summaryrefslogtreecommitdiffstats
path: root/sites
diff options
context:
space:
mode:
Diffstat (limited to 'sites')
-rw-r--r--sites/buildbot.krebsco.de/INSTALLATION.md9
-rw-r--r--sites/elchhub.nsupdate.info/install_adhpp44
-rw-r--r--sites/elchirc.nsupdate.info/install_unrealircd19
-rw-r--r--sites/elchstats.nsupdate.info/carbon.service15
-rw-r--r--sites/elchstats.nsupdate.info/graphite-web.service16
-rw-r--r--sites/elchstats.nsupdate.info/graphite.journal.txt37
-rw-r--r--sites/omo/torrent.md25
-rw-r--r--sites/tahoe.retiolum/README.md13
-rw-r--r--sites/task.krebsco.de/README.md40
9 files changed, 213 insertions, 5 deletions
diff --git a/sites/buildbot.krebsco.de/INSTALLATION.md b/sites/buildbot.krebsco.de/INSTALLATION.md
index b31a3989..83ffc9c3 100644
--- a/sites/buildbot.krebsco.de/INSTALLATION.md
+++ b/sites/buildbot.krebsco.de/INSTALLATION.md
@@ -1,11 +1,12 @@
#?/bin/sh
# something like this
-useradd ci
-punani install python-virtualenv
+useradd ci -m
+punani install python2-virtualenv
su ci
-virtualenv buildbot
-echo ". $HOME/buildbot/bin/activate" >~/.bashrc
+virtualenv2 buildbot
+echo ". $HOME/buildbot/bin/activate" >>~/.bashrc
+. ~/.bashrc
pip install buildbot-slave buildbot
buildbot create-master master
# tahoe cp krebs:master.conf master/master.conf
diff --git a/sites/elchhub.nsupdate.info/install_adhpp b/sites/elchhub.nsupdate.info/install_adhpp
new file mode 100644
index 00000000..6f2986d5
--- /dev/null
+++ b/sites/elchhub.nsupdate.info/install_adhpp
@@ -0,0 +1,44 @@
+curl https://aur.archlinux.org/packages/ad/adchpp/adchpp.tar.gz > adchpp.tar.gz
+tar xf adchpp.tar.gz
+cd adchpp
+# install all the deps
+makepkg
+pacman -U adchpp-*-x86_64.pkg.tar.xz
+vi /etc/adchpp/adchpp.xml
+# change description etc
+# add to servers:
+# <Server Port="2781" TLS="1" Certificate="/etc/adchpp/certs/cacert.pem"
+# PrivateKey="/etc/adchpp/certs/privkey.pem"
+# TrustedPath="/etc/adchpp/certs/trusted/"
+# DHParams="/etc/adchpp/certs/dhparam.pem"/>
+
+
+mkdir /etc/adchpp/certs
+cd /etc/adchpp/certs
+openssl genrsa -out privkey.pem 4096
+openssl req -new -x509 -key privkey.pem -out cacert.pem
+openssl dhparam -outform PEM -out dhparam.pem 1024
+
+cat > /var/lib/adchpp/motd.txt <<EOF
+Welcome to the Elch Hub
+ xx xx xx xx
+xxxx xx xxxx xxxx xxxx xx
+xxxx xx xxxx xxxx xxxx xx
+ xxxxxx xx xx xxxxxx
+ xxxxxx xxxxxxxxxx xxxxxx
+ xx xxxxxxxxxxxxxx xx
+ xxxxxxxxxxxxxxxxxxxxxxxxxx
+ xxxxxxxxxxxxxx
+ xxxxxxxxxxxxxxxxxxxxxx
+ xx xxxxxx xx
+ xx xx xx xx xx xx
+ xx xx xx xx xx xx
+ xx xxxx xx xx xxxx xx
+
+[!] SSL is at port 2781
+ connect via adcs://elchhub.nsupdate.info:2781/
+ better start using it
+EOF
+
+systemctl enable adchpp
+systemctl start adchpp
diff --git a/sites/elchirc.nsupdate.info/install_unrealircd b/sites/elchirc.nsupdate.info/install_unrealircd
new file mode 100644
index 00000000..6778a7ac
--- /dev/null
+++ b/sites/elchirc.nsupdate.info/install_unrealircd
@@ -0,0 +1,19 @@
+pacman -S unrealircd
+# in /etc/unrealircd/unrealircd.conf
+# uncomment where it says FOR *NIX
+# remove the src/ from the start path as they are in /etc/unrealircd
+
+# uncomment motd ircd.motd
+# fix passwords for restart
+# comment in the .fr stuff
+# fix cloak-keys
+#
+
+# configure me,admin,class
+# curl unreal.x-tab.org/makecert.sh > makecert.sh
+# ./makecert.sh new -k server.key.pem -c server.cert.pem -r server.req.pem -b 2048 -d 9001
+#
+# cp /krebs/cholerab/bling/krebs-v2.txt ircd.motd
+#
+# systemctl enable unrealircd
+# systemctl start unrealircd
diff --git a/sites/elchstats.nsupdate.info/carbon.service b/sites/elchstats.nsupdate.info/carbon.service
new file mode 100644
index 00000000..d7087d41
--- /dev/null
+++ b/sites/elchstats.nsupdate.info/carbon.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=Graphite Carbon
+After=network.target
+
+[Service]
+Type=forking
+User=graphite
+Group=graphite
+RemainAfterExit=yes
+PIDFile=/opt/graphite/storage/carbon-cache-a.pid
+ExecStart=/opt/graphite/bin/carbon-cache.py start
+ExecStop=/opt/graphite/bin/carbon-cache.py stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sites/elchstats.nsupdate.info/graphite-web.service b/sites/elchstats.nsupdate.info/graphite-web.service
new file mode 100644
index 00000000..798f82ba
--- /dev/null
+++ b/sites/elchstats.nsupdate.info/graphite-web.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Graphite Web
+After=network.target
+
+[Service]
+Type=simple
+User=graphite
+Group=graphite
+#RemainAfterExit=yes
+Environment=PYTHONPATH=/opt/graphite/webapp
+ExecStart=/usr/bin/django-admin.py runserver 0.0.0.0:8080 --settings=graphite.settings
+TimeoutSec=45s
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/sites/elchstats.nsupdate.info/graphite.journal.txt b/sites/elchstats.nsupdate.info/graphite.journal.txt
new file mode 100644
index 00000000..777f4650
--- /dev/null
+++ b/sites/elchstats.nsupdate.info/graphite.journal.txt
@@ -0,0 +1,37 @@
+#?/bin/sh
+set -euf
+# from http://graphite.wikidot.com/installation
+
+git clone https://github.com/graphite-project/graphite-web.git
+git clone https://github.com/graphite-project/carbon.git
+git clone https://github.com/graphite-project/whisper.git
+
+pacman -S python2 gcc pkg-config cairo python2-pip
+for i in whisper carbon graphite-web;do
+ cd $i
+ pip2 install -r requirements.txt||:
+ python2 setup.py install
+ cd -
+done
+cd /opt/graphite/conf
+cp carbon.conf.example carbon.conf
+# edit carbon.conf, fix max writes per second, max adds per minute
+cp storage-schemas.conf.example storage-schemas.conf
+
+# edit storage-schemas.conf, fix storage time
+cd /opt/graphite/webapp/graphite
+cp local_settings.py.example local_settings.py
+# change SECRET_KEY
+PYTHONPATH=/opt/graphite/webapp django-admin.py syncdb --settings=graphite.settings
+# push in the texts
+
+useradd -m graphite -d /opt/graphite -r
+chown -R graphite /opt/graphite
+cd _here_
+cp carbon.service /opt/systemd/system/
+systemctl enable carbon
+systemctl start carbon
+cp graphite-web.service /opt/systemd/system/
+systemctl enable graphite-web
+systemctl start graphite-web
+
diff --git a/sites/omo/torrent.md b/sites/omo/torrent.md
new file mode 100644
index 00000000..61feea94
--- /dev/null
+++ b/sites/omo/torrent.md
@@ -0,0 +1,25 @@
+# Running torrents through socks
+## Prereqs:
+- qBittorrent
+- winswitch (xpra) or qbittorrent-nox
+
+## Install
+### Winswitch
+see http://winswitch.org/downloads/debian-repository.html
+
+## Autostart (xpra)
+
+ # in startup script:
+ export DISPLAY=:11
+ xpra start $DISPLAY
+ tmux start-server
+ tmux new-window -t tools:1 'ssh -q -D1234 <remote-host>'
+ tmux new-window -t tools:2 'qbittorrent'
+ # attach to it:
+ xpra attach ssh:omo:11
+
+## Autostart (nox)
+see https://github.com/qbittorrent/qBittorrent/wiki/Running-qBittorrent-without-X-server
+
+## Lessons learned
+- transmission sucks (no proxy support
diff --git a/sites/tahoe.retiolum/README.md b/sites/tahoe.retiolum/README.md
index 01e8ed03..2d3b3e12 100644
--- a/sites/tahoe.retiolum/README.md
+++ b/sites/tahoe.retiolum/README.md
@@ -5,6 +5,17 @@ introducer and a number of tahoe bricks.
# Adding new bricks & clients
see //cholerab/tahoe/{brick,client}\_installation
+
+# Migration of the Introducer
+At some point it is necessary to migrate the tahoe introducer.
+To keep everything running just take the tahoe introducer configuration from
+the old host or from krebs:tahoe/introducer AND the original tinc configuration
+of the tahoe host.
+After that, set the tahoe.krebsco.de ip in the krebs zone.
+
+
+If you need to re
+
# Replacing the introducer
if the introducer may die off, all crypto material is saved in
krebs:tahoe/introducer. There will be a backup somewhere, but bootstrapping
@@ -13,4 +24,4 @@ always sucks.
Follow the generic brick installation,
use the configuration file at conf/tahoe.cfg and copy the crypto material in
the private folder of the installation.
-autostart that shit
+autostart that shit.
diff --git a/sites/task.krebsco.de/README.md b/sites/task.krebsco.de/README.md
new file mode 100644
index 00000000..c6fd2b0f
--- /dev/null
+++ b/sites/task.krebsco.de/README.md
@@ -0,0 +1,40 @@
+# task.krebsco.de
+a taskd server deployment
+
+# Installation
+
+ yaourt -S taskd
+ cp /usr/share/taskd/pki/generate.client /var/lib/taskd
+
+# configuration
+taskd uses pki for login
+
+ systemctl enable taskd
+ systemctl start taskd
+ export TASKDDATA=/var/lib/taskd
+ taskd add org Krebs
+ taskd config --force pid.file $TASKDDIR/taskd.pid
+ taskd config --force log $TASKDDIR/taskd.log
+ taskd config --force client.allow '^task [2-9],^taskd,^libtaskd'
+
+# add new client
+for a new client we need to create certificates:
+
+ # on server
+ cd /var/lib/taskd
+ ./generate.client username
+ # give new certs to user
+ curl -F'p=username.cert.pem' http://paste
+ curl -F'p=username.key.pem' http://paste
+ curl -F'p=ca.cert.pem' http://paste
+ taskd add user krebs username
+ # outputs <uid>
+
+ # on client
+ mkdir ~/.task
+ curl http://paste/abcde > username.cert.pem
+ curl http://paste/efghi > username.key.pem
+ curl http://paste/jklmn > ca.cert.pem
+ task config taskd.server task.krebsco.de:53589
+ task config taskd.credentials 'krebs/makefu/<uid>'
+ task sync init