aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.newsboat/urls1
-rw-r--r--.tunneltop.toml12
-rw-r--r--.zshrc16
-rwxr-xr-xbin/bw_mednafen6
-rw-r--r--terminaldweller.com/cgit/bootstrap/Dockerfile8
-rwxr-xr-xterminaldweller.com/cgit/bootstrap/bootstrap.sh1
-rw-r--r--terminaldweller.com/cgit/bootstrap/crontab1
-rwxr-xr-xterminaldweller.com/cgit/bootstrap/docker-entrypoint.sh2
-rw-r--r--terminaldweller.com/cgit/cgit/cgitrc2
-rw-r--r--terminaldweller.com/cgit/docker-compose.yaml8
-rw-r--r--terminaldweller.com/ejabberd/docker-compose.yaml4
-rw-r--r--terminaldweller.com/ejabberd/ejabberd.yml23
-rw-r--r--terminaldweller.com/haproxy/docker-compose.yaml48
13 files changed, 82 insertions, 50 deletions
diff --git a/.newsboat/urls b/.newsboat/urls
index 04de93d..06eaa57 100644
--- a/.newsboat/urls
+++ b/.newsboat/urls
@@ -64,6 +64,7 @@ https://www.youtube.com/feeds/videos.xml?channel_id=UC9YXCCz-A28lxhMA-ArfBaA "~G
https://www.youtube.com/feeds/videos.xml?channel_id=UCxMZO9A4Jixjr9lbgeBiQ6w "~Vormithrax"youtube
# Tech
+https://www.youtube.com/feeds/videos.xml?channel_id=UCUP5UhD6cMfpN4vxW3FYJLQ "~Doing_Fed_Time"youtube
https://www.youtube.com/feeds/videos.xml?channel_id=UCqK_GSMbpiV8spgD3ZGloSw "~Coin Bureau"youtube
https://www.youtube.com/feeds/videos.xml?channel_id=UC-91UA-Xy2Cvb98deRXuggA "~Joshua Fluke"youtube
https://www.youtube.com/feeds/videos.xml?channel_id=UC17mJJnvzAa_e9qQqLIfIeQ "~Semicolon&Sons"youtube
diff --git a/.tunneltop.toml b/.tunneltop.toml
index 46d6cd1..f7d5c58 100644
--- a/.tunneltop.toml
+++ b/.tunneltop.toml
@@ -2,7 +2,7 @@
address = "127.0.0.1"
port = 9997
command = "autossh -M 0 -N -D 9997 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 1022 87.236.209.206"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9997 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9997 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
@@ -12,7 +12,7 @@ test_timeout = 10
address = "127.0.0.1"
port = 9995
command = "autossh -M 0 -N -D 0.0.0.0:9995 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o VerifyHostKeyDNS=no -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l root -p 2022 185.112.147.110"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9995 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9995 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
@@ -22,7 +22,7 @@ test_timeout = 10
address = "127.0.0.1"
port = 9990
command = "autossh -M 0 -N -D 0.0.0.0:9990 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9990 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9990 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
@@ -32,7 +32,7 @@ test_timeout = 10
address = "127.0.0.1"
port = 9989
command = "autossh -M 0 -N -D 0.0.0.0:9989 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9989 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9989 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
@@ -102,7 +102,7 @@ test_timeout = 30
address = "127.0.0.1"
port = 9053
command = "autossh -M 0 -N -L 9053:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.45.46"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9053 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9053 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
@@ -112,7 +112,7 @@ test_timeout = 20
address = "127.0.0.1"
port = 9054
command = "autossh -M 0 -N -L 0.0.0.0:9054:127.0.0.1:9050 -o ServerAliveInterval=180 -o ServerAliveCountMax=3 -o ExitOnForwardFailure=yes -l ubuntu -p 3333 185.130.47.208"
-test_command = 'curl -s -o -s -w "%{http_code}" -I -4 --socks5 socks5h://127.0.0.1:9054 https://icanhazallips.terminaldweller.com'
+test_command = 'curl -s -o -s -w "%{http_code}" -k -I -4 --socks5 socks5h://127.0.0.1:9054 https://icanhazallips.terminaldweller.com:9380'
# test_command = ""
test_command_result = "200"
test_interval = 300
diff --git a/.zshrc b/.zshrc
index a8de683..19dc317 100644
--- a/.zshrc
+++ b/.zshrc
@@ -20,11 +20,9 @@ autoload -U compinit && compinit -u
eval `dircolors ~/.dir_colors`
# _evalcache dircolors ~/.dir_colors
-unalias dr
-alias gd="git diff --color-words"
-
# enable aliases with sudo in the alias
alias sudo="sudo "
+alias mpv="proxychains4 -q -f ~/proxies/swe/proxychains.conf mpv --save-position-on-quit --term-osd-bar --msg-module --msg-time --cache=yes --cache-secs=9600 --cache-on-disk --cache-dir=/tmp/ --demuxer-max-bytes=500MiB"
alias w3m='proxychains4 -q -f ~/proxies/ice/proxychains.conf w3m -o auto_image=FALSE -o user_agent="$(get_random_ua.sh)" -graph'
alias torw3m='torsocks --port 9053 w3m -o auto_image=FALSE -o user_agent="$(get_random_ua.sh)" -graph'
alias rm="rm -I --one-file-system --preserve-root=all"
@@ -337,9 +335,9 @@ alias mount="grc mount"
alias picocom="picocom --escape b"
# https://wiki.slipfox.xyz/wiki/ANSI_escape_code#OSC_(Operating_System_Command)_sequences)
# https://github.com/sos4nt/dynamic-colors
-alias turn_green='echo -e "\033]10;#005f5f\007"'
-alias turn_blue='echo -e "\033]10;#005f87\007"'
-alias turn_white='echo -e "\033]10;#c0c0c0\007"'
+alias turn_green='echo -e "\033]10;#005f5f\007" '
+alias turn_blue='echo -e "\033]10;#005f87\007" '
+alias turn_white='echo -e "\033]10;#c0c0c0\007" '
alias bandwhich="turn_green && bandwhich"
alias powertop="turn_green && powertop"
alias mdcat="turn_green && mdcat --local --fail --paginate"
@@ -724,13 +722,13 @@ dff() {
}
jcurl() {
- torsocks --port 9054 curl -s --connect-timeout 10 "$@" | json_pp -json_opt pretty,canonical | pygmentize -l json -P style=$PYGMENTIZE_STYLE | $PAGER
+ curl --socks5 socks5h://127.0.0.1:9054 -s --connect-timeout 10 "$@" | json_pp -json_opt pretty,canonical | pygmentize -l json -P style=$PYGMENTIZE_STYLE | $PAGER
}
xcurl() {
- torsocks --port 9054 curl -s --connect-timeout 10 "$@" | xml_pp | pygmentize -l xml -P style=$PYGMENTIZE_STYLE | $PAGER
+ curl --socks5 socks5h://127.0.0.1:9054 -s --connect-timeout 10 "$@" | xml_pp -s nice | pygmentize -l xml -P style=$PYGMENTIZE_STYLE | $PAGER
}
hcurl() {
- torsocks --port 9054 curl -s --connect-timeout 10 -i -D /dev/stderr --user-agent "$(get_random_ua.sh)" "$@" | pygmentize -l html -P style=$PYGMENTIZE_STYLE | $PAGER
+ curl --socks5 socks5h://127.0.0.1:9054 -s --connect-timeout 10 -i -D /dev/stderr --user-agent "$(get_random_ua.sh)" "$@" | pygmentize -l html -P style=$PYGMENTIZE_STYLE | $PAGER
}
# these i stole from junegunn to try out
diff --git a/bin/bw_mednafen b/bin/bw_mednafen
index 84075c2..e06b66f 100755
--- a/bin/bw_mednafen
+++ b/bin/bw_mednafen
@@ -99,7 +99,7 @@ env -i \
--new-session \
--die-with-parent \
--hostname RESTRICTED \
- --seccomp 9 \
mednafen \
- "$@" \
- 9<"/tmp/seccomp_logging_filter.bpf"
+ "$@"
+ # --seccomp 9 \
+ # 9<"/tmp/seccomp_logging_filter.bpf"
diff --git a/terminaldweller.com/cgit/bootstrap/Dockerfile b/terminaldweller.com/cgit/bootstrap/Dockerfile
index 2467f36..be4f278 100644
--- a/terminaldweller.com/cgit/bootstrap/Dockerfile
+++ b/terminaldweller.com/cgit/bootstrap/Dockerfile
@@ -1,8 +1,10 @@
FROM alpine:3.16
-RUN apk update && apk add --no-cache git cronie busybox-initscripts
+#RUN apk update && apk add --no-cache git cronie busybox-initscripts
+RUN apk update && apk add --no-cache git apk-cron
# RUN rc-service crond start && rc-update add crond
COPY ./bootstrap.sh /bootstrap.sh
COPY ./docker-entrypoint.sh /docker-entrypoint.sh
-COPY ./crontab /etc/crontabs/root
-RUN chmod 0744 /bootstrap.sh
+COPY ./cron /etc/periodic/15min/cron
+# COPY ./crontab /etc/crontabs/root
+# RUN chmod 0744 /bootstrap.sh
ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/terminaldweller.com/cgit/bootstrap/bootstrap.sh b/terminaldweller.com/cgit/bootstrap/bootstrap.sh
index 3481546..ba2e1b0 100755
--- a/terminaldweller.com/cgit/bootstrap/bootstrap.sh
+++ b/terminaldweller.com/cgit/bootstrap/bootstrap.sh
@@ -14,7 +14,6 @@ REPOS="cgrep \
devourer \
hived \
mdrtl \
- simplex \
scripts \
vagrantboxes \
dockerimages \
diff --git a/terminaldweller.com/cgit/bootstrap/crontab b/terminaldweller.com/cgit/bootstrap/crontab
deleted file mode 100644
index 2346740..0000000
--- a/terminaldweller.com/cgit/bootstrap/crontab
+++ /dev/null
@@ -1 +0,0 @@
-0 */6 * * * /bootstrap.sh --update
diff --git a/terminaldweller.com/cgit/bootstrap/docker-entrypoint.sh b/terminaldweller.com/cgit/bootstrap/docker-entrypoint.sh
index d6d7009..2f67a11 100755
--- a/terminaldweller.com/cgit/bootstrap/docker-entrypoint.sh
+++ b/terminaldweller.com/cgit/bootstrap/docker-entrypoint.sh
@@ -5,4 +5,4 @@ set -x
. /bootstrap.sh
bootstrap
update_repos
-crond -n -s -P
+crond -f -l 2
diff --git a/terminaldweller.com/cgit/cgit/cgitrc b/terminaldweller.com/cgit/cgit/cgitrc
index 4db7d5b..90abd90 100644
--- a/terminaldweller.com/cgit/cgit/cgitrc
+++ b/terminaldweller.com/cgit/cgit/cgitrc
@@ -3,7 +3,7 @@
#
#
# Enable caching of up to 1000 output entries
-cache-size=100
+# cache-size=100
## ttl for root page
cache-root-ttl=5
diff --git a/terminaldweller.com/cgit/docker-compose.yaml b/terminaldweller.com/cgit/docker-compose.yaml
index 3d6c9bf..3fe10ae 100644
--- a/terminaldweller.com/cgit/docker-compose.yaml
+++ b/terminaldweller.com/cgit/docker-compose.yaml
@@ -8,7 +8,7 @@ services:
- cgitnet
ports:
- "127.0.0.1:8041:80"
- - "8042:22"
+ - "127.0.0.1:8042:22"
- "8043:443"
restart: unless-stopped
environment:
@@ -22,7 +22,7 @@ services:
# - /etc/hosts:/etc/hosts:ro
# - /etc/localtime:/etc/localtime:ro
- ./cgit.conf:/etc/lighttpd/cgit.conf:ro
- - /etc/letsencrypt/archive/git.terminaldweller.com/ssl.pem:/etc/certs/git.pem:ro
+ - /etc/letsencrypt/archive/git.terminaldweller.com/:/etc/certs/:ro
bootstrap:
image: bootstrap
build:
@@ -32,8 +32,8 @@ services:
volumes:
- storage:/etc/gitrepos/
entrypoint: ["/docker-entrypoint.sh"]
- cap_drop:
- - ALL
+ # cap_drop:
+ # - ALL
healthcheck:
test: exit 1
interval: 1d
diff --git a/terminaldweller.com/ejabberd/docker-compose.yaml b/terminaldweller.com/ejabberd/docker-compose.yaml
index a4ddaeb..f01085d 100644
--- a/terminaldweller.com/ejabberd/docker-compose.yaml
+++ b/terminaldweller.com/ejabberd/docker-compose.yaml
@@ -1,7 +1,7 @@
version: "3.4"
services:
ejabberd:
- image: ejabberd/ecs:21.07
+ image: ejabberd/ecs:23.01
networks:
- ejabberdnet
ports:
@@ -33,5 +33,5 @@ volumes:
mnesia_db:
vault:
# openssl dhparam -out dhparams.pem 4096
-# certbot certonly --standalone -d chat.terminaldweller.com -m devi@terminaldweller.com --agree-tos --noninteractive --dryrun
+# certbot certonly --standlone -d chat.terminaldweller.com -e devi@terminaldweller.com --agree-tos --noninteractive
# docker exec -it 6eebd16a2385 bin/ejabberdctl register admin chat.terminaldweller.com password
diff --git a/terminaldweller.com/ejabberd/ejabberd.yml b/terminaldweller.com/ejabberd/ejabberd.yml
index 815d702..fb5a6a9 100644
--- a/terminaldweller.com/ejabberd/ejabberd.yml
+++ b/terminaldweller.com/ejabberd/ejabberd.yml
@@ -1,13 +1,14 @@
hosts:
- jabber.terminaldweller.com
-auth_method: internal
+auth_method: internal
auth_password_format: scram # pragma: allowlist secret
# anonymous_protocol: both
allow_multiple_connections: true
loglevel: 5
log_rotate_size: 10485760
log_rotate_count: 1
+default_db: mnesia
define_macro:
'TLS_CIPHERS': "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:RSA-PSK-AES256-GCM-SHA384:DHE-PSK-AES256-GCM-SHA384:RSA-PSK-CHACHA20-POLY1305:DHE-PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305:AES256-GCM-SHA384:PSK-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305:RSA-PSK-AES128-GCM-SHA256:DHE-PSK-AES128-GCM-SHA256:AES128-GCM-SHA256:PSK-AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:ECDHE-PSK-AES256-CBC-SHA384:ECDHE-PSK-AES256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA384:DHE-PSK-AES256-CBC-SHA384:RSA-PSK-AES256-CBC-SHA:DHE-PSK-AES256-CBC-SHA:AES256-SHA:PSK-AES256-CBC-SHA384:PSK-AES256-CBC-SHA:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:RSA-PSK-AES128-CBC-SHA256:DHE-PSK-AES128-CBC-SHA256:RSA-PSK-AES128-CBC-SHA:DHE-PSK-AES128-CBC-SHA:AES128-SHA:PSK-AES128-CBC-SHA256:PSK-AES128-CBC-SHA"
@@ -45,9 +46,9 @@ listen:
access: c2s
starttls: true
starttls_required: true
- #protocol_options: 'TLS_OPTIONS'
- #ciphers: 'TLS_CIPHERS'
- #dhfile: 'DH_FILE'
+ protocol_options: 'TLS_OPTIONS'
+ ciphers: 'TLS_CIPHERS'
+ dhfile: 'DH_FILE'
zlib: false
tls_compression: false
- port: 5223
@@ -56,6 +57,9 @@ listen:
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
+ protocol_options: 'TLS_OPTIONS'
+ ciphers: 'TLS_CIPHERS'
+ dhfile: 'DH_FILE'
tls: true
tls_compression: false
- port: 5269
@@ -77,6 +81,8 @@ listen:
'/upload': mod_http_upload
'/ws': ejabberd_http_ws
'/oauth': ejabberd_oauth
+ '/.well-known/host-meta': mod_host_meta
+ '/.well-known/host-meta.json': mod_host_meta
- port: 5080
ip: '0.0.0.0'
module: ejabberd_http
@@ -133,9 +139,9 @@ access_rules:
configure:
allow: admin
muc_create:
- allow: local
+ allow: admin
pubsub_createnode:
- allow: local
+ allow: admin
trusted_network:
allow: loopback
@@ -201,7 +207,7 @@ max_fsm_queue: 10000
acme:
# for auto ACME requests, we need this to be true
auto: false
- contact:
+ contact:
- mailto:devi@terminaldweller.com
ca_url: https://acme-v02.api.letsencrypt.org/directory
@@ -298,3 +304,6 @@ modules:
mod_vcard_xupdate: {}
mod_version:
show_os: false
+ mod_host_meta:
+ bosh_service_url: "https://@HOST@:5443/bosh"
+ websocket_url: "wss://@HOST@:5443/ws"
diff --git a/terminaldweller.com/haproxy/docker-compose.yaml b/terminaldweller.com/haproxy/docker-compose.yaml
index 126613c..ce3f8d5 100644
--- a/terminaldweller.com/haproxy/docker-compose.yaml
+++ b/terminaldweller.com/haproxy/docker-compose.yaml
@@ -15,31 +15,50 @@ services:
- "25:25"
- "465:465"
- "587:587"
+ - "127.0.0.1:8404:8404"
volumes:
- ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro
+ # - ./certs:/usr/local/etc/certs:ro
networks:
- proxynet
- metricsnet
+ # - certnet
restart: unless-stopped
cap_drop:
- ALL
+ # certbot:
+ # image: certbot
+ # build:
+ # context: ./certbot
+ # ports:
+ # - "127.0.0.1:9080:80"
+ # - "127.0.0.1:9443:443"
+ # networks:
+ # - certnet
+ # # restart: unless-stopped
+ # volumes:
+ # - ./letsencrypt:/etc/letsencrypt
+ # - ./webroot:/webroot
+ # - ./certs:/certs
+ # # command: ["certonly","--test-cert","--webroot","-w","/webroot","-d","chat.terminaldweller.com","--email","thabogre@gmail.com","--non-interactive","--agree-tos"]
+ # entrypoint: ["/certbot-entrypoint.sh"]
+ # environment:
+ # - DOMAIN=chat.terminaldweller.com
+ # - EMAIL=devi@mail.terminaldweller.com
+ # nginx:
+ # image: nginx
+ # ports:
+ # - "127.0.0.1:8080:80"
+ # networks:
+ # - certnet
+ # restart: unless-stopped
+ # volumes:
+ # - ./webroot:/usr/share/nginx/html
# udpproxy:
# image: nginx
# ports:
# - "127.0.0.1:3478:3478/udp"
# - "127.0.0.1:5349:5349/udp"
- # - "80:80"
- # - "443:443"
- # - "5222:5222"
- # - "5280:5280"
- # - "5443:5443"
- # - "143:143"
- # - "993:993"
- # - "110:110"
- # - "995:995"
- # - "25:25"
- # - "465:465"
- # - "587:587"
# networks:
# - proxynet
# restart: unless-stopped
@@ -57,11 +76,16 @@ services:
- ./conf.yml:/opt/bitnami/prometheus/conf/prometheus.yml:ro
environment:
- HTTPS_PROXY=socks5h://172.17.0.1:9993
+ - https_proxy=socks5h://172.17.0.1:9993
- HTTP_PROXY=socks5h://172.17.0.1:9993
+ - http_proxy=socks5h://172.17.0.1:9993
- ALL_PROXY=socks5h://172.17.0.1:9993
+ - all_proxy=socks5h://172.17.0.1:9993
- NO_PROXY=localhost,127.0.0.0/8,172.16.0.0/12,10.0.0.0/8,192.168.0.0/16
+ - no_proxy=localhost,127.0.0.0/8,172.16.0.0/12,10.0.0.0/8,192.168.0.0/16
networks:
proxynet:
metricsnet:
+ # certnet:
volumes:
metricsvault: