cronekorkn/bundlewrap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: cronekorkn:19ea64ec226458becc3bb73072242218df7572eb
Branches Tags
cronekorkn:master
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver
...
compare: cronekorkn:7350b014037d55357241599ef85a8c4af89ba45d
Branches Tags
cronekorkn:master
cronekorkn:routeros
cronekorkn:mailman
cronekorkn:proxmox_mergable
cronekorkn:proxmox
cronekorkn:mseibert_yourls
cronekorkn:n8n
cronekorkn:router
cronekorkn:freescout
cronekorkn:homeassistant-supervised
cronekorkn:conflecttest
cronekorkn:wp
cronekorkn:rufbereitschafts-alarm
cronekorkn:dnssec_2
cronekorkn:dnssec
cronekorkn:apt_sources_as_dict
cronekorkn:wordpress
cronekorkn:iperf3
cronekorkn:picsort-pythoon
cronekorkn:network_metadata_rework
cronekorkn:blog_dirty
cronekorkn:blog
cronekorkn:icinga2_notifications
cronekorkn:icinga_neumachen
cronekorkn:nextcloud_conf_in_metadata
cronekorkn:mastodon
cronekorkn:rtmp
cronekorkn:deterministic_rsa
cronekorkn:deterministic_rsa_test
cronekorkn:left4dead2
cronekorkn:temp130752653
cronekorkn:zfs_encrypt
cronekorkn:icingaweb
cronekorkn:ldap
cronekorkn:icinga2_remote_2
cronekorkn:icinga2_local
cronekorkn:icinga
cronekorkn:icinga2_remote
cronekorkn:modprobe
cronekorkn:autoconfig
cronekorkn:basic_auth
cronekorkn:crystal-buildserver
cronekorkn:build_Server
cronekorkn:cya_hetzner
cronekorkn:dns_challenge3
cronekorkn:dns_challenge2
cronekorkn:dns_challenge
cronekorkn:gpiod
cronekorkn:multi-redis
cronekorkn:l4d2
cronekorkn:wireguard_clients
cronekorkn:alles_sets
cronekorkn:hdict
cronekorkn:all_units
cronekorkn:unitbug_isolation
cronekorkn:whatsbroken
cronekorkn:minimal_mailserver

5 commits
19ea64ec22 ... 7350b01403

Author SHA1 Message Date
CroneKorkN
7350b01403
wip 2025-06-22 10:57:27 +02:00
CroneKorkN
53659b4364
yourls enbale wireguard and backup 2025-06-22 10:57:15 +02:00
CroneKorkN
0035dd1e6f
remove duplicate 2025-06-22 10:56:33 +02:00
CroneKorkN
c8680b06ac
remove l4d2 server 2025-06-22 10:56:24 +02:00
CroneKorkN
3f82d0fc57
fix temp dir, its not a file 2025-06-22 10:55:55 +02:00
15 changed files with 211 additions and 51 deletions
Show stats Expand all files Collapse all files

21
bundles/proxmox-ve/items.py Normal file
View file

@ -0,0 +1,21 @@
files = {
'/etc/apt/apt.conf.d/10pveapthook': {
'content_type': 'any',
'mode': '0644',
},
'/etc/apt/apt.conf.d/76pveconf': {
'content_type': 'any',
'mode': '0444',
},
'/etc/apt/apt.conf.d/76pveproxy': {
'content_type': 'any',
'mode': '0444',
},
'/etc/network/interfaces': {
'content_type': 'any',
},
}
symlinks['/etc/ssh/ssh_host_rsa_key.pub'] = {
'target': '/etc/ssh/ssh_host_managed_key.pub',
}

98
bundles/proxmox-ve/metadata.py Normal file
View file

@ -0,0 +1,98 @@
defaults = {
'apt': {
'packages': {
'linux-image-amd64': {
'installed': False,
},
'proxmox-default-kernel': {},
# after reboot
'proxmox-ve': {},
'postfix': {},
'open-iscsi': {},
'chrony': {},
'os-prober': {
'installed': False,
},
},
'sources': {
'proxmox-ve': {
'options': {
'aarch': 'amd64',
},
'urls': {
'http://download.proxmox.com/debian/pve',
},
'suites': {
'{codename}',
},
'components': {
'pve-no-subscription',
},
'key': 'proxmox-ve-{codename}',
},
},
},
# 'nftables': {
# 'input': {
# 'tcp dport 8006 accept',
# },
# },
'zfs': {
'datasets': {
'tank/proxmox-ve': {
'mountpoint': '/var/lib/proxmox-ve',
},
}
}
}
# @metadata_reactor.provides(
# 'systemd',
# )
# def bridge(metadata):
# return {
# 'systemd': {
# 'units': {
# # f'internal.network': {
# # 'Network': {
# # 'Bridge': 'br0',
# # },
# # },
# 'br0.netdev': {
# 'NetDev': {
# 'Name': 'br0',
# 'Kind': 'bridge'
# },
# },
# 'br0.network': {
# 'Match': {
# 'Name': 'br0',
# },
# 'Network': {
# 'Unmanaged': 'yes'
# },
# },
# },
# },
# }
@metadata_reactor.provides(
'nginx/vhosts',
)
def nginx(metadata):
return {
'nginx': {
'has_websockets': True,
'vhosts': {
metadata.get('proxmox-ve/domain'): {
'content': 'nginx/proxy_pass.conf',
'context': {
'target': 'https://localhost:8006',
'websockets': True,
}
},
},
},
}

8
bundles/systemd-networkd/items.py
View file

@ -1,9 +1,6 @@
assert node.has_bundle('systemd') assert node.has_bundle('systemd')
files = { files = {
'/etc/network/interfaces': {
'delete': True,
},
'/etc/resolv.conf': { '/etc/resolv.conf': {
'content_type': 'mako', 'content_type': 'mako',
}, },
@ -22,3 +19,8 @@ svc_systemd = {
'systemd-networkd.service': {}, 'systemd-networkd.service': {},
} }
if not node.has_bundle('proxmox-ve'):
files['/etc/network/interfaces'] = {
'delete': True,
}

14
bundles/yourls/items.py
View file

@ -4,6 +4,13 @@ directories = {
'group': 'www-data', 'group': 'www-data',
'mode': '0755', 'mode': '0755',
}, },
# FIXME:
'/var/www/certbot': {
'owner': 'www-data',
'group': 'www-data',
'mode': '0755',
}
} }
git_deploy = { git_deploy = {
@ -38,11 +45,4 @@ files = {
'svc_systemd:nginx:restart', 'svc_systemd:nginx:restart',
], ],
}, },
# FIXME:
'/var/www/certbot': {
'owner': 'www-data',
'group': 'www-data',
'mode': '0755',
}
} }

BIN
data/apt/keys/proxmox-ve-bookworm.gpg Normal file
View file

Binary file not shown.

3
groups/os/debian-11.py
View file

@ -2,6 +2,9 @@
'supergroups': [ 'supergroups': [
'debian', 'debian',
], ],
'bundles': [
'systemd-networkd',
],
'metadata': { 'metadata': {
'php': { 'php': {
'version': '7.4', 'version': '7.4',

26
groups/os/debian-12-common.py Normal file
View file

@ -0,0 +1,26 @@
{
'metadata': {
'apt': {
'sources': {
'debian': {
'components': {
'non-free-firmware',
},
},
'debian-security': {
'components': {
'non-free-firmware',
},
},
},
},
'php': {
'version': '8.2',
},
'postgresql': {
'version': '15',
},
'os_codename': 'bookworm',
},
'os_version': (12,),
}

9
groups/os/debian-12-pve.py Normal file
View file

@ -0,0 +1,9 @@
{
'supergroups': [
'debian',
'debian-12-common',
],
'bundles': [
'ifupdown',
],
}

4
groups/os/debian-12.py
View file

@ -1,6 +1,10 @@
{ {
'supergroups': [ 'supergroups': [
'debian', 'debian',
'debian-12-common',
],
'bundles': [
'systemd-networkd',
], ],
'metadata': { 'metadata': {
'apt': { 'apt': {

1
groups/os/linux.py
View file

@ -14,7 +14,6 @@
'system', 'system',
'systemd', 'systemd',
'systemd-journald', 'systemd-journald',
'systemd-networkd',
'systemd-mount', 'systemd-mount',
'systemd-timers', 'systemd-timers',
'users', 'users',

8
nodes/home.router.py
View file

@ -18,7 +18,7 @@
'interface': 'enx00e04c220682', 'interface': 'enx00e04c220682',
'ipv4': '10.0.99.126/24', 'ipv4': '10.0.99.126/24',
'gateway4': '10.0.99.1', 'gateway4': '10.0.99.1',
'vlans': {'iot', 'internet', 'guest', 'rolf', 'internal'}, 'vlans': {'iot', 'internet', 'guest', 'rolf', 'internal', 'proxmox'},
}, },
'internal': { 'internal': {
'type': 'vlan', 'type': 'vlan',
@ -37,6 +37,12 @@
'id': 3, 'id': 3,
'ipv4': '10.0.3.1/24', 'ipv4': '10.0.3.1/24',
}, },
'proxmox': {
'type': 'vlan',
'id': 4,
'ipv4': '10.0.4.1/24',
'dhcp_server': True,
},
'guest': { 'guest': {
'type': 'vlan', 'type': 'vlan',
'id': 9, 'id': 9,

6
nodes/home.server.py
View file

@ -35,6 +35,7 @@
#'tasmota-charge', #'tasmota-charge',
'wol-waker', 'wol-waker',
'zfs', 'zfs',
'proxmox-ve',
], ],
'metadata': { 'metadata': {
'id': 'af96709e-b13f-4965-a588-ef2cd476437a', 'id': 'af96709e-b13f-4965-a588-ef2cd476437a',
@ -47,7 +48,7 @@
}, },
'apt': { 'apt': {
'packages': { 'packages': {
'firmware-realtek': {}, # 'firmware-realtek': {}, proxmox-ve incompatibility
}, },
}, },
'build-server': { 'build-server': {
@ -124,6 +125,9 @@
'unsortable': 'SofortUpload/Unsortable', 'unsortable': 'SofortUpload/Unsortable',
}, },
}, },
'proxmox-ve': {
'domain': 'pve.ckn.li',
},
'raspberrymatic-cert': { 'raspberrymatic-cert': {
'domain': 'homematic.ckn.li', 'domain': 'homematic.ckn.li',
'node': 'home.homematic', 'node': 'home.homematic',

36
nodes/htz.mails.py
View file

@ -9,7 +9,6 @@
'webserver', 'webserver',
'dnsserver', 'dnsserver',
'wordpress', 'wordpress',
#'left4dead2',
], ],
'bundles': [ 'bundles': [
'bind-acme', 'bind-acme',
@ -17,7 +16,6 @@
'download-server', 'download-server',
'islamicstate.eu', 'islamicstate.eu',
#'nginx-rtmps', #'nginx-rtmps',
#'steam',
'wireguard', 'wireguard',
'zfs', 'zfs',
], ],
@ -54,6 +52,7 @@
'left4.me', 'left4.me',
'elimu-kwanza.de', 'elimu-kwanza.de',
'cronekorkn.de', 'cronekorkn.de',
'direkt.oranienschule.de',
'foerderkreis.oranienschule-wiesbaden-wiki.de', 'foerderkreis.oranienschule-wiesbaden-wiki.de',
}, },
}, },
@ -86,34 +85,6 @@
'domain': 'elimu-kwanza.de', 'domain': 'elimu-kwanza.de',
}, },
}, },
'left4dead2': {
'servers': {
'standard': {
'port': 27020,
},
# 'standard-2': {
# 'port': 27021,
# 'workshop': {
# #2256379828, # bhop detect
# },
# },
},
'admins': {
'STEAM_1:0:12376499', # CroneKorkN ☮UKRAINE❤
'STEAM_1:1:169960486', # *RED*
'STEAM_1:1:112940736', # Ðark-AnGe
'STEAM_1:1:34263261', # Alekc
'STEAM_1:0:583132949', # Cat
'STEAM_1:0:610180592', # SonovaBeach
'STEAM_1:1:157619181', # Null
},
'workshop': {
214630948,
1229957234,
698857882,
},
'steamgroups': {'103582791467869287'},
},
'letsencrypt': { 'letsencrypt': {
'domains': { 'domains': {
'ckn.li': {}, 'ckn.li': {},
@ -224,6 +195,11 @@
'10.0.227.0/24', '10.0.227.0/24',
], ],
}, },
'mseibert.yourls': {
'allowed_ips': [
'10.0.228.0/24',
],
},
}, },
'clients': { 'clients': {
'macbook': { 'macbook': {

1
nodes/mseibert.freescout.py
View file

@ -46,7 +46,6 @@
'10.0.2.0/24', '10.0.2.0/24',
'10.0.9.0/24', '10.0.9.0/24',
'10.0.10.0/24', '10.0.10.0/24',
'10.0.10.0/24',
], ],
}, },
}, },

27
nodes/mseibert.yourls.py
View file

@ -4,13 +4,13 @@
{ {
'hostname': '168.119.250.114', 'hostname': '168.119.250.114',
'groups': [ 'groups': [
#'backup', 'backup',
'debian-12', 'debian-12',
#'monitored', 'monitored',
'webserver', 'webserver',
], ],
'bundles': [ 'bundles': [
#'wireguard', 'wireguard',
'mariadb', 'mariadb',
'php', 'php',
'yourls', 'yourls',
@ -21,7 +21,7 @@
'network': { 'network': {
'internal': { 'internal': {
'interface': 'ens10', 'interface': 'ens10',
'ipv4': '10.0.227.4/24', 'ipv4': '10.0.228.2/24',
}, },
'external': { 'external': {
'interface': 'eth0', 'interface': 'eth0',
@ -40,13 +40,26 @@
}, },
}, },
# FIXME: # FIXME:
'overwrite_nameservers': [ # 'overwrite_nameservers': [
'8.8.8.8', # '8.8.8.8',
], # ],
'vm': { 'vm': {
'cores': 2, 'cores': 2,
'ram': 4096, 'ram': 4096,
}, },
'wireguard': {
'my_ip': '172.30.0.239/32',
's2s': {
'htz.mails': {
'allowed_ips': [
'10.0.0.0/24',
'10.0.2.0/24',
'10.0.9.0/24',
'10.0.10.0/24',
],
},
},
},
'zfs': { 'zfs': {
'pools': { 'pools': {
'tank': { 'tank': {