Merge branch 'master' into nvim-lua

2021-05-08 12:07:11 +03:00 · 2021-05-08 12:07:11 +03:00 · f0faadce9b
parent dee7a99b5a 0de4ac1503
commit f0faadce9b
15 changed files with 82 additions and 98 deletions
--- a/config.yaml
+++ b/config.yaml
@ -248,3 +248,6 @@ profiles:
  localhost:
    include:
    - terminal
+  ViiruJaTeippi:
+    include:
+    - terminal
--- a/docker/auth/.gitignore
+++ b/docker/auth/.gitignore
@ -0,0 +1 @@
+.env
--- a/docker/auth/docker-compose.yaml
+++ b/docker/auth/docker-compose.yaml
@ -0,0 +1,20 @@
+version: "2"
+
+services:
+  openldap:
+    container_name: openldap
+    image: osixia/openldap:stable
+    environment:
+      - TZ=Europe/Helsinki
+      - LDAP_ORGANIZATION="Korhonen"
+      - LDAP_DOMAIN="korhonen.cc"
+      - LDAP_ADMIN_PASSWORD="${LDAP_ADMIN_PASSWORD}"
+    hostname: ldap.korhonen.cc
+    ports:
+      - 389:389
+      - 636:636
+    restart: unless-stopped
+    volumes:
+      - /docker/auth/openldap/ldap:/var/lib/ldap
+      - /docker/auth/openldap/slapd.d:/etc/ldap/slapd.d
+      - /etc/localtime:/etc/localtime:ro
--- a/docker/freshrss/docker-compose.yml
+++ b/docker/freshrss/docker-compose.yml
@ -8,14 +8,13 @@ services:
      - freshrss
      - postgres
      - proxy
-    ports:
-      - 8088:80
    environment:
      - PUID=1000
      - PGID=985
      - TZ=Europe/Helsinki
    depends_on:
      - spotifeed
+      - bibliogram
    volumes:
      - /docker/freshrss/freshrss:/config
      - /etc/localtime:/etc/localtime:ro
@ -39,11 +38,28 @@ services:
    build: ./spotifeed
    image: spotifeed
    container_name: spotifeed
-    ports:
-      - 8083:8083
+    environment:
+      - SPOTIFY_CLIENT_ID=${SPOTIFY_CLIENT_ID}
+      - SPOTIFY_CLIENT_SECRET=${SPOTIFY_CLIENT_SECRET}
    restart: unless-stopped
    networks:
      - freshrss
+      - proxy
+    labels:
+      - "traefik.enable=true"
+
+      - "traefik.http.routers.spotifeed-redirect.entrypoints=http"
+      - "traefik.http.routers.spotifeed-redirect.rule=Host(`spotifeed.korhonen.cc`)"
+      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
+      - "traefik.http.routers.spotifeed-redirect.middlewares=http2https"
+
+      - "traefik.http.routers.spotifeed.entrypoints=https"
+      - "traefik.http.routers.spotifeed.rule=Host(`spotifeed.korhonen.cc`)"
+      - "traefik.http.routers.spotifeed.tls=true"
+      - "traefik.http.routers.spotifeed.tls.certresolver=http"
+      - "traefik.http.routers.spotifeed.service=spotifeed"
+      - "traefik.docker.network=proxy"
+      - "traefik.http.services.spotifeed.loadbalancer.server.port=8083"

  bibliogram:
    image: cloudrac3r/bibliogram
--- a/docker/homeautomation/docker-compose.yml
+++ b/docker/homeautomation/docker-compose.yml
@ -64,37 +64,9 @@ services:
    restart: unless-stopped
    depends_on:
      - home-assistant
-      - opentts
    devices:
      - "/dev/snd:/dev/snd"

-  opentts:
-    image: synesthesiam/opentts
-    container_name: opentts
-    ports:
-      - 5500:5500
-    command: --marytts-url http://marytts:59125 --mozillatts-url http://mozillatts:5002
-    tty: true
-    networks:
-      - homeautomation
-    depends_on:
-      - marytts
-      - mozillatts
-    restart: unless-stopped
-  marytts:
-    image: synesthesiam/marytts:5.2
-    container_name: marytts
-    restart: unless-stopped
-    tty: true
-    networks:
-      - homeautomation
-  mozillatts:
-    image: synesthesiam/mozilla-tts
-    container_name: mozillatts
-    tty: true
-    networks:
-      - homeautomation
-
  node-red:
    container_name: node-red
    image: nodered/node-red
--- a/docker/jellyfin/docker-compose.yaml
+++ b/docker/jellyfin/docker-compose.yaml
@ -1,11 +1,12 @@
-version: "3"
+version: "2.3"
 services:
  jellyfin:
    image: jellyfin/jellyfin
    container_name: jellyfin
    environment:
      - TZ=Europe/Helsinki
-    user: "1000:985"
+      - NVIDIA_DRIVER_CAPABILITIES=all
+      - NVIDIA_VISIBLE_DEVICES=all
    ports:
      - "8096:8096"
    networks:
@ -16,6 +17,8 @@ services:
      - /docker/jellyfin/cache:/cache
      - /mnt/Storage/Media:/media
      - /etc/localtime:/etc/localtime:ro
+    devices:
+      - /dev/dri:/dev/dri
    labels:
      - "traefik.enable=true"

--- a/docker/træfik/docker-compose.yaml
+++ b/docker/træfik/docker-compose.yaml
@ -17,9 +17,10 @@ services:
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /docker/traefik/traefik.yml:/traefik.yml:ro
-      - /docker/traefik/dashboard-users:/dashboard-users:ro
-      - /docker/traefik/acme.json:/acme.json
+      - /docker/træfik/træfik/traefik.yml:/traefik.yml:ro
+      - /docker/træfik/træfik/dashboard-users:/dashboard-users:ro
+      - /docker/træfik/træfik/acme.json:/acme.json
+      - /docker/træfik/træfik/log:/var/log
    labels:
      - 'traefik.enable=true'

@ -36,6 +37,17 @@ services:
      - 'traefik.http.routers.dashboard.tls.certresolver=http'
      - 'traefik.http.routers.dashboard.service=api@internal'

+  fail2ban:
+    image: crazymax/fail2ban:latest
+    container_name: fail2ban
+    restart: unless-stopped
+    network_mode: "host"
+    cap_add:
+      - NET_ADMIN
+      - NET_RAW
+    volumes:
+      - /docker/træfik/træfik/log:/var/log/træfik:ro
+      - /docker/træfik/fail2ban:/data
 networks:
  proxy:
    external: true
--- a/docker/wordpress/docker-compose.yaml
+++ b/docker/wordpress/docker-compose.yaml
@ -1,54 +0,0 @@
-version: "3.3"
-
-services:
-  wordpress:
-    container_name: wordpress
-    image: wordpress:latest
-    environment:
-      - TZ=Europe/Helsinki
-      - WORDPRESS_DB_HOST=mariadb-wordpress:3306
-      - WORDPRESS_DB_USER=wordpress
-      - WORDPRESS_DB_PASSWORD=wordpress
-      - WORDPRESS_DB_NAME=wordpress
-    restart: unless-stopped
-    networks:
-      - proxy
-      - wordpress
-    volumes:
-      - /docker/wordpress/wordpress:/var/www/html
-      - /etc/localtime:/etc/localtime:ro
-    labels:
-      - "traefik.enable=true"
-
-      - "traefik.http.routers.wordpress-redirect.entrypoints=http"
-      - "traefik.http.routers.wordpress-redirect.rule=Host(`johanna.korhonen.cc`)"
-      - "traefik.http.middlewares.http2https.redirectscheme.scheme=https"
-      - "traefik.http.routers.wordpress-redirect.middlewares=http2https"
-
-      - "traefik.http.routers.wordpress.entrypoints=https"
-      - "traefik.http.routers.wordpress.rule=Host(`johanna.korhonen.cc`)"
-      - "traefik.http.routers.wordpress.tls=true"
-      - "traefik.http.routers.wordpress.tls.certresolver=http"
-      - "traefik.http.routers.wordpress.service=wordpress"
-      - "traefik.docker.network=proxy"
-      - "traefik.http.services.wordpress.loadbalancer.server.port=80"
-
-  mariadb-wordpress:
-    image: mariadb
-    container_name: mariadb-wordpress
-    volumes:
-      - /docker/wordpress/mariadb:/var/lib/mysql
-    restart: always
-    networks:
-      - wordpress
-    environment:
-      - MYSQL_ROOT_PASSWORD=oT8Veu3Vre4ohj3E
-      - MYSQL_DATABASE=wordpress
-      - MYSQL_USER=wordpress
-      - MYSQL_PASSWORD=wordpress
-
-networks:
-  proxy:
-    external: true
-  wordpress:
-    external: false
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 900f705b30ee07063ecc7f2df24fc7b28a9451a5
+Subproject commit 5d4b12eaf44b940ba3a478ded48b1cde039471a6
--- a/home/.config/beets/config.yaml
+++ b/home/.config/beets/config.yaml
@ -1,5 +1,5 @@
-directory: ~/Music
-library: ~/Music/beets.db
+directory: ~/music
+library: ~/music/beets.db
 plugins: 
 - acousticbrainz
 - check
--- a/home/.config/mimeo/associations.txt
+++ b/home/.config/mimeo/associations.txt
@ -17,7 +17,10 @@ mpvqueue %U
  ^https?://(?:[a-z0-9\-]+\.)+[a-z]{2,6}(?:/[^/#?]+)+\.(?:mp4|mkv|webm|avi|3gp|gif|gifv)

 mpvqueue %U
-  ^https?://www.facebook.com/.*/videos/
+  ^https://www.facebook.com/watch/?v=.*
+
+mpvqueue %U
+  ^https://fb.watch/.*

 mpvqueue %U
  ^https?://gfycat.com/.*
--- a/home/.config/pacman/makepkg.conf
+++ b/home/.config/pacman/makepkg.conf
@ -1,3 +1,4 @@
+PACKAGER="Marko Korhonen <marko@korhonen.cc>"
 DLAGENTS=('file::/usr/bin/curl -gqC - -o %o %u'
          'ftp::/usr/bin/curl -gqfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u'
          'http::/usr/bin/curl -gqb "" -fLC - --retry 3 --retry-delay 3 -o %o %u'
@ -15,8 +16,9 @@ CARCH="x86_64"
 CHOST="x86_64-pc-linux-gnu"

 CPPFLAGS="-D_FORTIFY_SOURCE=2"
-CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt"
-CXXFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt"
+CFLAGS="-march=native -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt"
+CXXFLAGS="${CFLAGS}"
+RUSTFLAGS="-C opt-level=3 -C target-cpu=native"
 LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
 MAKEFLAGS="-j$(nproc)"
 DEBUG_CFLAGS="-g -fvar-tracking-assignments"
--- a/home/.config/sway/conf.d/08-exec.conf
+++ b/home/.config/sway/conf.d/08-exec.conf
@ -15,6 +15,7 @@ exec {
 	/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1
 	mpDris2
 	swaymsg workspace 1
+	dbus-update-activation-environment DISPLAY
 }

 exec_always {
--- a/home/.config/zsh/01-env.zsh
+++ b/home/.config/zsh/01-env.zsh
@ -39,7 +39,7 @@ export AUR_PAGER=$PAGER
 export GPG_TTY="$(tty)"

 # set SSH_AUTH_SOCK if not logging in over SSH
-if [ "$SSH_CONNECTION" != "" ]; then
+if [ "$SSH_CONNECTION" -eq "" ]; then
 	export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
 	gpgconf --launch gpg-agent
 fi
--- a/home/.ssh/config
+++ b/home/.ssh/config
@ -40,3 +40,8 @@ host takamaki
 	HostName 10.200.200.5
 	port 22
 	user reekymarko
+
+host viirujateippi
+	HostName viirujateippi.fi
+	port 22
+	user functionalhacker