Compare commits

...

13 Commits
Help ... master

Author SHA1 Message Date
49c1417b8a
make soft man pages 2024-12-06 22:39:45 +01:00
bbea859ffe
split services by directory 2024-12-06 22:30:54 +01:00
6882610a0e
show git aliases 2024-12-06 22:29:42 +01:00
Txrpe
a62ddf2408 add note about webhooks for soft serve 2024-12-06 22:23:16 +01:00
83c40a44a1
remove UTF8 crap 2024-12-05 17:12:10 +01:00
c7eb11f603
add setup ssh-FAQ 2024-12-05 17:06:07 +01:00
7bcf9b3ac5
fix man section feedback 2024-12-05 16:33:38 +01:00
2d9fa2ab9b
make man pages from readme files 2024-12-05 15:29:34 +01:00
d1931d2e8b
note soft collaborators 2024-12-04 20:03:14 +01:00
7c28e70eb4
new structure checks and fixes
- markdown formatting
- turn soft-serve.md into soft-serve/README.md
2024-12-04 15:42:21 +01:00
eb5d3b018b
new structure
This kicks off the basic tree structure, where the docs all mirror the
reality, like an ascii penumbra.
2024-12-04 15:32:53 +01:00
c3f34f9eea
reformat soft-serve docs 2024-12-04 13:01:12 +01:00
0a899d933b reorganize docs
Each host gets a directory.  Containers will soon also have their own
directory.
2024-12-03 22:54:47 +01:00
90 changed files with 458 additions and 40 deletions

View File

@ -12,3 +12,47 @@ map.txt: map.ge ## Making map.txt
full_map.txt: map.ge ## Generating full_map.txt with graph-easy full_map.txt: map.ge ## Generating full_map.txt with graph-easy
graph-easy --boxart < $< > $@ graph-easy --boxart < $< > $@
cat $@ cat $@
########## Man Pages ##########
mandir = $(HOME)/.local/man/man6
kralizec_docs != grep -rl "^section:" kralizec
kralmans = $(kralizec_docs:kralizec/%/README.md=$(mandir)/%.6)
$(mandir)/%.6: kralizec/%/README.md
lowdown -stman $< > $@
krov_docs != grep -rl "^section:" krov
krovmans = $(krov_docs:krov/%/README.md=$(mandir)/%.6)
$(mandir)/%.6: krov/%/README.md
lowdown -stman $< > $@
splint_docs != grep -rl "^section:" splintrs
splintmans = $(splint_docs:splintrs/%/README.md=$(mandir)/%.6)
$(mandir)/%.6: splintrs/%/README.md
lowdown -stman $< > $@
setup_docs != grep -rl "^section:" setup
setupmans = $(setup_docs:setup/%.md=$(mandir)/%.6)
$(mandir)/%.6: setup/%.md
lowdown -stman $< > $@
$(mandir):
mkdir -p $@
$(kralmans) $(krovmans) $(splintmans) $(setupmans) :| $(mandir)
.PHONY: pages
pages: $(kralmans) $(krovmans) $(setupmans) $(splintmans)
$(info $(kralmans))
@test ! $(command -v mandb) || mandb --user-db
$(info Open DMZ's man pages with 'man 6 <tab>')
##########
clean:
$(RM) $(kralmans) $(krovmans)

View File

@ -13,5 +13,5 @@ These setup files provide the text-only configurations for DMZ.
- Idempotency. - Idempotency.
- All secrets stored elsewhere (probably in the `dmzadmin` repo) - All secrets stored elsewhere (probably in the `dmzadmin` repo)
- Any maintenance scripts. - Any maintenance scripts.
- Configurations should reside in shadow-directories, e.g. a backup of `/etc/soft/config` should reside in this repo under `etc/soft/config`. - Configurations should reside in shadow-directories, e.g. a backup `soft-serve`'s `config.yaml` should reside in this repo under `splint.rs/soft-serve/etc/soft/config.yaml`.

View File

@ -1,26 +0,0 @@
Add this configuration to ~/.ssh/config file
Host dmzkrovdmzrs12
Hostname veyxphzuqnooc7wb7utfza3joaoopgqgwp6l6d4en5yfmyr7kxvminqd.onion
User root
IdentityFile ~/.ssh/id_rsa
PasswordAuthentication no
Now you can log in by typing:
torsocks ssh dmzkrovdmzrs12
Install all needed packages
apt install rsync git nginx
git clone https://gitea.dmz.rs/Decentrala/website
Run updatewebsite.sh script every minute using crontab (run "crontab -e")
This fill automaticlly pull from git repo and regenerate events page
Add nginx-dmz.rs.conf to /etc/nginx/sites-available/dmz.rs and create a symlink
from /etc/nginx/sites-enabled/dmz.rs to that file
You can do this by running:
ln -s /etc/nginx/sites-available/dmz.rs /etc/nginx/sites-enabled/dmz.rs
Increase server_names_hash_bucket_size to 256 in /etc/nginx/nginx.conf in order to support onion addresses.
In the nginx configuration /account/ is redirected to luser (https://gitea.dmz.rs/fram3d/luser) instance running at 192.168.1.211

View File

@ -0,0 +1,3 @@
---
VMID: 115
---

View File

@ -0,0 +1,3 @@
---
VMID: 126
---

40
kralizec/dmzrs/README.md Normal file
View File

@ -0,0 +1,40 @@
Add this configuration to `~/.ssh/config` file
```
Host dmzkrovdmzrs12
Hostname veyxphzuqnooc7wb7utfza3joaoopgqgwp6l6d4en5yfmyr7kxvminqd.onion
User root
IdentityFile ~/.ssh/id_rsa
PasswordAuthentication no
```
Now you can log in by typing:
```bash
torsocks ssh dmzkrovdmzrs12
```
Install all needed packages:
```bash
apt install rsync git nginx
git clone https://gitea.dmz.rs/Decentrala/website
```
Run `updatewebsite.sh` script every minute using `crontab` (run "`crontab -e`")
This fill automatically pull from git repo and regenerate events page
Add `nginx-dmz.rs.conf` to `/etc/nginx/sites-available/dmz.rs` and create a symlink
from `/etc/nginx/sites-enabled/dmz.rs` to that file.
You can do this by running:
```bash
ln -s /etc/nginx/sites-available/dmz.rs /etc/nginx/sites-enabled/dmz.rs
```
Increase `server_names_hash_bucket_size` to 256 in `/etc/nginx/nginx.conf` in order to support onion addresses.
In the `nginx` configuration /account/ is redirected to the `luser` [instance](https://gitea.dmz.rs/fram3d/luser) running at `192.168.1.211`.

View File

@ -0,0 +1,3 @@
---
VMID: 122
---

View File

@ -0,0 +1,3 @@
---
VMID: 118
---

View File

@ -0,0 +1,3 @@
---
VMID: 124
---

View File

@ -0,0 +1,3 @@
---
VMID: 111
---

View File

@ -1,3 +1,9 @@
---
title: ejabberd configurations
section: 6
source: Decentrala
---
#On your PC #On your PC
Add this configuration to ~/.ssh/config Add this configuration to ~/.ssh/config

View File

@ -0,0 +1,3 @@
---
VMID: 106
---

View File

@ -0,0 +1,3 @@
---
VMID: 119
---

View File

@ -0,0 +1,3 @@
---
VMID: 109
---

View File

@ -0,0 +1,3 @@
---
VMID: 117
---

View File

@ -0,0 +1,3 @@
---
VMID: 104
---

View File

@ -0,0 +1,3 @@
---
VMID: 121
---

3
kralizec/nginx/README.md Normal file
View File

@ -0,0 +1,3 @@
---
VMID: 108
---

View File

@ -0,0 +1,3 @@
---
VMID: 127
---

View File

@ -0,0 +1,3 @@
---
VMID: 113
---

View File

@ -0,0 +1,3 @@
---
VMID: 105
---

View File

@ -0,0 +1,3 @@
---
VMID: 116
---

View File

@ -0,0 +1,3 @@
---
VMID: 123
---

3
kralizec/ssh11/README.md Normal file
View File

@ -0,0 +1,3 @@
---
VMID: 114
---

View File

@ -0,0 +1,3 @@
---
VMID: 112
---

3
kralizec/tor11/README.md Normal file
View File

@ -0,0 +1,3 @@
---
VMID: 101
---

View File

@ -0,0 +1,3 @@
---
VMID: 125
---

View File

@ -0,0 +1,3 @@
---
VMID: 120
---

View File

@ -0,0 +1,3 @@
---
VMID: 102
---

View File

@ -17,16 +17,3 @@ VMID Name
111 taskmanager12 111 taskmanager12
112 stopreklamama12 112 stopreklamama12
## srv1
VMID Name
102 tor12
103 dendrite
106 icecast12
107 mariadb12
108 mpd12
109 ympd
111 sshfs11
113 ollama12
114 chatbot12
115 goodvibes12

View File

@ -0,0 +1,3 @@
---
VMID: 101
---

View File

@ -0,0 +1,3 @@
---
VMID: 102
---

View File

@ -0,0 +1,3 @@
---
VMID: 110
---

View File

@ -0,0 +1,3 @@
---
VMID: 109
---

View File

@ -0,0 +1,3 @@
---
VMID: 107
---

View File

@ -0,0 +1,3 @@
---
VMID: 100
---

View File

@ -0,0 +1,3 @@
---
VMID: 106
---

View File

@ -0,0 +1,3 @@
---
VMID: 108
---

View File

@ -0,0 +1,3 @@
---
VMID: 104
---

View File

@ -0,0 +1,3 @@
---
VMID: 112
---

View File

@ -0,0 +1,3 @@
---
VMID: 111
---

View File

@ -0,0 +1,3 @@
---
VMID: 103
---

View File

@ -0,0 +1,3 @@
---
VMID: 105
---

15
krov/srv1/README.md Normal file
View File

@ -0,0 +1,15 @@
# List of containers
## srv1
VMID Name
102 tor12
103 dendrite
106 icecast12
107 mariadb12
108 mpd12
109 ympd
111 sshfs11
113 ollama12
114 chatbot12
115 goodvibes12

View File

@ -0,0 +1,3 @@
---
VMID: 114
---

View File

@ -0,0 +1,3 @@
---
VMID: 103
---

View File

@ -0,0 +1,3 @@
---
VMID: 115
---

View File

@ -0,0 +1,3 @@
---
VMID: 106
---

View File

@ -0,0 +1,3 @@
---
VMID: 107
---

View File

@ -0,0 +1,3 @@
---
VMID: 108
---

View File

@ -0,0 +1,3 @@
---
VMID: 113
---

View File

@ -0,0 +1,3 @@
---
VMID: 111
---

View File

@ -0,0 +1,3 @@
---
VMID: 102
---

3
krov/srv1/ympd/README.md Normal file
View File

@ -0,0 +1,3 @@
---
VMID: 109
---

41
setup/git-aliases.md Normal file
View File

@ -0,0 +1,41 @@
---
volume: Decentrala
section: 6
title: git aliases
author: Malin
source: dmz.rs
---
## Aliases
Put these in `~/.bash_aliases`
```
alias gb='git branch'
alias gc='git add -p . && git commit'
alias gd="git diff --word-diff"
alias gl='git log --graph --show-signature'
alias gla="git log --all --decorate --oneline --graph"
alias gm='git merge'
alias gis='git status'
```
## Dangerous Aliases
Get a fuzzy-finder, like `fzy,` or `sk` (called `sk-im` in the repos), and checkout faster:
```
alias gco='git checkout --recurse-submodules $(sk -c "git branch | cut -c 3-")'
```
Delete all changes and start again instantly:
```
alias grs='git reset --hard HEAD'
```
Push to remotes that don't use http:
```
alias gpa='git remote show | while read remote; do git remote get-url $remote | grep -qv http && git push $remote; done'
```

104
setup/ssh_FAQ.md Normal file
View File

@ -0,0 +1,104 @@
---
volume: Decentrala
section: 6
title: ssh setup
author: Malin
source: dmz.rs
---
## Step 1: Basic `ssh`
> I did stuff with my `ssh` and now things don't work. What do?
Check the permissions on your `ssh` directory:
```bash
$ ls -d ~/.ssh
drwxr-x--- - ghost 3 Dec 12:55 /home/ghost/.ssh
```
This is wrong, because anyone in your `~` can see you `ssh` configuration files.
```bash
$ chmod -R 600 ~/.ssh
$ ls -d ~/.ssh
drw------- - ghost 3 Dec 12:55 /home/ghost/.ssh
```
This is also wrong - entering a directory is the same as executing it.
If you can't 'execute' the directory, you cannot enter it, and `ssh` cannot read the files.
```bash
$ chmod -R 700 ~/.ssh
$ ls -l ~/.config
-rwx------ 1 ghost dmz 578 Dec 27 2022 authorized hosts
-rwx------ 1 ghost dmz 1145 Dec 27 2022 authorized keys
-rwx------ 2 ghost dmz 366 Dec 14 18:36 config
-rwx------ 1 ghost dmz 419 Dec 11 2023 id ed25519
-rwx------ 1 ghost dmz 106 Dec 11 2023 id ed25519.pub
-rwx------ 1 ghost dmz 2610 Dec 27 2022 id rsa
-rwx------ 1 ghost dmz 578 Dec 27 2022 id rsa.pub
-rwx------ 1 ghost dmz 28269 Dec 28 17:32 known hosts
```
Now all the files have 'read, write, and execute', but only for `$USER`.
## Step 2: The Config File
> I have 43 different `ssh` keys. Something doesn't work with a program. What do?
- Option 1: Delete all of them and stop asking Santa for `ssh` keys.
- Option 2: Define which one you want to use in the `~/.ssh/config` file.
```
Host soft
HostName soft.dmz.rs
Port 2222
User ghost
IdentityFile ~/.ssh/id rsa
Host dmz
HostName dmz.rs
Port 123
User root
Host krov
HostName dmz.rs
Port 5555
User ghost
Host june
HostName 192.168.1.100
User ghost
ProxyJump krov
```
The first example lets you go to the `soft-serve` git-server just by typing
```bash
$ ssh soft
```
If you're not sure if ssh is using the right key, try with `-v` for 'verbose mode'.
```bash
$ ssh -vv soft
```
If you're not sure if ssh is using the right key, try with `-v` for 'verbose mode'.
> `git` is not working with `ssh`
`git` will not presume to use your `ssh` config file unless you tell it:
```bash
$ GIT_SSH_COMMAND="ssh -F ~/.ssh/config" git pull
```
If that works, you can make the change permanent for that one repository:
```bash
$ git config core.sshCommand "ssh -F ~/.ssh/config"
```

1
splintrs/smtpd/README.md Normal file
View File

@ -0,0 +1 @@
`smtp` provides email backups, in case kralizec goes offline.

View File

@ -1,6 +1,8 @@
# This make file produces the smtp daemon for the current backup domain: splint.rs # This make file produces the smtp daemon for the current backup domain: splint.rs
# It is missing the cert, so you'll have to make another. # It is missing the cert, so you'll have to make another.
# It hasn't been tested in a few years, and I have no idea how to make a
# containerized test which will check DNS, and SSL certificates.
DOMAIN=splint.rs DOMAIN=splint.rs

View File

@ -0,0 +1,36 @@
---
source: Decentrala
section: 6
title: Soft-Serve Basics
---
Soft Serve has its configurations stored inside itself in a repo. Admins can pull:
`git clone ssh://soft.dmz.rs:2222/.soft-serve`
# Adding Users
Summary:
`ssh -p 2222 soft.dmz.rs user --help`
Add user `ana` to the `fixme` repository:
```bash
user=ana
repo=fixme
ssh -p 2222 soft.dmz.rs user create $user
key="$(cat ~/dmzadmin/ssh_keys/alice.pub)"
ssh -p 2222 soft.dmz.rs user add-pubkey "$key" $user
ssh -p 2222 soft.dmz.rs repo collab add $repo $user
ssh -p 2222 soft.dmz.rs user info $user
```
Add `bojan` as an admin (who can see an change all repositories):
```bash
user=bojan
sshkey="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF5g6oP6+DyFhkIrN4pRcvsQ7RgNavEyzN2kH8yOB6mA bojan@posteo.net"
ssh -p 2222 soft.dmz.rs user create --admin --key "$sshkey" "$user"
```

View File

@ -0,0 +1,27 @@
---
source: Decentrala
section: 6
title: Soft-Serve Webhooks
---
### Soft serve webhooks
Soft serve supports [webhooks](https://en.wikipedia.org/wiki/Webhook)
Webhooks allow us to get notified on some web server when some events occur on the soft serve git server. Currently supported events that can be subscribed to (for a specific repo) are:
- branch_tag_create
- branch_tag_delete
- collaborator
- push
- repository
- repository_visibility_change
See help page for repo webhooks
`ssh -p 2222 soft.dmz.rs repo webhook --help`
##### Example
An example for using a webhook could be that you want to be notified when anyone pushes commits to `boban` repo
You could create a webhook that will trigger on the push event of the boban repo and send a request to boban.dmz.rs/push url (where you could host a webapp that listens for that request). The webapp will react to it by sending a xmpp message with details on which commits where pushed etc.
`webhook create boban boban.dmz.rs/push --events push`