[ Lezzo secret wiki ]
-
-
~ Frequently used commands and configuration snippets
-
+
+
-
~ Frequently used commands and configuration snippets
+
-
Reduce packages disk usage on gentoo
-
+
+
-Reduce packages disk usage on gentoo
+eclean packages eclean distfiles @@ -28,9 +28,9 @@ eclean-kernel -A -a
-
Update pi-hole devuan host
-
+
+
-Update pi-hole devuan host
+apt update apt upgrade @@ -38,9 +38,9 @@ PIHOLE_SKIP_OS_CHECK=true pihole -up
-
Wireguard configuration
-
+
+
-Wireguard configuration
+cd /etc/wireguard.conf wg genkey > privatekey @@ -54,24 +54,24 @@ DNS = 10.0.1.8 # lezzo [Peer] -PublicKey = +PublicKey = sU1Cya3Ej6kQMidcwk3PMxzqNY12JfDAROeayPG5PXM= # server pubkey Endpoint = tubo.lezzo.org:51888 PersistentKeepalive = 25 AllowedIPs = 0.0.0.0/0
-
Add static route for wireguard
-
+
+
-Add static route for wireguard
+Useful when subnet clash, example:
lezzo: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420 - inet 10.0.13.2 netmask 255.255.255.255 destination 10.0.13.2 + inet 10.0.13.2 netmask 255.255.255.255 destination 10.0.13.2 wlp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 - inet 10.0.11.148 netmask 255.255.0.0 broadcast 10.0.255.255 + inet 10.0.11.148 netmask 255.255.0.0 broadcast 10.0.255.255
route add -net 10.0.13.0 netmask 255.255.255.0 gw 10.0.13.1 lezzo @@ -80,9 +80,9 @@ route add -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.13.1 lezzo # dns resolutio
-
Remove gentoo strong password requirement
-
+
+
Lezzo secret wiki
-
+
-
Remove gentoo strong password requirement
+From https://forums.gentoo.org/viewtopic-t-1117656-start-0.html: in /etc/pam.d/system-auth @@ -99,6 +99,8 @@ password required pam_unix.so try_first_pass nullok sha512 shadow
+
diff --git a/secretwiki/files/initial_000.jpg b/secretwiki/files/initial_000.jpg
new file mode 100644
index 0000000..1971117
Binary files /dev/null and b/secretwiki/files/initial_000.jpg differ
diff --git a/secretwiki/index.html b/secretwiki/index.html
index 9f111fa..ab421ea 100644
--- a/secretwiki/index.html
+++ b/secretwiki/index.html
@@ -3,25 +3,26 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-
+
Created: 2023-05-25 Thu 18:38
+
+
[ Lezzo secret wiki ]
Ogni pagina è disponibile anche in org-mode sostituendo .org a.html.
-
-
Pagine
-
+
+
Lezzo secret wiki
+
+
+
+
+
+Lezzo secret wiki
+
+
+
+
+
+
Pagine
+-
-
- Hosts +
- Lezzonet: gli host +
- Lezzonet: la configurazione di rete
- Bots
- Frequently used commands and configuration snippets
- Sonarr @@ -33,6 +34,8 @@ Ogni pagina è disponibile anche in org-mode sostituendo .org a.html.
+
diff --git a/secretwiki/index.org b/secretwiki/index.org
index 69ecfcc..61bb675 100644
--- a/secretwiki/index.org
+++ b/secretwiki/index.org
@@ -1,7 +1,8 @@
#+INCLUDE: header.org
Ogni pagina è disponibile anche in org-mode sostituendo .org a.html.
* Pagine
-- [[./hosts.html][Hosts]]
+- [[./hosts.html][Lezzonet: gli host]]
+- [[./rete.html][Lezzonet: la configurazione di rete]]
- [[./bots.html][Bots]]
- [[./commands.html][Frequently used commands and configuration snippets]]
- [[./sonarr.html][Sonarr]]
diff --git a/secretwiki/makefile b/secretwiki/makefile
new file mode 100644
index 0000000..c1f13a8
--- /dev/null
+++ b/secretwiki/makefile
@@ -0,0 +1,12 @@
+ORG_FILES := $(filter-out header.org,$(wildcard *.org))
+HTML_FILES := $(patsubst %.org,%.html,$(ORG_FILES))
+
+.PHONY: all clean
+
+all: $(HTML_FILES)
+
+%.html: %.org
+ emacs --batch $< --eval "(org-html-export-to-html)"
+
+clean:
+ rm -f $(HTML_FILES)
diff --git a/secretwiki/rete.html b/secretwiki/rete.html
new file mode 100644
index 0000000..27d1310
--- /dev/null
+++ b/secretwiki/rete.html
@@ -0,0 +1,188 @@
+
+
+
+
+
+
+
+Created: 2023-05-25 Thu 18:38
+
+
+[ Lezzo secret wiki ]
+
+
+Lezzonet: la configurazione di rete
+
+
+
+
+
+QoS
+
+
++There is already a qos script in the forge. It should be self documenting so +check that. +
+
+
+Firewall
+
+
+
+
+Router
+
+
++Let's break down the router configuration into two parts: port forwarding (NAT) and blocked ports, protocols, and routes. +
+ ++Port forwarding allows incoming connections from the internet to be redirected +to specific devices or services on your local network. This is typically done +using Network Address Translation (NAT) in the router configuration. NAT is +responsible for translating the IP addresses and ports of incoming packets to +the appropriate internal IP addresses and ports. +
+ ++We use iptables is used to configure the port forwarding rules. The iptables +command, specifically in the nat table (-t nat), is used to set up the rules +that define which incoming ports should be forwarded to which internal IP +addresses and ports. +
+ ++# iptables -t nat -L -n +# 10.0.1.3 is the client that hosts the main webserver with the reverse proxy +Chain PREROUTING (policy ACCEPT) +target prot opt source destination +DNAT 6 -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.0.1.3:80 +DNAT 6 -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:10.0.1.3:443 + +Chain INPUT (policy ACCEPT) +target prot opt source destination + +Chain OUTPUT (policy ACCEPT) +target prot opt source destination + +Chain POSTROUTING (policy ACCEPT) +target prot opt source destination +MASQUERADE 0 -- 0.0.0.0/0 0.0.0.0/0 ++
+Using iptables commands: +
++iptables -t nat -A POSTROUTING -o eth1 -p tcp --dport 80 -d 10.0.1.3 -j SNAT --to-source 10.0.1.1 +iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.0.1.3 +iptables -A FORWARD -i eth1 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +iptables -A FORWARD -i eth0 -o eth1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +iptables -A FORWARD -i eth0 -o eth1 -p tcp --syn --dport 80 -m conntrack --ctstate NEW -j ACCEPT ++
+Let's explain this as a list: +
+-
+
- add a rule to the NAT table (-t nat). It specifies that +outgoing TCP traffic (-p tcp) with a destination port of 80 (–dport 80) and +a destination IP address of 10.0.1.3 (-d 10.0.1.3) should be SNAT (Source +Network Address Translation) translated. The source IP address is changed to +10.0.1.1 (–to-source 10.0.1.1). This rule is typically used to rewrite the +source IP address of outgoing traffic to appear as if it's coming from the +router itself +
- add a rule to the PREROUTING chain of the NAT table. It +specifies that incoming TCP traffic (-p tcp) with a destination port of 80 +(–dport 80) coming from the eth0 interface (-i eth0) should be DNAT +(Destination Network Address Translation) translated. The destination IP +address is changed to 10.0.1.3 (–to-destination 10.0.1.3). This rule is used +to forward incoming traffic from port 80 to the specified internal IP +address +
- add a rule to the FORWARD chain. It allows traffic from +eth1 interface (-i eth1) to eth0 interface (-o eth0) that is already +established or related (-m conntrack –ctstate ESTABLISHED,RELATED). This +rule is used to permit incoming responses or related traffic for connections +initiated from the internal network +
- add a rule to the FORWARD chain. It allows traffic from eth0 interface (-i +eth0) to eth1 interface (-o eth1) that is already established or related (-m +conntrack –ctstate ESTABLISHED,RELATED). This rule is used to permit +incoming responses or related traffic for connections initiated from the +external network. +
- add a rule to the FORWARD chain. It allows incoming TCP traffic (-p tcp –syn +–dport 80) from eth0 interface to eth1 interface that is in a NEW state (-m +conntrack –ctstate NEW). This rule is used to permit incoming new TCP +connections to port 80 on the internal network. +
+Alongside port forwarding, we need to block certain ports, protocols, or routes +to enhance security or control network traffic. This is where ufw (Uncomplicated +Firewall) comes into play. +
++ To Action From + -- ------ ---- +23185 ALLOW IN Anywhere +22 ALLOW IN Anywhere +1:65535/tcp on eth1 ALLOW IN Anywhere +1:65535/udp on eth1 ALLOW IN Anywhere +1:65535/tcp on eth2 ALLOW IN Anywhere +1:65535/udp on eth2 ALLOW IN Anywhere +1:65535/tcp on lezzonet ALLOW IN Anywhere +1:65535/udp on lezzonet ALLOW IN Anywhere ++
+We use the default rules of ufw for the firewall and in addition we allow all +traffic on the two lan interfaces eth1 and eth2 and the wireguard interface +lezzonet. We also allow the ssh protocol and traffic into the wireguard port 23185. +
+
+
+Clients
+
+
++The piracy machine is the only one directly exposed to the network because of +the vpn. This is the ufw configuration: +
++# ufw status numbered +Status: active + + To Action From + -- ------ ---- +[ 1] Anywhere on eth0 ALLOW IN Anywhere +[ 2] Anywhere ALLOW OUT Anywhere on eth0 (out) +[ 3] 11000:12000/tcp ALLOW IN Anywhere +[ 4] 11000:12000/udp ALLOW IN Anywhere ++
+Basically open every port from 11000 to 12000 and have programs listen on those +ports. In addition to that, the main client that is Transmission is very hungry +so I rate limited it using its own configuration options. +
+ ++Some example commands: +
++ufw allow from any to any port 23185 +ufw allow ssh +ufw allow in on eth1,eth2,lezzonet to any port 22,53,123,514 proto udb +ufw allow in on eth1,eth2,lezzonet to any port 22,53,123,514 proto tcp ++
+
+
+
+
diff --git a/secretwiki/rete.org b/secretwiki/rete.org
new file mode 100644
index 0000000..cba0802
--- /dev/null
+++ b/secretwiki/rete.org
@@ -0,0 +1,121 @@
+#+INCLUDE: header.org
+* Lezzonet: la configurazione di rete
+** QoS
+There is already a qos script in the forge. It should be self documenting so
+check that.
+
+** Firewall
+*** Router
+Let's break down the router configuration into two parts: port forwarding (NAT) and blocked ports, protocols, and routes.
+
+Port forwarding allows incoming connections from the internet to be redirected
+to specific devices or services on your local network. This is typically done
+using Network Address Translation (NAT) in the router configuration. NAT is
+responsible for translating the IP addresses and ports of incoming packets to
+the appropriate internal IP addresses and ports.
+
+We use iptables is used to configure the port forwarding rules. The iptables
+command, specifically in the nat table (-t nat), is used to set up the rules
+that define which incoming ports should be forwarded to which internal IP
+addresses and ports.
+
+#+begin_src
+# iptables -t nat -L -n
+# 10.0.1.3 is the client that hosts the main webserver with the reverse proxy
+Chain PREROUTING (policy ACCEPT)
+target prot opt source destination
+DNAT 6 -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 to:10.0.1.3:80
+DNAT 6 -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:10.0.1.3:443
+
+Chain INPUT (policy ACCEPT)
+target prot opt source destination
+
+Chain OUTPUT (policy ACCEPT)
+target prot opt source destination
+
+Chain POSTROUTING (policy ACCEPT)
+target prot opt source destination
+MASQUERADE 0 -- 0.0.0.0/0 0.0.0.0/0
+#+end_src
+Using iptables commands:
+#+begin_src
+iptables -t nat -A POSTROUTING -o eth1 -p tcp --dport 80 -d 10.0.1.3 -j SNAT --to-source 10.0.1.1
+iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.0.1.3
+iptables -A FORWARD -i eth1 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+iptables -A FORWARD -i eth0 -o eth1 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+iptables -A FORWARD -i eth0 -o eth1 -p tcp --syn --dport 80 -m conntrack --ctstate NEW -j ACCEPT
+#+end_src
+Let's explain this as a list:
+1. add a rule to the NAT table (-t nat). It specifies that
+ outgoing TCP traffic (-p tcp) with a destination port of 80 (--dport 80) and
+ a destination IP address of 10.0.1.3 (-d 10.0.1.3) should be SNAT (Source
+ Network Address Translation) translated. The source IP address is changed to
+ 10.0.1.1 (--to-source 10.0.1.1). This rule is typically used to rewrite the
+ source IP address of outgoing traffic to appear as if it's coming from the
+ router itself
+2. add a rule to the PREROUTING chain of the NAT table. It
+ specifies that incoming TCP traffic (-p tcp) with a destination port of 80
+ (--dport 80) coming from the eth0 interface (-i eth0) should be DNAT
+ (Destination Network Address Translation) translated. The destination IP
+ address is changed to 10.0.1.3 (--to-destination 10.0.1.3). This rule is used
+ to forward incoming traffic from port 80 to the specified internal IP
+ address
+3. add a rule to the FORWARD chain. It allows traffic from
+ eth1 interface (-i eth1) to eth0 interface (-o eth0) that is already
+ established or related (-m conntrack --ctstate ESTABLISHED,RELATED). This
+ rule is used to permit incoming responses or related traffic for connections
+ initiated from the internal network
+4. add a rule to the FORWARD chain. It allows traffic from eth0 interface (-i
+ eth0) to eth1 interface (-o eth1) that is already established or related (-m
+ conntrack --ctstate ESTABLISHED,RELATED). This rule is used to permit
+ incoming responses or related traffic for connections initiated from the
+ external network.
+5. add a rule to the FORWARD chain. It allows incoming TCP traffic (-p tcp --syn
+ --dport 80) from eth0 interface to eth1 interface that is in a NEW state (-m
+ conntrack --ctstate NEW). This rule is used to permit incoming new TCP
+ connections to port 80 on the internal network.
+
+
+Alongside port forwarding, we need to block certain ports, protocols, or routes
+to enhance security or control network traffic. This is where ufw (Uncomplicated
+Firewall) comes into play.
+#+begin_src
+ To Action From
+ -- ------ ----
+23185 ALLOW IN Anywhere
+22 ALLOW IN Anywhere
+1:65535/tcp on eth1 ALLOW IN Anywhere
+1:65535/udp on eth1 ALLOW IN Anywhere
+1:65535/tcp on eth2 ALLOW IN Anywhere
+1:65535/udp on eth2 ALLOW IN Anywhere
+1:65535/tcp on lezzonet ALLOW IN Anywhere
+1:65535/udp on lezzonet ALLOW IN Anywhere
+#+end_src
+We use the default rules of ufw for the firewall and in addition we allow all
+traffic on the two lan interfaces eth1 and eth2 and the wireguard interface
+lezzonet. We also allow the ssh protocol and traffic into the wireguard port 23185.
+*** Clients
+The piracy machine is the only one directly exposed to the network because of
+the vpn. This is the ufw configuration:
+#+begin_src
+# ufw status numbered
+Status: active
+
+ To Action From
+ -- ------ ----
+[ 1] Anywhere on eth0 ALLOW IN Anywhere
+[ 2] Anywhere ALLOW OUT Anywhere on eth0 (out)
+[ 3] 11000:12000/tcp ALLOW IN Anywhere
+[ 4] 11000:12000/udp ALLOW IN Anywhere
+#+end_src
+Basically open every port from 11000 to 12000 and have programs listen on those
+ports. In addition to that, the main client that is Transmission is very hungry
+so I rate limited it using its own configuration options.
+
+Some example commands:
+#+begin_src
+ufw allow from any to any port 23185
+ufw allow ssh
+ufw allow in on eth1,eth2,lezzonet to any port 22,53,123,514 proto udb
+ufw allow in on eth1,eth2,lezzonet to any port 22,53,123,514 proto tcp
+#+end_src
diff --git a/secretwiki/stylesheet.css b/secretwiki/stylesheet.css
index 9f7b1ee..9780871 100644
--- a/secretwiki/stylesheet.css
+++ b/secretwiki/stylesheet.css
@@ -35,7 +35,6 @@ h3 {
h4 {
color: #45818e;
- font-size: 35px;
}
a {
diff --git a/secretwiki/wannabe.html b/secretwiki/wannabe.html
new file mode 100644
index 0000000..cf159f2
--- /dev/null
+++ b/secretwiki/wannabe.html
@@ -0,0 +1,299 @@
+
+
+
+
+
+
+
+Created: 2023-05-25 Thu 18:26
+ +
+
+[ Lezzo secret wiki ]
+
+
+~ Hosts
+
+
+
+
+I fondamentali
+
+
++Tutto ciò senza cui lezzo non funzionerebbe, insomma l'infrastruttura +di base. +
+
+
+Basettoni
+
+
++Fa da hypervisor. Contiene il numero minimo di pacchetti per far funzionare il +filesystem e libvirt. Accede alla rete tramite una sua interfaccia di rete. +
+
+
+Minni
+
+
++SOC di Ruspante che da accesso alla rete in caso di emergenza. Comunica con +l'hypervisor tramite la rete locale. +
+ ++Serve: +
+-
+
- wireguard +
- client ddns +
+
+Edi
+
+
++Server che contiene i backup di lezzonet e comunica con l'hypervisor tramite Gancio. +
+
+
+Gancio
+
+
++SOC ospitato a casa di Bparodi con una rete wireguard secondaria che permette la +comunicazione con l'hypervisor. È nella stessa rete del server di backup. +
+ ++Serve: +
+-
+
- client ddns +
- wireguard +
+
+Atomino
+
+
++Fa da router per la rete. È l'unico host virtualizzato che ha accesso +all'interfaccia di rete fisica. +
+ ++Serve: +
+-
+
- wireguard +
- dns server principale per tutto lezzo.org e compari +
- firewall e qos tramite iptables e tc +
- ntpd +
- syslog-ng +
+
+Pico
+
+
+-
+
- rabbitmq +
- postgres +
+
+Orazio
+
+
++Buildserver. Ci si aspetta che tutte gli host riescano a +comunicare con questa vm. +
+ ++Serve: +
+-
+
- rsync +
- nginx +
+
+7 Mari
+
+
++Il magico mondo della pirateria e più in generale tutto ciò che viene +hostato dietro una vpn di terze parti. +
+
+
+Amelia
+
+
++VM usata per piratare. È l'unica macchina con X11 nella rete. +
+ ++Serve: +
+-
+
- transmission +
- qbittorrent +
- fopnu +
- nicotine+: client soulseek +
- vncviewer +
- mldonkey +
- makemkv +
- nintendo nus downloader +
+
+Toppersby
+
+
++bparodi vm personale dietro vpn. +
+ ++Serve: +
+-
+
- weechat +
+
+Lezzo si presenta al mondo
+
+
++Tutti i servizi che utilizziamo sono hostati su queste macchine. +
+
+
+
+Paperetta
+
+
++Praticamente una macchina con debian per tutto ciò che non riesco ad +hostare su gentoo. Ho dovuto sporcarla con docker. +Serve: +
+-
+
- varie istanze di sonarr. Vedi la entry nella wiki. +
- archivebox +
- forkserver: script in python che permetto al bot di irc di +richiedere l'archiviazione di url ad archivebox +
- Paperless +
+
+Paperino
+
+
++Punto di accesso ai vari servizi web di lezzo.org +
+ ++Serve: +
+-
+
- nginx, sia come server per il dominio che come reverse proxy +
- jellyfin sia per la musica che per il materiale video +
- git server (bare) con relativa interfaccia web +
- happy/imageboard +
- luca/url shortener +
- goaccess: stats.html +
- cinny +
- fileserver +
- blog e altre pagine web di lezzo.org +
- radicale +
+
+Plottigat
+
+
++Serve: +
+-
+
- murmur (mumble server) +
- ngircd +
- heisenbridge +
- matrix and irc bots +
- synapse +
+
+Topolino
+
+
++bparodi vm personale. +
+ ++Serve: +
+-
+
- neomutt +
- offlineimap +
- mympd +
- syncthing +
+Monta: +
+-
+
- vibbra +
- pr0n +
+
+Fuori da qui
+
+
++ma Lezzo sempre nel cuore. Tutte le macchine non virtualizzate nel +rack principale. Gli usi sono i più disparati. +
+
+
+Pipwolf
+
+
++SOC utilizzato da bparodi come access point di emergenza alla rete di casa. +
+
+
+Ghigno
+
+
++SOC utilizzato dai genitori di bparodi. È una macchina con gentoo che +all'accensione avvia X e firefox –kiosk su tty7 e viene utilizzata +come terminale per Jellyfin. +
+
+
+
+
+
diff --git a/secretwiki/wannabe.org b/secretwiki/wannabe.org
index 2d10920..9d21421 100644
--- a/secretwiki/wannabe.org
+++ b/secretwiki/wannabe.org
@@ -1,36 +1,40 @@
#+INCLUDE: header.org
-- rinforza le password
-- etckeeper
-- password files
- + vikunja pesceWanda:pesceWanda@lezzo.org:pesceWanda
- + vikunja ruspante:ruspante@lezzo.org:ruspantello
* *~* Hosts
-** I Fondamentali
-Tutto ciò senza cui Lezzo non funzionerebbe, insomma l'infrastruttura
+** I fondamentali
+Tutto ciò senza cui lezzo non funzionerebbe, insomma l'infrastruttura
di base.
*** Basettoni
+Fa da hypervisor. Contiene il numero minimo di pacchetti per far funzionare il
+filesystem e libvirt. Accede alla rete tramite una sua interfaccia di rete.
+*** Minni
+SOC di Ruspante che da accesso alla rete in caso di emergenza. Comunica con
+l'hypervisor tramite la rete locale.
+
+Serve:
+- wireguard
+- client ddns
+*** Edi
+Server che contiene i backup di lezzonet e comunica con l'hypervisor tramite Gancio.
+*** Gancio
+SOC ospitato a casa di Bparodi con una rete wireguard secondaria che permette la
+comunicazione con l'hypervisor. È nella stessa rete del server di backup.
+
+Serve:
+- client ddns
+- wireguard
*** Atomino
-Server vpn privato. Usato per avere una rete interna per i membri di
-lezzo.org ma esce in chiaro dall'ip di lezzo.org.
+Fa da router per la rete. È l'unico host virtualizzato che ha accesso
+all'interfaccia di rete fisica.
Serve:
- wireguard
- dns server principale per tutto lezzo.org e compari
+- firewall e qos tramite iptables e tc
- ntpd
- syslog-ng
*** Pico
- rabbitmq
- postgres
-*** Uno
-Router. Permette alle vm di uscire in chiaro.
-
-Serve:
-- firewall
-- dhcp daemon
-- dns forwarder
-- nat: tramite firewall
-- webserver: interfaccia web per la configurazione
-- ssh server: dropbear per la manutenzione
*** Orazio
Buildserver. Ci si aspetta che tutte gli host riescano a
comunicare con questa vm.
@@ -42,35 +46,17 @@ Serve:
Il magico mondo della pirateria e più in generale tutto ciò che viene
hostato dietro una vpn di terze parti.
*** Amelia
-VM usata per piratare.
+VM usata per piratare. È l'unica macchina con X11 nella rete.
Serve:
-- rtorrent
-- rutorrent e tutte le dipendenze
+- transmission
- qbittorrent
-*** Macchianera
-Router dietro la vpn di njalla.
-
-Serve:
-- firewall
-- dhcp daemon: non utilizzato, gli ip delle vm sono tutti statici
-- dns forwarder
-- nat: tramite firewall
-- webserver: interfaccia web per la configurazione
-- ssh server: dropbear per la manutenzione
-*** Nocciola
-VM usata per piratare.
-
-Serve:
- fopnu
- nicotine+: client soulseek
- vncviewer
- mldonkey
-- biglybt
-- amuled
-- amuleweb
- makemkv
-- nocciola-dl-manager: programma in kotlin che monitora i vari servizi
+- nintendo nus downloader
*** Toppersby
bparodi vm personale dietro vpn.
@@ -94,16 +80,14 @@ Punto di accesso ai vari servizi web di lezzo.org
Serve:
- nginx, sia come server per il dominio che come reverse proxy
- jellyfin sia per la musica che per il materiale video
-- gitbucket or onedev
+- git server (bare) con relativa interfaccia web
- happy/imageboard
- luca/url shortener
- goaccess: stats.html
-- fucktelegram
- cinny
-- atftpd (pxe server)
- fileserver
-- gameserver
-- caldav e rubrica?
+- blog e altre pagine web di lezzo.org
+- radicale
*** Plottigat
Serve:
- murmur (mumble server)
Created: 2023-05-25 Thu 18:38
+ +