107 changed files with 147 additions and 888 deletions
--- a/77
+++ b/77
@ -1,77 +1,14 @@
-
-ignore_file = .git/info/exclude
-
-
 .PHONY: help
+
 help: ## Print the help message
 	@awk 'BEGIN {FS = ":.*?## "} /^[0-9a-zA-Z._-]+:.*?## / {printf "\033[36m%s\033[0m : %s\n", $$1, $$2}' $(MAKEFILE_LIST) | \
 		sort | \
 		column -s ':' -t

-.PHONY: check
-check: ## Check you have all dependencies
-	@command -v graph-easy >/dev/null || { echo "Install perl-graph-easy" && exit 1 ;}
-	@command -v recsel >/dev/null || { echo "Install recutils" && exit 1 ;}
-	@command -v lowdown >/dev/null || { echo "Install lowdown" && exit 1 ;}
-	@echo "All dependencies installed"
+map.txt: map.ge ## Making map.txt
+	grep -v '# unimportant' $< | graph-easy --boxart > $@
+	cat $@

-########## Network Map ##########
-
-graph_program != type graph-easy > /dev/null && printf graph-easy || printf dot 
-
-graph_cmd = graph-easy --boxart
-
-queries = queries authqueries
-
-query_formats = $(patsubst %, .dbs/%.txt, $(queries))
-
-dotquery_formats = $(patsubst %, .dbs/%.dot, $(queries))
-
-.dbs/: | $(ignore_file)
-	mkdir $@
-
-ignored += .dbs/
-
-$(query_formats): .dbs/%.txt: | .dbs/
-	echo "[ {{name}} ] -- $(basename $(@F)) --> [ {{$(basename $(@F))}} ]" > $@
-
-$(dotquery_formats): .dbs/%.dot: | .dbs/
-	echo '{{name}} -> {{$(basename $(@F))}} [ label="$(basename $(@F))" ];' > $@
-
-ifeq ($(graph_program),dot)
-  map_file = network.png
-else
-  map_file = network.txt
-endif
-
-ignored += $(map_file)
-
-.PHONY: map
-map: $(map_file) ## Generate a network map
-
-network.txt: .dbs/network.txt
-	$(graph_cmd) < $<
-
-.dbs/network.txt: network.rec $(query_formats)
-	$(RM) $@
-	$(foreach relation, $(queries), \
-	recsel $< -t lxc -e "$(relation) != ''" -p name,$(relation) | recfmt -f .dbs/$(relation).txt >> $@ ;\
-	)
-
-.dbs/network.dot: network.rec $(dotquery_formats)
-	echo 'digraph network {' > $@
-	$(foreach relation, $(queries), \
-	recsel $< -t lxc -e "$(relation) != ''" -p name,$(relation) | recfmt -f .dbs/$(relation).dot >> $@ ;\
-	)
-	echo '}' >> $@
-
-network.png: .dbs/network.dot $(ignore_file)
-	dot -T png < $< > $@
-
-##########
-
-$(ignore_file): $(MAKEFILE_LIST)
-	echo $(ignored) | tr ' ' '\n' > $@
-
-clean:
-	$(RM) -r $(ignored)
+full_map.txt: map.ge ## Generating full_map.txt with graph-easy
+	graph-easy --boxart < $< > $@
+	cat $@
--- a/README.md
+++ b/README.md
@ -2,11 +2,6 @@ These setup files provide the text-only configurations for DMZ.

 *It should not contain private data.*

-# Dependencies
-
- `recutils`
- (optional) `graph-easy` (the package may be called `perl-graph-easy`)
-
 # Aspirations

 - Each service should reside in its own directory.
@ -18,62 +13,5 @@ These setup files provide the text-only configurations for DMZ.
    - Idempotency.
 - All secrets stored elsewhere (probably in the `dmzadmin` repo)
 - Any maintenance scripts.
- Configurations should reside in shadow-directories, e.g. a backup `soft-serve`'s `config.yaml` should reside in this repo under `splint.rs/soft-serve/etc/soft/config.yaml`.
-
-# Network Database
-
-I have a half-baked plan to finally make use of plain-text databases, and it's already half-working.
-Try these commands:
-
-Ask what types of _rec_ords it contains:
-
-## Database
-
-```sh
-recinf network.rec
-```
-
-### Select queries
-
-Select with `recsel`, then specify the database (.rec) and type of record (like table in db).
-
- `--include-descriptors` or `-d`
- `--type` or `-t`
- `--expression` or `-e`
- `--quick` or `-q`
-
-```sh
-recsel network.rec --type router
-recsel network.rec -d -t lxc
-```
-
-User `-q` for a `--quick` selection, or `-e` for more precise selections.
-
-```sh
-recsel network.rec --type lxc --quick wiki
-recsel network.rec -t lxc -q nginx
-recsel network.rec -t lxc -e "name ~ 'nginx'"
-recsel network.rec -t lxc -e "name = 'nginx12'"
-```
-
-### Insert queries
-
-Insert a new record with `recins`.
-
-```sh
-recins network.rec -t lxc -r "name: bob" -r "service: bob" -r "host: moxx"
-```
-
-### Update queries
-
-If you can select something, you can also set its fields with `recset`.
-
-Use `-f` to set the `--field`, and `-a` to `--add`, or `-s` to `--set`.
-
-
-```sh
-recset network.rec -t lxc -e "name = 'nginx12'" -f proxies -a soft-serve
-recsel network.rec -t lxc -e "name = 'nginx11'" -p proxies[0]
-recset network.rec -t lxc -e" name = 'nginx11'" -f proxies[0] -s wiki9
-```
+- Configurations should reside in shadow-directories, e.g. a backup of `/etc/soft/config` should reside in this repo under `etc/soft/config`.

--- a/docs/dmzrs/README.md
+++ b/docs/dmzrs/README.md
@ -0,0 +1,26 @@
+Add this configuration to ~/.ssh/config file
+
+Host dmzkrovdmzrs12
+  Hostname veyxphzuqnooc7wb7utfza3joaoopgqgwp6l6d4en5yfmyr7kxvminqd.onion
+  User root 
+  IdentityFile ~/.ssh/id_rsa
+  PasswordAuthentication no
+
+Now you can log in by typing:
+torsocks ssh dmzkrovdmzrs12
+
+Install all needed packages
+apt install rsync git nginx
+git clone https://gitea.dmz.rs/Decentrala/website
+
+Run updatewebsite.sh script every minute using crontab (run "crontab -e")
+This fill automaticlly pull from git repo and regenerate events page
+
+Add nginx-dmz.rs.conf to /etc/nginx/sites-available/dmz.rs and create a symlink
+from /etc/nginx/sites-enabled/dmz.rs to that file
+You can do this by running:
+ln -s /etc/nginx/sites-available/dmz.rs /etc/nginx/sites-enabled/dmz.rs
+
+Increase server_names_hash_bucket_size to 256 in /etc/nginx/nginx.conf in order to support onion addresses.
+
+In the nginx configuration /account/ is redirected to luser (https://gitea.dmz.rs/fram3d/luser) instance running at 192.168.1.211
--- a/kralizec/dmzrs/nginx-dmz.rs.conf
+++ b/kralizec/dmzrs/nginx-dmz.rs.conf
--- a/kralizec/dmzrs/updatewebsite.sh
+++ b/kralizec/dmzrs/updatewebsite.sh
--- a/kralizec/dmzrsaccount/README.md
+++ b/kralizec/dmzrsaccount/README.md
--- a/kralizec/dmzrsaccount/listuserskralizec.py
+++ b/kralizec/dmzrsaccount/listuserskralizec.py
--- a/kralizec/dmzrsaccount/listuserskrov.py
+++ b/kralizec/dmzrsaccount/listuserskrov.py
--- a/kralizec/dmzrsaccount/prepare.py
+++ b/kralizec/dmzrsaccount/prepare.py
--- a/kralizec/dmzrsaccount/testanon.py
+++ b/kralizec/dmzrsaccount/testanon.py
--- a/kralizec/dmzrsaccount/testuser.py
+++ b/kralizec/dmzrsaccount/testuser.py
--- a/kralizec/ejabberd/README.md
+++ b/kralizec/ejabberd/README.md
@ -1,9 +1,3 @@
---
-title: ejabberd configurations
-section: 6
-source: Decentrala
---
-
 #On your PC
 Add this configuration to ~/.ssh/config

--- a/kralizec/ejabberd/ejabberd.yml
+++ b/kralizec/ejabberd/ejabberd.yml
--- a/kralizec/slapd/.gitignore
+++ b/kralizec/slapd/.gitignore
--- a/kralizec/slapd/README.md
+++ b/kralizec/slapd/README.md
--- a/kralizec/slapd/acladd-template.ldif
+++ b/kralizec/slapd/acladd-template.ldif
--- a/kralizec/slapd/generateacl.sh
+++ b/kralizec/slapd/generateacl.sh
--- a/kralizec/slapd/generatecreds.sh
+++ b/kralizec/slapd/generatecreds.sh
--- a/kralizec/slapd/servicesaccounts.txt
+++ b/kralizec/slapd/servicesaccounts.txt
--- a/hosts/kralizec/README.md
+++ b/hosts/kralizec/README.md
--- a/krov/serverko/README.md
+++ b/krov/serverko/README.md
@ -17,6 +17,16 @@ VMID Name
 111  taskmanager12  
 112  stopreklamama12  

-##### Legend
+## srv1

-12 -> debian 12
+VMID Name  
+102  tor12  
+103  dendrite  
+106  icecast12  
+107  mariadb12  
+108  mpd12  
+109  ympd  
+111  sshfs11
+113  ollama12  
+114  chatbot12  
+115  goodvibes12  
--- a/krov/serverko/ipv6tunnel12/etc/network/interfaces
+++ b/krov/serverko/ipv6tunnel12/etc/network/interfaces
--- a/krov/serverko/ipv6tunnel12/lib/systemd/system/ifuptunnel.service
+++ b/krov/serverko/ipv6tunnel12/lib/systemd/system/ifuptunnel.service
--- a/krov/serverko/ipv6tunnel12/root/scripts/netstart.sh
+++ b/krov/serverko/ipv6tunnel12/root/scripts/netstart.sh
--- a/krov/serverko/opensmtpd12/crontab
+++ b/krov/serverko/opensmtpd12/crontab
--- a/krov/serverko/opensmtpd12/etc/mailname
+++ b/krov/serverko/opensmtpd12/etc/mailname
--- a/krov/serverko/opensmtpd12/etc/smtpd.conf
+++ b/krov/serverko/opensmtpd12/etc/smtpd.conf
--- a/krov/serverko/slapd12/etc/default/slapd
+++ b/krov/serverko/slapd12/etc/default/slapd
--- a/krov/serverko/slapd12/root/aclupdate.sh
+++ b/krov/serverko/slapd12/root/aclupdate.sh
--- a/krov/serverko/slapd12/root/ldifs/acladd.ldif
+++ b/krov/serverko/slapd12/root/ldifs/acladd.ldif
--- a/krov/serverko/slapd12/root/ldifs/acldel.ldif
+++ b/krov/serverko/slapd12/root/ldifs/acldel.ldif
--- a/krov/serverko/slapd12/root/ldifs/tls.ldif
+++ b/krov/serverko/slapd12/root/ldifs/tls.ldif
--- a/krov/serverko/slapd12/root/modify.sh
+++ b/krov/serverko/slapd12/root/modify.sh
--- a/krov/serverko/slapd12/root/setup.sh
+++ b/krov/serverko/slapd12/root/setup.sh
--- a/hosts/splintrs/etc/smtpd/smtpd.conf
+++ b/hosts/splintrs/etc/smtpd/smtpd.conf
--- a/kralizec/cgit11/README.md
+++ b/kralizec/cgit11/README.md
@ -1,3 +0,0 @@
---
-VMID: 115
---
--- a/kralizec/cryptpad-deb-12/README.md
+++ b/kralizec/cryptpad-deb-12/README.md
@ -1,3 +0,0 @@
---
-VMID: 126
---
--- a/kralizec/dmzrs/README.md
+++ b/kralizec/dmzrs/README.md
@ -1,40 +0,0 @@
-Add this configuration to `~/.ssh/config` file
-
-```
-Host dmzkrovdmzrs12
-  Hostname veyxphzuqnooc7wb7utfza3joaoopgqgwp6l6d4en5yfmyr7kxvminqd.onion
-  User root 
-  IdentityFile ~/.ssh/id_rsa
-  PasswordAuthentication no
-
-```
-
-Now you can log in by typing:
-
-
-```bash
-torsocks ssh dmzkrovdmzrs12
-```
-
-Install all needed packages:
-
-
-```bash
-apt install rsync git nginx
-git clone https://gitea.dmz.rs/Decentrala/website
-```
-
-Run `updatewebsite.sh` script every minute using `crontab` (run "`crontab -e`")
-This fill automatically pull from git repo and regenerate events page
-
-Add `nginx-dmz.rs.conf` to `/etc/nginx/sites-available/dmz.rs` and create a symlink
-from `/etc/nginx/sites-enabled/dmz.rs` to that file.
-You can do this by running:
-
-```bash
-ln -s /etc/nginx/sites-available/dmz.rs /etc/nginx/sites-enabled/dmz.rs
-```
-
-Increase `server_names_hash_bucket_size` to 256 in `/etc/nginx/nginx.conf` in order to support onion addresses.
-
-In the `nginx` configuration /account/ is redirected to the `luser` [instance](https://gitea.dmz.rs/fram3d/luser)  running at `192.168.1.211`.
--- a/kralizec/dmzrs12/README.md
+++ b/kralizec/dmzrs12/README.md
@ -1,3 +0,0 @@
---
-VMID: 122
---
--- a/kralizec/dmzrsflask11/README.md
+++ b/kralizec/dmzrsflask11/README.md
@ -1,3 +0,0 @@
---
-VMID: 118
---
--- a/kralizec/donationcalc12/README.md
+++ b/kralizec/donationcalc12/README.md
@ -1,3 +0,0 @@
---
-VMID: 124
---
--- a/kralizec/dynamicdns11/README.md
+++ b/kralizec/dynamicdns11/README.md
@ -1,3 +0,0 @@
---
-VMID: 111
---
--- a/kralizec/ejabberd11/README.md
+++ b/kralizec/ejabberd11/README.md
@ -1,3 +0,0 @@
---
-VMID: 106
---
--- a/kralizec/elinearch/README.md
+++ b/kralizec/elinearch/README.md
@ -1,3 +0,0 @@
---
-VMID: 119
---
--- a/kralizec/flaskldap11/README.md
+++ b/kralizec/flaskldap11/README.md
@ -1,3 +0,0 @@
---
-VMID: 109
---
--- a/kralizec/gitea11/README.md
+++ b/kralizec/gitea11/README.md
@ -1,3 +0,0 @@
---
-VMID: 117
---
--- a/kralizec/http11/README.md
+++ b/kralizec/http11/README.md
@ -1,3 +0,0 @@
---
-VMID: 104
---
--- a/kralizec/krovhttp11/README.md
+++ b/kralizec/krovhttp11/README.md
@ -1,3 +0,0 @@
---
-VMID: 121
---
--- a/kralizec/nginx/README.md
+++ b/kralizec/nginx/README.md
@ -1,3 +0,0 @@
---
-VMID: 108
---
--- a/kralizec/openldap12/README.md
+++ b/kralizec/openldap12/README.md
@ -1,3 +0,0 @@
---
-VMID: 127
---
--- a/kralizec/postfix11/README.md
+++ b/kralizec/postfix11/README.md
@ -1,3 +0,0 @@
---
-VMID: 113
---
--- a/kralizec/postgresql11/README.md
+++ b/kralizec/postgresql11/README.md
@ -1,3 +0,0 @@
---
-VMID: 105
---
--- a/kralizec/radionice11/README.md
+++ b/kralizec/radionice11/README.md
@ -1,3 +0,0 @@
---
-VMID: 116
---
--- a/kralizec/roundcube12/README.md
+++ b/kralizec/roundcube12/README.md
@ -1,3 +0,0 @@
---
-VMID: 123
---
--- a/kralizec/ssh11/README.md
+++ b/kralizec/ssh11/README.md
@ -1,5 +0,0 @@
---
-VMID: 114
---
-
-[wiki page](https://wiki.dmz.rs/en/sysadmin/ssh)
--- a/kralizec/sshfs11/README.md
+++ b/kralizec/sshfs11/README.md
@ -1,3 +0,0 @@
---
-VMID: 112
---
--- a/kralizec/tor11/README.md
+++ b/kralizec/tor11/README.md
@ -1,3 +0,0 @@
---
-VMID: 101
---
--- a/kralizec/webring12/README.md
+++ b/kralizec/webring12/README.md
@ -1,3 +0,0 @@
---
-VMID: 125
---
--- a/kralizec/wiki11/README.md
+++ b/kralizec/wiki11/README.md
@ -1,3 +0,0 @@
---
-VMID: 120
---
--- a/kralizec/wireguard11/README.md
+++ b/kralizec/wireguard11/README.md
@ -1,56 +0,0 @@
---
-VMID: 103
---
-
-[Wireguard VPN quickstart](https://www.wireguard.com/quickstart)
-
-Check `dmzadmin` for `wireguard.gpg` to know who to contact for access 
-
---
-
-### Client config
-
-Client config example
-`x` is the assigned on the server as peer:
-
-```conf
-
-[Interface]
-Address = 192.168.164.x/32
-DNS = 1.1.1.1
-MTU = 1420
-SaveConfig = true
-ListenPort = 51820
-FwMark = 0xca6c
-PrivateKey = <your_private_wg_key>
-
-[Peer]
-PublicKey = JP2FTHLUujkevz1kUymciLImsx1OX9ViUko7oPAIoiA=
-AllowedIPs = 192.168.164.0/24, 192.168.1.0/24
-Endpoint = 77.105.27.232:51820
-PersistentKeepalive = 21
-
-```
-
---
-
-### Server config
-
-New user/client needs to provide their wireguard `publickey` and new ip on the network needs to be assigned (`x`)
-check the server config file `/etc/wireguard/wg0.conf` to find free address
-
-```sh
-sudo wg set wg0 peer <client_public_key> allowed-ips 192.168.164.x/32
-```
-
---
-
-Command to resolve IP clashing with current and wireguard network, if needed
-
-```shell
-ip route add <ip> dev <wg0>
-```
-
- `ip` you want to resolve -> for wireguard VM 192.168.1.10
- `wg0` name of the wireguard config
-
--- a/kralizec/xmppmirror11/README.md
+++ b/kralizec/xmppmirror11/README.md
@ -1,3 +0,0 @@
---
-VMID: 102
---
--- a/krov/serverko/ddns12/README.md
+++ b/krov/serverko/ddns12/README.md
@ -1,3 +0,0 @@
---
-VMID: 101
---
--- a/krov/serverko/dmzrs12/README.md
+++ b/krov/serverko/dmzrs12/README.md
@ -1,3 +0,0 @@
---
-VMID: 102
---
--- a/krov/serverko/dmzrsaccount/README.md
+++ b/krov/serverko/dmzrsaccount/README.md
@ -1,3 +0,0 @@
---
-VMID: 110
---
--- a/krov/serverko/ejabberd12/README.md
+++ b/krov/serverko/ejabberd12/README.md
@ -1,5 +0,0 @@
---
-VMID: 109
---
-
-XMPP server, used for future decentralization
--- a/krov/serverko/ipv6tunnel12/README.md
+++ b/krov/serverko/ipv6tunnel12/README.md
@ -1,3 +0,0 @@
---
-VMID: 107
---
--- a/krov/serverko/nginx12/README.md
+++ b/krov/serverko/nginx12/README.md
@ -1,26 +0,0 @@
---
-VMID: 100
---
-
-This VM is a reverse proxy, all serveces go through it and get their SSL certificates
-
-## Creating new record
-
-```sh
-cd /etc/nginx/sites-available/ # configs are located here
-vim.tiny pastebin.dmz.rs # using pastebin as example, copy existing one and edit it
-ln -s /etc/nginx/sites-available/pastebin.dmz.rs  /etc/nging/sites-enabled/pastebin.dmz.rs # creating link since file is the same
-mkdir /var/www/pastebindmzrs # new dir where certificate will be validated
-nginx -t # checking for errors
-systemctl reload nginx.service # reloading the service for changes to apply, reset will work too
-service nginx reload # alternative server reload
-certbot certonly --webroot -w /var/www/pastebindmzrs -d pastebin.dmz.rs -d pastebin.decentrala.org # requesting the certificates
-```
-
-## renewal
-
-```sh
-ls /var/www/
-cd /etc/letsencrypt/renewal
-certbot renew
-```
--- a/krov/serverko/opensmptd12/README.md
+++ b/krov/serverko/opensmptd12/README.md
@ -1,3 +0,0 @@
---
-VMID: 106
---
--- a/krov/serverko/postgres12/README.md
+++ b/krov/serverko/postgres12/README.md
@ -1,3 +0,0 @@
---
-VMID: 108
---
--- a/krov/serverko/slapd12/README.md
+++ b/krov/serverko/slapd12/README.md
@ -1,3 +0,0 @@
---
-VMID: 104
---
--- a/krov/serverko/stopreklamama12/README.md
+++ b/krov/serverko/stopreklamama12/README.md
@ -1,6 +0,0 @@
---
-VMID: 112
---
-
-This container is for hosting the [website](https://gitea.dmz.rs/svitvojimilioni/stopreklamama)
-hosted on domen `stopreklamama.dmz.rs`
--- a/krov/serverko/taskmanager12/README.md
+++ b/krov/serverko/taskmanager12/README.md
@ -1,8 +0,0 @@
---
-VMID: 111
---
-
-Old app for group task managment, [gitea project](https://gitea.dmz.rs/Decentrala/taskmanager)
-Hosted on [todo.dmz.rs](https://todo.dmz.rs/)
-
-Now using soft.dmz.rs/fixme instead
--- a/krov/serverko/tor12/README.md
+++ b/krov/serverko/tor12/README.md
@ -1,5 +0,0 @@
---
-VMID: 103
---
-
-In this container hosts the tor onion service, used for remote access to the proxmox, through tor.
--- a/krov/serverko/wireguard12/README.md
+++ b/krov/serverko/wireguard12/README.md
@ -1,5 +0,0 @@
---
-VMID: 105
---
-
-Wireguard server for VPN access to krov network
--- a/krov/srv1/README.md
+++ b/krov/srv1/README.md
@ -1,39 +0,0 @@
-# List of containers
-
-# srv1
-
-VMID Name  
-100  ssh12
-101  vukbox
-102  mad3v-container-postgresql  
-103  nextcloud1 
-104  pentest
-105  dns12
-106  cryptpad  
-107  cryptpad12
-108  ejabberd12 
-109  dante12  
-111  postgresql12
-112  gitea12
-113  game12 
-114  coja-nginx 
-115  mad3v-container-1  
-116  hugo12  
-118  mumble
-119  netstat-game12
-120  privatebin12
-121  searxng12 
-122  alpine-it-tools  
-123  test  
-124  jitsi12
-
---
-
-### Hardware
-
-Dell enterprise server
-
-##### Legend
-
-12 -> debian 12 lxc
-
--- a/krov/srv1/alpine-it-tools/README.md
+++ b/krov/srv1/alpine-it-tools/README.md
@ -1,7 +0,0 @@
---
-VMID: 122
---
-
-Installed with [proxmox helper scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=alpine-it-tools)
-
-Plan to host it on tools.dmz.rs
--- a/krov/srv1/cryptpad12/README.md
+++ b/krov/srv1/cryptpad12/README.md
@ -1,13 +0,0 @@
---
-VMID: 106
---
-
-Installed with [proxmox helper scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=cryptpad)
-
-[Project page](https://cryptpad.org/)
-
-
-Plan to host it on cryptpad.dmz.rs
-
-cryptpad (106) is already on that subdomain, but it doesnt work
-
--- a/krov/srv1/ejabberd12/README.md
+++ b/krov/srv1/ejabberd12/README.md
@ -1,5 +0,0 @@
---
-VMID: 108
---
-
-XMPP server, practice for future decentralization of the service
--- a/krov/srv1/homeAssistentInstanca/README.md
+++ b/krov/srv1/homeAssistentInstanca/README.md
@ -1,9 +0,0 @@
---
-VMID: 117
---
-
-Installed with [proxmox helper scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=haos-vm)
-
-[Forum descussion](https://forum.dmz.rs/t/automatizacija-krova/469)
-
-
--- a/krov/srv1/jitsi12/README.md
+++ b/krov/srv1/jitsi12/README.md
@ -1,9 +0,0 @@
---
-VMID: 124
---
-
-Video converencing server. Zoom alternative.
-
-[website](https://jitsi.org/)
-
-Plan to host it on jitsi.dmz.rs, video.dmz.rs or else
--- a/krov/srv1/mumble/README.md
+++ b/krov/srv1/mumble/README.md
@ -1,9 +0,0 @@
---
-VMID: 118
---
-
-VOIP server, hosted on krov.dmz.rs
-
-[website](https://www.mumble.info/)
-
-
--- a/krov/srv1/netstat-game12/README.md
+++ b/krov/srv1/netstat-game12/README.md
@ -1,6 +0,0 @@
---
-VMID: 119 
---
-
-Open arena server, free clone of FPS Quake III Arena
-Hosted on krov.dmz.rs:27960 for LAN Parties
--- a/krov/srv1/nextcloud1/README.md
+++ b/krov/srv1/nextcloud1/README.md
@ -1,9 +0,0 @@
---
-VMID: 103
---
-
-Plan for this services was to use the shared callendar with members of DC Krov
-
-Register as a user is disabled, only admins can create the accounts
-LDAP is not connected
-
--- a/krov/srv1/old-abandoned/README.md
+++ b/krov/srv1/old-abandoned/README.md
@ -1 +0,0 @@
-Those serveces are not on the server
--- a/krov/srv1/old-abandoned/chatbot12/README.md
+++ b/krov/srv1/old-abandoned/chatbot12/README.md
@ -1,5 +0,0 @@
---
-VMID: 114
---
-
-[Forum discussion](https://forum.dmz.rs/t/jel-neko-u-krovu-bot/779)
--- a/krov/srv1/old-abandoned/dendrite/README.md
+++ b/krov/srv1/old-abandoned/dendrite/README.md
@ -1,3 +0,0 @@
---
-VMID: 103
---
--- a/krov/srv1/old-abandoned/goodvibes12/README.md
+++ b/krov/srv1/old-abandoned/goodvibes12/README.md
@ -1,3 +0,0 @@
---
-VMID: 115
---
--- a/krov/srv1/old-abandoned/mariadb12/README.md
+++ b/krov/srv1/old-abandoned/mariadb12/README.md
@ -1,3 +0,0 @@
---
-VMID: 107
---
--- a/krov/srv1/old-abandoned/mpd12/README.md
+++ b/krov/srv1/old-abandoned/mpd12/README.md
@ -1,3 +0,0 @@
---
-VMID: 108
---
--- a/krov/srv1/old-abandoned/ollama12/README.md
+++ b/krov/srv1/old-abandoned/ollama12/README.md
@ -1,3 +0,0 @@
---
-VMID: 113
---
--- a/krov/srv1/old-abandoned/tor12/README.md
+++ b/krov/srv1/old-abandoned/tor12/README.md
@ -1,3 +0,0 @@
---
-VMID: 102
---
--- a/krov/srv1/old-abandoned/ympd/README.md
+++ b/krov/srv1/old-abandoned/ympd/README.md
@ -1,3 +0,0 @@
---
-VMID: 109
---
--- a/krov/srv1/other/README.md
+++ b/krov/srv1/other/README.md
@ -1,32 +0,0 @@
-Here should be the list of other containers on the server
-
-## "Personal containers" 
-created on some of the sysadmin workshops, used for learning and practice, usually named by the nickname
-
- vukbox
- hugo12
- malin
- mad3v-container-postresql
- mad3v-container-1
- coja-nginx hosting [coja.krov.dmz.rs](https://coja.krov.dmz.rs/)
- 
-
---
-
-## Other 
-
- pentest - created by fleka for CTF challange
-
---
-
-## Containers with no info
-Feel free to add info 
-
- dante12
- dns12
- gitea12
- test
- game12
-
-
-
--- a/krov/srv1/postgresql12/README.md
+++ b/krov/srv1/postgresql12/README.md
@ -1,5 +0,0 @@
---
-VMID: 111
---
-
-Probably used as a testing ground for syncing the database, for future decentralization.
--- a/krov/srv1/privatebin12/README.md
+++ b/krov/srv1/privatebin12/README.md
@ -1,10 +0,0 @@
---
-VMID: 120
---
-
-Installed with [proxmox helper scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=privatebin)
-
-[Project page](https://privatebin.info/)
-
-Hosted on [subdomain on dmz](https://pastebin.dmz.rs/)
-
--- a/krov/srv1/searxng12/README.md
+++ b/krov/srv1/searxng12/README.md
@ -1,10 +0,0 @@
---
-VMID: 121
---
-
-Installed with [proxmox helper scripts](https://community-scripts.github.io/ProxmoxVE/scripts?id=searxng)
-
-[Project git repo](https://github.com/searxng/searxng)
-
-Hosted on [subdomain on dmz](https://search.dmz.rs/)
-
--- a/krov/srv1/ssh12/README.md
+++ b/krov/srv1/ssh12/README.md
@ -1,8 +0,0 @@
---
-VMID: 100
---
-
-SSH port from this container is forwarded on krov.dmz.rs
-SSH access to other containers is done through this one with ssh jump, passwords are disabled, so only keys verification is used. 
-
-[wiki page](https://wiki.dmz.rs/en/sysadmin/ssh)
--- a/map.ge
+++ b/map.ge
@ -0,0 +1,39 @@
+# Network map of Decentrala.  Use with:
+# graph-easy --boxart < netmap.txt
+
+(Mox
+	[ m_router ]{label: router ;}
+	[ wireguard ] --> [ m_nginx ]{label: nginx-11 ;}
+	[ wiki ] --> [ m_nginx ]
+	[ gitea ] --> [ m_nginx ]
+	[ tor11 ] --> [ m_nginx ] --> [ m_router ]
+	[ smtp ]
+)
+
+(Serverko
+	[ s_nginx ]{label: nginx-12 ;}
+	[ s_router ]{label: router ;}
+	[ s_nginx ] --> [ nextcloud ]
+	[ s_nginx ] --> [ tor12 ]
+	[ s_nginx ] --> [ s_router ]
+)
+
+(splint.rs # unimportant
+	[ soft-serve ] # unimportant
+	[ mail-cache ]# unimportant
+) # unimportant
+
+[ tor12 ] <..> [ onions ] <..> [ tor11 ]
+[ m_router ] <..> [ BGP ] <..> [ madness ] <..> [ s_router ]
+[ smtp ] <..> [ madness ]
+[ madness ] <..> [  mail-cache ]# unimportant
+[ A ]{label: "" ;}
+[ B ]{label: "" ;}
+[ C ]{label: "" ;}
+[ D ]{label: "" ;}
+[ onions ] <..> [ A ]
+[ onions ] <..> [ B ]
+[ A ] <..> [ C ]
+[ B ] <..> [ D ]
+
+(Sharks! [ D ])
--- a/network.rec
+++ b/network.rec
@ -1,88 +0,0 @@
-%rec: router
-%doc: Routers, or possibly modems?
-
-name: ISP Router
-location: kralizec
-ISP: Orion
-
-name: ISP Router
-location: krov
-ISP: Yettel
-
-%rec: host
-%doc: These are the real machines, most of which run VMs or containters.
-%key: name
-
-name: moxx
-location: kralizec
-
-name: Serverko
-location: krov
-
-%rec: lxc
-%doc: A container, usually on a Proxmox host.
-%type: host rec host
-
-name: nginx11
-gateway: ISP-router
-host: moxx
-proxies: wiki11
-proxies: gitea11
-proxies: forum11
-proxies: ejabberd11
-proxies: dmzrs
-
-name: LDAP
-host: moxx
-
-name: website
-host: moxx
-authqueries: LDAP
-queries: postgresql11
-service: dmzrs
-service: flask accounts
-
-name: gitea11
-service: gitea
-host: moxx
-authqueries: LDAP
-queries: postgresql11
-
-name: ejabberd11
-service: ejabberd
-host: moxx
-authqueries: LDAP
-queries: postgresql11
-
-name: forum11
-service: forum
-host: moxx
-authqueries: LDAP
-queries: postgresql11
-
-name: postfix11
-service: postfix
-authqueries: LDAP
-
-name: tor11
-service: tor
-host: moxx
-
-name: postgresql11
-service: postgresql
-host: moxx
-
-name: wiki11
-service: wiki
-host: moxx
-authqueries: LDAP
-
-name: nginx12
-host: Serverko
-
-name: nextcloud
-host: Serverko
-
-name: tor12
-host: nginx
-
--- a/scripts/generatepass.sh
+++ b/scripts/generatepass.sh
@ -1,5 +0,0 @@
-
-#!/bin/bash
-
-echo $(shuf shared/english.txt | head) | sed "s/ //g"
-
--- a/Show More
+++ b/Show More