diff --git a/config.yaml b/config.yaml index 3be400f8..8997dac9 100644 --- a/config.yaml +++ b/config.yaml @@ -248,3 +248,6 @@ profiles: localhost: include: - terminal + ViiruJaTeippi: + include: + - terminal diff --git a/docker/auth/.gitignore b/docker/auth/.gitignore new file mode 100644 index 00000000..4c49bd78 --- /dev/null +++ b/docker/auth/.gitignore @@ -0,0 +1 @@ +.env diff --git a/docker/auth/docker-compose.yaml b/docker/auth/docker-compose.yaml new file mode 100644 index 00000000..7bbc62f1 --- /dev/null +++ b/docker/auth/docker-compose.yaml @@ -0,0 +1,20 @@ +version: "2" + +services: + openldap: + container_name: openldap + image: osixia/openldap:stable + environment: + - TZ=Europe/Helsinki + - LDAP_ORGANIZATION="Korhonen" + - LDAP_DOMAIN="korhonen.cc" + - LDAP_ADMIN_PASSWORD="${LDAP_ADMIN_PASSWORD}" + hostname: ldap.korhonen.cc + ports: + - 389:389 + - 636:636 + restart: unless-stopped + volumes: + - /docker/auth/openldap/ldap:/var/lib/ldap + - /docker/auth/openldap/slapd.d:/etc/ldap/slapd.d + - /etc/localtime:/etc/localtime:ro diff --git a/docker/freshrss/docker-compose.yml b/docker/freshrss/docker-compose.yml index 7498ace6..9d948bbb 100644 --- a/docker/freshrss/docker-compose.yml +++ b/docker/freshrss/docker-compose.yml @@ -8,14 +8,13 @@ services: - freshrss - postgres - proxy - ports: - - 8088:80 environment: - PUID=1000 - PGID=985 - TZ=Europe/Helsinki depends_on: - spotifeed + - bibliogram volumes: - /docker/freshrss/freshrss:/config - /etc/localtime:/etc/localtime:ro @@ -39,11 +38,28 @@ services: build: ./spotifeed image: spotifeed container_name: spotifeed - ports: - - 8083:8083 + environment: + - SPOTIFY_CLIENT_ID=${SPOTIFY_CLIENT_ID} + - SPOTIFY_CLIENT_SECRET=${SPOTIFY_CLIENT_SECRET} restart: unless-stopped networks: - freshrss + - proxy + labels: + - "traefik.enable=true" + + - "traefik.http.routers.spotifeed-redirect.entrypoints=http" + - "traefik.http.routers.spotifeed-redirect.rule=Host(`spotifeed.korhonen.cc`)" + - "traefik.http.middlewares.http2https.redirectscheme.scheme=https" + - "traefik.http.routers.spotifeed-redirect.middlewares=http2https" + + - "traefik.http.routers.spotifeed.entrypoints=https" + - "traefik.http.routers.spotifeed.rule=Host(`spotifeed.korhonen.cc`)" + - "traefik.http.routers.spotifeed.tls=true" + - "traefik.http.routers.spotifeed.tls.certresolver=http" + - "traefik.http.routers.spotifeed.service=spotifeed" + - "traefik.docker.network=proxy" + - "traefik.http.services.spotifeed.loadbalancer.server.port=8083" bibliogram: image: cloudrac3r/bibliogram diff --git a/docker/homeautomation/docker-compose.yml b/docker/homeautomation/docker-compose.yml index ebcf1206..ea29011d 100644 --- a/docker/homeautomation/docker-compose.yml +++ b/docker/homeautomation/docker-compose.yml @@ -64,37 +64,9 @@ services: restart: unless-stopped depends_on: - home-assistant - - opentts devices: - "/dev/snd:/dev/snd" - opentts: - image: synesthesiam/opentts - container_name: opentts - ports: - - 5500:5500 - command: --marytts-url http://marytts:59125 --mozillatts-url http://mozillatts:5002 - tty: true - networks: - - homeautomation - depends_on: - - marytts - - mozillatts - restart: unless-stopped - marytts: - image: synesthesiam/marytts:5.2 - container_name: marytts - restart: unless-stopped - tty: true - networks: - - homeautomation - mozillatts: - image: synesthesiam/mozilla-tts - container_name: mozillatts - tty: true - networks: - - homeautomation - node-red: container_name: node-red image: nodered/node-red diff --git a/docker/jellyfin/docker-compose.yaml b/docker/jellyfin/docker-compose.yaml index 18fa2074..e36f27f6 100644 --- a/docker/jellyfin/docker-compose.yaml +++ b/docker/jellyfin/docker-compose.yaml @@ -1,11 +1,12 @@ -version: "3" +version: "2.3" services: jellyfin: image: jellyfin/jellyfin container_name: jellyfin environment: - TZ=Europe/Helsinki - user: "1000:985" + - NVIDIA_DRIVER_CAPABILITIES=all + - NVIDIA_VISIBLE_DEVICES=all ports: - "8096:8096" networks: @@ -16,6 +17,8 @@ services: - /docker/jellyfin/cache:/cache - /mnt/Storage/Media:/media - /etc/localtime:/etc/localtime:ro + devices: + - /dev/dri:/dev/dri labels: - "traefik.enable=true" diff --git a/docker/traefik/docker-compose.yaml b/docker/træfik/docker-compose.yaml similarity index 70% rename from docker/traefik/docker-compose.yaml rename to docker/træfik/docker-compose.yaml index 0b89e1ff..1a4f7914 100644 --- a/docker/traefik/docker-compose.yaml +++ b/docker/træfik/docker-compose.yaml @@ -17,9 +17,10 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - - /docker/traefik/traefik.yml:/traefik.yml:ro - - /docker/traefik/dashboard-users:/dashboard-users:ro - - /docker/traefik/acme.json:/acme.json + - /docker/træfik/træfik/traefik.yml:/traefik.yml:ro + - /docker/træfik/træfik/dashboard-users:/dashboard-users:ro + - /docker/træfik/træfik/acme.json:/acme.json + - /docker/træfik/træfik/log:/var/log labels: - 'traefik.enable=true' @@ -36,6 +37,17 @@ services: - 'traefik.http.routers.dashboard.tls.certresolver=http' - 'traefik.http.routers.dashboard.service=api@internal' + fail2ban: + image: crazymax/fail2ban:latest + container_name: fail2ban + restart: unless-stopped + network_mode: "host" + cap_add: + - NET_ADMIN + - NET_RAW + volumes: + - /docker/træfik/træfik/log:/var/log/træfik:ro + - /docker/træfik/fail2ban:/data networks: proxy: external: true diff --git a/docker/wordpress/docker-compose.yaml b/docker/wordpress/docker-compose.yaml deleted file mode 100644 index 8db8cd1d..00000000 --- a/docker/wordpress/docker-compose.yaml +++ /dev/null @@ -1,54 +0,0 @@ -version: "3.3" - -services: - wordpress: - container_name: wordpress - image: wordpress:latest - environment: - - TZ=Europe/Helsinki - - WORDPRESS_DB_HOST=mariadb-wordpress:3306 - - WORDPRESS_DB_USER=wordpress - - WORDPRESS_DB_PASSWORD=wordpress - - WORDPRESS_DB_NAME=wordpress - restart: unless-stopped - networks: - - proxy - - wordpress - volumes: - - /docker/wordpress/wordpress:/var/www/html - - /etc/localtime:/etc/localtime:ro - labels: - - "traefik.enable=true" - - - "traefik.http.routers.wordpress-redirect.entrypoints=http" - - "traefik.http.routers.wordpress-redirect.rule=Host(`johanna.korhonen.cc`)" - - "traefik.http.middlewares.http2https.redirectscheme.scheme=https" - - "traefik.http.routers.wordpress-redirect.middlewares=http2https" - - - "traefik.http.routers.wordpress.entrypoints=https" - - "traefik.http.routers.wordpress.rule=Host(`johanna.korhonen.cc`)" - - "traefik.http.routers.wordpress.tls=true" - - "traefik.http.routers.wordpress.tls.certresolver=http" - - "traefik.http.routers.wordpress.service=wordpress" - - "traefik.docker.network=proxy" - - "traefik.http.services.wordpress.loadbalancer.server.port=80" - - mariadb-wordpress: - image: mariadb - container_name: mariadb-wordpress - volumes: - - /docker/wordpress/mariadb:/var/lib/mysql - restart: always - networks: - - wordpress - environment: - - MYSQL_ROOT_PASSWORD=oT8Veu3Vre4ohj3E - - MYSQL_DATABASE=wordpress - - MYSQL_USER=wordpress - - MYSQL_PASSWORD=wordpress - -networks: - proxy: - external: true - wordpress: - external: false diff --git a/dotdrop b/dotdrop index 900f705b..5d4b12ea 160000 --- a/dotdrop +++ b/dotdrop @@ -1 +1 @@ -Subproject commit 900f705b30ee07063ecc7f2df24fc7b28a9451a5 +Subproject commit 5d4b12eaf44b940ba3a478ded48b1cde039471a6 diff --git a/home/.config/beets/config.yaml b/home/.config/beets/config.yaml index acea956c..a3d863da 100644 --- a/home/.config/beets/config.yaml +++ b/home/.config/beets/config.yaml @@ -1,5 +1,5 @@ -directory: ~/Music -library: ~/Music/beets.db +directory: ~/music +library: ~/music/beets.db plugins: - acousticbrainz - check diff --git a/home/.config/mimeo/associations.txt b/home/.config/mimeo/associations.txt index 9d7fd9a6..c15f4260 100644 --- a/home/.config/mimeo/associations.txt +++ b/home/.config/mimeo/associations.txt @@ -17,7 +17,10 @@ mpvqueue %U ^https?://(?:[a-z0-9\-]+\.)+[a-z]{2,6}(?:/[^/#?]+)+\.(?:mp4|mkv|webm|avi|3gp|gif|gifv) mpvqueue %U - ^https?://www.facebook.com/.*/videos/ + ^https://www.facebook.com/watch/?v=.* + +mpvqueue %U + ^https://fb.watch/.* mpvqueue %U ^https?://gfycat.com/.* diff --git a/home/.config/pacman/makepkg.conf b/home/.config/pacman/makepkg.conf index 48b6c3f5..0e014014 100644 --- a/home/.config/pacman/makepkg.conf +++ b/home/.config/pacman/makepkg.conf @@ -1,3 +1,4 @@ +PACKAGER="Marko Korhonen " DLAGENTS=('file::/usr/bin/curl -gqC - -o %o %u' 'ftp::/usr/bin/curl -gqfC - --ftp-pasv --retry 3 --retry-delay 3 -o %o %u' 'http::/usr/bin/curl -gqb "" -fLC - --retry 3 --retry-delay 3 -o %o %u' @@ -15,8 +16,9 @@ CARCH="x86_64" CHOST="x86_64-pc-linux-gnu" CPPFLAGS="-D_FORTIFY_SOURCE=2" -CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt" -CXXFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt" +CFLAGS="-march=native -mtune=generic -O2 -pipe -fstack-protector-strong -fno-plt" +CXXFLAGS="${CFLAGS}" +RUSTFLAGS="-C opt-level=3 -C target-cpu=native" LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now" MAKEFLAGS="-j$(nproc)" DEBUG_CFLAGS="-g -fvar-tracking-assignments" diff --git a/home/.config/sway/conf.d/08-exec.conf b/home/.config/sway/conf.d/08-exec.conf index 6791278a..19289cfe 100644 --- a/home/.config/sway/conf.d/08-exec.conf +++ b/home/.config/sway/conf.d/08-exec.conf @@ -15,6 +15,7 @@ exec { /usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1 mpDris2 swaymsg workspace 1 + dbus-update-activation-environment DISPLAY } exec_always { diff --git a/home/.config/zsh/01-env.zsh b/home/.config/zsh/01-env.zsh index e742dd41..2658b0d0 100644 --- a/home/.config/zsh/01-env.zsh +++ b/home/.config/zsh/01-env.zsh @@ -39,7 +39,7 @@ export AUR_PAGER=$PAGER export GPG_TTY="$(tty)" # set SSH_AUTH_SOCK if not logging in over SSH -if [ "$SSH_CONNECTION" != "" ]; then +if [ "$SSH_CONNECTION" -eq "" ]; then export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) gpgconf --launch gpg-agent fi diff --git a/home/.ssh/config b/home/.ssh/config index a00f477a..b39bd8de 100644 --- a/home/.ssh/config +++ b/home/.ssh/config @@ -40,3 +40,8 @@ host takamaki HostName 10.200.200.5 port 22 user reekymarko + +host viirujateippi + HostName viirujateippi.fi + port 22 + user functionalhacker