ale/docker-compose-hatthieves
2
Fork 0
Código Incidencias Pull Requests Lanzamientos Wiki Actividad

modified files

Explorar el Código
Este commit está contenido en:
Your Name
2020-08-02 23:08:26 +00:00
padre abd18a4a22
commit 5a526d0f89
Se han modificado 66 ficheros con 277 adiciones y 4090 borrados
Descargar archivo de parche Descargar archivo de diferencias Expandir todos los archivos Contraer todos los archivos

4
production/arjion/arjion/config.js
Ver fichero

@@ -9,9 +9,9 @@ module.exports = {
mailhtml: verify_link => 'Verify your account visiting next <a href="https://meta.hatthieves.es/verify?link=' + verify_link + '">Verify Link</a>', mailhtml: verify_link => 'Verify your account visiting next <a href="https://meta.hatthieves.es/verify?link=' + verify_link + '">Verify Link</a>',
indexhost: 'https://elastic.hatthieves.es', indexhost: 'https://elastic.hatthieves.es',
indexuser: 'docker', indexuser: 'docker',
indexpass: 'docker', indexpass: 'dockerdocker',
index: 'arjion', index: 'arjion',
type: 'user', type: 'user',
port: 3000, port: 3000,
anonymous: 'anonymous' anonymous: 'anonymous'
} }

2
production/arjion/arjion/package.json
Ver fichero

@@ -17,7 +17,7 @@
"connect-ensure-login": "*", "connect-ensure-login": "*",
"connect-flash": "*", "connect-flash": "*",
"ejs": "*", "ejs": "*",
"es6": "npm:@elastic/elasticsearch@^6.8.0", "es6": "npm:@elastic/elasticsearch@^7.8.0",
"es6-promisify": "*", "es6-promisify": "*",
"express": "*", "express": "*",
"express-session": "*", "express-session": "*",

2
production/bind9/bind/Dockerfile
Ver fichero

@@ -1,2 +1,2 @@
FROM debian:buster-slim FROM debian:sid-slim
RUN apt update && apt -y upgrade && apt install -y bind9 ipv6calc curl bc dehydrated dnsutils && apt clean RUN apt update && apt -y upgrade && apt install -y bind9 ipv6calc curl bc dehydrated dnsutils && apt clean

28
production/bind9/bind/command.sh
Ver fichero

@@ -40,7 +40,11 @@ imap IN A $IP
* IN CNAME $DOMAIN. * IN CNAME $DOMAIN.
$DOMAIN. IN MX 10 mail.$DOMAIN. $DOMAIN. IN MX 10 mail.$DOMAIN.
$DOMAIN. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\" $DOMAIN. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\"
$DOMAIN. IN TXT \"google-site-verification=OGwhD4vhFpXHvQsbJinxAn5sozl0-R7MiiMt-fcYREY\"
_dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\" _dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\"
_dnsaddr IN TXT \"dnsaddr=/ip4/82.223.3.135/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnsaddr IN TXT \"dnsaddr=/ip6/2001:ba0:1800:80e0::1/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnslink IN TXT \"dnslink=/ipns/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
$DKIM $DKIM
\$INCLUDE K$DOMAIN.+008+10060.key \$INCLUDE K$DOMAIN.+008+10060.key
@@ -186,6 +190,18 @@ options {
check-names master warn; check-names master warn;
check-names slave warn; check-names slave warn;
check-names response warn; check-names response warn;
// querylog yes;
};
logging {
channel querylog{
file \"/var/log/querylog\";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;};
}; };
key \"_acme-challenge.$DOMAIN.\" { key \"_acme-challenge.$DOMAIN.\" {
@@ -219,9 +235,12 @@ echo -e ";
$DOMAIN2. IN A $IP $DOMAIN2. IN A $IP
$DOMAIN2. IN AAAA $IPV6 $DOMAIN2. IN AAAA $IPV6
* IN CNAME $DOMAIN2. * IN CNAME $DOMAIN2.
$DOMAIN2. IN MX 10 mail.$DOMAIN2. $DOMAIN2. IN MX 10 mail.$DOMAIN.
$DOMAIN2. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\" $DOMAIN2. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\"
_dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\" _dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\"
_dnsaddr IN TXT \"dnsaddr=/ip4/82.223.3.135/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnsaddr IN TXT \"dnsaddr=/ip6/2001:ba0:1800:80e0::1/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnslink IN TXT \"dnslink=/ipns/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
$DKIM2 $DKIM2
\$INCLUDE K$DOMAIN2.+008+61170.key \$INCLUDE K$DOMAIN2.+008+61170.key
@@ -244,9 +263,12 @@ echo -e ";
$DOMAIN3. IN A $IP $DOMAIN3. IN A $IP
$DOMAIN3. IN AAAA $IPV6 $DOMAIN3. IN AAAA $IPV6
* IN CNAME $DOMAIN3. * IN CNAME $DOMAIN3.
$DOMAIN3. IN MX 10 mail.$DOMAIN3. $DOMAIN3. IN MX 10 mail.$DOMAIN.
$DOMAIN3. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\" $DOMAIN3. IN TXT \"v=spf1 ip4:172.200.0.0/24 a mx -all\"
_dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\" _dmarc IN TXT \"v=DMARC1;p=reject;rua=mailto:postmaster@$DOMAIN;pct=100;ruf=mailto:postmaster@$DOMAIN;sp=reject;aspf=s;adkim=s;ri=86400;fo=0;rf=afrf\"
_dnsaddr IN TXT \"dnsaddr=/ip4/82.223.3.135/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnsaddr IN TXT \"dnsaddr=/ip6/2001:ba0:1800:80e0::1/tcp/4001/p2p/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
_dnslink IN TXT \"dnslink=/ipns/QmcLwDnTPuSuaBL6QyfPGWyrAjHZYonahiKPeYSAjcU25V\"
$DKIM3 $DKIM3
\$INCLUDE K$DOMAIN3.+008+03409.key \$INCLUDE K$DOMAIN3.+008+03409.key
@@ -261,4 +283,4 @@ cd /etc/bind
dnssec-signzone -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN dnssec-signzone -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN
dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN2 dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN2
dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN3 dnssec-signzone -P -A -3 $(head -c 1000 /dev/urandom | sha1sum | cut -b 1-16) -N INCREMENT $DOMAIN3
named -c named.conf -g -u bind named -c named.conf -f -u bind

1
production/bind9/docker-compose.yml
Ver fichero

@@ -13,6 +13,7 @@ services:
- ./bind:/etc/bind - ./bind:/etc/bind
- ./dehydrated:/etc/dehydrated - ./dehydrated:/etc/dehydrated
- ./letsencrypt:/root/letsencrypt - ./letsencrypt:/root/letsencrypt
- ./querylog:/var/log/querylog
ports: ports:
- "53:53/tcp" - "53:53/tcp"
- "53:53/udp" - "53:53/udp"

17
production/coturn/coturn/Dockerfile
Ver fichero

@@ -8,11 +8,11 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \ apt-get update && \
apt-get install -y build-essential git debhelper dpkg-dev libssl-dev libevent-dev sqlite3 libsqlite3-dev postgresql-client libpq-dev default-mysql-client default-libmysqlclient-dev libhiredis-dev libmongoc-dev libbson-dev apt-get install -y build-essential git debhelper dpkg-dev libssl-dev libevent-dev sqlite3 libsqlite3-dev postgresql-client libpq-dev default-mysql-client default-libmysqlclient-dev libhiredis-dev libmongoc-dev libbson-dev
# Clone coTURN # Clone Coturn
WORKDIR ${BUILD_PREFIX} WORKDIR ${BUILD_PREFIX}
RUN git clone https://github.com/coturn/coturn.git RUN git clone https://github.com/coturn/coturn.git
# Build coTURN # Build Coturn
WORKDIR coturn WORKDIR coturn
RUN ./configure RUN ./configure
RUN make RUN make
@@ -35,16 +35,16 @@ COPY --from=coturn-build ${BUILD_PREFIX}/coturn/turndb ${INSTALL_PREFIX}/turndb
RUN export DEBIAN_FRONTEND=noninteractive && \ RUN export DEBIAN_FRONTEND=noninteractive && \
apt-get update && \ apt-get update && \
apt-get install -y libc6>=2.15 libevent-core-2.1-6>=libevent-core-2.1-6 libevent-extra-2.1-6>=2.1.8-stable-4 libevent-openssl-2.1-6>=2.1.8-stable-4 libevent-pthreads-2.1-6>=2.1.8-stable-4 libhiredis0.14>=0.14.0 libmariadbclient-dev>=10.3.17 libpq5>=8.4~ libsqlite3-0>=3.6.0 libssl1.1>=1.1.0 libmongoc-1.0 libbson-1.0 apt-get install -y libc6>=2.15 libevent-core-2.1-6>=libevent-core-2.1-6 libevent-extra-2.1-6>=2.1.8-stable-4 libevent-openssl-2.1-6>=2.1.8-stable-4 libevent-pthreads-2.1-6>=2.1.8-stable-4 libhiredis0.14>=0.14.0 libmariadbclient-dev>=10.3.17 libpq5>=8.4~ libsqlite3-0>=3.6.0 libssl1.1>=1.1.0 libmongoc-1.0 libbson-1.0
RUN apt-get install -y default-mysql-client postgresql-client redis-tools rsyslog #RUN apt-get install -y default-mysql-client postgresql-client redis-tools
# Install MongoDB # Install MongoDB
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y wget gnupg && \ apt-get install -y wget gnupg && \
wget -qO - https://www.mongodb.org/static/pgp/server-4.0.asc | apt-key add - && \ # wget -qO - https://www.mongodb.org/static/pgp/server-4.0.asc | apt-key add - && \
echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.0 main" | tee /etc/apt/sources.list.d/mongodb-org-4.0.list && \ # echo "deb http://repo.mongodb.org/apt/debian stretch/mongodb-org/4.0 main" | tee /etc/apt/sources.list.d/mongodb-org-4.0.list && \
echo "deb http://deb.debian.org/debian/ stretch main" | tee /etc/apt/sources.list.d/debian-stretch.list && \ echo "deb http://deb.debian.org/debian/ stretch main" | tee /etc/apt/sources.list.d/debian-stretch.list
apt-get update && \ # apt-get update && \
apt-get install -y libcurl3 mongodb-org mongodb-org-server mongodb-org # apt-get install -y libcurl3 mongodb-org mongodb-org-server mongodb-org
RUN if ! getent group "$TURNSERVER_GROUP" >/dev/null; then \ RUN if ! getent group "$TURNSERVER_GROUP" >/dev/null; then \
addgroup --system "$TURNSERVER_GROUP" || exit 1 ;\ addgroup --system "$TURNSERVER_GROUP" || exit 1 ;\
@@ -77,4 +77,3 @@ EXPOSE 49152-65535 49152-65535/udp
WORKDIR ${INSTALL_PREFIX} WORKDIR ${INSTALL_PREFIX}
CMD ${INSTALL_PREFIX}/bin/turnserver CMD ${INSTALL_PREFIX}/bin/turnserver

10
production/coturn/coturn/turnserver.conf
Ver fichero

@@ -49,8 +49,8 @@ tls-listening-port=5349
# If no IP(s) specified in the config file or in the command line options, # If no IP(s) specified in the config file or in the command line options,
# then all IPv4 and IPv6 system IPs will be used for listening. # then all IPv4 and IPv6 system IPs will be used for listening.
# #
#listening-ip=82.223.3.135 listening-ip=82.223.3.135
listening-ip=172.12.0.101 #listening-ip=172.12.0.101
#listening-ip=10.207.21.238 #listening-ip=10.207.21.238
#listening-ip=2607:f0d0:1002:51::4 #listening-ip=2607:f0d0:1002:51::4
@@ -97,8 +97,8 @@ listening-ip=172.12.0.101
# #
#relay-ip=172.17.19.105 #relay-ip=172.17.19.105
#relay-ip=2607:f0d0:1002:51::5 #relay-ip=2607:f0d0:1002:51::5
#relay-ip=82.223.3.135 relay-ip=82.223.3.135
relay-ip=172.12.0.101 #relay-ip=172.12.0.101
# For Amazon EC2 users: # For Amazon EC2 users:
# #
@@ -128,7 +128,7 @@ relay-ip=172.12.0.101
#external-ip=60.70.80.91/172.17.19.101 #external-ip=60.70.80.91/172.17.19.101
#external-ip=60.70.80.92/172.17.19.102 #external-ip=60.70.80.92/172.17.19.102
#external-ip=60.70.80.92/172.17.19.102 #external-ip=60.70.80.92/172.17.19.102
external-ip=82.223.3.135/172.12.0.101 #external-ip=82.223.3.135/172.12.0.101
# Number of the relay threads to handle the established connections # Number of the relay threads to handle the established connections

40
production/coturn/docker-compose.yml
Ver fichero

@@ -16,23 +16,23 @@ services:
# - ./coturn/turndb:/usr/local/var/db/turndb # - ./coturn/turndb:/usr/local/var/db/turndb
- /opt/docker/secure/privkey.pem:/etc/ssl/private/privkey.pem:ro - /opt/docker/secure/privkey.pem:/etc/ssl/private/privkey.pem:ro
- /opt/docker/secure/fullchain.pem:/etc/ssl/certs/cert.pem:ro - /opt/docker/secure/fullchain.pem:/etc/ssl/certs/cert.pem:ro
ports: # ports:
## STUN/TURN ### STUN/TURN
- "3478:3478" # - "3478:3478"
- "3478:3478/udp" # - "3478:3478/udp"
## STUN/TURN SSL ### STUN/TURN SSL
- "5349:5349" # - "5349:5349"
- "5349:5349/udp" # - "5349:5349/udp"
# Relay Ports ## Relay Ports
- "39000-39500:39000-39500/udp" # - "39000-39500:39000-39500/udp"
# network_mode: host network_mode: host
networks: # networks:
mynet: # mynet:
ipv4_address: 172.12.0.101 # ipv4_address: 172.12.0.101
#
networks: #networks:
mynet: # mynet:
driver: bridge # driver: bridge
ipam: # ipam:
config: # config:
- subnet: 172.12.0.0/24 # - subnet: 172.12.0.0/24

16
production/elk/docker-compose.yml
Ver fichero

@@ -2,7 +2,7 @@ version: '2'
services: services:
elasticsearch: elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.7.1 image: docker.elastic.co/elasticsearch/elasticsearch:7.8.0
hostname: elasticsearch hostname: elasticsearch
container_name: elasticsearch container_name: elasticsearch
restart: always restart: always
@@ -10,10 +10,10 @@ services:
- node.name=elastic - node.name=elastic
- cluster.name=cluster01 - cluster.name=cluster01
- cluster.initial_master_nodes=elastic - cluster.initial_master_nodes=elastic
- cluster.routing.allocation.disk.threshold_enabled=false # - cluster.routing.allocation.disk.threshold_enabled=false
- cluster.routing.allocation.disk.watermark.flood_stage=1% - cluster.routing.allocation.disk.watermark.flood_stage=100%
- cluster.routing.allocation.disk.watermark.high=1% - cluster.routing.allocation.disk.watermark.high=100%
- cluster.routing.allocation.disk.watermark.low=0% - cluster.routing.allocation.disk.watermark.low=99%
- bootstrap.memory_lock=true - bootstrap.memory_lock=true
- ES_JAVA_OPTS=-Xms1g -Xmx1g - ES_JAVA_OPTS=-Xms1g -Xmx1g
ulimits: ulimits:
@@ -31,7 +31,7 @@ services:
ipv4_address: 172.1.0.101 ipv4_address: 172.1.0.101
kibana: kibana:
image: docker.elastic.co/kibana/kibana:7.7.1 image: docker.elastic.co/kibana/kibana:7.8.0
hostname: kibana hostname: kibana
container_name: kibana container_name: kibana
restart: always restart: always
@@ -45,7 +45,7 @@ services:
ipv4_address: 172.1.0.102 ipv4_address: 172.1.0.102
logstash: logstash:
image: docker.elastic.co/logstash/logstash:7.7.1 image: docker.elastic.co/logstash/logstash:7.8.0
hostname: logstash hostname: logstash
container_name: logstash container_name: logstash
restart: always restart: always
@@ -64,7 +64,7 @@ services:
ipv4_address: 172.1.0.103 ipv4_address: 172.1.0.103
# filebeat: # filebeat:
# image: docker.elastic.co/beats/filebeat:7.7.1 # image: docker.elastic.co/beats/filebeat:7.8.0
# hostname: filebeat # hostname: filebeat
# container_name: filebeat # container_name: filebeat
# restart: always # restart: always

1
production/elk/nginx.conf
Ver fichero

@@ -2,6 +2,7 @@ input {
file { file {
path => "/access.log" path => "/access.log"
# start_position => "beginning" # start_position => "beginning"
# start_position => "end"
mode => "tail" mode => "tail"
file_completed_action => "log" file_completed_action => "log"
file_completed_log_path => "/dev/null" file_completed_log_path => "/dev/null"

4
production/fail2ban/fail2ban/entrypoint.sh
Ver fichero

@@ -51,7 +51,7 @@ The following intrusion attempts were detected by our systems:
from postmaster@$DOMAIN from postmaster@$DOMAIN
https://gitea.hatthieves.es/cloud/fail2ban by www.$DOMAIN\" https://gitea.hatthieves.es/cloud/fail2ban by www.$DOMAIN\"
#curl -H \"Authorization: Bearer \$ACCESS_TOKEN\" -X POST --data-urlencode \"status=\$STATUS\" -Ss \$DOMAINSOCIAL/api/v1/statuses #curl -H \"Authorization: Bearer \$ACCESS_TOKEN\" -X POST --data-urlencode \"status=\$STATUS\" -Ss \$DOMAINSOCIAL/api/v1/statuses
##curl -X POST --data-urlencode \"status=\$STATUS\" -Ss https://\$USERNAME:\$PASSWORD@social.hatthieves.es/api/v1/statuses curl -X POST --data-urlencode \"status=\$STATUS\" -Ss https://\$USERNAME:\$PASSWORD@pleroma.hatthieves.es/api/v1/statuses
swaks -f \$SENDER_MAIL -t \"\$ABUSE_ADDR,webmaster@$DOMAIN\" -tlsc -a -au $USER -ap $PASS -s $SMTP -p 587 \\ swaks -f \$SENDER_MAIL -t \"\$ABUSE_ADDR,webmaster@$DOMAIN\" -tlsc -a -au $USER -ap $PASS -s $SMTP -p 587 \\
--h-Subject \"[Urgent]: Automatic abuse report for IP address \$REMOTE_IP from $DOMAIN\" --h-From \"Fail2Ban $DOMAIN <\$SENDER_MAIL>\" \\ --h-Subject \"[Urgent]: Automatic abuse report for IP address \$REMOTE_IP from $DOMAIN\" --h-From \"Fail2Ban $DOMAIN <\$SENDER_MAIL>\" \\
@@ -143,7 +143,7 @@ echo "[sshd]
enabled = true enabled = true
bantime = 10800 bantime = 10800
findtime = 1800 findtime = 1800
maxretry = 3 maxretry = 1
ignoreip = $DOMAIN ignoreip = $DOMAIN
backend = pyinotify backend = pyinotify
filter = sshd filter = sshd

4
production/gitea/data/gitea/conf/app.ini
Ver fichero

@@ -15,8 +15,8 @@ TEMP_PATH = /data/gitea/uploads
APP_DATA_PATH = /data/gitea APP_DATA_PATH = /data/gitea
SSH_DOMAIN = localhost SSH_DOMAIN = localhost
HTTP_PORT = 3000 HTTP_PORT = 3000
ROOT_URL = http://gitea.hatthieves.es/ ROOT_URL = https://gitea.hatthieves.es/
DISABLE_SSH = false DISABLE_SSH = true
SSH_PORT = 22 SSH_PORT = 22
LFS_CONTENT_PATH = /data/git/lfs LFS_CONTENT_PATH = /data/git/lfs
DOMAIN = localhost DOMAIN = localhost

3
production/haraka-wildduck/haraka/config/aliases
Ver fichero

@@ -10,5 +10,8 @@
}, },
"root@hatthieves.es": { "root@hatthieves.es": {
"action": "alias", "to": ["webmaster@hatthieves.es"] "action": "alias", "to": ["webmaster@hatthieves.es"]
},
"@social.hatthieves.es": {
"action": "alias", "to": ["webmaster@hatthieves.es"]
} }
} }

5
production/haraka-wildduck/haraka/config/wildduck.ini
Ver fichero

@@ -47,6 +47,8 @@ sender:
# by default the main wildduck database is used # by default the main wildduck database is used
collection: 'zone-queue' collection: 'zone-queue'
loopSecret: 'hat secrets values'
srs: srs:
# must be shared with ZoneMTA SRS config, otherwise messages sent from ZoneMTA are not recognized by Haraka # must be shared with ZoneMTA SRS config, otherwise messages sent from ZoneMTA are not recognized by Haraka
secret: 'a secret hat' secret: 'a secret hat'
@@ -87,6 +89,5 @@ rspamd:
# define special responses # define special responses
responses: responses:
DMARC_POLICY_REJECT: 'Unauthenticated email from {host} is not accepted due to domain''s DMARC policy' DMARC_POLICY_REJECT: "Unauthenticated email from {host} is not accepted due to domain's DMARC policy"
RBL_ZONE: '[{host}] was found from Zone RBL' RBL_ZONE: '[{host}] was found from Zone RBL'

9
production/haraka-wildduck/webmail/Dockerfile
Ver fichero

@@ -1,7 +1,8 @@
FROM node:8-slim FROM node:10-slim
RUN apt update && apt -y install git python make sudo RUN apt update && apt -y install git python build-essential
RUN git clone https://github.com/nodemailer/wildduck-webmail /webmail RUN git clone https://github.com/nodemailer/wildduck-webmail /webmail
RUN chown node.node -R /webmail RUN chown node.node -R /webmail
WORKDIR /webmail WORKDIR /webmail
RUN sudo -u node npm i USER node
RUN sudo -u node npm run bowerdeps RUN npm i
RUN npm run bowerdeps

20
production/haraka-wildduck/wildduck-mta/config/plugins/zonemta-limiter.toml
Ver fichero

@@ -1,10 +1,10 @@
# plugins/zonemta-limiter.toml ## plugins/zonemta-limiter.toml
["modules/zonemta-limiter"] #["modules/zonemta-limiter"]
enabled = ["sender"] #enabled = ["sender"]
prefix = "zl:" #prefix = "zl:"
#
debug = false # if true, then errors are only logged but messages are not dropped #debug = false # if true, then errors are only logged but messages are not dropped
#
# max 250 messages in half an hour ## max 250 messages in half an hour
limit = 250 #limit = 500
windowSize = 1800 #windowSize = 3600

2
production/haraka-wildduck/wildduck/config/default.toml
Ver fichero

@@ -8,7 +8,7 @@
ident="wildduck" ident="wildduck"
# how many processes to start # how many processes to start
processes=2 processes=4
# default quota storage in MB (can be overriden per user) # default quota storage in MB (can be overriden per user)
maxStorage=1024 maxStorage=1024

5
production/haraka-wildduck/wildduck/config/sender.toml
Ver fichero

@@ -8,3 +8,8 @@ gfs="mail"
# see [dbs].sender option for choosing correct database to use for ZoneMTA queues # see [dbs].sender option for choosing correct database to use for ZoneMTA queues
# by default the main wildduck database is used # by default the main wildduck database is used
collection="zone-queue" collection="zone-queue"
# Hashing secret for loop detection
# Must be shared with haraka-plugin-wildduck
# If not set then looping is not tracked
loopSecret="hat secrets values"

21
production/mumble/data/mumble-server.ini
Ver fichero

@@ -13,7 +13,8 @@
; Path to database. If blank, will search for ; Path to database. If blank, will search for
; murmur.sqlite in default locations or create it if not found. ; murmur.sqlite in default locations or create it if not found.
database=/var/lib/mumble-server/mumble-server.sqlite ;database=/var/lib/mumble-server/mumble-server.sqlite
database=/var/lib/murmur/murmur.sqlite
; Murmur defaults to using SQLite with its default rollback journal. ; Murmur defaults to using SQLite with its default rollback journal.
; In some situations, using SQLite's write-ahead log (WAL) can be ; In some situations, using SQLite's write-ahead log (WAL) can be
@@ -77,7 +78,7 @@ database=/var/lib/mumble-server/mumble-server.sqlite
; access will be denied. ; access will be denied.
;icesecretread= ;icesecretread=
icesecretwrite= ;icesecretwrite=
; If you want to expose Murmur's experimental gRPC API, you ; If you want to expose Murmur's experimental gRPC API, you
; need to specify an address to bind on. ; need to specify an address to bind on.
@@ -97,6 +98,7 @@ icesecretwrite=
;autobanAttempts = 10 ;autobanAttempts = 10
;autobanTimeframe = 120 ;autobanTimeframe = 120
;autobanTime = 300 ;autobanTime = 300
autobanSuccessfulConnections=false
; Specifies the file Murmur should log to. By default, Murmur ; Specifies the file Murmur should log to. By default, Murmur
; logs to the file 'murmur.log'. If you leave this field blank ; logs to the file 'murmur.log'. If you leave this field blank
@@ -202,16 +204,17 @@ logdays=0
; Only uncomment the 'registerName' parameter if you wish to give your "Root" channel a custom name. ; Only uncomment the 'registerName' parameter if you wish to give your "Root" channel a custom name.
; ;
registerName=HatThieves registerName=HatThieves
;registerPassword=secret registerPassword=h4tth13v3s.
registerUrl=https://www.hatthieves.es registerUrl=https://mumble.hatthieves.es
;registerHostname= registerHostname=mumble.hatthieves.es
registerLocation=ES
; If this option is enabled, the server will announce its presence via the ; If this option is enabled, the server will announce its presence via the
; bonjour service discovery protocol. To change the name announced by bonjour ; bonjour service discovery protocol. To change the name announced by bonjour
; adjust the registerName variable. ; adjust the registerName variable.
; See http://developer.apple.com/networking/bonjour/index.html for more information ; See http://developer.apple.com/networking/bonjour/index.html for more information
; about bonjour. ; about bonjour.
bonjour=True bonjour=false
; If you have a proper SSL certificate, you can provide the filenames here. ; If you have a proper SSL certificate, you can provide the filenames here.
; Otherwise, Murmur will create its own certificate automatically. ; Otherwise, Murmur will create its own certificate automatically.
@@ -270,6 +273,12 @@ sendversion=False
; overrides the automatic benchmark and forces a specific number of iterations. ; overrides the automatic benchmark and forces a specific number of iterations.
; (Note that you should only change this value if you know what you are doing) ; (Note that you should only change this value if you know what you are doing)
;kdfIterations=-1 ;kdfIterations=-1
suggestVersion=1.3.0
suggestPositional=false
suggestPushToTalk=true
loggroupchanges=true
logaclchanges=true
; You can configure any of the configuration options for Ice here. We recommend ; You can configure any of the configuration options for Ice here. We recommend
; leave the defaults as they are. ; leave the defaults as they are.

15
production/mumble/docker-compose.yml
Ver fichero

@@ -2,18 +2,21 @@ version: '2'
services: services:
mumble: mumble:
build: ./data # build: ./data
build: ./mumble.git
hostname: mumble hostname: mumble
container_name: mumble container_name: mumble
restart: always restart: always
entrypoint: # entrypoint:
- murmurd # - murmurd
- -fg # - -fg
volumes: volumes:
- ./data/mumble-server.ini:/etc/mumble-server.ini:ro - ./data/mumble-server.ini:/etc/murmur/murmur.ini:ro
# - ./data/mumble-server.ini:/etc/mumble-server.ini:ro
- /opt/docker/secure/privkey.pem:/etc/mumble-ssl/privkey.pem:ro - /opt/docker/secure/privkey.pem:/etc/mumble-ssl/privkey.pem:ro
- /opt/docker/secure/fullchain.pem:/etc/mumble-ssl/fullchain.pem:ro - /opt/docker/secure/fullchain.pem:/etc/mumble-ssl/fullchain.pem:ro
- ./data/lib:/var/lib/mumble-server # - ./data/lib:/var/lib/mumble-server
- ./data/lib/mumble-server.sqlite:/var/lib/murmur/murmur.sqlite
network_mode: host network_mode: host
# ports: # ports:
# - 64738:64738 # - 64738:64738

2
production/nextcloud/nextcloud/html/config/config.php
Ver fichero

@@ -27,7 +27,7 @@ $CONFIG = array (
), ),
'datadirectory' => '/var/www/html/data', 'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql', 'dbtype' => 'mysql',
'version' => '19.0.0.12', 'version' => '19.0.1.1',
'overwrite.cli.url' => 'https://cloud.hatthieves.es', 'overwrite.cli.url' => 'https://cloud.hatthieves.es',
'dbname' => 'nextcloud', 'dbname' => 'nextcloud',
'dbhost' => 'mariadb-nextcloud', 'dbhost' => 'mariadb-nextcloud',

5
production/nginx/docker-compose.yml
Ver fichero

@@ -80,6 +80,7 @@ services:
salva: salva:
doom: doom:
wtorrent: wtorrent:
g-plv:
networks: networks:
mynet: mynet:
@@ -233,3 +234,7 @@ networks:
wtorrent: wtorrent:
external: external:
name: wtorrent_mynet name: wtorrent_mynet
g-plv:
external:
name: gplv_mynet

6
production/nginx/nginx/conf.d/hatthieves.conf
Ver fichero

@@ -21,7 +21,7 @@ server {
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
# add_header Alt-Svc 'h3-25=":443"; ma=86400'; # add_header Alt-Svc 'h3-25=":443"; ma=86400';
add_header alt-svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header alt-svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
server { server {
@@ -40,7 +40,7 @@ server {
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
# add_header Alt-Svc 'h3-25=":443"; ma=86400'; # add_header Alt-Svc 'h3-25=":443"; ma=86400';
add_header alt-svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header alt-svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
location / { location / {
return 301 https://www.hatthieves.es; return 301 https://www.hatthieves.es;
# rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent; # rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent;
@@ -61,7 +61,7 @@ server {
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
# add_header Alt-Svc 'h3-25=":443"; ma=86400'; # add_header Alt-Svc 'h3-25=":443"; ma=86400';
add_header alt-svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header alt-svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
location / { location / {
return 301 https://www.hatthieves.es; return 301 https://www.hatthieves.es;
# rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent; # rewrite ^/(.*)$ https://www.hatthieves.es/$1 permanent;

2
production/nginx/nginx/sites-available/bbb
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/chat
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/codimd
Ver fichero

@@ -12,6 +12,6 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/crossposter
Ver fichero

@@ -15,7 +15,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/defaultdrop
Ver fichero

@@ -30,7 +30,7 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host; proxy_set_header Host $host;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/dvwa
Ver fichero

@@ -15,6 +15,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/elastic
Ver fichero

@@ -15,7 +15,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/etherpad
Ver fichero

@@ -11,7 +11,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/familyark
Ver fichero

@@ -13,6 +13,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/gitea
Ver fichero

@@ -10,7 +10,7 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/glances
Ver fichero

@@ -15,6 +15,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

41
production/nginx/nginx/sites-available/ipfs
Ver fichero

@@ -2,7 +2,6 @@ server {
listen 443 ssl http2; listen 443 ssl http2;
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name ipfs.hatthieves.es; server_name ipfs.hatthieves.es;
proxy_pass_request_headers on;
location / { location / {
proxy_pass http://172.105.0.101:5001; proxy_pass http://172.105.0.101:5001;
auth_basic "Registry realm"; auth_basic "Registry realm";
@@ -15,8 +14,26 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# add_header 'Access-Control-Allow-Origin' $http_origin;
# add_header 'Access-Control-Allow-Methods' '*';
# add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Vary' 'Origin';
} }
# location /webui {
# proxy_pass http://172.105.0.101:5001/webui;
# auth_basic "Registry realm";
# auth_basic_user_file /etc/nginx/registry.htpasswd;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade";
# proxy_buffering off;
# proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# }
location /ipfs { location /ipfs {
proxy_pass http://172.105.0.101:8080/ipfs; proxy_pass http://172.105.0.101:8080/ipfs;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@@ -27,7 +44,11 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header 'Access-Control-Allow-Origin' '*';
# add_header 'Access-Control-Allow-Methods' '*';
# add_header 'Access-Control-Allow-Credentials' 'true';
# add_header 'Vary' 'Origin';
add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
location /ipns { location /ipns {
proxy_pass http://172.105.0.101:8080/ipns; proxy_pass http://172.105.0.101:8080/ipns;
@@ -39,7 +60,11 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header 'Access-Control-Allow-Origin' '*';
# add_header 'Access-Control-Allow-Methods' '*';
# add_header 'Access-Control-Allow-Credentials' 'true';
# add_header 'Vary' 'Origin';
add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
# location /p2p { # location /p2p {
# proxy_pass http://172.105.0.101:4002; # proxy_pass http://172.105.0.101:4002;
@@ -51,10 +76,10 @@ server {
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
# proxy_http_version 1.1; # proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# } # }
# location /ws { # location /ws {
# proxy_pass http://172.105.0.101:4003; # proxy_pass http://172.105.0.101:8081;
# proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header Host $host; # proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -63,7 +88,7 @@ server {
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
# proxy_http_version 1.1; # proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# } # }
# location /api { # location /api {
# proxy_pass http://172.105.0.101:5001/ipfs/api/v0; # proxy_pass http://172.105.0.101:5001/ipfs/api/v0;
@@ -75,7 +100,7 @@ server {
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
# proxy_http_version 1.1; # proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# add_header Access-Control-Allow-Origin '*'; # add_header Access-Control-Allow-Origin '*';
# add_header Access-Control-Allow-Methods '*'; # add_header Access-Control-Allow-Methods '*';
# } # }

2
production/nginx/nginx/sites-available/jitsi
Ver fichero

@@ -11,7 +11,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/kanban
Ver fichero

@@ -15,6 +15,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/kibana
Ver fichero

@@ -15,7 +15,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

4
production/nginx/nginx/sites-available/mastodon
Ver fichero

@@ -15,7 +15,7 @@ server {
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
# proxy_http_version 1.1; # proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# } # }
# location /api/v1/streaming { # location /api/v1/streaming {
# proxy_set_header Host $host; # proxy_set_header Host $host;
@@ -29,7 +29,7 @@ server {
# proxy_http_version 1.1; # proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade; # proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# tcp_nodelay on; # tcp_nodelay on;
# } # }
} }

2
production/nginx/nginx/sites-available/meta
Ver fichero

@@ -15,6 +15,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/mumble
Ver fichero

@@ -12,7 +12,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/netdata
Ver fichero

@@ -14,6 +14,6 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/nextcloud
Ver fichero

@@ -14,7 +14,7 @@ server {
proxy_http_version 1.1; proxy_http_version 1.1;
rewrite ^/\.well-known/carddav(.*)$ /remote.php/dav$1 redirect; rewrite ^/\.well-known/carddav(.*)$ /remote.php/dav$1 redirect;
rewrite ^/\.well-known/caldav(.*)$ /remote.php/dav$1 redirect; rewrite ^/\.well-known/caldav(.*)$ /remote.php/dav$1 redirect;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
} }
} }

6
production/nginx/nginx/sites-available/p2p
Ver fichero

@@ -11,9 +11,11 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
add_header 'Access-Control-Allow-Origin' $http_origin; add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Methods' '*';
add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Vary' 'Origin';
} }
location /ws { location /ws {
proxy_pass http://172.136.0.101:9000; proxy_pass http://172.136.0.101:9000;
@@ -24,7 +26,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/peertube
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/pleroma
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/pleroma-old
Ver fichero

@@ -14,7 +14,7 @@ server {
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
# proxy_buffering off; # proxy_buffering off;
# proxy_http_version 1.1; # proxy_http_version 1.1;
# add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; # add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
# } # }
} }

2
production/nginx/nginx/sites-available/privatebin
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/rocketchat
Ver fichero

@@ -12,7 +12,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/tail
Ver fichero

@@ -15,7 +15,7 @@ server {
# proxy_set_header Upgrade $http_upgrade; # proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "Upgrade"; # proxy_set_header Connection "Upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
http2_push_preload on; http2_push_preload on;
proxy_socket_keepalive on; proxy_socket_keepalive on;
proxy_connect_timeout 5m; proxy_connect_timeout 5m;

2
production/nginx/nginx/sites-available/theia
Ver fichero

@@ -13,7 +13,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/traefik
Ver fichero

@@ -15,6 +15,6 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/video
Ver fichero

@@ -11,7 +11,7 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/voip
Ver fichero

@@ -12,7 +12,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

2
production/nginx/nginx/sites-available/webmail
Ver fichero

@@ -12,7 +12,7 @@ server {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
proxy_buffering off; proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

6
production/nginx/nginx/sites-available/wordpress
Ver fichero

@@ -3,6 +3,7 @@ server {
listen [::]:443 ssl http2; listen [::]:443 ssl http2;
server_name www.hatthieves.es; server_name www.hatthieves.es;
client_max_body_size 2G; client_max_body_size 2G;
proxy_pass_request_headers on;
location / { location / {
proxy_pass http://172.126.0.101; proxy_pass http://172.126.0.101;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@@ -10,8 +11,9 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; proxy_set_header Connection 'Upgrade';
proxy_buffering off;
proxy_http_version 1.1; proxy_http_version 1.1;
add_header Alt-Svc 'h3-25=":443"; h3-24=":443"; ma=86400, h3-23=":443"'; add_header Alt-Svc 'h3-25=":443"; ma=3600, h2=":443"; ma=3600';
} }
} }

30
production/pleroma/docker-compose.yml
Ver fichero

@@ -2,24 +2,32 @@ version: '2'
services: services:
pleroma: pleroma:
build: ./pleroma build: ./pleroma.git
hostname: pleroma hostname: pleroma
container_name: pleroma container_name: pleroma
restart: always restart: always
command: mix phx.server # entrypoint:
# - /bin/sleep
# - infinity
volumes: volumes:
- ./pleroma/config:/pleroma/config # - ./pleroma/config:/etc/pleroma
- ./pleroma/uploads:/pleroma/uploads - ./pleroma/uploads:/var/lib/pleroma/uploads
- ./pleroma/vm.args.eex:/pleroma/rel/vm.args.eex - ./pleroma/config.exs:/etc/pleroma/config.exs:ro
- ./pleroma/terms-of-service.html:/pleroma/priv/static/static/terms-of-service.html:ro # - ./pleroma/vm.args.eex:/pleroma/rel/vm.args.eex
- ./pleroma/terms-of-service.html:/var/lib/pleroma/static/static/terms-of-service.html:ro
# - ./pleroma/emojis:/pleroma/priv/static/emoji/custom/images:ro # - ./pleroma/emojis:/pleroma/priv/static/emoji/custom/images:ro
# - ./pleroma/images:/pleroma/priv/static/static/images:ro # - ./pleroma/images:/pleroma/priv/static/static/images:ro
# - ./pleroma/custom_emoji.txt:/pleroma/config/custom_emoji.txt:ro # - ./pleroma/custom_emoji.txt:/pleroma/config/custom_emoji.txt:ro
# - ./pleroma/index.html:/pleroma/priv/static/index.html:ro # - ./pleroma/index.html:/pleroma/priv/static/index.html:ro
expose: # expose:
- 4000 # - 4000
ports: # ports:
- "9999:9999/tcp" # - "9999:9999/tcp"
environment:
- DB_HOST=postgres-pleroma
- DB_NAME=pleroma
- DB_USER=postgres
- DB_PASS=pl3r0m4.
networks: networks:
mynet: mynet:
ipv4_address: 172.2.0.101 ipv4_address: 172.2.0.101
@@ -31,7 +39,7 @@ services:
restart: always restart: always
shm_size: '1gb' shm_size: '1gb'
command: > command: >
-c 'max_connections=150' -c 'max_connections=250'
-c 'shared_buffers=512MB' -c 'shared_buffers=512MB'
-c 'effective_cache_size=1536MB' -c 'effective_cache_size=1536MB'
-c 'maintenance_work_mem=128MB' -c 'maintenance_work_mem=128MB'

2
production/pleroma/pleroma/config/prod.secret.exs
Ver fichero

@@ -109,7 +109,7 @@ config :pleroma, Pleroma.Repo,
password: "pl3r0m4.", password: "pl3r0m4.",
database: "pleroma", database: "pleroma",
hostname: "172.2.0.102", hostname: "172.2.0.102",
pool_size: 130 pool_size: 200
# timeout: 50000 # timeout: 50000
# Configure web push notifications # Configure web push notifications

10
production/prosody/docker-compose.yml
Ver fichero

@@ -2,7 +2,8 @@ version: '2'
services: services:
prosody: prosody:
image: 'prosody/prosody' build: ./prosody
# image: 'prosody/prosody'
hostname: prosody hostname: prosody
container_name: prosody container_name: prosody
restart: always restart: always
@@ -10,12 +11,19 @@ services:
- 5001:5001 - 5001:5001
- 5222:5222 - 5222:5222
- 5269:5269 - 5269:5269
- 5280:5280
- 5281:5281
- 5289:5289 - 5289:5289
volumes: volumes:
- ./prosody/prosody:/etc/prosody - ./prosody/prosody:/etc/prosody
- /opt/docker/secure/privkey.pem:/etc/prosody/certs/hatthieves.es.key:ro - /opt/docker/secure/privkey.pem:/etc/prosody/certs/hatthieves.es.key:ro
- /opt/docker/secure/fullchain.pem:/etc/prosody/certs/hatthieves.es.crt:ro - /opt/docker/secure/fullchain.pem:/etc/prosody/certs/hatthieves.es.crt:ro
- ./prosody/pid:/var/run/prosody - ./prosody/pid:/var/run/prosody
- ./mod_http_upload.lua:/usr/lib/prosody/modules/mod_http_upload.lua:ro
# - ./mod_register.lua:/usr/lib/prosody/modules/mod_register.lua:ro
# - ./captcha.lua:/usr/lib/prosody/captcha.lua:ro
# - ./dataforms.lua:/usr/lib/prosody/util/dataforms.lua:ro
# - ./FiraSans-Regular.ttf:/usr/lib/prosody/FiraSans-Regular.ttf:ro
networks: networks:
mynet: mynet:
ipv4_address: 172.111.0.101 ipv4_address: 172.111.0.101

28
production/prosody/prosody/prosody/prosody.cfg.lua
Ver fichero

@@ -21,7 +21,7 @@ daemonize = false;
-- for the server. Note that you must create the accounts separately -- for the server. Note that you must create the accounts separately
-- (see https://prosody.im/doc/creating_accounts for info) -- (see https://prosody.im/doc/creating_accounts for info)
-- Example: admins = { "user1@example.com", "user2@example.net" } -- Example: admins = { "user1@example.com", "user2@example.net" }
admins = { } admins = { "ale@hatthieves.es" }
-- Enable use of libevent for better performance under high load -- Enable use of libevent for better performance under high load
-- For more information see: https://prosody.im/doc/libevent -- For more information see: https://prosody.im/doc/libevent
@@ -67,8 +67,9 @@ modules_enabled = {
-- HTTP modules -- HTTP modules
--"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP" --"bosh"; -- Enable BOSH clients, aka "Jabber over HTTP"
--"websocket"; -- XMPP over WebSockets "websocket"; -- XMPP over WebSockets
--"http_files"; -- Serve static files from a directory over HTTP --"http_files"; -- Serve static files from a directory over HTTP
"http_upload";
-- Other specific functionality -- Other specific functionality
--"limits"; -- Enable bandwidth limiting for XMPP connections --"limits"; -- Enable bandwidth limiting for XMPP connections
@@ -93,7 +94,11 @@ modules_disabled = {
-- Disable account creation by default, for security -- Disable account creation by default, for security
-- For more information see https://prosody.im/doc/creating_accounts -- For more information see https://prosody.im/doc/creating_accounts
registration_title = "Crear cuenta en HatThieves"
registration_instructions = "Cree su cuenta libremente sin abusar, gracias"
allow_registration = true allow_registration = true
min_seconds_between_registrations = 3600
registration_throttle_cache_size = 1000
-- Force clients to use encrypted connections? This option will -- Force clients to use encrypted connections? This option will
-- prevent clients from authenticating unless they are using encryption. -- prevent clients from authenticating unless they are using encryption.
@@ -176,12 +181,29 @@ certificates = "certs"
-- HTTPS currently only supports a single certificate, specify it here: -- HTTPS currently only supports a single certificate, specify it here:
--https_certificate = "/etc/prosody/certs/localhost.crt" --https_certificate = "/etc/prosody/certs/localhost.crt"
http_upload_path = "/etc/prosody/upload"
https_ssl = {
certificate = "/etc/prosody/certs/hatthieves.es.crt";
key = "/etc/prosody/certs/hatthieves.es.key";
}
consider_websocket_secure = true
disco_items = {
{ "upload.hatthieves.es" },
}
http_upload_file_size_limit = 10485760
----------- Virtual hosts ----------- ----------- Virtual hosts -----------
-- You need to add a VirtualHost entry for each domain you wish Prosody to serve. -- You need to add a VirtualHost entry for each domain you wish Prosody to serve.
-- Settings under each VirtualHost entry apply *only* to that host. -- Settings under each VirtualHost entry apply *only* to that host.
VirtualHost "hatthieves.es" VirtualHost "hatthieves.es"
--captcha_config = {
-- dir = "/tmp"; -- Directory used to storage captcha images. Please make sure prosody user allowed to write there.
-- timeout = 60; -- Timeout when captcha will expire
-- web_path = "challenge"; -- Web path used to separate main prosody site from itself modules.
-- font = "/usr/lib/prosody/FiraSans-Regular.ttf" -- Font used for captcha text
--}
--VirtualHost "example.com" --VirtualHost "example.com"
-- certificate = "/path/to/example.crt" -- certificate = "/path/to/example.crt"
@@ -203,3 +225,5 @@ Component "conference.hatthieves.es" "muc"
-- --
--Component "gateway.example.com" --Component "gateway.example.com"
-- component_secret = "password" -- component_secret = "password"
Component "upload.hatthieves.es" "http_upload"

1
production/wordpress/docker-compose.yml
Ver fichero

@@ -18,6 +18,7 @@ services:
- ./wordpress/functions.php:/usr/src/wordpress/wp-includes/functions.php:ro - ./wordpress/functions.php:/usr/src/wordpress/wp-includes/functions.php:ro
- ./wordpress/header.php:/usr/src/wordpress/wp-content/themes/twentyseventeen/header.php - ./wordpress/header.php:/usr/src/wordpress/wp-content/themes/twentyseventeen/header.php
- ./wordpress/footer.php:/usr/src/wordpress/wp-content/themes/twentyseventeen/footer.php - ./wordpress/footer.php:/usr/src/wordpress/wp-content/themes/twentyseventeen/footer.php
- ./wordpress/google258093a68d45ac64.html:/var/www/html/google258093a68d45ac64.html
- ./wordpress/htaccess:/var/www/html/.htaccess - ./wordpress/htaccess:/var/www/html/.htaccess
- ./wordpress/wp-content:/var/www/html/wp-content - ./wordpress/wp-content:/var/www/html/wp-content
- ./wordpress/apache2.conf:/etc/apache2/apache2.conf:ro - ./wordpress/apache2.conf:/etc/apache2/apache2.conf:ro

21
scripts/backup-dbs.sh
Ver fichero

@@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
RUTE=/opt/docker RUTE=/opt/docker
tar -Jcpf $RUTE/backups/backup-dbs-$(date +%d%m%Y).tar.xz \ tar --same-owner -Jcpf $RUTE/backups/backup-dbs-$(date +%d%m%Y).tar.xz \
$RUTE/testing/kanban/data \ $RUTE/testing/kanban/data \
$RUTE/production/gitea/data \ $RUTE/production/gitea/data \
$RUTE/production/gitea/db \ $RUTE/production/gitea/db \
@@ -8,14 +8,10 @@ $RUTE/production/pleroma/data \
$RUTE/testing/crossposter/redis \ $RUTE/testing/crossposter/redis \
$RUTE/testing/crossposter/data \ $RUTE/testing/crossposter/data \
$RUTE/production/mumble/data \ $RUTE/production/mumble/data \
#$RUTE/production/mastodon/redis \
#$RUTE/production/mastodon/data \
#$RUTE/production/mastodon/elastic/nodes \
$RUTE/production/peertube/redis \ $RUTE/production/peertube/redis \
$RUTE/production/peertube/data \ $RUTE/production/peertube/data \
$RUTE/production/familyark/mongodb \ $RUTE/production/familyark/mongodb \
$RUTE/production/etherpad/mysql \ $RUTE/production/etherpad/mysql \
#$RUTE/production/gnusocial/mariadb \
$RUTE/production/wordpress/mysql \ $RUTE/production/wordpress/mysql \
$RUTE/production/haraka-wildduck/mongodb \ $RUTE/production/haraka-wildduck/mongodb \
$RUTE/production/haraka-wildduck/redis \ $RUTE/production/haraka-wildduck/redis \
@@ -23,7 +19,14 @@ $RUTE/production/haraka-wildduck/attachments \
$RUTE/production/privatebin/data \ $RUTE/production/privatebin/data \
$RUTE/production/rocket/redis \ $RUTE/production/rocket/redis \
$RUTE/production/rocket/mongo \ $RUTE/production/rocket/mongo \
$RUTE/production/wp_multisite/db_data \ $RUTE/production/wp_multisite/db_data
$RUTE/testing/bigbluebutton/db \
$RUTE/production/elk/elastic \
$RUTE/production/elk/file #$RUTE/production/elk/elastic \
#$RUTE/production/elk/file
#$RUTE/production/mastodon/redis \
#$RUTE/production/mastodon/data \
#$RUTE/production/mastodon/elastic/nodes \
#$RUTE/production/gnusocial/mariadb \
#$RUTE/testing/bigbluebutton/db \

1
testing/bigbluebutton/docker

Submodule testing/bigbluebutton/docker deleted from b0345cb587

1
testing/doom/web/web

Submodule testing/doom/web/web deleted from 00a52b2655

2
testing/hatbot/hatbot/package.json
Ver fichero

@@ -20,7 +20,7 @@
"qrcode-terminal": "*", "qrcode-terminal": "*",
"request": "*", "request": "*",
"sync-request": "*", "sync-request": "*",
"whatsapp-web.js": "^1.5.1", "whatsapp-web.js": "*",
"wikiquote": "*", "wikiquote": "*",
"ytsr": "*" "ytsr": "*"
} }

3934
testing/hatbot/hatbot/yarn.lock
Ver fichero

La diferencia del archivo ha sido suprimido porque es demasiado grande Cargar Diff