From b32f5ee0b80cdc8769c368da19b47e1ac46abbd5 Mon Sep 17 00:00:00 2001 From: Mike Phares Date: Sat, 23 Nov 2024 22:34:08 -0700 Subject: [PATCH] 2024-11-23 --- .gitignore | 3 + .vscode/settings.json | 8 +- etc/bash_history_2024-11-23.txt | 500 +++++++++++++++++++++++++++++ etc/dnsmasq.d/README | 7 + etc/dnsmasq.d/SDN/00-default.conf | 24 ++ etc/dnsmasq.d/SDN/10-SDN.conf | 3 + etc/dnsmasq.d/SDN/ethers | 2 + etc/group | 3 + etc/group- | 4 +- etc/gshadow | 3 + etc/gshadow- | 4 +- etc/hosts | 12 +- etc/nginx/include/adguard.conf | 20 ++ etc/nginx/include/chat.conf | 20 ++ etc/nginx/include/cockpit.conf | 24 ++ etc/nginx/include/diskstation.conf | 18 ++ etc/nginx/include/dockge.conf | 20 ++ etc/nginx/include/drive.conf | 18 ++ etc/nginx/include/firefox.conf | 19 ++ etc/nginx/include/kuma.conf | 32 ++ etc/nginx/include/neko.conf | 24 ++ etc/nginx/include/photos.conf | 19 ++ etc/nginx/include/products.conf | 19 ++ etc/nginx/include/pve.conf | 22 ++ etc/nginx/include/quartz.conf | 23 ++ etc/nginx/sites-available/default | 24 +- etc/passwd | 1 + etc/passwd- | 3 +- etc/resolv.conf | 2 +- etc/shadow | 1 + etc/shadow- | 1 + opt/dockge/compose.yaml | 22 ++ 32 files changed, 887 insertions(+), 18 deletions(-) create mode 100644 etc/bash_history_2024-11-23.txt create mode 100644 etc/dnsmasq.d/README create mode 100644 etc/dnsmasq.d/SDN/00-default.conf create mode 100644 etc/dnsmasq.d/SDN/10-SDN.conf create mode 100644 etc/dnsmasq.d/SDN/ethers create mode 100644 etc/nginx/include/adguard.conf create mode 100644 etc/nginx/include/chat.conf create mode 100644 etc/nginx/include/cockpit.conf create mode 100644 etc/nginx/include/diskstation.conf create mode 100644 etc/nginx/include/dockge.conf create mode 100644 etc/nginx/include/drive.conf create mode 100644 etc/nginx/include/firefox.conf create mode 100644 etc/nginx/include/kuma.conf create mode 100644 etc/nginx/include/neko.conf create mode 100644 etc/nginx/include/photos.conf create mode 100644 etc/nginx/include/products.conf create mode 100644 etc/nginx/include/pve.conf create mode 100644 etc/nginx/include/quartz.conf create mode 100644 opt/dockge/compose.yaml diff --git a/.gitignore b/.gitignore index ed5c0cc..2b2ac18 100644 --- a/.gitignore +++ b/.gitignore @@ -43,15 +43,18 @@ !etc/dnsmasq.d/* !etc/fstab/* !etc/netplan/* +!etc/nginx/include/* !etc/nginx/sites-available/* !etc/mysql/mariadb.conf.d/* !etc/php/* !etc/postgresql/* !etc/wsl/* +!etc/dnsmasq.d/SDN/* !etc/letsencrypt/**/* !opt/copy/**/* +!opt/dockge/**/*.yaml !root/**/*container !home/podman/**/*volume diff --git a/.vscode/settings.json b/.vscode/settings.json index 0f57c45..3c42208 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -3,5 +3,11 @@ "*.container": "ini", "*.org": "ini", "*.net": "ini" - } + }, + "cSpell.words": [ + "diskstation", + "dockge", + "neko", + "phares" + ] } \ No newline at end of file diff --git a/etc/bash_history_2024-11-23.txt b/etc/bash_history_2024-11-23.txt new file mode 100644 index 0000000..37b2109 --- /dev/null +++ b/etc/bash_history_2024-11-23.txt @@ -0,0 +1,500 @@ +nginx -t +nginx -s reload +exit +ln -s /var/log/nginx /var/www/html/log-nginx +ls -la /var/www/html +cp ~/.bash_history /etc/bash_history_2024-11-05.txt +cat /etc/bash_history_2024-11-05.txt +exit +apt-get install podman -y +apt-cache rdepends podman-compose +apt-get install podman-compose -y +apt-get install sudo +mkdir /home/podman/.ssh +cp /root/.ssh/authorized_keys /home/podman/.ssh/authorized_keys +chown podman:podman -R /home/podman +adduser podman sudo +loginctl enable-linger +sudo -iu podman +podman --version +sudo -iu podman +sudo -iu podman +mkdir -p /run/user/1000/ +chown -R podman:podman /run/user/1000/ +sudo -iu podman +sudo -iu podman +sudo -iu podman +systemctl --user start uptime-kuma-server +systemctl start uptime-kuma-server +sudo -iu podman +sudo -iu podman +find / -name "*fedora*" 2>/dev/null +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.common.conf +nano /usr/share/lxc/config/fedora.userns.conf +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +sudo -iu podman +chown -R podman:podman /home/podman +sudo -iu podman +apt install podman-quadlet +ls -la /usr/libexec/podman +systemctl -l | grep -i rootlessport +ps aux | grep rootlessport +whereis podman-generate-systemd +exit +clear +apt list --installed +sudo -iu podman +exit +sudo -iu podman +exit +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/ubuntu.sh)" +apt-get install podman-compose -y +exit +pip3 install podman-compose +systemctl enable podmand +apt install podman +systemctl enable podmand +podman --version +systemctl enable podman.socket +systemctl start podman.socket +systemctl status podman.socket +apt-get install cockpit cockpit-podman -y +systemctl enable --now cockpit.socket +sudo -iu podman +apt install software-properties-common uidmap -y +sudo -iu podman +apt-get install -y libapparmor-dev +cd /tmp/acme.sh +ls /root/.acme.sh/ +./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cd /tmp +git clone https://github.com/acmesh-official/acme.sh.git +cd /tmp/acme.sh +./acme.sh --install -m mikepharesjr@msn.com +export DuckDNS_Token=1d3fc707-7052-4459-a624-fb01250f00b9 +echo $DuckDNS_Token +./acme.sh --register-account -m mikepharesjr@msn.com +./acme.sh --set-default-ca --server letsencrypt +./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +ls +ls /root/.acme.sh/ +cd /root/.acme.sh/ +cp -R \*.phares.duckdns.org_ecc/ wild-phares +cd wild-phares/ +ls +mv \*.phares.duckdns.org.cer phares.duckdns.org.cer +mv \*.phares.duckdns.org.conf phares.duckdns.org.conf +mv \*.phares.duckdns.org.csr phares.duckdns.org.csr +mv \*.phares.duckdns.org.csr.conf phares.duckdns.org.csr.conf +mv \*.phares.duckdns.org.key phares.duckdns.org.key +ls +cd .. +cd .. +cd /tmp/ +cd acme.sh/ +ls +./acme.sh --issue --dns dns_duckdns -d '*.affirm.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cp -R \*.affirm.duckdns.org_ecc/ wild-affirm +cp -R \*.affirm.duckdns.org_ecc/ wild-affirm +cp -R /root/.acme.sh/\*.affirm.duckdns.org_ecc/ /root/.acme.sh/wild-affirm +mv /root/.acme.sh/\*.affirm.duckdns.org.cer /root/.acme.sh/affirm.duckdns.org.cer +mv /root/.acme.sh/\*.affirm.duckdns.org.conf /root/.acme.sh/affirm.duckdns.org.conf +mv /root/.acme.sh/\*.affirm.duckdns.org.csr /root/.acme.sh/affirm.duckdns.org.csr +mv /root/.acme.sh/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/affirm.duckdns.org.csr.conf +mv /root/.acme.sh/\*.affirm.duckdns.org.key /root/.acme.sh/affirm.duckdns.org.key +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.cer /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.conf +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr.conf +mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key +nginx -t +nginx -s reload +exit +rm -R /root/.acme.sh/affirm.duckdns.org_ecc/ +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +cd /root/.acme.sh/ +ls -la +cd /tmp/ +cd acme.sh/ +./acme.sh --issue --dns dns_duckdns -d '*.bchs.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key +cd /root/.acme.sh/ +ls +cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +cp -R /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf +mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key +exit +nginx -t +nginx -t +nginx -s reload +nginx -s reload +exit +nano /etc/cockpit/cockpit.conf +systemctl restart cockpit +journalctl -u cockpit +systemctl restart cockpit.service +systemctl restart cockpit.socket +exit +systemctl restart cockpit.socket +systemctl restart cockpit.service +journalctl -u cockpit +systemctl stop cockpit +systemctl stop cockpit.socket +exit +mv /etc/cockpit/ws-certs.d/0-self-signed.cert /etc/cockpit/ws-certs.d/0-self-signed.cert.old +mv /etc/cockpit/ws-certs.d/0-self-signed.key /etc/cockpit/ws-certs.d/0-self-signed.key.old +cp /root/.acme.sh/wild-affirm/fullchain.cer /etc/cockpit/ws-certs.d/0-self-signed.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /etc/cockpit/ws-certs.d/0-self-signed.key +systemctl start cockpit +journalctl -xeu cockpit.service +systemctl start cockpit +systemctl start cockpit.socket +systemctl start cockpit +systemctl status cockpit.service +ls -la /etc/cockpit/ws-certs.d +exit +chmod 774 -R /etc/cockpit/ws-certs.d +systemctl start cockpit +systemctl status cockpit.service +systemctl start cockpit.socket +systemctl start cockpit +systemctl stop cockpit +systemctl start cockpit +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /etc/cockpit/ws-certs.d/0-self-signed.cert +ls -la /etc/cockpit/ws-certs.d +chmod 774 -R /etc/cockpit/ws-certs.d +ls -la /etc/cockpit/ws-certs.d +systemctl start cockpit +journalctl -u cockpit +systemctl start cockpit.soket +systemctl start cockpit.socket +cat /etc/cockpit/ws-certs.d/0-self-signed.cert +exit +cat /etc/cockpit/ws-certs.d/0-self-signed.key +exit +systemctl start cockpit +exit +systemctl stop cockpit +systemctl stop cockpit.socket +systemctl start cockpit +systemctl start cockpit.socket +journalctl -u cockpit +journalctl -u cockpit +journalctl --rotate +journalctl --vacuum-time=1s +journalctl -u cockpit +journalctl -u cockpit +journalctl -u cockpit +journalctl -u cockpit +nano /etc/cockpit/cockpit.conf +ngnix -t +nginx -t +nginx -s reload +exit +sudo -iu podman +exit +cp ~/.bash_history /etc/bash_history_2024-11-11.txt +cat /etc/bash_history_2024-11-11.txt +ls +ls -la +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)" +/etc/network/interfaces +ls /etc/network/interfaces +cat /etc/network/interfaces +ping 192.168.31.31 +ping 192.168.31.32 +ngnix -t +nginx -s reload +links http://192.168.31.31:3001 +links http://192.168.31.31:3001 +links http://192.168.31.31 +links http://192.168.31.31:3002 +links http://192.168.31.32:3001 +nginx -s reload +nginx -s reload +nginx -s reload +nginx -s reload +links http://192.168.31.65:3001 +links https://192.168.31.65:3001 +links http://192.168.31.12:8006 +links http://192.168.31.12:8006 +nginx -s reload +nginx -s reload +cat /etc/systemd/system/getty@.service.d/autologin.conf +pct enter 100 +nginx -s reload +pct enter 100 +pct enter 101 +pct enter 100 +nginx -s reload +pct enter 100 +mkdir /mnt/vm-100-disk-0 +mount /dev/pve/vm-100-disk-0 /mnt/vm-100-disk-0 +cd /mnt/vm-100-disk-0 +ls -la +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +mkdir /mnt/vm-100-disk-0/certs +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key +ls +cd certs/ +ls +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert +nano /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /mnt/vm-100-disk-0/certs/server.cert +cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /mnt/vm-100-disk-0/certs/server.key +ls +ls -la +umount /mnt/vm-100-disk-0 +cd / +umount /mnt/vm-100-disk-0 +cd /mnt/vm-100-disk-0 +ls +pct enter 100 +pct enter 100 +pct enter 100 +links http://192.168.31.39:3001 +links http://192.168.31.39:3004 +links https://192.168.31.39:3001 +nginx -s reload +links https://192.168.31.39:3001 +ip a +pct enter 100 +pct enter 100 +pct enter 100 +nginx -s reload +pct enter 100 +nano /etc/hosts +pct enter 100 +ping mattermost.phares.duckdns.org +curl https://mattermost.phares.duckdns.org +pct enter 100 +exit +links http://192.168.31.12:8084/ +cp /var/www/html /var/www/html-quartz +cp -R /var/www/html /var/www/html-quartz +links http://192.168.31.12:8084/ +nginx -s reload +nginx -s reload +links http://192.168.31.12:8084/ +ls -la /var/www/html-quartz +r -r /var/www/html-quartz/log-nginx +rm -R /var/www/html-quartz/log-nginx +ls -la /var/www/html-quartz +mv /var/www/html-quartz/index.nginx-debian.html index.html +links http://192.168.31.12:8084/ +ls +mv index.html /var/www/html-quartz/ +ls +links http://192.168.31.12:8084/ +links http://192.168.31.12:8084/ +exit +cd /run/user/1000/ +cd systemd/ +ls -la +nano generator.late/ +cd generator.late/ +ls +cd .. +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +cd generator +ls +sudo -iu podman +sudo -iu podman +ls -la /run/user/1000/systemd/generator/neko-server.service +ls -la /run/user/1000/systemd/generator +ls -la /run/user/1000/systemd +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +sudo -iu podman +nginx -s reload +nginx -s reload +sudo -iu podman +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +exit +mkdir /run/user/1000/systemd/generator +cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service +sudo -iu podman +nginx -s reload +exit +cat /etc/network/interfaces +apt update +apt install dnsmasq -y +systemctl disable --now dnsmasq +apt install frr-pythontools -y +exit +exit +cat /etc/network/interfaces +nginx -s reload +links http://192.168.32.100:3001 +curl http://192.168.32.100:3001 +curl http://192.168.32.100:3001 +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)" +bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/adguard.sh)" +curl http://192.168.32.100:3001 +snap remove addguard +snap remove addguardhome +snap remove adguardhome +snap remove adguard +snap remove adguard-home +snap install adguard-home +curl http:192.168.31.12:3000 +curl http://192.168.31.12:3000 +nginx -s reload +nginx -s reload +curl http:192.168.31.100:3002 +curl http://192.168.31.100:3002 +curl http://192.168.31.100:3000 +curl http://192.168.31.100:3001 +curl http://192.168.31.100:3001 +ping 192.168.32.100 +curl http://192.168.32.100:3002 +curl http://192.168.32.100:3001 +links http://192.168.32.100:3001/ +nginx -s reload +pct enter 100 +curl http://192.168.32.100:3001 +curl http://192.168.32.100:3001/dashboardroot +nano /etc/dnsmasq.d/SDN/ethers +pct enter 100 +nano /etc/hosts +pct enter 100 +pct enter 100 +nano /etc/hosts +pct modify /etc/hosts 100 +exit +cat /var/lib/misc/dnsmasq.SDN.leases +exit +mviewcl +lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE% +docker +exit +snap info +snap +snap find +snap list +exit +cd /tmp +curl -fsSL https://get.docker.com -o get-docker.sh +sh get-docker.sh +docker ps -a +exit +cd /tmp +mkdir -p /opt/stacks /opt/dockge +cd /opt/dockge +curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml +docker compose up -d +nginx -s reload +nginx -s reload +apt install podman-docker +/usr/libexec/podman/quadlet -dryrun --user +apt install podman-docker +docker down +docker +docker stop +docker ls +docker ps a +docker ps -a +docker stop c +nginx -s reload +docker compose up -d +docker ps -a +docker stop c +docker compose up -d +nginx -s reload +curl http://192.168.31.12:5800 +nginx -s reload +nginx -s reload +nginx -s reload +docker exec -it firefox bash +docker ps -a +docker exec -it 1 bash +docker exec -it 1 sh +exit +exit +exit +docker exec -it 1 bash +docker exec -it firefox bash +docker ps a +docker ps -a +docker exec -it 1 bash +docker exec -it 1 sh +snap list +nginx -s reload +snap install dotnet-sdk --classic --channel latest/stable +export DOTNET_ROOT=/snap/dotnet-sdk/current +~/.bashrc +dotnet --info +exit +cd /tmp/ +git clone https://33aada599f8e245782e68931fe2629a959af5d26@gitea.phares.duckdns.org/phares3757/one-review.git +cd one-review/ +git checkout origin/11-17 +git log -1 +docker compose -up +docker compose up +docker compose up +nano docker-compose.yaml +exit +links http://localhost:5001 +links http://192.168.11.2:5001 +exit +nginx -s reload +links http://localhost:5000/Products +exit +cd /tmp/ +cd one-review/ +nano docker-compose.yaml +docker compose up +docker ps -a\ +docker ps -a +docker images ls +docker image ls +git pull origin 11-17 +git log -1 +git reset --hard +git log -1 +git pull origin 11-17 +git log -1 +docker compose up +docker ps -a +docker image ls +docker compose up +docker compose up +dotnet run --project src/OneReview +dotnet run --project src/OneReview +docker image ls +docker image ls +docker image rm 0f +docker image rm 0f +docker ps -a +docker container rm e5 +docker image rm 0f +docker compose up +exit +nginx -t +nginx -s reload diff --git a/etc/dnsmasq.d/README b/etc/dnsmasq.d/README new file mode 100644 index 0000000..13db0d8 --- /dev/null +++ b/etc/dnsmasq.d/README @@ -0,0 +1,7 @@ +# All files in this directory will be read by dnsmasq as +# configuration files, except if their names end in +# ".dpkg-dist",".dpkg-old" or ".dpkg-new" +# +# This can be changed by editing /etc/default/dnsmasq + + diff --git a/etc/dnsmasq.d/SDN/00-default.conf b/etc/dnsmasq.d/SDN/00-default.conf new file mode 100644 index 0000000..8193d85 --- /dev/null +++ b/etc/dnsmasq.d/SDN/00-default.conf @@ -0,0 +1,24 @@ +except-interface=lo +enable-ra +quiet-ra +bind-dynamic +no-hosts +dhcp-leasefile=/var/lib/misc/dnsmasq.SDN.leases +dhcp-hostsfile=/etc/dnsmasq.d/SDN/ethers +dhcp-ignore=tag:!known + +dhcp-option=26,1500 +ra-param=*,mtu:1500,0 + +# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave. +dhcp-option=252,"\n" + +# Send microsoft-specific option to tell windows to release the DHCP lease +# when it shuts down. Note the "i" flag, to tell dnsmasq to send the +# value as a four-byte integer - that's what microsoft wants. +dhcp-option=vendor:MSFT,2,1i + +# If a DHCP client claims that its name is "wpad", ignore that. +# This fixes a security hole. see CERT Vulnerability VU#598349 +dhcp-name-match=set:wpad-ignore,wpad +dhcp-ignore-names=tag:wpad-ignore diff --git a/etc/dnsmasq.d/SDN/10-SDN.conf b/etc/dnsmasq.d/SDN/10-SDN.conf new file mode 100644 index 0000000..4f27d9b --- /dev/null +++ b/etc/dnsmasq.d/SDN/10-SDN.conf @@ -0,0 +1,3 @@ +dhcp-option=tag:SDN-192.168.32.1-25,option:router,192.168.32.1 +dhcp-range=set:SDN-192.168.32.1-25,192.168.32.1,static,255.255.255.128,infinite +interface=SDN diff --git a/etc/dnsmasq.d/SDN/ethers b/etc/dnsmasq.d/SDN/ethers new file mode 100644 index 0000000..d8b3548 --- /dev/null +++ b/etc/dnsmasq.d/SDN/ethers @@ -0,0 +1,2 @@ +BC:24:11:D6:FC:B3,192.168.32.100 +BC:24:11:6A:65:00,192.168.32.101 diff --git a/etc/group b/etc/group index 867a635..0a64c1a 100644 --- a/etc/group +++ b/etc/group @@ -59,3 +59,6 @@ cockpit-ws:x:117: cockpit-wsinstance:x:118: polkitd:x:997: podman:x:1000: +frrvty:x:119:frr +frr:x:120: +docker:x:996: diff --git a/etc/group- b/etc/group- index d672841..4482354 100644 --- a/etc/group- +++ b/etc/group- @@ -18,7 +18,7 @@ voice:x:22: cdrom:x:24: floppy:x:25: tape:x:26: -sudo:x:27: +sudo:x:27:podman audio:x:29: dip:x:30: www-data:x:33: @@ -59,3 +59,5 @@ cockpit-ws:x:117: cockpit-wsinstance:x:118: polkitd:x:997: podman:x:1000: +frrvty:x:119:frr +frr:x:120: diff --git a/etc/gshadow b/etc/gshadow index bf9966b..23750ac 100644 --- a/etc/gshadow +++ b/etc/gshadow @@ -59,3 +59,6 @@ cockpit-ws:!:: cockpit-wsinstance:!:: polkitd:!*:: podman:!:: +frrvty:!::frr +frr:!:: +docker:!:: diff --git a/etc/gshadow- b/etc/gshadow- index 23d68aa..cd85d12 100644 --- a/etc/gshadow- +++ b/etc/gshadow- @@ -18,7 +18,7 @@ voice:*:: cdrom:*:: floppy:*:: tape:*:: -sudo:*:: +sudo:*::podman audio:*:: dip:*:: www-data:*:: @@ -59,3 +59,5 @@ cockpit-ws:!:: cockpit-wsinstance:!:: polkitd:!*:: podman:!:: +frrvty:!::frr +frr:!:: diff --git a/etc/hosts b/etc/hosts index 4d7c0db..f667219 100644 --- a/etc/hosts +++ b/etc/hosts @@ -1,5 +1,13 @@ 127.0.0.1 localhost.localdomain localhost +127.0.1.1 uptimekuma.affirm.duckdns.org +# +192.168.0.11 mattermost.phares.duckdns.org +192.168.0.11 vaultwarden.phares.duckdns.org +192.168.0.11 gitea.phares.duckdns.org +# 192.168.31.12 pve.affirm.duckdns.org pve +192.168.31.12 cockpit.affirm.duckdns.org + # The following lines are desirable for IPv6 capable hosts @@ -8,6 +16,4 @@ fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters -ff02::3 ip6-allhosts - -192.168.0.11 mattermost.phares.duckdns.org +ff02::3 ip6-allhosts \ No newline at end of file diff --git a/etc/nginx/include/adguard.conf b/etc/nginx/include/adguard.conf new file mode 100644 index 0000000..6e896ce --- /dev/null +++ b/etc/nginx/include/adguard.conf @@ -0,0 +1,20 @@ +server { + # touch /etc/nginx/include/adguard.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/adguard.affirm.duckdns.org.key -out /etc/nginx/include/adguard.affirm.duckdns.org.crt -config /etc/nginx/include/adguard.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name adguard.affirm.duckdns.org; + client_max_body_size 5000m; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://192.168.31.12:3002/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/chat.conf b/etc/nginx/include/chat.conf new file mode 100644 index 0000000..454d788 --- /dev/null +++ b/etc/nginx/include/chat.conf @@ -0,0 +1,20 @@ +server { + # touch /etc/nginx/include/chat.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/chat.affirm.duckdns.org.key -out /etc/nginx/include/chat.affirm.duckdns.org.crt -config /etc/nginx/include/chat.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name chat.affirm.duckdns.org; + client_max_body_size 5000m; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://192.168.0.31:5001/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/cockpit.conf b/etc/nginx/include/cockpit.conf new file mode 100644 index 0000000..f4c3852 --- /dev/null +++ b/etc/nginx/include/cockpit.conf @@ -0,0 +1,24 @@ +server { + # touch /etc/nginx/include/cockpit.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/cockpit.affirm.duckdns.org.key -out /etc/nginx/include/cockpit.affirm.duckdns.org.crt -config /etc/nginx/include/cockpit.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name cockpit.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://127.0.0.1:9090/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + proxy_http_version 1.1; + proxy_buffering off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + gzip off; + } +} \ No newline at end of file diff --git a/etc/nginx/include/diskstation.conf b/etc/nginx/include/diskstation.conf new file mode 100644 index 0000000..5e38ce7 --- /dev/null +++ b/etc/nginx/include/diskstation.conf @@ -0,0 +1,18 @@ +server { + # touch /etc/nginx/include/diskstation.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name diskstation.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://192.168.0.31:5001/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/dockge.conf b/etc/nginx/include/dockge.conf new file mode 100644 index 0000000..e62f8f9 --- /dev/null +++ b/etc/nginx/include/dockge.conf @@ -0,0 +1,20 @@ +server { + # touch /etc/nginx/include/dockge.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/dockge.affirm.duckdns.org.key -out /etc/nginx/include/dockge.affirm.duckdns.org.crt -config /etc/nginx/include/dockge.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name dockge.affirm.duckdns.org; + client_max_body_size 5000m; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://192.168.31.12:5002/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/drive.conf b/etc/nginx/include/drive.conf new file mode 100644 index 0000000..166a1ec --- /dev/null +++ b/etc/nginx/include/drive.conf @@ -0,0 +1,18 @@ +server { + # touch /etc/nginx/include/drive.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name drive.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://192.168.0.31:5001/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/firefox.conf b/etc/nginx/include/firefox.conf new file mode 100644 index 0000000..7a75f54 --- /dev/null +++ b/etc/nginx/include/firefox.conf @@ -0,0 +1,19 @@ +server { + # touch /etc/nginx/include/firefox.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/firefox.affirm.duckdns.org.key -out /etc/nginx/include/firefox.affirm.duckdns.org.crt -config /etc/nginx/include/firefox.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name firefox.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://192.168.31.12:5800/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/kuma.conf b/etc/nginx/include/kuma.conf new file mode 100644 index 0000000..5554268 --- /dev/null +++ b/etc/nginx/include/kuma.conf @@ -0,0 +1,32 @@ +server { + # touch /etc/nginx/include/kuma.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name kuma.affirm.duckdns.org; + client_max_body_size 5000m; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://192.168.31.12:3001/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} + +# [Container] +# AutoUpdate=registry +# ContainerName=uptime-kuma-server +# Environment="UPTIME_KUMA_SSL_CERT=/certs/server.cert" +# Environment="UPTIME_KUMA_SSL_KEY=/certs/server.key" +# Image=docker.io/louislam/uptime-kuma:1 +# PodmanArgs=--add-host=cockpit.phares.duckdns.org:192.168.11.2 +# PodmanArgs=--add-host=mattermost.phares.duckdns.org:192.168.11.2 +# PublishPort=3004:3001 +# Volume=uptime-kuma-server-data.volume:/app/data:rw +# Volume=/home/podman/wild-phares/fullchain.cer:/certs/server.cert:ro +# Volume=/home/podman/wild-phares/phares.duckdns.org.key:/certs/server.key:ro \ No newline at end of file diff --git a/etc/nginx/include/neko.conf b/etc/nginx/include/neko.conf new file mode 100644 index 0000000..fc1c39c --- /dev/null +++ b/etc/nginx/include/neko.conf @@ -0,0 +1,24 @@ +server { + # touch /etc/nginx/include/neko.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/neko.affirm.duckdns.org.key -out /etc/nginx/include/neko.phares.duckdns.org.crt -config /etc/nginx/include/neko.phares.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name neko.affirm.duckdns.org; + location / { + # https://neko.m1k1o.net/#/getting-started/reverse-proxy + proxy_pass http://192.168.31.12:8082; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_read_timeout 86400; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Protocol $scheme; + } +} \ No newline at end of file diff --git a/etc/nginx/include/photos.conf b/etc/nginx/include/photos.conf new file mode 100644 index 0000000..7204a00 --- /dev/null +++ b/etc/nginx/include/photos.conf @@ -0,0 +1,19 @@ +server { + # touch /etc/nginx/include/photos.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name photos.affirm.duckdns.org; + client_max_body_size 5000m; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://192.168.0.31:5001/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/products.conf b/etc/nginx/include/products.conf new file mode 100644 index 0000000..61747d5 --- /dev/null +++ b/etc/nginx/include/products.conf @@ -0,0 +1,19 @@ +server { + # touch /etc/nginx/include/products.affirm.duckdns.org + # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/include/products.affirm.duckdns.org.key -out /etc/nginx/include/products.affirm.duckdns.org.crt -config /etc/nginx/include/products.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name products.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://192.168.31.12:5005/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + } +} \ No newline at end of file diff --git a/etc/nginx/include/pve.conf b/etc/nginx/include/pve.conf new file mode 100644 index 0000000..3179f43 --- /dev/null +++ b/etc/nginx/include/pve.conf @@ -0,0 +1,22 @@ +server { + # touch /etc/nginx/include/pve.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name pve.affirm.duckdns.org; + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://192.168.31.12:8006/; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + proxy_buffering off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + client_max_body_size 500M; + } +} \ No newline at end of file diff --git a/etc/nginx/include/quartz.conf b/etc/nginx/include/quartz.conf new file mode 100644 index 0000000..bdebcae --- /dev/null +++ b/etc/nginx/include/quartz.conf @@ -0,0 +1,23 @@ +server { + listen 8084 default_server; + root /var/www/html-quartz; + index index.html index.htm; + server_name _; + location / { + try_files $uri $uri/ =404; + } +} +server { + # touch /etc/nginx/include/quartz.affirm.duckdns.org + ssl_certificate /root/.acme.sh/wild-affirm/fullchain.cer; + # ssl_certificate /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer; + ssl_certificate_key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key; + ssl_protocols TLSv1.2 TLSv1.3; + listen 443 ssl http2; + server_name quartz.affirm.duckdns.org; + root /var/www/html-quartz; + index index.html index.htm index.nginx-debian.html; + location / { + try_files $uri $uri.html $uri/ =404; + } +} \ No newline at end of file diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default index cd13fa6..42b81cb 100644 --- a/etc/nginx/sites-available/default +++ b/etc/nginx/sites-available/default @@ -1,10 +1,14 @@ -include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckddns.org # http://192.168.31.12:3002/; -include /etc/nginx/include/chat.conf; # https://chat.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckddns.org # https://192.168.31.12:9090/; -include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/drive.conf; # https://drive.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckddns.org # http://192.168.31.37:3001/; -include /etc/nginx/include/neko.conf; # https://neko.affirm.duckddns.org # http://192.168.31.12:8082/; -include /etc/nginx/include/photos.conf; # https://photos.affirm.duckddns.org # https://192.168.31.12:5001/; -include /etc/nginx/include/pve.conf; # https://pve.affirm.duckddns.org # https://192.168.31.12:8006/; -include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckddns.org # http://192.168.31.12:8084/; +include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckdns.org # http://192.168.31.12:3002/; +include /etc/nginx/include/chat.conf; # https://chat.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckdns.org # https://192.168.31.12:9090/; +include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/dockge.conf; # https://dockge.affirm.duckdns.org # http://192.168.31.12:5002/; +include /etc/nginx/include/drive.conf; # https://drive.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/firefox.conf; # https://firefox.affirm.duckdns.org # http://192.168.31.12:5800/; +include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckdns.org # http://192.168.32.100:3001/; +include /etc/nginx/include/neko.conf; # https://neko.affirm.duckdns.org # http://192.168.31.12:8082/; +include /etc/nginx/include/photos.conf; # https://photos.affirm.duckdns.org # https://192.168.31.12:5001/; +include /etc/nginx/include/products.conf; # https://products.affirm.duckdns.org # https://192.168.31.12:5005/; +include /etc/nginx/include/pve.conf; # https://pve.affirm.duckdns.org # https://192.168.31.12:8006/; +include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckdns.org # http://192.168.31.12:8084/; +# ssh root@free.file.sync.media -i C:/Users/phares/.ssh/id_ed25519 \ No newline at end of file diff --git a/etc/passwd b/etc/passwd index 8cbb3f6..dded0ba 100644 --- a/etc/passwd +++ b/etc/passwd @@ -32,3 +32,4 @@ cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash +frr:x:112:120:Frr routing suite,,,:/nonexistent:/usr/sbin/nologin diff --git a/etc/passwd- b/etc/passwd- index 53b8783..f515ad4 100644 --- a/etc/passwd- +++ b/etc/passwd- @@ -31,4 +31,5 @@ dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin -podman:x:1000:1000::/home/podman:/bin/bash +podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash +frr:x:112:120::/nonexistent:/usr/sbin/nologin diff --git a/etc/resolv.conf b/etc/resolv.conf index 7c35a0d..86e6c1a 100644 --- a/etc/resolv.conf +++ b/etc/resolv.conf @@ -1,2 +1,2 @@ search affirm.duckdns.org -nameserver 192.168.31.1 +nameserver 192.168.31.12 diff --git a/etc/shadow b/etc/shadow index 122b151..c50bd52 100644 --- a/etc/shadow +++ b/etc/shadow @@ -32,3 +32,4 @@ cockpit-ws:!:20033:::::: cockpit-wsinstance:!:20033:::::: polkitd:!*:20033:::::: podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7::: +frr:!:20039:::::: diff --git a/etc/shadow- b/etc/shadow- index ec38210..122b151 100644 --- a/etc/shadow- +++ b/etc/shadow- @@ -31,3 +31,4 @@ dnsmasq:!:20033:::::: cockpit-ws:!:20033:::::: cockpit-wsinstance:!:20033:::::: polkitd:!*:20033:::::: +podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7::: diff --git a/opt/dockge/compose.yaml b/opt/dockge/compose.yaml new file mode 100644 index 0000000..10a80de --- /dev/null +++ b/opt/dockge/compose.yaml @@ -0,0 +1,22 @@ +services: + dockge: + image: louislam/dockge:1 + restart: unless-stopped + ports: + # Host Port : Container Port + - 5002:5001 + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./data:/app/data + + # If you want to use private registries, you need to share the auth file with Dockge: + # - /root/.docker/:/root/.docker + + # Stacks Directory + # ⚠️ READ IT CAREFULLY. If you did it wrong, your data could end up writing into a WRONG PATH. + # ⚠️ 1. FULL path only. No relative path (MUST) + # ⚠️ 2. Left Stacks Path === Right Stacks Path (MUST) + - /opt/stacks:/opt/stacks + environment: + # Tell Dockge where is your stacks directory + - DOCKGE_STACKS_DIR=/opt/stacks