aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorterminaldweller <thabogre@gmail.com>2022-11-23 08:45:51 +0000
committerterminaldweller <thabogre@gmail.com>2022-11-23 08:45:51 +0000
commit7bcd7a5b12c428dcb6e60a94ff315a9e39511d13 (patch)
tree9493b9d7886f8d32d7575bb3d55ca43599b1e2e8
parenttsocks and zsh prompt update (diff)
downloadscripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.tar.gz
scripts-7bcd7a5b12c428dcb6e60a94ff315a9e39511d13.zip
update
Diffstat (limited to '')
-rw-r--r--.secrets.baseline2
-rw-r--r--.tmux.conf3
-rw-r--r--.tridactylrc2
-rw-r--r--.zshrc3
-rwxr-xr-xbin/sniff97
-rw-r--r--db/mongo/build_db.js3
-rw-r--r--devi.zsh-theme10
-rw-r--r--keymap.kbd1
-rw-r--r--kubernetes/debug/debug-deployment.yaml2
-rw-r--r--openwrt/ripzero_v_1_3/files/etc/config/wireless2
-rw-r--r--stylus/manganato_sepia.css4
-rw-r--r--terminaldweller.com/browsh/docker-compose.yaml13
-rw-r--r--terminaldweller.com/cargo/docker-compose.yaml5
-rw-r--r--terminaldweller.com/cargo/nginx.conf6
-rw-r--r--terminaldweller.com/cgit/cgit.conf3
-rw-r--r--terminaldweller.com/ejabberd/docker-compose.yaml4
-rw-r--r--terminaldweller.com/ejabberd/ejabberd.yml16
-rw-r--r--terminaldweller.com/haproxy/haproxy.cfg102
18 files changed, 165 insertions, 113 deletions
diff --git a/.secrets.baseline b/.secrets.baseline
index 20a46db..798ac81 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -1,5 +1,5 @@
{
- "version": "1.2.0",
+ "version": "1.4.0",
"plugins_used": [
{
"name": "ArtifactoryDetector"
diff --git a/.tmux.conf b/.tmux.conf
index 8b5ea70..9a4deb1 100644
--- a/.tmux.conf
+++ b/.tmux.conf
@@ -85,7 +85,8 @@ bind-key @ join-pane -s $.0
bind-key p popup -w 80% -h 80% -E ksh
bind-key S popup -w 90% -h 90% -E env WWW_HOME=searx.terminaldweller.com /home/devi/w3m/w3m -o auto_image=FALSE -graph
-bind-key F popup -d ${pane_current_path} -w 90% -h 90% -E ranger --cmd cd $(tmux show -p '#{pane_current_path}')
+# bind-key F popup -d ${pane_current_path} -w 90% -h 90% -E ranger --cmd cd $(tmux show -p '#{pane_current_path}')
+bind-key F popup -d ${pane_current_path} -w 90% -h 90% -E ranger
#to support nested tmux sessions for ssh workflows
bind -T root F6 \
diff --git a/.tridactylrc b/.tridactylrc
index 3078f78..601c8e4 100644
--- a/.tridactylrc
+++ b/.tridactylrc
@@ -6,6 +6,8 @@ completionfuzziness 1
" bind tp tabmove -1
" bind tn tabmove +1
+bind <C-k> tabnext
+bind <C-j> tabprev
seturl duolingo.com superignore true
seturl localhost:8889 superignore true
diff --git a/.zshrc b/.zshrc
index 732386f..d61cf36 100644
--- a/.zshrc
+++ b/.zshrc
@@ -294,6 +294,9 @@ alias nmap="grc nmap"
alias fdisk="grc fdisk"
alias blkid="grc blkid"
alias b="buku --suggest"
+alias whois="grc whois -H"
+alias scapy="scapy -H"
+alias dg="grc /usr/bin/dig"
# change the 4th terminal color to #0000ff
# echo -e '\e]P40000ff'
diff --git a/bin/sniff b/bin/sniff
index fa52e23..b884a91 100755
--- a/bin/sniff
+++ b/bin/sniff
@@ -1,33 +1,37 @@
-#!/usr/bin/python3
+#!/usr/bin/env python
+"""Sniffs different file types in a given URL."""
import argparse
-import signal
-import sys
import re
-from requests import get
-from requests.exceptions import RequestException
-from contextlib import closing
-from bs4 import BeautifulSoup
+import typing
+import contextlib
+import requests # type:ignore
+import bs4 # type:ignore
-def SigHandler_SIGINT(signum, frame):
- print()
- sys.exit(0)
+def log_error(error):
+ """A logger wrapper."""
+ print(error)
-def simple_get(url):
+def simple_get(url) -> typing.Optional[typing.ByteString]:
+ """A simple get wrapper."""
try:
- with closing(get(url, stream=True)) as resp:
+ with contextlib.closing(
+ requests.get(url, stream=True, timeout=10)
+ ) as resp:
if is_good_response(resp):
return resp.content
- else:
- return None
- except RequestException as e:
- log_error("Error during requests to {0} : {1}".format(url, str(e)))
+ return None
+ except requests.exceptions.RequestException as error:
+ log_error(
+ f"Error during requests to {0} : {1}".format(url, str(error))
+ )
return None
def is_good_response(resp):
+ """Checks if the response we get is a good response."""
content_type = resp.headers["Content-Type"].lower()
return (
resp.status_code == 200
@@ -36,11 +40,10 @@ def is_good_response(resp):
)
-def log_error(e):
- print(e)
-
+# pylint: disable=too-few-public-methods
+class Argparser:
+ """Argparser"""
-class Argparser(object):
def __init__(self):
parser = argparse.ArgumentParser()
parser.add_argument("--src", type=str, help="url")
@@ -49,7 +52,7 @@ class Argparser(object):
"--vid", action="store_true", help="video", default=False
)
parser.add_argument(
- "--dbg", action="store_true", help="debug", default=False
+ "--img", action="store_true", help="sniff images", default=False
)
parser.add_argument(
"--url", action="store_true", help="url", default=False
@@ -57,7 +60,7 @@ class Argparser(object):
self.args = parser.parse_args()
-VID_FMT = [
+VID_FMTS = [
"webm",
"mpg",
"mp2",
@@ -74,28 +77,43 @@ VID_FMT = [
"mkv",
"svi",
]
-# write code here
-def premain(argparser):
- signal.signal(signal.SIGINT, SigHandler_SIGINT)
- # here
+def image_finder(url: str) -> None:
+ """Sniffs images."""
+ # raw_url_content = simple_get(url)
+ response = requests.get(url, timeout=10, allow_redirects=True)
+ # print(response.content)
+ if response.content is None:
+ return None
+
+ soup = bs4.BeautifulSoup(response.content, "lxml")
+ search_results = soup.findAll("img")
+ for result in search_results:
+ print(result["src"])
+ # img_response = requests.get(
+ # result["src"], timeout=10, allow_redirects=True
+ # )
+ return None
+
+
+def main() -> None:
+ """Entry point."""
+ argparser = Argparser()
+ if argparser.args.img:
+ image_finder(argparser.args.src)
raw_ml = simple_get(argparser.args.src)
- # print("raw html length is " + repr(len(raw_ml)))
- ml = BeautifulSoup(raw_ml, "lxml")
- ml_str = repr(ml)
- tmp = open("/tmp/riecher", "w")
+ ml_str = repr(bs4.BeautifulSoup(raw_ml, "lxml"))
+ tmp = open("/tmp/riecher", "w", encoding="utf-8")
tmp.write(ml_str)
tmp.close()
- tmp = open("/tmp/riecher", "r")
+ tmp = open("/tmp/riecher", "r", encoding="utf-8")
if argparser.args.src:
if argparser.args.vid:
for line in tmp:
- # hit = False
- for elem in VID_FMT:
+ for elem in VID_FMTS:
if line.find("." + elem) > -1:
print(line)
- # hit = True
if argparser.args.url:
dump_list = []
for line in tmp:
@@ -111,16 +129,5 @@ def premain(argparser):
tmp.close()
-def main():
- argparser = Argparser()
- if argparser.args.dbg:
- try:
- premain(argparser)
- except Exception as e:
- print(e)
- else:
- premain(argparser)
-
-
if __name__ == "__main__":
main()
diff --git a/db/mongo/build_db.js b/db/mongo/build_db.js
index 67acd6d..2483347 100644
--- a/db/mongo/build_db.js
+++ b/db/mongo/build_db.js
@@ -47,6 +47,7 @@ const mangas = {
"dungeon sherpa": "https://manganato.com/manga-kt987428",
gachiakuta: "https://manganato.com/manga-na990935",
"black lagoon": "https://readmanganato.com/manga-",
+ "chainsaw man": "https://readmanganato.com/manga-dn980422",
};
db = connect("192.168.1.109:27117/devi");
@@ -91,7 +92,7 @@ db.mangas.updateOne(
{ _id: mangas_id },
{
$set: {
- "chainsaw man": "https://readmanganato.com/manga-dn980422",
+ "gantz:e": "https://manganato.com/manga-ho984623",
},
}
);
diff --git a/devi.zsh-theme b/devi.zsh-theme
index 49d50db..c686909 100644
--- a/devi.zsh-theme
+++ b/devi.zsh-theme
@@ -160,7 +160,7 @@ add-zsh-hook precmd steeef_precmd
tsocks_on() {
if echo $LD_PRELOAD | grep libtsocks > /dev/null 2>&1; then
# echo -ne "\x1b[38;5;0m\x1b[48;5;22m$reset_color\x1b[38;5;22m"
- echo "%K{22}%F{0}$reset_color%F{22}"
+ echo "%K{22}%F{0}%K{0}%F{22}"
else
echo "$reset_color"
;
@@ -169,7 +169,7 @@ tsocks_on() {
sudo_query() {
if sudo -nv > /dev/null 2>&1; then
- echo "%K{33}%F{0}%K{0}%F{33} "
+ echo "%K{33}%F{0}%K{0}%F{33}"
else
echo "$reset_color"
fi
@@ -194,7 +194,7 @@ dir_writeable() {
if [ -w $(pwd) ]; then
echo "$reset_color"
else
- echo " %K{196}%F{0}$reset_color%F{196}"
+ echo " %K{196}%F{0}%K{0}%F{196}"
fi
}
@@ -286,9 +286,9 @@ getterminal() {
rbq_info_msg=""
-PS1=$'%{$reset_color%}$(dir_writeable)$(tsocks_on)$(sudo_query)%{$reset_color%} %{$yablue%}%n@%M:$(getterminal)%{$reset_color%} %{$yagreen%}$(pwd_shortened)%{$reset_color%} %{$muckgreen%}$(time_function)%{$reset_color%}$vcs_info_msg_0_%{$limblue%}%{$gnew%}$(gitadditions)%{$gnew2%}$(gitdeletions)%{$reset_color%}%{$deeppink%}$(virtualenv_info)%{$reset_color%}%{$teal%}$(node_version)%{$reset_color%}%{$gover%}$(goversion)%{$reset_color%}%{$rust%}$(rustversion)%{$reset_color%}%{$babyblue%}$(ruby_version)%{$reset_color%}%{$sneakyc%}$(sneaky)%{$reset_color%}%{$new%}$rbq_info_msg%{$reset_color%} $(getkubernetesinfo)%{$reset_color%}'
+PS1=$'$(dir_writeable)$(tsocks_on)$(sudo_query)%{$reset_color%} %{$yablue%}%n@%M:$(getterminal)%{$reset_color%} %{$yagreen%}$(pwd_shortened)%{$reset_color%} %{$muckgreen%}$(time_function)%{$reset_color%}$vcs_info_msg_0_%{$limblue%}%{$gnew%}$(gitadditions)%{$gnew2%}$(gitdeletions)%{$reset_color%}%{$deeppink%}$(virtualenv_info)%{$reset_color%}%{$teal%}$(node_version)%{$reset_color%}%{$gover%}$(goversion)%{$reset_color%}%{$rust%}$(rustversion)%{$reset_color%}%{$babyblue%}$(ruby_version)%{$reset_color%}%{$sneakyc%}$(sneaky)%{$reset_color%}%{$new%}$rbq_info_msg%{$reset_color%} $(getkubernetesinfo)%{$reset_color%}'
PS2=$''
-PS3=$'\n%{$randomblue%}--➜%{$reset_color%} '
+PS3=$'\n%{$randomblue%}--➜%K{0}%F{15}'
get_prompt_len() {
local zero='%([BSUbfksu]|([FK]|){*})'
local FOOLENGTH=${#${(S%%)PS1//$~zero/}}
diff --git a/keymap.kbd b/keymap.kbd
index b566b5e..72e0d58 100644
--- a/keymap.kbd
+++ b/keymap.kbd
@@ -17,7 +17,6 @@
)
-------------------------------------------------------------------------- |#
(defcfg
- ;; input (device-file "/dev/input/by-id/usb-Razer_Razer_Huntsman_Tournament_Edition_00000000001A-event-kbd")
input (device-file "/dev/input/by-id/usb-Razer_Razer_Huntsman_Tournament_Edition_00000000001A-if01-event-kbd")
output (uinput-sink "KMonad output")
diff --git a/kubernetes/debug/debug-deployment.yaml b/kubernetes/debug/debug-deployment.yaml
index 1d58b40..42631dd 100644
--- a/kubernetes/debug/debug-deployment.yaml
+++ b/kubernetes/debug/debug-deployment.yaml
@@ -16,7 +16,7 @@ spec:
spec:
containers:
- name: debug
- image: 192.168.1.103:5000/bullseye-slim
+ image: 192.168.1.214:5000/bullseye-slim
imagePullPolicy: IfNotPresent
command:
- tail
diff --git a/openwrt/ripzero_v_1_3/files/etc/config/wireless b/openwrt/ripzero_v_1_3/files/etc/config/wireless
index 0800aaa..9303c58 100644
--- a/openwrt/ripzero_v_1_3/files/etc/config/wireless
+++ b/openwrt/ripzero_v_1_3/files/etc/config/wireless
@@ -10,5 +10,5 @@ config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
- option ssiid 'OpenWrt'
+ option ssid 'OpenWrt'
option encryption 'none'
diff --git a/stylus/manganato_sepia.css b/stylus/manganato_sepia.css
index b72db94..f168003 100644
--- a/stylus/manganato_sepia.css
+++ b/stylus/manganato_sepia.css
@@ -6,4 +6,8 @@
img:hover {
filter: none;
}
+
+ .container-chapter-reader {
+ background-color: #000000;
+ }
}
diff --git a/terminaldweller.com/browsh/docker-compose.yaml b/terminaldweller.com/browsh/docker-compose.yaml
new file mode 100644
index 0000000..4778988
--- /dev/null
+++ b/terminaldweller.com/browsh/docker-compose.yaml
@@ -0,0 +1,13 @@
+version: "3"
+services:
+ browsh:
+ image: browsh/browsh:v1.8.0
+ networks:
+ - browshnet
+ ports:
+ - "4333:4333"
+ restart: unless-stopped
+ entrypoint: "/app/bin/browsh"
+ command: ["--http-server-mode"]
+networks:
+ browshnet:
diff --git a/terminaldweller.com/cargo/docker-compose.yaml b/terminaldweller.com/cargo/docker-compose.yaml
index ef2e1b8..7cbb5d9 100644
--- a/terminaldweller.com/cargo/docker-compose.yaml
+++ b/terminaldweller.com/cargo/docker-compose.yaml
@@ -12,7 +12,12 @@ services:
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
- /home/ubuntu/cargo:/cargo
+ - /etc/letsencrypt/archive/cargo.terminaldweller.com/:/certs/
cap_drop:
- ALL
+ cap_add:
+ - CHOWN
+ - SETGID
+ - SETUID
networks:
cargonet:
diff --git a/terminaldweller.com/cargo/nginx.conf b/terminaldweller.com/cargo/nginx.conf
index 118825c..eafeeee 100644
--- a/terminaldweller.com/cargo/nginx.conf
+++ b/terminaldweller.com/cargo/nginx.conf
@@ -3,10 +3,10 @@ events {
}
http {
server {
- listen 8080 ssl;
+ listen 8080 ssl http2;
keepalive_timeout 70;
- ssl_certificate /certs/server.cert;
- ssl_certificate_key /certs/server.key;
+ ssl_certificate /certs/cert1.pem;
+ ssl_certificate_key /certs/privkey1.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
sendfile on;
diff --git a/terminaldweller.com/cgit/cgit.conf b/terminaldweller.com/cgit/cgit.conf
index caf8876..e180158 100644
--- a/terminaldweller.com/cgit/cgit.conf
+++ b/terminaldweller.com/cgit/cgit.conf
@@ -2,7 +2,8 @@ server.modules += ( "mod_cgi", "mod_rewrite", "mod_openssl" )
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
- ssl.pemfile = "/etc/certs/git.pem"
+ ssl.pemfile = "/etc/certs/fullchain1.pem"
+ ssl.privkey = "/etc/certs/privkey1.pem"
server.name = "git.terminaldweller.com"
server.document-root = "/usr/share/webapps/cgit/"
diff --git a/terminaldweller.com/ejabberd/docker-compose.yaml b/terminaldweller.com/ejabberd/docker-compose.yaml
index 81c4c8d..1ca57b2 100644
--- a/terminaldweller.com/ejabberd/docker-compose.yaml
+++ b/terminaldweller.com/ejabberd/docker-compose.yaml
@@ -16,14 +16,14 @@ services:
restart: unless-stopped
volumes:
- ./ejabberd.yml:/home/ejabberd/conf/ejabberd.yml
- - /etc/letsencrypt/archive/chat.terminaldweller.com/:/opt/ejabberd/certs/
+ - /etc/letsencrypt/archive/jabber.terminaldweller.com/:/opt/ejabberd/certs/
- ./dh:/usr/local/etc/ejabberd/dh
- ./acme:/usr/local/etc/self_signed/
- confs_certs:/home/ejabberd/conf/
- mnesia_db:/home/ejabberd/database/
- vault:/var/lib/ejabberd/
environment:
- - XMPP_DOMAIN=chat.terminaldweller.com
+ - XMPP_DOMAIN=jabber.terminaldweller.com
- ERLANG_NODE=ejabberd
#entrypoint: ["tail", "-f", "/dev/null"]
networks:
diff --git a/terminaldweller.com/ejabberd/ejabberd.yml b/terminaldweller.com/ejabberd/ejabberd.yml
index 86d9857..228ac6d 100644
--- a/terminaldweller.com/ejabberd/ejabberd.yml
+++ b/terminaldweller.com/ejabberd/ejabberd.yml
@@ -1,5 +1,5 @@
hosts:
- - chat.terminaldweller.com
+ - jabber.terminaldweller.com
auth_method: internal
auth_password_format: scram # pragma: allowlist secret
@@ -10,8 +10,8 @@ log_rotate_size: 10485760
log_rotate_count: 1
define_macro:
- 'TLS_CIPHERS': "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA"
- 'TLS_OPTIONS':
+ 'TLS_CIPHERS': "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA"
+ 'TLS_OPTIONS':
- "no_sslv2"
- "no_sslv3"
- "no_tlsv1"
@@ -19,17 +19,17 @@ define_macro:
- "cipher_server_preference"
- "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA"
- "no_compression"
- 'DH_FILE': "/usr/local/etc/ejabberd/dh/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 4096
+ 'DH_FILE': "/usr/local/etc/ejabberd/dh/dhparams.pem" # generated with: openssl dhparam -out dhparams.pem 4096
-#c2s_dhfile: 'DH_FILE'
-#s2s_dhfile: 'DH_FILE'
+c2s_dhfile: 'DH_FILE'
+s2s_dhfile: 'DH_FILE'
c2s_ciphers: 'TLS_CIPHERS'
s2s_ciphers: 'TLS_CIPHERS'
c2s_protocol_options: 'TLS_OPTIONS'
s2s_protocol_options: 'TLS_OPTIONS'
certfiles:
# - /usr/local/etc/self_signed/ej2.pem
- - /opt/ejabberd/certs/ejabberd.pem
+ - /opt/ejabberd/certs/ejabberd.pem # cat privkey1.pem fullchain1.pem > ejabberd.pem
#- '/var/lib/ejabberd/acme/fullchain1.pem'
#- '/var/lib/ejabberd/acme/chain1.pem'
#- '/var/lib/ejabberd/acme/cert1.pem'
@@ -119,7 +119,7 @@ acl:
- ::FFFF:127.0.0.1/128
admin:
user:
- - 'admin@chat.terminaldweller.com'
+ - 'admin@jabber.terminaldweller.com'
access_rules:
local:
diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg
index b659cb3..26e90f2 100644
--- a/terminaldweller.com/haproxy/haproxy.cfg
+++ b/terminaldweller.com/haproxy/haproxy.cfg
@@ -36,7 +36,7 @@ frontend http
acl blog-host hdr_sub(host) -i blog.terminaldweller.com
acl mail-host hdr_sub(host) -i mail.terminaldweller.com
acl api-host hdr_sub(host) -i api.terminaldweller.com
- acl chat-host hdr_sub(host) -i chat.terminaldweller.com
+ acl jabber-host hdr_sub(host) -i jabber.terminaldweller.com
acl searx-host hdr_sub(host) -i searx.terminaldweller.com
acl editor-host hdr_sub(host) -i editor.terminaldweller.com
acl editorsave-host hdr_sub(host) -i editorsave.terminaldweller.com
@@ -44,6 +44,8 @@ frontend http
acl discord-host hdr_sub(host) -i discord.terminaldweller.com
acl rssgen-host hdr_sub(host) -i rssgen.terminaldweller.com
acl git-host hdr_sub(host) -i git.terminaldweller.com
+ acl cargo-host hdr_sub(host) -i cargo.terminaldweller.com
+ acl browsh-host hdr_sub(host) -i browsh.terminaldweller.com
acl mila-api-acl url_beg /mila
acl crypto-api-acl url_beg /crypto
acl http ssl_fc,not
@@ -59,27 +61,31 @@ frontend http
http-request redirect scheme https code 301 if http searx-host !letsencrypt-acl
http-request redirect scheme https code 301 if http git-host !letsencrypt-acl
# http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl
+ http-request redirect scheme https code 301 if http cargo-host !letsencrypt-acl
+ #http-request redirect scheme https code 301 if http jabber-host !letsencrypt-acl
+ # http-request redirect scheme https code 301 if http rssgen-host !letsencrypt-acl
#Conditions
- #use_backend chat-cert-backend if letsencrypt-acl chat-host
use_backend blog-backend-cert if letsencrypt-acl blog-host
use_backend blog-backend-cert if letsencrypt-acl editor-host
use_backend blog-backend-cert if letsencrypt-acl editorsave-host
use_backend cloud-one-cert if letsencrypt-acl devourer-host
- use_backend cloud-one-cert if letsencrypt-acl chat-host
+ use_backend searx-backend-cert if letsencrypt-acl jabber-host
use_backend api-crypto-backend-cert if letsencrypt-acl api-host
use_backend api-mila-backend-cert if letsencrypt-acl api-host
use_backend searx-backend-cert if letsencrypt-acl searx-host
use_backend searx-backend-cert if letsencrypt-acl rssgen-host
use_backend searx-backend-cert if letsencrypt-acl git-host
+ use_backend searx-backend-cert if letsencrypt-acl cargo-host
# use_backend editor-backend-cert if letsencrypt-acl editor-host
- use_backend certbot-backend if letsencrypt-acl !chat-host !blog-host !api-host
+ use_backend certbot-backend if letsencrypt-acl !jabber-host !blog-host !api-host
use_backend blog-backend if blog-host
use_backend mail-backend if mail-host
use_backend api-backend if api-host
use_backend searx-backend if searx-host
- use_backend rssgen-backend if rssgen-host
use_backend git-backend if git-host
+ use_backend rssgen-backend if rssgen-host
+ use_backend browsh-backend if browsh-host
#use_backend chat-backend if chat-host
default_backend blog-backend
@@ -92,7 +98,7 @@ frontend https
tcp-request content reject
#ACLs
acl mail-host-s req.ssl_sni -i mail.terminaldweller.com
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
acl blog-host-s req.ssl_sni -i blog.terminaldweller.com
acl jericho-host-s req.ssl_sni -i jericho.terminaldweller.com
acl api-host-s req.ssl_sni -i api.terminaldweller.com
@@ -103,6 +109,7 @@ frontend https
acl editor-host-s req.ssl_sni -i editor.terminaldweller.com
acl editorsave-host-s req.ssl_sni -i editorsave.terminaldweller.com
acl discord-host-s req.ssl_sni -i discord.terminaldweller.com
+ acl rssgen-host-s req.ssl_sni -i rssgen.terminaldweller.com
#Conditions
use_backend mail-backend-s if mail-host-s
#use_backend chat-backend-s if chat-host-s
@@ -116,6 +123,7 @@ frontend https
use_backend editor-backend-s if editor-host-s
use_backend editorsave-backend-s if editorsave-host-s
use_backend git-backend-s if git-host-s
+ use_backend rssgen-backend-s if rssgen-host-s
#frontend jabber5222
# bind *:5222
@@ -134,8 +142,11 @@ frontend jabbber5222
bind *:5222
timeout client 60s
mode tcp
- acl chat-host req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-backend-c2s if chat-host
+ #tcp-request inspect-delay 5s
+ #tcp-request content accept if { req.ssl_hello_type 1 }
+ #tcp-request content reject
+ acl jabber-host req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-c2s if jabber-host
frontend jabber5223
bind *:5223
timeout client 60s
@@ -143,13 +154,17 @@ frontend jabber5223
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
tcp-request content reject
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-auth-backend-s if chat-host-s
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-auth-backend-s if jabber-host-s
frontend jabber5280
bind *:5280
- mode http
- acl chat-host hdr_sub(host) -i chat.terminaldweller.com
- use_backend chat-backend-admin if chat-host
+ timeout client 60s
+ mode tcp
+ tcp-request inspect-delay 5s
+ tcp-request content accept if { req.ssl_hello_type 1 }
+ tcp-request content reject
+ acl jabber-host req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-admin if jabber-host
frontend jabber5443
bind *:5443
timeout client 60s
@@ -157,8 +172,8 @@ frontend jabber5443
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
tcp-request content reject
- acl chat-host-s req.ssl_sni -i chat.terminaldweller.com
- use_backend chat-backend-s if chat-host-s
+ acl jabber-host-s req.ssl_sni -i jabber.terminaldweller.com
+ use_backend jabber-backend-s if jabber-host-s
frontend mail-imap
bind *:143
@@ -234,7 +249,7 @@ backend blog-backend-cert
backend cloud-one-cert
mode http
option forwardfor
- server cloud-one-host 130.185.121.80:80
+ server cloud-one-host 185.130.47.208:80
backend blog-backend-s
mode tcp
option tcp-check
@@ -296,72 +311,73 @@ backend api-crypto-backend-cert
backend api-mila-backend-s
mode tcp
option tcp-check
- server api-mila-host 130.185.121.80:19019
+ server api-mila-host 185.130.47.208:9009
backend api-mila-backend-cert
mode http
option forwardfor
- server api-mila-host 130.185.121.80
+ server api-mila-host 185.130.47.208:80
-backend chat-backend-admin
- mode http
- server chat-host 130.185.121.80:5280
-#backend chat-backend
-# mode http
-# server chat-host 130.185.121.80:5222
-backend chat-backend-s
+backend jabber-backend-admin
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5443
-backend chat-backend-c2s
+ server jabber-host 185.130.47.208:5280
+backend jabber-backend-s
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5222
-backend chat-auth-backend-s
+ server jabber-host 185.130.47.208:5443
+backend jabber-backend-c2s
+ mode tcp
+ server jabber-host 185.130.47.208:5222
+backend jabber-auth-backend-s
mode tcp
option tcp-check
- server chat-host 130.185.121.80:5223
-#backend chat-cert-backend
-# mode http
-# server chat-cert-server 130.185.121.80:8880
+ server jabber-host 185.130.47.208:5223
backend searx-backend-cert
mode http
- server searx-host-cert 130.185.121.80:80
+ server searx-host-cert 185.130.47.208:80
backend searx-backend
mode http
- server searx-host 130.185.121.80:8080
+ server searx-host 185.130.47.208:8080
backend searx-backend-s
#balance roundrobin
mode tcp
option tcp-check
- server searx-host-s 130.185.121.80:8081 maxconn 10
+ server searx-host-s 185.130.47.208:8081 maxconn 10
#server searx-host-s 192.99.102.52:8081 maxconn 10
backend cargo-backend-s
mode tcp
option tcp-check
- server cargo-host-s 130.185.121.80:7777
+ server cargo-host-s 185.130.47.208:7777
backend editor-backend-s
mode tcp
option tcp-check
- server cargo-host-s 192.99.102.52:7080
+ server editor-host-s 192.99.102.52:7080
backend editorsave-backend-s
mode tcp
option tcp-check
- server cargo-host-s 192.99.102.52:9080
+ server editorsave-host-s 192.99.102.52:9080
backend rssgen-backend
mode http
- option forwardfor
- server rssgen-host 130.185.121.80:3000 check
+ server rssgen-host-s 185.130.47.208:3000
+backend rssgen-backend-s
+ mode tcp
+ option tcp-check
+ server rssgen-host-s 185.130.47.208:3000
backend git-backend
mode http
option forwardfor
- server git-host 130.185.121.80:8042
+ server git-host 185.130.47.208:8042
backend git-backend-s
mode tcp
option tcp-check
- server git-host-s 130.185.121.80:8043 check
+ server git-host-s 185.130.47.208:8043 check
+
+backend browsh-backend
+ mode http
+ server browsh-host 185.130.45.46:4333