||||||
|
cdn.eu.projectsegfau.lt cdn.projectsegfau.lt {
|
||||||
|
encode zstd gzip
|
||||||
|
root * /var/cdn
|
||||||
|
file_server browse
|
||||||
|
}
|
||||||
|
## OLD URL REDIRECTS
|
||||||
|
invidious.mutahar.rocks {
|
||||||
|
redir https://inv.bp.projectsegfau.lt{uri} permanent
|
||||||
|
}
|
||||||
|
ferrit.projectsegfau.lt snooddit.projectsegfau.lt libreddit.mutahar.rocks {
|
||||||
|
redir https://libreddit.projectsegfau.lt{uri} permanent
|
||||||
|
}
|
||||||
|
lbry.mutahar.rocks {
|
||||||
|
redir https://lbry.projectsegfau.lt{uri} permanent
|
||||||
|
}
|
||||||
|
nitter.mutahar.rocks {
|
||||||
|
redir https://nitter.projectsegfau.lt{uri} permanent
|
||||||
|
}
|
||||||
|
#redir inv.bp.mutahar.rocks inv.bp.projectsegfau.lt permanent
|
||||||
|
#redir libreddit.mutahar.rocks libreddit.projectsegfau.lt permanent
|
||||||
|
#redir lbry.mutahar.rocks lbry.projectsegfau.lt permanent
|
||||||
|
#redir nitter.mutahar.rocks nitter.projectsegfau.lt permanent
|
90
caddy/frontends.caddy
Normal file
90
caddy/frontends.caddy
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
## Privacy Frontends
|
||||||
|
inv.bp.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:3000
|
||||||
|
import torloc invbp
|
||||||
|
header {
|
||||||
|
# disable FLoC tracking
|
||||||
|
Permissions-Policy interest-cohort=()
|
||||||
|
|
||||||
|
# enable HSTS
|
||||||
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
|
# disable clients from sniffing the media type
|
||||||
|
X-Content-Type-Options nosniff
|
||||||
|
|
||||||
|
# keep referrer data off of HTTP connections
|
||||||
|
Referrer-Policy no-referrer-when-downgrade
|
||||||
|
|
||||||
|
X-XSS-Protection "1; mode=block"
|
||||||
|
defer
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
gothub.dev.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:1025
|
||||||
|
import def
|
||||||
|
import torloc gothub.dev
|
||||||
|
}
|
||||||
|
|
||||||
|
lbry.projectsegfau.lt lbry.g.projectsegfau.lt lbry.eu.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:3550
|
||||||
|
import def
|
||||||
|
import torloc lbry
|
||||||
|
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||||
|
}
|
||||||
|
|
||||||
|
proxy.lbry.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:3001
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
|
||||||
|
gothub.projectsegfau.lt gothub.g.projectsegfau.lt gothub.eu.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:1024
|
||||||
|
import torloc github
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
|
||||||
|
overflow.projectsegfau.lt overflow.g.projectsegfau.lt overflow.eu.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:8694
|
||||||
|
import torloc overflow
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
libreddit.projectsegfau.lt libreddit.g.projectsegfau.lt libreddit.eu.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:6464
|
||||||
|
import torloc libreddit
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
|
||||||
|
nitter.projectsegfau.lt nitter.g.projectsegfau.lt nitter.eu.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:8387
|
||||||
|
import def
|
||||||
|
import torloc nitter
|
||||||
|
}
|
||||||
|
|
||||||
|
bb.g.projectsegfau.lt bb.eu.projectsegfau.lt bb.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:3069
|
||||||
|
import def
|
||||||
|
import torloc beatbump
|
||||||
|
}
|
||||||
|
|
||||||
|
bw.eu.projectsegfau.lt bw.g.projectsegfau.lt bw.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:10416
|
||||||
|
import def
|
||||||
|
import torloc breezewiki
|
||||||
|
}
|
||||||
|
|
||||||
|
scribe.eu.projectsegfau.lt scribe.g.projectsegfau.lt scribe.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:8006
|
||||||
|
import def
|
||||||
|
import torloc scribe
|
||||||
|
}
|
||||||
|
|
||||||
|
teddit.eu.projectsegfau.lt teddit.projectsegfau.lt teddit.g.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:9061
|
||||||
|
import def
|
||||||
|
import torloc teddit
|
||||||
|
}
|
||||||
|
rimgo.eu.projectsegfau.lt rimgo.projectsegfau.lt rimgo.g.projectsegfau.lt {
|
||||||
|
reverse_proxy localhost:9016
|
||||||
|
import def
|
||||||
|
import torloc rimgo
|
||||||
|
}
|
82
caddy/i2p.caddy
Normal file
82
caddy/i2p.caddy
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
|
||||||
|
## I2P
|
||||||
|
http://pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p:6001 {
|
||||||
|
reverse_proxy https://projectsegfau.lt {
|
||||||
|
header_up Host "projectsegfau.lt"
|
||||||
|
}
|
||||||
|
import tor www
|
||||||
|
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||||
|
}
|
||||||
|
http://pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p:6008 {
|
||||||
|
reverse_proxy localhost:8006
|
||||||
|
import tor scribe
|
||||||
|
import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
|
||||||
|
}
|
||||||
|
http://pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p:6005 {
|
||||||
|
reverse_proxy localhost:8387
|
||||||
|
import tor nitter
|
||||||
|
import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
|
||||||
|
}
|
||||||
|
http://pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p:6003 {
|
||||||
|
import tor lbry
|
||||||
|
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||||
|
reverse_proxy localhost:3550
|
||||||
|
}
|
||||||
|
http://pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p:6004 {
|
||||||
|
import tor libreddit
|
||||||
|
import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
|
||||||
|
reverse_proxy localhost:6464
|
||||||
|
}
|
||||||
|
http://pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p:6007 { # NW
|
||||||
|
import tor breezewiki
|
||||||
|
import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
|
||||||
|
reverse_proxy localhost:10416
|
||||||
|
}
|
||||||
|
http://pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p:6006 {
|
||||||
|
import tor beatbump
|
||||||
|
import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
|
||||||
|
reverse_proxy localhost:3069
|
||||||
|
}
|
||||||
|
http://pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p:6016 {
|
||||||
|
import tor invbp
|
||||||
|
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||||
|
reverse_proxy localhost:3000
|
||||||
|
}
|
||||||
|
http://pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p:6017 {
|
||||||
|
import tor rimgo
|
||||||
|
import i2ploc pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p
|
||||||
|
reverse_proxy localhost:9016
|
||||||
|
}
|
||||||
|
http://pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p:6018 {
|
||||||
|
import tor teddit
|
||||||
|
import i2ploc pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p
|
||||||
|
reverse_proxy localhost:9061
|
||||||
|
}
|
||||||
|
http://pjsfhqamc7k6htnumrvn4cwqqdoggeepj7u5viyimgnxg3gar72q.b32.i2p:6002 {
|
||||||
|
import tor inv
|
||||||
|
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||||
|
reverse_proxy https://invidious.projectsegfau.lt {
|
||||||
|
header_up Host "invidious.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p:6012 {
|
||||||
|
import tor search
|
||||||
|
import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
|
||||||
|
reverse_proxy https://search.projectsegfau.lt {
|
||||||
|
header_up Host "search.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p:6013 {
|
||||||
|
import tor git
|
||||||
|
import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
|
||||||
|
reverse_proxy https://git.projectsegfau.lt {
|
||||||
|
header_up Host "git.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p:6015 {
|
||||||
|
import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
|
||||||
|
import tor todo
|
||||||
|
reverse_proxy https://todo.projectsegfau.lt {
|
||||||
|
header_up Host "todo.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
38
caddy/pubnix.caddy
Normal file
38
caddy/pubnix.caddy
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# Reverse proxy all user sites
|
||||||
|
*.p.projectsegfau.lt {
|
||||||
|
reverse_proxy 10.7.0.2:80
|
||||||
|
import acmedns
|
||||||
|
}
|
||||||
|
|
||||||
|
# Redirect base subdomain to the pubnix homepage
|
||||||
|
p.projectsegfau.lt {
|
||||||
|
redir https://projectsegfau.lt/pubnix
|
||||||
|
}
|
||||||
|
|
||||||
|
# Cockpit
|
||||||
|
cockpit.p.projectsegfau.lt {
|
||||||
|
reverse_proxy 10.7.0.2:9090 {
|
||||||
|
transport http {
|
||||||
|
tls_insecure_skip_verify
|
||||||
|
}
|
||||||
|
}
|
||||||
|
import def
|
||||||
|
import torloc cockpit.p
|
||||||
|
}
|
||||||
|
|
||||||
|
# PublAPI
|
||||||
|
publapi.p.projectsegfau.lt {
|
||||||
|
reverse_proxy 10.7.0.2:3000
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
grafana.p.projectsegfau.lt {
|
||||||
|
reverse_proxy 10.7.0.2:6943 {
|
||||||
|
header_up X-Real-IP {remote_host}
|
||||||
|
}
|
||||||
|
import def
|
||||||
|
}
|
||||||
|
geminiproxy.p.projectsegfau.lt {
|
||||||
|
reverse_proxy 10.7.0.2:8000
|
||||||
|
import def
|
||||||
|
import torloc geminiproxy.p
|
||||||
|
}
|
123
caddy/tor.caddy
Normal file
123
caddy/tor.caddy
Normal file
@ -0,0 +1,123 @@
|
|||||||
|
http://pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
reverse_proxy https://projectsegfau.lt {
|
||||||
|
header_up Host "projectsegfau.lt"
|
||||||
|
}
|
||||||
|
import tor www
|
||||||
|
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||||
|
}
|
||||||
|
http://www.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
reverse_proxy https://projectsegfau.lt {
|
||||||
|
header_up Host "projectsegfau.lt"
|
||||||
|
}
|
||||||
|
import tor www
|
||||||
|
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||||
|
}
|
||||||
|
# Privacy Frontends
|
||||||
|
http://scribe.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
reverse_proxy localhost:8006
|
||||||
|
import tor scribe
|
||||||
|
import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
|
||||||
|
}
|
||||||
|
http://nitter.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
reverse_proxy localhost:8387
|
||||||
|
import tor nitter
|
||||||
|
import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
|
||||||
|
}
|
||||||
|
http://lbry.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor lbry
|
||||||
|
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||||
|
reverse_proxy localhost:3550
|
||||||
|
}
|
||||||
|
http://libreddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor libreddit
|
||||||
|
import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
|
||||||
|
reverse_proxy localhost:6464
|
||||||
|
}
|
||||||
|
http://breezewiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor breezewiki
|
||||||
|
import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
|
||||||
|
reverse_proxy localhost:10416
|
||||||
|
}
|
||||||
|
http://beatbump.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor beatbump
|
||||||
|
import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
|
||||||
|
reverse_proxy localhost:3069
|
||||||
|
}
|
||||||
|
http://invbp.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor invbp
|
||||||
|
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||||
|
reverse_proxy localhost:3000
|
||||||
|
}
|
||||||
|
http://rimgo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor rimgo
|
||||||
|
reverse_proxy localhost:9016
|
||||||
|
}
|
||||||
|
http://teddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor teddit
|
||||||
|
reverse_proxy localhost:9061
|
||||||
|
}
|
||||||
|
http://overflow.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor overflow
|
||||||
|
reverse_proxy localhost:8694
|
||||||
|
}
|
||||||
|
http://gothub.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor gothub
|
||||||
|
reverse_proxy localhost:1024
|
||||||
|
}
|
||||||
|
http://gothub.dev.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor gothub.dev
|
||||||
|
reverse_proxy localhost:1025
|
||||||
|
}
|
||||||
|
http://inv.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor inv
|
||||||
|
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||||
|
reverse_proxy https://invidious.projectsegfau.lt {
|
||||||
|
header_up Host "invidious.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://search.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor search
|
||||||
|
import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
|
||||||
|
reverse_proxy https://search.projectsegfau.lt {
|
||||||
|
header_up Host "search.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://git.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor git
|
||||||
|
import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
|
||||||
|
reverse_proxy https://git.projectsegfau.lt {
|
||||||
|
header_up Host "git.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://todo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor todo
|
||||||
|
import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
|
||||||
|
reverse_proxy https://todo.projectsegfau.lt {
|
||||||
|
header_up Host "todo.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://wiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor wiki
|
||||||
|
reverse_proxy https://wiki.projectsegfau.lt {
|
||||||
|
header_up Host "wiki.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://pass.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor pass
|
||||||
|
reverse_proxy https://pass.projectsegfau.lt {
|
||||||
|
header_up Host "pass.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
# Pubnix
|
||||||
|
http://geminiproxy.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor geminiproxy.p
|
||||||
|
reverse_proxy https://geminiproxy.p.projectsegfau.lt {
|
||||||
|
header_up Host "geminiproxy.p.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
http://cockpit.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||||
|
import tor cockpit.p
|
||||||
|
reverse_proxy https://cockpit.p.projectsegfau.lt {
|
||||||
|
header_up Host "cockpit.p.projectsegfau.lt"
|
||||||
|
}
|
||||||
|
}
|
6
cdn/cdnupdate
Executable file
6
cdn/cdnupdate
Executable file
@ -0,0 +1,6 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
RSYNC_ARGS='--recursive --copy-links --copy-dirlinks --perms --xattrs --times --delete --verbose --compress --compress-choice=zstd --mkpath --cvs-exclude --human-readable --partial --progress'
|
||||||
|
# India Node
|
||||||
|
rsync --rsh='ssh -p6922' ${RSYNC_ARGS} /var/cdn/ cdn@in.projectsegfau.lt:/var/cdn
|
||||||
|
# US Node
|
||||||
|
rsync ${RSYNC_ARGS} /var/cdn/ cdn@us.projectsegfau.lt:/var/cdn
|
4
docker/README.md
Normal file
4
docker/README.md
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# Docker
|
||||||
|
Private keys such as HMAC are not pushed for obvious reasons and are in separate envfiles
|
||||||
|
|
||||||
|
At the moment invidious isnt part of this but I'll include it in the future.
|
17
docker/anonymousoverflow-compose.yml
Normal file
17
docker/anonymousoverflow-compose.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
version: '3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
anonymousoverflow:
|
||||||
|
build:
|
||||||
|
context: .
|
||||||
|
network: 'host'
|
||||||
|
environment:
|
||||||
|
- APP_URL=https://overflow.projectsegfau.lt
|
||||||
|
# JWT_SIGNING_SECRET is in private.env
|
||||||
|
env_file:
|
||||||
|
- /opt/docker/anonymousoverflow/private.env
|
||||||
|
ports:
|
||||||
|
- '8694:8080'
|
||||||
|
restart: 'always'
|
||||||
|
labels:
|
||||||
|
- "com.centurylinklabs.watchtower.enable=false"
|
22
docker/beatbump-compose.yml
Normal file
22
docker/beatbump-compose.yml
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
version: "3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
image: "snuffydev/beatbump:master"
|
||||||
|
ports:
|
||||||
|
- "3069:3069"
|
||||||
|
environment:
|
||||||
|
PORT: 3069
|
||||||
|
VITE_DOMAIN: "bb.projectsegfau.lt"
|
||||||
|
VITE_SITE_URL: "https://bb.projectsegfau.lt"
|
||||||
|
VITE_DONATION_URL: "https://projectsegfau.lt/donate"
|
||||||
|
restart: unless-stopped
|
||||||
|
proxy:
|
||||||
|
build:
|
||||||
|
context: ./packages/proxy-server/deno
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
ports:
|
||||||
|
- "3070:3001"
|
||||||
|
restart: unless-stopped
|
||||||
|
labels:
|
||||||
|
- "com.centurylinklabs.watchtower.enable=false"
|
4
docker/breezewiki/config.ini
Normal file
4
docker/breezewiki/config.ini
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
canonical_origin = https://bw.projectsegfau.lt
|
||||||
|
debug = false
|
||||||
|
port = 10416
|
||||||
|
feature_search_suggestions = true
|
9
docker/breezewiki/docker-compose.yml
Normal file
9
docker/breezewiki/docker-compose.yml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
services:
|
||||||
|
breezewiki:
|
||||||
|
container_name: breezewiki
|
||||||
|
image: quay.io/pussthecatorg/breezewiki:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
ports:
|
||||||
|
- "10416:10416" # Replace with "10416:10416" if you don't use a reverse proxy
|
||||||
|
volumes:
|
||||||
|
- "./config.ini:/app/config.ini"
|
15
docker/gothub-compose.yml
Normal file
15
docker/gothub-compose.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
gothub:
|
||||||
|
image: codeberg.org/gothub/gothub:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
ports:
|
||||||
|
- "1024:3000"
|
||||||
|
environment:
|
||||||
|
- DOCKER=true
|
||||||
|
healthcheck:
|
||||||
|
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 2
|
||||||
|
|
25
docker/gothub-dev-compose.yml
Normal file
25
docker/gothub-dev-compose.yml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
gothub:
|
||||||
|
image: codeberg.org/gothub/gothub:dev
|
||||||
|
restart: unless-stopped
|
||||||
|
ports:
|
||||||
|
- "1025:3000"
|
||||||
|
environment:
|
||||||
|
- DOCKER=true
|
||||||
|
- GOTHUB_SETUP_COMPLETE=true
|
||||||
|
- GOTHUB_PROXYING_ENABLED=true
|
||||||
|
- GOTHUB_IP_LOGGED=false
|
||||||
|
- GOTHUB_REQUEST_URL_LOGGED=false
|
||||||
|
- GOTHUB_USER_AGENT_LOGGED=false
|
||||||
|
- GOTHUB_DIAGNOSTIC_INFO_LOGGED=false
|
||||||
|
- GOTHUB_INSTANCE_PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
|
||||||
|
- GOTHUB_INSTANCE_COUNTRY=Luxembourg
|
||||||
|
- GOTHUB_INSTANCE_PROVIDER=BuyVM
|
||||||
|
- GOTHUB_INSTANCE_CLOUDFLARE=false
|
||||||
|
healthcheck:
|
||||||
|
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 2
|
||||||
|
|
76
docker/invidious-compose.yml
Executable file
76
docker/invidious-compose.yml
Executable file
@ -0,0 +1,76 @@
|
|||||||
|
version: "2.4"
|
||||||
|
services:
|
||||||
|
postgres:
|
||||||
|
image: postgres:10
|
||||||
|
restart: always
|
||||||
|
networks:
|
||||||
|
- invidious
|
||||||
|
volumes:
|
||||||
|
- postgresdata:/var/lib/postgresql/data
|
||||||
|
- ./config/sql:/config/sql
|
||||||
|
- ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
|
||||||
|
environment:
|
||||||
|
POSTGRES_DB: invidious
|
||||||
|
POSTGRES_USER: kemal
|
||||||
|
POSTGRES_PASSWORD: kemal
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
||||||
|
invidious:
|
||||||
|
image: quay.io/invidious/invidious:latest
|
||||||
|
restart: always
|
||||||
|
networks:
|
||||||
|
- invidious
|
||||||
|
mem_limit: 1024M
|
||||||
|
cpus: 0.5
|
||||||
|
ports:
|
||||||
|
- "3000:3000"
|
||||||
|
env_file: /opt/docker/invidious/private.env
|
||||||
|
environment:
|
||||||
|
HMAC_KEY_PRIVATE: ${HMAC_KEY_PRIVATE}
|
||||||
|
INVIDIOUS_CONFIG: |
|
||||||
|
channel_threads: 1
|
||||||
|
check_tables: true
|
||||||
|
feed_threads: 1
|
||||||
|
db:
|
||||||
|
dbname: invidious
|
||||||
|
user: kemal
|
||||||
|
password: kemal
|
||||||
|
host: postgres
|
||||||
|
port: 5432
|
||||||
|
full_refresh: false
|
||||||
|
https_only: true
|
||||||
|
domain: inv.bp.projectsegfau.lt
|
||||||
|
external_port: 443
|
||||||
|
statistics_enabled: true
|
||||||
|
admins: ["midou"]
|
||||||
|
dark_mode: true
|
||||||
|
disable_proxy: false
|
||||||
|
banner: <a href="https://projectsegfau.lt/donate">Donate to Project Segfault</a> | <a href="https://invidious.projectsegfau.lt">FR </a> <a href="https://inv.bp.projectsegfau.lt">[LU] </a><a href="https://inv.us.projectsegfau.lt">US </a><a href="https://inv.in.projectsegfau.lt">IN</a>
|
||||||
|
enable_user_notifications: false
|
||||||
|
default_user_preferences:
|
||||||
|
local: true
|
||||||
|
extend_desc: true
|
||||||
|
quality: dash
|
||||||
|
quality_dash: 1080p
|
||||||
|
# does not work atm
|
||||||
|
hmac_key: ${HMAC_KEY_PRIVATE}
|
||||||
|
healthcheck:
|
||||||
|
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
|
||||||
|
interval: 30s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 2
|
||||||
|
depends_on:
|
||||||
|
- postgres
|
||||||
|
autoheal:
|
||||||
|
restart: always
|
||||||
|
image: willfarrell/autoheal
|
||||||
|
environment:
|
||||||
|
- AUTOHEAL_CONTAINER_LABEL=all
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
postgresdata:
|
||||||
|
|
||||||
|
networks:
|
||||||
|
invidious:
|
16
docker/libreddit-compose.yml
Normal file
16
docker/libreddit-compose.yml
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
services:
|
||||||
|
libreddit:
|
||||||
|
image: libreddit/libreddit:latest
|
||||||
|
ports:
|
||||||
|
- 127.0.0.1:6464:8080
|
||||||
|
restart: unless-stopped
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
|
||||||
|
interval: 5m
|
||||||
|
timeout: 3s
|
||||||
|
environment:
|
||||||
|
- FRONT_PAGE=popular
|
||||||
|
- COMMENT_SORT=new
|
||||||
|
- BLUR_NSFW=on
|
||||||
|
- USE_HLS=on
|
||||||
|
- AUTOPLAY_VIDEOS=off
|
25
docker/nitter/docker-compose.yaml
Executable file
25
docker/nitter/docker-compose.yaml
Executable file
@ -0,0 +1,25 @@
|
|||||||
|
version: "3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
|
||||||
|
nitter:
|
||||||
|
image: zedeus/nitter:latest
|
||||||
|
container_name: nitter
|
||||||
|
ports:
|
||||||
|
- "8387:8080" # Replace with "8080:8080" if you don't use a reverse proxy
|
||||||
|
volumes:
|
||||||
|
- /opt/docker/nitter/nitter.conf:/src/nitter.conf:ro
|
||||||
|
depends_on:
|
||||||
|
- nitter-redis
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
nitter-redis:
|
||||||
|
image: redis:6-alpine
|
||||||
|
container_name: nitter-redis
|
||||||
|
command: redis-server --save 60 1 --loglevel warning
|
||||||
|
volumes:
|
||||||
|
- nitter-redis:/data
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
nitter-redis:
|
45
docker/nitter/nitter.conf
Executable file
45
docker/nitter/nitter.conf
Executable file
@ -0,0 +1,45 @@
|
|||||||
|
[Server]
|
||||||
|
address = "0.0.0.0"
|
||||||
|
port = 8080
|
||||||
|
https = true # disable to enable cookies when not using https
|
||||||
|
httpMaxConnections = 100
|
||||||
|
staticDir = "./public"
|
||||||
|
title = "nitter"
|
||||||
|
hostname = "nitter.projectsegfau.lt"
|
||||||
|
|
||||||
|
[Cache]
|
||||||
|
listMinutes = 240 # how long to cache list info (not the tweets, so keep it high)
|
||||||
|
rssMinutes = 10 # how long to cache rss queries
|
||||||
|
redisHost = "nitter-redis" # Change to "nitter-redis" if using docker-compose
|
||||||
|
redisPort = 6379
|
||||||
|
redisPassword = ""
|
||||||
|
redisConnections = 20 # connection pool size
|
||||||
|
redisMaxConnections = 30
|
||||||
|
# max, new connections are opened when none are available, but if the pool size
|
||||||
|
# goes above this, they're closed when released. don't worry about this unless
|
||||||
|
# you receive tons of requests per second
|
||||||
|
|
||||||
|
[Config]
|
||||||
|
hmacKey = "xxx" # random key for cryptographic signing of video urls
|
||||||
|
base64Media = false # use base64 encoding for proxied media urls
|
||||||
|
enableRSS = true # set this to false to disable RSS feeds
|
||||||
|
enableDebug = false # enable request logs and debug endpoints
|
||||||
|
proxy = "" # http/https url, SOCKS proxies are not supported
|
||||||
|
proxyAuth = ""
|
||||||
|
tokenCount = 10
|
||||||
|
# minimum amount of usable tokens. tokens are used to authorize API requests,
|
||||||
|
# but they expire after ~1 hour, and have a limit of 187 requests.
|
||||||
|
# the limit gets reset every 15 minutes, and the pool is filled up so there's
|
||||||
|
# always at least $tokenCount usable tokens. again, only increase this if
|
||||||
|
# you receive major bursts all the time
|
||||||
|
|
||||||
|
# Change default preferences here, see src/prefs_impl.nim for a complete list
|
||||||
|
[Preferences]
|
||||||
|
theme = "Nitter"
|
||||||
|
replaceTwitter = "nitter.projectsegfau.lt"
|
||||||
|
replaceYouTube = "invidious.projectsegfau.lt"
|
||||||
|
replaceReddit = "libreddit.projectsegfau.lt"
|
||||||
|
replaceInstagram = ""
|
||||||
|
proxyVideos = true
|
||||||
|
hlsPlayback = true
|
||||||
|
infiniteScroll = false
|
4
docker/replace-compose
Executable file
4
docker/replace-compose
Executable file
@ -0,0 +1,4 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
mv /opt/docker/${1}/*compose.y*l /opt/docker/${1}/compose.pre-public-conf.yml
|
||||||
|
ln -s /configs/docker/${1}-compose.yml /opt/docker/${1}/compose.yml
|
||||||
|
cd /opt/docker/${1} && docker compose pull && docker compose down --remove-orphans && docker compose up -d --build && cd -
|
21
docker/rimgo-compose.yml
Normal file
21
docker/rimgo-compose.yml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
version: '3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
rimgo:
|
||||||
|
image: codeberg.org/video-prize-ranch/rimgo # Official image
|
||||||
|
#image: quay.io/pussthecatorg/rimgo # Unofficial image
|
||||||
|
#build: . # Uncomment to build from source
|
||||||
|
ports:
|
||||||
|
- 9016:3000
|
||||||
|
environment:
|
||||||
|
- ADDRESS=0.0.0.0
|
||||||
|
- PORT=3000
|
||||||
|
- FIBER_PREFORK=false
|
||||||
|
- IMGUR_CLIENT_ID=546c25a59c58ad7
|
||||||
|
- PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
|
||||||
|
- PRIVACY_MESSAGE=
|
||||||
|
- PRIVACY_COUNTRY=Luxembourg
|
||||||
|
- PRIVACY_PROVIDER=BuyVM
|
||||||
|
- PRIVACY_CLOUDFLARE=false
|
||||||
|
- PRIVACY_NOT_COLLECTED=true
|
||||||
|
restart: unless-stopped
|
17
docker/scribe-compose.yml
Normal file
17
docker/scribe-compose.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
scribe:
|
||||||
|
image: registry.gitlab.com/lomanic/scribe-binaries:latest
|
||||||
|
restart: always
|
||||||
|
container_name: "scribe"
|
||||||
|
ports:
|
||||||
|
- 8006:8006
|
||||||
|
environment:
|
||||||
|
- SCRIBE_PORT=8006
|
||||||
|
- SCRIBE_HOST=0.0.0.0
|
||||||
|
- APP_DOMAIN=scribe.projectsegfau.lt
|
||||||
|
- LUCKY_ENV=production
|
||||||
|
- PORT=8006
|
||||||
|
env_file:
|
||||||
|
- /opt/docker/scribe/scribe-private.env
|
42
docker/teddit-compose.yml
Normal file
42
docker/teddit-compose.yml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
|
||||||
|
teddit:
|
||||||
|
restart: always
|
||||||
|
container_name: teddit
|
||||||
|
image: teddit/teddit:latest
|
||||||
|
environment:
|
||||||
|
- DOMAIN=teddit.projectsegfau.lt
|
||||||
|
- USE_HELMET=true
|
||||||
|
- USE_HELMET_HSTS=true
|
||||||
|
- TRUST_PROXY=true
|
||||||
|
- REDIS_HOST=teddit-redis
|
||||||
|
ports:
|
||||||
|
- "9061:8080"
|
||||||
|
networks:
|
||||||
|
- teddit_net
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]
|
||||||
|
interval: 1m
|
||||||
|
timeout: 3s
|
||||||
|
depends_on:
|
||||||
|
- teddit-redis
|
||||||
|
|
||||||
|
teddit-redis:
|
||||||
|
restart: always
|
||||||
|
container_name: teddit-redis
|
||||||
|
image: redis:6.2.5-alpine
|
||||||
|
command: redis-server
|
||||||
|
environment:
|
||||||
|
- REDIS_REPLICATION_MODE=master
|
||||||
|
networks:
|
||||||
|
- teddit_net
|
||||||
|
volumes:
|
||||||
|
- teddit-redis:/data
|
||||||
|
volumes:
|
||||||
|
teddit-redis:
|
||||||
|
|
||||||
|
networks:
|
||||||
|
teddit_net:
|
||||||
|
|
17
docker/watchtower-compose.yml
Normal file
17
docker/watchtower-compose.yml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
version: "2"
|
||||||
|
services:
|
||||||
|
watchtower:
|
||||||
|
image: containrrr/watchtower
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
environment:
|
||||||
|
- TZ=Europe/Paris
|
||||||
|
- WATCHTOWER_CLEANUP=false
|
||||||
|
- DOCKER_API_VERSION=1.42
|
||||||
|
- WATCHTOWER_INCLUDE_STOPPED=false
|
||||||
|
- WATCHTOWER_POLL_INTERVAL=3600
|
||||||
|
- WATCHTOWER_MONITOR_ONLY=false
|
||||||
|
# WATCHTOWER_NOTIFICATION_URL is in private.env
|
||||||
|
env_file:
|
||||||
|
- /opt/docker/watchtower/private.env
|
||||||
|
restart: unless-stopped
|
30
haproxy/haproxy.cfg
Normal file
30
haproxy/haproxy.cfg
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
global
|
||||||
|
log /dev/log local0
|
||||||
|
log /dev/log local1 notice
|
||||||
|
chroot /var/lib/haproxy
|
||||||
|
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
|
||||||
|
stats timeout 30s
|
||||||
|
user haproxy
|
||||||
|
group haproxy
|
||||||
|
daemon
|
||||||
|
defaults
|
||||||
|
log global
|
||||||
|
mode http
|
||||||
|
option httplog
|
||||||
|
option dontlognull
|
||||||
|
timeout connect 5000
|
||||||
|
timeout client 50000
|
||||||
|
timeout server 50000
|
||||||
|
listen ssh
|
||||||
|
bind :::22 v4v6
|
||||||
|
balance roundrobin
|
||||||
|
mode tcp
|
||||||
|
option tcp-check
|
||||||
|
tcp-check expect rstring SSH-2.0-OpenSSH.*
|
||||||
|
server pubnix 10.7.0.2:22 check inter 10s fall 2 rise 1
|
||||||
|
listen xrdp
|
||||||
|
bind :::3389 v4v6
|
||||||
|
balance roundrobin
|
||||||
|
mode tcp
|
||||||
|
option tcp-check
|
||||||
|
server pubnix 10.7.0.2:3389 check inter 10s fall 2 rise 1
|
4
i2pd/README.md
Normal file
4
i2pd/README.md
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# I2Pd Info
|
||||||
|
`i2pd_funcs` was borrowed from the ~vern team (https://vern.cc/admins) with some minor modifications.
|
||||||
|
|
||||||
|
i2pd config is the same as dpkg upstream.
|
32
i2pd/i2pd_funcs
Normal file
32
i2pd/i2pd_funcs
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
i2pown() { chmod 640 "$1" && chown i2pd:i2pd "$1"; }
|
||||||
|
geni2p() { /root/i2pd-tools/vain "$2" -o "$1" && i2pown "$1"; }
|
||||||
|
vgi2p() { for i in "$@"; do geni2p "/var/lib/i2pd/pjsf.$i.dat" "pjsf"; done; }
|
||||||
|
create_i2p() {
|
||||||
|
if [[ -z "$4" ]]; then
|
||||||
|
printf 'Usage: create_i2p service_name keyfile_name clearnet_domain port [type] [host] [inport]\n'
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
[[ -f /var/lib/i2pd/pjsf.$2.dat ]] || vgi2p "$1"
|
||||||
|
printf '[%s]\ntype = %s\nhost = %s\nport = %s\nkeys = pjsf.%s.dat\n%s' "$3" "${5:-http}" "${6:-127.0.0.1}" "$4" "$2" "${7:+inport = $7}" | tee "/etc/i2pd/tunnels.d/$1.conf"
|
||||||
|
systemctl restart i2pd
|
||||||
|
}
|
||||||
|
|
||||||
|
delete_i2p() {
|
||||||
|
if [[ -z "$1" ]]; then
|
||||||
|
printf 'Usage: delete_i2p service_name\n'
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f /var/lib/i2pd/pjsf.$1.dat
|
||||||
|
rm -f /etc/i2pd/tunnels.d/$1.conf
|
||||||
|
systemctl restart i2pd
|
||||||
|
}
|
||||||
|
|
||||||
|
i2pup() { export http_proxy="http://127.0.0.1:4444"; }
|
||||||
|
i2pdown() { unset http_proxy; }
|
||||||
|
|
||||||
|
i2pb32() { /root/i2pd-tools/keyinfo ~i2pd/pjsf.$1.dat; }
|
||||||
|
i2pb64() { /root/i2pd-tools/keyinfo -d ~i2pd/pjsf.$1.dat; }
|
||||||
|
i2pport() { grep -R '^port = '"$1"'$' /etc/i2pd/tunnels.d/; }
|
28
knot/geodnstemplate
Normal file
28
knot/geodnstemplate
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
REPLACEME:
|
||||||
|
- geo: "*;*;*"
|
||||||
|
A: 107.189.12.96
|
||||||
|
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
TXT: "Worldwide-BuyVM-Lux"
|
||||||
|
- geo: "EU;*;*"
|
||||||
|
A: 107.189.12.96
|
||||||
|
TXT: "Europe-BuyVM-Lux"
|
||||||
|
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
- geo: "AF;*;*"
|
||||||
|
A: 107.189.12.96
|
||||||
|
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
TXT: "Africa-BuyVM-Lux"
|
||||||
|
- geo: "NA;*;*"
|
||||||
|
A: 143.198.131.196
|
||||||
|
AAAA: 2604:a880:4:1d0::52:7000
|
||||||
|
TXT: "NorthAmerica-DigitalOcean-SanFrancisco"
|
||||||
|
- geo: "SA;*;*"
|
||||||
|
A: 143.198.131.196
|
||||||
|
AAAA: 2604:a880:4:1d0::52:7000
|
||||||
|
TXT: "SouthAmerica-DigitalOcean-SanFrancisco"
|
||||||
|
- geo: "OC;*;*"
|
||||||
|
A: 143.198.131.196
|
||||||
|
AAAA: 2604:a880:4:1d0::52:7000
|
||||||
|
TXT: "Oceania-DigitalOcean-SanFrancisco"
|
||||||
|
- geo: "AS;*;*"
|
||||||
|
A: 110.227.202.171
|
||||||
|
TXT: "Asia-Airtel-Ind"
|
11
knot/geodnsupdate
Executable file
11
knot/geodnsupdate
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
geoconf=/etc/knot/geo.conf
|
||||||
|
remote='7S23i@us.projectsegfau.lt'
|
||||||
|
printf '' > $geoconf
|
||||||
|
for i in $(</var/geodnsdomains); do
|
||||||
|
cat /etc/knot/geodnstemplate >> $geoconf
|
||||||
|
sed -i "s/REPLACEME/${i}/" $geoconf
|
||||||
|
done
|
||||||
|
scp $geoconf "${remote}":/var/geo.conf
|
||||||
|
ssh $remote "sudo systemctl restart knot"
|
||||||
|
systemctl restart knot
|
52
knot/knot.conf
Normal file
52
knot/knot.conf
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
server:
|
||||||
|
rundir: "/run/knot"
|
||||||
|
user: knot:knot
|
||||||
|
listen: 107.189.12.96@53
|
||||||
|
|
||||||
|
log:
|
||||||
|
- target: syslog
|
||||||
|
any: info
|
||||||
|
|
||||||
|
database:
|
||||||
|
storage: "/var/lib/knot"
|
||||||
|
|
||||||
|
# See aryak.me/blog/knot for setup instructions.
|
||||||
|
include: /etc/knot/secrets.conf
|
||||||
|
|
||||||
|
remote:
|
||||||
|
- id: secondary
|
||||||
|
address: 143.198.131.196@53
|
||||||
|
key: us-node
|
||||||
|
|
||||||
|
acl:
|
||||||
|
- id: acl_secondary
|
||||||
|
address: 143.198.131.196
|
||||||
|
key: us-node
|
||||||
|
action: transfer
|
||||||
|
- id: acl_dynupdates
|
||||||
|
address: [143.198.131.196, 92.148.60.159, 51.91.103.130, 110.227.202.171, 107.189.12.96]
|
||||||
|
action: update
|
||||||
|
key: dynupd
|
||||||
|
|
||||||
|
template:
|
||||||
|
- id: default
|
||||||
|
storage: "/etc/knot/zones"
|
||||||
|
file: "%s.zone"
|
||||||
|
dnssec-signing: on
|
||||||
|
semantic-checks: on
|
||||||
|
zonefile-sync: -1
|
||||||
|
zonefile-load: difference-no-serial
|
||||||
|
journal-content: all
|
||||||
|
|
||||||
|
mod-geoip:
|
||||||
|
- id: geo
|
||||||
|
config-file: "/etc/knot/geo.conf"
|
||||||
|
mode: geodb
|
||||||
|
geodb-file: "/var/lib/knot/GeoLite2-City.mmdb"
|
||||||
|
geodb-key: [ continent/code, country/iso_code, city/names/en ]
|
||||||
|
|
||||||
|
zone:
|
||||||
|
- domain: projectsegfau.lt
|
||||||
|
notify: secondary
|
||||||
|
acl: [acl_secondary, acl_dynupdates]
|
||||||
|
module: mod-geoip/geo
|
105
knot/zones/projectsegfau.lt.zone
Normal file
105
knot/zones/projectsegfau.lt.zone
Normal file
@ -0,0 +1,105 @@
|
|||||||
|
; To be placed in /var/lib/knot/zones/projectsegfau.lt.zone
|
||||||
|
$ORIGIN projectsegfau.lt. ; 'default' domain as FQDN for this zone
|
||||||
|
$TTL 300 ; default time-to-live for this zone
|
||||||
|
|
||||||
|
projectsegfau.lt. IN SOA ns1.projectsegfau.lt. ns2.projectsegfau.lt. (
|
||||||
|
2023022702 ;Serial
|
||||||
|
14400 ;Refresh
|
||||||
|
300 ;Retry
|
||||||
|
1209600 ;Expire
|
||||||
|
300 ;Negative response caching TTL
|
||||||
|
)
|
||||||
|
|
||||||
|
; The nameserver that are authoritative for this zone.
|
||||||
|
@ IN NS ns1.projectsegfau.lt.
|
||||||
|
@ IN NS ns2.projectsegfau.lt.
|
||||||
|
ns1 A 107.189.12.96
|
||||||
|
ns2 A 143.198.131.196
|
||||||
|
|
||||||
|
; Pizza-1
|
||||||
|
pizza1 A 107.189.12.96
|
||||||
|
pizza A 107.189.12.96
|
||||||
|
*.eu A 107.189.12.96
|
||||||
|
*.bp A 107.189.12.96
|
||||||
|
pizza1 AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
pizza AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
*.eu AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
*.bp AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
*.p.projectsegfau.lt. A 107.189.12.96
|
||||||
|
p.projectsegfau.lt. A 107.189.12.96
|
||||||
|
*.p.projectsegfau.lt. AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
p.projectsegfau.lt. AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||||
|
ferrit.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||||
|
proxy.lbry.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||||
|
arya.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||||
|
gothub.dev.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||||
|
|
||||||
|
; Soleil Levant
|
||||||
|
* A 92.148.60.159
|
||||||
|
@ A 92.148.60.159
|
||||||
|
web.dev.projectsegfau.lt. A 92.148.60.159
|
||||||
|
auth.p.projectsegfau.lt. A 92.148.60.159
|
||||||
|
autoconfig.projectsegfau.lt. CNAME mail.projectsegfau.lt.
|
||||||
|
autodiscover.projectsegfau.lt. CNAME mail.projectsegfau.lt.
|
||||||
|
_xmpp-client._tcp SRV 10 0 5222 xmpp.projectsegfau.lt.
|
||||||
|
_xmpp-server._tcp SRV 10 0 5269 xmpp.projectsegfau.lt.
|
||||||
|
_xmpps-client._tcp SRV 10 0 5223 xmpp.projectsegfau.lt.
|
||||||
|
_xmpps-server._tcp SRV 10 0 5270 xmpp.projectsegfau.lt.
|
||||||
|
_of._tcp.of.projectsegfau.lt SRV 5 0 27015 of.projectsegfau.lt.
|
||||||
|
|
||||||
|
; US Node
|
||||||
|
*.us A 143.198.131.196
|
||||||
|
us A 143.198.131.196
|
||||||
|
*.us AAAA 2604:a880:4:1d0::52:7000
|
||||||
|
us AAAA 2604:a880:4:1d0::52:7000
|
||||||
|
|
||||||
|
; IN Node
|
||||||
|
in A 110.227.202.171
|
||||||
|
*.in A 110.227.202.171
|
||||||
|
|
||||||
|
; Status VPS
|
||||||
|
status A 51.91.103.130
|
||||||
|
hole A 51.91.103.130
|
||||||
|
wg A 51.91.103.130
|
||||||
|
hole AAAA 2001:41d0:404:200::5149
|
||||||
|
status AAAA 2001:41d0:404:200::5149
|
||||||
|
wg AAAA 2001:41d0:404:200::5149
|
||||||
|
|
||||||
|
; Mail Stuff
|
||||||
|
mail.projectsegfau.lt. A 92.148.60.159
|
||||||
|
feb2023._domainkey IN TXT "v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gF5p8pTKZMPe4rDdsDTedelOTeIcEYzy5Fd1b3Tv0gWTOkk7Lx+opIY0lUU9k+K+UbPJ4asUT6zrdZusXrp85g36Rh8+lZbZWr6mqE/GJjIh9kIvXRWasHZpcnws2Ex2Mc2tefJ9FtFntpoX/v0zR2Wr8wiztZrHL23VaY+7kLgPe4PC0CM4tLyuuraC0AYVjI/yCvo8XZkb7kvOfi+EpThN3B91zSGVnZXPJdtQdE/JJ2psthhRilHBwo1Rs+PsFNFvi1chHPP44z2JPS7OyALR+ycDvXz2Hj6WS8s9pcXk7NPi0sLY+h+5Ha6KoDa4sjBmmEN07U+hE+2/rE9IQIDAQAB"
|
||||||
|
dkim._domainkey.projectsegfau.lt. 600 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z7evsQCm7e0ZN+dx3ygeSHRi6NCOjVInqnrnDe2xkooUp/szLXZ1xsGQAYM+tZ8+M0WKdIm7uQq8xCEdjDCO/l/fE6b4/3u11aj44tLXBsse5gQvOH/SQpw/zwzgU07tnOjajCExnuIeZaDNw6S5iN2oGUlkvIzIw2zv5PFVa9ax4/N0TuTMKQOysFh" "JHv2lJjvA/WgqioOOqDFjlhc959lYNqMkjaEb0r2FLky1uQx2c01MzkkXuoNVG+7anrcgzPrQ9AMTBvAsqwStwX+6JpNcwh6MpCBHQmAaFC5TkECwZLopujB+LoTbZcY2ejP8EeKSa04yU/jEnPtsMdb5wIDAQAB"
|
||||||
|
@ TXT "v=spf1 ip4:107.189.12.96 ip4:92.148.60.159 include:relay.selea.se ~all"
|
||||||
|
_dmarc.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=reject; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=s; aspf=s"
|
||||||
|
_imap._tcp.projectsegfau.lt. 600 IN SRV 20 1 143 mail.projectsegfau.lt.
|
||||||
|
_pop3._tcp.projectsegfau.lt. 600 IN SRV 20 1 110 mail.projectsegfau.lt.
|
||||||
|
_submission._tcp.projectsegfau.lt. 600 IN SRV 20 1 587 mail.projectsegfau.lt.
|
||||||
|
_autodiscover._tcp.projectsegfau.lt. 600 IN SRV 10 1 443 mail.projectsegfau.lt.
|
||||||
|
_submissions._tcp.projectsegfau.lt. 600 IN SRV 10 1 465 mail.projectsegfau.lt.
|
||||||
|
_imaps._tcp.projectsegfau.lt. 600 IN SRV 10 1 993 mail.projectsegfau.lt.
|
||||||
|
_pop3s._tcp.projectsegfau.lt. 600 IN SRV 10 1 995 mail.projectsegfau.lt.
|
||||||
|
autoconfig.projectsegfau.lt. 600 IN CNAME mail.projectsegfau.lt.
|
||||||
|
_25._tcp.mail.projectsegfau.lt. 86400 IN TLSA 2 1 1 0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
|
||||||
|
projectsegfau.lt. MX 10 mail.projectsegfau.lt.
|
||||||
|
p.projectsegfau.lt. TXT "buyvm-validation=b6444ab72efafcdef664a693ce2ba26ebd03ed1c7377cd08926db831e94a3d5a"
|
||||||
|
|
||||||
|
|
||||||
|
; Simplelogin
|
||||||
|
sl A 51.91.103.130
|
||||||
|
sl AAAA 2001:41d0:404:200::5149
|
||||||
|
sl.projectsegfau.lt. MX 10 sl.projectsegfau.lt.
|
||||||
|
dkim._domainkey.sl TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC79GZdNBCBZ28EGJcnar/yY3QWlAoeQW0sEQIpibzAtYMtZZw7kBzbKNxRdnMGDOQE1hzo/gJUVv+A2tgsYswXOCjO+l0gtwcKsNuP79Tn9guGtsq5aLeoYuTbvC1SrHLLufv01oEGvT6VlOm3e3+XbGjvXKVQw4ym3H55wD7WbQIDAQAB"
|
||||||
|
_dmarc.sl.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=quarantine; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=r; aspf=r"
|
||||||
|
sl TXT "v=spf1 ip4:51.91.103.130 ~all"
|
||||||
|
|
||||||
|
; Crypto TXT
|
||||||
|
@ TXT "oa1:btc recipient_address=bc1qrc8ywgp95a6p3zausp4nff70qzstp6h8z86sxd; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||||
|
@ TXT "oa1:ltc recipient_address=ltc1qn3ald586h2ntt0n3zkvwsmju2e5vndgtvvgatj; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||||
|
@ TXT "oa1:xmr recipient_address=47L7Qsto7XcifY3CdG18ySe5Tt83kpFLDLve9jQwbc9taPBLNGv6ZrJNUKpMG9Nj9zHgCZ4FQMSyt75e8Jvx12JFLtJyFdA; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||||
|
_token._dnswl.projectsegfau.lt. IN TXT "1q5i422gbg9qqlekp8zag8scwwb7oicd"
|
||||||
|
; PTR(s)
|
||||||
|
159.60.148.92.in-addr.arpa. PTR mail.projectsegfau.lt.
|
||||||
|
171.202.227.110.in-addr.arpa. PTR in.projectsegfau.lt.
|
||||||
|
196.131.198.143.in-addr.arpa. PTR us.projectsegfau.lt.
|
||||||
|
130.103.91.51.in-addr.arpa. PTR sl.projectsegfau.lt.
|
||||||
|
96.12.189.107.in-addr.arpa. PTR pizza1.projectsegfau.lt.
|
4
tor/README.md
Normal file
4
tor/README.md
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
# Tor
|
||||||
|
Our tor configs are basically the same as the upstream dpkg.
|
||||||
|
|
||||||
|
The vanity URL pjsf....onion was made with https://github.com/cathugger/mkp224o
|
Loading…
Reference in New Issue
Block a user