phares3757/linux-ubuntu-server
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: phares3757:07-26
Branches Tags
phares3757:07-26 phares3757:03-02-a phares3757:volume-export-ignore
..
compare: phares3757:6a5a49af762a13adc574f8aa1987ab6681a67ca6
Branches Tags
phares3757:03-02-a phares3757:volume-export-ignore phares3757:07-26

4 Commits
07-26 ... 6a5a49af76

Author SHA1 Message Date
Mike Phares
6a5a49af76 pull upgrade 2024-11-09 13:38:15 -07:00
Mike Phares
591a1fbf5d 2024-11-09 2024-11-09 12:37:33 -07:00
Mike Phares
56c3e1f963 Sync 2024-10-19 09:34:18 -07:00
Mike Phares
01853e0ba2 Pi-hole DNS 2024-07-29 17:36:55 -07:00
66 changed files with 746 additions and 364 deletions
Expand all files Collapse all files

3
.gitignore vendored
View File

@ -5,6 +5,8 @@
!*/ !*/
!.vscode/*
!etc/*.md !etc/*.md
!etc/bash_history* !etc/bash_history*
!etc/group* !etc/group*
@ -21,6 +23,7 @@
!etc/lighttpd/lighttpd.conf !etc/lighttpd/lighttpd.conf
!etc/network/interfaces !etc/network/interfaces
!etc/passwd !etc/passwd
!etc/pihole/custom.list
!etc/pihole/dhcp.leases !etc/pihole/dhcp.leases
!etc/pihole/index.nginx-debian.html !etc/pihole/index.nginx-debian.html
!etc/pihole/setupVars.conf !etc/pihole/setupVars.conf

5
.vscode/mklink.md vendored Normal file
View File

@ -0,0 +1,5 @@
# mklink
```bash Sat Jul 27 2024 07:50:14 GMT-0700 (Mountain Standard Time)
mklink "L:\Git\Linux-Ubuntu-Server\.vscode\rebuild-ubuntu-beelink.md" "D:\5-Other-Small\Kanban\Phares\tasks\rebuild-ubuntu-beelink.md"
```

1
.vscode/rebuild-ubuntu-beelink.md vendored Symbolic link
View File

@ -0,0 +1 @@
D:/5-Other-Small/Kanban/Phares/tasks/rebuild-ubuntu-beelink.md

7
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,7 @@
{
"files.associations": {
"*.container": "ini",
"*.org": "ini",
"*.net": "ini"
}
}

12
etc/.pihole/.gitignore vendored
View File

@ -1,12 +0,0 @@
.DS_Store
*.pyc
*.swp
__pycache__
.cache
.pytest_cache
.tox
.eggs
*.egg-info
.idea/
*.iml
.vscode/

82
etc/.pihole/advanced/pihole-admin.conf
View File

@ -1,82 +0,0 @@
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Lighttpd config for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY OVERWRITTEN BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
###############################################################################
server.errorlog := "/var/log/lighttpd/error-pihole.log"
$HTTP["url"] =~ "^/admin/" {
server.document-root = "/var/www/html"
server.stream-response-body = 1
accesslog.filename = "/var/log/lighttpd/access-pihole.log"
accesslog.format = "%{%s}t|%h|%V|%r|%s|%b"
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/run/lighttpd/pihole-php-fastcgi.socket",
"bin-path" => "/usr/bin/php-cgi",
"min-procs" => 1,
"max-procs" => 1,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "4",
"PHP_FCGI_MAX_REQUESTS" => "10000",
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable",
)
)
)
# X-Pi-hole is a response header for debugging using curl -I
# X-Frame-Options prevents clickjacking attacks and helps ensure your content is not embedded into other sites via < frame >, < iframe > or < object >.
# X-XSS-Protection sets the configuration for the cross-site scripting filters built into most browsers. This is important because it tells the browser to block the response if a malicious script has been inserted from a user input. (deprecated; disabled)
# X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. This is important because the browser will only load external resources if their content-type matches what is expected, and not malicious hidden code.
# Content-Security-Policy tells the browser where resources are allowed to be loaded and if its allowed to parse/run inline styles or Javascript. This is important because it prevents content injection attacks, such as Cross Site Scripting (XSS).
# X-Permitted-Cross-Domain-Policies is an XML document that grants a web client, such as Adobe Flash Player or Adobe Acrobat (though not necessarily limited to these), permission to handle data across domains.
# Referrer-Policy allows control/restriction of the amount of information present in the referral header for links away from your page—the URL path or even if the header is sent at all.
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
"X-Permitted-Cross-Domain-Policies" => "none",
"Referrer-Policy" => "same-origin"
)
# Block . files from being served, such as .git, .github, .gitignore
$HTTP["url"] =~ "^/admin/\." {
url.access-deny = ("")
}
# allow teleporter and API qr code iframe on settings page
$HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
$HTTP["referer"] =~ "/admin/settings\.php" {
setenv.set-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
}
}
}
else $HTTP["url"] == "/admin" {
url.redirect = ("" => "/admin/")
}
$HTTP["host"] == "pi.hole" {
$HTTP["url"] == "/" {
url.redirect = ("" => "/admin/")
}
}
# (keep this on one line for basic-install.sh filtering during install)
server.modules += ( "mod_access", "mod_accesslog", "mod_redirect", "mod_fastcgi", "mod_setenv" )

30
etc/beelink.md
View File

@ -2,8 +2,6 @@
## Ubuntu and Docker End of July 2024 ## Ubuntu and Docker End of July 2024
### Dashkiosk
### authorized_keys ### authorized_keys
```bash Thu Jul 25 2024 16:02:13 GMT-0700 (Mountain Standard Time) ```bash Thu Jul 25 2024 16:02:13 GMT-0700 (Mountain Standard Time)
@ -364,6 +362,20 @@ reboot
nano /etc/default/grub nano /etc/default/grub
``` ```
```conf Fri Jul 26 2024 10:45:47 GMT-0700 (Mountain Standard Time)
# https://opensource.com/article/22/8/disable-ipv6
# GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
# GRUB_CMDLINE_LINUX=""
GRUB_CMDLINE_LINUX="ipv6.disable=1"
```
```bash Fri Jul 26 2024 10:45:51 GMT-0700 (Mountain Standard Time)
grub-mkconfig
exit
reboot
```
### Fix Unbond (Move up next time!!!) ### Fix Unbond (Move up next time!!!)
```conf Fri Jul 26 2024 10:45:41 GMT-0700 (Mountain Standard Time) ```conf Fri Jul 26 2024 10:45:41 GMT-0700 (Mountain Standard Time)
@ -379,20 +391,6 @@ systemctl disable --now unbound-resolvconf.service
service unbound restart service unbound restart
``` ```
```conf Fri Jul 26 2024 10:45:47 GMT-0700 (Mountain Standard Time)
# https://opensource.com/article/22/8/disable-ipv6
# GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
# GRUB_CMDLINE_LINUX=""
GRUB_CMDLINE_LINUX="ipv6.disable=1"
```
```bash Fri Jul 26 2024 10:45:51 GMT-0700 (Mountain Standard Time)
grub-mkconfig
exit
reboot
```
### Cockpit (Move up next time!!!) ### Cockpit (Move up next time!!!)
- [cockpit](https://cockpit-project.org/) - [cockpit](https://cockpit-project.org/)

39
etc/dnsmasq.d/01-pihole.conf
View File

@ -1,39 +0,0 @@
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Dnsmasq config for Pi-hole's FTLDNS
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf #
# #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
# WITHIN /etc/dnsmasq.d/yourname.conf #
###############################################################################
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list
localise-queries
no-resolv
log-queries
log-facility=/var/log/pihole/pihole.log
log-async
cache-size=10000
server=127.0.0.1#5335
domain-needed
expand-hosts
bogus-priv
local-service

42
etc/dnsmasq.d/06-rfc6761.conf
View File

@ -1,42 +0,0 @@
# Pi-hole: A black hole for Internet advertisements
# (c) 2021 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# RFC 6761 config file for Pi-hole
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
# WITHIN /etc/dnsmasq.d/yourname.conf #
###############################################################################
# RFC 6761: Caching DNS servers SHOULD recognize
# test, localhost, invalid
# names as special and SHOULD NOT attempt to look up NS records for them, or
# otherwise query authoritative DNS servers in an attempt to resolve these
# names.
server=/test/
server=/localhost/
server=/invalid/
# The same RFC requests something similar for
# 10.in-addr.arpa. 21.172.in-addr.arpa. 27.172.in-addr.arpa.
# 16.172.in-addr.arpa. 22.172.in-addr.arpa. 28.172.in-addr.arpa.
# 17.172.in-addr.arpa. 23.172.in-addr.arpa. 29.172.in-addr.arpa.
# 18.172.in-addr.arpa. 24.172.in-addr.arpa. 30.172.in-addr.arpa.
# 19.172.in-addr.arpa. 25.172.in-addr.arpa. 31.172.in-addr.arpa.
# 20.172.in-addr.arpa. 26.172.in-addr.arpa. 168.192.in-addr.arpa.
# Pi-hole implements this via the dnsmasq option "bogus-priv" (see
# 01-pihole.conf) because this also covers IPv6.
# OpenWRT furthermore blocks bind, local, onion domains
# see https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob_plain;f=package/network/services/dnsmasq/files/rfc6761.conf;hb=HEAD
# and https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml
# We do not include the ".local" rule ourselves, see https://github.com/pi-hole/pi-hole/pull/4282#discussion_r689112972
server=/bind/
server=/onion/

8
etc/group
View File

@ -34,7 +34,7 @@ sasl:x:45:
plugdev:x:46:phares plugdev:x:46:phares
staff:x:50: staff:x:50:
games:x:60: games:x:60:
users:x:100:pihole,podman,lphares,bmiller users:x:100:podman,lphares,bmiller,persa
nogroup:x:65534: nogroup:x:65534:
systemd-journal:x:999: systemd-journal:x:999:
systemd-network:x:998: systemd-network:x:998:
@ -58,10 +58,12 @@ landscape:x:109:
fwupd-refresh:x:989: fwupd-refresh:x:989:
netdev:x:110: netdev:x:110:
phares:x:1000: phares:x:1000:
pihole:x:1001:www-data
podman:x:1002: podman:x:1002:
lphares:x:1003:bmiller lphares:x:1003:bmiller,persa
bmiller:x:1004: bmiller:x:1004:
unbound:x:111: unbound:x:111:
cockpit-ws:x:112: cockpit-ws:x:112:
cockpit-wsinstance:x:113: cockpit-wsinstance:x:113:
pcp:x:988:
persa:x:1001:
redis:x:114:

8
etc/group-
View File

@ -34,7 +34,7 @@ sasl:x:45:
plugdev:x:46:phares plugdev:x:46:phares
staff:x:50: staff:x:50:
games:x:60: games:x:60:
users:x:100:pihole,podman,lphares,bmiller users:x:100:podman,lphares,bmiller,persa
nogroup:x:65534: nogroup:x:65534:
systemd-journal:x:999: systemd-journal:x:999:
systemd-network:x:998: systemd-network:x:998:
@ -58,9 +58,11 @@ landscape:x:109:
fwupd-refresh:x:989: fwupd-refresh:x:989:
netdev:x:110: netdev:x:110:
phares:x:1000: phares:x:1000:
pihole:x:1001:www-data
podman:x:1002: podman:x:1002:
lphares:x:1003:bmiller lphares:x:1003:bmiller,persa
bmiller:x:1004: bmiller:x:1004:
unbound:x:111: unbound:x:111:
cockpit-ws:x:112: cockpit-ws:x:112:
cockpit-wsinstance:x:113:
pcp:x:988:
persa:x:1001:

8
etc/gshadow
View File

@ -34,7 +34,7 @@ sasl:*::
plugdev:*::phares plugdev:*::phares
staff:*:: staff:*::
games:*:: games:*::
users:*::pihole,podman,lphares,bmiller users:*::podman,lphares,bmiller,persa
nogroup:*:: nogroup:*::
systemd-journal:!*:: systemd-journal:!*::
systemd-network:!*:: systemd-network:!*::
@ -58,10 +58,12 @@ landscape:!::
fwupd-refresh:!*:: fwupd-refresh:!*::
netdev:!:: netdev:!::
phares:!:: phares:!::
pihole:!::www-data
podman:!:: podman:!::
lphares:!::bmiller lphares:!::bmiller,persa
bmiller:!:: bmiller:!::
unbound:!:: unbound:!::
cockpit-ws:!:: cockpit-ws:!::
cockpit-wsinstance:!:: cockpit-wsinstance:!::
pcp:!::
persa:!::
redis:!::

8
etc/gshadow-
View File

@ -34,7 +34,7 @@ sasl:*::
plugdev:*::phares plugdev:*::phares
staff:*:: staff:*::
games:*:: games:*::
users:*::pihole,podman,lphares,bmiller users:*::podman,lphares,bmiller,persa
nogroup:*:: nogroup:*::
systemd-journal:!*:: systemd-journal:!*::
systemd-network:!*:: systemd-network:!*::
@ -58,9 +58,11 @@ landscape:!::
fwupd-refresh:!*:: fwupd-refresh:!*::
netdev:!:: netdev:!::
phares:!:: phares:!::
pihole:!::www-data
podman:!:: podman:!::
lphares:!::bmiller lphares:!::bmiller,persa
bmiller:!:: bmiller:!::
unbound:!:: unbound:!::
cockpit-ws:!:: cockpit-ws:!::
cockpit-wsinstance:!::
pcp:!::
persa:!::

2
etc/hosts
View File

@ -1,5 +1,5 @@
127.0.0.1 localhost 127.0.0.1 localhost
127.0.1.1 beelink 127.0.1.1 trigkey
# The following lines are desirable for IPv6 capable hosts # The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback ::1 ip6-localhost ip6-loopback

28
etc/letsencrypt/archive/phares3757.ddns.net/cert2.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEvTCCBEOgAwIBAgISA8Rpfo5CToGTmLm5xS3DeDfoMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NjAeFw0yNDA4MDUyMTM3MDRaFw0yNDExMDMyMTM3MDNaMB4xHDAaBgNVBAMTE3Bo
YXJlczM3NTcuZGRucy5uZXQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQPJlBf
3XfrNcWGKQcOH9xS1X9UcBSiyFIva+mn524DDCYpB2aSLpEY1JdqGnbnDn0kBGgY
ZG5AoTspEWQvkn34o4IDSzCCA0cwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSbfnI9
DTkeKYqQTpJvsEmrG209UTAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU
0jBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNi5vLmxlbmNy
Lm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U2LmkubGVuY3Iub3JnLzCCAVIGA1Ud
EQSCAUkwggFFgg9hZmZpcm0uZGRucy5uZXSCF2NoYXQucGhhcmVzLmR1Y2tkbnMu
b3Jnghhkcml2ZS5waGFyZXMuZHVja2Rucy5vcmeCGGdpdGVhLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IVaGEucGhhcmVzLmR1Y2tkbnMub3JnghlpbW1pY2gucGhhcmVzLmR1
Y2tkbnMub3JnghhtdXNpYy5waGFyZXMuZHVja2Rucy5vcmeCEnBoYXJlcy5kdWNr
ZG5zLm9yZ4ITcGhhcmVzMzc1Ny5kZG5zLm5ldIIZcGhvdG9zLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IZcXVhcnR6LnBoYXJlcy5kdWNrZG5zLm9yZ4IadHJhY2Nhci5waGFy
ZXMuZHVja2Rucy5vcmeCHnZhdWx0d2FyZGVuLnBoYXJlcy5kdWNrZG5zLm9yZzAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AD8X
S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkSSvAAsAAAQDAEcwRQIg
JDDuoD1dGwEJXVMv6ejxDSA5egmmYy4+j5+CqWyAch4CIQD6azMSASbZZ/+63NoR
igd/G/woCeUvJJkNFfsqmeCFNQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI
WUZxH7WbAAABkSSvAAYAAAQDAEcwRQIhALl/GZSFMEMfiR0OvlHMxQQFl6+q8vuS
bFo/u9BCK0OZAiB02RbuxpKCvSXLAwKIzYnmsy+t3ip0mKKrRyx42Kz82DAKBggq
hkjOPQQDAwNoADBlAjEAvBDbAOHHkTzjxYKmNrJ1NDBv+rjjszQbLvrqPKij8YO5
rdvW1ty2j0oQbKLiX8T2AjBgZhfrlHHRXOTYYwao5Sf1b3dNfFcv0be+aQjMTHWF
A3WZcUHjqZsHHqeaZiWgzlw=
-----END CERTIFICATE-----

28
etc/letsencrypt/archive/phares3757.ddns.net/cert3.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEvzCCBEWgAwIBAgISBI/TW6uuBCr2K8pVMOvUKwXMMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDEwMjcwMDUxNDFaFw0yNTAxMjUwMDUxNDBaMB4xHDAaBgNVBAMTE3Bo
YXJlczM3NTcuZGRucy5uZXQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATx31ZU
Cb0Um0CB5L92TDKpscWoiT3hxDeUIBbYZufML/ODIwlMIJpeBABcPUuMWLKH+t5d
lGtIZFZ8a9Y6s+QJo4IDTTCCA0kwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTPAmOa
X0Q1jVn8hWataTC7SyVf3DAfBgNVHSMEGDAWgBSfK1/PPCFPnQS37SssxMZwi9LX
DTBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNS5vLmxlbmNy
Lm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U1LmkubGVuY3Iub3JnLzCCAVIGA1Ud
EQSCAUkwggFFgg9hZmZpcm0uZGRucy5uZXSCF2NoYXQucGhhcmVzLmR1Y2tkbnMu
b3Jnghhkcml2ZS5waGFyZXMuZHVja2Rucy5vcmeCGGdpdGVhLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IVaGEucGhhcmVzLmR1Y2tkbnMub3JnghlpbW1pY2gucGhhcmVzLmR1
Y2tkbnMub3JnghhtdXNpYy5waGFyZXMuZHVja2Rucy5vcmeCEnBoYXJlcy5kdWNr
ZG5zLm9yZ4ITcGhhcmVzMzc1Ny5kZG5zLm5ldIIZcGhvdG9zLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IZcXVhcnR6LnBoYXJlcy5kdWNrZG5zLm9yZ4IadHJhY2Nhci5waGFy
ZXMuZHVja2Rucy5vcmeCHnZhdWx0d2FyZGVuLnBoYXJlcy5kdWNrZG5zLm9yZzAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AKLj
CuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABksuqp2cAAAQDAEgwRgIh
ANhuwhhf/+vV2qEy+R9tMNHLnnvfBLjiAxg2AP4DDMsjAiEA/KPYYzSJ0JFO/TNv
gZ+sK9w63SldtCQnH0lQ9NkV/sQAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLE
sE2lbW9UBAAAAZLLqqdzAAAEAwBIMEYCIQDjpfPfuYeD/k2JqQcPM1hAeLNbFUq6
vWeoAYqUi9bLqwIhAPZbo0y/asr4bdqlKtRsaLwpaG0w+6NKTpFmo6Rk3XbRMAoG
CCqGSM49BAMDA2gAMGUCMQCwA9rnTaaNJ3Eqx2L7LSW+vVyK0kiaTp0poN82V5fr
GGXZNdyPrHeLAA0OiGnMQHwCMFfCxgJJ7JFllCHIHnjjRFk7pV3DJ7a9N8W6nFxg
Wik/YdTKMn5yCbKTyv6gYmLgjA==
-----END CERTIFICATE-----

26
etc/letsencrypt/archive/phares3757.ddns.net/chain2.pem Normal file
View File

@ -0,0 +1,26 @@
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
Ig46v9mFmBvyH04=
-----END CERTIFICATE-----

26
etc/letsencrypt/archive/phares3757.ddns.net/chain3.pem Normal file
View File

@ -0,0 +1,26 @@
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

54
etc/letsencrypt/archive/phares3757.ddns.net/fullchain2.pem Normal file
View File

@ -0,0 +1,54 @@
-----BEGIN CERTIFICATE-----
MIIEvTCCBEOgAwIBAgISA8Rpfo5CToGTmLm5xS3DeDfoMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NjAeFw0yNDA4MDUyMTM3MDRaFw0yNDExMDMyMTM3MDNaMB4xHDAaBgNVBAMTE3Bo
YXJlczM3NTcuZGRucy5uZXQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQPJlBf
3XfrNcWGKQcOH9xS1X9UcBSiyFIva+mn524DDCYpB2aSLpEY1JdqGnbnDn0kBGgY
ZG5AoTspEWQvkn34o4IDSzCCA0cwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSbfnI9
DTkeKYqQTpJvsEmrG209UTAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU
0jBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNi5vLmxlbmNy
Lm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U2LmkubGVuY3Iub3JnLzCCAVIGA1Ud
EQSCAUkwggFFgg9hZmZpcm0uZGRucy5uZXSCF2NoYXQucGhhcmVzLmR1Y2tkbnMu
b3Jnghhkcml2ZS5waGFyZXMuZHVja2Rucy5vcmeCGGdpdGVhLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IVaGEucGhhcmVzLmR1Y2tkbnMub3JnghlpbW1pY2gucGhhcmVzLmR1
Y2tkbnMub3JnghhtdXNpYy5waGFyZXMuZHVja2Rucy5vcmeCEnBoYXJlcy5kdWNr
ZG5zLm9yZ4ITcGhhcmVzMzc1Ny5kZG5zLm5ldIIZcGhvdG9zLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IZcXVhcnR6LnBoYXJlcy5kdWNrZG5zLm9yZ4IadHJhY2Nhci5waGFy
ZXMuZHVja2Rucy5vcmeCHnZhdWx0d2FyZGVuLnBoYXJlcy5kdWNrZG5zLm9yZzAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2AD8X
S0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABkSSvAAsAAAQDAEcwRQIg
JDDuoD1dGwEJXVMv6ejxDSA5egmmYy4+j5+CqWyAch4CIQD6azMSASbZZ/+63NoR
igd/G/woCeUvJJkNFfsqmeCFNQB2AO7N0GTV2xrOxVy3nbTNE6Iyh0Z8vOzew1FI
WUZxH7WbAAABkSSvAAYAAAQDAEcwRQIhALl/GZSFMEMfiR0OvlHMxQQFl6+q8vuS
bFo/u9BCK0OZAiB02RbuxpKCvSXLAwKIzYnmsy+t3ip0mKKrRyx42Kz82DAKBggq
hkjOPQQDAwNoADBlAjEAvBDbAOHHkTzjxYKmNrJ1NDBv+rjjszQbLvrqPKij8YO5
rdvW1ty2j0oQbKLiX8T2AjBgZhfrlHHRXOTYYwao5Sf1b3dNfFcv0be+aQjMTHWF
A3WZcUHjqZsHHqeaZiWgzlw=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
Ig46v9mFmBvyH04=
-----END CERTIFICATE-----

54
etc/letsencrypt/archive/phares3757.ddns.net/fullchain3.pem Normal file
View File

@ -0,0 +1,54 @@
-----BEGIN CERTIFICATE-----
MIIEvzCCBEWgAwIBAgISBI/TW6uuBCr2K8pVMOvUKwXMMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDEwMjcwMDUxNDFaFw0yNTAxMjUwMDUxNDBaMB4xHDAaBgNVBAMTE3Bo
YXJlczM3NTcuZGRucy5uZXQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATx31ZU
Cb0Um0CB5L92TDKpscWoiT3hxDeUIBbYZufML/ODIwlMIJpeBABcPUuMWLKH+t5d
lGtIZFZ8a9Y6s+QJo4IDTTCCA0kwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTPAmOa
X0Q1jVn8hWataTC7SyVf3DAfBgNVHSMEGDAWgBSfK1/PPCFPnQS37SssxMZwi9LX
DTBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNS5vLmxlbmNy
Lm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL2U1LmkubGVuY3Iub3JnLzCCAVIGA1Ud
EQSCAUkwggFFgg9hZmZpcm0uZGRucy5uZXSCF2NoYXQucGhhcmVzLmR1Y2tkbnMu
b3Jnghhkcml2ZS5waGFyZXMuZHVja2Rucy5vcmeCGGdpdGVhLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IVaGEucGhhcmVzLmR1Y2tkbnMub3JnghlpbW1pY2gucGhhcmVzLmR1
Y2tkbnMub3JnghhtdXNpYy5waGFyZXMuZHVja2Rucy5vcmeCEnBoYXJlcy5kdWNr
ZG5zLm9yZ4ITcGhhcmVzMzc1Ny5kZG5zLm5ldIIZcGhvdG9zLnBoYXJlcy5kdWNr
ZG5zLm9yZ4IZcXVhcnR6LnBoYXJlcy5kdWNrZG5zLm9yZ4IadHJhY2Nhci5waGFy
ZXMuZHVja2Rucy5vcmeCHnZhdWx0d2FyZGVuLnBoYXJlcy5kdWNrZG5zLm9yZzAT
BgNVHSAEDDAKMAgGBmeBDAECATCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AKLj
CuRF772tm3447Udnd1PXgluElNcrXhssxLlQpEfnAAABksuqp2cAAAQDAEgwRgIh
ANhuwhhf/+vV2qEy+R9tMNHLnnvfBLjiAxg2AP4DDMsjAiEA/KPYYzSJ0JFO/TNv
gZ+sK9w63SldtCQnH0lQ9NkV/sQAdwDgkrP8DB3I52g2H95huZZNClJ4GYpy1nLE
sE2lbW9UBAAAAZLLqqdzAAAEAwBIMEYCIQDjpfPfuYeD/k2JqQcPM1hAeLNbFUq6
vWeoAYqUi9bLqwIhAPZbo0y/asr4bdqlKtRsaLwpaG0w+6NKTpFmo6Rk3XbRMAoG
CCqGSM49BAMDA2gAMGUCMQCwA9rnTaaNJ3Eqx2L7LSW+vVyK0kiaTp0poN82V5fr
GGXZNdyPrHeLAA0OiGnMQHwCMFfCxgJJ7JFllCHIHnjjRFk7pV3DJ7a9N8W6nFxg
Wik/YdTKMn5yCbKTyv6gYmLgjA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

5
etc/letsencrypt/archive/phares3757.ddns.net/privkey2.pem Normal file
View File

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgMkDpXWGeiqjE5WNj
mBuqwMXseOQuX9tv3SvZvQ761VOhRANCAAQPJlBf3XfrNcWGKQcOH9xS1X9UcBSi
yFIva+mn524DDCYpB2aSLpEY1JdqGnbnDn0kBGgYZG5AoTspEWQvkn34
-----END PRIVATE KEY-----

5
etc/letsencrypt/archive/phares3757.ddns.net/privkey3.pem Normal file
View File

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgr4csftLu03keRaK4
OR+nS9nOaog7Ak6NbSRkXg72RRKhRANCAATx31ZUCb0Um0CB5L92TDKpscWoiT3h
xDeUIBbYZufML/ODIwlMIJpeBABcPUuMWLKH+t5dlGtIZFZ8a9Y6s+QJ
-----END PRIVATE KEY-----

50
etc/letsencrypt/ha/fullchain.pem Normal file
View File

@ -0,0 +1,50 @@
-----BEGIN CERTIFICATE-----
MIID6zCCA3GgAwIBAgISA4snn7ZkkZV8ytXbnWtDcJgdMAoGCCqGSM49BAMDMDIx
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
NTAeFw0yNDEwMDYwNzU5MzRaFw0yNTAxMDQwNzU5MzNaMB0xGzAZBgNVBAMTEmFm
ZmlybS5kdWNrZG5zLm9yZzB2MBAGByqGSM49AgEGBSuBBAAiA2IABEzQCCWLkZD8
R1rHsE1iNmoobwtfihmN78eB9zVu+FdWRkOyClBXm+sZQl4rNf7NfDiV6bZ4dz13
fs/45z52PTWk6n2zP4c2Dgh/MESaxv9UaLvq4OjX4Bqd/OH1WuigHaOCAl0wggJZ
MA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
DAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUL+qPS4dEIsg41TGo25We68CvRIAwHwYD
VR0jBBgwFoAUnytfzzwhT50Et+0rLMTGcIvS1w0wVQYIKwYBBQUHAQEESTBHMCEG
CCsGAQUFBzABhhVodHRwOi8vZTUuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0
dHA6Ly9lNS5pLmxlbmNyLm9yZy8wZQYDVR0RBF4wXIISYWZmaXJtLmR1Y2tkbnMu
b3JnghVoYS1waGFyZXMuZHVja2Rucy5vcmeCEnBoYXJlcy5kdWNrZG5zLm9yZ4Ib
c3lub2xvZ3ktcGhhcmVzLmR1Y2tkbnMub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIB
MIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHYAzxFW7tUufK/zh1vZaS6b6RpxZ0qw
F+ysAdJbd87MOwgAAAGSYQzXTgAABAMARzBFAiEArfAVmkU+kJaHWipGCCPT7eVw
auk98aCxSEvIOD0Y+RsCIAnhbHMNuDAenJ8ZyRhtGmSCwMPRbLRnwcWbO7TFqxqf
AHcAouMK5EXvva2bfjjtR2d3U9eCW4SU1yteGyzEuVCkR+cAAAGSYQze4QAABAMA
SDBGAiEA+Vocdjpsc7/jUu9L5KjXO+Jnrp98MOnM0FEJN0hJU+wCIQD/HOM6C6H8
ZxTaopyvNyWVylw5ooPuSpuJ1Xf8brNjATAKBggqhkjOPQQDAwNoADBlAjEA8aBN
tJqelSOy/mnypFRI6qrvGegu7tKgghqUw0XWy56u8zMVmtksglEJtcMkf3ZlAjBh
15d+rRL3k+xXAaOE1YesxGhIUqJO1JiMHeQ6mgOE6vOMJYKhmUjrZ3P70XoEC7E=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
VQD9F6Na/+zmXCc=
-----END CERTIFICATE-----

6
etc/letsencrypt/ha/privkey.pem Normal file
View File

@ -0,0 +1,6 @@
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDAK5i0BgRa7SIcpCykadElWV5mBrW+xOWg1Sse0Zx8TEx8fuMiz6js3
CcVzHS0YjiegBwYFK4EEACKhZANiAARM0Agli5GQ/Edax7BNYjZqKG8LX4oZje/H
gfc1bvhXVkZDsgpQV5vrGUJeKzX+zXw4lem2eHc9d37P+Oc+dj01pOp9sz+HNg4I
fzBEmsb/VGi76uDo1+Aanfzh9VrooB0=
-----END EC PRIVATE KEY-----

61
etc/lighttpd/lighttpd.conf
View File

@ -1,61 +0,0 @@
### Documentation
# https://wiki.lighttpd.net/
#
### Configuration Syntax
# https://wiki.lighttpd.net/Docs_Configuration
#
### Configuration Options
# https://wiki.lighttpd.net/Docs_ConfigurationOptions
#
### Debian lighttpd base configuration
server.modules = (
"mod_indexfile",
"mod_access",
"mod_alias",
"mod_redirect",
)
server.document-root = "/var/www/html"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 8005
# strict parsing and normalization of URL for consistency and security
# https://wiki.lighttpd.net/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
# if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
"header-strict" => "enable",# default
"host-strict" => "enable",# default
"host-normalize" => "enable",# default
"url-normalize-unreserved"=> "enable",# recommended highly
"url-normalize-required" => "enable",# recommended
"url-ctrls-reject" => "enable",# recommended
"url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
#"url-path-2f-reject" => "enable",
"url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
#"url-path-dotseg-reject" => "enable",
#"url-query-20-plus" => "enable",# consistency in query string
"url-invalid-utf8-reject" => "enable",# recommended highly (unless breaks app)
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
# default listening port for IPv6 is same as default IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
### Customizations
# customizations should generally be placed in separate files such as
# /etc/lighttpd/conf-available/00_vars.conf # override variables for *.conf
# /etc/lighttpd/conf-available/99_custom.conf # override *.conf settings
# and then enabled using lighty-enable-mod (1)

2
etc/netplan/50-cloud-init.yaml
View File

@ -5,7 +5,7 @@
# network: {config: disabled} # network: {config: disabled}
network: network:
ethernets: ethernets:
enp2s0: enp1s0:
dhcp4: true dhcp4: true
version: 2 version: 2
wifis: {} wifis: {}

88
etc/nginx/sites-available/default
View File

@ -1,42 +1,46 @@
server { # include /etc/nginx/include/ansible.conf; # https://ansible.phares.duckddns.org # https://192.168.11.2/;
listen 8080 default_server; # include /etc/nginx/include/assistant.conf; # https://assistant.phares.duckddns.org # http://192.168.11.2:5001/;
root /var/www/html; # include /etc/nginx/include/casa.conf; # https://casa.phares.duckddns.org # http://10.131.57.60/;
index index.html index.htm index.nginx-debian.html; # include /etc/nginx/include/chat.conf; # https://chat.phares.duckddns.org # https://192.168.0.31:5001/;
server_name _; # include /etc/nginx/include/codeserver.conf; # https://codeserver.phares.duckddns.org # http://192.168.11.2:5007/;
location / { # include /etc/nginx/include/diskstation.conf; # https://diskstation.phares.duckddns.org # https://192.168.0.31:5001/;
try_files $uri $uri/ =404; # include /etc/nginx/include/dockge.conf; # https://dockge.phares.duckddns.org # http://192.168.11.2:5001/;
} # include /etc/nginx/include/docmost.conf; # https://docmost.phares.duckddns.org # http://192.168.11.2:5006/;
} # include /etc/nginx/include/drive.conf; # https://drive.phares.duckddns.org # https://192.168.0.31:5001/;
include /etc/nginx/include/affirm.conf; # include /etc/nginx/include/emby.conf; # https://emby.phares.duckddns.org # http://10.131.57.134:8096/;
# include /etc/nginx/include/ansible.conf; # include /etc/nginx/include/filebrowser.conf; # https://filebrowser.phares.duckddns.org # http://192.168.11.2:8080/;
# include /etc/nginx/include/assistant.conf; # include /etc/nginx/include/gogs.conf; # https://gogs.phares.duckddns.org # http://192.168.11.2:3000/;
# include /etc/nginx/include/casa.conf; # include /etc/nginx/include/incus.conf; # https://incus.phares.duckddns.org # http://192.168.11.2:5004/;
include /etc/nginx/include/codeserver.conf; # include /etc/nginx/include/invoice.conf; # https://invoice.phares.duckddns.org # https://192.168.11.2/;
include /etc/nginx/include/dashkiosk.conf; # include /etc/nginx/include/kestra.conf; # https://kestra.phares.duckddns.org # http://192.168.11.2:5002/;
# include /etc/nginx/include/dockge.conf; # include /etc/nginx/include/lxconsole.conf; # https://lxconsole.phares.duckddns.org # http://192.168.11.2:5004/;
# include /etc/nginx/include/docmost.conf; # include /etc/nginx/include/nextcloud.conf; # https://nextcloud.phares.duckddns.org # http://192.168.11.2:8081/;
# include /etc/nginx/include/emby.conf; # include /etc/nginx/include/owncast.conf; # https://owncast.phares.duckddns.org # http://10.131.57.141:8080/;
# include /etc/nginx/include/filebrowser.conf; # include /etc/nginx/include/photoprism.conf; # https://photoprism.phares.duckddns.org # http://192.168.11.2:2342/;
# include /etc/nginx/include/gogs.conf; # include /etc/nginx/include/photos.conf; # https://photos.phares.duckddns.org # https://192.168.0.31:5001/;
include /etc/nginx/include/gitea.conf; # include /etc/nginx/include/pihole.conf; # https://pihole.phares.duckddns.org # http://192.168.11.2:8005/admin/;
include /etc/nginx/include/immich.conf; # include /etc/nginx/include/proxmox.conf; # https://proxmox.phares.duckddns.org # https://192.168.11.2:8006/;
include /etc/nginx/include/incus.conf; # include /etc/nginx/include/readeck.conf; # https://readeck.phares.duckddns.org # http://192.168.11.2:8000/;
# include /etc/nginx/include/invoice.conf; # include /etc/nginx/include/terraform.conf; # https://terraform.phares.duckddns.org # http://192.168.11.2:5001/;
include /etc/nginx/include/lxconsole.conf; # include /etc/nginx/include/traccar.conf; # https://traccar.phares.duckddns.org # http://192.168.11.2:3000/;
include /etc/nginx/include/kestra.conf; # include /etc/nginx/include/umbrel.conf; # https://umbrel.phares.duckddns.org # http://192.168.11.20/;
include /etc/nginx/include/music.conf; # include /etc/nginx/include/vscodium.conf; # https://vscodium.phares.duckddns.org # http://10.131.57.190:3000/;
# include /etc/nginx/include/nextcloud.conf; # include /etc/nginx/include/wekan.conf; # https://wekan.phares.duckddns.org # http://192.168.11.2:5003/;
# include /etc/nginx/include/owncast.conf; include /etc/nginx/include/adguard.conf; # https://adguard.phares.duckddns.org # http://192.168.11.2:3002/;
include /etc/nginx/include/phares.conf; include /etc/nginx/include/affirm.conf; # https://affirm.phares.duckddns.org # http://192.168.11.2:8069/;
include /etc/nginx/include/pgadmin.conf; include /etc/nginx/include/baikal.conf; # https://baikal.phares.duckddns.org # http://192.168.11.2:8001/;
# include /etc/nginx/include/photoprism.conf; include /etc/nginx/include/cockpit.conf; # https://cockpit.phares.duckddns.org # http://192.168.11.2:9090/;
# include /etc/nginx/include/pihole.conf; include /etc/nginx/include/dashkiosk.conf; # https://dashkiosk.phares.duckddns.org # http://192.168.11.2:9400/;
# include /etc/nginx/include/proxmox.conf; include /etc/nginx/include/gitea.conf; # https://gitea.phares.duckddns.org # http://192.168.11.2:3000/;
include /etc/nginx/include/quartz.conf; include /etc/nginx/include/immich.conf; # https://immich.phares.duckddns.org # http://192.168.11.2:2283/;
# include /etc/nginx/include/readeck.conf; include /etc/nginx/include/mattermost.conf; # https://mattermost.phares.duckddns.org # http://192.168.11.2:8065/;
# include /etc/nginx/include/syncthing.conf; include /etc/nginx/include/music.conf; # https://music.phares.duckddns.org # http://192.168.11.2/;
# include /etc/nginx/include/terraform.conf; include /etc/nginx/include/neko.conf; # https://neko.phares.duckddns.org # http://192.168.11.2:8082/;
# include /etc/nginx/include/uptimekuma.conf; include /etc/nginx/include/pgadmin.conf; # https://pgadmin.phares.duckddns.org # http://192.168.11.2:5007/;
include /etc/nginx/include/vaultwarden.conf; include /etc/nginx/include/phares.conf; # https://phares.phares.duckddns.org # http://192.168.11.2/;
# include /etc/nginx/include/vscodium.conf; include /etc/nginx/include/quartz.conf; # https://quartz.phares.duckddns.org # http://192.168.11.2/;
# include /etc/nginx/include/wekan.conf; include /etc/nginx/include/router.conf; # https://router.phares.duckddns.org # https://192.168.11.1/;
include /etc/nginx/include/slideshow.conf; # https://slideshow.phares.duckddns.org # http://192.168.11.2:8080/;
include /etc/nginx/include/uptimekuma.conf; # https://uptimekuma.phares.duckddns.org # http://192.168.11.2:3004/;
include /etc/nginx/include/vaultwarden.conf; # https://vaultwarden.phares.duckddns.org # http://192.168.11.2:5008/;
include /etc/nginx/include/xandikos.conf; # https://xandikos.phares.duckddns.org # http://192.168.11.2:8000/;

4
etc/passwd
View File

@ -32,7 +32,6 @@ fwupd-refresh:x:989:989:Firmware update daemon:/var/lib/fwupd:/usr/sbin/nologin
usbmux:x:108:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin usbmux:x:108:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
sshd:x:109:65534::/run/sshd:/usr/sbin/nologin sshd:x:109:65534::/run/sshd:/usr/sbin/nologin
phares:x:1000:1000:Mike Phares:/home/phares:/bin/bash phares:x:1000:1000:Mike Phares:/home/phares:/bin/bash
pihole:x:1001:1001:Pi-hole,,,:/home/pihole:/bin/bash
podman:x:1002:1002:Podman,,,:/home/podman:/bin/bash podman:x:1002:1002:Podman,,,:/home/podman:/bin/bash
lphares:x:1003:1003:Logan Phares,,,:/home/lphares:/bin/bash lphares:x:1003:1003:Logan Phares,,,:/home/lphares:/bin/bash
bmiller:x:1004:1004:Bill Miller,,,:/home/bmiller:/bin/bash bmiller:x:1004:1004:Bill Miller,,,:/home/bmiller:/bin/bash
@ -40,3 +39,6 @@ unbound:x:110:111::/var/lib/unbound:/usr/sbin/nologin
dnsmasq:x:999:65534:dnsmasq:/var/lib/misc:/usr/sbin/nologin dnsmasq:x:999:65534:dnsmasq:/var/lib/misc:/usr/sbin/nologin
cockpit-ws:x:111:112::/nonexistent:/usr/sbin/nologin cockpit-ws:x:111:112::/nonexistent:/usr/sbin/nologin
cockpit-wsinstance:x:112:113::/nonexistent:/usr/sbin/nologin cockpit-wsinstance:x:112:113::/nonexistent:/usr/sbin/nologin
pcp:x:996:988:Performance Co-Pilot:/var/lib/pcp:/usr/sbin/nologin
persa:x:1001:1001:Persaya Cortez,,,:/home/persa:/bin/bash
redis:x:113:114::/var/lib/redis:/usr/sbin/nologin

4
etc/passwd-
View File

@ -32,10 +32,12 @@ fwupd-refresh:x:989:989:Firmware update daemon:/var/lib/fwupd:/usr/sbin/nologin
usbmux:x:108:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin usbmux:x:108:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
sshd:x:109:65534::/run/sshd:/usr/sbin/nologin sshd:x:109:65534::/run/sshd:/usr/sbin/nologin
phares:x:1000:1000:Mike Phares:/home/phares:/bin/bash phares:x:1000:1000:Mike Phares:/home/phares:/bin/bash
pihole:x:1001:1001:Pi-hole,,,:/home/pihole:/bin/bash
podman:x:1002:1002:Podman,,,:/home/podman:/bin/bash podman:x:1002:1002:Podman,,,:/home/podman:/bin/bash
lphares:x:1003:1003:Logan Phares,,,:/home/lphares:/bin/bash lphares:x:1003:1003:Logan Phares,,,:/home/lphares:/bin/bash
bmiller:x:1004:1004:Bill Miller,,,:/home/bmiller:/bin/bash bmiller:x:1004:1004:Bill Miller,,,:/home/bmiller:/bin/bash
unbound:x:110:111::/var/lib/unbound:/usr/sbin/nologin unbound:x:110:111::/var/lib/unbound:/usr/sbin/nologin
dnsmasq:x:999:65534:dnsmasq:/var/lib/misc:/usr/sbin/nologin dnsmasq:x:999:65534:dnsmasq:/var/lib/misc:/usr/sbin/nologin
cockpit-ws:x:111:112::/nonexistent:/usr/sbin/nologin cockpit-ws:x:111:112::/nonexistent:/usr/sbin/nologin
cockpit-wsinstance:x:112:113::/nonexistent:/usr/sbin/nologin
pcp:x:996:988:Performance Co-Pilot:/var/lib/pcp:/usr/sbin/nologin
persa:x:1001:1001:Persaya Cortez,,,:/home/persa:/bin/bash

0
etc/pihole/dhcp.leases
View File

14
etc/pihole/setupVars.conf
View File

@ -1,14 +0,0 @@
PIHOLE_INTERFACE=enp2s0
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
CACHE_SIZE=10000
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSMASQ_LISTENING=local
WEBPASSWORD=4f2f4f253d64a90315c0ace8a61b6b6e828f8d8d996b0a0b0e153230617bedd3
BLOCKING_ENABLED=true
PIHOLE_DNS_1=127.0.0.1#5335
DNSSEC=false
REV_SERVER=false

4
etc/shadow
View File

@ -32,7 +32,6 @@ fwupd-refresh:!*:19836::::::
usbmux:!:19929:::::: usbmux:!:19929::::::
sshd:!:19929:::::: sshd:!:19929::::::
phares:$y$j9T$mk3Fb5hENQkN//RvJPyB6.$xdsox1L6gnbZibmeEsveAMNjZ22J7sIEz.W957Osj1A:19930:0:99999:7::: phares:$y$j9T$mk3Fb5hENQkN//RvJPyB6.$xdsox1L6gnbZibmeEsveAMNjZ22J7sIEz.W957Osj1A:19930:0:99999:7:::
pihole:$y$j9T$k223Uf777oEQZtuag6kXO1$vfa4e7EdalU7A9ECEoPJ7QHnN9Bkylct7kNIHZYXGP8:19929:0:99999:7:::
podman:$y$j9T$kuuH4dAlA8LAbBASzBA6y/$9xVT4/nstOeIVTVoil/WSUKMIyePo8dKBXDByMm.qG5:19929:0:99999:7::: podman:$y$j9T$kuuH4dAlA8LAbBASzBA6y/$9xVT4/nstOeIVTVoil/WSUKMIyePo8dKBXDByMm.qG5:19929:0:99999:7:::
lphares:$y$j9T$m33.tZHwrEl7X.ovXN.a7/$z2We2A72fQMDkSQIYetbXuNNTk8YHNEvQeisSwtmo6C:19929:0:99999:7::: lphares:$y$j9T$m33.tZHwrEl7X.ovXN.a7/$z2We2A72fQMDkSQIYetbXuNNTk8YHNEvQeisSwtmo6C:19929:0:99999:7:::
bmiller:$y$j9T$sYFlvEEV1yntCl3CeN8M70$CpuMQrO3K9NFF122NsJWvM5nxnQK8EXvmD3C41.JZm8:19929:0:99999:7::: bmiller:$y$j9T$sYFlvEEV1yntCl3CeN8M70$CpuMQrO3K9NFF122NsJWvM5nxnQK8EXvmD3C41.JZm8:19929:0:99999:7:::
@ -40,3 +39,6 @@ unbound:!:19929::::::
dnsmasq:!:19930:::::: dnsmasq:!:19930::::::
cockpit-ws:!:19930:::::: cockpit-ws:!:19930::::::
cockpit-wsinstance:!:19930:::::: cockpit-wsinstance:!:19930::::::
pcp:!:19938::::::
persa:$y$j9T$9AiaUMaouaQcqO9TOrKZe.$XSerhwFhjwluy/xONVpJVUmeQfXk/qasTO6FCFmw9E1:19978:0:99999:7:::
redis:!:20001::::::

6
etc/shadow-
View File

@ -31,11 +31,13 @@ landscape:!:19836::::::
fwupd-refresh:!*:19836:::::: fwupd-refresh:!*:19836::::::
usbmux:!:19929:::::: usbmux:!:19929::::::
sshd:!:19929:::::: sshd:!:19929::::::
phares:$6$X.bTmW8z9/2WwB08$pivFW7YtPuGBou4Ut7eB1Y1ELwOVumy5tJYMf/RTQgkdUWzkKs9jndwfuVzTRlknbyGzA4A1lPImVtVHOCyBs/:19929:0:99999:7::: phares:$y$j9T$mk3Fb5hENQkN//RvJPyB6.$xdsox1L6gnbZibmeEsveAMNjZ22J7sIEz.W957Osj1A:19930:0:99999:7:::
pihole:$y$j9T$k223Uf777oEQZtuag6kXO1$vfa4e7EdalU7A9ECEoPJ7QHnN9Bkylct7kNIHZYXGP8:19929:0:99999:7:::
podman:$y$j9T$kuuH4dAlA8LAbBASzBA6y/$9xVT4/nstOeIVTVoil/WSUKMIyePo8dKBXDByMm.qG5:19929:0:99999:7::: podman:$y$j9T$kuuH4dAlA8LAbBASzBA6y/$9xVT4/nstOeIVTVoil/WSUKMIyePo8dKBXDByMm.qG5:19929:0:99999:7:::
lphares:$y$j9T$m33.tZHwrEl7X.ovXN.a7/$z2We2A72fQMDkSQIYetbXuNNTk8YHNEvQeisSwtmo6C:19929:0:99999:7::: lphares:$y$j9T$m33.tZHwrEl7X.ovXN.a7/$z2We2A72fQMDkSQIYetbXuNNTk8YHNEvQeisSwtmo6C:19929:0:99999:7:::
bmiller:$y$j9T$sYFlvEEV1yntCl3CeN8M70$CpuMQrO3K9NFF122NsJWvM5nxnQK8EXvmD3C41.JZm8:19929:0:99999:7::: bmiller:$y$j9T$sYFlvEEV1yntCl3CeN8M70$CpuMQrO3K9NFF122NsJWvM5nxnQK8EXvmD3C41.JZm8:19929:0:99999:7:::
unbound:!:19929:::::: unbound:!:19929::::::
dnsmasq:!:19930:::::: dnsmasq:!:19930::::::
cockpit-ws:!:19930:::::: cockpit-ws:!:19930::::::
cockpit-wsinstance:!:19930::::::
pcp:!:19938::::::
persa:$y$j9T$9AiaUMaouaQcqO9TOrKZe.$XSerhwFhjwluy/xONVpJVUmeQfXk/qasTO6FCFmw9E1:19978:0:99999:7:::

2
etc/systemd/resolved.conf
View File

@ -30,7 +30,7 @@
#LLMNR=no #LLMNR=no
#Cache=no-negative #Cache=no-negative
#CacheFromLocalhost=no #CacheFromLocalhost=no
DNSStubListener=no #DNSStubListener=yes
#DNSStubListenerExtra= #DNSStubListenerExtra=
#ReadEtcHosts=yes #ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no #ResolveUnicastSingleLabel=no

19
etc/systemd/system/snap.adguard-home.adguard-home.service Normal file
View File

@ -0,0 +1,19 @@
[Unit]
# Auto-generated, DO NOT EDIT
Description=Service for snap application adguard-home.adguard-home
Requires=snap-adguard\x2dhome-7470.mount
Wants=network.target
After=snap-adguard\x2dhome-7470.mount network.target snapd.apparmor.service
X-Snappy=yes
[Service]
EnvironmentFile=-/etc/environment
ExecStart=/usr/bin/snap run adguard-home
SyslogIdentifier=adguard-home.adguard-home
Restart=always
WorkingDirectory=/var/snap/adguard-home/7470
TimeoutStopSec=30
Type=simple
[Install]
WantedBy=multi-user.target

6
etc/systemd/system/snap.certbot.renew.service
View File

@ -1,9 +1,9 @@
[Unit] [Unit]
# Auto-generated, DO NOT EDIT # Auto-generated, DO NOT EDIT
Description=Service for snap application certbot.renew Description=Service for snap application certbot.renew
Requires=snap-certbot-3834.mount Requires=snap-certbot-4182.mount
Wants=network.target Wants=network.target
After=snap-certbot-3834.mount network.target snapd.apparmor.service After=snap-certbot-4182.mount network.target snapd.apparmor.service
X-Snappy=yes X-Snappy=yes
[Service] [Service]
@ -11,6 +11,6 @@ EnvironmentFile=-/etc/environment
ExecStart=/usr/bin/snap run --timer="00:00~24:00/2" certbot.renew ExecStart=/usr/bin/snap run --timer="00:00~24:00/2" certbot.renew
SyslogIdentifier=certbot.renew SyslogIdentifier=certbot.renew
Restart=no Restart=no
WorkingDirectory=/var/snap/certbot/3834 WorkingDirectory=/var/snap/certbot/4182
TimeoutStopSec=30 TimeoutStopSec=30
Type=oneshot Type=oneshot

8
etc/systemd/system/snap.certbot.renew.timer
View File

@ -1,14 +1,14 @@
[Unit] [Unit]
# Auto-generated, DO NOT EDIT # Auto-generated, DO NOT EDIT
Description=Timer renew for snap application certbot.renew Description=Timer renew for snap application certbot.renew
Requires=snap-certbot-3834.mount Requires=snap-certbot-4182.mount
After=snap-certbot-3834.mount After=snap-certbot-4182.mount
X-Snappy=yes X-Snappy=yes
[Timer] [Timer]
Unit=snap.certbot.renew.service Unit=snap.certbot.renew.service
OnCalendar=*-*-* 05:54 OnCalendar=*-*-* 06:44
OnCalendar=*-*-* 14:00 OnCalendar=*-*-* 22:31
[Install] [Install]
WantedBy=timers.target WantedBy=timers.target

6
etc/systemd/system/snap.ubuntu-frame.daemon.service
View File

@ -1,9 +1,9 @@
[Unit] [Unit]
# Auto-generated, DO NOT EDIT # Auto-generated, DO NOT EDIT
Description=Service for snap application ubuntu-frame.daemon Description=Service for snap application ubuntu-frame.daemon
Requires=snap-ubuntu\x2dframe-9750.mount Requires=snap-ubuntu\x2dframe-10823.mount
Wants=network.target Wants=network.target
After=snap-ubuntu\x2dframe-9750.mount network.target snapd.apparmor.service After=snap-ubuntu\x2dframe-10823.mount network.target snapd.apparmor.service
X-Snappy=yes X-Snappy=yes
[Service] [Service]
@ -12,7 +12,7 @@ ExecStart=/usr/bin/snap run ubuntu-frame.daemon
SyslogIdentifier=ubuntu-frame.daemon SyslogIdentifier=ubuntu-frame.daemon
Restart=on-failure Restart=on-failure
RestartSec=3 RestartSec=3
WorkingDirectory=/var/snap/ubuntu-frame/9750 WorkingDirectory=/var/snap/ubuntu-frame/10823
TimeoutStopSec=30 TimeoutStopSec=30
Type=simple Type=simple

10
etc/unbound/unbound.conf
View File

@ -1,10 +0,0 @@
# Unbound configuration file for Debian.
#
# See the unbound.conf(5) man page.
#
# See /usr/share/doc/unbound/examples/unbound.conf for a commented
# reference config file.
#
# The following line includes additional configuration files from the
# /etc/unbound/unbound.conf.d directory.
include-toplevel: "/etc/unbound/unbound.conf.d/*.conf"

0
home/podman/.config/containers/systemd/immich-server-external.volume → home/podman/.config/containers/systemd/baikal-server-config.volume
View File

1
home/podman/.config/containers/systemd/baikal-server-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

24
home/podman/.config/containers/systemd/baikal-server.container Normal file
View File

@ -0,0 +1,24 @@
[Container]
AutoUpdate=registry
ContainerName=baikal-server
Image=docker.io/ckulka/baikal:latest
PublishPort=8001:80
Volume=baikal-server-config.volume:/var/www/baikal/config:Z
Volume=baikal-server-data.volume:/var/www/baikal/Specific:Z
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# podman pull docker.io/ckulka/baikal:latest
# systemctl --user daemon-reload
# systemctl --user start baikal-server
# systemctl --user status baikal-server
# journalctl -fu baikal-server.service
# podman logs baikal-server
# systemctl --user stop baikal-server
# systemctl --user disable baikal-server
# podman exec -ti baikal-server /bin/sh
# podman exec -ti baikal-server /bin/bash

6
home/podman/.config/containers/systemd/gitea-server.container
View File

@ -19,7 +19,7 @@ Environment="GITEA__server__DOMAIN=gitea.phares.duckdns.org"
Environment="GITEA__server__LFS_JWT_SECRET=WgTjm7nPHRtxHWrWi9EInaNnQGENsECgCqi2e9H37W0" Environment="GITEA__server__LFS_JWT_SECRET=WgTjm7nPHRtxHWrWi9EInaNnQGENsECgCqi2e9H37W0"
Environment="GITEA__server__ROOT_URL=https://gitea.phares.duckdns.org/" Environment="GITEA__server__ROOT_URL=https://gitea.phares.duckdns.org/"
Environment="GITEA__server__SSH_DOMAIN=gitea.phares.duckdns.org" Environment="GITEA__server__SSH_DOMAIN=gitea.phares.duckdns.org"
Image=docker.io/gitea/gitea:1.22.1-rootless Image=docker.io/gitea/gitea:1.22.3-rootless
# Network=gitea.network # Network=gitea.network
# Pod=gitea.pod # Pod=gitea.pod
PublishPort=3000:3000 PublishPort=3000:3000
@ -38,7 +38,9 @@ Restart=no
[Install] [Install]
WantedBy=multi-user.target default.target WantedBy=multi-user.target default.target
# podman pull docker.io/gitea/gitea:1.22.1-rootless # podman pull docker.io/gitea/gitea:1.22.3-rootless
# x-podman pull docker.io/gitea/gitea:1.22.1-rootless
# x-podman pull docker.io/gitea/gitea:latest
# systemctl --user daemon-reload # systemctl --user daemon-reload
# systemctl --user start gitea-server # systemctl --user start gitea-server
# systemctl --user status gitea-server # systemctl --user status gitea-server

35
home/podman/.config/containers/systemd/immich-card-dav.container Normal file
View File

@ -0,0 +1,35 @@
[Container]
AutoUpdate=registry
ContainerName=immich-card-dav
Environment="CARDDAV_SYNC_CARDDAV_ADDRESSBOOK=asdf"
Environment="CARDDAV_SYNC_CARDDAV_PASSWORD=excitedwater164"
Environment="CARDDAV_SYNC_CARDDAV_URL=192.168.11.2"
Environment="CARDDAV_SYNC_CARDDAV_USERNAME=cphares"
Environment="CARDDAV_SYNC_CRON_EXPRESSION=24 5 * * *"
Environment="CARDDAV_SYNC_IMMICH_API_KEY=asdf"
Environment="CARDDAV_SYNC_IMMICH_API_URL=asdf"
Image=ghcr.io/daniele-athome/immich-carddav-sync-daemon:master
# Network=immich.network
# Pod=immich.pod
# PublishPort=3001:3001
[Service]
Restart=no
[Unit]
Requires=immich-server.service
After=immich-server.service
[Install]
WantedBy=multi-user.target default.target
# podman pull ghcr.io/daniele-athome/immich-carddav-sync-daemon:master
# systemctl --user daemon-reload
# systemctl --user start immich-card-dav
# systemctl --user status immich-card-dav
# journalctl -fu immich-card-dav.service
# podman logs immich-card-dav
# systemctl --user stop immich-card-dav
# systemctl --user disable immich-card-dav
# podman exec -ti immich-card-dav /bin/sh
# podman exec -ti immich-card-dav /bin/bash

8
home/podman/.config/containers/systemd/immich-db.container
View File

@ -5,7 +5,7 @@ Environment="POSTGRES_DB=immich"
Environment="POSTGRES_INITDB_ARGS=--data-checksums" Environment="POSTGRES_INITDB_ARGS=--data-checksums"
Environment="POSTGRES_PASSWORD=postgres" Environment="POSTGRES_PASSWORD=postgres"
Environment="POSTGRES_USER=postgres" Environment="POSTGRES_USER=postgres"
Image=docker.io/library/postgres:16 Image=docker.io/tensorchord/pgvecto-rs:pg16-v0.2.0
# Network=immich.network # Network=immich.network
# Pod=immich.pod # Pod=immich.pod
PublishPort=5432:5432 PublishPort=5432:5432
@ -41,7 +41,7 @@ WantedBy=multi-user.target default.target
# - -c # - -c
# - wal_compression=on # - wal_compression=on
# podman pull docker.io/library/postgres:16 # podman pull docker.io/tensorchord/pgvecto-rs:pg16-v0.2.0
# systemctl --user daemon-reload # systemctl --user daemon-reload
# systemctl --user start immich-db # systemctl --user start immich-db
# systemctl --user status immich-db # systemctl --user status immich-db
@ -51,3 +51,7 @@ WantedBy=multi-user.target default.target
# systemctl --user disable immich-db # systemctl --user disable immich-db
# podman exec -ti immich-db /bin/sh # podman exec -ti immich-db /bin/sh
# podman exec -ti immich-db /bin/bash # podman exec -ti immich-db /bin/bash
# Image=docker.io/library/postgres:16
# podman pull docker.io/library/postgres:16
# file: 'extension.c', line: '543', routine: 'parse_extension_control_file'
# https://github.com/immich-app/immich/discussions/6792

3
home/podman/.config/containers/systemd/immich-learning.container
View File

@ -1,10 +1,13 @@
[Container] [Container]
AutoUpdate=registry AutoUpdate=registry
ContainerName=immich-learning ContainerName=immich-learning
Environment="IMMICH_HOST=0.0.0.0"
Environment="MACHINE_LEARNING_HOST=0.0.0.0"
Image=ghcr.io/immich-app/immich-machine-learning:release Image=ghcr.io/immich-app/immich-machine-learning:release
# Network=immich.network # Network=immich.network
# Pod=immich.pod # Pod=immich.pod
PublishPort=3003:3003 PublishPort=3003:3003
Volume=/etc/localtime:/etc/localtime:ro
Volume=immich-learning-cache.volume:/cache:Z Volume=immich-learning-cache.volume:/cache:Z
[Service] [Service]

2
home/podman/.config/containers/systemd/immich-redis.container
View File

@ -29,3 +29,5 @@ WantedBy=multi-user.target default.target
# systemctl --user disable immich-redis # systemctl --user disable immich-redis
# podman exec -ti immich-redis /bin/sh # podman exec -ti immich-redis /bin/sh
# podman exec -ti immich-redis /bin/bash # podman exec -ti immich-redis /bin/bash
# ERROR Can't connect to ('::', 3003)
# https://github.com/immich-app/immich/discussions/8220

10
home/podman/.config/containers/systemd/immich-server.container
View File

@ -2,16 +2,19 @@
AutoUpdate=registry AutoUpdate=registry
ContainerName=immich-server ContainerName=immich-server
Environment="DB_DATABASE_NAME=immich" Environment="DB_DATABASE_NAME=immich"
Environment="DB_HOST=192.168.11.2" Environment="DB_HOSTNAME=192.168.11.2"
Environment="DB_PASSWORD=postgres" Environment="DB_PASSWORD=postgres"
Environment="DB_USERNAME=postgres" Environment="DB_USERNAME=postgres"
Environment="REDIS_HOSTNAME=192.168.11.2"
Image=ghcr.io/immich-app/immich-server:release Image=ghcr.io/immich-app/immich-server:release
# Network=immich.network # Network=immich.network
# Pod=immich.pod # Pod=immich.pod
PublishPort=3001:3001 PublishPort=3001:2283
Volume=/etc/localtime:/etc/localtime:ro Volume=/etc/localtime:/etc/localtime:ro
Volume=immich-server-upload.volume:/usr/src/app/upload:Z Volume=immich-server-upload.volume:/usr/src/app/upload:Z
Volume=immich-server-external.volume:/usr/src/app/external:Z # Volume=immich-server-external.volume:/usr/src/app/external:Z
Volume=/mnt/free-file-sync/still:/usr/src/app/external/still:Z
Volume=/mnt/free-file-sync/moving:/usr/src/app/external/moving:Z
[Service] [Service]
Restart=no Restart=no
@ -35,3 +38,4 @@ WantedBy=multi-user.target default.target
# systemctl --user disable immich-server # systemctl --user disable immich-server
# podman exec -ti immich-server /bin/sh # podman exec -ti immich-server /bin/sh
# podman exec -ti immich-server /bin/bash # podman exec -ti immich-server /bin/bash
# Environment="DB_HOST=192.168.11.2"

1
home/podman/.config/containers/systemd/mattermost-db-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

33
home/podman/.config/containers/systemd/mattermost-db.container Normal file
View File

@ -0,0 +1,33 @@
[Container]
AutoUpdate=registry
ContainerName=mattermost-db
Environment="POSTGRES_DB=mattermost"
Environment="POSTGRES_INITDB_ARGS=--data-checksums"
Environment="POSTGRES_PASSWORD=mmuser_password"
Environment="POSTGRES_USER=mmuser"
Image=docker.io/postgres:13-alpine
# Network=immich.network
# Pod=immich.pod
PublishPort=5436:5432
Volume=mattermost-db-data.volume:/var/lib/postgresql/data
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# podman pull docker.io/postgres:13-alpine
# systemctl --user daemon-reload
# systemctl --user start mattermost-db
# systemctl --user status mattermost-db
# journalctl -fu mattermost-db.service
# podman logs mattermost-db
# systemctl --user stop mattermost-db
# systemctl --user disable mattermost-db
# podman exec -ti mattermost-db /bin/sh
# podman exec -ti mattermost-db /bin/bash
# Image=docker.io/library/postgres:16
# podman pull docker.io/library/postgres:16
# file: 'extension.c', line: '543', routine: 'parse_extension_control_file'
# https://github.com/immich-app/immich/discussions/6792

1
home/podman/.config/containers/systemd/mattermost-server-bleve.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

1
home/podman/.config/containers/systemd/mattermost-server-client-plugins.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

1
home/podman/.config/containers/systemd/mattermost-server-config.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

1
home/podman/.config/containers/systemd/mattermost-server-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

1
home/podman/.config/containers/systemd/mattermost-server-logs.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

1
home/podman/.config/containers/systemd/mattermost-server-plugins.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

52
home/podman/.config/containers/systemd/mattermost-server.container Normal file
View File

@ -0,0 +1,52 @@
[Container]
AutoUpdate=registry
ContainerName=mattermost-server
Environment="DOMAIN=mattermost.phares.duckdns.org"
Environment="MM_BLEVESETTINGS_INDEXDIR=/mattermost/bleve-indexes"
Environment="MM_SERVICESETTINGS_SITEURL=https://mattermost.phares.duckdns.org"
Environment="MM_SQLSETTINGS_DATASOURCE=postgres://mmuser:mmuser_password@192.168.11.2:5436/mattermost?sslmode=disable&connect_timeout=10"
Environment="MM_SQLSETTINGS_DRIVERNAME=postgres"
Environment="TZ=US/Arizona"
Image=docker.io/mattermost/mattermost-team-edition:9.11.2
# Network=mattermost.network
# Pod=mattermost.pod
PublishPort=8065:8065
PublishPort=8443:8443
Volume=/etc/localtime:/etc/localtime:ro
Volume=/etc/timezone:/etc/timezone:ro
Volume=mattermost-server-bleve.volume:/mattermost/bleve-indexes:rw
Volume=mattermost-server-client-plugins.volume:/mattermost/client/plugins:rw
Volume=mattermost-server-config.volume:/mattermost/config:rw
Volume=mattermost-server-data.volume:/mattermost/data:rw
Volume=mattermost-server-logs.volume:/mattermost/logs:rw
Volume=mattermost-server-plugins.volume:/mattermost/plugins:rw
[Service]
Restart=no
[Unit]
Requires=mattermost-db.service
[Install]
WantedBy=multi-user.target default.target
# chown -R podman:podman /home/podman/.config/containers/systemd
# /usr/libexec/podman/quadlet -dryrun --user
# /usr/libexec/podman/quadlet --user /home/podman/libexec-podman-quadlet-output
# find / -name "mattermost-server.service" 2>/dev/null
# /home/podman/quadlet/mattermost-server.service
# /home/podman/quadlet/default.target.wants/mattermost-server.service
# /home/podman/quadlet/multi-user.target.wants/mattermost-server.service
# /run/user/1002/systemd/generator/multi-user.target.wants/mattermost-server.service
# /run/user/1002/systemd/generator/default.target.wants/mattermost-server.service
# /run/user/1002/systemd/generator/mattermost-server.service
# podman pull docker.io/mattermost/mattermost-team-edition:9.11.2
# systemctl --user daemon-reload
# systemctl --user start mattermost-server
# systemctl --user status mattermost-server
# journalctl -fu mattermost-server.service
# podman logs mattermost-server
# systemctl --user stop mattermost-server
# systemctl --user disable mattermost-server
# podman exec -ti mattermost-server /bin/sh
# podman exec -ti mattermost-server /bin/bash

42
home/podman/.config/containers/systemd/neko-server.container Normal file
View File

@ -0,0 +1,42 @@
[Container]
AutoUpdate=registry
ContainerName=neko-server
Environment="NEKO_SCREEN=1920x1080@30"
Environment="NEKO_PASSWORD=neko"
Environment="NEKO_PASSWORD_ADMIN=admin"
Environment="NEKO_EPR=52000-52100"
Environment="NEKO_NAT1TO1=192.168.11.2"
Image=docker.io/m1k1o/neko:firefox
# Network=neko.network
# Pod=neko.pod
PublishPort=8082:8080/tcp
PublishPort=52000-52100:52000-52100/udp
Volume=/etc/localtime:/etc/localtime:ro
Volume=/etc/timezone:/etc/timezone:ro
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# chown -R podman:podman /home/podman/.config/containers/systemd
# /usr/libexec/podman/quadlet -dryrun --user
# /usr/libexec/podman/quadlet --user /home/podman/libexec-podman-quadlet-output
# find / -name "neko-server.service" 2>/dev/null
# /home/podman/quadlet/neko-server.service
# /home/podman/quadlet/default.target.wants/neko-server.service
# /home/podman/quadlet/multi-user.target.wants/neko-server.service
# /run/user/1002/systemd/generator/multi-user.target.wants/neko-server.service
# /run/user/1002/systemd/generator/default.target.wants/neko-server.service
# /run/user/1002/systemd/generator/neko-server.service
# podman pull docker.io/m1k1o/neko:firefox
# systemctl --user daemon-reload
# systemctl --user start neko-server
# systemctl --user status neko-server
# journalctl -fu neko-server.service
# podman logs neko-server
# systemctl --user stop neko-server
# systemctl --user disable neko-server
# podman exec -ti neko-server /bin/sh
# podman exec -ti neko-server /bin/bash

5
home/podman/.config/containers/systemd/pgadmin.container
View File

@ -3,7 +3,7 @@ AutoUpdate=registry
ContainerName=pgadmin ContainerName=pgadmin
Environment="PGADMIN_DEFAULT_EMAIL=mikepharesjr@msn.com" Environment="PGADMIN_DEFAULT_EMAIL=mikepharesjr@msn.com"
Environment="PGADMIN_DEFAULT_PASSWORD=Vm1jZ4mzdaF1q#pn4v1b" Environment="PGADMIN_DEFAULT_PASSWORD=Vm1jZ4mzdaF1q#pn4v1b"
Image=docker.io/dpage/pgadmin4:latest Image=docker.io/dpage/pgadmin4:8.12
# Network=gitea.network # Network=gitea.network
# Pod=gitea.pod # Pod=gitea.pod
PublishPort=5007:80 PublishPort=5007:80
@ -15,7 +15,8 @@ Restart=no
[Install] [Install]
WantedBy=multi-user.target default.target WantedBy=multi-user.target default.target
# podman pull docker.io/library/postgres:14 # podman pull docker.io/dpage/pgadmin4:8.12
# x-podman pull docker.io/dpage/pgadmin4:latest
# systemctl --user daemon-reload # systemctl --user daemon-reload
# systemctl --user start pgadmin # systemctl --user start pgadmin
# systemctl --user status pgadmin # systemctl --user status pgadmin

1
home/podman/.config/containers/systemd/uptime-kuma-server-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

35
home/podman/.config/containers/systemd/uptime-kuma-server.container Normal file
View File

@ -0,0 +1,35 @@
[Container]
AutoUpdate=registry
ContainerName=uptime-kuma-server
Image=docker.io/louislam/uptime-kuma:1
# Network=uptime-kuma.network
# Pod=uptime-kuma.pod
PublishPort=3004:3001
Volume=uptime-kuma-server-data.volume:/app/data:rw
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# chown -R podman:podman /home/podman/.config/containers/systemd
# /usr/libexec/podman/quadlet -dryrun --user
# /usr/libexec/podman/quadlet --user /home/podman/libexec-podman-quadlet-output
# find / -name "uptime-kuma-server.service" 2>/dev/null
# /home/podman/quadlet/uptime-kuma-server.service
# /home/podman/quadlet/default.target.wants/uptime-kuma-server.service
# /home/podman/quadlet/multi-user.target.wants/uptime-kuma-server.service
# /run/user/1002/systemd/generator/multi-user.target.wants/uptime-kuma-server.service
# /run/user/1002/systemd/generator/default.target.wants/uptime-kuma-server.service
# /run/user/1002/systemd/generator/uptime-kuma-server.service
# podman pull docker.io/louislam/uptime-kuma:1
# systemctl --user daemon-reload
# systemctl --user start uptime-kuma-server
# systemctl --user status uptime-kuma-server
# journalctl -fu uptime-kuma-server.service
# podman logs uptime-kuma-server
# systemctl --user stop uptime-kuma-server
# systemctl --user disable uptime-kuma-server
# podman exec -ti uptime-kuma-server /bin/sh
# podman exec -ti uptime-kuma-server /bin/bash

1
home/podman/.config/containers/systemd/vaultwarden-db-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

28
home/podman/.config/containers/systemd/vaultwarden-db.container Normal file
View File

@ -0,0 +1,28 @@
[Container]
AutoUpdate=registry
ContainerName=vaultwarden-db
Environment="POSTGRES_DB=vaultwarden"
Environment="POSTGRES_PASSWORD=vaultwarden"
Environment="POSTGRES_USER=vaultwarden"
Image=docker.io/library/postgres:14
# Network=vaultwarden.network
# Pod=vaultwarden.pod
PublishPort=5435:5432
Volume=vaultwarden-db-data.volume:/var/lib/postgresql/data:Z
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# podman pull docker.io/library/postgres:14
# systemctl --user daemon-reload
# systemctl --user start vaultwarden-db
# systemctl --user status vaultwarden-db
# journalctl -fu vaultwarden-db.service
# podman logs vaultwarden-db
# systemctl --user stop vaultwarden-db
# systemctl --user disable vaultwarden-db
# podman exec -ti vaultwarden-db /bin/sh
# podman exec -ti vaultwarden-db /bin/bash

22
home/podman/.config/containers/systemd/vaultwarden-server.container
View File

@ -1,29 +1,37 @@
[Container] [Container]
AutoUpdate=registry AutoUpdate=registry
ContainerName=vaultwarden-server ContainerName=vaultwarden-server
Image=docker.io/vaultwarden/server:latest Image=docker.io/vaultwarden/server:latest@sha256:7de8fd442afc26e4932a0b2521e2eec82db9f17667eef7b46fd9c2fa2e639de2
# Network=vaultwarden.network # Network=vaultwarden.network
# Pod=vaultwarden.pod # Pod=vaultwarden.pod
PublishPort=5008:80 PublishPort=5008:80
Volume=vaultwarden-server-data.volume:/data:rw Volume=vaultwarden-server-data.volume:/data:rw
Environment="ADMIN_TOKEN=7jrceE25+m5vPMK9jmVT8VsMM/0Svoiz4YEpLYHHT2hSaJPIlXcP8lOXwR5GpdaM" Environment="ADMIN_TOKEN=7jrceE25+m5vPMK9jmVT8VsMM/0Svoiz4YEpLYHHT2hSaJPIlXcP8lOXwR5GpdaM"
# Environment="ADMIN_TOKEN=$argon2id$v=19$m=65540,t=3,p=4$U3JuRm84cFpHOC9Rbi9ZOWdzdXU2RFl5ajZka2trNnBJWTJCZW1BT3VUOD0$tc54DJ7/6bA5iNgSFF9KtKktP8u4mMU8unrGiL8hJMY"
# Environment="ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$U3JuRm84cFpHOC9Rbi9ZOWdzdXU2RFl5ajZka2trNnBJWTJCZW1BT3VUOD0$$tc54DJ7/6bA5iNgSFF9KtKktP8u4mMU8unrGiL8hJMY"
Environment="DATABASE_URL=postgresql://vaultwarden:vaultwarden@192.168.11.2:5435/vaultwarden"
Environment="DOMAIN=https://vaultwarden.phares.duckdns.org" Environment="DOMAIN=https://vaultwarden.phares.duckdns.org"
Environment="SIGNUPS_ALLOWED=true" Environment="SIGNUPS_ALLOWED=true"
Environment="SMTP_FROM=user@example.com" Environment="SMTP_FROM=phares@centurylink.net"
Environment="SMTP_HOST=smtp-relay.sendinblue.com" Environment="SMTP_HOST=smtp.centurylink.net"
Environment="SMTP_PASSWORD=sendinblue password" Environment="SMTP_PASSWORD=0jbeze5r#OQqne73yFlp"
Environment="SMTP_PORT=587" Environment="SMTP_PORT=587"
Environment="SMTP_SSL=true" Environment="SMTP_SSL=false"
Environment="SMTP_USERNAME=user@example.com" Environment="SMTP_USERNAME=phares@centurylink.net"
Environment="WEBSOCKET_ENABLED=true" Environment="WEBSOCKET_ENABLED=true"
[Service] [Service]
Restart=no Restart=no
[Unit]
Requires=vaultwarden-db.service
After=vaultwarden-db.service
[Install] [Install]
WantedBy=multi-user.target default.target WantedBy=multi-user.target default.target
# podman pull docker.io/vaultwarden/server:latest # podman pull docker.io/vaultwarden/server:latest@sha256:7de8fd442afc26e4932a0b2521e2eec82db9f17667eef7b46fd9c2fa2e639de2
# x-podman pull docker.io/vaultwarden/server:1.31.0
# systemctl --user daemon-reload # systemctl --user daemon-reload
# systemctl --user start vaultwarden-server # systemctl --user start vaultwarden-server
# systemctl --user status vaultwarden-server # systemctl --user status vaultwarden-server

1
home/podman/.config/containers/systemd/xandikos-server-data.volume Normal file
View File

@ -0,0 +1 @@
[Volume]

23
home/podman/.config/containers/systemd/xandikos-server.container Normal file
View File

@ -0,0 +1,23 @@
[Container]
AutoUpdate=registry
ContainerName=xandikos-server
Image=ghcr.io/jelmer/xandikos
PublishPort=8000:8000
Volume=xandikos-server-data.volume:/data:Z
[Service]
Restart=no
[Install]
WantedBy=multi-user.target default.target
# podman pull ghcr.io/jelmer/xandikos
# systemctl --user daemon-reload
# systemctl --user start xandikos-server
# systemctl --user status xandikos-server
# journalctl -fu xandikos-server.service
# podman logs xandikos-server
# systemctl --user stop xandikos-server
# systemctl --user disable xandikos-server
# podman exec -ti xandikos-server /bin/sh
# podman exec -ti xandikos-server /bin/bash