tobias
/
infrastructure
1
0
Fork 0
Code Issues 5 Pull Requests Projects Activity

Initial 

Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>
This commit is contained in:
Tobias Manske 2022-06-18 14:12:12 +02:00
commit b449a279cd
Signed by: tobias
GPG Key ID: E83C743C1FC2F79A
42 changed files with 4876 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
.gitignore vendored Normal file
View File

@ -0,0 +1,128 @@
# Created by https://www.toptal.com/developers/gitignore/api/vagrant,git,vim,ansible,linux,windows,osx
# Edit at https://www.toptal.com/developers/gitignore?templates=vagrant,git,vim,ansible,linux,windows,osx
### Ansible ###
*.retry
### Git ###
# Created by git for backups. To disable backups in Git:
# $ git config --global mergetool.keepBackup false
*.orig
# Created by git when using merge tools for conflicts
*.BACKUP.*
*.BASE.*
*.LOCAL.*
*.REMOTE.*
*_BACKUP_*.txt
*_BASE_*.txt
*_LOCAL_*.txt
*_REMOTE_*.txt
### Linux ###
*~
# temporary files which can be created if a process still has a handle open of a deleted file
.fuse_hidden*
# KDE directory preferences
.directory
# Linux trash folder which might appear on any partition or disk
.Trash-*
# .nfs files are created when an open file is removed but is still being accessed
.nfs*
### OSX ###
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
### Vagrant ###
# General
.vagrant/
# Log files (if you are creating logs in debug mode, uncomment this)
# *.log
### Vagrant Patch ###
*.box
### Vim ###
# Swap
[._]*.s[a-v][a-z]
!*.svg # comment out if you don't need vector files
[._]*.sw[a-p]
[._]s[a-rt-v][a-z]
[._]ss[a-gi-z]
[._]sw[a-p]
# Session
Session.vim
Sessionx.vim
# Temporary
.netrwhist
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~
### Windows ###
# Windows thumbnail cache files
Thumbs.db
Thumbs.db:encryptable
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
# End of https://www.toptal.com/developers/gitignore/api/vagrant,git,vim,ansible,linux,windows,osx
/vagrant.ign
/setup.ign
backups/*
render/
borgbackup
borgbackup.pub

18
Makefile Normal file
View File

@ -0,0 +1,18 @@
provision:
vagrant provision
down:
vagrant destroy -f
clean: down up
up: vagrant.ign
vagrant up
vagrant.ign: vagrant_INSECURE.ign setup.ign
butane --pretty --strict -d . vagrant.bu > vagrant.ign
setup.ign: setup.bu
butane --pretty --strict -d . setup.bu > setup.ign
.PHONY: provision down up clean

97
Vagrantfile vendored Normal file
View File

@ -0,0 +1,97 @@
# -*- mode: ruby -*-
# vi: set ft=ruby :
require 'json'
ignition_file = File.join(File.dirname(__FILE__), 'vagrant.ign')
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
# config.disksize.size = "30G"
# The most common configuration options are documented and commented below.
# For a complete reference, please see the online documentation at
# https://docs.vagrantup.com.
# Every Vagrant development environment requires a box. You can search for
# boxes at https://vagrantcloud.com/search.
config.vm.box = "fedora-coreos"
config.vm.provider :libvirt do |libvirt|
libvirt.disk_bus = 'ide'
libvirt.driver = 'kvm'
libvirt.memory = 4096
libvirt.cpus = 4
libvirt.machine_virtual_size = 60
libvirt.qemuargs :value => '-fw_cfg'
libvirt.qemuargs :value => "name=opt/com.coreos/config,file=#{ignition_file}"
end
config.vm.provision "ansible" do |ansible|
ansible.playbook = "playbook.yaml"
ansible.limit = "all,localhost"
ansible.ask_vault_pass = true
end
# Disable automatic box update checking. If you disable this, then
# boxes will only be checked for updates when the user runs
# `vagrant box outdated`. This is not recommended.
# config.vm.box_check_update = false
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
# NOTE: This will enable public access to the opened port
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine and only allow access
# via 127.0.0.1 to disable public access
# config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
# Create a private network, which allows host-only access to the machine
# using a specific IP.
config.vm.network :private_network,
:ip => "192.168.33.10",
:libvirt__guest_ipv6 => "yes",
:libvirt__ipv6_address => "fddd::13",
:libvirt__ipv6_prefix => "64"
config.vm.network "forwarded_port", guest: 80, host: 80
config.vm.network "forwarded_port", guest: 443, host: 443
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network "public_network"
# Share an additional folder to the guest VM. The first argument is
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
# config.vm.synced_folder "./backups", "/home/core/backups"
# Provider-specific configuration so you can fine-tune various
# backing providers for Vagrant. These expose provider-specific options.
# Example for VirtualBox:
#
# config.vm.provider "virtualbox" do |vb|
# # Display the VirtualBox GUI when booting the machine
# vb.gui = true
#
# # Customize the amount of memory on the VM:
# vb.memory = "1024"
# end
#
# View the documentation for the provider you are using for more
# information on available options.
# Enable provisioning with a shell script. Additional provisioners such as
# Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
# documentation for more information about their specific syntax and use.
# config.vm.provision "shell", inline: <<-SHELL
# apt-get update
# apt-get install -y apache2
# SHELL
end

68
backup.sh Executable file
View File

@ -0,0 +1,68 @@
#!/bin/sh
# Setting this, so the repo does not need to be given on the commandline:
export BORG_REPO=~borgbackup/backup
PUSH_KEY={{ backup.pushkey }}
# See the section "Passphrase notes" for more infos.
#export BORG_PASSPHRASE='XYZl0ngandsecurepa_55_phrasea&&123'
# some helpers and error handling:
info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
info "Initialize Repo"
borg init -e none
info "Starting backup"
# Backup the most important directories into an archive named after
# the machine this script is currently running on:
borg create \
--verbose \
--filter AME \
--list \
--stats \
--show-rc \
--compression none \
--exclude-caches \
--one-file-system \
::'{hostname}-{now}' \
/var/lib/docker/volumes
backup_exit=$?
info "Pruning repository"
# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
# archives of THIS machine. The '{hostname}-' prefix is very important to
# limit prune's operation to this machine's archives and not apply to
# other machines' archives also:
borg prune \
--list \
--prefix '{hostname}-' \
--show-rc \
--keep-daily 7 \
--keep-weekly 4 \
--keep-monthly 6 \
chown -R borgbackup ~borgbackup
prune_exit=$?
# use highest exit code as global exit code
global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
if [ ${global_exit} -eq 0 ]; then
info "Backup and Prune finished successfully"
/usr/bin/curl -fsS -m 10 --retry 5 -o /dev/null https://monitor.chaoswg.org/api/push/${PUSH_KEY}?msg=OK&ping=
elif [ ${global_exit} -eq 1 ]; then
info "Backup and/or Prune finished with warnings"
/usr/bin/curl -fsS -m 10 --retry 5 -o /dev/null https://monitor.chaoswg.org/api/push/${PUSH_KEY}?msg=OK&ping=
else
info "Backup and/or Prune finished with errors"
fi
exit ${global_exit}

1
compose/00_traefik/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=traefik

31
compose/00_traefik/docker-compose.yaml Normal file
View File

@ -0,0 +1,31 @@
---
version: '3.9'
services:
traefik:
image: traefik:v2.7
container_name: traefik
restart: always
ports:
- "443:443"
- "80:80"
privileged: true
volumes:
- "/var/run/docker.sock:/var/run/docker.sock:z"
- "./traefik.yaml:/etc/traefik/traefik.yaml:Z,ro"
- "acme:/acme"
networks:
- gateway
- default
environment:
CLOUDFLARE_DNS_API_TOKEN: "{{ traefik.CLOUDFLARE_DNS_API_TOKEN }}"
volumes:
acme:
networks:
gateway:
name: gateway
internal: false
default:
driver: bridge
...

29
compose/00_traefik/traefik.yaml Normal file
View File

@ -0,0 +1,29 @@
log:
level: DEBUG
providers:
docker:
network: gateway
exposedbydefault: false
entryPoints:
web:
address: ":80"
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
address: ":443"
http:
tls:
certResolver: letsencrypt
certificatesResolvers:
letsencrypt:
acme:
email: webmaster@tobiasmanske.de
storage: /acme/acme.json
# caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
dnsChallenge:
provider: cloudflare

1
compose/01_registry/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=registry

29
compose/01_registry/docker-compose.yml Normal file
View File

@ -0,0 +1,29 @@
---
services:
registry:
container_name: registry
restart: always
labels:
- "com.centurylinklabs.watchtower.scope=update"
- "traefik.enable=true"
- "traefik.http.routers.registry.rule=Host(`registry.tobiasmanske.de`)"
- "traefik.http.routers.registry.entryPoints=websecure"
- "traefik.http.services.registry.loadbalancer.server.port=5000"
image: 'registry:2'
networks:
- gateway
environment:
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
volumes:
- registry_data:/var/lib/registry
- ./htpasswd:/auth/htpasswd:ro,z
volumes:
registry_data:
networks:
gateway:
external: true
...

3
compose/01_registry/htpasswd Normal file
View File

@ -0,0 +1,3 @@
{% for line in registry.HTPASSWD %}
{{ line }}
{% endfor %}

1
compose/02_gitea/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=gitea

105
compose/02_gitea/docker-compose.yml Normal file
View File

@ -0,0 +1,105 @@
---
version: '3.9'
services:
gitea:
image: gitea/gitea:1
container_name: gitea
environment:
- "USER_UID=1000"
- "USER_GID=1000"
- "GITEA__database__DB_TYPE=postgres"
- "GITEA__database__HOST=db:5432"
- "GITEA__database__NAME={{ gitea.db.name }}"
- "GITEA__database__USER={{ gitea.db.user }}"
- "GITEA__database__PASSWD={{ gitea.db.password }}"
- "GITEA__webhook__ALLOWED_HOST_LIST=*.tobiasmanske.de"
restart: always
networks:
- backend
- gateway
volumes:
- gitea_data:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.gitea.rule=Host(`git.tobiasmanske.de`)"
- "traefik.http.routers.gitea.entryPoints=websecure"
- "traefik.http.services.gitea.loadbalancer.server.port=3000"
- "com.centurylinklabs.watchtower.scope=update"
ports:
- "7779:22"
depends_on:
- db
db:
image: postgres:14
restart: always
labels:
- "com.centurylinklabs.watchtower.scope=update"
environment:
- POSTGRES_USER="{{ gitea.db.user }}"
- POSTGRES_PASSWORD="{{ gitea.db.password }}"
- POSTGRES_DB="{{ gitea.db.name }}"
networks:
- backend
volumes:
- pg_data:/var/lib/postgresql/data
drone:
image: drone/drone:2
restart: always
environment:
- "DRONE_GITEA_SERVER=https://git.tobiasmanske.de"
- "DRONE_GITEA_CLIENT_ID={{ gitea.drone.client_id }}"
- "DRONE_GIT_ALWAYS_AUTH=true"
- "DRONE_GITEA_CLIENT_SECRET={{ gitea.drone.client_secret }}"
- "DRONE_RPC_SECRET={{ gitea.drone.rpc_secret }}"
- "DRONE_SERVER_HOST=drone.tobiasmanske.de"
- "DRONE_SERVER_PROTO=https"
- "DRONE_IMAGE_CLONE=openjdk:17-bullseye"
networks:
- backend
- gateway
volumes:
- drone_data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.drone.rule=Host(`drone.tobiasmanske.de`)"
- "traefik.http.routers.drone.entryPoints=websecure"
- "traefik.http.services.drone.loadbalancer.server.port=80"
- "com.centurylinklabs.watchtower.scope=update"
depends_on:
- gitea
drone_runner:
image: drone/drone-runner-docker:1.8
restart: always
privileged: true
labels:
- "com.centurylinklabs.watchtower.scope=update"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- "DRONE_RPC_SECRET={{ gitea.drone.rpc_secret }}"
- "DRONE_RPC_HOST=drone.tobiasmanske.de"
- "DRONE_RPC_PROTO=https"
- "DRONE_RUNNER_CAPACITY=2"
- "DRONE_RUNNER_NAME=docker-01"
- "DRONE_RUNNER_CLONE_IMAGE=drone/git:linux-amd64"
- "DRONE_RUNNER_VOLUMES=/etc/hosts:/etc/hosts"
networks:
- backend
- default
networks:
backend:
internal: true
gateway:
external: true
volumes:
gitea_data:
drone_data:
pg_data:

1
compose/02_wireguard/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=wireguard

26
compose/02_wireguard/docker-compose.yml Normal file
View File

@ -0,0 +1,26 @@
---
version: '3.9'
services:
wireguard:
image: linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
security_opt:
- label:disable
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
volumes:
- ./wg0.conf:/config/wg0.conf:ro,z
- /lib/modules:/lib/modules:ro
labels:
- "com.centurylinklabs.watchtower.scope=update"
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv6.conf.all.disable_ipv6=0
restart: unless-stopped

17
compose/02_wireguard/wg0.conf Normal file
View File

@ -0,0 +1,17 @@
[Interface]
Address = 10.2.0.1/16
Address = fd10:4000::1/32
MTU = 1420
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = {{ wireguard.private_key }}
{% for peer in wireguard_peers %}
# Peer: {{ peer.name }}
[Peer]
PublicKey = {{ peer.pubkey }}
AllowedIPs = {{ peer.allowedips | join(", ") }}
{% endfor %}

1
compose/03_hedgedoc/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=hedgedoc

65
compose/03_hedgedoc/docker-compose.yaml Normal file
View File

@ -0,0 +1,65 @@
---
version: '3'
services:
database:
image: postgres:13-alpine
environment:
- POSTGRES_USER={{ hedgedoc.db.user }}
- POSTGRES_PASSWORD={{ hedgedoc.db.password }}
- POSTGRES_DB={{ hedgedoc.db.name }}
volumes:
- database:/var/lib/postgresql/data
labels:
- "com.centurylinklabs.watchtower.scope=update"
restart: always
networks:
- backend
app:
# Make sure to use the latest release from https://hedgedoc.org/latest-release
image: quay.io/hedgedoc/hedgedoc:1.9.3
environment:
- CMD_DB_URL=postgres://{{ hedgedoc.db.user }}:{{ hedgedoc.db.password }}@database:5432/{{ hedgedoc.db.name }}
- CMD_DOMAIN=doc.tobiasmanske.de
- CMD_ALLOW_ORIGIN=doc.tobiasmanske.de,localhost
- CMD_CSP_ENABLE=true
- CMD_PROTOCOL_USESSL=true
- CMD_PROTOCOL_USE_SSL=true
- CMD_ALLOW_EMAIL_REGISTER=false
- CMD_ALLOW_ANONYMOUS=false
- CMD_ALLOW_ANONYMOUS_EDITS=true
- CMD_DEFAULT_PERMISSION=private
- CMD_SESSION_SECRET={{ hedgedoc.cmd.session_secret }}
- CMD_OAUTH2_CLIENT_ID={{ hedgedoc.cmd.client_id }}
- CMD_OAUTH2_CLIENT_SECRET={{ hedgedoc.cmd.client_secret }}
- CMD_OAUTH2_AUTHORIZATION_URL={{ hedgedoc.cmd.authorization_url }}
- CMD_OAUTH2_TOKEN_URL={{ hedgedoc.cmd.token_url }}
- CMD_OAUTH2_USER_PROFILE_URL={{ hedgedoc.cmd.user_profile_url }}
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=ocs.data.id
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=ocs.data.display-name
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=ocs.data.email
volumes:
- uploads:/hedgedoc/public/uploads
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.hedgedoc.rule=Host(`doc.tobiasmanske.de`)"
- "traefik.http.routers.hedgedoc.entryPoints=websecure"
- "traefik.http.services.hedgedoc.loadbalancer.server.port=3000"
- "com.centurylinklabs.watchtower.scope=update"
depends_on:
- database
networks:
- backend
- gateway
volumes:
database:
uploads:
networks:
gateway:
external: true
backend:
internal: true
...

1
compose/03_miniflux/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=miniflux

49
compose/03_miniflux/docker-compose.yml Normal file
View File

@ -0,0 +1,49 @@
version: '3'
services:
miniflux:
image: miniflux/miniflux:latest
restart: unless-stopped
depends_on:
db:
condition: service_healthy
environment:
- DATABASE_URL=postgres://{{ miniflux.db.user }}:{{ miniflux.db.password }}@db/{{ miniflux.db.name }}?sslmode=disable
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
- ADMIN_USERNAME={{ miniflux.admin.user }}
- ADMIN_PASSWORD={{ miniflux.admin.password }}
- BASE_URL=https://rss.tobiasmanske.de
labels:
- "traefik.enable=true"
- "traefik.http.routers.miniflux.rule=Host(`rss.tobiasmanske.de`)"
- "traefik.http.routers.miniflux.entryPoints=websecure"
- "traefik.http.services.miniflux.loadbalancer.server.port=8080"
- "com.centurylinklabs.watchtower.scope=update"
networks:
- backend
- gateway
db:
image: postgres:13
restart: unless-stopped
environment:
- POSTGRES_USER={{ miniflux.db.user }}
- POSTGRES_PASSWORD={{ miniflux.db.password }}
volumes:
- database:/var/lib/postgresql/data
healthcheck:
test: ["CMD", "pg_isready", "-U", "miniflux"]
interval: 10s
start_period: 30s
networks:
- backend
volumes:
database:
networks:
backend:
internal: true
gateway:
external: true
name: gateway

1
compose/03_nextcloud/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=nextcloud

61
compose/03_nextcloud/docker-compose.yml Normal file
View File

@ -0,0 +1,61 @@
version: '2'
services:
db:
image: mariadb:latest
restart: always
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
volumes:
- database:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD={{ nextcloud.db.rootpassword }}
- MYSQL_PASSWORD={{ nextcloud.db.password }}
- MYSQL_DATABASE={{ nextcloud.db.name }}
- MYSQL_USER={{ nextcloud.db.user }}
labels:
- "com.centurylinklabs.watchtower.scope=update"
networks:
- backend
app:
image: registry.tobiasmanske.de/nextcloud:main
restart: always
links:
- db
volumes:
- nc_config:/var/www/html/config
- nc_custom_apps:/var/www/html/custom_apps
- nc_data:/var/www/data
environment:
- MYSQL_PASSWORD={{ nextcloud.db.password }}
- MYSQL_DATABASE={{ nextcloud.db.name }}
- MYSQL_USER={{ nextcloud.db.user }}
- MYSQL_HOST=db
networks:
- backend
- gateway
- default
labels:
- "traefik.enable=true"
- "traefik.http.routers.nextcloud.rule=Host(`wolke.chaoswg.org`)"
- "traefik.http.routers.nextcloud.entryPoints=websecure"
- "traefik.http.services.nextcloud.loadbalancer.server.port=80"
- "traefik.http.middlewares.nextcloud.headers.customrequestheaders.Front-End-Https=on"
- "traefik.http.middlewares.nextcloud.headers.customresponseheaders.Strict-Transport-Security=max-age=15768000; includeSubDomains;"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
- "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
- "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud-dav"
- "com.centurylinklabs.watchtower.scope=update"
volumes:
nc_config:
nc_custom_apps:
nc_data:
database:
networks:
gateway:
external: true
name: gateway
backend:
internal: true

1
compose/03_search/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=searxng

45
compose/03_search/docker-compose.yml Normal file
View File

@ -0,0 +1,45 @@
---
version: '3.9'
services:
searxng:
image: searxng/searxng:latest # >.<
container_name: searxng
restart: always
networks:
- gateway
- default
- backend
volumes:
- ./settings.yml:/etc/searxng/settings.yml:ro,z
- ./uwsgi.ini:/etc/searxng/uwsgi.ini:ro,z
labels:
- "traefik.enable=true"
- "traefik.http.routers.searxng.rule=Host(`search.tobiasmanske.de`)"
- "traefik.http.routers.searxng.entryPoints=websecure"
- "traefik.http.services.searxng.loadbalancer.server.port=8080"
- "com.centurylinklabs.watchtower.scope=update"
redis:
container_name: redis
image: "redis:alpine"
command: redis-server --save "" --appendonly "no"
networks:
- backend
tmpfs:
- /var/lib/redis
cap_drop:
- ALL
cap_add:
- SETGID
- SETUID
- DAC_OVERRIDE
networks:
gateway:
external: true
backend:
internal: true
volumes:
data:

2823
compose/03_search/settings.yml Normal file
View File

File diff suppressed because it is too large Load Diff

49
compose/03_search/uwsgi.ini Normal file
View File

@ -0,0 +1,49 @@
[uwsgi]
# Who will run the code
uid = searxng
gid = searxng
# Number of workers (usually CPU count)
workers = %k
threads = 4
# The right granted on the created socket
chmod-socket = 666
# Plugin to use and interpretor config
single-interpreter = true
master = true
plugin = python3
lazy-apps = true
enable-threads = true
# Module to import
module = searx.webapp
# Virtualenv and python path
pythonpath = /usr/local/searxng/
chdir = /usr/local/searxng/searx/
# automatically set processes name to something meaningful
auto-procname = true
# Disable request logging for privacy
disable-logging = true
log-5xx = true
# Set the max size of a request (request-body excluded)
buffer-size = 8192
# No keep alive
# See https://github.com/searx/searx-docker/issues/24
add-header = Connection: close
# uwsgi serves the static files
# expires set to one year since there are hashes
static-map = /static=/usr/local/searxng/searx/static
static-expires = /* 31557600
static-gzip-all = True
offload-threads = %k
# Cache
cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1

1
compose/03_syncthing/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=syncthing

45
compose/03_syncthing/config/cert.pem Normal file
View File

@ -0,0 +1,45 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
33356661663637323832343435656464323766303832363037333663393064336439663165313637
6461393832613137623663353337333232616135663938340a666566366335326565613738613930
38373066313664616665633337616138303530343637636162346535633339626236303237393561
3731366337323033310a386562326238663133653666396434663465313936313738313363613762
65643662396237316663306163366636646338663365666632373830363930623534376338396336
30313135623038386564373131613835316166326662313066303061393536613136353065363163
33343438613562336235626437666661346363363933616132353764336633343739616230333438
30333736383434346465666437346137343437366164323964353437643733333066626531383439
35353233376164303336626661366662383535613430363439633131643838333535353833396131
38383530666232643461623565363865323438666333626338313139656563616465626262636639
33653965663166323630373938643638373362313832363331356339353265626262303761316664
30303264386630363530643363346162613539623839653934646330373438396530666436376462
34653365353961663065323730383935396666336163626337633561613139343139316665333839
65656665353436313538636137376633633032383438366665373133396337306138393931653362
66386465336363643035343530376437323064643861363535623135353265393034653936323437
63353537343538383930366334316237376364613730396534356565313135633331663265323030
35646563303031366130383131316637623131396531663862333561396162663361666536306132
32393564383330623739393730386261333038343362626438336462616638616132343035393265
62336338643639333366613163393332336462613230346366616333396234366231636361623838
39373565646131636333393663356130646537356432316261616664356531373063393430653539
30346464656535323164613236303361653033613738333235346230343238623166663462353965
66313632646431346565633339663864613333383432616536386533313863616232323235306165
66376238306537383966373464333532313166393735313535393365616337383034396538343463
38386235326233343132306164376432373361383939633161656232613033363538636435393061
37343837396362653736303436356666666138353735653134336563373430643636356665373236
64373035626461386132666339646466396563623266326637333435633165343034646566326430
66356666626539373462653536313636366530313463313530363538623862626537366639636266
32653137636331616536343934356662656262623762333930653238663563646239643637386165
63613662363235656432313666656331346461343432316530633163303331366239333666633534
64393865366139343135303062366333363332376565646437356164306232643130356261656534
63303339633765373136323665376137376139363265633162653563356262353162643164306430
30306133663565386237373131353232623936623237373739623837643564386131373132316331
31663062363133636335303966356562333438376333356330373166366531393461303037363936
63346630333130303566383264303436393462313431623237373063393033346438633966643062
38396163356265363363396164623664343530383937653663663864626566353365646462666535
36303936653933363964663131376236333965313431653937626332383834373833343462333036
30343537366462376562343865633162383263313365633332396366336238613132313630653763
64343035366561313339316463323134643664616565663331643036306639383163373831376265
66646336316632323034653866653532323934636639383634316163336566383830376238376433
37653137363939643461373538623032613731383731353639313534376466303930363765303637
37626532313430653239663835323633326263656536353330636437376237376339663336666234
39396138323836616432396265626236333134323462623138656534333966613338636132393665
38343662646238363735666564643336383633393963633662333262663131616163643765353232
63613764346437663666

583
compose/03_syncthing/config/config.xml Normal file
View File

@ -0,0 +1,583 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
34363438323537333064623839643261623339326430646533356163656136613639643430333361
6663386637643333613864366634653831386133663664300a343933316435636339393232306535
65343163323064356134333266643431373662353966663435363034323438626133626632663531
3438313765323130380a336537663964383031356232383963636131343063343565643362623333
38343566356564303962303334326234626533656132663537616334323738643965393234643537
38646135363432616435353138363439333662656465396334613538663564613661616430653933
36626338636432303965333364666631396239353331613664613235366363396561356436623237
33396631663866643330333163613430326437343264666538366531376563396163333332306234
31636366656665313732636661333263383235343264356366383565643636373764363138363534
61326231643738386565313637646465343566323963653933376266313430386465613138323634
30393738383833346162623430366331666463376266303637313839356366373361623530366631
37626337376366646335316163373834653461356331346537326262653234656238653466343135
32376637633437626432313966633166313535363233316332313736303838616665303634366266
37383233656134366261383366643235313335363331386336646164333666323166363032633562
35616265643764386535653162316566353033633130303338613632343136366135343436656431
34623532643765666237373765663833323164383865643930393262633863616130363561353038
62666632323164366466653731303733323139376665663065313933303662393664643262643938
39623132393164626530383463396261613336303032303932306434633562396633613263386563
66336639636361303735323539616263323062653531303534303661386337646566636161653865
30613434626165653861633833393236383837323732633236333339373766626465373838626164
39646466656262376663656432323336303031323266356366303531353532376636636337643538
61383539343436316165333331333461353336613532666635643231643563323061663764373231
65336433356138623439646561623339353231646236353761393731636666653761343162383831
30313861613934636139393461316462313664656434666165313563316161346232653465663033
64653838643864643762353265363235633333613561386432613164373830643233393065626364
34303366346265666138343835343239366331613435396165323734666366313261396134303531
31313339623536313530663930356239343864323365393438663665613162626266626332353966
36666230316638353532366135373431303434336165343932613034616665306465333964643130
65666163323630616363323731336130393363303262343232653135353031376236663330613736
64656562353261393363323433383463323538646332336330633565373461333562646665353166
38663564386465623837623334663363656439373838303465356539373233373763353633356564
31316530303739306430336266346435326265643764653332323633343338616232306233653138
32323638353466663665613939313730363362363234656235323061643137363761633333383539
35343965343962303439616337363238333636343537353431303662306637383761656366636131
64323936306238303530323336643565376563396337306238333634396239393161306133353433
61623736336639613331393765626465663036343638323833626134393335316339323766323734
35663234626330666432643835333135613766326364383138616332346434363732616235343731
38376335633537393731373633336236363838326462653764663531646639306266646637653230
64353365333266633338326335356437363034316361663631376563656365643162653637366339
39643235303832656133633063383639633930353433333436363439376463393639663038353933
61643430316439376131666330663165616233333333653732313265313338363939366366636433
39306664613931356531323839353733306630393435383332366336636537653233363230653235
62313264373666613866353634336266373339336336653036356266346631366231356635316136
61303666313737353739336535336164316265666630346133323935626131643839643139366565
37356133653339653662316433643561316634343934343762643932306364313132393732366638
66626236373638346561373532613464343731633731316264663837653966363565656466326339
61646530313334353833336335376232353935356331653236633839393038333735326238333438
66653631633463333432383262643065383363616433323163396663663537346639663135646637
33383237326637623064626566323830303766613861333530613135616634323633353832306661
36666137626366663033663339303236333361613934383732663363383661386162386665613037
61313334306538623166663836393932313562333465653034333634663061373538326630303437
36313636373036303731643662383036306133383630333030303635333634623430333332323938
36613265633362303363376530643934373437663939393238363165313163346534613930386664
37353436396564343037616132323734376331303065363838393264656531343034666136623634
38636135666135646561316239646632373865343334616239393636353263663538613066333163
66393539623764316166336437373033343936303230653362393131386334393262656231396432
65333837363837316635303962343239613835653564333536366331633933643035383131656264
65323033626461396332663031336534653862653432386661626166656532326236613665313465
31653265386666633436643239353133376466353461343932343638343139363133643231343937
30343862323435623265343831626561613263346365346139343638396262333535333263323930
63373536636664353732613661336566313766386335653739346632333136623764633434653936
62373730313731663334663435623438333134396437353866663062343238633832656130396539
38633535326364613531663962623465303836366565636530346538356534363237626138363137
36343933376461346364396535343039373139616531616331366163346463623962636266643863
30663437643363383131656464613164386263626233623330376463306435393166346131393639
61353331363066666462393531393931333631323130616338613138333838353739666463373266
32666461633064343330636565326132366334393732646330666261613666666533656662353139
37353661636132343564646364653535306664373430313661346635613262366266336666666166
30663666666539636538613030353737326336376530353365646662666534663537303337626436
64353933343166363032633731653330663833626264376232666562623836303137663137373331
35316361363436653634636430313366306262333235396466306437643337306134636462303135
64303739616330666635633333303061633338323935386463653338353964306366643832663964
64623336643832643638306662646139663562393735363338656537336238353739363539333332
32333337626433356233653731633532356238323163636264633462623062343936396663323265
63616432363735653063356563343436626431353430376262363135633161373231326632306134
37623831363135316162663331316365326163646530366364363239306362373661363438643262
39633161613537663032656131346139613732326435393363303238653434616636666234396439
34336265643436633162356361303238666235663433353130363732393466323434373332366564
66373665376335666366393233386262386132386236616663313166316538653262343064333738
35613461346233323934393231646461386665326332336566623934353538396262306139313666
31333432383934656664343364393562666262636433373030323339376431353232373166376238
63616639356266663336626535643230303963636232613665623561616635613434356239343165
38306637666661633563333863626563326333323261656530626232396363363635363131653432
37653237653163393134353638323436356264376334613231303064393634363961396132366632
65643836356139353366643464363566353835383033643735363334663031356263626635346166
38643532616631366662373366366435356264653563623538656264306432373731383333613630
32653134626264353636336130643338306662343634633962656261633239316233323366323965
36663933623065336538383261663437336639613231333461626161303331373735616130626534
35383031663531366634366539396530653165326434653234643465316237316463343438633737
62393037333838316230333761336439336139343934373863336263346164373932343839396636
64303666373166623465353463643333663032613661316138643636646236373030303062626530
37633430613736373961393131316339303536376536633833663737303763386637643766343062
65313837326330333231613566653338376238386134323030613866313065393839303137656336
31663664373232373963646632646535343133303536303864636238326264616437306332643866
32343232643363613736306236336163636537323062356262663265326233343434613931313731
39653436346131646130383265326166626238396336373131383061393033653037346462316334
33316639366561336334326637383130396132323132666635343732646338616338613634666236
38313261393938633732636163643339393166666234306239636434633935313031363636656334
64333064396135646438623261383039303531623535323938643532643235613164356232323463
63326261313334343039323533373731383939373866313865633963633834633861343365316261
35316334303663313862666530346237613831346331306238396332326366666134623361383635
37323733666562383837636138393164343465616263656663623361643533303738646133306463
65306237393733613632633633356266313066333034313332623632623431383332373934323931
36373062646531343635353933663763626566353463666331376561316233326537623235613438
35356136616466323932623962646536376466613563303839323562363465366139666464393138
37313065396561396334363364373961363532663539393434313135303933613636373931376431
33396638366434646531336230313861376133393032386336633035363063613736616362643136
33303061386462333331643166303263663863656661303766343364373264613835373330383263
63373636353334616364333234613530333334663737333564333135643336646639346466353463
30316136396534383831363562663130343831343666643161346437636332623535663931323466
39326636643639623562396263313837666631366135623035363062643538316634616332663662
34656135666562353539316164346235306366343039646139363731346336623635613862636435
38383039306636613936363337376536366461613462333736356334333030356136666538623532
61396632303366333964636435303933643938633831623434653063616537376634393434336338
62633236663136636163613164346164613233356230393262306230383265323061396533373235
64353838653134373639643563656562326237383030313834656464346330626530633565666563
38366133396634646536333137313935626434656266376136613266393132383531376637653430
62656464636333366536323135323138393434306637656161343139313832376265386334383433
31373665313336636631636361303461616338653664386431663539653435656666636332383066
31383135643138303166356633396137653064633939646264613266373037343532303461636438
66316663303861623333613537626433623930623135336436313266393032633231326631393533
35343334383836386332373234353166366437666232343633613936653066386264383364633962
35373932313335376437343066316139386632303735356164613465663734616130616532386265
34303561646639363636633966323563323164353665393962333036323862626637316232353464
36366163663966616531383034373030336335326334636261313338323962663931646531363531
34623761313833306464356532356561633639653266383933613938353836323638626664336536
36333236663466623061363165343037653733316264336633323761356433613839616565643631
33633937376631643465613165623636666335373032366266653832386131646366626137623263
33313538643734363364363532633366376662663634653536396131323830316630386534666338
36346666373161313464313239643438366537316237653130396234353435633231626630656361
31666339316437373933343632393532356634356362663065613039633563623835633139643238
30383930356634643933623236353564643231373837363630386566616531303364613336366365
66663863643631633331343830623665316633303035383065353966303061306263666661613331
37646332313332613161656162623532626466376232323433323063303731613332663231393831
33663063306562653465326433343762616131626561356335313266333762346638646136613139
39313266663533363161356461333336396436623136643161373331353565623164626635363961
39313937393564356530326334323832303238353136326330633435306537356664633037663730
31306435366439316332393764346435396638653038393362326663363566373263333031616266
65383539613233643362316365366633343066386131333166353662646665353732313963353931
30643938323335313935383638343936623666393032396364306161663938373638343732393937
61306465383263386463366335613034396633343038653438663431363331306235356431353232
33306666363835366636376431646236323034646634663935323636373366303633653636653237
39353137643131323261333161623136613238323464623739313939336562366537643466626262
31303261393161373039653861353731643862623065656430633930656131323562383066363765
34636466663065623734633739396261306438323036303134613062343662643139653430343035
65613161353836386130643037326133326238356564306630643339633265373864303830393731
31626334356361393464653564623536323862393662323936616362353863623065656333656332
64303464663062623132656439316132323631633933356333316331396135376663373563636631
61373338613532333435656265356633663138653463323731333365386336393065613030616130
66386238663331613037373863306533303233346531303462646635366139613237626566326531
33323039343338313663303237643037646264626539663532623338633861666565343038346639
62373035623562633532653563643339366462653832356334373665346432313363383561366364
37323732313366363064343632636531343232373134646435363637656132323061613635623932
39353264363837643530333037373065356137303964613637336435346363343266346665323761
30656337333939346530653161386138643438313762373536343131333664373465333533366265
30373365623863656535313638656338303835366361313836373661393539653961336564653031
35393761653863373736663863393734346636353338363964306465383364323164316232663235
38613137663835343965613333373362323839616430653761376430643466333838383831633764
31346363376262663439646639623261626264643030326162616437633761653166303562336562
66336162666438626166393665363230613737363936636531376662613834326533326631616337
63383530346337356133666336666263303935613539656238313363303133656631656132343266
38333035366466386631306338346330653132343130636165363365313535633233363739613830
63363732366537663336336461646134383166653435396234383337356461336132633965663032
64333235653335663031323535323639336334356338616431323666663461396136333532343531
64333964353633313036623335636437346333306161343532393063336635386230623933613132
35613030326237653337393237633037633536633737313133363537313033363264363139623861
33386262343564306661633932643937393930383462663363356534636562393561626139323431
33326638633166393561373638363961363961306165343235616462386164643831313439613037
34656336653134666232383363336536666564653936316366383734343633353631393261383135
36626232386431306637336263666232333362343165623737623262623231616536393535366265
63383830373431313935346362316264383333633737613932623063363161363466633533333561
64656530336337653338616434636663656663663265393564373838303836663734613536363536
65346635366231336231353264353061363133616161633032623131666331643638643236313635
35643738326266633566386232393736393064666264346434326138616361633032343034336361
65663764633264303437373932613038616438366339303738373731666264396139626132646439
64643839383565633338623230636535633338646437636364373161616362303665336264633439
32363166373735326239643130316165353934363263386532626362383839366565313135376137
30313864646262303862616237393335653438396262306237646235326637623238343532336434
32393231633165306232313065623166333335656138376365656333383039666266383263303932
30303764663231383765656266393265376262636165356330613333336239663161303138653664
62343734383262616335353166633635373162336238623433353831343335353862363138376630
37393462663831373335663863376230643837323864643262623831643731336234623066346166
31643035383634663265653039303130326136653834383765356437386334373135353634633464
63663838373834643762396235386431666265316263613937613666353963633363643866646531
64616337353565306264336239373565396638633966343136386430613135303265343238666331
33316635656132653331303630323461643230306436653132306230326666363338633134323732
63616238323366623030323630666134303963663663623238336533663465653634643662343836
39626330393865663830353535343430336263633737636466396163613837386536303639623833
32383439383638633537363263393032646434623338343965326365373330663034303863393138
35356462353139653963383361623062633633366235306230303633653863353761626331366532
62366435363633326531343231373334346336393539373035303237396333326466363732306431
65343633386238353265613466636262646438373061343830306565373762333661313039376366
35306164643034353530363033623461653763616431396436303034383134613838336330313537
66326632613334663133316464393662356264396134373531336437633265626165646532303134
61646631353739306530393666333831346565333532376639343338393033326530363065343534
32386566343463336636646464323463666363313863366339333931353135366263303831663638
33353832656637376139346336663064343839323665336139656163356165306237393865613665
63396561633035656634323866646362653837303565393838353235316663313932393035323561
61613462326432366332396134386137633036623630663461323261653065343635376664396663
36396664313163306335666131643164386563336362363631366562316263303538623966663739
34343638393963353262653961643331373037653365653934336337663166333262343866306161
31386438616637626165313738616164303137636632653233346337376633396439646638666135
62393562353337376333306634303864383335663632623762656463623765303335326430303863
62653334393962653430623161626337633063666338653432363136303166393661623733633165
37333535346334343232636130336539366239623739663965316165333065373131383736366461
32356361396330306362636434393830646139653137343432316433353731666564363430666163
64336236313035633033303730646564373931653231376262396466613533366231353064636337
62373836623762316266636233353762643435653265343433666632643530313435343036323730
61363764303736346664316466363566363330323431343034613231383138343839346662313732
65306631613265646531626466366632303930386666323563626466646330373539373764316637
64646331356332313738306334306264333737346536633434353430336239313937656664663738
61373435663838383765383336656661613833303331356561303032373866356439363561643963
34653061326637383132353064633938633337646235343663626235366631343231363037363461
65656331616636346634396239656430326133353935326334356666666133356434636161386266
37306135373865643636333364613265626266373763306266666531353961326336646237376534
34373839306138383032366135666538633936383435333131666332646361653031313065316165
66316333663436343638306437353365316361616265316165306435656235636664643261356431
39666332626630626433626665373533663334643634346266326436636533323736393439643966
65336264616336376431343565666637343863646365393561336130643834663264396139393538
63353238653366366134343331396364333330376165633236393933343732343237656635643930
38643936353637646539626439623236363036366139333566653837396232663363346434396337
63616634396633343466353535396531316464383136363032633763386261653064353763333432
64616435633332376363356138633338343933626538393562353631626164656131643262326633
36363165306261373930313232333836633664643838326161633963323132373361323964313531
62653137366666383732373134333935306135663364373037343333333565383261663064653135
35383632636664656466383462623962376339363035616461613830623834363934323635343665
62363732663635396565383733396335613534303464643035663039323066396561323838663061
31343862636638393730623864623161323631336433653832353139303638626264616238316339
63313035303239666236623165663830666366356462303365363933376263353735373364643633
38613139633439386231376337653861623563306337343932663261636664383335323034626663
66386165316135323836346531303736363534313766666234346635376165393262386531653139
36313238323132343163313735386139323734333063313836653964343566303937383163336164
61373436613434373534376630323335623834303337373133336532626539616336613536313538
39363835353635333962366166356137386533646665393430343030383565343338346132373366
34333231343138313237383734653435333338326433633635666338333337306635646635623563
37353563343233343933626333323764393735393264623161623237336339326464326131663731
64326264383335376333633539636634326466353037323837616262393037666663343766323537
61666635626164653736616231633465396363323833333165626465316235313132346133366435
62313231313533356566393538363434313066393062383364303832393731653065336531643265
64653733373264346231393765343831363433396539613263343466356365383034666264326663
38356632623335383833346363393436616666663433613133336163653730663766633434643833
66303338303033323631633161613432343336613730326630666336636639653464316334616134
63393764363335336564316237376631383636633938393436353838656564633539623862393436
38623334666236343461353633303166376634376336356238633361363438623733366532386231
62656366306563303464383139633630333730323537656631303038303939383033626266333164
37363132323834633561643361333738653662353332376537633633313832323930393162386539
62313265333064666531353438303834366366663934303732633231666661626566383630653234
33326139373135346135356563663563333766663237643161633361386462656564346336396465
63623739393837386330623961623437323335653038386338396433363438666334336436303261
38636562313961336264613139336635336135393531303839613733323232393736323230343130
39656133626332323631636134666439336332393736653837333764306132343930623839333635
33313031383334633866333762663266313037313661383035366361303331623930666433366465
65386665356363623430656631333763616665353666383161353665613832393235303735656230
66623665313236396133656436343930323063656362303265663537333061313930303037616235
62613264376132356437316136343961356238653733303932303436313335633039663435653934
32383563373965393662643934373963346231306562666536626335383838333036303764656336
64333237363733363163633037343736356635636263376537616362373761373966373061363036
62363631613261363466646561333566323364386237333962366636616663343437636538316331
66633665363535646538626633333039636636663338323330363632306533333862303931333762
65323738306538653866626562666264616233313030663863336164613561353865336461663230
38633863633734363637626661653638356631336137623563656263636537643365323331663035
61643537643634636131303434323162343137633466386435643264343034363133326630326364
31643739633634323664373733613936326138633230313737386331373838326462373330346131
66313139653134323764656135343333623165353133323337326637653238333132373438333562
36663030323034356362623735333838306537313064373137336432626264626131623361353033
36376333363465653237663764366566303261656462386166653936323665323363303066316635
32373537383165323337393235633163666538613462366536303963653231653264313931366237
39336339613130623039313565316565353265346535383133663432346461333138666536383562
31636266386137366130303263633238316336643036393764643937623732366563313262653236
32636663333166643839356166333033366631643762326633323639316331313335646562643161
32636234313261353766396162623562323037646139303239313366626564316561396537663438
38336436353338363239343631326335343335386533376533373864363762636237303337373962
39333763346561336363353465653963326236633561306664343234366239356663616532633864
34333231303765333966623839396533393465623839316434663039303339303265636231663432
66616565326339336338303661386663383739633436343530656534643433663237316463663639
65386161646535306133333134383530353439316430666564626362326133386366613161643135
33376563313234393266663437643963366432393263383239663931626361333664343735666539
37356335656561353333653166366239326332313437356231656235633366653035666436396638
36323361663038376436366631356331313863333030646335353634613937316530316534306365
38666138303034386661316563363462643734633232663237323537353735383664383331663133
65393333336332616238613565386365646265643434326532316562623334353066643635666261
62333336313064323562623264323465316565626236633866616136343663356131663638333265
31613961613861373135613138636634643439343461663039653537633336653333356633656563
35626238656664323938336562623030323763626564323137313464303565613963626333383463
37313761356437626535343133316336376131303632393031383662343938633235623631353562
65333631623837326630333730626432656639663335633537343732343637333233303365646637
36666465343335393931616664643531666639336436346566623563353465396438333333333034
65653833346134316430383037396131346637306362626665383262343037353231343463633432
64323463366465613230633035303963663966386439623436633935653961363562623030393464
63633330626264613366613164396366646563343563646566663263336233636635323138656437
30353336303563363965646436643836353335386261343739333866623835303562346264323732
61656532656238353361646464386230643734633463303163633162386563623664306539336262
30663066373163333535343337633363326461306235633263666366643363623132643964306362
61386634623463313634623762643761656536376130383964366134356662643132376564666365
63643466326234316137623963383033353939333262363931643033393439663838663263356435
35636634333233636530326332323365313462333136316534346232343432623630313236303833
31353433343633363438663361323130646165663465356635373632333131356561393262303938
34633536343265383233323866333032663134316363663062343965616561363364343266613838
38613133383763323966383933663339373331626564343839616432353366323836303565313735
63303362316232383539313538303331313534356135633130313566323337636362383363623739
38343261396230393838353734626337643262393132323165633938346630376664326363376662
65643433323734643235393831386364663266653432386231656537303239373932346630323263
64613834383138373132323630373564396330633334633161663465333365616338353262663038
61376130346663303964376264626431636665326131643436303635393733636566613665643532
31623162313865353231333431646534666364366438313861653139613830623931663735396536
31333434353463646434353866623863626564373037623265346161346234653338373732396364
61626636333338636638346133393739303461353433333134316462656261373836636332303238
32653464626431356435323237336431636439353837613861323161313233326131366163313665
33353930633061356334383762656366626631643930316134623939333464633638353433323261
39353561386134323961666364653535396631633737313363643235366239623636656266383932
39656261373036643866373965653333616332343836626238616532353662303437623262333165
62326162666439666334313531346662383031663736303365376230396662633830633930373738
31663031363865663734643336373461323635623963616432326336636562646635373339353837
39396334306566393662366566656131386138356162653164313066346261326261663562326466
36663131633631656333613665376634336231336530643666323562636338323233386139616434
65613130626161313435396532323563313034663339333761373865333461356265653834373361
35616462326633653735636333616237626334343836623330363236323831396632343363366532
65633434393836373035376262633566633830346631303465336639623332616632383331383438
35376538343634303239373939613131333131353064313436373831613434326238353833663463
61613362663539656533653537613631633064363530323462653365353031333539373664366532
66333463396666646465616465623766373965623564313637383139356264353163343964383838
35666335623235666232633762313538613066623935346164386633626338666665626431376331
33393134643733633934376431656131326332623237383335666331643638386333353830363936
34323866323630366265663033353033383338633932323064326334353664363165646230623935
31356563653463343261373664373464336663343235656434323631373636623266383061386164
39376465383966666235316563373836653832393634316630316231346661633235383636313238
37303434666565626132633531393931366438633532343264623631623564336665323762613533
61356638666634303739333331373434306339653335386566613031346630313638633336663537
32306465623931386263336239336230333037313836646439336238613564363531386162363138
34323834313666616430643465343737633230313032336135643930396263613365386565373562
64356639663766366365356532626631373330656539393861623931643337663561376236343632
34303234613332313134623832643732383664623236633237383466373063343832656538663133
39353836646338636666656638623137333137616263323265653137623131316131616338646636
36346162646264336235306338653561393438633161326462643363613834623431653861613131
39626131323135376362343531353038343363373535306436303432393761303939366434316533
64346333373032343833663739633030333838363163666366633432663932633334633037366233
65356662363631376363356365353166613865346433623961633938643838666235386162346466
66396466663961626237636265353230303831313731386633386533363162323164376261353938
64623362346230376534653038613863613661373134376233613166333462623736386139316262
63366364613864633865626361366437663862613731643962303065613338396535633933353663
34643435396333343537613762646233323337613265386437653762376461626638653664386266
61666633346333323330653764653464326162363062386630303239656230386530326334653662
61366439363065363566346338366134313838393565626433313661393461333231373565376532
35303336306264663437393736393762353666346635383165393161626534646535306138303266
30393539313664653339313733306266326564303534346535343233313861356139386465616462
35313933623761323833623936613038346165633561643132333662333862353138383762363038
30663132393565356462333337303836396436653031663932366537333163613765386335623866
64313033366365396166376365653932643630353465653433343036383761633663333532323464
61383334343964636465383038303366623934393036633762313230383139336232663461626333
62303234336230643431326333663466396438636561356262366331336161626266353634323035
66653164626662303765336331643737616530386536316236643630663837386531363661323530
62376664323633353966623764373236376631383335323636633137386363633566356562616162
65313462383334623465643265353839333433343866613632636364636163323136316136636266
63643566373234383033343032663334393234386534643066373266616264313962363433306336
32303165653662366161663136356537366632326639626530346436396462393135616233333634
39373265633132306461646463383531343662663734356334333661383738373161656164666339
62623230383366346562313935356638626261343266306239303837333263643633336536653634
64316435343237306137356239353832303563366331383365643666613239383933356236313861
32316166343764666432393738336565353665386665613839626233373865376163393939303234
37666636656439333530613039393437383736316335613666353837383937343731346239646261
36346431666637393537353834333661666566623839663539383731653030666264346465613233
35656234303432323965356138373336396135663061396335366331633534646530623033363532
63643735633763323035363035346238316266373233396639383536623634616436646264373832
38643862646430386366613336666539616336333236343935646165313834303133303662366361
31343564336438336237353638643837656462633839306536666232346663333761666436663062
32643236393162313939386164363263636431396263616530656161363361353564383931303738
39653136376666663965363936356435343437663634306536613363343231653430323466333734
37333862343632306666343437623836663766393035303432633063323033383137373662313139
66623930306438386434353063613065656438306561366139303335336634353864383733646436
38636638633762633566373536663233646337306539636533333534383735646436636232303566
66613532386466323332613339343538323465323963326330323830333536616232613437373563
37656263326665343532356165623735383139346263333537393730613262346433303865363434
39383130346633343263393931343462396239653564613530303732326532393466363162633363
62643265303331313763653131376535636333653934303366653963653061333362613464323534
37373838393633346665373833336439666231636466333165666566336335383063646430383831
63613334323363313135366664663965333566396563363262346562313131333366343834326565
39396663386539376535643662376266313264366663613539663238343731643339343365666463
66663434663938626332383963306237373435313562643035643566613064336166373137613835
61653230326536633365383464343862356430343265653835623264646438323333303066356364
36306266626432313431393133363966333437633734353732356332356231343632663935663437
62383131316534323737323233646431623539663438326365343533626531643066643936383764
39363061323133386664313331346563343031306134336530633061626462393565633865383166
30666465376635636366386463376435646130633336616463376462653734623134303735326637
62613133353163326530353464666333633865323134666233643432396636313730356332333837
30343062393430646461396235373136303435313737383835373266656631383265323039623163
33373461386665353031663665653135366533666262653039653534653566646432343762353766
36333234373261653733383837323363373132306533656339393563663934303737623131303361
66376637373333363232666663656534626537666430343961376364343638353365626332366562
34653163633564373533333861333762613934666633653961663337343361363439306434303636
36623536653562376235356564656437643338366565653734323735326465303366363637313731
62393834326534373261653461373663376665346263613132646263323966316463646566376265
39643833346130373665323763346138653037623066326533353537366166373065613830653261
65386437646633363763363235623537656335356138336564613434613334353562353133316265
30363036643937623964393738613833633032316431313231376533353534356537323265306530
33353265623633333664346264343064373638313238316666613534353537623135306632333662
61663664653533616364343732653134343338346164303936323136316232653061613533306166
37356133383564393436343031373832383761363062356136613434393431313261373339663230
65383163653464306334663939646262323262386131333064353738356263663165646337306230
33323838386433616135613466356337306234343132653762353263646366353839633765646166
65323437346332643465313832383534343538346631316237643536343032376465393836626562
32393939383836643166376662373931613738303633623264653435663131323261316339363439
66656463653232323538633931303131323933373135316437623836653031343865393530323933
39666661666535616638626231616337643962653163343762353230393161303637356661366236
30346335613662363266353861346131333463623138646535623933376637383837633330336462
63656362636331313163323532393131366637306134363464643730373636623933333664336134
36333731666462653037363536333535623034626435366135363137656466356337353431323432
30346665663563633564323065303264376439653639626131383264396436393039396635383938
66393137373535336430343361656133383962373031663833336634323932333830633331333033
37343937303939643839393761363433613966313163326466653232393561313966386264306662
34353061656461313462306163353266333731343965326239656261633431396334336637363035
66333539616439646363333564656635326262653234343332306434383862326438666364393435
33633961373232386135346431366661336566356232386563323263323466353033666337613537
32653237336638336637646533383564663630643463333666623532363365343237656237613138
30613232326436383137306566623632363266636533386132373337663934623331333734376135
33323564323035313534336239636166656235356661376662353738346232653835333737346436
32663833613032326133646663613031343066343765623137356632353234663733313138316663
38343532353932326664656139623566656563623066366132653938633433613036623261356530
65633637333864393031316430316163336531326562366232376135373430383930386332323131
32373463383636333861393830343866316166373136333134353766306662313032643362376662
34613332653439313233346335613035383234376661396661646465373533356664333635663462
31633536653863653661613136626565333036383638646537366266373937383937386565623035
31626562383934386239653531386165306237626263643834313130633835663934623061363762
65613263303139666536303136383065303662363538333761663463343639363531613462363534
64306265363263396132323466326432656335326433316166373639343237363139333039373631
39613532626535383932373033666365346561373936333738303137333139643338346635396133
39646163393133343963376438333938643662306339663962346161626130656436653737623261
62346332313031336234303461376336666561323130383565343761316463623137613161363862
31326630626439306564326635656630383262623538383538646634373131616362333565623566
32343534313664343333306438626466316435653233613431376231393764386339326566363634
39623433356433643435626231646137316364346437393235313930636166316139333137303030
31306166643733646337323930326464343430313165626237323539326230616466663632336239
37643239303863663736386132323565313832613737373337306130316532306534346136613166
62346264393539373533336262336432343335303331663861333062316239323165636435313236
38336239623765336131663061636430646133396530633639383830326664616266616462366664
32396363653934613331653534396662326434336662656436613134633439316161656263363937
38653861376232303137323135346134656661623233323030323034623132663362336363366661
34656238373138663465333432353730306133613261316430363062323633613137363837383738
34666365363663613930373561363234613463613864306463306339353066306139363238363538
39336239303066623865363935626434333335353235633766303564633335653131663036303832
30393362336632343638373966623734623533316636383263623031656436343639633262633461
66643934643165393132303763663931376435666661666434666162636566636530303334616430
37663133333836613066353161666363313265323666633162653966366637323239633435366136
62376134303533663637313063633461343061386239633130363662663335333335613630636238
32623461393237663333636537326636363565386537393765643964633361616161623230663133
38666631393634333763373166633161316133613865323462303866333837636132336461643431
31353766323364396530663035356535373331303036366662383133336333623732656235363939
66626638383164356337383733353333633837313035633834653437356562326465636565386234
64636162316664646237623464626534376466636331666664626262353466373930653463643163
38623163646366663139386261363635346164363739666339626335306136366636336632623464
39376165623034326237353434643431366530343733386432356564343863393166363433633964
38316437653462303936303162326563393832393036666133653533383432306338323132383634
32323733616462353834633731303066313634303065653665386634316563393636653936353136
38613437386662383332323131636235366131656433333537346565616261623639646138616230
31336236653537316563383765303063366165363834393662346131353463326464663038623661
39653361373763626635363238623633353135313431316531336238653562636564346661376439
39326362353537383062353639663061316236376636353736646331646633326139383939393636
30653764306336353966323461656363366262633065643436643430616362363564313538336661
38336464373361633863656234666537373530613638616165343037646234373038303635356431
65323938613235633930643930373565656530353766336235346537316563333733363765643262
66646536313431653530373666613162333337383765333838633265343935613263613936363339
37623665393937633437343466646561376630303639636230653430376563316463386535303862
65666561626366313564666630356334323563303636326361636636363735343464393030623736
39346563343765653131663563363633636566316666376239306633306463306634336237393764
61386332356337626230626330613162643132396164343164373736643764326338356535336661
31653865383762383838303364636430373164343733356564373534346636663965363865303965
63333336626233626233373065326461336162663061373336353536356539326331373437333633
31326632626132616332653361616139643037333734613235373133353262633135613938316666
33383633346265386365636331313730623565386235313638373330626530336264303963313064
35646663393039353038366331306364616165396532396630633334326364306231623431323034
36626136396532336163373535346262363738386533396337643339663465393230653436333633
65306632336162366634323632346634383834663736656261393564623965626362376161636631
35396266623930363534643664666665326664373935666338323461373030333761353138353630
32346538623136346534343565303565633865326331343530376636303233323130616233643930
30656666656334366631303365386366633138316239376265643965313736666633663130646666
64626566343064373837343465626333626462353236663232346362633734393564613434363163
33386133383232613935613562626163643863653264343637366662633464326632636134353465
34363165323837386362393634613932373432666339623936306162653531636164353061396462
31633166323039343361373137653035313037343365663838353536366162383336306631323137
37663739366461356438623761343632383863393866323837656138623635623263393433323736
63326335343533333838653534613761393262366564613166663838346164616563376435636230
32326663336163653238636638623961386636363163653062613532393630396135336135643166
63336134386464326265376534613439646462623466653864396137386165653131663735386561
66356362626466643330326337653462396639613861303765373264396137663466386235663036
30393563393836396265646366643233336134623137613261646266343533323562663266623734
35333665633833333363336634333865386335653063316534356237373539373432373366313862
37343836396333626163386135643563646439376362333137386530333166646563666639306537
35633066663031613436396330376339343465333631643361366261363665653131333361653864
37656365663163373561386566303433386138613033623764313966356365613161646562303739
34633437386337313836646238666365613731343232633334613366326237333063663664643566
33343734623063636332343563353932616133383661303337623066326461323436616535313836
64666433383432313939336530653038336231663531663937386138633239646439386636666661
35633332396261646134373765616361323934643835383938336563373965373461663638333965
66346338393732373231623863653465363866623733373635343533313866633834393530613233
37373830386537336636346436643561363363643435373637343863623534346438303461363635
62656263613263653134316432663130386337623766396530663064383437623231613461656432
61396538626166396464616135353933663337333534316137663035383336326535333832396463
31303561383465383638623265346164346531653736393133393633326430616132313361653461
64643666303764363733373735636365666131323034626663343830643464666532623562373261
64623738366435333563643161396634373865333631633538306266363437323663383062313538
35303831633364353531336561643366393134623631623435316639363266323436343164633633
62633831306465356534316561626331613739636563376365336430646532303864383031333066
39383664663231333937653139303231323432333834323235616565356238666334326437623962
36643462616534653062326564643537646663323932306264346663396663383935363632623535
31643039373131613339383162363862333465663932653539363631656637393961653933376230
33363134663963343530376363323762666138663837306632336538316534313536366165643432
39326332336535363862633463336163303233656364313333646632633636343236303039343539
38656138636534303135616362666539346430363961343538393639613162373439373766643862
61386662306130656131383236353266623134323538343035323634383464653465326161666136
33323361363864303265363037306438386435653638353561383366386432633531336437663339
39353438373361656561633035326664353439653564333762396337323331613665643436306338
63353836643534663862306530303434643430396334613734663634643635303130303964313762
64343731633162643661353536323335636462336265653334316564323230336365316562623866
38383432623737313238326631663865616462323334653038643261313837393165323431353865
37653961636335363766326334623636643165313464326235316634383266313630316338333461
31336135303635363937643739616438336430626637393734346562643531643966376232343430
31353530353864623664323062343731333836336635393035386264373338653733656331643132
38633430346438363332353135623663313466646333313037393239326635343838623038633933
30303233653366616231643638323036393937643238643262313238663537396162666138353339
32653637313737393964353964343331656331333862393864666637316330313762316163323235
32363566336430316538636263313366386465663161393965636161393763353437663036363862
65666533636239363866653836386336613066613063306432613734646630636639393461336563
31376337613334333566623936303165353639346639646238393231336566326431333534336262
30353938396539336434393061623961396231353866633965376263383461383365393033363237
37343532343337393239666435313738663766636239643739623365343739633961326162643264
62636634326564623963303066323866393432343737373162396233306639663862643439383533
31633336343633636262636633626463623763386633383665303965353030613832313063646634
35313939313738306566356433333364393462336239396265373564613365353735346639353539
30316531343630613864623239323433323363373438363363373139306531363738376336613964
65663562396338656534626134633837386163626466616133656632653733633761666132306634
34613136653464393037343466666331373635353939363939336431353063653632373539623637
66663033346231353731323333376666323131346537343835653930396632363265396634633331
36313466373263306664633966643430626362323134323962346638376665363833646562356237
34653638653733306265653431353536616161366531643233323931306366343463373266643464
39306638623035353765616462633965316534626137623165383739393539336433663336326437
33323938343165326662626137646331623937366230623435623636366539323730623635346439
64613239643939363931393235636332303439643937396132363434386139643734366639316236
31313363316562373437623639623265613431653038633637333433353936326234633734346532
61396333393439613538313636653836646533363765666134626432626230643133626531363835
39373635346134626535323938616537663462313635616234363565333132636233656164663365
35383263366331623432633561663837656239393264656364626530623637633434386231306235
33366436366639326566303564346333316164383530393061316535356434623061376165613934
32613931306164613839383636346133623234643736333266353938366132376234613431326533
63316634386463303635386337643066373666396363666331366337353132306365383864643566
38343664623734653264393065336464333633383238363531316361383736383436336466663132
37393663336463343962626239326162313665323163356263336166376461306635363062653464
31323438373462393961373562646430316461326466383864633463376232663931616562323733
35376463343236356332313036393463663837323939663130636532643263633130353432363363
30393865366661323338663637336637623961353666343063633933376136393234376565666566
64326434373230373461393162376236323835366136666263366361366561363434646232356636
36346139623062353932646462636265643566666666336236646531666535303933306437386136
37323939376435666466393938633530363163393063656265626336633436343433653435313531
61616361663733303264613662346337393131366134343963653762386134666139663763623936
64643264393631373464333461376537656334656665643537623234326530666362663731363563
35383235363665333232616364363238623433306464333762313966653662663634613238366136
63616663626362656361646163633534633631393931366134623739623231356239636163313763
38366164623730613865666462313631633536306133656462636163356365373038343030643930
38376236623965636663633135323538373066343632303730613132646231653365306563393636
32373964333664313138616530653661316266326337363231643438386534656364653637306637
63353833316461366563613537373063396333626266303031326135303130313031333239346664
39373533363731356437376438323238616531663264653965373935663261633261383234353864
65343035643465643966356439623334633866643431326265643839646464363439623765376339
65353165666262363832393433313931626335333135646638363433663731623364313537616266
31656432663234396539396464633665346663623466376435623036643531653764336537366438
35623138646162313935366636643262643739323236646161353733336466323365386463323433
37303561323937653538316337643530353537313133353563373833306134663636356538353561
63343837613234393762383063633133373533323964643034373138633163333765363332616635
36326430316664323339376462356263616365663631626663666538666235653136616630353937
31383136373437653366626362333066346235313930663238376338653563616433653066643237
33303530353636623530626338303331313462656639653337653637343037333562643935383963
63626235326538363533326566613130636136623834303539643530393238326661656230376461
61663737303931626633653461663134663462313830343732666266303464323362323738343463
38656234376137653238323636366164396162613730323037396135323230316364613961313563
34643663633236343533613938343033313937626665306464376531316539353761373230613266
34306338646537393763653732623364643464386563626365343639613136333132643866346135
32346165393432393132333535363531373766656163323336343736326366666634336362343861
64626464323734303566623066653361363731656439643230653430323335646262396364323538
38326138633831396163646139346532326537633239626131333835353131633965663837636632
33373865306339643961376462363838666261653464636132323436646365393462393961323931
39616265623439356531376266653732393763653338643062343239383539393130616138313865
63636262353762353861343063313766393232393538666232383762393363306564653463633836
39383766626231303333373464353462306635343539653965396231633830356535646132386436
3437383537636636356433316566373861346535336335663431

20
compose/03_syncthing/config/key.pem Normal file
View File

@ -0,0 +1,20 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
30383836353130323131653139643365346335633063343362656530663538393435663335613132
3533343531333434376632333630343364313061633066330a373263393966336430616530386564
32313530333939333035393863623932666261316664666132366331626561306230306238323733
3230396463303764300a643831633734393964363534343932303039323161373239363766643037
35333362666332346133363063363466343338653963353333376162373331316433326436353738
63323339346134626131316136663736313737653866393135356262363832613262316139613963
32646532343639303732643432306239656135663363643263393832383936373837626665616662
37373865303364373035363832633932323233396336363863336338613237623637323665386536
37313164646266663135336432363963643630366434356230626663343534376330343461366664
33623261313662663636346361386332343630396164616137303364643661643736653462323062
32613335653732373365646566393930666561383465376665383531393037343638633763633563
38613164373332306237373737623839386336613166333139656264336131326631343438373235
31343739363366396464623662373539613433346438626335303765623738393930666430303139
66386264623666393234623032386135323231653965393466656634353532616530306265306666
62663039333231316130353061313233666639633563346635623464363135383863666532323432
63376664343630633631393232636364633036636230663864323437636439623961613634613638
38626161646166336138373931393464633030323338663763383135316665346137646139333530
61386233373538636433363832363537313766363566623961346336353532303761313664383032
646138346562616433343462303065306236

25
compose/03_syncthing/docker-compose.yml Normal file
View File

@ -0,0 +1,25 @@
version: '3.9'
services:
syncthing:
image: syncthing/syncthing:1
restart: unless-stopped
ports:
- 127.0.0.1:8384:8384 # Make GUI available via SSH
- 22000:22000/tcp
- 22000:22000/udp
volumes:
- syncthing-data:/var/syncthing
- ./config/cert.pem:/var/syncthing/config/cert.pem:ro,z
- ./config/key.pem:/var/syncthing/config/key.pem:ro,z
- ./config/config.xml:/var/syncthing/config/config.xml:ro,z
hostname: "Netcup"
labels:
- "com.centurylinklabs.watchtower.scope=update"
environment:
- PUID=0
- PGID=0
- TZ=Europe/Berlin
volumes:
syncthing-data:

1
compose/04_blog/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=blog

18
compose/04_blog/docker-compose.yml Normal file
View File

@ -0,0 +1,18 @@
version: "3.4"
services:
tobiasmanske.de:
image: registry.tobiasmanske.de/tobiasmanske.de:latest
labels:
- "traefik.enable=true"
- "traefik.http.routers.tobiasmanskede.rule=Host(`tobiasmanske.de`) || Host(`www.tobiasmanske.de`)"
- "traefik.http.routers.tobiasmanskede.entryPoints=websecure"
- "traefik.http.services.tobiasmanskede.loadbalancer.server.port=80"
- "com.centurylinklabs.watchtower.scope=http"
restart: always
networks:
- gateway
networks:
gateway:
external: true

1
compose/05_watchtower/.env Normal file
View File

@ -0,0 +1 @@
COMPOSE_PROJECT_NAME=watchtower

34
compose/05_watchtower/docker-compose.yml Normal file
View File

@ -0,0 +1,34 @@
---
services:
default:
image: containrrr/watchtower:latest
privileged: true
environment:
DOCKER_CONFIG: /config
WATCHTOWER_POLL_INTERVAL: 86400
WATCHTOWER_CLEANUP: 1
WATCHTOWER_ROLLING_RESTART: 1
WATCHTOWER_SCOPE: update
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/core/.docker:/config
restart: always
labels:
- "com.centurylinklabs.watchtower.scope=update"
http:
image: containrrr/watchtower:latest
privileged: true
environment:
DOCKER_CONFIG: /config
WATCHTOWER_POLL_INTERVAL: 900
WATCHTOWER_CLEANUP: 1
WATCHTOWER_ROLLING_RESTART: 1
WATCHTOWER_SCOPE: http
volumes:
- /home/core/.docker/:/config/
- /var/run/docker.sock:/var/run/docker.sock
restart: always
labels:
- "com.centurylinklabs.watchtower.scope=http"
...

11
docker-config.json Normal file
View File

@ -0,0 +1,11 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
32643032393961616163376565363738383166373031393037306436383037663736613439326166
6439663833356435653161636132616133663062333063640a373137646539616561376535313739
31373932393934666133356332646237636563623631316233303962393637386534313966353839
6164343438666539390a643032333839633737336162383830386436653462363963643639616164
66656233643639613639663962383261356661343232663365353031623533643238303838373764
35633838383533666662636263656562633865396330653733616366386232353162656362626161
32383830346363313536336632656265636437323665316362303966366439316533333934373039
36633531383831363533323734373936633339373562633563663863623733346662613435636664
36633233333961396633313234303962376535616139323062316137616536326235346231666238
6231363536663534653466633730316637313162303837626366

12
inventory.yaml Normal file
View File

@ -0,0 +1,12 @@
---
all:
hosts:
host.nc.chaoswg.org:
# ansible_host: 192.168.0.52
# ansible_host: 185.216.177.198
ansible_user: core
network_interface: ens3
children:
unprovisioned:
hosts:
# host.nc.chaoswg.org: null

202
playbook.yaml Normal file
View File

@ -0,0 +1,202 @@
---
- name: Render compose files
hosts: localhost
tags: template
vars:
render_path: "./render/compose"
render_blacklist:
- EMPTY
tasks:
- name: Read Variables
include_vars:
dir: vars
extensions:
- 'yml'
- 'yaml'
- file:
state: directory
dest: '{{ render_path }}/{{ item.path }}'
with_filetree: './compose'
when: item.state == 'directory'
- name: Template Compose structure
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ render_path }}/{{ item.path }}"
force: true
with_filetree: './compose'
when: item.state == 'file' and item.path not in render_blacklist
- name: Copy blacklisted files
copy:
src: "{{ item.src }}"
dest: "{{ render_path }}/{{ item.path }}"
force: true
with_filetree: './compose'
when: item.state == 'file' and item.path in render_blacklist
- name: Provision Volumes from Snapshots
hosts: unprovisioned
# hosts: all
gather_facts: true
tasks:
- block:
- name: Gather file names
delegate_to: 127.0.0.1
find:
paths: ./backups
file_type: file
register: snapshot_files
- name: Filter names
set_fact:
volumes_to_provision: "{{ snapshot_files.files | selectattr('path', 'regex', '^.*-latest.tar.gz') | map(attribute='path') | map('regex_replace', '^backups/([a-zA-Z0-9_]+)-.*$', '\\1') }}"
- name: Print
ansible.builtin.debug:
var: volumes_to_provision
verbosity: 0
- ansible.builtin.file:
path: /home/core/backups
owner: core
state: directory
mode: '0755'
- name: Copy backups to host
copy:
src: "./backups/{{ item }}-latest.tar.gz"
dest: "/home/core/backups/{{ item }}-latest.tar.gz"
with_items: "{{ volumes_to_provision }}"
- name: Initialize Volumes
community.docker.docker_volume:
name: "{{ item }}"
state: present
with_items: "{{ volumes_to_provision }}"
- name: Provision Volume using alpine
community.docker.docker_container:
name: "restore-{{ item }}"
image: "alpine:latest"
state: started
volumes:
- "{{ item }}:/backup/{{ item }}"
- "/home/core/backups/{{ item }}-latest.tar.gz:/restore.tar.gz:ro,z"
auto_remove: true
entrypoint:
- tar
- -C
- /
- -xvf
- /restore.tar.gz
with_items: "{{ volumes_to_provision }}"
- set_fact:
provisioned: true
cacheable: true
when: ansible_facts['provisioned'] is undefined
- name: Backup
hosts: all
tasks:
- name: Read Variables
include_vars:
dir: vars
extensions:
- 'yml'
- 'yaml'
- name: Install backup script
become: true
ansible.builtin.template:
src: backup.sh
dest: /root/backup.sh
mode: '0750'
owner: root
- name: Setup Registry credentials
hosts: all
tasks:
- ansible.builtin.file:
path: /home/core/.docker
owner: core
state: directory
mode: '0700'
- ansible.builtin.copy:
src: docker-config.json
dest: /home/core/.docker/config.json
mode: '0600'
owner: core
- name: Docker-Compose
hosts: all
tasks:
- name: Gather local Config
delegate_to: 127.0.0.1
find:
paths: ./render/compose
recurse: true
file_type: file
register: local_compose_files
- name: Gather Remote Config
find:
paths: /home/core/compose
recurse: true
file_type: file
register: remote_compose_files
- ansible.builtin.debug:
var: local_compose_files
verbosity: 2
- ansible.builtin.debug:
var: remote_compose_files
verbosity: 2
- ansible.builtin.set_fact:
compose_dirs_tainted: "{{ remote_compose_files.files | map(attribute='path') | difference(local_compose_files.files | map(attribute='path') | map('regex_replace', '^render/', '/home/core/')) | map('dirname') }}"
- ansible.builtin.debug:
var: compose_dirs_tainted
verbosity: 2
- name: Stop tainted Compose Services
community.docker.docker_compose:
project_src: "{{ item }}"
state: absent
loop: "{{ compose_dirs_tainted }}"
- name: Copy Compose files
ansible.posix.synchronize:
src: ./render/compose
dest: /home/core/
archive: false
checksum: true
delete: true
recursive: true
mode: push
# directory_mode: "0750"
# mode: "0640"
# owner: core
register: compose_files
- ansible.builtin.debug:
var: compose_files
verbosity: 2
- name: Restart Compose projects
vars:
docker_restart: "{{ lookup('env', 'DOCKER_RESTART') | default('false', true) | bool }}"
block:
- find:
paths: /home/core/compose
recurse: false
file_type: directory
register: compose_directories
- ansible.builtin.debug:
var: compose_directories
verbosity: 2
- name: Restart Compose Projects
community.docker.docker_compose:
project_src: "{{ item }}"
state: present
restarted: true
recreate: smart
build: true
remove_orphans: true
loop: "{{ compose_directories.files | map(attribute='path') | sort }}"
when: compose_files.changed or docker_restart
...

100
setup.bu Normal file
View File

@ -0,0 +1,100 @@
---
variant: fcos
version: 1.4.0
systemd:
units:
# Installing vim as a layered package with rpm-ostree
- name: rpm-ostree-install-pkg.service
enabled: true
contents: |
[Unit]
Description=Layer packages with rpm-ostree
Wants=network-online.target
After=network-online.target
# We run before `zincati.service` to avoid conflicting rpm-ostree
# transactions.
Before=zincati.service
# Otherwise vagrant will try to run the playbook before we got python
Before=sshd.service
ConditionPathExists=!/var/lib/%N.stamp
[Service]
Type=oneshot
RemainAfterExit=yes
# `--allow-inactive` ensures that rpm-ostree does not return an error
# if the package is already installed. This is useful if the package is
# added to the root image in a future Fedora CoreOS release as it will
# prevent the service from failing.
ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive vim python docker-compose borgbackup
ExecStart=/bin/touch /var/lib/%N.stamp
[Install]
WantedBy=multi-user.target
# Make sure docker is actually starting without a call to the socket.
- name: docker.service
enabled: true
- name: borgbackup.service
contents: |
[Unit]
Description=Run Backup of /var/lib/docker
[Service]
ExecStart=/usr/bin/bash /root/backup.sh
[Install]
WantedBy=multi-user.target
- name: borgbackup.timer
enabled: true
contents: |
[Unit]
Description=Daily backup
[Timer]
OnCalendar=daily
Persistent=true
[Install]
WantedBy=timers.target
storage:
filesystems:
- device: /dev/disk/by-partlabel/root
wipe_filesystem: true
format: ext4
label: root
files:
# Set vim as default editor
# We use `zz-` as prefix to make sure this is processed last in order to
# override any previously set defaults.
- path: /etc/profile.d/zz-default-editor.sh
overwrite: true
contents:
inline: |
export EDITOR=vim
- path: /etc/hostname
mode: 0644
contents:
inline: host.nc.chaoswg.org
- path: /etc/zincati/config.d/55-updates-strategy.toml
contents:
inline: |
[updates]
strategy = "periodic"
[[updates.periodic.window]]
days = [ "Fri", "Sat" ]
start_time = "23:30"
length_minutes = 60
links:
- path: /etc/localtime
target: /usr/share/zoneinfo/Europe/Berlin
passwd:
users:
- name: core
groups:
- docker
ssh_authorized_keys:
- cert-authority,principals="rad4day,rad4day@chaoswg.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUN/Ik3CqhsVLGEkl2rJLUhC0AXFmVp6BgETaqgVKq5 user-ca@chaoswg.org
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhzs4vCOhy3yH2TF2bO5Qalt2P4WG4nDYTLarPKFrdM ansible@provisioner
- name: borgbackup
ssh_authorized_keys:
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEeiXrwUxnzo/MLn3PdT3shFIJu7zia8uwlcQhyPautw borgbackup@remote
...

7
vagrant.bu Normal file
View File

@ -0,0 +1,7 @@
variant: fcos
version: 1.4.0
ignition:
config:
merge:
- local: ./vagrant_INSECURE.ign
- local: ./setup.ign

1
vagrant_INSECURE.ign Normal file
View File

@ -0,0 +1 @@
{"ignition":{"version":"3.0.0"},"passwd":{"users":[{"name":"core","sshAuthorizedKeys":["ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"]}]}}

90
vars/vault.yaml Normal file
View File

@ -0,0 +1,90 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
36613830363562323032396439303962393331373532303230633031383936646463373037383234
3765663463646631353530633465633463663435623661610a646435303037343066383262633733
62633135346233626663336364666639633939326630313565333739353533653238666332666565
3765666461356363370a636665353031383064383839613061336639343534623562623434323537
37653637636333633730653339366536376236386337303163336563396436323930323363386537
63353434333866343461386634656132633162316634313265313966393238343066336663623630
38633534393534646135633239353335323139333038336164396334656532653633626334656534
62656663633836343139363863616136346538313131393165613331623231366636356134363765
37316331666636643162613830313035626239613566333965363530333562376137663864303164
64323735383036626161323561316334643931623739346539393539323161623634316639343736
39323666306539663938303966346464653464613230633833643832393030623866616362353632
65366539623636383738326339623764363364393434623663336632653437663438626463323264
34313630613030666538393637323236373937376366653932383933316134373133663436376465
66656365613864323366326638626337616433613731633861326436666635643134666461316465
33333463393966393266323235323236343231323136336130623938633534633365656463386333
35643366653961643330373033383935636637366463363466306133646261646234353835326134
31306534336362663034636230386235376133393534643033323935303364643832323736656236
33396338303833336566613233306436616334316538646631366564376134366332643939363039
65353834303439373736353630653063616537393464333666393563663833383736346436616430
39323964323362633135326133363233653666363562613264376161326335636235303436356364
62623539636332363065343965393635613063326661386265643563326463653632326232383538
63363035613466323038343935333730636434393433633235646134313366656132353939346536
38333139613132366636323935636439613162613034343034643261393363636466663938646134
32343763646561626630333964333165663538313735666336653565646638363636316136356363
31323431303862383039393232613365616464356636333033663037363131623735643265313936
33653933323563396131643561363531323130323435653237653633623232343762386164383430
30393936656639346330333133343234336335313134613134303464333430623261343439653165
34343338653564383539623366633235643761646138376236323833303538323431343632386536
64326338383434666434643761633465653235306239363937306332396537616362303662656239
65666465373531343937396365663239653138656537323735363766333361633130316239626631
65363639356333376337346463313939306132623931346333656334396163363437336633363062
39353433656238306535393265333462366439663161396439336435386338653736386335376663
63373934653636636338656230353232343035313931373865376162613336363338646263383561
31666534313266363338363461626363326336383261333034363365633633326535623936326339
34396337383630316364336532303862396436373239346239366563326230613761656338363936
33363866643634666662393261326138373338376435366338323335623138306662356430663239
37363130626562363039343532336639313062316264653063303866616138613630623435393131
62343133316332623963653432366539366536623766333866303635636561313539313061643139
61316632356563363032653663366535346433666138633531313939633966376265386563316363
31326636373134386162303966303964616261376330666265343863353831313266663138343461
31646432656330613166316437393661353337626633613937393837643938636337636135626265
38386366333565386135633234366630366663353263613332386639313733326631313635326134
30626266653063663835346431613135643663333735393761373930353831333836386539666130
65343732363037633764356233383365653062653336303239303732323634623032653736656134
34326532343735626166356533306263346333653965306666343732346630316137613832653331
33316530366135396262613935366436323735633530363832623137326535616165303232396638
35646633326235343435343036356466653866623766623433633261353332306534643331386130
35313533633663396232616331343664636461613366326166663563316639356165326165306430
38393165383733653439623138376134303639323736386366643836393562383133663761343264
31656637666262353562613365336638323865353637366435373261353064666638646563653066
65313164396236363861393536313437363766613132616161633639313936353263643662346335
30643831336562623838386233663766346664663462623733396261613637363132623965396161
32366437623162373031643931643064616261306133653735663565323539656562393764306435
66313165346432663339656663303833346634376162313739376361353130613464303266643038
35383032626164326330303537396139366633613730656232386632373162306531376432356533
38356538623830306530323431343432663230376231383139656232376535336339656365666165
65306638396430633962336434663438613239336533383633396361386565383235366336346233
34346332626637376131613061303134393065316137383564353335343135373136643265333865
61303832613365663662613833633764613665343338373666663236643336303534323664326266
30616666376538356539613632643463323036346664393830376434363561666232353432643039
64623233306336346434643133366337666661303666363832303831346137383033636637396536
61346263336566383838386262353637396334326161343866623733366537353934363639343163
34663264616364636261336335653731346137623161313434343763646435616665303938386130
65373435303731626531383961343663633935393239343761336462363063386234303832303630
36613430613365646366383830643566366135303061373536306662313634383333633334353661
63366235613533396337653462616638333639306263633035313363336266343662356335336639
37366633316334623237393733636263626339623337643931653363643865636331313863666234
64336439383037386232313066396337393833663965306462366366376237663634643764646635
38313864623232616136656533363133353630373038626164653236363662363530333566373035
39633932383831316161343265623438626439353534346161623935666635633035386435316331
31383566646237666563366163393261623638306432613330356363623439303334623662396133
61613761656461323933363161386332663465336439333163303434373533313735303235303262
32393563336332313830386632643731643639323030333535633038613462646536333366613730
30636563653462313730653863303938333236353938346139666438653461353238306334376133
64613866323537313632663634636261336563313366393865303233383232306239613130663761
66616338333830353835373962393266636238326536663138653166613565653864616562626333
30366435663337663738633835623034323438363631643332346538393463366662666430376666
62343738666563326232316438613661316361643264376661656161613061356264623362633530
32666162386534373363636664613132366239666431653463333762313231386337356363353234
36393965663564316438393864363237363530643731323966363861386465346166346364386635
39386637623533366637653437366364363638646635346236386166313864313438393165663933
33393561303763386565643364623262376461343831623238393834363433656336313665323931
31396132313961646637326162386531626364643261666436633666323461373466613764343533
30326530343537663237626130653163653636396139343736313366323864306164643738356532
31636665393931366538656465373238376562626364396461613037343333653136383238623963
37346163626465383238373836653130663030663234653537386434653331313863653339303331
32383034306131623930376138656131636462333166373632306530316536346131616333343661
65333638393139633630386263356236373333623830643139373637323662623862396161336361
31646533383061353466623663313732356165653433316266303138356536383433

74
vars/wireguard-peers.yaml Normal file
View File

@ -0,0 +1,74 @@
$ANSIBLE_VAULT;1.2;AES256;secrets
65623539363936656339663865666138346433666366633339663438626338313163636435383339
3938613366653432313166383936633462666433623738390a313439376163303332623939303430
39353034643536326635613935643430323332336265316666326537613662313531633131326564
3831643134623131380a353561333330643666333232656438353364623738663835313832663634
61666537386439323130623630663037303837316138373837393961653532643864303862633933
63366132393664663230396661303964633366623761663961646638626265356665613035383431
61663865336232633935383562626332376464343263303831366435303833323638643436633264
66323266373966366432306562306266306362613330366333616531313233373236346461316236
63396231373064313934633132633738623333373138663765386432376137333835653862613865
35623738366531303263313463396531316439663230363635343035663364343039376664666136
61326463663739646138646464663931653034333830383565343230653534303839653561653934
38643432653339643963363164663961323065316239356533653033646465353731336339663538
62366231356237393461613938396534346234653139336333373537333336373937323934306330
38613337643564343833306536303563376132636331333731353531333836643039656132626333
33376231326666323962303764393836623330316564316432363066343338396463646265333935
63376633613330313936626336653934306637643431643465333765353662663335366237623539
36643431363632373166663165346364363136333738303731346461623438323231643732623666
31663065356164383431633662623766316530366336316238646533376435393834303232333630
63633531313737663631363033653435393263323763656438376336373033343834646330313434
31326436643836653663383166626534323931616564343734313235373633353061353835623035
35636339633033323763343563653062386166333934656161313465343866306565626536633361
38653535613463343366373436356535616664343965386361353335613731633633323666666462
36303035663561643839323339316562363630376230333630633636623536653064303966633964
62303539633763363933303837313366653063383537393935316635303630316563336562616336
34333038643762653238373861343062313731353434386434343665346231396165303733663465
63306437333864613561373566326466356130656537623137623230643263316633383430663661
30666330333438316365306161616532663136376464363062386539646434653565643961653861
37353362653132376233303561363861383739323631613131303363623734623830313637346531
66313764386564646230333264616139383463666635666637353637303132623766393761306662
38366166326438326435383634663834623833663231373834633964623332333633613130333666
35303932613462616332376234663663383232313064613130633062613532396466663764316638
36333036653766636133306663613765346234393063353861323738356435623831356461613534
30613039363864323864373662396633653430363165366337353530653961653334346635656234
62373631323632313561366539373433343238366266363562376162646263353864656133653437
66333432356364343730393439633037333862386164343563373031333635323661653763386639
63396566303163343336313766333936313863343138646232616531386437643961363661373937
65303030386236613738313333313864326362363464373530383031626432316461626464666463
31633065313966373938646633633839333331356332336363373763653839623137643966373865
35393437383362626534373930393831636233393865653438636636656265623763383835623037
32336661313732313337633237356263393030656666366430646334373233323433366435633334
30353735303437386666323964303865613334393036383532643563363237376633313031383130
38643165313834306465656430613834646333666334353836613435613135643639363665653232
62376435336630616632386130386136356537663734303932333366343563326261623139303839
32643834373766383066396261623236393166383539303263323932643366373439613234313134
31663761396332343436363665393363373563356165363366316466306137303630383762613331
30646262616661373361393932353263633235363431306361346266353863613339613530346264
35383865616532363366393736353366626338306634663263666336636466373762303337336466
35666433343264386130333463643931306338363063373765646436313632653733343162666331
30653434346266663131373531393966326162653566646536356533356262336632653736353336
30656535356430313661356137383166386337613163643731646164636664386531326563303537
34333663396265663435396261383534383633346239366632323462386334323233333664343930
34653765326339333265616538363164643932366464353066356433633330323763633862353239
35313062363864363132393464653663386239323062656235313361383933366266313666623135
62333936366261303831363931306434343330386632623638653566356538376335663961343735
38656436623364363438366533306463633234316639656564326165643065366565383261623165
33323134663530633865643462663131333664653365666134373434386139613034663964353065
63646561316139383163313332316238326132363661666566666233626536396365376634613433
34306231626361326636653034646239643466393838363166663639323835386633666632356461
33633766303364326464383061333664666232326338313863653334666365646230326630303435
38633237393138363730313736386662373631393631376461323937363737656464316237386336
37336330626438643166363131623030386235653537336133356264613634323537303464303962
65626334323834316666643564343233346535393165323534326539653938363735336636353534
34336539626134373963303737663431306266363766666363383532386438393366376464623763
35363732306631333032373065393933663130613639326331613763646136383235636433623964
39383331633465383033653434386562393030633034313365336366313430326265323038346663
34356635386466393439636434323464613639616261363037326234346130653938373330636531
34633130316632326335346434613834356630656162393739306561623166363436316161613566
61376465393932373934386466306462366133363933633839623764343330313561333666386333
65623739663665653466396461646433373434663766663430306363646666653763353762366639
38616661326334383737623064323234316134313537363333653666636238303061356132303533
63303639386535376166656431623937343661376632343232396537613565643235336631336235
66313139373562613338383564363830343638346439306430356534656635346163306137623966
30346165373236313831396363333535303038373431316231316134343531653137