Dockge

2024-11-25 23:45:49 -07:00
23 changed files with 703 additions and 17 deletions
--- a/.gitignore
+++ b/.gitignore
@ -52,6 +52,8 @@
 !etc/letsencrypt/**/*

 !opt/copy/**/*
+!opt/stacks/**/*.env
+!opt/stacks/**/*.yaml

 !root/**/*container
 !home/podman/**/*volume
--- a/etc/bash_history_2024-11-23.txt
+++ b/etc/bash_history_2024-11-23.txt
@ -0,0 +1,500 @@
+nginx -t
+nginx -s reload
+exit
+ln -s /var/log/nginx /var/www/html/log-nginx
+ls -la /var/www/html
+cp ~/.bash_history /etc/bash_history_2024-11-05.txt
+cat /etc/bash_history_2024-11-05.txt
+exit
+apt-get install podman -y
+apt-cache rdepends podman-compose
+apt-get install podman-compose -y
+apt-get install sudo
+mkdir /home/podman/.ssh
+cp /root/.ssh/authorized_keys /home/podman/.ssh/authorized_keys
+chown podman:podman -R /home/podman
+adduser podman sudo
+loginctl enable-linger
+sudo -iu podman
+podman --version
+sudo -iu podman
+sudo -iu podman
+mkdir -p /run/user/1000/
+chown -R podman:podman /run/user/1000/
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+systemctl --user start uptime-kuma-server
+systemctl start uptime-kuma-server
+sudo -iu podman
+sudo -iu podman
+find / -name "*fedora*" 2>/dev/null
+nano /usr/share/lxc/config/fedora.common.conf
+nano /usr/share/lxc/config/fedora.common.conf
+nano /usr/share/lxc/config/fedora.common.conf
+nano /usr/share/lxc/config/fedora.common.conf
+nano /usr/share/lxc/config/fedora.userns.conf
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+sudo -iu podman
+chown -R podman:podman /home/podman
+sudo -iu podman
+apt install podman-quadlet
+ls -la /usr/libexec/podman
+systemctl -l | grep -i rootlessport
+ps aux | grep rootlessport
+whereis podman-generate-systemd
+exit
+clear
+apt list --installed
+sudo -iu podman
+exit
+sudo -iu podman
+exit
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/ubuntu.sh)"
+apt-get install podman-compose -y
+exit
+pip3 install podman-compose
+systemctl enable podmand
+apt install podman
+systemctl enable podmand
+podman --version
+systemctl enable podman.socket
+systemctl start podman.socket
+systemctl status podman.socket
+apt-get install cockpit cockpit-podman -y
+systemctl enable --now cockpit.socket
+sudo -iu podman
+apt install software-properties-common uidmap -y
+sudo -iu podman
+apt-get install -y libapparmor-dev
+cd /tmp/acme.sh
+ls /root/.acme.sh/
+./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
+cd /tmp
+git clone https://github.com/acmesh-official/acme.sh.git
+cd /tmp/acme.sh
+./acme.sh --install -m mikepharesjr@msn.com
+export DuckDNS_Token=1d3fc707-7052-4459-a624-fb01250f00b9
+echo $DuckDNS_Token
+./acme.sh --register-account -m mikepharesjr@msn.com
+./acme.sh --set-default-ca --server letsencrypt
+./acme.sh --issue --dns dns_duckdns -d '*.phares.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
+ls
+ls /root/.acme.sh/
+cd /root/.acme.sh/
+cp -R \*.phares.duckdns.org_ecc/ wild-phares
+cd wild-phares/
+ls
+mv \*.phares.duckdns.org.cer phares.duckdns.org.cer
+mv \*.phares.duckdns.org.conf phares.duckdns.org.conf
+mv \*.phares.duckdns.org.csr phares.duckdns.org.csr
+mv \*.phares.duckdns.org.csr.conf phares.duckdns.org.csr.conf
+mv \*.phares.duckdns.org.key phares.duckdns.org.key
+ls
+cd ..
+cd ..
+cd /tmp/
+cd acme.sh/
+ls
+./acme.sh --issue --dns dns_duckdns -d '*.affirm.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
+cp -R \*.affirm.duckdns.org_ecc/ wild-affirm
+cp -R \*.affirm.duckdns.org_ecc/ wild-affirm
+cp -R /root/.acme.sh/\*.affirm.duckdns.org_ecc/ /root/.acme.sh/wild-affirm
+mv /root/.acme.sh/\*.affirm.duckdns.org.cer /root/.acme.sh/affirm.duckdns.org.cer
+mv /root/.acme.sh/\*.affirm.duckdns.org.conf /root/.acme.sh/affirm.duckdns.org.conf
+mv /root/.acme.sh/\*.affirm.duckdns.org.csr /root/.acme.sh/affirm.duckdns.org.csr
+mv /root/.acme.sh/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/affirm.duckdns.org.csr.conf
+mv /root/.acme.sh/\*.affirm.duckdns.org.key /root/.acme.sh/affirm.duckdns.org.key
+mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.cer /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer
+mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.conf
+mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr
+mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.csr.conf /root/.acme.sh/wild-affirm/affirm.duckdns.org.csr.conf
+mv /root/.acme.sh/wild-affirm/\*.affirm.duckdns.org.key /root/.acme.sh/wild-affirm/affirm.duckdns.org.key
+nginx -t
+nginx -s reload
+exit
+rm -R /root/.acme.sh/affirm.duckdns.org_ecc/
+cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
+cd /root/.acme.sh/
+ls -la
+cd /tmp/
+cd acme.sh/
+./acme.sh --issue --dns dns_duckdns -d '*.bchs.duckdns.org' --debug --home /root/.acme.sh --dnssleep 120 --days 90 --ecc --server https://acme-v02.api.letsencrypt.org/directory
+cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key
+cd /root/.acme.sh/
+ls
+cp /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
+cp -R /root/.acme.sh/\*.bchs.duckdns.org_ecc /root/.acme.sh/wild-bchs
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.cer /root/.acme.sh/wild-bchs/bchs.duckdns.org.cer
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.conf
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.csr.conf /root/.acme.sh/wild-bchs/bchs.duckdns.org.csr.conf
+mv /root/.acme.sh/wild-bchs/\*.bchs.duckdns.org.key /root/.acme.sh/wild-bchs/bchs.duckdns.org.key
+exit
+nginx -t
+nginx -t
+nginx -s reload
+nginx -s reload
+exit
+nano /etc/cockpit/cockpit.conf
+systemctl restart cockpit
+journalctl -u cockpit
+systemctl restart cockpit.service
+systemctl restart cockpit.socket
+exit
+systemctl restart cockpit.socket
+systemctl restart cockpit.service
+journalctl -u cockpit
+systemctl stop cockpit
+systemctl stop cockpit.socket
+exit
+mv /etc/cockpit/ws-certs.d/0-self-signed.cert /etc/cockpit/ws-certs.d/0-self-signed.cert.old
+mv /etc/cockpit/ws-certs.d/0-self-signed.key /etc/cockpit/ws-certs.d/0-self-signed.key.old
+cp /root/.acme.sh/wild-affirm/fullchain.cer /etc/cockpit/ws-certs.d/0-self-signed.cert
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /etc/cockpit/ws-certs.d/0-self-signed.key
+systemctl start cockpit
+journalctl -xeu cockpit.service
+systemctl start cockpit
+systemctl start cockpit.socket
+systemctl start cockpit
+systemctl status cockpit.service
+ls -la /etc/cockpit/ws-certs.d
+exit
+chmod 774 -R /etc/cockpit/ws-certs.d
+systemctl start cockpit
+systemctl status cockpit.service
+systemctl start cockpit.socket
+systemctl start cockpit
+systemctl stop cockpit
+systemctl start cockpit
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /etc/cockpit/ws-certs.d/0-self-signed.cert
+ls -la /etc/cockpit/ws-certs.d
+chmod 774 -R /etc/cockpit/ws-certs.d
+ls -la /etc/cockpit/ws-certs.d
+systemctl start cockpit
+journalctl -u cockpit
+systemctl start cockpit.soket
+systemctl start cockpit.socket
+cat /etc/cockpit/ws-certs.d/0-self-signed.cert
+exit
+cat /etc/cockpit/ws-certs.d/0-self-signed.key
+exit
+systemctl start cockpit
+exit
+systemctl stop cockpit
+systemctl stop cockpit.socket
+systemctl start cockpit
+systemctl start cockpit.socket
+journalctl -u cockpit
+journalctl -u cockpit
+journalctl --rotate
+journalctl --vacuum-time=1s
+journalctl -u cockpit
+journalctl -u cockpit
+journalctl -u cockpit
+journalctl -u cockpit
+nano /etc/cockpit/cockpit.conf 
+ngnix -t
+nginx -t
+nginx -s reload
+exit
+sudo -iu podman
+exit
+cp ~/.bash_history /etc/bash_history_2024-11-11.txt
+cat /etc/bash_history_2024-11-11.txt
+ls
+ls -la
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/uptimekuma.sh)"
+/etc/network/interfaces
+ls /etc/network/interfaces
+cat /etc/network/interfaces
+ping 192.168.31.31
+ping 192.168.31.32
+ngnix -t
+nginx -s reload
+links http://192.168.31.31:3001
+links http://192.168.31.31:3001
+links http://192.168.31.31
+links http://192.168.31.31:3002
+links http://192.168.31.32:3001
+nginx -s reload
+nginx -s reload
+nginx -s reload
+nginx -s reload
+links http://192.168.31.65:3001
+links https://192.168.31.65:3001
+links http://192.168.31.12:8006
+links http://192.168.31.12:8006
+nginx -s reload
+nginx -s reload
+cat /etc/systemd/system/getty@.service.d/autologin.conf
+pct enter 100
+nginx -s reload
+pct enter 100
+pct enter 101
+pct enter 100
+nginx -s reload
+pct enter 100
+mkdir /mnt/vm-100-disk-0
+mount /dev/pve/vm-100-disk-0 /mnt/vm-100-disk-0
+cd /mnt/vm-100-disk-0
+ls -la
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
+mkdir /mnt/vm-100-disk-0/certs
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /certs/server.key
+ls
+cd certs/
+ls
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /certs/server.cert
+nano /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer 
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.cer /mnt/vm-100-disk-0/certs/server.cert
+cp /root/.acme.sh/wild-affirm/affirm.duckdns.org.key /mnt/vm-100-disk-0/certs/server.key
+ls
+ls -la
+umount /mnt/vm-100-disk-0
+cd /
+umount /mnt/vm-100-disk-0
+cd /mnt/vm-100-disk-0
+ls
+pct enter 100
+pct enter 100
+pct enter 100
+links http://192.168.31.39:3001
+links http://192.168.31.39:3004
+links https://192.168.31.39:3001
+nginx -s reload
+links https://192.168.31.39:3001
+ip a
+pct enter 100
+pct enter 100
+pct enter 100
+nginx -s reload
+pct enter 100
+nano /etc/hosts
+pct enter 100
+ping mattermost.phares.duckdns.org
+curl https://mattermost.phares.duckdns.org
+pct enter 100
+exit
+links http://192.168.31.12:8084/
+cp /var/www/html /var/www/html-quartz
+cp -R /var/www/html /var/www/html-quartz
+links http://192.168.31.12:8084/
+nginx -s reload
+nginx -s reload
+links http://192.168.31.12:8084/
+ls -la /var/www/html-quartz
+r -r /var/www/html-quartz/log-nginx
+rm -R /var/www/html-quartz/log-nginx
+ls -la /var/www/html-quartz
+mv /var/www/html-quartz/index.nginx-debian.html index.html
+links http://192.168.31.12:8084/
+ls
+mv index.html /var/www/html-quartz/
+ls
+links http://192.168.31.12:8084/
+links http://192.168.31.12:8084/
+exit
+cd /run/user/1000/
+cd systemd/
+ls -la
+nano generator.late/
+cd generator.late/
+ls
+cd ..
+mkdir /run/user/1000/systemd/generator
+cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
+cd generator
+ls
+sudo -iu podman
+sudo -iu podman
+ls -la /run/user/1000/systemd/generator/neko-server.service
+ls -la /run/user/1000/systemd/generator
+ls -la /run/user/1000/systemd
+mkdir /run/user/1000/systemd/generator
+cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
+sudo -iu podman
+nginx -s reload
+nginx -s reload
+sudo -iu podman
+cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
+mkdir /run/user/1000/systemd/generator
+cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
+exit
+mkdir /run/user/1000/systemd/generator
+cp /home/podman/libexec-podman-quadlet-output/neko-server.service /run/user/1000/systemd/generator/neko-server.service
+sudo -iu podman
+nginx -s reload
+exit
+cat /etc/network/interfaces
+apt update
+apt install dnsmasq -y
+systemctl disable --now dnsmasq
+apt install frr-pythontools -y
+exit
+exit
+cat /etc/network/interfaces
+nginx -s reload
+links http://192.168.32.100:3001
+curl http://192.168.32.100:3001
+curl http://192.168.32.100:3001
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)"
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/vm/ubuntu2404-vm.sh)"
+bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/adguard.sh)"
+curl http://192.168.32.100:3001
+snap remove addguard
+snap remove addguardhome
+snap remove adguardhome
+snap remove adguard
+snap remove adguard-home
+snap install adguard-home
+curl http:192.168.31.12:3000
+curl http://192.168.31.12:3000
+nginx -s reload
+nginx -s reload
+curl http:192.168.31.100:3002
+curl http://192.168.31.100:3002
+curl http://192.168.31.100:3000
+curl http://192.168.31.100:3001
+curl http://192.168.31.100:3001
+ping 192.168.32.100
+curl http://192.168.32.100:3002
+curl http://192.168.32.100:3001
+links http://192.168.32.100:3001/
+nginx -s reload
+pct enter 100
+curl http://192.168.32.100:3001
+curl http://192.168.32.100:3001/dashboardroot
+nano /etc/dnsmasq.d/SDN/ethers
+pct enter 100
+nano /etc/hosts
+pct enter 100
+pct enter 100
+nano /etc/hosts
+pct modify /etc/hosts 100
+exit
+cat /var/lib/misc/dnsmasq.SDN.leases
+exit
+mviewcl
+lsblk -I 8 -o NAME,SIZE,TYPE,FSUSED,FSUSE%
+docker
+exit
+snap info
+snap
+snap find
+snap list
+exit
+cd /tmp
+curl -fsSL https://get.docker.com -o get-docker.sh
+sh get-docker.sh
+docker ps -a
+exit
+cd /tmp
+mkdir -p /opt/stacks /opt/dockge
+cd /opt/dockge
+curl https://raw.githubusercontent.com/louislam/dockge/master/compose.yaml --output compose.yaml
+docker compose up -d
+nginx -s reload
+nginx -s reload
+apt install podman-docker
+/usr/libexec/podman/quadlet -dryrun --user
+apt install podman-docker
+docker down
+docker
+docker stop
+docker ls
+docker ps a
+docker ps -a
+docker stop c
+nginx -s reload
+docker compose up -d
+docker ps -a
+docker stop c
+docker compose up -d
+nginx -s reload
+curl http://192.168.31.12:5800
+nginx -s reload
+nginx -s reload
+nginx -s reload
+docker exec -it firefox bash
+docker ps -a
+docker exec -it 1 bash
+docker exec -it 1 sh
+exit
+exit
+exit
+docker exec -it 1 bash
+docker exec -it firefox bash
+docker ps a
+docker ps -a
+docker exec -it 1 bash
+docker exec -it 1 sh
+snap list
+nginx -s reload
+snap install dotnet-sdk --classic --channel latest/stable
+export DOTNET_ROOT=/snap/dotnet-sdk/current
+~/.bashrc
+dotnet --info
+exit
+cd /tmp/
+git clone https://33aada599f8e245782e68931fe2629a959af5d26@gitea.phares.duckdns.org/phares3757/one-review.git
+cd one-review/
+git checkout origin/11-17
+git log -1
+docker compose -up
+docker compose up
+docker compose up
+nano docker-compose.yaml 
+exit
+links http://localhost:5001
+links http://192.168.11.2:5001
+exit
+nginx -s reload
+links http://localhost:5000/Products
+exit
+cd /tmp/
+cd one-review/
+nano docker-compose.yaml 
+docker compose up
+docker ps -a\
+docker ps -a
+docker images ls
+docker image ls
+git pull origin 11-17
+git log -1
+git reset --hard
+git log -1
+git pull origin 11-17
+git log -1
+docker compose up
+docker ps -a
+docker image ls
+docker compose up
+docker compose up
+dotnet run --project src/OneReview
+dotnet run --project src/OneReview
+docker image ls
+docker image ls
+docker image rm 0f
+docker image rm 0f
+docker ps -a
+docker container rm e5
+docker image rm 0f
+docker compose up
+exit
+nginx -t
+nginx -s reload
--- a/etc/dnsmasq.d/README
+++ b/etc/dnsmasq.d/README
@ -0,0 +1,7 @@
+# All files in this directory will be read by dnsmasq as 
+# configuration files, except if their names end in 
+# ".dpkg-dist",".dpkg-old" or ".dpkg-new"
+#
+# This can be changed by editing /etc/default/dnsmasq
+
+
--- a/etc/group
+++ b/etc/group
@ -59,3 +59,6 @@ cockpit-ws:x:117:
 cockpit-wsinstance:x:118:
 polkitd:x:997:
 podman:x:1000:
+frrvty:x:119:frr
+frr:x:120:
+docker:x:996:
--- a/etc/group-
+++ b/etc/group-
@ -18,7 +18,7 @@ voice:x:22:
 cdrom:x:24:
 floppy:x:25:
 tape:x:26:
-sudo:x:27:
+sudo:x:27:podman
 audio:x:29:
 dip:x:30:
 www-data:x:33:
@ -59,3 +59,5 @@ cockpit-ws:x:117:
 cockpit-wsinstance:x:118:
 polkitd:x:997:
 podman:x:1000:
+frrvty:x:119:frr
+frr:x:120:
--- a/etc/gshadow
+++ b/etc/gshadow
@ -59,3 +59,6 @@ cockpit-ws:!::
 cockpit-wsinstance:!::
 polkitd:!*::
 podman:!::
+frrvty:!::frr
+frr:!::
+docker:!::
--- a/etc/gshadow-
+++ b/etc/gshadow-
@ -18,7 +18,7 @@ voice:*::
 cdrom:*::
 floppy:*::
 tape:*::
-sudo:*::
+sudo:*::podman
 audio:*::
 dip:*::
 www-data:*::
@ -59,3 +59,5 @@ cockpit-ws:!::
 cockpit-wsinstance:!::
 polkitd:!*::
 podman:!::
+frrvty:!::frr
+frr:!::
--- a/etc/hosts
+++ b/etc/hosts
@ -1,5 +1,13 @@
 127.0.0.1 localhost.localdomain localhost
+127.0.1.1 uptimekuma.affirm.duckdns.org
+#
+192.168.0.11 mattermost.phares.duckdns.org
+192.168.0.11 vaultwarden.phares.duckdns.org
+192.168.0.11 gitea.phares.duckdns.org
+#
 192.168.31.12 pve.affirm.duckdns.org pve
+192.168.31.12 cockpit.affirm.duckdns.org
+

 # The following lines are desirable for IPv6 capable hosts

@ -8,6 +16,4 @@ fe00::0 ip6-localnet
 ff00::0 ip6-mcastprefix
 ff02::1 ip6-allnodes
 ff02::2 ip6-allrouters
-ff02::3 ip6-allhosts
-
-192.168.0.11 mattermost.phares.duckdns.org
+ff02::3 ip6-allhosts
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@ -1,10 +1,15 @@
-include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckddns.org # http://192.168.31.12:3002/;
-include /etc/nginx/include/chat.conf; # https://chat.affirm.duckddns.org # https://192.168.31.12:5001/;
-include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckddns.org # https://192.168.31.12:9090/;
-include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckddns.org # https://192.168.31.12:5001/;
-include /etc/nginx/include/drive.conf; # https://drive.affirm.duckddns.org # https://192.168.31.12:5001/;
-include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckddns.org # http://192.168.31.37:3001/;
-include /etc/nginx/include/neko.conf; # https://neko.affirm.duckddns.org # http://192.168.31.12:8082/;
-include /etc/nginx/include/photos.conf; # https://photos.affirm.duckddns.org # https://192.168.31.12:5001/;
-include /etc/nginx/include/pve.conf; # https://pve.affirm.duckddns.org # https://192.168.31.12:8006/;
-include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckddns.org # http://192.168.31.12:8084/;
+include /etc/nginx/include/adguard.conf; # https://adguard.affirm.duckdns.org # http://192.168.31.12:3002/;
+include /etc/nginx/include/chat.conf; # https://chat.affirm.duckdns.org # https://192.168.31.12:5001/;
+include /etc/nginx/include/cockpit.conf; # https://cockpit.affirm.duckdns.org # https://192.168.31.12:9090/;
+include /etc/nginx/include/diskstation.conf; # https://diskstation.affirm.duckdns.org # https://192.168.31.12:5001/;
+include /etc/nginx/include/dockge.conf; # https://dockge.affirm.duckdns.org # http://192.168.31.12:5002/;
+include /etc/nginx/include/drive.conf; # https://drive.affirm.duckdns.org # https://192.168.31.12:5001/;
+include /etc/nginx/include/firefox.conf; # https://firefox.affirm.duckdns.org # http://192.168.31.12:5800/;
+include /etc/nginx/include/kuma.conf; # https://kuma.affirm.duckdns.org # http://192.168.32.100:3001/;
+include /etc/nginx/include/neko.conf; # https://neko.affirm.duckdns.org # http://192.168.31.12:8082/;
+include /etc/nginx/include/open-project.conf; # https://open-project.affirm.duckdns.org # https://192.168.31.12:8080/;
+include /etc/nginx/include/photos.conf; # https://photos.affirm.duckdns.org # https://192.168.31.12:5001/;
+include /etc/nginx/include/products.conf; # https://products.affirm.duckdns.org # https://192.168.31.12:5005/;
+include /etc/nginx/include/pve.conf; # https://pve.affirm.duckdns.org # https://192.168.31.12:8006/;
+include /etc/nginx/include/quartz.conf; # https://quartz.affirm.duckdns.org # http://192.168.31.12:8084/;
+# ssh root@free.file.sync.media -i C:/Users/phares/.ssh/id_ed25519
--- a/etc/passwd
+++ b/etc/passwd
@ -32,3 +32,4 @@ cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin
 cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin
 polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin
 podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash
+frr:x:112:120:Frr routing suite,,,:/nonexistent:/usr/sbin/nologin
--- a/etc/passwd-
+++ b/etc/passwd-
@ -31,4 +31,5 @@ dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin
 cockpit-ws:x:110:117::/nonexistent:/usr/sbin/nologin
 cockpit-wsinstance:x:111:118::/nonexistent:/usr/sbin/nologin
 polkitd:x:997:997:polkit:/nonexistent:/usr/sbin/nologin
-podman:x:1000:1000::/home/podman:/bin/bash
+podman:x:1000:1000:Podman,,,:/home/podman:/bin/bash
+frr:x:112:120::/nonexistent:/usr/sbin/nologin
--- a/etc/resolv.conf
+++ b/etc/resolv.conf
@ -1,2 +1,2 @@
 search affirm.duckdns.org
-nameserver 192.168.31.1
+nameserver 192.168.31.12
--- a/etc/shadow
+++ b/etc/shadow
@ -32,3 +32,4 @@ cockpit-ws:!:20033::::::
 cockpit-wsinstance:!:20033::::::
 polkitd:!*:20033::::::
 podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7:::
+frr:!:20039::::::
--- a/etc/shadow-
+++ b/etc/shadow-
@ -31,3 +31,4 @@ dnsmasq:!:20033::::::
 cockpit-ws:!:20033::::::
 cockpit-wsinstance:!:20033::::::
 polkitd:!*:20033::::::
+podman:$y$j9T$nnCjvHHv8TyjZALLaQTLW1$AXTOIYnt4d90f9uFmkIdC8CcWqAlJ429.w645eQnqu2:20033:0:99999:7:::
--- a/opt/stacks/firefox/.env
+++ b/opt/stacks/firefox/.env
@ -0,0 +1 @@
+FF_OPEN_URL=https://192.168.31.1
--- a/opt/stacks/firefox/compose.yaml
+++ b/opt/stacks/firefox/compose.yaml
@ -0,0 +1,8 @@
+version: '3'
+services:
+  firefox:
+    image: jlesage/firefox
+    ports:
+      - "5800:5800"
+    volumes:
+      - "/docker/appdata/firefox:/config:rw"
--- a/opt/stacks/kuma/.env
+++ b/opt/stacks/kuma/.env
--- a/opt/stacks/kuma/compose.yaml
+++ b/opt/stacks/kuma/compose.yaml
@ -0,0 +1,8 @@
+version: "3"
+services:
+  kuma:
+    image: docker.io/louislam/uptime-kuma:1
+    ports:
+      - 3001:3001
+    volumes:
+      - /docker/appdata/kuma:/app/data:rw
--- a/opt/stacks/one-review-webapp-production/.env
+++ b/opt/stacks/one-review-webapp-production/.env
@ -0,0 +1 @@
+ASPNETCORE_ENVIRONMENT=Production
--- a/opt/stacks/one-review-webapp-production/compose.yaml
+++ b/opt/stacks/one-review-webapp-production/compose.yaml
@ -0,0 +1,7 @@
+version: "3"
+services:
+  one-review-webapp:
+    image: one-review-webapp
+    ports:
+      - 5005:5001
+networks: {}
--- a/opt/stacks/open-project/.env
+++ b/opt/stacks/open-project/.env
@ -0,0 +1,11 @@
+TAG=14-slim
+OPENPROJECT_HTTPS=false
+OPENPROJECT_HOST__NAME=open-project.affirm.duckdns.org
+PORT=192.168.31.12:8080
+OPENPROJECT_RAILS__RELATIVE__URL__ROOT=
+IMAP_ENABLED=false
+DATABASE_URL=postgres://postgres:p4ssw0rd@db/openproject?pool=20&encoding=unicode&reconnect=true
+RAILS_MIN_THREADS=4
+RAILS_MAX_THREADS=16
+PGDATA="/var/lib/postgresql/data"
+OPDATA="/var/openproject/assets"
--- a/opt/stacks/open-project/compose.yaml
+++ b/opt/stacks/open-project/compose.yaml
@ -0,0 +1,112 @@
+networks:
+  frontend: null
+  backend: null
+volumes:
+  pgdata: null
+  opdata: null
+x-op-restart-policy: &a2
+  restart: unless-stopped
+x-op-image: &a1
+  image: openproject/openproject:${TAG:-15-slim}
+x-op-app: &a3
+  <<:
+    - *a1
+    - *a2
+  environment:
+    OPENPROJECT_HTTPS: ${OPENPROJECT_HTTPS:-true}
+    OPENPROJECT_HOST__NAME: ${OPENPROJECT_HOST__NAME:-localhost:8080}
+    OPENPROJECT_HSTS: ${OPENPROJECT_HSTS:-true}
+    RAILS_CACHE_STORE: memcache
+    OPENPROJECT_CACHE__MEMCACHE__SERVER: cache:11211
+    OPENPROJECT_RAILS__RELATIVE__URL__ROOT: ${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}
+    DATABASE_URL: ${DATABASE_URL:-postgres://postgres:p4ssw0rd@db/openproject?pool=20&encoding=unicode&reconnect=true}
+    RAILS_MIN_THREADS: ${RAILS_MIN_THREADS:-4}
+    RAILS_MAX_THREADS: ${RAILS_MAX_THREADS:-16}
+    # set to true to enable the email receiving feature. See ./docker/cron for more options
+    IMAP_ENABLED: ${IMAP_ENABLED:-false}
+  volumes:
+    - ${OPDATA:-opdata}:/var/openproject/assets
+services:
+  db:
+    image: postgres:13
+    <<: *a2
+    stop_grace_period: 3s
+    volumes:
+      - ${PGDATA:-pgdata}:/var/lib/postgresql/data
+    environment:
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-p4ssw0rd}
+      POSTGRES_DB: openproject
+    networks:
+      - backend
+  cache:
+    image: memcached
+    <<: *a2
+    networks:
+      - backend
+  proxy:
+    build:
+      context: ./proxy
+      args:
+        APP_HOST: web
+    image: openproject/proxy
+    <<: *a2
+    ports:
+      - ${PORT:-8080}:80
+    depends_on:
+      - web
+    networks:
+      - frontend
+  web:
+    <<: *a3
+    command: ./docker/prod/web
+    networks:
+      - frontend
+      - backend
+    depends_on:
+      - db
+      - cache
+      - seeder
+    labels:
+      - autoheal=true
+    healthcheck:
+      test:
+        - CMD
+        - curl
+        - -f
+        - http://localhost:8080${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}/health_checks/default
+      interval: 10s
+      timeout: 3s
+      retries: 3
+      start_period: 30s
+  autoheal:
+    image: willfarrell/autoheal:1.2.0
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      AUTOHEAL_CONTAINER_LABEL: autoheal
+      AUTOHEAL_START_PERIOD: 600
+      AUTOHEAL_INTERVAL: 30
+  worker:
+    <<: *a3
+    command: ./docker/prod/worker
+    networks:
+      - backend
+    depends_on:
+      - db
+      - cache
+      - seeder
+  cron:
+    <<: *a3
+    command: ./docker/prod/cron
+    networks:
+      - backend
+    depends_on:
+      - db
+      - cache
+      - seeder
+  seeder:
+    <<: *a3
+    command: ./docker/prod/seeder
+    restart: on-failure
+    networks:
+      - backend
--- a/opt/stacks/openproject-docker-compose/.gitignore
+++ b/opt/stacks/openproject-docker-compose/.gitignore
@ -0,0 +1,4 @@
+.env
+
+docker-compose.override.yml
+backups/