add configs
This commit is contained in:
commit
0d0ab66586
77
caddy/Caddyfile
Normal file
77
caddy/Caddyfile
Normal file
@ -0,0 +1,77 @@
|
||||
(tor) {
|
||||
header {
|
||||
-Strict-Transport-Security
|
||||
-Referrer-Policy
|
||||
-X-XSS-Protection
|
||||
-Content-Security-Policy
|
||||
# disable clients from sniffing the media type
|
||||
X-Content-Type-Options nosniff
|
||||
Permissions-Policy interest-cohort=()
|
||||
# clickjacking protection
|
||||
X-Frame-Options SAMEORIGIN
|
||||
Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
|
||||
defer
|
||||
}
|
||||
}
|
||||
(torloc) {
|
||||
header Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
|
||||
}
|
||||
(i2ploc) {
|
||||
header X-I2P-Location http://{args.0}{path}
|
||||
}
|
||||
(def) {
|
||||
header {
|
||||
# disable FLoC tracking
|
||||
Permissions-Policy interest-cohort=()
|
||||
# enable HSTS
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
# disable clients from sniffing the media type
|
||||
X-Content-Type-Options nosniff
|
||||
# clickjacking protection
|
||||
X-Frame-Options SAMEORIGIN
|
||||
# keep referrer data off of HTTP connections
|
||||
Referrer-Policy no-referrer-when-downgrade
|
||||
X-XSS-Protection "1; mode=block"
|
||||
defer
|
||||
}
|
||||
}
|
||||
|
||||
:80 {
|
||||
redir https://wiki.projectsegfau.lt/index.php?title=Pizza-1
|
||||
}
|
||||
|
||||
import /etc/private.caddy
|
||||
import ./*.caddy
|
||||
|
||||
stats.eu.projectsegfau.lt {
|
||||
import auth
|
||||
reverse_proxy localhost:9100
|
||||
import def
|
||||
}
|
||||
arya.projectsegfau.lt aryak.me {
|
||||
reverse_proxy https://arya.p.projectsegfau.lt {
|
||||
header_up Host arya.p.projectsegfau.lt
|
||||
}
|
||||
}
|
||||
cdn.eu.projectsegfau.lt cdn.projectsegfau.lt {
|
||||
encode zstd gzip
|
||||
root * /var/cdn
|
||||
file_server browse
|
||||
}
|
||||
## OLD URL REDIRECTS
|
||||
invidious.mutahar.rocks {
|
||||
redir https://inv.bp.projectsegfau.lt{uri} permanent
|
||||
}
|
||||
ferrit.projectsegfau.lt snooddit.projectsegfau.lt libreddit.mutahar.rocks {
|
||||
redir https://libreddit.projectsegfau.lt{uri} permanent
|
||||
}
|
||||
lbry.mutahar.rocks {
|
||||
redir https://lbry.projectsegfau.lt{uri} permanent
|
||||
}
|
||||
nitter.mutahar.rocks {
|
||||
redir https://nitter.projectsegfau.lt{uri} permanent
|
||||
}
|
||||
#redir inv.bp.mutahar.rocks inv.bp.projectsegfau.lt permanent
|
||||
#redir libreddit.mutahar.rocks libreddit.projectsegfau.lt permanent
|
||||
#redir lbry.mutahar.rocks lbry.projectsegfau.lt permanent
|
||||
#redir nitter.mutahar.rocks nitter.projectsegfau.lt permanent
|
90
caddy/frontends.caddy
Normal file
90
caddy/frontends.caddy
Normal file
@ -0,0 +1,90 @@
|
||||
## Privacy Frontends
|
||||
inv.bp.projectsegfau.lt {
|
||||
reverse_proxy localhost:3000
|
||||
import torloc invbp
|
||||
header {
|
||||
# disable FLoC tracking
|
||||
Permissions-Policy interest-cohort=()
|
||||
|
||||
# enable HSTS
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
# disable clients from sniffing the media type
|
||||
X-Content-Type-Options nosniff
|
||||
|
||||
# keep referrer data off of HTTP connections
|
||||
Referrer-Policy no-referrer-when-downgrade
|
||||
|
||||
X-XSS-Protection "1; mode=block"
|
||||
defer
|
||||
}
|
||||
}
|
||||
|
||||
gothub.dev.projectsegfau.lt {
|
||||
reverse_proxy localhost:1025
|
||||
import def
|
||||
import torloc gothub.dev
|
||||
}
|
||||
|
||||
lbry.projectsegfau.lt lbry.g.projectsegfau.lt lbry.eu.projectsegfau.lt {
|
||||
reverse_proxy localhost:3550
|
||||
import def
|
||||
import torloc lbry
|
||||
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||
}
|
||||
|
||||
proxy.lbry.projectsegfau.lt {
|
||||
reverse_proxy localhost:3001
|
||||
import def
|
||||
}
|
||||
|
||||
gothub.projectsegfau.lt gothub.g.projectsegfau.lt gothub.eu.projectsegfau.lt {
|
||||
reverse_proxy localhost:1024
|
||||
import torloc github
|
||||
import def
|
||||
}
|
||||
|
||||
overflow.projectsegfau.lt overflow.g.projectsegfau.lt overflow.eu.projectsegfau.lt {
|
||||
reverse_proxy localhost:8694
|
||||
import torloc overflow
|
||||
import def
|
||||
}
|
||||
libreddit.projectsegfau.lt libreddit.g.projectsegfau.lt libreddit.eu.projectsegfau.lt {
|
||||
reverse_proxy localhost:6464
|
||||
import torloc libreddit
|
||||
import def
|
||||
}
|
||||
|
||||
nitter.projectsegfau.lt nitter.g.projectsegfau.lt nitter.eu.projectsegfau.lt {
|
||||
reverse_proxy localhost:8387
|
||||
import def
|
||||
import torloc nitter
|
||||
}
|
||||
|
||||
bb.g.projectsegfau.lt bb.eu.projectsegfau.lt bb.projectsegfau.lt {
|
||||
reverse_proxy localhost:3069
|
||||
import def
|
||||
import torloc beatbump
|
||||
}
|
||||
|
||||
bw.eu.projectsegfau.lt bw.g.projectsegfau.lt bw.projectsegfau.lt {
|
||||
reverse_proxy localhost:10416
|
||||
import def
|
||||
import torloc breezewiki
|
||||
}
|
||||
|
||||
scribe.eu.projectsegfau.lt scribe.g.projectsegfau.lt scribe.projectsegfau.lt {
|
||||
reverse_proxy localhost:8006
|
||||
import def
|
||||
import torloc scribe
|
||||
}
|
||||
|
||||
teddit.eu.projectsegfau.lt teddit.projectsegfau.lt teddit.g.projectsegfau.lt {
|
||||
reverse_proxy localhost:9061
|
||||
import def
|
||||
import torloc teddit
|
||||
}
|
||||
rimgo.eu.projectsegfau.lt rimgo.projectsegfau.lt rimgo.g.projectsegfau.lt {
|
||||
reverse_proxy localhost:9016
|
||||
import def
|
||||
import torloc rimgo
|
||||
}
|
82
caddy/i2p.caddy
Normal file
82
caddy/i2p.caddy
Normal file
@ -0,0 +1,82 @@
|
||||
|
||||
## I2P
|
||||
http://pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p:6001 {
|
||||
reverse_proxy https://projectsegfau.lt {
|
||||
header_up Host "projectsegfau.lt"
|
||||
}
|
||||
import tor www
|
||||
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||
}
|
||||
http://pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p:6008 {
|
||||
reverse_proxy localhost:8006
|
||||
import tor scribe
|
||||
import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
|
||||
}
|
||||
http://pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p:6005 {
|
||||
reverse_proxy localhost:8387
|
||||
import tor nitter
|
||||
import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
|
||||
}
|
||||
http://pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p:6003 {
|
||||
import tor lbry
|
||||
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||
reverse_proxy localhost:3550
|
||||
}
|
||||
http://pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p:6004 {
|
||||
import tor libreddit
|
||||
import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
|
||||
reverse_proxy localhost:6464
|
||||
}
|
||||
http://pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p:6007 { # NW
|
||||
import tor breezewiki
|
||||
import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
|
||||
reverse_proxy localhost:10416
|
||||
}
|
||||
http://pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p:6006 {
|
||||
import tor beatbump
|
||||
import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
|
||||
reverse_proxy localhost:3069
|
||||
}
|
||||
http://pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p:6016 {
|
||||
import tor invbp
|
||||
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||
reverse_proxy localhost:3000
|
||||
}
|
||||
http://pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p:6017 {
|
||||
import tor rimgo
|
||||
import i2ploc pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p
|
||||
reverse_proxy localhost:9016
|
||||
}
|
||||
http://pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p:6018 {
|
||||
import tor teddit
|
||||
import i2ploc pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p
|
||||
reverse_proxy localhost:9061
|
||||
}
|
||||
http://pjsfhqamc7k6htnumrvn4cwqqdoggeepj7u5viyimgnxg3gar72q.b32.i2p:6002 {
|
||||
import tor inv
|
||||
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||
reverse_proxy https://invidious.projectsegfau.lt {
|
||||
header_up Host "invidious.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p:6012 {
|
||||
import tor search
|
||||
import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
|
||||
reverse_proxy https://search.projectsegfau.lt {
|
||||
header_up Host "search.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p:6013 {
|
||||
import tor git
|
||||
import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
|
||||
reverse_proxy https://git.projectsegfau.lt {
|
||||
header_up Host "git.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p:6015 {
|
||||
import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
|
||||
import tor todo
|
||||
reverse_proxy https://todo.projectsegfau.lt {
|
||||
header_up Host "todo.projectsegfau.lt"
|
||||
}
|
||||
}
|
38
caddy/pubnix.caddy
Normal file
38
caddy/pubnix.caddy
Normal file
@ -0,0 +1,38 @@
|
||||
# Reverse proxy all user sites
|
||||
*.p.projectsegfau.lt {
|
||||
reverse_proxy 10.7.0.2:80
|
||||
import acmedns
|
||||
}
|
||||
|
||||
# Redirect base subdomain to the pubnix homepage
|
||||
p.projectsegfau.lt {
|
||||
redir https://projectsegfau.lt/pubnix
|
||||
}
|
||||
|
||||
# Cockpit
|
||||
cockpit.p.projectsegfau.lt {
|
||||
reverse_proxy 10.7.0.2:9090 {
|
||||
transport http {
|
||||
tls_insecure_skip_verify
|
||||
}
|
||||
}
|
||||
import def
|
||||
import torloc cockpit.p
|
||||
}
|
||||
|
||||
# PublAPI
|
||||
publapi.p.projectsegfau.lt {
|
||||
reverse_proxy 10.7.0.2:3000
|
||||
import def
|
||||
}
|
||||
grafana.p.projectsegfau.lt {
|
||||
reverse_proxy 10.7.0.2:6943 {
|
||||
header_up X-Real-IP {remote_host}
|
||||
}
|
||||
import def
|
||||
}
|
||||
geminiproxy.p.projectsegfau.lt {
|
||||
reverse_proxy 10.7.0.2:8000
|
||||
import def
|
||||
import torloc geminiproxy.p
|
||||
}
|
123
caddy/tor.caddy
Normal file
123
caddy/tor.caddy
Normal file
@ -0,0 +1,123 @@
|
||||
http://pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
reverse_proxy https://projectsegfau.lt {
|
||||
header_up Host "projectsegfau.lt"
|
||||
}
|
||||
import tor www
|
||||
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||
}
|
||||
http://www.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
reverse_proxy https://projectsegfau.lt {
|
||||
header_up Host "projectsegfau.lt"
|
||||
}
|
||||
import tor www
|
||||
import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
|
||||
}
|
||||
# Privacy Frontends
|
||||
http://scribe.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
reverse_proxy localhost:8006
|
||||
import tor scribe
|
||||
import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
|
||||
}
|
||||
http://nitter.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
reverse_proxy localhost:8387
|
||||
import tor nitter
|
||||
import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
|
||||
}
|
||||
http://lbry.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor lbry
|
||||
import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
|
||||
reverse_proxy localhost:3550
|
||||
}
|
||||
http://libreddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor libreddit
|
||||
import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
|
||||
reverse_proxy localhost:6464
|
||||
}
|
||||
http://breezewiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor breezewiki
|
||||
import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
|
||||
reverse_proxy localhost:10416
|
||||
}
|
||||
http://beatbump.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor beatbump
|
||||
import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
|
||||
reverse_proxy localhost:3069
|
||||
}
|
||||
http://invbp.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor invbp
|
||||
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||
reverse_proxy localhost:3000
|
||||
}
|
||||
http://rimgo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor rimgo
|
||||
reverse_proxy localhost:9016
|
||||
}
|
||||
http://teddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor teddit
|
||||
reverse_proxy localhost:9061
|
||||
}
|
||||
http://overflow.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor overflow
|
||||
reverse_proxy localhost:8694
|
||||
}
|
||||
http://gothub.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor gothub
|
||||
reverse_proxy localhost:1024
|
||||
}
|
||||
http://gothub.dev.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor gothub.dev
|
||||
reverse_proxy localhost:1025
|
||||
}
|
||||
http://inv.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor inv
|
||||
import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
|
||||
reverse_proxy https://invidious.projectsegfau.lt {
|
||||
header_up Host "invidious.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://search.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor search
|
||||
import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
|
||||
reverse_proxy https://search.projectsegfau.lt {
|
||||
header_up Host "search.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://git.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor git
|
||||
import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
|
||||
reverse_proxy https://git.projectsegfau.lt {
|
||||
header_up Host "git.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://todo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor todo
|
||||
import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
|
||||
reverse_proxy https://todo.projectsegfau.lt {
|
||||
header_up Host "todo.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://wiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor wiki
|
||||
reverse_proxy https://wiki.projectsegfau.lt {
|
||||
header_up Host "wiki.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://pass.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor pass
|
||||
reverse_proxy https://pass.projectsegfau.lt {
|
||||
header_up Host "pass.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
# Pubnix
|
||||
http://geminiproxy.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor geminiproxy.p
|
||||
reverse_proxy https://geminiproxy.p.projectsegfau.lt {
|
||||
header_up Host "geminiproxy.p.projectsegfau.lt"
|
||||
}
|
||||
}
|
||||
http://cockpit.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
|
||||
import tor cockpit.p
|
||||
reverse_proxy https://cockpit.p.projectsegfau.lt {
|
||||
header_up Host "cockpit.p.projectsegfau.lt"
|
||||
}
|
||||
}
|
6
cdn/cdnupdate
Executable file
6
cdn/cdnupdate
Executable file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
RSYNC_ARGS='--recursive --copy-links --copy-dirlinks --perms --xattrs --times --delete --verbose --compress --compress-choice=zstd --mkpath --cvs-exclude --human-readable --partial --progress'
|
||||
# India Node
|
||||
rsync --rsh='ssh -p6922' ${RSYNC_ARGS} /var/cdn/ cdn@in.projectsegfau.lt:/var/cdn
|
||||
# US Node
|
||||
rsync ${RSYNC_ARGS} /var/cdn/ cdn@us.projectsegfau.lt:/var/cdn
|
4
docker/README.md
Normal file
4
docker/README.md
Normal file
@ -0,0 +1,4 @@
|
||||
# Docker
|
||||
Private keys such as HMAC are not pushed for obvious reasons and are in separate envfiles
|
||||
|
||||
At the moment invidious isnt part of this but I'll include it in the future.
|
17
docker/anonymousoverflow-compose.yml
Normal file
17
docker/anonymousoverflow-compose.yml
Normal file
@ -0,0 +1,17 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
anonymousoverflow:
|
||||
build:
|
||||
context: .
|
||||
network: 'host'
|
||||
environment:
|
||||
- APP_URL=https://overflow.projectsegfau.lt
|
||||
# JWT_SIGNING_SECRET is in private.env
|
||||
env_file:
|
||||
- /opt/docker/anonymousoverflow/private.env
|
||||
ports:
|
||||
- '8694:8080'
|
||||
restart: 'always'
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=false"
|
22
docker/beatbump-compose.yml
Normal file
22
docker/beatbump-compose.yml
Normal file
@ -0,0 +1,22 @@
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
app:
|
||||
image: "snuffydev/beatbump:master"
|
||||
ports:
|
||||
- "3069:3069"
|
||||
environment:
|
||||
PORT: 3069
|
||||
VITE_DOMAIN: "bb.projectsegfau.lt"
|
||||
VITE_SITE_URL: "https://bb.projectsegfau.lt"
|
||||
VITE_DONATION_URL: "https://projectsegfau.lt/donate"
|
||||
restart: unless-stopped
|
||||
proxy:
|
||||
build:
|
||||
context: ./packages/proxy-server/deno
|
||||
dockerfile: Dockerfile
|
||||
ports:
|
||||
- "3070:3001"
|
||||
restart: unless-stopped
|
||||
labels:
|
||||
- "com.centurylinklabs.watchtower.enable=false"
|
4
docker/breezewiki/config.ini
Normal file
4
docker/breezewiki/config.ini
Normal file
@ -0,0 +1,4 @@
|
||||
canonical_origin = https://bw.projectsegfau.lt
|
||||
debug = false
|
||||
port = 10416
|
||||
feature_search_suggestions = true
|
9
docker/breezewiki/docker-compose.yml
Normal file
9
docker/breezewiki/docker-compose.yml
Normal file
@ -0,0 +1,9 @@
|
||||
services:
|
||||
breezewiki:
|
||||
container_name: breezewiki
|
||||
image: quay.io/pussthecatorg/breezewiki:latest
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "10416:10416" # Replace with "10416:10416" if you don't use a reverse proxy
|
||||
volumes:
|
||||
- "./config.ini:/app/config.ini"
|
15
docker/gothub-compose.yml
Normal file
15
docker/gothub-compose.yml
Normal file
@ -0,0 +1,15 @@
|
||||
version: "3"
|
||||
services:
|
||||
gothub:
|
||||
image: codeberg.org/gothub/gothub:latest
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "1024:3000"
|
||||
environment:
|
||||
- DOCKER=true
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
|
25
docker/gothub-dev-compose.yml
Normal file
25
docker/gothub-dev-compose.yml
Normal file
@ -0,0 +1,25 @@
|
||||
version: "3"
|
||||
services:
|
||||
gothub:
|
||||
image: codeberg.org/gothub/gothub:dev
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "1025:3000"
|
||||
environment:
|
||||
- DOCKER=true
|
||||
- GOTHUB_SETUP_COMPLETE=true
|
||||
- GOTHUB_PROXYING_ENABLED=true
|
||||
- GOTHUB_IP_LOGGED=false
|
||||
- GOTHUB_REQUEST_URL_LOGGED=false
|
||||
- GOTHUB_USER_AGENT_LOGGED=false
|
||||
- GOTHUB_DIAGNOSTIC_INFO_LOGGED=false
|
||||
- GOTHUB_INSTANCE_PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
|
||||
- GOTHUB_INSTANCE_COUNTRY=Luxembourg
|
||||
- GOTHUB_INSTANCE_PROVIDER=BuyVM
|
||||
- GOTHUB_INSTANCE_CLOUDFLARE=false
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
|
76
docker/invidious-compose.yml
Executable file
76
docker/invidious-compose.yml
Executable file
@ -0,0 +1,76 @@
|
||||
version: "2.4"
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:10
|
||||
restart: always
|
||||
networks:
|
||||
- invidious
|
||||
volumes:
|
||||
- postgresdata:/var/lib/postgresql/data
|
||||
- ./config/sql:/config/sql
|
||||
- ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
|
||||
environment:
|
||||
POSTGRES_DB: invidious
|
||||
POSTGRES_USER: kemal
|
||||
POSTGRES_PASSWORD: kemal
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
||||
invidious:
|
||||
image: quay.io/invidious/invidious:latest
|
||||
restart: always
|
||||
networks:
|
||||
- invidious
|
||||
mem_limit: 1024M
|
||||
cpus: 0.5
|
||||
ports:
|
||||
- "3000:3000"
|
||||
env_file: /opt/docker/invidious/private.env
|
||||
environment:
|
||||
HMAC_KEY_PRIVATE: ${HMAC_KEY_PRIVATE}
|
||||
INVIDIOUS_CONFIG: |
|
||||
channel_threads: 1
|
||||
check_tables: true
|
||||
feed_threads: 1
|
||||
db:
|
||||
dbname: invidious
|
||||
user: kemal
|
||||
password: kemal
|
||||
host: postgres
|
||||
port: 5432
|
||||
full_refresh: false
|
||||
https_only: true
|
||||
domain: inv.bp.projectsegfau.lt
|
||||
external_port: 443
|
||||
statistics_enabled: true
|
||||
admins: ["midou"]
|
||||
dark_mode: true
|
||||
disable_proxy: false
|
||||
banner: <a href="https://projectsegfau.lt/donate">Donate to Project Segfault</a> | <a href="https://invidious.projectsegfau.lt">FR </a> <a href="https://inv.bp.projectsegfau.lt">[LU] </a><a href="https://inv.us.projectsegfau.lt">US </a><a href="https://inv.in.projectsegfau.lt">IN</a>
|
||||
enable_user_notifications: false
|
||||
default_user_preferences:
|
||||
local: true
|
||||
extend_desc: true
|
||||
quality: dash
|
||||
quality_dash: 1080p
|
||||
# does not work atm
|
||||
hmac_key: ${HMAC_KEY_PRIVATE}
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
depends_on:
|
||||
- postgres
|
||||
autoheal:
|
||||
restart: always
|
||||
image: willfarrell/autoheal
|
||||
environment:
|
||||
- AUTOHEAL_CONTAINER_LABEL=all
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
|
||||
volumes:
|
||||
postgresdata:
|
||||
|
||||
networks:
|
||||
invidious:
|
16
docker/libreddit-compose.yml
Normal file
16
docker/libreddit-compose.yml
Normal file
@ -0,0 +1,16 @@
|
||||
services:
|
||||
libreddit:
|
||||
image: libreddit/libreddit:latest
|
||||
ports:
|
||||
- 127.0.0.1:6464:8080
|
||||
restart: unless-stopped
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
|
||||
interval: 5m
|
||||
timeout: 3s
|
||||
environment:
|
||||
- FRONT_PAGE=popular
|
||||
- COMMENT_SORT=new
|
||||
- BLUR_NSFW=on
|
||||
- USE_HLS=on
|
||||
- AUTOPLAY_VIDEOS=off
|
25
docker/nitter/docker-compose.yaml
Executable file
25
docker/nitter/docker-compose.yaml
Executable file
@ -0,0 +1,25 @@
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
|
||||
nitter:
|
||||
image: zedeus/nitter:latest
|
||||
container_name: nitter
|
||||
ports:
|
||||
- "8387:8080" # Replace with "8080:8080" if you don't use a reverse proxy
|
||||
volumes:
|
||||
- /opt/docker/nitter/nitter.conf:/src/nitter.conf:ro
|
||||
depends_on:
|
||||
- nitter-redis
|
||||
restart: unless-stopped
|
||||
|
||||
nitter-redis:
|
||||
image: redis:6-alpine
|
||||
container_name: nitter-redis
|
||||
command: redis-server --save 60 1 --loglevel warning
|
||||
volumes:
|
||||
- nitter-redis:/data
|
||||
restart: unless-stopped
|
||||
|
||||
volumes:
|
||||
nitter-redis:
|
45
docker/nitter/nitter.conf
Executable file
45
docker/nitter/nitter.conf
Executable file
@ -0,0 +1,45 @@
|
||||
[Server]
|
||||
address = "0.0.0.0"
|
||||
port = 8080
|
||||
https = true # disable to enable cookies when not using https
|
||||
httpMaxConnections = 100
|
||||
staticDir = "./public"
|
||||
title = "nitter"
|
||||
hostname = "nitter.projectsegfau.lt"
|
||||
|
||||
[Cache]
|
||||
listMinutes = 240 # how long to cache list info (not the tweets, so keep it high)
|
||||
rssMinutes = 10 # how long to cache rss queries
|
||||
redisHost = "nitter-redis" # Change to "nitter-redis" if using docker-compose
|
||||
redisPort = 6379
|
||||
redisPassword = ""
|
||||
redisConnections = 20 # connection pool size
|
||||
redisMaxConnections = 30
|
||||
# max, new connections are opened when none are available, but if the pool size
|
||||
# goes above this, they're closed when released. don't worry about this unless
|
||||
# you receive tons of requests per second
|
||||
|
||||
[Config]
|
||||
hmacKey = "xxx" # random key for cryptographic signing of video urls
|
||||
base64Media = false # use base64 encoding for proxied media urls
|
||||
enableRSS = true # set this to false to disable RSS feeds
|
||||
enableDebug = false # enable request logs and debug endpoints
|
||||
proxy = "" # http/https url, SOCKS proxies are not supported
|
||||
proxyAuth = ""
|
||||
tokenCount = 10
|
||||
# minimum amount of usable tokens. tokens are used to authorize API requests,
|
||||
# but they expire after ~1 hour, and have a limit of 187 requests.
|
||||
# the limit gets reset every 15 minutes, and the pool is filled up so there's
|
||||
# always at least $tokenCount usable tokens. again, only increase this if
|
||||
# you receive major bursts all the time
|
||||
|
||||
# Change default preferences here, see src/prefs_impl.nim for a complete list
|
||||
[Preferences]
|
||||
theme = "Nitter"
|
||||
replaceTwitter = "nitter.projectsegfau.lt"
|
||||
replaceYouTube = "invidious.projectsegfau.lt"
|
||||
replaceReddit = "libreddit.projectsegfau.lt"
|
||||
replaceInstagram = ""
|
||||
proxyVideos = true
|
||||
hlsPlayback = true
|
||||
infiniteScroll = false
|
4
docker/replace-compose
Executable file
4
docker/replace-compose
Executable file
@ -0,0 +1,4 @@
|
||||
#!/bin/bash
|
||||
mv /opt/docker/${1}/*compose.y*l /opt/docker/${1}/compose.pre-public-conf.yml
|
||||
ln -s /configs/docker/${1}-compose.yml /opt/docker/${1}/compose.yml
|
||||
cd /opt/docker/${1} && docker compose pull && docker compose down --remove-orphans && docker compose up -d --build && cd -
|
21
docker/rimgo-compose.yml
Normal file
21
docker/rimgo-compose.yml
Normal file
@ -0,0 +1,21 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
rimgo:
|
||||
image: codeberg.org/video-prize-ranch/rimgo # Official image
|
||||
#image: quay.io/pussthecatorg/rimgo # Unofficial image
|
||||
#build: . # Uncomment to build from source
|
||||
ports:
|
||||
- 9016:3000
|
||||
environment:
|
||||
- ADDRESS=0.0.0.0
|
||||
- PORT=3000
|
||||
- FIBER_PREFORK=false
|
||||
- IMGUR_CLIENT_ID=546c25a59c58ad7
|
||||
- PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
|
||||
- PRIVACY_MESSAGE=
|
||||
- PRIVACY_COUNTRY=Luxembourg
|
||||
- PRIVACY_PROVIDER=BuyVM
|
||||
- PRIVACY_CLOUDFLARE=false
|
||||
- PRIVACY_NOT_COLLECTED=true
|
||||
restart: unless-stopped
|
17
docker/scribe-compose.yml
Normal file
17
docker/scribe-compose.yml
Normal file
@ -0,0 +1,17 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
scribe:
|
||||
image: registry.gitlab.com/lomanic/scribe-binaries:latest
|
||||
restart: always
|
||||
container_name: "scribe"
|
||||
ports:
|
||||
- 8006:8006
|
||||
environment:
|
||||
- SCRIBE_PORT=8006
|
||||
- SCRIBE_HOST=0.0.0.0
|
||||
- APP_DOMAIN=scribe.projectsegfau.lt
|
||||
- LUCKY_ENV=production
|
||||
- PORT=8006
|
||||
env_file:
|
||||
- /opt/docker/scribe/scribe-private.env
|
42
docker/teddit-compose.yml
Normal file
42
docker/teddit-compose.yml
Normal file
@ -0,0 +1,42 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
|
||||
teddit:
|
||||
restart: always
|
||||
container_name: teddit
|
||||
image: teddit/teddit:latest
|
||||
environment:
|
||||
- DOMAIN=teddit.projectsegfau.lt
|
||||
- USE_HELMET=true
|
||||
- USE_HELMET_HSTS=true
|
||||
- TRUST_PROXY=true
|
||||
- REDIS_HOST=teddit-redis
|
||||
ports:
|
||||
- "9061:8080"
|
||||
networks:
|
||||
- teddit_net
|
||||
healthcheck:
|
||||
test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]
|
||||
interval: 1m
|
||||
timeout: 3s
|
||||
depends_on:
|
||||
- teddit-redis
|
||||
|
||||
teddit-redis:
|
||||
restart: always
|
||||
container_name: teddit-redis
|
||||
image: redis:6.2.5-alpine
|
||||
command: redis-server
|
||||
environment:
|
||||
- REDIS_REPLICATION_MODE=master
|
||||
networks:
|
||||
- teddit_net
|
||||
volumes:
|
||||
- teddit-redis:/data
|
||||
volumes:
|
||||
teddit-redis:
|
||||
|
||||
networks:
|
||||
teddit_net:
|
||||
|
17
docker/watchtower-compose.yml
Normal file
17
docker/watchtower-compose.yml
Normal file
@ -0,0 +1,17 @@
|
||||
version: "2"
|
||||
services:
|
||||
watchtower:
|
||||
image: containrrr/watchtower
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
- TZ=Europe/Paris
|
||||
- WATCHTOWER_CLEANUP=false
|
||||
- DOCKER_API_VERSION=1.42
|
||||
- WATCHTOWER_INCLUDE_STOPPED=false
|
||||
- WATCHTOWER_POLL_INTERVAL=3600
|
||||
- WATCHTOWER_MONITOR_ONLY=false
|
||||
# WATCHTOWER_NOTIFICATION_URL is in private.env
|
||||
env_file:
|
||||
- /opt/docker/watchtower/private.env
|
||||
restart: unless-stopped
|
30
haproxy/haproxy.cfg
Normal file
30
haproxy/haproxy.cfg
Normal file
@ -0,0 +1,30 @@
|
||||
global
|
||||
log /dev/log local0
|
||||
log /dev/log local1 notice
|
||||
chroot /var/lib/haproxy
|
||||
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
|
||||
stats timeout 30s
|
||||
user haproxy
|
||||
group haproxy
|
||||
daemon
|
||||
defaults
|
||||
log global
|
||||
mode http
|
||||
option httplog
|
||||
option dontlognull
|
||||
timeout connect 5000
|
||||
timeout client 50000
|
||||
timeout server 50000
|
||||
listen ssh
|
||||
bind :::22 v4v6
|
||||
balance roundrobin
|
||||
mode tcp
|
||||
option tcp-check
|
||||
tcp-check expect rstring SSH-2.0-OpenSSH.*
|
||||
server pubnix 10.7.0.2:22 check inter 10s fall 2 rise 1
|
||||
listen xrdp
|
||||
bind :::3389 v4v6
|
||||
balance roundrobin
|
||||
mode tcp
|
||||
option tcp-check
|
||||
server pubnix 10.7.0.2:3389 check inter 10s fall 2 rise 1
|
4
i2pd/README.md
Normal file
4
i2pd/README.md
Normal file
@ -0,0 +1,4 @@
|
||||
# I2Pd Info
|
||||
`i2pd_funcs` was borrowed from the ~vern team (https://vern.cc/admins) with some minor modifications.
|
||||
|
||||
i2pd config is the same as dpkg upstream.
|
32
i2pd/i2pd_funcs
Normal file
32
i2pd/i2pd_funcs
Normal file
@ -0,0 +1,32 @@
|
||||
#!/usr/bin/env bash
|
||||
i2pown() { chmod 640 "$1" && chown i2pd:i2pd "$1"; }
|
||||
geni2p() { /root/i2pd-tools/vain "$2" -o "$1" && i2pown "$1"; }
|
||||
vgi2p() { for i in "$@"; do geni2p "/var/lib/i2pd/pjsf.$i.dat" "pjsf"; done; }
|
||||
create_i2p() {
|
||||
if [[ -z "$4" ]]; then
|
||||
printf 'Usage: create_i2p service_name keyfile_name clearnet_domain port [type] [host] [inport]\n'
|
||||
return 1
|
||||
fi
|
||||
|
||||
[[ -f /var/lib/i2pd/pjsf.$2.dat ]] || vgi2p "$1"
|
||||
printf '[%s]\ntype = %s\nhost = %s\nport = %s\nkeys = pjsf.%s.dat\n%s' "$3" "${5:-http}" "${6:-127.0.0.1}" "$4" "$2" "${7:+inport = $7}" | tee "/etc/i2pd/tunnels.d/$1.conf"
|
||||
systemctl restart i2pd
|
||||
}
|
||||
|
||||
delete_i2p() {
|
||||
if [[ -z "$1" ]]; then
|
||||
printf 'Usage: delete_i2p service_name\n'
|
||||
return 1
|
||||
fi
|
||||
|
||||
rm -f /var/lib/i2pd/pjsf.$1.dat
|
||||
rm -f /etc/i2pd/tunnels.d/$1.conf
|
||||
systemctl restart i2pd
|
||||
}
|
||||
|
||||
i2pup() { export http_proxy="http://127.0.0.1:4444"; }
|
||||
i2pdown() { unset http_proxy; }
|
||||
|
||||
i2pb32() { /root/i2pd-tools/keyinfo ~i2pd/pjsf.$1.dat; }
|
||||
i2pb64() { /root/i2pd-tools/keyinfo -d ~i2pd/pjsf.$1.dat; }
|
||||
i2pport() { grep -R '^port = '"$1"'$' /etc/i2pd/tunnels.d/; }
|
28
knot/geodnstemplate
Normal file
28
knot/geodnstemplate
Normal file
@ -0,0 +1,28 @@
|
||||
REPLACEME:
|
||||
- geo: "*;*;*"
|
||||
A: 107.189.12.96
|
||||
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
TXT: "Worldwide-BuyVM-Lux"
|
||||
- geo: "EU;*;*"
|
||||
A: 107.189.12.96
|
||||
TXT: "Europe-BuyVM-Lux"
|
||||
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
- geo: "AF;*;*"
|
||||
A: 107.189.12.96
|
||||
AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
TXT: "Africa-BuyVM-Lux"
|
||||
- geo: "NA;*;*"
|
||||
A: 143.198.131.196
|
||||
AAAA: 2604:a880:4:1d0::52:7000
|
||||
TXT: "NorthAmerica-DigitalOcean-SanFrancisco"
|
||||
- geo: "SA;*;*"
|
||||
A: 143.198.131.196
|
||||
AAAA: 2604:a880:4:1d0::52:7000
|
||||
TXT: "SouthAmerica-DigitalOcean-SanFrancisco"
|
||||
- geo: "OC;*;*"
|
||||
A: 143.198.131.196
|
||||
AAAA: 2604:a880:4:1d0::52:7000
|
||||
TXT: "Oceania-DigitalOcean-SanFrancisco"
|
||||
- geo: "AS;*;*"
|
||||
A: 110.227.202.171
|
||||
TXT: "Asia-Airtel-Ind"
|
11
knot/geodnsupdate
Executable file
11
knot/geodnsupdate
Executable file
@ -0,0 +1,11 @@
|
||||
#!/usr/bin/env bash
|
||||
geoconf=/etc/knot/geo.conf
|
||||
remote='7S23i@us.projectsegfau.lt'
|
||||
printf '' > $geoconf
|
||||
for i in $(</var/geodnsdomains); do
|
||||
cat /etc/knot/geodnstemplate >> $geoconf
|
||||
sed -i "s/REPLACEME/${i}/" $geoconf
|
||||
done
|
||||
scp $geoconf "${remote}":/var/geo.conf
|
||||
ssh $remote "sudo systemctl restart knot"
|
||||
systemctl restart knot
|
52
knot/knot.conf
Normal file
52
knot/knot.conf
Normal file
@ -0,0 +1,52 @@
|
||||
server:
|
||||
rundir: "/run/knot"
|
||||
user: knot:knot
|
||||
listen: 107.189.12.96@53
|
||||
|
||||
log:
|
||||
- target: syslog
|
||||
any: info
|
||||
|
||||
database:
|
||||
storage: "/var/lib/knot"
|
||||
|
||||
# See aryak.me/blog/knot for setup instructions.
|
||||
include: /etc/knot/secrets.conf
|
||||
|
||||
remote:
|
||||
- id: secondary
|
||||
address: 143.198.131.196@53
|
||||
key: us-node
|
||||
|
||||
acl:
|
||||
- id: acl_secondary
|
||||
address: 143.198.131.196
|
||||
key: us-node
|
||||
action: transfer
|
||||
- id: acl_dynupdates
|
||||
address: [143.198.131.196, 92.148.60.159, 51.91.103.130, 110.227.202.171, 107.189.12.96]
|
||||
action: update
|
||||
key: dynupd
|
||||
|
||||
template:
|
||||
- id: default
|
||||
storage: "/etc/knot/zones"
|
||||
file: "%s.zone"
|
||||
dnssec-signing: on
|
||||
semantic-checks: on
|
||||
zonefile-sync: -1
|
||||
zonefile-load: difference-no-serial
|
||||
journal-content: all
|
||||
|
||||
mod-geoip:
|
||||
- id: geo
|
||||
config-file: "/etc/knot/geo.conf"
|
||||
mode: geodb
|
||||
geodb-file: "/var/lib/knot/GeoLite2-City.mmdb"
|
||||
geodb-key: [ continent/code, country/iso_code, city/names/en ]
|
||||
|
||||
zone:
|
||||
- domain: projectsegfau.lt
|
||||
notify: secondary
|
||||
acl: [acl_secondary, acl_dynupdates]
|
||||
module: mod-geoip/geo
|
105
knot/zones/projectsegfau.lt.zone
Normal file
105
knot/zones/projectsegfau.lt.zone
Normal file
@ -0,0 +1,105 @@
|
||||
; To be placed in /var/lib/knot/zones/projectsegfau.lt.zone
|
||||
$ORIGIN projectsegfau.lt. ; 'default' domain as FQDN for this zone
|
||||
$TTL 300 ; default time-to-live for this zone
|
||||
|
||||
projectsegfau.lt. IN SOA ns1.projectsegfau.lt. ns2.projectsegfau.lt. (
|
||||
2023022702 ;Serial
|
||||
14400 ;Refresh
|
||||
300 ;Retry
|
||||
1209600 ;Expire
|
||||
300 ;Negative response caching TTL
|
||||
)
|
||||
|
||||
; The nameserver that are authoritative for this zone.
|
||||
@ IN NS ns1.projectsegfau.lt.
|
||||
@ IN NS ns2.projectsegfau.lt.
|
||||
ns1 A 107.189.12.96
|
||||
ns2 A 143.198.131.196
|
||||
|
||||
; Pizza-1
|
||||
pizza1 A 107.189.12.96
|
||||
pizza A 107.189.12.96
|
||||
*.eu A 107.189.12.96
|
||||
*.bp A 107.189.12.96
|
||||
pizza1 AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
pizza AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
*.eu AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
*.bp AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
*.p.projectsegfau.lt. A 107.189.12.96
|
||||
p.projectsegfau.lt. A 107.189.12.96
|
||||
*.p.projectsegfau.lt. AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
p.projectsegfau.lt. AAAA 2605:6400:30:f79f:9e20:f366:f052:5a25
|
||||
ferrit.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||
proxy.lbry.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||
arya.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||
gothub.dev.projectsegfau.lt. CNAME pizza.projectsegfau.lt.
|
||||
|
||||
; Soleil Levant
|
||||
* A 92.148.60.159
|
||||
@ A 92.148.60.159
|
||||
web.dev.projectsegfau.lt. A 92.148.60.159
|
||||
auth.p.projectsegfau.lt. A 92.148.60.159
|
||||
autoconfig.projectsegfau.lt. CNAME mail.projectsegfau.lt.
|
||||
autodiscover.projectsegfau.lt. CNAME mail.projectsegfau.lt.
|
||||
_xmpp-client._tcp SRV 10 0 5222 xmpp.projectsegfau.lt.
|
||||
_xmpp-server._tcp SRV 10 0 5269 xmpp.projectsegfau.lt.
|
||||
_xmpps-client._tcp SRV 10 0 5223 xmpp.projectsegfau.lt.
|
||||
_xmpps-server._tcp SRV 10 0 5270 xmpp.projectsegfau.lt.
|
||||
_of._tcp.of.projectsegfau.lt SRV 5 0 27015 of.projectsegfau.lt.
|
||||
|
||||
; US Node
|
||||
*.us A 143.198.131.196
|
||||
us A 143.198.131.196
|
||||
*.us AAAA 2604:a880:4:1d0::52:7000
|
||||
us AAAA 2604:a880:4:1d0::52:7000
|
||||
|
||||
; IN Node
|
||||
in A 110.227.202.171
|
||||
*.in A 110.227.202.171
|
||||
|
||||
; Status VPS
|
||||
status A 51.91.103.130
|
||||
hole A 51.91.103.130
|
||||
wg A 51.91.103.130
|
||||
hole AAAA 2001:41d0:404:200::5149
|
||||
status AAAA 2001:41d0:404:200::5149
|
||||
wg AAAA 2001:41d0:404:200::5149
|
||||
|
||||
; Mail Stuff
|
||||
mail.projectsegfau.lt. A 92.148.60.159
|
||||
feb2023._domainkey IN TXT "v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gF5p8pTKZMPe4rDdsDTedelOTeIcEYzy5Fd1b3Tv0gWTOkk7Lx+opIY0lUU9k+K+UbPJ4asUT6zrdZusXrp85g36Rh8+lZbZWr6mqE/GJjIh9kIvXRWasHZpcnws2Ex2Mc2tefJ9FtFntpoX/v0zR2Wr8wiztZrHL23VaY+7kLgPe4PC0CM4tLyuuraC0AYVjI/yCvo8XZkb7kvOfi+EpThN3B91zSGVnZXPJdtQdE/JJ2psthhRilHBwo1Rs+PsFNFvi1chHPP44z2JPS7OyALR+ycDvXz2Hj6WS8s9pcXk7NPi0sLY+h+5Ha6KoDa4sjBmmEN07U+hE+2/rE9IQIDAQAB"
|
||||
dkim._domainkey.projectsegfau.lt. 600 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z7evsQCm7e0ZN+dx3ygeSHRi6NCOjVInqnrnDe2xkooUp/szLXZ1xsGQAYM+tZ8+M0WKdIm7uQq8xCEdjDCO/l/fE6b4/3u11aj44tLXBsse5gQvOH/SQpw/zwzgU07tnOjajCExnuIeZaDNw6S5iN2oGUlkvIzIw2zv5PFVa9ax4/N0TuTMKQOysFh" "JHv2lJjvA/WgqioOOqDFjlhc959lYNqMkjaEb0r2FLky1uQx2c01MzkkXuoNVG+7anrcgzPrQ9AMTBvAsqwStwX+6JpNcwh6MpCBHQmAaFC5TkECwZLopujB+LoTbZcY2ejP8EeKSa04yU/jEnPtsMdb5wIDAQAB"
|
||||
@ TXT "v=spf1 ip4:107.189.12.96 ip4:92.148.60.159 include:relay.selea.se ~all"
|
||||
_dmarc.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=reject; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=s; aspf=s"
|
||||
_imap._tcp.projectsegfau.lt. 600 IN SRV 20 1 143 mail.projectsegfau.lt.
|
||||
_pop3._tcp.projectsegfau.lt. 600 IN SRV 20 1 110 mail.projectsegfau.lt.
|
||||
_submission._tcp.projectsegfau.lt. 600 IN SRV 20 1 587 mail.projectsegfau.lt.
|
||||
_autodiscover._tcp.projectsegfau.lt. 600 IN SRV 10 1 443 mail.projectsegfau.lt.
|
||||
_submissions._tcp.projectsegfau.lt. 600 IN SRV 10 1 465 mail.projectsegfau.lt.
|
||||
_imaps._tcp.projectsegfau.lt. 600 IN SRV 10 1 993 mail.projectsegfau.lt.
|
||||
_pop3s._tcp.projectsegfau.lt. 600 IN SRV 10 1 995 mail.projectsegfau.lt.
|
||||
autoconfig.projectsegfau.lt. 600 IN CNAME mail.projectsegfau.lt.
|
||||
_25._tcp.mail.projectsegfau.lt. 86400 IN TLSA 2 1 1 0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
|
||||
projectsegfau.lt. MX 10 mail.projectsegfau.lt.
|
||||
p.projectsegfau.lt. TXT "buyvm-validation=b6444ab72efafcdef664a693ce2ba26ebd03ed1c7377cd08926db831e94a3d5a"
|
||||
|
||||
|
||||
; Simplelogin
|
||||
sl A 51.91.103.130
|
||||
sl AAAA 2001:41d0:404:200::5149
|
||||
sl.projectsegfau.lt. MX 10 sl.projectsegfau.lt.
|
||||
dkim._domainkey.sl TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC79GZdNBCBZ28EGJcnar/yY3QWlAoeQW0sEQIpibzAtYMtZZw7kBzbKNxRdnMGDOQE1hzo/gJUVv+A2tgsYswXOCjO+l0gtwcKsNuP79Tn9guGtsq5aLeoYuTbvC1SrHLLufv01oEGvT6VlOm3e3+XbGjvXKVQw4ym3H55wD7WbQIDAQAB"
|
||||
_dmarc.sl.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=quarantine; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=r; aspf=r"
|
||||
sl TXT "v=spf1 ip4:51.91.103.130 ~all"
|
||||
|
||||
; Crypto TXT
|
||||
@ TXT "oa1:btc recipient_address=bc1qrc8ywgp95a6p3zausp4nff70qzstp6h8z86sxd; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||
@ TXT "oa1:ltc recipient_address=ltc1qn3ald586h2ntt0n3zkvwsmju2e5vndgtvvgatj; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||
@ TXT "oa1:xmr recipient_address=47L7Qsto7XcifY3CdG18ySe5Tt83kpFLDLve9jQwbc9taPBLNGv6ZrJNUKpMG9Nj9zHgCZ4FQMSyt75e8Jvx12JFLtJyFdA; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
|
||||
_token._dnswl.projectsegfau.lt. IN TXT "1q5i422gbg9qqlekp8zag8scwwb7oicd"
|
||||
; PTR(s)
|
||||
159.60.148.92.in-addr.arpa. PTR mail.projectsegfau.lt.
|
||||
171.202.227.110.in-addr.arpa. PTR in.projectsegfau.lt.
|
||||
196.131.198.143.in-addr.arpa. PTR us.projectsegfau.lt.
|
||||
130.103.91.51.in-addr.arpa. PTR sl.projectsegfau.lt.
|
||||
96.12.189.107.in-addr.arpa. PTR pizza1.projectsegfau.lt.
|
4
tor/README.md
Normal file
4
tor/README.md
Normal file
@ -0,0 +1,4 @@
|
||||
# Tor
|
||||
Our tor configs are basically the same as the upstream dpkg.
|
||||
|
||||
The vanity URL pjsf....onion was made with https://github.com/cathugger/mkp224o
|
Loading…
Reference in New Issue
Block a user