diff --git a/static/.cloudflare.json b/static/.cloudflare.json new file mode 100644 index 0000000..6bc3f16 --- /dev/null +++ b/static/.cloudflare.json @@ -0,0 +1 @@ +{"success":false,"errors":[{"code":6003,"message":"Invalid request headers","error_chain":[{"code":6111,"message":"Invalid format for Authorization header"}]}],"messages":[],"result":null} \ No newline at end of file diff --git a/static/.cloudflare_records.json b/static/.cloudflare_records.json new file mode 100644 index 0000000..df604e9 --- /dev/null +++ b/static/.cloudflare_records.json @@ -0,0 +1 @@ +{"success":false,"errors":[{"code":10000,"message":"Authentication error"}]} diff --git a/static/.cloudflare_zones.json b/static/.cloudflare_zones.json new file mode 100644 index 0000000..0d2d77d --- /dev/null +++ b/static/.cloudflare_zones.json @@ -0,0 +1 @@ +{"result":[{"id":"16c51875073bf7bcb2e1a994e93c570e","name":"ilchub.net","status":"active","paused":false,"type":"full","development_mode":0,"name_servers":["isabel.ns.cloudflare.com","miles.ns.cloudflare.com"],"original_name_servers":["ns25.domaincontrol.com","ns26.domaincontrol.com"],"original_registrar":"godaddy.com, llc (id: 146)","original_dnshost":null,"modified_on":"2020-08-13T10:22:53.002296Z","created_on":"2020-08-09T13:31:41.880166Z","activated_on":"2020-08-13T10:22:53.002296Z","meta":{"step":2,"wildcard_proxiable":false,"custom_certificate_quota":0,"page_rule_quota":3,"phishing_detected":false,"multiple_railguns_allowed":false},"owner":{"id":"5a61029cdf150aaabda864a3edfbd4ad","type":"user","email":"ilchub5@gmail.com"},"account":{"id":"22080e29eeb86c8f287fa5d3320120f7","name":"ilchub5@gmail.com"},"permissions":["#access:edit","#access:read","#analytics:read","#app:edit","#auditlogs:read","#billing:edit","#billing:read","#cache_purge:edit","#dns_records:edit","#dns_records:read","#lb:edit","#lb:read","#legal:edit","#legal:read","#logs:edit","#logs:read","#member:edit","#member:read","#organization:edit","#organization:read","#ssl:edit","#ssl:read","#stream:edit","#stream:read","#subscription:edit","#subscription:read","#teams:edit","#teams:read","#teams:report","#waf:edit","#waf:read","#webhooks:edit","#webhooks:read","#worker:edit","#worker:read","#zone:edit","#zone:read","#zone_settings:edit","#zone_settings:read"],"plan":{"id":"0feeeeeeeeeeeeeeeeeeeeeeeeeeeeee","name":"Free Website","price":0,"currency":"USD","frequency":"","is_subscribed":false,"can_subscribe":false,"legacy_id":"free","legacy_discount":false,"externally_managed":false}},{"id":"6e8d6d873dd09cbceac381c6f854b042","name":"scipttestingengine.tk","status":"active","paused":false,"type":"full","development_mode":0,"name_servers":["isabel.ns.cloudflare.com","miles.ns.cloudflare.com"],"original_name_servers":["isabel.ns.cloudflare.com","miles.ns.cloudflare.com"],"original_registrar":null,"original_dnshost":null,"modified_on":"2020-08-25T11:31:16.631765Z","created_on":"2020-08-25T11:29:57.055635Z","activated_on":"2020-08-25T11:31:16.631765Z","meta":{"step":2,"wildcard_proxiable":false,"custom_certificate_quota":0,"page_rule_quota":3,"phishing_detected":false,"multiple_railguns_allowed":false},"owner":{"id":"5a61029cdf150aaabda864a3edfbd4ad","type":"user","email":"ilchub5@gmail.com"},"account":{"id":"22080e29eeb86c8f287fa5d3320120f7","name":"ilchub5@gmail.com"},"permissions":["#access:edit","#access:read","#analytics:read","#app:edit","#auditlogs:read","#billing:edit","#billing:read","#cache_purge:edit","#dns_records:edit","#dns_records:read","#lb:edit","#lb:read","#legal:edit","#legal:read","#logs:edit","#logs:read","#member:edit","#member:read","#organization:edit","#organization:read","#ssl:edit","#ssl:read","#stream:edit","#stream:read","#subscription:edit","#subscription:read","#teams:edit","#teams:read","#teams:report","#waf:edit","#waf:read","#webhooks:edit","#webhooks:read","#worker:edit","#worker:read","#zone:edit","#zone:read","#zone_settings:edit","#zone_settings:read"],"plan":{"id":"0feeeeeeeeeeeeeeeeeeeeeeeeeeeeee","name":"Free Website","price":0,"currency":"USD","frequency":"","is_subscribed":false,"can_subscribe":false,"legacy_id":"free","legacy_discount":false,"externally_managed":false}}],"result_info":{"page":1,"per_page":20,"total_pages":1,"count":2,"total_count":2},"success":true,"errors":[],"messages":[]} \ No newline at end of file diff --git a/static/.healthz.json b/static/.healthz.json new file mode 100644 index 0000000..e69de29 diff --git a/static/.hetzner_machines.json b/static/.hetzner_machines.json new file mode 100644 index 0000000..2f97f50 --- /dev/null +++ b/static/.hetzner_machines.json @@ -0,0 +1,382 @@ +{ + "servers": [ + { + "id": 6922622, + "name": "nixos", + "status": "running", + "created": "2020-07-29T12:46:54+00:00", + "public_net": { + "ipv4": { + "ip": "135.181.45.111", + "blocked": false, + "dns_ptr": "static.111.45.181.135.clients.your-server.de" + }, + "ipv6": { + "ip": "2a01:4f9:c010:bd04::/64", + "blocked": false, + "dns_ptr": [] + }, + "floating_ips": [] + }, + "private_net": [], + "server_type": { + "id": 2, + "name": "cx11-ceph", + "description": "CX11 Ceph Disk", + "cores": 1, + "memory": 2.0, + "disk": 20, + "deprecated": null, + "prices": [ + { + "location": "fsn1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "nbg1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "hel1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + } + ], + "storage_type": "network", + "cpu_type": "shared" + }, + "datacenter": { + "id": 3, + "name": "hel1-dc2", + "description": "Helsinki 1 DC 2", + "location": { + "id": 3, + "name": "hel1", + "description": "Helsinki DC Park 1", + "country": "FI", + "city": "Helsinki", + "latitude": 60.169855, + "longitude": 24.938379, + "network_zone": "eu-central" + }, + "server_types": { + "supported": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available_for_migration": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ] + } + }, + "image": { + "id": 15512617, + "type": "system", + "status": "available", + "name": "ubuntu-20.04", + "description": "Ubuntu 20.04", + "image_size": null, + "disk_size": 5, + "created": "2020-04-23T17:55:14+00:00", + "created_from": null, + "bound_to": null, + "os_flavor": "ubuntu", + "os_version": "20.04", + "rapid_deploy": true, + "protection": { + "delete": false + }, + "deprecated": null, + "labels": {} + }, + "iso": null, + "rescue_enabled": false, + "locked": false, + "backup_window": null, + "outgoing_traffic": 444788000, + "ingoing_traffic": 7369420000, + "included_traffic": 21990232555520, + "protection": { + "delete": false, + "rebuild": false + }, + "labels": {}, + "volumes": [], + "load_balancers": [], + "primary_disk_size": 20 + }, + { + "id": 7359705, + "name": "nixos-mailserver", + "status": "running", + "created": "2020-08-27T08:29:06+00:00", + "public_net": { + "ipv4": { + "ip": "95.217.162.93", + "blocked": false, + "dns_ptr": "static.93.162.217.95.clients.your-server.de" + }, + "ipv6": { + "ip": "2a01:4f9:c010:807f::/64", + "blocked": false, + "dns_ptr": [] + }, + "floating_ips": [] + }, + "private_net": [], + "server_type": { + "id": 1, + "name": "cx11", + "description": "CX11", + "cores": 1, + "memory": 2.0, + "disk": 20, + "deprecated": null, + "prices": [ + { + "location": "fsn1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "hel1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "nbg1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + } + ], + "storage_type": "local", + "cpu_type": "shared" + }, + "datacenter": { + "id": 3, + "name": "hel1-dc2", + "description": "Helsinki 1 DC 2", + "location": { + "id": 3, + "name": "hel1", + "description": "Helsinki DC Park 1", + "country": "FI", + "city": "Helsinki", + "latitude": 60.169855, + "longitude": 24.938379, + "network_zone": "eu-central" + }, + "server_types": { + "supported": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available_for_migration": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ] + } + }, + "image": { + "id": 15512617, + "type": "system", + "status": "available", + "name": "ubuntu-20.04", + "description": "Ubuntu 20.04", + "image_size": null, + "disk_size": 5, + "created": "2020-04-23T17:55:14+00:00", + "created_from": null, + "bound_to": null, + "os_flavor": "ubuntu", + "os_version": "20.04", + "rapid_deploy": true, + "protection": { + "delete": false + }, + "deprecated": null, + "labels": {} + }, + "iso": null, + "rescue_enabled": false, + "locked": false, + "backup_window": null, + "outgoing_traffic": null, + "ingoing_traffic": null, + "included_traffic": 21990232555520, + "protection": { + "delete": false, + "rebuild": false + }, + "labels": {}, + "volumes": [], + "load_balancers": [], + "primary_disk_size": 20 + } + ], + "meta": { + "pagination": { + "page": 1, + "per_page": 25, + "previous_page": null, + "next_page": null, + "last_page": 1, + "total_entries": 2 + } + } +} diff --git a/static/.machine.json b/static/.machine.json new file mode 100644 index 0000000..2f97f50 --- /dev/null +++ b/static/.machine.json @@ -0,0 +1,382 @@ +{ + "servers": [ + { + "id": 6922622, + "name": "nixos", + "status": "running", + "created": "2020-07-29T12:46:54+00:00", + "public_net": { + "ipv4": { + "ip": "135.181.45.111", + "blocked": false, + "dns_ptr": "static.111.45.181.135.clients.your-server.de" + }, + "ipv6": { + "ip": "2a01:4f9:c010:bd04::/64", + "blocked": false, + "dns_ptr": [] + }, + "floating_ips": [] + }, + "private_net": [], + "server_type": { + "id": 2, + "name": "cx11-ceph", + "description": "CX11 Ceph Disk", + "cores": 1, + "memory": 2.0, + "disk": 20, + "deprecated": null, + "prices": [ + { + "location": "fsn1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "nbg1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "hel1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + } + ], + "storage_type": "network", + "cpu_type": "shared" + }, + "datacenter": { + "id": 3, + "name": "hel1-dc2", + "description": "Helsinki 1 DC 2", + "location": { + "id": 3, + "name": "hel1", + "description": "Helsinki DC Park 1", + "country": "FI", + "city": "Helsinki", + "latitude": 60.169855, + "longitude": 24.938379, + "network_zone": "eu-central" + }, + "server_types": { + "supported": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available_for_migration": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ] + } + }, + "image": { + "id": 15512617, + "type": "system", + "status": "available", + "name": "ubuntu-20.04", + "description": "Ubuntu 20.04", + "image_size": null, + "disk_size": 5, + "created": "2020-04-23T17:55:14+00:00", + "created_from": null, + "bound_to": null, + "os_flavor": "ubuntu", + "os_version": "20.04", + "rapid_deploy": true, + "protection": { + "delete": false + }, + "deprecated": null, + "labels": {} + }, + "iso": null, + "rescue_enabled": false, + "locked": false, + "backup_window": null, + "outgoing_traffic": 444788000, + "ingoing_traffic": 7369420000, + "included_traffic": 21990232555520, + "protection": { + "delete": false, + "rebuild": false + }, + "labels": {}, + "volumes": [], + "load_balancers": [], + "primary_disk_size": 20 + }, + { + "id": 7359705, + "name": "nixos-mailserver", + "status": "running", + "created": "2020-08-27T08:29:06+00:00", + "public_net": { + "ipv4": { + "ip": "95.217.162.93", + "blocked": false, + "dns_ptr": "static.93.162.217.95.clients.your-server.de" + }, + "ipv6": { + "ip": "2a01:4f9:c010:807f::/64", + "blocked": false, + "dns_ptr": [] + }, + "floating_ips": [] + }, + "private_net": [], + "server_type": { + "id": 1, + "name": "cx11", + "description": "CX11", + "cores": 1, + "memory": 2.0, + "disk": 20, + "deprecated": null, + "prices": [ + { + "location": "fsn1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "hel1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + }, + { + "location": "nbg1", + "price_hourly": { + "net": "0.0040000000", + "gross": "0.0040000000000000" + }, + "price_monthly": { + "net": "2.4900000000", + "gross": "2.4900000000000000" + } + } + ], + "storage_type": "local", + "cpu_type": "shared" + }, + "datacenter": { + "id": 3, + "name": "hel1-dc2", + "description": "Helsinki 1 DC 2", + "location": { + "id": 3, + "name": "hel1", + "description": "Helsinki DC Park 1", + "country": "FI", + "city": "Helsinki", + "latitude": 60.169855, + "longitude": 24.938379, + "network_zone": "eu-central" + }, + "server_types": { + "supported": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ], + "available_for_migration": [ + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 22, + 23, + 24, + 25, + 26 + ] + } + }, + "image": { + "id": 15512617, + "type": "system", + "status": "available", + "name": "ubuntu-20.04", + "description": "Ubuntu 20.04", + "image_size": null, + "disk_size": 5, + "created": "2020-04-23T17:55:14+00:00", + "created_from": null, + "bound_to": null, + "os_flavor": "ubuntu", + "os_version": "20.04", + "rapid_deploy": true, + "protection": { + "delete": false + }, + "deprecated": null, + "labels": {} + }, + "iso": null, + "rescue_enabled": false, + "locked": false, + "backup_window": null, + "outgoing_traffic": null, + "ingoing_traffic": null, + "included_traffic": 21990232555520, + "protection": { + "delete": false, + "rebuild": false + }, + "labels": {}, + "volumes": [], + "load_balancers": [], + "primary_disk_size": 20 + } + ], + "meta": { + "pagination": { + "page": 1, + "per_page": 25, + "previous_page": null, + "next_page": null, + "last_page": 1, + "total_entries": 2 + } + } +} diff --git a/static/configuration.nix b/static/configuration.nix index d15c13f..691538b 100644 --- a/static/configuration.nix +++ b/static/configuration.nix @@ -13,7 +13,7 @@ networking.firewall.allowedUDPPorts = [ 443 80 143 993 587 25 465 ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ - + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDBfUx8fxgBgp40J6Tt1JJYX0BqQdLYtvtkKTG4ec/puxfFf7mZ0LUwvfY0uGPmE3qfV1RLgwgDFNwQe4g8pm8gYriptPPN7FjjcvsWy4UF0Knm9hfZ4HXToWDVgROPsivEwgZIs85Dffz28mTTDT3J+4NHS1yC0QHe0b6g9H4zMbJpTFVOhGgyLpOq6gP4dln4dAYhRf59WHf8pR15OItdf/lbhgV+genpC3FHyggun5rauXGdsrJtJR2uQlm9VxjmPQZeD4MBGf5F1ouie8us/gUoxD9QSuJL8vOYqyBgONoFwekI1gzCFbE8BmBCDBd1FPBFedFEDMLexIc4x4CXdgCbJEnnACNpMlYoDDgVEaGj3oszVYabKdN7PmfM1T8fjw1DW0Ia+4RwipjJVyv0v7zefEP0/S4T3uF0oScQfImBRDfMxBEqPIneiGP47Lopa1qaZ/95YRrCLpOscJXCpOKSchhgHmhpVZv0zf63C2GipCkYHqy5NvfMyaF1yoE= dragonhaze@ilchub-net" ]; environment.systemPackages = with pkgs; [ htop diff --git a/static/mailserver.nix b/static/mailserver.nix index b1efa40..061bf77 100644 --- a/static/mailserver.nix +++ b/static/mailserver.nix @@ -12,14 +12,14 @@ mailserver = { enable = true; - fqdn = "example.com"; - domains = [ "example.com" ]; + fqdn = "ilchub.net"; + domains = [ "ilchub.net" ]; # A list of all login accounts. To create the password hashes, use # mkpasswd -m sha-512 "super secret password" loginAccounts = { - "test@example.com" = { - hashedPassword = "$6$ABz9oq7Ha3ddtTeD$qnBACjNEXrwkXdx8UM6sJEM6qeGZSvjNd0KaZEsq.fAHh31Jrxls1OWBgSxSjM200zTqB91v7qlR.hwMESICw1"; + "test@ilchub.net" = { + hashedPassword = "$6$RRdwLtjNCzd.JnNF$xT2J.g2umZtVEPTpHhamTJygBW5mheKcngiePKRbqgj7N13zu.tz3mFBr7OmQVdaO98W.wlE9KRURtWylBeET0"; #aliases = [ # "mail@example.com" @@ -28,7 +28,7 @@ # Make this user the catchAll address for domains blah.com and # example2.com catchAll = [ - "example.com" + "ilchub.net" ]; }; @@ -38,7 +38,7 @@ # loginAccounts addresses. extraVirtualAliases = { # address = forward address; - "admin@example.com" = "test@example.com"; + "admin@ilchub.net" = "test@ilchub.net"; }; # Use Let's Encrypt certificates. Note that this needs to set up a stripped @@ -60,6 +60,6 @@ security.acme = { acceptTerms = true; # Replace the email here! - email = "test@example.com"; + email = "test@ilchub.net"; }; } diff --git a/static/server.sh b/static/server.sh index 295ba93..cb0677b 100755 --- a/static/server.sh +++ b/static/server.sh @@ -16,6 +16,7 @@ InstallDependencies() else echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2; fi wget https://selfprivacy.org/configuration.nix wget https://selfprivacy.org/mailserver.nix + wget https://selfprivacy.org/goss.nix } CollectData() { @@ -92,6 +93,7 @@ ApplyConfig() scp -i ~/.nix-ms/id_rsa goss.yaml "root@$machineip:/root" ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/mailserver.nix /etc/nixos/mailserver.nix ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/configuration.nix /etc/nixos/configuration.nix + ssh -i ~/.nix-ms/id_rsa "root@$machineip" cp /root/goss.nix /etc/nixos/goss.nix sleep 3 ssh -i ~/.nix-ms/id_rsa "root@$machineip" nixos-rebuild switch }