diff options
-rw-r--r-- | .mongoshrc.js | 4 | ||||
-rw-r--r-- | .tunneltop.toml | 116 | ||||
-rw-r--r-- | .zshrc | 5 | ||||
-rwxr-xr-x | bin/tunneltop | 230 | ||||
-rwxr-xr-x | bin/virttop | 2 | ||||
-rw-r--r-- | terminaldweller.com/cgit/docker-compose.yaml | 6 | ||||
-rwxr-xr-x | terminaldweller.com/gemini/convert_html.sh | 3 | ||||
-rw-r--r-- | terminaldweller.com/gemini/index.gmi | 88 | ||||
-rw-r--r-- | terminaldweller.com/haproxy/conf.yml | 427 | ||||
-rw-r--r-- | terminaldweller.com/haproxy/docker-compose.yaml | 50 | ||||
-rw-r--r-- | terminaldweller.com/haproxy/haproxy.cfg | 9 | ||||
-rw-r--r-- | terminaldweller.com/main/srv/index.html | 4 |
12 files changed, 447 insertions, 497 deletions
diff --git a/.mongoshrc.js b/.mongoshrc.js index 9533ee8..bd91d9a 100644 --- a/.mongoshrc.js +++ b/.mongoshrc.js @@ -24,3 +24,7 @@ function get_mangas() { function get_animes() { return db.animes.find(); } + +function get_movies() { + return db.movies.find(); +} diff --git a/.tunneltop.toml b/.tunneltop.toml new file mode 100644 index 0000000..df5eaf9 --- /dev/null +++ b/.tunneltop.toml @@ -0,0 +1,116 @@ +[socks5ir] +address = "127.0.0.1" +port = 9997 +command = "autossh -M 0 -N -D 9997 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 87.236.209.206" +test_command = "curl -s -4 --socks5 127.0.0.1:9997 --connect-timeout 10 icanhazip.com" +test_command_result = "87.236.209.206" +test_interval = 300 +test_timeout = 10 + +[socks5_3] +address = "127.0.0.1" +port = 9995 +command = "autossh -M 0 -N -D 0.0.0.0:9995 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=no -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l root -p 2022 185.112.147.110" +test_command = "curl -s -4 --socks5 127.0.0.1:9995 --connect-timeout 10 icanhazip.com" +test_command_result = "185.112.147.110" +test_interval = 300 +test_timeout = 10 + +[socks5_5] +address = "127.0.0.1" +port = 9990 +command = "autossh -M 0 -N -D 0.0.0.0:9990 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46" +test_command = "curl -s -4 --socks5 127.0.0.1:9990 --connect-timeout 10 icanhazip.com" +test_command_result = "185.130.45.46" +test_interval = 300 +test_timeout = 10 + +[socks5_8] +address = "127.0.0.1" +port = 9989 +command = "autossh -M 0 -N -D 0.0.0.0:9989 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +test_command = "curl -s -4 --socks5 127.0.0.1:9989 --connect-timeout 10 icanhazip.com" +test_command_result = "185.130.47.208" +test_interval = 300 +test_timeout = 10 + +[i2pmapped6http] +address = "127.0.0.1" +port = 9064 +command = "autossh -M 0 -N -L 0.0.0.0:9064:127.0.0.1:4444 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --proxy http://127.0.0.1:9064 --connect-timeout 30 http://planet.i2p' +test_command_result = 200 +test_interval = 300 +test_timeout = 30 + +[i2pmapped6server] +address = "127.0.0.1" +port = 9066 +command = "autossh -M 0 -N -L 0.0.0.0:9066:127.0.0.1:7070 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --connect-timeout 30 localhost:9066' +test_command_result = "200" +test_interval = 300 +test_timeout = 30 + +[i2pmapped6socks] +address = "127.0.0.1" +port = 9067 +command = "autossh -M 0 -N -L 0.0.0.0:9067:127.0.0.1:4447 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9067 --connect-timeout 30 http://planet.i2p' +test_command_result = "200" +test_interval = 300 +test_timeout = 30 + +[i2pmapped8http] +address = "127.0.0.1" +port = 9164 +command = "autossh -M 0 -N -L 0.0.0.0:9164:127.0.0.1:4444 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --proxy http://127.0.0.1:9164 --connect-timeout 30 http://planet.i2p' +test_command_result = "200" +test_interval = 300 +test_timeout = 30 + +[i2pmapped8server] +address = "127.0.0.1" +port = 9166 +command = "autossh -M 0 -N -L 0.0.0.0:9166:127.0.0.1:7070 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --connect-timeout 30 localhost:9166' +test_command_result = "200" +test_interval = 300 +test_timeout = 30 + +[i2pmapped8socks] +address = "127.0.0.1" +port = 9167 +command = "autossh -M 0 -N -L 0.0.0.0:9167:127.0.0.1:4447 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9167 --connect-timeout 30 http://planet.i2p' +test_command_result = "200" +test_interval = 300 +test_timeout = 30 + +[tormapped6] +address = "127.0.0.1" +port = 9053 +command = "autossh -M 0 -N -L 9053:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9053 --connect-timeout 20 icanhazip.com' +test_command_result = "200" +test_interval = 300 +test_timeout = 20 + +[tormapped8] +address = "127.0.0.1" +port = 9054 +command = "autossh -M 0 -N -L 0.0.0.0:9054:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9054 --connect-timeout 20 icanhazip.com' +test_command_result = "200" +test_interval = 300 +test_timeout = 20 + +[haproxy_prom_mapped] +address = "127.0.0.1" +port = 9099 +command = "autossh -M 0 -N -L 0.0.0.0:9099:127.0.0.1:9099 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 87.236.209.206" +test_command = "curl -s --connect-timeout 10 localhost:9099" +test_command_result = "<a href=\"/graph\">Found</a>." +test_interval = 300 +test_timeout = 10 @@ -211,6 +211,7 @@ alias i2pmapped6socks="autossh -M 0 -N -L 0.0.0.0:9067:127.0.0.1:4447 -o ServerA alias i2pmappedserver8="autossh -M 0 -N -L 0.0.0.0:9166:127.0.0.1:7070 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" alias i2pmapped8http="autossh -M 0 -N -L 0.0.0.0:9164:127.0.0.1:4444 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" alias i2pmapped8socks="autossh -M 0 -N -L 0.0.0.0:9167:127.0.0.1:4447 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208" +alias haproxy_prompammed="autossh -M 0 -N -L 0.0.0.0:9099:127.0.0.1:9099 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 87.236.209.206" alias k9sskin="vim ~/scripts/.k9s/skin.yml" alias k9sconfig="vim ~/scripts/.k9s/config.yml" alias fixk9sskin="cp ~/scripts/.k9s/skin.yml ~/.config/k9s/skin.yml" @@ -342,6 +343,9 @@ alias turn_white='echo -e "\033]10;#c0c0c0\007"' alias bandwhich="turn_green && bandwhich" alias powertop="turn_green && powertop" alias mdcat="turn_green && mdcat --local --fail --paginate" +alias mariadb="mariadb --safe-updates" +alias tunneltoprc="vim ~/scripts/.tunneltop.toml" +alias fixtunneltoprc="cp ~/scripts/.tunneltop.toml ~/.tunneltop.toml" # change the 4th terminal color to #0000ff # echo -e '\e]P40000ff' @@ -451,6 +455,7 @@ export PYGMENTIZE_STYLE="paraiso-dark" # export LD_PRELOAD=/usr/local/lib/libtrash.so.3.5 # alias trashon=”export TRASH_OFF=NO” # alias trashoff=”export TRASH_OFF=YES” +export MYSQL_PS1="\U@\N:\p [\d] - \R:\m:\s - \v\n>>>" # TZ=Asia/Tehran # export TZ diff --git a/bin/tunneltop b/bin/tunneltop new file mode 100755 index 0000000..ebed5d9 --- /dev/null +++ b/bin/tunneltop @@ -0,0 +1,230 @@ +#!/usr/bin/env python +"""A top-like program for monitoring ssh tunnels""" + +import argparse +import asyncio +import enum +import sys +import typing + +import tomllib + + +class Argparser: # pylint: disable=too-few-public-methods + """Argparser class.""" + + def __init__(self): + self.parser = argparse.ArgumentParser() + self.parser.add_argument( + "--config", + "-c", + type=str, + help="the path to the .tunneltop.toml file", + default="/home/devi/.tunneltop.toml", + ) + self.parser.add_argument( + "--noheader", + "-n", + type=bool, + help="dont print the header", + default=False, + ) + self.parser.add_argument( + "--delay", + "-d", + type=float, + help="The delay between updates in seconds", + default=5, + ) + self.args = self.parser.parse_args() + + +# pylint: disable=too-few-public-methods +class Colors(enum.EnumType): + """static color definitions""" + + purple = "\033[95m" + blue = "\033[94m" + green = "\033[92m" + yellow = "\033[93m" + red = "\033[91m" + grey = "\033[1;37m" + darkgrey = "\033[1;30m" + cyan = "\033[1;36m" + ENDC = "\033[0m" + BOLD = "\033[1m" + UNDERLINE = "\033[4m" + blueblue = "\x1b[38;5;24m" + greenie = "\x1b[38;5;23m" + goo = "\x1b[38;5;22m" + screen_clear = "\033c\033[3J" + hide_cursor = "\033[?25l" + + +# pylint: disable=too-many-locals +def ffs( + offset: int, + header_list: typing.Optional[typing.List[str]], + numbered: bool, + *args, +) -> typing.List[str]: + """A simple columnar printer""" + max_column_width = [] + lines = [] + numbers_f: typing.List[int] = [] + dummy = [] + + if sys.stdout.isatty(): + greenie = Colors.greenie + bold = Colors.BOLD + endc = Colors.ENDC + goo = Colors.goo + blueblue = Colors.blueblue + else: + greenie = "" + bold = "" + endc = "" + goo = "" + blueblue = "" + + for arg in args: + max_column_width.append(max(len(repr(argette)) for argette in arg)) + + if header_list is not None: + if numbered: + numbers_f.extend(range(1, len(args[-1]) + 1)) + max_column_width.append( + max(len(repr(number)) for number in numbers_f) + ) + header_list.insert(0, "idx") + + index = range(0, len(header_list)) + for header, width, i in zip(header_list, max_column_width, index): + max_column_width[i] = max(len(header), width) + offset + + for i in index: + dummy.append( + greenie + + bold + + header_list[i].ljust(max_column_width[i]) + + endc + ) + lines.append("".join(dummy)) + dummy.clear() + + index2 = range(0, len(args[-1])) + for i in index2: + if numbered: + dummy.append( + goo + bold + repr(i).ljust(max_column_width[0]) + endc + ) + for arg, width in zip(args, max_column_width[1:]): + dummy.append(blueblue + (arg[i]).ljust(width) + endc) + else: + for arg, width in zip(args, max_column_width): + dummy.append(blueblue + (arg[i]).ljust(width) + endc) + lines.append("".join(dummy)) + dummy.clear() + return lines + + +async def run_subshell(cmd: str) -> typing.Tuple[bytes, bytes]: + """Run a command in a subshell""" + proc = await asyncio.create_subprocess_shell( + cmd, stdout=asyncio.subprocess.PIPE, stderr=asyncio.subprocess.PIPE + ) + + # return stdout and stderr + return await proc.communicate() + + +def tunnel_test_callback(task: asyncio.Task) -> None: + """Tunnel test callback function.""" + task_name = task.get_name() + # data_cols["stdout"] = task.result()[0] + # data_cols["stderr"] = task.result()[1] + if ( + task.result()[0].decode("utf-8").strip("\n") + == data_cols[task_name]["test_command_result"] + ): + data_cols[task_name]["status"] = "UP" + else: + data_cols[task_name]["status"] = "DOWN" + + +async def tunnel_test_procs() -> typing.List[asyncio.Task]: + """run all the tunnel tests in the background as separate tasks""" + tasks: typing.List[asyncio.Task] = [] + for _, value in data_cols.items(): + if value["test_command"] != "": + tasks.append( + asyncio.create_task( + run_subshell(value["test_command"]), name=value["name"] + ) + ) + tasks[-1].add_done_callback(tunnel_test_callback) + await asyncio.sleep(0) + + return tasks + + +async def tunnel_procs(commands: typing.List[str]) -> None: + """run all the tunnels in the background as separate tasks""" + for command in commands: + asyncio.create_task(run_subshell(command)) + await asyncio.sleep(0) + + +data_cols: typing.Dict[str, typing.Dict] = {} + + +async def main() -> None: + """entrypoint""" + argparser = Argparser() + print(Colors.screen_clear, end="") + print(Colors.hide_cursor, end="") + + with open(argparser.args.config, "rb") as conf_file: + data = tomllib.load(conf_file) + for key, value in data.items(): + data_cols[key] = { + "name": key, + "address": value["address"], + "port": value["port"], + "command": value["command"], + "status": "UNKN", + "test_command": value["test_command"], + "test_command_result": value["test_command_result"], + "test_interval": value["test_interval"], + "test_timeout": value["test_timeout"], + "stdout": "", + "stderr": "", + } + + await tunnel_procs([v["command"] for _, v in data_cols.items()]) + + while True: + await tunnel_test_procs() + lines = ffs( + 2, + ["NAME", "ADDRESS", "PORT", "STATUS", "STDOUT", "STDERR"] + if not argparser.args.noheader + else None, + False, + [v["name"] for _, v in data_cols.items()], + [v["address"] for _, v in data_cols.items()], + [repr(v["port"]) for _, v in data_cols.items()], + [v["status"] for _, v in data_cols.items()], + [v["stdout"] for _, v in data_cols.items()], + [v["stderr"] for _, v in data_cols.items()], + ) + for line in lines: + print(line) + + await asyncio.sleep(argparser.args.delay) + print(Colors.screen_clear, end="") + print(Colors.hide_cursor, end="") + + +if __name__ == "__main__": + asyncio.run(main()) diff --git a/bin/virttop b/bin/virttop index 61dfd04..24c4bb8 100755 --- a/bin/virttop +++ b/bin/virttop @@ -152,7 +152,7 @@ def ffs( header_list: typing.Optional[typing.List[str]], numbered: bool, *args, -): +) -> typing.List[str]: """A simple columnar printer""" max_column_width = [] lines = [] diff --git a/terminaldweller.com/cgit/docker-compose.yaml b/terminaldweller.com/cgit/docker-compose.yaml index a578b71..3d6c9bf 100644 --- a/terminaldweller.com/cgit/docker-compose.yaml +++ b/terminaldweller.com/cgit/docker-compose.yaml @@ -34,6 +34,12 @@ services: entrypoint: ["/docker-entrypoint.sh"] cap_drop: - ALL + healthcheck: + test: exit 1 + interval: 1d + timeout: 10s + retries: 1 + restart: unless-stopped networks: cgitnet: bootstrapnet: diff --git a/terminaldweller.com/gemini/convert_html.sh b/terminaldweller.com/gemini/convert_html.sh new file mode 100755 index 0000000..9010eb6 --- /dev/null +++ b/terminaldweller.com/gemini/convert_html.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +~/devi/html2gmi.git/master/html2gmi -m -t -l 1000 -i ~/scripts/terminaldweller.com/main/srv/index.html > index.gmi diff --git a/terminaldweller.com/gemini/index.gmi b/terminaldweller.com/gemini/index.gmi index 134bf8a..1201a37 100644 --- a/terminaldweller.com/gemini/index.gmi +++ b/terminaldweller.com/gemini/index.gmi @@ -1,69 +1,65 @@ -# This is a list of links - This is a list of links: This page is available on: -web2[1] -IPFS from https://ipfs.terminaldweller.com[2] or from terminaldweller.eth[3] -Gemini[4] -i2p[5] -tor[6] +web2 from https://terminaldweller.com +IPFS from https://ipfs.terminaldweller.com or from terminaldweller.eth [1] +On Gemini [2] +i2p mirror [3] +tor mirror [4] WKD direct and advanced are setup on/for the domain. -keyoxide[7] +keyoxide [5] I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant). -* PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here[8] and here[9] -I also upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu . -* SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here[10] and here[11] +PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here [6] and here [7] +I manually upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu/. +SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here [8] and here [9] -* IRC Libera[12]: terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F -* IRC OFTC[13]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 -* IRC Tilde[14]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 -* IRC Rizon[15]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Libera [10] : terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F +IRC OFTC [11] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Rizon [12] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Tilde [13] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 You can also find me on Libera, OFTC and Rizon in ##terminaldweller. XMPP: devi@jabber.terminaldweller.com The order is significant: -* Email: devi@terminaldweller.com -* Email: thabogre@gmail.com -* Email: farzadsadeghi@protonmail.ch +Email: devi@terminaldweller.com +Email: thabogre@gmail.com +Email: farzadsadeghi@protonmail.ch All emails have the ssh and pgp key fingerprints as signature. -Github: terminaldweller[16] +Github: terminaldweller [14] -Mastodon: @terminaldweller@terminaldweller.com[17] -If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org[18] +Mastodon: @terminaldweller@terminaldweller.com [15] +If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org [16] -Git mirror: git.terminaldweller.com[19] +Git mirror: git.terminaldweller.com [17] -Blog: Blog[20] RSS[21] +Blog: Blog [18] RSS [19] -Linkedin[22] +Linkedin [20] Services: N/A -[1]https://terminaldweller.com -[2] https://ipfs.terminaldweller.com -[3] https://terminaldweller.eth.link -[4]gemini://gemini.terminaldweller.com -[5]http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/ -[6]http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/ -[7] https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df -[8] https://github.com/terminaldweller.gpg -[9] https://terminaldweller.com/keys/gpg_pubkey -[10] https://github.com/terminaldweller.keys -[11] https://terminaldweller.com/keys/id_rsa.pub -[12] https://libera.chat -[13] https://oftc.net -[14] https://tilde.chat -[15] https://rizon.net -[16] https://github.com/terminaldweller -[17] https://fosstodon.org/@terminaldweller -[18] https://fosstodon.org/@terminaldweller -[19] https://git.terminaldweller.com -[20] https://blog.terminaldweller.com -[21] https://blog.terminaldweller.com/rss/feed -[22] https://www.linkedin.com/in/farzad-sadeghi +=> https://terminaldweller.eth.link terminaldweller.eth +=> gemini://gemini.terminaldweller.com Gemini +=> http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/ i2p mirror +=> http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/ tor mirror +=> https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df keyoxide +=> https://github.com/terminaldweller.gpg here +=> https://terminaldweller.com/keys/gpg_pubkey here +=> https://github.com/terminaldweller.keys here +=> https://terminaldweller.com/keys/id_rsa.pub here +=> https://libera.chat Libera +=> https://oftc.net OFTC +=> https://rizon.net/ Rizon +=> https://tilde.chat Tilde +=> https://github.com/terminaldweller terminaldweller +=> https://fosstodon.org/@terminaldweller @terminaldweller@terminaldweller.com +=> https://fosstodon.org/@terminaldweller @terminaldweller@fosstodon.org +=> https://git.terminaldweller.com git.terminaldweller.com +=> https://blog.terminaldweller.com Blog +=> https://blog.terminaldweller.com/rss/feed RSS +=> https://www.linkedin.com/in/farzad-sadeghi/ Linkedin diff --git a/terminaldweller.com/haproxy/conf.yml b/terminaldweller.com/haproxy/conf.yml index f3c8a9c..9e3a61e 100644 --- a/terminaldweller.com/haproxy/conf.yml +++ b/terminaldweller.com/haproxy/conf.yml @@ -4,426 +4,21 @@ global: evaluation_interval: 120s scrape_timeout: 10s - external_labels: - monitor: codelab - foo: bar - -rule_files: - - "first.rules" - - "my/*.rules" - -remote_write: - - url: http://remote1/push - name: drop_expensive - write_relabel_configs: - - source_labels: [__name__] - regex: expensive.* - action: drop - oauth2: - client_id: "123" - client_secret: "456" - token_url: "http://remote1/auth" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - url: http://remote2/push - name: rw_tls - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - headers: - name: value - -remote_read: - - url: http://remote1/read - read_recent: true - name: default - enable_http2: false - - url: http://remote3/read - read_recent: false - name: read_special - required_matchers: - job: special - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file +# remote_write: +# - url: https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push +# basic_auth: +# username: 151269 +# password: eyJrIjoiY2E0NDIwNTM1MmMzMDUxMjZjZTBlYWYzYmNiOGY5ZjU1NzBhYTM0ZiIsIm4iOiJoYXByb3h5X3Byb20iLCJpZCI6NTE2NjQyfQ== scrape_configs: - - job_name: prometheus + - job_name: haproxy honor_labels: true - # scrape_interval is defined by the configured global (15s). - # scrape_timeout is defined by the global default (10s). - - # metrics_path defaults to '/metrics' - # scheme defaults to 'http'. - - file_sd_configs: - - files: - - foo/*.slow.json - - foo/*.slow.yml - - single/file.yml - refresh_interval: 10m - - files: - - bar/*.yaml + metrics_path: '/metrics' + scheme: 'http' static_configs: - - targets: ["localhost:9090", "localhost:9191"] + - targets: ["haproxy:8404"] labels: - my: label - your: label - - relabel_configs: - - source_labels: [job, __meta_dns_name] - regex: (.*)some-[regex] - target_label: job - replacement: foo-${1} - # action defaults to 'replace' - - source_labels: [abc] - target_label: cde - - replacement: static - target_label: abc - - regex: - replacement: static - target_label: abc - - source_labels: [foo] - target_label: abc - action: keepequal - - source_labels: [foo] - target_label: abc - action: dropequal - - authorization: - credentials_file: valid_token_file - - tls_config: - min_version: TLS10 - - - job_name: service-x - - basic_auth: - username: admin_name - password: "multiline\nmysecret\ntest" #pragma: allowlist secret - - scrape_interval: 50s - scrape_timeout: 5s - - body_size_limit: 10MB - sample_limit: 1000 - - metrics_path: /my_path - scheme: https - - dns_sd_configs: - - refresh_interval: 15s - names: - - first.dns.address.domain.com - - second.dns.address.domain.com - - names: - - first.dns.address.domain.com - - relabel_configs: - - source_labels: [job] - regex: (.*)some-[regex] - action: drop - - source_labels: [__address__] - modulus: 8 - target_label: __tmp_hash - action: hashmod - - source_labels: [__tmp_hash] - regex: 1 - action: keep - - action: labelmap - regex: 1 - - action: labeldrop - regex: d - - action: labelkeep - regex: k - - metric_relabel_configs: - - source_labels: [__name__] - regex: expensive_metric.* - action: drop - - - job_name: service-y - - consul_sd_configs: - - server: "localhost:1234" - token: mysecret - services: ["nginx", "cache", "mysql"] - tags: ["canary", "v1"] - node_meta: - rack: "123" - allow_stale: true - scheme: https - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - insecure_skip_verify: false - - relabel_configs: - - source_labels: [__meta_sd_consul_tags] - separator: "," - regex: label:([^=]+)=([^,]+) - target_label: ${1} - replacement: ${2} - - - job_name: service-z - - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - authorization: - credentials: mysecret - - - job_name: service-kubernetes - - kubernetes_sd_configs: - - role: endpoints - api_server: "https://localhost:1234" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - basic_auth: - username: "myusername" - password: "mysecret" #pragma: allowlist secret - - - job_name: service-kubernetes-namespaces - - kubernetes_sd_configs: - - role: endpoints - api_server: "https://localhost:1234" - namespaces: - names: - - default - - basic_auth: - username: "myusername" - password_file: valid_password_file #pragma: allowlist secret - - - job_name: service-kuma - - kuma_sd_configs: - - server: http://kuma-control-plane.kuma-system.svc:5676 - - - job_name: service-marathon - marathon_sd_configs: - - servers: - - "https://marathon.example.com:443" - - auth_token: "mysecret" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: service-nomad - nomad_sd_configs: - - server: 'http://localhost:4646' - - - job_name: service-ec2 - ec2_sd_configs: - - region: us-east-1 - access_key: access - secret_key: mysecret #pragma: allowlist secret - profile: profile - filters: - - name: tag:environment - values: - - prod - - - name: tag:service - values: - - web - - db - - - job_name: service-lightsail - lightsail_sd_configs: - - region: us-east-1 - access_key: access - secret_key: mysecret #pragma: allowlist secret - profile: profile - - - job_name: service-azure - azure_sd_configs: - - environment: AzurePublicCloud - authentication_method: OAuth - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11 - resource_group: my-resource-group - tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2 - client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C - client_secret: mysecret #pragma: allowlist secret - port: 9100 - - - job_name: service-nerve - nerve_sd_configs: - - servers: - - localhost - paths: - - /monitoring - - - job_name: 0123service-xxx - metrics_path: /metrics - static_configs: - - targets: - - localhost:9090 - - - job_name: badfederation - honor_timestamps: false - metrics_path: /federate - static_configs: - - targets: - - localhost:9090 - - - job_name: 測試 - metrics_path: /metrics - static_configs: - - targets: - - localhost:9090 - - - job_name: httpsd - http_sd_configs: - - url: "http://example.com/prometheus" - - - job_name: service-triton - triton_sd_configs: - - account: "testAccount" - dns_suffix: "triton.example.com" - endpoint: "triton.example.com" - port: 9163 - refresh_interval: 1m - version: 1 - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: digitalocean-droplets - digitalocean_sd_configs: - - authorization: - credentials: abcdef - - - job_name: docker - docker_sd_configs: - - host: unix:///var/run/docker.sock - - - job_name: dockerswarm - dockerswarm_sd_configs: - - host: http://127.0.0.1:2375 - role: nodes - - - job_name: service-openstack - openstack_sd_configs: - - role: instance - region: RegionOne - port: 80 - refresh_interval: 1m - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: service-puppetdb - puppetdb_sd_configs: - - url: https://puppetserver/ - query: 'resources { type = "Package" and title = "httpd" }' - include_parameters: true - port: 80 - refresh_interval: 1m - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: hetzner - relabel_configs: - - action: uppercase - source_labels: [instance] - target_label: instance - hetzner_sd_configs: - - role: hcloud - authorization: - credentials: abcdef - - role: robot - basic_auth: - username: abcdef - password: abcdef - - - job_name: service-eureka - eureka_sd_configs: - - server: "http://eureka.example.com:8761/eureka" - - - job_name: ovhcloud - ovhcloud_sd_configs: - - service: vps - endpoint: ovh-eu - application_key: testAppKey - application_secret: testAppSecret #pragma: allowlist secret - consumer_key: testConsumerKey - refresh_interval: 1m - - service: dedicated_server - endpoint: ovh-eu - application_key: testAppKey - application_secret: testAppSecret #pragma: allowlist secret - consumer_key: testConsumerKey - refresh_interval: 1m - - - job_name: scaleway - scaleway_sd_configs: - - role: instance - project_id: 11111111-1111-1111-1111-111111111112 - access_key: SCWXXXXXXXXXXXXXXXXX - secret_key: 11111111-1111-1111-1111-111111111111 - - role: baremetal - project_id: 11111111-1111-1111-1111-111111111112 - access_key: SCWXXXXXXXXXXXXXXXXX - secret_key: 11111111-1111-1111-1111-111111111111 - - - job_name: linode-instances - linode_sd_configs: - - authorization: - credentials: abcdef - - - job_name: uyuni - uyuni_sd_configs: - - server: https://localhost:1234 - username: gopher - password: hole #pragma: allowlist secret - - - job_name: ionos - ionos_sd_configs: - - datacenter_id: 8feda53f-15f0-447f-badf-ebe32dad2fc0 - authorization: - credentials: abcdef - - - job_name: vultr - vultr_sd_configs: - - authorization: - credentials: abcdef - -alerting: - alertmanagers: - - scheme: https - static_configs: - - targets: - - "1.2.3.4:9093" - - "1.2.3.5:9093" - - "1.2.3.6:9093" - -storage: - tsdb: - out_of_order_time_window: 30m - -tracing: - endpoint: "localhost:4317" - client_type: "grpc" - headers: - foo: "bar" - timeout: 5s - compression: "gzip" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - insecure_skip_verify: true + my: haproxy + your: haproxy diff --git a/terminaldweller.com/haproxy/docker-compose.yaml b/terminaldweller.com/haproxy/docker-compose.yaml index 6e89024..126613c 100644 --- a/terminaldweller.com/haproxy/docker-compose.yaml +++ b/terminaldweller.com/haproxy/docker-compose.yaml @@ -17,47 +17,29 @@ services: - "587:587" volumes: - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro - # - ./certs:/usr/local/etc/certs:ro networks: - proxynet - metricsnet - # - certnet restart: unless-stopped cap_drop: - ALL - # certbot: - # image: certbot - # build: - # context: ./certbot - # ports: - # - "127.0.0.1:9080:80" - # - "127.0.0.1:9443:443" - # networks: - # - certnet - # # restart: unless-stopped - # volumes: - # - ./letsencrypt:/etc/letsencrypt - # - ./webroot:/webroot - # - ./certs:/certs - # # command: ["certonly","--test-cert","--webroot","-w","/webroot","-d","chat.terminaldweller.com","--email","thabogre@gmail.com","--non-interactive","--agree-tos"] - # entrypoint: ["/certbot-entrypoint.sh"] - # environment: - # - DOMAIN=chat.terminaldweller.com - # - EMAIL=devi@mail.terminaldweller.com - # nginx: - # image: nginx - # ports: - # - "127.0.0.1:8080:80" - # networks: - # - certnet - # restart: unless-stopped - # volumes: - # - ./webroot:/usr/share/nginx/html # udpproxy: # image: nginx # ports: # - "127.0.0.1:3478:3478/udp" # - "127.0.0.1:5349:5349/udp" + # - "80:80" + # - "443:443" + # - "5222:5222" + # - "5280:5280" + # - "5443:5443" + # - "143:143" + # - "993:993" + # - "110:110" + # - "995:995" + # - "25:25" + # - "465:465" + # - "587:587" # networks: # - proxynet # restart: unless-stopped @@ -68,12 +50,18 @@ services: networks: - metricsnet restart: unless-stopped + ports: + - "127.0.0.1:9099:9090" volumes: - metricsvault:/opt/bitnami/prometheus/data - ./conf.yml:/opt/bitnami/prometheus/conf/prometheus.yml:ro + environment: + - HTTPS_PROXY=socks5h://172.17.0.1:9993 + - HTTP_PROXY=socks5h://172.17.0.1:9993 + - ALL_PROXY=socks5h://172.17.0.1:9993 + - NO_PROXY=localhost,127.0.0.0/8,172.16.0.0/12,10.0.0.0/8,192.168.0.0/16 networks: proxynet: metricsnet: - # certnet: volumes: metricsvault: diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg index 57f79f4..6408b44 100644 --- a/terminaldweller.com/haproxy/haproxy.cfg +++ b/terminaldweller.com/haproxy/haproxy.cfg @@ -1,5 +1,5 @@ global - maxconn 256 + maxconn 768 log 127.0.0.1 local0 ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL ssl-default-bind-options no-sslv3 @@ -251,6 +251,13 @@ frontend mail-submission acl mail-host-ss req.ssl_sni -i terminaldweller.com use_backend mail-backend-submission if mail-host-s use_backend mail-backend-submission if mail-host-ss +frontend stats + mode http + bind *:8404 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s #Backends backend certbot-backend diff --git a/terminaldweller.com/main/srv/index.html b/terminaldweller.com/main/srv/index.html index dc1a110..8677d84 100644 --- a/terminaldweller.com/main/srv/index.html +++ b/terminaldweller.com/main/srv/index.html @@ -29,9 +29,9 @@ <div>I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant).</div> </p> <div> - <div>PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - <a href="https://github.com/terminaldweller.gpg">here</a> and <a href="https://terminaldweller.com/keys/gpg_pubkey">here</a></div> + <div>PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - <a href="https://github.com/terminaldweller.gpg">here</a> and <a href="keys/gpg_pubkey">here</a></div> <div>I manually upload my PGP key to <a href="https://keys.openpgp.org">https://keys.openpgp.org</a> and <a href="https://pgp.mit.edu/">https://pgp.mit.edu/</a>.</div> - <div>SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - <a href="https://github.com/terminaldweller.keys">here</a> and <a href="https://terminaldweller.com/keys/id_rsa.pub">here</a></div> + <div>SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - <a href="https://github.com/terminaldweller.keys">here</a> and <a href="keys/id_rsa_pub">here</a></div> <p> <div>IRC <a href="https://libera.chat">Libera</a>: terminaldweller <a>FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F</a></div> <div>IRC <a href="https://oftc.net">OFTC</a>: terminaldweller <a>FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876</a></div> |