From 437fc047e789340ace274159bf2046382b069140 Mon Sep 17 00:00:00 2001 From: terminaldweller Date: Mon, 16 Jan 2023 15:34:12 +0330 Subject: update --- terminaldweller.com/cgit/docker-compose.yaml | 6 + terminaldweller.com/gemini/convert_html.sh | 3 + terminaldweller.com/gemini/index.gmi | 88 +++-- terminaldweller.com/haproxy/conf.yml | 427 +----------------------- terminaldweller.com/haproxy/docker-compose.yaml | 50 ++- terminaldweller.com/haproxy/haproxy.cfg | 9 +- terminaldweller.com/main/srv/index.html | 4 +- 7 files changed, 91 insertions(+), 496 deletions(-) create mode 100755 terminaldweller.com/gemini/convert_html.sh (limited to 'terminaldweller.com') diff --git a/terminaldweller.com/cgit/docker-compose.yaml b/terminaldweller.com/cgit/docker-compose.yaml index a578b71..3d6c9bf 100644 --- a/terminaldweller.com/cgit/docker-compose.yaml +++ b/terminaldweller.com/cgit/docker-compose.yaml @@ -34,6 +34,12 @@ services: entrypoint: ["/docker-entrypoint.sh"] cap_drop: - ALL + healthcheck: + test: exit 1 + interval: 1d + timeout: 10s + retries: 1 + restart: unless-stopped networks: cgitnet: bootstrapnet: diff --git a/terminaldweller.com/gemini/convert_html.sh b/terminaldweller.com/gemini/convert_html.sh new file mode 100755 index 0000000..9010eb6 --- /dev/null +++ b/terminaldweller.com/gemini/convert_html.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +~/devi/html2gmi.git/master/html2gmi -m -t -l 1000 -i ~/scripts/terminaldweller.com/main/srv/index.html > index.gmi diff --git a/terminaldweller.com/gemini/index.gmi b/terminaldweller.com/gemini/index.gmi index 134bf8a..1201a37 100644 --- a/terminaldweller.com/gemini/index.gmi +++ b/terminaldweller.com/gemini/index.gmi @@ -1,69 +1,65 @@ -# This is a list of links - This is a list of links: This page is available on: -web2[1] -IPFS from https://ipfs.terminaldweller.com[2] or from terminaldweller.eth[3] -Gemini[4] -i2p[5] -tor[6] +web2 from https://terminaldweller.com +IPFS from https://ipfs.terminaldweller.com or from terminaldweller.eth [1] +On Gemini [2] +i2p mirror [3] +tor mirror [4] WKD direct and advanced are setup on/for the domain. -keyoxide[7] +keyoxide [5] I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant). -* PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here[8] and here[9] -I also upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu . -* SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here[10] and here[11] +PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here [6] and here [7] +I manually upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu/. +SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here [8] and here [9] -* IRC Libera[12]: terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F -* IRC OFTC[13]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 -* IRC Tilde[14]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 -* IRC Rizon[15]: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Libera [10] : terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F +IRC OFTC [11] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Rizon [12] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 +IRC Tilde [13] : terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876 You can also find me on Libera, OFTC and Rizon in ##terminaldweller. XMPP: devi@jabber.terminaldweller.com The order is significant: -* Email: devi@terminaldweller.com -* Email: thabogre@gmail.com -* Email: farzadsadeghi@protonmail.ch +Email: devi@terminaldweller.com +Email: thabogre@gmail.com +Email: farzadsadeghi@protonmail.ch All emails have the ssh and pgp key fingerprints as signature. -Github: terminaldweller[16] +Github: terminaldweller [14] -Mastodon: @terminaldweller@terminaldweller.com[17] -If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org[18] +Mastodon: @terminaldweller@terminaldweller.com [15] +If you cant find the handle then you need to log in. I'm not hosting my own mastodon instance. I'm just hosting my own webfinger. The actual handle is @terminaldweller@fosstodon.org [16] -Git mirror: git.terminaldweller.com[19] +Git mirror: git.terminaldweller.com [17] -Blog: Blog[20] RSS[21] +Blog: Blog [18] RSS [19] -Linkedin[22] +Linkedin [20] Services: N/A -[1]https://terminaldweller.com -[2] https://ipfs.terminaldweller.com -[3] https://terminaldweller.eth.link -[4]gemini://gemini.terminaldweller.com -[5]http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/ -[6]http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/ -[7] https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df -[8] https://github.com/terminaldweller.gpg -[9] https://terminaldweller.com/keys/gpg_pubkey -[10] https://github.com/terminaldweller.keys -[11] https://terminaldweller.com/keys/id_rsa.pub -[12] https://libera.chat -[13] https://oftc.net -[14] https://tilde.chat -[15] https://rizon.net -[16] https://github.com/terminaldweller -[17] https://fosstodon.org/@terminaldweller -[18] https://fosstodon.org/@terminaldweller -[19] https://git.terminaldweller.com -[20] https://blog.terminaldweller.com -[21] https://blog.terminaldweller.com/rss/feed -[22] https://www.linkedin.com/in/farzad-sadeghi +=> https://terminaldweller.eth.link terminaldweller.eth +=> gemini://gemini.terminaldweller.com Gemini +=> http://iedzwh5v2vouywqy4eak3eu33amfn3rzhdcln7j4r5kcyvf46cea.b32.i2p:7774/ i2p mirror +=> http://dqunl5rzlv6skqfklqr4dwi4zph2vqoaennc7qoinqs5mlug4docq2yd.onion/ tor mirror +=> https://keyoxide.org/hkp/9e20464f1ccf3b103249fa93a6a0f5158b3881df keyoxide +=> https://github.com/terminaldweller.gpg here +=> https://terminaldweller.com/keys/gpg_pubkey here +=> https://github.com/terminaldweller.keys here +=> https://terminaldweller.com/keys/id_rsa.pub here +=> https://libera.chat Libera +=> https://oftc.net OFTC +=> https://rizon.net/ Rizon +=> https://tilde.chat Tilde +=> https://github.com/terminaldweller terminaldweller +=> https://fosstodon.org/@terminaldweller @terminaldweller@terminaldweller.com +=> https://fosstodon.org/@terminaldweller @terminaldweller@fosstodon.org +=> https://git.terminaldweller.com git.terminaldweller.com +=> https://blog.terminaldweller.com Blog +=> https://blog.terminaldweller.com/rss/feed RSS +=> https://www.linkedin.com/in/farzad-sadeghi/ Linkedin diff --git a/terminaldweller.com/haproxy/conf.yml b/terminaldweller.com/haproxy/conf.yml index f3c8a9c..9e3a61e 100644 --- a/terminaldweller.com/haproxy/conf.yml +++ b/terminaldweller.com/haproxy/conf.yml @@ -4,426 +4,21 @@ global: evaluation_interval: 120s scrape_timeout: 10s - external_labels: - monitor: codelab - foo: bar - -rule_files: - - "first.rules" - - "my/*.rules" - -remote_write: - - url: http://remote1/push - name: drop_expensive - write_relabel_configs: - - source_labels: [__name__] - regex: expensive.* - action: drop - oauth2: - client_id: "123" - client_secret: "456" - token_url: "http://remote1/auth" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - url: http://remote2/push - name: rw_tls - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - headers: - name: value - -remote_read: - - url: http://remote1/read - read_recent: true - name: default - enable_http2: false - - url: http://remote3/read - read_recent: false - name: read_special - required_matchers: - job: special - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file +# remote_write: +# - url: https://prometheus-blocks-prod-us-central1.grafana.net/api/prom/push +# basic_auth: +# username: 151269 +# password: eyJrIjoiY2E0NDIwNTM1MmMzMDUxMjZjZTBlYWYzYmNiOGY5ZjU1NzBhYTM0ZiIsIm4iOiJoYXByb3h5X3Byb20iLCJpZCI6NTE2NjQyfQ== scrape_configs: - - job_name: prometheus + - job_name: haproxy honor_labels: true - # scrape_interval is defined by the configured global (15s). - # scrape_timeout is defined by the global default (10s). - - # metrics_path defaults to '/metrics' - # scheme defaults to 'http'. - - file_sd_configs: - - files: - - foo/*.slow.json - - foo/*.slow.yml - - single/file.yml - refresh_interval: 10m - - files: - - bar/*.yaml + metrics_path: '/metrics' + scheme: 'http' static_configs: - - targets: ["localhost:9090", "localhost:9191"] + - targets: ["haproxy:8404"] labels: - my: label - your: label - - relabel_configs: - - source_labels: [job, __meta_dns_name] - regex: (.*)some-[regex] - target_label: job - replacement: foo-${1} - # action defaults to 'replace' - - source_labels: [abc] - target_label: cde - - replacement: static - target_label: abc - - regex: - replacement: static - target_label: abc - - source_labels: [foo] - target_label: abc - action: keepequal - - source_labels: [foo] - target_label: abc - action: dropequal - - authorization: - credentials_file: valid_token_file - - tls_config: - min_version: TLS10 - - - job_name: service-x - - basic_auth: - username: admin_name - password: "multiline\nmysecret\ntest" #pragma: allowlist secret - - scrape_interval: 50s - scrape_timeout: 5s - - body_size_limit: 10MB - sample_limit: 1000 - - metrics_path: /my_path - scheme: https - - dns_sd_configs: - - refresh_interval: 15s - names: - - first.dns.address.domain.com - - second.dns.address.domain.com - - names: - - first.dns.address.domain.com - - relabel_configs: - - source_labels: [job] - regex: (.*)some-[regex] - action: drop - - source_labels: [__address__] - modulus: 8 - target_label: __tmp_hash - action: hashmod - - source_labels: [__tmp_hash] - regex: 1 - action: keep - - action: labelmap - regex: 1 - - action: labeldrop - regex: d - - action: labelkeep - regex: k - - metric_relabel_configs: - - source_labels: [__name__] - regex: expensive_metric.* - action: drop - - - job_name: service-y - - consul_sd_configs: - - server: "localhost:1234" - token: mysecret - services: ["nginx", "cache", "mysql"] - tags: ["canary", "v1"] - node_meta: - rack: "123" - allow_stale: true - scheme: https - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - insecure_skip_verify: false - - relabel_configs: - - source_labels: [__meta_sd_consul_tags] - separator: "," - regex: label:([^=]+)=([^,]+) - target_label: ${1} - replacement: ${2} - - - job_name: service-z - - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - authorization: - credentials: mysecret - - - job_name: service-kubernetes - - kubernetes_sd_configs: - - role: endpoints - api_server: "https://localhost:1234" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - basic_auth: - username: "myusername" - password: "mysecret" #pragma: allowlist secret - - - job_name: service-kubernetes-namespaces - - kubernetes_sd_configs: - - role: endpoints - api_server: "https://localhost:1234" - namespaces: - names: - - default - - basic_auth: - username: "myusername" - password_file: valid_password_file #pragma: allowlist secret - - - job_name: service-kuma - - kuma_sd_configs: - - server: http://kuma-control-plane.kuma-system.svc:5676 - - - job_name: service-marathon - marathon_sd_configs: - - servers: - - "https://marathon.example.com:443" - - auth_token: "mysecret" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: service-nomad - nomad_sd_configs: - - server: 'http://localhost:4646' - - - job_name: service-ec2 - ec2_sd_configs: - - region: us-east-1 - access_key: access - secret_key: mysecret #pragma: allowlist secret - profile: profile - filters: - - name: tag:environment - values: - - prod - - - name: tag:service - values: - - web - - db - - - job_name: service-lightsail - lightsail_sd_configs: - - region: us-east-1 - access_key: access - secret_key: mysecret #pragma: allowlist secret - profile: profile - - - job_name: service-azure - azure_sd_configs: - - environment: AzurePublicCloud - authentication_method: OAuth - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11 - resource_group: my-resource-group - tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2 - client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C - client_secret: mysecret #pragma: allowlist secret - port: 9100 - - - job_name: service-nerve - nerve_sd_configs: - - servers: - - localhost - paths: - - /monitoring - - - job_name: 0123service-xxx - metrics_path: /metrics - static_configs: - - targets: - - localhost:9090 - - - job_name: badfederation - honor_timestamps: false - metrics_path: /federate - static_configs: - - targets: - - localhost:9090 - - - job_name: 測試 - metrics_path: /metrics - static_configs: - - targets: - - localhost:9090 - - - job_name: httpsd - http_sd_configs: - - url: "http://example.com/prometheus" - - - job_name: service-triton - triton_sd_configs: - - account: "testAccount" - dns_suffix: "triton.example.com" - endpoint: "triton.example.com" - port: 9163 - refresh_interval: 1m - version: 1 - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: digitalocean-droplets - digitalocean_sd_configs: - - authorization: - credentials: abcdef - - - job_name: docker - docker_sd_configs: - - host: unix:///var/run/docker.sock - - - job_name: dockerswarm - dockerswarm_sd_configs: - - host: http://127.0.0.1:2375 - role: nodes - - - job_name: service-openstack - openstack_sd_configs: - - role: instance - region: RegionOne - port: 80 - refresh_interval: 1m - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: service-puppetdb - puppetdb_sd_configs: - - url: https://puppetserver/ - query: 'resources { type = "Package" and title = "httpd" }' - include_parameters: true - port: 80 - refresh_interval: 1m - tls_config: - ca_file: valid_ca_file - cert_file: valid_cert_file - key_file: valid_key_file - - - job_name: hetzner - relabel_configs: - - action: uppercase - source_labels: [instance] - target_label: instance - hetzner_sd_configs: - - role: hcloud - authorization: - credentials: abcdef - - role: robot - basic_auth: - username: abcdef - password: abcdef - - - job_name: service-eureka - eureka_sd_configs: - - server: "http://eureka.example.com:8761/eureka" - - - job_name: ovhcloud - ovhcloud_sd_configs: - - service: vps - endpoint: ovh-eu - application_key: testAppKey - application_secret: testAppSecret #pragma: allowlist secret - consumer_key: testConsumerKey - refresh_interval: 1m - - service: dedicated_server - endpoint: ovh-eu - application_key: testAppKey - application_secret: testAppSecret #pragma: allowlist secret - consumer_key: testConsumerKey - refresh_interval: 1m - - - job_name: scaleway - scaleway_sd_configs: - - role: instance - project_id: 11111111-1111-1111-1111-111111111112 - access_key: SCWXXXXXXXXXXXXXXXXX - secret_key: 11111111-1111-1111-1111-111111111111 - - role: baremetal - project_id: 11111111-1111-1111-1111-111111111112 - access_key: SCWXXXXXXXXXXXXXXXXX - secret_key: 11111111-1111-1111-1111-111111111111 - - - job_name: linode-instances - linode_sd_configs: - - authorization: - credentials: abcdef - - - job_name: uyuni - uyuni_sd_configs: - - server: https://localhost:1234 - username: gopher - password: hole #pragma: allowlist secret - - - job_name: ionos - ionos_sd_configs: - - datacenter_id: 8feda53f-15f0-447f-badf-ebe32dad2fc0 - authorization: - credentials: abcdef - - - job_name: vultr - vultr_sd_configs: - - authorization: - credentials: abcdef - -alerting: - alertmanagers: - - scheme: https - static_configs: - - targets: - - "1.2.3.4:9093" - - "1.2.3.5:9093" - - "1.2.3.6:9093" - -storage: - tsdb: - out_of_order_time_window: 30m - -tracing: - endpoint: "localhost:4317" - client_type: "grpc" - headers: - foo: "bar" - timeout: 5s - compression: "gzip" - tls_config: - cert_file: valid_cert_file - key_file: valid_key_file - insecure_skip_verify: true + my: haproxy + your: haproxy diff --git a/terminaldweller.com/haproxy/docker-compose.yaml b/terminaldweller.com/haproxy/docker-compose.yaml index 6e89024..126613c 100644 --- a/terminaldweller.com/haproxy/docker-compose.yaml +++ b/terminaldweller.com/haproxy/docker-compose.yaml @@ -17,47 +17,29 @@ services: - "587:587" volumes: - ./haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro - # - ./certs:/usr/local/etc/certs:ro networks: - proxynet - metricsnet - # - certnet restart: unless-stopped cap_drop: - ALL - # certbot: - # image: certbot - # build: - # context: ./certbot - # ports: - # - "127.0.0.1:9080:80" - # - "127.0.0.1:9443:443" - # networks: - # - certnet - # # restart: unless-stopped - # volumes: - # - ./letsencrypt:/etc/letsencrypt - # - ./webroot:/webroot - # - ./certs:/certs - # # command: ["certonly","--test-cert","--webroot","-w","/webroot","-d","chat.terminaldweller.com","--email","thabogre@gmail.com","--non-interactive","--agree-tos"] - # entrypoint: ["/certbot-entrypoint.sh"] - # environment: - # - DOMAIN=chat.terminaldweller.com - # - EMAIL=devi@mail.terminaldweller.com - # nginx: - # image: nginx - # ports: - # - "127.0.0.1:8080:80" - # networks: - # - certnet - # restart: unless-stopped - # volumes: - # - ./webroot:/usr/share/nginx/html # udpproxy: # image: nginx # ports: # - "127.0.0.1:3478:3478/udp" # - "127.0.0.1:5349:5349/udp" + # - "80:80" + # - "443:443" + # - "5222:5222" + # - "5280:5280" + # - "5443:5443" + # - "143:143" + # - "993:993" + # - "110:110" + # - "995:995" + # - "25:25" + # - "465:465" + # - "587:587" # networks: # - proxynet # restart: unless-stopped @@ -68,12 +50,18 @@ services: networks: - metricsnet restart: unless-stopped + ports: + - "127.0.0.1:9099:9090" volumes: - metricsvault:/opt/bitnami/prometheus/data - ./conf.yml:/opt/bitnami/prometheus/conf/prometheus.yml:ro + environment: + - HTTPS_PROXY=socks5h://172.17.0.1:9993 + - HTTP_PROXY=socks5h://172.17.0.1:9993 + - ALL_PROXY=socks5h://172.17.0.1:9993 + - NO_PROXY=localhost,127.0.0.0/8,172.16.0.0/12,10.0.0.0/8,192.168.0.0/16 networks: proxynet: metricsnet: - # certnet: volumes: metricsvault: diff --git a/terminaldweller.com/haproxy/haproxy.cfg b/terminaldweller.com/haproxy/haproxy.cfg index 57f79f4..6408b44 100644 --- a/terminaldweller.com/haproxy/haproxy.cfg +++ b/terminaldweller.com/haproxy/haproxy.cfg @@ -1,5 +1,5 @@ global - maxconn 256 + maxconn 768 log 127.0.0.1 local0 ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL ssl-default-bind-options no-sslv3 @@ -251,6 +251,13 @@ frontend mail-submission acl mail-host-ss req.ssl_sni -i terminaldweller.com use_backend mail-backend-submission if mail-host-s use_backend mail-backend-submission if mail-host-ss +frontend stats + mode http + bind *:8404 + http-request use-service prometheus-exporter if { path /metrics } + stats enable + stats uri /stats + stats refresh 10s #Backends backend certbot-backend diff --git a/terminaldweller.com/main/srv/index.html b/terminaldweller.com/main/srv/index.html index dc1a110..8677d84 100644 --- a/terminaldweller.com/main/srv/index.html +++ b/terminaldweller.com/main/srv/index.html @@ -29,9 +29,9 @@
I don't use all the accounts listed on keyoxide regularly. The preferred methods of contacting me are the ones that are listed here, IRC, XMPP and email (The order is not significant).

-
PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here and here
+
PGP FP: 9E20464F1CCF3B103249FA93A6A0F5158B3881DF - here and here
I manually upload my PGP key to https://keys.openpgp.org and https://pgp.mit.edu/.
-
SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here and here
+
SSH FP: SHA256:tyuaTy005jkJOIPXkrJAAlCKD91d1ftEXzGTqjmEZh4 - here and here

IRC Libera: terminaldweller FP:FEF763019F0799C1B5CD190FC89080240665CDCAE1CB889D4413775447A4826F48B18DC134D3ACDDE1D932CF3280E6026099857CF46177F1D87CD9AA859C615F
IRC OFTC: terminaldweller FP:1072EFECA623C6E3D7A6628BEB6021F77EA2C876
-- cgit v1.2.3