transparency confs
14
1-Privacy-Front-Ends/anonoverflow/docker-compose.yml
Normal file
@ -0,0 +1,14 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
anonymousoverflow:
|
||||
container_name: 'app'
|
||||
build:
|
||||
context: .
|
||||
environment:
|
||||
- APP_URL=https://overflow.datura.network
|
||||
- JWT_SIGNING_SECRET=nkjjijoijfeioijjfze
|
||||
ports:
|
||||
- '127.0.0.1:8081:8080'
|
||||
restart: 'always'
|
||||
|
21
1-Privacy-Front-Ends/anonoverflow/nginx.conf
Normal file
@ -0,0 +1,21 @@
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name overflow.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/overflow.datura.network/overflow.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/overflow.datura.network/overflow.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name overflow.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://overflow.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_pass http://localhost:8081;
|
||||
}
|
||||
|
||||
}
|
||||
|
19
1-Privacy-Front-Ends/binternet/docker-compose.yml
Normal file
@ -0,0 +1,19 @@
|
||||
version: '3.3'
|
||||
services:
|
||||
binternet:
|
||||
container_name: binternet
|
||||
image: ghcr.io/ahwxorg/binternet:latest
|
||||
ports:
|
||||
- '127.0.0.1:8861:80'
|
||||
networks:
|
||||
- binternet
|
||||
|
||||
|
||||
networks:
|
||||
binternet:
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 172.16.55.0/24
|
||||
|
||||
|
40
1-Privacy-Front-Ends/binternet/nginx.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name binternet.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name binternet.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/binternet.datura.network/binternet.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/binternet.datura.network/binternet.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name binternet.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://binternet.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
#add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8861;
|
||||
}
|
||||
}
|
||||
|
67
1-Privacy-Front-Ends/cringe/docker-compose.yml
Normal file
@ -0,0 +1,67 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
web:
|
||||
container_name: proxitok-web
|
||||
image: ghcr.io/pablouser1/proxitok:master
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- 127.0.0.1:8083:8080
|
||||
environment:
|
||||
- LATTE_CACHE=/cache
|
||||
- API_CACHE=redis
|
||||
- REDIS_HOST=proxitok-redis
|
||||
- REDIS_PORT=6379
|
||||
- API_SIGNER=remote
|
||||
- API_SIGNER_URL=http://proxitok-signer:8080/signature
|
||||
volumes:
|
||||
- proxitok-cache:/cache
|
||||
depends_on:
|
||||
- redis
|
||||
- signer
|
||||
networks:
|
||||
- proxitok
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- CHOWN
|
||||
- SETGID
|
||||
- SETUID
|
||||
|
||||
redis:
|
||||
container_name: proxitok-redis
|
||||
image: redis:7-alpine
|
||||
command: redis-server --save 60 1 --loglevel warning
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- proxitok
|
||||
user: nobody
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
tmpfs:
|
||||
- /data:size=10M,mode=0770,uid=65534,gid=65534,noexec,nosuid,nodev
|
||||
cap_drop:
|
||||
- ALL
|
||||
|
||||
signer:
|
||||
container_name: proxitok-signer
|
||||
image: ghcr.io/pablouser1/signtok:master
|
||||
#init: true
|
||||
networks:
|
||||
- proxitok
|
||||
user: nobody
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
|
||||
volumes:
|
||||
proxitok-cache:
|
||||
|
||||
networks:
|
||||
proxitok:
|
||||
|
42
1-Privacy-Front-Ends/cringe/nginx.conf
Normal file
@ -0,0 +1,42 @@
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name cringe.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/cringe.datura.network/cringe.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/cringe.datura.network/cringe.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name cringe.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://cringe.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_tickets off;
|
||||
#ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
# Security Headers
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; img-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; media-src 'self' blob: video.twimg.com; worker-src 'self' blob:; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; connect-src 'self' https://*.twimg.com; manifest-src 'self'";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8083;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
add_header Content-Type text/plain;
|
||||
return 200 "User-agent: *\nDisallow: /\n";
|
||||
}
|
||||
}
|
||||
|
8
1-Privacy-Front-Ends/invidious/crontab.txt
Normal file
@ -0,0 +1,8 @@
|
||||
#invidious cronjobs
|
||||
0 0,6,12,18 * * * docker-compose -f /srv/invidious/docker-compose.yml stop ; docker-compose -f /srv/invidious/docker-compose.yml up -d
|
||||
|
||||
#@hourly docker-compose -f /srv/invidious/docker-compose.yml stop ; docker-compose -f /srv/invidious/docker-compose.yml up -d
|
||||
@weekly docker-compose -f /srv/invidious/docker-compose.yml down --remove-orphans ; cp /srv/invidious/docker-compose.yml /srv/invidious.docker-compose.yml.backup ; git -C /srv/invidious reset --hard; git -C /srv/invidious pull ; cp /srv/invidious.docker-compose.yml.backup /srv/invidious/docker-compose.yml ; docker image prune -f ; docker-compose -f /srv/invidious/docker-compose.yml pull ;docker-compose -f /srv/invidious/docker-compose.yml up -d --build --force-recreate # monthly invidious upgrade!
|
||||
@daily /usr/bin/python3 /srv/smart-ipv6-rotator/smart-ipv6-rotator.py clean ; /usr/bin/python3 /srv/smart-ipv6-rotator/smart-ipv6-rotator.py run --ipv6range="IPV6RANGE::/64"
|
||||
|
||||
|
156
1-Privacy-Front-Ends/invidious/docker-compose.yml
Normal file
@ -0,0 +1,156 @@
|
||||
# Warning: This docker-compose file is made for development purposes.
|
||||
# Using it will build an image from the locally cloned repository.
|
||||
#
|
||||
# If you want to use Invidious in production, see the docker-compose.yml file provided
|
||||
# in the installation documentation: https://docs.invidious.io/installation/
|
||||
|
||||
version: "3"
|
||||
services:
|
||||
|
||||
ipv6nat:
|
||||
container_name: ipv6nat
|
||||
privileged: true
|
||||
network_mode: host
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- '/var/run/docker.sock:/var/run/docker.sock:ro'
|
||||
- '/lib/modules:/lib/modules:ro'
|
||||
image: robbertkl/ipv6nat
|
||||
|
||||
invidious:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: docker/Dockerfile
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- invidious
|
||||
sysctls:
|
||||
- net.ipv6.conf.all.disable_ipv6=0
|
||||
ports:
|
||||
- "127.0.0.1:3000:3000"
|
||||
environment:
|
||||
# Please read the following file for a comprehensive list of all available
|
||||
# configuration options and their associated syntax:
|
||||
# https://github.com/iv-org/invidious/blob/master/config/config.example.yml
|
||||
INVIDIOUS_CONFIG: |
|
||||
db:
|
||||
dbname: invidious
|
||||
user: kemal
|
||||
password: kemal
|
||||
host: invidious-db
|
||||
port: 5432
|
||||
check_tables: true
|
||||
external_port: 443
|
||||
domain: iv.datura.network
|
||||
https_only: true
|
||||
registration_enabled: true
|
||||
login_enabled: true
|
||||
statistics_enabled: true
|
||||
hmac_key: "aeazhoiuéhouhorhnohnhr"
|
||||
force_resolve: ipv6
|
||||
banner: '<p><b>Datura Network</b> - <a style="color: orange;" href="https://github.com/iv-org/smart-ipv6-rotator"><u>IPv6 rotating instance</u></a> - <b><a style="color: purple;" href="http://iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/"><u>Onion Link</u></a></b> - <a style="color: green;" href="https://matrix.to/#/#nihilism:m.datura.network"><u>Matrix Chat</u></a> - Local Proxying + Dash by default (since 02/11/2023) </p> <p style="font-size: 14px;"> Donate Monero: <span style="color: orange;"> 82w95Xt27wfSLW1UzK48LrXDWngZr4FJ3gYqUVxQ9inQC2JReT81DesKmjcMWWbiBT4k517UwshY53aDPFuvE8AZ1EnYJZu</span> (Yearly server costs: 400€) </p>'
|
||||
|
||||
#banner: '<p><b>Datura Network</b> - <b><a style="color: red;">Test Instance (With Registrations) </a></b> - Local Proxying + DASH by default </p> <p style="font-size: 14px;"> Donate Monero: <span style="color: orange;"> 82w95Xt27wfSLW1UzK48LrXDWngZr4FJ3gYqUVxQ9inQC2JReT81DesKmjcMWWbiBT4k517UwshY53aDPFuvE8AZ1EnYJZu</span> </p>'
|
||||
default_user_preferences:
|
||||
dark_mode: "dark"
|
||||
default_home: "Search"
|
||||
popular_enabled: true
|
||||
feed_menu: ["Subscriptions", "Playlists"]
|
||||
autoplay: true
|
||||
continue: true
|
||||
continue_autoplay: true
|
||||
#local: false
|
||||
local: true
|
||||
#quality: 720p
|
||||
quality: dash
|
||||
quality_dash: auto
|
||||
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
|
||||
invidious-tor:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: docker/Dockerfile
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- invidious
|
||||
sysctls:
|
||||
- net.ipv6.conf.all.disable_ipv6=0
|
||||
ports:
|
||||
- "127.0.0.1:3002:3000"
|
||||
environment:
|
||||
# Please read the following file for a comprehensive list of all available
|
||||
# configuration options and their associated syntax:
|
||||
# https://github.com/iv-org/invidious/blob/master/config/config.example.yml
|
||||
INVIDIOUS_CONFIG: |
|
||||
db:
|
||||
dbname: invidious
|
||||
user: kemal
|
||||
password: kemal
|
||||
host: invidious-db
|
||||
port: 5432
|
||||
check_tables: true
|
||||
external_port: 443
|
||||
domain: iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
|
||||
https_only: false
|
||||
registration_enabled: true
|
||||
login_enabled: true
|
||||
statistics_enabled: true
|
||||
hmac_key: "ejajezaouhfouhoouhfohaeo"
|
||||
force_resolve: ipv6
|
||||
banner: '<p><b>Datura Network</b> - <a style="color: orange;" href="https://github.com/iv-org/smart-ipv6-rotator"><u>IPv6 rotating instance</u></a> - <b><a style="color: purple;" href="http://iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/"><u>Onion Link</u></a></b> - <a style="color: green;" href="https://matrix.to/#/#nihilism:m.datura.network"><u>Matrix Chat</u></a> - Local Proxying + Dash by default (since 02/11/2023) </p> <p style="font-size: 14px;"> Donate Monero: <span style="color: orange;"> 82w95Xt27wfSLW1UzK48LrXDWngZr4FJ3gYqUVxQ9inQC2JReT81DesKmjcMWWbiBT4k517UwshY53aDPFuvE8AZ1EnYJZu</span> (Yearly server costs: 400€) </p>'
|
||||
|
||||
default_user_preferences:
|
||||
dark_mode: "dark"
|
||||
default_home: "Search"
|
||||
popular_enabled: true
|
||||
feed_menu: ["Subscriptions", "Playlists"]
|
||||
autoplay: true
|
||||
continue: true
|
||||
continue_autoplay: true
|
||||
#local: false
|
||||
local: true
|
||||
#quality: 720p
|
||||
quality: dash
|
||||
quality_dash: auto
|
||||
|
||||
healthcheck:
|
||||
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 2
|
||||
|
||||
|
||||
invidious-db:
|
||||
image: docker.io/library/postgres:14
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- invidious
|
||||
sysctls:
|
||||
- net.ipv6.conf.all.disable_ipv6=0
|
||||
volumes:
|
||||
- postgresdata:/var/lib/postgresql/data
|
||||
- ./config/sql:/config/sql
|
||||
- ./docker/init-invidious-db.sh:/docker-entrypoint-initdb.d/init-invidious-db.sh
|
||||
environment:
|
||||
POSTGRES_DB: invidious
|
||||
POSTGRES_USER: kemal
|
||||
POSTGRES_PASSWORD: kemal
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
||||
|
||||
|
||||
volumes:
|
||||
postgresdata:
|
||||
|
||||
networks:
|
||||
invidious:
|
||||
enable_ipv6: true
|
||||
ipam:
|
||||
config:
|
||||
- subnet: fd00:dead:beec::/48
|
||||
|
33
1-Privacy-Front-Ends/invidious/nginx.conf
Normal file
@ -0,0 +1,33 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
|
||||
|
||||
######## TOR CHANGES ########
|
||||
#listen 4443;
|
||||
#listen [::]:4443;
|
||||
#server_name iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
server_name iv.datura.network;
|
||||
|
||||
access_log off;
|
||||
error_log /var/log/nginx/error.log crit;
|
||||
|
||||
ssl_certificate /root/.acme.sh/iv.datura.network/fullchain.cer;
|
||||
ssl_certificate_key /root/.acme.sh/iv.datura.network/iv.datura.network.key;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3000;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header Host $host; # so Invidious knows domain
|
||||
proxy_http_version 1.1; # to keep alive
|
||||
proxy_set_header Connection ""; # to keep alive
|
||||
}
|
||||
|
||||
if ($https = '') { return 301 https://$host$request_uri; } # if not connected to HTTPS, perma-redirect to HTTPS
|
||||
}
|
||||
|
29
1-Privacy-Front-Ends/invidious/nginx.conf.tor
Normal file
@ -0,0 +1,29 @@
|
||||
server {
|
||||
listen 443;
|
||||
listen [::]:443;
|
||||
server_name iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
if ($https != '') { return 301 http://$host$request_uri; } # if not connected to HTTP, perma-redirect to HTTP
|
||||
}
|
||||
|
||||
server {
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://iv.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
access_log off;
|
||||
error_log /var/log/nginx/error.log crit;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3002;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header Host $host; # so Invidious knows domain
|
||||
proxy_http_version 1.1; # to keep alive
|
||||
proxy_set_header Connection ""; # to keep alive
|
||||
}
|
||||
|
||||
if ($https != '') { return 301 http://$host$request_uri; } # if not connected to HTTP, perma-redirect to HTTP
|
||||
}
|
||||
|
16
1-Privacy-Front-Ends/libmedium/config/default.toml
Normal file
@ -0,0 +1,16 @@
|
||||
debug = true
|
||||
source_code = "https://github.com/realaravinth/libmedium"
|
||||
#cache = "/var/lib/libmedium"
|
||||
|
||||
[server]
|
||||
# The port at which you want authentication to listen to
|
||||
# takes a number, choose from 1000-10000 if you dont know what you are doing
|
||||
port = 7000
|
||||
#IP address. Enter 0.0.0.0 to listen on all availale addresses
|
||||
ip= "0.0.0.0"
|
||||
# enter your hostname, eg: example.com
|
||||
domain = "localhost"
|
||||
allow_registration = true
|
||||
proxy_has_tls = false
|
||||
#workers = 2
|
||||
|
10
1-Privacy-Front-Ends/libmedium/docker-compose.yml
Normal file
@ -0,0 +1,10 @@
|
||||
version: "3"
|
||||
services:
|
||||
libmedium:
|
||||
image: realaravinth/libmedium:latest
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "127.0.0.1:8854:7000"
|
||||
volumes:
|
||||
- ./config/default.toml:/etc/libmedium/config.toml
|
||||
|
53
1-Privacy-Front-Ends/libmedium/nginx.conf
Normal file
@ -0,0 +1,53 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name libmedium.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name libmedium.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/libmedium.datura.network/fullchain.cer;
|
||||
ssl_certificate_key /root/.acme.sh/libmedium.datura.network/libmedium.datura.network.key;
|
||||
ssl_dhparam /root/.acme.sh/dhparam.pem;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name libmedium.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://libmedium.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
# SSL Settings
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
# OCSP stapling
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate /root/.acme.sh/libmedium.datura.network/fullchain.cer;
|
||||
resolver 1.1.1.1 208.67.222.222;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8854;
|
||||
}
|
||||
}
|
||||
|
52
1-Privacy-Front-Ends/libremdb/docker-compose.yml
Normal file
@ -0,0 +1,52 @@
|
||||
# docker-compose.yml
|
||||
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
libremdb:
|
||||
container_name: libremdb
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
ports:
|
||||
- "127.0.0.1:8864:3000"
|
||||
env_file: .env.local.example
|
||||
depends_on:
|
||||
- libremdb-redis
|
||||
restart: always
|
||||
user: 65534:65534 # equivalent to the nobody user
|
||||
read_only: true
|
||||
tmpfs:
|
||||
- /opt/app/.next/cache/:size=10M,mode=0770,uid=65534,gid=65534,noexec,nosuid,nodev
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
networks:
|
||||
- libremdb
|
||||
|
||||
libremdb-redis:
|
||||
container_name: libremdb_redis
|
||||
image: redis
|
||||
# FOR DEBUGGING ONLY
|
||||
# ports:
|
||||
# - "6379:6379"
|
||||
restart: always
|
||||
user: nobody
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
tmpfs:
|
||||
- /data:size=10M,mode=0770,uid=65534,gid=65534,noexec,nosuid,nodev
|
||||
cap_drop:
|
||||
- ALL
|
||||
networks:
|
||||
- libremdb
|
||||
|
||||
networks:
|
||||
libremdb:
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 172.16.57.0/24
|
||||
|
45
1-Privacy-Front-Ends/libremdb/env
Normal file
@ -0,0 +1,45 @@
|
||||
################################################################################
|
||||
### PLEASE FILL/ENABLE REQUIRED VARS AT LEAST BEFORE RUNNING THE APPLICATION ###
|
||||
################################################################################
|
||||
|
||||
################################################################################
|
||||
### 1. REQUIRED VARS(site may not work as expected without these).
|
||||
################################################################################
|
||||
## used for meta tags. e.g: 'https://libremdb.iket.me'. don't add end slash.
|
||||
NEXT_PUBLIC_URL= https://libremdb.datura.network
|
||||
## used when fetching data from IMDb. not adding these could result in not getting any response.
|
||||
## example useragent header: 'Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0'
|
||||
AXIOS_USERAGENT=Mozilla/5.0 (X11; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0
|
||||
## example accept header: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8'
|
||||
AXIOS_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
|
||||
|
||||
################################################################################
|
||||
### 2. OPTIONAL VARS(enabling these is encouraged)
|
||||
################################################################################
|
||||
## for forcing a certain language for data we get from imdb. Useful when you don't want your IP to determine the preferred language.
|
||||
# AXIOS_LANGUAGE='en-US,en;q=0.5'
|
||||
## comment it out if you wish to enable nextjs stats collection. more at https://nextjs.org/telemetry
|
||||
NEXT_TELEMETRY_DISABLED=1
|
||||
|
||||
################################################################################
|
||||
### 3. REDIS CONFIG(optional if you don't need redis)
|
||||
################################################################################
|
||||
## enables caching of api routes as well as media
|
||||
# USE_REDIS=true
|
||||
## in case you don't want to cache media but only api routes
|
||||
# USE_REDIS_FOR_API_ONLY=true
|
||||
## ttl for media and api
|
||||
# REDIS_CACHE_TTL_API=3600
|
||||
# REDIS_CACHE_TTL_MEDIA=3600
|
||||
## for docker, just set the domain to the container name, default is 'libremdb_redis'
|
||||
# REDIS_URL=localhost:6379
|
||||
|
||||
################################################################################
|
||||
### 4. INSTANCE META FIELDS(not required but good to have)
|
||||
################################################################################
|
||||
## example: 'https://iket.me'.
|
||||
NEXT_PUBLIC_INSTANCE_MAIN_URL= https://libremdb.datura.network
|
||||
## eg: 'zyachel'
|
||||
NEXT_PUBLIC_INSTANCE_NAME= Datura
|
||||
|
||||
|
40
1-Privacy-Front-Ends/libremdb/nginx.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name libremdb.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name libremdb.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/libremdb.datura.network/libremdb.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/libremdb.datura.network/libremdb.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name libremdb.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://libremdb.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8864;
|
||||
}
|
||||
}
|
||||
|
46
1-Privacy-Front-Ends/pixivfe/docker-compose.yml
Normal file
@ -0,0 +1,46 @@
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
pixivfe:
|
||||
container_name: pixivfe
|
||||
hostname: pixivfe
|
||||
restart: unless-stopped
|
||||
user: 1000:1000
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
cap_drop:
|
||||
- ALL
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
ports:
|
||||
- "127.0.0.1:8862:8862" # Specify `127.0.0.1:8282:8282` instead if using a reverse proxy
|
||||
env_file: .env
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://127.0.0.1:8282/about"]
|
||||
interval: 30s
|
||||
timeout: 3s
|
||||
start_period: 15s
|
||||
retries: 3
|
||||
secrets:
|
||||
- pixivfe_token
|
||||
networks:
|
||||
- pixivfe
|
||||
|
||||
|
||||
secrets:
|
||||
pixivfe_token:
|
||||
# Copy the contents of the `PHPSESSID` cookie into `pixivfe_token.txt`
|
||||
# See ./doc/How-to-get-the-cookie-(PIXIVFE_TOKEN) for instructions
|
||||
file: ./docker/pixivfe_token.txt
|
||||
|
||||
|
||||
|
||||
networks:
|
||||
pixivfe:
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 172.16.56.0/24
|
||||
|
1
1-Privacy-Front-Ends/pixivfe/docker/pixivfe_token.txt
Normal file
@ -0,0 +1 @@
|
||||
12zd156az1641za6d4az5d416az51d464az6d5a64z
|
14
1-Privacy-Front-Ends/pixivfe/env
Normal file
@ -0,0 +1,14 @@
|
||||
# -- PixivFE configuration
|
||||
# See ./doc/Environment-variables.md for more details
|
||||
|
||||
# -- Required
|
||||
# PIXIVFE_TOKEN=changethis # Only set here if not using a secret
|
||||
PIXIVFE_PORT=8862
|
||||
PIXIVFE_IMAGEPROXY=https://pximg.exozy.me
|
||||
#PIXIVFE_IMAGEPROXY=https://www.pixiv.net
|
||||
|
||||
# -- Optional
|
||||
# PIXIVFE_USERAGENT=
|
||||
# PIXIVFE_BASEURL=
|
||||
# PIXIVFE_ACCEPTLANGUAGE=
|
||||
|
40
1-Privacy-Front-Ends/pixivfe/nginx.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name pixivfe.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name pixivfe.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/pixivfe.datura.network/pixivfe.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/pixivfe.datura.network/pixivfe.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name pixivfe.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://pixivfe.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
#add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8862;
|
||||
}
|
||||
}
|
||||
|
48
1-Privacy-Front-Ends/priviblur/config.toml
Normal file
@ -0,0 +1,48 @@
|
||||
# Controls deployment options
|
||||
[deployment]
|
||||
host = "0.0.0.0"
|
||||
port = 8000
|
||||
|
||||
# Amount of worker Priviblur instances to spawn. Increases speed significantly.
|
||||
workers = 30
|
||||
|
||||
# # If you're running Priviblur behind a remote proxy, one or more of the following must be set
|
||||
# # can also be set via env variables by captialzing and prefixing with PRIVIBLUR_
|
||||
# #
|
||||
# # For more information see
|
||||
# # https://sanic.dev/en/guide/advanced/proxy-headers.html
|
||||
# #
|
||||
# # Default: None
|
||||
# #
|
||||
# forwarded_secret =
|
||||
# real_ip_header =
|
||||
# proxies_count =
|
||||
|
||||
# Controls behaviors pertaining to the way Priviblur requests Tumblr
|
||||
[priviblur_backend]
|
||||
# # Timeout for requests to Tumblr's API
|
||||
main_response_timeout = 10
|
||||
|
||||
# # Timeout for fetching image responses from Tumblr
|
||||
image_response_timeout = 30
|
||||
|
||||
|
||||
# Controls logging behavior
|
||||
#
|
||||
# Use Python's numerical logging levels
|
||||
# https://docs.python.org/3/howto/logging.html#logging-levels
|
||||
[logging]
|
||||
# # Sanic (Server)'s logging level'
|
||||
# sanic_logging_level = 30
|
||||
|
||||
# # Priviblur's logging level
|
||||
# priviblur_logging_level = 30
|
||||
|
||||
# # Priviblur extractor's logging level
|
||||
# priviblur_extractor_logging_level = 20
|
||||
|
||||
[misc]
|
||||
# # Enable sanic's dev mode
|
||||
# dev_mode = false
|
||||
|
||||
|
12
1-Privacy-Front-Ends/priviblur/docker-compose.yml
Normal file
@ -0,0 +1,12 @@
|
||||
version: "3"
|
||||
services:
|
||||
priviblur:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: docker/Dockerfile
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "127.0.0.1:8865:8000"
|
||||
volumes:
|
||||
- ./config.toml:/priviblur/config.toml:Z,ro
|
||||
|
40
1-Privacy-Front-Ends/priviblur/nginx.conf
Normal file
@ -0,0 +1,40 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name priviblur.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name priviblur.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/priviblur.datura.network/priviblur.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/priviblur.datura.network/priviblur.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name priviblur.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://priviblur.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8865;
|
||||
}
|
||||
}
|
||||
|
32
1-Privacy-Front-Ends/redlib/docker-compose.yml
Normal file
@ -0,0 +1,32 @@
|
||||
version: "3"
|
||||
services:
|
||||
redlib:
|
||||
image: quay.io/redlib/redlib:latest
|
||||
# image: quay.io/redlib/redlib:latest-arm # uncomment if you use arm64
|
||||
# image: quay.io/redlib/redlib:latest-armv7 # uncomment if you use armv7
|
||||
restart: always
|
||||
container_name: "redlib"
|
||||
ports:
|
||||
- "127.0.0.1:8857:8080" # Specify `127.0.0.1:8080:8080` instead if using a reverse proxy
|
||||
user: nobody
|
||||
read_only: true
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
# - seccomp=seccomp-redlib.json
|
||||
cap_drop:
|
||||
- ALL
|
||||
env_file: .env
|
||||
healthcheck:
|
||||
test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
|
||||
interval: 5m
|
||||
timeout: 3s
|
||||
networks:
|
||||
- redlib
|
||||
|
||||
networks:
|
||||
redlib:
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 172.16.52.0/24
|
||||
|
47
1-Privacy-Front-Ends/redlib/env
Normal file
@ -0,0 +1,47 @@
|
||||
# Redlib configuration
|
||||
# See the Configuration section of the README for a more detailed explanation of these settings.
|
||||
|
||||
# Instance-specific settings
|
||||
# Enable SFW-only mode for the instance
|
||||
REDLIB_SFW_ONLY=off
|
||||
# Set a banner message for the instance
|
||||
REDLIB_BANNER="Datura Network says fuck you redit"
|
||||
# Disable search engine indexing
|
||||
REDLIB_ROBOTS_DISABLE_INDEXING=off
|
||||
# Set the Pushshift frontend for "removed" links
|
||||
REDLIB_PUSHSHIFT_FRONTEND=www.unddit.com
|
||||
|
||||
# Default user settings
|
||||
# Set the default theme (options: system, light, dark, black, dracula, nord, laserwave, violet, gold, rosebox, gruvboxdark, gruvboxlight)
|
||||
REDLIB_DEFAULT_THEME=violet
|
||||
# Set the default front page (options: default, popular, all)
|
||||
REDLIB_DEFAULT_FRONT_PAGE=default
|
||||
# Set the default layout (options: card, clean, compact)
|
||||
REDLIB_DEFAULT_LAYOUT=card
|
||||
# Enable wide mode by default
|
||||
REDLIB_DEFAULT_WIDE=off
|
||||
# Set the default post sort method (options: hot, new, top, rising, controversial)
|
||||
REDLIB_DEFAULT_POST_SORT=hot
|
||||
# Set the default comment sort method (options: confidence, top, new, controversial, old)
|
||||
REDLIB_DEFAULT_COMMENT_SORT=confidence
|
||||
# Enable showing NSFW content by default
|
||||
REDLIB_DEFAULT_SHOW_NSFW=on
|
||||
# Enable blurring NSFW content by default
|
||||
REDLIB_DEFAULT_BLUR_NSFW=off
|
||||
# Enable HLS video format by default
|
||||
REDLIB_DEFAULT_USE_HLS=on
|
||||
# Hide HLS notification by default
|
||||
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=off
|
||||
# Disable autoplay videos by default
|
||||
REDLIB_DEFAULT_AUTOPLAY_VIDEOS=on
|
||||
# Define a default list of subreddit subscriptions (format: sub1+sub2+sub3)
|
||||
REDLIB_DEFAULT_SUBSCRIPTIONS=onions+deepweb+TOR+psychonaut+monero+darknet+Drugs+hacking+news+4chan+darkwebhacking+LSD+PsychedelicStudies+PsychedelicTherapy+PsychedelicArt+RationalPsychonaut+shrooms+drugnerds+researchchemicals+psychedelics+replications
|
||||
# Hide awards by default
|
||||
REDLIB_DEFAULT_HIDE_AWARDS=off
|
||||
# Disable the confirmation before visiting Reddit
|
||||
REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION=off
|
||||
# Hide score by default
|
||||
REDLIB_DEFAULT_HIDE_SCORE=off
|
||||
# Enable fixed navbar by default
|
||||
REDLIB_DEFAULT_FIXED_NAVBAR=on
|
||||
|
42
1-Privacy-Front-Ends/redlib/nginx.conf
Normal file
@ -0,0 +1,42 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name redlib.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name redlib.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/redlib.datura.network/redlib.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/redlib.datura.network/redlib.datura.network.key;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name redlib.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://redlib.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
#add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8857;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header HOST $http_host;
|
||||
}
|
||||
}
|
||||
|
20
1-Privacy-Front-Ends/safetwitch/api.nginx.conf
Normal file
@ -0,0 +1,20 @@
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name api.safetwitch.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/api.safetwitch.datura.network/api.safetwitch.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/api.safetwitch.datura.network/api.safetwitch.datura.network.key;
|
||||
|
||||
access_log off;
|
||||
error_log off;
|
||||
|
||||
|
||||
location / {
|
||||
#root /app;
|
||||
#index index.html;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_pass http://localhost:5071;
|
||||
#try_files $uri $uri/ /index.html;
|
||||
}
|
||||
}
|
||||
|
20
1-Privacy-Front-Ends/safetwitch/docker-compose.yml
Normal file
@ -0,0 +1,20 @@
|
||||
version: "3.7"
|
||||
services:
|
||||
safetwitch-frontend:
|
||||
image: codeberg.org/dragongoose/safetwitch:latest
|
||||
ports:
|
||||
- "127.0.0.1:5070:80"
|
||||
environment:
|
||||
- SAFETWITCH_BACKEND_DOMAIN=api.safetwitch.datura.network
|
||||
- SAFETWITCH_INSTANCE_DOMAIN=safetwitch.datura.network
|
||||
- SAFETWITCH_HTTPS=true
|
||||
restart: always
|
||||
safetwitch-backend:
|
||||
image: codeberg.org/dragongoose/safetwitch-backend:latest
|
||||
ports:
|
||||
- "127.0.0.1:5071:7000"
|
||||
environment:
|
||||
- PORT=7000
|
||||
- URL=https://api.safetwitch.datura.network
|
||||
restart: always
|
||||
|
7
1-Privacy-Front-Ends/safetwitch/env
Normal file
@ -0,0 +1,7 @@
|
||||
SAFETWITCH_BACKEND_DOMAIN=localhost:7000
|
||||
SAFETWITCH_INSTANCE_DOMAIN=localhost:5173
|
||||
SAFETWITCH_HTTPS=false
|
||||
SAFETWITCH_DEFAULT_LOCALE=en
|
||||
SAFETWITCH_FALLBACK_LOCALE=ja
|
||||
VUE_APP_I18N_LOCALE=en
|
||||
VUE_APP_I18N_FALLBACK_LOCALE=ja
|
26
1-Privacy-Front-Ends/safetwitch/nginx.conf
Normal file
@ -0,0 +1,26 @@
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name safetwitch.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/safetwitch.datura.network/safetwitch.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/safetwitch.datura.network/safetwitch.datura.network.key;
|
||||
|
||||
access_log off;
|
||||
error_log off;
|
||||
|
||||
|
||||
location / {
|
||||
#root /app;
|
||||
#index index.html;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_pass http://localhost:5070;
|
||||
#try_files $uri $uri/ /index.html;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name safetwitch.datura.network;
|
||||
return 301 https://safetwitch.datura.network$request_uri;
|
||||
}
|
||||
|
68
1-Privacy-Front-Ends/searxng/docker-compose.yml
Normal file
@ -0,0 +1,68 @@
|
||||
version: "3.7"
|
||||
|
||||
services:
|
||||
#caddy:
|
||||
# container_name: caddy
|
||||
# image: caddy:2-alpine
|
||||
# network_mode: host
|
||||
# volumes:
|
||||
# - ./Caddyfile:/etc/caddy/Caddyfile:ro
|
||||
# - caddy-data:/data:rw
|
||||
# - caddy-config:/config:rw
|
||||
# environment:
|
||||
# - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost:80}
|
||||
# - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
|
||||
# cap_drop:
|
||||
# - ALL
|
||||
# cap_add:
|
||||
# - NET_BIND_SERVICE
|
||||
|
||||
redis:
|
||||
container_name: redis
|
||||
image: docker.io/library/redis:alpine
|
||||
command: redis-server --save 30 1 --loglevel warning
|
||||
networks:
|
||||
- searxng
|
||||
volumes:
|
||||
- redis-data:/data
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- SETGID
|
||||
- SETUID
|
||||
- DAC_OVERRIDE
|
||||
|
||||
searxng:
|
||||
container_name: searxng
|
||||
image: searxng/searxng:latest
|
||||
networks:
|
||||
- searxng
|
||||
ports:
|
||||
- "127.0.0.1:8877:8080"
|
||||
volumes:
|
||||
- ./searxng:/etc/searxng:rw
|
||||
environment:
|
||||
#- SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME}/
|
||||
- SEARXNG_BASE_URL=https://search.datura.network/
|
||||
cap_drop:
|
||||
- ALL
|
||||
cap_add:
|
||||
- CHOWN
|
||||
- SETGID
|
||||
- SETUID
|
||||
logging:
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "1m"
|
||||
max-file: "1"
|
||||
|
||||
networks:
|
||||
searxng:
|
||||
ipam:
|
||||
driver: default
|
||||
|
||||
volumes:
|
||||
#caddy-data:
|
||||
caddy-config:
|
||||
redis-data:
|
||||
|
53
1-Privacy-Front-Ends/searxng/nginx.conf
Normal file
@ -0,0 +1,53 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name search.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name search.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/search.datura.network/fullchain.cer;
|
||||
ssl_certificate_key /root/.acme.sh/search.datura.network/search.datura.network.key;
|
||||
ssl_dhparam /root/.acme.sh/dhparam.pem;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name search.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://search.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
# SSL Settings
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
|
||||
# OCSP stapling
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate /root/.acme.sh/search.datura.network/fullchain.cer;
|
||||
resolver 1.1.1.1 208.67.222.222;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header Content-Security-Policy "default-src 'self';";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:8877;
|
||||
}
|
||||
}
|
||||
|
13
1-Privacy-Front-Ends/searxng/searxng/settings.yml
Normal file
@ -0,0 +1,13 @@
|
||||
# see https://docs.searxng.org/admin/settings/settings.html#settings-use-default-settings
|
||||
use_default_settings: true
|
||||
server:
|
||||
base_url: https://search.datura.network/ #is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
|
||||
secret_key: "jzdabjzjdkbkjbajaz" # change this!
|
||||
limiter: true # can be disabled for a private instance
|
||||
image_proxy: true
|
||||
public_instance: true
|
||||
ui:
|
||||
static_use_hash: true
|
||||
redis:
|
||||
url: redis://redis:6379/0
|
||||
|
24
2-Decentralization/gitea/docker-compose.yml
Normal file
@ -0,0 +1,24 @@
|
||||
version: "3"
|
||||
|
||||
networks:
|
||||
gitea:
|
||||
external: false
|
||||
|
||||
services:
|
||||
server:
|
||||
image: gitea/gitea:latest
|
||||
container_name: gitea
|
||||
environment:
|
||||
- USER_UID=1000
|
||||
- USER_GID=1000
|
||||
restart: always
|
||||
networks:
|
||||
- gitea
|
||||
volumes:
|
||||
- ./gitea:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
ports:
|
||||
- "0.0.0.0:3009:3000"
|
||||
- "222:22"
|
||||
|
1
2-Decentralization/gitea/gitea/gitea/assets/logo.svg
Normal file
@ -0,0 +1 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 640 640" style="enable-background:new 0 0 640 640" xml:space="preserve" width="32" height="32"><path style="fill:#fff" d="m395.9 484.2-126.9-61c-12.5-6-17.9-21.2-11.8-33.8l61-126.9c6-12.5 21.2-17.9 33.8-11.8 17.2 8.3 27.1 13 27.1 13l-.1-109.2 16.7-.1.1 117.1s57.4 24.2 83.1 40.1c3.7 2.3 10.2 6.8 12.9 14.4 2.1 6.1 2 13.1-1 19.3l-61 126.9c-6.2 12.7-21.4 18.1-33.9 12z"/><path style="fill:#609926" d="M622.7 149.8c-4.1-4.1-9.6-4-9.6-4s-117.2 6.6-177.9 8c-13.3.3-26.5.6-39.6.7v117.2c-5.5-2.6-11.1-5.3-16.6-7.9 0-36.4-.1-109.2-.1-109.2-29 .4-89.2-2.2-89.2-2.2s-141.4-7.1-156.8-8.5c-9.8-.6-22.5-2.1-39 1.5-8.7 1.8-33.5 7.4-53.8 26.9C-4.9 212.4 6.6 276.2 8 285.8c1.7 11.7 6.9 44.2 31.7 72.5 45.8 56.1 144.4 54.8 144.4 54.8s12.1 28.9 30.6 55.5c25 33.1 50.7 58.9 75.7 62 63 0 188.9-.1 188.9-.1s12 .1 28.3-10.3c14-8.5 26.5-23.4 26.5-23.4S547 483 565 451.5c5.5-9.7 10.1-19.1 14.1-28 0 0 55.2-117.1 55.2-231.1-1.1-34.5-9.6-40.6-11.6-42.6zM125.6 353.9c-25.9-8.5-36.9-18.7-36.9-18.7S69.6 321.8 60 295.4c-16.5-44.2-1.4-71.2-1.4-71.2s8.4-22.5 38.5-30c13.8-3.7 31-3.1 31-3.1s7.1 59.4 15.7 94.2c7.2 29.2 24.8 77.7 24.8 77.7s-26.1-3.1-43-9.1zm300.3 107.6s-6.1 14.5-19.6 15.4c-5.8.4-10.3-1.2-10.3-1.2s-.3-.1-5.3-2.1l-112.9-55s-10.9-5.7-12.8-15.6c-2.2-8.1 2.7-18.1 2.7-18.1L322 273s4.8-9.7 12.2-13c.6-.3 2.3-1 4.5-1.5 8.1-2.1 18 2.8 18 2.8L467.4 315s12.6 5.7 15.3 16.2c1.9 7.4-.5 14-1.8 17.2-6.3 15.4-55 113.1-55 113.1z"/><path style="fill:#609926" d="M326.8 380.1c-8.2.1-15.4 5.8-17.3 13.8-1.9 8 2 16.3 9.1 20 7.7 4 17.5 1.8 22.7-5.4 5.1-7.1 4.3-16.9-1.8-23.1l24-49.1c1.5.1 3.7.2 6.2-.5 4.1-.9 7.1-3.6 7.1-3.6 4.2 1.8 8.6 3.8 13.2 6.1 4.8 2.4 9.3 4.9 13.4 7.3.9.5 1.8 1.1 2.8 1.9 1.6 1.3 3.4 3.1 4.7 5.5 1.9 5.5-1.9 14.9-1.9 14.9-2.3 7.6-18.4 40.6-18.4 40.6-8.1-.2-15.3 5-17.7 12.5-2.6 8.1 1.1 17.3 8.9 21.3 7.8 4 17.4 1.7 22.5-5.3 5-6.8 4.6-16.3-1.1-22.6 1.9-3.7 3.7-7.4 5.6-11.3 5-10.4 13.5-30.4 13.5-30.4.9-1.7 5.7-10.3 2.7-21.3-2.5-11.4-12.6-16.7-12.6-16.7-12.2-7.9-29.2-15.2-29.2-15.2s0-4.1-1.1-7.1c-1.1-3.1-2.8-5.1-3.9-6.3 4.7-9.7 9.4-19.3 14.1-29-4.1-2-8.1-4-12.2-6.1-4.8 9.8-9.7 19.7-14.5 29.5-6.7-.1-12.9 3.5-16.1 9.4-3.4 6.3-2.7 14.1 1.9 19.8l-24.6 50.4z"/></svg>
|
After Width: | Height: | Size: 2.2 KiB |
109
2-Decentralization/gitea/gitea/gitea/conf/app.ini
Normal file
@ -0,0 +1,109 @@
|
||||
APP_NAME = Git with a cup of Datura seeds
|
||||
RUN_MODE = prod
|
||||
RUN_USER = git
|
||||
WORK_PATH = /data/gitea
|
||||
|
||||
[repository]
|
||||
ROOT = /data/git/repositories
|
||||
|
||||
[repository.local]
|
||||
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
||||
|
||||
[repository.upload]
|
||||
TEMP_PATH = /data/gitea/uploads
|
||||
|
||||
[server]
|
||||
APP_DATA_PATH = /data/gitea
|
||||
DOMAIN = git.datura.network
|
||||
SSH_DOMAIN = git.datura.network
|
||||
HTTP_PORT = 3000
|
||||
ROOT_URL = https://git.datura.network/
|
||||
DISABLE_SSH = false
|
||||
SSH_PORT = 22
|
||||
SSH_LISTEN_PORT = 22
|
||||
LFS_START_SERVER = true
|
||||
LFS_JWT_SECRET = akdzlkndlkznalkdnzalndnazklndzlaknllan
|
||||
OFFLINE_MODE = true
|
||||
|
||||
[database]
|
||||
PATH = /data/gitea/gitea.db
|
||||
DB_TYPE = sqlite3
|
||||
HOST = localhost:3306
|
||||
NAME = gitea
|
||||
USER = root
|
||||
PASSWD =
|
||||
LOG_SQL = false
|
||||
SCHEMA =
|
||||
SSL_MODE = disable
|
||||
|
||||
[indexer]
|
||||
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
||||
|
||||
[session]
|
||||
PROVIDER_CONFIG = /data/gitea/sessions
|
||||
PROVIDER = file
|
||||
|
||||
[picture]
|
||||
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
||||
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
||||
|
||||
[attachment]
|
||||
PATH = /data/gitea/attachments
|
||||
|
||||
[log]
|
||||
MODE = console
|
||||
LEVEL = info
|
||||
ROOT_PATH = /data/gitea/log
|
||||
|
||||
[security]
|
||||
INSTALL_LOCK = true
|
||||
SECRET_KEY =
|
||||
REVERSE_PROXY_LIMIT = 1
|
||||
REVERSE_PROXY_TRUSTED_PROXIES = *
|
||||
INTERNAL_TOKEN = azdjzakjdnzkdjnazndzandazknandkjankjandkj
|
||||
PASSWORD_HASH_ALGO = pbkdf2
|
||||
|
||||
[service]
|
||||
DISABLE_REGISTRATION = false
|
||||
REQUIRE_SIGNIN_VIEW = false
|
||||
REGISTER_EMAIL_CONFIRM = true
|
||||
ENABLE_NOTIFY_MAIL = true
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
||||
ENABLE_CAPTCHA = false
|
||||
DEFAULT_KEEP_EMAIL_PRIVATE = true
|
||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
|
||||
DEFAULT_ENABLE_TIMETRACKING = true
|
||||
NO_REPLY_ADDRESS = noreply.localhost
|
||||
|
||||
[lfs]
|
||||
PATH = /data/git/lfs
|
||||
|
||||
[mailer]
|
||||
ENABLED = true
|
||||
FROM = surveillance@nihilism.network
|
||||
PROTOCOL = smtp+starttls
|
||||
SMTP_ADDR = mail.nihilism.network
|
||||
SMTP_PORT = 587
|
||||
USER = surveillance
|
||||
PASSWD = dazklndzalkndzlknlzndnnaknkldaznlkdalnkdnlkdnalk
|
||||
|
||||
[openid]
|
||||
ENABLE_OPENID_SIGNIN = false
|
||||
ENABLE_OPENID_SIGNUP = true
|
||||
|
||||
[cron.update_checker]
|
||||
ENABLED = true
|
||||
|
||||
[repository.pull-request]
|
||||
DEFAULT_MERGE_STYLE = merge
|
||||
|
||||
[repository.signing]
|
||||
DEFAULT_TRUST_MODEL = committer
|
||||
|
||||
[oauth2]
|
||||
JWT_SECRET = zndlnlndalnldnazkdnllnadlkln
|
||||
|
||||
[ui]
|
||||
DEFAULT_THEME = space
|
||||
THEMES = gitea,arc-green,space
|
||||
|
@ -0,0 +1,972 @@
|
||||
.chroma .hl{background-color:#3f424d}.chroma .ln,.chroma .lnt{color:#7f7f7f}
|
||||
|
||||
.chroma .k{color:#f63}
|
||||
|
||||
.chroma .kc{color:#fa1}
|
||||
|
||||
.chroma .kd{color:#9daccc}
|
||||
|
||||
.chroma .kn{color:#fa1}
|
||||
|
||||
.chroma .kp{color:#5f8700}
|
||||
|
||||
.chroma .kr{color:#f63}
|
||||
|
||||
.chroma .kt{color:#9daccc}
|
||||
|
||||
.chroma .na{color:#8a8a8a}
|
||||
|
||||
.chroma .bp,.chroma .nb{color:#9daccc}
|
||||
|
||||
.chroma .nc,.chroma .no{color:#fa1}
|
||||
|
||||
.chroma .nd{color:#9daccc}
|
||||
|
||||
.chroma .ni{color:#fa1}
|
||||
|
||||
.chroma .ne{color:#af8700}
|
||||
|
||||
.chroma .nf{color:#9daccc}
|
||||
|
||||
.chroma .nl,.chroma .nn{color:#fa1}
|
||||
|
||||
.chroma .nt,.chroma .nv,.chroma .nx{color:#9daccc}
|
||||
|
||||
.chroma .vc{color:#f81}
|
||||
|
||||
.chroma .vg,.chroma .vi{color:#fa1}
|
||||
|
||||
.chroma .s,.chroma .sa{color:#1af}
|
||||
|
||||
.chroma .sb{color:#a0cc75}
|
||||
|
||||
.chroma .dl,.chroma .sc{color:#1af}
|
||||
|
||||
.chroma .sd{color:#6a737d}
|
||||
|
||||
.chroma .s2{color:#a0cc75}
|
||||
|
||||
.chroma .se{color:#f63}
|
||||
|
||||
.chroma .sh{color:#1af}
|
||||
|
||||
.chroma .si,.chroma .sx{color:#fa1}
|
||||
|
||||
.chroma .sr{color:#97c}
|
||||
|
||||
.chroma .s1{color:#a0cc75}
|
||||
|
||||
.chroma .ss{color:#fa1}
|
||||
|
||||
.chroma .il,.chroma .m,.chroma .mb,.chroma .mf,.chroma .mh,.chroma .mi,.chroma .mo{color:#1af}
|
||||
|
||||
.chroma .o{color:#f63}
|
||||
|
||||
.chroma .ow{color:#5f8700}
|
||||
|
||||
.chroma .c,.chroma .c1,.chroma .ch,.chroma .cm{color:#6a737d}
|
||||
|
||||
.chroma .cs{color:#637d}
|
||||
|
||||
.chroma .cp,.chroma .cpf{color:#fc6}
|
||||
|
||||
.chroma .gd{color:#fff;background-color:#5f3737}
|
||||
|
||||
.chroma .ge{color:#ef5}
|
||||
|
||||
.chroma .gr{color:#f33}
|
||||
|
||||
.chroma .gh{color:#fa1}
|
||||
|
||||
.chroma .gi{color:#fff;background-color:#3a523a}
|
||||
|
||||
.chroma .go{color:#888888}
|
||||
|
||||
.chroma .gp{color:#555555}
|
||||
|
||||
.chroma .gu{color:#9daccc}
|
||||
|
||||
.chroma .gt{color:#f63}
|
||||
|
||||
.chroma .w{color:#bbbbbb}
|
||||
|
||||
:root {
|
||||
--color-primary: #ccc;
|
||||
--color-primary-dark-1: #c5c5c5;
|
||||
--color-primary-dark-2: #bebebe;
|
||||
--color-primary-dark-3: #b7b7b7;
|
||||
--color-primary-dark-4: #b0b0b0;
|
||||
--color-primary-dark-5: #a9a9a9;
|
||||
--color-primary-dark-6: #a2a2a2;
|
||||
--color-primary-dark-7: #9b9b9b;
|
||||
--color-primary-light-1: #d3d3d3;
|
||||
--color-primary-light-2: #d9d9d9;
|
||||
--color-primary-light-3: #e0e0e0;
|
||||
--color-primary-light-4: #e7e7e7;
|
||||
--color-primary-light-5: #eeeeee;
|
||||
--color-primary-light-6: #f5f5f5;
|
||||
--color-primary-light-7: #fff;
|
||||
--color-primary-alpha-10: #afb0b119;
|
||||
--color-primary-alpha-20: #afb0b133;
|
||||
--color-primary-alpha-30: #afb0b14b;
|
||||
--color-primary-alpha-40: #afb0b166;
|
||||
--color-primary-alpha-50: #afb0b180;
|
||||
--color-primary-alpha-60: #afb0b199;
|
||||
--color-primary-alpha-70: #afb0b1b3;
|
||||
--color-primary-alpha-80: #afb0b1cc;
|
||||
--color-primary-alpha-90: #afb0b1e1;
|
||||
--color-secondary: #000;
|
||||
--color-secondary-dark-1: #141414;
|
||||
--color-secondary-dark-2: #0b0c0e;
|
||||
--color-secondary-dark-3: #17181c;
|
||||
--color-secondary-dark-4: #22242a;
|
||||
--color-secondary-dark-5: #2d3139;
|
||||
--color-secondary-dark-6: #393d47;
|
||||
--color-secondary-dark-7: #444955;
|
||||
--color-secondary-dark-7: #4f5563;
|
||||
--color-secondary-dark-8: #5b6171;
|
||||
--color-secondary-dark-8: #666d7f;
|
||||
--color-secondary-dark-9: #71798e;
|
||||
--color-secondary-dark-10: #808799;
|
||||
--color-secondary-dark-11: #8e94a4;
|
||||
--color-secondary-light-1: #373b46;
|
||||
--color-secondary-light-2: #292c34;
|
||||
--color-secondary-light-3: #1c1e23;
|
||||
--color-secondary-light-4: #0e0f11;
|
||||
--color-secondary-alpha-10: #45454519;
|
||||
--color-secondary-alpha-20: #45454533;
|
||||
--color-secondary-alpha-30: #4545454b;
|
||||
--color-secondary-alpha-40: #45454566;
|
||||
--color-secondary-alpha-50: #45454580;
|
||||
--color-secondary-alpha-60: #45454599;
|
||||
--color-secondary-alpha-70: #454545b3;
|
||||
--color-secondary-alpha-80: #454545cc;
|
||||
--color-secondary-alpha-90: #454545e1;
|
||||
/* colors */
|
||||
--color-red: #db2828;
|
||||
--color-orange: #ff6600;
|
||||
--color-yellow: #ffff99;
|
||||
--color-olive: #abc11a;
|
||||
--color-green: #199717;
|
||||
--color-teal: #01fed4;
|
||||
--color-blue: #226ac9;
|
||||
--color-violet: #6435c9;
|
||||
--color-purple: #a333c8;
|
||||
--color-pink: #e03997;
|
||||
--color-brown: #a5673f;
|
||||
--color-grey: #767a85;
|
||||
--color-black: #1e222e;
|
||||
--color-gold: #a1882b;
|
||||
--color-white: #ffffff;
|
||||
--color-diff-removed-word-bg: #6f3333;
|
||||
--color-diff-added-word-bg: #3c653c;
|
||||
--color-diff-removed-row-bg: #3c2626;
|
||||
--color-diff-added-row-bg: #283e2d;
|
||||
--color-diff-removed-row-border: #634343;
|
||||
--color-diff-added-row-border: #314a37;
|
||||
--color-diff-inactive: #353846;
|
||||
/* target-based colors */
|
||||
--color-body: #000;
|
||||
--color-box-header: #000;
|
||||
--color-box-body: #070707;
|
||||
--color-text-dark: #dee1e8;
|
||||
--color-text: #c7cad1;
|
||||
--color-text-light: #acb0b9;
|
||||
--color-text-light-2: #8a8e99;
|
||||
--color-text-light-3: #707687;
|
||||
--color-footer: #000;
|
||||
--color-timeline: #4c525e;
|
||||
--color-input-text: #d5dbe6;
|
||||
--color-input-background: #000;
|
||||
--color-input-border: #454545;
|
||||
--color-input-border-hover: #4e5465;
|
||||
--color-navbar: #060606;
|
||||
--color-light: #00000028;
|
||||
--color-light-border: #ffffff28;
|
||||
--color-hover: #ffffff10;
|
||||
--color-active: #25272d;
|
||||
--color-menu: #060606;
|
||||
--color-card: #060606;
|
||||
--color-markdown-table-row: #ffffff06;
|
||||
--color-markdown-code-block: #121314;
|
||||
--color-button: #070707;
|
||||
--color-code-bg: #060606;
|
||||
--color-shadow: #00000060;
|
||||
--color-secondary-bg: #060606;
|
||||
--color-text-focus: #fff;
|
||||
--color-expand-button: #3c404d;
|
||||
--color-placeholder-text: #6a737d;
|
||||
--color-editor-line-highlight: var(--color-primary-light-5);
|
||||
--color-project-board-bg: var(--color-secondary-light-2);
|
||||
--color-nav-bg: var(--color-body);
|
||||
--color-nav-hover-bg: var(--color-hover);
|
||||
}
|
||||
|
||||
::-webkit-calendar-picker-indicator {
|
||||
filter: invert(.8);
|
||||
}
|
||||
|
||||
.ui.horizontal.segments > .segment {
|
||||
background-color: #2d2d2d;
|
||||
}
|
||||
|
||||
.repository .segment.reactions .ui.label.basic.blue {
|
||||
background: var(--color-primary-alpha-20) !important;
|
||||
}
|
||||
|
||||
[data-tooltip]::before,
|
||||
[data-tooltip]::after {
|
||||
background: #1b1c1d !important; /* .ui.inverted.popup */
|
||||
border-color: #1b1c1d !important; /* .ui.inverted.popup */
|
||||
color: #dbdbdb !important;
|
||||
}
|
||||
|
||||
[data-tooltip]::before {
|
||||
box-shadow: 1px 1px 0 0 #1b1c1d !important; /* .ui.inverted.popup */
|
||||
}
|
||||
|
||||
.ui.green.progress .bar {
|
||||
background-color: #848b84;
|
||||
}
|
||||
|
||||
.ui.progress.success .bar {
|
||||
background-color: #8fa37b !important;
|
||||
}
|
||||
|
||||
.following.bar.light {
|
||||
background: var(--color-body);
|
||||
border-color: var(--color-secondary-alpha-40);
|
||||
}
|
||||
|
||||
.following.bar .top.menu a.item:hover {
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
.feeds .list ul li.private {
|
||||
background: #25272d;
|
||||
}
|
||||
|
||||
.ui.link.list .item,
|
||||
.ui.link.list a.item,
|
||||
.ui.link.list .item a:not(.ui) {
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.red.label,
|
||||
.ui.red.labels .label {
|
||||
background-color: #7d3434 !important;
|
||||
border-color: #8a2121 !important;
|
||||
}
|
||||
|
||||
.ui.yellow.label,
|
||||
.ui.yellow.labels .label {
|
||||
border-color: #664d02 !important;
|
||||
background-color: #936e00 !important;
|
||||
}
|
||||
|
||||
.ui.accordion .title:not(.ui) {
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.green.label,
|
||||
.ui.green.labels .label,
|
||||
.ui.basic.green.label {
|
||||
background-color: #53682c !important;
|
||||
border-color: #53682c !important;
|
||||
}
|
||||
|
||||
.ui.green.labels a.label:hover,
|
||||
.ui.basic.green.labels a.label:hover,
|
||||
a.ui.ui.ui.green.label:hover,
|
||||
a.ui.basic.green.label:hover {
|
||||
background-color: #657a3e !important;
|
||||
border-color: #657a3e !important;
|
||||
color: #fff !important;
|
||||
}
|
||||
|
||||
.ui.divider:not(.vertical):not(.horizontal) {
|
||||
border-bottom-color: var(--color-secondary);
|
||||
border-top-color: transparent;
|
||||
}
|
||||
|
||||
.form .help {
|
||||
color: #7f8699;
|
||||
}
|
||||
|
||||
.ui .text.light.grey {
|
||||
color: #7f8699 !important;
|
||||
}
|
||||
|
||||
.ui.form .fields.error .field textarea,
|
||||
.ui.form .fields.error .field select,
|
||||
.ui.form .fields.error .field input:not([type]),
|
||||
.ui.form .fields.error .field input[type="date"],
|
||||
.ui.form .fields.error .field input[type="datetime-local"],
|
||||
.ui.form .fields.error .field input[type="email"],
|
||||
.ui.form .fields.error .field input[type="number"],
|
||||
.ui.form .fields.error .field input[type="password"],
|
||||
.ui.form .fields.error .field input[type="search"],
|
||||
.ui.form .fields.error .field input[type="tel"],
|
||||
.ui.form .fields.error .field input[type="time"],
|
||||
.ui.form .fields.error .field input[type="text"],
|
||||
.ui.form .fields.error .field input[type="file"],
|
||||
.ui.form .fields.error .field input[type="url"],
|
||||
.ui.form .field.error textarea,
|
||||
.ui.form .field.error select,
|
||||
.ui.form .field.error input:not([type]),
|
||||
.ui.form .field.error input[type="date"],
|
||||
.ui.form .field.error input[type="datetime-local"],
|
||||
.ui.form .field.error input[type="email"],
|
||||
.ui.form .field.error input[type="number"],
|
||||
.ui.form .field.error input[type="password"],
|
||||
.ui.form .field.error input[type="search"],
|
||||
.ui.form .field.error input[type="tel"],
|
||||
.ui.form .field.error input[type="time"],
|
||||
.ui.form .field.error input[type="text"],
|
||||
.ui.form .field.error input[type="file"],
|
||||
.ui.form .field.error input[type="url"] {
|
||||
background-color: #522;
|
||||
border: 1px solid #7d3434;
|
||||
color: #f9cbcb;
|
||||
}
|
||||
|
||||
.ui.form .field.error select:focus,
|
||||
.ui.form .field.error input:not([type]):focus,
|
||||
.ui.form .field.error input[type="date"]:focus,
|
||||
.ui.form .field.error input[type="datetime-local"]:focus,
|
||||
.ui.form .field.error input[type="email"]:focus,
|
||||
.ui.form .field.error input[type="number"]:focus,
|
||||
.ui.form .field.error input[type="password"]:focus,
|
||||
.ui.form .field.error input[type="search"]:focus,
|
||||
.ui.form .field.error input[type="tel"]:focus,
|
||||
.ui.form .field.error input[type="time"]:focus,
|
||||
.ui.form .field.error input[type="text"]:focus,
|
||||
.ui.form .field.error input[type="file"]:focus,
|
||||
.ui.form .field.error input[type="url"]:focus {
|
||||
background-color: #522;
|
||||
border: 1px solid #a04141;
|
||||
color: #f9cbcb;
|
||||
}
|
||||
|
||||
.ui.green.button,
|
||||
.ui.green.buttons .button {
|
||||
background-color: #070707;
|
||||
}
|
||||
|
||||
.ui.green.button:hover,
|
||||
.ui.green.buttons .button:hover {
|
||||
background-color: #141414;
|
||||
}
|
||||
|
||||
.ui.green.button:active,
|
||||
.ui.green.buttons .button:active {
|
||||
background-color: #070707;
|
||||
}
|
||||
|
||||
.ui.search > .results {
|
||||
background: #2d2d2d;
|
||||
border-color: var(--color-secondary);
|
||||
}
|
||||
|
||||
.ui.search > .results .result:hover,
|
||||
.ui.category.search > .results .category .result:hover {
|
||||
background: var(--color-secondary);
|
||||
}
|
||||
|
||||
.ui.search > .results .result .title {
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.table > thead > tr > th {
|
||||
background: var(--color-secondary);
|
||||
color: #dbdbdb !important;
|
||||
}
|
||||
|
||||
.repository.file.list #repo-files-table tr {
|
||||
background: #070707;
|
||||
}
|
||||
|
||||
.repository.file.list #repo-files-table tr:hover {
|
||||
background-color: #2d2d2d !important;
|
||||
}
|
||||
|
||||
.repository.file.editor.edit,
|
||||
.repository.wiki.new .CodeMirror {
|
||||
.editor-preview,
|
||||
.editor-preview-side,
|
||||
& + .editor-preview-side {
|
||||
background: #25272d;
|
||||
|
||||
.markdown:not(code).ui.segment {
|
||||
border-width: 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
.overflow.menu .items .item {
|
||||
color: #9d9d9d;
|
||||
}
|
||||
|
||||
.overflow.menu .items .item:hover {
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.list > .item > .content {
|
||||
color: var(--color-secondary-dark-6) !important;
|
||||
}
|
||||
|
||||
.ui.active.button:active,
|
||||
.ui.button:active,
|
||||
.ui.button:focus,
|
||||
.ui.active.button {
|
||||
background-color: #2e3e4e;
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.active.button:hover {
|
||||
background-color: #475e75;
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.repository .navbar .active.item,
|
||||
.repository .navbar .active.item:hover {
|
||||
border-color: transparent !important;
|
||||
}
|
||||
|
||||
.ui .info.segment.top {
|
||||
background-color: var(--color-secondary) !important;
|
||||
}
|
||||
|
||||
.repository .diff-stats li {
|
||||
border-color: var(--color-secondary);
|
||||
}
|
||||
|
||||
.tag-code,
|
||||
.tag-code td {
|
||||
background: #25272d !important;
|
||||
|
||||
}
|
||||
.tag-code td.lines-num {
|
||||
background-color: #3a3e4c !important;
|
||||
}
|
||||
|
||||
.tag-code td.lines-type-marker,
|
||||
td.blob-hunk {
|
||||
color: #dbdbdb !important;
|
||||
}
|
||||
|
||||
.ui.attached.info.message,
|
||||
.ui.info.message {
|
||||
box-shadow: 0 0 0 1px #4b5e71 inset, 0 0 0 0 transparent;
|
||||
}
|
||||
|
||||
.ui.bottom.attached.message {
|
||||
background-color: #2c662d;
|
||||
color: #ab6363;
|
||||
}
|
||||
|
||||
.ui.bottom.attached.message .pull-right {
|
||||
color: #ab6363;
|
||||
}
|
||||
|
||||
.ui.info.message {
|
||||
background-color: #2c3b4a;
|
||||
color: #9ebcc5;
|
||||
}
|
||||
|
||||
.ui .warning.header,
|
||||
.ui.warning.message {
|
||||
background-color: #542 !important;
|
||||
border-color: #ec8;
|
||||
}
|
||||
|
||||
.ui.warning.message {
|
||||
color: #ec8;
|
||||
box-shadow: 0 0 0 1px #ec8;
|
||||
}
|
||||
|
||||
.ui.warning.segment {
|
||||
border-color: #ec8;
|
||||
}
|
||||
|
||||
.ui.red.message,
|
||||
.ui.error.message {
|
||||
background-color: #522;
|
||||
color: #f9cbcb;
|
||||
box-shadow: 0 0 0 1px #a04141 inset;
|
||||
}
|
||||
|
||||
.ui .error.header,
|
||||
.ui.error.message {
|
||||
background-color: #522 !important;
|
||||
border-color: #a04141;
|
||||
}
|
||||
|
||||
.ui.error.segment {
|
||||
border-color: #a04141;
|
||||
}
|
||||
|
||||
.ui.red.button,
|
||||
.ui.red.buttons .button {
|
||||
background-color: #7d3434;
|
||||
}
|
||||
|
||||
.ui.red.button:hover,
|
||||
.ui.red.buttons .button:hover {
|
||||
background-color: #984646;
|
||||
}
|
||||
|
||||
.ui.positive.message {
|
||||
background-color: #000;
|
||||
color: #fff;
|
||||
box-shadow: 0 0 0 1px #1c1c1c inset, 0 0 0 0 transparent;
|
||||
}
|
||||
|
||||
.ui.negative.message {
|
||||
background-color: rgba(80, 23, 17, .6);
|
||||
color: #f9cbcb;
|
||||
box-shadow: 0 0 0 1px rgba(121, 71, 66, .5) inset, 0 0 0 0 transparent;
|
||||
}
|
||||
|
||||
.ui.list .list > .item .header,
|
||||
.ui.list > .item .header {
|
||||
color: #dedede;
|
||||
}
|
||||
|
||||
.ui.list .list > .item .description,
|
||||
.ui.list > .item .description {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
|
||||
.repository.file.list #repo-files-table tbody .svg.octicon-file-directory,
|
||||
.repository.file.list #repo-files-table tbody .svg.octicon-file-submodule {
|
||||
color: #52555b;
|
||||
}
|
||||
|
||||
.repository.labels .ui.basic.black.label {
|
||||
background-color: #bbbbbb !important;
|
||||
}
|
||||
|
||||
.lines-commit,
|
||||
.blame .lines-num {
|
||||
background: #060606 !important;
|
||||
}
|
||||
|
||||
.lines-num {
|
||||
color: var(--color-secondary-dark-6) !important;
|
||||
border-color: var(--color-secondary) !important;
|
||||
}
|
||||
|
||||
td.blob-excerpt {
|
||||
background-color: rgba(0, 0, 0, .15);
|
||||
}
|
||||
|
||||
.lines-code.active,
|
||||
.lines-code .active {
|
||||
background: #534d1b !important;
|
||||
}
|
||||
|
||||
.ui.ui.ui.ui.table tr.active,
|
||||
.ui.ui.table td.active {
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.active.label {
|
||||
background: #46484e;
|
||||
border-color: #46484e;
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.repository .ui.attached.message.isSigned.isVerified {
|
||||
background-color: #394829;
|
||||
color: var(--color-secondary-dark-6);
|
||||
|
||||
&.message {
|
||||
color: #ab6363;
|
||||
.ui.text {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
.pull-right {
|
||||
color: #ab6363;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
.repository .ui.attached.message.isSigned.isVerifiedUntrusted {
|
||||
background-color: #4a3903;
|
||||
color: var(--color-secondary-dark-6);
|
||||
&.message {
|
||||
color: #c2c193;
|
||||
.ui.text {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
a {
|
||||
color: #c2c193;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
.repository .ui.attached.message.isSigned.isVerifiedUnmatched {
|
||||
background-color: #4e3321;
|
||||
color: var(--color-secondary-dark-6);
|
||||
&.message {
|
||||
color: #c2a893;
|
||||
.ui.text {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
a {
|
||||
color: #c2a893;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
.repository .ui.attached.message.isSigned.isWarning {
|
||||
background-color: rgba(80, 23, 17, .6);
|
||||
&.message {
|
||||
color: #d07d7d;
|
||||
.ui.text {
|
||||
color: #d07d7d;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
.ui.header .sub.header {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
|
||||
.ui.dividing.header {
|
||||
border-bottom: 1px solid var(--color-secondary);
|
||||
}
|
||||
|
||||
.ui.modal > .header {
|
||||
background: var(--color-secondary);
|
||||
color: #dbdbdb;
|
||||
}
|
||||
|
||||
.ui.modal > .actions {
|
||||
background: var(--color-secondary);
|
||||
border-color: var(--color-secondary);
|
||||
}
|
||||
|
||||
.ui.modal > .content {
|
||||
background: #2d2d2d;
|
||||
}
|
||||
|
||||
.minicolors-panel {
|
||||
background: var(--color-secondary) !important;
|
||||
border-color: #6a737d !important;
|
||||
}
|
||||
|
||||
/* invert emojis that are hard to read otherwise */
|
||||
.emoji[aria-label="check mark"],
|
||||
.emoji[aria-label="currency exchange"],
|
||||
.emoji[aria-label="TOP arrow"],
|
||||
.emoji[aria-label="END arrow"],
|
||||
.emoji[aria-label="ON! arrow"],
|
||||
.emoji[aria-label="SOON arrow"],
|
||||
.emoji[aria-label="heavy dollar sign"],
|
||||
.emoji[aria-label="copyright"],
|
||||
.emoji[aria-label="registered"],
|
||||
.emoji[aria-label="trade mark"],
|
||||
.emoji[aria-label="multiply"],
|
||||
.emoji[aria-label="plus"],
|
||||
.emoji[aria-label="minus"],
|
||||
.emoji[aria-label="divide"],
|
||||
.emoji[aria-label="curly loop"],
|
||||
.emoji[aria-label="double curly loop"],
|
||||
.emoji[aria-label="wavy dash"],
|
||||
.emoji[aria-label="paw prints"],
|
||||
.emoji[aria-label="musical note"],
|
||||
.emoji[aria-label="musical notes"] {
|
||||
filter: invert(100%);
|
||||
}
|
||||
|
||||
.edit-diff > div > .ui.table {
|
||||
border-left-color: var(--color-secondary) !important;
|
||||
border-right-color: var(--color-secondary) !important;
|
||||
}
|
||||
|
||||
/* code mirror dark theme */
|
||||
|
||||
.CodeMirror {
|
||||
&.cm-s-default,
|
||||
&.cm-s-paper {
|
||||
.cm-property {
|
||||
color: #a0cc75;
|
||||
}
|
||||
|
||||
.cm-header {
|
||||
color: #9daccc;
|
||||
}
|
||||
|
||||
.cm-quote {
|
||||
color: #009900;
|
||||
}
|
||||
|
||||
.cm-keyword {
|
||||
color: #cc8a61;
|
||||
}
|
||||
|
||||
.cm-atom {
|
||||
color: #ef5e77;
|
||||
}
|
||||
|
||||
.cm-number {
|
||||
color: #ff5656;
|
||||
}
|
||||
|
||||
.cm-def {
|
||||
color: #e4e4e4;
|
||||
}
|
||||
|
||||
.cm-variable-2 {
|
||||
color: #00bdbf;
|
||||
}
|
||||
|
||||
.cm-variable-3 {
|
||||
color: #008855;
|
||||
}
|
||||
|
||||
.cm-comment {
|
||||
color: #8e9ab3;
|
||||
}
|
||||
|
||||
.cm-string {
|
||||
color: #a77272;
|
||||
}
|
||||
|
||||
.cm-string-2 {
|
||||
color: #ff5500;
|
||||
}
|
||||
|
||||
.cm-meta,
|
||||
.cm-qualifier {
|
||||
color: #ffb176;
|
||||
}
|
||||
|
||||
.cm-builtin {
|
||||
color: #b7c951;
|
||||
}
|
||||
|
||||
.cm-bracket {
|
||||
color: #999977;
|
||||
}
|
||||
|
||||
.cm-tag {
|
||||
color: #f1d273;
|
||||
}
|
||||
|
||||
.cm-attribute {
|
||||
color: #bfcc70;
|
||||
}
|
||||
|
||||
.cm-hr {
|
||||
color: #999999;
|
||||
}
|
||||
|
||||
.cm-url {
|
||||
color: #c5cfd0;
|
||||
}
|
||||
|
||||
.cm-link {
|
||||
color: #d8c792;
|
||||
}
|
||||
|
||||
.cm-error {
|
||||
/* color: #ff6e00; */
|
||||
color: #dbdbeb;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
footer .container .links > * {
|
||||
border-left-color: #888;
|
||||
}
|
||||
|
||||
.repository.file.list #repo-files-table tbody .svg {
|
||||
color: var(--color-secondary-dark-6);
|
||||
}
|
||||
|
||||
.repository.release #release-list > li .detail .dot {
|
||||
background-color: #4e5465;
|
||||
border-color: #2d2d2d;
|
||||
}
|
||||
|
||||
.tribute-container {
|
||||
box-shadow: 0 .25rem .5rem rgba(0, 0, 0, .6);
|
||||
}
|
||||
|
||||
.repository .repo-header .ui.huge.breadcrumb.repo-title .repo-header-icon .avatar {
|
||||
color: #060606;
|
||||
}
|
||||
|
||||
img[src$="/img/matrix.svg"] {
|
||||
filter: invert(80%);
|
||||
}
|
||||
|
||||
#git-graph-container li .time {
|
||||
color: #6a737d;
|
||||
}
|
||||
|
||||
#git-graph-container.monochrome #rel-container .flow-group {
|
||||
stroke: dimgrey;
|
||||
fill: dimgrey;
|
||||
}
|
||||
|
||||
#git-graph-container.monochrome #rel-container .flow-group.highlight {
|
||||
stroke: darkgrey;
|
||||
fill: darkgrey;
|
||||
}
|
||||
|
||||
#git-graph-container:not(.monochrome) #rel-container .flow-group {
|
||||
&.flow-color-16-5 {
|
||||
stroke: #5543b1;
|
||||
fill: #5543b1;
|
||||
}
|
||||
}
|
||||
|
||||
#git-graph-container:not(.monochrome) #rel-container .flow-group.highlight {
|
||||
&.flow-color-16-5 {
|
||||
stroke: #7058e6;
|
||||
fill: #7058e6;
|
||||
}
|
||||
}
|
||||
|
||||
#git-graph-container #rev-list li.highlight.hover {
|
||||
background-color: rgba(255, 255, 255, .1);
|
||||
}
|
||||
|
||||
#git-graph-container .ui.buttons button#flow-color-monochrome.ui.button {
|
||||
border-left-color: rgb(76, 80, 92);
|
||||
border-left-style: solid;
|
||||
border-left-width: 1px;
|
||||
}
|
||||
|
||||
.mermaid-chart {
|
||||
filter: invert(84%) hue-rotate(180deg);
|
||||
}
|
||||
|
||||
.is-loading::after {
|
||||
border-color: #4a4c58 #4a4c58 #d7d7da #d7d7da;
|
||||
}
|
||||
|
||||
.markdown-block-error {
|
||||
border: 1px solid rgba(121, 71, 66, .5) !important;
|
||||
border-bottom: none !important;
|
||||
}
|
||||
|
||||
.home .hero .svg {
|
||||
color: var(--color-primary);
|
||||
}
|
||||
|
||||
.home a {
|
||||
color: var(--color-primary-light-1);
|
||||
}
|
||||
|
||||
.ui.menu, .ui.vertical.menu {
|
||||
background: #070707;
|
||||
border-color: var(--color-secondary-dark-4);
|
||||
}
|
||||
|
||||
.ui.menu.new-menu {
|
||||
background: #060606;
|
||||
}
|
||||
|
||||
.ui.menu.new-menu:after {
|
||||
background: none;
|
||||
}
|
||||
|
||||
.ui.checkbox label:active:before, .ui.checkbox label:hover:before, .ui.form input:not([type]):hover, .ui.form input[type=date]:hover, .ui.form input[type=datetime-local]:hover, .ui.form input[type=email]:hover, .ui.form input[type=file]:hover, .ui.form input[type=number]:hover, .ui.form input[type=password]:hover, .ui.form input[type=search]:hover, .ui.form input[type=tel]:hover, .ui.form input[type=text]:hover, .ui.form input[type=time]:hover, .ui.form input[type=url]:hover, .ui.form select:hover, .ui.form textarea:hover, .ui.input input:hover, .ui.radio.checkbox input:checked~label:before, .ui.radio.checkbox input:focus~label:before, .ui.radio.checkbox label:after, .ui.selection.dropdown:hover, input:hover, textarea:hover {
|
||||
background: var(--color-secondary-dark-3);
|
||||
}
|
||||
|
||||
.ui.checkbox input:checked~label:before, .ui.checkbox input:not([type=radio]):indeterminate~label:before, .ui.checkbox label:before, .ui.form input:not([type]), .ui.form input[type=date], .ui.form input[type=datetime-local], .ui.form input[type=email], .ui.form input[type=file], .ui.form input[type=number], .ui.form input[type=password], .ui.form input[type=search], .ui.form input[type=tel], .ui.form input[type=text], .ui.form input[type=time], .ui.form input[type=url], .ui.form select, .ui.form textarea, .ui.input>input, .ui.selection.dropdown, input, textarea {
|
||||
background: var(--color-secondary-dark-2);
|
||||
}
|
||||
|
||||
.ui.checkbox input:checked:focus~label:before, .ui.checkbox input:focus~label:before, .ui.checkbox input:not([type=radio]):indeterminate:focus~label:before, .ui.form input:not([type]):focus, .ui.form input[type=date]:focus, .ui.form input[type=datetime-local]:focus, .ui.form input[type=email]:focus, .ui.form input[type=file]:focus, .ui.form input[type=number]:focus, .ui.form input[type=password]:focus, .ui.form input[type=search]:focus, .ui.form input[type=tel]:focus, .ui.form input[type=text]:focus, .ui.form input[type=time]:focus, .ui.form input[type=url]:focus, .ui.form select:focus, .ui.form textarea:focus, .ui.input input:focus, .ui.radio.checkbox input:focus:checked~label:before, .ui.selection.dropdown:focus, input:focus, textarea:focus {
|
||||
background: var(--color-secondary-dark-3);
|
||||
}
|
||||
|
||||
.ui.list .list>.item .description, .ui.list>.item .description {
|
||||
color: var(--color-secondary-dark-11);
|
||||
}
|
||||
|
||||
.explore .navbar {
|
||||
background-color: var(--color-box-body)!important;
|
||||
}
|
||||
|
||||
.repository .header-wrapper {
|
||||
background-color: var(--color-box-body);
|
||||
}
|
||||
|
||||
.monaco-editor, .monaco-editor-background, .monaco-editor .inputarea.ime-input {
|
||||
background-color: #181818;
|
||||
}
|
||||
|
||||
.ui.blue.label, .ui.blue.labels .label, .ui.primary.label, .ui.primary.labels .label {
|
||||
background-color: var(--color-secondary)!important;
|
||||
border-color: var(--color-primary-dark-2)!important;
|
||||
}
|
||||
|
||||
.ui.blue.button, .ui.blue.buttons .button, .ui.primary.button, .ui.primary.buttons .button {
|
||||
background-color: #070707!important;
|
||||
}
|
||||
|
||||
.ui.blue.button:hover, .ui.blue.buttons .button:hover, .ui.primary.button:hover, .ui.primary.buttons .button:hover {
|
||||
background-color: #1c1c1c!important;
|
||||
}
|
||||
|
||||
.ui.green.labels .label, .ui.ui.ui.green.label {
|
||||
background-color: #1c1c1c!important;
|
||||
border-color: #21ba45!important;
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
.ui.red.labels .label, .ui.ui.ui.red.label {
|
||||
background-color: #1c1c1c!important;
|
||||
border-color: #db2828!important;
|
||||
color: #fff;
|
||||
}
|
||||
|
||||
::selection, ::-moz-selection {
|
||||
background: var(--color-grey);
|
||||
color: var(--color-secondary)!important;
|
||||
}
|
||||
|
||||
.CodeMirror, .CodeMirror-selected, ::selection {
|
||||
background: var(--color-primary)!important;
|
||||
color: var(--color-secondary)!important;
|
||||
}
|
||||
|
||||
.markup a, .ui.breadcrumb a {
|
||||
color: var(--color-primary-light-7);
|
||||
cursor: pointer;
|
||||
text-decoration: none;
|
||||
border-bottom: 1px solid var(--color-primary);
|
||||
transition-property: all
|
||||
}
|
||||
|
||||
.markup a:hover, .ui.breadcrumb a:hover {
|
||||
color: #000;
|
||||
cursor: pointer;
|
||||
text-decoration: none;
|
||||
background: #fff;
|
||||
background-color: #fff
|
||||
}
|
||||
|
||||
.markup .anchor {
|
||||
border-bottom: none
|
||||
}
|
||||
|
||||
.markup .anchor:hover {
|
||||
color: var(--color-primary-light-7);
|
||||
border-bottom: none;
|
||||
background: var(--color-body);
|
||||
background-color: var(--color-body)
|
||||
}
|
||||
|
||||
.mtk1, .mtk10 {
|
||||
color: #6D7178!important
|
||||
}
|
||||
|
After Width: | Height: | Size: 5.2 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 70 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 38 KiB |
After Width: | Height: | Size: 26 KiB |
@ -0,0 +1 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 640 640" style="enable-background:new 0 0 640 640" xml:space="preserve" width="32" height="32"><path style="fill:#fff" d="m395.9 484.2-126.9-61c-12.5-6-17.9-21.2-11.8-33.8l61-126.9c6-12.5 21.2-17.9 33.8-11.8 17.2 8.3 27.1 13 27.1 13l-.1-109.2 16.7-.1.1 117.1s57.4 24.2 83.1 40.1c3.7 2.3 10.2 6.8 12.9 14.4 2.1 6.1 2 13.1-1 19.3l-61 126.9c-6.2 12.7-21.4 18.1-33.9 12z"/><path style="fill:#609926" d="M622.7 149.8c-4.1-4.1-9.6-4-9.6-4s-117.2 6.6-177.9 8c-13.3.3-26.5.6-39.6.7v117.2c-5.5-2.6-11.1-5.3-16.6-7.9 0-36.4-.1-109.2-.1-109.2-29 .4-89.2-2.2-89.2-2.2s-141.4-7.1-156.8-8.5c-9.8-.6-22.5-2.1-39 1.5-8.7 1.8-33.5 7.4-53.8 26.9C-4.9 212.4 6.6 276.2 8 285.8c1.7 11.7 6.9 44.2 31.7 72.5 45.8 56.1 144.4 54.8 144.4 54.8s12.1 28.9 30.6 55.5c25 33.1 50.7 58.9 75.7 62 63 0 188.9-.1 188.9-.1s12 .1 28.3-10.3c14-8.5 26.5-23.4 26.5-23.4S547 483 565 451.5c5.5-9.7 10.1-19.1 14.1-28 0 0 55.2-117.1 55.2-231.1-1.1-34.5-9.6-40.6-11.6-42.6zM125.6 353.9c-25.9-8.5-36.9-18.7-36.9-18.7S69.6 321.8 60 295.4c-16.5-44.2-1.4-71.2-1.4-71.2s8.4-22.5 38.5-30c13.8-3.7 31-3.1 31-3.1s7.1 59.4 15.7 94.2c7.2 29.2 24.8 77.7 24.8 77.7s-26.1-3.1-43-9.1zm300.3 107.6s-6.1 14.5-19.6 15.4c-5.8.4-10.3-1.2-10.3-1.2s-.3-.1-5.3-2.1l-112.9-55s-10.9-5.7-12.8-15.6c-2.2-8.1 2.7-18.1 2.7-18.1L322 273s4.8-9.7 12.2-13c.6-.3 2.3-1 4.5-1.5 8.1-2.1 18 2.8 18 2.8L467.4 315s12.6 5.7 15.3 16.2c1.9 7.4-.5 14-1.8 17.2-6.3 15.4-55 113.1-55 113.1z"/><path style="fill:#609926" d="M326.8 380.1c-8.2.1-15.4 5.8-17.3 13.8-1.9 8 2 16.3 9.1 20 7.7 4 17.5 1.8 22.7-5.4 5.1-7.1 4.3-16.9-1.8-23.1l24-49.1c1.5.1 3.7.2 6.2-.5 4.1-.9 7.1-3.6 7.1-3.6 4.2 1.8 8.6 3.8 13.2 6.1 4.8 2.4 9.3 4.9 13.4 7.3.9.5 1.8 1.1 2.8 1.9 1.6 1.3 3.4 3.1 4.7 5.5 1.9 5.5-1.9 14.9-1.9 14.9-2.3 7.6-18.4 40.6-18.4 40.6-8.1-.2-15.3 5-17.7 12.5-2.6 8.1 1.1 17.3 8.9 21.3 7.8 4 17.4 1.7 22.5-5.3 5-6.8 4.6-16.3-1.1-22.6 1.9-3.7 3.7-7.4 5.6-11.3 5-10.4 13.5-30.4 13.5-30.4.9-1.7 5.7-10.3 2.7-21.3-2.5-11.4-12.6-16.7-12.6-16.7-12.2-7.9-29.2-15.2-29.2-15.2s0-4.1-1.1-7.1c-1.1-3.1-2.8-5.1-3.9-6.3 4.7-9.7 9.4-19.3 14.1-29-4.1-2-8.1-4-12.2-6.1-4.8 9.8-9.7 19.7-14.5 29.5-6.7-.1-12.9 3.5-16.1 9.4-3.4 6.3-2.7 14.1 1.9 19.8l-24.6 50.4z"/></svg>
|
After Width: | Height: | Size: 2.2 KiB |
After Width: | Height: | Size: 38 KiB |
1
2-Decentralization/gitea/gitea/gitea/public/assets/img/gitea.svg
Executable file
@ -0,0 +1 @@
|
||||
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 640 640" style="enable-background:new 0 0 640 640" xml:space="preserve" width="32" height="32"><path style="fill:#fff" d="m395.9 484.2-126.9-61c-12.5-6-17.9-21.2-11.8-33.8l61-126.9c6-12.5 21.2-17.9 33.8-11.8 17.2 8.3 27.1 13 27.1 13l-.1-109.2 16.7-.1.1 117.1s57.4 24.2 83.1 40.1c3.7 2.3 10.2 6.8 12.9 14.4 2.1 6.1 2 13.1-1 19.3l-61 126.9c-6.2 12.7-21.4 18.1-33.9 12z"/><path style="fill:#609926" d="M622.7 149.8c-4.1-4.1-9.6-4-9.6-4s-117.2 6.6-177.9 8c-13.3.3-26.5.6-39.6.7v117.2c-5.5-2.6-11.1-5.3-16.6-7.9 0-36.4-.1-109.2-.1-109.2-29 .4-89.2-2.2-89.2-2.2s-141.4-7.1-156.8-8.5c-9.8-.6-22.5-2.1-39 1.5-8.7 1.8-33.5 7.4-53.8 26.9C-4.9 212.4 6.6 276.2 8 285.8c1.7 11.7 6.9 44.2 31.7 72.5 45.8 56.1 144.4 54.8 144.4 54.8s12.1 28.9 30.6 55.5c25 33.1 50.7 58.9 75.7 62 63 0 188.9-.1 188.9-.1s12 .1 28.3-10.3c14-8.5 26.5-23.4 26.5-23.4S547 483 565 451.5c5.5-9.7 10.1-19.1 14.1-28 0 0 55.2-117.1 55.2-231.1-1.1-34.5-9.6-40.6-11.6-42.6zM125.6 353.9c-25.9-8.5-36.9-18.7-36.9-18.7S69.6 321.8 60 295.4c-16.5-44.2-1.4-71.2-1.4-71.2s8.4-22.5 38.5-30c13.8-3.7 31-3.1 31-3.1s7.1 59.4 15.7 94.2c7.2 29.2 24.8 77.7 24.8 77.7s-26.1-3.1-43-9.1zm300.3 107.6s-6.1 14.5-19.6 15.4c-5.8.4-10.3-1.2-10.3-1.2s-.3-.1-5.3-2.1l-112.9-55s-10.9-5.7-12.8-15.6c-2.2-8.1 2.7-18.1 2.7-18.1L322 273s4.8-9.7 12.2-13c.6-.3 2.3-1 4.5-1.5 8.1-2.1 18 2.8 18 2.8L467.4 315s12.6 5.7 15.3 16.2c1.9 7.4-.5 14-1.8 17.2-6.3 15.4-55 113.1-55 113.1z"/><path style="fill:#609926" d="M326.8 380.1c-8.2.1-15.4 5.8-17.3 13.8-1.9 8 2 16.3 9.1 20 7.7 4 17.5 1.8 22.7-5.4 5.1-7.1 4.3-16.9-1.8-23.1l24-49.1c1.5.1 3.7.2 6.2-.5 4.1-.9 7.1-3.6 7.1-3.6 4.2 1.8 8.6 3.8 13.2 6.1 4.8 2.4 9.3 4.9 13.4 7.3.9.5 1.8 1.1 2.8 1.9 1.6 1.3 3.4 3.1 4.7 5.5 1.9 5.5-1.9 14.9-1.9 14.9-2.3 7.6-18.4 40.6-18.4 40.6-8.1-.2-15.3 5-17.7 12.5-2.6 8.1 1.1 17.3 8.9 21.3 7.8 4 17.4 1.7 22.5-5.3 5-6.8 4.6-16.3-1.1-22.6 1.9-3.7 3.7-7.4 5.6-11.3 5-10.4 13.5-30.4 13.5-30.4.9-1.7 5.7-10.3 2.7-21.3-2.5-11.4-12.6-16.7-12.6-16.7-12.2-7.9-29.2-15.2-29.2-15.2s0-4.1-1.1-7.1c-1.1-3.1-2.8-5.1-3.9-6.3 4.7-9.7 9.4-19.3 14.1-29-4.1-2-8.1-4-12.2-6.1-4.8 9.8-9.7 19.7-14.5 29.5-6.7-.1-12.9 3.5-16.1 9.4-3.4 6.3-2.7 14.1 1.9 19.8l-24.6 50.4z"/></svg>
|
After Width: | Height: | Size: 2.2 KiB |
171
2-Decentralization/gitea/gitea/gitea/public/assets/img/logo.svg
Normal file
After Width: | Height: | Size: 70 KiB |
53
2-Decentralization/gitea/gitea/gitea/templates/home.toml
Normal file
@ -0,0 +1,53 @@
|
||||
{{template "base/head" .}}
|
||||
<div role="main" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}" class="page-content home">
|
||||
<div class="gt-mb-5 gt-px-5">
|
||||
<div class="center">
|
||||
<img class="logo" width="450" height="220" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
|
||||
<div class="hero">
|
||||
<h1 class="ui icon header title">
|
||||
{{AppName}}
|
||||
</h1>
|
||||
<!--<h2>{{ctx.Locale.Tr "startpage.app_desc"}} </h2>-->
|
||||
<h2>A painful, self-inflicted Nightmare </h2>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
{{svg "octicon-flame"}} {{ctx.Locale.Tr "startpage.install"}}
|
||||
</h1>
|
||||
<p class="large">
|
||||
{{ctx.Locale.Tr "startpage.install_desc" | Str2html}}
|
||||
</p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
{{svg "octicon-device-desktop"}} {{ctx.Locale.Tr "startpage.platform"}}
|
||||
</h1>
|
||||
<p class="large">
|
||||
{{ctx.Locale.Tr "startpage.platform_desc" | Str2html}}
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="ui stackable middle very relaxed page grid">
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
{{svg "octicon-rocket"}} {{ctx.Locale.Tr "startpage.lightweight"}}
|
||||
</h1>
|
||||
<p class="large">
|
||||
{{ctx.Locale.Tr "startpage.lightweight_desc" | Str2html}}
|
||||
</p>
|
||||
</div>
|
||||
<div class="eight wide center column">
|
||||
<h1 class="hero ui icon header">
|
||||
{{svg "octicon-code"}} {{ctx.Locale.Tr "startpage.license"}}
|
||||
</h1>
|
||||
<p class="large">
|
||||
{{ctx.Locale.Tr "startpage.license_desc" | Str2html}}
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{template "base/footer" .}}
|
||||
|
56
2-Decentralization/gitea/nginx.conf
Normal file
@ -0,0 +1,56 @@
|
||||
upstream gitbackend {
|
||||
#server 127.0.0.1:3009;
|
||||
server 10.8.0.2:3009;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name git.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name git.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://git.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
|
||||
|
||||
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name git.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/git.datura.network/fullchain.cer;
|
||||
ssl_trusted_certificate /root/.acme.sh/git.datura.network/git.datura.network.cer;
|
||||
ssl_certificate_key /root/.acme.sh/git.datura.network/git.datura.network.key;
|
||||
|
||||
ssl_protocols TLSv1.3 TLSv1.2;
|
||||
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_ecdh_curve auto;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
resolver 80.67.188.188 80.67.169.40 valid=300s;
|
||||
resolver_timeout 10s;
|
||||
|
||||
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
|
||||
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
|
||||
add_header X-Content-Type-Options nosniff; #MIME-type sniffing
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
|
||||
|
||||
location / {
|
||||
proxy_pass http://gitbackend;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
client_max_body_size 20G;
|
||||
}
|
||||
}
|
||||
|
37
2-Decentralization/lemmy/docker/customPostgresql.conf
Normal file
@ -0,0 +1,37 @@
|
||||
# DB Version: 15
|
||||
# OS Type: linux
|
||||
# DB Type: web
|
||||
# Total Memory (RAM): 8 GB
|
||||
# CPUs num: 4
|
||||
# Data Storage: ssd
|
||||
|
||||
max_connections = 200
|
||||
shared_buffers = 2GB
|
||||
effective_cache_size = 6GB
|
||||
maintenance_work_mem = 512MB
|
||||
checkpoint_completion_target = 0.9
|
||||
checkpoint_timeout = 86400
|
||||
wal_buffers = 16MB
|
||||
default_statistics_target = 100
|
||||
random_page_cost = 1.1
|
||||
effective_io_concurrency = 200
|
||||
work_mem = 5242kB
|
||||
min_wal_size = 1GB
|
||||
max_wal_size = 30GB
|
||||
max_worker_processes = 4
|
||||
max_parallel_workers_per_gather = 2
|
||||
max_parallel_workers = 4
|
||||
max_parallel_maintenance_workers = 2
|
||||
|
||||
# Other custom params
|
||||
synchronous_commit=off
|
||||
# This one shouldn't be on regularly, because DB migrations often take a long time
|
||||
# statement_timeout = 10000
|
||||
|
||||
# Listen beyond localhost
|
||||
listen_addresses = '*'
|
||||
|
||||
# Fix a memory leak issue with postgres 15
|
||||
# https://github.com/LemmyNet/lemmy/issues/4406
|
||||
jit = 0
|
||||
|
133
2-Decentralization/lemmy/docker/docker-compose.yml
Normal file
@ -0,0 +1,133 @@
|
||||
version: "3.7"
|
||||
|
||||
x-logging: &default-logging
|
||||
driver: "json-file"
|
||||
options:
|
||||
max-size: "50m"
|
||||
max-file: "4"
|
||||
|
||||
services:
|
||||
proxy:
|
||||
image: nginx:1-alpine
|
||||
ports:
|
||||
# actual and only port facing any connection from outside
|
||||
# Note, change the left number if port 1236 is already in use on your system
|
||||
# You could use port 80 if you won't use a reverse proxy
|
||||
- "1236:1236"
|
||||
- "8536:8536"
|
||||
volumes:
|
||||
- ./nginx.conf:/etc/nginx/nginx.conf:ro,Z
|
||||
restart: unless-stopped
|
||||
depends_on:
|
||||
- pictrs
|
||||
- lemmy-ui
|
||||
logging: *default-logging
|
||||
|
||||
lemmy:
|
||||
# use "image" to pull down an already compiled lemmy. make sure to comment out "build".
|
||||
image: dessalines/lemmy:0.19.3
|
||||
platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
|
||||
# use "build" to build your local lemmy server image for development. make sure to comment out "image".
|
||||
# run: docker compose up --build
|
||||
|
||||
#build:
|
||||
# context: ../
|
||||
# dockerfile: docker/Dockerfile
|
||||
# args:
|
||||
# RUST_RELEASE_MODE: release
|
||||
# CARGO_BUILD_FEATURES: default
|
||||
# this hostname is used in nginx reverse proxy and also for lemmy ui to connect to the backend, do not change
|
||||
hostname: lemmy
|
||||
restart: unless-stopped
|
||||
environment:
|
||||
- RUST_LOG="warn,lemmy_server=debug,lemmy_api=debug,lemmy_api_common=debug,lemmy_api_crud=debug,lemmy_apub=debug,lemmy_db_schema=debug,lemmy_db_views=debug,lemmy_db_views_actor=debug,lemmy_db_views_moderator=debug,lemmy_routes=debug,lemmy_utils=debug,lemmy_websocket=debug"
|
||||
- RUST_BACKTRACE=full
|
||||
ports:
|
||||
# prometheus metrics can be enabled with the `prometheus` config option. they are available on
|
||||
# port 10002, path /metrics by default
|
||||
- "10002:10002"
|
||||
volumes:
|
||||
- ./lemmy.hjson:/config/config.hjson:Z
|
||||
depends_on:
|
||||
- postgres
|
||||
- pictrs
|
||||
logging: *default-logging
|
||||
|
||||
lemmy-ui:
|
||||
# use "image" to pull down an already compiled lemmy-ui. make sure to comment out "build".
|
||||
image: dessalines/lemmy-ui:0.19.3
|
||||
# platform: linux/x86_64 # no arm64 support. uncomment platform if using m1.
|
||||
# use "build" to build your local lemmy ui image for development. make sure to comment out "image".
|
||||
# run: docker compose up --build
|
||||
|
||||
# build:
|
||||
# context: ../../lemmy-ui # assuming lemmy-ui is cloned besides lemmy directory
|
||||
# dockerfile: dev.dockerfile
|
||||
environment:
|
||||
# this needs to match the hostname defined in the lemmy service
|
||||
- LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
|
||||
# set the outside hostname here
|
||||
#- LEMMY_UI_LEMMY_EXTERNAL_HOST=localhost:1236
|
||||
- LEMMY_UI_LEMMY_EXTERNAL_HOST=lemmy.datura.network
|
||||
- LEMMY_UI_HTTPS=true
|
||||
- LEMMY_UI_DEBUG=true
|
||||
depends_on:
|
||||
- lemmy
|
||||
restart: unless-stopped
|
||||
logging: *default-logging
|
||||
init: true
|
||||
|
||||
pictrs:
|
||||
image: asonix/pictrs:0.5.0-rc.2
|
||||
# this needs to match the pictrs url in lemmy.hjson
|
||||
hostname: pictrs
|
||||
# we can set options to pictrs like this, here we set max. image size and forced format for conversion
|
||||
# entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp
|
||||
environment:
|
||||
- PICTRS_OPENTELEMETRY_URL=http://otel:4137
|
||||
- PICTRS__API_KEY=API_KEY
|
||||
- RUST_LOG=debug
|
||||
- RUST_BACKTRACE=full
|
||||
- PICTRS__MEDIA__VIDEO_CODEC=vp9
|
||||
- PICTRS__MEDIA__GIF__MAX_WIDTH=256
|
||||
- PICTRS__MEDIA__GIF__MAX_HEIGHT=256
|
||||
- PICTRS__MEDIA__GIF__MAX_AREA=65536
|
||||
- PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400
|
||||
user: 991:991
|
||||
volumes:
|
||||
- ./volumes/pictrs:/mnt:Z
|
||||
restart: unless-stopped
|
||||
logging: *default-logging
|
||||
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
# this needs to match the database host in lemmy.hson
|
||||
# Tune your settings via
|
||||
# https://pgtune.leopard.in.ua/#/
|
||||
# You can use this technique to add them here
|
||||
# https://stackoverflow.com/a/30850095/1655478
|
||||
hostname: postgres
|
||||
command:
|
||||
[
|
||||
"postgres",
|
||||
"-c",
|
||||
"session_preload_libraries=auto_explain",
|
||||
"-c",
|
||||
"auto_explain.log_min_duration=5ms",
|
||||
"-c",
|
||||
"auto_explain.log_analyze=true",
|
||||
"-c",
|
||||
"track_activity_query_size=1048576",
|
||||
]
|
||||
ports:
|
||||
# use a different port so it doesnt conflict with potential postgres db running on the host
|
||||
- "5433:5432"
|
||||
environment:
|
||||
- POSTGRES_USER=lemmy
|
||||
- POSTGRES_PASSWORD=lemmypasswd
|
||||
- POSTGRES_DB=lemmy
|
||||
volumes:
|
||||
- ./volumes/postgres:/var/lib/postgresql/data:Z
|
||||
restart: unless-stopped
|
||||
logging: *default-logging
|
||||
|
89
2-Decentralization/lemmy/docker/lemmy.hjson
Normal file
@ -0,0 +1,89 @@
|
||||
{
|
||||
# settings related to the postgresql database
|
||||
database: {
|
||||
# Configure the database by specifying a URI
|
||||
#
|
||||
# This is the preferred method to specify database connection details since
|
||||
# it is the most flexible.
|
||||
# Connection URI pointing to a postgres instance
|
||||
#
|
||||
# This example uses peer authentication to obviate the need for creating,
|
||||
# configuring, and managing passwords.
|
||||
#
|
||||
# For an explanation of how to use connection URIs, see [here][0] in
|
||||
# PostgreSQL's documentation.
|
||||
#
|
||||
# [0]: https://www.postgresql.org/docs/current/libpq-connect.html#id-1.7.3.8.3.6
|
||||
#uri: "postgresql:///lemmy?user=lemmy&host=/var/run/postgresql"
|
||||
|
||||
# or
|
||||
|
||||
# Configure the database by specifying parts of a URI
|
||||
#
|
||||
# Note that specifying the `uri` field should be preferred since it provides
|
||||
# greater control over how the connection is made. This merely exists for
|
||||
# backwards-compatibility.
|
||||
# Username to connect to postgres
|
||||
user: "lemmy"
|
||||
# Password to connect to postgres
|
||||
password: "lemmypasswd"
|
||||
# Host where postgres is running
|
||||
host: "postgres"
|
||||
# Port where postgres can be accessed
|
||||
port: 5432
|
||||
#port: 5344
|
||||
# Name of the postgres database for lemmy
|
||||
database: "lemmy"
|
||||
# Maximum number of active sql connections
|
||||
pool_size: 5
|
||||
}
|
||||
# Settings related to activitypub federation
|
||||
# Pictrs image server configuration.
|
||||
pictrs: {
|
||||
# Address where pictrs is available (for image hosting)
|
||||
url: "http://localhost:8080/"
|
||||
# Set a custom pictrs API key. ( Required for deleting images )
|
||||
api_key: "lemmypasswd"
|
||||
}
|
||||
# Email sending configuration. All options except login/password are mandatory
|
||||
email: {
|
||||
# Hostname and port of the smtp server
|
||||
smtp_server: "localhost:25"
|
||||
# Login name for smtp server
|
||||
smtp_login: "string"
|
||||
# Password to login to the smtp server
|
||||
smtp_password: "string"
|
||||
# Address to send emails from, eg "noreply@your-instance.com"
|
||||
smtp_from_address: "noreply@example.com"
|
||||
# Whether or not smtp connections should use tls. Can be none, tls, or starttls
|
||||
tls_type: "none"
|
||||
}
|
||||
# Parameters for automatic configuration of new instance (only used at first start)
|
||||
#setup: {
|
||||
# # Username for the admin user
|
||||
# admin_username: "nihilist"
|
||||
# # Password for the admin user. It must be at least 10 characters.
|
||||
# admin_password: ""
|
||||
# # Name of the site (can be changed later)
|
||||
# site_name: "Datura Network - Lemmy"
|
||||
# # Email for the admin user (optional, can be omitted and set later through the website)
|
||||
# admin_email: "nihilist@nihilism.network"
|
||||
#}
|
||||
# the domain name of your instance (mandatory)
|
||||
hostname: "lemmy.datura.network"
|
||||
# Address where lemmy should listen for incoming requests
|
||||
bind: "0.0.0.0"
|
||||
# Port where lemmy should listen for incoming requests
|
||||
port: 8536
|
||||
# Whether the site is available over TLS. Needs to be true for federation to work.
|
||||
tls_enabled: true
|
||||
# The number of activitypub federation workers that can be in-flight concurrently
|
||||
worker_count: 0
|
||||
# The number of activitypub federation retry workers that can be in-flight concurrently
|
||||
retry_count: 0
|
||||
prometheus: {
|
||||
bind: "127.0.0.1"
|
||||
port: 10002
|
||||
}
|
||||
}
|
||||
|
73
2-Decentralization/lemmy/docker/nginx.conf
Normal file
@ -0,0 +1,73 @@
|
||||
worker_processes 1;
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
http {
|
||||
upstream lemmy {
|
||||
# this needs to map to the lemmy (server) docker service hostname
|
||||
server "lemmy:8536";
|
||||
}
|
||||
upstream lemmy-ui {
|
||||
# this needs to map to the lemmy-ui docker service hostname
|
||||
server "lemmy-ui:1234";
|
||||
}
|
||||
|
||||
server {
|
||||
# this is the port inside docker, not the public one yet
|
||||
listen 1236;
|
||||
listen 8536;
|
||||
# change if needed, this is facing the public web
|
||||
server_name localhost;
|
||||
server_tokens off;
|
||||
|
||||
gzip on;
|
||||
gzip_types text/css application/javascript image/svg+xml;
|
||||
gzip_vary on;
|
||||
|
||||
# Upload limit, relevant for pictrs
|
||||
client_max_body_size 20M;
|
||||
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
# frontend general requests
|
||||
location / {
|
||||
# distinguish between ui requests and backend
|
||||
# don't change lemmy-ui or lemmy here, they refer to the upstream definitions on top
|
||||
set $proxpass "http://lemmy-ui";
|
||||
|
||||
if ($http_accept = "application/activity+json") {
|
||||
set $proxpass "http://lemmy";
|
||||
}
|
||||
if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
|
||||
set $proxpass "http://lemmy";
|
||||
}
|
||||
if ($request_method = POST) {
|
||||
set $proxpass "http://lemmy";
|
||||
}
|
||||
proxy_pass $proxpass;
|
||||
|
||||
rewrite ^(.+)/+$ $1 permanent;
|
||||
# Send actual client IP upstream
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
# backend
|
||||
location ~ ^/(api|pictrs|feeds|nodeinfo|version|.well-known) {
|
||||
proxy_pass "http://lemmy";
|
||||
# proxy common stuff
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
|
||||
# Send actual client IP upstream
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
71
2-Decentralization/lemmy/docker/nginx.conf.reverseproxy
Normal file
@ -0,0 +1,71 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name lemmy.datura.network;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name lemmy.datura.network;
|
||||
|
||||
ssl_certificate /root/.acme.sh/lemmy.datura.network/fullchain.cer;
|
||||
ssl_certificate_key /root/.acme.sh/lemmy.datura.network/lemmy.datura.network.key;
|
||||
ssl_dhparam /root/.acme.sh/dhparam.pem;
|
||||
|
||||
######## TOR CHANGES ########
|
||||
listen 4443;
|
||||
listen [::]:4443;
|
||||
server_name lemmy.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
|
||||
add_header Onion-Location "http://lemmy.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
|
||||
######## TOR CHANGES ########
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||
ssl_session_timeout 10m;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_tickets on;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
# Hide nginx version
|
||||
server_tokens off;
|
||||
|
||||
# Upload limit, relevant for pictrs
|
||||
client_max_body_size 20M;
|
||||
|
||||
# Enable compression for JS/CSS/HTML bundle, for improved client load times.
|
||||
# It might be nice to compress JSON, but leaving that out to protect against potential
|
||||
# compression+encryption information leak attacks like BREACH.
|
||||
gzip on;
|
||||
gzip_types text/css application/javascript image/svg+xml;
|
||||
gzip_vary on;
|
||||
|
||||
# Various content security headers
|
||||
add_header Referrer-Policy "same-origin";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header X-Frame-Options "DENY";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://localhost:1236;
|
||||
set $proxpass "http://127.0.0.1:1236";
|
||||
if ($http_accept = "application/activity+json") {
|
||||
set $proxpass "http://127.0.0.1:1236";
|
||||
}
|
||||
if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
|
||||
set $proxpass "http://127.0.0.1:1236";
|
||||
}
|
||||
#proxy_pass $proxpass;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
}
|
||||
|
16
3-Anonymity/monero/moneronode.service
Normal file
@ -0,0 +1,16 @@
|
||||
[Unit]
|
||||
Description=monerod
|
||||
After=network.target
|
||||
Wants=network.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/bin/monerod --zmq-pub tcp://127.0.0.1:18083 --disable-dns-checkpoints --enable-dns-blocklist --data-dir /srv/XMR --block-sync-size=50 --out-peers 100 --prep-blocks-threads=128 --prune-blockchain --sync-pruned-blocks --rpc-bind-port=18081 --rpc-bind-ip=0.0.0.0 --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --confirm-external-bind --non-interactive
|
||||
Restart=on-failure
|
||||
RestartSec=10s
|
||||
|
||||
|
||||
StandardOutput=journal
|
||||
StandardError=journal
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
3
3-Anonymity/monero/torrc
Normal file
@ -0,0 +1,3 @@
|
||||
HiddenServiceDir /var/lib/tor/monero-service/
|
||||
HiddenServicePort 18080 127.0.0.1:18080
|
||||
HiddenServicePort 18081 127.0.0.1:18081
|
49
3-Anonymity/tor/torrc
Normal file
@ -0,0 +1,49 @@
|
||||
HiddenServiceDir /var/lib/tor/onions/daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/
|
||||
HiddenServicePort 80 127.0.0.1:4443
|
||||
#HiddenServicePort 443 127.0.0.1:4444
|
||||
HiddenServicePort 18080 127.0.0.1:18080
|
||||
HiddenServicePort 18081 127.0.0.1:18081
|
||||
|
||||
SocksPort 192.168.240.1:9050
|
||||
|
||||
#Added configuration
|
||||
BridgeRelay 1
|
||||
|
||||
# Replace "TODO1" with a Tor port of your choice.
|
||||
# This port must be externally reachable.
|
||||
# Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port.
|
||||
ORPort 0.0.0.0:28710
|
||||
|
||||
AddressDisableIPv6 1
|
||||
|
||||
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
|
||||
|
||||
# Replace "TODO2" with an obfs4 port of your choice.
|
||||
# This port must be externally reachable and must be different from the one specified for ORPort.
|
||||
# Avoid port 9001 because it's commonly associated with Tor and censors may be scanning the Internet for this port.
|
||||
ServerTransportListenAddr obfs4 0.0.0.0:8042
|
||||
|
||||
# Local communication port between Tor and obfs4. Always set this to "auto".
|
||||
# "Ext" means "extended", not "external". Don't try to set a specific port number, nor listen on 0.0.0.0.
|
||||
ExtORPort auto
|
||||
|
||||
# Replace "<address@email.com>" with your email address so we can contact you if there are problems with your bridge.
|
||||
# This is optional but encouraged.
|
||||
ContactInfo nihilism@nihilist.network
|
||||
|
||||
# Pick a nickname that you like for your bridge. This is optional.
|
||||
Nickname Nihilism
|
||||
|
||||
BandwidthBurst 100Mb
|
||||
BandwidthRate 100Mb
|
||||
|
||||
|
||||
HiddenServiceDir /var/lib/tor/onions/nihilhfjmj55gfbleupwl2ub7lvbhq4kkoioatiopahfqwkcnglsawyd.onion/
|
||||
HiddenServicePort 80 127.0.0.1:4445
|
||||
|
||||
|
||||
ORPort 0.0.0.0:28711
|
||||
ExtORPort auto
|
||||
|
||||
AddressDisableIPv6 1
|
||||
|
166
4-Scripts/bandwidth.sh
Normal file
@ -0,0 +1,166 @@
|
||||
#!/bin/bash
|
||||
# Current month total bandwidth in MB
|
||||
|
||||
#apt install vnstat -y ; systemctl enable --now vnstat
|
||||
#vnstat -i enp5s0
|
||||
#
|
||||
|
||||
# while true; do
|
||||
#i=$(vnstat --oneline | awk -F\; '{ print $11 }')
|
||||
|
||||
#DAILY
|
||||
#i=$(vnstat --oneline | awk -F\; '{ print $4 }')
|
||||
#j=$(vnstat --oneline | awk -F\; '{ print $5 }')
|
||||
|
||||
#MONTHLY
|
||||
#i=$(vnstat --oneline | awk -F\; '{ print $9 }')
|
||||
#j=$(vnstat --oneline | awk -F\; '{ print $10 }')
|
||||
|
||||
#i=$(vnstat --oneline -i eth0 | awk -F\; '{ print $9 }')
|
||||
j=$(vnstat --oneline -i eth0 | awk -F\; '{ print $10 }')
|
||||
month=$(vnstat --oneline -i eth0 | awk -F\; '{ print $8 }')
|
||||
|
||||
bn1=$(echo $j | awk '{ print $1 }')
|
||||
|
||||
#bn1=$(echo $i | awk '{ print $1 }')
|
||||
#bn2=$(echo $j | awk '{ print $1 }')
|
||||
|
||||
|
||||
bunit1=$(echo $j | awk '{ print $2 }')
|
||||
#bunit2=$(echo $j | awk '{ print $2 }')
|
||||
|
||||
#echo "bn1= $bn1 bunit1= $bunit1"
|
||||
|
||||
#case "$bunit1" in
|
||||
# KiB) bnB1=$(echo "$bn1*1024" | bc)
|
||||
# ;;
|
||||
# MiB) bnB1=$(echo "$bn1*1024*1024" | bc)
|
||||
# ;;
|
||||
# GiB) bnB1=$(echo "$bn1*1024*1024*1024" | bc)
|
||||
# ;;
|
||||
# TiB) bnB1=$(echo "$bn1*1024*1024*1024*1024" | bc)
|
||||
# ;;
|
||||
#esac
|
||||
|
||||
# we want TiBs ! not Bytes!
|
||||
|
||||
case "$bunit1" in
|
||||
KiB) bnB1=$(echo "$bn1/1024/1024" | bc)
|
||||
;;
|
||||
MiB) bnB1=$(echo "$bn1/1024" | bc)
|
||||
;;
|
||||
GiB) bnB1=$(echo "$bn1" | bc)
|
||||
;;
|
||||
TiB) bnB1=$(echo "$bn1*1024" | bc)
|
||||
;;
|
||||
esac
|
||||
#echo "bn1= $bn1 bunit1= $bunit1 bnB1= $bnB1"
|
||||
|
||||
|
||||
#case "$bunit2" in
|
||||
# KiB) bnB2=$(echo "$bn2*1024" | bc)
|
||||
# ;;
|
||||
# MiB) bnB2=$(echo "$bn2*1024*1024" | bc)
|
||||
# ;;
|
||||
# GiB) bnB2=$(echo "$bn2*1024*1024*1024" | bc)
|
||||
# ;;
|
||||
# TiB) bnB2=$(echo "$bn2*1024*1024*1024*1024" | bc)
|
||||
# ;;
|
||||
#esac
|
||||
|
||||
#if (( $(echo "$bnB1 > $bnB2" |bc -l) )); then
|
||||
# bandwidth_number=$bnB1
|
||||
#else
|
||||
# bandwidth_number=$bnB2
|
||||
#fi
|
||||
|
||||
bandwidth_number=$bnB1 # here only outbound matters!
|
||||
|
||||
#convert gibibytes into gigabyte (*1.073742)
|
||||
|
||||
|
||||
echo -en "total sent out for $month : "
|
||||
final=$(echo "$bandwidth_number * 1.073742" | bc)
|
||||
|
||||
echo -en $final GB
|
||||
echo
|
||||
#final="50001.0001"
|
||||
|
||||
|
||||
monthly_limit=20000 # in gigabytes, here its a monthly 20TB
|
||||
server_bandwidth=1000 # in megabytes here its a 1Gbps server (1000Mbps)
|
||||
|
||||
if [ "$(echo "$final < ($monthly_limit*0.5)" | bc -l)" == 1 ]; then
|
||||
echo -en "Bandwidth usage below 50% ($final/$monthly_limit GB monthly), leaving bandwidth at 100% ("
|
||||
echo -en "$(echo "$server_bandwidth * 1 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*1000 # this is upload limit in Kbps : so 1000Mbps
|
||||
wondershaper eth0 1024000 1024000
|
||||
echo
|
||||
wondershaper clear eth0
|
||||
else
|
||||
echo -en "Bandwidth usage above 50% ($final/$monthly_limit GB monthly), limiting the Bandwidth to 75% ("
|
||||
echo -en "$(echo "$server_bandwidth * 0.75 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*750 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
wondershaper clear eth0
|
||||
wondershaper eth0 768000 768000
|
||||
fi
|
||||
|
||||
if [ "$(echo "$final < ($monthly_limit*0.75)" | bc -l)" == 1 ]; then
|
||||
echo -en "Bandwidth usage below 75% ($final/$monthly_limit GB monthly), leaving bandwidth as is \n"
|
||||
else
|
||||
echo -en "Bandwidth usage above 75% ($final/$monthly_limit GB monthly), limiting the Bandwidth to 50% ("
|
||||
echo -en "$(echo "$server_bandwidth * 0.5 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*750 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
wondershaper clear eth0
|
||||
wondershaper eth0 512000 512000
|
||||
fi
|
||||
if [ "$(echo "$final < ($monthly_limit*0.80)" | bc -l)" == 1 ]; then
|
||||
echo -en "Bandwidth usage below 80% ($final/$monthly_limit GB monthly), leaving bandwidth as is \n"
|
||||
else
|
||||
echo -en "Bandwidth usage above 80% ($final/$monthly_limit GB monthly), limiting the Bandwidth to 25% ("
|
||||
echo -en "$(echo "$server_bandwidth * 0.5 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*750 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
wondershaper clear eth0
|
||||
wondershaper eth0 256000 256000
|
||||
fi
|
||||
|
||||
if [ "$(echo "$final < ($monthly_limit*0.90)" | bc -l)" == 1 ]; then
|
||||
echo -en "Bandwidth usage below 90% ($final/$monthly_limit GB monthly), leaving bandwidth as is \n"
|
||||
else
|
||||
echo -en "Bandwidth usage above 90% ($final/$monthly_limit GB monthly), limiting the Bandwidth to 10% ("
|
||||
echo -en "$(echo "$server_bandwidth * 0.5 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*750 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
wondershaper clear eth0
|
||||
wondershaper eth0 10240 10240
|
||||
fi
|
||||
|
||||
if [ "$(echo "$final < ($monthly_limit*0.95)" | bc -l)" == 1 ]; then
|
||||
echo -en "Bandwidth usage below 95% ($final/$monthly_limit GB monthly), leaving bandwidth as is \n"
|
||||
else
|
||||
echo -en "Bandwidth usage above 95% ($final/$monthly_limit GB monthly), limiting the Bandwidth to 5% ("
|
||||
echo -en "$(echo "$server_bandwidth * 0.5 " | bc -l) Mbps)"
|
||||
## wondershaper eth0 1024*1000 1024*750 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
wondershaper clear eth0
|
||||
wondershaper eth0 5120 5120
|
||||
fi
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# if below : leave as default
|
||||
# if datacap > 75% : limit bandwidth to 50%
|
||||
## wondershaper -a eth0 -u 1024*500 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
# if datacap > 80% : limit bandwidth to 25%
|
||||
## wondershaper -a eth0 -u 1024*250 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
# if datacap > 90% : limit bandwidth to 10%
|
||||
## wondershaper -a eth0 -u 1024*100 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
# if datacap > 95% : limit bandwidth to 5% >>> THROTTLE INVIDIOUS HARD TO FINISH THE MONTH!
|
||||
## wondershaper -a eth0 -u 1024*50 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
# if datacap > 98% : limit bandwidth to 1%
|
||||
## wondershaper -a eth0 -u 1024*10 # this is upload limit in Kbps : so 750Mbps instead of 1000Mbps
|
||||
echo
|
||||
|
||||
|
||||
# done
|
||||
|
4
4-Scripts/iftop.sh
Normal file
@ -0,0 +1,4 @@
|
||||
#!/bin/bash
|
||||
#iftop -i enp5s0 -N -l -P -o 3600s -m 1G
|
||||
iftop -i eth0 -N -l -P -o 3600s -G net6 -F mask -m 100M
|
||||
|