diff --git a/certs/docker.gpg b/certs/docker.gpg new file mode 100644 index 0000000..a753662 --- /dev/null +++ b/certs/docker.gpg @@ -0,0 +1,62 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth +lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh +38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq +L4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7 +UrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N +cmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht +ku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo +vZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD +G7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ +XYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj +q5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB +tCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3 +BBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO +v82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd +tI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk +jonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m +6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P +XRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc +FYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8 +g383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm +ebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh +9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5 +G34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW +FPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB +EADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF +M2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx +Q+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu +w6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk +z2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8 +eRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb +VfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa +1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X +zJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ +pqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7 +ZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ +BQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY +1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp +YcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI +mD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES +KA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7 +JIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ +cM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0 +6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5 +U888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z +VfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f +irP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk +SVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz +QhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W +9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw +24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe +dKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y +Vm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR +H3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh +/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ +M8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S +xx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O +jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG +YT90qFF93M3v01BbxP+EIY2/9tiIPbrd +=0YYh +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/deployment/defaults.sh b/defaults.sh similarity index 93% rename from deployment/defaults.sh rename to defaults.sh index bddab5a..42497db 100644 --- a/deployment/defaults.sh +++ b/defaults.sh @@ -17,9 +17,10 @@ export BTCPAY_HOSTNAME="btcpay" export UMBREL_HOSTNAME="umbrel" export NEXTCLOUD_HOSTNAME="nextcloud" export GITEA_HOSTNAME="git" -export NOSTR_HOSTNAME="messages" +export NOSTR_HOSTNAME="relay" export NOSTR_ACCOUNT_PUBKEY= +# used by 'aws' deployments only; planned deprecation export DDNS_PASSWORD= # this is where the html is sourced from. @@ -66,18 +67,18 @@ export DUPLICITY_BACKUP_PASSPHRASE= export BTCPAYGEN_ADDITIONAL_FRAGMENTS="opt-save-storage;opt-add-btctransmuter;opt-add-configurator;" export SSH_HOME="$HOME/.ssh" export VLAN_INTERFACE= -export CACHE_DIR="$HOME/cache" export VM_NAME= export DEV_MEMORY_MB="4096" export DEV_CPU_COUNT="4" export SSHFS_PATH="/tmp/sshfs_temp" +export DOCKER_IMAGE_CACHE_FQDN="registry-1.docker.io" export NEXTCLOUD_SPACE_GB=10 DEV_LXD_REMOTE="$(lxc remote get-default)" export DEV_LXD_REMOTE="$DEV_LXD_REMOTE" -export SITE_TITLE= +#export SITE_TITLE= # we use this later when we create a VM, we annotate what git commit (from a tag) we used. LATEST_GIT_TAG="$(git describe --abbrev=0)" @@ -94,7 +95,7 @@ if [ ! -f "$(which rsync)" ]; then fi # shellcheck disable=1091 -export SITE_PATH="$HOME/.sites" + export LXD_DISK_TO_USE= @@ -107,8 +108,9 @@ ENABLE_NGINX_CACHING=false # 2 ensure install.sh has been run by checking for tor, docker-machine, lxd, wait-for-it, etc. # 3 pretty much just run the install script if anything is awry # 4 maybe check to ensure all the CNAME and A+ records are there first so we can quit before machine creation. - -export SITE_PATH="$SITE_PATH/$DOMAIN_NAME" +export SITE_PATH_HOME="$HOME/ss-sites" +SITE_PATH="$SITE_PATH_HOME/$DOMAIN_NAME" +mkdir -p "$SITE_PATH" if [ ! -d "$SITE_PATH" ]; then echo "ERROR: '$SITE_PATH' does not exist." exit 1 @@ -138,4 +140,4 @@ export GITEA_DB_IMAGE="$DEFAULT_DB_IMAGE" export WWW_MAC_ADDRESS= export BTCPAY_MAC_ADDRESS= -export UMBREL_MAC_ADDRESS= \ No newline at end of file +export UMBREL_MAC_ADDRESS= diff --git a/deployment/signal-desktop-keyring.gpg b/deployment/signal-desktop-keyring.gpg deleted file mode 100644 index b5e68a0..0000000 Binary files a/deployment/signal-desktop-keyring.gpg and /dev/null differ diff --git a/lxd_init.yaml b/lxd_init.yaml new file mode 100644 index 0000000..d8b95cd --- /dev/null +++ b/lxd_init.yaml @@ -0,0 +1,33 @@ +# this goes in instructions. Basically how do you init a LXC cluster member with overlay fan. +config: + core.https_address: ${LXD_CLUSTER_IP}:8443 + core.trust_password: ${LXD_CLUSTER_PASSWORD} +networks: +- config: + bridge.mode: fan + fan.underlay_subnet: auto + description: "" + name: lxdfan0 + type: "" + project: default +storage_pools: [] +profiles: +- config: {} + description: "" + devices: + eth0: + name: eth0 + network: lxdfan0 + type: nic + name: default +projects: [] +cluster: + server_name: ${CLUSTER_NAME} + enabled: true + member_config: [] + cluster_address: "" + cluster_certificate: "" + server_address: "" + cluster_password: "" + cluster_certificate_path: "" + cluster_token: "" diff --git a/deployment/shared.sh b/shared.sh similarity index 74% rename from deployment/shared.sh rename to shared.sh index 40ce907..b6e0ce3 100755 --- a/deployment/shared.sh +++ b/shared.sh @@ -8,53 +8,6 @@ if [ ! -d "$SITE_PATH" ]; then exit 1 fi -function new_pass { - apg -a 1 -M nc -n 3 -m 26 -E GHIJKLMNOPQRSTUVWXYZ | head -n1 | awk '{print $1;}' -} - -# check to see if the enf file exists. exist if not. -SITE_DEFINITION_PATH="$SITE_PATH/site_definition" -if [ ! -f "$SITE_DEFINITION_PATH" ]; then - echo "WARNING: '$SITE_DEFINITION_PATH' does not exist! We have stubbed one out for you, but you need to UPDATE IT!" - - # stub out a site_definition with new passwords. - cat >"$SITE_DEFINITION_PATH" <