From c99993330efd8399fabf52f9c172cfa9e7ca295c Mon Sep 17 00:00:00 2001 From: Swarsel Date: Tue, 10 Dec 2024 18:01:42 +0100 Subject: [PATCH] chore: clean up deprecated files --- SwarselSystems.org | 466 ------------------ flake.nix | 8 - .../oracle/matrix/hardware-configuration.nix | 18 - profiles/remote/oracle/matrix/nixos.nix | 340 ------------- scripts/check.sh | 56 --- scripts/checkconfigstatus.sh | 27 - scripts/checkdiscord.sh | 10 - scripts/checkelement.sh | 10 - scripts/checkgomuks.sh | 12 - scripts/checkkitty.sh | 13 - scripts/checkschildi.sh | 10 - scripts/checkspotify.sh | 7 - scripts/checkspotify_actual.sh | 10 - scripts/checkspotifytui.sh | 12 - scripts/editor-wait.sh | 13 - scripts/editor.sh | 15 - scripts/editor_nowait.sh | 16 - scripts/pass-fuzzel-otp.sh | 24 - scripts/server1/doublepuppet.yaml | 21 - scripts/server1/iptables.sh | 40 -- scripts/server1/iptables.sh.bak | 47 -- scripts/server1/routing.sh | 14 - scripts/server1/routing.sh.bak | 14 - scripts/server1/update-resolv-conf | 45 -- scripts/server1/update-resolv-conf.bak | 45 -- scripts/toggle_opacity.sh | 11 - secrets/keys/authorized_keys | 1 - secrets/keys/nbl.pub | 1 - 28 files changed, 1306 deletions(-) delete mode 100644 profiles/remote/oracle/matrix/hardware-configuration.nix delete mode 100644 profiles/remote/oracle/matrix/nixos.nix delete mode 100644 scripts/check.sh delete mode 100755 scripts/checkconfigstatus.sh delete mode 100755 scripts/checkdiscord.sh delete mode 100755 scripts/checkelement.sh delete mode 100755 scripts/checkgomuks.sh delete mode 100755 scripts/checkkitty.sh delete mode 100755 scripts/checkschildi.sh delete mode 100755 scripts/checkspotify.sh delete mode 100755 scripts/checkspotify_actual.sh delete mode 100755 scripts/checkspotifytui.sh delete mode 100644 scripts/editor-wait.sh delete mode 100755 scripts/editor.sh delete mode 100755 scripts/editor_nowait.sh delete mode 100644 scripts/pass-fuzzel-otp.sh delete mode 100644 scripts/server1/doublepuppet.yaml delete mode 100644 scripts/server1/iptables.sh delete mode 100644 scripts/server1/iptables.sh.bak delete mode 100644 scripts/server1/routing.sh delete mode 100644 scripts/server1/routing.sh.bak delete mode 100644 scripts/server1/update-resolv-conf delete mode 100644 scripts/server1/update-resolv-conf.bak delete mode 100755 scripts/toggle_opacity.sh delete mode 100644 secrets/keys/authorized_keys delete mode 100644 secrets/keys/nbl.pub diff --git a/SwarselSystems.org b/SwarselSystems.org index adb8adc..8314136 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -318,68 +318,6 @@ Set in firefox `about:config > toolkit.legacyUserProfileCustomizations.styleshee These settings are to be used only on full NixOS setups. -*** Virtual hosts init -:PROPERTIES: -:CUSTOM_ID: h:a4585ec3-8fa0-472c-a0db-1b34917591ea -:END: - -This sections is for common NixoS settings that I use for my NixoS LXC images that I run on Proxmox. Proxmox requires special attention to run along with NixOS in any capacity. - -#+begin_src nix :tangle no :noweb-ref vminitbare - - - services = { - xserver.xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - openssh = { - enable = true; - settings.PermitRootLogin = "yes"; - listenAddresses = [{ - port = 22; - addr = "0.0.0.0"; - }]; - }; - }; - - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - proxmoxLXC = { - manageNetwork = true; # manage network myself - manageHostName = false; # manage hostname myself - }; - - networking = { - useDHCP = true; - enableIPv6 = false; - }; - - users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../../secrets/keys/authorized_keys - ]; - - system.stateVersion = "23.05"; # TEMPLATE - but probably no need to change - - environment.shellAliases = { - nswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; - }; - -#+end_src - -This is again the =hardware-configuration.nix= wrap that you saw earlier, however for Proxmox systems we need to add some more NixOS modules for compatibility. - -#+begin_src nix :tangle no :noweb yes :noweb-ref vminit - - imports = [ - (modulesPath + "/virtualisation/proxmox-lxc.nix") - ./hardware-configuration.nix - ]; - - <> - -#+end_src - ** flake.nix :PROPERTIES: :CUSTOM_ID: h:c7588c0d-2528-485d-b2df-04d6336428d7 @@ -668,14 +606,6 @@ This section used to be much longer, since I performed all of my imports right h ]; }; - #ovm swarsel - swatrix = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs; }; - modules = [ - inputs.sops-nix.nixosModules.sops - ./profiles/remote/oracle/matrix/nixos.nix - ]; - }; #+end_src *** homeConfigurations :PROPERTIES: @@ -1483,402 +1413,6 @@ I have removed most of the machines from this section. What remains are some hos #+end_src -**** [Manual steps required] Swatrix (OCI) -:PROPERTIES: -:CUSTOM_ID: h:39553a9c-7095-4db8-b0df-bf47d91cb937 -:END: -***** NixOS -:PROPERTIES: -:CUSTOM_ID: h:441d367d-cddd-40d7-9db7-d170e61e1c52 -:END: - -This is a backup matrix server that is meant to be deployed on OCI. I have not gotten to that yet. - -#+begin_src nix :tangle no - - settings.app_service_config_files = [ - "/var/lib/matrix-synapse/telegram-registration.yaml" - "/var/lib/matrix-synapse/whatsapp-registration.yaml" - "/var/lib/matrix-synapse/signal-registration.yaml" - "/var/lib/matrix-synapse/doublepuppet.yaml" - ] - -#+end_src - -need to be moved to the corresponding location. The below files are created as soon as the appservice is run once. This means that matrix will crash on the first startup; afterwards run these commands and restart the service. - -#+begin_src shell :tangle no - - cp /var/lib/mautrix-telegram/telegram-registration.yaml /var/lib/matrix-synapse/ - chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/telegram-registration.yaml - cp /var/lib/mautrix-signal/signal-registration.yaml /var/lib/matrix-synapse/ - chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/signal-registration.yaml - cp /var/lib/mautrix-whatsapp/whatsapp-registration.yaml /var/lib/matrix-synapse/ - chown matrix-synapse:matrix-synapse /var/lib/matrix-synapse/whatsapp-registration.yaml - -#+end_src - -as for the contents of doublepuppet.yaml: - -#+begin_src yaml :tangle no -id: doublepuppet -url: -as_token: doublepuppet -hs_token: notused -sender_localpart: notused -rate_limited: false -namespaces: - users: - - regex: '@.*:matrix2\.swarsel\.win' - exclusive: false -#+end_src - -Lastly, the machine that runs matrix needs to regularly update, as otherwise you will lose connectivity to the bridges. - -#+begin_src nix :tangle profiles/remote/oracle/matrix/nixos.nix - { config, pkgs, sops, ... }: - let - matrixDomain = "swatrix.swarsel.win"; - in - { - - imports = [ - ./hardware-configuration.nix - ]; - - environment.systemPackages = with pkgs; [ - git - gnupg - ssh-to-age - matrix-synapse - lottieconverter - ffmpeg - ]; - - services.xserver.xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - sops = { - age.sshKeyPaths = [ "/etc/ssh/sops" ]; - defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml"; - validateSopsFiles = false; - secrets = { - dnstokenfull = { owner = "acme"; }; - matrixsharedsecret = { owner = "matrix-synapse"; }; - mautrixtelegram_as = { owner = "matrix-synapse"; }; - mautrixtelegram_hs = { owner = "matrix-synapse"; }; - mautrixtelegram_api_id = { owner = "matrix-synapse"; }; - mautrixtelegram_api_hash = { owner = "matrix-synapse"; }; - }; - templates = { - "certs.secret".content = '' - CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} - ''; - "matrix_user_register.sh".content = '' - register_new_matrix_user -k ${config.sops.placeholder.matrixsharedsecret} http://localhost:8008 - ''; - mautrixtelegram = { - owner = "matrix-synapse"; - content = '' - MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=${config.sops.placeholder.mautrixtelegram_as} - MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=${config.sops.placeholder.mautrixtelegram_hs} - MAUTRIX_TELEGRAM_TELEGRAM_API_ID=${config.sops.placeholder.mautrixtelegram_api_id} - MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash} - ''; - }; - matrixshared = { - owner = "matrix-synapse"; - content = '' - registration_shared_secret: ${config.sops.placeholder.matrixsharedsecret} - ''; - }; - }; - }; - - documentation = { - enable = false; - }; - - security.acme = { - acceptTerms = true; - preliminarySelfsigned = false; - defaults.email = "mrswarsel@gmail.com"; - defaults.dnsProvider = "cloudflare"; - defaults.environmentFile = "${config.sops.templates."certs.secret".path}"; - }; - - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedGzipSettings = true; - virtualHosts = { - - "swatrix.swarsel.win" = { - enableACME = true; - forceSSL = true; - acmeRoot = null; - locations = { - "~ ^(/_matrix|/_synapse/client)" = { - proxyPass = "http://localhost:8008"; - extraConfig = '' - client_max_body_size 0; - ''; - }; - }; - }; - }; - }; - - boot.tmp.cleanOnBoot = true; - zramSwap.enable = false; - networking = { - hostName = "swatrix"; - enableIPv6 = false; - domain = "swarsel.win"; - firewall.extraCommands = '' - iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 8008 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29317 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29318 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29328 -j ACCEPT - ''; - }; - services.openssh = { - enable = true; - settings.PermitRootLogin = "yes"; - }; - users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../../../secrets/keys/authorized_keys - ]; - - system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change - - environment.shellAliases = { - nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; - }; - - boot.loader.grub.device = "nodev"; - - services.postgresql = { - enable = true; - initialScript = pkgs.writeText "synapse-init.sql" '' - CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; - CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-telegram" WITH LOGIN PASSWORD 'telegram'; - CREATE DATABASE "mautrix-telegram" WITH OWNER "mautrix-telegram" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp'; - CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-signal" WITH LOGIN PASSWORD 'signal'; - CREATE DATABASE "mautrix-signal" WITH OWNER "mautrix-signal" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - ''; - }; - services.matrix-synapse = { - settings.app_service_config_files = [ - "/var/lib/matrix-synapse/telegram-registration.yaml" - "/var/lib/matrix-synapse/whatsapp-registration.yaml" - "/var/lib/matrix-synapse/signal-registration.yaml" - "/var/lib/matrix-synapse/doublepuppet.yaml" - ]; - enable = true; - settings = { - server_name = matrixDomain; - public_baseurl = "https://${matrixDomain}"; - }; - listeners = [ - { - port = 8008; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = true; - } - ]; - } - ]; - extraConfigFiles = [ - config.sops.templates.matrixshared.path - ]; - }; - - services.mautrix-telegram = { - enable = true; - environmentFile = config.sops.templates.mautrixtelegram.path; - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - address = "http://localhost:29317"; - hostname = "0.0.0.0"; - port = "29317"; - provisioning.enabled = true; - id = "telegram"; - # ephemeral_events = true; # not needed due to double puppeting - public = { - enabled = false; - }; - database = "postgresql:///mautrix-telegram?host=/run/postgresql"; - }; - bridge = { - relaybot.authless_portals = true; - allow_avatar_remove = true; - allow_contact_info = true; - sync_channel_members = true; - startup_sync = true; - sync_create_limit = 0; - sync_direct_chats = true; - telegram_link_preview = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - animated_sticker = { - target = "gif"; - args = { - width = 256; - height = 256; - fps = 30; # only for webm - background = "020202"; # only for gif, transparency not supported - }; - }; - }; - }; - }; - systemd.services.mautrix-telegram.path = with pkgs; [ - lottieconverter # for animated stickers conversion, unfree package - ffmpeg # if converting animated stickers to webm (very slow!) - ]; - - services.mautrix-whatsapp = { - enable = true; - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - address = "http://localhost:29318"; - hostname = "0.0.0.0"; - port = 29318; - database = { - type = "postgres"; - uri = "postgresql:///mautrix-whatsapp?host=/run/postgresql"; - }; - }; - bridge = { - displayname_template = "{{or .FullName .PushName .JID}} (WA)"; - history_sync = { - backfill = true; - max_initial_conversations = -1; - message_count = -1; - request_full_sync = true; - full_sync_config = { - days_limit = 900; - size_mb_limit = 5000; - storage_quota_mb = 5000; - }; - }; - login_shared_secret_map = { - matrixDomain = "as_token:doublepuppet"; - }; - sync_manual_marked_unread = true; - send_presence_on_typing = true; - parallel_member_sync = true; - url_previews = true; - caption_in_message = true; - extev_polls = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - }; - }; - }; - - services.mautrix-signal = { - enable = true; - registerToSynapse = false; # this has the same effect as registering to app_service_config_file above - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - - address = "http://localhost:29328"; - hostname = "0.0.0.0"; - port = 29328; - database = { - type = "postgres"; - uri = "postgresql:///mautrix-signal?host=/run/postgresql"; - }; - }; - bridge = { - displayname_template = "{{or .ContactName .ProfileName .PhoneNumber}} (Signal)"; - login_shared_secret_map = { - matrixDomain = "as_token:doublepuppet"; - }; - caption_in_message = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - }; - }; - }; - - # restart the bridges daily. this is done for the signal bridge mainly which stops carrying - # messages out after a while. - - systemd.timers."restart-bridges" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "1d"; - OnUnitActiveSec = "1d"; - Unit = "restart-bridges.service"; - }; - }; - - systemd.services."restart-bridges" = { - script = '' - systemctl restart mautrix-whatsapp.service - systemctl restart mautrix-signal.service - systemctl restart mautrix-telegram.service - ''; - serviceConfig = { - Type = "oneshot"; - User = "root"; - }; - }; - - } - -#+end_src - ** Overlays, packages, and modules :PROPERTIES: diff --git a/flake.nix b/flake.nix index cdb9c7b..15642a7 100644 --- a/flake.nix +++ b/flake.nix @@ -228,14 +228,6 @@ ]; }; - #ovm swarsel - swatrix = nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs; }; - modules = [ - inputs.sops-nix.nixosModules.sops - ./profiles/remote/oracle/matrix/nixos.nix - ]; - }; }; # pure Home Manager setups - for non-NixOS machines diff --git a/profiles/remote/oracle/matrix/hardware-configuration.nix b/profiles/remote/oracle/matrix/hardware-configuration.nix deleted file mode 100644 index 92264ce..0000000 --- a/profiles/remote/oracle/matrix/hardware-configuration.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ modulesPath, ... }: { - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.loader.grub = { - efiSupport = true; - efiInstallAsRemovable = true; - device = "nodev"; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/A1B2-7E6F"; - fsType = "vfat"; - }; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; - boot.initrd.kernelModules = [ "nvme" ]; - fileSystems."/" = { - device = "/dev/mapper/ocivolume-root"; - fsType = "xfs"; - }; -} diff --git a/profiles/remote/oracle/matrix/nixos.nix b/profiles/remote/oracle/matrix/nixos.nix deleted file mode 100644 index 029a599..0000000 --- a/profiles/remote/oracle/matrix/nixos.nix +++ /dev/null @@ -1,340 +0,0 @@ -{ config, pkgs, sops, ... }: -let - matrixDomain = "swatrix.swarsel.win"; -in -{ - - imports = [ - ./hardware-configuration.nix - ]; - - environment.systemPackages = with pkgs; [ - git - gnupg - ssh-to-age - matrix-synapse - lottieconverter - ffmpeg - ]; - - services.xserver.xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - sops = { - age.sshKeyPaths = [ "/etc/ssh/sops" ]; - defaultSopsFile = "/root/.dotfiles/secrets/omatrix/secrets.yaml"; - validateSopsFiles = false; - secrets = { - dnstokenfull = { owner = "acme"; }; - matrixsharedsecret = { owner = "matrix-synapse"; }; - mautrixtelegram_as = { owner = "matrix-synapse"; }; - mautrixtelegram_hs = { owner = "matrix-synapse"; }; - mautrixtelegram_api_id = { owner = "matrix-synapse"; }; - mautrixtelegram_api_hash = { owner = "matrix-synapse"; }; - }; - templates = { - "certs.secret".content = '' - CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull} - ''; - "matrix_user_register.sh".content = '' - register_new_matrix_user -k ${config.sops.placeholder.matrixsharedsecret} http://localhost:8008 - ''; - mautrixtelegram = { - owner = "matrix-synapse"; - content = '' - MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=${config.sops.placeholder.mautrixtelegram_as} - MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=${config.sops.placeholder.mautrixtelegram_hs} - MAUTRIX_TELEGRAM_TELEGRAM_API_ID=${config.sops.placeholder.mautrixtelegram_api_id} - MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash} - ''; - }; - matrixshared = { - owner = "matrix-synapse"; - content = '' - registration_shared_secret: ${config.sops.placeholder.matrixsharedsecret} - ''; - }; - }; - }; - - documentation = { - enable = false; - }; - - security.acme = { - acceptTerms = true; - preliminarySelfsigned = false; - defaults.email = "mrswarsel@gmail.com"; - defaults.dnsProvider = "cloudflare"; - defaults.environmentFile = "${config.sops.templates."certs.secret".path}"; - }; - - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedGzipSettings = true; - virtualHosts = { - - "swatrix.swarsel.win" = { - enableACME = true; - forceSSL = true; - acmeRoot = null; - locations = { - "~ ^(/_matrix|/_synapse/client)" = { - proxyPass = "http://localhost:8008"; - extraConfig = '' - client_max_body_size 0; - ''; - }; - }; - }; - }; - }; - - boot.tmp.cleanOnBoot = true; - zramSwap.enable = false; - networking = { - hostName = "swatrix"; - enableIPv6 = false; - domain = "swarsel.win"; - firewall.extraCommands = '' - iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 8008 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29317 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29318 -j ACCEPT - iptables -I INPUT -m state --state NEW -p tcp --dport 29328 -j ACCEPT - ''; - }; - services.openssh = { - enable = true; - settings.PermitRootLogin = "yes"; - }; - users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../../../secrets/keys/authorized_keys - ]; - - system.stateVersion = "23.11"; # TEMPLATE - but probably no need to change - - environment.shellAliases = { - nswitch = "cd ~/.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;"; - }; - - boot.loader.grub.device = "nodev"; - - services.postgresql = { - enable = true; - initialScript = pkgs.writeText "synapse-init.sql" '' - CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; - CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-telegram" WITH LOGIN PASSWORD 'telegram'; - CREATE DATABASE "mautrix-telegram" WITH OWNER "mautrix-telegram" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp'; - CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - CREATE ROLE "mautrix-signal" WITH LOGIN PASSWORD 'signal'; - CREATE DATABASE "mautrix-signal" WITH OWNER "mautrix-signal" - TEMPLATE template0 - LC_COLLATE = "C" - LC_CTYPE = "C"; - ''; - }; - services.matrix-synapse = { - settings.app_service_config_files = [ - "/var/lib/matrix-synapse/telegram-registration.yaml" - "/var/lib/matrix-synapse/whatsapp-registration.yaml" - "/var/lib/matrix-synapse/signal-registration.yaml" - "/var/lib/matrix-synapse/doublepuppet.yaml" - ]; - enable = true; - settings = { - server_name = matrixDomain; - public_baseurl = "https://${matrixDomain}"; - }; - listeners = [ - { - port = 8008; - bind_addresses = [ "0.0.0.0" ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = [ "client" "federation" ]; - compress = true; - } - ]; - } - ]; - extraConfigFiles = [ - config.sops.templates.matrixshared.path - ]; - }; - - services.mautrix-telegram = { - enable = true; - environmentFile = config.sops.templates.mautrixtelegram.path; - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - address = "http://localhost:29317"; - hostname = "0.0.0.0"; - port = "29317"; - provisioning.enabled = true; - id = "telegram"; - # ephemeral_events = true; # not needed due to double puppeting - public = { - enabled = false; - }; - database = "postgresql:///mautrix-telegram?host=/run/postgresql"; - }; - bridge = { - relaybot.authless_portals = true; - allow_avatar_remove = true; - allow_contact_info = true; - sync_channel_members = true; - startup_sync = true; - sync_create_limit = 0; - sync_direct_chats = true; - telegram_link_preview = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - animated_sticker = { - target = "gif"; - args = { - width = 256; - height = 256; - fps = 30; # only for webm - background = "020202"; # only for gif, transparency not supported - }; - }; - }; - }; - }; - systemd.services.mautrix-telegram.path = with pkgs; [ - lottieconverter # for animated stickers conversion, unfree package - ffmpeg # if converting animated stickers to webm (very slow!) - ]; - - services.mautrix-whatsapp = { - enable = true; - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - address = "http://localhost:29318"; - hostname = "0.0.0.0"; - port = 29318; - database = { - type = "postgres"; - uri = "postgresql:///mautrix-whatsapp?host=/run/postgresql"; - }; - }; - bridge = { - displayname_template = "{{or .FullName .PushName .JID}} (WA)"; - history_sync = { - backfill = true; - max_initial_conversations = -1; - message_count = -1; - request_full_sync = true; - full_sync_config = { - days_limit = 900; - size_mb_limit = 5000; - storage_quota_mb = 5000; - }; - }; - login_shared_secret_map = { - matrixDomain = "as_token:doublepuppet"; - }; - sync_manual_marked_unread = true; - send_presence_on_typing = true; - parallel_member_sync = true; - url_previews = true; - caption_in_message = true; - extev_polls = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - }; - }; - }; - - services.mautrix-signal = { - enable = true; - registerToSynapse = false; # this has the same effect as registering to app_service_config_file above - settings = { - homeserver = { - address = "http://localhost:8008"; - domain = matrixDomain; - }; - appservice = { - - address = "http://localhost:29328"; - hostname = "0.0.0.0"; - port = 29328; - database = { - type = "postgres"; - uri = "postgresql:///mautrix-signal?host=/run/postgresql"; - }; - }; - bridge = { - displayname_template = "{{or .ContactName .ProfileName .PhoneNumber}} (Signal)"; - login_shared_secret_map = { - matrixDomain = "as_token:doublepuppet"; - }; - caption_in_message = true; - permissions = { - "*" = "relaybot"; - "@swarsel:${matrixDomain}" = "admin"; - }; - }; - }; - }; - - # restart the bridges daily. this is done for the signal bridge mainly which stops carrying - # messages out after a while. - - systemd.timers."restart-bridges" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "1d"; - OnUnitActiveSec = "1d"; - Unit = "restart-bridges.service"; - }; - }; - - systemd.services."restart-bridges" = { - script = '' - systemctl restart mautrix-whatsapp.service - systemctl restart mautrix-signal.service - systemctl restart mautrix-telegram.service - ''; - serviceConfig = { - Type = "oneshot"; - User = "root"; - }; - }; - -} diff --git a/scripts/check.sh b/scripts/check.sh deleted file mode 100644 index a695ff5..0000000 --- a/scripts/check.sh +++ /dev/null @@ -1,56 +0,0 @@ -kitty=0 -element=0 -discord=0 -spotifyplayer=0 -while :; do - case ${1:-} in - -k|--kitty) kitty=1 - ;; - -e|--element) element=1 - ;; - -d|--discord) discord=1 - ;; - -s|--spotifyplayer) spotifyplayer=1 - ;; - *) break - esac - shift -done - -if [[ $kitty -eq 1 ]]; then - STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true) - CHECK=$(swaymsg -t get_tree | grep kittyterm || true) - if [ "$CHECK" == "" ]; then - exec kitty -T kittyterm & sleep 1 - fi - if [ "$STR" == "" ]; then - exec swaymsg '[title="kittyterm"]' scratchpad show - else - exec swaymsg '[title="kittyterm"]' scratchpad show - fi -elif [[ $element -eq 1 ]]; then - STR=$(swaymsg -t get_tree | grep Element || true) - if [ "$STR" == "" ]; then - exec element-desktop - else - exec swaymsg '[app_id=Element]' kill - fi -elif [[ $discord -eq 1 ]]; then - STR=$(swaymsg -t get_tree | grep discord || true) - if [ "$STR" == "" ]; then - exec discord - else - exec swaymsg '[app_id=discord]' kill - fi -elif [[ $spotifyplayer -eq 1 ]]; then - STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui || true) - CHECK=$(swaymsg -t get_tree | grep spotifytui || true) - if [ "$CHECK" == "" ]; then - exec kitty -T spotifytui -o confirm_os_window_close=0 spotify_player & sleep 1 - fi - if [ "$STR" == "" ]; then - exec swaymsg '[title="spotifytui"]' scratchpad show - else - exec swaymsg '[title="spotifytui"]' scratchpad show - fi -fi diff --git a/scripts/checkconfigstatus.sh b/scripts/checkconfigstatus.sh deleted file mode 100755 index 8fa0733..0000000 --- a/scripts/checkconfigstatus.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# CFG=$(git --git-dir=$HOME/.cfg/ --work-tree=$HOME diff --numstat | wc -l) -CFG=$(git --git-dir=$HOME/.dotfiles/.git --work-tree=$HOME/.dotfiles/ status -s | wc -l) -CSE=$(git --git-dir=$HOME/Documents/GitHub/CSE_TUWIEN/.git --work-tree=$HOME/Documents/GitHub/CSE_TUWIEN/ status -s | wc -l) -PASS=$(git --git-dir=$HOME/.local/share/password-store/.git --work-tree=$HOME/.local/share/password-store/ status -s | wc -l) - -if [ $CFG != 0 ]; then - CFG_STR='CONFIG' -else - CFG_STR='' -fi - -if [ $CSE != 0 ]; then - CSE_STR=' CSE' -else - CSE_STR='' -fi - -if [ $PASS != 0 ]; then - PASS_STR=' PASS' -else - PASS_STR='' -fi - -OUT="$CFG_STR""$CSE_STR""$PASS_STR" -echo "$OUT" diff --git a/scripts/checkdiscord.sh b/scripts/checkdiscord.sh deleted file mode 100755 index 5da9ff5..0000000 --- a/scripts/checkdiscord.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | grep discord) -if [ "$STR" == "" ]; then - exec discord - #exec swaymsg '[class=discord]' move container to scratchpad; scratchpad show -else - exec swaymsg '[app_id=discord]' kill -fi -exit 0 diff --git a/scripts/checkelement.sh b/scripts/checkelement.sh deleted file mode 100755 index c52cbde..0000000 --- a/scripts/checkelement.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | grep Element) -if [ "$STR" == "" ]; then - exec element-desktop - #exec swaymsg '[app_id=SchildiChat]' move container to scratchpad; scratchpad show -else - exec swaymsg '[app_id=Element]' kill -fi -exit 0 diff --git a/scripts/checkgomuks.sh b/scripts/checkgomuks.sh deleted file mode 100755 index f900db2..0000000 --- a/scripts/checkgomuks.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep gomuksterm) -CHECK=$(swaymsg -t get_tree | grep gomuksterm) -if [ "$CHECK" == "" ]; then - exec kitty -T gomuksterm -o confirm_os_window_close=0 gomuks & sleep 1 -fi -if [ "$STR" == "" ]; then - exec swaymsg '[title="gomuksterm"]' scratchpad show -else - exec swaymsg '[title="gomuksterm"]' scratchpad show -fi -exit 0 diff --git a/scripts/checkkitty.sh b/scripts/checkkitty.sh deleted file mode 100755 index c5327ee..0000000 --- a/scripts/checkkitty.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm) -CHECK=$(swaymsg -t get_tree | grep kittyterm) -if [ "$CHECK" == "" ]; then - exec kitty -T kittyterm & sleep 1 -fi -if [ "$STR" == "" ]; then - exec swaymsg '[title="kittyterm"]' scratchpad show -else - exec swaymsg '[title="kittyterm"]' scratchpad show -fi -exit 0 diff --git a/scripts/checkschildi.sh b/scripts/checkschildi.sh deleted file mode 100755 index 1bea71d..0000000 --- a/scripts/checkschildi.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | grep SchildiChat) -if [ "$STR" == "" ]; then - exec schildichat-desktop - #exec swaymsg '[app_id=SchildiChat]' move container to scratchpad; scratchpad show -else - exec swaymsg '[app_id=SchildiChat]' kill -fi -exit 0 diff --git a/scripts/checkspotify.sh b/scripts/checkspotify.sh deleted file mode 100755 index b2779c5..0000000 --- a/scripts/checkspotify.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - - -# this is a crutch script that is to be used until spotify -# properly sets an app_id upon launch -swaymsg '[app_id="^$"]' scratchpad show -# exec spotify diff --git a/scripts/checkspotify_actual.sh b/scripts/checkspotify_actual.sh deleted file mode 100755 index c94a93d..0000000 --- a/scripts/checkspotify_actual.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | grep spotify) -if [ "$STR" == "" ]; then - exec spotify & sleep 2 - exec swaymsg '[class="Spotify"]' scratchpad show -else - exec swaymsg '[class="Spotify"]' scratchpad show -fi -exit 0 diff --git a/scripts/checkspotifytui.sh b/scripts/checkspotifytui.sh deleted file mode 100755 index feb7d7d..0000000 --- a/scripts/checkspotifytui.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep spotifytui) -CHECK=$(swaymsg -t get_tree | grep spotifytui) -if [ "$CHECK" == "" ]; then - exec kitty -T spotifytui -o confirm_os_window_close=0 spotify_player & sleep 1 -fi -if [ "$STR" == "" ]; then - exec swaymsg '[title="spotifytui"]' scratchpad show -else - exec swaymsg '[title="spotifytui"]' scratchpad show -fi -exit 0 diff --git a/scripts/editor-wait.sh b/scripts/editor-wait.sh deleted file mode 100644 index 45e0ea3..0000000 --- a/scripts/editor-wait.sh +++ /dev/null @@ -1,13 +0,0 @@ -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm || true ) -if [ "$STR" == "" ]; then - VAR="1" - swaymsg '[title="kittyterm"]' scratchpad show -else - VAR="0" -fi -emacsclient -c -a "" "$@" # open emacs in a new frame, start new daemon if it is dead and open arg -if [ "$VAR" == "1" ] -then - swaymsg '[title="kittyterm"]' scratchpad show -fi -exit 0 diff --git a/scripts/editor.sh b/scripts/editor.sh deleted file mode 100755 index 7abd1d4..0000000 --- a/scripts/editor.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm) -if [ "$STR" == "" ]; then - VAR="1" - swaymsg '[title="kittyterm"]' scratchpad show -else - VAR="0" -fi -emacsclient -c -a "" "$@" # open emacs in a new frame, start new daemon if it is dead and open arg -if [ "$VAR" == "1" ] -then - swaymsg '[title="kittyterm"]' scratchpad show -fi -exit 0 diff --git a/scripts/editor_nowait.sh b/scripts/editor_nowait.sh deleted file mode 100755 index f510733..0000000 --- a/scripts/editor_nowait.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -STR=$(swaymsg -t get_tree | jq -r 'recurse(.nodes[]) | select(.name == "__i3_scratch")' | grep kittyterm) -if [ "$STR" == "" ]; then - VAR="1" - swaymsg '[title="kittyterm"]' scratchpad show - emacsclient -c -a "" "$@" -else - VAR="0" - emacsclient -n -c -a "" "$@" -fi -if [ "$VAR" == "1" ] -then - swaymsg '[title="kittyterm"]' scratchpad show -fi -exit 0 diff --git a/scripts/pass-fuzzel-otp.sh b/scripts/pass-fuzzel-otp.sh deleted file mode 100644 index 3c82ea4..0000000 --- a/scripts/pass-fuzzel-otp.sh +++ /dev/null @@ -1,24 +0,0 @@ -shopt -s nullglob globstar - -typeit=0 -if [[ $# -ge 1 && $1 == "--type" ]]; then - typeit=1 - shift -fi - -export PASSWORD_STORE_DIR=~/.local/share/password-store -prefix=${PASSWORD_STORE_DIR-~/.local/share/password-store} -password_files=( "$prefix"/otp/**/*.gpg ) -password_files=( "${password_files[@]#"$prefix"/}" ) -password_files=( "${password_files[@]%.gpg}" ) - -password=$(printf '%s\n' "${password_files[@]}" | fuzzel --dmenu "$@") - -[[ -n $password ]] || exit - -if [[ $typeit -eq 0 ]]; then - pass otp -c "$password" &>/tmp/pass-fuzzel -else - pass otp "$password" | { IFS= read -r pass; printf %s "$pass"; } | wtype - -fi -notify-send -u critical -a pass -t 1000 "Copied/Typed OTPassword" diff --git a/scripts/server1/doublepuppet.yaml b/scripts/server1/doublepuppet.yaml deleted file mode 100644 index f28f0f7..0000000 --- a/scripts/server1/doublepuppet.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# The ID doesn't really matter, put whatever you want. -id: doublepuppet -# The URL is intentionally left empty (null), as the homeserver shouldn't -# push events anywhere for this extra appservice. If you use a -# non-spec-compliant server, you may need to put some fake URL here. -url: -# Generate random strings for these three fields. Only the as_token really -# matters, hs_token is never used because there's no url, and the default -# user (sender_localpart) is never used either. -as_token: doublepuppet -hs_token: notused -sender_localpart: notused -# Bridges don't like ratelimiting. This should only apply when using the -# as_token, normal user tokens will still be ratelimited. -rate_limited: false -namespaces: - users: - # Replace your\.domain with your server name (escape dots for regex) - - regex: '@.*:matrix2\.swarsel\.win' - # This must be false so the appservice doesn't take over all users completely. - exclusive: false diff --git a/scripts/server1/iptables.sh b/scripts/server1/iptables.sh deleted file mode 100644 index 3b191ce..0000000 --- a/scripts/server1/iptables.sh +++ /dev/null @@ -1,40 +0,0 @@ -#! /usr/bin/env bash -export INTERFACE="tun0" -export VPNUSER="vpn" -export LOCALIP="192.168.1.2" -export NETIF="enp3s0" - -# flushes all the iptables rules, if you have other rules to use then add them into the script -iptables -F -t nat -iptables -F -t mangle -iptables -F -t filter - -# mark packets from $VPNUSER -iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark -iptables -t mangle -A OUTPUT ! --dest $LOCALIP -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT --dest $LOCALIP -p udp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT --dest $LOCALIP -p tcp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT ! --src $LOCALIP -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT -j CONNMARK --save-mark - -# allow responses -iptables -A INPUT -i $INTERFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -# block everything incoming on $INTERFACE to prevent accidental exposing of ports -iptables -A INPUT -i $INTERFACE -j REJECT - -# let $VPNUSER access lo and $INTERFACE -iptables -A OUTPUT -o lo -m owner --uid-owner $VPNUSER -j ACCEPT -iptables -A OUTPUT -o $INTERFACE -m owner --uid-owner $VPNUSER -j ACCEPT - -# all packets on $INTERFACE needs to be masqueraded -iptables -t nat -A POSTROUTING -o $INTERFACE -j MASQUERADE -iptables -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -# reject connections from predator IP going over $NETIF -iptables -A OUTPUT ! --src $LOCALIP -o $NETIF -j REJECT - -# Start routing script -/etc/openvpn/routing.sh - -exit 0 diff --git a/scripts/server1/iptables.sh.bak b/scripts/server1/iptables.sh.bak deleted file mode 100644 index 6048fa9..0000000 --- a/scripts/server1/iptables.sh.bak +++ /dev/null @@ -1,47 +0,0 @@ -#! /usr/bin/env bash -export INTERFACE="tun0" -export VPNUSER="vpn" -export LOCALIP="192.168.1.2" -export NETIF="enp3s0" - -# flushes all the iptables rules, if you have other rules to use then add them into the script -iptables -F -t nat -iptables -F -t mangle -iptables -F -t filter - -# mark packets from $VPNUSER -iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark -iptables -t mangle -A OUTPUT ! --dest $LOCALIP -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT --dest $LOCALIP -p udp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT --dest $LOCALIP -p tcp --dport 53 -m owner --uid-owner $VPNUSER -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT ! --src $LOCALIP -j MARK --set-mark 0x1 -iptables -t mangle -A OUTPUT -j CONNMARK --save-mark - -# allow responses -iptables -A INPUT -i $INTERFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -# block everything incoming on $INTERFACE to prevent accidental exposing of ports -iptables -A INPUT -i $INTERFACE -j REJECT - -# let $VPNUSER access lo and $INTERFACE -iptables -A OUTPUT -o lo -m owner --uid-owner $VPNUSER -j ACCEPT -iptables -A OUTPUT -o $INTERFACE -m owner --uid-owner $VPNUSER -j ACCEPT - -# all packets on $INTERFACE needs to be masqueraded -iptables -t nat -A POSTROUTING -o $INTERFACE -j MASQUERADE -iptables -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - -# reject connections from predator IP going over $NETIF -iptables -A OUTPUT ! --src $LOCALIP -o $NETIF -j REJECT - -VPNIF="tun0" -VPNUSER="vpn" -GATEWAYIP=$(ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1) -if [[ `ip rule list | grep -c 0x1` == 0 ]]; then -ip rule add from all fwmark 0x1 lookup $VPNUSER -fi -ip route replace default via $GATEWAYIP table $VPNUSER -ip route append default via 127.0.0.1 dev lo table $VPNUSER -ip route flush cache - -exit 0 diff --git a/scripts/server1/routing.sh b/scripts/server1/routing.sh deleted file mode 100644 index 1bab5e5..0000000 --- a/scripts/server1/routing.sh +++ /dev/null @@ -1,14 +0,0 @@ -#! /usr/bin/env bash -VPNIF="tun0" -VPNUSER="vpn" -GATEWAYIP=$(ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1) -if [[ `ip rule list | grep -c 0x1` == 0 ]]; then -ip rule add from all fwmark 0x1 lookup $VPNUSER -fi -ip route replace default via $GATEWAYIP table $VPNUSER -ip route append default via 127.0.0.1 dev lo table $VPNUSER -ip route flush cache - -/etc/openvpn/update-resolv-conf - -exit 0 diff --git a/scripts/server1/routing.sh.bak b/scripts/server1/routing.sh.bak deleted file mode 100644 index 64e0664..0000000 --- a/scripts/server1/routing.sh.bak +++ /dev/null @@ -1,14 +0,0 @@ -#! /usr/bin/env bash -VPNIF="tun0" -VPNUSER="vpn" -GATEWAYIP=$(ifconfig $VPNIF | egrep -o '([0-9]{1,3}\.){3}[0-9]{1,3}' | egrep -v '255|(127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})' | tail -n1) -if [[ `ip rule list | grep -c 0x1` == 0 ]]; then -ip rule add from all fwmark 0x1 lookup $VPNUSER -fi -ip route replace default via $GATEWAYIP table $VPNUSER -ip route append default via 127.0.0.1 dev lo table $VPNUSER -ip route flush cache - -bash /etc/openvpn/update-resolv-conf - -exit 0 diff --git a/scripts/server1/update-resolv-conf b/scripts/server1/update-resolv-conf deleted file mode 100644 index f1e5586..0000000 --- a/scripts/server1/update-resolv-conf +++ /dev/null @@ -1,45 +0,0 @@ -#! /usr/bin/env bash -foreign_option_1='dhcp-option DNS 209.222.18.222' -foreign_option_2='dhcp-option DNS 209.222.18.218' -foreign_option_3='dhcp-option DNS 8.8.8.8' - -[ -x /sbin/resolvconf ] || exit 0 -[ "$script_type" ] || exit 0 -[ "$dev" ] || exit 0 - -split_into_parts() -{ - part1="$1" - part2="$2" - part3="$3" -} - -case "$script_type" in - up) - NMSRVRS="" - SRCHS="" - for optionvarname in ${!foreign_option_*} ; do - option="${!optionvarname}" - echo "$option" - split_into_parts $option - if [ "$part1" = "dhcp-option" ] ; then - if [ "$part2" = "DNS" ] ; then - NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3" - elif [ "$part2" = "DOMAIN" ] ; then - SRCHS="${SRCHS:+$SRCHS }$part3" - fi - fi - done - R="" - [ "$SRCHS" ] && R="search $SRCHS -" - for NS in $NMSRVRS ; do - R="${R}nameserver $NS -" - done - echo -n "$R" | /sbin/resolvconf -a "${dev}.openvpn" - ;; - down) - /sbin/resolvconf -d "${dev}.openvpn" - ;; -esac diff --git a/scripts/server1/update-resolv-conf.bak b/scripts/server1/update-resolv-conf.bak deleted file mode 100644 index f1e5586..0000000 --- a/scripts/server1/update-resolv-conf.bak +++ /dev/null @@ -1,45 +0,0 @@ -#! /usr/bin/env bash -foreign_option_1='dhcp-option DNS 209.222.18.222' -foreign_option_2='dhcp-option DNS 209.222.18.218' -foreign_option_3='dhcp-option DNS 8.8.8.8' - -[ -x /sbin/resolvconf ] || exit 0 -[ "$script_type" ] || exit 0 -[ "$dev" ] || exit 0 - -split_into_parts() -{ - part1="$1" - part2="$2" - part3="$3" -} - -case "$script_type" in - up) - NMSRVRS="" - SRCHS="" - for optionvarname in ${!foreign_option_*} ; do - option="${!optionvarname}" - echo "$option" - split_into_parts $option - if [ "$part1" = "dhcp-option" ] ; then - if [ "$part2" = "DNS" ] ; then - NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3" - elif [ "$part2" = "DOMAIN" ] ; then - SRCHS="${SRCHS:+$SRCHS }$part3" - fi - fi - done - R="" - [ "$SRCHS" ] && R="search $SRCHS -" - for NS in $NMSRVRS ; do - R="${R}nameserver $NS -" - done - echo -n "$R" | /sbin/resolvconf -a "${dev}.openvpn" - ;; - down) - /sbin/resolvconf -d "${dev}.openvpn" - ;; -esac diff --git a/scripts/toggle_opacity.sh b/scripts/toggle_opacity.sh deleted file mode 100755 index 2cad615..0000000 --- a/scripts/toggle_opacity.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -swaymsg opacity plus 0.01 - -if [ $? -eq 0 ]; then - # opacity was not 1, we toggle off - swaymsg opacity 1 -else - # opacity was 1, we toggle on - swaymsg opacity 0.95 -fi diff --git a/secrets/keys/authorized_keys b/secrets/keys/authorized_keys deleted file mode 100644 index e908661..0000000 --- a/secrets/keys/authorized_keys +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDd0XXoLfRE0AyasxscEBwMqOnLWPqwz+etGqzVNeSw/RcgnxOi903mlVjCH+jzWMSe2GVSgzgM20j/r9sfE2P1z+wq/RODFS04JM0ltUoFkkm/IDZXQ2piOk7AoVi5ajdx4EiBnXY87jvxh5cCgQltkj3ouPF7FVN/MaN21IgWYB8NgkaVGft//OplodlDQNot17c0sFMibY0HcquwmHhqKOtKM1gT98+jZl0rd1rCqXFOvkesW6FPC4nzirPai+Hizp5gncrkJOZmLLqrjVx6PfpQzqzIhoUn1YS5CpyfXnKZUgx2Oi8SENmWOZ9DxYvDklgEttob37E2bIXbUhOw/u4I3olGFgCsKL6jg0N+d5teEaCZFnzlOp0UMWiUo7lVqq7Bwl3rNka2pxEdZ9v/1+m9cJiP7h6pnKmccVGku57iGIDnsnoTrmo1qbAje+EsmPYbc+qMnTDvOdSHTOXnjsyTd+ADklvMHCUAuf6ku4ktQEhlZxU3PvYvKHa1cTCEXxLWjytIgHgTgab9M5IH29Q55LSRRQBzUdkwjOG6KhsqG+xEE6038EbXr0MGKTm01AFmeVZWewmkSLu2UdoOMiw8mTSQhQFfp2QruYHnh7oJCo7ttKT1sLoRX+TfgQm1ryn/orhReg2GFfmbiLGxaJGVNvjqCxqrIFQXx4ZDHw== cardno:22_412_379 diff --git a/secrets/keys/nbl.pub b/secrets/keys/nbl.pub deleted file mode 100644 index 69f3328..0000000 --- a/secrets/keys/nbl.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC001+6mmxNrM7GtywMVY/ZJi+wx8f+kS6MMjc6260Ed nbl sops