add configs

caddy/Caddyfile

@@ -0,0 +1,77 @@
+(tor) {
+	header {
+		-Strict-Transport-Security
+		-Referrer-Policy
+		-X-XSS-Protection
+		-Content-Security-Policy
+		# disable clients from sniffing the media type
+		X-Content-Type-Options nosniff
+		Permissions-Policy interest-cohort=()
+		# clickjacking protection
+		X-Frame-Options SAMEORIGIN
+		Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
+		defer
+	}
+}
+(torloc) {
+	header Onion-Location http://{args.0}.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion{path}
+}
+(i2ploc) {
+	header X-I2P-Location http://{args.0}{path}
+}
+(def) {
+	header {
+		# disable FLoC tracking
+		Permissions-Policy interest-cohort=()
+		# enable HSTS
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		# disable clients from sniffing the media type
+		X-Content-Type-Options nosniff
+		# clickjacking protection
+		X-Frame-Options SAMEORIGIN
+		# keep referrer data off of HTTP connections
+		Referrer-Policy no-referrer-when-downgrade
+		X-XSS-Protection "1; mode=block"
+		defer
+	}
+}
+
+:80 {
+	redir https://wiki.projectsegfau.lt/index.php?title=Pizza-1
+}
+
+import /etc/private.caddy
+import ./*.caddy
+
+stats.eu.projectsegfau.lt {
+	import auth
+	reverse_proxy localhost:9100
+	import def
+}
+arya.projectsegfau.lt aryak.me {
+	reverse_proxy https://arya.p.projectsegfau.lt {
+		header_up Host arya.p.projectsegfau.lt
+	}
+}
+cdn.eu.projectsegfau.lt cdn.projectsegfau.lt {
+	encode zstd gzip
+	root * /var/cdn
+	file_server browse
+}
+## OLD URL REDIRECTS
+invidious.mutahar.rocks {
+	redir https://inv.bp.projectsegfau.lt{uri} permanent
+}
+ferrit.projectsegfau.lt snooddit.projectsegfau.lt libreddit.mutahar.rocks {
+	redir https://libreddit.projectsegfau.lt{uri} permanent
+}
+lbry.mutahar.rocks {
+	redir https://lbry.projectsegfau.lt{uri} permanent
+}
+nitter.mutahar.rocks {
+	redir https://nitter.projectsegfau.lt{uri} permanent
+}
+#redir inv.bp.mutahar.rocks inv.bp.projectsegfau.lt permanent
+#redir libreddit.mutahar.rocks libreddit.projectsegfau.lt permanent
+#redir lbry.mutahar.rocks lbry.projectsegfau.lt permanent
+#redir nitter.mutahar.rocks nitter.projectsegfau.lt permanent

caddy/frontends.caddy

@@ -0,0 +1,90 @@
+## Privacy Frontends
+inv.bp.projectsegfau.lt {
+	reverse_proxy localhost:3000
+	import torloc invbp
+	header {
+		# disable FLoC tracking
+		Permissions-Policy interest-cohort=()
+
+		# enable HSTS
+		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+		# disable clients from sniffing the media type
+		X-Content-Type-Options nosniff
+
+		# keep referrer data off of HTTP connections
+		Referrer-Policy no-referrer-when-downgrade
+
+		X-XSS-Protection "1; mode=block"
+		defer
+	}
+}
+
+gothub.dev.projectsegfau.lt {
+	reverse_proxy localhost:1025
+	import def
+	import torloc gothub.dev
+}
+
+lbry.projectsegfau.lt lbry.g.projectsegfau.lt lbry.eu.projectsegfau.lt {
+	reverse_proxy localhost:3550
+	import def
+	import torloc lbry
+	import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
+}
+
+proxy.lbry.projectsegfau.lt {
+	reverse_proxy localhost:3001
+	import def
+}
+
+gothub.projectsegfau.lt gothub.g.projectsegfau.lt gothub.eu.projectsegfau.lt {
+	reverse_proxy localhost:1024
+	import torloc github
+	import def
+}
+
+overflow.projectsegfau.lt overflow.g.projectsegfau.lt overflow.eu.projectsegfau.lt {
+	reverse_proxy localhost:8694
+	import torloc overflow
+	import def
+}
+libreddit.projectsegfau.lt libreddit.g.projectsegfau.lt libreddit.eu.projectsegfau.lt {
+	reverse_proxy localhost:6464
+	import torloc libreddit
+	import def
+}
+
+nitter.projectsegfau.lt nitter.g.projectsegfau.lt nitter.eu.projectsegfau.lt {
+	reverse_proxy localhost:8387
+	import def
+	import torloc nitter
+}
+
+bb.g.projectsegfau.lt bb.eu.projectsegfau.lt bb.projectsegfau.lt {
+	reverse_proxy localhost:3069
+	import def
+	import torloc beatbump
+}
+
+bw.eu.projectsegfau.lt bw.g.projectsegfau.lt bw.projectsegfau.lt {
+	reverse_proxy localhost:10416
+	import def
+	import torloc breezewiki
+}
+
+scribe.eu.projectsegfau.lt scribe.g.projectsegfau.lt scribe.projectsegfau.lt {
+	reverse_proxy localhost:8006
+	import def
+	import torloc scribe
+}
+
+teddit.eu.projectsegfau.lt teddit.projectsegfau.lt teddit.g.projectsegfau.lt {
+	reverse_proxy localhost:9061
+	import def
+	import torloc teddit
+}
+rimgo.eu.projectsegfau.lt rimgo.projectsegfau.lt rimgo.g.projectsegfau.lt {
+	reverse_proxy localhost:9016
+	import def
+	import torloc rimgo
+}

caddy/i2p.caddy

@@ -0,0 +1,82 @@
+
+## I2P
+http://pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p:6001 {
+	reverse_proxy https://projectsegfau.lt {
+		header_up Host "projectsegfau.lt"
+	}
+	import tor www
+	import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
+}
+http://pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p:6008 {
+	reverse_proxy localhost:8006
+	import tor scribe
+	import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
+}
+http://pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p:6005 {
+	reverse_proxy localhost:8387
+	import tor nitter
+	import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
+}
+http://pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p:6003 {
+	import tor lbry
+	import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
+	reverse_proxy localhost:3550
+}
+http://pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p:6004 {
+	import tor libreddit
+	import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
+	reverse_proxy localhost:6464
+}
+http://pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p:6007 { # NW
+	import tor breezewiki
+	import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
+	reverse_proxy localhost:10416
+}
+http://pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p:6006 {
+	import tor beatbump
+	import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
+	reverse_proxy localhost:3069
+}
+http://pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p:6016 {
+	import tor invbp
+	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
+	reverse_proxy localhost:3000
+}
+http://pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p:6017 {
+	import tor rimgo
+	import i2ploc pjsf5ahv7ce67i5ic46ghum3scwatrsyac5i6aa5bynvnnlmpzfa.b32.i2p
+	reverse_proxy localhost:9016
+}
+http://pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p:6018 {
+	import tor teddit
+	import i2ploc pjsfa3dd7rxocfqanxenpop2uqfgpw4nevrmy424u5qwyasqdu6a.b32.i2p
+	reverse_proxy localhost:9061
+}
+http://pjsfhqamc7k6htnumrvn4cwqqdoggeepj7u5viyimgnxg3gar72q.b32.i2p:6002 {
+	import tor inv
+	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
+	reverse_proxy https://invidious.projectsegfau.lt {
+		header_up Host "invidious.projectsegfau.lt"
+	}
+}
+http://pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p:6012 {
+	import tor search
+	import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
+	reverse_proxy https://search.projectsegfau.lt {
+		header_up Host "search.projectsegfau.lt"
+	}
+}
+http://pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p:6013 {
+	import tor git
+	import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
+	reverse_proxy https://git.projectsegfau.lt {
+		header_up Host "git.projectsegfau.lt"
+	}
+}
+http://pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p:6015 {
+	import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
+	import tor todo
+	reverse_proxy https://todo.projectsegfau.lt {
+		header_up Host "todo.projectsegfau.lt"
+	}
+}

caddy/pubnix.caddy

@@ -0,0 +1,38 @@
+# Reverse proxy all user sites
+*.p.projectsegfau.lt {
+	reverse_proxy 10.7.0.2:80
+	import acmedns
+}
+
+# Redirect base subdomain to the pubnix homepage
+p.projectsegfau.lt {
+	redir https://projectsegfau.lt/pubnix
+}
+
+# Cockpit
+cockpit.p.projectsegfau.lt {
+	reverse_proxy 10.7.0.2:9090 {
+		transport http {
+			tls_insecure_skip_verify
+		}
+	}
+	import def
+	import torloc cockpit.p
+}
+
+# PublAPI
+publapi.p.projectsegfau.lt {
+	reverse_proxy 10.7.0.2:3000
+	import def
+}
+grafana.p.projectsegfau.lt {
+	reverse_proxy 10.7.0.2:6943 {
+		header_up X-Real-IP {remote_host}
+	}
+	import def
+}
+geminiproxy.p.projectsegfau.lt {
+	reverse_proxy 10.7.0.2:8000
+	import def
+	import torloc geminiproxy.p
+}

caddy/tor.caddy

@@ -0,0 +1,123 @@
+http://pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy https://projectsegfau.lt {
+		header_up Host "projectsegfau.lt"
+	}
+	import tor www
+	import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
+}
+http://www.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy https://projectsegfau.lt {
+		header_up Host "projectsegfau.lt"
+	}
+	import tor www
+	import i2ploc pjsfg3pdzzocax6a4oznoyf5k4etzknfatqu23i43wxejwdaffoa.b32.i2p
+}
+# Privacy Frontends
+http://scribe.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy localhost:8006
+	import tor scribe
+	import i2ploc pjsflkkkcn33ahmzmpyq6idy2knkzh4atp7zaetqfsnenpyori6a.b32.i2p
+}
+http://nitter.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	reverse_proxy localhost:8387
+	import tor nitter
+	import i2ploc pjsfs4ukb6prmfx3qx3a5ef2cpcupkvcrxdh72kqn2rxc2cw4nka.b32.i2p
+}
+http://lbry.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor lbry
+	import i2ploc pjsf7uucpqf2crcmfo3nvwdmjhirxxjfyuvibdfp5x3af2ghqnaa.b32.i2p
+	reverse_proxy localhost:3550
+}
+http://libreddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor libreddit
+	import i2ploc pjsfkref7g66mji45kyccqnn5hmjtjp3cfodozabpyplj2rmv5sa.b32.i2p
+	reverse_proxy localhost:6464
+}
+http://breezewiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor breezewiki
+	import i2ploc pjsfk4xvekoc7wx4pteevp3q2wy7jmzlem7rvl74nx33zkdr4vyq.b32.i2p
+	reverse_proxy localhost:10416
+}
+http://beatbump.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor beatbump
+	import i2ploc pjsflmvtqax7ii44qy4ladap65c3kqspbs7h7krqy7x43uovklla.b32.i2p
+	reverse_proxy localhost:3069
+}
+http://invbp.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor invbp
+	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
+	reverse_proxy localhost:3000
+}
+http://rimgo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor rimgo
+	reverse_proxy localhost:9016
+}
+http://teddit.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor teddit
+	reverse_proxy localhost:9061
+}
+http://overflow.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor overflow
+	reverse_proxy localhost:8694
+}
+http://gothub.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor gothub
+	reverse_proxy localhost:1024
+}
+http://gothub.dev.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor gothub.dev
+	reverse_proxy localhost:1025
+}
+http://inv.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor inv
+	import i2ploc pjsfi2szfkb4guqzmfmlyq4no46fayertjrwt4h2uughccrh2lvq.b32.i2p
+	reverse_proxy https://invidious.projectsegfau.lt {
+		header_up Host "invidious.projectsegfau.lt"
+	}
+}
+http://search.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor search
+	import i2ploc pjsfwklrellqoj275kzeu2tz4c3j5zktnqod56s7l5dc25ro3wgq.b32.i2p
+	reverse_proxy https://search.projectsegfau.lt {
+		header_up Host "search.projectsegfau.lt"
+	}
+}
+http://git.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor git
+	import i2ploc pjsfdrtv2465bisenvzhfvdleznx4arlih2hlnrhpzugailnm7iq.b32.i2p
+	reverse_proxy https://git.projectsegfau.lt {
+		header_up Host "git.projectsegfau.lt"
+	}
+}
+http://todo.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor todo
+	import i2ploc pjsfivs2sxudfy65kojxqophc6vqjqdr6woczy6hzaxvxvbj3bkq.b32.i2p
+	reverse_proxy https://todo.projectsegfau.lt {
+		header_up Host "todo.projectsegfau.lt"
+	}
+}
+http://wiki.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor wiki
+	reverse_proxy https://wiki.projectsegfau.lt {
+		header_up Host "wiki.projectsegfau.lt"
+	}
+}
+http://pass.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor pass
+	reverse_proxy https://pass.projectsegfau.lt {
+		header_up Host "pass.projectsegfau.lt"
+	}
+}
+# Pubnix
+http://geminiproxy.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor geminiproxy.p
+	reverse_proxy https://geminiproxy.p.projectsegfau.lt {
+		header_up Host "geminiproxy.p.projectsegfau.lt"
+	}
+}
+http://cockpit.p.pjsfkvpxlinjamtawaksbnnaqs2fc2mtvmozrzckxh7f3kis6yea25ad.onion {
+	import tor cockpit.p
+	reverse_proxy https://cockpit.p.projectsegfau.lt {
+		header_up Host "cockpit.p.projectsegfau.lt"
+	}
+}

cdn/cdnupdate

@@ -0,0 +1,6 @@
+#!/bin/bash
+RSYNC_ARGS='--recursive --copy-links --copy-dirlinks --perms --xattrs --times --delete --verbose --compress --compress-choice=zstd --mkpath --cvs-exclude --human-readable --partial --progress'
+# India Node
+rsync --rsh='ssh -p6922' ${RSYNC_ARGS} /var/cdn/ cdn@in.projectsegfau.lt:/var/cdn
+# US Node
+rsync ${RSYNC_ARGS} /var/cdn/ cdn@us.projectsegfau.lt:/var/cdn

docker/README.md

@@ -0,0 +1,4 @@
+# Docker
+Private keys such as HMAC are not pushed for obvious reasons and are in separate envfiles
+
+At the moment invidious isnt part of this but I'll include it in the future.

docker/anonymousoverflow-compose.yml

@@ -0,0 +1,17 @@
+version: '3'
+
+services:
+  anonymousoverflow:
+    build:
+      context: .
+      network: 'host'
+    environment:
+      - APP_URL=https://overflow.projectsegfau.lt
+        # JWT_SIGNING_SECRET is in private.env
+    env_file:
+      - /opt/docker/anonymousoverflow/private.env
+    ports:
+      - '8694:8080'
+    restart: 'always'
+    labels:
+      - "com.centurylinklabs.watchtower.enable=false"

docker/beatbump-compose.yml

@@ -0,0 +1,22 @@
+version: "3"
+
+services:
+  app:
+    image: "snuffydev/beatbump:master"
+    ports:
+      - "3069:3069"
+    environment:
+      PORT: 3069
+      VITE_DOMAIN: "bb.projectsegfau.lt"
+      VITE_SITE_URL: "https://bb.projectsegfau.lt"
+      VITE_DONATION_URL: "https://projectsegfau.lt/donate"
+    restart: unless-stopped
+  proxy:
+    build:
+      context: ./packages/proxy-server/deno
+      dockerfile: Dockerfile
+    ports:
+      - "3070:3001"
+    restart: unless-stopped
+    labels:
+      - "com.centurylinklabs.watchtower.enable=false"

docker/breezewiki/config.ini

@@ -0,0 +1,4 @@
+canonical_origin = https://bw.projectsegfau.lt
+debug = false
+port = 10416
+feature_search_suggestions = true

docker/breezewiki/docker-compose.yml

@@ -0,0 +1,9 @@
+services:
+  breezewiki:
+    container_name: breezewiki
+    image: quay.io/pussthecatorg/breezewiki:latest
+    restart: unless-stopped
+    ports:
+      - "10416:10416" # Replace with "10416:10416" if you don't use a reverse proxy
+    volumes:
+      - "./config.ini:/app/config.ini"

docker/gothub-compose.yml

@@ -0,0 +1,15 @@
+version: "3"
+services:
+  gothub:
+    image: codeberg.org/gothub/gothub:latest
+    restart: unless-stopped
+    ports:
+      - "1024:3000"
+    environment:
+      - DOCKER=true
+    healthcheck:
+      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
+      interval: 30s
+      timeout: 5s
+      retries: 2
+

docker/gothub-dev-compose.yml

@@ -0,0 +1,25 @@
+version: "3"
+services:
+  gothub:
+    image: codeberg.org/gothub/gothub:dev
+    restart: unless-stopped
+    ports:
+      - "1025:3000"
+    environment:
+      - DOCKER=true
+      - GOTHUB_SETUP_COMPLETE=true
+      - GOTHUB_PROXYING_ENABLED=true
+      - GOTHUB_IP_LOGGED=false
+      - GOTHUB_REQUEST_URL_LOGGED=false
+      - GOTHUB_USER_AGENT_LOGGED=false
+      - GOTHUB_DIAGNOSTIC_INFO_LOGGED=false
+      - GOTHUB_INSTANCE_PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
+      - GOTHUB_INSTANCE_COUNTRY=Luxembourg
+      - GOTHUB_INSTANCE_PROVIDER=BuyVM
+      - GOTHUB_INSTANCE_CLOUDFLARE=false
+    healthcheck:
+      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/version || exit 1
+      interval: 30s
+      timeout: 5s
+      retries: 2
+

docker/invidious-compose.yml

@@ -0,0 +1,76 @@
+version: "2.4"
+services:
+  postgres:
+    image: postgres:10
+    restart: always
+    networks:
+      - invidious
+    volumes:
+      - postgresdata:/var/lib/postgresql/data
+      - ./config/sql:/config/sql
+      - ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
+    environment:
+      POSTGRES_DB: invidious
+      POSTGRES_USER: kemal
+      POSTGRES_PASSWORD: kemal
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
+  invidious:
+    image: quay.io/invidious/invidious:latest
+    restart: always
+    networks:
+      - invidious
+    mem_limit: 1024M
+    cpus: 0.5
+    ports:
+      - "3000:3000"
+    env_file: /opt/docker/invidious/private.env
+    environment:
+      HMAC_KEY_PRIVATE: ${HMAC_KEY_PRIVATE}
+      INVIDIOUS_CONFIG: |
+        channel_threads: 1
+        check_tables: true
+        feed_threads: 1
+        db:
+          dbname: invidious
+          user: kemal
+          password: kemal
+          host: postgres
+          port: 5432
+        full_refresh: false
+        https_only: true
+        domain: inv.bp.projectsegfau.lt
+        external_port: 443
+        statistics_enabled: true
+        admins: ["midou"]
+        dark_mode: true
+        disable_proxy: false
+        banner: <a href="https://projectsegfau.lt/donate">Donate to Project Segfault</a> | <a href="https://invidious.projectsegfau.lt">FR </a> <a href="https://inv.bp.projectsegfau.lt">[LU] </a><a href="https://inv.us.projectsegfau.lt">US </a><a href="https://inv.in.projectsegfau.lt">IN</a>
+        enable_user_notifications: false
+        default_user_preferences:
+          local: true
+          extend_desc: true
+          quality: dash
+          quality_dash: 1080p
+        # does not work atm
+        hmac_key: ${HMAC_KEY_PRIVATE}
+    healthcheck:
+      test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
+      interval: 30s
+      timeout: 5s
+      retries: 2
+    depends_on:
+      - postgres
+  autoheal:
+    restart: always
+    image: willfarrell/autoheal
+    environment:
+      - AUTOHEAL_CONTAINER_LABEL=all
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+volumes:
+  postgresdata:
+
+networks:
+  invidious:

docker/libreddit-compose.yml

@@ -0,0 +1,16 @@
+services:
+  libreddit:
+    image: libreddit/libreddit:latest
+    ports:
+      - 127.0.0.1:6464:8080
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+    environment:
+      - FRONT_PAGE=popular
+      - COMMENT_SORT=new
+      - BLUR_NSFW=on
+      - USE_HLS=on
+      - AUTOPLAY_VIDEOS=off

docker/nitter/docker-compose.yaml

@@ -0,0 +1,25 @@
+version: "3"
+
+services:
+
+  nitter:
+    image: zedeus/nitter:latest
+    container_name: nitter
+    ports:
+      - "8387:8080" # Replace with "8080:8080" if you don't use a reverse proxy
+    volumes:
+      - /opt/docker/nitter/nitter.conf:/src/nitter.conf:ro
+    depends_on:
+      - nitter-redis
+    restart: unless-stopped
+
+  nitter-redis:
+    image: redis:6-alpine
+    container_name: nitter-redis
+    command: redis-server --save 60 1 --loglevel warning
+    volumes:
+      - nitter-redis:/data
+    restart: unless-stopped
+
+volumes:
+  nitter-redis:

docker/nitter/nitter.conf

@@ -0,0 +1,45 @@
+[Server]
+address = "0.0.0.0"
+port = 8080
+https = true  # disable to enable cookies when not using https
+httpMaxConnections = 100
+staticDir = "./public"
+title = "nitter"
+hostname = "nitter.projectsegfau.lt"
+
+[Cache]
+listMinutes = 240  # how long to cache list info (not the tweets, so keep it high)
+rssMinutes = 10  # how long to cache rss queries
+redisHost = "nitter-redis"  # Change to "nitter-redis" if using docker-compose
+redisPort = 6379
+redisPassword = ""
+redisConnections = 20  # connection pool size
+redisMaxConnections = 30
+# max, new connections are opened when none are available, but if the pool size
+# goes above this, they're closed when released. don't worry about this unless
+# you receive tons of requests per second
+
+[Config]
+hmacKey = "xxx"  # random key for cryptographic signing of video urls
+base64Media = false  # use base64 encoding for proxied media urls
+enableRSS = true  # set this to false to disable RSS feeds
+enableDebug = false  # enable request logs and debug endpoints
+proxy = ""  # http/https url, SOCKS proxies are not supported
+proxyAuth = ""
+tokenCount = 10
+# minimum amount of usable tokens. tokens are used to authorize API requests,
+# but they expire after ~1 hour, and have a limit of 187 requests.
+# the limit gets reset every 15 minutes, and the pool is filled up so there's
+# always at least $tokenCount usable tokens. again, only increase this if
+# you receive major bursts all the time
+
+# Change default preferences here, see src/prefs_impl.nim for a complete list
+[Preferences]
+theme = "Nitter"
+replaceTwitter = "nitter.projectsegfau.lt"
+replaceYouTube = "invidious.projectsegfau.lt"
+replaceReddit = "libreddit.projectsegfau.lt"
+replaceInstagram = ""
+proxyVideos = true
+hlsPlayback = true 
+infiniteScroll = false

docker/replace-compose

@@ -0,0 +1,4 @@
+#!/bin/bash
+mv /opt/docker/${1}/*compose.y*l /opt/docker/${1}/compose.pre-public-conf.yml
+ln -s /configs/docker/${1}-compose.yml /opt/docker/${1}/compose.yml
+cd /opt/docker/${1} && docker compose pull && docker compose down --remove-orphans && docker compose up -d --build && cd -

docker/rimgo-compose.yml

@@ -0,0 +1,21 @@
+version: '3'
+
+services:
+  rimgo:
+    image: codeberg.org/video-prize-ranch/rimgo # Official image
+    #image: quay.io/pussthecatorg/rimgo # Unofficial image
+    #build: . # Uncomment to build from source
+    ports:
+      - 9016:3000
+    environment:
+      - ADDRESS=0.0.0.0
+      - PORT=3000
+      - FIBER_PREFORK=false
+      - IMGUR_CLIENT_ID=546c25a59c58ad7
+      - PRIVACY_POLICY=https://projectsegfau.lt/legal/privacy-policy
+      - PRIVACY_MESSAGE=
+      - PRIVACY_COUNTRY=Luxembourg
+      - PRIVACY_PROVIDER=BuyVM
+      - PRIVACY_CLOUDFLARE=false
+      - PRIVACY_NOT_COLLECTED=true
+    restart: unless-stopped

docker/scribe-compose.yml

@@ -0,0 +1,17 @@
+version: "3.8"
+
+services:
+  scribe:
+    image: registry.gitlab.com/lomanic/scribe-binaries:latest
+    restart: always
+    container_name: "scribe"
+    ports:
+      - 8006:8006
+    environment:
+      - SCRIBE_PORT=8006
+      - SCRIBE_HOST=0.0.0.0
+      - APP_DOMAIN=scribe.projectsegfau.lt
+      - LUCKY_ENV=production
+      - PORT=8006
+    env_file:
+      - /opt/docker/scribe/scribe-private.env

docker/teddit-compose.yml

@@ -0,0 +1,42 @@
+version: "3.8"
+
+services:
+
+  teddit:
+    restart: always
+    container_name: teddit
+    image: teddit/teddit:latest
+    environment:
+      - DOMAIN=teddit.projectsegfau.lt
+      - USE_HELMET=true
+      - USE_HELMET_HSTS=true
+      - TRUST_PROXY=true
+      - REDIS_HOST=teddit-redis
+    ports:
+      - "9061:8080"
+    networks:
+      - teddit_net
+    healthcheck:
+      test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]
+      interval: 1m
+      timeout: 3s
+    depends_on:
+      - teddit-redis
+
+  teddit-redis:
+    restart: always
+    container_name: teddit-redis
+    image: redis:6.2.5-alpine
+    command: redis-server
+    environment:
+      - REDIS_REPLICATION_MODE=master
+    networks:
+      - teddit_net
+    volumes:
+      - teddit-redis:/data
+volumes:
+  teddit-redis:
+
+networks:
+  teddit_net:
+

docker/watchtower-compose.yml

@@ -0,0 +1,17 @@
+version: "2"
+services:
+  watchtower:
+    image: containrrr/watchtower
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - TZ=Europe/Paris
+      - WATCHTOWER_CLEANUP=false
+      - DOCKER_API_VERSION=1.42
+      - WATCHTOWER_INCLUDE_STOPPED=false
+      - WATCHTOWER_POLL_INTERVAL=3600
+      - WATCHTOWER_MONITOR_ONLY=false
+      # WATCHTOWER_NOTIFICATION_URL is in private.env
+    env_file:
+      - /opt/docker/watchtower/private.env
+    restart: unless-stopped

haproxy/haproxy.cfg

@@ -0,0 +1,30 @@
+global
+	log /dev/log	local0
+	log /dev/log	local1 notice
+	chroot /var/lib/haproxy
+	stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
+	stats timeout 30s
+	user haproxy
+	group haproxy
+	daemon
+defaults
+	log	global
+	mode	http
+	option	httplog
+	option	dontlognull
+        timeout connect 5000
+        timeout client  50000
+        timeout server  50000
+listen ssh
+	bind :::22 v4v6
+	balance roundrobin
+	mode tcp
+	option tcp-check
+	tcp-check expect rstring SSH-2.0-OpenSSH.*
+	server pubnix 10.7.0.2:22 check inter 10s fall 2 rise 1
+listen xrdp
+	bind :::3389 v4v6
+	balance roundrobin
+	mode tcp
+	option tcp-check
+	server pubnix 10.7.0.2:3389 check inter 10s fall 2 rise 1

i2pd/README.md

@@ -0,0 +1,4 @@
+# I2Pd Info
+`i2pd_funcs` was borrowed from the ~vern team (https://vern.cc/admins) with some minor modifications.
+
+i2pd config is the same as dpkg upstream.

i2pd/i2pd_funcs

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+i2pown() { chmod 640 "$1" && chown i2pd:i2pd "$1"; }
+geni2p() { /root/i2pd-tools/vain "$2" -o "$1" && i2pown "$1"; }
+vgi2p() { for i in "$@"; do geni2p "/var/lib/i2pd/pjsf.$i.dat" "pjsf"; done; }
+create_i2p() {
+	if [[ -z "$4" ]]; then
+		printf 'Usage: create_i2p service_name keyfile_name clearnet_domain port [type] [host] [inport]\n'
+		return 1
+	fi
+
+	[[ -f /var/lib/i2pd/pjsf.$2.dat ]] || vgi2p "$1"
+	printf '[%s]\ntype = %s\nhost = %s\nport = %s\nkeys = pjsf.%s.dat\n%s' "$3" "${5:-http}" "${6:-127.0.0.1}" "$4" "$2" "${7:+inport = $7}" | tee "/etc/i2pd/tunnels.d/$1.conf"
+	systemctl restart i2pd
+}
+
+delete_i2p() {
+	if [[ -z "$1" ]]; then
+		printf 'Usage: delete_i2p service_name\n'
+		return 1
+	fi
+
+	rm -f /var/lib/i2pd/pjsf.$1.dat
+	rm -f /etc/i2pd/tunnels.d/$1.conf
+	systemctl restart i2pd
+}
+
+i2pup() { export http_proxy="http://127.0.0.1:4444"; }
+i2pdown() { unset http_proxy; }
+
+i2pb32() { /root/i2pd-tools/keyinfo ~i2pd/pjsf.$1.dat; }
+i2pb64() { /root/i2pd-tools/keyinfo -d ~i2pd/pjsf.$1.dat; }
+i2pport() { grep -R '^port = '"$1"'$' /etc/i2pd/tunnels.d/; }

knot/geodnstemplate

@@ -0,0 +1,28 @@
+REPLACEME:
+  - geo: "*;*;*" 
+    A: 107.189.12.96
+    AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
+    TXT: "Worldwide-BuyVM-Lux" 
+  - geo: "EU;*;*" 
+    A: 107.189.12.96
+    TXT: "Europe-BuyVM-Lux"
+    AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
+  - geo: "AF;*;*" 
+    A: 107.189.12.96
+    AAAA: 2605:6400:30:f79f:9e20:f366:f052:5a25
+    TXT: "Africa-BuyVM-Lux"
+  - geo: "NA;*;*"
+    A: 143.198.131.196
+    AAAA: 2604:a880:4:1d0::52:7000
+    TXT: "NorthAmerica-DigitalOcean-SanFrancisco"
+  - geo: "SA;*;*"
+    A: 143.198.131.196
+    AAAA: 2604:a880:4:1d0::52:7000
+    TXT: "SouthAmerica-DigitalOcean-SanFrancisco"
+  - geo: "OC;*;*"
+    A: 143.198.131.196
+    AAAA: 2604:a880:4:1d0::52:7000
+    TXT: "Oceania-DigitalOcean-SanFrancisco"
+  - geo: "AS;*;*" 
+    A: 110.227.202.171
+    TXT: "Asia-Airtel-Ind" 

knot/geodnsupdate

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+geoconf=/etc/knot/geo.conf
+remote='7S23i@us.projectsegfau.lt'
+printf '' > $geoconf
+for i in $(</var/geodnsdomains); do
+	cat /etc/knot/geodnstemplate >> $geoconf
+	sed -i "s/REPLACEME/${i}/" $geoconf
+done
+scp $geoconf "${remote}":/var/geo.conf
+ssh $remote "sudo systemctl restart knot"
+systemctl restart knot

knot/knot.conf

@@ -0,0 +1,52 @@
+server:
+    rundir: "/run/knot"
+    user: knot:knot
+    listen: 107.189.12.96@53
+
+log:
+  - target: syslog
+    any: info
+
+database:
+    storage: "/var/lib/knot"
+
+# See aryak.me/blog/knot for setup instructions.
+include: /etc/knot/secrets.conf
+
+remote:
+  - id: secondary
+    address: 143.198.131.196@53
+    key: us-node
+
+acl:
+  - id: acl_secondary
+    address: 143.198.131.196
+    key: us-node
+    action: transfer
+  - id: acl_dynupdates
+    address: [143.198.131.196, 92.148.60.159, 51.91.103.130, 110.227.202.171, 107.189.12.96]
+    action: update
+    key: dynupd
+
+template:
+  - id: default
+    storage: "/etc/knot/zones"
+    file: "%s.zone"
+    dnssec-signing: on
+    semantic-checks: on
+    zonefile-sync: -1
+    zonefile-load: difference-no-serial
+    journal-content: all
+
+mod-geoip:
+  - id: geo 
+    config-file: "/etc/knot/geo.conf"
+    mode: geodb
+    geodb-file: "/var/lib/knot/GeoLite2-City.mmdb"
+    geodb-key: [ continent/code, country/iso_code, city/names/en ]
+
+zone:
+  - domain: projectsegfau.lt
+    notify: secondary
+    acl: [acl_secondary, acl_dynupdates]
+    module: mod-geoip/geo

knot/zones/projectsegfau.lt.zone

@@ -0,0 +1,105 @@
+; To be placed in /var/lib/knot/zones/projectsegfau.lt.zone
+$ORIGIN projectsegfau.lt. ; 'default' domain as FQDN for this zone
+$TTL 300 ; default time-to-live for this zone
+
+projectsegfau.lt.   IN  SOA     ns1.projectsegfau.lt. ns2.projectsegfau.lt. (
+        2023022702  ;Serial
+        14400       ;Refresh
+        300        ;Retry
+        1209600     ;Expire
+        300        ;Negative response caching TTL
+)
+
+; The nameserver that are authoritative for this zone.
+@	IN	NS	ns1.projectsegfau.lt.
+@	IN	NS	ns2.projectsegfau.lt.
+ns1	A	107.189.12.96
+ns2	A	143.198.131.196
+
+; Pizza-1
+pizza1                               A	107.189.12.96
+pizza                               A	107.189.12.96
+*.eu				A 107.189.12.96
+*.bp                            A 107.189.12.96 
+pizza1                          AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25
+pizza                          AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25
+*.eu				AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25
+*.bp                            AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25 
+*.p.projectsegfau.lt. 	A	107.189.12.96
+p.projectsegfau.lt. 	A	107.189.12.96
+*.p.projectsegfau.lt. 	AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25
+p.projectsegfau.lt. 	AAAA	2605:6400:30:f79f:9e20:f366:f052:5a25
+ferrit.projectsegfau.lt.	CNAME	pizza.projectsegfau.lt.
+proxy.lbry.projectsegfau.lt.	CNAME	pizza.projectsegfau.lt.
+arya.projectsegfau.lt.	CNAME	pizza.projectsegfau.lt.
+gothub.dev.projectsegfau.lt.	CNAME	pizza.projectsegfau.lt.
+
+; Soleil Levant
+*                               A	92.148.60.159
+@                               A	92.148.60.159
+web.dev.projectsegfau.lt.		A	92.148.60.159
+auth.p.projectsegfau.lt.		A	92.148.60.159
+autoconfig.projectsegfau.lt.	CNAME	mail.projectsegfau.lt.
+autodiscover.projectsegfau.lt.	CNAME	mail.projectsegfau.lt.
+_xmpp-client._tcp		SRV	10 0 5222 xmpp.projectsegfau.lt.
+_xmpp-server._tcp		SRV	10 0 5269 xmpp.projectsegfau.lt.
+_xmpps-client._tcp		SRV	10 0 5223 xmpp.projectsegfau.lt.
+_xmpps-server._tcp		SRV	10 0 5270 xmpp.projectsegfau.lt.
+_of._tcp.of.projectsegfau.lt SRV    5  0 27015 of.projectsegfau.lt.
+
+; US Node
+*.us				A	143.198.131.196
+us				A	143.198.131.196
+*.us				AAAA	2604:a880:4:1d0::52:7000
+us				AAAA	2604:a880:4:1d0::52:7000
+
+; IN Node
+in	A	110.227.202.171
+*.in	A	110.227.202.171
+
+; Status VPS
+status				A	51.91.103.130
+hole				A	51.91.103.130
+wg				A	51.91.103.130
+hole				AAAA	2001:41d0:404:200::5149
+status				AAAA	2001:41d0:404:200::5149
+wg				AAAA	2001:41d0:404:200::5149
+
+; Mail Stuff
+mail.projectsegfau.lt.		A	92.148.60.159
+feb2023._domainkey    IN   TXT   "v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gF5p8pTKZMPe4rDdsDTedelOTeIcEYzy5Fd1b3Tv0gWTOkk7Lx+opIY0lUU9k+K+UbPJ4asUT6zrdZusXrp85g36Rh8+lZbZWr6mqE/GJjIh9kIvXRWasHZpcnws2Ex2Mc2tefJ9FtFntpoX/v0zR2Wr8wiztZrHL23VaY+7kLgPe4PC0CM4tLyuuraC0AYVjI/yCvo8XZkb7kvOfi+EpThN3B91zSGVnZXPJdtQdE/JJ2psthhRilHBwo1Rs+PsFNFvi1chHPP44z2JPS7OyALR+ycDvXz2Hj6WS8s9pcXk7NPi0sLY+h+5Ha6KoDa4sjBmmEN07U+hE+2/rE9IQIDAQAB"
+dkim._domainkey.projectsegfau.lt. 600 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z7evsQCm7e0ZN+dx3ygeSHRi6NCOjVInqnrnDe2xkooUp/szLXZ1xsGQAYM+tZ8+M0WKdIm7uQq8xCEdjDCO/l/fE6b4/3u11aj44tLXBsse5gQvOH/SQpw/zwzgU07tnOjajCExnuIeZaDNw6S5iN2oGUlkvIzIw2zv5PFVa9ax4/N0TuTMKQOysFh" "JHv2lJjvA/WgqioOOqDFjlhc959lYNqMkjaEb0r2FLky1uQx2c01MzkkXuoNVG+7anrcgzPrQ9AMTBvAsqwStwX+6JpNcwh6MpCBHQmAaFC5TkECwZLopujB+LoTbZcY2ejP8EeKSa04yU/jEnPtsMdb5wIDAQAB"
+@		TXT	"v=spf1 ip4:107.189.12.96 ip4:92.148.60.159 include:relay.selea.se ~all"
+_dmarc.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=reject; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=s; aspf=s"
+_imap._tcp.projectsegfau.lt. 600 IN SRV 20 1 143 mail.projectsegfau.lt.
+_pop3._tcp.projectsegfau.lt. 600 IN SRV 20 1 110 mail.projectsegfau.lt.
+_submission._tcp.projectsegfau.lt. 600 IN SRV 20 1 587 mail.projectsegfau.lt.
+_autodiscover._tcp.projectsegfau.lt. 600 IN SRV 10 1 443 mail.projectsegfau.lt.
+_submissions._tcp.projectsegfau.lt. 600 IN SRV 10 1 465 mail.projectsegfau.lt.
+_imaps._tcp.projectsegfau.lt. 600 IN SRV 10 1 993 mail.projectsegfau.lt.
+_pop3s._tcp.projectsegfau.lt. 600 IN SRV 10 1 995 mail.projectsegfau.lt.
+autoconfig.projectsegfau.lt. 600 IN CNAME mail.projectsegfau.lt.
+_25._tcp.mail.projectsegfau.lt. 86400 IN TLSA 2 1 1 0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
+projectsegfau.lt.                    MX      10      mail.projectsegfau.lt.
+p.projectsegfau.lt. 			TXT	     "buyvm-validation=b6444ab72efafcdef664a693ce2ba26ebd03ed1c7377cd08926db831e94a3d5a"
+
+
+; Simplelogin
+sl				A	51.91.103.130
+sl				AAAA	2001:41d0:404:200::5149
+sl.projectsegfau.lt.                    MX      10      sl.projectsegfau.lt.
+dkim._domainkey.sl		TXT	"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC79GZdNBCBZ28EGJcnar/yY3QWlAoeQW0sEQIpibzAtYMtZZw7kBzbKNxRdnMGDOQE1hzo/gJUVv+A2tgsYswXOCjO+l0gtwcKsNuP79Tn9guGtsq5aLeoYuTbvC1SrHLLufv01oEGvT6VlOm3e3+XbGjvXKVQw4ym3H55wD7WbQIDAQAB"
+_dmarc.sl.projectsegfau.lt. 600 IN TXT "v=DMARC1; p=quarantine; rua=mailto:admin@projectsegfau.lt; ruf=mailto:admin@projectsegfau.lt; adkim=r; aspf=r"
+sl		TXT	"v=spf1 ip4:51.91.103.130 ~all"
+
+; Crypto TXT
+@		TXT	"oa1:btc recipient_address=bc1qrc8ywgp95a6p3zausp4nff70qzstp6h8z86sxd; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
+@		TXT	"oa1:ltc recipient_address=ltc1qn3ald586h2ntt0n3zkvwsmju2e5vndgtvvgatj; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
+@		TXT	"oa1:xmr recipient_address=47L7Qsto7XcifY3CdG18ySe5Tt83kpFLDLve9jQwbc9taPBLNGv6ZrJNUKpMG9Nj9zHgCZ4FQMSyt75e8Jvx12JFLtJyFdA; recipient_name=Project Segfault; tx_description=Donate to Project Segfault"
+_token._dnswl.projectsegfau.lt.		IN	TXT	"1q5i422gbg9qqlekp8zag8scwwb7oicd"
+; PTR(s)
+159.60.148.92.in-addr.arpa.	PTR	mail.projectsegfau.lt.
+171.202.227.110.in-addr.arpa.	PTR	in.projectsegfau.lt.
+196.131.198.143.in-addr.arpa.	PTR	us.projectsegfau.lt.
+130.103.91.51.in-addr.arpa.	PTR	sl.projectsegfau.lt.
+96.12.189.107.in-addr.arpa.	PTR	pizza1.projectsegfau.lt.

tor/README.md

@@ -0,0 +1,4 @@
+# Tor
+Our tor configs are basically the same as the upstream dpkg.
+
+The vanity URL pjsf....onion was made with https://github.com/cathugger/mkp224o