diff options
Diffstat (limited to 'sites')
35 files changed, 692 insertions, 0 deletions
diff --git a/sites/buildbot.krebsco.de/INSTALLATION.md b/sites/buildbot.krebsco.de/INSTALLATION.md new file mode 100644 index 00000000..83ffc9c3 --- /dev/null +++ b/sites/buildbot.krebsco.de/INSTALLATION.md @@ -0,0 +1,18 @@ +#?/bin/sh +# something like this + +useradd ci -m +punani install python2-virtualenv +su ci +virtualenv2 buildbot +echo ". $HOME/buildbot/bin/activate" >>~/.bashrc +. ~/.bashrc +pip install buildbot-slave buildbot +buildbot create-master master +# tahoe cp krebs:master.conf master/master.conf +buildbot reconf master +# or reconfigure as many slaves as you wish +buildslave create-slave slave localhost "ubuntu1204-local-slave" <PWD> +buildbot start master +buildslave start slave +# now make sure that docker is up and working diff --git a/sites/buildbot.krebsco.de/README.md b/sites/buildbot.krebsco.de/README.md new file mode 100644 index 00000000..187c54f8 --- /dev/null +++ b/sites/buildbot.krebsco.de/README.md @@ -0,0 +1,29 @@ +# buildbot.krebsco.de +The buildbot is configured to run all of the fancy test cases in painload (and +possibly more project). + +# Testing the Painload +Subprojects may contain folders called t/ which may contain executables which +will be called by running `make test` in the respective folder. +A sample `make test` may look like `//krebs/ship/Makefile`. +The buildbot master may include these paths into the test chain. + +# Master & Slave +Buildbot contains of a master with all the configuration magic and n slaves +which will be building. Both the master and the slave are started at system +startup as the user ci (see INSTALLATION.md). +The configuration file is currently stored at tahoe: + + krebs:ci/buildbot/master/master.cfg + # and + krebs:ci/buildbot/slave/buildbot.tac + +# Docker +For more flexibility in testing the painload contains test which are using +docker virtual environments. These have the advantage of providing a new +environment at every run. + +Docker access must be made available to the CI user. + +For a Sample Docker Test, see /krebs/ship/t/docker/docker_remote_punani.sh + diff --git a/sites/conf.krebsco.de/README b/sites/conf.krebsco.de/README new file mode 100644 index 00000000..08d27887 --- /dev/null +++ b/sites/conf.krebsco.de/README @@ -0,0 +1,3 @@ +# conf.krebsco.de + +will serve files which are created by //ship , redirects to https diff --git a/sites/conf.krebsco.de/conf.krebsco.de.conf b/sites/conf.krebsco.de/conf.krebsco.de.conf new file mode 100644 index 00000000..244489bf --- /dev/null +++ b/sites/conf.krebsco.de/conf.krebsco.de.conf @@ -0,0 +1,19 @@ +server { + listen 192.40.56.122:80; + listen [2604:2880::841f:72c]:80; + rewrite ^ https://$server_name$request_uri? permanent; + server_name conf.krebsco.de; +} +server { + listen 192.40.56.122:443 ssl; + listen [2604:2880::841f:72c]:443 ssl; + ssl_certificate /etc/nginx/ssl/pigstarter.crt; + ssl_certificate_key /etc/nginx/ssl/pigstarter.key; + server_name conf.krebsco.de; + access_log /var/log/nginx/log/conf.krebsco.log main; + default_type text/plain; + autoindex on; + location / { + root /var/www/conf.krebsco.de; + } +} diff --git a/sites/dradis-forwarder/README.md b/sites/dradis-forwarder/README.md new file mode 100644 index 00000000..40f7d16a --- /dev/null +++ b/sites/dradis-forwarder/README.md @@ -0,0 +1,43 @@ +Dradis is installed on Kalle at port 3004 via ssl. Kalle is a Kali Linux instance: + - http://dradisframework.org/install.html + +pigstarter forwards ssl via nginx: + + + # enable reverse proxy + proxy_redirect off; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for; + + upstream streaming_example_com + { + server kalle:3004; + } + + server + { + listen 8443 default ssl; + #server_name streaming.example.com; + #access_log /tmp/nginx_reverse_access.log; + #error_log /tmp/nginx_reverse_error.log; + root /usr/local/nginx/html; + index index.html; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_certificate /etc/nginx/ssl/pigstarter.crt; + ssl_certificate_key /etc/nginx/ssl/pigstarter.key; + ssl_verify_client off; + proxy_ssl_session_reuse off; + ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers RC4:HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + + location / + { + proxy_pass https://kalle:3004; + } + } + diff --git a/sites/elchhub.nsupdate.info/install_adhpp b/sites/elchhub.nsupdate.info/install_adhpp new file mode 100644 index 00000000..6f2986d5 --- /dev/null +++ b/sites/elchhub.nsupdate.info/install_adhpp @@ -0,0 +1,44 @@ +curl https://aur.archlinux.org/packages/ad/adchpp/adchpp.tar.gz > adchpp.tar.gz +tar xf adchpp.tar.gz +cd adchpp +# install all the deps +makepkg +pacman -U adchpp-*-x86_64.pkg.tar.xz +vi /etc/adchpp/adchpp.xml +# change description etc +# add to servers: +# <Server Port="2781" TLS="1" Certificate="/etc/adchpp/certs/cacert.pem" +# PrivateKey="/etc/adchpp/certs/privkey.pem" +# TrustedPath="/etc/adchpp/certs/trusted/" +# DHParams="/etc/adchpp/certs/dhparam.pem"/> + + +mkdir /etc/adchpp/certs +cd /etc/adchpp/certs +openssl genrsa -out privkey.pem 4096 +openssl req -new -x509 -key privkey.pem -out cacert.pem +openssl dhparam -outform PEM -out dhparam.pem 1024 + +cat > /var/lib/adchpp/motd.txt <<EOF +Welcome to the Elch Hub + xx xx xx xx +xxxx xx xxxx xxxx xxxx xx +xxxx xx xxxx xxxx xxxx xx + xxxxxx xx xx xxxxxx + xxxxxx xxxxxxxxxx xxxxxx + xx xxxxxxxxxxxxxx xx + xxxxxxxxxxxxxxxxxxxxxxxxxx + xxxxxxxxxxxxxx + xxxxxxxxxxxxxxxxxxxxxx + xx xxxxxx xx + xx xx xx xx xx xx + xx xx xx xx xx xx + xx xxxx xx xx xxxx xx + +[!] SSL is at port 2781 + connect via adcs://elchhub.nsupdate.info:2781/ + better start using it +EOF + +systemctl enable adchpp +systemctl start adchpp diff --git a/sites/elchirc.nsupdate.info/install_unrealircd b/sites/elchirc.nsupdate.info/install_unrealircd new file mode 100644 index 00000000..6778a7ac --- /dev/null +++ b/sites/elchirc.nsupdate.info/install_unrealircd @@ -0,0 +1,19 @@ +pacman -S unrealircd +# in /etc/unrealircd/unrealircd.conf +# uncomment where it says FOR *NIX +# remove the src/ from the start path as they are in /etc/unrealircd + +# uncomment motd ircd.motd +# fix passwords for restart +# comment in the .fr stuff +# fix cloak-keys +# + +# configure me,admin,class +# curl unreal.x-tab.org/makecert.sh > makecert.sh +# ./makecert.sh new -k server.key.pem -c server.cert.pem -r server.req.pem -b 2048 -d 9001 +# +# cp /krebs/cholerab/bling/krebs-v2.txt ircd.motd +# +# systemctl enable unrealircd +# systemctl start unrealircd diff --git a/sites/elchstats.nsupdate.info/carbon.service b/sites/elchstats.nsupdate.info/carbon.service new file mode 100644 index 00000000..d7087d41 --- /dev/null +++ b/sites/elchstats.nsupdate.info/carbon.service @@ -0,0 +1,15 @@ +[Unit] +Description=Graphite Carbon +After=network.target + +[Service] +Type=forking +User=graphite +Group=graphite +RemainAfterExit=yes +PIDFile=/opt/graphite/storage/carbon-cache-a.pid +ExecStart=/opt/graphite/bin/carbon-cache.py start +ExecStop=/opt/graphite/bin/carbon-cache.py stop + +[Install] +WantedBy=multi-user.target diff --git a/sites/elchstats.nsupdate.info/graphite-web.service b/sites/elchstats.nsupdate.info/graphite-web.service new file mode 100644 index 00000000..798f82ba --- /dev/null +++ b/sites/elchstats.nsupdate.info/graphite-web.service @@ -0,0 +1,16 @@ +[Unit] +Description=Graphite Web +After=network.target + +[Service] +Type=simple +User=graphite +Group=graphite +#RemainAfterExit=yes +Environment=PYTHONPATH=/opt/graphite/webapp +ExecStart=/usr/bin/django-admin.py runserver 0.0.0.0:8080 --settings=graphite.settings +TimeoutSec=45s +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/sites/elchstats.nsupdate.info/graphite.journal.txt b/sites/elchstats.nsupdate.info/graphite.journal.txt new file mode 100644 index 00000000..777f4650 --- /dev/null +++ b/sites/elchstats.nsupdate.info/graphite.journal.txt @@ -0,0 +1,37 @@ +#?/bin/sh +set -euf +# from http://graphite.wikidot.com/installation + +git clone https://github.com/graphite-project/graphite-web.git +git clone https://github.com/graphite-project/carbon.git +git clone https://github.com/graphite-project/whisper.git + +pacman -S python2 gcc pkg-config cairo python2-pip +for i in whisper carbon graphite-web;do + cd $i + pip2 install -r requirements.txt||: + python2 setup.py install + cd - +done +cd /opt/graphite/conf +cp carbon.conf.example carbon.conf +# edit carbon.conf, fix max writes per second, max adds per minute +cp storage-schemas.conf.example storage-schemas.conf + +# edit storage-schemas.conf, fix storage time +cd /opt/graphite/webapp/graphite +cp local_settings.py.example local_settings.py +# change SECRET_KEY +PYTHONPATH=/opt/graphite/webapp django-admin.py syncdb --settings=graphite.settings +# push in the texts + +useradd -m graphite -d /opt/graphite -r +chown -R graphite /opt/graphite +cd _here_ +cp carbon.service /opt/systemd/system/ +systemctl enable carbon +systemctl start carbon +cp graphite-web.service /opt/systemd/system/ +systemctl enable graphite-web +systemctl start graphite-web + diff --git a/sites/gold.krebsco.de/README.md b/sites/gold.krebsco.de/README.md new file mode 100644 index 00000000..6839631a --- /dev/null +++ b/sites/gold.krebsco.de/README.md @@ -0,0 +1,18 @@ +# gold +gold.krebsco.de is a simple file share which provides plugins for +firefox/chromium to rewrite referers. + +# Installation: +copy the nginx config at etc/nginx/sites-available, edit before use + +# Plugins +All krebsgold plugins are stored in /krebs/gold/affiliate/ +For installation follow the instruction at /krebs/gold/affiliate/README.md + +## Chromium +uses userscripts, a modified version of the fsf amazon userscript + +## Affiliatefox +Affiliatefox is a dodgy plugin by some weird german dudes at +http://www.the-angelz.net . it may be removed in the future as the chromium +userscript also works for firefox+greasemonkey diff --git a/sites/gold.krebsco.de/etc/nginx/sites-available/gold.krebsco.de b/sites/gold.krebsco.de/etc/nginx/sites-available/gold.krebsco.de new file mode 100644 index 00000000..1c565bbd --- /dev/null +++ b/sites/gold.krebsco.de/etc/nginx/sites-available/gold.krebsco.de @@ -0,0 +1,12 @@ +server { + listen <external-ip>:80; + server_name gold.krebsco.de; + access_log /var/log/nginx/log/gold.krebsco.log main; + default_type text/plain; + autoindex on; + location / { + # path to //gold/affiliate/ ,may be a symlink or something + root /var/www/gold.krebsco.de; + } +} + diff --git a/sites/graph.krebsco.de/README.md b/sites/graph.krebsco.de/README.md new file mode 100644 index 00000000..2cc43197 --- /dev/null +++ b/sites/graph.krebsco.de/README.md @@ -0,0 +1,98 @@ +# Retiolum graphs +Tinc provides detailed informations about hosts in the mesh network. We are +using this information to build graphs. + +## Requirements + +- tinc-pre (tinc and tincd binaries) +- python2 or python3 +- all the python dependencies in /krebs/retiolum/scripts/adv_graphgen/DEPS + via `pip install -r DEPS` + + +## Types of Graphs +Currently two types of graphs are generated: + + 1. Anonymous Graphs + - only fancy lines between dots + - this should be made available to the world via graph.krebsco.de + 2. Detailed Graphs + - with all the stuff we know + - contain name, ip address, uptime, different coloring for supernodes and + hosts which die when supernodes die. + - these graphs should only be availabe by hosts in the retiolum darknet + - currently these are published by pigststarter/ but the hostname graph/ + shall be used for this in the future + +In addition a Graph DB will be created which contains all the cool infos from +the detailed graph plus the geolocation. +This database is used by map.html which positions all the hosts on a world map. + +The graph generation host should be a super node with tinc-pre as tinc seems to +be blocking when building graphs with `GraphDumpFile`. + +# Code +Source Code is in /krebs/retiolum/scripts/adv_graphgen/ + +## all_the_graphs.sh +This script is used for booting all the graph generation magic. +This scripy may be run as a cronjob every 5 to 10 minutes by a user which has +the right to use the tincctl and can write to the WWW directory. + + 0/5 * * * * /krebs/retiolum/scripts/adv_graphgen/all_the_graphs.sh + +The script also writes geo_coordinates for the nodes with the help of +tinc_stats/Geo.py. +it contains most of the hardcoded paths which may be changed (like +INTERNAL_FOLDER and EXTERNAL_FOLDER, see anonytize&sanitize) as well as a path +to the geolitecity ip database + +## tinc_stats/Log2JSON.py + +This script creates a giant json file from the current tinc informations and +writes it to stdout. It only contains the information retrieved by the tinc +daemon. + +## tinc_stats/Graph.py + +This script takes the json file created by Log2JSON as input. It can be either +run as `$0 complete` to create a detailed graph or `$0 anonymous` to create +minimal graphs. + +When run as anonymous no additional information will be added to the graph. +When run in complete mode, the script will determine the availability (see +tinc_stats/Availability) which nodes are supernodes (tinc_stats/Supernodes). + +it writes a graphviz graph to stdout. This can be used to create graphs with +dot by graphviz. + +## tinc_stats/Geo.py + +Geo.py takes the json file generated by Log2JSON as input and populates this +graph with geo-coordinates with the help of GeoIP. This database can be used by +map.html if put in the same directory. + +## tinc_stats/Supernodes + +This script provides functionality find out if a node is a supernode or not. +This will be done by checking if the tinc port of the host in the json file is reachable or not. if called directly it will return the name of the host, a space, and an array of tuples of ip-addresses which were reachable in the run. +This script is used by Graph.py via import. + +## tinc_stats/Availability + +This modules provides functionality to generate availability information for +each node configured in /etc/tinc/retiolum/hosts. This is done by tracking each +request in a file called /krebs/db/availability (currently hardcoded in +Graph.py). The Script will not append a new line of hosts by itself, Graph.py +does this. + +## anonytize & sanitize +These two scripts handle the building of the graphs as well as the conversion +from graphviz to svg and png. They work pretty much the same in principle, one +is calling Graph.py complete and the other anonymous. + +Both scripts are called with $1 being the path where to write the graphs into. +e.g.: +./anonytize.sh /var/www/graph.krebsco.de +./sanitze.sh /var/www/graph.retiolum + diff --git a/sites/graph.krebsco.de/etc/nginx/sites-available/graph.conf b/sites/graph.krebsco.de/etc/nginx/sites-available/graph.conf new file mode 100644 index 00000000..1b74f53a --- /dev/null +++ b/sites/graph.krebsco.de/etc/nginx/sites-available/graph.conf @@ -0,0 +1,11 @@ +server { + # graph hosting internal + listen <internal-ip>:80; + server_name graph graph.retiolum; # or your hostname + access_log /var/log/nginx/log/graph.log main; + default_type text/plain; + location / { + root /var/www/graph.retiolum; + } +} + diff --git a/sites/graph.krebsco.de/etc/nginx/sites-available/graph.krebsco.de.conf b/sites/graph.krebsco.de/etc/nginx/sites-available/graph.krebsco.de.conf new file mode 100644 index 00000000..0619908e --- /dev/null +++ b/sites/graph.krebsco.de/etc/nginx/sites-available/graph.krebsco.de.conf @@ -0,0 +1,10 @@ +server { + listen <external-addr>:80; + server_name graph.krebsco.de; + access_log /var/log/nginx/log/graph.krebsco.de.access.log main; + default_type text/plain; + location / { + root /var/www/graph.krebsco.de; + } +} + diff --git a/sites/mediengewitter.krebsco.de/README.md b/sites/mediengewitter.krebsco.de/README.md new file mode 100644 index 00000000..e7bd88a2 --- /dev/null +++ b/sites/mediengewitter.krebsco.de/README.md @@ -0,0 +1,11 @@ +# Mediengewitter +Broadcast funny pictures. + +Mediengewitter is divided into two parts: +1. the image crawler (magnets) +2. the website (mediengewitter) + +Mediengewitter is deployed via docker containerization. + +# magnets + diff --git a/sites/mediengewitter.krebsco.de/magnets/DEPLOY.md b/sites/mediengewitter.krebsco.de/magnets/DEPLOY.md new file mode 100644 index 00000000..f422f79f --- /dev/null +++ b/sites/mediengewitter.krebsco.de/magnets/DEPLOY.md @@ -0,0 +1,7 @@ +# docker + +/media/ext/magnet_pics is the path to a lot of disk space which will be shared by magnets and mediengewitter. + + docker build -t krebs/magnets . + # autostart this somehow + docker run -v /media/ext/magnet_pics/:/images krebs/magnets diff --git a/sites/mediengewitter.krebsco.de/magnets/Dockerfile b/sites/mediengewitter.krebsco.de/magnets/Dockerfile new file mode 100644 index 00000000..f966d940 --- /dev/null +++ b/sites/mediengewitter.krebsco.de/magnets/Dockerfile @@ -0,0 +1,17 @@ +FROM ubuntu:latest +RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list +RUN dpkg-divert --local --rename --add /sbin/initctl +RUN ln -s /bin/true /sbin/initctl +RUN apt-get update +RUN apt-get install -y python-software-properties python g++ make +RUN add-apt-repository -y ppa:chris-lea/node.js +RUN apt-get update +RUN apt-get -y install nodejs curl +RUN mkdir -p /opt/magnets +Add magnets/ /magnets +RUN cd /magnets && npm install +# fix crappy wwwdude +RUN cp /magnets/node_modules/wwwdude/lib/wwwdude/node-versions/v0.5.x.js /magnets/node_modules/wwwdude/lib/wwwdude/node-versions/v0.10..js +# -v /media/ext/magnet_pics/:/images +ENV image_folder /images +CMD ["/magnets/run.sh"] diff --git a/sites/mediengewitter.krebsco.de/magnets/magnets b/sites/mediengewitter.krebsco.de/magnets/magnets new file mode 160000 +Subproject 7f8925b2779706c381416f4d578385f520ad462 diff --git a/sites/mediengewitter.krebsco.de/mediengewitter/DEPLOY.md b/sites/mediengewitter.krebsco.de/mediengewitter/DEPLOY.md new file mode 100644 index 00000000..7cf8826a --- /dev/null +++ b/sites/mediengewitter.krebsco.de/mediengewitter/DEPLOY.md @@ -0,0 +1,9 @@ +# docker + + docker build -t krebs/mediengewitter . + # autostart this somehow + docker run -p 127.0.0.1::8080 -v /media/ext/magnet_pics/:/images krebs/mediengewitter + +# nginx + + cp etc/nginx/sites-available/mediengewitter.krebsco.de.conf /etc/nginx/sites-available/ diff --git a/sites/mediengewitter.krebsco.de/mediengewitter/Dockerfile b/sites/mediengewitter.krebsco.de/mediengewitter/Dockerfile new file mode 100644 index 00000000..dbfb2a8b --- /dev/null +++ b/sites/mediengewitter.krebsco.de/mediengewitter/Dockerfile @@ -0,0 +1,17 @@ +FROM ubuntu:latest +RUN echo "deb http://archive.ubuntu.com/ubuntu precise main universe" > /etc/apt/sources.list +RUN dpkg-divert --local --rename --add /sbin/initctl +RUN ln -s /bin/true /sbin/initctl +RUN apt-get update +RUN apt-get install -y python-software-properties python g++ make +RUN add-apt-repository -y ppa:chris-lea/node.js +RUN apt-get update +RUN apt-get -y install nodejs +Add mediengewitter/ /mediengewitter +RUN cd /mediengewitter && npm install +# -v /media/ext/magnet_pics/:/images +EXPOSE 8080 +ENV PORT 8080 +RUN rm /mediengewitter/public/content -r +RUN ln -s /images /mediengewitter/public/content +CMD ["/mediengewitter/run.sh"] diff --git a/sites/mediengewitter.krebsco.de/mediengewitter/etc/nginx/sites-available/mediengewitter.krebsco.de.conf b/sites/mediengewitter.krebsco.de/mediengewitter/etc/nginx/sites-available/mediengewitter.krebsco.de.conf new file mode 100644 index 00000000..90ab803c --- /dev/null +++ b/sites/mediengewitter.krebsco.de/mediengewitter/etc/nginx/sites-available/mediengewitter.krebsco.de.conf @@ -0,0 +1,15 @@ +server { + listen 80; + server_name mediengewitter.krebsco.de; +# access_log /var/log/nginx/log/mediengewitter.log; +# error_log /var/log/nginx/log/mediengewitter_error.log; + default_type text/plain; + location / { + proxy_pass http://127.0.0.1:8080/; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} + diff --git a/sites/mediengewitter.krebsco.de/mediengewitter/mediengewitter b/sites/mediengewitter.krebsco.de/mediengewitter/mediengewitter new file mode 160000 +Subproject db557ff99e9e420b8f85241514c211f20e3ca96 diff --git a/sites/omo/torrent.md b/sites/omo/torrent.md new file mode 100644 index 00000000..61feea94 --- /dev/null +++ b/sites/omo/torrent.md @@ -0,0 +1,25 @@ +# Running torrents through socks +## Prereqs: +- qBittorrent +- winswitch (xpra) or qbittorrent-nox + +## Install +### Winswitch +see http://winswitch.org/downloads/debian-repository.html + +## Autostart (xpra) + + # in startup script: + export DISPLAY=:11 + xpra start $DISPLAY + tmux start-server + tmux new-window -t tools:1 'ssh -q -D1234 <remote-host>' + tmux new-window -t tools:2 'qbittorrent' + # attach to it: + xpra attach ssh:omo:11 + +## Autostart (nox) +see https://github.com/qbittorrent/qBittorrent/wiki/Running-qBittorrent-without-X-server + +## Lessons learned +- transmission sucks (no proxy support diff --git a/sites/paste.retiolum/README.md b/sites/paste.retiolum/README.md new file mode 100644 index 00000000..3c634f95 --- /dev/null +++ b/sites/paste.retiolum/README.md @@ -0,0 +1,31 @@ +# paste.retiolum + +paste is a minimalistic pastebin with sprunge.us in mind. +This paste may be a supplement to all the 'open' pastebins as the punching +lemma applies to this installation. +The installation always runs on a higher port (4000), to get a really short +hostname, the host which provides this service should have a short name as well +and have an nginx or apache which translates all request to hostname:80 to +localhost:4000. see Nginx Configuration. + +# Sources + +- https://github.com/makefu/bump + +# Installation + +## Environment + + git clone https://github.com/makefu/bump + useradd -a bump -m -d /opt/bump + cd /opt/paste + virtualenv . + pip install -r deps.txt + +## Nginx + +see etc/nginx/ + +## Supervisor + +see etc/supervisor.d/ diff --git a/sites/paste.retiolum/bump b/sites/paste.retiolum/bump new file mode 160000 +Subproject 119d2723b510be392ca03d5bca7e1573e533f84 diff --git a/sites/paste.retiolum/etc/nginx/sites-available/paste.conf b/sites/paste.retiolum/etc/nginx/sites-available/paste.conf new file mode 100644 index 00000000..b83abf95 --- /dev/null +++ b/sites/paste.retiolum/etc/nginx/sites-available/paste.conf @@ -0,0 +1,14 @@ +server { + listen <internal-ip>:80; + server_name paste paste.retiolum; + access_log /var/log/nginx/log/paste.log main; + error_log /var/log/nginx/log/paste_error.log; + default_type text/plain; + location / { + proxy_pass http://127.0.0.1:4000/; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} diff --git a/sites/paste.retiolum/etc/supervisor.d/bump.supervisor.conf b/sites/paste.retiolum/etc/supervisor.d/bump.supervisor.conf new file mode 100644 index 00000000..6b83d5f2 --- /dev/null +++ b/sites/paste.retiolum/etc/supervisor.d/bump.supervisor.conf @@ -0,0 +1,5 @@ +[program:bump] +command=sh run.sh +user=bump +directory=/opt/bump +autorestart=true diff --git a/sites/reaktor-nag/setup-reaktor-nag.journal b/sites/reaktor-nag/setup-reaktor-nag.journal new file mode 100644 index 00000000..6227aa37 --- /dev/null +++ b/sites/reaktor-nag/setup-reaktor-nag.journal @@ -0,0 +1,10 @@ +2014-07-15 + useradd -m Reaktor + visudo # a |