Initial

Signed-off-by: Tobias Manske <tobias.manske@mailbox.org>

.gitignore

@@ -0,0 +1,128 @@
+
+# Created by https://www.toptal.com/developers/gitignore/api/vagrant,git,vim,ansible,linux,windows,osx
+# Edit at https://www.toptal.com/developers/gitignore?templates=vagrant,git,vim,ansible,linux,windows,osx
+
+### Ansible ###
+*.retry
+
+### Git ###
+# Created by git for backups. To disable backups in Git:
+# $ git config --global mergetool.keepBackup false
+*.orig
+
+# Created by git when using merge tools for conflicts
+*.BACKUP.*
+*.BASE.*
+*.LOCAL.*
+*.REMOTE.*
+*_BACKUP_*.txt
+*_BASE_*.txt
+*_LOCAL_*.txt
+*_REMOTE_*.txt
+
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+### OSX ###
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### Vagrant ###
+# General
+.vagrant/
+
+# Log files (if you are creating logs in debug mode, uncomment this)
+# *.log
+
+### Vagrant Patch ###
+*.box
+
+### Vim ###
+# Swap
+[._]*.s[a-v][a-z]
+!*.svg  # comment out if you don't need vector files
+[._]*.sw[a-p]
+[._]s[a-rt-v][a-z]
+[._]ss[a-gi-z]
+[._]sw[a-p]
+
+# Session
+Session.vim
+Sessionx.vim
+
+# Temporary
+.netrwhist
+# Auto-generated tag files
+tags
+# Persistent undo
+[._]*.un~
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+Thumbs.db:encryptable
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.toptal.com/developers/gitignore/api/vagrant,git,vim,ansible,linux,windows,osx
+/vagrant.ign
+/setup.ign
+backups/*
+render/
+borgbackup
+borgbackup.pub

Makefile

@@ -0,0 +1,18 @@
+provision:
+	vagrant provision
+
+down:
+	vagrant destroy -f
+
+clean: down up
+
+up: vagrant.ign
+	vagrant up
+
+vagrant.ign: vagrant_INSECURE.ign setup.ign
+	butane --pretty --strict -d . vagrant.bu > vagrant.ign
+
+setup.ign: setup.bu
+	butane --pretty --strict -d . setup.bu > setup.ign
+
+.PHONY: provision down up clean

Vagrantfile

@@ -0,0 +1,97 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+require 'json'
+
+ignition_file = File.join(File.dirname(__FILE__), 'vagrant.ign')
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # config.disksize.size = "30G"
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "fedora-coreos"
+
+  config.vm.provider :libvirt do |libvirt|
+    libvirt.disk_bus = 'ide'
+    libvirt.driver = 'kvm'
+    libvirt.memory = 4096
+    libvirt.cpus = 4
+    libvirt.machine_virtual_size = 60
+    libvirt.qemuargs :value => '-fw_cfg'
+    libvirt.qemuargs :value => "name=opt/com.coreos/config,file=#{ignition_file}"
+  end
+
+  config.vm.provision "ansible" do |ansible|
+    ansible.playbook = "playbook.yaml"
+    ansible.limit = "all,localhost"
+    ansible.ask_vault_pass = true
+  end
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  config.vm.network :private_network,
+    :ip => "192.168.33.10",
+    :libvirt__guest_ipv6 => "yes",
+    :libvirt__ipv6_address => "fddd::13",
+    :libvirt__ipv6_prefix => "64"
+
+  config.vm.network "forwarded_port", guest: 80, host: 80
+  config.vm.network "forwarded_port", guest: 443, host: 443
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "./backups", "/home/core/backups"
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+  # config.vm.provider "virtualbox" do |vb|
+  #   # Display the VirtualBox GUI when booting the machine
+  #   vb.gui = true
+  #
+  #   # Customize the amount of memory on the VM:
+  #   vb.memory = "1024"
+  # end
+  #
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  # config.vm.provision "shell", inline: <<-SHELL
+  #   apt-get update
+  #   apt-get install -y apache2
+  # SHELL
+end

backup.sh

@@ -0,0 +1,68 @@
+#!/bin/sh
+# Setting this, so the repo does not need to be given on the commandline:
+export BORG_REPO=~borgbackup/backup
+PUSH_KEY={{ backup.pushkey }}
+
+# See the section "Passphrase notes" for more infos.
+#export BORG_PASSPHRASE='XYZl0ngandsecurepa_55_phrasea&&123'
+
+# some helpers and error handling:
+info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
+trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
+
+info "Initialize Repo"
+borg init -e none
+
+info "Starting backup"
+
+
+# Backup the most important directories into an archive named after
+# the machine this script is currently running on:
+
+borg create                         \
+    --verbose                       \
+    --filter AME                    \
+    --list                          \
+    --stats                         \
+    --show-rc                       \
+    --compression none              \
+    --exclude-caches                \
+    --one-file-system		    \
+    ::'{hostname}-{now}'            \
+    /var/lib/docker/volumes
+
+backup_exit=$?
+
+info "Pruning repository"
+
+# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
+# archives of THIS machine. The '{hostname}-' prefix is very important to
+# limit prune's operation to this machine's archives and not apply to
+# other machines' archives also:
+
+borg prune                          \
+    --list                          \
+    --prefix '{hostname}-'          \
+    --show-rc                       \
+    --keep-daily    7               \
+    --keep-weekly   4               \
+    --keep-monthly  6               \
+
+chown -R borgbackup ~borgbackup
+
+prune_exit=$?
+
+# use highest exit code as global exit code
+global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
+
+if [ ${global_exit} -eq 0 ]; then
+    info "Backup and Prune finished successfully"
+    /usr/bin/curl -fsS -m 10 --retry 5 -o /dev/null https://monitor.chaoswg.org/api/push/${PUSH_KEY}?msg=OK&ping=
+elif [ ${global_exit} -eq 1 ]; then
+    info "Backup and/or Prune finished with warnings"
+    /usr/bin/curl -fsS -m 10 --retry 5 -o /dev/null https://monitor.chaoswg.org/api/push/${PUSH_KEY}?msg=OK&ping=
+else
+    info "Backup and/or Prune finished with errors"
+fi
+
+exit ${global_exit}

compose/00_traefik/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=traefik

compose/00_traefik/docker-compose.yaml

@@ -0,0 +1,31 @@
+---
+version: '3.9'
+services:
+  traefik:
+    image: traefik:v2.7
+    container_name: traefik
+    restart: always
+    ports:
+      - "443:443"
+      - "80:80"
+    privileged: true
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock:z"
+      - "./traefik.yaml:/etc/traefik/traefik.yaml:Z,ro"
+      - "acme:/acme"
+    networks:
+      - gateway
+      - default
+    environment:
+      CLOUDFLARE_DNS_API_TOKEN: "{{ traefik.CLOUDFLARE_DNS_API_TOKEN }}"
+
+volumes:
+  acme:
+
+networks:
+  gateway:
+    name: gateway
+    internal: false
+  default:
+    driver: bridge
+...

compose/00_traefik/traefik.yaml

@@ -0,0 +1,29 @@
+log:
+  level: DEBUG
+providers:
+  docker:
+    network: gateway
+    exposedbydefault: false
+entryPoints:
+  web:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+          permanent: true
+  websecure:
+    address: ":443"
+    http:
+      tls:
+        certResolver: letsencrypt
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      email: webmaster@tobiasmanske.de
+      storage: /acme/acme.json
+      # caServer: "https://acme-staging-v02.api.letsencrypt.org/directory"
+      dnsChallenge:
+        provider: cloudflare

compose/01_registry/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=registry

compose/01_registry/docker-compose.yml

@@ -0,0 +1,29 @@
+---
+services:
+  registry:
+    container_name: registry
+    restart: always
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+      - "traefik.enable=true"
+      - "traefik.http.routers.registry.rule=Host(`registry.tobiasmanske.de`)"
+      - "traefik.http.routers.registry.entryPoints=websecure"
+      - "traefik.http.services.registry.loadbalancer.server.port=5000"
+    image: 'registry:2'
+    networks:
+      - gateway
+    environment:
+      REGISTRY_AUTH: htpasswd
+      REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
+      REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
+    volumes:
+      - registry_data:/var/lib/registry
+      - ./htpasswd:/auth/htpasswd:ro,z
+
+volumes:
+  registry_data:
+
+networks:
+  gateway:
+    external: true
+...

compose/01_registry/htpasswd

@@ -0,0 +1,3 @@
+{% for line in registry.HTPASSWD %}
+{{ line }}
+{% endfor %}

compose/02_gitea/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=gitea

compose/02_gitea/docker-compose.yml

@@ -0,0 +1,105 @@
+---
+version: '3.9'
+
+services:
+  gitea:
+    image: gitea/gitea:1
+    container_name: gitea
+    environment:
+      - "USER_UID=1000"
+      - "USER_GID=1000"
+      - "GITEA__database__DB_TYPE=postgres"
+      - "GITEA__database__HOST=db:5432"
+      - "GITEA__database__NAME={{ gitea.db.name }}"
+      - "GITEA__database__USER={{ gitea.db.user }}"
+      - "GITEA__database__PASSWD={{ gitea.db.password }}"
+      - "GITEA__webhook__ALLOWED_HOST_LIST=*.tobiasmanske.de"
+    restart: always
+    networks:
+      - backend
+      - gateway
+    volumes:
+      - gitea_data:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.gitea.rule=Host(`git.tobiasmanske.de`)"
+      - "traefik.http.routers.gitea.entryPoints=websecure"
+      - "traefik.http.services.gitea.loadbalancer.server.port=3000"
+      - "com.centurylinklabs.watchtower.scope=update"
+    ports:
+      - "7779:22"
+    depends_on:
+      - db
+
+  db:
+    image: postgres:14
+    restart: always
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    environment:
+      - POSTGRES_USER="{{ gitea.db.user }}"
+      - POSTGRES_PASSWORD="{{ gitea.db.password }}"
+      - POSTGRES_DB="{{ gitea.db.name }}"
+    networks:
+      - backend
+    volumes:
+      - pg_data:/var/lib/postgresql/data
+
+  drone:
+    image: drone/drone:2
+    restart: always
+    environment:
+      - "DRONE_GITEA_SERVER=https://git.tobiasmanske.de"
+      - "DRONE_GITEA_CLIENT_ID={{ gitea.drone.client_id }}"
+      - "DRONE_GIT_ALWAYS_AUTH=true"
+      - "DRONE_GITEA_CLIENT_SECRET={{ gitea.drone.client_secret }}"
+      - "DRONE_RPC_SECRET={{ gitea.drone.rpc_secret }}"
+      - "DRONE_SERVER_HOST=drone.tobiasmanske.de"
+      - "DRONE_SERVER_PROTO=https"
+      - "DRONE_IMAGE_CLONE=openjdk:17-bullseye"
+    networks:
+      - backend
+      - gateway
+    volumes:
+      - drone_data:/data
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.drone.rule=Host(`drone.tobiasmanske.de`)"
+      - "traefik.http.routers.drone.entryPoints=websecure"
+      - "traefik.http.services.drone.loadbalancer.server.port=80"
+      - "com.centurylinklabs.watchtower.scope=update"
+    depends_on:
+      - gitea
+
+  drone_runner:
+    image: drone/drone-runner-docker:1.8
+    restart: always
+    privileged: true
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      - "DRONE_RPC_SECRET={{ gitea.drone.rpc_secret }}"
+      - "DRONE_RPC_HOST=drone.tobiasmanske.de"
+      - "DRONE_RPC_PROTO=https"
+      - "DRONE_RUNNER_CAPACITY=2"
+      - "DRONE_RUNNER_NAME=docker-01"
+      - "DRONE_RUNNER_CLONE_IMAGE=drone/git:linux-amd64"
+      - "DRONE_RUNNER_VOLUMES=/etc/hosts:/etc/hosts"
+    networks:
+      - backend
+      - default
+
+networks:
+  backend:
+    internal: true
+  gateway:
+    external: true
+
+volumes:
+  gitea_data:
+  drone_data:
+  pg_data:

compose/02_wireguard/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=wireguard

compose/02_wireguard/docker-compose.yml

@@ -0,0 +1,26 @@
+---
+version: '3.9'
+services:
+  wireguard:
+    image: linuxserver/wireguard:latest
+    container_name: wireguard
+    cap_add:
+      - NET_ADMIN
+      - SYS_MODULE
+    security_opt:
+      - label:disable
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=Europe/Berlin
+    volumes:
+      - ./wg0.conf:/config/wg0.conf:ro,z
+      - /lib/modules:/lib/modules:ro
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    ports:
+      - 51820:51820/udp
+    sysctls:
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv6.conf.all.disable_ipv6=0
+    restart: unless-stopped

compose/02_wireguard/wg0.conf

@@ -0,0 +1,17 @@
+[Interface]
+Address = 10.2.0.1/16
+Address = fd10:4000::1/32
+MTU = 1420
+SaveConfig = true
+PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+ListenPort = 51820
+PrivateKey = {{ wireguard.private_key }}
+
+{% for peer in wireguard_peers %}
+# Peer: {{ peer.name }}
+[Peer]
+PublicKey = {{ peer.pubkey }}
+AllowedIPs = {{ peer.allowedips | join(", ") }}
+
+{% endfor %}

compose/03_hedgedoc/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=hedgedoc

compose/03_hedgedoc/docker-compose.yaml

@@ -0,0 +1,65 @@
+---
+version: '3'
+services:
+  database:
+    image: postgres:13-alpine
+    environment:
+      - POSTGRES_USER={{ hedgedoc.db.user }}
+      - POSTGRES_PASSWORD={{ hedgedoc.db.password }}
+      - POSTGRES_DB={{ hedgedoc.db.name }}
+    volumes:
+      - database:/var/lib/postgresql/data
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    restart: always
+    networks:
+      - backend
+
+  app:
+    # Make sure to use the latest release from https://hedgedoc.org/latest-release
+    image: quay.io/hedgedoc/hedgedoc:1.9.3
+    environment:
+      - CMD_DB_URL=postgres://{{ hedgedoc.db.user }}:{{ hedgedoc.db.password }}@database:5432/{{ hedgedoc.db.name }}
+      - CMD_DOMAIN=doc.tobiasmanske.de
+      - CMD_ALLOW_ORIGIN=doc.tobiasmanske.de,localhost
+      - CMD_CSP_ENABLE=true
+      - CMD_PROTOCOL_USESSL=true
+      - CMD_PROTOCOL_USE_SSL=true
+      - CMD_ALLOW_EMAIL_REGISTER=false
+      - CMD_ALLOW_ANONYMOUS=false
+      - CMD_ALLOW_ANONYMOUS_EDITS=true
+      - CMD_DEFAULT_PERMISSION=private
+      - CMD_SESSION_SECRET={{ hedgedoc.cmd.session_secret }}
+      - CMD_OAUTH2_CLIENT_ID={{ hedgedoc.cmd.client_id }}
+      - CMD_OAUTH2_CLIENT_SECRET={{ hedgedoc.cmd.client_secret }}
+      - CMD_OAUTH2_AUTHORIZATION_URL={{ hedgedoc.cmd.authorization_url }}
+      - CMD_OAUTH2_TOKEN_URL={{ hedgedoc.cmd.token_url }}
+      - CMD_OAUTH2_USER_PROFILE_URL={{ hedgedoc.cmd.user_profile_url }}
+      - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=ocs.data.id
+      - CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=ocs.data.display-name
+      - CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=ocs.data.email
+    volumes:
+      - uploads:/hedgedoc/public/uploads
+    restart: always
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.hedgedoc.rule=Host(`doc.tobiasmanske.de`)"
+      - "traefik.http.routers.hedgedoc.entryPoints=websecure"
+      - "traefik.http.services.hedgedoc.loadbalancer.server.port=3000"
+      - "com.centurylinklabs.watchtower.scope=update"
+    depends_on:
+      - database
+    networks:
+      - backend
+      - gateway
+
+volumes:
+  database:
+  uploads:
+
+networks:
+  gateway:
+    external: true
+  backend:
+    internal: true
+...

compose/03_miniflux/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=miniflux

compose/03_miniflux/docker-compose.yml

@@ -0,0 +1,49 @@
+version: '3'
+services:
+  miniflux:
+    image: miniflux/miniflux:latest
+    restart: unless-stopped
+    depends_on:
+      db:
+        condition: service_healthy
+    environment:
+      - DATABASE_URL=postgres://{{ miniflux.db.user }}:{{ miniflux.db.password }}@db/{{ miniflux.db.name }}?sslmode=disable
+      - RUN_MIGRATIONS=1
+      - CREATE_ADMIN=1
+      - ADMIN_USERNAME={{ miniflux.admin.user }}
+      - ADMIN_PASSWORD={{ miniflux.admin.password }}
+      - BASE_URL=https://rss.tobiasmanske.de
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.miniflux.rule=Host(`rss.tobiasmanske.de`)"
+      - "traefik.http.routers.miniflux.entryPoints=websecure"
+      - "traefik.http.services.miniflux.loadbalancer.server.port=8080"
+      - "com.centurylinklabs.watchtower.scope=update"
+    networks:
+      - backend
+      - gateway
+
+  db:
+    image: postgres:13
+    restart: unless-stopped
+    environment:
+      - POSTGRES_USER={{ miniflux.db.user }}
+      - POSTGRES_PASSWORD={{ miniflux.db.password }}
+    volumes:
+      - database:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "miniflux"]
+      interval: 10s
+      start_period: 30s
+    networks:
+      - backend
+
+volumes:
+  database:
+
+networks:
+  backend:
+    internal: true
+  gateway:
+    external: true
+    name: gateway

compose/03_nextcloud/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=nextcloud

compose/03_nextcloud/docker-compose.yml

@@ -0,0 +1,61 @@
+version: '2'
+
+services:
+  db:
+    image: mariadb:latest
+    restart: always
+    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb-file-per-table=1 --skip-innodb-read-only-compressed
+    volumes:
+      - database:/var/lib/mysql
+    environment:
+      - MYSQL_ROOT_PASSWORD={{ nextcloud.db.rootpassword }}
+      - MYSQL_PASSWORD={{ nextcloud.db.password }}
+      - MYSQL_DATABASE={{ nextcloud.db.name }}
+      - MYSQL_USER={{ nextcloud.db.user }}
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    networks:
+      - backend
+
+  app:
+    image: registry.tobiasmanske.de/nextcloud:main
+    restart: always
+    links:
+      - db
+    volumes:
+      - nc_config:/var/www/html/config
+      - nc_custom_apps:/var/www/html/custom_apps
+      - nc_data:/var/www/data
+    environment:
+      - MYSQL_PASSWORD={{ nextcloud.db.password }}
+      - MYSQL_DATABASE={{ nextcloud.db.name }}
+      - MYSQL_USER={{ nextcloud.db.user }}
+      - MYSQL_HOST=db
+    networks:
+      - backend
+      - gateway
+      - default
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.nextcloud.rule=Host(`wolke.chaoswg.org`)"
+      - "traefik.http.routers.nextcloud.entryPoints=websecure"
+      - "traefik.http.services.nextcloud.loadbalancer.server.port=80"
+      - "traefik.http.middlewares.nextcloud.headers.customrequestheaders.Front-End-Https=on"
+      - "traefik.http.middlewares.nextcloud.headers.customresponseheaders.Strict-Transport-Security=max-age=15768000; includeSubDomains;"
+      - "traefik.http.middlewares.nextcloud-dav.replacepathregex.regex=^/.well-known/ca(l|rd)dav"
+      - "traefik.http.middlewares.nextcloud-dav.replacepathregex.replacement=/remote.php/dav/"
+      - "traefik.http.routers.nextcloud.middlewares=nextcloud,nextcloud-dav"
+      - "com.centurylinklabs.watchtower.scope=update"
+
+volumes:
+  nc_config:
+  nc_custom_apps:
+  nc_data:
+  database:
+
+networks:
+  gateway:
+    external: true
+    name: gateway
+  backend:
+    internal: true

compose/03_search/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=searxng

compose/03_search/docker-compose.yml

@@ -0,0 +1,45 @@
+---
+version: '3.9'
+
+services:
+  searxng:
+    image: searxng/searxng:latest  # >.<
+    container_name: searxng
+    restart: always
+    networks:
+      - gateway
+      - default
+      - backend
+    volumes:
+      - ./settings.yml:/etc/searxng/settings.yml:ro,z
+      - ./uwsgi.ini:/etc/searxng/uwsgi.ini:ro,z
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.searxng.rule=Host(`search.tobiasmanske.de`)"
+      - "traefik.http.routers.searxng.entryPoints=websecure"
+      - "traefik.http.services.searxng.loadbalancer.server.port=8080"
+      - "com.centurylinklabs.watchtower.scope=update"
+
+  redis:
+    container_name: redis
+    image: "redis:alpine"
+    command: redis-server --save "" --appendonly "no"
+    networks:
+      - backend
+    tmpfs:
+      - /var/lib/redis
+    cap_drop:
+      - ALL
+    cap_add:
+      - SETGID
+      - SETUID
+      - DAC_OVERRIDE
+
+networks:
+  gateway:
+    external: true
+  backend:
+    internal: true
+
+volumes:
+  data:

compose/03_search/uwsgi.ini

@@ -0,0 +1,49 @@
+[uwsgi]
+# Who will run the code
+uid = searxng
+gid = searxng
+
+# Number of workers (usually CPU count)
+workers = %k
+threads = 4
+
+# The right granted on the created socket
+chmod-socket = 666
+
+# Plugin to use and interpretor config
+single-interpreter = true
+master = true
+plugin = python3
+lazy-apps = true
+enable-threads = true
+
+# Module to import
+module = searx.webapp
+
+# Virtualenv and python path
+pythonpath = /usr/local/searxng/
+chdir = /usr/local/searxng/searx/
+
+# automatically set processes name to something meaningful
+auto-procname = true
+
+# Disable request logging for privacy
+disable-logging = true
+log-5xx = true
+
+# Set the max size of a request (request-body excluded)
+buffer-size = 8192
+
+# No keep alive
+# See https://github.com/searx/searx-docker/issues/24
+add-header = Connection: close
+
+# uwsgi serves the static files
+# expires set to one year since there are hashes
+static-map = /static=/usr/local/searxng/searx/static
+static-expires = /* 31557600
+static-gzip-all = True
+offload-threads = %k
+
+# Cache
+cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1

compose/03_syncthing/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=syncthing

compose/03_syncthing/config/cert.pem

@@ -0,0 +1,45 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+33356661663637323832343435656464323766303832363037333663393064336439663165313637
+6461393832613137623663353337333232616135663938340a666566366335326565613738613930
+38373066313664616665633337616138303530343637636162346535633339626236303237393561
+3731366337323033310a386562326238663133653666396434663465313936313738313363613762
+65643662396237316663306163366636646338663365666632373830363930623534376338396336
+30313135623038386564373131613835316166326662313066303061393536613136353065363163
+33343438613562336235626437666661346363363933616132353764336633343739616230333438
+30333736383434346465666437346137343437366164323964353437643733333066626531383439
+35353233376164303336626661366662383535613430363439633131643838333535353833396131
+38383530666232643461623565363865323438666333626338313139656563616465626262636639
+33653965663166323630373938643638373362313832363331356339353265626262303761316664
+30303264386630363530643363346162613539623839653934646330373438396530666436376462
+34653365353961663065323730383935396666336163626337633561613139343139316665333839
+65656665353436313538636137376633633032383438366665373133396337306138393931653362
+66386465336363643035343530376437323064643861363535623135353265393034653936323437
+63353537343538383930366334316237376364613730396534356565313135633331663265323030
+35646563303031366130383131316637623131396531663862333561396162663361666536306132
+32393564383330623739393730386261333038343362626438336462616638616132343035393265
+62336338643639333366613163393332336462613230346366616333396234366231636361623838
+39373565646131636333393663356130646537356432316261616664356531373063393430653539
+30346464656535323164613236303361653033613738333235346230343238623166663462353965
+66313632646431346565633339663864613333383432616536386533313863616232323235306165
+66376238306537383966373464333532313166393735313535393365616337383034396538343463
+38386235326233343132306164376432373361383939633161656232613033363538636435393061
+37343837396362653736303436356666666138353735653134336563373430643636356665373236
+64373035626461386132666339646466396563623266326637333435633165343034646566326430
+66356666626539373462653536313636366530313463313530363538623862626537366639636266
+32653137636331616536343934356662656262623762333930653238663563646239643637386165
+63613662363235656432313666656331346461343432316530633163303331366239333666633534
+64393865366139343135303062366333363332376565646437356164306232643130356261656534
+63303339633765373136323665376137376139363265633162653563356262353162643164306430
+30306133663565386237373131353232623936623237373739623837643564386131373132316331
+31663062363133636335303966356562333438376333356330373166366531393461303037363936
+63346630333130303566383264303436393462313431623237373063393033346438633966643062
+38396163356265363363396164623664343530383937653663663864626566353365646462666535
+36303936653933363964663131376236333965313431653937626332383834373833343462333036
+30343537366462376562343865633162383263313365633332396366336238613132313630653763
+64343035366561313339316463323134643664616565663331643036306639383163373831376265
+66646336316632323034653866653532323934636639383634316163336566383830376238376433
+37653137363939643461373538623032613731383731353639313534376466303930363765303637
+37626532313430653239663835323633326263656536353330636437376237376339663336666234
+39396138323836616432396265626236333134323462623138656534333966613338636132393665
+38343662646238363735666564643336383633393963633662333262663131616163643765353232
+63613764346437663666

compose/03_syncthing/config/config.xml

@@ -0,0 +1,583 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+34363438323537333064623839643261623339326430646533356163656136613639643430333361
+6663386637643333613864366634653831386133663664300a343933316435636339393232306535
+65343163323064356134333266643431373662353966663435363034323438626133626632663531
+3438313765323130380a336537663964383031356232383963636131343063343565643362623333
+38343566356564303962303334326234626533656132663537616334323738643965393234643537
+38646135363432616435353138363439333662656465396334613538663564613661616430653933
+36626338636432303965333364666631396239353331613664613235366363396561356436623237
+33396631663866643330333163613430326437343264666538366531376563396163333332306234
+31636366656665313732636661333263383235343264356366383565643636373764363138363534
+61326231643738386565313637646465343566323963653933376266313430386465613138323634
+30393738383833346162623430366331666463376266303637313839356366373361623530366631
+37626337376366646335316163373834653461356331346537326262653234656238653466343135
+32376637633437626432313966633166313535363233316332313736303838616665303634366266
+37383233656134366261383366643235313335363331386336646164333666323166363032633562
+35616265643764386535653162316566353033633130303338613632343136366135343436656431
+34623532643765666237373765663833323164383865643930393262633863616130363561353038
+62666632323164366466653731303733323139376665663065313933303662393664643262643938
+39623132393164626530383463396261613336303032303932306434633562396633613263386563
+66336639636361303735323539616263323062653531303534303661386337646566636161653865
+30613434626165653861633833393236383837323732633236333339373766626465373838626164
+39646466656262376663656432323336303031323266356366303531353532376636636337643538
+61383539343436316165333331333461353336613532666635643231643563323061663764373231
+65336433356138623439646561623339353231646236353761393731636666653761343162383831
+30313861613934636139393461316462313664656434666165313563316161346232653465663033
+64653838643864643762353265363235633333613561386432613164373830643233393065626364
+34303366346265666138343835343239366331613435396165323734666366313261396134303531
+31313339623536313530663930356239343864323365393438663665613162626266626332353966
+36666230316638353532366135373431303434336165343932613034616665306465333964643130
+65666163323630616363323731336130393363303262343232653135353031376236663330613736
+64656562353261393363323433383463323538646332336330633565373461333562646665353166
+38663564386465623837623334663363656439373838303465356539373233373763353633356564
+31316530303739306430336266346435326265643764653332323633343338616232306233653138
+32323638353466663665613939313730363362363234656235323061643137363761633333383539
+35343965343962303439616337363238333636343537353431303662306637383761656366636131
+64323936306238303530323336643565376563396337306238333634396239393161306133353433
+61623736336639613331393765626465663036343638323833626134393335316339323766323734
+35663234626330666432643835333135613766326364383138616332346434363732616235343731
+38376335633537393731373633336236363838326462653764663531646639306266646637653230
+64353365333266633338326335356437363034316361663631376563656365643162653637366339
+39643235303832656133633063383639633930353433333436363439376463393639663038353933
+61643430316439376131666330663165616233333333653732313265313338363939366366636433
+39306664613931356531323839353733306630393435383332366336636537653233363230653235
+62313264373666613866353634336266373339336336653036356266346631366231356635316136
+61303666313737353739336535336164316265666630346133323935626131643839643139366565
+37356133653339653662316433643561316634343934343762643932306364313132393732366638
+66626236373638346561373532613464343731633731316264663837653966363565656466326339
+61646530313334353833336335376232353935356331653236633839393038333735326238333438
+66653631633463333432383262643065383363616433323163396663663537346639663135646637
+33383237326637623064626566323830303766613861333530613135616634323633353832306661
+36666137626366663033663339303236333361613934383732663363383661386162386665613037
+61313334306538623166663836393932313562333465653034333634663061373538326630303437
+36313636373036303731643662383036306133383630333030303635333634623430333332323938
+36613265633362303363376530643934373437663939393238363165313163346534613930386664
+37353436396564343037616132323734376331303065363838393264656531343034666136623634
+38636135666135646561316239646632373865343334616239393636353263663538613066333163
+66393539623764316166336437373033343936303230653362393131386334393262656231396432
+65333837363837316635303962343239613835653564333536366331633933643035383131656264
+65323033626461396332663031336534653862653432386661626166656532326236613665313465
+31653265386666633436643239353133376466353461343932343638343139363133643231343937
+30343862323435623265343831626561613263346365346139343638396262333535333263323930
+63373536636664353732613661336566313766386335653739346632333136623764633434653936
+62373730313731663334663435623438333134396437353866663062343238633832656130396539
+38633535326364613531663962623465303836366565636530346538356534363237626138363137
+36343933376461346364396535343039373139616531616331366163346463623962636266643863
+30663437643363383131656464613164386263626233623330376463306435393166346131393639
+61353331363066666462393531393931333631323130616338613138333838353739666463373266
+32666461633064343330636565326132366334393732646330666261613666666533656662353139
+37353661636132343564646364653535306664373430313661346635613262366266336666666166
+30663666666539636538613030353737326336376530353365646662666534663537303337626436
+64353933343166363032633731653330663833626264376232666562623836303137663137373331
+35316361363436653634636430313366306262333235396466306437643337306134636462303135
+64303739616330666635633333303061633338323935386463653338353964306366643832663964
+64623336643832643638306662646139663562393735363338656537336238353739363539333332
+32333337626433356233653731633532356238323163636264633462623062343936396663323265
+63616432363735653063356563343436626431353430376262363135633161373231326632306134
+37623831363135316162663331316365326163646530366364363239306362373661363438643262
+39633161613537663032656131346139613732326435393363303238653434616636666234396439
+34336265643436633162356361303238666235663433353130363732393466323434373332366564
+66373665376335666366393233386262386132386236616663313166316538653262343064333738
+35613461346233323934393231646461386665326332336566623934353538396262306139313666
+31333432383934656664343364393562666262636433373030323339376431353232373166376238
+63616639356266663336626535643230303963636232613665623561616635613434356239343165
+38306637666661633563333863626563326333323261656530626232396363363635363131653432
+37653237653163393134353638323436356264376334613231303064393634363961396132366632
+65643836356139353366643464363566353835383033643735363334663031356263626635346166
+38643532616631366662373366366435356264653563623538656264306432373731383333613630
+32653134626264353636336130643338306662343634633962656261633239316233323366323965
+36663933623065336538383261663437336639613231333461626161303331373735616130626534
+35383031663531366634366539396530653165326434653234643465316237316463343438633737
+62393037333838316230333761336439336139343934373863336263346164373932343839396636
+64303666373166623465353463643333663032613661316138643636646236373030303062626530
+37633430613736373961393131316339303536376536633833663737303763386637643766343062
+65313837326330333231613566653338376238386134323030613866313065393839303137656336
+31663664373232373963646632646535343133303536303864636238326264616437306332643866
+32343232643363613736306236336163636537323062356262663265326233343434613931313731
+39653436346131646130383265326166626238396336373131383061393033653037346462316334
+33316639366561336334326637383130396132323132666635343732646338616338613634666236
+38313261393938633732636163643339393166666234306239636434633935313031363636656334
+64333064396135646438623261383039303531623535323938643532643235613164356232323463
+63326261313334343039323533373731383939373866313865633963633834633861343365316261
+35316334303663313862666530346237613831346331306238396332326366666134623361383635
+37323733666562383837636138393164343465616263656663623361643533303738646133306463
+65306237393733613632633633356266313066333034313332623632623431383332373934323931
+36373062646531343635353933663763626566353463666331376561316233326537623235613438
+35356136616466323932623962646536376466613563303839323562363465366139666464393138
+37313065396561396334363364373961363532663539393434313135303933613636373931376431
+33396638366434646531336230313861376133393032386336633035363063613736616362643136
+33303061386462333331643166303263663863656661303766343364373264613835373330383263
+63373636353334616364333234613530333334663737333564333135643336646639346466353463
+30316136396534383831363562663130343831343666643161346437636332623535663931323466
+39326636643639623562396263313837666631366135623035363062643538316634616332663662
+34656135666562353539316164346235306366343039646139363731346336623635613862636435
+38383039306636613936363337376536366461613462333736356334333030356136666538623532
+61396632303366333964636435303933643938633831623434653063616537376634393434336338
+62633236663136636163613164346164613233356230393262306230383265323061396533373235
+64353838653134373639643563656562326237383030313834656464346330626530633565666563
+38366133396634646536333137313935626434656266376136613266393132383531376637653430
+62656464636333366536323135323138393434306637656161343139313832376265386334383433
+31373665313336636631636361303461616338653664386431663539653435656666636332383066
+31383135643138303166356633396137653064633939646264613266373037343532303461636438
+66316663303861623333613537626433623930623135336436313266393032633231326631393533
+35343334383836386332373234353166366437666232343633613936653066386264383364633962
+35373932313335376437343066316139386632303735356164613465663734616130616532386265
+34303561646639363636633966323563323164353665393962333036323862626637316232353464
+36366163663966616531383034373030336335326334636261313338323962663931646531363531
+34623761313833306464356532356561633639653266383933613938353836323638626664336536
+36333236663466623061363165343037653733316264336633323761356433613839616565643631
+33633937376631643465613165623636666335373032366266653832386131646366626137623263
+33313538643734363364363532633366376662663634653536396131323830316630386534666338
+36346666373161313464313239643438366537316237653130396234353435633231626630656361
+31666339316437373933343632393532356634356362663065613039633563623835633139643238
+30383930356634643933623236353564643231373837363630386566616531303364613336366365
+66663863643631633331343830623665316633303035383065353966303061306263666661613331
+37646332313332613161656162623532626466376232323433323063303731613332663231393831
+33663063306562653465326433343762616131626561356335313266333762346638646136613139
+39313266663533363161356461333336396436623136643161373331353565623164626635363961
+39313937393564356530326334323832303238353136326330633435306537356664633037663730
+31306435366439316332393764346435396638653038393362326663363566373263333031616266
+65383539613233643362316365366633343066386131333166353662646665353732313963353931
+30643938323335313935383638343936623666393032396364306161663938373638343732393937
+61306465383263386463366335613034396633343038653438663431363331306235356431353232
+33306666363835366636376431646236323034646634663935323636373366303633653636653237
+39353137643131323261333161623136613238323464623739313939336562366537643466626262
+31303261393161373039653861353731643862623065656430633930656131323562383066363765
+34636466663065623734633739396261306438323036303134613062343662643139653430343035
+65613161353836386130643037326133326238356564306630643339633265373864303830393731
+31626334356361393464653564623536323862393662323936616362353863623065656333656332
+64303464663062623132656439316132323631633933356333316331396135376663373563636631
+61373338613532333435656265356633663138653463323731333365386336393065613030616130
+66386238663331613037373863306533303233346531303462646635366139613237626566326531
+33323039343338313663303237643037646264626539663532623338633861666565343038346639
+62373035623562633532653563643339366462653832356334373665346432313363383561366364
+37323732313366363064343632636531343232373134646435363637656132323061613635623932
+39353264363837643530333037373065356137303964613637336435346363343266346665323761
+30656337333939346530653161386138643438313762373536343131333664373465333533366265
+30373365623863656535313638656338303835366361313836373661393539653961336564653031
+35393761653863373736663863393734346636353338363964306465383364323164316232663235
+38613137663835343965613333373362323839616430653761376430643466333838383831633764
+31346363376262663439646639623261626264643030326162616437633761653166303562336562
+66336162666438626166393665363230613737363936636531376662613834326533326631616337
+63383530346337356133666336666263303935613539656238313363303133656631656132343266
+38333035366466386631306338346330653132343130636165363365313535633233363739613830
+63363732366537663336336461646134383166653435396234383337356461336132633965663032
+64333235653335663031323535323639336334356338616431323666663461396136333532343531
+64333964353633313036623335636437346333306161343532393063336635386230623933613132
+35613030326237653337393237633037633536633737313133363537313033363264363139623861
+33386262343564306661633932643937393930383462663363356534636562393561626139323431
+33326638633166393561373638363961363961306165343235616462386164643831313439613037
+34656336653134666232383363336536666564653936316366383734343633353631393261383135
+36626232386431306637336263666232333362343165623737623262623231616536393535366265
+63383830373431313935346362316264383333633737613932623063363161363466633533333561
+64656530336337653338616434636663656663663265393564373838303836663734613536363536
+65346635366231336231353264353061363133616161633032623131666331643638643236313635
+35643738326266633566386232393736393064666264346434326138616361633032343034336361
+65663764633264303437373932613038616438366339303738373731666264396139626132646439
+64643839383565633338623230636535633338646437636364373161616362303665336264633439
+32363166373735326239643130316165353934363263386532626362383839366565313135376137
+30313864646262303862616237393335653438396262306237646235326637623238343532336434
+32393231633165306232313065623166333335656138376365656333383039666266383263303932
+30303764663231383765656266393265376262636165356330613333336239663161303138653664
+62343734383262616335353166633635373162336238623433353831343335353862363138376630
+37393462663831373335663863376230643837323864643262623831643731336234623066346166
+31643035383634663265653039303130326136653834383765356437386334373135353634633464
+63663838373834643762396235386431666265316263613937613666353963633363643866646531
+64616337353565306264336239373565396638633966343136386430613135303265343238666331
+33316635656132653331303630323461643230306436653132306230326666363338633134323732
+63616238323366623030323630666134303963663663623238336533663465653634643662343836
+39626330393865663830353535343430336263633737636466396163613837386536303639623833
+32383439383638633537363263393032646434623338343965326365373330663034303863393138
+35356462353139653963383361623062633633366235306230303633653863353761626331366532
+62366435363633326531343231373334346336393539373035303237396333326466363732306431
+65343633386238353265613466636262646438373061343830306565373762333661313039376366
+35306164643034353530363033623461653763616431396436303034383134613838336330313537
+66326632613334663133316464393662356264396134373531336437633265626165646532303134
+61646631353739306530393666333831346565333532376639343338393033326530363065343534
+32386566343463336636646464323463666363313863366339333931353135366263303831663638
+33353832656637376139346336663064343839323665336139656163356165306237393865613665
+63396561633035656634323866646362653837303565393838353235316663313932393035323561
+61613462326432366332396134386137633036623630663461323261653065343635376664396663
+36396664313163306335666131643164386563336362363631366562316263303538623966663739
+34343638393963353262653961643331373037653365653934336337663166333262343866306161
+31386438616637626165313738616164303137636632653233346337376633396439646638666135
+62393562353337376333306634303864383335663632623762656463623765303335326430303863
+62653334393962653430623161626337633063666338653432363136303166393661623733633165
+37333535346334343232636130336539366239623739663965316165333065373131383736366461
+32356361396330306362636434393830646139653137343432316433353731666564363430666163
+64336236313035633033303730646564373931653231376262396466613533366231353064636337
+62373836623762316266636233353762643435653265343433666632643530313435343036323730
+61363764303736346664316466363566363330323431343034613231383138343839346662313732
+65306631613265646531626466366632303930386666323563626466646330373539373764316637
+64646331356332313738306334306264333737346536633434353430336239313937656664663738
+61373435663838383765383336656661613833303331356561303032373866356439363561643963
+34653061326637383132353064633938633337646235343663626235366631343231363037363461
+65656331616636346634396239656430326133353935326334356666666133356434636161386266
+37306135373865643636333364613265626266373763306266666531353961326336646237376534
+34373839306138383032366135666538633936383435333131666332646361653031313065316165
+66316333663436343638306437353365316361616265316165306435656235636664643261356431
+39666332626630626433626665373533663334643634346266326436636533323736393439643966
+65336264616336376431343565666637343863646365393561336130643834663264396139393538
+63353238653366366134343331396364333330376165633236393933343732343237656635643930
+38643936353637646539626439623236363036366139333566653837396232663363346434396337
+63616634396633343466353535396531316464383136363032633763386261653064353763333432
+64616435633332376363356138633338343933626538393562353631626164656131643262326633
+36363165306261373930313232333836633664643838326161633963323132373361323964313531
+62653137366666383732373134333935306135663364373037343333333565383261663064653135
+35383632636664656466383462623962376339363035616461613830623834363934323635343665
+62363732663635396565383733396335613534303464643035663039323066396561323838663061
+31343862636638393730623864623161323631336433653832353139303638626264616238316339
+63313035303239666236623165663830666366356462303365363933376263353735373364643633
+38613139633439386231376337653861623563306337343932663261636664383335323034626663
+66386165316135323836346531303736363534313766666234346635376165393262386531653139
+36313238323132343163313735386139323734333063313836653964343566303937383163336164
+61373436613434373534376630323335623834303337373133336532626539616336613536313538
+39363835353635333962366166356137386533646665393430343030383565343338346132373366
+34333231343138313237383734653435333338326433633635666338333337306635646635623563
+37353563343233343933626333323764393735393264623161623237336339326464326131663731
+64326264383335376333633539636634326466353037323837616262393037666663343766323537
+61666635626164653736616231633465396363323833333165626465316235313132346133366435
+62313231313533356566393538363434313066393062383364303832393731653065336531643265
+64653733373264346231393765343831363433396539613263343466356365383034666264326663
+38356632623335383833346363393436616666663433613133336163653730663766633434643833
+66303338303033323631633161613432343336613730326630666336636639653464316334616134
+63393764363335336564316237376631383636633938393436353838656564633539623862393436
+38623334666236343461353633303166376634376336356238633361363438623733366532386231
+62656366306563303464383139633630333730323537656631303038303939383033626266333164
+37363132323834633561643361333738653662353332376537633633313832323930393162386539
+62313265333064666531353438303834366366663934303732633231666661626566383630653234
+33326139373135346135356563663563333766663237643161633361386462656564346336396465
+63623739393837386330623961623437323335653038386338396433363438666334336436303261
+38636562313961336264613139336635336135393531303839613733323232393736323230343130
+39656133626332323631636134666439336332393736653837333764306132343930623839333635
+33313031383334633866333762663266313037313661383035366361303331623930666433366465
+65386665356363623430656631333763616665353666383161353665613832393235303735656230
+66623665313236396133656436343930323063656362303265663537333061313930303037616235
+62613264376132356437316136343961356238653733303932303436313335633039663435653934
+32383563373965393662643934373963346231306562666536626335383838333036303764656336
+64333237363733363163633037343736356635636263376537616362373761373966373061363036
+62363631613261363466646561333566323364386237333962366636616663343437636538316331
+66633665363535646538626633333039636636663338323330363632306533333862303931333762
+65323738306538653866626562666264616233313030663863336164613561353865336461663230
+38633863633734363637626661653638356631336137623563656263636537643365323331663035
+61643537643634636131303434323162343137633466386435643264343034363133326630326364
+31643739633634323664373733613936326138633230313737386331373838326462373330346131
+66313139653134323764656135343333623165353133323337326637653238333132373438333562
+36663030323034356362623735333838306537313064373137336432626264626131623361353033
+36376333363465653237663764366566303261656462386166653936323665323363303066316635
+32373537383165323337393235633163666538613462366536303963653231653264313931366237
+39336339613130623039313565316565353265346535383133663432346461333138666536383562
+31636266386137366130303263633238316336643036393764643937623732366563313262653236
+32636663333166643839356166333033366631643762326633323639316331313335646562643161
+32636234313261353766396162623562323037646139303239313366626564316561396537663438
+38336436353338363239343631326335343335386533376533373864363762636237303337373962
+39333763346561336363353465653963326236633561306664343234366239356663616532633864
+34333231303765333966623839396533393465623839316434663039303339303265636231663432
+66616565326339336338303661386663383739633436343530656534643433663237316463663639
+65386161646535306133333134383530353439316430666564626362326133386366613161643135
+33376563313234393266663437643963366432393263383239663931626361333664343735666539
+37356335656561353333653166366239326332313437356231656235633366653035666436396638
+36323361663038376436366631356331313863333030646335353634613937316530316534306365
+38666138303034386661316563363462643734633232663237323537353735383664383331663133
+65393333336332616238613565386365646265643434326532316562623334353066643635666261
+62333336313064323562623264323465316565626236633866616136343663356131663638333265
+31613961613861373135613138636634643439343461663039653537633336653333356633656563
+35626238656664323938336562623030323763626564323137313464303565613963626333383463
+37313761356437626535343133316336376131303632393031383662343938633235623631353562
+65333631623837326630333730626432656639663335633537343732343637333233303365646637
+36666465343335393931616664643531666639336436346566623563353465396438333333333034
+65653833346134316430383037396131346637306362626665383262343037353231343463633432
+64323463366465613230633035303963663966386439623436633935653961363562623030393464
+63633330626264613366613164396366646563343563646566663263336233636635323138656437
+30353336303563363965646436643836353335386261343739333866623835303562346264323732
+61656532656238353361646464386230643734633463303163633162386563623664306539336262
+30663066373163333535343337633363326461306235633263666366643363623132643964306362
+61386634623463313634623762643761656536376130383964366134356662643132376564666365
+63643466326234316137623963383033353939333262363931643033393439663838663263356435
+35636634333233636530326332323365313462333136316534346232343432623630313236303833
+31353433343633363438663361323130646165663465356635373632333131356561393262303938
+34633536343265383233323866333032663134316363663062343965616561363364343266613838
+38613133383763323966383933663339373331626564343839616432353366323836303565313735
+63303362316232383539313538303331313534356135633130313566323337636362383363623739
+38343261396230393838353734626337643262393132323165633938346630376664326363376662
+65643433323734643235393831386364663266653432386231656537303239373932346630323263
+64613834383138373132323630373564396330633334633161663465333365616338353262663038
+61376130346663303964376264626431636665326131643436303635393733636566613665643532
+31623162313865353231333431646534666364366438313861653139613830623931663735396536
+31333434353463646434353866623863626564373037623265346161346234653338373732396364
+61626636333338636638346133393739303461353433333134316462656261373836636332303238
+32653464626431356435323237336431636439353837613861323161313233326131366163313665
+33353930633061356334383762656366626631643930316134623939333464633638353433323261
+39353561386134323961666364653535396631633737313363643235366239623636656266383932
+39656261373036643866373965653333616332343836626238616532353662303437623262333165
+62326162666439666334313531346662383031663736303365376230396662633830633930373738
+31663031363865663734643336373461323635623963616432326336636562646635373339353837
+39396334306566393662366566656131386138356162653164313066346261326261663562326466
+36663131633631656333613665376634336231336530643666323562636338323233386139616434
+65613130626161313435396532323563313034663339333761373865333461356265653834373361
+35616462326633653735636333616237626334343836623330363236323831396632343363366532
+65633434393836373035376262633566633830346631303465336639623332616632383331383438
+35376538343634303239373939613131333131353064313436373831613434326238353833663463
+61613362663539656533653537613631633064363530323462653365353031333539373664366532
+66333463396666646465616465623766373965623564313637383139356264353163343964383838
+35666335623235666232633762313538613066623935346164386633626338666665626431376331
+33393134643733633934376431656131326332623237383335666331643638386333353830363936
+34323866323630366265663033353033383338633932323064326334353664363165646230623935
+31356563653463343261373664373464336663343235656434323631373636623266383061386164
+39376465383966666235316563373836653832393634316630316231346661633235383636313238
+37303434666565626132633531393931366438633532343264623631623564336665323762613533
+61356638666634303739333331373434306339653335386566613031346630313638633336663537
+32306465623931386263336239336230333037313836646439336238613564363531386162363138
+34323834313666616430643465343737633230313032336135643930396263613365386565373562
+64356639663766366365356532626631373330656539393861623931643337663561376236343632
+34303234613332313134623832643732383664623236633237383466373063343832656538663133
+39353836646338636666656638623137333137616263323265653137623131316131616338646636
+36346162646264336235306338653561393438633161326462643363613834623431653861613131
+39626131323135376362343531353038343363373535306436303432393761303939366434316533
+64346333373032343833663739633030333838363163666366633432663932633334633037366233
+65356662363631376363356365353166613865346433623961633938643838666235386162346466
+66396466663961626237636265353230303831313731386633386533363162323164376261353938
+64623362346230376534653038613863613661373134376233613166333462623736386139316262
+63366364613864633865626361366437663862613731643962303065613338396535633933353663
+34643435396333343537613762646233323337613265386437653762376461626638653664386266
+61666633346333323330653764653464326162363062386630303239656230386530326334653662
+61366439363065363566346338366134313838393565626433313661393461333231373565376532
+35303336306264663437393736393762353666346635383165393161626534646535306138303266
+30393539313664653339313733306266326564303534346535343233313861356139386465616462
+35313933623761323833623936613038346165633561643132333662333862353138383762363038
+30663132393565356462333337303836396436653031663932366537333163613765386335623866
+64313033366365396166376365653932643630353465653433343036383761633663333532323464
+61383334343964636465383038303366623934393036633762313230383139336232663461626333
+62303234336230643431326333663466396438636561356262366331336161626266353634323035
+66653164626662303765336331643737616530386536316236643630663837386531363661323530
+62376664323633353966623764373236376631383335323636633137386363633566356562616162
+65313462383334623465643265353839333433343866613632636364636163323136316136636266
+63643566373234383033343032663334393234386534643066373266616264313962363433306336
+32303165653662366161663136356537366632326639626530346436396462393135616233333634
+39373265633132306461646463383531343662663734356334333661383738373161656164666339
+62623230383366346562313935356638626261343266306239303837333263643633336536653634
+64316435343237306137356239353832303563366331383365643666613239383933356236313861
+32316166343764666432393738336565353665386665613839626233373865376163393939303234
+37666636656439333530613039393437383736316335613666353837383937343731346239646261
+36346431666637393537353834333661666566623839663539383731653030666264346465613233
+35656234303432323965356138373336396135663061396335366331633534646530623033363532
+63643735633763323035363035346238316266373233396639383536623634616436646264373832
+38643862646430386366613336666539616336333236343935646165313834303133303662366361
+31343564336438336237353638643837656462633839306536666232346663333761666436663062
+32643236393162313939386164363263636431396263616530656161363361353564383931303738
+39653136376666663965363936356435343437663634306536613363343231653430323466333734
+37333862343632306666343437623836663766393035303432633063323033383137373662313139
+66623930306438386434353063613065656438306561366139303335336634353864383733646436
+38636638633762633566373536663233646337306539636533333534383735646436636232303566
+66613532386466323332613339343538323465323963326330323830333536616232613437373563
+37656263326665343532356165623735383139346263333537393730613262346433303865363434
+39383130346633343263393931343462396239653564613530303732326532393466363162633363
+62643265303331313763653131376535636333653934303366653963653061333362613464323534
+37373838393633346665373833336439666231636466333165666566336335383063646430383831
+63613334323363313135366664663965333566396563363262346562313131333366343834326565
+39396663386539376535643662376266313264366663613539663238343731643339343365666463
+66663434663938626332383963306237373435313562643035643566613064336166373137613835
+61653230326536633365383464343862356430343265653835623264646438323333303066356364
+36306266626432313431393133363966333437633734353732356332356231343632663935663437
+62383131316534323737323233646431623539663438326365343533626531643066643936383764
+39363061323133386664313331346563343031306134336530633061626462393565633865383166
+30666465376635636366386463376435646130633336616463376462653734623134303735326637
+62613133353163326530353464666333633865323134666233643432396636313730356332333837
+30343062393430646461396235373136303435313737383835373266656631383265323039623163
+33373461386665353031663665653135366533666262653039653534653566646432343762353766
+36333234373261653733383837323363373132306533656339393563663934303737623131303361
+66376637373333363232666663656534626537666430343961376364343638353365626332366562
+34653163633564373533333861333762613934666633653961663337343361363439306434303636
+36623536653562376235356564656437643338366565653734323735326465303366363637313731
+62393834326534373261653461373663376665346263613132646263323966316463646566376265
+39643833346130373665323763346138653037623066326533353537366166373065613830653261
+65386437646633363763363235623537656335356138336564613434613334353562353133316265
+30363036643937623964393738613833633032316431313231376533353534356537323265306530
+33353265623633333664346264343064373638313238316666613534353537623135306632333662
+61663664653533616364343732653134343338346164303936323136316232653061613533306166
+37356133383564393436343031373832383761363062356136613434393431313261373339663230
+65383163653464306334663939646262323262386131333064353738356263663165646337306230
+33323838386433616135613466356337306234343132653762353263646366353839633765646166
+65323437346332643465313832383534343538346631316237643536343032376465393836626562
+32393939383836643166376662373931613738303633623264653435663131323261316339363439
+66656463653232323538633931303131323933373135316437623836653031343865393530323933
+39666661666535616638626231616337643962653163343762353230393161303637356661366236
+30346335613662363266353861346131333463623138646535623933376637383837633330336462
+63656362636331313163323532393131366637306134363464643730373636623933333664336134
+36333731666462653037363536333535623034626435366135363137656466356337353431323432
+30346665663563633564323065303264376439653639626131383264396436393039396635383938
+66393137373535336430343361656133383962373031663833336634323932333830633331333033
+37343937303939643839393761363433613966313163326466653232393561313966386264306662
+34353061656461313462306163353266333731343965326239656261633431396334336637363035
+66333539616439646363333564656635326262653234343332306434383862326438666364393435
+33633961373232386135346431366661336566356232386563323263323466353033666337613537
+32653237336638336637646533383564663630643463333666623532363365343237656237613138
+30613232326436383137306566623632363266636533386132373337663934623331333734376135
+33323564323035313534336239636166656235356661376662353738346232653835333737346436
+32663833613032326133646663613031343066343765623137356632353234663733313138316663
+38343532353932326664656139623566656563623066366132653938633433613036623261356530
+65633637333864393031316430316163336531326562366232376135373430383930386332323131
+32373463383636333861393830343866316166373136333134353766306662313032643362376662
+34613332653439313233346335613035383234376661396661646465373533356664333635663462
+31633536653863653661613136626565333036383638646537366266373937383937386565623035
+31626562383934386239653531386165306237626263643834313130633835663934623061363762
+65613263303139666536303136383065303662363538333761663463343639363531613462363534
+64306265363263396132323466326432656335326433316166373639343237363139333039373631
+39613532626535383932373033666365346561373936333738303137333139643338346635396133
+39646163393133343963376438333938643662306339663962346161626130656436653737623261
+62346332313031336234303461376336666561323130383565343761316463623137613161363862
+31326630626439306564326635656630383262623538383538646634373131616362333565623566
+32343534313664343333306438626466316435653233613431376231393764386339326566363634
+39623433356433643435626231646137316364346437393235313930636166316139333137303030
+31306166643733646337323930326464343430313165626237323539326230616466663632336239
+37643239303863663736386132323565313832613737373337306130316532306534346136613166
+62346264393539373533336262336432343335303331663861333062316239323165636435313236
+38336239623765336131663061636430646133396530633639383830326664616266616462366664
+32396363653934613331653534396662326434336662656436613134633439316161656263363937
+38653861376232303137323135346134656661623233323030323034623132663362336363366661
+34656238373138663465333432353730306133613261316430363062323633613137363837383738
+34666365363663613930373561363234613463613864306463306339353066306139363238363538
+39336239303066623865363935626434333335353235633766303564633335653131663036303832
+30393362336632343638373966623734623533316636383263623031656436343639633262633461
+66643934643165393132303763663931376435666661666434666162636566636530303334616430
+37663133333836613066353161666363313265323666633162653966366637323239633435366136
+62376134303533663637313063633461343061386239633130363662663335333335613630636238
+32623461393237663333636537326636363565386537393765643964633361616161623230663133
+38666631393634333763373166633161316133613865323462303866333837636132336461643431
+31353766323364396530663035356535373331303036366662383133336333623732656235363939
+66626638383164356337383733353333633837313035633834653437356562326465636565386234
+64636162316664646237623464626534376466636331666664626262353466373930653463643163
+38623163646366663139386261363635346164363739666339626335306136366636336632623464
+39376165623034326237353434643431366530343733386432356564343863393166363433633964
+38316437653462303936303162326563393832393036666133653533383432306338323132383634
+32323733616462353834633731303066313634303065653665386634316563393636653936353136
+38613437386662383332323131636235366131656433333537346565616261623639646138616230
+31336236653537316563383765303063366165363834393662346131353463326464663038623661
+39653361373763626635363238623633353135313431316531336238653562636564346661376439
+39326362353537383062353639663061316236376636353736646331646633326139383939393636
+30653764306336353966323461656363366262633065643436643430616362363564313538336661
+38336464373361633863656234666537373530613638616165343037646234373038303635356431
+65323938613235633930643930373565656530353766336235346537316563333733363765643262
+66646536313431653530373666613162333337383765333838633265343935613263613936363339
+37623665393937633437343466646561376630303639636230653430376563316463386535303862
+65666561626366313564666630356334323563303636326361636636363735343464393030623736
+39346563343765653131663563363633636566316666376239306633306463306634336237393764
+61386332356337626230626330613162643132396164343164373736643764326338356535336661
+31653865383762383838303364636430373164343733356564373534346636663965363865303965
+63333336626233626233373065326461336162663061373336353536356539326331373437333633
+31326632626132616332653361616139643037333734613235373133353262633135613938316666
+33383633346265386365636331313730623565386235313638373330626530336264303963313064
+35646663393039353038366331306364616165396532396630633334326364306231623431323034
+36626136396532336163373535346262363738386533396337643339663465393230653436333633
+65306632336162366634323632346634383834663736656261393564623965626362376161636631
+35396266623930363534643664666665326664373935666338323461373030333761353138353630
+32346538623136346534343565303565633865326331343530376636303233323130616233643930
+30656666656334366631303365386366633138316239376265643965313736666633663130646666
+64626566343064373837343465626333626462353236663232346362633734393564613434363163
+33386133383232613935613562626163643863653264343637366662633464326632636134353465
+34363165323837386362393634613932373432666339623936306162653531636164353061396462
+31633166323039343361373137653035313037343365663838353536366162383336306631323137
+37663739366461356438623761343632383863393866323837656138623635623263393433323736
+63326335343533333838653534613761393262366564613166663838346164616563376435636230
+32326663336163653238636638623961386636363163653062613532393630396135336135643166
+63336134386464326265376534613439646462623466653864396137386165653131663735386561
+66356362626466643330326337653462396639613861303765373264396137663466386235663036
+30393563393836396265646366643233336134623137613261646266343533323562663266623734
+35333665633833333363336634333865386335653063316534356237373539373432373366313862
+37343836396333626163386135643563646439376362333137386530333166646563666639306537
+35633066663031613436396330376339343465333631643361366261363665653131333361653864
+37656365663163373561386566303433386138613033623764313966356365613161646562303739
+34633437386337313836646238666365613731343232633334613366326237333063663664643566
+33343734623063636332343563353932616133383661303337623066326461323436616535313836
+64666433383432313939336530653038336231663531663937386138633239646439386636666661
+35633332396261646134373765616361323934643835383938336563373965373461663638333965
+66346338393732373231623863653465363866623733373635343533313866633834393530613233
+37373830386537336636346436643561363363643435373637343863623534346438303461363635
+62656263613263653134316432663130386337623766396530663064383437623231613461656432
+61396538626166396464616135353933663337333534316137663035383336326535333832396463
+31303561383465383638623265346164346531653736393133393633326430616132313361653461
+64643666303764363733373735636365666131323034626663343830643464666532623562373261
+64623738366435333563643161396634373865333631633538306266363437323663383062313538
+35303831633364353531336561643366393134623631623435316639363266323436343164633633
+62633831306465356534316561626331613739636563376365336430646532303864383031333066
+39383664663231333937653139303231323432333834323235616565356238666334326437623962
+36643462616534653062326564643537646663323932306264346663396663383935363632623535
+31643039373131613339383162363862333465663932653539363631656637393961653933376230
+33363134663963343530376363323762666138663837306632336538316534313536366165643432
+39326332336535363862633463336163303233656364313333646632633636343236303039343539
+38656138636534303135616362666539346430363961343538393639613162373439373766643862
+61386662306130656131383236353266623134323538343035323634383464653465326161666136
+33323361363864303265363037306438386435653638353561383366386432633531336437663339
+39353438373361656561633035326664353439653564333762396337323331613665643436306338
+63353836643534663862306530303434643430396334613734663634643635303130303964313762
+64343731633162643661353536323335636462336265653334316564323230336365316562623866
+38383432623737313238326631663865616462323334653038643261313837393165323431353865
+37653961636335363766326334623636643165313464326235316634383266313630316338333461
+31336135303635363937643739616438336430626637393734346562643531643966376232343430
+31353530353864623664323062343731333836336635393035386264373338653733656331643132
+38633430346438363332353135623663313466646333313037393239326635343838623038633933
+30303233653366616231643638323036393937643238643262313238663537396162666138353339
+32653637313737393964353964343331656331333862393864666637316330313762316163323235
+32363566336430316538636263313366386465663161393965636161393763353437663036363862
+65666533636239363866653836386336613066613063306432613734646630636639393461336563
+31376337613334333566623936303165353639346639646238393231336566326431333534336262
+30353938396539336434393061623961396231353866633965376263383461383365393033363237
+37343532343337393239666435313738663766636239643739623365343739633961326162643264
+62636634326564623963303066323866393432343737373162396233306639663862643439383533
+31633336343633636262636633626463623763386633383665303965353030613832313063646634
+35313939313738306566356433333364393462336239396265373564613365353735346639353539
+30316531343630613864623239323433323363373438363363373139306531363738376336613964
+65663562396338656534626134633837386163626466616133656632653733633761666132306634
+34613136653464393037343466666331373635353939363939336431353063653632373539623637
+66663033346231353731323333376666323131346537343835653930396632363265396634633331
+36313466373263306664633966643430626362323134323962346638376665363833646562356237
+34653638653733306265653431353536616161366531643233323931306366343463373266643464
+39306638623035353765616462633965316534626137623165383739393539336433663336326437
+33323938343165326662626137646331623937366230623435623636366539323730623635346439
+64613239643939363931393235636332303439643937396132363434386139643734366639316236
+31313363316562373437623639623265613431653038633637333433353936326234633734346532
+61396333393439613538313636653836646533363765666134626432626230643133626531363835
+39373635346134626535323938616537663462313635616234363565333132636233656164663365
+35383263366331623432633561663837656239393264656364626530623637633434386231306235
+33366436366639326566303564346333316164383530393061316535356434623061376165613934
+32613931306164613839383636346133623234643736333266353938366132376234613431326533
+63316634386463303635386337643066373666396363666331366337353132306365383864643566
+38343664623734653264393065336464333633383238363531316361383736383436336466663132
+37393663336463343962626239326162313665323163356263336166376461306635363062653464
+31323438373462393961373562646430316461326466383864633463376232663931616562323733
+35376463343236356332313036393463663837323939663130636532643263633130353432363363
+30393865366661323338663637336637623961353666343063633933376136393234376565666566
+64326434373230373461393162376236323835366136666263366361366561363434646232356636
+36346139623062353932646462636265643566666666336236646531666535303933306437386136
+37323939376435666466393938633530363163393063656265626336633436343433653435313531
+61616361663733303264613662346337393131366134343963653762386134666139663763623936
+64643264393631373464333461376537656334656665643537623234326530666362663731363563
+35383235363665333232616364363238623433306464333762313966653662663634613238366136
+63616663626362656361646163633534633631393931366134623739623231356239636163313763
+38366164623730613865666462313631633536306133656462636163356365373038343030643930
+38376236623965636663633135323538373066343632303730613132646231653365306563393636
+32373964333664313138616530653661316266326337363231643438386534656364653637306637
+63353833316461366563613537373063396333626266303031326135303130313031333239346664
+39373533363731356437376438323238616531663264653965373935663261633261383234353864
+65343035643465643966356439623334633866643431326265643839646464363439623765376339
+65353165666262363832393433313931626335333135646638363433663731623364313537616266
+31656432663234396539396464633665346663623466376435623036643531653764336537366438
+35623138646162313935366636643262643739323236646161353733336466323365386463323433
+37303561323937653538316337643530353537313133353563373833306134663636356538353561
+63343837613234393762383063633133373533323964643034373138633163333765363332616635
+36326430316664323339376462356263616365663631626663666538666235653136616630353937
+31383136373437653366626362333066346235313930663238376338653563616433653066643237
+33303530353636623530626338303331313462656639653337653637343037333562643935383963
+63626235326538363533326566613130636136623834303539643530393238326661656230376461
+61663737303931626633653461663134663462313830343732666266303464323362323738343463
+38656234376137653238323636366164396162613730323037396135323230316364613961313563
+34643663633236343533613938343033313937626665306464376531316539353761373230613266
+34306338646537393763653732623364643464386563626365343639613136333132643866346135
+32346165393432393132333535363531373766656163323336343736326366666634336362343861
+64626464323734303566623066653361363731656439643230653430323335646262396364323538
+38326138633831396163646139346532326537633239626131333835353131633965663837636632
+33373865306339643961376462363838666261653464636132323436646365393462393961323931
+39616265623439356531376266653732393763653338643062343239383539393130616138313865
+63636262353762353861343063313766393232393538666232383762393363306564653463633836
+39383766626231303333373464353462306635343539653965396231633830356535646132386436
+3437383537636636356433316566373861346535336335663431

compose/03_syncthing/config/key.pem

@@ -0,0 +1,20 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+30383836353130323131653139643365346335633063343362656530663538393435663335613132
+3533343531333434376632333630343364313061633066330a373263393966336430616530386564
+32313530333939333035393863623932666261316664666132366331626561306230306238323733
+3230396463303764300a643831633734393964363534343932303039323161373239363766643037
+35333362666332346133363063363466343338653963353333376162373331316433326436353738
+63323339346134626131316136663736313737653866393135356262363832613262316139613963
+32646532343639303732643432306239656135663363643263393832383936373837626665616662
+37373865303364373035363832633932323233396336363863336338613237623637323665386536
+37313164646266663135336432363963643630366434356230626663343534376330343461366664
+33623261313662663636346361386332343630396164616137303364643661643736653462323062
+32613335653732373365646566393930666561383465376665383531393037343638633763633563
+38613164373332306237373737623839386336613166333139656264336131326631343438373235
+31343739363366396464623662373539613433346438626335303765623738393930666430303139
+66386264623666393234623032386135323231653965393466656634353532616530306265306666
+62663039333231316130353061313233666639633563346635623464363135383863666532323432
+63376664343630633631393232636364633036636230663864323437636439623961613634613638
+38626161646166336138373931393464633030323338663763383135316665346137646139333530
+61386233373538636433363832363537313766363566623961346336353532303761313664383032
+646138346562616433343462303065306236

compose/03_syncthing/docker-compose.yml

@@ -0,0 +1,25 @@
+version: '3.9'
+
+services:
+  syncthing:
+    image: syncthing/syncthing:1
+    restart: unless-stopped
+    ports:
+      - 127.0.0.1:8384:8384  # Make GUI available via SSH
+      - 22000:22000/tcp
+      - 22000:22000/udp
+    volumes:
+      - syncthing-data:/var/syncthing
+      - ./config/cert.pem:/var/syncthing/config/cert.pem:ro,z
+      - ./config/key.pem:/var/syncthing/config/key.pem:ro,z
+      - ./config/config.xml:/var/syncthing/config/config.xml:ro,z
+    hostname: "Netcup"
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+    environment:
+      - PUID=0
+      - PGID=0
+      - TZ=Europe/Berlin
+
+volumes:
+  syncthing-data:

compose/04_blog/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=blog

compose/04_blog/docker-compose.yml

@@ -0,0 +1,18 @@
+version: "3.4"
+
+services:
+  tobiasmanske.de:
+    image: registry.tobiasmanske.de/tobiasmanske.de:latest
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.tobiasmanskede.rule=Host(`tobiasmanske.de`) || Host(`www.tobiasmanske.de`)"
+      - "traefik.http.routers.tobiasmanskede.entryPoints=websecure"
+      - "traefik.http.services.tobiasmanskede.loadbalancer.server.port=80"
+      - "com.centurylinklabs.watchtower.scope=http"
+    restart: always
+    networks:
+      - gateway
+
+networks:
+  gateway:
+    external: true

compose/05_watchtower/.env

@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=watchtower

compose/05_watchtower/docker-compose.yml

@@ -0,0 +1,34 @@
+---
+services:
+  default:
+    image: containrrr/watchtower:latest
+    privileged: true
+    environment:
+      DOCKER_CONFIG: /config
+      WATCHTOWER_POLL_INTERVAL: 86400
+      WATCHTOWER_CLEANUP: 1
+      WATCHTOWER_ROLLING_RESTART: 1
+      WATCHTOWER_SCOPE: update
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /home/core/.docker:/config
+    restart: always
+    labels:
+      - "com.centurylinklabs.watchtower.scope=update"
+
+  http:
+    image: containrrr/watchtower:latest
+    privileged: true
+    environment:
+      DOCKER_CONFIG: /config
+      WATCHTOWER_POLL_INTERVAL: 900
+      WATCHTOWER_CLEANUP: 1
+      WATCHTOWER_ROLLING_RESTART: 1
+      WATCHTOWER_SCOPE: http
+    volumes:
+      - /home/core/.docker/:/config/
+      - /var/run/docker.sock:/var/run/docker.sock
+    restart: always
+    labels:
+      - "com.centurylinklabs.watchtower.scope=http"
+...

docker-config.json

@@ -0,0 +1,11 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+32643032393961616163376565363738383166373031393037306436383037663736613439326166
+6439663833356435653161636132616133663062333063640a373137646539616561376535313739
+31373932393934666133356332646237636563623631316233303962393637386534313966353839
+6164343438666539390a643032333839633737336162383830386436653462363963643639616164
+66656233643639613639663962383261356661343232663365353031623533643238303838373764
+35633838383533666662636263656562633865396330653733616366386232353162656362626161
+32383830346363313536336632656265636437323665316362303966366439316533333934373039
+36633531383831363533323734373936633339373562633563663863623733346662613435636664
+36633233333961396633313234303962376535616139323062316137616536326235346231666238
+6231363536663534653466633730316637313162303837626366

inventory.yaml

@@ -0,0 +1,12 @@
+---
+all:
+  hosts:
+    host.nc.chaoswg.org:
+      # ansible_host: 192.168.0.52
+      # ansible_host: 185.216.177.198
+      ansible_user: core
+      network_interface: ens3
+  children:
+    unprovisioned:
+      hosts:
+        # host.nc.chaoswg.org: null

playbook.yaml

@@ -0,0 +1,202 @@
+---
+
+- name: Render compose files
+  hosts: localhost
+  tags: template
+  vars:
+    render_path: "./render/compose"
+    render_blacklist:
+      - EMPTY
+  tasks:
+    - name: Read Variables
+      include_vars:
+        dir: vars
+        extensions:
+          - 'yml'
+          - 'yaml'
+    - file:
+        state: directory
+        dest: '{{ render_path }}/{{ item.path }}'
+      with_filetree: './compose'
+      when: item.state == 'directory'
+    - name: Template Compose structure
+      ansible.builtin.template:
+        src: "{{ item.src }}"
+        dest: "{{ render_path }}/{{ item.path }}"
+        force: true
+      with_filetree: './compose'
+      when: item.state == 'file' and item.path not in render_blacklist
+    - name: Copy blacklisted files
+      copy:
+        src: "{{ item.src }}"
+        dest: "{{ render_path }}/{{ item.path }}"
+        force: true
+      with_filetree: './compose'
+      when: item.state == 'file' and item.path in render_blacklist
+
+- name: Provision Volumes from Snapshots
+  hosts: unprovisioned
+  # hosts: all
+  gather_facts: true
+  tasks:
+    - block:
+        - name: Gather file names
+          delegate_to: 127.0.0.1
+          find:
+            paths: ./backups
+            file_type: file
+          register: snapshot_files
+        - name: Filter names
+          set_fact:
+            volumes_to_provision: "{{ snapshot_files.files | selectattr('path', 'regex', '^.*-latest.tar.gz') | map(attribute='path') | map('regex_replace', '^backups/([a-zA-Z0-9_]+)-.*$', '\\1') }}"
+        - name: Print
+          ansible.builtin.debug:
+            var: volumes_to_provision
+            verbosity: 0
+        - ansible.builtin.file:
+            path: /home/core/backups
+            owner: core
+            state: directory
+            mode: '0755'
+        - name: Copy backups to host
+          copy:
+            src: "./backups/{{ item }}-latest.tar.gz"
+            dest: "/home/core/backups/{{ item }}-latest.tar.gz"
+          with_items: "{{ volumes_to_provision }}"
+        - name: Initialize Volumes
+          community.docker.docker_volume:
+            name: "{{ item }}"
+            state: present
+          with_items: "{{ volumes_to_provision }}"
+
+        - name: Provision Volume using alpine
+          community.docker.docker_container:
+            name: "restore-{{ item }}"
+            image: "alpine:latest"
+            state: started
+            volumes:
+              - "{{ item }}:/backup/{{ item }}"
+              - "/home/core/backups/{{ item }}-latest.tar.gz:/restore.tar.gz:ro,z"
+            auto_remove: true
+            entrypoint:
+              - tar
+              - -C
+              - /
+              - -xvf
+              - /restore.tar.gz
+          with_items: "{{ volumes_to_provision }}"
+
+        - set_fact:
+            provisioned: true
+            cacheable: true
+      when: ansible_facts['provisioned'] is undefined
+
+- name: Backup
+  hosts: all
+  tasks:
+    - name: Read Variables
+      include_vars:
+        dir: vars
+        extensions:
+          - 'yml'
+          - 'yaml'
+    - name: Install backup script
+      become: true
+      ansible.builtin.template:
+        src: backup.sh
+        dest: /root/backup.sh
+        mode: '0750'
+        owner: root
+
+- name: Setup Registry credentials
+  hosts: all
+  tasks:
+    - ansible.builtin.file:
+        path: /home/core/.docker
+        owner: core
+        state: directory
+        mode: '0700'
+    - ansible.builtin.copy:
+        src: docker-config.json
+        dest: /home/core/.docker/config.json
+        mode: '0600'
+        owner: core
+
+- name: Docker-Compose
+  hosts: all
+  tasks:
+    - name: Gather local Config
+      delegate_to: 127.0.0.1
+      find:
+        paths: ./render/compose
+        recurse: true
+        file_type: file
+      register: local_compose_files
+    - name: Gather Remote Config
+      find:
+        paths: /home/core/compose
+        recurse: true
+        file_type: file
+      register: remote_compose_files
+    - ansible.builtin.debug:
+        var: local_compose_files
+        verbosity: 2
+    - ansible.builtin.debug:
+        var: remote_compose_files
+        verbosity: 2
+
+    - ansible.builtin.set_fact:
+        compose_dirs_tainted: "{{ remote_compose_files.files | map(attribute='path') | difference(local_compose_files.files | map(attribute='path') | map('regex_replace', '^render/', '/home/core/')) | map('dirname') }}"
+    - ansible.builtin.debug:
+        var: compose_dirs_tainted
+        verbosity: 2
+
+    - name: Stop tainted Compose Services
+      community.docker.docker_compose:
+        project_src: "{{ item }}"
+        state: absent
+      loop: "{{ compose_dirs_tainted }}"
+
+    - name: Copy Compose files
+      ansible.posix.synchronize:
+        src: ./render/compose
+        dest: /home/core/
+        archive: false
+        checksum: true
+        delete: true
+        recursive: true
+        mode: push
+        # directory_mode: "0750"
+        # mode: "0640"
+        # owner: core
+      register: compose_files
+
+    - ansible.builtin.debug:
+        var: compose_files
+        verbosity: 2
+
+    - name: Restart Compose projects
+      vars:
+        docker_restart: "{{ lookup('env', 'DOCKER_RESTART') | default('false', true) | bool }}"
+      block:
+        - find:
+            paths: /home/core/compose
+            recurse: false
+            file_type: directory
+          register: compose_directories
+        - ansible.builtin.debug:
+            var: compose_directories
+            verbosity: 2
+        - name: Restart Compose Projects
+          community.docker.docker_compose:
+            project_src: "{{ item }}"
+            state: present
+            restarted: true
+            recreate: smart
+            build: true
+            remove_orphans: true
+          loop: "{{ compose_directories.files | map(attribute='path') | sort }}"
+      when: compose_files.changed or docker_restart
+
+
+...

setup.bu

@@ -0,0 +1,100 @@
+---
+variant: fcos
+version: 1.4.0
+systemd:
+  units:
+    # Installing vim as a layered package with rpm-ostree
+    - name: rpm-ostree-install-pkg.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Layer packages with rpm-ostree
+        Wants=network-online.target
+        After=network-online.target
+        # We run before `zincati.service` to avoid conflicting rpm-ostree
+        # transactions.
+        Before=zincati.service
+        # Otherwise vagrant will try to run the playbook before we got python
+        Before=sshd.service
+        ConditionPathExists=!/var/lib/%N.stamp
+
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        # `--allow-inactive` ensures that rpm-ostree does not return an error
+        # if the package is already installed. This is useful if the package is
+        # added to the root image in a future Fedora CoreOS release as it will
+        # prevent the service from failing.
+        ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive vim python docker-compose borgbackup
+        ExecStart=/bin/touch /var/lib/%N.stamp
+
+        [Install]
+        WantedBy=multi-user.target
+    # Make sure docker is actually starting without a call to the socket.
+    - name: docker.service
+      enabled: true
+    - name: borgbackup.service
+      contents: |
+        [Unit]
+        Description=Run Backup of /var/lib/docker
+
+        [Service]
+        ExecStart=/usr/bin/bash /root/backup.sh
+
+        [Install]
+        WantedBy=multi-user.target
+    - name: borgbackup.timer
+      enabled: true
+      contents: |
+        [Unit]
+        Description=Daily backup
+
+        [Timer]
+        OnCalendar=daily
+        Persistent=true
+
+        [Install]
+        WantedBy=timers.target
+storage:
+  filesystems:
+    - device: /dev/disk/by-partlabel/root
+      wipe_filesystem: true
+      format: ext4
+      label: root
+  files:
+    # Set vim as default editor
+    # We use `zz-` as prefix to make sure this is processed last in order to
+    # override any previously set defaults.
+    - path: /etc/profile.d/zz-default-editor.sh
+      overwrite: true
+      contents:
+        inline: |
+          export EDITOR=vim
+    - path: /etc/hostname
+      mode: 0644
+      contents:
+        inline: host.nc.chaoswg.org
+    - path: /etc/zincati/config.d/55-updates-strategy.toml
+      contents:
+        inline: |
+          [updates]
+          strategy = "periodic"
+          [[updates.periodic.window]]
+          days = [ "Fri", "Sat" ]
+          start_time = "23:30"
+          length_minutes = 60
+  links:
+    - path: /etc/localtime
+      target: /usr/share/zoneinfo/Europe/Berlin
+passwd:
+  users:
+    - name: core
+      groups:
+        - docker
+      ssh_authorized_keys:
+        - cert-authority,principals="rad4day,rad4day@chaoswg.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUN/Ik3CqhsVLGEkl2rJLUhC0AXFmVp6BgETaqgVKq5 user-ca@chaoswg.org
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhzs4vCOhy3yH2TF2bO5Qalt2P4WG4nDYTLarPKFrdM ansible@provisioner
+    - name: borgbackup
+      ssh_authorized_keys:
+        - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEeiXrwUxnzo/MLn3PdT3shFIJu7zia8uwlcQhyPautw borgbackup@remote
+...

vagrant.bu

@@ -0,0 +1,7 @@
+variant: fcos
+version: 1.4.0
+ignition:
+  config:
+    merge:
+      - local: ./vagrant_INSECURE.ign
+      - local: ./setup.ign

vagrant_INSECURE.ign

@@ -0,0 +1 @@
+{"ignition":{"version":"3.0.0"},"passwd":{"users":[{"name":"core","sshAuthorizedKeys":["ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"]}]}}

vars/vault.yaml

@@ -0,0 +1,90 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+36613830363562323032396439303962393331373532303230633031383936646463373037383234
+3765663463646631353530633465633463663435623661610a646435303037343066383262633733
+62633135346233626663336364666639633939326630313565333739353533653238666332666565
+3765666461356363370a636665353031383064383839613061336639343534623562623434323537
+37653637636333633730653339366536376236386337303163336563396436323930323363386537
+63353434333866343461386634656132633162316634313265313966393238343066336663623630
+38633534393534646135633239353335323139333038336164396334656532653633626334656534
+62656663633836343139363863616136346538313131393165613331623231366636356134363765
+37316331666636643162613830313035626239613566333965363530333562376137663864303164
+64323735383036626161323561316334643931623739346539393539323161623634316639343736
+39323666306539663938303966346464653464613230633833643832393030623866616362353632
+65366539623636383738326339623764363364393434623663336632653437663438626463323264
+34313630613030666538393637323236373937376366653932383933316134373133663436376465
+66656365613864323366326638626337616433613731633861326436666635643134666461316465
+33333463393966393266323235323236343231323136336130623938633534633365656463386333
+35643366653961643330373033383935636637366463363466306133646261646234353835326134
+31306534336362663034636230386235376133393534643033323935303364643832323736656236
+33396338303833336566613233306436616334316538646631366564376134366332643939363039
+65353834303439373736353630653063616537393464333666393563663833383736346436616430
+39323964323362633135326133363233653666363562613264376161326335636235303436356364
+62623539636332363065343965393635613063326661386265643563326463653632326232383538
+63363035613466323038343935333730636434393433633235646134313366656132353939346536
+38333139613132366636323935636439613162613034343034643261393363636466663938646134
+32343763646561626630333964333165663538313735666336653565646638363636316136356363
+31323431303862383039393232613365616464356636333033663037363131623735643265313936
+33653933323563396131643561363531323130323435653237653633623232343762386164383430
+30393936656639346330333133343234336335313134613134303464333430623261343439653165
+34343338653564383539623366633235643761646138376236323833303538323431343632386536
+64326338383434666434643761633465653235306239363937306332396537616362303662656239
+65666465373531343937396365663239653138656537323735363766333361633130316239626631
+65363639356333376337346463313939306132623931346333656334396163363437336633363062
+39353433656238306535393265333462366439663161396439336435386338653736386335376663
+63373934653636636338656230353232343035313931373865376162613336363338646263383561
+31666534313266363338363461626363326336383261333034363365633633326535623936326339
+34396337383630316364336532303862396436373239346239366563326230613761656338363936
+33363866643634666662393261326138373338376435366338323335623138306662356430663239
+37363130626562363039343532336639313062316264653063303866616138613630623435393131
+62343133316332623963653432366539366536623766333866303635636561313539313061643139
+61316632356563363032653663366535346433666138633531313939633966376265386563316363
+31326636373134386162303966303964616261376330666265343863353831313266663138343461
+31646432656330613166316437393661353337626633613937393837643938636337636135626265
+38386366333565386135633234366630366663353263613332386639313733326631313635326134
+30626266653063663835346431613135643663333735393761373930353831333836386539666130
+65343732363037633764356233383365653062653336303239303732323634623032653736656134
+34326532343735626166356533306263346333653965306666343732346630316137613832653331
+33316530366135396262613935366436323735633530363832623137326535616165303232396638
+35646633326235343435343036356466653866623766623433633261353332306534643331386130
+35313533633663396232616331343664636461613366326166663563316639356165326165306430
+38393165383733653439623138376134303639323736386366643836393562383133663761343264
+31656637666262353562613365336638323865353637366435373261353064666638646563653066
+65313164396236363861393536313437363766613132616161633639313936353263643662346335
+30643831336562623838386233663766346664663462623733396261613637363132623965396161
+32366437623162373031643931643064616261306133653735663565323539656562393764306435
+66313165346432663339656663303833346634376162313739376361353130613464303266643038
+35383032626164326330303537396139366633613730656232386632373162306531376432356533
+38356538623830306530323431343432663230376231383139656232376535336339656365666165
+65306638396430633962336434663438613239336533383633396361386565383235366336346233
+34346332626637376131613061303134393065316137383564353335343135373136643265333865
+61303832613365663662613833633764613665343338373666663236643336303534323664326266
+30616666376538356539613632643463323036346664393830376434363561666232353432643039
+64623233306336346434643133366337666661303666363832303831346137383033636637396536
+61346263336566383838386262353637396334326161343866623733366537353934363639343163
+34663264616364636261336335653731346137623161313434343763646435616665303938386130
+65373435303731626531383961343663633935393239343761336462363063386234303832303630
+36613430613365646366383830643566366135303061373536306662313634383333633334353661
+63366235613533396337653462616638333639306263633035313363336266343662356335336639
+37366633316334623237393733636263626339623337643931653363643865636331313863666234
+64336439383037386232313066396337393833663965306462366366376237663634643764646635
+38313864623232616136656533363133353630373038626164653236363662363530333566373035
+39633932383831316161343265623438626439353534346161623935666635633035386435316331
+31383566646237666563366163393261623638306432613330356363623439303334623662396133
+61613761656461323933363161386332663465336439333163303434373533313735303235303262
+32393563336332313830386632643731643639323030333535633038613462646536333366613730
+30636563653462313730653863303938333236353938346139666438653461353238306334376133
+64613866323537313632663634636261336563313366393865303233383232306239613130663761
+66616338333830353835373962393266636238326536663138653166613565653864616562626333
+30366435663337663738633835623034323438363631643332346538393463366662666430376666
+62343738666563326232316438613661316361643264376661656161613061356264623362633530
+32666162386534373363636664613132366239666431653463333762313231386337356363353234
+36393965663564316438393864363237363530643731323966363861386465346166346364386635
+39386637623533366637653437366364363638646635346236386166313864313438393165663933
+33393561303763386565643364623262376461343831623238393834363433656336313665323931
+31396132313961646637326162386531626364643261666436633666323461373466613764343533
+30326530343537663237626130653163653636396139343736313366323864306164643738356532
+31636665393931366538656465373238376562626364396461613037343333653136383238623963
+37346163626465383238373836653130663030663234653537386434653331313863653339303331
+32383034306131623930376138656131636462333166373632306530316536346131616333343661
+65333638393139633630386263356236373333623830643139373637323662623862396161336361
+31646533383061353466623663313732356165653433316266303138356536383433

vars/wireguard-peers.yaml

@@ -0,0 +1,74 @@
+$ANSIBLE_VAULT;1.2;AES256;secrets
+65623539363936656339663865666138346433666366633339663438626338313163636435383339
+3938613366653432313166383936633462666433623738390a313439376163303332623939303430
+39353034643536326635613935643430323332336265316666326537613662313531633131326564
+3831643134623131380a353561333330643666333232656438353364623738663835313832663634
+61666537386439323130623630663037303837316138373837393961653532643864303862633933
+63366132393664663230396661303964633366623761663961646638626265356665613035383431
+61663865336232633935383562626332376464343263303831366435303833323638643436633264
+66323266373966366432306562306266306362613330366333616531313233373236346461316236
+63396231373064313934633132633738623333373138663765386432376137333835653862613865
+35623738366531303263313463396531316439663230363635343035663364343039376664666136
+61326463663739646138646464663931653034333830383565343230653534303839653561653934
+38643432653339643963363164663961323065316239356533653033646465353731336339663538
+62366231356237393461613938396534346234653139336333373537333336373937323934306330
+38613337643564343833306536303563376132636331333731353531333836643039656132626333
+33376231326666323962303764393836623330316564316432363066343338396463646265333935
+63376633613330313936626336653934306637643431643465333765353662663335366237623539
+36643431363632373166663165346364363136333738303731346461623438323231643732623666
+31663065356164383431633662623766316530366336316238646533376435393834303232333630
+63633531313737663631363033653435393263323763656438376336373033343834646330313434
+31326436643836653663383166626534323931616564343734313235373633353061353835623035
+35636339633033323763343563653062386166333934656161313465343866306565626536633361
+38653535613463343366373436356535616664343965386361353335613731633633323666666462
+36303035663561643839323339316562363630376230333630633636623536653064303966633964
+62303539633763363933303837313366653063383537393935316635303630316563336562616336
+34333038643762653238373861343062313731353434386434343665346231396165303733663465
+63306437333864613561373566326466356130656537623137623230643263316633383430663661
+30666330333438316365306161616532663136376464363062386539646434653565643961653861
+37353362653132376233303561363861383739323631613131303363623734623830313637346531
+66313764386564646230333264616139383463666635666637353637303132623766393761306662
+38366166326438326435383634663834623833663231373834633964623332333633613130333666
+35303932613462616332376234663663383232313064613130633062613532396466663764316638
+36333036653766636133306663613765346234393063353861323738356435623831356461613534
+30613039363864323864373662396633653430363165366337353530653961653334346635656234
+62373631323632313561366539373433343238366266363562376162646263353864656133653437
+66333432356364343730393439633037333862386164343563373031333635323661653763386639
+63396566303163343336313766333936313863343138646232616531386437643961363661373937
+65303030386236613738313333313864326362363464373530383031626432316461626464666463
+31633065313966373938646633633839333331356332336363373763653839623137643966373865
+35393437383362626534373930393831636233393865653438636636656265623763383835623037
+32336661313732313337633237356263393030656666366430646334373233323433366435633334
+30353735303437386666323964303865613334393036383532643563363237376633313031383130
+38643165313834306465656430613834646333666334353836613435613135643639363665653232
+62376435336630616632386130386136356537663734303932333366343563326261623139303839
+32643834373766383066396261623236393166383539303263323932643366373439613234313134
+31663761396332343436363665393363373563356165363366316466306137303630383762613331
+30646262616661373361393932353263633235363431306361346266353863613339613530346264
+35383865616532363366393736353366626338306634663263666336636466373762303337336466
+35666433343264386130333463643931306338363063373765646436313632653733343162666331
+30653434346266663131373531393966326162653566646536356533356262336632653736353336
+30656535356430313661356137383166386337613163643731646164636664386531326563303537
+34333663396265663435396261383534383633346239366632323462386334323233333664343930
+34653765326339333265616538363164643932366464353066356433633330323763633862353239
+35313062363864363132393464653663386239323062656235313361383933366266313666623135
+62333936366261303831363931306434343330386632623638653566356538376335663961343735
+38656436623364363438366533306463633234316639656564326165643065366565383261623165
+33323134663530633865643462663131333664653365666134373434386139613034663964353065
+63646561316139383163313332316238326132363661666566666233626536396365376634613433
+34306231626361326636653034646239643466393838363166663639323835386633666632356461
+33633766303364326464383061333664666232326338313863653334666365646230326630303435
+38633237393138363730313736386662373631393631376461323937363737656464316237386336
+37336330626438643166363131623030386235653537336133356264613634323537303464303962
+65626334323834316666643564343233346535393165323534326539653938363735336636353534
+34336539626134373963303737663431306266363766666363383532386438393366376464623763
+35363732306631333032373065393933663130613639326331613763646136383235636433623964
+39383331633465383033653434386562393030633034313365336366313430326265323038346663
+34356635386466393439636434323464613639616261363037326234346130653938373330636531
+34633130316632326335346434613834356630656162393739306561623166363436316161613566
+61376465393932373934386466306462366133363933633839623764343330313561333666386333
+65623739663665653466396461646433373434663766663430306363646666653763353762366639
+38616661326334383737623064323234316134313537363333653666636238303061356132303533
+63303639386535376166656431623937343661376632343232396537613565643235336631336235
+66313139373562613338383564363830343638346439306430356534656635346163306137623966
+30346165373236313831396363333535303038373431316231316134343531653137