From: mhoellein Date: Wed, 19 May 2021 19:01:30 +0000 (+0200) Subject: saving uncommitted changes in /etc prior to apt run X-Git-Url: https://git.hoellein.online/?a=commitdiff_plain;h=c0b88e51f78f42cab7fa8ee661b775255fcb74c4;p=vserver saving uncommitted changes in /etc prior to apt run --- diff --git a/.etckeeper b/.etckeeper index dd6c642a6..48ec68aaa 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1300,7 +1300,7 @@ maybe chgrp 'nagios' 'icinga2/conf.d/users.conf' maybe chmod 0644 'icinga2/conf.d/users.conf' maybe chown 'nagios' 'icinga2/constants.conf' maybe chgrp 'nagios' 'icinga2/constants.conf' -maybe chmod 0640 'icinga2/constants.conf' +maybe chmod 0644 'icinga2/constants.conf' maybe chown 'nagios' 'icinga2/constants.conf.orig' maybe chgrp 'nagios' 'icinga2/constants.conf.orig' maybe chmod 0640 'icinga2/constants.conf.orig' @@ -1310,6 +1310,9 @@ maybe chmod 0750 'icinga2/features-available' maybe chown 'nagios' 'icinga2/features-available/api.conf' maybe chgrp 'nagios' 'icinga2/features-available/api.conf' maybe chmod 0644 'icinga2/features-available/api.conf' +maybe chown 'nagios' 'icinga2/features-available/api.conf.orig' +maybe chgrp 'nagios' 'icinga2/features-available/api.conf.orig' +maybe chmod 0644 'icinga2/features-available/api.conf.orig' maybe chown 'nagios' 'icinga2/features-available/checker.conf' maybe chgrp 'nagios' 'icinga2/features-available/checker.conf' maybe chmod 0644 'icinga2/features-available/checker.conf' @@ -1384,7 +1387,12 @@ maybe chmod 0755 'icinga2/scripts/mail-host-notification.sh' maybe chmod 0755 'icinga2/scripts/mail-service-notification.sh' maybe chown 'nagios' 'icinga2/zones.conf' maybe chgrp 'nagios' 'icinga2/zones.conf' -maybe chmod 0640 'icinga2/zones.conf' +maybe chmod 0644 'icinga2/zones.conf' +maybe chown 'nagios' 'icinga2/zones.conf.orig' +maybe chgrp 'nagios' 'icinga2/zones.conf.orig' +maybe chmod 0640 'icinga2/zones.conf.orig' +maybe chmod 0640 'icinga2/zones.conf.orig.save' +maybe chmod 0644 'icinga2/zones.conf.save' maybe chown 'nagios' 'icinga2/zones.d' maybe chgrp 'nagios' 'icinga2/zones.d' maybe chmod 0750 'icinga2/zones.d' @@ -4715,6 +4723,7 @@ maybe chmod 0644 'letsencrypt/csr/2684_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/2685_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/2686_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/2687_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/2688_csr-certbot.pem' maybe chmod 0700 'letsencrypt/keys' maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem' @@ -7404,6 +7413,7 @@ maybe chmod 0600 'letsencrypt/keys/2684_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/2685_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/2686_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/2687_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/2688_key-certbot.pem' maybe chmod 0700 'letsencrypt/live' maybe chmod 0644 'letsencrypt/live/README' maybe chmod 0755 'letsencrypt/live/collabora.hoellein.online' diff --git a/icinga2/constants.conf b/icinga2/constants.conf index 45fe87935..769e0e512 100644 --- a/icinga2/constants.conf +++ b/icinga2/constants.conf @@ -25,4 +25,4 @@ const NodeName = "mail.hoellein.online" const ZoneName = "mail.hoellein.online" /* Secret key for remote node tickets */ -const TicketSalt = "" +const TicketSalt = "def51d666d6d0740ff39b08898306741" diff --git a/icinga2/features-available/api.conf b/icinga2/features-available/api.conf index 588ad54f9..8d85358a5 100644 --- a/icinga2/features-available/api.conf +++ b/icinga2/features-available/api.conf @@ -1,10 +1,7 @@ -/** - * The API listener is used for distributed monitoring setups. - */ +/** Icinga 2 Config - proposed by Icinga Director */ object ApiListener "api" { - accept_config = true accept_commands = true - - ticket_salt = TicketSalt + accept_config = true } + diff --git a/icinga2/features-available/api.conf.orig b/icinga2/features-available/api.conf.orig new file mode 100644 index 000000000..588ad54f9 --- /dev/null +++ b/icinga2/features-available/api.conf.orig @@ -0,0 +1,10 @@ +/** + * The API listener is used for distributed monitoring setups. + */ + +object ApiListener "api" { + accept_config = true + accept_commands = true + + ticket_salt = TicketSalt +} diff --git a/icinga2/zones.conf b/icinga2/zones.conf index b148de032..24170b398 100644 --- a/icinga2/zones.conf +++ b/icinga2/zones.conf @@ -1,61 +1,18 @@ -/* - * Endpoint and Zone configuration for a cluster setup - * This local example requires `NodeName` defined in - * constants.conf. - */ +/** Icinga 2 Config - proposed by Icinga Director */ -object Endpoint NodeName { - host = NodeName -} +object Endpoint "vserver.hoellein.online" {} -object Zone ZoneName { - endpoints = [ NodeName ] +object Zone "vserver.hoellein.online" { + parent = "mail.hoellein.online" + endpoints = [ "vserver.hoellein.online" ] } -/* - * Defines a global zone for distributed setups with masters, - * satellites and clients. - * This is required to sync configuration commands, - * templates, apply rules, etc. to satellite and clients. - * All nodes require the same configuration and must - * have `accept_config` enabled in the `api` feature. - */ - -object Zone "global-templates" { - global = true +object Zone "mail.hoellein.online" { + endpoints = [ "mail.hoellein.online" ] +} +object Endpoint "mail.hoellein.online" { + host = "mail.hoellein.online" } - -/* - * Defines a global zone for the Icinga Director. - * This is required to sync configuration commands, - * templates, apply rules, etc. to satellite and clients. - * All nodes require the same configuration and must - * have `accept_config` enabled in the `api` feature. - */ - object Zone "director-global" { global = true } - -/* - * Read the documentation on how to configure - * a cluster setup with multiple zones. - */ - -object Endpoint "icinga.hoellein.online" { - host = "icninga.hoellein.online" -} - -object Endpoint "home.hoellein.online" { - host = "home.hoellein.online" -} - -object Zone "icinga.hoellein.online" { - endpoints = [ "icinga.hoellein.online" ] -} - -object Zone "home.hoellein.online" { - parent = "icinga.hoellein.online" - endpoints = [ "home.hoellein.online" ] -} - diff --git a/icinga2/zones.conf.orig b/icinga2/zones.conf.orig new file mode 100644 index 000000000..209dfbf26 --- /dev/null +++ b/icinga2/zones.conf.orig @@ -0,0 +1,52 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +object Endpoint "icinga.hoellein.online" { + host = "icninga.hoellein.online" +} + +object Zone "icinga.hoellein.online" { + endpoints = [ "icinga.hoellein.online" ] +} + diff --git a/icinga2/zones.conf.orig.save b/icinga2/zones.conf.orig.save new file mode 100644 index 000000000..b148de032 --- /dev/null +++ b/icinga2/zones.conf.orig.save @@ -0,0 +1,61 @@ +/* + * Endpoint and Zone configuration for a cluster setup + * This local example requires `NodeName` defined in + * constants.conf. + */ + +object Endpoint NodeName { + host = NodeName +} + +object Zone ZoneName { + endpoints = [ NodeName ] +} + +/* + * Defines a global zone for distributed setups with masters, + * satellites and clients. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "global-templates" { + global = true +} + +/* + * Defines a global zone for the Icinga Director. + * This is required to sync configuration commands, + * templates, apply rules, etc. to satellite and clients. + * All nodes require the same configuration and must + * have `accept_config` enabled in the `api` feature. + */ + +object Zone "director-global" { + global = true +} + +/* + * Read the documentation on how to configure + * a cluster setup with multiple zones. + */ + +object Endpoint "icinga.hoellein.online" { + host = "icninga.hoellein.online" +} + +object Endpoint "home.hoellein.online" { + host = "home.hoellein.online" +} + +object Zone "icinga.hoellein.online" { + endpoints = [ "icinga.hoellein.online" ] +} + +object Zone "home.hoellein.online" { + parent = "icinga.hoellein.online" + endpoints = [ "home.hoellein.online" ] +} + diff --git a/icinga2/zones.conf.save b/icinga2/zones.conf.save new file mode 100644 index 000000000..24170b398 --- /dev/null +++ b/icinga2/zones.conf.save @@ -0,0 +1,18 @@ +/** Icinga 2 Config - proposed by Icinga Director */ + +object Endpoint "vserver.hoellein.online" {} + +object Zone "vserver.hoellein.online" { + parent = "mail.hoellein.online" + endpoints = [ "vserver.hoellein.online" ] +} + +object Zone "mail.hoellein.online" { + endpoints = [ "mail.hoellein.online" ] +} +object Endpoint "mail.hoellein.online" { + host = "mail.hoellein.online" +} +object Zone "director-global" { + global = true +} diff --git a/letsencrypt/csr/2688_csr-certbot.pem b/letsencrypt/csr/2688_csr-certbot.pem new file mode 100644 index 000000000..d6d131053 --- /dev/null +++ b/letsencrypt/csr/2688_csr-certbot.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICozCCAYsCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL2P +GODRZBItLKKlSt0/TR9vS9vn2Xw5Gw7yfocQC3jivDngYCrVjQSFbcZbM0uckA+y +iekW+ddVnauOH/nsMRp5tyIB/r34KXhtmf0JuSJgFWUrTAERDzc0j2I+1NY5j3pl +e5DEN3tujledsJgh0rahR0daN4vcOETFG6bqhaPlj26cZ9g6y2ymteFo0XiuwH2L +xQCa53i3QJy4xEE7VHm+ZmrY8GFrIk9U6yC7B3p+A8iWne9VMiHK+HU6kfzCzNa/ +hRWRd+9iCY4QLThqJ+cYuxCI1TgGCwOvdIX36rWDgkX/Yg1b0Jmd6kwZoAsA0RXV +QHnoQbwC+X1/rAkyewECAwEAAaBeMFwGCSqGSIb3DQEJDjFPME0wSwYDVR0RBEQw +QoIdc2llZGxlcnZlcmVpbi13aXR0Z2Vuc2RvcmYuZGWCIXd3dy5zaWVkbGVydmVy +ZWluLXdpdHRnZW5zZG9yZi5kZTANBgkqhkiG9w0BAQsFAAOCAQEAl2NHfNOb/ylR +JscMIfPlkvWNKl58OvOPs5ftbRQ0l54BNAWPxBz3iqYdIn5GS+bIDPUTHagGmuS9 +o8HYrcZM0k92+9zdSMLamJm9aI/MPwaC8mAWp3nCYQhMrXicFLc5s/8dGSR84PTc +5Z19GLhEb/CQZqDR7dyZhsRutpnPAiG/mi1Cx1pnv+xcZwBks8mtOqi93jcDBgH/ +dXRQYfUCGv1UKtUEutjOVMFR5/pUovOXmesAAmDDYjsoHUPiunc05se0OPFOkQau +lC9TfIyhKuSZrkQPiZbUAURNUoRlxNbeC+hs23NpvGjoXSr4JjEi7cg2nmhS8/S1 +d5z2ZSdLxg== +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/keys/2688_key-certbot.pem b/letsencrypt/keys/2688_key-certbot.pem new file mode 100644 index 000000000..868e60ef2 --- /dev/null +++ b/letsencrypt/keys/2688_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC9jxjg0WQSLSyi +pUrdP00fb0vb59l8ORsO8n6HEAt44rw54GAq1Y0EhW3GWzNLnJAPsonpFvnXVZ2r +jh/57DEaebciAf69+Cl4bZn9CbkiYBVlK0wBEQ83NI9iPtTWOY96ZXuQxDd7bo5X +nbCYIdK2oUdHWjeL3DhExRum6oWj5Y9unGfYOstsprXhaNF4rsB9i8UAmud4t0Cc +uMRBO1R5vmZq2PBhayJPVOsguwd6fgPIlp3vVTIhyvh1OpH8wszWv4UVkXfvYgmO +EC04aifnGLsQiNU4BgsDr3SF9+q1g4JF/2INW9CZnepMGaALANEV1UB56EG8Avl9 +f6wJMnsBAgMBAAECggEAC1649Es7AGgbREo72leArcEEQNWAUxYtzFC5TCqnNYIM +HkCaJBeZFMtYEUzJH+DtNzPTV9rb85GcGn00583GCDuCw5RxDj4DZsjUMrxRkYFH +50CYl3vJeNs7On5gT9U2CPZrWfybA1lXSmQYApgMxo2X8+yyZj44Vc+o3/MzPuhc +k4v+/JORJPQTsU7mVMheNu3ghfr+SFBAf55FymGHoZvEIwzxF+3O7VdS1VQ+hLfd +pu/t8JonUZHXQcSX6Ddm4b4rtBiumCI060yuFXcRJuDFjqg3JA6fLjA1e1/odkwK +76G0RH8JQaXUAWFN+Kwpo3JOilxXGFjAqiLTW3C0AQKBgQDvwxtpqDkrb7vwne1F +h8oZ/3FMveqtyeaPZ4v2B0H3fUaMmv0YO6zxFibpJj+OR8Ir2kn3L4OpbiymlYjT +cUhrGe+eqCs7AWkOnQCCLP9tmiR5GVwTgDLXwaGJ271h3BDfxsuGEIjJkPjKrRoW +amCfmu3TpACfQy7hP9CRAjVk4QKBgQDKZZbW8isPxVo4PxSs2VaNI+bMJhDJQoub +ymM42yIx3ZLkw72eIYQtPbjW468gTqWMEy++nW1hH+iBsyjgSoepGnTDcE4IQbv0 +yX4G/UZ6nQ+Uxkgv0u6JXQ4iLVyaz2LLamLzOT0x1yVPFRyf91yChN8XFviJfCji +dM/D8KW6IQKBgCZTXdJp3Zmf5r7zv7XZmujE+Gt4AEd/eqd5udm+F0FkeR6It+Rj +xaVUESw7vPUVa2hvIFuu8LDot6J5TMHf3d+g6bjG0QJBm3WGi0pDvyDZ/vKMpzdG +ytnKTfQneAJolxnuQSJRCkyOK/bZ7M2ge4mHznSCRscuihPfi4tiev6BAoGBAKiH +EqSEHQsSv17aV7Ldfc4kOMeAYrXSrUDZsujivoRbBTdrLXaAXfj1zfVQvL/f/MS4 +LSdBGpSm5wkoTz8DkBZkqxkZaEBDy+e15zSWrJroMNMmj3ES6ACE9YHL17IoQREz +0pTH8oaPqMdCwwUICYW8ca5eODDyq3B055M1zClBAoGAQpicqU8p3REIlUmIQzqO +qDOnqFl6Ohcnz/l9+QW3H7Q8v4x1ZSot6iwMA0EXXI3Rqif/BT5DWEiPBTNjoYDO +gBrJuWKW8UuD2uLbnztqzUFKP5/OXWoXI//1wJa6p+stHjWns6m8G6YtLWgSeUIL +Kl5Qscf/NNtRDZYTwEVpFcU= +-----END PRIVATE KEY-----