From f49e541b78e19ba842fc131e3081eabc4f053244 Mon Sep 17 00:00:00 2001 From: mhoellein Date: Fri, 24 Dec 2021 00:03:53 +0100 Subject: [PATCH] daily autocommit --- .etckeeper | 3 ++- default/coturn | 2 +- letsencrypt/.certbot.lock | 0 letsencrypt/csr/3186_csr-certbot.pem | 17 ++++++++++++++++ letsencrypt/keys/3186_key-certbot.pem | 28 +++++++++++++++++++++++++++ myssl/dh2048.pem | 12 ++++++------ turnserver.conf | 21 ++++++++++---------- 7 files changed, 64 insertions(+), 19 deletions(-) delete mode 100644 letsencrypt/.certbot.lock create mode 100644 letsencrypt/csr/3186_csr-certbot.pem create mode 100644 letsencrypt/keys/3186_key-certbot.pem diff --git a/.etckeeper b/.etckeeper index c9b9bb710..5de528ec0 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1592,7 +1592,6 @@ maybe chmod 0755 'ldap/schema' maybe chmod 0644 'ldap/schema/amavis.schema' maybe chmod 0644 'legal' maybe chmod 0755 'letsencrypt' -maybe chmod 0600 'letsencrypt/.certbot.lock' maybe chmod 0644 'letsencrypt/.updated-options-ssl-apache-conf-digest.txt' maybe chmod 0700 'letsencrypt/accounts' maybe chmod 0700 'letsencrypt/accounts/acme-staging-v02.api.letsencrypt.org' @@ -5373,6 +5372,7 @@ maybe chmod 0644 'letsencrypt/csr/3182_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/3183_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/3184_csr-certbot.pem' maybe chmod 0644 'letsencrypt/csr/3185_csr-certbot.pem' +maybe chmod 0644 'letsencrypt/csr/3186_csr-certbot.pem' maybe chmod 0700 'letsencrypt/keys' maybe chmod 0600 'letsencrypt/keys/0000_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/0001_key-certbot.pem' @@ -8560,6 +8560,7 @@ maybe chmod 0600 'letsencrypt/keys/3182_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/3183_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/3184_key-certbot.pem' maybe chmod 0600 'letsencrypt/keys/3185_key-certbot.pem' +maybe chmod 0600 'letsencrypt/keys/3186_key-certbot.pem' maybe chmod 0700 'letsencrypt/live' maybe chmod 0644 'letsencrypt/live/README' maybe chmod 0755 'letsencrypt/live/collabora.hoellein.online' diff --git a/default/coturn b/default/coturn index 7eb595202..d2a9086b8 100644 --- a/default/coturn +++ b/default/coturn @@ -2,5 +2,5 @@ # Uncomment it if you want to have the turnserver running as # an automatic system service daemon # -#TURNSERVER_ENABLED=1 +TURNSERVER_ENABLED=1 diff --git a/letsencrypt/.certbot.lock b/letsencrypt/.certbot.lock deleted file mode 100644 index e69de29bb..000000000 diff --git a/letsencrypt/csr/3186_csr-certbot.pem b/letsencrypt/csr/3186_csr-certbot.pem new file mode 100644 index 000000000..d8b0a8324 --- /dev/null +++ b/letsencrypt/csr/3186_csr-certbot.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICozCCAYsCAQIwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALZs +c1ZUtrKpW3uzK4drsm2wfxJGjqIJkBTpOQoQF49mNMozuTDiYml1hHcNGGCiHg/3 +Gj51s+nyN0ovJUfmVlNH9sAtvKbytQSHXXpsxgk/75UeENIqNNUqTzygXHYh6sAz +JWP5VCuvsKAjAO4WO6AmnauYTFNRrzg18QRvqePZBb4HAapOX+u1lp+fTs6ocVbS +w1lcjliyQiMvSfCEVMNwF4jE7sWm+pIVFizD41V4qNLKeWRgWQoq/go/qWOkhf/I +0gdR+ZbmMPr59BtU0w5M0XH2f25e3vlHJz7CPNRx8TuI0DKEEJU140DSfdKAs23B +6QVbHBkWC/jLSreEqqsCAwEAAaBeMFwGCSqGSIb3DQEJDjFPME0wSwYDVR0RBEQw +QoIdc2llZGxlcnZlcmVpbi13aXR0Z2Vuc2RvcmYuZGWCIXd3dy5zaWVkbGVydmVy +ZWluLXdpdHRnZW5zZG9yZi5kZTANBgkqhkiG9w0BAQsFAAOCAQEAl8kkLCXm/eA5 +DvlhG4SlDGTNn8+RDy2j0D2hZRTL7N30N+g2WAtB/sKVTb6+/RRzXsfCkyprQWVK +YpcbBZV05ohLuP0rusGOk8t5xlnifvm+BcsIpCJahXOMG2ynHJTVQ2NERqtI+WwG +7Wl+QS3VwOBGweZtVPlQWDYsrtaEw8AZDaQqxjgLu69cOTYgqjWbHkgEOYlhnM8s +znFT0nNg15E65oME8DyB4K/7OsR5w0fvWhRg+0xzLWr+8xQwKo/ewUMhK/vIA818 +KBNFG59vrJg8H+PrEF5aWEDeAIQOo7ylMFDIMdFw/6QRHghJcPXjpdiWuLW0LITL +Ct8tTSJPgw== +-----END CERTIFICATE REQUEST----- diff --git a/letsencrypt/keys/3186_key-certbot.pem b/letsencrypt/keys/3186_key-certbot.pem new file mode 100644 index 000000000..7ebf8fdbf --- /dev/null +++ b/letsencrypt/keys/3186_key-certbot.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC2bHNWVLayqVt7 +syuHa7JtsH8SRo6iCZAU6TkKEBePZjTKM7kw4mJpdYR3DRhgoh4P9xo+dbPp8jdK +LyVH5lZTR/bALbym8rUEh116bMYJP++VHhDSKjTVKk88oFx2IerAMyVj+VQrr7Cg +IwDuFjugJp2rmExTUa84NfEEb6nj2QW+BwGqTl/rtZafn07OqHFW0sNZXI5YskIj +L0nwhFTDcBeIxO7FpvqSFRYsw+NVeKjSynlkYFkKKv4KP6ljpIX/yNIHUfmW5jD6 ++fQbVNMOTNFx9n9uXt75Ryc+wjzUcfE7iNAyhBCVNeNA0n3SgLNtwekFWxwZFgv4 +y0q3hKqrAgMBAAECggEAQF0FWLls+J5+c6ekvRQHkWILg5Q3cP50wpwDDwTcezDx +gUI8nf3SASmAgkyxhC7O8o0Zyl3XC7z1OwxlV/fyD1I9wlKg1DqgGaf1GGPWf576 +Vh+UicJwf6F88YQW+2s+G3AwShTHWN6VL/sJsfdQNFJLoSaMD32rl+aYUhtf0s6/ +rpIaJCg6jGAojjqiZI6CoWDjWK/JEooqhr2XOwM3w4b0Ft6Mo3uRQ667H8DiWsLI +LEBnU1qA0IR3ScKyULaDRz25eZXCqh1dY9RItPSBOvkBFmdUm8Hh6701RTPHHSLF +cLVg/N83pmifj1uWuBGUCwz20Xn7ar0VqOWeWuno2QKBgQDoRmL/dI7uBg85FlLH +moGys5g4ILZ1TzJfEz/ACoIkyo85zhwIzWtOF3qfPavUfRGw3kO/13hSfj3WQEZX +fxYoD4CWyvkVkzjKYkUF58nKy7j7C0AQNvc1UCzhVePfcLzy5Mj8s5xMtsLDpWoH +rFfED2a0ZzdVXAx37GO5kLUX7QKBgQDJDohmciultCdVuhDKv0YB/DD7OPfqtiRC +wHy9zgX3FHiUVDA/4PWHfLfRCY3aytalEITemPFS074J1rpmuWytY3HtxFUfquLC +LPFq8C7zaFxqDb1XvpRFs9+eHAzkx82hti9wRcleapYWNTJjh/LiUdiABNxeOqg2 +qbC+udhJ9wKBgAQRl5JZ/Fb3DDU3yuNsNXFn6/avvAJ6DKvVrnwysuzqD3A3yA3v +az3G84LulZ/3QOQUQKOPpq/rPjIOlizaMQ0qmFoL3CkglxIUfpkH4mUHBIqBO/IM +xG/Oo7qewosbcnPexhaHHunJGchLkXvo7PCmRGpMlI+OOTmwjl6lxkZRAoGAU9Qg +YP6HXk6P+/lZWP+JM/ivf3+QNqd81Owm1oiZChzZ7ZZwi6HDHZuNlLW0FJ5wAmCx +1ZHVRKCOYtHJ5Fy5iE2nSeiLSWnZo/ZTLjA4kzpXFczmvjfy4GEQAn9VjOoVvbAV +dW1TeW9dZqMFgGRFi8FuUGo2a39vdWMpE0yvdp8CgYBOww3zNCHxSNfaKy6qLnVT +r6BU6vt2pLqmah6sp64HMoM3nZxWyIpGnmyFwxC3L4m6r0gyqcmmkyVxm/3kqKaQ +reSgcIXMrzjjdkYc4SmxE/c7EBigIzbiMpvZRlFnBVsBKpQc7Hgm8qVt3gyWXhvu +H8Dd8VUTTmsZZcPUxOm2IA== +-----END PRIVATE KEY----- diff --git a/myssl/dh2048.pem b/myssl/dh2048.pem index bc63a9555..b6451ecdd 100644 --- a/myssl/dh2048.pem +++ b/myssl/dh2048.pem @@ -1,8 +1,8 @@ -----BEGIN DH PARAMETERS----- -MIIBCAKCAQEA/zjubaxmCQcBOViz/g6XzNIbZJoAV8yU/jeOuCu3PNpCXxdEVi8K -FHsG8bYqWh6LlamUUulmHsc4KHif2idmHjmYN81xIwdrbpibmSj38Dgir2wg3MdM -WIOIKr163vF/yeyvYKeOk84BvO4rvgW6U0GOPDaJgTrhc6nGEJTt0rfcKreJ6bQW -HosyliFHZNZB4f3aD+mnLaSmlVy8UmSkNhhHywYwaY/UzpTQLoK5tUu4mOR+rCyJ -zlOBrBC/UxdV8/yvm0I5C7M0lJgyxAG6iiFffn9YSsH7gbGtia079fIX8KMQm+6H -8FJ+66GhstEt0UDr2DRkTOK8IKN+3upjIwIBAg== +MIIBCAKCAQEA90l42p3qJWZl7HB0lS5PyPm0djNPTh0c0KW1cm4BAuBq3NG1v5ig +mk9lnI14GrXNsHyDnVexLj93trWM/q9Uqo1VXOeFTYcKXIbhtc7Uo64SaVP4fMGM +LThrNkrrEA7Pqtoe4JT2Ve292h6nrYrgcFSyIA01xt+l5F7+8xkqmNJL2W3moeIE +shhwJPf7lo655nU36raxlovGruy0NGTkYp5bjY91fPQA1AW/bh96xJqfMmgk0c0P +G9BI4GV8zOi1Af2hC0f5RSyB2cbiW2mbV2waLi6YFx0SHb41emPk7JTWpZnqOp72 +CIo94oyNeWEXUG29xjr9P2jZnn3xxr4kswIBAg== -----END DH PARAMETERS----- diff --git a/turnserver.conf b/turnserver.conf index 778c2bb45..1b5eda12d 100644 --- a/turnserver.conf +++ b/turnserver.conf @@ -15,7 +15,7 @@ # Note: actually, TLS & DTLS sessions can connect to the # "plain" TCP & UDP port(s), too - if allowed by configuration. # -#listening-port=3478 +listening-port=3478 # TURN listener port for TLS (Default: 5349). # Note: actually, "plain" TCP & UDP sessions can connect to the TLS & DTLS @@ -162,12 +162,12 @@ # Uncomment to use fingerprints in the TURN messages. # By default the fingerprints are off. # -#fingerprint +fingerprint # Uncomment to use long-term credential mechanism. # By default no credentials mechanism is used (any user allowed). # -#lt-cred-mech +lt-cred-mech # This option is opposite to lt-cred-mech. # (TURN Server with no-auth option allows anonymous access). @@ -214,7 +214,7 @@ # Use in config either the lt-cred-mech or the use-auth-secret # to avoid any confusion. # -#use-auth-secret +use-auth-secret # 'Static' authentication secret value (a string) for TURN REST API only. # If not set, then the turn server @@ -222,8 +222,7 @@ # in user database (if present). The database-stored value can be changed on-the-fly # by a separate program, so this is why that other mode is 'dynamic'. # -#static-auth-secret=north - +static-auth-secret=MsVbzUzAznAbdi3QVE4wYWnpk1lNrrDB3AJt # Server name used for # the oAuth authentication purposes. # The default value is the realm name. @@ -336,7 +335,7 @@ # Note: If default realm is not specified at all, then realm falls back to the host domain name. # If domain name is empty string, or '(None)', then it is initialized to am empty string. # -#realm=mycompany.org +realm=hoellein.online # The flag that sets the origin consistency # check: across the session, all requests must have the same @@ -355,7 +354,7 @@ # default value is 0 (no quota). # This option can also be set through the database, for a particular realm. # -#total-quota=0 +total-quota=0 # Max bytes-per-second bandwidth a TURN session is allowed to handle # (input and output network streams are treated separately). Anything above @@ -370,7 +369,7 @@ # Total bytes-per-second bandwidth the TURN server is allowed to allocate # for the sessions, combined (input and output network streams are treated separately). # -# bps-capacity=0 + bps-capacity=0 # Uncomment if no UDP client listener is desired. # By default UDP client listener is always started. @@ -410,7 +409,7 @@ # It defaults to 600 secs (10 min) if no value is provided. After that delay, # the client will get 438 error and will have to re-authenticate itself. # -#stale-nonce=600 +stale-nonce=600 # Uncomment if you want to set the maximum allocation # time before it has to be refreshed. @@ -584,7 +583,7 @@ syslog # Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*). # This is an extra security measure. # -#no-multicast-peers +no-multicast-peers # Option to set the max time, in seconds, allowed for full allocation establishment. # Default is 60 seconds. -- 2.43.0