aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--.mutt/.muttrc2
-rw-r--r--.vimrc6
-rw-r--r--.zshrc29
-rwxr-xr-xbin/clipd83
-rwxr-xr-xbin/scotch18
-rw-r--r--stylus/readthedocs.css32
-rw-r--r--terminaldweller.com/doh2/Dockerfile18
-rw-r--r--terminaldweller.com/doh2/docker-compose.yaml19
-rwxr-xr-xterminaldweller.com/doh2/docker-entrypoint.sh30
-rw-r--r--terminaldweller.com/gemini/index.gmi75
-rw-r--r--terminaldweller.com/haproxy/conf.yml429
-rw-r--r--terminaldweller.com/haproxy/docker-compose.yaml90
-rw-r--r--terminaldweller.com/main/docker-compose.yaml1
-rw-r--r--terminaldweller.com/main/nginx.conf9
-rw-r--r--terminaldweller.com/main/srv/index.html27
15 files changed, 760 insertions, 108 deletions
diff --git a/.mutt/.muttrc b/.mutt/.muttrc
index 0783b14..02f922b 100644
--- a/.mutt/.muttrc
+++ b/.mutt/.muttrc
@@ -25,6 +25,8 @@ macro index,pager <f4> '<sync-mailbox><refresh><enter-command>source ~/.mutt/acc
# macros
macro index A "T~N<enter>;WNT~O<enter>;WO\CT~T<enter>” “mark all messages read"
+set new_mail_command="notify-send.sh 'New Email' '%n new messages, %u unread.' &"
+
# gives us all the mailboxes in the sidebar
set imap_check_subscribed
diff --git a/.vimrc b/.vimrc
index 3053774..9b45043 100644
--- a/.vimrc
+++ b/.vimrc
@@ -1222,6 +1222,12 @@ nnoremap <leader>rr :YcmCompleter RefactorRename<space>
nmap <leader>D <plug>(YCMHover)
" nmap <leader>yfw <Plug>(YCMFindSymbolInWorkspace)
" nmap <leader>yfd <Plug>(YCMFindSymbolInDocument)
+let g:ycm_enable_semantic_highlighting = 1
+let g:ycm_enable_inlay_hints = 1
+let g:ycm_clear_inlay_hints_in_insert_mode = 1
+let g:ycm_echo_current_diagnostic = "virtual-text"
+let g:ycm_enable_diagnostic_highlighting = 1
+let g:ycm_update_diagnostics_in_insert_mode = 0
let g:ycm_collect_identifiers_from_tags_files = 1
let g:ycm_seed_identifiers_with_syntax = 1
let g:ycm_auto_hover = "CursorHold"
diff --git a/.zshrc b/.zshrc
index 97cce16..72a24ab 100644
--- a/.zshrc
+++ b/.zshrc
@@ -104,7 +104,8 @@ alias pirate-get="pirate-get -S ~/magnets/"
alias vps="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh 87.236.209.206 -l ubuntu -p 1022"
alias vpn="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh 192.99.102.52 -l rooot -p 1022"
alias vpn2="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh 145.239.165.137 -l rooot"
-alias vpn3="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=yes root@jump3.terminaldweller.com -p 2022"
+# alias vpn3="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=yes root@jump3.terminaldweller.com -p 2022"
+alias vpn3="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -p 2022 root@185.112.147.110"
alias vpn6="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -p 3333 ubuntu@185.130.45.46"
alias vpn7="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -p 3333 ubuntu@185.130.47.81"
alias vpn8="proxychains4 -q -f ~/proxies/ice/proxychains.conf ssh -p 3333 ubuntu@185.130.47.208"
@@ -196,19 +197,7 @@ alias socks5z="ssh -N -D 9998 -o ExitOnForwardFailure=yes -l pi 192.168.1.108"
alias socks5ir="autossh -M 0 -N -D 9997 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 87.236.209.206"
alias socks5vpn1="autossh -M 0 -N -D 9999 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l rooot 145.239.165.137"
alias socks5vpn2="autossh -M 0 -N -D 9996 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l rooot -p 1022 192.99.102.52"
-alias socks5vpn3="autossh \
- -M 0 \
- -N \
- -D 0.0.0.0:9995 \
- -o StrictHostKeyChecking=no \
- -o UserKnownHostsFile=/dev/null \
- -o VerifyHostKeyDNS=no \
- -o ServerAliveInterval=180 \
- -o ServerAliveCountMax=3 \
- -o ExitOnForwardFailure=yes \
- -l root \
- -p 2022 \
- 185.112.147.110"
+alias socks5vpn3="autossh -M 0 -N -D 0.0.0.0:9995 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=no -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l root -p 2022 185.112.147.110"
alias socks5vpn4="autossh -M 0 -N -D 9994 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 130.185.121.80"
alias socks5vpn5="autossh -M 0 -N -D 0.0.0.0:9990 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
alias socks5vpn6="autossh -M 0 -N -D 9993 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -6 -l ubuntu -p 3333 2a07:e01:3:204::1"
@@ -216,6 +205,12 @@ alias socks5vpn7="autossh -M 0 -N -D 9992 -o ServerAliveInterval=180 -o ServerAl
alias socks5vpn8="autossh -M 0 -N -D 0.0.0.0:9989 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
alias tormapped6="autossh -M 0 -N -L 9053:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
alias tormapped8="autossh -M 0 -N -L 0.0.0.0:9054:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
+alias i2pmappedserver6="autossh -M 0 -N -L 0.0.0.0:9066:127.0.0.1:7070 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
+alias i2pmapped6http="autossh -M 0 -N -L 0.0.0.0:9064:127.0.0.1:4444 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
+alias i2pmapped6socks="autossh -M 0 -N -L 0.0.0.0:9067:127.0.0.1:4447 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
+alias i2pmappedserver8="autossh -M 0 -N -L 0.0.0.0:9166:127.0.0.1:7070 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
+alias i2pmapped8http="autossh -M 0 -N -L 0.0.0.0:9164:127.0.0.1:4444 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
+alias i2pmapped8socks="autossh -M 0 -N -L 0.0.0.0:9167:127.0.0.1:4447 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
alias k9sskin="vim ~/scripts/.k9s/skin.yml"
alias k9sconfig="vim ~/scripts/.k9s/config.yml"
alias fixk9sskin="cp ~/scripts/.k9s/skin.yml ~/.config/k9s/skin.yml"
@@ -308,7 +303,6 @@ alias ir_proxy="proxychains4 -q -f ~/proxies/ir/proxychains.conf"
alias ice_proxy="proxychains4 -q -f ~/proxies/ice/proxychains.conf"
alias tor_carrier_proxy="proxychains4 -q -f ~/proxies/tor_carrier/proxychains.conf"
alias glow="glow --style ~/.config/glow/dark.json --pager --local"
-alias mdcat="mdcat --local --fail --paginate"
alias nmap="grc nmap"
alias fdisk="grc fdisk"
alias blkid="grc blkid"
@@ -343,6 +337,11 @@ alias picocom="picocom --escape b"
# https://wiki.slipfox.xyz/wiki/ANSI_escape_code#OSC_(Operating_System_Command)_sequences)
# https://github.com/sos4nt/dynamic-colors
alias turn_green='echo -e "\033]10;#005f5f\007"'
+alias turn_blue='echo -e "\033]10;#005f87\007"'
+alias turn_white='echo -e "\033]10;#c0c0c0\007"'
+alias bandwhich="turn_green && bandwhich"
+alias powertop="turn_green && powertop"
+alias mdcat="turn_green && mdcat --local --fail --paginate"
# change the 4th terminal color to #0000ff
# echo -e '\e]P40000ff'
diff --git a/bin/clipd b/bin/clipd
index ae04207..6c6d40e 100755
--- a/bin/clipd
+++ b/bin/clipd
@@ -4,6 +4,15 @@
-- luarocks-5.3 install --local luaposix
-- luarocks-5.3 install --local argparse
-- cat .clip_history | dmenu -l 10 | xsel -ib
+local string = require("string")
+local signal = require("posix.signal")
+local argparse = require("argparse")
+local sys_stat = require("posix.sys.stat")
+local unistd_getuid = require("posix.unistd.getuid")
+local unistd_getgid = require("posix.unistd.getgid")
+local unistd_getpid = require("posix.unistd.getpid")
+local posix_syslog = require("posix.syslog")
+
local function default_luarocks_modules()
local luarocks_handle = io.popen("luarocks-5.3 path --bin")
local path_b = false
@@ -24,12 +33,6 @@ local function default_luarocks_modules()
end
default_luarocks_modules()
-local string = require("string")
-local signal = require("posix.signal")
-local argparse = require("argparse")
-
-signal.signal(signal.SIGINT, function(signum) os.exit(128 + signum) end)
-
local function sleep(n) os.execute("sleep " .. tonumber(n)) end
local function trim(s) return s:gsub("^%s+", ""):gsub("%s+$", "") end
@@ -38,6 +41,60 @@ parser:option("-s --hist_size", "history file size", 200)
parser:option("-f --hist_file", "history file location",
"/home/devi/.clip_history")
+local function log_to_syslog(log_str, log_priority)
+ posix_syslog.openlog("clipd",
+ posix_syslog.LOG_NDELAY | posix_syslog.LOG_PID,
+ posix_syslog.LOG_LOCAL0)
+ posix_syslog.syslog(log_priority, log_str)
+ posix_syslog.closelog()
+end
+
+local function check_clip_hist_perms(clip_hist)
+ local uid = unistd_getuid()
+ local gid = unistd_getgid()
+ for k, v in pairs(sys_stat.stat(clip_hist)) do
+ if k == "st_uid" then
+ if v ~= uid then
+ log_to_syslog(
+ "clipboard history file owned by uid other than the clipd uid",
+ posix_syslog.LOG_CRIT)
+ os.exit(1)
+ end
+ end
+ if k == "st_gid" then
+ if v ~= gid then
+ log_to_syslog(
+ "clipboard history file owned by gid other than the clipd gid",
+ posix_syslog.LOG_CRIT)
+ os.exit(1)
+ end
+ end
+ if k == "st_mode" then
+ if v & sys_stat.S_IRWXU ~= 0 then
+ log_to_syslog(
+ "file permissions are too open. they need to be 0600.",
+ posix_syslog.LOG_CRIT)
+ os.exit(1)
+ end
+ end
+ end
+end
+
+local function check_pid_file()
+ local f = sys_stat("/var/run/clipd.pid")
+ if f ~= nil then
+ log_to_syslog("clipd is already running", posix_syslog.LOG_CRIT)
+ os.exit(1)
+ end
+end
+
+local function write_pid_file()
+ local f = io.open("/var/run/clipd.pid")
+ f.write(unistd_getpid())
+end
+
+local function remove_pid_file() end
+
local function loop(clip_hist, clip_hist_size)
local clips_table = {}
local hist_current_count = 0
@@ -83,5 +140,15 @@ local function loop(clip_hist, clip_hist_size)
end
end
-local args = parser:parse()
-loop(args["hist_file"], args["hist_size"])
+local function main()
+ signal.signal(signal.SIGINT, function(signum) os.exit(128 + signum) end)
+ local args = parser:parse()
+ check_clip_hist_perms(args["hist_file"])
+ check_pid_file()
+ write_pid_file()
+ local status, err = pcall(loop(args["hist_file"], args["hist_size"]))
+ if ~status then log_to_syslog(err, posix_syslog.LOG_CRIT) end
+ remove_pid_file()
+end
+
+main()
diff --git a/bin/scotch b/bin/scotch
index 9e885cb..638b101 100755
--- a/bin/scotch
+++ b/bin/scotch
@@ -535,16 +535,18 @@ def main():
lines = lines[:-2]
for line in lines:
# this is here to support the -i option
- if line[0] == "[":
+ if "-t" in sys.argv or "-tt" in sys.argv or "-ttt" in sys.argv:
+ timestamp_end_index = line.find(" ")
+ print(Color.six + line[: timestamp_end_index - 1], end=" ")
+ line = line[timestamp_end_index + 1 :]
+ if "-n" in sys.argv:
idx = line.find("]")
- if idx - 1 < 16:
- print(Color.twelve + line[0 : idx + 1], end=" ")
- line = line[idx + 2 :]
- if line[0] == "[":
+ print(Color.twelve + line[0 : idx + 1], end=" ")
+ line = line[idx + 2 :]
+ if "-i" in sys.argv:
idx = line.find("]")
- if idx - 1 == 16:
- print(Color.thirteen + line[0 : idx + 1], end=" ")
- line = line[idx + 2 :]
+ print(Color.thirteen + line[0 : idx + 1], end=" ")
+ line = line[idx + 2 :]
if line[0 : line.find("(")] in syscall_set:
syscall = line[0 : line.find("(")]
sysargs = line[line.find("(") + 1 : line.find(")")].split()
diff --git a/stylus/readthedocs.css b/stylus/readthedocs.css
new file mode 100644
index 0000000..51442e1
--- /dev/null
+++ b/stylus/readthedocs.css
@@ -0,0 +1,32 @@
+@-moz-document domain("readthedocs.io") {
+ #configurations-and-zone-files {
+ background: #121212;
+ }
+
+ .wy-nav-side {
+ background: #121212;
+ }
+
+ .wy-nav-content-wrap {
+ background: #121212;
+ }
+
+ .wy-menu {
+ background: #121212;
+ }
+
+ html.writer-html5.TridactylThemeDark
+ body.wy-body-for-nav
+ div.wy-grid-for-nav
+ nav.wy-nav-side {
+ background: #121212;
+ }
+
+ .rst-content {
+ background: #121212;
+ }
+
+ .wy-nav-content {
+ background: #121212;
+ }
+}
diff --git a/terminaldweller.com/doh2/Dockerfile b/terminaldweller.com/doh2/Dockerfile
new file mode 100644
index 0000000..5b75994
--- /dev/null
+++ b/terminaldweller.com/doh2/Dockerfile
@@ -0,0 +1,18 @@
+FROM alpine:3.17 as builder
+ENV GOPROXY=https://goproxy.io
+RUN apk update && apk upgrade
+RUN apk add go git
+ENV GOPROXY=https://goproxy.io
+RUN git clone https://github.com/AdguardTeam/dnsproxy && cd dnsproxy && go build -mod=vendor
+
+FROM alpine:3.17 as certbuilder
+RUN apk add openssl
+WORKDIR /certs
+RUN openssl req -nodes -new -x509 -subj="/C=US/ST=Denial/L=springfield/O=Dis/CN=doh2.terminaldweller.com" -keyout server.key -out server.cert
+
+# FROM gcr.io/distroless/static-debian10
+FROM alpine:3.17
+COPY --from=certbuilder /certs /certs
+COPY --from=builder /dnsproxy/dnsproxy /dnsproxy/dnsproxy
+COPY ./docker-entrypoint.sh /docker-entrypoint.sh
+ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/terminaldweller.com/doh2/docker-compose.yaml b/terminaldweller.com/doh2/docker-compose.yaml
new file mode 100644
index 0000000..ec06a78
--- /dev/null
+++ b/terminaldweller.com/doh2/docker-compose.yaml
@@ -0,0 +1,19 @@
+version: "3"
+services:
+ dnsproxy:
+ image: bloodstalker/dnsproxy
+ # build:
+ # context: .
+ networks:
+ - doh2net
+ ports:
+ - "8844:8844"
+ - "8845:8845"
+ - "8846:8846"
+ - "8847:8847"
+ restart: unless-stopped
+ entrypoint: ["/docker-entrypoint.sh"]
+ volumes:
+ - /etc/letsencrypt/archive/doh2.terminaldweller.com/:/certs/:ro
+networks:
+ doh2net:
diff --git a/terminaldweller.com/doh2/docker-entrypoint.sh b/terminaldweller.com/doh2/docker-entrypoint.sh
new file mode 100755
index 0000000..c99042a
--- /dev/null
+++ b/terminaldweller.com/doh2/docker-entrypoint.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+/dnsproxy/dnsproxy \
+ --tls-cert /certs/fullchain1.pem \
+ --tls-key /certs/privkey1.pem \
+ -l 0.0.0.0 \
+ -p 0 \
+ --https-port 8844 \
+ --tls-port 8845 \
+ --quic-port 8846 \
+ --dnscrypt-port 8847 \
+ -u sdns://AgcAAAAAAAAABzEuMC4wLjGgENk8mGSlIfMGXMOlIlCcKvq7AVgcrZxtjon911-ep0cg63Ul-I8NlFj4GplQGb_TTLiczclX57DvMV8Q-JdjgRgSZG5zLmNsb3VkZmxhcmUuY29tCi9kbnMtcXVlcnk \
+ -u sdns://AQIAAAAAAAAAFDE3Ni4xMDMuMTMwLjEzMDo1NDQzINErR_JS3PLCu_iZEIbq95zkSV2LFsigxDIuUso_OQhzIjIuZG5zY3J5cHQuZGVmYXVsdC5uczEuYWRndWFyZC5jb20 \
+ -u tls://dns.adguard.com \
+ -u https://dns.adguard.com/dns-query \
+ -u quic://dns.adguard.com \
+ -b 1.1.1.1:53 \
+ -b 9.9.9.9:53 \
+ --http3 \
+ -f 1.1.1.1:53 \
+ -f 9.9.9.9:53 \
+ --ratelimit 15 \
+ --refuse-any \
+ --cache \
+ --cache-size 1048576 \
+ --cache-min-ttl 900 \
+ --cache-max-ttl 14400 \
+ --cache-optimistic \
+ --tls-min-version 1.3 \
+ --tls-max-version 1.3
diff --git a/terminaldweller.com/gemini/index.gmi b/terminaldweller.com/gemini/index.gmi
index 6e6d96c..134bf8a 100644
--- a/terminaldweller.com/gemini/index.gmi
+++ b/terminaldweller.com/gemini/index.gmi
@@ -2,19 +2,27 @@
This is a list of links:
-The same links are available on IPFS on https://ipfs.terminaldweller.com[1] or on terminaldweller.eth[2]
+This page is available on:
+web2[1]
+IPFS from https://ipfs.terminaldweller.com[2] or from terminaldweller.eth[3]
+Gemini[4]
+i2p[5]
+tor[6]
WKD direct and advanced are setup on/for the domain.
-keyoxide[3]
+keyoxide[7]
+I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant).
-* GPG: 9E 20 46 4F 1C CF 3B 10 32 49 FA 93 A6 A0 F5 15 8B 38 81 DFj[4]
-* SSH: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4[5]
+* PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here[8] and here[9]
+I also upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu .
+* SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here[10] and here[11]
-* IRC Libera[6]: terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F
-* IRC OFTC[7]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
-* IRC Tilde[8]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
-* IRC Rizon[9]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
+* IRC Libera[12]: terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F
+* IRC OFTC[13]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
+* IRC Tilde[14]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
+* IRC Rizon[15]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
+You can also find me on Libera, OFTC and Rizon in ##terminaldweller.
XMPP: devi@jabber.terminaldweller.com
@@ -22,33 +30,40 @@ The order is significant:
* Email: devi@terminaldweller.com
* Email: thabogre@gmail.com
* Email: farzadsadeghi@protonmail.ch
+All emails have the ssh and pgp key fingerprints as signature.
-Github: terminaldweller[10]
+Github: terminaldweller[16]
-Mastodon: @terminaldweller@terminaldweller.com[11]
-If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org[12]
+Mastodon: @terminaldweller@terminaldweller.com[17]
+If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org[18]
-Git mirror: git.terminaldweller.com[13]
+Git mirror: git.terminaldweller.com[19]
-Blog: Blog[14] RSS[15]
+Blog: Blog[20] RSS[21]
-Linkedin[16]
+Linkedin[22]
Services: N/A
-[1] https://ipfs.terminaldweller.com
-[2] https://terminaldweller.eth.link
-[3] https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df
-[4] https://github.com/terminaldweller.gpg
-[5] https://github.com/terminaldweller.keys
-[6] https://libera.chat
-[7] https://oftc.net
-[9] https://tilde.chat
-[9] https://rizon.net
-[10] https://github.com/terminaldweller
-[11] https://fosstodon.org/@terminaldweller
-[12] https://fosstodon.org/@terminaldweller
-[13] https://git.terminaldweller.com
-[14] https://blog.terminaldweller.com
-[15] https://blog.terminaldweller.com/rss/feed
-[16] https://www.linkedin.com/in/farzad-sadeghi
+[1]https://terminaldweller.com
+[2] https://ipfs.terminaldweller.com
+[3] https://terminaldweller.eth.link
+[4]gemini://gemini.terminaldweller.com
+[5]http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/
+[6]http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/
+[7] https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df
+[8] https://github.com/terminaldweller.gpg
+[9] https://terminaldweller.com/keys/gpg_pubkey
+[10] https://github.com/terminaldweller.keys
+[11] https://terminaldweller.com/keys/id_rsa.pub
+[12] https://libera.chat
+[13] https://oftc.net
+[14] https://tilde.chat
+[15] https://rizon.net
+[16] https://github.com/terminaldweller
+[17] https://fosstodon.org/@terminaldweller
+[18] https://fosstodon.org/@terminaldweller
+[19] https://git.terminaldweller.com
+[20] https://blog.terminaldweller.com
+[21] https://blog.terminaldweller.com/rss/feed
+[22] https://www.linkedin.com/in/farzad-sadeghi
diff --git a/terminaldweller.com/haproxy/conf.yml b/terminaldweller.com/haproxy/conf.yml
new file mode 100644
index 0000000..f3c8a9c
--- /dev/null
+++ b/terminaldweller.com/haproxy/conf.yml
@@ -0,0 +1,429 @@
+# my global config
+global:
+ scrape_interval: 60s
+ evaluation_interval: 120s
+ scrape_timeout: 10s
+
+ external_labels:
+ monitor: codelab
+ foo: bar
+
+rule_files:
+ - "first.rules"
+ - "my/*.rules"
+
+remote_write:
+ - url: http://remote1/push
+ name: drop_expensive
+ write_relabel_configs:
+ - source_labels: [__name__]
+ regex: expensive.*
+ action: drop
+ oauth2:
+ client_id: "123"
+ client_secret: "456"
+ token_url: "http://remote1/auth"
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ - url: http://remote2/push
+ name: rw_tls
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+ headers:
+ name: value
+
+remote_read:
+ - url: http://remote1/read
+ read_recent: true
+ name: default
+ enable_http2: false
+ - url: http://remote3/read
+ read_recent: false
+ name: read_special
+ required_matchers:
+ job: special
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+scrape_configs:
+ - job_name: prometheus
+
+ honor_labels: true
+ # scrape_interval is defined by the configured global (15s).
+ # scrape_timeout is defined by the global default (10s).
+
+ # metrics_path defaults to '/metrics'
+ # scheme defaults to 'http'.
+
+ file_sd_configs:
+ - files:
+ - foo/*.slow.json
+ - foo/*.slow.yml
+ - single/file.yml
+ refresh_interval: 10m
+ - files:
+ - bar/*.yaml
+
+ static_configs:
+ - targets: ["localhost:9090", "localhost:9191"]
+ labels:
+ my: label
+ your: label
+
+ relabel_configs:
+ - source_labels: [job, __meta_dns_name]
+ regex: (.*)some-[regex]
+ target_label: job
+ replacement: foo-${1}
+ # action defaults to 'replace'
+ - source_labels: [abc]
+ target_label: cde
+ - replacement: static
+ target_label: abc
+ - regex:
+ replacement: static
+ target_label: abc
+ - source_labels: [foo]
+ target_label: abc
+ action: keepequal
+ - source_labels: [foo]
+ target_label: abc
+ action: dropequal
+
+ authorization:
+ credentials_file: valid_token_file
+
+ tls_config:
+ min_version: TLS10
+
+ - job_name: service-x
+
+ basic_auth:
+ username: admin_name
+ password: "multiline\nmysecret\ntest" #pragma: allowlist secret
+
+ scrape_interval: 50s
+ scrape_timeout: 5s
+
+ body_size_limit: 10MB
+ sample_limit: 1000
+
+ metrics_path: /my_path
+ scheme: https
+
+ dns_sd_configs:
+ - refresh_interval: 15s
+ names:
+ - first.dns.address.domain.com
+ - second.dns.address.domain.com
+ - names:
+ - first.dns.address.domain.com
+
+ relabel_configs:
+ - source_labels: [job]
+ regex: (.*)some-[regex]
+ action: drop
+ - source_labels: [__address__]
+ modulus: 8
+ target_label: __tmp_hash
+ action: hashmod
+ - source_labels: [__tmp_hash]
+ regex: 1
+ action: keep
+ - action: labelmap
+ regex: 1
+ - action: labeldrop
+ regex: d
+ - action: labelkeep
+ regex: k
+
+ metric_relabel_configs:
+ - source_labels: [__name__]
+ regex: expensive_metric.*
+ action: drop
+
+ - job_name: service-y
+
+ consul_sd_configs:
+ - server: "localhost:1234"
+ token: mysecret
+ services: ["nginx", "cache", "mysql"]
+ tags: ["canary", "v1"]
+ node_meta:
+ rack: "123"
+ allow_stale: true
+ scheme: https
+ tls_config:
+ ca_file: valid_ca_file
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+ insecure_skip_verify: false
+
+ relabel_configs:
+ - source_labels: [__meta_sd_consul_tags]
+ separator: ","
+ regex: label:([^=]+)=([^,]+)
+ target_label: ${1}
+ replacement: ${2}
+
+ - job_name: service-z
+
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ authorization:
+ credentials: mysecret
+
+ - job_name: service-kubernetes
+
+ kubernetes_sd_configs:
+ - role: endpoints
+ api_server: "https://localhost:1234"
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ basic_auth:
+ username: "myusername"
+ password: "mysecret" #pragma: allowlist secret
+
+ - job_name: service-kubernetes-namespaces
+
+ kubernetes_sd_configs:
+ - role: endpoints
+ api_server: "https://localhost:1234"
+ namespaces:
+ names:
+ - default
+
+ basic_auth:
+ username: "myusername"
+ password_file: valid_password_file #pragma: allowlist secret
+
+ - job_name: service-kuma
+
+ kuma_sd_configs:
+ - server: http://kuma-control-plane.kuma-system.svc:5676
+
+ - job_name: service-marathon
+ marathon_sd_configs:
+ - servers:
+ - "https://marathon.example.com:443"
+
+ auth_token: "mysecret"
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ - job_name: service-nomad
+ nomad_sd_configs:
+ - server: 'http://localhost:4646'
+
+ - job_name: service-ec2
+ ec2_sd_configs:
+ - region: us-east-1
+ access_key: access
+ secret_key: mysecret #pragma: allowlist secret
+ profile: profile
+ filters:
+ - name: tag:environment
+ values:
+ - prod
+
+ - name: tag:service
+ values:
+ - web
+ - db
+
+ - job_name: service-lightsail
+ lightsail_sd_configs:
+ - region: us-east-1
+ access_key: access
+ secret_key: mysecret #pragma: allowlist secret
+ profile: profile
+
+ - job_name: service-azure
+ azure_sd_configs:
+ - environment: AzurePublicCloud
+ authentication_method: OAuth
+ subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11
+ resource_group: my-resource-group
+ tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2
+ client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C
+ client_secret: mysecret #pragma: allowlist secret
+ port: 9100
+
+ - job_name: service-nerve
+ nerve_sd_configs:
+ - servers:
+ - localhost
+ paths:
+ - /monitoring
+
+ - job_name: 0123service-xxx
+ metrics_path: /metrics
+ static_configs:
+ - targets:
+ - localhost:9090
+
+ - job_name: badfederation
+ honor_timestamps: false
+ metrics_path: /federate
+ static_configs:
+ - targets:
+ - localhost:9090
+
+ - job_name: 測試
+ metrics_path: /metrics
+ static_configs:
+ - targets:
+ - localhost:9090
+
+ - job_name: httpsd
+ http_sd_configs:
+ - url: "http://example.com/prometheus"
+
+ - job_name: service-triton
+ triton_sd_configs:
+ - account: "testAccount"
+ dns_suffix: "triton.example.com"
+ endpoint: "triton.example.com"
+ port: 9163
+ refresh_interval: 1m
+ version: 1
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ - job_name: digitalocean-droplets
+ digitalocean_sd_configs:
+ - authorization:
+ credentials: abcdef
+
+ - job_name: docker
+ docker_sd_configs:
+ - host: unix:///var/run/docker.sock
+
+ - job_name: dockerswarm
+ dockerswarm_sd_configs:
+ - host: http://127.0.0.1:2375
+ role: nodes
+
+ - job_name: service-openstack
+ openstack_sd_configs:
+ - role: instance
+ region: RegionOne
+ port: 80
+ refresh_interval: 1m
+ tls_config:
+ ca_file: valid_ca_file
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ - job_name: service-puppetdb
+ puppetdb_sd_configs:
+ - url: https://puppetserver/
+ query: 'resources { type = "Package" and title = "httpd" }'
+ include_parameters: true
+ port: 80
+ refresh_interval: 1m
+ tls_config:
+ ca_file: valid_ca_file
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+
+ - job_name: hetzner
+ relabel_configs:
+ - action: uppercase
+ source_labels: [instance]
+ target_label: instance
+ hetzner_sd_configs:
+ - role: hcloud
+ authorization:
+ credentials: abcdef
+ - role: robot
+ basic_auth:
+ username: abcdef
+ password: abcdef
+
+ - job_name: service-eureka
+ eureka_sd_configs:
+ - server: "http://eureka.example.com:8761/eureka"
+
+ - job_name: ovhcloud
+ ovhcloud_sd_configs:
+ - service: vps
+ endpoint: ovh-eu
+ application_key: testAppKey
+ application_secret: testAppSecret #pragma: allowlist secret
+ consumer_key: testConsumerKey
+ refresh_interval: 1m
+ - service: dedicated_server
+ endpoint: ovh-eu
+ application_key: testAppKey
+ application_secret: testAppSecret #pragma: allowlist secret
+ consumer_key: testConsumerKey
+ refresh_interval: 1m
+
+ - job_name: scaleway
+ scaleway_sd_configs:
+ - role: instance
+ project_id: 11111111-1111-1111-1111-111111111112
+ access_key: SCWXXXXXXXXXXXXXXXXX
+ secret_key: 11111111-1111-1111-1111-111111111111
+ - role: baremetal
+ project_id: 11111111-1111-1111-1111-111111111112
+ access_key: SCWXXXXXXXXXXXXXXXXX
+ secret_key: 11111111-1111-1111-1111-111111111111
+
+ - job_name: linode-instances
+ linode_sd_configs:
+ - authorization:
+ credentials: abcdef
+
+ - job_name: uyuni
+ uyuni_sd_configs:
+ - server: https://localhost:1234
+ username: gopher
+ password: hole #pragma: allowlist secret
+
+ - job_name: ionos
+ ionos_sd_configs:
+ - datacenter_id: 8feda53f-15f0-447f-badf-ebe32dad2fc0
+ authorization:
+ credentials: abcdef
+
+ - job_name: vultr
+ vultr_sd_configs:
+ - authorization:
+ credentials: abcdef
+
+alerting:
+ alertmanagers:
+ - scheme: https
+ static_configs:
+ - targets:
+ - "1.2.3.4:9093"
+ - "1.2.3.5:9093"
+ - "1.2.3.6:9093"
+
+storage:
+ tsdb:
+ out_of_order_time_window: 30m
+
+tracing:
+ endpoint: "localhost:4317"
+ client_type: "grpc"
+ headers:
+ foo: "bar"
+ timeout: 5s
+ compression: "gzip"
+ tls_config:
+ cert_file: valid_cert_file
+ key_file: valid_key_file
+ insecure_skip_verify: true
diff --git a/terminaldweller.com/haproxy/docker-compose.yaml b/terminaldweller.com/haproxy/docker-compose.yaml
index f24d17c..6e89024 100644
--- a/terminaldweller.com/haproxy/docker-compose.yaml
+++ b/terminaldweller.com/haproxy/docker-compose.yaml
@@ -1,7 +1,7 @@
version: "3.4"
services:
haproxy:
- image: haproxy
+ image: haproxy:2.7.1-bullseye
ports:
- "80:80"
- "443:443"
@@ -17,51 +17,63 @@ services:
- "587:587"
volumes:
- ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
- - ./certs:/usr/local/etc/certs:ro
+ # - ./certs:/usr/local/etc/certs:ro
networks:
- proxynet
- - certnet
+ - metricsnet
+ # - certnet
restart: unless-stopped
cap_drop:
- ALL
- certbot:
- image: certbot
- build:
- context: ./certbot
- ports:
- - "127.0.0.1:9080:80"
- - "127.0.0.1:9443:443"
+ # certbot:
+ # image: certbot
+ # build:
+ # context: ./certbot
+ # ports:
+ # - "127.0.0.1:9080:80"
+ # - "127.0.0.1:9443:443"
+ # networks:
+ # - certnet
+ # # restart: unless-stopped
+ # volumes:
+ # - ./letsencrypt:/etc/letsencrypt
+ # - ./webroot:/webroot
+ # - ./certs:/certs
+ # # command: ["certonly","--test-cert","--webroot","-w","/webroot","-d","chat.terminaldweller.com","--email","thabogre@gmail.com","--non-interactive","--agree-tos"]
+ # entrypoint: ["/certbot-entrypoint.sh"]
+ # environment:
+ # - DOMAIN=chat.terminaldweller.com
+ # - EMAIL=devi@mail.terminaldweller.com
+ # nginx:
+ # image: nginx
+ # ports:
+ # - "127.0.0.1:8080:80"
+ # networks:
+ # - certnet
+ # restart: unless-stopped
+ # volumes:
+ # - ./webroot:/usr/share/nginx/html
+ # udpproxy:
+ # image: nginx
+ # ports:
+ # - "127.0.0.1:3478:3478/udp"
+ # - "127.0.0.1:5349:5349/udp"
+ # networks:
+ # - proxynet
+ # restart: unless-stopped
+ # volumes:
+ # - ./nginx.conf:/etc/nginx/nginx.conf:ro
+ prometheus:
+ image: bitnami/prometheus:2.41.0
networks:
- - certnet
- # restart: unless-stopped
- volumes:
- - ./letsencrypt:/etc/letsencrypt
- - ./webroot:/webroot
- - ./certs:/certs
- # command: ["certonly","--test-cert","--webroot","-w","/webroot","-d","chat.terminaldweller.com","--email","thabogre@gmail.com","--non-interactive","--agree-tos"]
- entrypoint: ["/certbot-entrypoint.sh"]
- environment:
- - DOMAIN=chat.terminaldweller.com
- - EMAIL=devi@mail.terminaldweller.com
- nginx:
- image: nginx
- ports:
- - "127.0.0.1:8080:80"
- networks:
- - certnet
- restart: unless-stopped
- volumes:
- - ./webroot:/usr/share/nginx/html
- udpproxy:
- image: nginx
- ports:
- - "127.0.0.1:3478:3478/udp"
- - "127.0.0.1:5349:5349/udp"
- networks:
- - proxynet
+ - metricsnet
restart: unless-stopped
volumes:
- - ./nginx.conf:/etc/nginx/nginx.conf:ro
+ - metricsvault:/opt/bitnami/prometheus/data
+ - ./conf.yml:/opt/bitnami/prometheus/conf/prometheus.yml:ro
networks:
proxynet:
- certnet:
+ metricsnet:
+ # certnet:
+volumes:
+ metricsvault:
diff --git a/terminaldweller.com/main/docker-compose.yaml b/terminaldweller.com/main/docker-compose.yaml
index 2f927c0..7d73795 100644
--- a/terminaldweller.com/main/docker-compose.yaml
+++ b/terminaldweller.com/main/docker-compose.yaml
@@ -6,6 +6,7 @@ services:
- mainnet
ports:
- "7773:8080"
+ - "127.0.0.1:7774:8081"
restart: unless-stopped
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
diff --git a/terminaldweller.com/main/nginx.conf b/terminaldweller.com/main/nginx.conf
index 86cb085..1a9ea0e 100644
--- a/terminaldweller.com/main/nginx.conf
+++ b/terminaldweller.com/main/nginx.conf
@@ -3,6 +3,13 @@ events {
}
http {
server {
+ listen 8081;
+ location / {
+ root /srv/;
+ add_header Access-Control-Allow-Origin "*";
+ }
+ }
+ server {
listen 8080 ssl http2;
keepalive_timeout 70;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
@@ -35,7 +42,7 @@ http {
add_header Access-Control-Allow-Origin "*";
}
location / {
- alias /srv/;
+ root /srv/;
add_header Access-Control-Allow-Origin "*";
}
}
diff --git a/terminaldweller.com/main/srv/index.html b/terminaldweller.com/main/srv/index.html
index e66fdd3..dc1a110 100644
--- a/terminaldweller.com/main/srv/index.html
+++ b/terminaldweller.com/main/srv/index.html
@@ -3,6 +3,7 @@
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width" />
+ <meta http-equiv="onion-location" content="http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion" />
<title>main</title>
<style>
a:link {
@@ -16,27 +17,39 @@
<body style="color:#005f87;background:#000000;text-align:center;">
<p style="font-size:20px;font-weight:bold">This is a list of links:</p>
<p>
- <div>The page is available on IPFS on <a href="https://ipfs.terminaldweller.com">https://ipfs.terminaldweller.com</a> or on <a href="https://terminaldweller.eth.link">terminaldweller.eth</a></div>
- <div>It's also available on <a href="gemini://gemini.terminaldweller.com">Gemini</a></div>
+ <div>This page is available on:</div>
+ <div>web2 from <a href="https://terminaldweller.com">https://terminaldweller.com</a></div>
+ <div>IPFS from <a href="https://ipfs.terminaldweller.com">https://ipfs.terminaldweller.com</a> or from <a href="https://terminaldweller.eth.link">terminaldweller.eth</a></div>
+ <div>On <a href="gemini://gemini.terminaldweller.com">Gemini</a></div>
+ <div><a href="http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/">i2p mirror</a></div>
+ <div><a href="http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/">tor mirror</a></div>
<p>WKD direct and advanced are setup on/for the domain.</p>
- <p><div><a href="https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df">keyoxide</a></div></p>
+ <p>
+ <div><a href="https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df">keyoxide</a></div>
+ <div>I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant).</div>
+ </p>
<div>
- <div><a href="https://github.com/terminaldweller.gpg">GPG: 9E 20 46 4F 1C CF 3B 10 32 49 FA 93 A6 A0 F5 15 8B 38 81 DF</a></div>
- <div><a href="https://github.com/terminaldweller.keys">SSH: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4</a></div>
+ <div>PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - <a href="https://github.com/terminaldweller.gpg">here</a> and <a href="https://terminaldweller.com/keys/gpg_pubkey">here</a></div>
+ <div>I manually upload my PGP key to <a href="https://keys.openpgp.org">https://keys.openpgp.org</a> and <a href="https://pgp.mit.edu/">https://pgp.mit.edu/</a>.</div>
+ <div>SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - <a href="https://github.com/terminaldweller.keys">here</a> and <a href="https://terminaldweller.com/keys/id_rsa.pub">here</a></div>
<p>
<div>IRC <a href="https://libera.chat">Libera</a>: terminaldweller <a>FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F</a></div>
<div>IRC <a href="https://oftc.net">OFTC</a>: terminaldweller <a>FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876</a></div>
- <div>IRC <a href="https://tilde.chat">Tilde</a>: terminaldweller <a>FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876</a></div>
<div>IRC <a href="https://rizon.net/">Rizon</a>: terminaldweller <a>FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876</a></div>
+ <div>IRC <a href="https://tilde.chat">Tilde</a>: terminaldweller <a>FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876</a></div>
+ <div>You can also find me on Libera, OFTC and Rizon in ##terminaldweller.</div>
</p>
</div>
</p>
- <p>XMPP: devi@jabber.terminaldweller.com</p>
+ <p>
+ <div>XMPP: devi@jabber.terminaldweller.com</div>
+ </p>
<p>
<div>The order is significant:</div>
<div>Email: devi@terminaldweller.com</div>
<div>Email: thabogre@gmail.com</div>
<div>Email: farzadsadeghi@protonmail.ch</div>
+ <div>All emails have the ssh and pgp key fingerprints as signature.</div>
</p>
<p>Github: <a href="https://github.com/terminaldweller">terminaldweller</a></p>
<p>