diff --git a/Berksfile b/Berksfile index eef1c52..e82e5ed 100644 --- a/Berksfile +++ b/Berksfile @@ -32,11 +32,12 @@ cookbook 'ntp', '= 3.4.0' cookbook 'ohai', '~> 5.2.5' cookbook 'openssl', '~> 8.5.5' cookbook 'php', '~> 8.0.0' -cookbook 'postfix', '= 5.0.2' +cookbook 'postfix', '~> 6.0.26' cookbook 'timezone_iii', '= 1.0.4' cookbook 'ulimit', '~> 1.0.0' cookbook 'users', '~> 5.3.1' cookbook 'zerotier', '~> 1.0.7' +cookbook 'unbound', '~> 3.0.2' # openresty dependency cookbook 'jemalloc', '~> 0.1.7' diff --git a/Berksfile.lock b/Berksfile.lock index f15885a..c3bab6f 100644 --- a/Berksfile.lock +++ b/Berksfile.lock @@ -28,11 +28,12 @@ DEPENDENCIES ohai (~> 5.2.5) openssl (~> 8.5.5) php (~> 8.0.0) - postfix (= 5.0.2) + postfix (~> 6.0.26) redisio (~> 6.4.1) ruby_build (~> 2.5.0) timezone_iii (= 1.0.4) ulimit (~> 1.0.0) + unbound (~> 3.0.2) users (~> 5.3.1) yum zerotier (~> 1.0.7) @@ -89,7 +90,7 @@ GRAPH openssl (8.5.5) php (8.0.1) yum-epel (>= 0.0.0) - postfix (5.0.2) + postfix (6.0.26) redisio (6.4.1) selinux (>= 0.0.0) ruby_build (2.5.0) @@ -99,6 +100,7 @@ GRAPH seven_zip (4.2.2) timezone_iii (1.0.4) ulimit (1.0.0) + unbound (3.0.2) users (5.3.1) windows (7.0.2) yum (7.4.13) diff --git a/clients/email-1.json b/clients/email-1.json new file mode 100644 index 0000000..5f0be00 --- /dev/null +++ b/clients/email-1.json @@ -0,0 +1,4 @@ +{ + "name": "email-1", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDRdvMYKRjejoFsOxS6s\n4gj0Gsaxk/j25A5VPHBcEhr+NOh8W/6NnTTHuFMaorEIl/2kscgrcwriDN7xIFmO\nz/C1+spDLPMGSWd+422KSS3fjVfByLlMwxh171RDZBlZVze7H7CIV/rxCG7Ri85y\nPvyp2rT4ioyVGyYK3e8CiXwQckpFC1ex9VRk/GR8zbCYUIw+qbTFRcl/mQuxKqWK\n22vrgAR+6OL8lcyhssmKiQ1r3GtxwJusgffw4/5S8sRR1z8OB4wiwgOWR1E36EbF\nhTBjFzPiKVjVjP/TQpUoYdnBhuD223M8nPWJl1HMVQPMjL6R2BBOF+iK0Wx9SiFD\nJwIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/garage-3.json b/clients/garage-3.json deleted file mode 100644 index 49ea275..0000000 --- a/clients/garage-3.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "name": "garage-3", - "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRSB8/ObjvQq6WuOVS/f\nypdX/2fLsUlt5tQ8GNuSY9rSM8gdvcXUvnPlxthZO4yvcPX85wmtBZX8fRJFdkJg\nYRCJbuVKO9sLTq8OUWXYpfU1q10FUhl034zxOMslpxVB6toirnk025vyq9jbuKP+\nYO+c40KZr67mgm0hveJfylayfiKP1HGm4HrV0maFivCgC8D+MPDDv75CsqRe5WSc\nh2CoauDJwVlhKZ92yq87ugGBhJJRUGOQZcfEvkUGj/HNAS6tuHl8YmVmhO8hBdee\nNto6RF54E1zB80R9oT/qitw23miEyUcHHVxhTR4tTWflZgd8l4wDOhX3Nf20xknu\nFQIDAQAB\n-----END PUBLIC KEY-----\n" -} \ No newline at end of file diff --git a/clients/garage-6.json b/clients/garage-6.json new file mode 100644 index 0000000..2c5b767 --- /dev/null +++ b/clients/garage-6.json @@ -0,0 +1,4 @@ +{ + "name": "garage-6", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwasYgWLM8ShvirFiKRE6\nGWqc3pMlvcrk4YnWAUW5Y/H26EnyexxWNfnwlEcq8thJ3M3hs7zkoF3Yk4uqX869\n4/niYqXwYgeE1K3gzLp4K1+w3yVupYAFVFStVEHJyuMlLJ+ulDEGvNdQDuIfw7+E\nr6DcDLa1o92Eo0wL1ihYyMilduH0LdFTixL+tEBXbbPWBa3RDJJCFsRF1+UC6hAH\nzmaWL661Gdzdabxjm/FlGUYkdbDqeInZq/1GMQqv+9/DcNRkWA9H7i4Ykrfpx4/2\nRZ8xtx/DbnJVB1zYoORygFMMAkTu5E+R8ropeI7Wi77Yq0S7laiRlYQYQml3x9ak\nzQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/garage-7.json b/clients/garage-7.json new file mode 100644 index 0000000..7e93b1f --- /dev/null +++ b/clients/garage-7.json @@ -0,0 +1,4 @@ +{ + "name": "garage-7", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoAigZUSwsfbBHx2PQ6W\n38Ght6eCvbpW1lsS58hTieRmRn+pgZVjvixhsBh57rUasCjaBywXk9BpNj2Foxck\nReHeoDI0RHsgniClyMrYj80y2NhoB6J8NB+cHkhdzIKplm6AH6M5xaAedtZU639a\n1nHMtpDlJhzgIYsiq1q06Aqd1w0Z9tf1RXQ1WvMDhTY4wlE5RZ2epBb6Usnlbjo2\nSqCIGIjRLmZxdsSWoiUUTlVPdUCzTNsN5G/ZVdRswhgseDmVJCIkK2Aji/XzhIrR\nh4RvUv9dhFemOVsFctJ/dQILXz5MZLUgakKf970M5R/Zggv//pqRSsYcB2UfaBpV\nLQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/garage-8.json b/clients/garage-8.json new file mode 100644 index 0000000..11d9696 --- /dev/null +++ b/clients/garage-8.json @@ -0,0 +1,4 @@ +{ + "name": "garage-8", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4hXODzgHsIeWxXJm/F6\nSTFJ8JC89mWru7pOFzPWenOVMHgp4UpUB4rDTwQqojsWTDiq0x3ckUyOPw3Nj0jv\nxP4MMGS4SI0oRSJKzrYYss0hgUDTOBBd+Wxn0UiNEpN/PfQo9VZj9v/jak57cz7z\n5+rpl5v27fhgUIChjsHxdy+EamvCrYc+1JhyrLOlwlt8JxkZ8UPhoeZLWAbDgGLS\nEzHWSSVtBUPK+KYmVb2OK4lB56zPfek0U3gKN+04a1650jzOit8LzE6NaT180QDv\nX+gG6tk53vSXDmkBXsQ1mtB8aF+HaEG2Pra5HyihlweCPYdJT+e28wpq6+P5l3YR\ndQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/postgres-4.json b/clients/postgres-4.json deleted file mode 100644 index eed891f..0000000 --- a/clients/postgres-4.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "name": "postgres-4", - "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6fPxOZeKloF/EgYvU0k\nOwv8bJjsCQcWaMTPle5//mRTszA6PM2z9RI+Mfr45qxTlsL9pQY8WJOWF6QOK31x\nszuqcr7oOjtAhrLI8f/oNDEDjcx325FqG9gNKQEAD7d4zodh+PhDe6x7GIyIS7lG\nIcD5Zre9iDwv8FGLR+5GLqS8SJOPL/wJkQ8w+N0f8YDFw81kiTta5NLhAx3fMDs0\n2kmoNlbmKlNZTtLjCfCV+/pa9oY6wycjck3GvobiFE/4cWaNkeGlPc+uAwlfmrOv\nHy0tq1XBX/BCvE5kMXmhnMT23JXjm2s2PgCLgEVGAXilXk/T597KDm+z4oBpAQma\nnQIDAQAB\n-----END PUBLIC KEY-----\n" -} \ No newline at end of file diff --git a/clients/postgres-6.json b/clients/postgres-6.json new file mode 100644 index 0000000..41355c4 --- /dev/null +++ b/clients/postgres-6.json @@ -0,0 +1,4 @@ +{ + "name": "postgres-6", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVzM0fwlimmq11jTGTko\nK87LRYSar61tNF3qVWp9axNSMa6BSxVark9eYOqY4eLh/5vJVDqXDFq30/IUWg40\nH8hHWaOEvQrP2dm/XFw1RmunfbfN9gN07TuhaT3xFD5t+jFBuOSoJ4cPnFIABuVt\nFLrjgtYYjtZe5hGE9ZPmS7o2ATM5EU9mxeQ+TkgDbr8StvSPGdZ1ykhagf1pegGU\nRIfZ+4ZKzyDUAq+fYNhIbmlm5h2gP+XdtakPy43j7n0iN1vwDgBqJ2pdaVs/GcFf\nvaztoltguoknI2NPSez1N217asTTLuth0nHxVXiKCVXnqwDjxgWmuP6X2B7VYjyc\nxQIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/clients/rsk-testnet-5.json b/clients/rsk-testnet-5.json new file mode 100644 index 0000000..827f2f7 --- /dev/null +++ b/clients/rsk-testnet-5.json @@ -0,0 +1,4 @@ +{ + "name": "rsk-testnet-5", + "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/UHlgcSeh9Do7CTCKXC\n/4/aO2OvT+ijDVmrMYCNtE4sMeuFqKPnV1zxJZmRm4VNhkSQDkdWYD+6XvuFYW60\nyjB/N6D5lLlyjG4HD6fTkfh0K6f7t5mOYV7o4T59OoA3cBZuSROjtWmJ8jEFJ+k9\nII2kcyhPQcFN01ckzvZKRSPbVRccMoc+AKTjB3ZUfs/ERtlVoDrK4jEHluXOxUJO\nBKCcLonjJuLlpRLh7QfKrKFcR4idn5Ir43R6aSUesI/ipKwKsXnR3Bu7vXp74VF3\nMJ3EkdSBG+qJzy51fbRfQiUPAr/vSoVQZwW7FkIhIqqLkMaYCymn7qKfTGujoNU7\nlwIDAQAB\n-----END PUBLIC KEY-----\n" +} \ No newline at end of file diff --git a/cookbooks/postfix/.markdownlint-cli2.yaml b/cookbooks/postfix/.markdownlint-cli2.yaml new file mode 100644 index 0000000..6fa8e77 --- /dev/null +++ b/cookbooks/postfix/.markdownlint-cli2.yaml @@ -0,0 +1,5 @@ +config: + ul-indent: false # MD007 + line-length: false # MD013 + no-duplicate-heading: false # MD024 + reference-links-images: false # MD052 diff --git a/cookbooks/postfix/CHANGELOG.md b/cookbooks/postfix/CHANGELOG.md index 415b74c..1b7f2b2 100644 --- a/cookbooks/postfix/CHANGELOG.md +++ b/cookbooks/postfix/CHANGELOG.md @@ -2,6 +2,176 @@ This file is used to list changes made in each version of the postfix cookbook. +## 6.0.26 - *2023-10-03* + +- add installation of postfix addon packages for RHEL 8 + +## 6.0.25 - *2023-10-03* + +Fix markdown + +## 6.0.24 - *2023-09-28* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.23 - *2023-09-04* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.22 - *2023-08-29* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.21 - *2023-05-17* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.20 - *2023-04-17* + +Fix CI permissions + +## 6.0.19 - *2023-04-17* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.18 - *2023-04-07* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.17 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.16 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.15 - *2023-04-01* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.14 - *2023-03-20* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.13 - *2023-03-15* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.12 - *2023-02-23* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.11 - *2023-02-16* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.10 - *2023-02-14* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.9 - *2023-02-14* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.8 - *2022-12-08* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.7 - *2022-02-03* + +Standardise files with files in sous-chefs/repo-management + +## 6.0.6 - *2022-02-02* + +- Update tested platforms +- Remove delivery and move to calling RSpec directly via a reusable workflow + +## 6.0.5 - *2022-01-08* + +- resolved cookstyle error: test/integration/helpers/serverspec/spec_helper.rb:9:21 convention: `Style/FileRead` + +## 6.0.4 - *2021-08-19* + +## 6.0.3 - *2021-08-19* + +- Fixed TLS configuration + +## 6.0.2 - *2021-06-30* + +- Make sure we write the main.conf and master.conf before we try to use any commands (like postmap) + +## 6.0.1 - *2021-06-01* + +## 6.0.0 - *2020-11-23* + +- Disabled SSLv3 by default + +## 5.4.1 - 2020-10-20 + +- Ensure all postmap files are rebuilt immediately if needed + +## 5.4.0 - 2020-10-11 + +### Changed + +- Sous Chefs Adoption +- Update to use Sous Chefs GH workflow +- Update README to sous-chefs +- Update metadata.rb to Sous Chefs +- Update test-kitchen to Sous Chefs + +### Added + +- Standardise files with files in sous-chefs/repo-management +- Add Ubuntu 20.04 testing + +### Fixed + +- Cookstyle fixes +- ChefSpec fixes +- Yamllint fixes +- MDL fixes +- Fix OpenSUSE installation issues + +### Removed + +- Remove EL 6 testing +- Remove Amazon Linux 1 testing + +## 5.3.1 (2018-07-24) + +- Fixed sbin issue with Chef13 + +## 5.3.0 (2018-05-23) + +- support multiple sasl_passwd entries +- Add `packages` attribute so different postfix packages can be installed +- add ability to set network connection port for a remote relayhost + +## 5.2.1 (2017-11-22) + +- Properly support FreeBSD +- Do not run service restart for solaris which fails + +## 5.2.0 (2017-08-07) + +- Lazily evaluate the config template variables to allow overrides to properly apply +- Avoid Chefspec deprecation warnings + +## 5.1.1 (2017-07-28) + +- Fix support for Amazon Linux on Chef 13 +- Expand testing to cover Debian 9 in Travis + +## 5.1.0 (2017-07-28) + +- Add an option to allow recipient canonical maps + +## 5.0.3 (2017-06-26) + +- Correct attribute line for use_relay_restrictions_maps to prevent converge failures + ## 5.0.2 (2017-05-17) - Fix use_relay_restrictions_maps attribute misspelling in attributes file @@ -117,51 +287,51 @@ Reverting #37 - [COOK-3418] Virtual Domain Support PR - duplicate of #55 ### Bug -- **[COOK-4357](https://tickets.chef.io/browse/COOK-4357)** - postfix::sasl_auth recipe fails to converge +- postfix::sasl_auth recipe fails to converge ## v3.1.0 (2014-02-19) ### Bug -- **[COOK-4322](https://tickets.chef.io/browse/COOK-4322)** - Postfix cookbook has incorrect default path for sasl_passwd +- Postfix cookbook has incorrect default path for sasl_passwd ### New Feature -- **[COOK-4086](https://tickets.chef.io/browse/COOK-4086)** - use conf_dir attribute for sasl recipe, and add omnios support -- **[COOK-2551](https://tickets.chef.io/browse/COOK-2551)** - Support creating the sender_canonical map file +- use conf_dir attribute for sasl recipe, and add omnios support +- Support creating the sender_canonical map file ## v3.0.4 ### Bug -- **[COOK-3824](https://tickets.chef.io/browse/COOK-3824)** - main.cf.erb mishandles lists +- main.cf.erb mishandles lists ### Improvement -- **[COOK-3822](https://tickets.chef.io/browse/COOK-3822)** - postfix cookbook readme has an incorrect example +- postfix cookbook readme has an incorrect example - Got rubocop errors down to 32 ### New Feature -- **[COOK-2551](https://tickets.chef.io/browse/COOK-2551)** - Support creating the sender_canonical map file +- Support creating the sender_canonical map file ## v3.0.2 ### Bug -- **[COOK-3617](https://tickets.chef.io/browse/COOK-3617)** - Fix error when no there is no FQDN -- **[COOK-3530](https://tickets.chef.io/browse/COOK-3530)** - Update `client.rb` after 3.0.0 refactor -- **[COOK-2499](https://tickets.chef.io/browse/COOK-2499)** - Do not use resource cloning +- Fix error when no there is no FQDN +- Update `client.rb` after 3.0.0 refactor +- Do not use resource cloning ### Improvement -- **[COOK-3116](https://tickets.chef.io/browse/COOK-3116)** - Add SmartOS support +- Add SmartOS support ## v3.0.0 ### Improvement -- **[COOK-3328](https://tickets.chef.io/browse/COOK-3328)** - Postfix main/master and attributes refactor +- Postfix main/master and attributes refactor **Breaking changes**: diff --git a/cookbooks/postfix/CONTRIBUTING.md b/cookbooks/postfix/CONTRIBUTING.md deleted file mode 100644 index cd21578..0000000 --- a/cookbooks/postfix/CONTRIBUTING.md +++ /dev/null @@ -1 +0,0 @@ -Please refer to diff --git a/cookbooks/postfix/LICENSE b/cookbooks/postfix/LICENSE new file mode 100644 index 0000000..8f71f43 --- /dev/null +++ b/cookbooks/postfix/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/cookbooks/postfix/MAINTAINERS.md b/cookbooks/postfix/MAINTAINERS.md deleted file mode 100644 index 645ed14..0000000 --- a/cookbooks/postfix/MAINTAINERS.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Tim Smith](https://github.com/tas50) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) diff --git a/cookbooks/postfix/README.md b/cookbooks/postfix/README.md index 3531da4..e7dc535 100644 --- a/cookbooks/postfix/README.md +++ b/cookbooks/postfix/README.md @@ -1,19 +1,28 @@ # postfix Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/postfix.svg?branch=master)](https://travis-ci.org/chef-cookbooks/postfix) [![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix) +[![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix) +[![CI State](https://github.com/sous-chefs/postfix/workflows/ci/badge.svg)](https://github.com/sous-chefs/postfix/actions?query=workflow%3Aci) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) Installs and configures postfix for client or outbound relayhost, or to do SASL authentication. On RHEL-family systems, sendmail will be replaced with postfix. +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + ## Requirements ### Platforms -- Ubuntu 12.04+ -- Debian 7.0+ -- RHEL/CentOS/Scientific 5.7+, 6.2+ +- Ubuntu +- Debian +- RHEL/CentOS/Scientific - Amazon Linux (as of AMIs created after 4/9/2012) +- FreeBSD May work on other platforms with or without modification. @@ -33,6 +42,7 @@ See `attributes/default.rb` for default values. - `node['postfix']['mail_type']` - Sets the kind of mail configuration. `master` will set up a server (relayhost). - `node['postfix']['relayhost_role']` - name of a role used for search in the client recipe. +- `node['postfix']['relayhost_port']` - listening network port of the relayhost. - `node['postfix']['multi_environment_relay']` - set to true if nodes should not constrain search for the relayhost in their own environment. - `node['postfix']['use_procmail']` - set to true if nodes should use procmail as the delivery agent. - `node['postfix']['use_alias_maps']` - set to true if you want the cookbook to use/configure alias maps @@ -43,7 +53,7 @@ See `attributes/default.rb` for default values. - `node['postfix']['aliases']` - hash of aliases to create with `recipe[postfix::aliases]`, see below under **Recipes** for more information. - `node['postfix']['transports']` - hash of transports to create with `recipe[postfix::transports]`, see below under **Recipes** for more information. - `node['postfix']['access']` - hash of access to create with `recipe[postfix::access]`, see below under **Recipes** for more information. -- `node['postfix']['virtual_aliases']` - hash of virtual_aliases to create with `recipe[postfix::virtual_aliases]`, see below under __Recipes__ for more information. +- `node['postfix']['virtual_aliases']` - hash of virtual_aliases to create with `recipe[postfix::virtual_aliases]`, see below under **Recipes** for more information. - `node['postfix']['main_template_source']` - Cookbook source for main.cf template. Default 'postfix' - `node['postfix']['master_template_source']` - Cookbook source for master.cf template. Default 'postfix' @@ -75,10 +85,20 @@ This change in namespace to `node['postfix']['main']` should allow for greater f - `node['postfix']['main']['smtp_sasl_password_maps']` - Set to `hash:/etc/postfix/sasl_passwd` template file - `node['postfix']['main']['smtp_sasl_security_options']` - Set to noanonymous - `node['postfix']['main']['relayhost']` - Set to empty string -- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty -- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty. - `node['postfix']['sender_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config. - `node['postfix']['smtp_generic_map_entries']` - (hash with key value pairs); default not configured. Setup generic postfix maps. See `man 5 generic`. If has at least one value, then will be enabled in config. +- `node['postfix']['recipient_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config. +- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty. You can only use this until the current version. The new syntax is below. +- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty. You can only use this until the current version. The new syntax is below. +- `node['postfix']['sasl']` = ```json { + "relayhost1" => { + 'username' => 'foo', + 'password' => 'bar' + }, + "relayhost2" => { + ... + } + }``` - You must set the following attribute, otherwise the attribute will default to empty Example of json role config, for setup *_map_entries: @@ -331,8 +351,14 @@ override_attributes( "smtp_sasl_auth_enable" => "yes" }, "sasl" => { - "smtp_sasl_passwd" => "your_password", - "smtp_sasl_user_name" => "your_username" + "relayhost1" => { + "username" => "your_password", + "password" => "your_username" + }, + "relayhost2" => { + ... + }, + ... } } ) @@ -425,22 +451,27 @@ override_attributes( ) ``` -## License & Authors +## Contributors -**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io)) +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) -**Copyright:** 2009-2016, Chef Software, Inc. +### Backers -``` -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at +Thank you to all our backers! - http://www.apache.org/licenses/LICENSE-2.0 +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` +### Sponsors + +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/cookbooks/postfix/attributes/default.rb b/cookbooks/postfix/attributes/default.rb index d467072..6ec3d88 100644 --- a/cookbooks/postfix/attributes/default.rb +++ b/cookbooks/postfix/attributes/default.rb @@ -1,5 +1,5 @@ # Author:: Joshua Timberman -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2019, Chef Software, Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -14,12 +14,15 @@ # See the License for the specific language governing permissions and # limitations under the License. +default['postfix']['packages'] = %w(postfix) + # Generic cookbook attributes default['postfix']['mail_type'] = 'client' default['postfix']['relayhost_role'] = 'relayhost' +default['postfix']['relayhost_port'] = '25' default['postfix']['multi_environment_relay'] = false default['postfix']['use_procmail'] = false -default['postfix']['use_alias_maps'] = (node['platform'] == 'freebsd') +default['postfix']['use_alias_maps'] = platform?('freebsd') default['postfix']['use_transport_maps'] = false default['postfix']['use_access_maps'] = false default['postfix']['use_virtual_aliases'] = false @@ -33,6 +36,7 @@ default['postfix']['main_template_source'] = 'postfix' default['postfix']['master_template_source'] = 'postfix' default['postfix']['sender_canonical_map_entries'] = {} default['postfix']['smtp_generic_map_entries'] = {} +default['postfix']['recipient_canonical_map_entries'] = {} default['postfix']['access_db_type'] = 'hash' default['postfix']['aliases_db_type'] = 'hash' default['postfix']['transport_db_type'] = 'hash' @@ -84,6 +88,10 @@ default['postfix']['main']['myorigin'] = '$myhostname' default['postfix']['main']['mydestination'] = [node['postfix']['main']['myhostname'], node['hostname'], 'localhost.localdomain', 'localhost'].compact default['postfix']['main']['smtpd_use_tls'] = 'yes' default['postfix']['main']['smtp_use_tls'] = 'yes' +default['postfix']['main']['smtpd_tls_mandatory_protocols'] = '!SSLv2,!SSLv3' +default['postfix']['main']['smtp_tls_mandatory_protocols'] = '!SSLv2,!SSLv3' +default['postfix']['main']['smtpd_tls_protocols'] = '!SSLv2,!SSLv3' +default['postfix']['main']['smtp_tls_protocols'] = '!SSLv2,!SSLv3' default['postfix']['main']['smtp_sasl_auth_enable'] = 'no' default['postfix']['main']['mailbox_size_limit'] = 0 default['postfix']['main']['mynetworks'] = nil @@ -99,6 +107,11 @@ when 'smartos' default['postfix']['cafile'] = '/opt/local/etc/postfix/cacert.pem' when 'rhel' default['postfix']['cafile'] = '/etc/pki/tls/cert.pem' +when 'amazon' + default['postfix']['cafile'] = '/etc/pki/tls/cert.pem' +when 'suse' + default['postfix']['main']['setgid_group'] = 'maildrop' + default['postfix']['main']['daemon_directory'] = '/usr/lib/postfix/bin' else default['postfix']['cafile'] = "#{node['postfix']['conf_dir']}/cacert.pem" end @@ -374,27 +387,24 @@ default['postfix']['master']['bsmtp']['command'] = 'pipe' default['postfix']['master']['bsmtp']['args'] = ['flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient'] # OS Aliases -default['postfix']['aliases'] = case node['platform'] - when 'freebsd' +default['postfix']['aliases'] = if platform?('freebsd') { - 'MAILER-DAEMON' => 'postmaster', - 'bin' => 'root', - 'daemon' => 'root', - 'named' => 'root', - 'nobody' => 'root', - 'uucp' => 'root', - 'www' => 'root', - 'ftp-bugs' => 'root', - 'postfix' => 'root', - 'manager' => 'root', - 'dumper' => 'root', - 'operator' => 'root', - 'abuse' => 'postmaster', + 'MAILER-DAEMON' => 'postmaster', + 'bin' => 'root', + 'daemon' => 'root', + 'named' => 'root', + 'nobody' => 'root', + 'uucp' => 'root', + 'www' => 'root', + 'ftp-bugs' => 'root', + 'postfix' => 'root', + 'manager' => 'root', + 'dumper' => 'root', + 'operator' => 'root', + 'abuse' => 'postmaster', } else {} end -if node['postfix']['use_relay_restrictions_maps'] - default['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject" -end +default['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject" if node['postfix']['use_relay_restrictions_maps'] diff --git a/cookbooks/postfix/chefignore b/cookbooks/postfix/chefignore new file mode 100644 index 0000000..a27b0b2 --- /dev/null +++ b/cookbooks/postfix/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen*.yml +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/postfix/metadata.json b/cookbooks/postfix/metadata.json index e535f33..1bbe467 100644 --- a/cookbooks/postfix/metadata.json +++ b/cookbooks/postfix/metadata.json @@ -1 +1,45 @@ -{"name":"postfix","version":"5.0.2","description":"Installs and configures postfix for client or outbound relayhost, or to do SASL auth","long_description":"# postfix Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/postfix.svg?branch=master)](https://travis-ci.org/chef-cookbooks/postfix) [![Cookbook Version](https://img.shields.io/cookbook/v/postfix.svg)](https://supermarket.chef.io/cookbooks/postfix)\n\nInstalls and configures postfix for client or outbound relayhost, or to do SASL authentication.\n\nOn RHEL-family systems, sendmail will be replaced with postfix.\n\n## Requirements\n\n### Platforms\n\n- Ubuntu 12.04+\n- Debian 7.0+\n- RHEL/CentOS/Scientific 5.7+, 6.2+\n- Amazon Linux (as of AMIs created after 4/9/2012)\n\nMay work on other platforms with or without modification.\n\n### Chef\n\n- Chef 12.1+\n\n### Cookbooks\n\n- none\n\n## Attributes\n\nSee `attributes/default.rb` for default values.\n\n### Generic cookbook attributes\n\n- `node['postfix']['mail_type']` - Sets the kind of mail configuration. `master` will set up a server (relayhost).\n- `node['postfix']['relayhost_role']` - name of a role used for search in the client recipe.\n- `node['postfix']['multi_environment_relay']` - set to true if nodes should not constrain search for the relayhost in their own environment.\n- `node['postfix']['use_procmail']` - set to true if nodes should use procmail as the delivery agent.\n- `node['postfix']['use_alias_maps']` - set to true if you want the cookbook to use/configure alias maps\n- `node['postfix']['use_transport_maps']` - set to true if you want the cookbook to use/configure transport maps\n- `node['postfix']['use_access_maps']` - set to true if you want the cookbook to use/configure access maps\n- `node['postfix']['use_virtual_aliases']` - set to true if you want the cookbook to use/configure virtual alias maps\n- `node['postfix']['use_relay_restrictions_maps']` - set to true if you want the cookbook to use/configure a list of domains to which postfix will allow relay\n- `node['postfix']['aliases']` - hash of aliases to create with `recipe[postfix::aliases]`, see below under **Recipes** for more information.\n- `node['postfix']['transports']` - hash of transports to create with `recipe[postfix::transports]`, see below under **Recipes** for more information.\n- `node['postfix']['access']` - hash of access to create with `recipe[postfix::access]`, see below under **Recipes** for more information.\n- `node['postfix']['virtual_aliases']` - hash of virtual_aliases to create with `recipe[postfix::virtual_aliases]`, see below under __Recipes__ for more information.\n- `node['postfix']['main_template_source']` - Cookbook source for main.cf template. Default 'postfix'\n- `node['postfix']['master_template_source']` - Cookbook source for master.cf template. Default 'postfix'\n\n### main.cf and sasl_passwd template attributes\n\nThe main.cf template has been simplified to include any attributes in the `node['postfix']['main']` data structure. The following attributes are still included with this cookbook to maintain some semblance of backwards compatibility.\n\nThis change in namespace to `node['postfix']['main']` should allow for greater flexibility, given the large number of configuration variables for the postfix daemon. All of these cookbook attributes correspond to the option of the same name in `/etc/postfix/main.cf`.\n\n- `node['postfix']['main']['biff']` - (yes/no); default no\n- `node['postfix']['main']['append_dot_mydomain']` - (yes/no); default no\n- `node['postfix']['main']['myhostname']` - defaults to fqdn from Ohai\n- `node['postfix']['main']['mydomain']` - defaults to domain from Ohai\n- `node['postfix']['main']['myorigin']` - defaults to $myhostname\n- `node['postfix']['main']['mynetworks']` - default is nil, which forces Postfix to default to loopback addresses.\n- `node['postfix']['main']['inet_interfaces']` - set to `loopback-only`, or `all` for server recipe\n- `node['postfix']['main']['alias_maps']` - set to `hash:/etc/aliases`\n- `node['postfix']['main']['mailbox_size_limit']` - set to `0` (disabled)\n- `node['postfix']['main']['mydestination']` - default fqdn, hostname, localhost.localdomain, localhost\n- `node['postfix']['main']['smtpd_use_tls']` - (yes/no); default yes. See conditional cert/key attributes.\n- `node['postfix']['main']['smtpd_tls_cert_file']` - conditional attribute, set to full path of server's x509 certificate.\n- `node['postfix']['main']['smtpd_tls_key_file']` - conditional attribute, set to full path of server's private key\n- `node['postfix']['main']['smtpd_tls_CAfile']` - set to platform specific CA bundle\n- `node['postfix']['main']['smtpd_tls_session_cache_database']` - set to `btree:${data_directory}/smtpd_scache`\n- `node['postfix']['main']['smtp_use_tls']` - (yes/no); default yes. See following conditional attributes.\n- `node['postfix']['main']['smtp_tls_CAfile']` - set to platform specific CA bundle\n- `node['postfix']['main']['smtp_tls_session_cache_database']` - set to `btree:${data_directory}/smtpd_scache`\n- `node['postfix']['main']['smtp_sasl_auth_enable']` - (yes/no); default no. If enabled, see following conditional attributes.\n- `node['postfix']['main']['smtp_sasl_password_maps']` - Set to `hash:/etc/postfix/sasl_passwd` template file\n- `node['postfix']['main']['smtp_sasl_security_options']` - Set to noanonymous\n- `node['postfix']['main']['relayhost']` - Set to empty string\n- `node['postfix']['sasl']['smtp_sasl_user_name']` - SASL user to authenticate as. Default empty\n- `node['postfix']['sasl']['smtp_sasl_passwd']` - SASL password to use. Default empty.\n- `node['postfix']['sender_canonical_map_entries']` - (hash with key value pairs); default not configured. Setup generic canonical maps. See `man 5 canonical`. If has at least one value, then will be enabled in config.\n- `node['postfix']['smtp_generic_map_entries']` - (hash with key value pairs); default not configured. Setup generic postfix maps. See `man 5 generic`. If has at least one value, then will be enabled in config.\n\nExample of json role config, for setup *_map_entries:\n\n`postfix : {`\n\n`...`\n\n`\"smtp_generic_map_entries\" : { \"root@youinternaldomain.local\" : \"admin@example.com\", \"admin@youinternaldomain.local\" : \"admin@example.com\" }`\n\n`}`\n\n### master.cf template attributes\n\nThe master.cf template has been changed to allow full customization of the file content. For purpose of backwards compatibility default attributes generate the same master.cf. But via `node['postfix']['master']` data structure in your role for instance it can be completelly rewritten.\n\nExamples of json role config, for customize master.cf:\n\n`postfix : {`\n\n`...`\n\nturn some services off or on:\n\n```json\n \"master\" : {\n \"smtps\": {\n \"active\": true\n },\n \"old-cyrus\": {\n \"active\": false\n },\n \"cyrus\": {\n \"active\": false\n },\n \"uucp\": {\n \"active\": false\n },\n \"ifmail\": {\n \"active\": false\n },\n```\n\n`...` define you own service:\n\n```json\n \"spamfilter\": {\n \"comment\": \"My own spamfilter\",\n \"active\": true,\n \"order\": 590,\n \"type\": \"unix\",\n \"unpriv\": false,\n \"chroot\": false,\n \"command\": \"pipe\",\n \"args\": [\"flags=Rq user=spamd argv=/usr/bin/spamfilter.sh -oi -f ${sender} ${recipient}\"]\n }\n```\n\n`...`\n\n`}` `}`\n\nThe possible service hash fields and their meanings: hash key - have to be unique, unless you wish to override default definition.\n\nField | Mandatory | Description\n------- | --------- | --------------------------------------------------------------------\nactive | Yes | Boolean. Defines whether or not the service needs to be in master.cf\ncomment | No | String. If you would like to add a comment line before service line\norder | Yes | Integer. Number to define the order of lines in the file\ntype | Yes | String. Type of the service (inet, unix, fifo)\nprivate | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`\nunpriv | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`\nchroot | No | Boolean. If present replaced by `y` or `n`, otherwise by `-`\nwakeup | No | String. If present value placed in file, otherwise replaced by `-`\nmaxproc | No | String. If present value placed in file, otherwise replaced by `-`\ncommand | Yes | String. The command to be executed.\nargs | Yes | Array of Strings. Arguments passed to command.\n\nFor more information about meaning of the fields consult `master (5)` manual: \n\n## Recipes\n\n### default\n\nInstalls the postfix package and manages the service and the main configuration files (`/etc/postfix/main.cf` and `/etc/postfix/master.cf`). See **Usage** and **Examples** to see how to affect behavior of this recipe through configuration. Depending on the `node['postfix']['use_alias_maps']`, `node['postfix']['use_transport_maps']`, `node['postfix']['use_access_maps']` and `node['postfix']['use_virtual_aliases']` attributes the default recipe can call additional recipes to manage additional postfix configuration files\n\nFor a more dynamic approach to discovery for the relayhost, see the `client` and `server` recipes below.\n\n### client\n\nUse this recipe to have nodes automatically search for the mail relay based which node has the `node['postfix']['relayhost_role']` role. Sets the `node['postfix']['main']['relayhost']` attribute to the first result from the search.\n\nIncludes the default recipe to install, configure and start postfix.\n\nDoes not work with `chef-solo`.\n\n### sasl_auth\n\nSets up the system to authenticate with a remote mail relay using SASL authentication.\n\n### server\n\nTo use Chef Server search to automatically detect a node that is the relayhost, use this recipe in a role that will be relayhost. By default, the role should be \"relayhost\" but you can change the attribute `node['postfix']['relayhost_role']` to modify this.\n\n**Note** This recipe will set the `node['postfix']['mail_type']` to \"master\" with an override attribute.\n\n### maps\n\nGeneral recipe to manage any number of any type postfix lookup tables. You can replace with it recipes like `transport` or `virtual_aliases`, but what is more important - you can create any kinds of maps, which has no own recipe, including database lookup maps configuration. `maps` is a hash keys of which is a lookup table type and value is another hash with filenames as the keys and hash with file content as the value. File content is an any number of key/value pairs which meaning depends on lookup table type. Examlle:\n\n```json\n \"override_attributes\": {\n \"postfix\": {\n \"maps\": {\n \"hash\": {\n \"/etc/postfix/vmailbox\": {\n \"john@example.com\": \"ok\",\n \"john@example.net\": \"ok\",\n },\n \"/etc/postfix/virtual\": {\n \"postmaster@example.com\": \"john@example.com\",\n \"postmaster@example.net\": \"john@example.net\",\n \"root@mail.example.net\": \"john@example.net\"\n },\n \"/etc/postfix/envelope_senders\": {\n \"@example.com\": \"john@example.com\",\n \"@example.net\": \"john@example.net\"\n },\n \"/etc/postfix/relay_recipients\": {\n \"john@example.net\": \"ok\",\n \"john@example.com\": \"ok\",\n \"admin@example.com\": \"ok\",\n }\n },\n \"pgsql\": {\n \"/etc/postfix/pgtest\": {\n \"hosts\": \"db.local:2345\",\n \"user\": \"postfix\",\n \"password\": \"test\",\n \"dbname\": \"postdb\",\n \"query\": \"SELECT replacement FROM aliases WHERE mailbox = '%s'\"\n }\n }\n }\n }\n```\n\nTo use these files in your configuration reference them in `node['postfix']['main']`, for instance:\n\n```json\n \"postfix\": {\n \"main\": {\n \"smtpd_sender_login_maps\": \"hash:/etc/postfix/envelope_senders\",\n \"relay_recipient_maps\": \"hash:/etc/postfix/relay_recipients\",\n \"virtual_mailbox_maps\": \"hash:/etc/postfix/vmailbox\",\n \"virtual_alias_maps\": \"hash:/etc/postfix/virtual\",\n }\n }\n```\n\n### aliases\n\nManage `/etc/aliases` with this recipe. Currently only Ubuntu 10.04 platform has a template for the aliases file. Add your aliases template to the `templates/default` or to the appropriate platform+version directory per the File Specificity rules for templates. Then specify a hash of aliases for the `node['postfix']['aliases']` attribute.\n\nArrays are supported as alias values, since postfix supports comma separated values per alias, simply specify your alias as an array to use this handy feature.\n\n### aliases\n\nManage `/etc/aliases` with this recipe.\n\n### transports\n\nManage `/etc/postfix/transport` with this recipe.\n\n### access\n\nManage `/etc/postfix/access` with this recipe.\n\n### virtual_aliases\n\nManage `/etc/postfix/virtual` with this recipe.\n\n### relay_restrictions\n\nManage `/etc/postfix/relay_restriction` with this recipe The postfix option smtpd_relay_restrictions in main.cf will point to this hash map db.\n\n\n\n## Usage\n\nOn systems that should simply send mail directly to a relay, or out to the internet, use `recipe[postfix]` and modify the `node['postfix']['main']['relayhost']` attribute via a role.\n\nOn systems that should be the MX for a domain, set the attributes accordingly and make sure the `node['postfix']['mail_type']` attribute is `master`. See **Examples** for information on how to use `recipe[postfix::server]` to do this automatically.\n\nIf you need to use SASL authentication to send mail through your ISP (such as on a home network), use `postfix::sasl_auth` and set the appropriate attributes.\n\nFor each of these implementations, see **Examples** for role usage.\n\n### Examples\n\nThe example roles below only have the relevant postfix usage. You may have other contents depending on what you're configuring on your systems.\n\nThe `base` role is applied to all nodes in the environment.\n\n```ruby\nname \"base\"\nrun_list(\"recipe[postfix]\")\noverride_attributes(\n \"postfix\" => {\n \"mail_type\" => \"client\",\n \"main\" => {\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\",\n \"relayhost\" => \"[smtp.example.com]\",\n \"smtp_use_tls\" => \"no\"\n }\n }\n)\n```\n\nThe `relayhost` role is applied to the nodes that are relayhosts. Often this is 2 systems using a CNAME of `smtp.example.com`.\n\n```ruby\nname \"relayhost\"\nrun_list(\"recipe[postfix::server]\")\noverride_attributes(\n \"postfix\" => {\n \"mail_type\" => \"master\",\n \"main\" => {\n \"mynetworks\" => [ \"10.3.3.0/24\", \"127.0.0.0/8\" ],\n \"inet_interfaces\" => \"all\",\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\"\n }\n)\n```\n\nThe `sasl_relayhost` role is applied to the nodes that are relayhosts and require authenticating with SASL. For example this might be on a household network with an ISP that otherwise blocks direct internet access to SMTP.\n\n```ruby\nname \"sasl_relayhost\"\nrun_list(\"recipe[postfix], recipe[postfix::sasl_auth]\")\noverride_attributes(\n \"postfix\" => {\n \"mail_type\" => \"master\",\n \"main\" => {\n \"mynetworks\" => \"10.3.3.0/24\",\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\",\n \"relayhost\" => \"[smtp.comcast.net]:587\",\n \"smtp_sasl_auth_enable\" => \"yes\"\n },\n \"sasl\" => {\n \"smtp_sasl_passwd\" => \"your_password\",\n \"smtp_sasl_user_name\" => \"your_username\"\n }\n }\n)\n```\n\nFor an example of using encrypted data bags to encrypt the SASL password, see the following blog post:\n\n- \n\n#### Examples using the client & server recipes\n\nIf you'd like to use the more dynamic search based approach for discovery, use the server and client recipes. First, create a relayhost role.\n\n```ruby\nname \"relayhost\"\nrun_list(\"recipe[postfix::server]\")\noverride_attributes(\n \"postfix\" => {\n \"main\" => {\n \"mynetworks\" => \"10.3.3.0/24\",\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\"\n }\n }\n)\n```\n\nThen, add the `postfix::client` recipe to the run list of your `base` role or equivalent role for postfix clients.\n\n```ruby\nname \"base\"\nrun_list(\"recipe[postfix::client]\")\noverride_attributes(\n \"postfix\" => {\n \"mail_type\" => \"client\",\n \"main\" => {\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\"\n }\n }\n)\n```\n\nIf you wish to use a different role name for the relayhost, then also set the attribute in the `base` role. For example, `postfix_master` as the role name:\n\n```ruby\nname \"postfix_master\"\ndescription \"a role for postfix master that isn't relayhost\"\nrun_list(\"recipe[postfix::server]\")\noverride_attributes(\n \"postfix\" => {\n \"main\" => {\n \"mynetworks\" => \"10.3.3.0/24\",\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\"\n }\n }\n)\n```\n\nThe base role would look something like this:\n\n```ruby\nname \"base\"\nrun_list(\"recipe[postfix::client]\")\noverride_attributes(\n \"postfix\" => {\n \"relayhost_role\" => \"postfix_master\",\n \"mail_type\" => \"client\",\n \"main\" => {\n \"mydomain\" => \"example.com\",\n \"myorigin\" => \"example.com\"\n }\n }\n)\n```\n\nTo use relay restrictions override the relay restrictions attribute in this format:\n\n```ruby\noverride_attributes(\n \"postfix\" => {\n \"use_relay_restrictions_maps\" => true,\n \"relay_restrictions\" => {\n \"chef.io\" => \"OK\",\n \".chef.io\" => \"OK\",\n \"example.com\" => \"OK\"\n }\n }\n)\n```\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2009-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","redhat":">= 0.0.0","centos":">= 0.0.0","amazon":">= 0.0.0","oracle":">= 0.0.0","scientific":">= 0.0.0","smartos":">= 0.0.0","fedora":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"postfix":"Installs and configures postfix","postfix::sasl_auth":"Set up postfix to auth to a server with sasl","postfix::aliases":"Manages /etc/aliases","postfix::transports":"Manages /etc/postfix/transport","postfix::access":"Manages /etc/postfix/access","postfix::virtual_aliases":"Manages /etc/postfix/virtual","postfix::client":"Searches for the relayhost based on an attribute","postfix::server":"Sets the mail_type attribute to master","postfix::maps":"Manages any number of any type postfix lookup tables"},"source_url":"https://github.com/chef-cookbooks/postfix","issues_url":"https://github.com/chef-cookbooks/postfix/issues","chef_version":[[">= 12.1"]],"ohai_version":[]} \ No newline at end of file +{ + "name": "postfix", + "description": "Installs and configures postfix for client or outbound relayhost, or to do SASL auth", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "amazon": ">= 0.0.0", + "centos": ">= 0.0.0", + "debian": ">= 0.0.0", + "fedora": ">= 0.0.0", + "freebsd": ">= 0.0.0", + "oracle": ">= 0.0.0", + "redhat": ">= 0.0.0", + "scientific": ">= 0.0.0", + "smartos": ">= 0.0.0", + "ubuntu": ">= 0.0.0" + }, + "dependencies": { + + }, + "providing": { + + }, + "recipes": { + + }, + "version": "6.0.26", + "source_url": "https://github.com/sous-chefs/postfix", + "issues_url": "https://github.com/sous-chefs/postfix/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 12.15" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/postfix/metadata.rb b/cookbooks/postfix/metadata.rb new file mode 100644 index 0000000..7289daa --- /dev/null +++ b/cookbooks/postfix/metadata.rb @@ -0,0 +1,20 @@ +name 'postfix' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Installs and configures postfix for client or outbound relayhost, or to do SASL auth' +version '6.0.26' +source_url 'https://github.com/sous-chefs/postfix' +issues_url 'https://github.com/sous-chefs/postfix/issues' +chef_version '>= 12.15' + +supports 'amazon' +supports 'centos' +supports 'debian' +supports 'fedora' +supports 'freebsd' +supports 'oracle' +supports 'redhat' +supports 'scientific' +supports 'smartos' +supports 'ubuntu' diff --git a/cookbooks/postfix/recipes/_attributes.rb b/cookbooks/postfix/recipes/_attributes.rb index f3ffe6e..5e7449d 100644 --- a/cookbooks/postfix/recipes/_attributes.rb +++ b/cookbooks/postfix/recipes/_attributes.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,9 +13,7 @@ # limitations under the License. # -if node['postfix']['use_procmail'] - node.default_unless['postfix']['main']['mailbox_command'] = '/usr/bin/procmail -a "$EXTENSION"' -end +node.default_unless['postfix']['main']['mailbox_command'] = '/usr/bin/procmail -a "$EXTENSION"' if node['postfix']['use_procmail'] if node['postfix']['main']['smtpd_use_tls'] == 'yes' node.default_unless['postfix']['main']['smtpd_tls_cert_file'] = '/etc/ssl/certs/ssl-cert-snakeoil.pem' @@ -38,34 +36,18 @@ if node['postfix']['main']['smtp_sasl_auth_enable'] == 'yes' node.default_unless['postfix']['main']['relayhost'] = '' end -if node['postfix']['use_alias_maps'] - node.default_unless['postfix']['main']['alias_maps'] = ["hash:#{node['postfix']['aliases_db']}"] -end +node.default_unless['postfix']['main']['alias_maps'] = ["hash:#{node['postfix']['aliases_db']}"] if node['postfix']['use_alias_maps'] -if node['postfix']['use_transport_maps'] - node.default_unless['postfix']['main']['transport_maps'] = ["hash:#{node['postfix']['transport_db']}"] -end +node.default_unless['postfix']['main']['transport_maps'] = ["hash:#{node['postfix']['transport_db']}"] if node['postfix']['use_transport_maps'] -if node['postfix']['use_access_maps'] - node.default_unless['postfix']['main']['access_maps'] = ["hash:#{node['postfix']['access_db']}"] -end +node.default_unless['postfix']['main']['access_maps'] = ["hash:#{node['postfix']['access_db']}"] if node['postfix']['use_access_maps'] -if node['postfix']['use_virtual_aliases'] - node.default_unless['postfix']['main']['virtual_alias_maps'] = ["#{node['postfix']['virtual_alias_db_type']}:#{node['postfix']['virtual_alias_db']}"] -end +node.default_unless['postfix']['main']['virtual_alias_maps'] = ["#{node['postfix']['virtual_alias_db_type']}:#{node['postfix']['virtual_alias_db']}"] if node['postfix']['use_virtual_aliases'] -if node['postfix']['use_virtual_aliases_domains'] - node.default_unless['postfix']['main']['virtual_alias_domains'] = ["#{node['postfix']['virtual_alias_domains_db_type']}:#{node['postfix']['virtual_alias_domains_db']}"] -end +node.default_unless['postfix']['main']['virtual_alias_domains'] = ["#{node['postfix']['virtual_alias_domains_db_type']}:#{node['postfix']['virtual_alias_domains_db']}"] if node['postfix']['use_virtual_aliases_domains'] -if node['postfix']['use_relay_restrictions_maps'] - default['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject" -end +node.default_unless['postfix']['main']['smtpd_relay_restrictions'] = "hash:#{node['postfix']['relay_restrictions_db']}, reject" if node['postfix']['use_relay_restrictions_maps'] -if node['postfix']['master']['maildrop']['active'] - node.default_unless['postfix']['main']['maildrop_destination_recipient_limit'] = 1 -end +node.default_unless['postfix']['main']['maildrop_destination_recipient_limit'] = 1 if node['postfix']['master']['maildrop']['active'] -if node['postfix']['master']['cyrus']['active'] - node.default_unless['postfix']['main']['cyrus_destination_recipient_limit'] = 1 -end +node.default_unless['postfix']['main']['cyrus_destination_recipient_limit'] = 1 if node['postfix']['master']['cyrus']['active'] diff --git a/cookbooks/postfix/recipes/_common.rb b/cookbooks/postfix/recipes/_common.rb index 17d5e0e..ab3aeab 100644 --- a/cookbooks/postfix/recipes/_common.rb +++ b/cookbooks/postfix/recipes/_common.rb @@ -2,7 +2,7 @@ # Cookbook:: common # Recipe:: default # -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2020, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,12 +19,19 @@ include_recipe 'postfix::_attributes' -package 'postfix' +# use multi-package when we can +if node['os'] == 'linux' + package node['postfix']['packages'] +else + node['postfix']['packages'].each do |pkg| + package pkg + end +end package 'procmail' if node['postfix']['use_procmail'] case node['platform_family'] -when 'rhel', 'fedora' +when 'rhel', 'fedora', 'amazon' service 'sendmail' do action :nothing end @@ -35,6 +42,8 @@ when 'rhel', 'fedora' notifies :start, 'service[postfix]' not_if '/usr/bin/test /etc/alternatives/mta -ef /usr/sbin/sendmail.postfix' end +when 'suse' + file '/var/adm/postfix.configured' when 'omnios' manifest_path = ::File.join(Chef::Config[:file_cache_path], 'manifest-postfix.xml') @@ -67,7 +76,68 @@ when 'omnios' execute 'load postfix manifest' do action :nothing command "svccfg import #{manifest_path}" - notifies :restart, 'service[postfix]' + notifies :restart, 'service[postfix]' unless platform_family?('solaris2') + end +when 'freebsd' + # Actions are based on docs provided by FreeBSD: + # https://www.freebsd.org/doc/handbook/mail-changingmta.html + service 'sendmail' do + action :nothing + end + + template '/etc/mail/mailer.conf' do + source 'mailer.erb' + owner 'root' + group 0 + notifies :restart, 'service[postfix]' unless platform_family?('solaris2') + end + + execute 'switch_mailer_to_postfix' do + command [ + 'sysrc', + 'sendmail_enable=NO', + 'sendmail_submit_enable=NO', + 'sendmail_outbound_enable=NO', + 'sendmail_msp_queue_enable=NO', + 'postfix_enable=YES', + ] + notifies :stop, 'service[sendmail]', :immediately + notifies :disable, 'service[sendmail]', :immediately + notifies :start, 'service[postfix]', :delayed + only_if "sysrc sendmail_enable sendmail_submit_enable sendmail_outbound_enable sendmail_msp_queue_enable | egrep -q '(YES|unknown variable)' || sysrc postfix_enable | egrep -q '(NO|unknown variable)'" + end + + execute 'disable_periodic' do + # rubocop:disable Lint/ParenthesesAsGroupedExpression + environment ({ 'RC_CONFS' => '/etc/periodic.conf' }) + command [ + 'sysrc', + 'daily_clean_hoststat_enable=NO', + 'daily_status_mail_rejects_enable=NO', + 'daily_status_include_submit_mailq=NO', + 'daily_submit_queuerun=NO', + ] + only_if "RC_CONFS=/etc/periodic.conf sysrc daily_clean_hoststat_enable daily_status_mail_rejects_enable daily_status_include_submit_mailq daily_submit_queuerun | egrep -q '(YES|unknown variable)'" + end +end + +# We need to write the config first as the below postmap immediately commands assume config is correct +# Which is not the case as ipv6 is assumed to be available by the postfix package +# And if someone wants to disable this first we need to update the config first aswell +%w( main master ).each do |cfg| + template "#{node['postfix']['conf_dir']}/#{cfg}.cf" do + source "#{cfg}.cf.erb" + owner 'root' + group node['root_group'] + mode '0644' + # restart service for solaris on chef-client has a bug + # unless condition can be removed after + # https://github.com/chef/chef/pull/6596 merge/release + notifies :restart, 'service[postfix]' unless platform_family?('solaris2') + variables( + lazy { { settings: node['postfix'][cfg] } } + ) + cookbook node['postfix']["#{cfg}_template_source"] end end @@ -81,13 +151,11 @@ unless node['postfix']['sender_canonical_map_entries'].empty? owner 'root' group node['root_group'] mode '0644' - notifies :run, 'execute[update-postfix-sender_canonical]' + notifies :run, 'execute[update-postfix-sender_canonical]', :immediately notifies :reload, 'service[postfix]' end - unless node['postfix']['main'].key?('sender_canonical_maps') - node.normal['postfix']['main']['sender_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/sender_canonical" - end + node.default['postfix']['main']['sender_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/sender_canonical" unless node['postfix']['main'].key?('sender_canonical_maps') end execute 'update-postfix-smtp_generic' do @@ -100,28 +168,31 @@ unless node['postfix']['smtp_generic_map_entries'].empty? owner 'root' group node['root_group'] mode '0644' - notifies :run, 'execute[update-postfix-smtp_generic]' + notifies :run, 'execute[update-postfix-smtp_generic]', :immediately notifies :reload, 'service[postfix]' end - unless node['postfix']['main'].key?('smtp_generic_maps') - node.normal['postfix']['main']['smtp_generic_maps'] = "hash:#{node['postfix']['conf_dir']}/smtp_generic" - end + node.default['postfix']['main']['smtp_generic_maps'] = "hash:#{node['postfix']['conf_dir']}/smtp_generic" unless node['postfix']['main'].key?('smtp_generic_maps') end -%w( main master ).each do |cfg| - template "#{node['postfix']['conf_dir']}/#{cfg}.cf" do - source "#{cfg}.cf.erb" +execute 'update-postfix-recipient_canonical' do + command "postmap #{node['postfix']['conf_dir']}/recipient_canonical" + action :nothing +end + +unless node['postfix']['recipient_canonical_map_entries'].empty? + template "#{node['postfix']['conf_dir']}/recipient_canonical" do owner 'root' group node['root_group'] mode '0644' - notifies :restart, 'service[postfix]' - variables(settings: node['postfix'][cfg]) - cookbook node['postfix']["#{cfg}_template_source"] + notifies :run, 'execute[update-postfix-recipient_canonical]', :immediately + notifies :reload, 'service[postfix]' end + + node.default['postfix']['main']['recipient_canonical_maps'] = "hash:#{node['postfix']['conf_dir']}/recipient_canonical" unless node['postfix']['main'].key?('recipient_canonical_maps') end service 'postfix' do supports status: true, restart: true, reload: true - action :enable + action [:enable, :start] end diff --git a/cookbooks/postfix/recipes/access.rb b/cookbooks/postfix/recipes/access.rb index 62e3025..cfe5dbd 100644 --- a/cookbooks/postfix/recipes/access.rb +++ b/cookbooks/postfix/recipes/access.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,5 +23,5 @@ end template node['postfix']['access_db'] do source 'access.erb' - notifies :run, 'execute[update-postfix-access]' + notifies :run, 'execute[update-postfix-access]', :immediately end diff --git a/cookbooks/postfix/recipes/aliases.rb b/cookbooks/postfix/recipes/aliases.rb index 67d6db7..f8eec97 100644 --- a/cookbooks/postfix/recipes/aliases.rb +++ b/cookbooks/postfix/recipes/aliases.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,5 +25,5 @@ end template node['postfix']['aliases_db'] do source 'aliases.erb' - notifies :run, 'execute[update-postfix-aliases]' + notifies :run, 'execute[update-postfix-aliases]', :immediately end diff --git a/cookbooks/postfix/recipes/client.rb b/cookbooks/postfix/recipes/client.rb index 2231ce2..b5009a6 100644 --- a/cookbooks/postfix/recipes/client.rb +++ b/cookbooks/postfix/recipes/client.rb @@ -2,7 +2,7 @@ # Cookbook:: postfix # Recipe:: client # -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,6 +24,9 @@ end query = "role:#{node['postfix']['relayhost_role']}" relayhost = '' +# if the relayhost_port attribute is not port 25, append to the relayhost +relayhost_port = node['postfix']['relayhost_port'].to_s != '25' ? ":#{node['postfix']['relayhost_port']}" : '' + # results = [] if node.run_list.roles.include?(node['postfix']['relayhost_role']) @@ -36,6 +39,6 @@ else relayhost = results.map { |n| n['ipaddress'] }.first end -node.normal['postfix']['main']['relayhost'] = "[#{relayhost}]" +node.default['postfix']['main']['relayhost'] = "[#{relayhost}]#{relayhost_port}" include_recipe 'postfix' diff --git a/cookbooks/postfix/recipes/default.rb b/cookbooks/postfix/recipes/default.rb index 07026e4..9fed0be 100644 --- a/cookbooks/postfix/recipes/default.rb +++ b/cookbooks/postfix/recipes/default.rb @@ -2,7 +2,7 @@ # Cookbook:: postfix # Recipe:: default # -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/postfix/recipes/maps.rb b/cookbooks/postfix/recipes/maps.rb index 9c47486..35ea9ad 100644 --- a/cookbooks/postfix/recipes/maps.rb +++ b/cookbooks/postfix/recipes/maps.rb @@ -1,5 +1,4 @@ -# encoding: utf-8 -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,7 +14,11 @@ # node['postfix']['maps'].each do |type, maps| - if node['platform_family'] == 'debian' + if platform_family?('debian') + package "postfix-#{type}" if %w(pgsql mysql ldap cdb).include?(type) + end + + if platform?('redhat') && node['platform_version'].to_i == 8 package "postfix-#{type}" if %w(pgsql mysql ldap cdb).include?(type) end @@ -38,9 +41,7 @@ node['postfix']['maps'].each do |type, maps| map: content, separator: separator ) - if %w(btree cdb dbm hash sdbm).include?(type) - notifies :run, "execute[update-postmap-#{file}]" - end + notifies :run, "execute[update-postmap-#{file}]" if %w(btree cdb dbm hash sdbm).include?(type) notifies :restart, 'service[postfix]' end end diff --git a/cookbooks/postfix/recipes/relay_restrictions.rb b/cookbooks/postfix/recipes/relay_restrictions.rb index c5548e4..08aabcd 100644 --- a/cookbooks/postfix/recipes/relay_restrictions.rb +++ b/cookbooks/postfix/recipes/relay_restrictions.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,13 +15,15 @@ include_recipe 'postfix::_common' +postmap_command = platform_family?('rhel') ? '/usr/sbin/postmap' : 'postmap' + execute 'update-postfix-relay-restrictions' do - command "postmap #{node['postfix']['relay_restrictions_db']}" + command "#{postmap_command} #{node['postfix']['relay_restrictions_db']}" environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios') action :nothing end template node['postfix']['relay_restrictions_db'] do source 'relay_restrictions.erb' - notifies :run, 'execute[update-postfix-relay-restrictions]' + notifies :run, 'execute[update-postfix-relay-restrictions]', :immediately end diff --git a/cookbooks/postfix/recipes/sasl_auth.rb b/cookbooks/postfix/recipes/sasl_auth.rb index 38f040e..bd9c18f 100644 --- a/cookbooks/postfix/recipes/sasl_auth.rb +++ b/cookbooks/postfix/recipes/sasl_auth.rb @@ -3,7 +3,7 @@ # Cookbook:: postfix # Recipe:: sasl_auth # -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,11 +28,9 @@ case node['platform_family'] when 'debian' sasl_pkgs = %w(libsasl2-2 libsasl2-modules ca-certificates) when 'rhel' - sasl_pkgs = if node['platform_version'].to_i < 6 - %w(cyrus-sasl cyrus-sasl-plain openssl) - else - %w(cyrus-sasl cyrus-sasl-plain ca-certificates) - end + sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates) +when 'amazon' + sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates) when 'fedora' sasl_pkgs = %w(cyrus-sasl cyrus-sasl-plain ca-certificates) end diff --git a/cookbooks/postfix/recipes/server.rb b/cookbooks/postfix/recipes/server.rb index 2166777..eaa14a6 100644 --- a/cookbooks/postfix/recipes/server.rb +++ b/cookbooks/postfix/recipes/server.rb @@ -3,7 +3,7 @@ # Cookbook:: postfix # Recipe:: server # -# Copyright:: 2009-2017, Chef Software, Inc. +# Copyright:: 2009-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/postfix/recipes/transports.rb b/cookbooks/postfix/recipes/transports.rb index 7386caa..5436ae6 100644 --- a/cookbooks/postfix/recipes/transports.rb +++ b/cookbooks/postfix/recipes/transports.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,13 +15,15 @@ include_recipe 'postfix::_common' +postmap_command = platform_family?('rhel') ? '/usr/sbin/postmap' : 'postmap' + execute 'update-postfix-transport' do - command "postmap #{node['postfix']['transport_db']}" + command "#{postmap_command} #{node['postfix']['transport_db']}" environment PATH: "#{ENV['PATH']}:/opt/omni/bin:/opt/omni/sbin" if platform_family?('omnios') action :nothing end template node['postfix']['transport_db'] do source 'transport.erb' - notifies :run, 'execute[update-postfix-transport]' + notifies :run, 'execute[update-postfix-transport]', :immediately end diff --git a/cookbooks/postfix/recipes/virtual_aliases.rb b/cookbooks/postfix/recipes/virtual_aliases.rb index f8e9eda..7047807 100644 --- a/cookbooks/postfix/recipes/virtual_aliases.rb +++ b/cookbooks/postfix/recipes/virtual_aliases.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,6 +23,6 @@ end template node['postfix']['virtual_alias_db'] do source 'virtual_aliases.erb' - notifies :run, 'execute[update-postfix-virtual-alias]' + notifies :run, 'execute[update-postfix-virtual-alias]', :immediately notifies :restart, 'service[postfix]' end diff --git a/cookbooks/postfix/recipes/virtual_aliases_domains.rb b/cookbooks/postfix/recipes/virtual_aliases_domains.rb index 067b697..3ded82d 100644 --- a/cookbooks/postfix/recipes/virtual_aliases_domains.rb +++ b/cookbooks/postfix/recipes/virtual_aliases_domains.rb @@ -1,4 +1,4 @@ -# Copyright:: 2012-2017, Chef Software, Inc. +# Copyright:: 2012-2019, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,6 +23,6 @@ end template node['postfix']['virtual_alias_domains_db'] do source 'virtual_aliases_domains.erb' - notifies :run, 'execute[update-postfix-virtual-alias-domains]' + notifies :run, 'execute[update-postfix-virtual-alias-domains]', :immediately notifies :restart, 'service[postfix]' end diff --git a/cookbooks/postfix/renovate.json b/cookbooks/postfix/renovate.json new file mode 100644 index 0000000..7e7a8ba --- /dev/null +++ b/cookbooks/postfix/renovate.json @@ -0,0 +1,17 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:base"], + "packageRules": [{ + "groupName": "Actions", + "matchUpdateTypes": ["patch", "pin", "digest"], + "automerge": true, + "addLabels": ["Release: Patch", "Skip: Announcements"] + }, + { + "groupName": "Actions", + "matchUpdateTypes": ["major"], + "automerge": false, + "addLabels": ["Release: Patch", "Skip: Announcements"] + } + ] +} diff --git a/cookbooks/postfix/templates/default/access.erb b/cookbooks/postfix/templates/access.erb similarity index 100% rename from cookbooks/postfix/templates/default/access.erb rename to cookbooks/postfix/templates/access.erb diff --git a/cookbooks/postfix/templates/default/aliases.erb b/cookbooks/postfix/templates/aliases.erb similarity index 100% rename from cookbooks/postfix/templates/default/aliases.erb rename to cookbooks/postfix/templates/aliases.erb diff --git a/cookbooks/postfix/templates/default/sasl_passwd.erb b/cookbooks/postfix/templates/default/sasl_passwd.erb deleted file mode 100644 index 18f16b3..0000000 --- a/cookbooks/postfix/templates/default/sasl_passwd.erb +++ /dev/null @@ -1,4 +0,0 @@ -# Auto-generated by Chef. -# Local modifications will be overwritten. -# -<%= node['postfix']['main']['relayhost'] %> <%= @settings['smtp_sasl_user_name'] %>:<%= @settings['smtp_sasl_passwd'] %> diff --git a/cookbooks/postfix/templates/mailer.erb b/cookbooks/postfix/templates/mailer.erb new file mode 100644 index 0000000..1865157 --- /dev/null +++ b/cookbooks/postfix/templates/mailer.erb @@ -0,0 +1,10 @@ +# +# Auto-generated by Chef. +# Local modifications will be overwritten. +# +# Execute the Postfix sendmail program, named /usr/local/sbin/sendmail +# +sendmail /usr/local/sbin/sendmail +send-mail /usr/local/sbin/sendmail +mailq /usr/local/sbin/sendmail +newaliases /usr/local/sbin/sendmail diff --git a/cookbooks/postfix/templates/default/main.cf.erb b/cookbooks/postfix/templates/main.cf.erb similarity index 100% rename from cookbooks/postfix/templates/default/main.cf.erb rename to cookbooks/postfix/templates/main.cf.erb diff --git a/cookbooks/postfix/templates/default/manifest-postfix.xml.erb b/cookbooks/postfix/templates/manifest-postfix.xml.erb similarity index 100% rename from cookbooks/postfix/templates/default/manifest-postfix.xml.erb rename to cookbooks/postfix/templates/manifest-postfix.xml.erb diff --git a/cookbooks/postfix/templates/default/maps.erb b/cookbooks/postfix/templates/maps.erb similarity index 100% rename from cookbooks/postfix/templates/default/maps.erb rename to cookbooks/postfix/templates/maps.erb diff --git a/cookbooks/postfix/templates/default/master.cf.erb b/cookbooks/postfix/templates/master.cf.erb similarity index 100% rename from cookbooks/postfix/templates/default/master.cf.erb rename to cookbooks/postfix/templates/master.cf.erb diff --git a/cookbooks/postfix/templates/default/port_smtp.erb b/cookbooks/postfix/templates/port_smtp.erb similarity index 100% rename from cookbooks/postfix/templates/default/port_smtp.erb rename to cookbooks/postfix/templates/port_smtp.erb diff --git a/cookbooks/postfix/templates/recipient_canonical.erb b/cookbooks/postfix/templates/recipient_canonical.erb new file mode 100644 index 0000000..bfff5c1 --- /dev/null +++ b/cookbooks/postfix/templates/recipient_canonical.erb @@ -0,0 +1,9 @@ +# +# Auto-generated by Chef. +# Local modifications will be overwritten. +# +# See man 5 canonical for format + +<% node['postfix']['recipient_canonical_map_entries'].each do |name, value| %> +<%= name %> <%= value %> +<% end unless node['postfix']['recipient_canonical_map_entries'].nil? %> diff --git a/cookbooks/postfix/templates/default/relay_restrictions.erb b/cookbooks/postfix/templates/relay_restrictions.erb similarity index 100% rename from cookbooks/postfix/templates/default/relay_restrictions.erb rename to cookbooks/postfix/templates/relay_restrictions.erb diff --git a/cookbooks/postfix/templates/sasl_passwd.erb b/cookbooks/postfix/templates/sasl_passwd.erb new file mode 100644 index 0000000..7ead10e --- /dev/null +++ b/cookbooks/postfix/templates/sasl_passwd.erb @@ -0,0 +1,8 @@ +# Auto-generated by Chef. +# Local modifications will be overwritten. + +<% if !@settings.nil? && !@settings.empty? -%> +<% @settings.sort.map do |relayhost,value| -%> +<%= relayhost %> <%= value['username'] %>:<%= value['password'] %> +<% end -%> +<% end -%> diff --git a/cookbooks/postfix/templates/default/sender_canonical.erb b/cookbooks/postfix/templates/sender_canonical.erb similarity index 100% rename from cookbooks/postfix/templates/default/sender_canonical.erb rename to cookbooks/postfix/templates/sender_canonical.erb diff --git a/cookbooks/postfix/templates/default/smtp_generic.erb b/cookbooks/postfix/templates/smtp_generic.erb similarity index 100% rename from cookbooks/postfix/templates/default/smtp_generic.erb rename to cookbooks/postfix/templates/smtp_generic.erb diff --git a/cookbooks/postfix/templates/default/transport.erb b/cookbooks/postfix/templates/transport.erb similarity index 100% rename from cookbooks/postfix/templates/default/transport.erb rename to cookbooks/postfix/templates/transport.erb diff --git a/cookbooks/postfix/templates/default/virtual_aliases.erb b/cookbooks/postfix/templates/virtual_aliases.erb similarity index 100% rename from cookbooks/postfix/templates/default/virtual_aliases.erb rename to cookbooks/postfix/templates/virtual_aliases.erb diff --git a/cookbooks/postfix/templates/default/virtual_aliases_domains.erb b/cookbooks/postfix/templates/virtual_aliases_domains.erb similarity index 100% rename from cookbooks/postfix/templates/default/virtual_aliases_domains.erb rename to cookbooks/postfix/templates/virtual_aliases_domains.erb diff --git a/cookbooks/unbound/CHANGELOG.md b/cookbooks/unbound/CHANGELOG.md new file mode 100644 index 0000000..ce0a267 --- /dev/null +++ b/cookbooks/unbound/CHANGELOG.md @@ -0,0 +1,64 @@ +# CHANGELOG + +This file is used to list changes made in each version of the unbound cookbook. + +## 3.0.2 - *2023-10-02* + +- Update Ci files and remove CircleCI config + +## 3.0.1 - *2022-09-30* + +- Add missing `fallback-enable` setting to `config_authority_zone` + +## 3.0.0 - *2022-04-04* + +- Add separate configuration resources +- Default recipe now only runs installation +- Refactor configuration template to be Hash driven + +## 2.0.3 - *2022-03-04* + +- resolved cookstyle error: .delivery/project.toml:2:8 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:4:10 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:5:13 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:6:10 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:7:9 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:8:14 convention: `Style/StringLiterals` +- resolved cookstyle error: .delivery/project.toml:9:11 convention: `Style/StringLiterals` + +## 2.0.2 - *2021-08-31* + +- Standardise files with files in sous-chefs/repo-management + +## 2.0.1 - *2021-06-01* + +- Updated tests folder to match other cookbooks +- Updated spec platform to supported version + +## 2.0.0 - 2020-05-05 + +- Upgraded to circleci for testing +- Minimum Chef Infra Client version is now **13.0** +- Removed unused long_description metadata.rb field +- Simplify overly complex platform logic +- Migrate to actions for testing + +## [1.0.1] + +- Simplify logic with root_group +- Fix `root_group` not using new_resource +- Use strings for file modes +- Resolve foodcritic warnings in the `rr` resource +- Fix platform_family logic on the service Update platforms. +- Use dokken images for travis testing. +- Don't test on debian-8/9 and centos-6 as these services don't currently start. +- Account for a list of forward-addrs / effectively disable remote control (#27) + +## [1.0.0] + +- Add new custom resources `unbound_install` & `unbound_configure` + +## [0.1.1] + +- Adding support and kitchen testing for forward_zone generation +- Updating to use Sous Chefs guidelines diff --git a/cookbooks/unbound/LICENSE b/cookbooks/unbound/LICENSE new file mode 100644 index 0000000..11069ed --- /dev/null +++ b/cookbooks/unbound/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [yyyy] [name of copyright owner] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/cookbooks/unbound/README.md b/cookbooks/unbound/README.md new file mode 100644 index 0000000..700cf8a --- /dev/null +++ b/cookbooks/unbound/README.md @@ -0,0 +1,78 @@ +# Unbound Cookbook + +[![Cookbook Version](https://img.shields.io/cookbook/v/unbound.svg)](https://supermarket.chef.io/cookbooks/unbound) +[![Build Status](https://img.shields.io/circleci/project/github/sous-chefs/unbound/master.svg)](https://circleci.com/gh/sous-chefs/unbound) +[![OpenCollective](https://opencollective.com/sous-chefs/backers/badge.svg)](#backers) +[![OpenCollective](https://opencollective.com/sous-chefs/sponsors/badge.svg)](#sponsors) +[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0) + +Installs and manages the unbound DNS server. + +- [http://unbound.net](http://unbound.net) + +## Maintainers + +This cookbook is maintained by the Sous Chefs. The Sous Chefs are a community of Chef cookbook maintainers working together to maintain important cookbooks. If you’d like to know more please visit [sous-chefs.org](https://sous-chefs.org/) or come chat with us on the Chef Community Slack in [#sous-chefs](https://chefcommunity.slack.com/messages/C2V7B88SF). + +## Requirements + +### Platform + +A platform with unbound available as a native package. The following platforms have unbound packaged, but note that the filesystem locations are not consistent and at this time only Linux + FHS is supported. + +- Ubuntu/Debian +- Red Hat/CentOS/Fedora (requires EPEL) +- FreeBSD + +### Chef + +- Chef 16 + +## Resources + +- [unbound_config_authority_zone](documentation/unbound_config_authority_zone.md) +- [unbound_config_cachedb](documentation/unbound_config_cachedb.md) +- [unbound_config_dns64](documentation/unbound_config_dns64.md) +- [unbound_config_dnscrypt](documentation/unbound_config_dnscrypt.md) +- [unbound_config_dnstap](documentation/unbound_config_dnstap.md) +- [unbound_config_dynamic_library](documentation/unbound_config_dynamic_library.md) +- [unbound_config_forward_zone](documentation/unbound_config_forward_zone.md) +- [unbound_config_python_script](documentation/unbound_config_python_script.md) +- [unbound_config_remote_control](documentation/unbound_config_remote_control.md) +- [unbound_config_rpz_zone](documentation/unbound_config_rpz_zone.md) +- [unbound_config_server](documentation/unbound_config_server.md) +- [unbound_config_stub_zone](documentation/unbound_config_stub_zone.md) +- [unbound_config_view](documentation/unbound_config_view.md) +- [unbound_package](documentation/unbound_package.md) +- [unbound_service](documentation/unbound_service.md) + +## Recipes + +### default + +Installs unbound using defaults. + +## Contributors + +This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false) + +### Backers + +Thank you to all our backers! + +![https://opencollective.com/sous-chefs#backers](https://opencollective.com/sous-chefs/backers.svg?width=600&avatarHeight=40) + +### Sponsors + +Support this project by becoming a sponsor. Your logo will show up here with a link to your website. + +![https://opencollective.com/sous-chefs/sponsor/0/website](https://opencollective.com/sous-chefs/sponsor/0/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/1/website](https://opencollective.com/sous-chefs/sponsor/1/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/2/website](https://opencollective.com/sous-chefs/sponsor/2/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/3/website](https://opencollective.com/sous-chefs/sponsor/3/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/4/website](https://opencollective.com/sous-chefs/sponsor/4/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/5/website](https://opencollective.com/sous-chefs/sponsor/5/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/6/website](https://opencollective.com/sous-chefs/sponsor/6/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/7/website](https://opencollective.com/sous-chefs/sponsor/7/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/8/website](https://opencollective.com/sous-chefs/sponsor/8/avatar.svg?avatarHeight=100) +![https://opencollective.com/sous-chefs/sponsor/9/website](https://opencollective.com/sous-chefs/sponsor/9/avatar.svg?avatarHeight=100) diff --git a/cookbooks/unbound/chefignore b/cookbooks/unbound/chefignore new file mode 100644 index 0000000..cc170ea --- /dev/null +++ b/cookbooks/unbound/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen.yml* +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/cookbooks/unbound/kitchen.dokken.yml b/cookbooks/unbound/kitchen.dokken.yml new file mode 100644 index 0000000..46cae69 --- /dev/null +++ b/cookbooks/unbound/kitchen.dokken.yml @@ -0,0 +1,56 @@ +--- +driver: + name: dokken + privileged: true + chef_version: <%= ENV['CHEF_VERSION'] || 'current' %> + +transport: + name: dokken + +provisioner: + name: dokken + +platforms: + - name: centos-7 + driver: + image: dokken/centos-7 + pid_one_command: /usr/lib/systemd/systemd + + - name: centos-stream-8 + driver: + image: dokken/centos-stream-8 + pid_one_command: /usr/lib/systemd/systemd + + - name: fedora-latest + driver: + image: dokken/fedora-latest + pid_one_command: /usr/lib/systemd/systemd + + - name: ubuntu-18.04 + driver: + image: dokken/ubuntu-18.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: ubuntu-20.04 + driver: + image: dokken/ubuntu-20.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: debian-10 + driver: + image: dokken/debian-10 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: debian-11 + driver: + image: dokken/debian-11 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update +... diff --git a/cookbooks/unbound/libraries/helpers.rb b/cookbooks/unbound/libraries/helpers.rb new file mode 100644 index 0000000..bb46228 --- /dev/null +++ b/cookbooks/unbound/libraries/helpers.rb @@ -0,0 +1,59 @@ +# +# Cookbook:: unbound +# Library:: helpers +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +module Unbound + module Cookbook + module Helpers + def default_config_dir + return '/etc/unbound' if %i(unbound_config unbound_configure unbound_config_server).include?(declared_type) + + return '/etc/unbound/unbound.conf.d' if platform?('debian', 'ubuntu') + + case declared_type + when :unbound_config_local + '/etc/unbound/local.d' + when :unbound_config_key + '/etc/unbound/keys.d' + else + '/etc/unbound/conf.d' + end + end + + def default_includes_dir + case node['platform_family'] + when 'rhel', 'fedora' + %w(/etc/unbound/conf.d/*.conf /etc/unbound/local.d/*.conf) + when 'debian' + %w(/etc/unbound/unbound.conf.d/*.conf) + else + raise "Unsupported platform family #{node['platform_family']}" + end + end + + def unbound_yes_no?(value) + case value + when true + 'yes' + when false + 'no' + when 'yes', 'YES', 'no', 'NO' + value.downcase + end + end + end + end +end diff --git a/cookbooks/unbound/libraries/template.rb b/cookbooks/unbound/libraries/template.rb new file mode 100644 index 0000000..acc3c62 --- /dev/null +++ b/cookbooks/unbound/libraries/template.rb @@ -0,0 +1,26 @@ +# +# Cookbook:: unbound +# Library:: template +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +module Unbound + module Cookbook + module TemplateHelpers + def template_partial_indent(output, level, spaces = 2) + output.split("\n").each { |l| l.prepend(' ' * (level * spaces)) }.join("\n") + end + end + end +end diff --git a/cookbooks/unbound/metadata.json b/cookbooks/unbound/metadata.json new file mode 100644 index 0000000..560d7e2 --- /dev/null +++ b/cookbooks/unbound/metadata.json @@ -0,0 +1,42 @@ +{ + "name": "unbound", + "description": "Manages unbound DNS resolver", + "long_description": "", + "maintainer": "Sous Chefs", + "maintainer_email": "help@sous-chefs.org", + "license": "Apache-2.0", + "platforms": { + "debian": ">= 0.0.0", + "ubuntu": ">= 0.0.0", + "centos": ">= 0.0.0", + "redhat": ">= 0.0.0", + "scientific": ">= 0.0.0", + "oracle": ">= 0.0.0", + "amazon": ">= 0.0.0" + }, + "dependencies": { + + }, + "providing": { + + }, + "recipes": { + + }, + "version": "3.0.2", + "source_url": "https://github.com/sous-chefs/unbound", + "issues_url": "https://github.com/sous-chefs/unbound/issues", + "privacy": false, + "chef_versions": [ + [ + ">= 16" + ] + ], + "ohai_versions": [ + + ], + "gems": [ + + ], + "eager_load_libraries": true +} diff --git a/cookbooks/unbound/metadata.rb b/cookbooks/unbound/metadata.rb new file mode 100644 index 0000000..7e52ea9 --- /dev/null +++ b/cookbooks/unbound/metadata.rb @@ -0,0 +1,13 @@ +name 'unbound' +maintainer 'Sous Chefs' +maintainer_email 'help@sous-chefs.org' +license 'Apache-2.0' +description 'Manages unbound DNS resolver' +version '3.0.2' +issues_url 'https://github.com/sous-chefs/unbound/issues' +source_url 'https://github.com/sous-chefs/unbound' +chef_version '>= 16' + +%w(debian ubuntu centos redhat scientific oracle amazon).each do |os| + supports os +end diff --git a/cookbooks/unbound/recipes/default.rb b/cookbooks/unbound/recipes/default.rb new file mode 100644 index 0000000..28e20ef --- /dev/null +++ b/cookbooks/unbound/recipes/default.rb @@ -0,0 +1,25 @@ +# +# Cookbook:: unbound +# Recipe:: default +# +# Copyright:: 2011, Joshua Timberman +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +log 'v3_warning' do + message 'Version 3.0.0 of this cookbook removed all configuration actions from the default recipe' + level :warn +end + +unbound_package 'unbound' diff --git a/cookbooks/unbound/renovate.json b/cookbooks/unbound/renovate.json new file mode 100644 index 0000000..39a2b6e --- /dev/null +++ b/cookbooks/unbound/renovate.json @@ -0,0 +1,6 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:base" + ] +} diff --git a/cookbooks/unbound/resources/config_authority_zone.rb b/cookbooks/unbound/resources/config_authority_zone.rb new file mode 100644 index 0000000..6ea9626 --- /dev/null +++ b/cookbooks/unbound/resources/config_authority_zone.rb @@ -0,0 +1,93 @@ +# +# Cookbook:: unbound +# Resource:: config_authority_zone +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +provides :unbound_config_auth_zone + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/authority-zone-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :zone_name, String, + default: lazy { name } + +property :primary, [String, Array], + coerce: proc { |p| Array(p) } + +property :master, [String, Array], + coerce: proc { |p| Array(p) } + +property :url, [String, Array], + coerce: proc { |p| Array(p) } + +property :allow_notify, [String, Array], + coerce: proc { |p| Array(p) } + +property :fallback_enabled, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :for_downstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :for_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :zonemd_check, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :zonemd_reject_absence, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :zonefile, String + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'name' => new_resource.zone_name, + 'primary' => new_resource.primary.dup, + 'master' => new_resource.master.dup, + 'url' => new_resource.url.dup, + 'allow-notify' => new_resource.allow_notify.dup, + 'fallback-enabled' => new_resource.fallback_enabled, + 'for-downstream' => new_resource.for_downstream, + 'for-upstream' => new_resource.for_upstream, + 'zonemd-check' => new_resource.zonemd_check, + 'zonemd-reject-absence' => new_resource.zonemd_reject_absence, + 'zonefile' => new_resource.zonefile, + }.compact + + config = { + 'auth-zone' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_cachedb.rb b/cookbooks/unbound/resources/config_cachedb.rb new file mode 100644 index 0000000..1c415b7 --- /dev/null +++ b/cookbooks/unbound/resources/config_cachedb.rb @@ -0,0 +1,67 @@ +# +# Cookbook:: unbound +# Resource:: config_cachedb +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/cachedb.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :backend, String + +property :secret_seed, String + +property :redis_server_host, String + +property :redis_server_port, Integer + +property :redis_timeout, Integer + +property :redis_expire_records, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + cachedb_config = { + 'backend' => new_resource.backend, + 'secret-seed' => new_resource.secret_seed, + 'redis-server-host' => new_resource.redis_server_host, + 'redis-server-port' => new_resource.redis_server_port, + 'redis-timeout' => new_resource.redis_timeout, + 'redis-expire-records' => new_resource.redis_expire_records, + }.compact + + config = { + 'cachedb' => cachedb_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_dns64.rb b/cookbooks/unbound/resources/config_dns64.rb new file mode 100644 index 0000000..4c4a9e5 --- /dev/null +++ b/cookbooks/unbound/resources/config_dns64.rb @@ -0,0 +1,58 @@ +# +# Cookbook:: unbound +# Resource:: config_dns64 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/dns64.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :dns64_prefix, String + +property :dns64_synthall, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dns64_ignore_aaaa, String + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + dns64_config = { + 'dns64-prefix' => new_resource.dns64_prefix, + 'dns64-synthall' => new_resource.dns64_synthall, + 'dns64-ignore-aaaa' => new_resource.dns64_ignore_aaaa, + }.compact + + config = { + 'server' => dns64_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_dnscrypt.rb b/cookbooks/unbound/resources/config_dnscrypt.rb new file mode 100644 index 0000000..f6ebff8 --- /dev/null +++ b/cookbooks/unbound/resources/config_dnscrypt.rb @@ -0,0 +1,80 @@ +# +# Cookbook:: unbound +# Resource:: config_dnscrypt +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/dnscrypt.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :dnscrypt_enable, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnscrypt_port, Integer + +property :dnscrypt_provider, [String, Array], + coerce: proc { |p| Array(p) } + +property :dnscrypt_secret_key, String + +property :dnscrypt_provider_cert, String + +property :dnscrypt_provider_cert_rotated, String + +property :dnscrypt_shared_secret_cache_size, String + +property :dnscrypt_shared_secret_cache_slabs, Integer + +property :dnscrypt_nonce_cache_size, String + +property :dnscrypt_nonce_cache_slabs, Integer + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + dnscrypt_config = { + 'dnscrypt-enable' => new_resource.dnscrypt_enable, + 'dnscrypt-port' => new_resource.dnscrypt_port, + 'dnscrypt-provider' => new_resource.dnscrypt_provider.dup, + 'dnscrypt-secret-key' => new_resource.dnscrypt_secret_key, + 'dnscrypt-provider-cert' => new_resource.dnscrypt_provider_cert, + 'dnscrypt-provider-cert-rotated' => new_resource.dnscrypt_provider_cert_rotated, + 'dnscrypt-shared-secret-cache-size' => new_resource.dnscrypt_shared_secret_cache_size, + 'dnscrypt-shared-secret-cache-slabs' => new_resource.dnscrypt_shared_secret_cache_slabs, + 'dnscrypt-nonce-cache-size' => new_resource.dnscrypt_nonce_cache_size, + 'dnscrypt-nonce-cache-slabs' => new_resource.dnscrypt_nonce_cache_slabs, + }.compact + + config = { + 'dnscrypt' => dnscrypt_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_dnstap.rb b/cookbooks/unbound/resources/config_dnstap.rb new file mode 100644 index 0000000..60c2d0f --- /dev/null +++ b/cookbooks/unbound/resources/config_dnstap.rb @@ -0,0 +1,116 @@ +# +# Cookbook:: unbound +# Resource:: config_dnstap +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/dnstap.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :dnstap_enable, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_bidirectional, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_socket_path, String + +property :dnstap_ip, String + +property :dnstap_tls, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_tls_server_name, String + +property :dnstap_tls_cert_bundle, String + +property :dnstap_tls_client_key_file, String + +property :dnstap_tls_client_cert_file, String + +property :dnstap_send_identity, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_send_version, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_identity, String + +property :dnstap_version, String + +property :dnstap_log_resolver_query_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_log_resolver_response_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_log_client_query_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_log_client_response_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_log_forwarder_query_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :dnstap_log_forwarder_response_messages, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'dnstap-enable' => new_resource.dnstap_enable, + 'dnstap-bidirectional' => new_resource.dnstap_bidirectional, + 'dnstap-socket-path' => new_resource.dnstap_socket_path, + 'dnstap-ip' => new_resource.dnstap_ip, + 'dnstap-tls' => new_resource.dnstap_tls, + 'dnstap-tls-server-name' => new_resource.dnstap_tls_server_name, + 'dnstap-tls-cert-bundle' => new_resource.dnstap_tls_cert_bundle, + 'dnstap-tls-client-key-file' => new_resource.dnstap_tls_client_key_file, + 'dnstap-tls-client-cert-file' => new_resource.dnstap_tls_client_cert_file, + 'dnstap-send-identity' => new_resource.dnstap_send_identity, + 'dnstap-send-version' => new_resource.dnstap_send_version, + 'dnstap-identity' => new_resource.dnstap_identity, + 'dnstap-version' => new_resource.dnstap_version, + 'dnstap-log-resolver-query-messages' => new_resource.dnstap_log_resolver_query_messages, + 'dnstap-log-resolver-response-messages' => new_resource.dnstap_log_resolver_response_messages, + 'dnstap-log-client-query-messages' => new_resource.dnstap_log_client_query_messages, + 'dnstap-log-client-response-messages' => new_resource.dnstap_log_client_response_messages, + 'dnstap-log-forwarder-query-messages' => new_resource.dnstap_log_forwarder_query_messages, + 'dnstap-log-forwarder-response-messages' => new_resource.dnstap_log_forwarder_response_messages, + }.compact + + config = { + 'dnstap' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_dynamic_library.rb b/cookbooks/unbound/resources/config_dynamic_library.rb new file mode 100644 index 0000000..8500454 --- /dev/null +++ b/cookbooks/unbound/resources/config_dynamic_library.rb @@ -0,0 +1,48 @@ +# +# Cookbook:: unbound +# Resource:: config_dynamic_library +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/dyn-lib-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :dynlib_file, [String, Array], + coerce: proc { |p| Array(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + config = { + 'dynlib-file' => new_resource.dynlib_file.dup, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_forward_zone.rb b/cookbooks/unbound/resources/config_forward_zone.rb new file mode 100644 index 0000000..05d9eb7 --- /dev/null +++ b/cookbooks/unbound/resources/config_forward_zone.rb @@ -0,0 +1,80 @@ +# +# Cookbook:: unbound +# Resource:: config_forward_zone +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/forward-zone-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :zone_name, String, + default: lazy { name } + +property :forward_host, [String, Array], + coerce: proc { |p| Array(p) } + +property :forward_addr, [String, Array], + coerce: proc { |p| Array(p) } + +property :forward_first, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :forward_tls_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :forward_ssl_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :forward_tcp_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :forward_no_cache, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'name' => new_resource.zone_name, + 'forward-host' => new_resource.forward_host.dup, + 'forward-addr' => new_resource.forward_addr.dup, + 'forward-first' => new_resource.forward_first, + 'forward-tls-upstream' => new_resource.forward_tls_upstream, + 'forward-ssl-upstream' => new_resource.forward_ssl_upstream, + 'forward-tcp-upstream' => new_resource.forward_tcp_upstream, + 'forward-no-cache' => new_resource.forward_no_cache, + }.compact + + config = { + 'forward-zone' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_python_script.rb b/cookbooks/unbound/resources/config_python_script.rb new file mode 100644 index 0000000..d9a5923 --- /dev/null +++ b/cookbooks/unbound/resources/config_python_script.rb @@ -0,0 +1,53 @@ +# +# Cookbook:: unbound +# Resource:: config_python_script +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/python-script-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :python_script, [String, Array], + coerce: proc { |p| Array(p) }, + required: true + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + declare_resource(:package, 'python3-unbound') + + config = { + 'python' => { + 'python-script' => new_resource.python_script.dup, + }, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_remote_control.rb b/cookbooks/unbound/resources/config_remote_control.rb new file mode 100644 index 0000000..6042ef6 --- /dev/null +++ b/cookbooks/unbound/resources/config_remote_control.rb @@ -0,0 +1,77 @@ +# +# Cookbook:: unbound +# Resource:: config_remote_control +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/remote-control.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :control_enable, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :control_interface, [String, Array], + coerce: proc { |p| Array(p) } + +property :control_port, Integer + +property :control_use_cert, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :control_key_file, String + +property :control_cert_file, String + +property :server, String + +property :server_key_file, String + +property :server_cert_file, String + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + remote_control = { + 'control-enable' => new_resource.control_enable, + 'control-interface' => new_resource.control_interface.dup, + 'control-port' => new_resource.control_port, + 'control-use-cert' => new_resource.control_use_cert, + 'control-key-file' => new_resource.control_key_file, + 'control-cert-file' => new_resource.control_cert_file, + 'server-key-file' => new_resource.server_key_file, + 'server-cert-file' => new_resource.server_cert_file, + }.compact + + config = { + 'remote-control' => remote_control, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_rpz_zone.rb b/cookbooks/unbound/resources/config_rpz_zone.rb new file mode 100644 index 0000000..2e8292a --- /dev/null +++ b/cookbooks/unbound/resources/config_rpz_zone.rb @@ -0,0 +1,98 @@ +# +# Cookbook:: unbound +# Resource:: config_rpz_zone +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/rpz-zone-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :zone_name, String, + default: lazy { name } + +property :primary, [String, Array], + coerce: proc { |p| Array(p) } + +property :master, [String, Array], + coerce: proc { |p| Array(p) } + +property :url, [String, Array], + coerce: proc { |p| Array(p) } + +property :allow_notify, [String, Array], + coerce: proc { |p| Array(p) } + +property :zonefile, String + +property :rpz_action_override, [String, Symbol], + equal_to: %w(nxdomain nodata passthru drop disabled cname), + coerce: proc { |p| p.to_s } + +property :rpz_cname_override, String + +property :rpz_log, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :rpz_log_name, String + +property :rpz_signal_nxdomain_ra, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :for_downstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :tags, [String, Array], + coerce: proc { |p| "\"#{p.to_a.join(' ')} \"" } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'name' => new_resource.zone_name, + 'primary' => new_resource.primary.dup, + 'master' => new_resource.master.dup, + 'url' => new_resource.url.dup, + 'allow-notify' => new_resource.allow_notify.dup, + 'zonefile' => new_resource.zonefile, + 'rpz-action-override' => new_resource.rpz_action_override, + 'rpz-cname-override' => new_resource.rpz_cname_override, + 'rpz-log' => new_resource.rpz_log, + 'rpz-log-name' => new_resource.rpz_log_name, + 'rpz-signal-nxfomain-ra' => new_resource.rpz_signal_nxdomain_ra, + 'for-downstream' => new_resource.for_downstream, + 'tags' => new_resource.tags.dup, + }.compact + + config = { + 'rpz' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_server.rb b/cookbooks/unbound/resources/config_server.rb new file mode 100644 index 0000000..0e58d7e --- /dev/null +++ b/cookbooks/unbound/resources/config_server.rb @@ -0,0 +1,58 @@ +# +# Cookbook:: unbound +# Resource:: config_server +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +provides :unbound_config_server +provides :unbound_configure +provides :unbound_config + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/unbound.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :include, [String, Array], + default: lazy { default_includes_dir }, + coerce: proc { |p| Array(p) } + +property :server, Hash, + default: {}, + description: 'Server configuration as a Hash' + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + config = { + 'include' => new_resource.include.dup, + 'server' => new_resource.server.dup, + }.compact + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_stub_zone.rb b/cookbooks/unbound/resources/config_stub_zone.rb new file mode 100644 index 0000000..2a74fa5 --- /dev/null +++ b/cookbooks/unbound/resources/config_stub_zone.rb @@ -0,0 +1,84 @@ +# +# Cookbook:: unbound +# Resource:: config_stub_zone +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/stub-zone-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :zone_name, String, + default: lazy { name } + +property :stub_host, [String, Array], + coerce: proc { |p| Array(p) } + +property :stub_addr, [String, Array], + coerce: proc { |p| Array(p) } + +property :stub_prime, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :stub_first, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :stub_tls_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :stub_ssl_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :stub_tcp_upstream, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +property :stub_no_cache, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'name' => new_resource.zone_name, + 'stub-host' => new_resource.stub_host.dup, + 'stub-addr' => new_resource.stub_addr.dup, + 'stub-prime' => new_resource.stub_prime, + 'stub-first' => new_resource.stub_first, + 'stub-tls-upstream' => new_resource.stub_tls_upstream, + 'stub-ssl-upstream' => new_resource.stub_ssl_upstream, + 'stub-tcp-upstream' => new_resource.stub_tcp_upstream, + 'stub-no-cache' => new_resource.stub_no_cache, + }.compact + + config = { + 'stub-zone' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/config_view.rb b/cookbooks/unbound/resources/config_view.rb new file mode 100644 index 0000000..67f602b --- /dev/null +++ b/cookbooks/unbound/resources/config_view.rb @@ -0,0 +1,68 @@ +# +# Cookbook:: unbound +# Resource:: config_view +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +use 'partials/_config_file' + +property :config_file, String, + default: lazy { "#{config_dir}/view-#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :zone_name, String, + default: lazy { name } + +property :local_zone, [String, Array], + coerce: proc { |p| Array(p) } + +property :local_data, [String, Array], + coerce: proc { |p| Array(p) } + +property :local_data_ptr, [String, Array], + coerce: proc { |p| Array(p) } + +property :view_first, [String, true, false], + coerce: proc { |p| unbound_yes_no?(p) } + +load_current_value do |new_resource| + current_value_does_not_exist! unless ::File.exist?(new_resource.config_file) + + if ::File.exist?(new_resource.config_file) + owner ::Etc.getpwuid(::File.stat(new_resource.config_file).uid).name + group ::Etc.getgrgid(::File.stat(new_resource.config_file).gid).name + mode ::File.stat(new_resource.config_file).mode.to_s(8)[-4..-1] + end +end + +action_class do + def do_template_action + zone_config = { + 'name' => new_resource.zone_name, + 'local-zone' => new_resource.local_zone.dup, + 'local-data' => new_resource.local_data.dup, + 'local-data-ptr' => new_resource.local_data_ptr.dup, + 'view-first' => new_resource.view_first, + }.compact + + config = { + 'view' => zone_config, + } + + perform_config_action(config) + end +end diff --git a/cookbooks/unbound/resources/package.rb b/cookbooks/unbound/resources/package.rb new file mode 100644 index 0000000..faff561 --- /dev/null +++ b/cookbooks/unbound/resources/package.rb @@ -0,0 +1,36 @@ +# +# Cookbook:: unbound +# Resource:: package +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +provides :unbound_install + +property :packages, [String, Array], + coerce: proc { |p| p.is_a?(Array) ? p : [ p ] }, + default: %w(unbound), + description: 'Unbound packages to install.' + +action_class do + def do_package_action(action) + package 'unbound' do + package_name new_resource.packages + action action + end + end +end + +%i(install upgrade remove).each { |pkg_action| action(pkg_action) { do_package_action(action) } } diff --git a/cookbooks/unbound/resources/partials/_config_file.rb b/cookbooks/unbound/resources/partials/_config_file.rb new file mode 100644 index 0000000..eae83b2 --- /dev/null +++ b/cookbooks/unbound/resources/partials/_config_file.rb @@ -0,0 +1,122 @@ +# +# Cookbook:: unbound +# Resource:: _config_file +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +include Unbound::Cookbook::Helpers + +property :owner, String, + default: 'root', + description: 'Set to override config file owner. Defaults to root.' + +property :group, String, + default: 'unbound', + description: 'Set to override config file group. Defaults to unbound.' + +property :mode, String, + default: '0640', + description: 'Set to override config file mode. Defaults to 0640.' + +property :directory_mode, String, + default: '0750', + description: 'Set to override config directory mode. Defaults to 0750.' + +property :config_dir, String, + default: lazy { default_config_dir }, + desired_state: false, + description: 'Set to override unbound configuration directory.' + +property :config_file, String, + default: lazy { "#{config_dir}/#{name}.conf" }, + desired_state: false, + description: 'Set to override unbound configuration file.' + +property :cookbook, String, + default: 'unbound', + desired_state: false, + description: 'Template source cookbook for the unbound configuration file.' + +property :template, String, + default: 'unbound.conf.erb', + desired_state: false, + description: 'Template source file for the unbound configuration file.' + +property :sensitive, [true, false], + desired_state: false, + description: 'Ensure that sensitive resource data is not output by Chef Infra Client.' + +property :sort, [true, false], + default: true + +property :template_properties, Hash, + default: {} + +property :extra_options, Hash, + default: {} + +action_class do + def deepsort? + return if defined?(DeepSort) + + begin + Gem::Specification.find_by_name('deepsort') + rescue Gem::MissingSpecError + declare_resource(:chef_gem, 'deepsort') + end + + require 'deepsort' + + true + end + + def perform_config_action(config) + directory new_resource.config_dir do + owner new_resource.owner + group new_resource.group + mode new_resource.directory_mode + + recursive true + + action new_resource.action.eql?(:delete) ? :delete : :create + end + + config.merge!(new_resource.extra_options.dup) unless new_resource.extra_options.empty? + + if new_resource.sort + deepsort? + config.deep_sort! + end + + template new_resource.config_file do + cookbook new_resource.cookbook + source new_resource.template + + owner new_resource.owner + group new_resource.group + mode new_resource.mode + sensitive new_resource.sensitive + + helpers(Unbound::Cookbook::TemplateHelpers) + + variables(content: config) + + action new_resource.action + end + end +end + +%i(create create_if_missing delete).each { |action_type| action(action_type) { do_template_action } } diff --git a/cookbooks/unbound/resources/service.rb b/cookbooks/unbound/resources/service.rb new file mode 100644 index 0000000..3797275 --- /dev/null +++ b/cookbooks/unbound/resources/service.rb @@ -0,0 +1,69 @@ +# +# Cookbook:: unbound +# Resource:: service +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +unified_mode true + +property :service_name, String, + default: 'unbound', + description: 'The service name to perform actions upon' + +property :config_test, [true, false], + default: true, + description: 'Perform configuration file test before performing service action' + +property :config_test_fail_action, Symbol, + equal_to: %i(raise log), + default: :raise, + description: 'Action to perform upon configuration test failure.' + +action_class do + def perform_config_test + cmd = shell_out('/usr/sbin/unbound-checkconf') + cmd.error! + rescue Mixlib::ShellOut::ShellCommandFailed + if new_resource.config_test_fail_action.eql?(:log) + Chef::Log.error("Configuration test failed, #{new_resource.service_name} #{action} action aborted!\n\n"\ + "Error\n-----\n#{cmd.stderr}") + else + raise "Configuration test failed, #{new_resource.service_name} #{action} action aborted!\n\n"\ + "Error\n-----\nAction: #{action}\n#{cmd.stderr}" + end + end + + def do_service_action(service_action) + with_run_context(:root) do + if %i(start restart reload).include?(service_action) + if new_resource.config_test + perform_config_test + Chef::Log.info("Configuration test passed, creating #{new_resource.service_name} #{new_resource.declared_type} resource with action #{service_action}") + else + Chef::Log.info("Configuration test disabled, creating #{new_resource.service_name} #{new_resource.declared_type} resource with action #{service_action}") + end + + declare_resource(:service, new_resource.service_name) { delayed_action(service_action) } + else + declare_resource(:service, new_resource.service_name) { action(service_action) } + end + end + end +end + +%i(start stop restart reload enable disable).each { |action_type| action(action_type) { do_service_action(action_type) } } + +action :test do + converge_by('Performing configuration test') { perform_config_test } +end diff --git a/cookbooks/unbound/templates/default/partials/_generic_config.erb b/cookbooks/unbound/templates/default/partials/_generic_config.erb new file mode 100644 index 0000000..9cb367f --- /dev/null +++ b/cookbooks/unbound/templates/default/partials/_generic_config.erb @@ -0,0 +1,22 @@ +<% unless @content.nil? -%> +<% @content.each do |key, value| %> +<% case value %> +<% when nil %> +<%= key %> +<% when String, Numeric %> +<%= key %><% if @separator %><%= @separator %><% end %> <%= value %> +<% when Array %> +<% value.each do |val| %> +<% if val.is_a?(Hash) %> +<%= key %><% if @separator %><%= @separator %><% end %> +<%= template_partial_indent(render('partials/_generic_config.erb', cookbook: 'unbound', variables: { content: val, separator: ':' }), 1, 2) %> +<% else %> +<%= key %><% if @separator %><%= @separator %><% end %> <%= val %> +<% end %> +<% end %> +<% when Hash %> +<%= key %><% if @separator %><%= @separator %><% end %> +<%= template_partial_indent(render('partials/_generic_config.erb', cookbook: 'unbound', variables: { content: value, separator: ':' }), 1, 2) %> +<% end %> +<% end %> +<% end %> diff --git a/cookbooks/unbound/templates/default/unbound.conf.erb b/cookbooks/unbound/templates/default/unbound.conf.erb new file mode 100644 index 0000000..763be29 --- /dev/null +++ b/cookbooks/unbound/templates/default/unbound.conf.erb @@ -0,0 +1,5 @@ +# +# Generated by Chef Infra for <%= node['fqdn'] %> +# Do NOT modify this file by hand, any changes will be overwritten. + +<%= render('partials/_generic_config.erb', cookbook: 'unbound', variables: { content: @content, separator: ':' }) %> diff --git a/data_bags/credentials/akkounts.json b/data_bags/credentials/akkounts.json index 7914b0d..a59beae 100644 --- a/data_bags/credentials/akkounts.json +++ b/data_bags/credentials/akkounts.json @@ -1,37 +1,72 @@ { "id": "akkounts", "postgresql_username": { - "encrypted_data": "W+Ia820+uYCAED9LRkQ1ZVe//56GRS5u0HrG\n", - "iv": "NpuVENC7C5FCjsEz\n", - "auth_tag": "KbqVv27nTc4qm7kzRWcjUQ==\n", + "encrypted_data": "bDlOkEmhvMgyVzPeTNUzYnzRLf3T9cc0cDxt\n", + "iv": "GCCUoqU5pxQ7fGkv\n", + "auth_tag": "Q7mrSHIBluMe3CGVmoR86Q==\n", "version": 3, "cipher": "aes-256-gcm" }, "postgresql_password": { - "encrypted_data": "gPzUikJ3vBhjEzor0ie2341VPLRHNIvGvuD+HBwldw==\n", - "iv": "Jsnldm8Bx9IzXMNy\n", - "auth_tag": "63YXFGVxHn23X+/11qwTSA==\n", + "encrypted_data": "wD0HtdsNe/hl4ZaOy8hyr2k4z8TXQrrSja3KNVE47w==\n", + "iv": "tb5yz8WDer0CsGvJ\n", + "auth_tag": "/+K2anuCff/6M7Pu70Smqw==\n", "version": 3, "cipher": "aes-256-gcm" }, "sentry_dsn": { - "encrypted_data": "3aC1Nc+WiJIn+jc4HY4Rb1WAqCqEurbOLXhbah4zSIbVIaNGEKzaoC+IA+qi\nV1jAVxbE0A1w91MrGE6HNa+oMjiTMurYx7JzVBIpCm01rgo=\n", - "iv": "SxEbTBYY2Pa5BzAF\n", - "auth_tag": "zGkIpM/aeyuNm2F0I3VAcA==\n", + "encrypted_data": "jCz681x0WVixHYZUb62TO+1cgyJMiJ2UMqWcaztx57yDBOIiKW3oSZjuXdhP\n9WCesfXQF/lgzITZno3IKDqzlKjWgbGLC75y8FLguxidCHI=\n", + "iv": "IRNOzN/hLwg1iqax\n", + "auth_tag": "eg9dWnEK04JDb94e4CFa9Q==\n", "version": 3, "cipher": "aes-256-gcm" }, "rails_master_key": { - "encrypted_data": "cWOeQYNzOjgDNi7ZpkMC/jN7nSPyODYRhA6EIhhihzPxkEDt+/4HGNAhLHGK\nlJiQeRD/\n", - "iv": "Svsvx9gsO9OQs9RV\n", - "auth_tag": "mXVNNo13F6FddhWnri1yHQ==\n", + "encrypted_data": "nUB77VLRp41rluH7hLBwQqPtnh/HsmfLr2VbcIZHWawL3o2TGuY+mj648f9L\n7XsEpgqY\n", + "iv": "fpdbDitqTRHxEKiv\n", + "auth_tag": "I44fn8Ott3L/Y5LYr56U/Q==\n", "version": 3, "cipher": "aes-256-gcm" }, "discourse_connect_secret": { - "encrypted_data": "BQcE5fUkiqJyuOR1dR9vNyxWzgWGX1Wl1WINJDGJ1sJiajrgAspPgDt0dX5L\nhxG8CQ==\n", - "iv": "UKpt0F1FODuosQ9u\n", - "auth_tag": "MLgv0jR9MhWGmQNUkA8GUQ==\n", + "encrypted_data": "ENtMn+1XTVFmdEZw7LU6WGoMbSZY654ggm3vPACGfFgqo6r0LhG60c5OTdqv\nZvT5/Q==\n", + "iv": "bL1BmvRhgxFqSM1P\n", + "auth_tag": "sEBZzGWwwYFHn+4B4SsyCA==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "lndhub_admin_token": { + "encrypted_data": "4LPGFoARzI8UYnsJPIk8sax/rAA16pUULEZWn86e2C7L\n", + "iv": "nvjXrOwgfgutwEVw\n", + "auth_tag": "A89RUf1sdcS3FVscNPWYLg==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "btcpay_auth_token": { + "encrypted_data": "ky5iWYF06os0Ek6vIRzWqMTekqJhCOh/Q9DTDIeKhSyk8TnT3O71lCNEt1F5\nXCNq6ux3V6oyHVLWj0o=\n", + "iv": "zk6WnxsY89oNW1F9\n", + "auth_tag": "FAIMXKvQ1T7QKezVSNJbwQ==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "s3_access_key": { + "encrypted_data": "KfhfEGwPjOonlz6rpnNTinXFPqX/sIbqQn/aby0UDi/G/7cvEcOiNcCkfuSz\n", + "iv": "Q3rg06v6K9pUDLDY\n", + "auth_tag": "G5ugdlJ896KtYtObKLclJA==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "s3_secret_key": { + "encrypted_data": "N8s1OoDrYXHjqSydQA0kY7dd68Aelq4+/cgmJlYfP92u4YA17V4TR7fsvQZL\nkqjuUSClNYPc0XiCwf/5gxVirE9AO6OmmvSV7lUyu4hcEY6unrU=\n", + "iv": "bXzIVWnX6V0P6PRb\n", + "auth_tag": "1EOjCfsX9P6ETjUsgBvBsA==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "nostr_private_key": { + "encrypted_data": "Sf8PEyQ0sqcgxddSlIDxLOVzPjOkTFObsYuTgcxkbEV7igrati4e8QVVUEBD\n1yoLJXelp8jlCr28Ectci29jc53gYSMTLSQsw97uYas2R0dGCqQ=\n", + "iv": "+1CIUyvIUOveLrY4\n", + "auth_tag": "GDqS+IuAIfMBmHIeFXaV7A==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/data_bags/credentials/borg.json b/data_bags/credentials/borg.json index 25b875b..3fd251c 100644 --- a/data_bags/credentials/borg.json +++ b/data_bags/credentials/borg.json @@ -1,23 +1,30 @@ { "id": "borg", "ssh_key": { - "encrypted_data": "znPXuD/hMY4+1eihuSx1sB/QKohd92B8/TkZd5g+J+uH1yedbeKosc+q7fJT\njlFy0ebySS5URB1O5ij4/YbulnhcNhYb5/ozf6GnhBl2VlmQD0fdE+NlSlGf\nB6nM+qbvtR9V2sAtaVaugILHy4jD/y1jBnh3VyoKtiLG9WrPe1Q5gwTxEDLi\nn7qpcamZt1D5QB+6kMpVqAmL4oV0oFervfrRcf1QyR0vriwdAMz2+iuQ6/Cq\nyRSDkuaGChrX3W8hd+WkaQaU3ak6A2Ih9iO8MIa9j75FpzCDnBl0A1WLvzeC\ngILDFT0J1eSnDhAZfpOPZxCkaGB6ueop1BwWGhtmDZns1IdKccKRhK56i7BC\nGaJv8nDYxmSq90RYZdhnmbVPCyNrbcj+Pkun+N/us7WE2mYZZTXXy0CE1WMC\n0xglisNS06ODTToD8dmv3wLqeS4yk0Ws9JypWxjUS0NGc9k/uGa5MGIBxJfm\nsi4X0ZaoxMPHmNnOCMMIC0MQE82tBtA3tM2mxd6rohgtdtpo9cxsKWW2Pu3O\nW6Wq/A3d4X/9+LbjQKe48gqCeuZXanJxniBtdm2Z08Yi30/lQRwhauGXP1FT\nyot2FVZLLdTHaDHdcaUjU8A/NJsS+DRPWT8xAk1w1jVPytQMZUrPUYbjPXTu\nhqj24Qyyxb836y23hVCNrrRJg35Mb/mHy8LEbxJ1cxoekAR8d5r+yR5UF72j\nDLg+7fEqzIoSqjFB5Ho2hemTzajxwD2d+FATxQN7C+T1LBenDE/cw0HTKV/H\nnjPvb+bLfhCVb0xdkTlFlnF4WUn32tEQhTGrXefQcSV94Go75MoegIflwNo4\nnOsEOeD9VSwRKqsJ82pjRFaGr7HovakeqE/itruvEKGKn+53Sc9xVRgnyve7\nsQ0vdbVSsH6dBQJYDgSUdNNU9PXbqRqbk3CqFpQAEaxoy6mE9oPK89Mdx9mF\no9B8G291d1GvaOSvJjvlzlWmqUCYhQLR+HTeHf+5gp1dSJRlL3b55m1x7PCC\nB4Ma6XLo9gdF/XXGfZE98vg/MJ5w0JjLYouU/v8BaHNWdrxo5MEoky246LmL\ntLY57TbfGu8HTmvScir43hevIC4JqDHJhUQrz3vmd1yFcUBgWIqEYv6guU8K\nW9cYS+LBwbKDg7uXOx93P5pgPzMZbS0aBPt0QCwIwGmhQTPba+WWh6rPwNkl\nV4HRG0TgFJ8skgKWLhEMOYC02KRT/ve+OJ1LawqIK5BsMK81KoX2Drf7Oyba\nOkekMHsA9T6woSjIBTouKIz8r09vkJe9W/0pN7Y/NtE+y+FuZlKC1peafc3x\nE4ZhNotHtyAydsB6NgxpjkBNxUsVe+DlTyGCzEis/pG2XREUniiqd5DhbPKM\nH9EkXiRrtvrmD792ca8lGfMYTNOcoLD1vRlzFmHCjE7NOKAZ4lEwZWEGnxwp\nIEJFCScdPmDxK0uqMw2DaEjlAVblg1EOcs1xG4JwOcY/aWkuslp2MrmOIh7a\nSUdlr+SBi7faEMIslG24s3noDD4DFU5CQSb0ErH6j02VsUi90QYrm9XCkfEl\n2OcbvC9KICmKEj1mxvTQLBALtyTJGXIOzPbxp/Dw2a9o/WnsWDaXhTcLGqdu\nNn3ghESEb1G+pYHJa7lJ62RSQTpRp19gpdUS8SRhqwUkceFCnuuFST3SmspU\ngpjY8xsRZ3h9fzI/ob1nan5pXnzZCf76X7bGL3DqNlpq1SkdGI5NaN7ko42u\nkPafYy6MiAU6lYvg4G4pobJu8qnGcX9Wuf4K2Jl7niOQTUDIwjyrd+1uI9S2\nn5rLmwhQFxPrT/FuLg3nYAohrnAuMDXFQ13XO0q9smaSZDXPheGdTxT4HRTE\nkN1oAvvmhtVbBqNbKBY09Dn1khiUa3mIineJ6wuKS1buiTDlLGiSPAXhaJRB\naplbJLGjtBXSGiAuxHEb2l/G/kIa71R7Vc7h2fYzAXFbPhApllEof43cZVtM\n9kN1m2bshbAG2boD51jb9P4C9H73ICJXGDAUVvScgYAIs4YnCVFIPdmU6dP+\nd4yZTM9bxuezUI2sj6cpWcq8H9+skZjRY+J2vKH/twAaWcnxLUxKfLuUAWNy\nH63iRIAhaWfl3k6dhPbYFnsxrrch99NuMTAEyE5vykiCMg8WlCmittteGyIq\nfOs9eFaoNRkf4Qh5IrOUoPhXO/8Jw7eY3aK2bQvGuutlfxOYsFJWjK3qT7RQ\nAeyv639jDn1W3vvOlFX5+Xx8R5IZLVdElAe39y6rgw27pMZT+IJew/j5EF2j\nsinxUvARi98wW+NP8WXV5CMFXh2JnmxfTLvdsWHJlB/XyktIiJE4KaHlNIaV\nxLdKmarS3hS31DQmpB2LDGPp8QFyV9kY0gvE282A1Fs0w01pByKDcMmvr3pD\nHh40DfYt4ZTJGnLP69IKt3328KEeMlHqns22zZuAidMus1o6k4YkF1WNpZn2\nSdXVG0hcdnvRC4qKdVv+TBFuPSy68cdwPeHs612hcezoHi2pbTkM2YKDJ75m\nvqaBzdpSDcuKVovuwBt3/guHoLD2ipRM0EfZ208aKiuOuYXwGD3PPm5WKUvd\nBSiZw7p37QY6zYh0/bTN2FumftYWz7mrZL4pFIcd8m/tSlU537+TnCbPm1KT\nWFVFBonxsyhHnZC4X0YQQTZ0V9TKCGWdVUgRxZwwQ/0acxFe1j1bqVnDBxR6\nH98xnEPvEh6bHpHujwcdCKTN4AbIJcFVKuCyvl/OtzMBjUXVKOAZcRS42TvY\nkhzQXiOOKqoE29aNDtQ/VRC8s1aN6L6xCorlCcBBurMcmDdJy+r4YUrNqmEA\nZQwFecRXxwzguk6GR3m8RzY1iDRSqm+yCMqjWKx6eycV91izjXbueT45g3Hn\nSqw2cw6rowGZUEcP3vRdHyxsJSEG2kPvU9JLzgkCwUovtlbdHee2JkV9TdkF\nzEMxjA9B5mxPp5lMFj8jhHhzDmZRxpW/EUBZCkZh5SVbGeg6qTFKRS6zZPYC\nkfv0XICx154cOj0TsW4QHxTHLOV9r93HIPihZDHg2udN7JhYfwsO4RbwDQEv\nxumaM3NTGrXOBxV2vtYSoGSQOmCd8X+gXKxKtTeaV4rCm2aIGVsdfeYQTNSD\nrBxetCJdGB0DrEAr/9bJ5RS2CB9JmEa4ktMHEFTmvTqhWu4Ye2TJBC+H/yqP\nNrYQ4+5lYnZ4BuvxKBvhbH52UURqG27NwQXmFd/h3NlI5GVi5tveRO1+3F1j\ncMTgj49UCB2SNndcJDkK9z7kSBdnmtNo3m3/K9wucw9NxH7sM0yrgeQupbrU\nlgsobzoGluvBijJlp6A7qy4AoOsDGoo4gevK23CR8XN+droGY2RGWThWGuPZ\np7hsG/0f6ICQmU8ARsj/Civ9EbGe/2ZnlHafBtRhmfpZp2/Y7UxX6pmcNARB\nj8Gmr9DWiUXKUBtIkiBSTr7keRF8GuaXSc4pz1phKuAhngy7rYuMhqQr7Sw0\nJCk7cwdvZdq/erjtIh/AHJOPboUCalsLfTdMJguuocUuQr+SEg==\n", - "iv": "3uagVTqoXUcWvs9W\n", - "auth_tag": "s3wlsnLRHCI2NjC6/ZwbiQ==\n", + "encrypted_data": "oK6Q98lJxmXGtnV9EjkgXmcObYt4eHlI6DMTRVrKn5zEBTBH7e66oXpx1nW9\nyvbxrDkJsgAEsx5ty3ktVwGgziZIGB9AnXbtVw0C/uQZ/omNtzL+J7l7MTHS\nfdUboBX2U3WI7oO+DPVHcfSB9ua5OqSdxw+arYjMd2iJUJ3EL5W6OcUfmYEz\nytmcqIol0/3f0xJ02Zj1YejZ3LTcZ2NG3nYFe0V5VJXBCtYeBnvFqpTkaRvm\nB1BdzslaFTWpjlNbOFjSWkl/Ky98En9I2nPFghgwr0W2/niTo5jcdS6wpNGt\nZKRSoF7ShJVlwMW+82WY5XdAJQFUuCDXroaOlu101dz1capzvcAow7J3I+Pm\nd3ylMal41sPiDRaUdLeFFkcinXZpu3PmCwehISDB4adVQMVkicUiusNjMqlU\nX5Dp7ALCJKkl0TMRTDho5+RqWYRNN8XJ6cxTsy3WrXND6ytw50A2fakT/Nds\n3qAWWuKh0HExVvQXJoB/uej0BIC37HNJg4OeD/oOCStoTD9D7an2SkP9Qopg\n7yBYMLqS2lOI8/avCDI/bwkPlIe0LtKomcNuE33bGeasrO4Hqi/v4R2Fzx3C\ntelWtWoKX+aJUylCBOEf11Xbkfm5BV6WitrfkAMfLwa+vBvMYbRp+58L8uVx\nNvjCYqrSArKcTHh6FdqFmljj/Lssfn5Y0EaRJ0oA/i+4XhnyNNDC52LyjVbY\ne2399bX/SAxh4MeJM4CbCn1qEELioQJznJhnt8jmCEHbMJ7s34ewJWMaPfAa\n6Tl2QGxsbSqHDkcINdxl6MIy/v2NInIH8Wjo/AlSoU9fjWlxPafE40f27/8v\nGQdXRNM5/BbADrSr2MFPTqJdTSKjC8a3m6LaHJg6sON+JtsAmflV2mZ2qKhg\n1klfj9Qvr2MwC5a6xseuAbpQoAVfle/+iQI3l5hYxaSanCPUzwkD5RSL/YfX\nwWxT9WmkC7+iHif5ZkZ4YwMSdt+NJcULqYGot2f+gugYFsYGvdGc+8UVH6wM\n1W/iLOZU4KZ1wAZvoh/rMiZN3Z5yUMHc0LDUY+1pZSBylPauvrkjVRYSD9K+\n+KX1gkvwsgn3+AVqZZ2Kqlj/6oFqdXdEHnbqZAhWBRmNrHu5lcrc4QUmaSqN\n+UlWLXfK5FGBaGVm6Bzz2tHzUTNjxrJKkrx1WK6pm/qGFiRsCMDJMJtLyD0/\n0g6vtD8jf2OYZudayGOHQhfTrQRD3ByAhjeprXTc4sUxt2ogLN+23FIaswbE\nAcL9R/un1Ym7OPUBE3KNJ9GE524Op9I+7XPr9JEC2R9DqVcm6XYbS5u7YB5g\n5W1OK0KX3AC1dt8Tkezp+Rp3nV86UUJFCQcWUXc51+lNk31BUtuUGIGbnFdZ\nm9m5xlNmApvQ/25y0Nbw2QhmB/4l8Aqj+OGXLHWLv2DFfxwxUfyUZCzYg1XS\nTFr58cDSCmHFMkJDPzY6YBasgPMSRgdZDdJMXSumpO5wqygcgqtT9LiT073X\n2DfG1tIAx2F4H1HuxAnLygQxVf33eGJVMJbPuDCo2G2uvJYfj2zJJQsBsBgZ\n5XD1rEyjLuekfLysn2G3ZMLczWSn2oyvxt/+gUGhfij84YsQp415W+7LJY+1\nd+3F7+qyYnOE2uTzmqk63IZ9sSPIM8seXUKrWd95KtjKG/zvILW5ksye3X3R\nwsVSeu/+tATxZhFH0bdgo+vcZB+CA8IhUqdjigKTSQo3O/CMqPn2yKhY9j3D\nBabR6Vo1Ip68n6dfbZ/DtrPmcm+XD8fxflm0Ssx/vbRsiPn2zwPDWek92TKP\n8Y9rD8t+H6hoDKXLJZWpJPhAtnjJWkpY4qVErtoDQ5yfViuC+qlfpoRlRa4R\nQsiSYERhqeXZeWLMk/hwoEx32DhgOwLhfX6NP5j1vXNeRfBc9zvj+V1Izhkt\naQLy+8z1gvHKMjWy9TLvLjFT3XyJY4ePlVUCJJ9DGCjBO8tuwcNt6ZGfjwv7\nrorBDF8BeBQFhv/Cd+B78Avc8BptLXFscPHt2a31X4sFbrrDh5g0ZylD7xLB\nj45jID4tLHrgHRZ5aRIzBO1OhNUONMJuNZ+XlXAFx2bjx09HZq1cYfKimHg5\nM5um+/h8X202wr9shY1HguzuGCBlDAv4X1Qjoz12B4U1FY9c665AmC5iJaWN\nm/PFXwPa4aynOTdJrhmPRcnqI8WzDbS4/EedzpKCSn1WcHe52oMtXcC8yLAD\nM1BOcpPXWXCFc9NNOHcq5bBAB/+4sVGnBDKMUisiVGeLCck5BePH2loLdezF\nRcDEZ5uXyLWypzHLmRODRCeJcP/LaI6dAHyeRF3IYXMR/nls21wzE1+6nEpI\n6YUxdCiFPaZxDKuZzjolsACBbU+vb1lGOmj2aR0VQxg+UlPLl78/jj6ZIqKj\n11Atoxz6rVrm1kAkYSArDs6AH9xt+B33rlwloIeChLbNFpHJJbvJlcmR+q67\nMbgb1Dz0tKESxzjlep+N17+KpFtbHdGBkwLhEFphFekoUQjOgLQKhmJRRN0+\nsvLY4/Yg6hmxJdeRZgRusFRcc3fnPrE9S+ms5nJ1MWSCzCfhhVLb8N7KB2h5\nYRQlB68mrI0PaBAaDiJsUuSujadvx42UWRQSmLssbf9DhY8Lr4HaP3qag7Hv\ntAZfzlQ1MGgDQ0EN3ctllhqQS8493/ToioarYulmWyYHPYNvV9qZlQm0//Tv\nutSHzmW5N/iIA3MuSHn36IWZeuAEnhMfm0RjVMh8Pb+05xc/Vebeg1yXMVFL\njDE02Sd37RtYx96Xvc14q5hnpxnBiOyUynmi3kjafb5WH5Wb6fpEuWxlSwyO\nR9EKIh6MOmdAXaVC+3gglsaO7DbPK6mNSE8zkI1dYleDHRs6m/UER2imaUlg\nkItsSuqDRzpeMoNZjs+9ATdFXClpgKKoyw8Okl/CapKVzdco2lRP9MLF61Al\nAA9ndyHiQOf0ttHv3rCLuCZ/+KBZNCn6ur65ykDbuivloZm/oCm7b1nGj7do\nPwB+QD4YxlNB+5OFOS7+KuiWafC5LUqsnjWoAQOmRLDCbQWPA3hkMs/dL4EO\n7NYtI+Ibmh81qOHPe4W/txkQi4fc+uxw/3cXT1pobvAnT4x28AxZxJqyIvDp\nwmoMYIpG68GjChZrKj6wyEVhc+N/7JyUbKZjuJymzzKWwhTWPN+qoIlDigxb\n7xrr8P+FtoLOcdwb5nr4JJ2T4Z/0oa4uIgYcIdBgI2AMHkpsT3eOXyqEO620\nWEyGmLCDAv/nbFn0QNBsDC386N4Dnic893r127SQHgo7Ln2rZg4+Ia3m+ADs\n1NWN1WLtD7AiRmegsZRcFp9UrBLyUo/EGGDzkRtWmw01HuLYRLMpvvhN/W9G\nekpLadu/+gZ+HMKzlG6LL9GC3cbiJSdd3gowL/eIbFnsifbiixW3kKDlWUxF\nekQ2jF1lcGhLJ5VnVsgTL0ASKUhHBSSY4GVahAz4je35dJ7BgPqKN+DYx3aO\nLDWU/0iENp0o5eIIP4p+4wW58OTpbkC3L8hOrC8Bi59PmYlKtg==\n", + "iv": "bhJZlhYQTG/xAvuY\n", + "auth_tag": "oqYQGqNaSFqpxfoJi/oOBQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "passphrase": { - "encrypted_data": "wzSJQ+VfZuXmqrL3xW/LxiUvF/B6EYHAQtmhrJjt2oMT1G2OEgp5\n", - "iv": "BqTyfQwKKCTOn3q3\n", - "auth_tag": "sh1e8UuQSrq1o5G0O5fXCA==\n", + "encrypted_data": "5n1l4Mi3ik1RgcF+c71fQbTS1kAOgNaGEcpdKV11uDbzHDVuw21S\n", + "iv": "N+AVJrfPxoRJlWOO\n", + "auth_tag": "x5Wr3zuJhCXzTIl3gAOA0w==\n", "version": 3, "cipher": "aes-256-gcm" }, "repository": { - "encrypted_data": "Ezc5YMp0VM82dlq0+ikk2xZeqNHi+XETlsc2cDlFG/NxY408JO3ErPDEa9d9\nzud+jcCt/01GKqPdslGhP3jsUUb/f3kWMkTWqGkyWXV1121E0uHwyrva62NT\n5A==\n", - "iv": "QtNBUjJ5NrQS0JD7\n", - "auth_tag": "ZQImzlvHWwX1OsxMZK1jGA==\n", + "encrypted_data": "Jz0IoAeeeF5lXMTgpkanRqshOxUW0IAJ8tUYFEQckWB13tmsEwNd+val8g+d\nkQ6NQMg8oLRtPbDOi6bTgmTykFrYW5JS5EiD2/ynQQktWA/ZIxnyuoHocX+A\naw==\n", + "iv": "BGl1aUBCHzuG61H+\n", + "auth_tag": "mlYt/CKamtPZTaESlG/lFA==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "nodes": { + "encrypted_data": "v9vXGwyAu2fqj5blo/6Jeht3R7SLlxMSWCuC2nTlURBODz9fled1z/LAoABc\nOaVLXKrgHYUnYgriSF7Q9zemrRnrcsPmqKFVLKqNDIjjyd1LnxwdopG9EGxD\nKNVY3GQI1L511kY+0ahZj6OJ63o0MSccysabSnptWNHCsD2eFh+77oMpYfYy\n3OWWLOT4kzK1lbNDmI8IM6JywLE=\n", + "iv": "r4LctfXGF86FNXbZ\n", + "auth_tag": "P01f5Vcxz8EyY6BohQWzOA==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/data_bags/credentials/email.json b/data_bags/credentials/email.json new file mode 100644 index 0000000..50f54f7 --- /dev/null +++ b/data_bags/credentials/email.json @@ -0,0 +1,17 @@ +{ + "id": "email", + "ldap_dn": { + "encrypted_data": "jMHHa8DeU4HCieF/ElOxrNJcHLRzjXGGFB1eJubtiARFpMYx+4hG\n", + "iv": "ojKHl8Va1GOj1sfr\n", + "auth_tag": "wkHLRyFF7WYllh+hXRIBJA==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "ldap_dnpass": { + "encrypted_data": "mCyzownpB0Q7BW4k7E+yXIwzSzaChPTEZHAWGiEcnXo2ioQ=\n", + "iv": "jc9/VY7AlQ5ttMm8\n", + "auth_tag": "mAZuoZOIJ4zRLdYbaetiag==\n", + "version": 3, + "cipher": "aes-256-gcm" + } +} \ No newline at end of file diff --git a/data_bags/credentials/gandi_api.json b/data_bags/credentials/gandi_api.json new file mode 100644 index 0000000..cf08cef --- /dev/null +++ b/data_bags/credentials/gandi_api.json @@ -0,0 +1,24 @@ +{ + "id": "gandi_api", + "key": { + "encrypted_data": "d3/rJMX6B9GuzUt0/mIk/lgQ3qGyQdbNXH6UEm3ZX7DeSl+rbW9FPJCRWg==\n", + "iv": "15YVAYla7PqqVOab\n", + "auth_tag": "xQSq+ld6SDOAER07N4ZkUQ==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "access_token": { + "encrypted_data": "geQwcNosiJZmqbbMpD/I+a2yueBzpV6C8Rb7vrCD8kR161ZRjvqLe+g/1XpT\n2/65wKYDMTrdto1I030=\n", + "iv": "1sj58eyooOZ8FTYn\n", + "auth_tag": "yBNfgWXaToc06VDLly/HUw==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "domains": { + "encrypted_data": "p5rIQTyCE+0d4HIuA4GKEAFekh7qEC4xe9Rm/kP0DyzY83FO0/4uKIvYoZRB\n", + "iv": "LWlx98NSS1/ngCH1\n", + "auth_tag": "FID+x/LjTZ3cgQV5U2xZLA==\n", + "version": 3, + "cipher": "aes-256-gcm" + } +} \ No newline at end of file diff --git a/data_bags/credentials/gandi_api_5apps.json b/data_bags/credentials/gandi_api_5apps.json deleted file mode 100644 index e3d7256..0000000 --- a/data_bags/credentials/gandi_api_5apps.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "id": "gandi_api_5apps", - "key": { - "encrypted_data": "+tcD9x5MkNpf2Za5iLM7oTGrmAXxuWFEbyg4xrcWypSkSTjdIncOfD1UoIoS\nGzy1\n", - "iv": "ymls2idI/PdiRZCgsulwrA==\n", - "version": 1, - "cipher": "aes-256-cbc" - } -} \ No newline at end of file diff --git a/data_bags/credentials/gitea.json b/data_bags/credentials/gitea.json index 54d2324..0270eec 100644 --- a/data_bags/credentials/gitea.json +++ b/data_bags/credentials/gitea.json @@ -1,58 +1,58 @@ { "id": "gitea", "jwt_secret": { - "encrypted_data": "HHKq1HcxV9uC0aBdkn2AAA9C3dn2o8DnL2uDtZBf+epGC8sOko6/BSvsm8wV\nuG7yVmeFajgyCePSv4M8Or8=\n", - "iv": "raypiojdRL+DkiDa\n", - "auth_tag": "JZmWJyLTHNHAHNufRizL+w==\n", + "encrypted_data": "wMxs1Ec4vKRSzFtL2KuU1XfmR1t5KDx/7XBbI7V0QfgK+JwYbxU5w6feQCBE\nxOMepAXVUwU7RxPZ+hwQgPg=\n", + "iv": "F4vtuOL2B9e9LQnb\n", + "auth_tag": "NHATxHbr+3Y3Kxa68NwnjQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "internal_token": { - "encrypted_data": "VFez8gOv5hnpBkURlufdPHvfQsL+lFlL8M9vywgKEi4XrXcNlDvoKKqdtSMv\nxGuoKqF/4NFcl2X3JRwp1j5iut+Jdg5CpnVVQLWKHc022LjD7K9nRsdmiD9Q\nLsLnU1Trzqg8VZS2ryqdjI4elkgoc15lmXwJvTNgRUzDqw==\n", - "iv": "q7H4q7kBfRt4floS\n", - "auth_tag": "vyd4ZwVxeFTTfvjI4k5irQ==\n", + "encrypted_data": "mlvUtIjs6kcv7XcYCUOgOE/kDSE4Ts5G+CZuPrJapW9XwkebmyOnHJvXdihY\np/chUtar0pNB5Q16LeeZF9KrzOiDo/OXb40TPUzpsB0/607zV1z829STd4l7\nu5g4Zur13nxC9jT0zQL9QgDEobYdjgf/xu1BXxFT+Ue3lQ==\n", + "iv": "25+1a2OJYFNxdf1N\n", + "auth_tag": "aF8Gn6Mm7AwLjbR8cDnitg==\n", "version": 3, "cipher": "aes-256-gcm" }, "secret_key": { - "encrypted_data": "7tD4E/5AuxxmNdu4arWj/BBNTUv6JX+m2ITbcLfE+VE2WacsCZUEyi1d1v0B\nyujQ9bljJn3z0zV4PxKFJILKjQb35PSiA8b86X/75Y1B9Gl64ds=\n", - "iv": "gE2O5aN+Nea6VXi7\n", - "auth_tag": "3+EmAUgBBDyChRBHsUtLig==\n", + "encrypted_data": "xQuHuijNHoo2WicM2UvSGpwPHd0UilxlIl4BM2Rgyih5bdhjxB6UtUcY9uJQ\nYgxEd7y7R5+XhUAu87CEs4qAGtguDDxGtSGwgTSopvAYZewPFLw=\n", + "iv": "Kxwqagjps8kP7Dhz\n", + "auth_tag": "WGz5TzBzksf36hKPzBZTQQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "postgresql_password": { - "encrypted_data": "mWN2sTOjZ1EPUH/KAJ8owoPM7v/+IfIHEPACN7gFDrqG8dWGjfiu+fvILw==\n", - "iv": "ldm57dVSdiPnk5l3\n", - "auth_tag": "D+r/0obCYWx53vIeUDPGMQ==\n", + "encrypted_data": "ZziPtXhQM/TQBE+077smnjEPzfJOSo9Cj/CUnG/Be1AN0UAfielf68EhLg==\n", + "iv": "iBdSrY15vOc3eycF\n", + "auth_tag": "km2CkraKlpOygaz7Xy548Q==\n", "version": 3, "cipher": "aes-256-gcm" }, "s3_key_id": { - "encrypted_data": "AvlsAInGyPMvHle5YZT3EHMTG89PggqmFaddvHSQLEkvI2EycktxJ/btjGOP\n", - "iv": "qGkILPp5EWc21wwa\n", - "auth_tag": "eIpCgZAnWZR7nlllj+IXMQ==\n", + "encrypted_data": "1j0znqBgNbHMyJIf51MmfkjkpU3SPv+EL8F30mrfQ44vsGziyeiWfp91hGUM\n", + "iv": "dzJM1EX/X8Qy5KbR\n", + "auth_tag": "2YUCCFG/oTph3svFYhhYzg==\n", "version": 3, "cipher": "aes-256-gcm" }, "s3_secret_key": { - "encrypted_data": "TAo4ViF7cL+ibIuHM77irZW08ilD46S8N5BV91gc2wegvHpHqLHw5zrsDxfu\nDiJHGUfjge/NBOGN5VSKKC0nFfMJ4sLPxVSiKyON4RMBSuzSqmo=\n", - "iv": "tjK8XdaCZOdLUHyo\n", - "auth_tag": "Qu1z6e1/4gPIyaCwBjaWsw==\n", + "encrypted_data": "7P3JUyl0LsGuGi8GhSYdXHm4bQhnkGfSrbEMGyfzjSYB5hqm17kYZwNbNA0O\nIUmJ6Kq9Nby7IFTd1qFo7aA+dXuvxJD5QXO8T5E+D0xIaWMHPco=\n", + "iv": "+ivHjYpQG/3gQWAi\n", + "auth_tag": "fftxN0Z/Kfrn+oFk07jKYQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "s3_bucket": { - "encrypted_data": "NTp9+KyzlblporEwM7SEwoClXu5cI10SfVrJ/uywcf/x2l8=\n", - "iv": "TFTeQ8yKUhblmrFK\n", - "auth_tag": "L9nrXEeJhxcLO4YgGk4zpg==\n", + "encrypted_data": "98UnmjwIlLjNFQojZlQRMZAWpI/7s9xJkgvh4sU5I2jWmYk=\n", + "iv": "zLck9Dp6OP+L3BwX\n", + "auth_tag": "Zc5G6bd7CbZfDCZ31YWxMg==\n", "version": 3, "cipher": "aes-256-gcm" }, "runners": { - "encrypted_data": "yTCk4/hqw/4vEaXobdYU4vZRxErNp0GX4qDMuHwdr7UOQk2qQ8O8j44njPv2\ncKcIm6CQiip+GRuvl6+zETd8gctC0W14n5Rfep4zQbMp/BW3ypGambVk6z1m\nRnT4dMEl32rwcXG8c3w+vAFpx8smrK5iyy4ca0ZijC+eeysk4OAwn0XkvQuV\nB1Jy9CmVm9xiZ6sXaiU13tTry8A=\n", - "iv": "+biM/42g5doJNOax\n", - "auth_tag": "WwNgd6aqm26GcekYVOeBDQ==\n", + "encrypted_data": "f0RRLCrGT7LDUEXcM6m2dJ7C95UPqVZz9dfNLsYa/3SZLDcm1p4FDIy0Su6R\nrXMoAI9IdLBN7/BDMMvqkULEq3Bx5vXn+oTUsUYuKxWmvKEUhC4virOApxh6\n5GbuqcOEPKaf9lHByL+2HKdAmJMzVRGD0t78ePS2pU4H6IFnS9V1p6opOEPr\nzTJ+0PM98eQ/voFKDHGNHUqgDs2qu9wUYNmcHe1eSimFdJiOCN0Mlszu3HL0\nXkHfrGbLrcW+8Ol7dTXdDJB7WAd3R3vddoZQ+mrwzGGDeSMm+ezeMzAX\n", + "iv": "NtZ9SbbscX47BXGH\n", + "auth_tag": "ZGBzxjNFB5WPnJCpdFwtAQ==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/data_bags/credentials/liquor-cabinet.json b/data_bags/credentials/liquor-cabinet.json new file mode 100644 index 0000000..81dc301 --- /dev/null +++ b/data_bags/credentials/liquor-cabinet.json @@ -0,0 +1,17 @@ +{ + "id": "liquor-cabinet", + "s3_access_key": { + "encrypted_data": "TKYUWVboQZUKvw4bqrKsL28dH2DGR5iDBQclAwm5I7GqkxFfkG2d91qLv+BA\n", + "iv": "B8YYzXeFGxMG34WI\n", + "auth_tag": "HOIfcpJOFYIVvf5o8lk4mg==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "s3_secret_key": { + "encrypted_data": "GRqGJkGJ/f0zQVtO0r9TcXBqlpnfC5PiwTZK8QmsqEhzQI6U67NAf62QqTgl\nGVI1h8G5ITgC3l0xVhcvH6m2bcs9fjNzFIqnhoZhzGwEt51A5Zk=\n", + "iv": "UAlmoUWLedpd79xa\n", + "auth_tag": "2F/EJhY5/59dtFFwkd106A==\n", + "version": 3, + "cipher": "aes-256-gcm" + } +} \ No newline at end of file diff --git a/data_bags/credentials/mastodon.json b/data_bags/credentials/mastodon.json index 145f5c1..90af0ab 100644 --- a/data_bags/credentials/mastodon.json +++ b/data_bags/credentials/mastodon.json @@ -1,79 +1,93 @@ { "id": "mastodon", "paperclip_secret": { - "encrypted_data": "orOIbqFANPCkd4sUTCyyoh4z1o6SBudgH4wKJudTo9dANaHGhWcBUFKrhZi1\nMJTBQx/d0hiDI1P2XN3h+hROCg3JJ8OClUSJH9CfN5GlbWvXh0Nhq7hqy8L3\nLAPL+uigiXI6ObrnKQoD8LeJIB46233uwaCA/7zB6gah0ExJ2DXGH6qq9JSS\nqmTFiy+hT+VHGrUo\n", - "iv": "U4E4NLYLkP0/tTTs\n", - "auth_tag": "WKQ+pDPZp7B791lhC5j3iQ==\n", + "encrypted_data": "VJn4Yd2N7qFV+nWXPjPA8Y2KEXL/gZs2gK5E3DZZc9ogFXV7RtpDtq+NKGJU\ndpR8ohtEZvkyC+iBkMAlnS1sSVKiLdQ1xXvbzkj04mYgjnLvwsZ19uVpBGwR\nt/DON7Bhe5Fw+OyrBQksqNcZQSpB9sMBfgA1IgCpdVGHQ8PmkMbFTaZZYcoF\n7gg3yUw5/0t3vRdL\n", + "iv": "X5atp/KaIurfln/u\n", + "auth_tag": "mVnBoUb5HwhXNYUddJbq8Q==\n", "version": 3, "cipher": "aes-256-gcm" }, "secret_key_base": { - "encrypted_data": "vweClhdY8SqQkK+p0OYUL2B6Fsz5eQDpEYWCtd/eRJfwwYAObbLcMWRC6MwE\neQVMw59bOqYc3RBuv/+WPLtENazA1bYCXBXQr1J6xqjJAz0Mo6KbRyxy5n78\nv8q6RSiao1VVIUXohtFlQgWeV6x5sz34bJxjlHinKvKsgiGXiuVBxYUUfzWQ\nuzrGug09cpZBqfpc\n", - "iv": "Z0/csEBH5/X1+MR+\n", - "auth_tag": "fTvBN6eovi3JVEK0ZX97Nw==\n", + "encrypted_data": "d0sNREFhzQEJhkRzielbCNBJOVAdfThv7zcYTZ1vFZ20i/mzB9GWW2nb+1yn\nNFjAq8wCLpLXn9n3FClE+WOqnAw0jwTlyScRM5lzjKI5SxHKkBQHGyFs2AF8\nqFjEvpiqxhjsc4kNOJGO8DdcyHuulXyaO9fJg8HDnU1ov1vSSuTc0ABKgycY\nMq/Xt10UXnhP8cPw\n", + "iv": "HFT7fdGQ2KRJ2NFy\n", + "auth_tag": "C55JT2msLQCoI+09VKf+Jw==\n", "version": 3, "cipher": "aes-256-gcm" }, "otp_secret": { - "encrypted_data": "o1ts1bUgPIzFQXjJ2MpBMLntWkyPxDaJAaU1K3WzmNMXnw5MVlkKKCEFVccd\nPss/MwDuBkbNPhri3ZkH48m9SiayWETVYvw5GZzcVsw4TeMu915O44lfl9tX\nW3XHU+DBps1BVH9535R4X9M1aFW4W4XfwHtS5wcrZqtVhNhS3NSgE4JpN/Dz\nFdcFAOhflnt8fIAN\n", - "iv": "QLsxmIlX1NpxMyHz\n", - "auth_tag": "j1h/PvIoqshTBN5c5IaAsA==\n", + "encrypted_data": "1iH7mUkaUzyn9dfDwMdiJ8X059qWSUO3DqivsOFfI1f44nMnzllaYPu6nh8O\nNLNCOzvsSAonhhaq1X+foOdyPIG2mGhE/juKveDD57/AdZAayHWsbsQlPC4l\nwdShz/ANrq0YZ/zOhpT2sZj1TZavW+S+JlxJFX2kP24D4dUzwG0vNj7522+Q\n9NAApJdUte1ZYF/b\n", + "iv": "00/vs5zTdoC19+pS\n", + "auth_tag": "3cjYqebMshnmWkQ3SdRcCQ==\n", "version": 3, "cipher": "aes-256-gcm" }, "aws_access_key_id": { - "encrypted_data": "YQHUx0GugKu0AtlbGLRGocFEhTGAghWA0DUs1Nxs4Hd3bTIp4lyM\n", - "iv": "54zt2tkQhHtpY7sO\n", - "auth_tag": "ofBJx3QDsjHe66ga3nji8g==\n", + "encrypted_data": "krcfpxOrAkwZR2GP4glTaFg2dw/COw8BO8I+KICqyl4bvpL5NrB9\n", + "iv": "paoDKp6EIU8bjxzF\n", + "auth_tag": "p6Pt/tz5dgGXzW5cO06nBg==\n", "version": 3, "cipher": "aes-256-gcm" }, "aws_secret_access_key": { - "encrypted_data": "FAz6xZ+wsCz/KFA+DK6f4V04rxJt+9U/yXUGF9tvce0VqB3scH+T0KDDn1/n\nZ/0G0Tbxt2urRPbPUdI=\n", - "iv": "iapSpeM6lfDMIfNk\n", - "auth_tag": "HlkwUnNeJlOUrZ3ieN5xAQ==\n", + "encrypted_data": "aQySCT7gxeNiMMocq81KtIi+YzrZwMBeTd4LrRSN8iNEikWReJrrfagBwozy\n+Gfdw4bMGzY1dhF1Sl4=\n", + "iv": "R/hvvOvmqq/uoKbx\n", + "auth_tag": "QBJY/3+OprBXO/FSNwv2OQ==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "ldap_bind_dn": { + "encrypted_data": "wDPABdL+DlXz2WWV4XwW20kM4EWPSwc/ajBmbdYMnjFau6c76CIBpbFhrFoj\n3mwDbHz8cgOnLNvozXSV4w6N7URCN/mWWTBHNhd3ppw=\n", + "iv": "8rQ0M4LT1HbCNpq9\n", + "auth_tag": "AuO5R6WCtd75TGJNfgFSCg==\n", + "version": 3, + "cipher": "aes-256-gcm" + }, + "ldap_password": { + "encrypted_data": "y0t8RuptVYiTKmUhaAWsC4c2ZzhQsYeVLeMPiQBn+Q==\n", + "iv": "mixYzDKkPSIDQ/l+\n", + "auth_tag": "DbLlZG7rlgBmyCdJ3nhSYA==\n", "version": 3, "cipher": "aes-256-gcm" }, "smtp_user_name": { - "encrypted_data": "ivB09/mCRrUaz9X4NFRBiqytjgy/vxN5Nha7gopFq5eSu9v4K9MkaLRqHh1I\nYw==\n", - "iv": "a8WKhRKsUjqBtfmn\n", - "auth_tag": "ib5WJNNaO7bRIspdACmOLw==\n", + "encrypted_data": "Ugc29HUFcirv6jOOlYNs9uvmhfwa2rG41im/MusCx0Vu0AZKcdy0krGi/kCZ\nKg==\n", + "iv": "ZlDK854w+vTNmeJe\n", + "auth_tag": "Nj95g0JMxrT419OLQIX26g==\n", "version": 3, "cipher": "aes-256-gcm" }, "smtp_password": { - "encrypted_data": "FxPz2e7fUNqcAu+DDJKlqn8rcSBLmnzigTFf5moZlQ1zz4YVl6pqHisa22Qz\nbfUx9rjU\n", - "iv": "GvRlNDV/b1WawtOP\n", - "auth_tag": "kyRCGfSJQelIwThDT4iQQQ==\n", + "encrypted_data": "D1TGjRfmM1ZeUmzwewlKXfQvvqTSzpzNlK5MKIU8dxbAH175UKn5qiemDEWe\nRYPe1LWT\n", + "iv": "D1OVfD5bMcefM5DP\n", + "auth_tag": "2E/q2gTbdXiLVnOMDeJv9w==\n", "version": 3, "cipher": "aes-256-gcm" }, "vapid_private_key": { - "encrypted_data": "DlbEAhd+SkSJoOSuwGhd5bdFlJADnT0w4u0+6m8AJoWJjoSCGAnzzmdHWT/k\nVUDkwiBCkqmEPK0oTvxnl/a8\n", - "iv": "6e0Gay7GVrQad1rI\n", - "auth_tag": "jjVundJ/ITxP/oYgEgzElg==\n", + "encrypted_data": "+87bVrbd/XvWhZH1IYusc4Hla7ZZmylptAyJf48CMG/F3SMEO33OqW2I+UWh\nSkqbxai5+GaMhvZHB8U2Clod\n", + "iv": "HVhNdFQl0TvCcjsa\n", + "auth_tag": "EEQXuQ5keOHXmchhBh+Ixw==\n", "version": 3, "cipher": "aes-256-gcm" }, "vapid_public_key": { - "encrypted_data": "+m37w/eWYqdEjsEYQw27FvQC+37ucruOFjZAjo0OgCwA0SoVz4VHX2eSA2AK\njX4CnM91cY4e/WG/ZHKlOMN1PftyQn2bdGaw35nXDanep8z0ROa01JEEi5DE\nUFRKvBmPInTeR6xvemuj7GM=\n", - "iv": "loYbGrAsWGLUZ+BK\n", - "auth_tag": "lAfpEEVQq+n7MLLm/kpmIA==\n", + "encrypted_data": "nBm1lXbn1+Kzol95+QSEjsUI/n7ObhdEqEyfYcVSP/LiLy57KOBQDu6CjSMz\n+PN9yEP4lOjtscqHS29jTC2vi3PSui9XpOFHRxFBnDuyKxczrnID2KlLCNRQ\n228G3VRgFIMAWMYKACgzUk0=\n", + "iv": "xHrVl+4JGkQbfUW3\n", + "auth_tag": "rfFoBMocq17YiDSlOCvWqw==\n", "version": 3, "cipher": "aes-256-gcm" }, "s3_key_id": { - "encrypted_data": "4B8OQ0iVCCna4FvC+EuS5prEUWaHRm1+tzXGmFoCQ4WZfhUA1HwT3x651e/R\n", - "iv": "1/zGwcQPQQQCiXIs\n", - "auth_tag": "siK9ph1q3/VVEycy91wkqQ==\n", + "encrypted_data": "pq0+VZhjoxzLuyY34f23wOmuks9Wevt8Wu6muKZAsZMSuU0iJvlRoK/65Qa0\n", + "iv": "QTxO+IfYcpI170ON\n", + "auth_tag": "4ZHva2iBYgDv6DyhMRRXzA==\n", "version": 3, "cipher": "aes-256-gcm" }, "s3_secret_key": { - "encrypted_data": "BSAc8dE/rQUiVvTGV6Ee/ZUDpq4HZlpoaCZ+lbQAbcnxui4ib0OTLPFwhVJ9\n4OQWahtSzkqxMc6MKWpadLT1a3oTnvnae9b3u40X5b2P3VyZYCM=\n", - "iv": "bqw8GTqLMTs5vD5n\n", - "auth_tag": "+e48L1lYVNda7VE3uLOAHA==\n", + "encrypted_data": "YMZqKtOXDPAME8IWWC+lO8TsxHMzawlbTju9z/Hcb5DnQAOy82QufTN90m73\n/xikUboAdKcA5YGn0mkm+Rt/ygVR6DFirYV3kwi2M3qyGVJifug=\n", + "iv": "9AwabheRFOgC8IKR\n", + "auth_tag": "iU2kkA1q8OsblN5jaZrWGQ==\n", "version": 3, "cipher": "aes-256-gcm" } diff --git a/environments/production.json b/environments/production.json index 8404558..4f84064 100644 --- a/environments/production.json +++ b/environments/production.json @@ -2,12 +2,19 @@ "name": "production", "override_attributes": { "akkounts": { + "btcpay": { + "public_url": "https://btcpay.kosmos.org", + "store_id": "FNJVVsrVkKaduPDAkRVchdegjwzsNhpceAdonCaXAwBX" + }, "ejabberd": { "admin_url": "https://xmpp.kosmos.org:5443/admin" }, "lndhub": { "public_url": "https://lndhub.kosmos.org", "public_key": "024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946" + }, + "nostr": { + "public_key": "b3e1b7c1660b7db0ecb93ec55c09e67961171a5c4e9e2602f1b47477ea61c50a" } }, "discourse": { @@ -17,7 +24,21 @@ "public_url": "https://drone.kosmos.org" }, "ejabberd": { - "turn_ip_address": "148.251.83.201" + "turn_domain": "turn.kosmos.org" + }, + "email": { + "domain": "kosmos.org", + "hostname": "mail.kosmos.org", + "report_contact": "abuse@kosmos.org", + "virtual_aliases": { + "admin@kosmos.org": "ops@kosmos.org", + "ops@kosmos.org": "ops@5apps.com", + "webmaster": "mail@kosmos.org", + "hostmaster@kosmos.org": "mail@kosmos.org", + "postmaster@kosmos.org": "mail@kosmos.org", + "abuse@kosmos.org": "mail@kosmos.org", + "mail@kosmos.org": "foundation@kosmos.org" + } }, "garage": { "replication_mode": "2", @@ -25,8 +46,9 @@ "s3_web_root_domain": "web.s3.kosmos.org", "s3_web_domains": [ "media.kosmos.chat", - "s3.kosmos.social", - "s3.community.kosmos.org" + "s3.accounts.kosmos.org", + "s3.community.kosmos.org", + "s3.kosmos.social" ], "xmpp_upload_bucket": "kosmos-xmpp-uploads" }, @@ -45,14 +67,16 @@ "kosmos_kvm": { "backup": { "nodes_excluded": [ - "garage-2", "garage-3", "garage-4", - "postgres-5", - "rsk-mainnet-2", "rsk-testnet-3" + "garage-", + "lq-", + "rsk-", + "postgres-6" ] } }, "kosmos-mastodon": { "domain": "kosmos.social", + "user_address_domain": "kosmos.social", "s3_endpoint": "http://localhost:3900", "s3_region": "garage", "s3_bucket": "kosmos-social", @@ -62,6 +86,16 @@ "mastodon.w7nooprauv6yrnhzh2ajpcnj3doinked2aaztlwfyt6u6pva2qdxqhid.onion" ] }, + "liquor-cabinet": { + "ufw_source_allowed": "10.1.1.0/24", + "redis_port": 6379, + "redis_db": 1, + "s3_endpoint": "http://localhost:3900", + "s3_region": "garage", + "s3_bucket": "rs-kosmos", + "domain": "storage.kosmos.org", + "root_redirect_url": "https://accounts.kosmos.org" + }, "mediawiki": { "url": "https://wiki.kosmos.org" }, diff --git a/nodes/akkounts-1.json b/nodes/akkounts-1.json index a183843..e97d59c 100644 --- a/nodes/akkounts-1.json +++ b/nodes/akkounts-1.json @@ -17,6 +17,7 @@ "kvm_guest", "ldap_client", "sentry_client", + "garage_gateway", "akkounts", "postgresql_client" ], @@ -26,6 +27,9 @@ "kosmos_kvm::guest", "kosmos-dirsrv::hostsfile", "kosmos_sentry::client", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", "kosmos_postgresql::hostsfile", "kosmos-akkounts", "kosmos-akkounts::default", @@ -43,6 +47,7 @@ "postfix::_attributes", "postfix::sasl_auth", "hostname::default", + "firewall::default", "redisio::default", "redisio::_install_prereqs", "redisio::install", @@ -76,6 +81,7 @@ "role[kvm_guest]", "role[ldap_client]", "role[sentry_client]", + "role[garage_gateway]", "role[akkounts]" ] } \ No newline at end of file diff --git a/nodes/bitcoin-2.json b/nodes/bitcoin-2.json index 7891613..38c758f 100644 --- a/nodes/bitcoin-2.json +++ b/nodes/bitcoin-2.json @@ -8,7 +8,7 @@ "automatic": { "fqdn": "bitcoin-2", "os": "linux", - "os_version": "5.4.0-131-generic", + "os_version": "5.4.0-163-generic", "hostname": "bitcoin-2", "ipaddress": "192.168.122.148", "roles": [ diff --git a/nodes/draco.kosmos.org.json b/nodes/draco.kosmos.org.json index 82b3a25..f07f268 100644 --- a/nodes/draco.kosmos.org.json +++ b/nodes/draco.kosmos.org.json @@ -26,6 +26,7 @@ "roles": [ "base", "kvm_host", + "email_proxy", "openresty_proxy", "openresty", "garage_gateway", @@ -36,6 +37,7 @@ "kosmos-base::default", "kosmos_kvm::host", "kosmos_kvm::backup", + "kosmos_email::firewall", "kosmos_openresty", "kosmos_openresty::default", "kosmos_openresty::firewall", @@ -45,11 +47,11 @@ "kosmos_assets::nginx_site", "kosmos_discourse::nginx", "kosmos_drone::nginx", - "kosmos-ejabberd::nginx", "kosmos_garage::nginx_web", "kosmos_garage::nginx_s3", "kosmos_gitea::nginx", "kosmos_gitea::nginx_ssh", + "kosmos_liquor-cabinet::nginx", "kosmos_rsk::nginx_testnet", "kosmos_rsk::nginx_mainnet", "kosmos_website", @@ -119,6 +121,7 @@ "run_list": [ "role[base]", "role[kvm_host]", + "role[email_proxy]", "role[openresty_proxy]", "recipe[kosmos_encfs]", "recipe[kosmos-ejabberd::firewall]", diff --git a/nodes/fornax.kosmos.org.json b/nodes/fornax.kosmos.org.json index d304aa5..bc81069 100644 --- a/nodes/fornax.kosmos.org.json +++ b/nodes/fornax.kosmos.org.json @@ -24,7 +24,8 @@ "openresty", "garage_gateway", "tor_proxy", - "zerotier_controller" + "zerotier_controller", + "turn_server" ], "recipes": [ "kosmos-base", @@ -40,11 +41,11 @@ "kosmos_assets::nginx_site", "kosmos_discourse::nginx", "kosmos_drone::nginx", - "kosmos-ejabberd::nginx", "kosmos_garage::nginx_web", "kosmos_garage::nginx_s3", "kosmos_gitea::nginx", "kosmos_gitea::nginx_ssh", + "kosmos_liquor-cabinet::nginx", "kosmos_rsk::nginx_testnet", "kosmos_rsk::nginx_mainnet", "kosmos_website", @@ -63,6 +64,7 @@ "kosmos_zerotier::controller", "kosmos_zerotier::firewall", "kosmos_zerotier::zncui", + "kosmos-ejabberd::coturn", "kosmos-ejabberd::firewall", "kosmos-ipfs::firewall_swarm", "sockethub::firewall", @@ -115,6 +117,7 @@ "role[kvm_host]", "role[openresty_proxy]", "role[zerotier_controller]", + "role[turn_server]", "recipe[kosmos-ejabberd::firewall]", "recipe[kosmos-ipfs::firewall_swarm]", "recipe[kosmos_zerotier::firewall]", diff --git a/nodes/garage-3.json b/nodes/garage-6.json similarity index 88% rename from nodes/garage-3.json rename to nodes/garage-6.json index be4db2a..6262df1 100644 --- a/nodes/garage-3.json +++ b/nodes/garage-6.json @@ -1,17 +1,17 @@ { - "name": "garage-3", + "name": "garage-6", "chef_environment": "production", "normal": { "knife_zero": { - "host": "10.1.1.39" + "host": "10.1.1.161" } }, "automatic": { - "fqdn": "garage-3", + "fqdn": "garage-6", "os": "linux", - "os_version": "5.4.0-132-generic", - "hostname": "garage-3", - "ipaddress": "192.168.122.191", + "os_version": "5.4.0-1090-kvm", + "hostname": "garage-6", + "ipaddress": "192.168.122.213", "roles": [ "base", "kvm_guest", @@ -61,4 +61,4 @@ "role[kvm_guest]", "role[garage_node]" ] -} \ No newline at end of file +} diff --git a/nodes/postgres-4.json b/nodes/garage-7.json similarity index 68% rename from nodes/postgres-4.json rename to nodes/garage-7.json index 1f2352e..5d87c28 100644 --- a/nodes/postgres-4.json +++ b/nodes/garage-7.json @@ -1,32 +1,30 @@ { - "name": "postgres-4", + "name": "garage-7", + "chef_environment": "production", "normal": { "knife_zero": { - "host": "10.1.1.107" + "host": "10.1.1.182" } }, "automatic": { - "fqdn": "postgres-4", + "fqdn": "garage-7", "os": "linux", - "os_version": "5.4.0-122-generic", - "hostname": "postgres-4", - "ipaddress": "192.168.122.3", + "os_version": "5.4.0-1090-kvm", + "hostname": "garage-7", + "ipaddress": "192.168.122.86", "roles": [ "base", "kvm_guest", - "postgresql_primary" + "garage_node" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", - "kosmos_postgresql::primary", - "kosmos_postgresql::firewall", - "kosmos-bitcoin::lndhub-go_pg_db", - "kosmos-bitcoin::nbxplorer_pg_db", - "kosmos_drone::pg_db", - "kosmos_gitea::pg_db", - "kosmos-mastodon::pg_db", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "kosmos_garage::firewall_apis", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -40,7 +38,8 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "firewall::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -60,6 +59,6 @@ "run_list": [ "role[base]", "role[kvm_guest]", - "role[postgresql_primary]" + "role[garage_node]" ] -} \ No newline at end of file +} diff --git a/nodes/garage-8.json b/nodes/garage-8.json new file mode 100644 index 0000000..3800a43 --- /dev/null +++ b/nodes/garage-8.json @@ -0,0 +1,64 @@ +{ + "name": "garage-8", + "chef_environment": "production", + "normal": { + "knife_zero": { + "host": "10.1.1.61" + } + }, + "automatic": { + "fqdn": "garage-8", + "os": "linux", + "os_version": "5.4.0-1090-kvm", + "hostname": "garage-8", + "ipaddress": "192.168.122.207", + "roles": [ + "base", + "kvm_guest", + "garage_node" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos_kvm::guest", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "kosmos_garage::firewall_apis", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::sasl_auth", + "hostname::default", + "firewall::default" + ], + "platform": "ubuntu", + "platform_version": "20.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "18.4.2", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.4.2/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.11", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.11/lib/ohai" + } + } + }, + "run_list": [ + "role[base]", + "role[kvm_guest]", + "role[garage_node]" + ] +} diff --git a/nodes/her.json b/nodes/her.json index 4c59378..43402f3 100644 --- a/nodes/her.json +++ b/nodes/her.json @@ -1,5 +1,6 @@ { "name": "her", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.222" @@ -19,6 +20,7 @@ "kosmos-base", "kosmos-base::default", "kosmos_kvm::host", + "kosmos_kvm::backup", "apt::default", "timezone_iii::default", "timezone_iii::debian", diff --git a/nodes/ldap-4.kosmos.org.json b/nodes/ldap-4.kosmos.org.json index 4a7230c..f66c37e 100644 --- a/nodes/ldap-4.kosmos.org.json +++ b/nodes/ldap-4.kosmos.org.json @@ -1,5 +1,6 @@ { "name": "ldap-4.kosmos.org", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.106" diff --git a/nodes/lq-1.json b/nodes/lq-1.json index c969a94..574ec90 100644 --- a/nodes/lq-1.json +++ b/nodes/lq-1.json @@ -1,5 +1,6 @@ { "name": "lq-1", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.87" @@ -8,17 +9,24 @@ "automatic": { "fqdn": "lq-1", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "lq-1", "ipaddress": "192.168.122.158", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "garage_gateway", + "liquor_cabinet" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "kosmos_liquor-cabinet", + "kosmos_liquor-cabinet::default", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +40,9 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "firewall::default", + "liquor_cabinet::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +61,8 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[garage_gateway]", + "role[liquor_cabinet]" ] } \ No newline at end of file diff --git a/nodes/lq-2.json b/nodes/lq-2.json index 8174bc6..5adfc66 100644 --- a/nodes/lq-2.json +++ b/nodes/lq-2.json @@ -1,5 +1,6 @@ { "name": "lq-2", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.188" @@ -8,17 +9,24 @@ "automatic": { "fqdn": "lq-2", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "lq-2", "ipaddress": "192.168.122.47", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "garage_gateway", + "liquor_cabinet" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_garage", + "kosmos_garage::default", + "kosmos_garage::firewall_rpc", + "kosmos_liquor-cabinet", + "kosmos_liquor-cabinet::default", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +40,9 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "firewall::default", + "liquor_cabinet::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +61,8 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[garage_gateway]", + "role[liquor_cabinet]" ] } \ No newline at end of file diff --git a/nodes/mail.kosmos.org.json b/nodes/mail.kosmos.org.json new file mode 100644 index 0000000..b308e91 --- /dev/null +++ b/nodes/mail.kosmos.org.json @@ -0,0 +1,70 @@ +{ + "name": "mail.kosmos.org", + "chef_environment": "production", + "normal": { + "knife_zero": { + "host": "10.1.1.95" + } + }, + "automatic": { + "fqdn": "mail.kosmos.org", + "os": "linux", + "os_version": "5.15.0-1048-kvm", + "hostname": "mail", + "ipaddress": "192.168.122.131", + "roles": [ + "base", + "kvm_guest", + "email_server", + "ldap_client" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos_kvm::guest", + "kosmos-dirsrv::hostsfile", + "kosmos_email", + "kosmos_email::default", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "hostname::default", + "kosmos-base::letsencrypt", + "unbound::default", + "kosmos_email::opendkim", + "kosmos_email::spamassassin", + "kosmos_email::postfix", + "postfix::server", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::relay_restrictions", + "kosmos_email::dovecot" + ], + "platform": "ubuntu", + "platform_version": "22.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "18.3.0", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" + } + } + }, + "run_list": [ + "role[base]", + "role[kvm_guest]", + "role[email_server]" + ] +} diff --git a/nodes/mastodon-3.json b/nodes/mastodon-3.json index 7bc96ba..1cd9134 100644 --- a/nodes/mastodon-3.json +++ b/nodes/mastodon-3.json @@ -14,6 +14,7 @@ "ipaddress": "192.168.122.161", "roles": [ "kvm_guest", + "ldap_client", "garage_gateway", "mastodon", "postgresql_client" @@ -22,6 +23,7 @@ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos-dirsrv::hostsfile", "kosmos_garage", "kosmos_garage::default", "kosmos_garage::firewall_rpc", @@ -84,6 +86,7 @@ "run_list": [ "recipe[kosmos-base]", "role[kvm_guest]", + "role[ldap_client]", "role[garage_gateway]", "role[mastodon]" ] diff --git a/nodes/postgres-5.json b/nodes/postgres-5.json index 7d0d29d..f118412 100644 --- a/nodes/postgres-5.json +++ b/nodes/postgres-5.json @@ -13,12 +13,20 @@ "ipaddress": "192.168.122.211", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "postgresql_primary" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_postgresql::primary", + "kosmos_postgresql::firewall", + "kosmos-bitcoin::lndhub-go_pg_db", + "kosmos-bitcoin::nbxplorer_pg_db", + "kosmos_drone::pg_db", + "kosmos_gitea::pg_db", + "kosmos-mastodon::pg_db", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -52,6 +60,6 @@ "run_list": [ "role[base]", "role[kvm_guest]", - "role[postgresql_replica]" + "role[postgresql_primary]" ] } diff --git a/nodes/postgres-6.json b/nodes/postgres-6.json new file mode 100644 index 0000000..a57aab5 --- /dev/null +++ b/nodes/postgres-6.json @@ -0,0 +1,57 @@ +{ + "name": "postgres-6", + "normal": { + "knife_zero": { + "host": "10.1.1.196" + } + }, + "automatic": { + "fqdn": "postgres-6", + "os": "linux", + "os_version": "5.4.0-173-generic", + "hostname": "postgres-6", + "ipaddress": "192.168.122.60", + "roles": [ + "base", + "kvm_guest" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos_kvm::guest", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::sasl_auth", + "hostname::default" + ], + "platform": "ubuntu", + "platform_version": "20.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "18.4.2", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.4.2/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.11", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.11/lib/ohai" + } + } + }, + "run_list": [ + "role[base]", + "role[kvm_guest]", + "role[postgresql_replica]" + ] +} diff --git a/nodes/redis-1.json b/nodes/redis-1.json index a5507e7..cd0fb79 100644 --- a/nodes/redis-1.json +++ b/nodes/redis-1.json @@ -1,5 +1,6 @@ { "name": "redis-1", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.225" @@ -8,7 +9,7 @@ "automatic": { "fqdn": "redis-1", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "redis-1", "ipaddress": "192.168.122.83", "roles": [ @@ -22,6 +23,8 @@ "kosmos_kvm::guest", "kosmos_redis", "kosmos_redis::default", + "kosmos_redis::firewall", + "kosmos_redis::backup", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -43,7 +46,6 @@ "redisio::disable_os_default", "redisio::configure", "redisio::enable", - "kosmos_redis::firewall", "backup::default", "logrotate::default" ], diff --git a/nodes/redis-2.json b/nodes/redis-2.json index 38735df..07be0f5 100644 --- a/nodes/redis-2.json +++ b/nodes/redis-2.json @@ -1,5 +1,6 @@ { "name": "redis-2", + "chef_environment": "production", "normal": { "knife_zero": { "host": "10.1.1.208" @@ -8,17 +9,20 @@ "automatic": { "fqdn": "redis-2", "os": "linux", - "os_version": "5.4.0-1090-kvm", + "os_version": "5.4.0-1104-kvm", "hostname": "redis-2", "ipaddress": "192.168.122.98", "roles": [ "base", - "kvm_guest" + "kvm_guest", + "redis_replica" ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_kvm::guest", + "kosmos_redis::replica", + "kosmos_redis::firewall", "apt::default", "timezone_iii::default", "timezone_iii::debian", @@ -32,7 +36,14 @@ "postfix::_common", "postfix::_attributes", "postfix::sasl_auth", - "hostname::default" + "hostname::default", + "redisio::default", + "redisio::_install_prereqs", + "redisio::install", + "redisio::ulimit", + "redisio::disable_os_default", + "redisio::configure", + "redisio::enable" ], "platform": "ubuntu", "platform_version": "20.04", @@ -51,6 +62,7 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]" + "role[kvm_guest]", + "role[redis_replica]" ] } \ No newline at end of file diff --git a/nodes/rsk-testnet-4.json b/nodes/rsk-testnet-4.json index fb05180..21ab8f2 100644 --- a/nodes/rsk-testnet-4.json +++ b/nodes/rsk-testnet-4.json @@ -55,7 +55,6 @@ }, "run_list": [ "role[base]", - "role[kvm_guest]", - "role[rskj_testnet]" + "role[kvm_guest]" ] } diff --git a/nodes/rsk-testnet-5.json b/nodes/rsk-testnet-5.json new file mode 100644 index 0000000..9df65b3 --- /dev/null +++ b/nodes/rsk-testnet-5.json @@ -0,0 +1,61 @@ +{ + "name": "rsk-testnet-5", + "normal": { + "knife_zero": { + "host": "10.1.1.194" + } + }, + "automatic": { + "fqdn": "rsk-testnet-5", + "os": "linux", + "os_version": "5.4.0-1103-kvm", + "hostname": "rsk-testnet-5", + "ipaddress": "192.168.122.171", + "roles": [ + "base", + "kvm_guest", + "rskj_testnet" + ], + "recipes": [ + "kosmos-base", + "kosmos-base::default", + "kosmos_kvm::guest", + "kosmos_rsk::rskj", + "apt::default", + "timezone_iii::default", + "timezone_iii::debian", + "ntp::default", + "ntp::apparmor", + "kosmos-base::systemd_emails", + "apt::unattended-upgrades", + "kosmos-base::firewall", + "kosmos-postfix::default", + "postfix::default", + "postfix::_common", + "postfix::_attributes", + "postfix::sasl_auth", + "hostname::default", + "kosmos_rsk::firewall", + "firewall::default" + ], + "platform": "ubuntu", + "platform_version": "20.04", + "cloud": null, + "chef_packages": { + "chef": { + "version": "18.3.0", + "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.3.0/lib", + "chef_effortless": null + }, + "ohai": { + "version": "18.1.4", + "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" + } + } + }, + "run_list": [ + "role[base]", + "role[kvm_guest]", + "role[rskj_testnet]" + ] +} diff --git a/nodes/vagrant-node-bitcoin.json b/nodes/vagrant-node-bitcoin.json deleted file mode 100644 index 36855f0..0000000 --- a/nodes/vagrant-node-bitcoin.json +++ /dev/null @@ -1,7796 +0,0 @@ -{ - "name": "vagrant-node-bitcoin", - "chef_environment": "development", - "override": { - "nodejs": { - "repo": "https://deb.nodesource.com/node_14.x", - "package_action": { - "nodejs": "upgrade" - } - }, - "kosmos-mastodon": { - "elasticsearch": { - "allocated_memory": "128m" - } - }, - "kosmos-dirsrv": { - "master_hostname": "localhost" - }, - "bitcoin": { - "username": "vagrant", - "usergroup": "vagrant", - "conf": { - "testnet": 1, - "irc": 1, - "dnsseed": 1, - "upnp": 1, - "checkblocks": 10, - "checklevel": 1, - "txindex": 1, - "whitelist": "127.0.0.1", - "listen": 1, - "server": 1, - "rpcport": 8332, - "rpcssl": 0, - "rpcuser": "bitcoind", - "rpcbind": "127.0.0.1:8336", - "port": 8335, - "gen": 0, - "zmqpubrawblock": "tcp://127.0.0.1:8337", - "zmqpubrawtx": "tcp://127.0.0.1:8338" - } - } - }, - "normal": { - "tags": [ - - ] - }, - "default": { - "poise-service": { - "provider": "auto", - "options": { - - } - }, - "poise-archive": { - "seven_zip": { - "version": "16.04", - "url": "http://www.7-zip.org/a/7z%{version_tag}%{arch_tag}.exe" - } - }, - "poise-javascript": { - "provider": "auto", - "options": { - - }, - "install_nodejs": true, - "install_iojs": false - }, - "ark": { - "apache_mirror": "http://apache.mirrors.tds.net", - "prefix_root": "/usr/local", - "prefix_bin": "/usr/local/bin", - "prefix_home": "/usr/local", - "tar": null, - "sevenzip_binary": null, - "package_dependencies": [ - "libtool", - "autoconf", - "make", - "unzip", - "rsync", - "gcc", - "autogen", - "shtool", - "pkg-config" - ] - }, - "logrotate": { - "package": { - "name": "logrotate", - "source": null, - "version": null, - "provider": null, - "action": "upgrade" - }, - "directory": "/etc/logrotate.d", - "cron": { - "install": false, - "name": "logrotate", - "command": "/usr/sbin/logrotate /etc/logrotate.conf", - "minute": 35, - "hour": 2 - }, - "global": { - "weekly": true, - "rotate": 4, - "create": "", - "/var/log/wtmp": { - "missingok": true, - "monthly": true, - "create": "0664 root utmp", - "rotate": 1 - }, - "/var/log/btmp": { - "missingok": true, - "monthly": true, - "create": "0660 root utmp", - "rotate": 1 - } - } - }, - "backup": { - "dir": "/usr/local/lib/backup", - "default_model": true, - "compression": { - "best": true, - "fast": false - }, - "user": "backup", - "archives": { - - }, - "mysql": { - "databases": [ - - ], - "username": "root", - "host": "localhost" - }, - "postgresql": { - "databases": { - - }, - "username": "postgres", - "host": "localhost", - "port": 5432 - }, - "redis": { - "databases": [ - - ], - "host": "localhost", - "invoke_save": false, - "dump_dir": "/var/lib/redis" - }, - "orbit": { - "keep": 10 - }, - "cron": { - "hour": "05", - "minute": "7" - }, - "s3": { - "keep": 15, - "bucket": "kosmos-dev-backups" - } - }, - "firewall": { - "allow_ssh": false, - "allow_winrm": false, - "allow_mosh": false, - "allow_loopback": false, - "allow_icmp": false, - "firewalld": { - "permanent": false - }, - "iptables": { - "defaults": { - "policy": { - "input": "DROP", - "forward": "DROP", - "output": "ACCEPT" - }, - "ruleset": { - "*filter": 1, - ":INPUT DROP": 2, - ":FORWARD DROP": 3, - ":OUTPUT ACCEPT": 4, - "COMMIT_FILTER": 100 - } - } - }, - "ubuntu_iptables": false, - "redhat7_iptables": false, - "allow_established": true, - "ipv6_enabled": true, - "ufw": { - "defaults": { - "ipv6": "yes", - "manage_builtins": "no", - "ipt_sysctl": "/etc/ufw/sysctl.conf", - "ipt_modules": "nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns", - "policy": { - "input": "DROP", - "output": "ACCEPT", - "forward": "DROP", - "application": "SKIP" - } - } - }, - "windows": { - "defaults": { - "policy": { - "input": "blockinbound", - "output": "allowoutbound" - } - } - } - }, - "git": { - "prefix": "/usr/local", - "version": "2.17.1", - "url": "https://nodeload.github.com/git/git/tar.gz/v%{version}", - "checksum": "690f12cc5691e5adaf2dd390eae6f5acce68ae0d9bd9403814f8a1433833f02a", - "use_pcre": false, - "server": { - "base_path": "/srv/git", - "export_all": true - } - }, - "golang": { - "scm": true, - "scm_packages": [ - "git", - "mercurial", - "bzr" - ], - "install_dir": "/usr/local", - "gopath": "/opt/go", - "gobin": "/opt/go/bin", - "packages": [ - - ] - }, - "msys2": { - "url": "http://downloads.sourceforge.net/project/msys2/Base/x86_64/msys2-base-x86_64-20160205.tar.xz", - "checksum": "7e97e2af042e1b6f62cf0298fe84839014ef3d4a3e7825cffc6931c66cc0fc20" - }, - "build-essential": { - "compile_time": false, - "msys2": { - "path": "\\msys2" - } - }, - "yum-epel": { - "repos": [ - - ] - }, - "yum": { - "epel-debuginfo": { - "repositoryid": "epel-debuginfo", - "description": "Extra Packages for 20 - $basearch - Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-modular-debuginfo": { - "repositoryid": "epel-modular-debuginfo", - "description": "Extra Packages for Enterprise Linux Modular $releasever - $basearch - Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=epel-modular-debug-$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-modular-source": { - "repositoryid": "epel-modular-source", - "description": "Extra Packages for Enterprise Linux Modular $releasever - $basearch - Source", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=epel-modular-source-$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-modular": { - "repositoryid": "epel-modular", - "description": "Extra Packages for Enterprise Linux Modular $releasever - $basearch", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=epel-modular-$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next-debuginfo": { - "repositoryid": "epel-next-debuginfo", - "description": "Extra Packages for 20 - $basearch - Next - Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-next-debug-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next-source": { - "repositoryid": "epel-next-source", - "description": "Extra Packages for 20 $basearch - Next -Source", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-next-source-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next-testing-debuginfo": { - "repositoryid": "epel-next-testing-debuginfo", - "description": "Extra Packages for 20 - $basearch - Next - Testing Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-testing-next-debug-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next-testing-source": { - "repositoryid": "epel-next-testing-source", - "description": "Extra Packages for 20 - $basearch - Next - Testing Source", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next-testing": { - "repositoryid": "epel-next-testing", - "description": "Extra Packages for 20 - $basearch - Next - Testing", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-testing-next-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-next": { - "repositoryid": "epel-next", - "gpgcheck": true, - "description": "Extra Packages for $releasever - Next - $basearch", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-next-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "enabled": true, - "managed": true, - "make_cache": true - }, - "epel-playground-debuginfo": { - "repositoryid": "epel-playground-debuginfo", - "description": "Extra Packages for Enterprise Linux $releasever - Playground - $basearch - Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=playground-debug-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-playground-source": { - "repositoryid": "epel-playground-source", - "description": "Extra Packages for Enterprise Linux $releasever - Playground - $basearch - Source", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=playground-source-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-playground": { - "repositoryid": "epel-playground", - "description": "Extra Packages for Enterprise Linux $releasever - Playground - $basearch", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=playground-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-source": { - "repositoryid": "epel-source", - "description": "Extra Packages for 20 - $basearch - Source", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing-debuginfo": { - "repositoryid": "epel-testing-debuginfo", - "description": "Extra Packages for 20 - $basearch - Testing Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=testing-debug-epel20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing-modular-debuginfo": { - "repositoryid": "epel-testing-modular-debuginfo", - "description": "Extra Packages for Enterprise Linux Modular $releasever - Testing - $basearch - Debug", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=testing-modular-debug-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing-modular-source": { - "repositoryid": "epel-testing-modular-source", - "description": "Extra Packages for Enterprise Linux Modular $releasever- Testing - $basearch - Source", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=testing-modular-source-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing-modular": { - "repositoryid": "epel-testing-modular", - "description": "Extra Packages for Enterprise Linux Modular $releasever - Testing - $basearch", - "mirrorlist": "https://mirrors.fedoraproject.org/metalink?repo=testing-modular-epel$releasever&arch=$basearch&infra=$infra&content=$contentdir", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing-source": { - "repositoryid": "epel-testing-source", - "description": "Extra Packages for 20 - $basearch - Testing Source", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel-testing": { - "repositoryid": "epel-testing", - "description": "Extra Packages for 20 - $basearch - Testing ", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "gpgcheck": true, - "enabled": false, - "managed": false, - "make_cache": true - }, - "epel": { - "repositoryid": "epel", - "gpgcheck": true, - "description": "Extra Packages for 20 - $basearch", - "mirrorlist": "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-20&arch=$basearch", - "gpgkey": "https://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-20", - "enabled": true, - "managed": true, - "make_cache": true - }, - "main": { - "cachedir": "/var/cache/yum/$basearch/$releasever", - "distroverpkg": "ubuntu-release", - "alwaysprompt": null, - "assumeyes": null, - "bandwidth": null, - "bugtracker_url": null, - "clean_requirements_on_remove": null, - "color": null, - "color_list_available_downgrade": null, - "color_list_available_install": null, - "color_list_available_reinstall": null, - "color_list_available_upgrade": null, - "color_list_installed_extra": null, - "color_list_installed_newer": null, - "color_list_installed_older": null, - "color_list_installed_reinstall": null, - "color_search_match": null, - "color_update_installed": null, - "color_update_local": null, - "color_update_remote": null, - "commands": null, - "deltarpm": null, - "debuglevel": null, - "diskspacecheck": null, - "enable_group_conditionals": null, - "errorlevel": null, - "exactarch": null, - "exclude": null, - "gpgcheck": true, - "group_package_types": null, - "groupremove_leaf_only": null, - "history_list_view": null, - "history_record": null, - "history_record_packages": null, - "http_caching": null, - "ip_resolve": null, - "installonly_limit": null, - "installonlypkgs": null, - "installroot": null, - "keepalive": null, - "keepcache": false, - "kernelpkgnames": null, - "localpkg_gpgcheck": false, - "logfile": "/var/log/yum.log", - "max_retries": null, - "mdpolicy": null, - "metadata_expire": null, - "mirrorlist_expire": null, - "multilib_policy": null, - "obsoletes": null, - "overwrite_groups": null, - "password": null, - "path": "/etc/yum.conf", - "persistdir": null, - "pluginconfpath": null, - "pluginpath": null, - "plugins": null, - "protected_multilib": null, - "protected_packages": null, - "proxy": null, - "proxy_password": null, - "proxy_username": null, - "recent": null, - "repo_gpgcheck": null, - "reposdir": null, - "reset_nice": null, - "rpmverbosity": null, - "showdupesfromrepos": null, - "skip_broken": null, - "ssl_check_cert_permissions": null, - "sslcacert": null, - "sslclientcert": null, - "sslclientkey": null, - "sslverify": null, - "syslog_device": null, - "syslog_facility": null, - "syslog_ident": null, - "throttle": null, - "timeout": null, - "tolerant": false, - "tsflags": null, - "username": null - } - }, - "nginx": { - "version": "1.12.1", - "package_name": "nginx", - "port": "80", - "dir": "/etc/nginx", - "script_dir": "/usr/sbin", - "log_dir": "/var/log/nginx", - "log_dir_perm": "0750", - "binary": "/usr/sbin/nginx", - "default_root": "/var/www/nginx-default", - "ulimit": "1024", - "cleanup_runit": true, - "repo_source": "nginx", - "install_method": "package", - "user": "www-data", - "user_home": "/var/www", - "upstart": { - "runlevels": "2345", - "respawn_limit": null, - "foreground": true - }, - "group": "www-data", - "gzip": "on", - "gzip_static": "off", - "gzip_http_version": "1.0", - "gzip_comp_level": "2", - "gzip_proxied": "any", - "gzip_vary": "off", - "gzip_buffers": null, - "gzip_types": [ - "text/plain", - "text/css", - "application/x-javascript", - "text/xml", - "application/xml", - "application/rss+xml", - "application/atom+xml", - "image/svg+xml", - "text/javascript", - "application/javascript", - "application/json", - "text/mathml" - ], - "gzip_min_length": 1000, - "gzip_disable": "MSIE [1-6]\\.", - "keepalive": "on", - "keepalive_requests": 100, - "keepalive_timeout": 65, - "worker_processes": 2, - "worker_connections": 1024, - "worker_rlimit_nofile": null, - "multi_accept": false, - "event": null, - "accept_mutex_delay": null, - "server_tokens": null, - "server_names_hash_bucket_size": 64, - "variables_hash_max_size": 1024, - "variables_hash_bucket_size": 64, - "sendfile": "on", - "underscores_in_headers": null, - "tcp_nodelay": "on", - "tcp_nopush": "on", - "access_log_options": null, - "error_log_options": null, - "disable_access_log": false, - "log_formats": { - - }, - "default_site_enabled": true, - "types_hash_max_size": 2048, - "types_hash_bucket_size": 64, - "proxy_read_timeout": null, - "client_body_buffer_size": null, - "client_max_body_size": null, - "large_client_header_buffers": null, - "map_hash_max_size": null, - "proxy_buffer_size": null, - "proxy_buffers": null, - "proxy_busy_buffers_size": null, - "default": { - "modules": [ - - ] - }, - "extra_configs": { - - }, - "ohai_plugin_enabled": true, - "load_modules": [ - - ], - "auth_request": { - "url": "http://mdounin.ru/hg/ngx_http_auth_request_module/archive/662785733552.tar.gz", - "checksum": "2057bdefd2137a5000d9dbdbfca049d1ba7832ad2b9f8855a88ea5dfa70bd8c1" - }, - "devel": { - "version": "0.3.0", - "url": "https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz", - "checksum": "88e05a99a8a7419066f5ae75966fb1efc409bad4522d14986da074554ae61619" - }, - "echo": { - "version": "0.61", - "url": "https://github.com/openresty/echo-nginx-module/archive/v0.61.tar.gz", - "checksum": "2e6a03032555f5da1bdff2ae96c96486f447da3da37c117e0f964ae0753d22aa" - }, - "geoip": { - "path": "/srv/geoip", - "enable_city": true, - "country_dat_url": "http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz", - "country_dat_checksum": null, - "city_dat_url": "http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz", - "city_dat_checksum": null, - "lib_version": "1.6.9", - "lib_url": "https://github.com/maxmind/geoip-api-c/releases/download/v1.6.9/GeoIP-1.6.9.tar.gz", - "lib_checksum": "4b446491843de67c1af9b887da17a3e5939e0aeed4826923a5f4bf09d845096f" - }, - "headers_more": { - "version": "0.30", - "source_url": "https://github.com/openresty/headers-more-nginx-module/archive/v0.30.tar.gz", - "source_checksum": "2aad309a9313c21c7c06ee4e71a39c99d4d829e31c8b3e7d76f8c964ea8047f5" - }, - "lua": { - "version": "0.10.10", - "url": "https://github.com/chaoslawful/lua-nginx-module/archive/v0.10.10.tar.gz", - "checksum": "b4acb84e2d631035a516d61830c910ef6e6485aba86096221ec745e0dbb3fbc9" - }, - "luajit": { - "version": "2.0.4", - "url": "http://luajit.org/download/LuaJIT-2.0.4.tar.gz", - "checksum": "620fa4eb12375021bef6e4f237cbd2dd5d49e56beb414bee052c746beef1807d" - }, - "naxsi": { - "version": "0.54", - "url": "https://github.com/nbs-system/naxsi/archive/0.54.tar.gz", - "checksum": "9cc2c09405bc71f78ef26a8b6d70afcea3fccbe8125df70cb0cfc480133daba5" - }, - "openssl_source": { - "version": "1.0.2k", - "url": "http://www.openssl.org/source/openssl-1.0.2k.tar.gz" - }, - "pagespeed": { - "version": "1.11.33.2", - "url": "https://github.com/pagespeed/ngx_pagespeed/archive/release-1.11.33.2-beta.tar.gz", - "packages": { - "rhel": [ - "pcre-devel", - "zlib-devel" - ], - "debian": [ - "zlib1g-dev", - "libpcre3", - "libpcre3-dev" - ] - } - }, - "psol": { - "url": "https://dl.google.com/dl/page-speed/psol/1.11.33.2.tar.gz" - }, - "passenger": { - "version": "4.0.57", - "root": "/var/lib/gems/2.7.0/gems/passenger-4.0.57", - "ruby": "/usr/bin/ruby2.7", - "conf_file": "/etc/nginx/conf.d/mod-http-passenger.conf", - "packages": { - "rhel": [ - "ruby-devel", - "curl-devel" - ], - "fedora": [ - "ruby-devel", - "libcurl-devel" - ], - "debian": [ - "ruby-dev", - "libcurl4-gnutls-dev", - "libnginx-mod-http-passenger" - ] - }, - "install_rake": true, - "spawn_method": "smart-lv2", - "buffer_response": "on", - "max_pool_size": 6, - "min_instances": 1, - "max_instances_per_app": 0, - "pool_idle_time": 300, - "max_requests": 0, - "gem_binary": null, - "show_version_in_header": "on", - "passenger_log_file": null, - "nodejs": null - }, - "enable_rate_limiting": false, - "rate_limiting_zone_name": "default", - "rate_limiting_backoff": "10m", - "rate_limit": "1r/s", - "upstream_repository": "https://nginx.org/packages/ubuntu", - "repo_signing_key": "https://nginx.org/keys/nginx_signing.key", - "set_misc": { - "version": "0.30", - "url": "https://github.com/agentzh/set-misc-nginx-module/archive/v0.30.tar.gz", - "checksum": "59920dd3f92c2be32627121605751b52eae32b5884be09f2e4c53fb2fae8aabc" - }, - "socketproxy": { - "root": "/usr/share/nginx/apps", - "app_owner": "root", - "logname": "socketproxy", - "log_level": "error" - }, - "init_style": "systemd", - "source": { - "version": "1.12.1", - "prefix": "/opt/nginx-1.12.1", - "conf_path": "/etc/nginx/nginx.conf", - "sbin_path": "/opt/nginx-1.12.1/sbin/nginx", - "default_configure_flags": [ - "--prefix=/opt/nginx-1.12.1", - "--conf-path=/etc/nginx/nginx.conf", - "--sbin-path=/opt/nginx-1.12.1/sbin/nginx", - "--with-cc-opt=-Wno-error" - ], - "url": "http://nginx.org/download/nginx-1.12.1.tar.gz", - "checksum": "8793bf426485a30f91021b6b945a9fd8a84d87d17b566562c3797aba8fac76fb", - "modules": [ - "nginx::http_ssl_module", - "nginx::http_gzip_static_module" - ], - "use_existing_user": false - }, - "configure_flags": [ - - ], - "status": { - "port": "8090" - }, - "syslog": { - "git_repo": "https://github.com/yaoweibin/nginx_syslog_patch.git", - "git_revision": "master" - }, - "upload_progress": { - "url": "https://github.com/masterzen/nginx-upload-progress-module/tarball/v0.9.0", - "checksum": "3fb903dab595cf6656fa0fc5743a48daffbba2f6b5c554836be630800eaad4e2", - "javascript_output": true, - "zone_name": "proxied", - "zone_size": "1m" - } - }, - "openssl": { - "restart_services": [ - - ] - }, - "chocolatey": { - "upgrade": false, - "sensitive": false, - "install_vars": { - "chocolateyProxyLocation": null, - "chocolateyProxyUser": null, - "chocolateyProxyPassword": null, - "chocolateyVersion": null, - "chocolateyDownloadUrl": "https://chocolatey.org/api/v2/package/chocolatey", - "chocolateyUseWindowsCompression": null - } - }, - "nodejs": { - "install_method": "package", - "version": "10.16.3", - "prefix_url": { - "node": "https://nodejs.org/dist/" - }, - "tmpdir": "/tmp", - "source": { - "url": null, - "checksum": "db5a5e03a815b84a1266a4b48bb6a6d887175705f84fd2472f0d28e5e305a1f8" - }, - "binary": { - "url": null, - "checksum": { - "linux_x64": "2f0397bb81c1d0c9901b9aff82a933257bf60f3992227b86107111a75b9030d9", - "linux_arm64": "3bab16e7107092e43426e082ee9fd88ef0a43a35816f662f14563bcc5152600d" - }, - "append_env_path": true - }, - "make_threads": 2, - "manage_node": true, - "npm": { - "install_method": "embedded", - "version": "latest" - }, - "install_repo": true, - "repo": "https://deb.nodesource.com/node_10.x", - "keyserver": "keyserver.ubuntu.com", - "key": "1655a0ab68576280", - "packages": [ - "nodejs" - ], - "package_action": { - "default": "install" - }, - "package_options": { - "default": "" - } - }, - "ulimit": { - "pam_su_template_cookbook": null, - "users": { - - }, - "security_limits_directory": "/etc/security/limits.d", - "ulimit_overriding_sudo_file_name": "sudo", - "ulimit_overriding_sudo_file_cookbook": null - }, - "redisio": { - "redis_config": { - "template_cookbook": "redisio", - "template_source": "redis.conf.erb" - }, - "safe_install": true, - "package_install": false, - "package_name": "redis-server", - "bypass_setup": false, - "mirror": "http://download.redis.io/releases/", - "base_name": "redis-", - "artifact_type": "tar.gz", - "base_piddir": "/var/run/redis", - "version": "3.2.11", - "install_dir": null, - "job_control": "systemd", - "init.d": { - "required_start": [ - - ], - "required_stop": [ - - ] - }, - "default_settings": { - "user": "redis", - "group": "redis", - "permissions": "0644", - "homedir": "/var/lib/redis", - "shell": "/bin/false", - "systemuser": true, - "uid": null, - "ulimit": 0, - "configdir": "/etc/redis", - "name": null, - "tcpbacklog": "511", - "address": null, - "databases": "16", - "backuptype": "rdb", - "datadir": "/var/lib/redis", - "unixsocket": null, - "unixsocketperm": null, - "timeout": "0", - "keepalive": "0", - "loglevel": "notice", - "logfile": null, - "syslogenabled": "yes", - "syslogfacility": "local0", - "shutdown_save": false, - "save": null, - "stopwritesonbgsaveerror": "yes", - "rdbcompression": "yes", - "rdbchecksum": "yes", - "dbfilename": null, - "slaveof": null, - "protected_mode": null, - "masterauth": null, - "slaveservestaledata": "yes", - "slavereadonly": "yes", - "repldisklesssync": "no", - "repldisklesssyncdelay": "5", - "replpingslaveperiod": "10", - "repltimeout": "60", - "repldisabletcpnodelay": "no", - "replbacklogsize": "1mb", - "replbacklogttl": 3600, - "slavepriority": "100", - "requirepass": null, - "rename_commands": null, - "maxclients": 10000, - "maxmemory": null, - "maxmemorypolicy": null, - "maxmemorysamples": null, - "appendfilename": null, - "appendfsync": "everysec", - "noappendfsynconrewrite": "no", - "aofrewritepercentage": "100", - "aofrewriteminsize": "64mb", - "aofloadtruncated": "yes", - "luatimelimit": "5000", - "slowloglogslowerthan": "10000", - "slowlogmaxlen": "1024", - "notifykeyspaceevents": "", - "hashmaxziplistentries": "512", - "hashmaxziplistvalue": "64", - "listmaxziplistentries": "512", - "listmaxziplistvalue": "64", - "setmaxintsetentries": "512", - "zsetmaxziplistentries": "128", - "zsetmaxziplistvalue": "64", - "hllsparsemaxbytes": "3000", - "activerehasing": "yes", - "clientoutputbufferlimit": [ - [ - "normal", - "0", - "0", - "0" - ], - [ - "slave", - "256mb", - "64mb", - "60" - ], - [ - "pubsub", - "32mb", - "8mb", - "60" - ] - ], - "hz": "10", - "aofrewriteincrementalfsync": "yes", - "clusterenabled": "no", - "clusterconfigfile": null, - "clusternodetimeout": 5000, - "includes": null, - "data_bag_name": null, - "data_bag_item": null, - "data_bag_key": null, - "minslavestowrite": null, - "minslavesmaxlag": null, - "breadcrumb": true - }, - "servers": null, - "bin_path": "/usr/local/bin", - "gem": { - "name": "redis", - "version": null - }, - "sentinel_defaults": { - "user": "redis", - "configdir": "/etc/redis", - "sentinel_bind": null, - "sentinel_port": 26379, - "monitor": null, - "down_after_milliseconds": 30000, - "can-failover": "yes", - "parallel-syncs": 1, - "failover_timeout": 900000, - "loglevel": "notice", - "logfile": null, - "syslogenabled": "yes", - "syslogfacility": "local0", - "quorum_count": 2, - "data_bag_name": null, - "data_bag_item": null, - "data_bag_key": null, - "announce-ip": null, - "announce-port": null, - "notification-script": null, - "client-reconfig-script": null - }, - "sentinel": { - "manage_config": true - }, - "sentinels": null - }, - "apt": { - "cacher_dir": "/var/cache/apt-cacher-ng", - "cacher_interface": null, - "cacher_port": 3142, - "compiletime": false, - "compile_time_update": false, - "key_proxy": "", - "periodic_update_min_delay": 86400, - "launchpad_api_version": "1.0", - "unattended_upgrades": { - "enable": false, - "update_package_lists": true, - "allowed_origins": [ - "Ubuntu focal" - ], - "origins_patterns": [ - - ], - "package_blacklist": [ - - ], - "auto_fix_interrupted_dpkg": false, - "minimal_steps": false, - "install_on_shutdown": false, - "mail": null, - "sender": null, - "mail_only_on_error": true, - "remove_unused_dependencies": false, - "automatic_reboot": false, - "automatic_reboot_time": "now", - "dl_limit": null, - "random_sleep": null, - "syslog_enable": false, - "syslog_facility": "daemon", - "dpkg_options": [ - - ] - }, - "cacher_client": { - "cacher_server": { - - } - }, - "confd": { - "force_confask": false, - "force_confdef": false, - "force_confmiss": false, - "force_confnew": false, - "force_confold": false, - "install_recommends": true, - "install_suggests": false - } - }, - "tor": { - "DataDirectory": "/var/lib/tor", - "MinLogLevel": "notice", - "LogDestination": "/var/log/tor/log", - "SocksPorts": [ - "9050" - ], - "HiddenServices": { - - }, - "relay": { - "enabled": false, - "ORPort": "9001", - "Address": null, - "OutboundBindAddress": null, - "Nickname": "IDidntEditTheConfig", - "RelayBandwidthRate": null, - "RelayBandwidthBurst": null, - "ContactInfo": null, - "ExitPolicy": [ - "reject *:*" - ], - "BridgeRelay": 0, - "PublishServerDescriptor": 1, - "Directory": false, - "DirPort": "9030", - "DirPortFrontPage": null, - "MyFamily": [ - - ] - } - }, - "bitcoin": { - "version": "0.21.1", - "checksum": "caff23449220cf45753f312cefede53a9eac64000bb300797916526236b6a1e0", - "username": "satoshi", - "usergroup": "bitcoin", - "network": "mainnet", - "conf_path": "/home/satoshi/.bitcoin/bitcoin.conf", - "walletdir": "/home/satoshi/.bitcoin", - "datadir": "/mnt/data/bitcoin", - "conf": { - "irc": 1, - "dnsseed": 1, - "upnp": 1, - "checkblocks": 10, - "checklevel": 1, - "txindex": 1, - "whitelist": "127.0.0.1", - "listen": 1, - "server": 1, - "rpcssl": 0, - "rpcuser": "satoshi", - "rpcbind": "127.0.0.1:8332", - "gen": 0, - "zmqpubrawblock": "tcp://127.0.0.1:8337", - "zmqpubrawtx": "tcp://127.0.0.1:8338" - }, - "tor_enabled": true - }, - "c-lightning": { - "repo": "https://github.com/ElementsProject/lightning", - "revision": "v0.10.2", - "source_dir": "/opt/c-lightning", - "lightning_dir": "/home/vagrant/.lightning", - "alias": "ln3.kosmos.org", - "rgb": "0D4F99", - "log_level": "info", - "public_ip": "148.251.237.73" - }, - "lnd": { - "repo": "https://github.com/lightningnetwork/lnd", - "revision": "v0.14.1-beta", - "source_dir": "/opt/lnd", - "lnd_dir": "/home/vagrant/.lnd", - "alias": "ln2.kosmos.org", - "color": "#5e0c99", - "log_level": "info", - "public_ip": "148.251.237.111", - "public_port": "9735", - "port": "9736", - "minchansize": "1000000", - "basefee": "1000", - "feerate": "50", - "auto_unlock": true - }, - "boltz": { - "repo": "https://github.com/BoltzExchange/boltz-lnd.git", - "revision": "v1.2.6", - "source_dir": "/opt/boltz", - "boltz_dir": "/home/vagrant/.boltz-lnd", - "grpc_host": "127.0.0.1", - "grpc_port": "9002", - "rest_disabled": "false", - "rest_host": "127.0.0.1", - "rest_port": "9003", - "no_macaroons": "false" - }, - "rtl": { - "repo": "https://github.com/Ride-The-Lightning/RTL.git", - "revision": "v0.12.1", - "host": "10.1.1.163", - "port": "3000" - }, - "lndhub": { - "repo": "https://gitea.kosmos.org/kosmos/lndhub.git", - "revision": "master", - "port": "3023", - "domain": "lndhub.kosmos.org" - }, - "dotnet": { - "ms_packages_src_url": "https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb", - "ms_packages_src_checksum": "4df5811c41fdded83eb9e2da9336a8dfa5594a79dc8a80133bd815f4f85b9991" - }, - "nbxplorer": { - "repo": "https://github.com/dgarage/NBXplorer", - "revision": "v2.2.20", - "source_dir": "/opt/nbxplorer", - "config_path": "/home/vagrant/.nbxplorer/Main/settings.config", - "port": "24445" - }, - "btcpay": { - "repo": "https://github.com/btcpayserver/btcpayserver", - "revision": "v1.3.7", - "source_dir": "/opt/btcpay", - "config_path": "/home/vagrant/.btcpayserver/Main/settings.config", - "log_path": "/home/vagrant/.btcpayserver/debug.log", - "port": "23001", - "domain": "btcpay.kosmos.org", - "postgres": { - "port": 5432, - "database": "btcpayserver", - "user": "satoshi" - } - } - }, - "automatic": { - "dmi": { - "dmidecode_version": "3.2", - "smbios_version": "2.5", - "structures": { - "count": "10", - "size": "450" - }, - "table_location": "0x000E1000", - "bios": { - "all_records": [ - { - "record_id": "0x0000", - "size": "0", - "application_identifier": "BIOS Information", - "Vendor": "innotek GmbH", - "Version": "VirtualBox", - "Release Date": "12/01/2006", - "Address": "0xE0000", - "Runtime Size": "128 kB", - "ROM Size": "128 kB", - "Characteristics": { - "ACPI is supported": null - } - } - ], - "vendor": "innotek GmbH", - "version": "VirtualBox", - "release_date": "12/01/2006", - "address": "0xE0000", - "runtime_size": "128 kB", - "rom_size": "128 kB" - }, - "system": { - "all_records": [ - { - "record_id": "0x0001", - "size": "1", - "application_identifier": "System Information", - "Manufacturer": "innotek GmbH", - "Product Name": "VirtualBox", - "Version": "1.2", - "Serial Number": "0", - "UUID": "7c0b7cff-656e-41d9-9a3b-6078ef1f1049", - "Wake-up Type": "Power Switch", - "SKU Number": "Not Specified", - "Family": "Virtual Machine" - } - ], - "manufacturer": "innotek GmbH", - "product_name": "VirtualBox", - "version": "1.2", - "serial_number": "0", - "uuid": "7c0b7cff-656e-41d9-9a3b-6078ef1f1049", - "wake_up_type": "Power Switch", - "sku_number": "Not Specified", - "family": "Virtual Machine" - }, - "base_board": { - "all_records": [ - { - "record_id": "0x0008", - "size": "2", - "application_identifier": "Base Board Information", - "Manufacturer": "Oracle Corporation", - "Product Name": "VirtualBox", - "Version": "1.2", - "Serial Number": "0", - "Asset Tag": "Not Specified", - "Features": { - "Board is a hosting board": null - }, - "Location In Chassis": "Not Specified", - "Chassis Handle": "0x0003", - "Type": "Motherboard", - "Contained Object Handles": "0" - } - ], - "manufacturer": "Oracle Corporation", - "product_name": "VirtualBox", - "version": "1.2", - "serial_number": "0", - "asset_tag": "Not Specified", - "location_in_chassis": "Not Specified", - "chassis_handle": "0x0003", - "type": "Motherboard", - "contained_object_handles": "0" - }, - "chassis": { - "all_records": [ - { - "record_id": "0x0003", - "size": "3", - "application_identifier": "Chassis Information", - "Manufacturer": "Oracle Corporation", - "Type": "Other", - "Lock": "Not Present", - "Version": "Not Specified", - "Serial Number": "Not Specified", - "Asset Tag": "Not Specified", - "Boot-up State": "Safe", - "Power Supply State": "Safe", - "Thermal State": "Safe", - "Security Status": "None" - } - ], - "manufacturer": "Oracle Corporation", - "type": "Other", - "lock": "Not Present", - "version": "Not Specified", - "serial_number": "Not Specified", - "asset_tag": "Not Specified", - "boot_up_state": "Safe", - "power_supply_state": "Safe", - "thermal_state": "Safe", - "security_status": "None" - }, - "oem_strings": { - "all_records": [ - { - "record_id": "0x0002", - "size": "11", - "application_identifier": "OEM Strings", - "String 1": "vboxVer_6.1.34", - "String 2": "vboxRev_150636" - } - ], - "string_1": "vboxVer_6.1.34", - "string_2": "vboxRev_150636" - } - }, - "virtualization": { - "systems": { - "vbox": "guest" - }, - "system": "vbox", - "role": "guest" - }, - "uptime_seconds": 39, - "uptime": "39 seconds", - "idletime_seconds": 42, - "idletime": "42 seconds", - "shells": [ - "/bin/sh", - "/bin/bash", - "/usr/bin/bash", - "/bin/rbash", - "/usr/bin/rbash", - "/bin/dash", - "/usr/bin/dash", - "/usr/bin/tmux", - "/usr/bin/screen" - ], - "lsb": { - "id": "Ubuntu", - "description": "Ubuntu 20.04.4 LTS", - "release": "20.04", - "codename": "focal" - }, - "memory": { - "swap": { - "cached": "0kB", - "total": "1999868kB", - "free": "1999868kB" - }, - "hugepages": { - "total": "0", - "free": "0", - "reserved": "0", - "surplus": "0" - }, - "directmap": { - "4k": "108480kB", - "2M": "940032kB" - }, - "total": "1000068kB", - "free": "207876kB", - "available": "618524kB", - "buffers": "81692kB", - "cached": "424584kB", - "active": "314544kB", - "inactive": "308884kB", - "dirty": "7920kB", - "writeback": "0kB", - "anon_pages": "135740kB", - "mapped": "66244kB", - "slab": "127900kB", - "slab_reclaimable": "81944kB", - "slab_unreclaim": "45956kB", - "page_tables": "2532kB", - "nfs_unstable": "0kB", - "bounce": "0kB", - "commit_limit": "2499900kB", - "committed_as": "431316kB", - "vmalloc_total": "34359738367kB", - "vmalloc_used": "9308kB", - "vmalloc_chunk": "0kB", - "hugepage_size": "2048kB", - "hugetlb": "0kB" - }, - "machine_id": "c671038f014e482ba1c6686dea08c7b1", - "kernel": { - "name": "Linux", - "release": "5.4.0-107-generic", - "version": "#121-Ubuntu SMP Thu Mar 24 16:04:27 UTC 2022", - "machine": "x86_64", - "processor": "x86_64", - "os": "GNU/Linux", - "modules": { - "vboxsf": { - "size": "81920", - "refcount": "12", - "version": "6.1.34 r150636" - }, - "dm_multipath": { - "size": "32768", - "refcount": "0" - }, - "scsi_dh_rdac": { - "size": "16384", - "refcount": "0", - "version": "01.00.0000.0000" - }, - "scsi_dh_emc": { - "size": "16384", - "refcount": "0" - }, - "scsi_dh_alua": { - "size": "20480", - "refcount": "0", - "version": "2.0" - }, - "intel_rapl_msr": { - "size": "20480", - "refcount": "0" - }, - "intel_rapl_common": { - "size": "24576", - "refcount": "1" - }, - "rapl": { - "size": "20480", - "refcount": "0" - }, - "input_leds": { - "size": "16384", - "refcount": "0" - }, - "serio_raw": { - "size": "20480", - "refcount": "0" - }, - "mac_hid": { - "size": "16384", - "refcount": "0" - }, - "vboxguest": { - "size": "348160", - "refcount": "2", - "version": "6.1.34 r150636" - }, - "sch_fq_codel": { - "size": "20480", - "refcount": "3" - }, - "ipmi_devintf": { - "size": "20480", - "refcount": "0" - }, - "ipmi_msghandler": { - "size": "106496", - "refcount": "1", - "version": "39.2" - }, - "msr": { - "size": "16384", - "refcount": "0" - }, - "ip_tables": { - "size": "32768", - "refcount": "0" - }, - "x_tables": { - "size": "40960", - "refcount": "1" - }, - "autofs4": { - "size": "45056", - "refcount": "2" - }, - "btrfs": { - "size": "1261568", - "refcount": "0" - }, - "zstd_compress": { - "size": "167936", - "refcount": "1" - }, - "raid10": { - "size": "61440", - "refcount": "0" - }, - "raid456": { - "size": "155648", - "refcount": "0" - }, - "async_raid6_recov": { - "size": "24576", - "refcount": "1" - }, - "async_memcpy": { - "size": "20480", - "refcount": "2" - }, - "async_pq": { - "size": "24576", - "refcount": "2" - }, - "async_xor": { - "size": "20480", - "refcount": "3" - }, - "async_tx": { - "size": "20480", - "refcount": "5" - }, - "xor": { - "size": "24576", - "refcount": "2" - }, - "raid6_pq": { - "size": "114688", - "refcount": "4" - }, - "libcrc32c": { - "size": "16384", - "refcount": "2" - }, - "raid1": { - "size": "45056", - "refcount": "0" - }, - "raid0": { - "size": "24576", - "refcount": "0" - }, - "multipath": { - "size": "20480", - "refcount": "0" - }, - "linear": { - "size": "20480", - "refcount": "0" - }, - "crct10dif_pclmul": { - "size": "16384", - "refcount": "1" - }, - "crc32_pclmul": { - "size": "16384", - "refcount": "0" - }, - "ghash_clmulni_intel": { - "size": "16384", - "refcount": "0" - }, - "vboxvideo": { - "size": "36864", - "refcount": "1", - "version": "6.1.34 r150636" - }, - "ttm": { - "size": "106496", - "refcount": "1" - }, - "drm_kms_helper": { - "size": "184320", - "refcount": "1" - }, - "syscopyarea": { - "size": "16384", - "refcount": "1" - }, - "aesni_intel": { - "size": "372736", - "refcount": "0" - }, - "crypto_simd": { - "size": "16384", - "refcount": "1" - }, - "sysfillrect": { - "size": "16384", - "refcount": "1" - }, - "cryptd": { - "size": "24576", - "refcount": "2" - }, - "sysimgblt": { - "size": "16384", - "refcount": "1" - }, - "fb_sys_fops": { - "size": "16384", - "refcount": "1" - }, - "glue_helper": { - "size": "16384", - "refcount": "1" - }, - "psmouse": { - "size": "155648", - "refcount": "0" - }, - "drm": { - "size": "491520", - "refcount": "4" - }, - "ahci": { - "size": "40960", - "refcount": "3", - "version": "3.0" - }, - "libahci": { - "size": "32768", - "refcount": "1" - }, - "e1000": { - "size": "147456", - "refcount": "0", - "version": "7.3.21-k8-NAPI" - }, - "i2c_piix4": { - "size": "28672", - "refcount": "0" - }, - "pata_acpi": { - "size": "16384", - "refcount": "0", - "version": "0.2.3" - }, - "video": { - "size": "49152", - "refcount": "0" - } - } - }, - "os": "linux", - "os_version": "5.4.0-107-generic", - "platform": "ubuntu", - "platform_version": "20.04", - "platform_family": "debian", - "block_device": { - "loop1": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop6": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop4": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop2": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop0": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop7": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "sda": { - "size": "268435456", - "removable": "0", - "model": "VBOX HARDDISK", - "rev": "1.0", - "state": "running", - "timeout": "30", - "vendor": "ATA", - "queue_depth": "32", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop5": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop3": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - } - }, - "fips": { - "kernel": { - "enabled": false - } - }, - "systemd_paths": { - "temporary": "/tmp", - "temporary-large": "/var/tmp", - "system-binaries": "/usr/bin", - "system-include": "/usr/include", - "system-library-private": "/usr/lib", - "system-library-arch": "/usr/lib/x86_64-linux-gnu", - "system-shared": "/usr/share", - "system-configuration-factory": "/usr/share/factory/etc", - "system-state-factory": "/usr/share/factory/var", - "system-configuration": "/etc", - "system-runtime": "/run", - "system-runtime-logs": "/run/log", - "system-state-private": "/var/lib", - "system-state-logs": "/var/log", - "system-state-cache": "/var/cache", - "system-state-spool": "/var/spool", - "user-binaries": "/root/.local/bin", - "user-library-private": "/root/.local/lib", - "user-library-arch": "/root/.local/lib/x86_64-linux-gnu", - "user-shared": "/root/.local/share", - "user-configuration": "/root/.config", - "user-runtime": "/run/user/1000", - "user-state-cache": "/root/.cache", - "user": "/root", - "user-documents": "/root", - "user-music": "/root", - "user-pictures": "/root", - "user-videos": "/root", - "user-download": "/root", - "user-public": "/root", - "user-templates": "/root", - "user-desktop": "/root/Desktop", - "search-binaries": "/usr/local/sbin", - "search-binaries-default": "/usr/local/sbin", - "search-library-private": "/root/.local/lib", - "search-library-arch": "/root/.local/lib/x86_64-linux-gnu", - "search-shared": "/root/.local/share", - "search-configuration-factory": "/usr/local/share/factory/etc", - "search-state-factory": "/usr/local/share/factory/var", - "search-configuration": "/root/.config" - }, - "hostnamectl": { - "static_hostname": "ubuntu2004.localdomain", - "icon_name": "computer-vm", - "chassis": "vm", - "machine_id": "c671038f014e482ba1c6686dea08c7b1", - "boot_id": "fd129507820140cb9d17afdfd19de86b", - "virtualization": "oracle", - "operating_system": "Ubuntu 20.04.4 LTS", - "kernel": "Linux 5.4.0-107-generic", - "architecture": "x86-64" - }, - "network": { - "interfaces": { - "lo": { - "mtu": "65536", - "flags": [ - "LOOPBACK", - "UP", - "LOWER_UP" - ], - "encapsulation": "Loopback", - "addresses": { - "127.0.0.1": { - "family": "inet", - "prefixlen": "8", - "netmask": "255.0.0.0", - "scope": "Node" - } - }, - "state": "unknown" - }, - "eth0": { - "type": "eth", - "number": "0", - "mtu": "1500", - "flags": [ - "BROADCAST", - "MULTICAST", - "UP", - "LOWER_UP" - ], - "encapsulation": "Ethernet", - "addresses": { - "08:00:27:B5:F3:6E": { - "family": "lladdr" - }, - "10.0.2.15": { - "family": "inet", - "prefixlen": "24", - "netmask": "255.255.255.0", - "broadcast": "10.0.2.255", - "scope": "Global" - }, - "fe80::a00:27ff:feb5:f36e": { - "family": "inet6", - "prefixlen": "64", - "scope": "Link", - "tags": [ - - ] - } - }, - "state": "up", - "arp": { - "10.0.2.2": "52:54:00:12:35:02" - }, - "routes": [ - { - "destination": "default", - "family": "inet", - "via": "10.0.2.2", - "metric": "100", - "proto": "dhcp", - "src": "10.0.2.15" - }, - { - "destination": "10.0.2.0/24", - "family": "inet", - "scope": "link", - "proto": "kernel", - "src": "10.0.2.15" - }, - { - "destination": "10.0.2.2", - "family": "inet", - "scope": "link", - "metric": "100", - "proto": "dhcp", - "src": "10.0.2.15" - }, - { - "destination": "fe80::/64", - "family": "inet6", - "metric": "256", - "proto": "kernel" - } - ], - "link_speed": 1000, - "duplex": "Full", - "port": "Twisted Pair", - "transceiver": "internal", - "auto_negotiation": "on", - "mdi_x": "off (auto)", - "ring_params": { - "max_rx": 4096, - "max_rx_mini": 0, - "max_rx_jumbo": 0, - "max_tx": 4096, - "current_rx": 256, - "current_rx_mini": 0, - "current_rx_jumbo": 0, - "current_tx": 256 - } - }, - "eth1": { - "type": "eth", - "number": "1", - "mtu": "1500", - "flags": [ - "BROADCAST", - "MULTICAST", - "UP", - "LOWER_UP" - ], - "encapsulation": "Ethernet", - "addresses": { - "08:00:27:4C:80:A3": { - "family": "lladdr" - }, - "192.168.56.6": { - "family": "inet", - "prefixlen": "24", - "netmask": "255.255.255.0", - "broadcast": "192.168.56.255", - "scope": "Global" - }, - "fe80::a00:27ff:fe4c:80a3": { - "family": "inet6", - "prefixlen": "64", - "scope": "Link", - "tags": [ - - ] - } - }, - "state": "up", - "routes": [ - { - "destination": "192.168.56.0/24", - "family": "inet", - "scope": "link", - "proto": "kernel", - "src": "192.168.56.6" - }, - { - "destination": "fe80::/64", - "family": "inet6", - "metric": "256", - "proto": "kernel" - } - ], - "link_speed": 1000, - "duplex": "Full", - "port": "Twisted Pair", - "transceiver": "internal", - "auto_negotiation": "on", - "mdi_x": "off (auto)", - "ring_params": { - "max_rx": 4096, - "max_rx_mini": 0, - "max_rx_jumbo": 0, - "max_tx": 4096, - "current_rx": 256, - "current_rx_mini": 0, - "current_rx_jumbo": 0, - "current_tx": 256 - } - } - }, - "default_interface": "eth0", - "default_gateway": "10.0.2.2" - }, - "counters": { - "network": { - "interfaces": { - "lo": { - "tx": { - "queuelen": "1000", - "bytes": "3720", - "packets": "40", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "3720", - "packets": "40", - "errors": "0", - "drop": "0", - "overrun": "0" - } - }, - "eth0": { - "tx": { - "queuelen": "1000", - "bytes": "341414", - "packets": "2049", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "320104", - "packets": "2449", - "errors": "0", - "drop": "0", - "overrun": "0" - } - }, - "eth1": { - "tx": { - "queuelen": "1000", - "bytes": "1156", - "packets": "14", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "3300", - "packets": "55", - "errors": "0", - "drop": "0", - "overrun": "0" - } - } - } - } - }, - "ipaddress": "10.0.2.15", - "macaddress": "08:00:27:B5:F3:6E", - "ip6address": "fe80::a00:27ff:fe4c:80a3", - "languages": { - "perl": { - "version": "5.30.0", - "archname": "x86_64-linux-gnu-thread-multi" - }, - "c": { - "gcc": { - "target": "x86_64-linux-gnu", - "configured_with": "../src/configure -v --with-pkgversion='Ubuntu 9.4.0-1ubuntu1~20.04.1' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-9-Av3uEd/gcc-9-9.4.0/debian/tmp-nvptx/usr,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu", - "thread_model": "posix", - "description": "gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.1) ", - "version": "9.4.0" - } - }, - "ruby": { - "platform": "x86_64-linux-gnu", - "version": "2.7.0", - "release_date": "2019-12-25", - "target": "x86_64-pc-linux-gnu", - "target_cpu": "x86_64", - "target_vendor": "pc", - "target_os": "linux-gnu", - "host": "x86_64-pc-linux-gnu", - "host_cpu": "x86_64", - "host_os": "linux-gnu", - "host_vendor": "pc", - "bin_dir": "/usr/bin", - "ruby_bin": "/usr/bin/ruby2.7", - "gems_dir": "/var/lib/gems/2.7.0", - "gem_bin": "/usr/bin/gem2.7" - }, - "nodejs": { - "version": "14.19.3" - } - }, - "keys": { - "ssh": { - "host_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABgQDF990mm+o3JG3/02/VhJ4vsZyiJJ0uW3NyIxqMR7DLxT0HHBg4HX/A8UaXxCQRG2GSM9Xz20D74p84cyu9AVUfhkHTKezUn5iH7Agw18YKkR3o/VUnLUg7UCuZfPubx8rlQC/XODcz6v+VlSYKtO6nCMF/dFOrdKJ36Knhop5ms5z8fFgHwdZBJDIOutBXp95ikvugZ0HOST09T+n7SdNLOT551Poa27CNlBaN245CUe+X9gnBSxJwfztX+tXNxJn6t6MGR1AlNTm3oh0hrgCcCPnkdgYIdg6i0Luy6HHSM42tQHsNomhhJgX6BTl4zJ+lXMbcvrvzsTpheD4jMkNxX1PstAzCVlbTpviZ8jn79y1h4i1ACjL7WYH4bEeCmwOCMH3Vd6PAjt84YZ4BgGwWXU2NNB+++pOHNV/FJTLlGrYXEs4kj/ATAFRshroYNM1stVi+Rm01C4V/qYEa/0Oinv96QfB3RF9lTy866d+PKMhS5QH87HwBeJt5K1s5pzc=", - "host_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJghFhd76I/FRcW2HoOFUHZKccLMZbzucOjjf0O6MaRCCPcLqyP2h0hBqOScuayk8bPOLKLS+hwzSIqKiITJZlE=", - "host_ecdsa_type": "ecdsa-sha2-nistp256", - "host_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIBwk+ac2ZTxsapEby5jQp8KKMuSKrwzFfL2h/11NMqb8" - } - }, - "chef_packages": { - "ohai": { - "version": "15.12.0", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/ohai-15.12.0/lib/ohai" - }, - "chef": { - "version": "15.13.8", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.13.8/lib" - } - }, - "root_group": "root", - "hostname": "ubuntu2004", - "machinename": "ubuntu2004.localdomain", - "fqdn": "ubuntu2004.localdomain", - "domain": "localdomain", - "shard_seed": 8007109, - "filesystem": { - "by_device": { - "udev": { - "kb_size": "455052", - "kb_used": "0", - "kb_available": "455052", - "percent_used": "0%", - "total_inodes": "113763", - "inodes_used": "432", - "inodes_available": "113331", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=455052k", - "nr_inodes=113763", - "mode=755" - ], - "mounts": [ - "/dev" - ] - }, - "tmpfs": { - "kb_size": "100004", - "kb_used": "0", - "kb_available": "100004", - "percent_used": "0%", - "total_inodes": "125008", - "inodes_used": "22", - "inodes_available": "124986", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "relatime", - "size=100004k", - "mode=700", - "uid=1000", - "gid=1000" - ], - "mounts": [ - "/run", - "/dev/shm", - "/run/lock", - "/sys/fs/cgroup", - "/run/user/1000" - ] - }, - "/dev/sda3": { - "kb_size": "129125532", - "kb_used": "4324236", - "kb_available": "118199056", - "percent_used": "4%", - "total_inodes": "8232960", - "inodes_used": "166382", - "inodes_available": "8066578", - "inodes_percent_used": "3%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime", - "errors=remount-ro" - ], - "uuid": "93e56e87-d555-49b8-ae66-eb769adcaa6e", - "mounts": [ - "/" - ] - }, - "/dev/sda1": { - "kb_size": "466664", - "kb_used": "206192", - "kb_available": "225568", - "percent_used": "48%", - "total_inodes": "124672", - "inodes_used": "316", - "inodes_available": "124356", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "6ea96ce0-09f5-4ad4-b6bb-b98789081685", - "mounts": [ - "/boot" - ] - }, - "v-csc-739684c4d": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/598d2b35b952f08e3f21d97a80fa7b8b/cookbooks" - ] - }, - "v-csc-1cb8244c4": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/10487ca2c138d025bf56ec2f9d36b3df/cookbooks" - ] - }, - "v-cse-b51052476": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/4ef9f7054db7390e352845d1b823179a/environments" - ] - }, - "v-csr-09c2592a7": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/a2b3b9ec0045ddd6811a62f251a38d0b/roles" - ] - }, - "v-csdb-967c7b1df": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/ee47c56074bd9d8f6bf1ffe056e04234/data_bags" - ] - }, - "v-csn-d26196e28": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/f43d5826f5c6edbc529dd61f2374efd8/nodes" - ] - }, - "sysfs": { - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys" - ] - }, - "proc": { - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/proc" - ] - }, - "devpts": { - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ], - "mounts": [ - "/dev/pts" - ] - }, - "securityfs": { - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/security" - ] - }, - "cgroup2": { - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ], - "mounts": [ - "/sys/fs/cgroup/unified" - ] - }, - "cgroup": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "pids" - ], - "mounts": [ - "/sys/fs/cgroup/systemd", - "/sys/fs/cgroup/net_cls,net_prio", - "/sys/fs/cgroup/cpuset", - "/sys/fs/cgroup/freezer", - "/sys/fs/cgroup/devices", - "/sys/fs/cgroup/cpu,cpuacct", - "/sys/fs/cgroup/memory", - "/sys/fs/cgroup/hugetlb", - "/sys/fs/cgroup/blkio", - "/sys/fs/cgroup/rdma", - "/sys/fs/cgroup/perf_event", - "/sys/fs/cgroup/pids" - ] - }, - "pstore": { - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/fs/pstore" - ] - }, - "none": { - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ], - "mounts": [ - "/sys/fs/bpf" - ] - }, - "systemd-1": { - "fs_type": "autofs", - "mount_options": [ - "rw", - "relatime", - "fd=28", - "pgrp=1", - "timeout=0", - "minproto=5", - "maxproto=5", - "direct", - "pipe_ino=16437" - ], - "mounts": [ - "/proc/sys/fs/binfmt_misc" - ] - }, - "hugetlbfs": { - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ], - "mounts": [ - "/dev/hugepages" - ] - }, - "mqueue": { - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/dev/mqueue" - ] - }, - "tracefs": { - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/tracing" - ] - }, - "debugfs": { - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/debug" - ] - }, - "fusectl": { - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/fs/fuse/connections" - ] - }, - "configfs": { - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/config" - ] - }, - "/dev/sda": { - "mounts": [ - - ] - }, - "/dev/sda2": { - "fs_type": "swap", - "uuid": "5bde3f46-fa48-4232-b33d-3a2e2a012b78", - "mounts": [ - - ] - } - }, - "by_mountpoint": { - "/dev": { - "kb_size": "455052", - "kb_used": "0", - "kb_available": "455052", - "percent_used": "0%", - "total_inodes": "113763", - "inodes_used": "432", - "inodes_available": "113331", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=455052k", - "nr_inodes=113763", - "mode=755" - ], - "devices": [ - "udev" - ] - }, - "/run": { - "kb_size": "100008", - "kb_used": "984", - "kb_available": "99024", - "percent_used": "1%", - "total_inodes": "125008", - "inodes_used": "654", - "inodes_available": "124354", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100008k", - "mode=755" - ], - "devices": [ - "tmpfs" - ] - }, - "/": { - "kb_size": "129125532", - "kb_used": "4324236", - "kb_available": "118199056", - "percent_used": "4%", - "total_inodes": "8232960", - "inodes_used": "166382", - "inodes_available": "8066578", - "inodes_percent_used": "3%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime", - "errors=remount-ro" - ], - "uuid": "93e56e87-d555-49b8-ae66-eb769adcaa6e", - "devices": [ - "/dev/sda3" - ] - }, - "/dev/shm": { - "kb_size": "500032", - "kb_used": "0", - "kb_available": "500032", - "percent_used": "0%", - "total_inodes": "125008", - "inodes_used": "4", - "inodes_available": "125004", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev" - ], - "devices": [ - "tmpfs" - ] - }, - "/run/lock": { - "kb_size": "5120", - "kb_used": "0", - "kb_available": "5120", - "percent_used": "0%", - "total_inodes": "125008", - "inodes_used": "4", - "inodes_available": "125004", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=5120k" - ], - "devices": [ - "tmpfs" - ] - }, - "/sys/fs/cgroup": { - "kb_size": "500032", - "kb_used": "0", - "kb_available": "500032", - "percent_used": "0%", - "total_inodes": "125008", - "inodes_used": "18", - "inodes_available": "124990", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "ro", - "nosuid", - "nodev", - "noexec", - "mode=755" - ], - "devices": [ - "tmpfs" - ] - }, - "/boot": { - "kb_size": "466664", - "kb_used": "206192", - "kb_available": "225568", - "percent_used": "48%", - "total_inodes": "124672", - "inodes_used": "316", - "inodes_available": "124356", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "6ea96ce0-09f5-4ad4-b6bb-b98789081685", - "devices": [ - "/dev/sda1" - ] - }, - "/tmp/vagrant-chef/598d2b35b952f08e3f21d97a80fa7b8b/cookbooks": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csc-739684c4d" - ] - }, - "/tmp/vagrant-chef/10487ca2c138d025bf56ec2f9d36b3df/cookbooks": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csc-1cb8244c4" - ] - }, - "/tmp/vagrant-chef/4ef9f7054db7390e352845d1b823179a/environments": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-cse-b51052476" - ] - }, - "/tmp/vagrant-chef/a2b3b9ec0045ddd6811a62f251a38d0b/roles": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csr-09c2592a7" - ] - }, - "/tmp/vagrant-chef/ee47c56074bd9d8f6bf1ffe056e04234/data_bags": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csdb-967c7b1df" - ] - }, - "/tmp/vagrant-chef/f43d5826f5c6edbc529dd61f2374efd8/nodes": { - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csn-d26196e28" - ] - }, - "/run/user/1000": { - "kb_size": "100004", - "kb_used": "0", - "kb_available": "100004", - "percent_used": "0%", - "total_inodes": "125008", - "inodes_used": "22", - "inodes_available": "124986", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "relatime", - "size=100004k", - "mode=700", - "uid=1000", - "gid=1000" - ], - "devices": [ - "tmpfs" - ] - }, - "/sys": { - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "sysfs" - ] - }, - "/proc": { - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "proc" - ] - }, - "/dev/pts": { - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ], - "devices": [ - "devpts" - ] - }, - "/sys/kernel/security": { - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "securityfs" - ] - }, - "/sys/fs/cgroup/unified": { - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ], - "devices": [ - "cgroup2" - ] - }, - "/sys/fs/cgroup/systemd": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "xattr", - "name=systemd" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/pstore": { - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "pstore" - ] - }, - "/sys/fs/bpf": { - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ], - "devices": [ - "none" - ] - }, - "/sys/fs/cgroup/net_cls,net_prio": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "net_cls", - "net_prio" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/cpuset": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpuset" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/freezer": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "freezer" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/devices": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "devices" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/cpu,cpuacct": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpu", - "cpuacct" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/memory": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "memory" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/hugetlb": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "hugetlb" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/blkio": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "blkio" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/rdma": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "rdma" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/perf_event": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "perf_event" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/pids": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "pids" - ], - "devices": [ - "cgroup" - ] - }, - "/proc/sys/fs/binfmt_misc": { - "fs_type": "autofs", - "mount_options": [ - "rw", - "relatime", - "fd=28", - "pgrp=1", - "timeout=0", - "minproto=5", - "maxproto=5", - "direct", - "pipe_ino=16437" - ], - "devices": [ - "systemd-1" - ] - }, - "/dev/hugepages": { - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ], - "devices": [ - "hugetlbfs" - ] - }, - "/dev/mqueue": { - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "mqueue" - ] - }, - "/sys/kernel/tracing": { - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "tracefs" - ] - }, - "/sys/kernel/debug": { - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "debugfs" - ] - }, - "/sys/fs/fuse/connections": { - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "fusectl" - ] - }, - "/sys/kernel/config": { - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "configfs" - ] - } - }, - "by_pair": { - "udev,/dev": { - "device": "udev", - "kb_size": "455052", - "kb_used": "0", - "kb_available": "455052", - "percent_used": "0%", - "mount": "/dev", - "total_inodes": "113763", - "inodes_used": "432", - "inodes_available": "113331", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=455052k", - "nr_inodes=113763", - "mode=755" - ] - }, - "tmpfs,/run": { - "device": "tmpfs", - "kb_size": "100008", - "kb_used": "984", - "kb_available": "99024", - "percent_used": "1%", - "mount": "/run", - "total_inodes": "125008", - "inodes_used": "654", - "inodes_available": "124354", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100008k", - "mode=755" - ] - }, - "/dev/sda3,/": { - "device": "/dev/sda3", - "kb_size": "129125532", - "kb_used": "4324236", - "kb_available": "118199056", - "percent_used": "4%", - "mount": "/", - "total_inodes": "8232960", - "inodes_used": "166382", - "inodes_available": "8066578", - "inodes_percent_used": "3%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime", - "errors=remount-ro" - ], - "uuid": "93e56e87-d555-49b8-ae66-eb769adcaa6e" - }, - "tmpfs,/dev/shm": { - "device": "tmpfs", - "kb_size": "500032", - "kb_used": "0", - "kb_available": "500032", - "percent_used": "0%", - "mount": "/dev/shm", - "total_inodes": "125008", - "inodes_used": "4", - "inodes_available": "125004", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev" - ] - }, - "tmpfs,/run/lock": { - "device": "tmpfs", - "kb_size": "5120", - "kb_used": "0", - "kb_available": "5120", - "percent_used": "0%", - "mount": "/run/lock", - "total_inodes": "125008", - "inodes_used": "4", - "inodes_available": "125004", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=5120k" - ] - }, - "tmpfs,/sys/fs/cgroup": { - "device": "tmpfs", - "kb_size": "500032", - "kb_used": "0", - "kb_available": "500032", - "percent_used": "0%", - "mount": "/sys/fs/cgroup", - "total_inodes": "125008", - "inodes_used": "18", - "inodes_available": "124990", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "ro", - "nosuid", - "nodev", - "noexec", - "mode=755" - ] - }, - "/dev/sda1,/boot": { - "device": "/dev/sda1", - "kb_size": "466664", - "kb_used": "206192", - "kb_available": "225568", - "percent_used": "48%", - "mount": "/boot", - "total_inodes": "124672", - "inodes_used": "316", - "inodes_available": "124356", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "6ea96ce0-09f5-4ad4-b6bb-b98789081685" - }, - "v-csc-739684c4d,/tmp/vagrant-chef/598d2b35b952f08e3f21d97a80fa7b8b/cookbooks": { - "device": "v-csc-739684c4d", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/598d2b35b952f08e3f21d97a80fa7b8b/cookbooks", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csc-1cb8244c4,/tmp/vagrant-chef/10487ca2c138d025bf56ec2f9d36b3df/cookbooks": { - "device": "v-csc-1cb8244c4", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/10487ca2c138d025bf56ec2f9d36b3df/cookbooks", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-cse-b51052476,/tmp/vagrant-chef/4ef9f7054db7390e352845d1b823179a/environments": { - "device": "v-cse-b51052476", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/4ef9f7054db7390e352845d1b823179a/environments", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csr-09c2592a7,/tmp/vagrant-chef/a2b3b9ec0045ddd6811a62f251a38d0b/roles": { - "device": "v-csr-09c2592a7", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/a2b3b9ec0045ddd6811a62f251a38d0b/roles", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csdb-967c7b1df,/tmp/vagrant-chef/ee47c56074bd9d8f6bf1ffe056e04234/data_bags": { - "device": "v-csdb-967c7b1df", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/ee47c56074bd9d8f6bf1ffe056e04234/data_bags", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csn-d26196e28,/tmp/vagrant-chef/f43d5826f5c6edbc529dd61f2374efd8/nodes": { - "device": "v-csn-d26196e28", - "kb_size": "976235204", - "kb_used": "667525544", - "kb_available": "308709660", - "percent_used": "69%", - "mount": "/tmp/vagrant-chef/f43d5826f5c6edbc529dd61f2374efd8/nodes", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "tmpfs,/run/user/1000": { - "device": "tmpfs", - "kb_size": "100004", - "kb_used": "0", - "kb_available": "100004", - "percent_used": "0%", - "mount": "/run/user/1000", - "total_inodes": "125008", - "inodes_used": "22", - "inodes_available": "124986", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "relatime", - "size=100004k", - "mode=700", - "uid=1000", - "gid=1000" - ] - }, - "sysfs,/sys": { - "device": "sysfs", - "mount": "/sys", - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "proc,/proc": { - "device": "proc", - "mount": "/proc", - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "devpts,/dev/pts": { - "device": "devpts", - "mount": "/dev/pts", - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ] - }, - "securityfs,/sys/kernel/security": { - "device": "securityfs", - "mount": "/sys/kernel/security", - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "cgroup2,/sys/fs/cgroup/unified": { - "device": "cgroup2", - "mount": "/sys/fs/cgroup/unified", - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ] - }, - "cgroup,/sys/fs/cgroup/systemd": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/systemd", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "xattr", - "name=systemd" - ] - }, - "pstore,/sys/fs/pstore": { - "device": "pstore", - "mount": "/sys/fs/pstore", - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "none,/sys/fs/bpf": { - "device": "none", - "mount": "/sys/fs/bpf", - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ] - }, - "cgroup,/sys/fs/cgroup/net_cls,net_prio": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/net_cls,net_prio", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "net_cls", - "net_prio" - ] - }, - "cgroup,/sys/fs/cgroup/cpuset": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/cpuset", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpuset" - ] - }, - "cgroup,/sys/fs/cgroup/freezer": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/freezer", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "freezer" - ] - }, - "cgroup,/sys/fs/cgroup/devices": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/devices", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "devices" - ] - }, - "cgroup,/sys/fs/cgroup/cpu,cpuacct": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/cpu,cpuacct", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpu", - "cpuacct" - ] - }, - "cgroup,/sys/fs/cgroup/memory": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/memory", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "memory" - ] - }, - "cgroup,/sys/fs/cgroup/hugetlb": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/hugetlb", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "hugetlb" - ] - }, - "cgroup,/sys/fs/cgroup/blkio": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/blkio", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "blkio" - ] - }, - "cgroup,/sys/fs/cgroup/rdma": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/rdma", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "rdma" - ] - }, - "cgroup,/sys/fs/cgroup/perf_event": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/perf_event", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "perf_event" - ] - }, - "cgroup,/sys/fs/cgroup/pids": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/pids", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "pids" - ] - }, - "systemd-1,/proc/sys/fs/binfmt_misc": { - "device": "systemd-1", - "mount": "/proc/sys/fs/binfmt_misc", - "fs_type": "autofs", - "mount_options": [ - "rw", - "relatime", - "fd=28", - "pgrp=1", - "timeout=0", - "minproto=5", - "maxproto=5", - "direct", - "pipe_ino=16437" - ] - }, - "hugetlbfs,/dev/hugepages": { - "device": "hugetlbfs", - "mount": "/dev/hugepages", - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ] - }, - "mqueue,/dev/mqueue": { - "device": "mqueue", - "mount": "/dev/mqueue", - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "tracefs,/sys/kernel/tracing": { - "device": "tracefs", - "mount": "/sys/kernel/tracing", - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "debugfs,/sys/kernel/debug": { - "device": "debugfs", - "mount": "/sys/kernel/debug", - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "fusectl,/sys/fs/fuse/connections": { - "device": "fusectl", - "mount": "/sys/fs/fuse/connections", - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "configfs,/sys/kernel/config": { - "device": "configfs", - "mount": "/sys/kernel/config", - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "/dev/sda,": { - "device": "/dev/sda" - }, - "/dev/sda2,": { - "device": "/dev/sda2", - "fs_type": "swap", - "uuid": "5bde3f46-fa48-4232-b33d-3a2e2a012b78" - } - } - }, - "sysconf": { - "LINK_MAX": 65000, - "_POSIX_LINK_MAX": 65000, - "MAX_CANON": 255, - "_POSIX_MAX_CANON": 255, - "MAX_INPUT": 255, - "_POSIX_MAX_INPUT": 255, - "NAME_MAX": 255, - "_POSIX_NAME_MAX": 255, - "PATH_MAX": 4096, - "_POSIX_PATH_MAX": 4096, - "PIPE_BUF": 4096, - "_POSIX_PIPE_BUF": 4096, - "SOCK_MAXBUF": null, - "_POSIX_ASYNC_IO": null, - "_POSIX_CHOWN_RESTRICTED": 1, - "_POSIX_NO_TRUNC": 1, - "_POSIX_PRIO_IO": null, - "_POSIX_SYNC_IO": null, - "_POSIX_VDISABLE": 0, - "ARG_MAX": 2097152, - "ATEXIT_MAX": 2147483647, - "CHAR_BIT": 8, - "CHAR_MAX": 127, - "CHAR_MIN": -128, - "CHILD_MAX": 3554, - "CLK_TCK": 100, - "INT_MAX": 2147483647, - "INT_MIN": -2147483648, - "IOV_MAX": 1024, - "LOGNAME_MAX": 256, - "LONG_BIT": 64, - "MB_LEN_MAX": 16, - "NGROUPS_MAX": 65536, - "NL_ARGMAX": 4096, - "NL_LANGMAX": 2048, - "NL_MSGMAX": 2147483647, - "NL_NMAX": 2147483647, - "NL_SETMAX": 2147483647, - "NL_TEXTMAX": 2147483647, - "NSS_BUFLEN_GROUP": 1024, - "NSS_BUFLEN_PASSWD": 1024, - "NZERO": 20, - "OPEN_MAX": 1024, - "PAGESIZE": 4096, - "PAGE_SIZE": 4096, - "PASS_MAX": 8192, - "PTHREAD_DESTRUCTOR_ITERATIONS": 4, - "PTHREAD_KEYS_MAX": 1024, - "PTHREAD_STACK_MIN": 16384, - "PTHREAD_THREADS_MAX": null, - "SCHAR_MAX": 127, - "SCHAR_MIN": -128, - "SHRT_MAX": 32767, - "SHRT_MIN": -32768, - "SSIZE_MAX": 32767, - "TTY_NAME_MAX": 32, - "TZNAME_MAX": null, - "UCHAR_MAX": 255, - "UINT_MAX": 4294967295, - "UIO_MAXIOV": 1024, - "ULONG_MAX": 18446744073709551615, - "USHRT_MAX": 65535, - "WORD_BIT": 32, - "_AVPHYS_PAGES": 45736, - "_NPROCESSORS_CONF": 2, - "_NPROCESSORS_ONLN": 2, - "_PHYS_PAGES": 250017, - "_POSIX_ARG_MAX": 2097152, - "_POSIX_ASYNCHRONOUS_IO": 200809, - "_POSIX_CHILD_MAX": 3554, - "_POSIX_FSYNC": 200809, - "_POSIX_JOB_CONTROL": 1, - "_POSIX_MAPPED_FILES": 200809, - "_POSIX_MEMLOCK": 200809, - "_POSIX_MEMLOCK_RANGE": 200809, - "_POSIX_MEMORY_PROTECTION": 200809, - "_POSIX_MESSAGE_PASSING": 200809, - "_POSIX_NGROUPS_MAX": 65536, - "_POSIX_OPEN_MAX": 1024, - "_POSIX_PII": null, - "_POSIX_PII_INTERNET": null, - "_POSIX_PII_INTERNET_DGRAM": null, - "_POSIX_PII_INTERNET_STREAM": null, - "_POSIX_PII_OSI": null, - "_POSIX_PII_OSI_CLTS": null, - "_POSIX_PII_OSI_COTS": null, - "_POSIX_PII_OSI_M": null, - "_POSIX_PII_SOCKET": null, - "_POSIX_PII_XTI": null, - "_POSIX_POLL": null, - "_POSIX_PRIORITIZED_IO": 200809, - "_POSIX_PRIORITY_SCHEDULING": 200809, - "_POSIX_REALTIME_SIGNALS": 200809, - "_POSIX_SAVED_IDS": 1, - "_POSIX_SELECT": null, - "_POSIX_SEMAPHORES": 200809, - "_POSIX_SHARED_MEMORY_OBJECTS": 200809, - "_POSIX_SSIZE_MAX": 32767, - "_POSIX_STREAM_MAX": 16, - "_POSIX_SYNCHRONIZED_IO": 200809, - "_POSIX_THREADS": 200809, - "_POSIX_THREAD_ATTR_STACKADDR": 200809, - "_POSIX_THREAD_ATTR_STACKSIZE": 200809, - "_POSIX_THREAD_PRIORITY_SCHEDULING": 200809, - "_POSIX_THREAD_PRIO_INHERIT": 200809, - "_POSIX_THREAD_PRIO_PROTECT": 200809, - "_POSIX_THREAD_ROBUST_PRIO_INHERIT": null, - "_POSIX_THREAD_ROBUST_PRIO_PROTECT": null, - "_POSIX_THREAD_PROCESS_SHARED": 200809, - "_POSIX_THREAD_SAFE_FUNCTIONS": 200809, - "_POSIX_TIMERS": 200809, - "TIMER_MAX": null, - "_POSIX_TZNAME_MAX": null, - "_POSIX_VERSION": 200809, - "_T_IOV_MAX": null, - "_XOPEN_CRYPT": null, - "_XOPEN_ENH_I18N": 1, - "_XOPEN_LEGACY": 1, - "_XOPEN_REALTIME": 1, - "_XOPEN_REALTIME_THREADS": 1, - "_XOPEN_SHM": 1, - "_XOPEN_UNIX": 1, - "_XOPEN_VERSION": 700, - "_XOPEN_XCU_VERSION": 4, - "_XOPEN_XPG2": 1, - "_XOPEN_XPG3": 1, - "_XOPEN_XPG4": 1, - "BC_BASE_MAX": 99, - "BC_DIM_MAX": 2048, - "BC_SCALE_MAX": 99, - "BC_STRING_MAX": 1000, - "CHARCLASS_NAME_MAX": 2048, - "COLL_WEIGHTS_MAX": 255, - "EQUIV_CLASS_MAX": null, - "EXPR_NEST_MAX": 32, - "LINE_MAX": 2048, - "POSIX2_BC_BASE_MAX": 99, - "POSIX2_BC_DIM_MAX": 2048, - "POSIX2_BC_SCALE_MAX": 99, - "POSIX2_BC_STRING_MAX": 1000, - "POSIX2_CHAR_TERM": 200809, - "POSIX2_COLL_WEIGHTS_MAX": 255, - "POSIX2_C_BIND": 200809, - "POSIX2_C_DEV": 200809, - "POSIX2_C_VERSION": 200809, - "POSIX2_EXPR_NEST_MAX": 32, - "POSIX2_FORT_DEV": null, - "POSIX2_FORT_RUN": null, - "_POSIX2_LINE_MAX": 2048, - "POSIX2_LINE_MAX": 2048, - "POSIX2_LOCALEDEF": 200809, - "POSIX2_RE_DUP_MAX": 32767, - "POSIX2_SW_DEV": 200809, - "POSIX2_UPE": null, - "POSIX2_VERSION": 200809, - "RE_DUP_MAX": 32767, - "PATH": "/bin:/usr/bin", - "CS_PATH": "/bin:/usr/bin", - "LFS_CFLAGS": null, - "LFS_LDFLAGS": null, - "LFS_LIBS": null, - "LFS_LINTFLAGS": null, - "LFS64_CFLAGS": "-D_LARGEFILE64_SOURCE", - "LFS64_LDFLAGS": null, - "LFS64_LIBS": null, - "LFS64_LINTFLAGS": "-D_LARGEFILE64_SOURCE", - "_XBS5_WIDTH_RESTRICTED_ENVS": "XBS5_LP64_OFF64", - "XBS5_WIDTH_RESTRICTED_ENVS": "XBS5_LP64_OFF64", - "_XBS5_ILP32_OFF32": null, - "XBS5_ILP32_OFF32_CFLAGS": null, - "XBS5_ILP32_OFF32_LDFLAGS": null, - "XBS5_ILP32_OFF32_LIBS": null, - "XBS5_ILP32_OFF32_LINTFLAGS": null, - "_XBS5_ILP32_OFFBIG": null, - "XBS5_ILP32_OFFBIG_CFLAGS": null, - "XBS5_ILP32_OFFBIG_LDFLAGS": null, - "XBS5_ILP32_OFFBIG_LIBS": null, - "XBS5_ILP32_OFFBIG_LINTFLAGS": null, - "_XBS5_LP64_OFF64": 1, - "XBS5_LP64_OFF64_CFLAGS": "-m64", - "XBS5_LP64_OFF64_LDFLAGS": "-m64", - "XBS5_LP64_OFF64_LIBS": null, - "XBS5_LP64_OFF64_LINTFLAGS": null, - "_XBS5_LPBIG_OFFBIG": null, - "XBS5_LPBIG_OFFBIG_CFLAGS": null, - "XBS5_LPBIG_OFFBIG_LDFLAGS": null, - "XBS5_LPBIG_OFFBIG_LIBS": null, - "XBS5_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_V6_ILP32_OFF32": null, - "POSIX_V6_ILP32_OFF32_CFLAGS": null, - "POSIX_V6_ILP32_OFF32_LDFLAGS": null, - "POSIX_V6_ILP32_OFF32_LIBS": null, - "POSIX_V6_ILP32_OFF32_LINTFLAGS": null, - "_POSIX_V6_WIDTH_RESTRICTED_ENVS": "POSIX_V6_LP64_OFF64", - "POSIX_V6_WIDTH_RESTRICTED_ENVS": "POSIX_V6_LP64_OFF64", - "_POSIX_V6_ILP32_OFFBIG": null, - "POSIX_V6_ILP32_OFFBIG_CFLAGS": null, - "POSIX_V6_ILP32_OFFBIG_LDFLAGS": null, - "POSIX_V6_ILP32_OFFBIG_LIBS": null, - "POSIX_V6_ILP32_OFFBIG_LINTFLAGS": null, - "_POSIX_V6_LP64_OFF64": 1, - "POSIX_V6_LP64_OFF64_CFLAGS": "-m64", - "POSIX_V6_LP64_OFF64_LDFLAGS": "-m64", - "POSIX_V6_LP64_OFF64_LIBS": null, - "POSIX_V6_LP64_OFF64_LINTFLAGS": null, - "_POSIX_V6_LPBIG_OFFBIG": null, - "POSIX_V6_LPBIG_OFFBIG_CFLAGS": null, - "POSIX_V6_LPBIG_OFFBIG_LDFLAGS": null, - "POSIX_V6_LPBIG_OFFBIG_LIBS": null, - "POSIX_V6_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_V7_ILP32_OFF32": null, - "POSIX_V7_ILP32_OFF32_CFLAGS": null, - "POSIX_V7_ILP32_OFF32_LDFLAGS": null, - "POSIX_V7_ILP32_OFF32_LIBS": null, - "POSIX_V7_ILP32_OFF32_LINTFLAGS": null, - "_POSIX_V7_WIDTH_RESTRICTED_ENVS": "POSIX_V7_LP64_OFF64", - "POSIX_V7_WIDTH_RESTRICTED_ENVS": "POSIX_V7_LP64_OFF64", - "_POSIX_V7_ILP32_OFFBIG": null, - "POSIX_V7_ILP32_OFFBIG_CFLAGS": null, - "POSIX_V7_ILP32_OFFBIG_LDFLAGS": null, - "POSIX_V7_ILP32_OFFBIG_LIBS": null, - "POSIX_V7_ILP32_OFFBIG_LINTFLAGS": null, - "_POSIX_V7_LP64_OFF64": 1, - "POSIX_V7_LP64_OFF64_CFLAGS": "-m64", - "POSIX_V7_LP64_OFF64_LDFLAGS": "-m64", - "POSIX_V7_LP64_OFF64_LIBS": null, - "POSIX_V7_LP64_OFF64_LINTFLAGS": null, - "_POSIX_V7_LPBIG_OFFBIG": null, - "POSIX_V7_LPBIG_OFFBIG_CFLAGS": null, - "POSIX_V7_LPBIG_OFFBIG_LDFLAGS": null, - "POSIX_V7_LPBIG_OFFBIG_LIBS": null, - "POSIX_V7_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_ADVISORY_INFO": 200809, - "_POSIX_BARRIERS": 200809, - "_POSIX_BASE": null, - "_POSIX_C_LANG_SUPPORT": null, - "_POSIX_C_LANG_SUPPORT_R": null, - "_POSIX_CLOCK_SELECTION": 200809, - "_POSIX_CPUTIME": 200809, - "_POSIX_THREAD_CPUTIME": 200809, - "_POSIX_DEVICE_SPECIFIC": null, - "_POSIX_DEVICE_SPECIFIC_R": null, - "_POSIX_FD_MGMT": null, - "_POSIX_FIFO": null, - "_POSIX_PIPE": null, - "_POSIX_FILE_ATTRIBUTES": null, - "_POSIX_FILE_LOCKING": null, - "_POSIX_FILE_SYSTEM": null, - "_POSIX_MONOTONIC_CLOCK": 200809, - "_POSIX_MULTI_PROCESS": null, - "_POSIX_SINGLE_PROCESS": null, - "_POSIX_NETWORKING": null, - "_POSIX_READER_WRITER_LOCKS": 200809, - "_POSIX_SPIN_LOCKS": 200809, - "_POSIX_REGEXP": 1, - "_REGEX_VERSION": null, - "_POSIX_SHELL": 1, - "_POSIX_SIGNALS": null, - "_POSIX_SPAWN": 200809, - "_POSIX_SPORADIC_SERVER": null, - "_POSIX_THREAD_SPORADIC_SERVER": null, - "_POSIX_SYSTEM_DATABASE": null, - "_POSIX_SYSTEM_DATABASE_R": null, - "_POSIX_TIMEOUTS": 200809, - "_POSIX_TYPED_MEMORY_OBJECTS": null, - "_POSIX_USER_GROUPS": null, - "_POSIX_USER_GROUPS_R": null, - "POSIX2_PBS": null, - "POSIX2_PBS_ACCOUNTING": null, - "POSIX2_PBS_LOCATE": null, - "POSIX2_PBS_TRACK": null, - "POSIX2_PBS_MESSAGE": null, - "SYMLOOP_MAX": null, - "STREAM_MAX": 16, - "AIO_LISTIO_MAX": null, - "AIO_MAX": null, - "AIO_PRIO_DELTA_MAX": 20, - "DELAYTIMER_MAX": 2147483647, - "HOST_NAME_MAX": 64, - "LOGIN_NAME_MAX": 256, - "MQ_OPEN_MAX": null, - "MQ_PRIO_MAX": 32768, - "_POSIX_DEVICE_IO": null, - "_POSIX_TRACE": null, - "_POSIX_TRACE_EVENT_FILTER": null, - "_POSIX_TRACE_INHERIT": null, - "_POSIX_TRACE_LOG": null, - "RTSIG_MAX": 32, - "SEM_NSEMS_MAX": null, - "SEM_VALUE_MAX": 2147483647, - "SIGQUEUE_MAX": 3554, - "FILESIZEBITS": 64, - "POSIX_ALLOC_SIZE_MIN": 4096, - "POSIX_REC_INCR_XFER_SIZE": null, - "POSIX_REC_MAX_XFER_SIZE": null, - "POSIX_REC_MIN_XFER_SIZE": 4096, - "POSIX_REC_XFER_ALIGN": 4096, - "SYMLINK_MAX": null, - "GNU_LIBC_VERSION": "glibc 2.31", - "GNU_LIBPTHREAD_VERSION": "NPTL 2.31", - "POSIX2_SYMLINKS": 1, - "LEVEL1_ICACHE_SIZE": 32768, - "LEVEL1_ICACHE_ASSOC": 8, - "LEVEL1_ICACHE_LINESIZE": 64, - "LEVEL1_DCACHE_SIZE": 32768, - "LEVEL1_DCACHE_ASSOC": 8, - "LEVEL1_DCACHE_LINESIZE": 64, - "LEVEL2_CACHE_SIZE": 262144, - "LEVEL2_CACHE_ASSOC": 4, - "LEVEL2_CACHE_LINESIZE": 64, - "LEVEL3_CACHE_SIZE": 3145728, - "LEVEL3_CACHE_ASSOC": 12, - "LEVEL3_CACHE_LINESIZE": 64, - "LEVEL4_CACHE_SIZE": 0, - "LEVEL4_CACHE_ASSOC": 0, - "LEVEL4_CACHE_LINESIZE": 0, - "IPV6": 200809, - "RAW_SOCKETS": 200809, - "_POSIX_IPV6": 200809, - "_POSIX_RAW_SOCKETS": 200809 - }, - "command": { - "ps": "ps -ef" - }, - "packages": { - "accountsservice": { - "version": "0.6.55-0ubuntu12~20.04.5", - "arch": "amd64" - }, - "adduser": { - "version": "3.118ubuntu2", - "arch": "all" - }, - "adwaita-icon-theme": { - "version": "3.36.1-2ubuntu0.20.04.2", - "arch": "all" - }, - "alsa-topology-conf": { - "version": "1.2.2-1", - "arch": "all" - }, - "alsa-ucm-conf": { - "version": "1.2.2-1ubuntu0.13", - "arch": "all" - }, - "amd64-microcode": { - "version": "3.20191218.1ubuntu1", - "arch": "amd64" - }, - "apparmor": { - "version": "2.13.3-7ubuntu5.1", - "arch": "amd64" - }, - "apport": { - "version": "2.20.11-0ubuntu27.23", - "arch": "all" - }, - "apport-symptoms": { - "version": "0.23", - "arch": "all" - }, - "apt": { - "version": "2.0.6", - "arch": "amd64" - }, - "apt-transport-https": { - "version": "2.0.8", - "arch": "all" - }, - "apt-utils": { - "version": "2.0.6", - "arch": "amd64" - }, - "at": { - "version": "3.1.23-1ubuntu1", - "arch": "amd64" - }, - "at-spi2-core": { - "version": "2.36.0-2", - "arch": "amd64" - }, - "base-files": { - "version": "11ubuntu5.5", - "arch": "amd64" - }, - "base-passwd": { - "version": "3.5.47", - "arch": "amd64" - }, - "bash": { - "version": "5.0-6ubuntu1.1", - "arch": "amd64" - }, - "bash-completion": { - "version": "1:2.10-1ubuntu1", - "arch": "all" - }, - "bc": { - "version": "1.07.1-2build1", - "arch": "amd64" - }, - "bcache-tools": { - "version": "1.0.8-3ubuntu0.1", - "arch": "amd64" - }, - "bind9-dnsutils": { - "version": "1:9.16.1-0ubuntu2.10", - "arch": "amd64" - }, - "bind9-host": { - "version": "1:9.16.1-0ubuntu2.10", - "arch": "amd64" - }, - "bind9-libs": { - "version": "1:9.16.1-0ubuntu2.10", - "arch": "amd64" - }, - "binutils": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "binutils-common": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "binutils-x86-64-linux-gnu": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "bolt": { - "version": "0.9.1-2~ubuntu20.04.1", - "arch": "amd64" - }, - "bsd-mailx": { - "version": "8.1.2-0.20180807cvs-1", - "arch": "amd64" - }, - "bsdmainutils": { - "version": "11.1.2ubuntu3", - "arch": "amd64" - }, - "bsdutils": { - "version": "1:2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "btrfs-progs": { - "version": "5.4.1-2", - "arch": "amd64" - }, - "build-essential": { - "version": "12.8ubuntu1.1", - "arch": "amd64" - }, - "busybox-initramfs": { - "version": "1:1.30.1-4ubuntu6.4", - "arch": "amd64" - }, - "busybox-static": { - "version": "1:1.30.1-4ubuntu6.4", - "arch": "amd64" - }, - "byobu": { - "version": "5.133-0ubuntu1", - "arch": "all" - }, - "bzip2": { - "version": "1.0.8-2", - "arch": "amd64" - }, - "ca-certificates": { - "version": "20210119~20.04.2", - "arch": "all" - }, - "chef": { - "version": "15.13.8-1", - "arch": "amd64" - }, - "cloud-guest-utils": { - "version": "0.31-7-gd99b2d76-0ubuntu1", - "arch": "all" - }, - "cloud-initramfs-copymods": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "cloud-initramfs-dyn-netconf": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "command-not-found": { - "version": "20.04.6", - "arch": "all" - }, - "console-setup": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "console-setup-linux": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "coreutils": { - "version": "8.30-3ubuntu2", - "arch": "amd64" - }, - "cpio": { - "version": "2.13+dfsg-2ubuntu0.3", - "arch": "amd64" - }, - "cpp": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "cpp-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "crda": { - "version": "3.18-1build1", - "arch": "amd64" - }, - "cron": { - "version": "3.0pl1-136ubuntu1", - "arch": "amd64" - }, - "cryptsetup": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "cryptsetup-bin": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "cryptsetup-initramfs": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "all" - }, - "cryptsetup-run": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "all" - }, - "curl": { - "version": "7.68.0-1ubuntu2.11", - "arch": "amd64" - }, - "dash": { - "version": "0.5.10.2-6", - "arch": "amd64" - }, - "dbus": { - "version": "1.12.16-2ubuntu2.1", - "arch": "amd64" - }, - "dbus-user-session": { - "version": "1.12.16-2ubuntu2.1", - "arch": "amd64" - }, - "dconf-gsettings-backend": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "dconf-service": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "dctrl-tools": { - "version": "2.24-3", - "arch": "amd64" - }, - "debconf": { - "version": "1.5.73", - "arch": "all" - }, - "debconf-i18n": { - "version": "1.5.73", - "arch": "all" - }, - "debianutils": { - "version": "4.9.1", - "arch": "amd64" - }, - "diffutils": { - "version": "1:3.7-3", - "arch": "amd64" - }, - "dirmngr": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "distro-info": { - "version": "0.23ubuntu1", - "arch": "amd64" - }, - "distro-info-data": { - "version": "0.43ubuntu1.9", - "arch": "all" - }, - "dkms": { - "version": "2.8.1-5ubuntu2", - "arch": "all" - }, - "dmeventd": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "dmidecode": { - "version": "3.2-3", - "arch": "amd64" - }, - "dmsetup": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "dosfstools": { - "version": "4.1-2", - "arch": "amd64" - }, - "dpkg": { - "version": "1.19.7ubuntu3", - "arch": "amd64" - }, - "dpkg-dev": { - "version": "1.19.7ubuntu3", - "arch": "all" - }, - "e2fsprogs": { - "version": "1.45.5-2ubuntu1", - "arch": "amd64" - }, - "ed": { - "version": "1.16-1", - "arch": "amd64" - }, - "eject": { - "version": "2.1.5+deb1+cvs20081104-14", - "arch": "amd64" - }, - "ethtool": { - "version": "1:5.4-1", - "arch": "amd64" - }, - "fakeroot": { - "version": "1.24-1", - "arch": "amd64" - }, - "fdisk": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "file": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "finalrd": { - "version": "6~ubuntu20.04.1", - "arch": "all" - }, - "findutils": { - "version": "4.7.0-1ubuntu1", - "arch": "amd64" - }, - "fontconfig": { - "version": "2.13.1-2ubuntu3", - "arch": "amd64" - }, - "fontconfig-config": { - "version": "2.13.1-2ubuntu3", - "arch": "all" - }, - "fonts-dejavu-core": { - "version": "2.37-1", - "arch": "all" - }, - "fonts-lato": { - "version": "2.0-2", - "arch": "all" - }, - "fonts-ubuntu-console": { - "version": "0.83-4ubuntu1", - "arch": "all" - }, - "friendly-recovery": { - "version": "0.2.41ubuntu0.20.04.1", - "arch": "all" - }, - "ftp": { - "version": "0.17-34.1", - "arch": "amd64" - }, - "fuse": { - "version": "2.9.9-3", - "arch": "amd64" - }, - "fwupd": { - "version": "1.7.5-3~20.04.1", - "arch": "amd64" - }, - "fwupd-signed": { - "version": "1.27.1ubuntu7+1.2-2~20.04.1", - "arch": "amd64" - }, - "g++": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "g++-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gawk": { - "version": "1:5.0.1+dfsg-1", - "arch": "amd64" - }, - "gcc": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "gcc-10-base": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "gcc-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gcc-9-base": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gdisk": { - "version": "1.0.5-1", - "arch": "amd64" - }, - "gettext-base": { - "version": "0.19.8.1-10build1", - "arch": "amd64" - }, - "gir1.2-glib-2.0": { - "version": "1.64.1-1~ubuntu20.04.1", - "arch": "amd64" - }, - "gir1.2-packagekitglib-1.0": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "git": { - "version": "1:2.25.1-1ubuntu3.3", - "arch": "amd64" - }, - "git-man": { - "version": "1:2.25.1-1ubuntu3.3", - "arch": "all" - }, - "glib-networking": { - "version": "2.64.2-1ubuntu0.1", - "arch": "amd64" - }, - "glib-networking-common": { - "version": "2.64.2-1ubuntu0.1", - "arch": "all" - }, - "glib-networking-services": { - "version": "2.64.2-1ubuntu0.1", - "arch": "amd64" - }, - "gnupg": { - "version": "2.2.19-3ubuntu2.1", - "arch": "all" - }, - "gnupg-l10n": { - "version": "2.2.19-3ubuntu2.1", - "arch": "all" - }, - "gnupg-utils": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpg": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpg-agent": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpg-wks-client": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpg-wks-server": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpgconf": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpgsm": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "gpgv": { - "version": "2.2.19-3ubuntu2.1", - "arch": "amd64" - }, - "grep": { - "version": "3.4-1", - "arch": "amd64" - }, - "groff-base": { - "version": "1.22.4-4build1", - "arch": "amd64" - }, - "grub-common": { - "version": "2.04-1ubuntu26.15", - "arch": "amd64" - }, - "grub-gfxpayload-lists": { - "version": "0.7", - "arch": "amd64" - }, - "grub-pc": { - "version": "2.04-1ubuntu26.15", - "arch": "amd64" - }, - "grub-pc-bin": { - "version": "2.04-1ubuntu26.15", - "arch": "amd64" - }, - "grub2-common": { - "version": "2.04-1ubuntu26.15", - "arch": "amd64" - }, - "gsettings-desktop-schemas": { - "version": "3.36.0-1ubuntu1", - "arch": "all" - }, - "gtk-update-icon-cache": { - "version": "3.24.20-0ubuntu1.1", - "arch": "amd64" - }, - "guile-2.2-libs": { - "version": "2.2.7+1-4", - "arch": "amd64" - }, - "gzip": { - "version": "1.10-0ubuntu4.1", - "arch": "amd64" - }, - "haveged": { - "version": "1.9.1-6ubuntu1", - "arch": "amd64" - }, - "hdparm": { - "version": "9.58+ds-4", - "arch": "amd64" - }, - "hicolor-icon-theme": { - "version": "0.17-2", - "arch": "all" - }, - "hostname": { - "version": "3.23", - "arch": "amd64" - }, - "htop": { - "version": "2.2.0-2build1", - "arch": "amd64" - }, - "humanity-icon-theme": { - "version": "0.6.15", - "arch": "all" - }, - "ifplugd": { - "version": "0.28-19.4", - "arch": "amd64" - }, - "ifupdown": { - "version": "0.8.35ubuntu1", - "arch": "amd64" - }, - "info": { - "version": "6.7.0.dfsg.2-5", - "arch": "amd64" - }, - "init": { - "version": "1.57", - "arch": "amd64" - }, - "init-system-helpers": { - "version": "1.57", - "arch": "all" - }, - "initramfs-tools": { - "version": "0.136ubuntu6.7", - "arch": "all" - }, - "initramfs-tools-bin": { - "version": "0.136ubuntu6.7", - "arch": "amd64" - }, - "initramfs-tools-core": { - "version": "0.136ubuntu6.7", - "arch": "all" - }, - "install-info": { - "version": "6.7.0.dfsg.2-5", - "arch": "amd64" - }, - "installation-report": { - "version": "2.62ubuntu1", - "arch": "all" - }, - "intel-microcode": { - "version": "3.20210608.0ubuntu0.20.04.1", - "arch": "amd64" - }, - "iproute2": { - "version": "5.5.0-1ubuntu1", - "arch": "amd64" - }, - "iptables": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "iputils-ping": { - "version": "3:20190709-3", - "arch": "amd64" - }, - "iputils-tracepath": { - "version": "3:20190709-3", - "arch": "amd64" - }, - "irqbalance": { - "version": "1.6.0-3ubuntu1", - "arch": "amd64" - }, - "isc-dhcp-client": { - "version": "4.4.1-2.1ubuntu5.20.04.2", - "arch": "amd64" - }, - "isc-dhcp-common": { - "version": "4.4.1-2.1ubuntu5.20.04.2", - "arch": "amd64" - }, - "iso-codes": { - "version": "4.4-1", - "arch": "all" - }, - "iucode-tool": { - "version": "2.3.1-1", - "arch": "amd64" - }, - "iw": { - "version": "5.4-1", - "arch": "amd64" - }, - "javascript-common": { - "version": "11", - "arch": "all" - }, - "jq": { - "version": "1.6-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "kbd": { - "version": "2.0.4-4ubuntu2", - "arch": "amd64" - }, - "keyboard-configuration": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "klibc-utils": { - "version": "2.0.7-1ubuntu5.1", - "arch": "amd64" - }, - "kmod": { - "version": "27-1ubuntu2", - "arch": "amd64" - }, - "kpartx": { - "version": "0.8.3-1ubuntu2", - "arch": "amd64" - }, - "krb5-locales": { - "version": "1.17-6ubuntu4.1", - "arch": "all" - }, - "landscape-common": { - "version": "19.12-0ubuntu4.3", - "arch": "amd64" - }, - "language-pack-en": { - "version": "1:20.04+20220211", - "arch": "all" - }, - "language-pack-en-base": { - "version": "1:20.04+20220211", - "arch": "all" - }, - "language-pack-gnome-en": { - "version": "1:20.04+20220211", - "arch": "all" - }, - "language-pack-gnome-en-base": { - "version": "1:20.04+20220211", - "arch": "all" - }, - "language-selector-common": { - "version": "0.204.2", - "arch": "all" - }, - "laptop-detect": { - "version": "0.16", - "arch": "all" - }, - "less": { - "version": "551-1ubuntu0.1", - "arch": "amd64" - }, - "libaccountsservice0": { - "version": "0.6.55-0ubuntu12~20.04.5", - "arch": "amd64" - }, - "libacl1": { - "version": "2.2.53-6", - "arch": "amd64" - }, - "libaio1": { - "version": "0.3.112-5", - "arch": "amd64" - }, - "libalgorithm-diff-perl": { - "version": "1.19.03-2", - "arch": "all" - }, - "libalgorithm-diff-xs-perl": { - "version": "0.04-6", - "arch": "amd64" - }, - "libalgorithm-merge-perl": { - "version": "0.08-3", - "arch": "all" - }, - "libapparmor1": { - "version": "2.13.3-7ubuntu5.1", - "arch": "amd64" - }, - "libappstream4": { - "version": "0.12.10-2", - "arch": "amd64" - }, - "libapt-pkg6.0": { - "version": "2.0.6", - "arch": "amd64" - }, - "libarchive13": { - "version": "3.4.0-2ubuntu1.2", - "arch": "amd64" - }, - "libargon2-1": { - "version": "0~20171227-0.2", - "arch": "amd64" - }, - "libasan5": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libasn1-8-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libasound2": { - "version": "1.2.2-2.1ubuntu2.5", - "arch": "amd64" - }, - "libasound2-data": { - "version": "1.2.2-2.1ubuntu2.5", - "arch": "all" - }, - "libassuan0": { - "version": "2.5.3-7ubuntu2", - "arch": "amd64" - }, - "libatasmart4": { - "version": "0.19-5", - "arch": "amd64" - }, - "libatk-bridge2.0-0": { - "version": "2.34.2-0ubuntu2~20.04.1", - "arch": "amd64" - }, - "libatk1.0-0": { - "version": "2.35.1-1ubuntu2", - "arch": "amd64" - }, - "libatk1.0-data": { - "version": "2.35.1-1ubuntu2", - "arch": "all" - }, - "libatm1": { - "version": "1:2.5.1-4", - "arch": "amd64" - }, - "libatomic1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libatspi2.0-0": { - "version": "2.36.0-2", - "arch": "amd64" - }, - "libattr1": { - "version": "1:2.4.48-5", - "arch": "amd64" - }, - "libaudit-common": { - "version": "1:2.8.5-2ubuntu6", - "arch": "all" - }, - "libaudit1": { - "version": "1:2.8.5-2ubuntu6", - "arch": "amd64" - }, - "libavahi-client3": { - "version": "0.7-4ubuntu7.1", - "arch": "amd64" - }, - "libavahi-common-data": { - "version": "0.7-4ubuntu7.1", - "arch": "amd64" - }, - "libavahi-common3": { - "version": "0.7-4ubuntu7.1", - "arch": "amd64" - }, - "libbinutils": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "libblkid1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libblockdev-crypto2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-fs2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-loop2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-part-err2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-part2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-swap2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-utils2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libbrotli1": { - "version": "1.0.7-6ubuntu0.1", - "arch": "amd64" - }, - "libbsd0": { - "version": "0.10.0-1", - "arch": "amd64" - }, - "libbz2-1.0": { - "version": "1.0.8-2", - "arch": "amd64" - }, - "libc-bin": { - "version": "2.31-0ubuntu9.7", - "arch": "amd64" - }, - "libc-dev-bin": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libc6": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libc6-dev": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libcairo-gobject2": { - "version": "1.16.0-4ubuntu1", - "arch": "amd64" - }, - "libcairo2": { - "version": "1.16.0-4ubuntu1", - "arch": "amd64" - }, - "libcanberra0": { - "version": "0.30-7ubuntu1", - "arch": "amd64" - }, - "libcap-ng0": { - "version": "0.7.9-2.1build1", - "arch": "amd64" - }, - "libcap2": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libcap2-bin": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libcbor0.6": { - "version": "0.6.0-0ubuntu1", - "arch": "amd64" - }, - "libcc1-0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libcolord2": { - "version": "1.4.4-2", - "arch": "amd64" - }, - "libcom-err2": { - "version": "1.45.5-2ubuntu1", - "arch": "amd64" - }, - "libcrypt-dev": { - "version": "1:4.4.10-10ubuntu4", - "arch": "amd64" - }, - "libcrypt1": { - "version": "1:4.4.10-10ubuntu4", - "arch": "amd64" - }, - "libcryptsetup12": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "libctf-nobfd0": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "libctf0": { - "version": "2.34-6ubuntu1.3", - "arch": "amd64" - }, - "libcups2": { - "version": "2.3.1-9ubuntu1.1", - "arch": "amd64" - }, - "libcurl3-gnutls": { - "version": "7.68.0-1ubuntu2.7", - "arch": "amd64" - }, - "libcurl4": { - "version": "7.68.0-1ubuntu2.11", - "arch": "amd64" - }, - "libdaemon0": { - "version": "0.14-7", - "arch": "amd64" - }, - "libdatrie1": { - "version": "0.2.12-3", - "arch": "amd64" - }, - "libdb5.3": { - "version": "5.3.28+dfsg1-0.6ubuntu2", - "arch": "amd64" - }, - "libdbus-1-3": { - "version": "1.12.16-2ubuntu2.1", - "arch": "amd64" - }, - "libdconf1": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "libdebconfclient0": { - "version": "0.251ubuntu1", - "arch": "amd64" - }, - "libdevmapper-event1.02.1": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "libdevmapper1.02.1": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "libdns-export1109": { - "version": "1:9.11.16+dfsg-3~ubuntu1", - "arch": "amd64" - }, - "libdouble-conversion3": { - "version": "3.1.5-4ubuntu1", - "arch": "amd64" - }, - "libdpkg-perl": { - "version": "1.19.7ubuntu3", - "arch": "all" - }, - "libdrm-amdgpu1": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libdrm-common": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "all" - }, - "libdrm-intel1": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libdrm-nouveau2": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libdrm-radeon1": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libdrm2": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libdw1": { - "version": "0.176-1.1build1", - "arch": "amd64" - }, - "libedit2": { - "version": "3.1-20191231-1", - "arch": "amd64" - }, - "libefiboot1": { - "version": "37-2ubuntu2.2", - "arch": "amd64" - }, - "libefivar1": { - "version": "37-2ubuntu2.2", - "arch": "amd64" - }, - "libegl-mesa0": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "libegl1": { - "version": "1.3.2-1~ubuntu0.20.04.2", - "arch": "amd64" - }, - "libelf1": { - "version": "0.176-1.1build1", - "arch": "amd64" - }, - "libepoxy0": { - "version": "1.5.4-1", - "arch": "amd64" - }, - "liberror-perl": { - "version": "0.17029-1", - "arch": "all" - }, - "libestr0": { - "version": "0.1.10-2.1", - "arch": "amd64" - }, - "libevdev2": { - "version": "1.9.0+dfsg-1ubuntu0.2", - "arch": "amd64" - }, - "libevent-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libevent-core-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libevent-pthreads-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libexpat1": { - "version": "2.2.9-1ubuntu0.4", - "arch": "amd64" - }, - "libexpat1-dev": { - "version": "2.2.9-1ubuntu0.4", - "arch": "amd64" - }, - "libext2fs2": { - "version": "1.45.5-2ubuntu1", - "arch": "amd64" - }, - "libfakeroot": { - "version": "1.24-1", - "arch": "amd64" - }, - "libfastjson4": { - "version": "0.99.8-2", - "arch": "amd64" - }, - "libfdisk1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libffi7": { - "version": "3.3-4", - "arch": "amd64" - }, - "libfido2-1": { - "version": "1.3.1-1ubuntu2", - "arch": "amd64" - }, - "libfile-fcntllock-perl": { - "version": "0.22-3build4", - "arch": "amd64" - }, - "libfl2": { - "version": "2.6.4-6.2", - "arch": "amd64" - }, - "libfontconfig1": { - "version": "2.13.1-2ubuntu3", - "arch": "amd64" - }, - "libfreetype6": { - "version": "2.10.1-2ubuntu0.1", - "arch": "amd64" - }, - "libfribidi0": { - "version": "1.0.8-2ubuntu0.1", - "arch": "amd64" - }, - "libfuse2": { - "version": "2.9.9-3", - "arch": "amd64" - }, - "libfwupd2": { - "version": "1.7.5-3~20.04.1", - "arch": "amd64" - }, - "libfwupdplugin1": { - "version": "1.5.11-0ubuntu1~20.04.2", - "arch": "amd64" - }, - "libfwupdplugin5": { - "version": "1.7.5-3~20.04.1", - "arch": "amd64" - }, - "libgbm1": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "libgc1c2": { - "version": "1:7.6.4-0.4ubuntu1", - "arch": "amd64" - }, - "libgcab-1.0-0": { - "version": "1.4-1", - "arch": "amd64" - }, - "libgcc-9-dev": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libgcc-s1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libgcrypt20": { - "version": "1.8.5-5ubuntu1.1", - "arch": "amd64" - }, - "libgdbm-compat4": { - "version": "1.18.1-5", - "arch": "amd64" - }, - "libgdbm6": { - "version": "1.18.1-5", - "arch": "amd64" - }, - "libgdk-pixbuf2.0-0": { - "version": "2.40.0+dfsg-3ubuntu0.2", - "arch": "amd64" - }, - "libgdk-pixbuf2.0-bin": { - "version": "2.40.0+dfsg-3ubuntu0.2", - "arch": "amd64" - }, - "libgdk-pixbuf2.0-common": { - "version": "2.40.0+dfsg-3ubuntu0.2", - "arch": "all" - }, - "libgirepository-1.0-1": { - "version": "1.64.1-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libgl1": { - "version": "1.3.2-1~ubuntu0.20.04.2", - "arch": "amd64" - }, - "libgl1-mesa-dri": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "libglapi-mesa": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "libglib2.0-0": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "amd64" - }, - "libglib2.0-bin": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "amd64" - }, - "libglib2.0-data": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "all" - }, - "libglvnd0": { - "version": "1.3.2-1~ubuntu0.20.04.2", - "arch": "amd64" - }, - "libglx-mesa0": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "libglx0": { - "version": "1.3.2-1~ubuntu0.20.04.2", - "arch": "amd64" - }, - "libgmp-dev": { - "version": "2:6.2.0+dfsg-4", - "arch": "amd64" - }, - "libgmp10": { - "version": "2:6.2.0+dfsg-4", - "arch": "amd64" - }, - "libgmpxx4ldbl": { - "version": "2:6.2.0+dfsg-4", - "arch": "amd64" - }, - "libgnutls30": { - "version": "3.6.13-2ubuntu1.6", - "arch": "amd64" - }, - "libgomp1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libgpg-error0": { - "version": "1.37-1", - "arch": "amd64" - }, - "libgpgme11": { - "version": "1.13.1-7ubuntu2", - "arch": "amd64" - }, - "libgpm2": { - "version": "1.20.7-5", - "arch": "amd64" - }, - "libgraphite2-3": { - "version": "1.3.13-11build1", - "arch": "amd64" - }, - "libgsasl7": { - "version": "1.8.1-1", - "arch": "amd64" - }, - "libgssapi-krb5-2": { - "version": "1.17-6ubuntu4.1", - "arch": "amd64" - }, - "libgssapi3-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libgstreamer1.0-0": { - "version": "1.16.2-2", - "arch": "amd64" - }, - "libgtk-3-0": { - "version": "3.24.20-0ubuntu1.1", - "arch": "amd64" - }, - "libgtk-3-bin": { - "version": "3.24.20-0ubuntu1.1", - "arch": "amd64" - }, - "libgtk-3-common": { - "version": "3.24.20-0ubuntu1.1", - "arch": "all" - }, - "libgudev-1.0-0": { - "version": "1:233-1", - "arch": "amd64" - }, - "libgusb2": { - "version": "0.3.4-0.1", - "arch": "amd64" - }, - "libharfbuzz0b": { - "version": "2.6.4-1ubuntu4", - "arch": "amd64" - }, - "libhavege1": { - "version": "1.9.1-6ubuntu1", - "arch": "amd64" - }, - "libhcrypto4-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libheimbase1-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libheimntlm0-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libhogweed5": { - "version": "3.5.1+really3.5.1-2ubuntu0.2", - "arch": "amd64" - }, - "libhx509-5-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libice6": { - "version": "2:1.0.10-0ubuntu1", - "arch": "amd64" - }, - "libicu66": { - "version": "66.1-2ubuntu2.1", - "arch": "amd64" - }, - "libidn11": { - "version": "1.33-2.2ubuntu2", - "arch": "amd64" - }, - "libidn2-0": { - "version": "2.2.0-2", - "arch": "amd64" - }, - "libinput-bin": { - "version": "1.15.5-1ubuntu0.3", - "arch": "amd64" - }, - "libinput10": { - "version": "1.15.5-1ubuntu0.3", - "arch": "amd64" - }, - "libip4tc2": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libip6tc2": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libisc-export1105": { - "version": "1:9.11.16+dfsg-3~ubuntu1", - "arch": "amd64" - }, - "libisl22": { - "version": "0.22.1-1", - "arch": "amd64" - }, - "libisns0": { - "version": "0.97-3", - "arch": "amd64" - }, - "libitm1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libjbig0": { - "version": "2.1-3.1build1", - "arch": "amd64" - }, - "libjcat1": { - "version": "0.1.4-0ubuntu0.20.04.1", - "arch": "amd64" - }, - "libjpeg-turbo8": { - "version": "2.0.3-0ubuntu1.20.04.1", - "arch": "amd64" - }, - "libjpeg8": { - "version": "8c-2ubuntu8", - "arch": "amd64" - }, - "libjq1": { - "version": "1.6-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "libjs-jquery": { - "version": "3.3.1~dfsg-3", - "arch": "all" - }, - "libjson-c4": { - "version": "0.13.1+dfsg-7ubuntu0.3", - "arch": "amd64" - }, - "libjson-glib-1.0-0": { - "version": "1.4.4-2ubuntu2", - "arch": "amd64" - }, - "libjson-glib-1.0-common": { - "version": "1.4.4-2ubuntu2", - "arch": "all" - }, - "libk5crypto3": { - "version": "1.17-6ubuntu4.1", - "arch": "amd64" - }, - "libkeyutils1": { - "version": "1.6-6ubuntu1", - "arch": "amd64" - }, - "libklibc": { - "version": "2.0.7-1ubuntu5.1", - "arch": "amd64" - }, - "libkmod2": { - "version": "27-1ubuntu2", - "arch": "amd64" - }, - "libkrb5-26-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libkrb5-3": { - "version": "1.17-6ubuntu4.1", - "arch": "amd64" - }, - "libkrb5support0": { - "version": "1.17-6ubuntu4.1", - "arch": "amd64" - }, - "libksba8": { - "version": "1.3.5-2", - "arch": "amd64" - }, - "libkyotocabinet16v5": { - "version": "1.2.76-4.2build1", - "arch": "amd64" - }, - "liblcms2-2": { - "version": "2.9-4", - "arch": "amd64" - }, - "libldap-2.4-2": { - "version": "2.4.49+dfsg-2ubuntu1.8", - "arch": "amd64" - }, - "libldap-common": { - "version": "2.4.49+dfsg-2ubuntu1.8", - "arch": "all" - }, - "libllvm12": { - "version": "1:12.0.0-3ubuntu1~20.04.5", - "arch": "amd64" - }, - "liblmdb0": { - "version": "0.9.24-1", - "arch": "amd64" - }, - "liblocale-gettext-perl": { - "version": "1.07-4", - "arch": "amd64" - }, - "liblockfile-bin": { - "version": "1.16-1.1", - "arch": "amd64" - }, - "liblockfile1": { - "version": "1.16-1.1", - "arch": "amd64" - }, - "liblsan0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libltdl7": { - "version": "2.4.6-14", - "arch": "amd64" - }, - "liblua5.2-0": { - "version": "5.2.4-1.1build3", - "arch": "amd64" - }, - "liblvm2cmd2.03": { - "version": "2.03.07-1ubuntu1", - "arch": "amd64" - }, - "liblz4-1": { - "version": "1.9.2-2ubuntu0.20.04.1", - "arch": "amd64" - }, - "liblzma5": { - "version": "5.2.4-1ubuntu1.1", - "arch": "amd64" - }, - "liblzo2-2": { - "version": "2.10-2", - "arch": "amd64" - }, - "libmagic-mgc": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "libmagic1": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "libmailutils6": { - "version": "1:3.7-2.1", - "arch": "amd64" - }, - "libmaxminddb0": { - "version": "1.4.2-0ubuntu1.20.04.1", - "arch": "amd64" - }, - "libmbim-glib4": { - "version": "1.24.8-1~20.04", - "arch": "amd64" - }, - "libmbim-proxy": { - "version": "1.24.8-1~20.04", - "arch": "amd64" - }, - "libmm-glib0": { - "version": "1.16.6-2~20.04.1", - "arch": "amd64" - }, - "libmnl0": { - "version": "1.0.4-2", - "arch": "amd64" - }, - "libmount1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libmpc3": { - "version": "1.1.0-1", - "arch": "amd64" - }, - "libmpdec2": { - "version": "2.4.2-3", - "arch": "amd64" - }, - "libmpfr6": { - "version": "4.0.2-1", - "arch": "amd64" - }, - "libmspack0": { - "version": "0.10.1-2", - "arch": "amd64" - }, - "libmtdev1": { - "version": "1.1.5-1.1", - "arch": "amd64" - }, - "libmysqlclient21": { - "version": "8.0.29-0ubuntu0.20.04.3", - "arch": "amd64" - }, - "libncurses6": { - "version": "6.2-0ubuntu2", - "arch": "amd64" - }, - "libncursesw6": { - "version": "6.2-0ubuntu2", - "arch": "amd64" - }, - "libnetfilter-conntrack3": { - "version": "1.0.7-2", - "arch": "amd64" - }, - "libnetplan0": { - "version": "0.104-0ubuntu2~20.04.1", - "arch": "amd64" - }, - "libnettle7": { - "version": "3.5.1+really3.5.1-2ubuntu0.2", - "arch": "amd64" - }, - "libnewt0.52": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "libnfnetlink0": { - "version": "1.0.1-3build1", - "arch": "amd64" - }, - "libnftnl11": { - "version": "1.1.5-1", - "arch": "amd64" - }, - "libnghttp2-14": { - "version": "1.40.0-1build1", - "arch": "amd64" - }, - "libnl-3-200": { - "version": "3.4.0-1", - "arch": "amd64" - }, - "libnl-genl-3-200": { - "version": "3.4.0-1", - "arch": "amd64" - }, - "libnpth0": { - "version": "1.6-1", - "arch": "amd64" - }, - "libnspr4": { - "version": "2:4.25-1", - "arch": "amd64" - }, - "libnss-systemd": { - "version": "245.4-4ubuntu3.17", - "arch": "amd64" - }, - "libnss3": { - "version": "2:3.49.1-1ubuntu1.6", - "arch": "amd64" - }, - "libntfs-3g883": { - "version": "1:2017.3.23AR.3-3ubuntu1.1", - "arch": "amd64" - }, - "libntlm0": { - "version": "1.5-2ubuntu0.1", - "arch": "amd64" - }, - "libnuma1": { - "version": "2.0.12-1", - "arch": "amd64" - }, - "libogg0": { - "version": "1.3.4-0ubuntu1", - "arch": "amd64" - }, - "libonig5": { - "version": "6.9.4-1", - "arch": "amd64" - }, - "libopts25": { - "version": "1:5.18.16-3", - "arch": "amd64" - }, - "libp11-kit0": { - "version": "0.23.20-1ubuntu0.1", - "arch": "amd64" - }, - "libpackagekit-glib2-18": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "libpam-cap": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libpam-modules": { - "version": "1.3.1-5ubuntu4.3", - "arch": "amd64" - }, - "libpam-modules-bin": { - "version": "1.3.1-5ubuntu4.3", - "arch": "amd64" - }, - "libpam-runtime": { - "version": "1.3.1-5ubuntu4.3", - "arch": "all" - }, - "libpam-systemd": { - "version": "245.4-4ubuntu3.17", - "arch": "amd64" - }, - "libpam0g": { - "version": "1.3.1-5ubuntu4.3", - "arch": "amd64" - }, - "libpango-1.0-0": { - "version": "1.44.7-2ubuntu4", - "arch": "amd64" - }, - "libpangocairo-1.0-0": { - "version": "1.44.7-2ubuntu4", - "arch": "amd64" - }, - "libpangoft2-1.0-0": { - "version": "1.44.7-2ubuntu4", - "arch": "amd64" - }, - "libparted-fs-resize0": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "libparted2": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "libpcap0.8": { - "version": "1.9.1-3", - "arch": "amd64" - }, - "libpci3": { - "version": "1:3.6.4-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "libpciaccess0": { - "version": "0.16-0ubuntu1", - "arch": "amd64" - }, - "libpcre2-16-0": { - "version": "10.34-7", - "arch": "amd64" - }, - "libpcre2-8-0": { - "version": "10.34-7", - "arch": "amd64" - }, - "libpcre3": { - "version": "2:8.39-12build1", - "arch": "amd64" - }, - "libperl5.30": { - "version": "5.30.0-9ubuntu0.2", - "arch": "amd64" - }, - "libpipeline1": { - "version": "1.5.2-2build1", - "arch": "amd64" - }, - "libpixman-1-0": { - "version": "0.38.4-0ubuntu1", - "arch": "amd64" - }, - "libplymouth5": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "libpng16-16": { - "version": "1.6.37-2", - "arch": "amd64" - }, - "libpolkit-agent-1-0": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "libpolkit-gobject-1-0": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "libpopt0": { - "version": "1.16-14", - "arch": "amd64" - }, - "libprocps8": { - "version": "2:3.3.16-1ubuntu2.3", - "arch": "amd64" - }, - "libprotobuf17": { - "version": "3.6.1.3-2ubuntu5", - "arch": "amd64" - }, - "libproxy1v5": { - "version": "0.4.15-10ubuntu1.2", - "arch": "amd64" - }, - "libpsl5": { - "version": "0.21.0-1ubuntu1", - "arch": "amd64" - }, - "libpython3-dev": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "libpython3-stdlib": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "libpython3.8": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "libpython3.8-dev": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "libpython3.8-minimal": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "libpython3.8-stdlib": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "libqmi-glib5": { - "version": "1.28.6-1~20.04.1", - "arch": "amd64" - }, - "libqmi-proxy": { - "version": "1.28.6-1~20.04.1", - "arch": "amd64" - }, - "libqt5core5a": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5dbus5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5designer5": { - "version": "5.12.8-0ubuntu1", - "arch": "amd64" - }, - "libqt5gui5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5help5": { - "version": "5.12.8-0ubuntu1", - "arch": "amd64" - }, - "libqt5network5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5printsupport5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5sql5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5sql5-sqlite": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5svg5": { - "version": "5.12.8-0ubuntu1", - "arch": "amd64" - }, - "libqt5test5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5widgets5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libqt5xml5": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "libquadmath0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libreadline5": { - "version": "5.2+dfsg-3build3", - "arch": "amd64" - }, - "libreadline8": { - "version": "8.0-4", - "arch": "amd64" - }, - "librest-0.7-0": { - "version": "0.8.1-1", - "arch": "amd64" - }, - "libroken18-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "librsvg2-2": { - "version": "2.48.9-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "librsvg2-common": { - "version": "2.48.9-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "librtmp1": { - "version": "2.4+20151223.gitfa8646d.1-2build1", - "arch": "amd64" - }, - "libruby2.7": { - "version": "2.7.0-5ubuntu1.6", - "arch": "amd64" - }, - "libsasl2-2": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libsasl2-modules": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libsasl2-modules-db": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libseccomp2": { - "version": "2.5.1-1ubuntu1~20.04.2", - "arch": "amd64" - }, - "libsecp256k1-0": { - "version": "0.1~20170810-2", - "arch": "amd64" - }, - "libsecp256k1-dev": { - "version": "0.1~20170810-2", - "arch": "amd64" - }, - "libselinux1": { - "version": "3.0-1build2", - "arch": "amd64" - }, - "libsemanage-common": { - "version": "3.0-1build2", - "arch": "all" - }, - "libsemanage1": { - "version": "3.0-1build2", - "arch": "amd64" - }, - "libsensors-config": { - "version": "1:3.6.0-2ubuntu1", - "arch": "all" - }, - "libsensors5": { - "version": "1:3.6.0-2ubuntu1", - "arch": "amd64" - }, - "libsepol1": { - "version": "3.0-1", - "arch": "amd64" - }, - "libsgutils2-2": { - "version": "1.44-1ubuntu2", - "arch": "amd64" - }, - "libsigsegv2": { - "version": "2.12-2", - "arch": "amd64" - }, - "libslang2": { - "version": "2.3.2-4", - "arch": "amd64" - }, - "libsm6": { - "version": "2:1.2.3-1", - "arch": "amd64" - }, - "libsmartcols1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libsmbios-c2": { - "version": "2.4.3-1", - "arch": "amd64" - }, - "libsodium23": { - "version": "1.0.18-1", - "arch": "amd64" - }, - "libsoup-gnome2.4-1": { - "version": "2.70.0-1", - "arch": "amd64" - }, - "libsoup2.4-1": { - "version": "2.70.0-1", - "arch": "amd64" - }, - "libsqlite3-0": { - "version": "3.31.1-4ubuntu0.2", - "arch": "amd64" - }, - "libss2": { - "version": "1.45.5-2ubuntu1", - "arch": "amd64" - }, - "libssh-4": { - "version": "0.9.3-2ubuntu2.2", - "arch": "amd64" - }, - "libssl1.1": { - "version": "1.1.1f-1ubuntu2.12", - "arch": "amd64" - }, - "libstdc++-9-dev": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libstdc++6": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libstemmer0d": { - "version": "0+svn585-2", - "arch": "amd64" - }, - "libsystemd0": { - "version": "245.4-4ubuntu3.17", - "arch": "amd64" - }, - "libtasn1-6": { - "version": "4.16.0-2", - "arch": "amd64" - }, - "libtcl8.6": { - "version": "8.6.10+dfsg-1", - "arch": "amd64" - }, - "libtdb1": { - "version": "1.4.3-0ubuntu0.20.04.1", - "arch": "amd64" - }, - "libtext-charwidth-perl": { - "version": "0.04-10", - "arch": "amd64" - }, - "libtext-iconv-perl": { - "version": "1.7-7", - "arch": "amd64" - }, - "libtext-wrapi18n-perl": { - "version": "0.06-9", - "arch": "all" - }, - "libthai-data": { - "version": "0.1.28-3", - "arch": "all" - }, - "libthai0": { - "version": "0.1.28-3", - "arch": "amd64" - }, - "libtiff5": { - "version": "4.1.0+git191117-2ubuntu0.20.04.3", - "arch": "amd64" - }, - "libtinfo6": { - "version": "6.2-0ubuntu2", - "arch": "amd64" - }, - "libtsan0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libtss2-esys0": { - "version": "2.3.2-1", - "arch": "amd64" - }, - "libubsan1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libuchardet0": { - "version": "0.0.6-3build1", - "arch": "amd64" - }, - "libudev1": { - "version": "245.4-4ubuntu3.16", - "arch": "amd64" - }, - "libudisks2-0": { - "version": "2.8.4-1ubuntu2", - "arch": "amd64" - }, - "libunistring2": { - "version": "0.9.10-2", - "arch": "amd64" - }, - "libunwind8": { - "version": "1.2.1-9build1", - "arch": "amd64" - }, - "liburcu6": { - "version": "0.11.1-2", - "arch": "amd64" - }, - "libusb-1.0-0": { - "version": "2:1.0.23-2build1", - "arch": "amd64" - }, - "libutempter0": { - "version": "1.1.6-4", - "arch": "amd64" - }, - "libuuid1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libuv1": { - "version": "1.34.2-1ubuntu1.3", - "arch": "amd64" - }, - "libvolume-key1": { - "version": "0.3.12-3.1", - "arch": "amd64" - }, - "libvorbis0a": { - "version": "1.3.6-2ubuntu1", - "arch": "amd64" - }, - "libvorbisfile3": { - "version": "1.3.6-2ubuntu1", - "arch": "amd64" - }, - "libvulkan1": { - "version": "1.2.131.2-1", - "arch": "amd64" - }, - "libwacom-bin": { - "version": "1.3-2ubuntu3", - "arch": "amd64" - }, - "libwacom-common": { - "version": "1.3-2ubuntu3", - "arch": "all" - }, - "libwacom2": { - "version": "1.3-2ubuntu3", - "arch": "amd64" - }, - "libwayland-client0": { - "version": "1.18.0-1", - "arch": "amd64" - }, - "libwayland-cursor0": { - "version": "1.18.0-1", - "arch": "amd64" - }, - "libwayland-egl1": { - "version": "1.18.0-1", - "arch": "amd64" - }, - "libwayland-server0": { - "version": "1.18.0-1", - "arch": "amd64" - }, - "libwebp6": { - "version": "0.6.1-2ubuntu0.20.04.1", - "arch": "amd64" - }, - "libwind0-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1", - "arch": "amd64" - }, - "libwrap0": { - "version": "7.6.q-30", - "arch": "amd64" - }, - "libx11-6": { - "version": "2:1.6.9-2ubuntu1.2", - "arch": "amd64" - }, - "libx11-data": { - "version": "2:1.6.9-2ubuntu1.2", - "arch": "all" - }, - "libx11-xcb1": { - "version": "2:1.6.9-2ubuntu1.2", - "arch": "amd64" - }, - "libxau6": { - "version": "1:1.0.9-0ubuntu1", - "arch": "amd64" - }, - "libxcb-dri2-0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-dri3-0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-glx0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-icccm4": { - "version": "0.4.1-1.1", - "arch": "amd64" - }, - "libxcb-image0": { - "version": "0.4.0-1build1", - "arch": "amd64" - }, - "libxcb-keysyms1": { - "version": "0.4.0-1build1", - "arch": "amd64" - }, - "libxcb-present0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-randr0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-render-util0": { - "version": "0.3.9-1build1", - "arch": "amd64" - }, - "libxcb-render0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-shape0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-shm0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-sync1": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-util1": { - "version": "0.4.0-0ubuntu3", - "arch": "amd64" - }, - "libxcb-xfixes0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-xinerama0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-xinput0": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb-xkb1": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcb1": { - "version": "1.14-2", - "arch": "amd64" - }, - "libxcomposite1": { - "version": "1:0.4.5-1", - "arch": "amd64" - }, - "libxcursor1": { - "version": "1:1.2.0-2", - "arch": "amd64" - }, - "libxdamage1": { - "version": "1:1.1.5-2", - "arch": "amd64" - }, - "libxdmcp6": { - "version": "1:1.1.3-0ubuntu1", - "arch": "amd64" - }, - "libxext6": { - "version": "2:1.3.4-0ubuntu1", - "arch": "amd64" - }, - "libxfixes3": { - "version": "1:5.0.3-2", - "arch": "amd64" - }, - "libxi6": { - "version": "2:1.7.10-0ubuntu1", - "arch": "amd64" - }, - "libxinerama1": { - "version": "2:1.1.4-2", - "arch": "amd64" - }, - "libxkbcommon-x11-0": { - "version": "0.10.0-1", - "arch": "amd64" - }, - "libxkbcommon0": { - "version": "0.10.0-1", - "arch": "amd64" - }, - "libxml2": { - "version": "2.9.10+dfsg-5ubuntu0.20.04.2", - "arch": "amd64" - }, - "libxmlb1": { - "version": "0.1.15-2ubuntu1~20.04.1", - "arch": "amd64" - }, - "libxmlsec1": { - "version": "1.2.28-2", - "arch": "amd64" - }, - "libxmlsec1-openssl": { - "version": "1.2.28-2", - "arch": "amd64" - }, - "libxmuu1": { - "version": "2:1.1.3-0ubuntu1", - "arch": "amd64" - }, - "libxrandr2": { - "version": "2:1.5.2-0ubuntu1", - "arch": "amd64" - }, - "libxrender1": { - "version": "1:0.9.10-1", - "arch": "amd64" - }, - "libxshmfence1": { - "version": "1.3-1", - "arch": "amd64" - }, - "libxslt1.1": { - "version": "1.1.34-4", - "arch": "amd64" - }, - "libxtables12": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libxtst6": { - "version": "2:1.2.3-1", - "arch": "amd64" - }, - "libxxf86vm1": { - "version": "1:1.1.4-1build1", - "arch": "amd64" - }, - "libyaml-0-2": { - "version": "0.2.2-1", - "arch": "amd64" - }, - "libzstd1": { - "version": "1.4.4+dfsg-3ubuntu0.1", - "arch": "amd64" - }, - "linux-base": { - "version": "4.5ubuntu3.7", - "arch": "all" - }, - "linux-cloud-tools-5.4.0-107": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-cloud-tools-5.4.0-107-generic": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-cloud-tools-5.4.0-42": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-cloud-tools-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-cloud-tools-common": { - "version": "5.4.0-107.121", - "arch": "all" - }, - "linux-cloud-tools-generic": { - "version": "5.4.0.107.111", - "arch": "amd64" - }, - "linux-cloud-tools-virtual": { - "version": "5.4.0.107.111", - "arch": "amd64" - }, - "linux-firmware": { - "version": "1.187.29", - "arch": "all" - }, - "linux-generic": { - "version": "5.4.0.107.111", - "arch": "amd64" - }, - "linux-headers-5.4.0-107": { - "version": "5.4.0-107.121", - "arch": "all" - }, - "linux-headers-5.4.0-107-generic": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-headers-5.4.0-42": { - "version": "5.4.0-42.46", - "arch": "all" - }, - "linux-headers-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-headers-generic": { - "version": "5.4.0.107.111", - "arch": "amd64" - }, - "linux-image-5.4.0-107-generic": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-image-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-image-generic": { - "version": "5.4.0.107.111", - "arch": "amd64" - }, - "linux-libc-dev": { - "version": "5.4.0-110.124", - "arch": "amd64" - }, - "linux-modules-5.4.0-107-generic": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-modules-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-modules-extra-5.4.0-107-generic": { - "version": "5.4.0-107.121", - "arch": "amd64" - }, - "linux-modules-extra-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-tools-5.4.0-42": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-tools-5.4.0-42-generic": { - "version": "5.4.0-42.46", - "arch": "amd64" - }, - "linux-tools-common": { - "version": "5.4.0-107.121", - "arch": "all" - }, - "locales": { - "version": "2.31-0ubuntu9.7", - "arch": "all" - }, - "login": { - "version": "1:4.8.1-1ubuntu5.20.04.1", - "arch": "amd64" - }, - "logrotate": { - "version": "3.14.0-4ubuntu3", - "arch": "amd64" - }, - "logsave": { - "version": "1.45.5-2ubuntu1", - "arch": "amd64" - }, - "lsb-base": { - "version": "11.1.0ubuntu2", - "arch": "all" - }, - "lsb-release": { - "version": "11.1.0ubuntu2", - "arch": "all" - }, - "lshw": { - "version": "02.18.85-0.3ubuntu2.20.04.1", - "arch": "amd64" - }, - "lsof": { - "version": "4.93.2+dfsg-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "ltrace": { - "version": "0.7.3-6.1ubuntu1", - "arch": "amd64" - }, - "lvm2": { - "version": "2.03.07-1ubuntu1", - "arch": "amd64" - }, - "lxd-agent-loader": { - "version": "0.4", - "arch": "all" - }, - "lz4": { - "version": "1.9.2-2ubuntu0.20.04.1", - "arch": "amd64" - }, - "mailutils": { - "version": "1:3.7-2.1", - "arch": "amd64" - }, - "mailutils-common": { - "version": "1:3.7-2.1", - "arch": "all" - }, - "make": { - "version": "4.2.1-1.2", - "arch": "amd64" - }, - "man-db": { - "version": "2.9.1-1", - "arch": "amd64" - }, - "manpages": { - "version": "5.05-1", - "arch": "all" - }, - "manpages-dev": { - "version": "5.05-1", - "arch": "all" - }, - "mawk": { - "version": "1.3.4.20200120-2", - "arch": "amd64" - }, - "mdadm": { - "version": "4.1-5ubuntu1.2", - "arch": "amd64" - }, - "mesa-vulkan-drivers": { - "version": "21.2.6-0ubuntu0.1~20.04.2", - "arch": "amd64" - }, - "mime-support": { - "version": "3.64ubuntu1", - "arch": "all" - }, - "mlocate": { - "version": "0.26-3ubuntu3", - "arch": "amd64" - }, - "modemmanager": { - "version": "1.16.6-2~20.04.1", - "arch": "amd64" - }, - "mosh": { - "version": "1.3.2-2.1build3", - "arch": "amd64" - }, - "motd-news-config": { - "version": "11ubuntu5.5", - "arch": "all" - }, - "mount": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "mtr-tiny": { - "version": "0.93-1", - "arch": "amd64" - }, - "multipath-tools": { - "version": "0.8.3-1ubuntu2", - "arch": "amd64" - }, - "mysql-common": { - "version": "5.8+1.0.5ubuntu2", - "arch": "all" - }, - "nano": { - "version": "4.8-1ubuntu1", - "arch": "amd64" - }, - "ncurses-base": { - "version": "6.2-0ubuntu2", - "arch": "all" - }, - "ncurses-bin": { - "version": "6.2-0ubuntu2", - "arch": "amd64" - }, - "ncurses-term": { - "version": "6.2-0ubuntu2", - "arch": "all" - }, - "netbase": { - "version": "6.1", - "arch": "all" - }, - "netcat-openbsd": { - "version": "1.206-1ubuntu1", - "arch": "amd64" - }, - "netplan.io": { - "version": "0.104-0ubuntu2~20.04.1", - "arch": "amd64" - }, - "networkd-dispatcher": { - "version": "2.1-2~ubuntu20.04.1", - "arch": "all" - }, - "nodejs": { - "version": "14.19.3-deb-1nodesource1", - "arch": "amd64" - }, - "ntfs-3g": { - "version": "1:2017.3.23AR.3-3ubuntu1.1", - "arch": "amd64" - }, - "ntp": { - "version": "1:4.2.8p12+dfsg-3ubuntu4.20.04.1", - "arch": "amd64" - }, - "open-iscsi": { - "version": "2.0.874-7.1ubuntu6.2", - "arch": "amd64" - }, - "open-vm-tools": { - "version": "2:11.3.0-2ubuntu0~ubuntu20.04.2", - "arch": "amd64" - }, - "openssh-client": { - "version": "1:8.2p1-4ubuntu0.4", - "arch": "amd64" - }, - "openssh-server": { - "version": "1:8.2p1-4ubuntu0.4", - "arch": "amd64" - }, - "openssh-sftp-server": { - "version": "1:8.2p1-4ubuntu0.4", - "arch": "amd64" - }, - "openssl": { - "version": "1.1.1f-1ubuntu2.12", - "arch": "amd64" - }, - "os-prober": { - "version": "1.74ubuntu2", - "arch": "amd64" - }, - "overlayroot": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "packagekit": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "packagekit-tools": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "parted": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "passwd": { - "version": "1:4.8.1-1ubuntu5.20.04.1", - "arch": "amd64" - }, - "pastebinit": { - "version": "1.5.1-1", - "arch": "all" - }, - "patch": { - "version": "2.7.6-6", - "arch": "amd64" - }, - "pci.ids": { - "version": "0.0~2020.03.20-1", - "arch": "all" - }, - "pciutils": { - "version": "1:3.6.4-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "perl": { - "version": "5.30.0-9ubuntu0.2", - "arch": "amd64" - }, - "perl-base": { - "version": "5.30.0-9ubuntu0.2", - "arch": "amd64" - }, - "perl-modules-5.30": { - "version": "5.30.0-9ubuntu0.2", - "arch": "all" - }, - "pinentry-curses": { - "version": "1.1.0-3build1", - "arch": "amd64" - }, - "plymouth": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "plymouth-theme-ubuntu-text": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "policykit-1": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "pollinate": { - "version": "4.33-3ubuntu1.20.04.1", - "arch": "all" - }, - "popularity-contest": { - "version": "1.69ubuntu1", - "arch": "all" - }, - "postfix": { - "version": "3.4.13-0ubuntu1.2", - "arch": "amd64" - }, - "powermgmt-base": { - "version": "1.36", - "arch": "all" - }, - "procps": { - "version": "2:3.3.16-1ubuntu2.3", - "arch": "amd64" - }, - "psmisc": { - "version": "23.3-1", - "arch": "amd64" - }, - "publicsuffix": { - "version": "20200303.0012-1", - "arch": "all" - }, - "python-apt-common": { - "version": "2.0.0ubuntu0.20.04.7", - "arch": "all" - }, - "python-pip-whl": { - "version": "20.0.2-5ubuntu1.6", - "arch": "all" - }, - "python3": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "python3-apport": { - "version": "2.20.11-0ubuntu27.23", - "arch": "all" - }, - "python3-apt": { - "version": "2.0.0ubuntu0.20.04.7", - "arch": "amd64" - }, - "python3-attr": { - "version": "19.3.0-2", - "arch": "all" - }, - "python3-automat": { - "version": "0.8.0-1ubuntu1", - "arch": "all" - }, - "python3-blinker": { - "version": "1.4+dfsg1-0.3ubuntu1", - "arch": "all" - }, - "python3-certifi": { - "version": "2019.11.28-1", - "arch": "all" - }, - "python3-cffi-backend": { - "version": "1.14.0-1build1", - "arch": "amd64" - }, - "python3-chardet": { - "version": "3.0.4-4build1", - "arch": "all" - }, - "python3-click": { - "version": "7.0-3", - "arch": "all" - }, - "python3-colorama": { - "version": "0.4.3-1build1", - "arch": "all" - }, - "python3-commandnotfound": { - "version": "20.04.6", - "arch": "all" - }, - "python3-configobj": { - "version": "5.0.6-4", - "arch": "all" - }, - "python3-constantly": { - "version": "15.1.0-1build1", - "arch": "all" - }, - "python3-cryptography": { - "version": "2.8-3ubuntu0.1", - "arch": "amd64" - }, - "python3-dbus": { - "version": "1.2.16-1build1", - "arch": "amd64" - }, - "python3-debconf": { - "version": "1.5.73", - "arch": "all" - }, - "python3-debian": { - "version": "0.1.36ubuntu1", - "arch": "all" - }, - "python3-dev": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "python3-distro": { - "version": "1.4.0-1", - "arch": "all" - }, - "python3-distro-info": { - "version": "0.23ubuntu1", - "arch": "all" - }, - "python3-distupgrade": { - "version": "1:20.04.37", - "arch": "all" - }, - "python3-distutils": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "all" - }, - "python3-entrypoints": { - "version": "0.3-2ubuntu1", - "arch": "all" - }, - "python3-gdbm": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "amd64" - }, - "python3-gi": { - "version": "3.36.0-1", - "arch": "amd64" - }, - "python3-hamcrest": { - "version": "1.9.0-3", - "arch": "all" - }, - "python3-httplib2": { - "version": "0.14.0-1ubuntu1", - "arch": "all" - }, - "python3-hyperlink": { - "version": "19.0.0-1", - "arch": "all" - }, - "python3-idna": { - "version": "2.8-1", - "arch": "all" - }, - "python3-incremental": { - "version": "16.10.1-3.2", - "arch": "all" - }, - "python3-jwt": { - "version": "1.7.1-2ubuntu2", - "arch": "all" - }, - "python3-keyring": { - "version": "18.0.1-2ubuntu1", - "arch": "all" - }, - "python3-launchpadlib": { - "version": "1.10.13-1", - "arch": "all" - }, - "python3-lazr.restfulclient": { - "version": "0.14.2-2build1", - "arch": "all" - }, - "python3-lazr.uri": { - "version": "1.0.3-4build1", - "arch": "all" - }, - "python3-lib2to3": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "all" - }, - "python3-minimal": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "python3-nacl": { - "version": "1.3.0-5", - "arch": "amd64" - }, - "python3-netifaces": { - "version": "0.10.4-1ubuntu4", - "arch": "amd64" - }, - "python3-newt": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "python3-oauthlib": { - "version": "3.1.0-1ubuntu2", - "arch": "all" - }, - "python3-openssl": { - "version": "19.0.0-1build1", - "arch": "all" - }, - "python3-pexpect": { - "version": "4.6.0-1build1", - "arch": "all" - }, - "python3-pip": { - "version": "20.0.2-5ubuntu1.6", - "arch": "all" - }, - "python3-pkg-resources": { - "version": "45.2.0-1", - "arch": "all" - }, - "python3-problem-report": { - "version": "2.20.11-0ubuntu27.23", - "arch": "all" - }, - "python3-ptyprocess": { - "version": "0.6.0-1ubuntu1", - "arch": "all" - }, - "python3-pyasn1": { - "version": "0.4.2-3build1", - "arch": "all" - }, - "python3-pyasn1-modules": { - "version": "0.2.1-0.2build1", - "arch": "all" - }, - "python3-pymacaroons": { - "version": "0.13.0-3", - "arch": "all" - }, - "python3-pyqt5": { - "version": "5.14.1+dfsg-3build1", - "arch": "amd64" - }, - "python3-requests": { - "version": "2.22.0-2ubuntu1", - "arch": "all" - }, - "python3-requests-unixsocket": { - "version": "0.2.0-2", - "arch": "all" - }, - "python3-secretstorage": { - "version": "2.3.1-2ubuntu1", - "arch": "all" - }, - "python3-service-identity": { - "version": "18.1.0-5build1", - "arch": "all" - }, - "python3-setuptools": { - "version": "45.2.0-1", - "arch": "all" - }, - "python3-simplejson": { - "version": "3.16.0-2ubuntu2", - "arch": "amd64" - }, - "python3-sip": { - "version": "4.19.21+dfsg-1build1", - "arch": "amd64" - }, - "python3-six": { - "version": "1.14.0-2", - "arch": "all" - }, - "python3-software-properties": { - "version": "0.99.9.8", - "arch": "all" - }, - "python3-systemd": { - "version": "234-3build2", - "arch": "amd64" - }, - "python3-twisted": { - "version": "18.9.0-11ubuntu0.20.04.2", - "arch": "all" - }, - "python3-twisted-bin": { - "version": "18.9.0-11ubuntu0.20.04.2", - "arch": "amd64" - }, - "python3-update-manager": { - "version": "1:20.04.10.10", - "arch": "all" - }, - "python3-urllib3": { - "version": "1.25.8-2ubuntu0.1", - "arch": "all" - }, - "python3-wadllib": { - "version": "1.3.3-3build1", - "arch": "all" - }, - "python3-wheel": { - "version": "0.34.2-1", - "arch": "all" - }, - "python3-yaml": { - "version": "5.3.1-1ubuntu0.1", - "arch": "amd64" - }, - "python3-zope.interface": { - "version": "4.7.1-1", - "arch": "amd64" - }, - "python3.8": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "python3.8-dev": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "python3.8-minimal": { - "version": "3.8.10-0ubuntu1~20.04.4", - "arch": "amd64" - }, - "qt5-gtk-platformtheme": { - "version": "5.12.8+dfsg-0ubuntu2.1", - "arch": "amd64" - }, - "qttranslations5-l10n": { - "version": "5.12.8-0ubuntu1", - "arch": "all" - }, - "rake": { - "version": "13.0.1-4", - "arch": "all" - }, - "readline-common": { - "version": "8.0-4", - "arch": "all" - }, - "rsync": { - "version": "3.1.3-8ubuntu0.3", - "arch": "amd64" - }, - "rsyslog": { - "version": "8.2001.0-1ubuntu1.1", - "arch": "amd64" - }, - "ruby": { - "version": "1:2.7+1", - "arch": "amd64" - }, - "ruby-minitest": { - "version": "5.13.0-1", - "arch": "all" - }, - "ruby-net-telnet": { - "version": "0.1.1-2", - "arch": "all" - }, - "ruby-power-assert": { - "version": "1.1.7-1", - "arch": "all" - }, - "ruby-test-unit": { - "version": "3.3.5-1", - "arch": "all" - }, - "ruby-xmlrpc": { - "version": "0.3.0-2", - "arch": "all" - }, - "ruby2.7": { - "version": "2.7.0-5ubuntu1.6", - "arch": "amd64" - }, - "rubygems-integration": { - "version": "1.16", - "arch": "all" - }, - "run-one": { - "version": "1.17-0ubuntu1", - "arch": "all" - }, - "sbsigntool": { - "version": "0.9.2-2ubuntu1", - "arch": "amd64" - }, - "screen": { - "version": "4.8.0-1ubuntu0.1", - "arch": "amd64" - }, - "secureboot-db": { - "version": "1.5", - "arch": "amd64" - }, - "sed": { - "version": "4.7-1", - "arch": "amd64" - }, - "sensible-utils": { - "version": "0.0.12+nmu1", - "arch": "all" - }, - "sg3-utils": { - "version": "1.44-1ubuntu2", - "arch": "amd64" - }, - "sg3-utils-udev": { - "version": "1.44-1ubuntu2", - "arch": "all" - }, - "shared-mime-info": { - "version": "1.15-1", - "arch": "amd64" - }, - "snapd": { - "version": "2.54.3+20.04.1ubuntu0.2", - "arch": "amd64" - }, - "sntp": { - "version": "1:4.2.8p12+dfsg-3ubuntu4.20.04.1", - "arch": "amd64" - }, - "software-properties-common": { - "version": "0.99.9.8", - "arch": "all" - }, - "sosreport": { - "version": "4.3-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "sound-theme-freedesktop": { - "version": "0.8-2ubuntu1", - "arch": "all" - }, - "squashfs-tools": { - "version": "1:4.4-1ubuntu0.3", - "arch": "amd64" - }, - "ssh-import-id": { - "version": "5.10-0ubuntu1", - "arch": "all" - }, - "ssl-cert": { - "version": "1.0.39", - "arch": "all" - }, - "strace": { - "version": "5.5-3ubuntu1", - "arch": "amd64" - }, - "sudo": { - "version": "1.8.31-1ubuntu1.2", - "arch": "amd64" - }, - "sysstat": { - "version": "12.2.0-2ubuntu0.1", - "arch": "amd64" - }, - "systemd": { - "version": "245.4-4ubuntu3.17", - "arch": "amd64" - }, - "systemd-sysv": { - "version": "245.4-4ubuntu3.17", - "arch": "amd64" - }, - "systemd-timesyncd": { - "version": "245.4-4ubuntu3.16", - "arch": "amd64" - }, - "sysvinit-utils": { - "version": "2.96-2.1ubuntu1", - "arch": "amd64" - }, - "tar": { - "version": "1.30+dfsg-7ubuntu0.20.04.2", - "arch": "amd64" - }, - "tasksel": { - "version": "3.34ubuntu16", - "arch": "all" - }, - "tasksel-data": { - "version": "3.34ubuntu16", - "arch": "all" - }, - "tcpdump": { - "version": "4.9.3-4ubuntu0.1", - "arch": "amd64" - }, - "telnet": { - "version": "0.17-41.2build1", - "arch": "amd64" - }, - "thin-provisioning-tools": { - "version": "0.8.5-4build1", - "arch": "amd64" - }, - "time": { - "version": "1.7-25.1build1", - "arch": "amd64" - }, - "tmux": { - "version": "3.0a-2ubuntu0.3", - "arch": "amd64" - }, - "tpm-udev": { - "version": "0.4", - "arch": "all" - }, - "tzdata": { - "version": "2022a-0ubuntu0.20.04", - "arch": "all" - }, - "ubuntu-advantage-tools": { - "version": "27.7~20.04.1", - "arch": "amd64" - }, - "ubuntu-keyring": { - "version": "2020.02.11.4", - "arch": "all" - }, - "ubuntu-minimal": { - "version": "1.450.2", - "arch": "amd64" - }, - "ubuntu-mono": { - "version": "19.04-0ubuntu3", - "arch": "all" - }, - "ubuntu-release-upgrader-core": { - "version": "1:20.04.37", - "arch": "all" - }, - "ubuntu-server": { - "version": "1.450.2", - "arch": "amd64" - }, - "ubuntu-standard": { - "version": "1.450.2", - "arch": "amd64" - }, - "ucf": { - "version": "3.0038+nmu1", - "arch": "all" - }, - "udev": { - "version": "245.4-4ubuntu3.16", - "arch": "amd64" - }, - "udisks2": { - "version": "2.8.4-1ubuntu2", - "arch": "amd64" - }, - "ufw": { - "version": "0.36-6ubuntu1", - "arch": "all" - }, - "unattended-upgrades": { - "version": "2.3ubuntu0.1", - "arch": "all" - }, - "unzip": { - "version": "6.0-25ubuntu1", - "arch": "amd64" - }, - "update-manager-core": { - "version": "1:20.04.10.10", - "arch": "all" - }, - "update-notifier-common": { - "version": "3.192.30.10", - "arch": "all" - }, - "usb-modeswitch": { - "version": "2.5.2+repack0-2ubuntu3", - "arch": "amd64" - }, - "usb-modeswitch-data": { - "version": "20191128-3", - "arch": "all" - }, - "usb.ids": { - "version": "2020.03.19-1", - "arch": "all" - }, - "usbutils": { - "version": "1:012-2", - "arch": "amd64" - }, - "util-linux": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "uuid-runtime": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "vim": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "amd64" - }, - "vim-common": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "all" - }, - "vim-nox": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "amd64" - }, - "vim-runtime": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "all" - }, - "vim-tiny": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "amd64" - }, - "wget": { - "version": "1.20.3-1ubuntu2", - "arch": "amd64" - }, - "whiptail": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "wireless-regdb": { - "version": "2021.08.28-0ubuntu1~20.04.1", - "arch": "all" - }, - "x11-common": { - "version": "1:7.7+19ubuntu14", - "arch": "all" - }, - "xauth": { - "version": "1:1.1-0ubuntu1", - "arch": "amd64" - }, - "xdg-user-dirs": { - "version": "0.17-2ubuntu1", - "arch": "amd64" - }, - "xfsprogs": { - "version": "5.3.0-1ubuntu2", - "arch": "amd64" - }, - "xkb-data": { - "version": "2.29-2", - "arch": "all" - }, - "xxd": { - "version": "2:8.1.2269-1ubuntu5.7", - "arch": "amd64" - }, - "xz-utils": { - "version": "5.2.4-1ubuntu1.1", - "arch": "amd64" - }, - "zerofree": { - "version": "1.1.1-1", - "arch": "amd64" - }, - "zip": { - "version": "3.0-11build1", - "arch": "amd64" - }, - "zlib1g": { - "version": "1:1.2.11.dfsg-2ubuntu1.3", - "arch": "amd64" - }, - "zlib1g-dev": { - "version": "1:1.2.11.dfsg-2ubuntu1.3", - "arch": "amd64" - } - }, - "cloud": null, - "ohai_time": 1653315595.8568022, - "cpu": { - "0": { - "vendor_id": "GenuineIntel", - "family": "6", - "model": "78", - "model_name": "Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz", - "stepping": "3", - "mhz": "2496.006", - "cache_size": "3072 KB", - "physical_id": "0", - "core_id": "0", - "cores": "2", - "flags": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "ht", - "syscall", - "nx", - "rdtscp", - "lm", - "constant_tsc", - "rep_good", - "nopl", - "xtopology", - "nonstop_tsc", - "cpuid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "cx16", - "pcid", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "aes", - "xsave", - "avx", - "rdrand", - "hypervisor", - "lahf_lm", - "abm", - "3dnowprefetch", - "invpcid_single", - "pti", - "fsgsbase", - "avx2", - "invpcid", - "rdseed", - "clflushopt", - "md_clear", - "flush_l1d", - "arch_capabilities" - ] - }, - "1": { - "vendor_id": "GenuineIntel", - "family": "6", - "model": "78", - "model_name": "Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz", - "stepping": "3", - "mhz": "2496.006", - "cache_size": "3072 KB", - "physical_id": "0", - "core_id": "1", - "cores": "2", - "flags": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "ht", - "syscall", - "nx", - "rdtscp", - "lm", - "constant_tsc", - "rep_good", - "nopl", - "xtopology", - "nonstop_tsc", - "cpuid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "cx16", - "pcid", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "aes", - "xsave", - "avx", - "rdrand", - "hypervisor", - "lahf_lm", - "abm", - "3dnowprefetch", - "invpcid_single", - "pti", - "fsgsbase", - "avx2", - "invpcid", - "rdseed", - "clflushopt", - "md_clear", - "flush_l1d", - "arch_capabilities" - ] - }, - "total": 2, - "real": 1, - "cores": 2 - }, - "init_package": "systemd", - "time": { - "timezone": "UTC" - }, - "virtualbox": { - "host": { - "revision": "150636", - "version": "6.1.34" - }, - "guest": { - "guest_additions_version": "6.1.34", - "guest_additions_revision": "150636" - } - }, - "chef_guid": "f39dc6ff-af2e-46f2-a642-790d1abbed4b", - "name": "vagrant-node-bitcoin", - "chef_environment": "development", - "recipes": [ - "kosmos-bitcoin::electrum", - "kosmos-bitcoin::yap", - "kosmos-bitcoin::_user", - "kosmos-nodejs::default", - "nodejs::nodejs_from_package", - "nodejs::repo" - ], - "expanded_run_list": [ - "kosmos-bitcoin::electrum", - "kosmos-bitcoin::yap" - ], - "roles": [ - - ], - "cookbooks": { - "kosmos-bitcoin": { - "version": "0.1.0" - }, - "ark": { - "version": "6.0.3" - }, - "backup": { - "version": "0.5.1" - }, - "git": { - "version": "10.0.0" - }, - "golang": { - "version": "5.3.1" - }, - "kosmos-nginx": { - "version": "0.3.2" - }, - "kosmos-nodejs": { - "version": "0.1.1" - }, - "firewall": { - "version": "2.6.5" - }, - "application_javascript": { - "version": "1.0.0" - }, - "tor-full": { - "version": "0.2.0" - }, - "redisio": { - "version": "5.0.0" - }, - "seven_zip": { - "version": "4.2.2" - }, - "logrotate": { - "version": "2.2.0" - }, - "mysql": { - "version": "8.7.4" - }, - "nginx": { - "version": "9.0.0" - }, - "openssl": { - "version": "8.5.5" - }, - "nodejs": { - "version": "7.3.3" - }, - "chef-sugar": { - "version": "3.3.0" - }, - "poise": { - "version": "2.8.2" - }, - "application": { - "version": "5.2.0" - }, - "poise-javascript": { - "version": "1.2.1" - }, - "poise-service": { - "version": "1.5.2" - }, - "apt": { - "version": "7.3.0" - }, - "yum": { - "version": "7.2.0" - }, - "ulimit": { - "version": "1.0.0" - }, - "selinux_policy": { - "version": "2.4.3" - }, - "build-essential": { - "version": "8.2.1" - }, - "ohai": { - "version": "5.2.5" - }, - "yum-epel": { - "version": "4.2.3" - }, - "chocolatey": { - "version": "3.0.0" - }, - "poise-languages": { - "version": "2.1.2" - }, - "mingw": { - "version": "2.1.3" - }, - "poise-archive": { - "version": "1.5.0" - } - } - }, - "run_list": [ - "recipe[kosmos-bitcoin::electrum]", - "recipe[kosmos-bitcoin::yap]" - ] -} \ No newline at end of file diff --git a/nodes/vagrant-openresty.json b/nodes/vagrant-openresty.json deleted file mode 100644 index d7c13cf..0000000 --- a/nodes/vagrant-openresty.json +++ /dev/null @@ -1,7933 +0,0 @@ -{ - "name": "vagrant-openresty", - "chef_environment": "development", - "override": { - "apt": { - "unattended_upgrades": { - "allowed_origins": [ - "${distro_id}:${distro_codename}-security", - "${distro_id}:${distro_codename}-updates" - ], - "mail": "ops@kosmos.org", - "syslog_enable": true - } - }, - "openresty": { - "or_modules": { - "luajit": true - }, - "server_names_hash_bucket_size": 128 - }, - "tor": { - "HiddenServices": { - "web": { - "HiddenServicePorts": [ - "80 127.0.0.1:80", - "443 127.0.0.1:443" - ] - } - } - }, - "kosmos-mastodon": { - "elasticsearch": { - "allocated_memory": "128m" - } - }, - "kosmos-dirsrv": { - "master_hostname": "localhost" - }, - "bitcoin": { - "username": "vagrant", - "usergroup": "vagrant", - "conf": { - "testnet": 1, - "irc": 1, - "dnsseed": 1, - "upnp": 1, - "checkblocks": 10, - "checklevel": 1, - "txindex": 1, - "whitelist": "127.0.0.1", - "listen": 1, - "server": 1, - "rpcport": 8332, - "rpcssl": 0, - "rpcuser": "bitcoind", - "rpcbind": "127.0.0.1:8336", - "port": 8335, - "gen": 0, - "zmqpubrawblock": "tcp://127.0.0.1:8337", - "zmqpubrawtx": "tcp://127.0.0.1:8338" - } - } - }, - "normal": { - "tags": [ - - ], - "openresty": { - "listen_ip": "192.168.56.7" - } - }, - "default": { - "audit": { - "inspec_backend_cache": true, - "reporter": null, - "fetcher": null, - "insecure": null, - "quiet": true, - "profiles": { - - }, - "inputs": { - - }, - "attributes": { - - }, - "waiver_file": null, - "json_file": { - "location": "/var/chef/compliance_reports/compliance-20230719080032.json" - }, - "run_time_limit": 1.0, - "result_message_limit": 10000, - "result_include_backtrace": false, - "control_results_limit": 50, - "chef_node_attribute_enabled": true, - "compliance_phase": false, - "interval": { - "enabled": false, - "time": 1440 - } - }, - "apt": { - "cacher_dir": "/var/cache/apt-cacher-ng", - "cacher_interface": null, - "cacher_port": 3142, - "compiletime": false, - "compile_time_update": false, - "key_proxy": "", - "periodic_update_min_delay": 86400, - "launchpad_api_version": "1.0", - "unattended_upgrades": { - "enable": false, - "update_package_lists": true, - "allowed_origins": [ - "Ubuntu focal" - ], - "origins_patterns": [ - - ], - "package_blacklist": [ - - ], - "auto_fix_interrupted_dpkg": false, - "minimal_steps": false, - "install_on_shutdown": false, - "mail": null, - "sender": null, - "mail_only_on_error": true, - "remove_unused_dependencies": false, - "automatic_reboot": false, - "automatic_reboot_time": "now", - "dl_limit": null, - "random_sleep": null, - "syslog_enable": false, - "syslog_facility": "daemon", - "dpkg_options": [ - - ] - }, - "cacher_client": { - "cacher_server": { - - } - }, - "confd": { - "force_confask": false, - "force_confdef": false, - "force_confmiss": false, - "force_confnew": false, - "force_confold": false, - "install_recommends": true, - "install_suggests": false - } - }, - "firewall": { - "allow_ssh": false, - "allow_winrm": false, - "allow_mosh": false, - "allow_loopback": false, - "allow_icmp": false, - "firewalld": { - "permanent": false - }, - "iptables": { - "defaults": { - "policy": { - "input": "DROP", - "forward": "DROP", - "output": "ACCEPT" - }, - "ruleset": { - "*filter": 1, - ":INPUT DROP": 2, - ":FORWARD DROP": 3, - ":OUTPUT ACCEPT": 4, - "COMMIT_FILTER": 100 - } - } - }, - "ubuntu_iptables": false, - "redhat7_iptables": false, - "allow_established": true, - "ipv6_enabled": true, - "ufw": { - "defaults": { - "ipv6": "yes", - "manage_builtins": "no", - "ipt_sysctl": "/etc/ufw/sysctl.conf", - "ipt_modules": "nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns", - "policy": { - "input": "DROP", - "output": "ACCEPT", - "forward": "DROP", - "application": "SKIP" - } - } - }, - "windows": { - "defaults": { - "policy": { - "input": "blockinbound", - "output": "allowoutbound" - } - } - } - }, - "hostsfile": { - "path": null - }, - "hostname_cookbook": { - "hostsfile_ip": "127.0.1.1", - "hostsfile_aliases": [ - - ], - "hostsfile_include_hostname_in_aliases": true, - "append_hostsfile_ip": true - }, - "postfix": { - "mail_type": "client", - "relayhost_role": "relayhost", - "multi_environment_relay": false, - "use_procmail": false, - "use_alias_maps": false, - "use_transport_maps": false, - "use_access_maps": false, - "use_virtual_aliases": false, - "use_virtual_aliases_domains": false, - "use_relay_restrictions_maps": false, - "transports": { - - }, - "access": { - - }, - "virtual_aliases": { - - }, - "virtual_aliases_domains": { - - }, - "main_template_source": "postfix", - "master_template_source": "postfix", - "sender_canonical_map_entries": { - - }, - "smtp_generic_map_entries": { - - }, - "access_db_type": "hash", - "aliases_db_type": "hash", - "transport_db_type": "hash", - "virtual_alias_db_type": "hash", - "virtual_alias_domains_db_type": "hash", - "conf_dir": "/etc/postfix", - "aliases_db": "/etc/aliases", - "transport_db": "/etc/postfix/transport", - "access_db": "/etc/postfix/access", - "virtual_alias_db": "/etc/postfix/virtual", - "virtual_alias_domains_db": "/etc/postfix/virtual_domains", - "relay_restrictions_db": "/etc/postfix/relay_restrictions", - "main": { - "biff": "no", - "append_dot_mydomain": "no", - "myhostname": "vagrant", - "mydomain": "vagrant", - "myorigin": "$myhostname", - "mydestination": [ - "vagrant", - "vagrant", - "localhost.localdomain", - "localhost" - ], - "smtpd_use_tls": "yes", - "smtp_use_tls": "yes", - "smtp_sasl_auth_enable": "no", - "mailbox_size_limit": 0, - "mynetworks": null, - "inet_interfaces": "loopback-only" - }, - "cafile": "/etc/ssl/certs/ca-certificates.crt", - "master": { - "smtp": { - "active": true, - "order": 10, - "type": "inet", - "private": false, - "chroot": false, - "command": "smtpd", - "args": [ - - ] - }, - "submission": { - "active": false, - "order": 20, - "type": "inet", - "private": false, - "chroot": false, - "command": "smtpd", - "args": [ - "-o smtpd_enforce_tls=yes", - " -o smtpd_sasl_auth_enable=yes", - "-o smtpd_client_restrictions=permit_sasl_authenticated,reject" - ] - }, - "smtps": { - "active": false, - "order": 30, - "type": "inet", - "private": false, - "chroot": false, - "command": "smtpd", - "args": [ - "-o smtpd_tls_wrappermode=yes", - "-o smtpd_sasl_auth_enable=yes", - "-o smtpd_client_restrictions=permit_sasl_authenticated,reject" - ] - }, - "628": { - "active": false, - "order": 40, - "type": "inet", - "private": false, - "chroot": false, - "command": "qmqpdd", - "args": [ - - ] - }, - "pickup": { - "active": true, - "order": 50, - "type": "fifo", - "private": false, - "chroot": false, - "wakeup": "60", - "maxproc": "1", - "command": "pickup", - "args": [ - - ] - }, - "cleanup": { - "active": true, - "order": 60, - "type": "unix", - "private": false, - "chroot": false, - "maxproc": "0", - "command": "cleanup", - "args": [ - - ] - }, - "qmgr": { - "active": true, - "order": 70, - "type": "fifo", - "private": false, - "chroot": false, - "wakeup": "300", - "maxproc": "1", - "command": "qmgr", - "args": [ - - ] - }, - "tlsmgr": { - "active": true, - "order": 80, - "type": "unix", - "chroot": false, - "wakeup": "1000?", - "maxproc": "1", - "command": "tlsmgr", - "args": [ - - ] - }, - "rewrite": { - "active": true, - "order": 90, - "type": "unix", - "chroot": false, - "command": "trivial-rewrite", - "args": [ - - ] - }, - "bounce": { - "active": true, - "order": 100, - "type": "unix", - "chroot": false, - "maxproc": "0", - "command": "bounce", - "args": [ - - ] - }, - "defer": { - "active": true, - "order": 110, - "type": "unix", - "chroot": false, - "maxproc": "0", - "command": "bounce", - "args": [ - - ] - }, - "trace": { - "active": true, - "order": 120, - "type": "unix", - "chroot": false, - "maxproc": "0", - "command": "bounce", - "args": [ - - ] - }, - "verify": { - "active": true, - "order": 130, - "type": "unix", - "chroot": false, - "maxproc": "1", - "command": "verify", - "args": [ - - ] - }, - "flush": { - "active": true, - "order": 140, - "type": "unix", - "private": false, - "chroot": false, - "wakeup": "1000?", - "maxproc": "0", - "command": "flush", - "args": [ - - ] - }, - "proxymap": { - "active": true, - "order": 150, - "type": "unix", - "chroot": false, - "command": "proxymap", - "args": [ - - ] - }, - "smtpunix": { - "service": "smtp", - "active": true, - "order": 160, - "type": "unix", - "chroot": false, - "maxproc": "500", - "command": "smtp", - "args": [ - - ] - }, - "relay": { - "active": true, - "comment": "When relaying mail as backup MX, disable fallback_relay to avoid MX loops", - "order": 170, - "type": "unix", - "chroot": false, - "command": "smtp", - "args": [ - "-o smtp_fallback_relay=" - ] - }, - "showq": { - "active": true, - "order": 180, - "type": "unix", - "private": false, - "chroot": false, - "command": "showq", - "args": [ - - ] - }, - "error": { - "active": true, - "order": 190, - "type": "unix", - "chroot": false, - "command": "error", - "args": [ - - ] - }, - "discard": { - "active": true, - "order": 200, - "type": "unix", - "chroot": false, - "command": "discard", - "args": [ - - ] - }, - "local": { - "active": true, - "order": 210, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "local", - "args": [ - - ] - }, - "virtual": { - "active": true, - "order": 220, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "virtual", - "args": [ - - ] - }, - "lmtp": { - "active": true, - "order": 230, - "type": "unix", - "chroot": false, - "command": "lmtp", - "args": [ - - ] - }, - "anvil": { - "active": true, - "order": 240, - "type": "unix", - "chroot": false, - "maxproc": "1", - "command": "anvil", - "args": [ - - ] - }, - "scache": { - "active": true, - "order": 250, - "type": "unix", - "chroot": false, - "maxproc": "1", - "command": "scache", - "args": [ - - ] - }, - "maildrop": { - "active": true, - "comment": "See the Postfix MAILDROP_README file for details. To main.cf will be added: maildrop_destination_recipient_limit=1", - "order": 510, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}" - ] - }, - "old-cyrus": { - "active": false, - "comment": "The Cyrus deliver program has changed incompatibly, multiple times.", - "order": 520, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}" - ] - }, - "cyrus": { - "active": true, - "comment": "Cyrus 2.1.5 (Amos Gouaux). To main.cf will be added: cyrus_destination_recipient_limit=1", - "order": 530, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}" - ] - }, - "uucp": { - "active": true, - "comment": "See the Postfix UUCP_README file for configuration details.", - "order": 540, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)" - ] - }, - "ifmail": { - "active": false, - "order": 550, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)" - ] - }, - "bsmtp": { - "active": true, - "order": 560, - "type": "unix", - "unpriv": false, - "chroot": false, - "command": "pipe", - "args": [ - "flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient" - ] - } - }, - "aliases": { - - } - }, - "ntp": { - "servers": [ - "0.pool.ntp.org", - "1.pool.ntp.org", - "2.pool.ntp.org", - "3.pool.ntp.org" - ], - "peers": [ - - ], - "restrictions": [ - - ], - "tinker": { - "panic": 0, - "allan": 1500, - "dispersion": 15, - "step": 0.128, - "stepout": 900 - }, - "restrict_default": "kod notrap nomodify nopeer noquery", - "packages": [ - "ntp" - ], - "service": "ntp", - "varlibdir": "/var/lib/ntp", - "driftfile": "/var/lib/ntp/ntp.drift", - "logfile": null, - "conffile": "/etc/ntp.conf", - "statsdir": "/var/log/ntpstats/", - "conf_owner": "root", - "conf_group": "root", - "var_owner": "ntp", - "var_group": "ntp", - "leapfile": "/etc/ntp.leapseconds", - "sync_clock": false, - "sync_hw_clock": false, - "listen": null, - "listen_network": null, - "ignore": null, - "apparmor_enabled": true, - "monitor": false, - "statistics": true, - "conf_restart_immediate": false, - "keys": null, - "trustedkey": null, - "requestkey": null, - "disable_tinker_panic_on_virtualization_guest": true, - "peer": { - "key": null, - "use_iburst": true, - "use_burst": false, - "minpoll": 6, - "maxpoll": 10 - }, - "server": { - "prefer": "", - "use_iburst": true, - "use_burst": false, - "minpoll": 6, - "maxpoll": 10 - }, - "orphan": { - "enabled": false, - "stratum": 5 - }, - "localhost": { - "noquery": false - }, - "use_cmos": false - }, - "timezone_iii": { - "timezone": "Etc/UTC", - "tzdata_dir": "/usr/share/zoneinfo", - "localtime_path": "/etc/localtime", - "use_symlink": false - }, - "msys2": { - "url": "http://downloads.sourceforge.net/project/msys2/Base/x86_64/msys2-base-x86_64-20160205.tar.xz", - "checksum": "7e97e2af042e1b6f62cf0298fe84839014ef3d4a3e7825cffc6931c66cc0fc20" - }, - "build-essential": { - "compile_time": false, - "msys2": { - "path": "\\msys2" - } - }, - "git": { - "prefix": "/usr/local", - "version": "2.17.1", - "url": "https://nodeload.github.com/git/git/tar.gz/v%{version}", - "checksum": "690f12cc5691e5adaf2dd390eae6f5acce68ae0d9bd9403814f8a1433833f02a", - "use_pcre": false, - "server": { - "base_path": "/srv/git", - "export_all": true - } - }, - "jemalloc": { - "version": "5.1.0", - "url": "https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2", - "checksum": "5396e61cc6103ac393136c309fae09e44d74743c86f90e266948c50f3dbb7268", - "configure": { - "munmap": true, - "lazy_lock": true, - "xmalloc": false, - "dss": false, - "mremap": false, - "stats": false, - "profiling": false, - "valgrind": false - } - }, - "logrotate": { - "package": { - "name": "logrotate", - "source": null, - "version": null, - "provider": null, - "action": "upgrade" - }, - "directory": "/etc/logrotate.d", - "cron": { - "install": false, - "name": "logrotate", - "command": "/usr/sbin/logrotate /etc/logrotate.conf", - "minute": 35, - "hour": 2 - }, - "global": { - "weekly": true, - "rotate": 4, - "create": "", - "/var/log/wtmp": { - "missingok": true, - "monthly": true, - "create": "0664 root utmp", - "rotate": 1 - }, - "/var/log/btmp": { - "missingok": true, - "monthly": true, - "create": "0660 root utmp", - "rotate": 1 - } - } - }, - "yum": { - "main": { - "cachedir": "/var/cache/yum/$basearch/$releasever", - "distroverpkg": "ubuntu-release", - "alwaysprompt": null, - "assumeyes": null, - "bandwidth": null, - "best": null, - "bugtracker_url": null, - "clean_requirements_on_remove": null, - "color": null, - "color_list_available_downgrade": null, - "color_list_available_install": null, - "color_list_available_reinstall": null, - "color_list_available_upgrade": null, - "color_list_installed_extra": null, - "color_list_installed_newer": null, - "color_list_installed_older": null, - "color_list_installed_reinstall": null, - "color_search_match": null, - "color_update_installed": null, - "color_update_local": null, - "color_update_remote": null, - "commands": null, - "deltarpm": null, - "debuglevel": null, - "diskspacecheck": null, - "enable_group_conditionals": null, - "errorlevel": null, - "exactarch": null, - "exclude": null, - "excludepkgs": null, - "gpgcheck": true, - "group_package_types": null, - "groupremove_leaf_only": null, - "history_list_view": null, - "history_record": null, - "history_record_packages": null, - "http_caching": null, - "ip_resolve": null, - "installonly_limit": null, - "installonlypkgs": null, - "installroot": null, - "keepalive": null, - "keepcache": false, - "kernelpkgnames": null, - "localpkg_gpgcheck": false, - "logfile": "/var/log/yum.log", - "max_retries": null, - "mdpolicy": null, - "metadata_expire": null, - "mirrorlist_expire": null, - "multilib_policy": null, - "obsoletes": null, - "overwrite_groups": null, - "password": null, - "path": "/etc/yum.conf", - "persistdir": null, - "pluginconfpath": null, - "pluginpath": null, - "plugins": null, - "protected_multilib": null, - "protected_packages": null, - "proxy": null, - "proxy_password": null, - "proxy_username": null, - "recent": null, - "repo_gpgcheck": null, - "reposdir": null, - "reset_nice": null, - "rpmverbosity": null, - "showdupesfromrepos": null, - "skip_broken": null, - "skip_if_unavailable": null, - "ssl_check_cert_permissions": null, - "sslcacert": null, - "sslclientcert": null, - "sslclientkey": null, - "sslverify": null, - "syslog_device": null, - "syslog_facility": null, - "syslog_ident": null, - "throttle": null, - "timeout": null, - "tolerant": false, - "tsflags": null, - "username": null - } - }, - "openresty": { - "source": { - "version": "1.13.6.2", - "file_prefix": "openresty", - "checksum": "946e1958273032db43833982e2cec0766154a9b5cb8e67868944113208ff2942", - "name": "%{file_prefix}-%{version}", - "url": "https://openresty.org/download/%{name}.tar.gz", - "conf_path": "/etc/nginx/nginx.conf", - "prefix": "/usr/local/openresty", - "state": "/etc/chef_state.d", - "path": "/var/chef/cache", - "default_configure_flags": [ - "--prefix=/usr/share", - "--conf-path=/etc/nginx/nginx.conf", - "--sbin-path=/usr/sbin/nginx", - "--error-log-path=/var/log/nginx/error.log", - "--http-log-path=/var/log/nginx/access.log", - "--pid-path=/var/run/nginx.pid", - "--lock-path=/var/run/nginx.lock", - "--http-client-body-temp-path=/var/cache/nginx/client_temp", - "--http-proxy-temp-path=/var/cache/nginx/proxy_temp", - "--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp", - "--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp", - "--http-scgi-temp-path=/var/cache/nginx/scgi_temp", - "--with-ipv6", - "--with-md5-asm", - "--with-sha1-asm", - "--without-http_ssi_module", - "--without-mail_smtp_module", - "--without-mail_imap_module", - "--without-mail_pop3_module" - ] - }, - "dir": "/etc/openresty", - "log_dir": "/var/log/nginx/logs", - "cache_dir": "/var/cache/nginx", - "run_dir": "/var/run", - "binary": "/usr/local/openresty/nginx/sbin/nginx", - "pid": "/usr/local/openresty/nginx/logs/nginx.pid", - "modules": [ - "http_ssl_module", - "http_gzip_static_module", - "http_gunzip_module", - "http_stub_status_module", - "http_secure_link_module", - "http_realip_module", - "http_flv_module", - "http_mp4_module", - "cache_purge_module" - ], - "extra_modules": [ - - ], - "configure_flags": [ - - ], - "user": "www-data", - "group": "www-data", - "user_system": true, - "user_shell": "/bin/false", - "user_home": "/var/www", - "ipv6": true, - "gzip": "on", - "gzip_http_version": "1.0", - "gzip_comp_level": "2", - "gzip_proxied": "any", - "gzip_vary": "off", - "gzip_buffers": null, - "gzip_types": [ - "text/plain", - "text/css", - "application/x-javascript", - "text/xml", - "application/xml", - "application/xml+rss", - "text/javascript", - "application/javascript", - "application/json", - "font/truetype", - "font/opentype", - "application/vnd.ms-fontobject", - "image/svg+xml" - ], - "keepalive": "on", - "keepalive_timeout": 5, - "keepalive_requests": 100, - "worker_processes": 2, - "worker_auto_affinity": true, - "worker_connections": 4096, - "worker_rlimit_nofile": null, - "multi_accept": false, - "try_aio": false, - "event": "epoll", - "server_names_hash_bucket_size": 64, - "client_max_body_size": "32M", - "client_body_buffer_size": "8K", - "large_client_header_buffers": "32 32k", - "types_hash_max_size": 2048, - "types_hash_bucket_size": 64, - "variables_hash_max_size": 1024, - "variables_hash_bucket_size": 64, - "open_file_cache": { - "max": 1000, - "inactive": "20s", - "valid": "30s", - "min_uses": "8", - "errors": "on" - }, - "log_formats": { - "main": "$remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\"" - }, - "logrotate": true, - "logrotate_days": 7, - "logrotate_options": [ - "missingok", - "delaycompress", - "notifempty", - "compress", - "sharedscripts" - ], - "disable_access_log": true, - "default_site_enabled": false, - "custom_pcre": true, - "link_to_jemalloc": false, - "max_subrequests": 201, - "generate_dhparams": true, - "resolver": null, - "resolver_ttl": "10s", - "lua_package_path": null, - "lua_package_cpath": null, - "cache_purge": { - "version": "2.3", - "url": "https://codeload.github.com/FRiCKLE/ngx_cache_purge/tar.gz/2.3", - "checksum": "cb7d5f22919c613f1f03341a1aeb960965269302e9eb23425ccaabd2f5dcbbec" - }, - "pcre": { - "version": "8.41", - "url": "https://sourceforge.net/projects/pcre/files/pcre/8.41/pcre-8.41.tar.bz2/download", - "checksum": "e62c7eac5ae7c0e7286db61ff82912e1c0b7a0c13706616e94a7dd729321b530" - }, - "luarocks": { - "version": "3.9.2", - "url": "https://luarocks.org/releases/luarocks-3.9.2.tar.gz", - "checksum": "bca6e4ecc02c203e070acdb5f586045d45c078896f6236eb46aa33ccd9b94edb", - "default_rocks": { - - } - }, - "or_modules": { - "luajit": true, - "luajit_binary": "2.1.0-beta1", - "iconv": true, - "drizzle": false, - "postgres": false - }, - "realip": { - "header": "X-Forwarded-For", - "addresses": [ - "127.0.0.1" - ], - "recursive": false - }, - "service": { - "recipe": "openresty::service_init", - "resource": "service[openresty]", - "restart_on_update": true, - "start_on_boot": true, - "defaults_file_template": "nginx.sysconfig.erb", - "defaults_file_cookbook": "openresty" - }, - "status": { - "url": "/nginx-status", - "allowed_ips": [ - - ] - }, - "upload_progress": { - "url": "https://github.com/masterzen/nginx-upload-progress-module/archive/v0.9.0.tar.gz", - "checksum": "93e29b9b437a2e34713de54c2861ea51151624aca09f73f9f44d1caaff01a6b1" - }, - "worker_cpu_affinity": "01 10" - }, - "kosmos_assets": { - "domain": "assets.kosmos.org", - "repo": "https://gitea.kosmos.org/kosmos/assets.kosmos.org.git", - "revision": "master" - } - }, - "automatic": { - "kernel": { - "name": "Linux", - "release": "5.4.0-144-generic", - "version": "#161-Ubuntu SMP Fri Feb 3 14:49:04 UTC 2023", - "machine": "x86_64", - "processor": "x86_64", - "os": "GNU/Linux", - "modules": { - "vboxvideo": { - "size": "36864", - "refcount": "0", - "version": "7.0.6 r155176" - }, - "vboxsf": { - "size": "81920", - "refcount": "13", - "version": "7.0.6 r155176" - }, - "dm_multipath": { - "size": "32768", - "refcount": "0" - }, - "scsi_dh_rdac": { - "size": "16384", - "refcount": "0", - "version": "01.00.0000.0000" - }, - "scsi_dh_emc": { - "size": "16384", - "refcount": "0" - }, - "scsi_dh_alua": { - "size": "20480", - "refcount": "0", - "version": "2.0" - }, - "binfmt_misc": { - "size": "24576", - "refcount": "1" - }, - "intel_rapl_msr": { - "size": "20480", - "refcount": "0" - }, - "joydev": { - "size": "24576", - "refcount": "0" - }, - "intel_rapl_common": { - "size": "24576", - "refcount": "1" - }, - "rapl": { - "size": "20480", - "refcount": "0" - }, - "input_leds": { - "size": "16384", - "refcount": "0" - }, - "serio_raw": { - "size": "20480", - "refcount": "0" - }, - "vboxguest": { - "size": "360448", - "refcount": "3", - "version": "7.0.6 r155176" - }, - "mac_hid": { - "size": "16384", - "refcount": "0" - }, - "sch_fq_codel": { - "size": "20480", - "refcount": "3" - }, - "ramoops": { - "size": "28672", - "refcount": "0" - }, - "reed_solomon": { - "size": "24576", - "refcount": "1" - }, - "msr": { - "size": "16384", - "refcount": "0" - }, - "efi_pstore": { - "size": "16384", - "refcount": "0" - }, - "ip_tables": { - "size": "32768", - "refcount": "0" - }, - "x_tables": { - "size": "40960", - "refcount": "1" - }, - "autofs4": { - "size": "45056", - "refcount": "2" - }, - "btrfs": { - "size": "1265664", - "refcount": "0" - }, - "zstd_compress": { - "size": "167936", - "refcount": "1" - }, - "raid10": { - "size": "61440", - "refcount": "0" - }, - "raid456": { - "size": "155648", - "refcount": "0" - }, - "async_raid6_recov": { - "size": "24576", - "refcount": "1" - }, - "async_memcpy": { - "size": "20480", - "refcount": "2" - }, - "async_pq": { - "size": "24576", - "refcount": "2" - }, - "async_xor": { - "size": "20480", - "refcount": "3" - }, - "async_tx": { - "size": "20480", - "refcount": "5" - }, - "xor": { - "size": "24576", - "refcount": "2" - }, - "raid6_pq": { - "size": "114688", - "refcount": "4" - }, - "libcrc32c": { - "size": "16384", - "refcount": "2" - }, - "raid1": { - "size": "45056", - "refcount": "0" - }, - "raid0": { - "size": "24576", - "refcount": "0" - }, - "multipath": { - "size": "20480", - "refcount": "0" - }, - "linear": { - "size": "20480", - "refcount": "0" - }, - "crct10dif_pclmul": { - "size": "16384", - "refcount": "1" - }, - "crc32_pclmul": { - "size": "16384", - "refcount": "0" - }, - "ghash_clmulni_intel": { - "size": "16384", - "refcount": "0" - }, - "aesni_intel": { - "size": "372736", - "refcount": "0" - }, - "crypto_simd": { - "size": "16384", - "refcount": "1" - }, - "cryptd": { - "size": "24576", - "refcount": "2" - }, - "glue_helper": { - "size": "16384", - "refcount": "1" - }, - "vmwgfx": { - "size": "299008", - "refcount": "2", - "version": "2.15.0.0" - }, - "ttm": { - "size": "106496", - "refcount": "2" - }, - "drm_kms_helper": { - "size": "184320", - "refcount": "2" - }, - "psmouse": { - "size": "155648", - "refcount": "0" - }, - "syscopyarea": { - "size": "16384", - "refcount": "1" - }, - "sysfillrect": { - "size": "16384", - "refcount": "1" - }, - "sysimgblt": { - "size": "16384", - "refcount": "1" - }, - "ahci": { - "size": "40960", - "refcount": "2", - "version": "3.0" - }, - "fb_sys_fops": { - "size": "16384", - "refcount": "1" - }, - "libahci": { - "size": "32768", - "refcount": "1" - }, - "drm": { - "size": "495616", - "refcount": "6" - }, - "video": { - "size": "57344", - "refcount": "0" - }, - "i2c_piix4": { - "size": "28672", - "refcount": "0" - }, - "e1000": { - "size": "147456", - "refcount": "0", - "version": "7.3.21-k8-NAPI" - }, - "pata_acpi": { - "size": "16384", - "refcount": "0", - "version": "0.2.3" - } - } - }, - "memory": { - "swap": { - "cached": "188kB", - "total": "2097148kB", - "free": "2096624kB" - }, - "hugepages": { - "total": "0", - "free": "0", - "reserved": "0", - "surplus": "0" - }, - "directmap": { - "4k": "131008kB", - "2M": "917504kB" - }, - "total": "1000112kB", - "free": "110268kB", - "available": "577532kB", - "buffers": "50124kB", - "cached": "516772kB", - "active": "359056kB", - "inactive": "360580kB", - "dirty": "1384kB", - "writeback": "0kB", - "anon_pages": "171096kB", - "mapped": "83584kB", - "slab": "107816kB", - "slab_reclaimable": "49416kB", - "slab_unreclaim": "58400kB", - "page_tables": "2584kB", - "nfs_unstable": "0kB", - "bounce": "0kB", - "commit_limit": "2597204kB", - "committed_as": "688268kB", - "vmalloc_total": "34359738367kB", - "vmalloc_used": "28600kB", - "vmalloc_chunk": "0kB", - "hugepage_size": "2048kB", - "hugetlb": "0kB" - }, - "network": { - "interfaces": { - "lo": { - "mtu": "65536", - "flags": [ - "LOOPBACK", - "UP", - "LOWER_UP" - ], - "encapsulation": "Loopback", - "addresses": { - "127.0.0.1": { - "family": "inet", - "prefixlen": "8", - "netmask": "255.0.0.0", - "scope": "Node" - }, - "::1": { - "family": "inet6", - "prefixlen": "128", - "scope": "Node", - "tags": [ - - ] - } - }, - "state": "unknown", - "routes": [ - { - "destination": "::1", - "family": "inet6", - "metric": "256", - "proto": "kernel" - } - ] - }, - "eth0": { - "type": "eth", - "number": "0", - "mtu": "1500", - "flags": [ - "BROADCAST", - "MULTICAST", - "UP", - "LOWER_UP" - ], - "encapsulation": "Ethernet", - "addresses": { - "08:00:27:1F:3F:CD": { - "family": "lladdr" - }, - "10.0.2.15": { - "family": "inet", - "prefixlen": "24", - "netmask": "255.255.255.0", - "broadcast": "10.0.2.255", - "scope": "Global" - }, - "fe80::a00:27ff:fe1f:3fcd": { - "family": "inet6", - "prefixlen": "64", - "scope": "Link", - "tags": [ - - ] - } - }, - "state": "up", - "arp": { - "10.0.2.3": "52:54:00:12:35:03", - "10.0.2.2": "52:54:00:12:35:02" - }, - "routes": [ - { - "destination": "default", - "family": "inet", - "via": "10.0.2.2", - "metric": "100", - "proto": "dhcp", - "src": "10.0.2.15" - }, - { - "destination": "10.0.2.0/24", - "family": "inet", - "scope": "link", - "proto": "kernel", - "src": "10.0.2.15" - }, - { - "destination": "10.0.2.2", - "family": "inet", - "scope": "link", - "metric": "100", - "proto": "dhcp", - "src": "10.0.2.15" - }, - { - "destination": "fe80::/64", - "family": "inet6", - "metric": "256", - "proto": "kernel" - } - ], - "link_speed": 1000, - "duplex": "Full", - "port": "Twisted Pair", - "transceiver": "internal", - "auto_negotiation": "on", - "mdi_x": "off (auto)", - "ring_params": { - "max_rx": 4096, - "max_rx_mini": 0, - "max_rx_jumbo": 0, - "max_tx": 4096, - "current_rx": 256, - "current_rx_mini": 0, - "current_rx_jumbo": 0, - "current_tx": 256 - }, - "channel_params": { - - }, - "coalesce_params": { - "adaptive_rx": "off", - "adaptive_tx": "off", - "stats-block-usecs": 0, - "sample-interval": 0, - "pkt-rate-low": 0, - "pkt-rate-high": 0, - "rx-usecs": 0, - "rx-frames": 0, - "rx-usecs-irq": 0, - "rx-frames-irq": 0, - "tx-usecs": 0, - "tx-frames": 0, - "tx-usecs-irq": 0, - "tx-frames-irq": 0, - "rx-usecs-low": 0, - "rx-frames-low": 0, - "tx-usecs-low": 0, - "tx-frames-low": 0, - "rx-usecs-high": 0, - "rx-frames-high": 0, - "tx-usecs-high": 0, - "tx-frames-high": 0 - }, - "offload_params": { - "rx-checksumming": "off", - "tx-checksumming": "on", - "tx-checksum-ipv4": "off", - "tx-checksum-ip-generic": "on", - "tx-checksum-ipv6": "off", - "tx-checksum-fcoe-crc": "off", - "tx-checksum-sctp": "off", - "scatter-gather": "on", - "tx-scatter-gather": "on", - "tx-scatter-gather-fraglist": "off", - "tcp-segmentation-offload": "on", - "tx-tcp-segmentation": "on", - "tx-tcp-ecn-segmentation": "off", - "tx-tcp-mangleid-segmentation": "off", - "tx-tcp6-segmentation": "off", - "generic-segmentation-offload": "on", - "generic-receive-offload": "on", - "large-receive-offload": "off", - "rx-vlan-offload": "on", - "tx-vlan-offload": "on", - "ntuple-filters": "off", - "receive-hashing": "off", - "highdma": "off", - "rx-vlan-filter": "on", - "vlan-challenged": "off", - "tx-lockless": "off", - "netns-local": "off", - "tx-gso-robust": "off", - "tx-fcoe-segmentation": "off", - "tx-gre-segmentation": "off", - "tx-gre-csum-segmentation": "off", - "tx-ipxip4-segmentation": "off", - "tx-ipxip6-segmentation": "off", - "tx-udp_tnl-segmentation": "off", - "tx-udp_tnl-csum-segmentation": "off", - "tx-gso-partial": "off", - "tx-sctp-segmentation": "off", - "tx-esp-segmentation": "off", - "tx-udp-segmentation": "off", - "fcoe-mtu": "off", - "tx-nocache-copy": "off", - "loopback": "off", - "rx-fcs": "off", - "rx-all": "off", - "tx-vlan-stag-hw-insert": "off", - "rx-vlan-stag-hw-parse": "off", - "rx-vlan-stag-filter": "off", - "l2-fwd-offload": "off", - "hw-tc-offload": "off", - "esp-hw-offload": "off", - "esp-tx-csum-hw-offload": "off", - "rx-udp_tunnel-port-offload": "off", - "tls-hw-tx-offload": "off", - "tls-hw-rx-offload": "off", - "rx-gro-hw": "off", - "tls-hw-record": "off" - }, - "driver_info": { - "driver": "e1000", - "version": "7.3.21-k8-NAPI", - "firmware-version": "", - "expansion-rom-version": "", - "bus-info": "0000:00:03.0", - "supports-statistics": "yes", - "supports-test": "yes", - "supports-eeprom-access": "yes", - "supports-register-dump": "yes", - "supports-priv-flags": "no" - }, - "pause_params": { - "autonegotiate": true, - "rx": true, - "tx": false - } - }, - "eth1": { - "type": "eth", - "number": "1", - "mtu": "1500", - "flags": [ - "BROADCAST", - "MULTICAST", - "UP", - "LOWER_UP" - ], - "encapsulation": "Ethernet", - "addresses": { - "08:00:27:AE:F5:6C": { - "family": "lladdr" - }, - "192.168.56.7": { - "family": "inet", - "prefixlen": "24", - "netmask": "255.255.255.0", - "broadcast": "192.168.56.255", - "scope": "Global" - }, - "fe80::a00:27ff:feae:f56c": { - "family": "inet6", - "prefixlen": "64", - "scope": "Link", - "tags": [ - - ] - } - }, - "state": "up", - "routes": [ - { - "destination": "192.168.56.0/24", - "family": "inet", - "scope": "link", - "proto": "kernel", - "src": "192.168.56.7" - }, - { - "destination": "fe80::/64", - "family": "inet6", - "metric": "256", - "proto": "kernel" - } - ], - "link_speed": 1000, - "duplex": "Full", - "port": "Twisted Pair", - "transceiver": "internal", - "auto_negotiation": "on", - "mdi_x": "off (auto)", - "ring_params": { - "max_rx": 4096, - "max_rx_mini": 0, - "max_rx_jumbo": 0, - "max_tx": 4096, - "current_rx": 256, - "current_rx_mini": 0, - "current_rx_jumbo": 0, - "current_tx": 256 - }, - "channel_params": { - - }, - "coalesce_params": { - "adaptive_rx": "off", - "adaptive_tx": "off", - "stats-block-usecs": 0, - "sample-interval": 0, - "pkt-rate-low": 0, - "pkt-rate-high": 0, - "rx-usecs": 0, - "rx-frames": 0, - "rx-usecs-irq": 0, - "rx-frames-irq": 0, - "tx-usecs": 0, - "tx-frames": 0, - "tx-usecs-irq": 0, - "tx-frames-irq": 0, - "rx-usecs-low": 0, - "rx-frames-low": 0, - "tx-usecs-low": 0, - "tx-frames-low": 0, - "rx-usecs-high": 0, - "rx-frames-high": 0, - "tx-usecs-high": 0, - "tx-frames-high": 0 - }, - "offload_params": { - "rx-checksumming": "off", - "tx-checksumming": "on", - "tx-checksum-ipv4": "off", - "tx-checksum-ip-generic": "on", - "tx-checksum-ipv6": "off", - "tx-checksum-fcoe-crc": "off", - "tx-checksum-sctp": "off", - "scatter-gather": "on", - "tx-scatter-gather": "on", - "tx-scatter-gather-fraglist": "off", - "tcp-segmentation-offload": "on", - "tx-tcp-segmentation": "on", - "tx-tcp-ecn-segmentation": "off", - "tx-tcp-mangleid-segmentation": "off", - "tx-tcp6-segmentation": "off", - "generic-segmentation-offload": "on", - "generic-receive-offload": "on", - "large-receive-offload": "off", - "rx-vlan-offload": "on", - "tx-vlan-offload": "on", - "ntuple-filters": "off", - "receive-hashing": "off", - "highdma": "off", - "rx-vlan-filter": "on", - "vlan-challenged": "off", - "tx-lockless": "off", - "netns-local": "off", - "tx-gso-robust": "off", - "tx-fcoe-segmentation": "off", - "tx-gre-segmentation": "off", - "tx-gre-csum-segmentation": "off", - "tx-ipxip4-segmentation": "off", - "tx-ipxip6-segmentation": "off", - "tx-udp_tnl-segmentation": "off", - "tx-udp_tnl-csum-segmentation": "off", - "tx-gso-partial": "off", - "tx-sctp-segmentation": "off", - "tx-esp-segmentation": "off", - "tx-udp-segmentation": "off", - "fcoe-mtu": "off", - "tx-nocache-copy": "off", - "loopback": "off", - "rx-fcs": "off", - "rx-all": "off", - "tx-vlan-stag-hw-insert": "off", - "rx-vlan-stag-hw-parse": "off", - "rx-vlan-stag-filter": "off", - "l2-fwd-offload": "off", - "hw-tc-offload": "off", - "esp-hw-offload": "off", - "esp-tx-csum-hw-offload": "off", - "rx-udp_tunnel-port-offload": "off", - "tls-hw-tx-offload": "off", - "tls-hw-rx-offload": "off", - "rx-gro-hw": "off", - "tls-hw-record": "off" - }, - "driver_info": { - "driver": "e1000", - "version": "7.3.21-k8-NAPI", - "firmware-version": "", - "expansion-rom-version": "", - "bus-info": "0000:00:08.0", - "supports-statistics": "yes", - "supports-test": "yes", - "supports-eeprom-access": "yes", - "supports-register-dump": "yes", - "supports-priv-flags": "no" - }, - "pause_params": { - "autonegotiate": true, - "rx": true, - "tx": false - } - } - }, - "default_interface": "eth0", - "default_gateway": "10.0.2.2" - }, - "counters": { - "network": { - "interfaces": { - "lo": { - "tx": { - "queuelen": "1000", - "bytes": "7862", - "packets": "82", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "7862", - "packets": "82", - "errors": "0", - "drop": "0", - "overrun": "0" - } - }, - "eth0": { - "tx": { - "queuelen": "1000", - "bytes": "844859", - "packets": "5817", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "14775901", - "packets": "15223", - "errors": "0", - "drop": "0", - "overrun": "0" - } - }, - "eth1": { - "tx": { - "queuelen": "1000", - "bytes": "1506", - "packets": "19", - "errors": "0", - "drop": "0", - "carrier": "0", - "collisions": "0" - }, - "rx": { - "bytes": "11752", - "packets": "113", - "errors": "0", - "drop": "0", - "overrun": "0" - } - } - } - } - }, - "IPAddress": "10.0.2.2", - "ipaddress": "10.0.2.15", - "macaddress": "08:00:27:1F:3F:CD", - "ip6address": "fe80::a00:27ff:fe1f:3fcd", - "lsb": { - "id": "Ubuntu", - "description": "Ubuntu 20.04.6 LTS", - "release": "20.04", - "codename": "focal" - }, - "os": "linux", - "os_version": "5.4.0-144-generic", - "platform": "ubuntu", - "platform_version": "20.04", - "platform_family": "debian", - "uptime_seconds": 414, - "uptime": "6 minutes 54 seconds", - "idletime_seconds": 682, - "idletime": "11 minutes 22 seconds", - "dmi": { - "dmidecode_version": "3.2", - "smbios_version": "2.5", - "structures": { - "count": "10", - "size": "455" - }, - "table_location": "0x000E1000", - "bios": { - "all_records": [ - { - "record_id": "0x0000", - "size": "0", - "application_identifier": "BIOS Information", - "Vendor": "innotek GmbH", - "Version": "VirtualBox", - "Release Date": "12/01/2006", - "Address": "0xE0000", - "Runtime Size": "128 kB", - "ROM Size": "128 kB", - "Characteristics": { - "ACPI is supported": null - } - } - ], - "vendor": "innotek GmbH", - "version": "VirtualBox", - "release_date": "12/01/2006", - "address": "0xE0000", - "runtime_size": "128 kB", - "rom_size": "128 kB" - }, - "system": { - "all_records": [ - { - "record_id": "0x0001", - "size": "1", - "application_identifier": "System Information", - "Manufacturer": "innotek GmbH", - "Product Name": "VirtualBox", - "Version": "1.2", - "Serial Number": "0", - "UUID": "794bf05e-6c2f-c049-9676-cf9933edd148", - "Wake-up Type": "Power Switch", - "SKU Number": "Not Specified", - "Family": "Virtual Machine" - } - ], - "manufacturer": "innotek GmbH", - "product_name": "VirtualBox", - "version": "1.2", - "serial_number": "0", - "uuid": "794bf05e-6c2f-c049-9676-cf9933edd148", - "wake_up_type": "Power Switch", - "sku_number": "Not Specified", - "family": "Virtual Machine" - }, - "base_board": { - "all_records": [ - { - "record_id": "0x0008", - "size": "2", - "application_identifier": "Base Board Information", - "Manufacturer": "Oracle Corporation", - "Product Name": "VirtualBox", - "Version": "1.2", - "Serial Number": "0", - "Asset Tag": "Not Specified", - "Features": { - "Board is a hosting board": null - }, - "Location In Chassis": "Not Specified", - "Chassis Handle": "0x0003", - "Type": "Motherboard", - "Contained Object Handles": "0" - } - ], - "manufacturer": "Oracle Corporation", - "product_name": "VirtualBox", - "version": "1.2", - "serial_number": "0", - "asset_tag": "Not Specified", - "location_in_chassis": "Not Specified", - "chassis_handle": "0x0003", - "type": "Motherboard", - "contained_object_handles": "0" - }, - "chassis": { - "all_records": [ - { - "record_id": "0x0003", - "size": "3", - "application_identifier": "Chassis Information", - "Manufacturer": "Oracle Corporation", - "Type": "Other", - "Lock": "Not Present", - "Version": "Not Specified", - "Serial Number": "Not Specified", - "Asset Tag": "Not Specified", - "Boot-up State": "Safe", - "Power Supply State": "Safe", - "Thermal State": "Safe", - "Security Status": "None" - } - ], - "manufacturer": "Oracle Corporation", - "type": "Other", - "lock": "Not Present", - "version": "Not Specified", - "serial_number": "Not Specified", - "asset_tag": "Not Specified", - "boot_up_state": "Safe", - "power_supply_state": "Safe", - "thermal_state": "Safe", - "security_status": "None" - }, - "oem_strings": { - "all_records": [ - { - "record_id": "0x0002", - "size": "11", - "application_identifier": "OEM Strings", - "String 1": "vboxVer_7.0.8", - "String 2": "vboxRev_156879" - } - ], - "string_1": "vboxVer_7.0.8", - "string_2": "vboxRev_156879" - } - }, - "cpu": { - "numa_node_cpus": { - "0": [ - 0, - 1 - ] - }, - "vulnerability": { - "itlb_multihit": "KVM: Vulnerable", - "l1tf": "Mitigation; PTE Inversion", - "mds": "Mitigation; Clear CPU buffers; SMT Host state unknown", - "meltdown": "Mitigation; PTI", - "mmio_stale_data": "Unknown: No mitigations", - "retbleed": "Not affected", - "spec_store_bypass": "Vulnerable", - "spectre_v1": "Mitigation; usercopy/swapgs barriers and __user pointer sanitization", - "spectre_v2": "Mitigation; Retpolines, STIBP disabled, RSB filling, PBRSB-eIBRS Not affected", - "srbds": "Unknown: Dependent on hypervisor status", - "tsx_async_abort": "Not affected" - }, - "architecture": "x86_64", - "cpu_opmodes": [ - "32-bit", - "64-bit" - ], - "byte_order": "little endian", - "address_sizes": [ - "39 bits physical", - "48 bits virtual" - ], - "cpus": 2, - "cpus_online": 2, - "threads_per_core": 1, - "cores_per_socket": 2, - "sockets": 1, - "numa_nodes": 1, - "vendor_id": "GenuineIntel", - "family": "6", - "model": "61", - "model_name": "Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz", - "stepping": "4", - "mhz": "3109.596", - "bogomips": "6219.19", - "hypervisor_vendor": "KVM", - "virtualization_type": "full", - "l1d_cache": "64 KiB", - "l1i_cache": "64 KiB", - "l2_cache": "512 KiB", - "l3_cache": "8 MiB", - "flags": [ - "3dnowprefetch", - "abm", - "aes", - "apic", - "avx", - "avx2", - "bmi1", - "bmi2", - "clflush", - "cmov", - "constant_tsc", - "cpuid", - "cx16", - "cx8", - "de", - "flush_l1d", - "fpu", - "fsgsbase", - "fxsr", - "ht", - "hypervisor", - "invpcid", - "invpcid_single", - "lahf_lm", - "lm", - "mca", - "mce", - "md_clear", - "mmx", - "movbe", - "msr", - "mtrr", - "nonstop_tsc", - "nopl", - "nx", - "pae", - "pat", - "pcid", - "pclmulqdq", - "pge", - "pni", - "popcnt", - "pse", - "pse36", - "pti", - "rdrand", - "rdseed", - "rdtscp", - "rep_good", - "sep", - "sse", - "sse2", - "sse4_1", - "sse4_2", - "ssse3", - "syscall", - "tsc", - "tsc_known_freq", - "vme", - "x2apic", - "xsave", - "xtopology" - ], - "0": { - "vendor_id": "GenuineIntel", - "family": "6", - "model": "61", - "model_name": "Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz", - "stepping": "4", - "mhz": "3109.596", - "bogomips": "6219.19", - "cache_size": "4096 KB", - "physical_id": "0", - "core_id": "0", - "cores": "2", - "flags": [ - "3dnowprefetch", - "abm", - "aes", - "apic", - "avx", - "avx2", - "bmi1", - "bmi2", - "clflush", - "cmov", - "constant_tsc", - "cpuid", - "cx16", - "cx8", - "de", - "flush_l1d", - "fpu", - "fsgsbase", - "fxsr", - "ht", - "hypervisor", - "invpcid", - "invpcid_single", - "lahf_lm", - "lm", - "mca", - "mce", - "md_clear", - "mmx", - "movbe", - "msr", - "mtrr", - "nonstop_tsc", - "nopl", - "nx", - "pae", - "pat", - "pcid", - "pclmulqdq", - "pge", - "pni", - "popcnt", - "pse", - "pse36", - "pti", - "rdrand", - "rdseed", - "rdtscp", - "rep_good", - "sep", - "sse", - "sse2", - "sse4_1", - "sse4_2", - "ssse3", - "syscall", - "tsc", - "tsc_known_freq", - "vme", - "x2apic", - "xsave", - "xtopology" - ] - }, - "1": { - "vendor_id": "GenuineIntel", - "family": "6", - "model": "61", - "model_name": "Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz", - "stepping": "4", - "mhz": "3109.596", - "bogomips": "6219.19", - "cache_size": "4096 KB", - "physical_id": "0", - "core_id": "1", - "cores": "2", - "flags": [ - "3dnowprefetch", - "abm", - "aes", - "apic", - "avx", - "avx2", - "bmi1", - "bmi2", - "clflush", - "cmov", - "constant_tsc", - "cpuid", - "cx16", - "cx8", - "de", - "flush_l1d", - "fpu", - "fsgsbase", - "fxsr", - "ht", - "hypervisor", - "invpcid", - "invpcid_single", - "lahf_lm", - "lm", - "mca", - "mce", - "md_clear", - "mmx", - "movbe", - "msr", - "mtrr", - "nonstop_tsc", - "nopl", - "nx", - "pae", - "pat", - "pcid", - "pclmulqdq", - "pge", - "pni", - "popcnt", - "pse", - "pse36", - "pti", - "rdrand", - "rdseed", - "rdtscp", - "rep_good", - "sep", - "sse", - "sse2", - "sse4_1", - "sse4_2", - "ssse3", - "syscall", - "tsc", - "tsc_known_freq", - "vme", - "x2apic", - "xsave", - "xtopology" - ] - }, - "total": 2, - "real": 1, - "cores": 2 - }, - "virtualization": { - "systems": { - "vbox": "guest", - "kvm": "guest" - }, - "system": "vbox", - "role": "guest" - }, - "languages": { - "c": { - "gcc": { - "target": "x86_64-linux-gnu", - "configured_with": "../src/configure -v --with-pkgversion='Ubuntu 9.4.0-1ubuntu1~20.04.1' --with-bugurl=file:///usr/share/doc/gcc-9/README.Bugs --enable-languages=c,ada,c++,go,brig,d,fortran,objc,obj-c++,gm2 --prefix=/usr --with-gcc-major-version-only --program-suffix=-9 --program-prefix=x86_64-linux-gnu- --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-plugin --enable-default-pie --with-system-zlib --with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-offload-targets=nvptx-none=/build/gcc-9-Av3uEd/gcc-9-9.4.0/debian/tmp-nvptx/usr,hsa --without-cuda-driver --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu", - "thread_model": "posix", - "description": "gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.1) ", - "version": "9.4.0" - }, - "glibc": { - "version": "2.31", - "description": "ldd (Ubuntu GLIBC 2.31-0ubuntu9.9) 2.31" - } - }, - "perl": { - "version": "5.30.0", - "archname": "x86_64-linux-gnu-thread-multi" - }, - "ruby": { - "platform": "x86_64-linux", - "version": "3.1.2", - "release_date": "2022-04-12", - "target": "x86_64-pc-linux-gnu", - "target_cpu": "x86_64", - "target_vendor": "pc", - "target_os": "linux", - "host": "x86_64-pc-linux-gnu", - "host_cpu": "x86_64", - "host_os": "linux", - "host_vendor": "pc", - "bin_dir": "/opt/chef/embedded/bin", - "ruby_bin": "/opt/chef/embedded/bin/ruby", - "gem_bin": "/opt/chef/embedded/bin/gem", - "gems_dir": "/opt/chef/embedded/lib/ruby/gems/3.1.0" - } - }, - "chef_packages": { - "chef": { - "version": "18.2.7", - "chef_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/chef-18.2.7/lib", - "chef_effortless": null - }, - "ohai": { - "version": "18.1.4", - "ohai_root": "/opt/chef/embedded/lib/ruby/gems/3.1.0/gems/ohai-18.1.4/lib/ohai" - } - }, - "hostname": "vagrant", - "machinename": "vagrant", - "fqdn": "vagrant", - "domain": null, - "cloud": null, - "command": { - "ps": "ps -ef" - }, - "filesystem": { - "by_device": { - "udev": { - "kb_size": "453936", - "kb_used": "0", - "kb_available": "453936", - "percent_used": "0%", - "total_inodes": "113484", - "inodes_used": "446", - "inodes_available": "113038", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=453936k", - "nr_inodes=113484", - "mode=755" - ], - "mounts": [ - "/dev" - ] - }, - "tmpfs": { - "kb_size": "100008", - "kb_used": "0", - "kb_available": "100008", - "percent_used": "0%", - "total_inodes": "125014", - "inodes_used": "22", - "inodes_available": "124992", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100012k", - "mode=755" - ], - "mounts": [ - "/run", - "/dev/shm", - "/run/lock", - "/sys/fs/cgroup", - "/run/user/1000", - "/run/snapd/ns" - ] - }, - "/dev/mapper/ubuntu--vg-ubuntu--lv": { - "kb_size": "31811408", - "kb_used": "4713468", - "kb_available": "25456468", - "percent_used": "16%", - "total_inodes": "2031616", - "inodes_used": "82131", - "inodes_available": "1949485", - "inodes_percent_used": "5%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "5094cad6-67e0-4355-91b0-1b227e8543c5", - "mounts": [ - "/" - ] - }, - "/dev/loop0": { - "kb_size": "45440", - "kb_used": "45440", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "7578", - "inodes_used": "7578", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/certbot/3024" - ] - }, - "/dev/loop1": { - "kb_size": "65024", - "kb_used": "65024", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "11995", - "inodes_used": "11995", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/core20/1974" - ] - }, - "/dev/loop2": { - "kb_size": "69504", - "kb_used": "69504", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "802", - "inodes_used": "802", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/lxd/22753" - ] - }, - "/dev/loop3": { - "kb_size": "63488", - "kb_used": "63488", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "11796", - "inodes_used": "11796", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/core20/1611" - ] - }, - "/dev/loop4": { - "kb_size": "94080", - "kb_used": "94080", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "815", - "inodes_used": "815", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/lxd/24061" - ] - }, - "/dev/loop5": { - "kb_size": "54656", - "kb_used": "54656", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "658", - "inodes_used": "658", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "mounts": [ - "/snap/snapd/19457" - ] - }, - "/dev/sda2": { - "kb_size": "1992552", - "kb_used": "110144", - "kb_available": "1761168", - "percent_used": "6%", - "total_inodes": "131072", - "inodes_used": "312", - "inodes_available": "130760", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "05435722-8e7e-40aa-b5d2-5184c0b6689d", - "mounts": [ - "/boot" - ] - }, - "v-csr-524d6d9d7": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/684bf08740e3486eec20b3ab375f8262/roles" - ] - }, - "v-csn-37ac661fe": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/e22fc1e54e0cb90e0934d8af18a90cca/nodes" - ] - }, - "v-csc-5f687d06d": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/27bd5a87181d76e5a2018d762cc8de6c/cookbooks" - ] - }, - "v-csdb-14da598b0": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/b00e039380287d2cafe248125e394aed/data_bags" - ] - }, - "v-cse-7e50697ec": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/23f3d0294d42a3fd5366f42df05cb82e/environments" - ] - }, - "v-csc-cae6835df": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/tmp/vagrant-chef/b09427e72b6807d57c9e510b8fa49441/cookbooks" - ] - }, - "vagrant": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mounts": [ - "/vagrant" - ] - }, - "sysfs": { - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys" - ] - }, - "proc": { - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/proc" - ] - }, - "devpts": { - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ], - "mounts": [ - "/dev/pts" - ] - }, - "securityfs": { - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/security" - ] - }, - "cgroup2": { - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ], - "mounts": [ - "/sys/fs/cgroup/unified" - ] - }, - "cgroup": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "freezer" - ], - "mounts": [ - "/sys/fs/cgroup/systemd", - "/sys/fs/cgroup/pids", - "/sys/fs/cgroup/cpu,cpuacct", - "/sys/fs/cgroup/net_cls,net_prio", - "/sys/fs/cgroup/memory", - "/sys/fs/cgroup/perf_event", - "/sys/fs/cgroup/hugetlb", - "/sys/fs/cgroup/devices", - "/sys/fs/cgroup/rdma", - "/sys/fs/cgroup/cpuset", - "/sys/fs/cgroup/blkio", - "/sys/fs/cgroup/freezer" - ] - }, - "pstore": { - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/fs/pstore" - ] - }, - "none": { - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ], - "mounts": [ - "/sys/fs/bpf" - ] - }, - "systemd-1": { - "fs_type": "autofs", - "mount_options": [ - "rw", - "relatime", - "fd=29", - "pgrp=1", - "timeout=0", - "minproto=5", - "maxproto=5", - "direct", - "pipe_ino=16317" - ], - "mounts": [ - "/proc/sys/fs/binfmt_misc" - ] - }, - "mqueue": { - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/dev/mqueue" - ] - }, - "hugetlbfs": { - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ], - "mounts": [ - "/dev/hugepages" - ] - }, - "debugfs": { - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/debug" - ] - }, - "tracefs": { - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/tracing" - ] - }, - "fusectl": { - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/fs/fuse/connections" - ] - }, - "configfs": { - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/sys/kernel/config" - ] - }, - "binfmt_misc": { - "fs_type": "binfmt_misc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "mounts": [ - "/proc/sys/fs/binfmt_misc" - ] - }, - "/var/lib/snapd/snaps/certbot_3024.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/certbot/3024" - ] - }, - "/var/lib/snapd/snaps/core20_1974.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/core20/1974" - ] - }, - "/var/lib/snapd/snaps/lxd_22753.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/lxd/22753" - ] - }, - "/var/lib/snapd/snaps/core20_1611.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/core20/1611" - ] - }, - "/var/lib/snapd/snaps/lxd_24061.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/lxd/24061" - ] - }, - "/var/lib/snapd/snaps/snapd_19457.snap": { - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ], - "mounts": [ - "/snap/snapd/19457" - ] - }, - "nsfs": { - "fs_type": "nsfs", - "mount_options": [ - "rw" - ], - "mounts": [ - "/run/snapd/ns/lxd.mnt" - ] - }, - "/vagrant": { - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "mounts": [ - "/vagrant" - ] - }, - "/dev/sda": { - "mounts": [ - - ] - }, - "/dev/sda1": { - "mounts": [ - - ] - }, - "/dev/sda3": { - "fs_type": "LVM2_member", - "uuid": "X1YpA1-Q38y-9ju0-fv0c-h2fy-EtLc-OrxBy5", - "mounts": [ - - ] - } - }, - "by_mountpoint": { - "/dev": { - "kb_size": "453936", - "kb_used": "0", - "kb_available": "453936", - "percent_used": "0%", - "total_inodes": "113484", - "inodes_used": "446", - "inodes_available": "113038", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=453936k", - "nr_inodes=113484", - "mode=755" - ], - "devices": [ - "udev" - ] - }, - "/run": { - "kb_size": "100012", - "kb_used": "1084", - "kb_available": "98928", - "percent_used": "2%", - "total_inodes": "125014", - "inodes_used": "742", - "inodes_available": "124272", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100012k", - "mode=755" - ], - "devices": [ - "tmpfs" - ] - }, - "/": { - "kb_size": "31811408", - "kb_used": "4713468", - "kb_available": "25456468", - "percent_used": "16%", - "total_inodes": "2031616", - "inodes_used": "82131", - "inodes_available": "1949485", - "inodes_percent_used": "5%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "5094cad6-67e0-4355-91b0-1b227e8543c5", - "devices": [ - "/dev/mapper/ubuntu--vg-ubuntu--lv" - ] - }, - "/dev/shm": { - "kb_size": "500056", - "kb_used": "0", - "kb_available": "500056", - "percent_used": "0%", - "total_inodes": "125014", - "inodes_used": "1", - "inodes_available": "125013", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev" - ], - "devices": [ - "tmpfs" - ] - }, - "/run/lock": { - "kb_size": "5120", - "kb_used": "0", - "kb_available": "5120", - "percent_used": "0%", - "total_inodes": "125014", - "inodes_used": "4", - "inodes_available": "125010", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=5120k" - ], - "devices": [ - "tmpfs" - ] - }, - "/sys/fs/cgroup": { - "kb_size": "500056", - "kb_used": "0", - "kb_available": "500056", - "percent_used": "0%", - "total_inodes": "125014", - "inodes_used": "18", - "inodes_available": "124996", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "ro", - "nosuid", - "nodev", - "noexec", - "mode=755" - ], - "devices": [ - "tmpfs" - ] - }, - "/snap/certbot/3024": { - "kb_size": "45440", - "kb_used": "45440", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "7578", - "inodes_used": "7578", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop0", - "/var/lib/snapd/snaps/certbot_3024.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/snap/core20/1974": { - "kb_size": "65024", - "kb_used": "65024", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "11995", - "inodes_used": "11995", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop1", - "/var/lib/snapd/snaps/core20_1974.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/snap/lxd/22753": { - "kb_size": "69504", - "kb_used": "69504", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "802", - "inodes_used": "802", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop2", - "/var/lib/snapd/snaps/lxd_22753.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/snap/core20/1611": { - "kb_size": "63488", - "kb_used": "63488", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "11796", - "inodes_used": "11796", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop3", - "/var/lib/snapd/snaps/core20_1611.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/snap/lxd/24061": { - "kb_size": "94080", - "kb_used": "94080", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "815", - "inodes_used": "815", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop4", - "/var/lib/snapd/snaps/lxd_24061.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/snap/snapd/19457": { - "kb_size": "54656", - "kb_used": "54656", - "kb_available": "0", - "percent_used": "100%", - "total_inodes": "658", - "inodes_used": "658", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs", - "devices": [ - "/dev/loop5", - "/var/lib/snapd/snaps/snapd_19457.snap" - ], - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/boot": { - "kb_size": "1992552", - "kb_used": "110144", - "kb_available": "1761168", - "percent_used": "6%", - "total_inodes": "131072", - "inodes_used": "312", - "inodes_available": "130760", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "05435722-8e7e-40aa-b5d2-5184c0b6689d", - "devices": [ - "/dev/sda2" - ] - }, - "/tmp/vagrant-chef/684bf08740e3486eec20b3ab375f8262/roles": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csr-524d6d9d7" - ] - }, - "/tmp/vagrant-chef/e22fc1e54e0cb90e0934d8af18a90cca/nodes": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csn-37ac661fe" - ] - }, - "/tmp/vagrant-chef/27bd5a87181d76e5a2018d762cc8de6c/cookbooks": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csc-5f687d06d" - ] - }, - "/tmp/vagrant-chef/b00e039380287d2cafe248125e394aed/data_bags": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csdb-14da598b0" - ] - }, - "/tmp/vagrant-chef/23f3d0294d42a3fd5366f42df05cb82e/environments": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-cse-7e50697ec" - ] - }, - "/tmp/vagrant-chef/b09427e72b6807d57c9e510b8fa49441/cookbooks": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ], - "devices": [ - "v-csc-cae6835df" - ] - }, - "/vagrant": { - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "devices": [ - "vagrant", - "/vagrant" - ], - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "/run/user/1000": { - "kb_size": "100008", - "kb_used": "0", - "kb_available": "100008", - "percent_used": "0%", - "total_inodes": "125014", - "inodes_used": "22", - "inodes_available": "124992", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "relatime", - "size=100008k", - "mode=700", - "uid=1000", - "gid=1000" - ], - "devices": [ - "tmpfs" - ] - }, - "/sys": { - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "sysfs" - ] - }, - "/proc": { - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "proc" - ] - }, - "/dev/pts": { - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ], - "devices": [ - "devpts" - ] - }, - "/sys/kernel/security": { - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "securityfs" - ] - }, - "/sys/fs/cgroup/unified": { - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ], - "devices": [ - "cgroup2" - ] - }, - "/sys/fs/cgroup/systemd": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "xattr", - "name=systemd" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/pstore": { - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "pstore" - ] - }, - "/sys/fs/bpf": { - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ], - "devices": [ - "none" - ] - }, - "/sys/fs/cgroup/pids": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "pids" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/cpu,cpuacct": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpu", - "cpuacct" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/net_cls,net_prio": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "net_cls", - "net_prio" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/memory": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "memory" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/perf_event": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "perf_event" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/hugetlb": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "hugetlb" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/devices": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "devices" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/rdma": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "rdma" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/cpuset": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpuset" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/blkio": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "blkio" - ], - "devices": [ - "cgroup" - ] - }, - "/sys/fs/cgroup/freezer": { - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "freezer" - ], - "devices": [ - "cgroup" - ] - }, - "/proc/sys/fs/binfmt_misc": { - "fs_type": "binfmt_misc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "systemd-1", - "binfmt_misc" - ] - }, - "/dev/mqueue": { - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "mqueue" - ] - }, - "/dev/hugepages": { - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ], - "devices": [ - "hugetlbfs" - ] - }, - "/sys/kernel/debug": { - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "debugfs" - ] - }, - "/sys/kernel/tracing": { - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "tracefs" - ] - }, - "/sys/fs/fuse/connections": { - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "fusectl" - ] - }, - "/sys/kernel/config": { - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ], - "devices": [ - "configfs" - ] - }, - "/run/snapd/ns": { - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100012k", - "mode=755" - ], - "devices": [ - "tmpfs" - ] - }, - "/run/snapd/ns/lxd.mnt": { - "fs_type": "nsfs", - "mount_options": [ - "rw" - ], - "devices": [ - "nsfs" - ] - } - }, - "by_pair": { - "udev,/dev": { - "device": "udev", - "kb_size": "453936", - "kb_used": "0", - "kb_available": "453936", - "percent_used": "0%", - "mount": "/dev", - "total_inodes": "113484", - "inodes_used": "446", - "inodes_available": "113038", - "inodes_percent_used": "1%", - "fs_type": "devtmpfs", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "size=453936k", - "nr_inodes=113484", - "mode=755" - ] - }, - "tmpfs,/run": { - "device": "tmpfs", - "kb_size": "100012", - "kb_used": "1084", - "kb_available": "98928", - "percent_used": "2%", - "mount": "/run", - "total_inodes": "125014", - "inodes_used": "742", - "inodes_available": "124272", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100012k", - "mode=755" - ] - }, - "/dev/mapper/ubuntu--vg-ubuntu--lv,/": { - "device": "/dev/mapper/ubuntu--vg-ubuntu--lv", - "kb_size": "31811408", - "kb_used": "4713468", - "kb_available": "25456468", - "percent_used": "16%", - "mount": "/", - "total_inodes": "2031616", - "inodes_used": "82131", - "inodes_available": "1949485", - "inodes_percent_used": "5%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "5094cad6-67e0-4355-91b0-1b227e8543c5" - }, - "tmpfs,/dev/shm": { - "device": "tmpfs", - "kb_size": "500056", - "kb_used": "0", - "kb_available": "500056", - "percent_used": "0%", - "mount": "/dev/shm", - "total_inodes": "125014", - "inodes_used": "1", - "inodes_available": "125013", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev" - ] - }, - "tmpfs,/run/lock": { - "device": "tmpfs", - "kb_size": "5120", - "kb_used": "0", - "kb_available": "5120", - "percent_used": "0%", - "mount": "/run/lock", - "total_inodes": "125014", - "inodes_used": "4", - "inodes_available": "125010", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=5120k" - ] - }, - "tmpfs,/sys/fs/cgroup": { - "device": "tmpfs", - "kb_size": "500056", - "kb_used": "0", - "kb_available": "500056", - "percent_used": "0%", - "mount": "/sys/fs/cgroup", - "total_inodes": "125014", - "inodes_used": "18", - "inodes_available": "124996", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "ro", - "nosuid", - "nodev", - "noexec", - "mode=755" - ] - }, - "/dev/loop0,/snap/certbot/3024": { - "device": "/dev/loop0", - "kb_size": "45440", - "kb_used": "45440", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/certbot/3024", - "total_inodes": "7578", - "inodes_used": "7578", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/loop1,/snap/core20/1974": { - "device": "/dev/loop1", - "kb_size": "65024", - "kb_used": "65024", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/core20/1974", - "total_inodes": "11995", - "inodes_used": "11995", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/loop2,/snap/lxd/22753": { - "device": "/dev/loop2", - "kb_size": "69504", - "kb_used": "69504", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/lxd/22753", - "total_inodes": "802", - "inodes_used": "802", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/loop3,/snap/core20/1611": { - "device": "/dev/loop3", - "kb_size": "63488", - "kb_used": "63488", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/core20/1611", - "total_inodes": "11796", - "inodes_used": "11796", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/loop4,/snap/lxd/24061": { - "device": "/dev/loop4", - "kb_size": "94080", - "kb_used": "94080", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/lxd/24061", - "total_inodes": "815", - "inodes_used": "815", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/loop5,/snap/snapd/19457": { - "device": "/dev/loop5", - "kb_size": "54656", - "kb_used": "54656", - "kb_available": "0", - "percent_used": "100%", - "mount": "/snap/snapd/19457", - "total_inodes": "658", - "inodes_used": "658", - "inodes_available": "0", - "inodes_percent_used": "100%", - "fs_type": "squashfs" - }, - "/dev/sda2,/boot": { - "device": "/dev/sda2", - "kb_size": "1992552", - "kb_used": "110144", - "kb_available": "1761168", - "percent_used": "6%", - "mount": "/boot", - "total_inodes": "131072", - "inodes_used": "312", - "inodes_available": "130760", - "inodes_percent_used": "1%", - "fs_type": "ext4", - "mount_options": [ - "rw", - "relatime" - ], - "uuid": "05435722-8e7e-40aa-b5d2-5184c0b6689d" - }, - "v-csr-524d6d9d7,/tmp/vagrant-chef/684bf08740e3486eec20b3ab375f8262/roles": { - "device": "v-csr-524d6d9d7", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/684bf08740e3486eec20b3ab375f8262/roles", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csn-37ac661fe,/tmp/vagrant-chef/e22fc1e54e0cb90e0934d8af18a90cca/nodes": { - "device": "v-csn-37ac661fe", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/e22fc1e54e0cb90e0934d8af18a90cca/nodes", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csc-5f687d06d,/tmp/vagrant-chef/27bd5a87181d76e5a2018d762cc8de6c/cookbooks": { - "device": "v-csc-5f687d06d", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/27bd5a87181d76e5a2018d762cc8de6c/cookbooks", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csdb-14da598b0,/tmp/vagrant-chef/b00e039380287d2cafe248125e394aed/data_bags": { - "device": "v-csdb-14da598b0", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/b00e039380287d2cafe248125e394aed/data_bags", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-cse-7e50697ec,/tmp/vagrant-chef/23f3d0294d42a3fd5366f42df05cb82e/environments": { - "device": "v-cse-7e50697ec", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/23f3d0294d42a3fd5366f42df05cb82e/environments", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "v-csc-cae6835df,/tmp/vagrant-chef/b09427e72b6807d57c9e510b8fa49441/cookbooks": { - "device": "v-csc-cae6835df", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/tmp/vagrant-chef/b09427e72b6807d57c9e510b8fa49441/cookbooks", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "vagrant,/vagrant": { - "device": "vagrant", - "kb_size": "488347692", - "kb_used": "479440892", - "kb_available": "8906800", - "percent_used": "99%", - "mount": "/vagrant" - }, - "tmpfs,/run/user/1000": { - "device": "tmpfs", - "kb_size": "100008", - "kb_used": "0", - "kb_available": "100008", - "percent_used": "0%", - "mount": "/run/user/1000", - "total_inodes": "125014", - "inodes_used": "22", - "inodes_available": "124992", - "inodes_percent_used": "1%", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "relatime", - "size=100008k", - "mode=700", - "uid=1000", - "gid=1000" - ] - }, - "sysfs,/sys": { - "device": "sysfs", - "mount": "/sys", - "fs_type": "sysfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "proc,/proc": { - "device": "proc", - "mount": "/proc", - "fs_type": "proc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "devpts,/dev/pts": { - "device": "devpts", - "mount": "/dev/pts", - "fs_type": "devpts", - "mount_options": [ - "rw", - "nosuid", - "noexec", - "relatime", - "gid=5", - "mode=620", - "ptmxmode=000" - ] - }, - "securityfs,/sys/kernel/security": { - "device": "securityfs", - "mount": "/sys/kernel/security", - "fs_type": "securityfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "cgroup2,/sys/fs/cgroup/unified": { - "device": "cgroup2", - "mount": "/sys/fs/cgroup/unified", - "fs_type": "cgroup2", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "nsdelegate" - ] - }, - "cgroup,/sys/fs/cgroup/systemd": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/systemd", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "xattr", - "name=systemd" - ] - }, - "pstore,/sys/fs/pstore": { - "device": "pstore", - "mount": "/sys/fs/pstore", - "fs_type": "pstore", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "none,/sys/fs/bpf": { - "device": "none", - "mount": "/sys/fs/bpf", - "fs_type": "bpf", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "mode=700" - ] - }, - "cgroup,/sys/fs/cgroup/pids": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/pids", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "pids" - ] - }, - "cgroup,/sys/fs/cgroup/cpu,cpuacct": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/cpu,cpuacct", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpu", - "cpuacct" - ] - }, - "cgroup,/sys/fs/cgroup/net_cls,net_prio": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/net_cls,net_prio", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "net_cls", - "net_prio" - ] - }, - "cgroup,/sys/fs/cgroup/memory": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/memory", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "memory" - ] - }, - "cgroup,/sys/fs/cgroup/perf_event": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/perf_event", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "perf_event" - ] - }, - "cgroup,/sys/fs/cgroup/hugetlb": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/hugetlb", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "hugetlb" - ] - }, - "cgroup,/sys/fs/cgroup/devices": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/devices", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "devices" - ] - }, - "cgroup,/sys/fs/cgroup/rdma": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/rdma", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "rdma" - ] - }, - "cgroup,/sys/fs/cgroup/cpuset": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/cpuset", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "cpuset" - ] - }, - "cgroup,/sys/fs/cgroup/blkio": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/blkio", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "blkio" - ] - }, - "cgroup,/sys/fs/cgroup/freezer": { - "device": "cgroup", - "mount": "/sys/fs/cgroup/freezer", - "fs_type": "cgroup", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "freezer" - ] - }, - "systemd-1,/proc/sys/fs/binfmt_misc": { - "device": "systemd-1", - "mount": "/proc/sys/fs/binfmt_misc", - "fs_type": "autofs", - "mount_options": [ - "rw", - "relatime", - "fd=29", - "pgrp=1", - "timeout=0", - "minproto=5", - "maxproto=5", - "direct", - "pipe_ino=16317" - ] - }, - "mqueue,/dev/mqueue": { - "device": "mqueue", - "mount": "/dev/mqueue", - "fs_type": "mqueue", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "hugetlbfs,/dev/hugepages": { - "device": "hugetlbfs", - "mount": "/dev/hugepages", - "fs_type": "hugetlbfs", - "mount_options": [ - "rw", - "relatime", - "pagesize=2M" - ] - }, - "debugfs,/sys/kernel/debug": { - "device": "debugfs", - "mount": "/sys/kernel/debug", - "fs_type": "debugfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "tracefs,/sys/kernel/tracing": { - "device": "tracefs", - "mount": "/sys/kernel/tracing", - "fs_type": "tracefs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "fusectl,/sys/fs/fuse/connections": { - "device": "fusectl", - "mount": "/sys/fs/fuse/connections", - "fs_type": "fusectl", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "configfs,/sys/kernel/config": { - "device": "configfs", - "mount": "/sys/kernel/config", - "fs_type": "configfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "binfmt_misc,/proc/sys/fs/binfmt_misc": { - "device": "binfmt_misc", - "mount": "/proc/sys/fs/binfmt_misc", - "fs_type": "binfmt_misc", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime" - ] - }, - "/var/lib/snapd/snaps/certbot_3024.snap,/snap/certbot/3024": { - "device": "/var/lib/snapd/snaps/certbot_3024.snap", - "mount": "/snap/certbot/3024", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/var/lib/snapd/snaps/core20_1974.snap,/snap/core20/1974": { - "device": "/var/lib/snapd/snaps/core20_1974.snap", - "mount": "/snap/core20/1974", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/var/lib/snapd/snaps/lxd_22753.snap,/snap/lxd/22753": { - "device": "/var/lib/snapd/snaps/lxd_22753.snap", - "mount": "/snap/lxd/22753", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/var/lib/snapd/snaps/core20_1611.snap,/snap/core20/1611": { - "device": "/var/lib/snapd/snaps/core20_1611.snap", - "mount": "/snap/core20/1611", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/var/lib/snapd/snaps/lxd_24061.snap,/snap/lxd/24061": { - "device": "/var/lib/snapd/snaps/lxd_24061.snap", - "mount": "/snap/lxd/24061", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "/var/lib/snapd/snaps/snapd_19457.snap,/snap/snapd/19457": { - "device": "/var/lib/snapd/snaps/snapd_19457.snap", - "mount": "/snap/snapd/19457", - "fs_type": "squashfs", - "mount_options": [ - "ro", - "nodev", - "relatime", - "x-gdu.hide" - ] - }, - "tmpfs,/run/snapd/ns": { - "device": "tmpfs", - "mount": "/run/snapd/ns", - "fs_type": "tmpfs", - "mount_options": [ - "rw", - "nosuid", - "nodev", - "noexec", - "relatime", - "size=100012k", - "mode=755" - ] - }, - "nsfs,/run/snapd/ns/lxd.mnt": { - "device": "nsfs", - "mount": "/run/snapd/ns/lxd.mnt", - "fs_type": "nsfs", - "mount_options": [ - "rw" - ] - }, - "/vagrant,/vagrant": { - "device": "/vagrant", - "mount": "/vagrant", - "fs_type": "vboxsf", - "mount_options": [ - "rw", - "nodev", - "relatime", - "iocharset=utf8", - "uid=1000", - "gid=1000", - "_netdev" - ] - }, - "/dev/sda,": { - "device": "/dev/sda" - }, - "/dev/sda1,": { - "device": "/dev/sda1" - }, - "/dev/sda3,": { - "device": "/dev/sda3", - "fs_type": "LVM2_member", - "uuid": "X1YpA1-Q38y-9ju0-fv0c-h2fy-EtLc-OrxBy5" - } - } - }, - "fips": { - "kernel": { - "enabled": false - } - }, - "init_package": "systemd", - "keys": { - "ssh": { - "host_dsa_public": "AAAAB3NzaC1kc3MAAACBANy/rzIdmt+J5qQ7dsgf3OTW7XajGPHDirc1LHrcFVYVdWqLMQR6EpNu+dotvrKlCjhylvXNag+/2/UJnQbQViM/ZpgLh9vvN/9P7usXLlRKst3G5EWS2DQLRUhz0qoy6FAiJdd6PoPYyWP1TdmVirZ9usJYe4FcFyLDgXhQw0NvAAAAFQD15BjWt9zDJ+xWjfy2xmUnliSAqwAAAIEAuzewdfu6D3l9rtFcyox6jSEOQJHC25QKxXfbcXrUevRd8CQ5jFGHup+IxFujTli5Tmh+n/tXZ7d7Nk8XedisI9ep4qrKJjMMLbSRcqYAgH3DthzHt7CJZZEZnAZ8BtozIU8v8sNLJvDpuh9PzsucfcHUKExoa+uTGjYuxMPbI+kAAACBANfV089Ojl2StLl8Jc6mCChfDhaIr5CKsDARrUPy/+eB1AOP3/9VOL+BWBJIa+eQYpdGzpSjSFNQO0vncXZykMQTPFBejbdqqfJyied7+LLYLWVpAbUgKIFes5bkgS8410vciB1ReRiG6SQIZhsKWoFOHI4v6NBnvpjMOlisoJok", - "host_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABgQDnYrrHWCgE+BazpPl2QBJzId3bV+iAx8PyDCCxsZ8nWVh2u4vg0IGqvSeui76CPDMT0DbqQKF/+JwOmqg7uEbuTgJ59VROpCmhdtv1x4ZTvuTTYzBSe6YDFt5yMQ+tDoBOHLG34gLHcP1UdnuEpYdD7bcpnTuy06pMjGujCp6IdTg4VD4rEvOcB9tAIyeQNWsSTP3EQ5qZYNQZKlpC+z22KVtH7eEvHWY/FrQgV1micY1v6OUSR4rxi5VcQx8oOyCe17vHff6zKWI3dNR6gEueXyoUJIKRZqlLCrRmYDErYmQokxWRekJma+4EJH7SxpWHc7hDSsYnwyCCYSt+MjImpNoiKZaU765YW5mp1CRo1C56uj9vVAIgKY7nieAruPs2Hr+Xtf/VufGQ6HrNgsn3gLvj6HwqB5bI+WKEzaMOVvbvRZMwSgzsTjYdJkwbPHnHKUrarbgwWQTf6/R5wlVzxicR6QrMupgDBIswJzVUeFNZUG9MRZnlE+fwWQs8kIU=", - "host_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEcWoP5g2MRsO15uBbGS2IsxIh4c43or7Sjwpvbom3bVxg8EPs+f+llfirx1v6cbA54wh9idMw/WCmlF1NX/tYQ=", - "host_ecdsa_type": "ecdsa-sha2-nistp256", - "host_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIPOp2x7PlK40yCf0Jmqy7+E45lTHi/3D/T8qNXUPWefU" - } - }, - "block_device": { - "dm-0": { - "size": "65003520", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop0": { - "size": "90664", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop1": { - "size": "129944", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop2": { - "size": "138880", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop3": { - "size": "126888", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop4": { - "size": "188072", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop5": { - "size": "109072", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop6": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "loop7": { - "size": "0", - "removable": "0", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - }, - "sda": { - "size": "134217728", - "removable": "0", - "model": "VBOX HARDDISK", - "rev": "1.0", - "state": "running", - "timeout": "30", - "vendor": "ATA", - "queue_depth": "32", - "rotational": "1", - "physical_block_size": "512", - "logical_block_size": "512" - } - }, - "hostnamectl": { - "static_hostname": "vagrant", - "icon_name": "computer-vm", - "chassis": "vm", - "machine_id": "c049f3c1645541c08fbb2fcb71e1ef02", - "boot_id": "943965222b594a6b8574b9228de4a98a", - "virtualization": "oracle", - "operating_system": "Ubuntu 20.04.6 LTS", - "kernel": "Linux 5.4.0-144-generic", - "architecture": "x86-64" - }, - "machine_id": "c049f3c1645541c08fbb2fcb71e1ef02", - "os_release": { - "name": "Ubuntu", - "version": "20.04.6 LTS (Focal Fossa)", - "id": "ubuntu", - "id_like": [ - "debian" - ], - "pretty_name": "Ubuntu 20.04.6 LTS", - "version_id": "20.04", - "home_url": "https://www.ubuntu.com/", - "support_url": "https://help.ubuntu.com/", - "bug_report_url": "https://bugs.launchpad.net/ubuntu/", - "privacy_policy_url": "https://www.ubuntu.com/legal/terms-and-policies/privacy-policy", - "version_codename": "focal", - "ubuntu_codename": "focal" - }, - "systemd_paths": { - "temporary": "/tmp", - "temporary-large": "/var/tmp", - "system-binaries": "/usr/bin", - "system-include": "/usr/include", - "system-library-private": "/usr/lib", - "system-library-arch": "/usr/lib/x86_64-linux-gnu", - "system-shared": "/usr/share", - "system-configuration-factory": "/usr/share/factory/etc", - "system-state-factory": "/usr/share/factory/var", - "system-configuration": "/etc", - "system-runtime": "/run", - "system-runtime-logs": "/run/log", - "system-state-private": "/var/lib", - "system-state-logs": "/var/log", - "system-state-cache": "/var/cache", - "system-state-spool": "/var/spool", - "user-binaries": "/root/.local/bin", - "user-library-private": "/root/.local/lib", - "user-library-arch": "/root/.local/lib/x86_64-linux-gnu", - "user-shared": "/root/.local/share", - "user-configuration": "/root/.config", - "user-runtime": "/run/user/1000", - "user-state-cache": "/root/.cache", - "user": "/root", - "user-documents": "/root", - "user-music": "/root", - "user-pictures": "/root", - "user-videos": "/root", - "user-download": "/root", - "user-public": "/root", - "user-templates": "/root", - "user-desktop": "/root/Desktop", - "search-binaries": "/opt/chef/embedded/bin", - "search-binaries-default": "/usr/local/sbin", - "search-library-private": "/root/.local/lib", - "search-library-arch": "/root/.local/lib/x86_64-linux-gnu", - "search-shared": "/root/.local/share", - "search-configuration-factory": "/usr/local/share/factory/etc", - "search-state-factory": "/usr/local/share/factory/var", - "search-configuration": "/root/.config" - }, - "ohai_time": 1689753644.3547325, - "packages": { - "accountsservice": { - "version": "0.6.55-0ubuntu12~20.04.5", - "arch": "amd64" - }, - "adduser": { - "version": "3.118ubuntu2", - "arch": "all" - }, - "alsa-topology-conf": { - "version": "1.2.2-1", - "arch": "all" - }, - "alsa-ucm-conf": { - "version": "1.2.2-1ubuntu0.13", - "arch": "all" - }, - "amd64-microcode": { - "version": "3.20191218.1ubuntu1", - "arch": "amd64" - }, - "apparmor": { - "version": "2.13.3-7ubuntu5.1", - "arch": "amd64" - }, - "apport": { - "version": "2.20.11-0ubuntu27.25", - "arch": "all" - }, - "apport-symptoms": { - "version": "0.23", - "arch": "all" - }, - "apt": { - "version": "2.0.9", - "arch": "amd64" - }, - "apt-transport-https": { - "version": "2.0.9", - "arch": "all" - }, - "apt-utils": { - "version": "2.0.9", - "arch": "amd64" - }, - "at": { - "version": "3.1.23-1ubuntu1", - "arch": "amd64" - }, - "autoconf": { - "version": "2.69-11.1", - "arch": "all" - }, - "automake": { - "version": "1:1.16.1-4ubuntu6", - "arch": "all" - }, - "autotools-dev": { - "version": "20180224.1", - "arch": "all" - }, - "base-files": { - "version": "11ubuntu5.7", - "arch": "amd64" - }, - "base-passwd": { - "version": "3.5.47", - "arch": "amd64" - }, - "bash": { - "version": "5.0-6ubuntu1.2", - "arch": "amd64" - }, - "bc": { - "version": "1.07.1-2build1", - "arch": "amd64" - }, - "bcache-tools": { - "version": "1.0.8-3ubuntu0.1", - "arch": "amd64" - }, - "bind9-dnsutils": { - "version": "1:9.16.1-0ubuntu2.12", - "arch": "amd64" - }, - "bind9-host": { - "version": "1:9.16.1-0ubuntu2.12", - "arch": "amd64" - }, - "bind9-libs": { - "version": "1:9.16.1-0ubuntu2.12", - "arch": "amd64" - }, - "binutils": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "binutils-common": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "binutils-doc": { - "version": "2.34-6ubuntu1.6", - "arch": "all" - }, - "binutils-x86-64-linux-gnu": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "bison": { - "version": "2:3.5.1+dfsg-1", - "arch": "amd64" - }, - "bolt": { - "version": "0.9.1-2~ubuntu20.04.1", - "arch": "amd64" - }, - "bsd-mailx": { - "version": "8.1.2-0.20180807cvs-1", - "arch": "amd64" - }, - "bsdmainutils": { - "version": "11.1.2ubuntu3", - "arch": "amd64" - }, - "bsdutils": { - "version": "1:2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "btrfs-progs": { - "version": "5.4.1-2", - "arch": "amd64" - }, - "build-essential": { - "version": "12.8ubuntu1.1", - "arch": "amd64" - }, - "busybox-initramfs": { - "version": "1:1.30.1-4ubuntu6.4", - "arch": "amd64" - }, - "busybox-static": { - "version": "1:1.30.1-4ubuntu6.4", - "arch": "amd64" - }, - "byobu": { - "version": "5.133-0ubuntu1", - "arch": "all" - }, - "bzip2": { - "version": "1.0.8-2", - "arch": "amd64" - }, - "ca-certificates": { - "version": "20211016ubuntu0.20.04.1", - "arch": "all" - }, - "chef": { - "version": "18.2.7-1", - "arch": "amd64" - }, - "cloud-guest-utils": { - "version": "0.31-7-gd99b2d76-0ubuntu1", - "arch": "all" - }, - "cloud-init": { - "version": "22.4.2-0ubuntu0~20.04.2", - "arch": "all" - }, - "cloud-initramfs-copymods": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "cloud-initramfs-dyn-netconf": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "console-setup": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "console-setup-linux": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "coreutils": { - "version": "8.30-3ubuntu2", - "arch": "amd64" - }, - "cpio": { - "version": "2.13+dfsg-2ubuntu0.3", - "arch": "amd64" - }, - "cpp": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "cpp-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "crda": { - "version": "3.18-1build1", - "arch": "amd64" - }, - "cron": { - "version": "3.0pl1-136ubuntu1", - "arch": "amd64" - }, - "cryptsetup": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "cryptsetup-bin": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "cryptsetup-initramfs": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "all" - }, - "cryptsetup-run": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "all" - }, - "curl": { - "version": "7.68.0-1ubuntu2.18", - "arch": "amd64" - }, - "dash": { - "version": "0.5.10.2-6", - "arch": "amd64" - }, - "dbus": { - "version": "1.12.16-2ubuntu2.3", - "arch": "amd64" - }, - "dbus-user-session": { - "version": "1.12.16-2ubuntu2.3", - "arch": "amd64" - }, - "dconf-gsettings-backend": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "dconf-service": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "dctrl-tools": { - "version": "2.24-3", - "arch": "amd64" - }, - "debconf": { - "version": "1.5.73", - "arch": "all" - }, - "debconf-i18n": { - "version": "1.5.73", - "arch": "all" - }, - "debianutils": { - "version": "4.9.1", - "arch": "amd64" - }, - "diffutils": { - "version": "1:3.7-3", - "arch": "amd64" - }, - "dirmngr": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "distro-info": { - "version": "0.23ubuntu1", - "arch": "amd64" - }, - "distro-info-data": { - "version": "0.43ubuntu1.11", - "arch": "all" - }, - "dkms": { - "version": "2.8.1-5ubuntu2", - "arch": "all" - }, - "dmeventd": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "dmidecode": { - "version": "3.2-3", - "arch": "amd64" - }, - "dmsetup": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "dosfstools": { - "version": "4.1-2", - "arch": "amd64" - }, - "dpkg": { - "version": "1.19.7ubuntu3.2", - "arch": "amd64" - }, - "dpkg-dev": { - "version": "1.19.7ubuntu3.2", - "arch": "all" - }, - "e2fsprogs": { - "version": "1.45.5-2ubuntu1.1", - "arch": "amd64" - }, - "eatmydata": { - "version": "105-7", - "arch": "all" - }, - "ed": { - "version": "1.16-1", - "arch": "amd64" - }, - "eject": { - "version": "2.1.5+deb1+cvs20081104-14", - "arch": "amd64" - }, - "ethtool": { - "version": "1:5.4-1", - "arch": "amd64" - }, - "fakeroot": { - "version": "1.24-1", - "arch": "amd64" - }, - "fdisk": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "file": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "finalrd": { - "version": "6~ubuntu20.04.1", - "arch": "all" - }, - "findutils": { - "version": "4.7.0-1ubuntu1", - "arch": "amd64" - }, - "flex": { - "version": "2.6.4-6.2", - "arch": "amd64" - }, - "ftp": { - "version": "0.17-34.1", - "arch": "amd64" - }, - "fuse": { - "version": "2.9.9-3", - "arch": "amd64" - }, - "fwupd": { - "version": "1.7.9-1~20.04.1", - "arch": "amd64" - }, - "fwupd-signed": { - "version": "1.51~20.04.1+1.2-3ubuntu0.2", - "arch": "amd64" - }, - "g++": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "g++-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gawk": { - "version": "1:5.0.1+dfsg-1", - "arch": "amd64" - }, - "gcc": { - "version": "4:9.3.0-1ubuntu2", - "arch": "amd64" - }, - "gcc-10-base": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "gcc-9": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gcc-9-base": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "gdisk": { - "version": "1.0.5-1", - "arch": "amd64" - }, - "gettext": { - "version": "0.19.8.1-10build1", - "arch": "amd64" - }, - "gettext-base": { - "version": "0.19.8.1-10build1", - "arch": "amd64" - }, - "gir1.2-glib-2.0": { - "version": "1.64.1-1~ubuntu20.04.1", - "arch": "amd64" - }, - "gir1.2-packagekitglib-1.0": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "git": { - "version": "1:2.25.1-1ubuntu3.10", - "arch": "amd64" - }, - "git-man": { - "version": "1:2.25.1-1ubuntu3.10", - "arch": "all" - }, - "glib-networking": { - "version": "2.64.2-1ubuntu0.1", - "arch": "amd64" - }, - "glib-networking-common": { - "version": "2.64.2-1ubuntu0.1", - "arch": "all" - }, - "glib-networking-services": { - "version": "2.64.2-1ubuntu0.1", - "arch": "amd64" - }, - "gnupg": { - "version": "2.2.19-3ubuntu2.2", - "arch": "all" - }, - "gnupg-l10n": { - "version": "2.2.19-3ubuntu2.2", - "arch": "all" - }, - "gnupg-utils": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpg": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpg-agent": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpg-wks-client": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpg-wks-server": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpgconf": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpgsm": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "gpgv": { - "version": "2.2.19-3ubuntu2.2", - "arch": "amd64" - }, - "grep": { - "version": "3.4-1", - "arch": "amd64" - }, - "groff-base": { - "version": "1.22.4-4build1", - "arch": "amd64" - }, - "grub-common": { - "version": "2.04-1ubuntu26.16", - "arch": "amd64" - }, - "grub-gfxpayload-lists": { - "version": "0.7", - "arch": "amd64" - }, - "grub-pc": { - "version": "2.04-1ubuntu26.16", - "arch": "amd64" - }, - "grub-pc-bin": { - "version": "2.04-1ubuntu26.16", - "arch": "amd64" - }, - "grub2-common": { - "version": "2.04-1ubuntu26.16", - "arch": "amd64" - }, - "gsettings-desktop-schemas": { - "version": "3.36.0-1ubuntu1", - "arch": "all" - }, - "guile-2.2-libs": { - "version": "2.2.7+1-4", - "arch": "amd64" - }, - "gzip": { - "version": "1.10-0ubuntu4.1", - "arch": "amd64" - }, - "hdparm": { - "version": "9.58+ds-4", - "arch": "amd64" - }, - "hostname": { - "version": "3.23", - "arch": "amd64" - }, - "htop": { - "version": "2.2.0-2build1", - "arch": "amd64" - }, - "info": { - "version": "6.7.0.dfsg.2-5", - "arch": "amd64" - }, - "init": { - "version": "1.57", - "arch": "amd64" - }, - "init-system-helpers": { - "version": "1.57", - "arch": "all" - }, - "initramfs-tools": { - "version": "0.136ubuntu6.7", - "arch": "all" - }, - "initramfs-tools-bin": { - "version": "0.136ubuntu6.7", - "arch": "amd64" - }, - "initramfs-tools-core": { - "version": "0.136ubuntu6.7", - "arch": "all" - }, - "install-info": { - "version": "6.7.0.dfsg.2-5", - "arch": "amd64" - }, - "intel-microcode": { - "version": "3.20230214.0ubuntu0.20.04.1", - "arch": "amd64" - }, - "iproute2": { - "version": "5.5.0-1ubuntu1", - "arch": "amd64" - }, - "iptables": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "iputils-ping": { - "version": "3:20190709-3", - "arch": "amd64" - }, - "iputils-tracepath": { - "version": "3:20190709-3", - "arch": "amd64" - }, - "irqbalance": { - "version": "1.6.0-3ubuntu1", - "arch": "amd64" - }, - "isc-dhcp-client": { - "version": "4.4.1-2.1ubuntu5.20.04.5", - "arch": "amd64" - }, - "isc-dhcp-common": { - "version": "4.4.1-2.1ubuntu5.20.04.5", - "arch": "amd64" - }, - "iso-codes": { - "version": "4.4-1", - "arch": "all" - }, - "iucode-tool": { - "version": "2.3.1-1", - "arch": "amd64" - }, - "iw": { - "version": "5.4-1", - "arch": "amd64" - }, - "kbd": { - "version": "2.0.4-4ubuntu2", - "arch": "amd64" - }, - "keyboard-configuration": { - "version": "1.194ubuntu3", - "arch": "all" - }, - "klibc-utils": { - "version": "2.0.7-1ubuntu5.1", - "arch": "amd64" - }, - "kmod": { - "version": "27-1ubuntu2.1", - "arch": "amd64" - }, - "kpartx": { - "version": "0.8.3-1ubuntu2.1", - "arch": "amd64" - }, - "krb5-locales": { - "version": "1.17-6ubuntu4.2", - "arch": "all" - }, - "landscape-common": { - "version": "19.12-0ubuntu4.3", - "arch": "amd64" - }, - "language-selector-common": { - "version": "0.204.2", - "arch": "all" - }, - "less": { - "version": "551-1ubuntu0.1", - "arch": "amd64" - }, - "libaccountsservice0": { - "version": "0.6.55-0ubuntu12~20.04.5", - "arch": "amd64" - }, - "libacl1": { - "version": "2.2.53-6", - "arch": "amd64" - }, - "libaio-dev": { - "version": "0.3.112-5", - "arch": "amd64" - }, - "libaio1": { - "version": "0.3.112-5", - "arch": "amd64" - }, - "libalgorithm-diff-perl": { - "version": "1.19.03-2", - "arch": "all" - }, - "libalgorithm-diff-xs-perl": { - "version": "0.04-6", - "arch": "amd64" - }, - "libalgorithm-merge-perl": { - "version": "0.08-3", - "arch": "all" - }, - "libapparmor1": { - "version": "2.13.3-7ubuntu5.1", - "arch": "amd64" - }, - "libappstream4": { - "version": "0.12.10-2", - "arch": "amd64" - }, - "libapt-pkg6.0": { - "version": "2.0.9", - "arch": "amd64" - }, - "libarchive13": { - "version": "3.4.0-2ubuntu1.2", - "arch": "amd64" - }, - "libargon2-1": { - "version": "0~20171227-0.2", - "arch": "amd64" - }, - "libasan5": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libasn1-8-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libasound2": { - "version": "1.2.2-2.1ubuntu2.5", - "arch": "amd64" - }, - "libasound2-data": { - "version": "1.2.2-2.1ubuntu2.5", - "arch": "all" - }, - "libassuan0": { - "version": "2.5.3-7ubuntu2", - "arch": "amd64" - }, - "libatasmart4": { - "version": "0.19-5", - "arch": "amd64" - }, - "libatm1": { - "version": "1:2.5.1-4", - "arch": "amd64" - }, - "libatomic-ops-dev": { - "version": "7.6.10-1ubuntu2", - "arch": "amd64" - }, - "libatomic1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libattr1": { - "version": "1:2.4.48-5", - "arch": "amd64" - }, - "libaudit-common": { - "version": "1:2.8.5-2ubuntu6", - "arch": "all" - }, - "libaudit1": { - "version": "1:2.8.5-2ubuntu6", - "arch": "amd64" - }, - "libbinutils": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "libblkid1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libblockdev-crypto2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-fs2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-loop2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-part-err2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-part2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-swap2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev-utils2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libblockdev2": { - "version": "2.23-2ubuntu3", - "arch": "amd64" - }, - "libbrotli1": { - "version": "1.0.7-6ubuntu0.1", - "arch": "amd64" - }, - "libbsd0": { - "version": "0.10.0-1", - "arch": "amd64" - }, - "libbz2-1.0": { - "version": "1.0.8-2", - "arch": "amd64" - }, - "libc-bin": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libc-dev-bin": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libc6": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libc6-dev": { - "version": "2.31-0ubuntu9.9", - "arch": "amd64" - }, - "libcanberra0": { - "version": "0.30-7ubuntu1", - "arch": "amd64" - }, - "libcap-ng0": { - "version": "0.7.9-2.1build1", - "arch": "amd64" - }, - "libcap2": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libcap2-bin": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libcbor0.6": { - "version": "0.6.0-0ubuntu1", - "arch": "amd64" - }, - "libcc1-0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libcom-err2": { - "version": "1.45.5-2ubuntu1.1", - "arch": "amd64" - }, - "libcroco3": { - "version": "0.6.13-1", - "arch": "amd64" - }, - "libcrypt-dev": { - "version": "1:4.4.10-10ubuntu4", - "arch": "amd64" - }, - "libcrypt1": { - "version": "1:4.4.10-10ubuntu4", - "arch": "amd64" - }, - "libcryptsetup12": { - "version": "2:2.2.2-3ubuntu2.4", - "arch": "amd64" - }, - "libctf-nobfd0": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "libctf0": { - "version": "2.34-6ubuntu1.4", - "arch": "amd64" - }, - "libcurl3-gnutls": { - "version": "7.68.0-1ubuntu2.16", - "arch": "amd64" - }, - "libcurl4": { - "version": "7.68.0-1ubuntu2.18", - "arch": "amd64" - }, - "libdb5.3": { - "version": "5.3.28+dfsg1-0.6ubuntu2", - "arch": "amd64" - }, - "libdbus-1-3": { - "version": "1.12.16-2ubuntu2.3", - "arch": "amd64" - }, - "libdbus-glib-1-2": { - "version": "0.110-5fakssync1", - "arch": "amd64" - }, - "libdconf1": { - "version": "0.36.0-1", - "arch": "amd64" - }, - "libdebconfclient0": { - "version": "0.251ubuntu1", - "arch": "amd64" - }, - "libdevmapper-event1.02.1": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "libdevmapper1.02.1": { - "version": "2:1.02.167-1ubuntu1", - "arch": "amd64" - }, - "libdns-export1109": { - "version": "1:9.11.16+dfsg-3~ubuntu1", - "arch": "amd64" - }, - "libdpkg-perl": { - "version": "1.19.7ubuntu3.2", - "arch": "all" - }, - "libdrm-common": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "all" - }, - "libdrm2": { - "version": "2.4.107-8ubuntu1~20.04.2", - "arch": "amd64" - }, - "libeatmydata1": { - "version": "105-7", - "arch": "amd64" - }, - "libedit2": { - "version": "3.1-20191231-1", - "arch": "amd64" - }, - "libefiboot1": { - "version": "37-2ubuntu2.2", - "arch": "amd64" - }, - "libefivar1": { - "version": "37-2ubuntu2.2", - "arch": "amd64" - }, - "libelf1": { - "version": "0.176-1.1build1", - "arch": "amd64" - }, - "liberror-perl": { - "version": "0.17029-1", - "arch": "all" - }, - "libestr0": { - "version": "0.1.10-2.1", - "arch": "amd64" - }, - "libevdev2": { - "version": "1.9.0+dfsg-1ubuntu0.2", - "arch": "amd64" - }, - "libevent-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libevent-core-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libevent-pthreads-2.1-7": { - "version": "2.1.11-stable-1", - "arch": "amd64" - }, - "libexpat1": { - "version": "2.2.9-1ubuntu0.6", - "arch": "amd64" - }, - "libext2fs2": { - "version": "1.45.5-2ubuntu1.1", - "arch": "amd64" - }, - "libfakeroot": { - "version": "1.24-1", - "arch": "amd64" - }, - "libfastjson4": { - "version": "0.99.8-2", - "arch": "amd64" - }, - "libfdisk1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libffi7": { - "version": "3.3-4", - "arch": "amd64" - }, - "libfido2-1": { - "version": "1.3.1-1ubuntu2", - "arch": "amd64" - }, - "libfile-fcntllock-perl": { - "version": "0.22-3build4", - "arch": "amd64" - }, - "libfl-dev": { - "version": "2.6.4-6.2", - "arch": "amd64" - }, - "libfl2": { - "version": "2.6.4-6.2", - "arch": "amd64" - }, - "libfreetype6": { - "version": "2.10.1-2ubuntu0.2", - "arch": "amd64" - }, - "libfribidi0": { - "version": "1.0.8-2ubuntu0.1", - "arch": "amd64" - }, - "libfuse2": { - "version": "2.9.9-3", - "arch": "amd64" - }, - "libfwupd2": { - "version": "1.7.9-1~20.04.1", - "arch": "amd64" - }, - "libfwupdplugin1": { - "version": "1.5.11-0ubuntu1~20.04.2", - "arch": "amd64" - }, - "libfwupdplugin5": { - "version": "1.7.9-1~20.04.1", - "arch": "amd64" - }, - "libgc1c2": { - "version": "1:7.6.4-0.4ubuntu1", - "arch": "amd64" - }, - "libgcab-1.0-0": { - "version": "1.4-1", - "arch": "amd64" - }, - "libgcc-9-dev": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libgcc-s1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libgcrypt20": { - "version": "1.8.5-5ubuntu1.1", - "arch": "amd64" - }, - "libgdbm-compat4": { - "version": "1.18.1-5", - "arch": "amd64" - }, - "libgdbm6": { - "version": "1.18.1-5", - "arch": "amd64" - }, - "libgirepository-1.0-1": { - "version": "1.64.1-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libglib2.0-0": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "amd64" - }, - "libglib2.0-bin": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "amd64" - }, - "libglib2.0-data": { - "version": "2.64.6-1~ubuntu20.04.4", - "arch": "all" - }, - "libgmp10": { - "version": "2:6.2.0+dfsg-4ubuntu0.1", - "arch": "amd64" - }, - "libgnutls30": { - "version": "3.6.13-2ubuntu1.8", - "arch": "amd64" - }, - "libgomp1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libgpg-error0": { - "version": "1.37-1", - "arch": "amd64" - }, - "libgpgme11": { - "version": "1.13.1-7ubuntu2", - "arch": "amd64" - }, - "libgpm2": { - "version": "1.20.7-5", - "arch": "amd64" - }, - "libgsasl7": { - "version": "1.8.1-1", - "arch": "amd64" - }, - "libgssapi-krb5-2": { - "version": "1.17-6ubuntu4.2", - "arch": "amd64" - }, - "libgssapi3-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libgstreamer1.0-0": { - "version": "1.16.3-0ubuntu1.1", - "arch": "amd64" - }, - "libgudev-1.0-0": { - "version": "1:233-1", - "arch": "amd64" - }, - "libgusb2": { - "version": "0.3.4-0.1", - "arch": "amd64" - }, - "libhcrypto4-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libheimbase1-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libheimntlm0-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libhogweed5": { - "version": "3.5.1+really3.5.1-2ubuntu0.2", - "arch": "amd64" - }, - "libhx509-5-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libicu66": { - "version": "66.1-2ubuntu2.1", - "arch": "amd64" - }, - "libidn11": { - "version": "1.33-2.2ubuntu2", - "arch": "amd64" - }, - "libidn2-0": { - "version": "2.2.0-2", - "arch": "amd64" - }, - "libimobiledevice6": { - "version": "1.2.1~git20191129.9f79242-1build1", - "arch": "amd64" - }, - "libip4tc2": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libip6tc2": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libisc-export1105": { - "version": "1:9.11.16+dfsg-3~ubuntu1", - "arch": "amd64" - }, - "libisl22": { - "version": "0.22.1-1", - "arch": "amd64" - }, - "libisns0": { - "version": "0.97-3", - "arch": "amd64" - }, - "libitm1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libjcat1": { - "version": "0.1.4-0ubuntu0.20.04.1", - "arch": "amd64" - }, - "libjson-c4": { - "version": "0.13.1+dfsg-7ubuntu0.3", - "arch": "amd64" - }, - "libjson-glib-1.0-0": { - "version": "1.4.4-2ubuntu2", - "arch": "amd64" - }, - "libjson-glib-1.0-common": { - "version": "1.4.4-2ubuntu2", - "arch": "all" - }, - "libk5crypto3": { - "version": "1.17-6ubuntu4.2", - "arch": "amd64" - }, - "libkeyutils1": { - "version": "1.6-6ubuntu1.1", - "arch": "amd64" - }, - "libklibc": { - "version": "2.0.7-1ubuntu5.1", - "arch": "amd64" - }, - "libkmod2": { - "version": "27-1ubuntu2.1", - "arch": "amd64" - }, - "libkrb5-26-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libkrb5-3": { - "version": "1.17-6ubuntu4.2", - "arch": "amd64" - }, - "libkrb5support0": { - "version": "1.17-6ubuntu4.2", - "arch": "amd64" - }, - "libksba8": { - "version": "1.3.5-2ubuntu0.20.04.2", - "arch": "amd64" - }, - "libkyotocabinet16v5": { - "version": "1.2.76-4.2build1", - "arch": "amd64" - }, - "libldap-2.4-2": { - "version": "2.4.49+dfsg-2ubuntu1.9", - "arch": "amd64" - }, - "libldap-common": { - "version": "2.4.49+dfsg-2ubuntu1.9", - "arch": "all" - }, - "liblmdb0": { - "version": "0.9.24-1", - "arch": "amd64" - }, - "liblocale-gettext-perl": { - "version": "1.07-4", - "arch": "amd64" - }, - "liblockfile-bin": { - "version": "1.16-1.1", - "arch": "amd64" - }, - "liblockfile1": { - "version": "1.16-1.1", - "arch": "amd64" - }, - "liblsan0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libltdl7": { - "version": "2.4.6-14", - "arch": "amd64" - }, - "liblvm2cmd2.03": { - "version": "2.03.07-1ubuntu1", - "arch": "amd64" - }, - "liblz4-1": { - "version": "1.9.2-2ubuntu0.20.04.1", - "arch": "amd64" - }, - "liblzma5": { - "version": "5.2.4-1ubuntu1.1", - "arch": "amd64" - }, - "liblzo2-2": { - "version": "2.10-2", - "arch": "amd64" - }, - "libmagic-mgc": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "libmagic1": { - "version": "1:5.38-4", - "arch": "amd64" - }, - "libmailutils6": { - "version": "1:3.7-2.1", - "arch": "amd64" - }, - "libmaxminddb0": { - "version": "1.4.2-0ubuntu1.20.04.1", - "arch": "amd64" - }, - "libmbim-glib4": { - "version": "1.26.2-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libmbim-proxy": { - "version": "1.26.2-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libmm-glib0": { - "version": "1.18.6-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libmnl0": { - "version": "1.0.4-2", - "arch": "amd64" - }, - "libmount1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libmpc3": { - "version": "1.1.0-1", - "arch": "amd64" - }, - "libmpdec2": { - "version": "2.4.2-3", - "arch": "amd64" - }, - "libmpfr6": { - "version": "4.0.2-1", - "arch": "amd64" - }, - "libmspack0": { - "version": "0.10.1-2", - "arch": "amd64" - }, - "libmysqlclient21": { - "version": "8.0.33-0ubuntu0.20.04.2", - "arch": "amd64" - }, - "libncurses-dev": { - "version": "6.2-0ubuntu2.1", - "arch": "amd64" - }, - "libncurses5-dev": { - "version": "6.2-0ubuntu2.1", - "arch": "amd64" - }, - "libncurses6": { - "version": "6.2-0ubuntu2.1", - "arch": "amd64" - }, - "libncursesw6": { - "version": "6.2-0ubuntu2.1", - "arch": "amd64" - }, - "libnetfilter-conntrack3": { - "version": "1.0.7-2", - "arch": "amd64" - }, - "libnetplan0": { - "version": "0.104-0ubuntu2~20.04.2", - "arch": "amd64" - }, - "libnettle7": { - "version": "3.5.1+really3.5.1-2ubuntu0.2", - "arch": "amd64" - }, - "libnewt0.52": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "libnfnetlink0": { - "version": "1.0.1-3build1", - "arch": "amd64" - }, - "libnftnl11": { - "version": "1.1.5-1", - "arch": "amd64" - }, - "libnghttp2-14": { - "version": "1.40.0-1build1", - "arch": "amd64" - }, - "libnl-3-200": { - "version": "3.4.0-1ubuntu0.1", - "arch": "amd64" - }, - "libnl-genl-3-200": { - "version": "3.4.0-1ubuntu0.1", - "arch": "amd64" - }, - "libnpth0": { - "version": "1.6-1", - "arch": "amd64" - }, - "libnspr4": { - "version": "2:4.25-1", - "arch": "amd64" - }, - "libnss-systemd": { - "version": "245.4-4ubuntu3.22", - "arch": "amd64" - }, - "libnss3": { - "version": "2:3.49.1-1ubuntu1.9", - "arch": "amd64" - }, - "libntfs-3g883": { - "version": "1:2017.3.23AR.3-3ubuntu1.3", - "arch": "amd64" - }, - "libntlm0": { - "version": "1.5-2ubuntu0.1", - "arch": "amd64" - }, - "libnuma1": { - "version": "2.0.12-1", - "arch": "amd64" - }, - "libogg0": { - "version": "1.3.4-0ubuntu1", - "arch": "amd64" - }, - "libopts25": { - "version": "1:5.18.16-3", - "arch": "amd64" - }, - "libp11-kit0": { - "version": "0.23.20-1ubuntu0.1", - "arch": "amd64" - }, - "libpackagekit-glib2-18": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "libpam-cap": { - "version": "1:2.32-1", - "arch": "amd64" - }, - "libpam-modules": { - "version": "1.3.1-5ubuntu4.6", - "arch": "amd64" - }, - "libpam-modules-bin": { - "version": "1.3.1-5ubuntu4.6", - "arch": "amd64" - }, - "libpam-runtime": { - "version": "1.3.1-5ubuntu4.6", - "arch": "all" - }, - "libpam-systemd": { - "version": "245.4-4ubuntu3.22", - "arch": "amd64" - }, - "libpam0g": { - "version": "1.3.1-5ubuntu4.6", - "arch": "amd64" - }, - "libparted-fs-resize0": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "libparted2": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "libpcap0.8": { - "version": "1.9.1-3", - "arch": "amd64" - }, - "libpci3": { - "version": "1:3.6.4-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "libpcre2-8-0": { - "version": "10.34-7ubuntu0.1", - "arch": "amd64" - }, - "libpcre3": { - "version": "2:8.39-12ubuntu0.1", - "arch": "amd64" - }, - "libperl-dev": { - "version": "5.30.0-9ubuntu0.4", - "arch": "amd64" - }, - "libperl5.30": { - "version": "5.30.0-9ubuntu0.4", - "arch": "amd64" - }, - "libpipeline1": { - "version": "1.5.2-2build1", - "arch": "amd64" - }, - "libplist3": { - "version": "2.1.0-4build2", - "arch": "amd64" - }, - "libplymouth5": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "libpng16-16": { - "version": "1.6.37-2", - "arch": "amd64" - }, - "libpolkit-agent-1-0": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "libpolkit-gobject-1-0": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "libpopt0": { - "version": "1.16-14", - "arch": "amd64" - }, - "libprocps8": { - "version": "2:3.3.16-1ubuntu2.3", - "arch": "amd64" - }, - "libprotobuf17": { - "version": "3.6.1.3-2ubuntu5.2", - "arch": "amd64" - }, - "libproxy1v5": { - "version": "0.4.15-10ubuntu1.2", - "arch": "amd64" - }, - "libpsl5": { - "version": "0.21.0-1ubuntu1", - "arch": "amd64" - }, - "libpython3-stdlib": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "libpython3.8": { - "version": "3.8.10-0ubuntu1~20.04.6", - "arch": "amd64" - }, - "libpython3.8-minimal": { - "version": "3.8.10-0ubuntu1~20.04.6", - "arch": "amd64" - }, - "libpython3.8-stdlib": { - "version": "3.8.10-0ubuntu1~20.04.6", - "arch": "amd64" - }, - "libqmi-glib5": { - "version": "1.30.4-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libqmi-proxy": { - "version": "1.30.4-1~ubuntu20.04.1", - "arch": "amd64" - }, - "libquadmath0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libreadline-dev": { - "version": "8.0-4", - "arch": "amd64" - }, - "libreadline5": { - "version": "5.2+dfsg-3build3", - "arch": "amd64" - }, - "libreadline8": { - "version": "8.0-4", - "arch": "amd64" - }, - "libroken18-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "librtmp1": { - "version": "2.4+20151223.gitfa8646d.1-2build1", - "arch": "amd64" - }, - "libsasl2-2": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libsasl2-modules": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libsasl2-modules-db": { - "version": "2.1.27+dfsg-2ubuntu0.1", - "arch": "amd64" - }, - "libseccomp2": { - "version": "2.5.1-1ubuntu1~20.04.2", - "arch": "amd64" - }, - "libselinux1": { - "version": "3.0-1build2", - "arch": "amd64" - }, - "libsemanage-common": { - "version": "3.0-1build2", - "arch": "all" - }, - "libsemanage1": { - "version": "3.0-1build2", - "arch": "amd64" - }, - "libsepol1": { - "version": "3.0-1ubuntu0.1", - "arch": "amd64" - }, - "libsgutils2-2": { - "version": "1.44-1ubuntu2", - "arch": "amd64" - }, - "libsigsegv2": { - "version": "2.12-2", - "arch": "amd64" - }, - "libslang2": { - "version": "2.3.2-4", - "arch": "amd64" - }, - "libsmartcols1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libsmbios-c2": { - "version": "2.4.3-1", - "arch": "amd64" - }, - "libsodium23": { - "version": "1.0.18-1", - "arch": "amd64" - }, - "libsoup2.4-1": { - "version": "2.70.0-1", - "arch": "amd64" - }, - "libsqlite3-0": { - "version": "3.31.1-4ubuntu0.5", - "arch": "amd64" - }, - "libss2": { - "version": "1.45.5-2ubuntu1.1", - "arch": "amd64" - }, - "libssh-4": { - "version": "0.9.3-2ubuntu2.2", - "arch": "amd64" - }, - "libssl-dev": { - "version": "1.1.1f-1ubuntu2.19", - "arch": "amd64" - }, - "libssl1.1": { - "version": "1.1.1f-1ubuntu2.19", - "arch": "amd64" - }, - "libstdc++-9-dev": { - "version": "9.4.0-1ubuntu1~20.04.1", - "arch": "amd64" - }, - "libstdc++6": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libstemmer0d": { - "version": "0+svn585-2", - "arch": "amd64" - }, - "libsystemd0": { - "version": "245.4-4ubuntu3.22", - "arch": "amd64" - }, - "libtasn1-6": { - "version": "4.16.0-2", - "arch": "amd64" - }, - "libtdb1": { - "version": "1.4.5-0ubuntu0.20.04.1", - "arch": "amd64" - }, - "libtext-charwidth-perl": { - "version": "0.04-10", - "arch": "amd64" - }, - "libtext-iconv-perl": { - "version": "1.7-7", - "arch": "amd64" - }, - "libtext-wrapi18n-perl": { - "version": "0.06-9", - "arch": "all" - }, - "libtinfo6": { - "version": "6.2-0ubuntu2.1", - "arch": "amd64" - }, - "libtsan0": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libtss2-esys0": { - "version": "2.3.2-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "libubsan1": { - "version": "10.3.0-1ubuntu1~20.04", - "arch": "amd64" - }, - "libuchardet0": { - "version": "0.0.6-3build1", - "arch": "amd64" - }, - "libudev1": { - "version": "245.4-4ubuntu3.20", - "arch": "amd64" - }, - "libudisks2-0": { - "version": "2.8.4-1ubuntu2", - "arch": "amd64" - }, - "libunistring2": { - "version": "0.9.10-2", - "arch": "amd64" - }, - "libunwind8": { - "version": "1.2.1-9build1", - "arch": "amd64" - }, - "libupower-glib3": { - "version": "0.99.11-1build2", - "arch": "amd64" - }, - "liburcu6": { - "version": "0.11.1-2", - "arch": "amd64" - }, - "libusb-1.0-0": { - "version": "2:1.0.23-2build1", - "arch": "amd64" - }, - "libusbmuxd6": { - "version": "2.0.1-2", - "arch": "amd64" - }, - "libutempter0": { - "version": "1.1.6-4", - "arch": "amd64" - }, - "libuuid1": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "libuv1": { - "version": "1.34.2-1ubuntu1.3", - "arch": "amd64" - }, - "libvolume-key1": { - "version": "0.3.12-3.1", - "arch": "amd64" - }, - "libvorbis0a": { - "version": "1.3.6-2ubuntu1", - "arch": "amd64" - }, - "libvorbisfile3": { - "version": "1.3.6-2ubuntu1", - "arch": "amd64" - }, - "libwind0-heimdal": { - "version": "7.7.0+dfsg-1ubuntu1.4", - "arch": "amd64" - }, - "libwrap0": { - "version": "7.6.q-30", - "arch": "amd64" - }, - "libxml2": { - "version": "2.9.10+dfsg-5ubuntu0.20.04.5", - "arch": "amd64" - }, - "libxmlb1": { - "version": "0.1.15-2ubuntu1~20.04.1", - "arch": "amd64" - }, - "libxmlb2": { - "version": "0.3.6-2build1~20.04.1", - "arch": "amd64" - }, - "libxmlsec1": { - "version": "1.2.28-2", - "arch": "amd64" - }, - "libxmlsec1-openssl": { - "version": "1.2.28-2", - "arch": "amd64" - }, - "libxslt1.1": { - "version": "1.1.34-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "libxtables12": { - "version": "1.8.4-3ubuntu2", - "arch": "amd64" - }, - "libyaml-0-2": { - "version": "0.2.2-1", - "arch": "amd64" - }, - "libzstd1": { - "version": "1.4.4+dfsg-3ubuntu0.1", - "arch": "amd64" - }, - "linux-base": { - "version": "4.5ubuntu3.7", - "arch": "all" - }, - "linux-firmware": { - "version": "1.187.36", - "arch": "all" - }, - "linux-image-5.4.0-144-generic": { - "version": "5.4.0-144.161", - "arch": "amd64" - }, - "linux-image-generic": { - "version": "5.4.0.144.142", - "arch": "amd64" - }, - "linux-libc-dev": { - "version": "5.4.0-153.170", - "arch": "amd64" - }, - "linux-modules-5.4.0-144-generic": { - "version": "5.4.0-144.161", - "arch": "amd64" - }, - "linux-modules-extra-5.4.0-144-generic": { - "version": "5.4.0-144.161", - "arch": "amd64" - }, - "locales": { - "version": "2.31-0ubuntu9.9", - "arch": "all" - }, - "login": { - "version": "1:4.8.1-1ubuntu5.20.04.4", - "arch": "amd64" - }, - "logrotate": { - "version": "3.14.0-4ubuntu3", - "arch": "amd64" - }, - "logsave": { - "version": "1.45.5-2ubuntu1.1", - "arch": "amd64" - }, - "lsb-base": { - "version": "11.1.0ubuntu2", - "arch": "all" - }, - "lsb-release": { - "version": "11.1.0ubuntu2", - "arch": "all" - }, - "lshw": { - "version": "02.18.85-0.3ubuntu2.20.04.1", - "arch": "amd64" - }, - "lsof": { - "version": "4.93.2+dfsg-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "ltrace": { - "version": "0.7.3-6.1ubuntu1", - "arch": "amd64" - }, - "lvm2": { - "version": "2.03.07-1ubuntu1", - "arch": "amd64" - }, - "lxd-agent-loader": { - "version": "0.4", - "arch": "all" - }, - "lz4": { - "version": "1.9.2-2ubuntu0.20.04.1", - "arch": "amd64" - }, - "m4": { - "version": "1.4.18-4", - "arch": "amd64" - }, - "mailutils": { - "version": "1:3.7-2.1", - "arch": "amd64" - }, - "mailutils-common": { - "version": "1:3.7-2.1", - "arch": "all" - }, - "make": { - "version": "4.2.1-1.2", - "arch": "amd64" - }, - "man-db": { - "version": "2.9.1-1", - "arch": "amd64" - }, - "manpages": { - "version": "5.05-1", - "arch": "all" - }, - "manpages-dev": { - "version": "5.05-1", - "arch": "all" - }, - "mawk": { - "version": "1.3.4.20200120-2", - "arch": "amd64" - }, - "mdadm": { - "version": "4.1-5ubuntu1.2", - "arch": "amd64" - }, - "mime-support": { - "version": "3.64ubuntu1", - "arch": "all" - }, - "modemmanager": { - "version": "1.18.6-1~ubuntu20.04.1", - "arch": "amd64" - }, - "mosh": { - "version": "1.3.2-2.1build3", - "arch": "amd64" - }, - "mount": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "mtr-tiny": { - "version": "0.93-1", - "arch": "amd64" - }, - "multipath-tools": { - "version": "0.8.3-1ubuntu2.1", - "arch": "amd64" - }, - "mysql-common": { - "version": "5.8+1.0.5ubuntu2", - "arch": "all" - }, - "nano": { - "version": "4.8-1ubuntu1", - "arch": "amd64" - }, - "ncurses-base": { - "version": "6.2-0ubuntu2", - "arch": "all" - }, - "ncurses-bin": { - "version": "6.2-0ubuntu2", - "arch": "amd64" - }, - "ncurses-term": { - "version": "6.2-0ubuntu2", - "arch": "all" - }, - "netbase": { - "version": "6.1", - "arch": "all" - }, - "netcat-openbsd": { - "version": "1.206-1ubuntu1", - "arch": "amd64" - }, - "netplan.io": { - "version": "0.104-0ubuntu2~20.04.2", - "arch": "amd64" - }, - "networkd-dispatcher": { - "version": "2.1-2~ubuntu20.04.3", - "arch": "all" - }, - "ntfs-3g": { - "version": "1:2017.3.23AR.3-3ubuntu1.3", - "arch": "amd64" - }, - "ntp": { - "version": "1:4.2.8p12+dfsg-3ubuntu4.20.04.1", - "arch": "amd64" - }, - "open-iscsi": { - "version": "2.0.874-7.1ubuntu6.2", - "arch": "amd64" - }, - "open-vm-tools": { - "version": "2:11.3.0-2ubuntu0~ubuntu20.04.4", - "arch": "amd64" - }, - "openresty": { - "version": "1.21.4.1-1~focal1", - "arch": "amd64" - }, - "openresty-openssl111": { - "version": "1.1.1s-1~focal1", - "arch": "amd64" - }, - "openresty-opm": { - "version": "1.21.4.1-1~focal1", - "arch": "amd64" - }, - "openresty-pcre": { - "version": "8.45-1~focal1", - "arch": "amd64" - }, - "openresty-resty": { - "version": "1.21.4.1-1~focal1", - "arch": "all" - }, - "openresty-zlib": { - "version": "1.2.13-1~focal1", - "arch": "amd64" - }, - "openssh-client": { - "version": "1:8.2p1-4ubuntu0.5", - "arch": "amd64" - }, - "openssh-server": { - "version": "1:8.2p1-4ubuntu0.5", - "arch": "amd64" - }, - "openssh-sftp-server": { - "version": "1:8.2p1-4ubuntu0.5", - "arch": "amd64" - }, - "openssl": { - "version": "1.1.1f-1ubuntu2.17", - "arch": "amd64" - }, - "os-prober": { - "version": "1.74ubuntu2", - "arch": "amd64" - }, - "overlayroot": { - "version": "0.45ubuntu2", - "arch": "all" - }, - "packagekit": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "packagekit-tools": { - "version": "1.1.13-2ubuntu1.1", - "arch": "amd64" - }, - "parted": { - "version": "3.3-4ubuntu0.20.04.1", - "arch": "amd64" - }, - "passwd": { - "version": "1:4.8.1-1ubuntu5.20.04.4", - "arch": "amd64" - }, - "pastebinit": { - "version": "1.5.1-1", - "arch": "all" - }, - "patch": { - "version": "2.7.6-6", - "arch": "amd64" - }, - "pci.ids": { - "version": "0.0~2020.03.20-1", - "arch": "all" - }, - "pciutils": { - "version": "1:3.6.4-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "perl": { - "version": "5.30.0-9ubuntu0.4", - "arch": "amd64" - }, - "perl-base": { - "version": "5.30.0-9ubuntu0.4", - "arch": "amd64" - }, - "perl-modules-5.30": { - "version": "5.30.0-9ubuntu0.4", - "arch": "all" - }, - "pinentry-curses": { - "version": "1.1.0-3build1", - "arch": "amd64" - }, - "plymouth": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "plymouth-theme-ubuntu-text": { - "version": "0.9.4git20200323-0ubuntu6.2", - "arch": "amd64" - }, - "policykit-1": { - "version": "0.105-26ubuntu1.3", - "arch": "amd64" - }, - "pollinate": { - "version": "4.33-3ubuntu1.20.04.1", - "arch": "all" - }, - "postfix": { - "version": "3.4.13-0ubuntu1.2", - "arch": "amd64" - }, - "powermgmt-base": { - "version": "1.36", - "arch": "all" - }, - "procps": { - "version": "2:3.3.16-1ubuntu2.3", - "arch": "amd64" - }, - "psmisc": { - "version": "23.3-1", - "arch": "amd64" - }, - "publicsuffix": { - "version": "20200303.0012-1", - "arch": "all" - }, - "python-apt-common": { - "version": "2.0.1ubuntu0.20.04.1", - "arch": "all" - }, - "python3": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "python3-apport": { - "version": "2.20.11-0ubuntu27.25", - "arch": "all" - }, - "python3-apt": { - "version": "2.0.1ubuntu0.20.04.1", - "arch": "amd64" - }, - "python3-attr": { - "version": "19.3.0-2", - "arch": "all" - }, - "python3-automat": { - "version": "0.8.0-1ubuntu1", - "arch": "all" - }, - "python3-blinker": { - "version": "1.4+dfsg1-0.3ubuntu1", - "arch": "all" - }, - "python3-certifi": { - "version": "2019.11.28-1", - "arch": "all" - }, - "python3-cffi-backend": { - "version": "1.14.0-1build1", - "arch": "amd64" - }, - "python3-chardet": { - "version": "3.0.4-4build1", - "arch": "all" - }, - "python3-click": { - "version": "7.0-3", - "arch": "all" - }, - "python3-colorama": { - "version": "0.4.3-1build1", - "arch": "all" - }, - "python3-configobj": { - "version": "5.0.6-4", - "arch": "all" - }, - "python3-constantly": { - "version": "15.1.0-1build1", - "arch": "all" - }, - "python3-cryptography": { - "version": "2.8-3ubuntu0.1", - "arch": "amd64" - }, - "python3-dbus": { - "version": "1.2.16-1build1", - "arch": "amd64" - }, - "python3-debconf": { - "version": "1.5.73", - "arch": "all" - }, - "python3-distro": { - "version": "1.4.0-1", - "arch": "all" - }, - "python3-distro-info": { - "version": "0.23ubuntu1", - "arch": "all" - }, - "python3-distutils": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "all" - }, - "python3-entrypoints": { - "version": "0.3-2ubuntu1", - "arch": "all" - }, - "python3-gdbm": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "amd64" - }, - "python3-gi": { - "version": "3.36.0-1", - "arch": "amd64" - }, - "python3-hamcrest": { - "version": "1.9.0-3", - "arch": "all" - }, - "python3-httplib2": { - "version": "0.14.0-1ubuntu1", - "arch": "all" - }, - "python3-hyperlink": { - "version": "19.0.0-1", - "arch": "all" - }, - "python3-idna": { - "version": "2.8-1", - "arch": "all" - }, - "python3-importlib-metadata": { - "version": "1.5.0-1", - "arch": "all" - }, - "python3-incremental": { - "version": "16.10.1-3.2", - "arch": "all" - }, - "python3-jinja2": { - "version": "2.10.1-2", - "arch": "all" - }, - "python3-json-pointer": { - "version": "2.0-0ubuntu1", - "arch": "all" - }, - "python3-jsonpatch": { - "version": "1.23-3", - "arch": "all" - }, - "python3-jsonschema": { - "version": "3.2.0-0ubuntu2", - "arch": "all" - }, - "python3-jwt": { - "version": "1.7.1-2ubuntu2.1", - "arch": "all" - }, - "python3-keyring": { - "version": "18.0.1-2ubuntu1", - "arch": "all" - }, - "python3-launchpadlib": { - "version": "1.10.13-1", - "arch": "all" - }, - "python3-lazr.restfulclient": { - "version": "0.14.2-2build1", - "arch": "all" - }, - "python3-lazr.uri": { - "version": "1.0.3-4build1", - "arch": "all" - }, - "python3-lib2to3": { - "version": "3.8.10-0ubuntu1~20.04", - "arch": "all" - }, - "python3-markupsafe": { - "version": "1.1.0-1build2", - "arch": "amd64" - }, - "python3-minimal": { - "version": "3.8.2-0ubuntu2", - "arch": "amd64" - }, - "python3-more-itertools": { - "version": "4.2.0-1build1", - "arch": "all" - }, - "python3-nacl": { - "version": "1.3.0-5", - "arch": "amd64" - }, - "python3-netifaces": { - "version": "0.10.4-1ubuntu4", - "arch": "amd64" - }, - "python3-newt": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "python3-oauthlib": { - "version": "3.1.0-1ubuntu2", - "arch": "all" - }, - "python3-openssl": { - "version": "19.0.0-1build1", - "arch": "all" - }, - "python3-pexpect": { - "version": "4.6.0-1build1", - "arch": "all" - }, - "python3-pkg-resources": { - "version": "45.2.0-1ubuntu0.1", - "arch": "all" - }, - "python3-problem-report": { - "version": "2.20.11-0ubuntu27.25", - "arch": "all" - }, - "python3-ptyprocess": { - "version": "0.6.0-1ubuntu1", - "arch": "all" - }, - "python3-pyasn1": { - "version": "0.4.2-3build1", - "arch": "all" - }, - "python3-pyasn1-modules": { - "version": "0.2.1-0.2build1", - "arch": "all" - }, - "python3-pymacaroons": { - "version": "0.13.0-3", - "arch": "all" - }, - "python3-pyrsistent": { - "version": "0.15.5-1build1", - "arch": "amd64" - }, - "python3-requests": { - "version": "2.22.0-2ubuntu1", - "arch": "all" - }, - "python3-requests-unixsocket": { - "version": "0.2.0-2", - "arch": "all" - }, - "python3-secretstorage": { - "version": "2.3.1-2ubuntu1", - "arch": "all" - }, - "python3-serial": { - "version": "3.4-5.1", - "arch": "all" - }, - "python3-service-identity": { - "version": "18.1.0-5build1", - "arch": "all" - }, - "python3-setuptools": { - "version": "45.2.0-1ubuntu0.1", - "arch": "all" - }, - "python3-simplejson": { - "version": "3.16.0-2ubuntu2", - "arch": "amd64" - }, - "python3-six": { - "version": "1.14.0-2", - "arch": "all" - }, - "python3-software-properties": { - "version": "0.99.9.11", - "arch": "all" - }, - "python3-systemd": { - "version": "234-3build2", - "arch": "amd64" - }, - "python3-twisted": { - "version": "18.9.0-11ubuntu0.20.04.2", - "arch": "all" - }, - "python3-twisted-bin": { - "version": "18.9.0-11ubuntu0.20.04.2", - "arch": "amd64" - }, - "python3-urllib3": { - "version": "1.25.8-2ubuntu0.2", - "arch": "all" - }, - "python3-wadllib": { - "version": "1.3.3-3build1", - "arch": "all" - }, - "python3-yaml": { - "version": "5.3.1-1ubuntu0.1", - "arch": "amd64" - }, - "python3-zipp": { - "version": "1.0.0-1", - "arch": "all" - }, - "python3-zope.interface": { - "version": "4.7.1-1", - "arch": "amd64" - }, - "python3.8": { - "version": "3.8.10-0ubuntu1~20.04.6", - "arch": "amd64" - }, - "python3.8-minimal": { - "version": "3.8.10-0ubuntu1~20.04.6", - "arch": "amd64" - }, - "readline-common": { - "version": "8.0-4", - "arch": "all" - }, - "rsync": { - "version": "3.1.3-8ubuntu0.5", - "arch": "amd64" - }, - "rsyslog": { - "version": "8.2001.0-1ubuntu1.3", - "arch": "amd64" - }, - "run-one": { - "version": "1.17-0ubuntu1", - "arch": "all" - }, - "sbsigntool": { - "version": "0.9.2-2ubuntu1.1", - "arch": "amd64" - }, - "screen": { - "version": "4.8.0-1ubuntu0.1", - "arch": "amd64" - }, - "secureboot-db": { - "version": "1.5", - "arch": "amd64" - }, - "sed": { - "version": "4.7-1", - "arch": "amd64" - }, - "sensible-utils": { - "version": "0.0.12+nmu1", - "arch": "all" - }, - "sg3-utils": { - "version": "1.44-1ubuntu2", - "arch": "amd64" - }, - "sg3-utils-udev": { - "version": "1.44-1ubuntu2", - "arch": "all" - }, - "shared-mime-info": { - "version": "1.15-1", - "arch": "amd64" - }, - "snapd": { - "version": "2.58+20.04", - "arch": "amd64" - }, - "sntp": { - "version": "1:4.2.8p12+dfsg-3ubuntu4.20.04.1", - "arch": "amd64" - }, - "software-properties-common": { - "version": "0.99.9.11", - "arch": "all" - }, - "sosreport": { - "version": "4.4-1ubuntu0.20.04.1", - "arch": "amd64" - }, - "sound-theme-freedesktop": { - "version": "0.8-2ubuntu1", - "arch": "all" - }, - "squashfs-tools": { - "version": "1:4.4-1ubuntu0.3", - "arch": "amd64" - }, - "ssh-import-id": { - "version": "5.10-0ubuntu1", - "arch": "all" - }, - "ssl-cert": { - "version": "1.0.39", - "arch": "all" - }, - "strace": { - "version": "5.5-3ubuntu1", - "arch": "amd64" - }, - "sudo": { - "version": "1.8.31-1ubuntu1.4", - "arch": "amd64" - }, - "systemd": { - "version": "245.4-4ubuntu3.22", - "arch": "amd64" - }, - "systemd-sysv": { - "version": "245.4-4ubuntu3.22", - "arch": "amd64" - }, - "systemd-timesyncd": { - "version": "245.4-4ubuntu3.20", - "arch": "amd64" - }, - "sysvinit-utils": { - "version": "2.96-2.1ubuntu1", - "arch": "amd64" - }, - "tar": { - "version": "1.30+dfsg-7ubuntu0.20.04.3", - "arch": "amd64" - }, - "tcpdump": { - "version": "4.9.3-4ubuntu0.2", - "arch": "amd64" - }, - "telnet": { - "version": "0.17-41.2build1", - "arch": "amd64" - }, - "thermald": { - "version": "1.9.1-1ubuntu0.6", - "arch": "amd64" - }, - "thin-provisioning-tools": { - "version": "0.8.5-4build1", - "arch": "amd64" - }, - "time": { - "version": "1.7-25.1build1", - "arch": "amd64" - }, - "tmux": { - "version": "3.0a-2ubuntu0.4", - "arch": "amd64" - }, - "tpm-udev": { - "version": "0.4", - "arch": "all" - }, - "tzdata": { - "version": "2022g-0ubuntu0.20.04.1", - "arch": "all" - }, - "ubuntu-advantage-tools": { - "version": "27.13.6~20.04.1", - "arch": "amd64" - }, - "ubuntu-keyring": { - "version": "2020.02.11.4", - "arch": "all" - }, - "ubuntu-minimal": { - "version": "1.450.2", - "arch": "amd64" - }, - "ucf": { - "version": "3.0038+nmu1", - "arch": "all" - }, - "udev": { - "version": "245.4-4ubuntu3.20", - "arch": "amd64" - }, - "udisks2": { - "version": "2.8.4-1ubuntu2", - "arch": "amd64" - }, - "ufw": { - "version": "0.36-6ubuntu1", - "arch": "all" - }, - "unattended-upgrades": { - "version": "2.3ubuntu0.3", - "arch": "all" - }, - "unzip": { - "version": "6.0-25ubuntu1.1", - "arch": "amd64" - }, - "upower": { - "version": "0.99.11-1build2", - "arch": "amd64" - }, - "usb-modeswitch": { - "version": "2.5.2+repack0-2ubuntu3", - "arch": "amd64" - }, - "usb-modeswitch-data": { - "version": "20191128-3", - "arch": "all" - }, - "usb.ids": { - "version": "2020.03.19-1", - "arch": "all" - }, - "usbmuxd": { - "version": "1.1.1~git20191130.9af2b12-1", - "arch": "amd64" - }, - "util-linux": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "uuid-runtime": { - "version": "2.34-0.1ubuntu9.3", - "arch": "amd64" - }, - "vim": { - "version": "2:8.1.2269-1ubuntu5.11", - "arch": "amd64" - }, - "vim-common": { - "version": "2:8.1.2269-1ubuntu5.11", - "arch": "all" - }, - "vim-runtime": { - "version": "2:8.1.2269-1ubuntu5.11", - "arch": "all" - }, - "vim-tiny": { - "version": "2:8.1.2269-1ubuntu5.11", - "arch": "amd64" - }, - "wget": { - "version": "1.20.3-1ubuntu2", - "arch": "amd64" - }, - "whiptail": { - "version": "0.52.21-4ubuntu2", - "arch": "amd64" - }, - "wireless-regdb": { - "version": "2022.06.06-0ubuntu1~20.04.1", - "arch": "all" - }, - "xdg-user-dirs": { - "version": "0.17-2ubuntu1", - "arch": "amd64" - }, - "xfsprogs": { - "version": "5.3.0-1ubuntu2", - "arch": "amd64" - }, - "xkb-data": { - "version": "2.29-2", - "arch": "all" - }, - "xxd": { - "version": "2:8.1.2269-1ubuntu5.11", - "arch": "amd64" - }, - "xz-utils": { - "version": "5.2.4-1ubuntu1.1", - "arch": "amd64" - }, - "zerofree": { - "version": "1.1.1-1", - "arch": "amd64" - }, - "zip": { - "version": "3.0-11build1", - "arch": "amd64" - }, - "zlib1g": { - "version": "1:1.2.11.dfsg-2ubuntu1.5", - "arch": "amd64" - }, - "zlib1g-dev": { - "version": "1:1.2.11.dfsg-2ubuntu1.5", - "arch": "amd64" - } - }, - "root_group": "root", - "shard_seed": 64994497, - "shells": [ - "/bin/sh", - "/bin/bash", - "/usr/bin/bash", - "/bin/rbash", - "/usr/bin/rbash", - "/bin/dash", - "/usr/bin/dash", - "/usr/bin/tmux", - "/usr/bin/screen" - ], - "sysconf": { - "LINK_MAX": 65000, - "_POSIX_LINK_MAX": 65000, - "MAX_CANON": 255, - "_POSIX_MAX_CANON": 255, - "MAX_INPUT": 255, - "_POSIX_MAX_INPUT": 255, - "NAME_MAX": 255, - "_POSIX_NAME_MAX": 255, - "PATH_MAX": 4096, - "_POSIX_PATH_MAX": 4096, - "PIPE_BUF": 4096, - "_POSIX_PIPE_BUF": 4096, - "SOCK_MAXBUF": null, - "_POSIX_ASYNC_IO": null, - "_POSIX_CHOWN_RESTRICTED": 1, - "_POSIX_NO_TRUNC": 1, - "_POSIX_PRIO_IO": null, - "_POSIX_SYNC_IO": null, - "_POSIX_VDISABLE": 0, - "ARG_MAX": 2097152, - "ATEXIT_MAX": 2147483647, - "CHAR_BIT": 8, - "CHAR_MAX": 127, - "CHAR_MIN": -128, - "CHILD_MAX": 3546, - "CLK_TCK": 100, - "INT_MAX": 2147483647, - "INT_MIN": -2147483648, - "IOV_MAX": 1024, - "LOGNAME_MAX": 256, - "LONG_BIT": 64, - "MB_LEN_MAX": 16, - "NGROUPS_MAX": 65536, - "NL_ARGMAX": 4096, - "NL_LANGMAX": 2048, - "NL_MSGMAX": 2147483647, - "NL_NMAX": 2147483647, - "NL_SETMAX": 2147483647, - "NL_TEXTMAX": 2147483647, - "NSS_BUFLEN_GROUP": 1024, - "NSS_BUFLEN_PASSWD": 1024, - "NZERO": 20, - "OPEN_MAX": 1024, - "PAGESIZE": 4096, - "PAGE_SIZE": 4096, - "PASS_MAX": 8192, - "PTHREAD_DESTRUCTOR_ITERATIONS": 4, - "PTHREAD_KEYS_MAX": 1024, - "PTHREAD_STACK_MIN": 16384, - "PTHREAD_THREADS_MAX": null, - "SCHAR_MAX": 127, - "SCHAR_MIN": -128, - "SHRT_MAX": 32767, - "SHRT_MIN": -32768, - "SSIZE_MAX": 32767, - "TTY_NAME_MAX": 32, - "TZNAME_MAX": null, - "UCHAR_MAX": 255, - "UINT_MAX": 4294967295, - "UIO_MAXIOV": 1024, - "ULONG_MAX": 18446744073709551615, - "USHRT_MAX": 65535, - "WORD_BIT": 32, - "_AVPHYS_PAGES": 25990, - "_NPROCESSORS_CONF": 2, - "_NPROCESSORS_ONLN": 2, - "_PHYS_PAGES": 250028, - "_POSIX_ARG_MAX": 2097152, - "_POSIX_ASYNCHRONOUS_IO": 200809, - "_POSIX_CHILD_MAX": 3546, - "_POSIX_FSYNC": 200809, - "_POSIX_JOB_CONTROL": 1, - "_POSIX_MAPPED_FILES": 200809, - "_POSIX_MEMLOCK": 200809, - "_POSIX_MEMLOCK_RANGE": 200809, - "_POSIX_MEMORY_PROTECTION": 200809, - "_POSIX_MESSAGE_PASSING": 200809, - "_POSIX_NGROUPS_MAX": 65536, - "_POSIX_OPEN_MAX": 1024, - "_POSIX_PII": null, - "_POSIX_PII_INTERNET": null, - "_POSIX_PII_INTERNET_DGRAM": null, - "_POSIX_PII_INTERNET_STREAM": null, - "_POSIX_PII_OSI": null, - "_POSIX_PII_OSI_CLTS": null, - "_POSIX_PII_OSI_COTS": null, - "_POSIX_PII_OSI_M": null, - "_POSIX_PII_SOCKET": null, - "_POSIX_PII_XTI": null, - "_POSIX_POLL": null, - "_POSIX_PRIORITIZED_IO": 200809, - "_POSIX_PRIORITY_SCHEDULING": 200809, - "_POSIX_REALTIME_SIGNALS": 200809, - "_POSIX_SAVED_IDS": 1, - "_POSIX_SELECT": null, - "_POSIX_SEMAPHORES": 200809, - "_POSIX_SHARED_MEMORY_OBJECTS": 200809, - "_POSIX_SSIZE_MAX": 32767, - "_POSIX_STREAM_MAX": 16, - "_POSIX_SYNCHRONIZED_IO": 200809, - "_POSIX_THREADS": 200809, - "_POSIX_THREAD_ATTR_STACKADDR": 200809, - "_POSIX_THREAD_ATTR_STACKSIZE": 200809, - "_POSIX_THREAD_PRIORITY_SCHEDULING": 200809, - "_POSIX_THREAD_PRIO_INHERIT": 200809, - "_POSIX_THREAD_PRIO_PROTECT": 200809, - "_POSIX_THREAD_ROBUST_PRIO_INHERIT": null, - "_POSIX_THREAD_ROBUST_PRIO_PROTECT": null, - "_POSIX_THREAD_PROCESS_SHARED": 200809, - "_POSIX_THREAD_SAFE_FUNCTIONS": 200809, - "_POSIX_TIMERS": 200809, - "TIMER_MAX": null, - "_POSIX_TZNAME_MAX": null, - "_POSIX_VERSION": 200809, - "_T_IOV_MAX": null, - "_XOPEN_CRYPT": null, - "_XOPEN_ENH_I18N": 1, - "_XOPEN_LEGACY": 1, - "_XOPEN_REALTIME": 1, - "_XOPEN_REALTIME_THREADS": 1, - "_XOPEN_SHM": 1, - "_XOPEN_UNIX": 1, - "_XOPEN_VERSION": 700, - "_XOPEN_XCU_VERSION": 4, - "_XOPEN_XPG2": 1, - "_XOPEN_XPG3": 1, - "_XOPEN_XPG4": 1, - "BC_BASE_MAX": 99, - "BC_DIM_MAX": 2048, - "BC_SCALE_MAX": 99, - "BC_STRING_MAX": 1000, - "CHARCLASS_NAME_MAX": 2048, - "COLL_WEIGHTS_MAX": 255, - "EQUIV_CLASS_MAX": null, - "EXPR_NEST_MAX": 32, - "LINE_MAX": 2048, - "POSIX2_BC_BASE_MAX": 99, - "POSIX2_BC_DIM_MAX": 2048, - "POSIX2_BC_SCALE_MAX": 99, - "POSIX2_BC_STRING_MAX": 1000, - "POSIX2_CHAR_TERM": 200809, - "POSIX2_COLL_WEIGHTS_MAX": 255, - "POSIX2_C_BIND": 200809, - "POSIX2_C_DEV": 200809, - "POSIX2_C_VERSION": 200809, - "POSIX2_EXPR_NEST_MAX": 32, - "POSIX2_FORT_DEV": null, - "POSIX2_FORT_RUN": null, - "_POSIX2_LINE_MAX": 2048, - "POSIX2_LINE_MAX": 2048, - "POSIX2_LOCALEDEF": 200809, - "POSIX2_RE_DUP_MAX": 32767, - "POSIX2_SW_DEV": 200809, - "POSIX2_UPE": null, - "POSIX2_VERSION": 200809, - "RE_DUP_MAX": 32767, - "PATH": "/bin:/usr/bin", - "CS_PATH": "/bin:/usr/bin", - "LFS_CFLAGS": null, - "LFS_LDFLAGS": null, - "LFS_LIBS": null, - "LFS_LINTFLAGS": null, - "LFS64_CFLAGS": "-D_LARGEFILE64_SOURCE", - "LFS64_LDFLAGS": null, - "LFS64_LIBS": null, - "LFS64_LINTFLAGS": "-D_LARGEFILE64_SOURCE", - "_XBS5_WIDTH_RESTRICTED_ENVS": "XBS5_LP64_OFF64", - "XBS5_WIDTH_RESTRICTED_ENVS": "XBS5_LP64_OFF64", - "_XBS5_ILP32_OFF32": null, - "XBS5_ILP32_OFF32_CFLAGS": null, - "XBS5_ILP32_OFF32_LDFLAGS": null, - "XBS5_ILP32_OFF32_LIBS": null, - "XBS5_ILP32_OFF32_LINTFLAGS": null, - "_XBS5_ILP32_OFFBIG": null, - "XBS5_ILP32_OFFBIG_CFLAGS": null, - "XBS5_ILP32_OFFBIG_LDFLAGS": null, - "XBS5_ILP32_OFFBIG_LIBS": null, - "XBS5_ILP32_OFFBIG_LINTFLAGS": null, - "_XBS5_LP64_OFF64": 1, - "XBS5_LP64_OFF64_CFLAGS": "-m64", - "XBS5_LP64_OFF64_LDFLAGS": "-m64", - "XBS5_LP64_OFF64_LIBS": null, - "XBS5_LP64_OFF64_LINTFLAGS": null, - "_XBS5_LPBIG_OFFBIG": null, - "XBS5_LPBIG_OFFBIG_CFLAGS": null, - "XBS5_LPBIG_OFFBIG_LDFLAGS": null, - "XBS5_LPBIG_OFFBIG_LIBS": null, - "XBS5_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_V6_ILP32_OFF32": null, - "POSIX_V6_ILP32_OFF32_CFLAGS": null, - "POSIX_V6_ILP32_OFF32_LDFLAGS": null, - "POSIX_V6_ILP32_OFF32_LIBS": null, - "POSIX_V6_ILP32_OFF32_LINTFLAGS": null, - "_POSIX_V6_WIDTH_RESTRICTED_ENVS": "POSIX_V6_LP64_OFF64", - "POSIX_V6_WIDTH_RESTRICTED_ENVS": "POSIX_V6_LP64_OFF64", - "_POSIX_V6_ILP32_OFFBIG": null, - "POSIX_V6_ILP32_OFFBIG_CFLAGS": null, - "POSIX_V6_ILP32_OFFBIG_LDFLAGS": null, - "POSIX_V6_ILP32_OFFBIG_LIBS": null, - "POSIX_V6_ILP32_OFFBIG_LINTFLAGS": null, - "_POSIX_V6_LP64_OFF64": 1, - "POSIX_V6_LP64_OFF64_CFLAGS": "-m64", - "POSIX_V6_LP64_OFF64_LDFLAGS": "-m64", - "POSIX_V6_LP64_OFF64_LIBS": null, - "POSIX_V6_LP64_OFF64_LINTFLAGS": null, - "_POSIX_V6_LPBIG_OFFBIG": null, - "POSIX_V6_LPBIG_OFFBIG_CFLAGS": null, - "POSIX_V6_LPBIG_OFFBIG_LDFLAGS": null, - "POSIX_V6_LPBIG_OFFBIG_LIBS": null, - "POSIX_V6_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_V7_ILP32_OFF32": null, - "POSIX_V7_ILP32_OFF32_CFLAGS": null, - "POSIX_V7_ILP32_OFF32_LDFLAGS": null, - "POSIX_V7_ILP32_OFF32_LIBS": null, - "POSIX_V7_ILP32_OFF32_LINTFLAGS": null, - "_POSIX_V7_WIDTH_RESTRICTED_ENVS": "POSIX_V7_LP64_OFF64", - "POSIX_V7_WIDTH_RESTRICTED_ENVS": "POSIX_V7_LP64_OFF64", - "_POSIX_V7_ILP32_OFFBIG": null, - "POSIX_V7_ILP32_OFFBIG_CFLAGS": null, - "POSIX_V7_ILP32_OFFBIG_LDFLAGS": null, - "POSIX_V7_ILP32_OFFBIG_LIBS": null, - "POSIX_V7_ILP32_OFFBIG_LINTFLAGS": null, - "_POSIX_V7_LP64_OFF64": 1, - "POSIX_V7_LP64_OFF64_CFLAGS": "-m64", - "POSIX_V7_LP64_OFF64_LDFLAGS": "-m64", - "POSIX_V7_LP64_OFF64_LIBS": null, - "POSIX_V7_LP64_OFF64_LINTFLAGS": null, - "_POSIX_V7_LPBIG_OFFBIG": null, - "POSIX_V7_LPBIG_OFFBIG_CFLAGS": null, - "POSIX_V7_LPBIG_OFFBIG_LDFLAGS": null, - "POSIX_V7_LPBIG_OFFBIG_LIBS": null, - "POSIX_V7_LPBIG_OFFBIG_LINTFLAGS": null, - "_POSIX_ADVISORY_INFO": 200809, - "_POSIX_BARRIERS": 200809, - "_POSIX_BASE": null, - "_POSIX_C_LANG_SUPPORT": null, - "_POSIX_C_LANG_SUPPORT_R": null, - "_POSIX_CLOCK_SELECTION": 200809, - "_POSIX_CPUTIME": 200809, - "_POSIX_THREAD_CPUTIME": 200809, - "_POSIX_DEVICE_SPECIFIC": null, - "_POSIX_DEVICE_SPECIFIC_R": null, - "_POSIX_FD_MGMT": null, - "_POSIX_FIFO": null, - "_POSIX_PIPE": null, - "_POSIX_FILE_ATTRIBUTES": null, - "_POSIX_FILE_LOCKING": null, - "_POSIX_FILE_SYSTEM": null, - "_POSIX_MONOTONIC_CLOCK": 200809, - "_POSIX_MULTI_PROCESS": null, - "_POSIX_SINGLE_PROCESS": null, - "_POSIX_NETWORKING": null, - "_POSIX_READER_WRITER_LOCKS": 200809, - "_POSIX_SPIN_LOCKS": 200809, - "_POSIX_REGEXP": 1, - "_REGEX_VERSION": null, - "_POSIX_SHELL": 1, - "_POSIX_SIGNALS": null, - "_POSIX_SPAWN": 200809, - "_POSIX_SPORADIC_SERVER": null, - "_POSIX_THREAD_SPORADIC_SERVER": null, - "_POSIX_SYSTEM_DATABASE": null, - "_POSIX_SYSTEM_DATABASE_R": null, - "_POSIX_TIMEOUTS": 200809, - "_POSIX_TYPED_MEMORY_OBJECTS": null, - "_POSIX_USER_GROUPS": null, - "_POSIX_USER_GROUPS_R": null, - "POSIX2_PBS": null, - "POSIX2_PBS_ACCOUNTING": null, - "POSIX2_PBS_LOCATE": null, - "POSIX2_PBS_TRACK": null, - "POSIX2_PBS_MESSAGE": null, - "SYMLOOP_MAX": null, - "STREAM_MAX": 16, - "AIO_LISTIO_MAX": null, - "AIO_MAX": null, - "AIO_PRIO_DELTA_MAX": 20, - "DELAYTIMER_MAX": 2147483647, - "HOST_NAME_MAX": 64, - "LOGIN_NAME_MAX": 256, - "MQ_OPEN_MAX": null, - "MQ_PRIO_MAX": 32768, - "_POSIX_DEVICE_IO": null, - "_POSIX_TRACE": null, - "_POSIX_TRACE_EVENT_FILTER": null, - "_POSIX_TRACE_INHERIT": null, - "_POSIX_TRACE_LOG": null, - "RTSIG_MAX": 32, - "SEM_NSEMS_MAX": null, - "SEM_VALUE_MAX": 2147483647, - "SIGQUEUE_MAX": 3546, - "FILESIZEBITS": 64, - "POSIX_ALLOC_SIZE_MIN": 4096, - "POSIX_REC_INCR_XFER_SIZE": null, - "POSIX_REC_MAX_XFER_SIZE": null, - "POSIX_REC_MIN_XFER_SIZE": 4096, - "POSIX_REC_XFER_ALIGN": 4096, - "SYMLINK_MAX": null, - "GNU_LIBC_VERSION": "glibc 2.31", - "GNU_LIBPTHREAD_VERSION": "NPTL 2.31", - "POSIX2_SYMLINKS": 1, - "LEVEL1_ICACHE_SIZE": 32768, - "LEVEL1_ICACHE_ASSOC": 8, - "LEVEL1_ICACHE_LINESIZE": 64, - "LEVEL1_DCACHE_SIZE": 32768, - "LEVEL1_DCACHE_ASSOC": 8, - "LEVEL1_DCACHE_LINESIZE": 64, - "LEVEL2_CACHE_SIZE": 262144, - "LEVEL2_CACHE_ASSOC": 8, - "LEVEL2_CACHE_LINESIZE": 64, - "LEVEL3_CACHE_SIZE": 4194304, - "LEVEL3_CACHE_ASSOC": 16, - "LEVEL3_CACHE_LINESIZE": 64, - "LEVEL4_CACHE_SIZE": 0, - "LEVEL4_CACHE_ASSOC": 0, - "LEVEL4_CACHE_LINESIZE": 0, - "IPV6": 200809, - "RAW_SOCKETS": 200809, - "_POSIX_IPV6": 200809, - "_POSIX_RAW_SOCKETS": 200809 - }, - "time": { - "timezone": "UTC" - }, - "virtualbox": { - "host": { - "language": "en_US", - "revision": "156879", - "version": "7.0.8" - }, - "guest": { - "guest_additions_version": "7.0.6", - "guest_additions_revision": "155176" - } - }, - "chef_guid": "f8424309-f2cf-412d-af0b-c8d284b1e412", - "name": "vagrant-openresty", - "chef_environment": "development", - "recipes": [ - "kosmos-base", - "kosmos-base::default", - "kosmos_openresty", - "kosmos_openresty::default", - "kosmos_openresty::hello_world", - "kosmos_assets::nginx_site", - "apt::default", - "timezone_iii::default", - "timezone_iii::debian", - "ntp::default", - "ntp::apparmor", - "kosmos-base::systemd_emails", - "apt::unattended-upgrades", - "openresty::apt_package", - "openresty::ohai_plugin", - "openresty::commons_user", - "openresty::commons_dir", - "openresty::commons_script", - "openresty::commons_conf", - "logrotate::default", - "openresty::luarocks", - "git::default", - "git::package", - "kosmos-base::letsencrypt" - ], - "expanded_run_list": [ - "kosmos-base::default", - "kosmos_openresty::default", - "kosmos_openresty::hello_world", - "kosmos_assets::nginx_site" - ], - "roles": [ - "openresty", - "openresty_proxy" - ], - "cookbooks": { - "kosmos-base": { - "version": "0.3.0" - }, - "kosmos_openresty": { - "version": "0.1.0" - }, - "kosmos_assets": { - "version": "1.0.0" - }, - "apt": { - "version": "7.3.0" - }, - "users": { - "version": "5.3.1" - }, - "kosmos-postfix": { - "version": "0.1.0" - }, - "hostname": { - "version": "0.4.2" - }, - "firewall": { - "version": "6.2.16" - }, - "timezone_iii": { - "version": "1.0.4" - }, - "ntp": { - "version": "3.4.0" - }, - "openresty": { - "version": "0.6.2" - }, - "postfix": { - "version": "5.0.2" - }, - "hostsfile": { - "version": "3.0.1" - }, - "build-essential": { - "version": "8.2.1" - }, - "logrotate": { - "version": "2.2.0" - }, - "ohai": { - "version": "5.2.5" - }, - "yum": { - "version": "7.4.13" - }, - "git": { - "version": "10.0.0" - }, - "postgresql": { - "version": "7.1.9" - }, - "jemalloc": { - "version": "0.1.7" - }, - "seven_zip": { - "version": "4.2.2" - }, - "mingw": { - "version": "2.1.7" - } - }, - "nginx": { - "version": "1.21.4.1", - "configure_arguments": [ - "--prefix=/usr/local/openresty", - "--with-cc-opt='-O2 -DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/zlib/include -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl111/include'", - "--add-module=../ngx_devel_kit-0.3.1", - "--add-module=../echo-nginx-module-0.62", - "--add-module=../xss-nginx-module-0.06", - "--add-module=../ngx_coolkit-0.2", - "--add-module=../set-misc-nginx-module-0.33", - "--add-module=../form-input-nginx-module-0.12", - "--add-module=../encrypted-session-nginx-module-0.09", - "--add-module=../srcache-nginx-module-0.32", - "--add-module=../ngx_lua-0.10.21", - "--add-module=../ngx_lua_upstream-0.07", - "--add-module=../headers-more-nginx-module-0.33", - "--add-module=../array-var-nginx-module-0.05", - "--add-module=../memc-nginx-module-0.19", - "--add-module=../redis2-nginx-module-0.15", - "--add-module=../redis-nginx-module-0.3.9", - "--add-module=../ngx_stream_lua-0.0.11", - "--with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib -L/usr/local/openresty/zlib/lib -L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl111/lib -Wl,-rpath,/usr/local/openresty/zlib/lib:/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl111/lib'", - "--with-pcre-jit", - "--with-stream", - "--with-stream_ssl_module", - "--with-stream_ssl_preread_module", - "--with-http_v2_module", - "--without-mail_pop3_module", - "--without-mail_imap_module", - "--without-mail_smtp_module", - "--with-http_stub_status_module", - "--with-http_realip_module", - "--with-http_addition_module", - "--with-http_auth_request_module", - "--with-http_secure_link_module", - "--with-http_random_index_module", - "--with-http_gzip_static_module", - "--with-http_sub_module", - "--with-http_dav_module", - "--with-http_flv_module", - "--with-http_mp4_module", - "--with-http_gunzip_module", - "--with-threads", - "--with-stream", - "--with-http_ssl_module" - ], - "prefix": "/usr/local/openresty", - "conf_path": null - } - }, - "run_list": [ - "recipe[kosmos-base]", - "role[openresty]", - "role[openresty_proxy]" - ] -} \ No newline at end of file diff --git a/roles/email_proxy.rb b/roles/email_proxy.rb new file mode 100644 index 0000000..e0030dc --- /dev/null +++ b/roles/email_proxy.rb @@ -0,0 +1,5 @@ +name "email_proxy" + +run_list %w( + kosmos_email::firewall +) diff --git a/roles/email_server.rb b/roles/email_server.rb new file mode 100644 index 0000000..fd3e781 --- /dev/null +++ b/roles/email_server.rb @@ -0,0 +1,6 @@ +name "email_server" + +run_list %w( + role[ldap_client] + kosmos_email::default +) diff --git a/roles/liquor_cabinet.rb b/roles/liquor_cabinet.rb new file mode 100644 index 0000000..9183055 --- /dev/null +++ b/roles/liquor_cabinet.rb @@ -0,0 +1,5 @@ +name "liquor_cabinet" + +run_list %w( + kosmos_liquor-cabinet::default +) diff --git a/roles/openresty_proxy.rb b/roles/openresty_proxy.rb index 2ecd45e..38e8bbb 100644 --- a/roles/openresty_proxy.rb +++ b/roles/openresty_proxy.rb @@ -21,11 +21,11 @@ production_run_list = %w( kosmos_assets::nginx_site kosmos_discourse::nginx kosmos_drone::nginx - kosmos-ejabberd::nginx kosmos_garage::nginx_web kosmos_garage::nginx_s3 kosmos_gitea::nginx kosmos_gitea::nginx_ssh + kosmos_liquor-cabinet::nginx kosmos_rsk::nginx_testnet kosmos_rsk::nginx_mainnet kosmos_website::default diff --git a/roles/redis_replica.rb b/roles/redis_replica.rb new file mode 100644 index 0000000..ddcc9d1 --- /dev/null +++ b/roles/redis_replica.rb @@ -0,0 +1,15 @@ +name "redis_replica" + +run_list %w( + kosmos_redis::replica + kosmos_redis::firewall +) + +default_attributes({ + 'redisio' => { + 'default_settings' => { + 'slaveservestaledata' => 'yes', + 'slavereadonly' => 'yes' + } + } +}) diff --git a/roles/redis_server.rb b/roles/redis_server.rb index f7fb88e..e50219b 100644 --- a/roles/redis_server.rb +++ b/roles/redis_server.rb @@ -7,6 +7,7 @@ default_run_list = %w( production_run_list = %w( kosmos_redis::default kosmos_redis::firewall + kosmos_redis::backup ) env_run_lists( @@ -14,5 +15,3 @@ env_run_lists( 'development' => default_run_list, 'production' => production_run_list ) - -default_attributes({}) diff --git a/roles/turn_server.rb b/roles/turn_server.rb new file mode 100644 index 0000000..34fab22 --- /dev/null +++ b/roles/turn_server.rb @@ -0,0 +1,5 @@ +name "turn_server" + +run_list %w( + kosmos-ejabberd::coturn +) diff --git a/scripts/postgresql/switch_primary.sh b/scripts/postgresql/switch_primary.sh index 4859162..30413ba 100755 --- a/scripts/postgresql/switch_primary.sh +++ b/scripts/postgresql/switch_primary.sh @@ -21,3 +21,4 @@ bundle exec knife ssh roles:postgresql_client -a knife_zero.host "sudo sed -r \" # TODO # 1. Change roles in node configs # 2. Converge new primary +echo "You need to update the role in the '$new_primary_hostname' node config to 'postgres_primary' and converge it now." diff --git a/site-cookbooks/kosmos-akkounts/attributes/default.rb b/site-cookbooks/kosmos-akkounts/attributes/default.rb index a3c6968..8c8ad69 100644 --- a/site-cookbooks/kosmos-akkounts/attributes/default.rb +++ b/site-cookbooks/kosmos-akkounts/attributes/default.rb @@ -1,5 +1,5 @@ node.default['akkounts']['repo'] = 'https://gitea.kosmos.org/kosmos/akkounts.git' -node.default['akkounts']['revision'] = 'master' +node.default['akkounts']['revision'] = 'live' node.default['akkounts']['port'] = 3000 node.default['akkounts']['domain'] = 'accounts.kosmos.org' node.default['akkounts']['primary_domain'] = 'kosmos.org' @@ -11,9 +11,20 @@ node.default['akkounts']['smtp']['domain'] = 'kosmos.org' node.default['akkounts']['smtp']['auth_method'] = 'plain' node.default['akkounts']['smtp']['enable_starttls'] = 'auto' +node.default['akkounts']['btcpay']['public_url'] = nil +node.default['akkounts']['btcpay']['store_id'] = nil + node.default['akkounts']['ejabberd']['admin_url'] = nil node.default['akkounts']['lndhub']['api_url'] = nil node.default['akkounts']['lndhub']['public_url'] = nil node.default['akkounts']['lndhub']['public_key'] = nil node.default['akkounts']['lndhub']['postgres_db'] = 'lndhub' + +node.default['akkounts']['nostr']['public_key'] = nil + +node.default['akkounts']['s3_enabled'] = true +node.default['akkounts']['s3_endpoint'] = "https://s3.kosmos.org" +node.default['akkounts']['s3_region'] = "garage" +node.default['akkounts']['s3_bucket'] = "akkounts-production" +node.default['akkounts']['s3_alias_host'] = "https://s3.accounts.kosmos.org" diff --git a/site-cookbooks/kosmos-akkounts/recipes/default.rb b/site-cookbooks/kosmos-akkounts/recipes/default.rb index 8772264..2dd0a2b 100644 --- a/site-cookbooks/kosmos-akkounts/recipes/default.rb +++ b/site-cookbooks/kosmos-akkounts/recipes/default.rb @@ -20,6 +20,7 @@ user deploy_user do end package "libpq-dev" +package "libvips" include_recipe 'redisio::default' include_recipe 'redisio::enable' @@ -29,12 +30,12 @@ npm_package "yarn" do version "1.22.4" end -ruby_version = "2.7.5" +ruby_version = "3.3.0" ruby_path = "/opt/ruby_build/builds/#{ruby_version}" bundle_path = "#{ruby_path}/bin/bundle" rails_env = node.chef_environment == "development" ? "development" : "production" -ruby_build_install 'v20230615' +ruby_build_install 'v20240221' ruby_build_definition ruby_version do prefix_path ruby_path end @@ -68,15 +69,34 @@ if webhooks_allowed_ips.length > 0 env[:webhooks_allowed_ips] = webhooks_allowed_ips end +# +# BTCPay Server +# + if btcpay_host env[:btcpay_api_url] = "http://#{btcpay_host}:23001/api/v1" + env[:btcpay_public_url] = node['akkounts']['btcpay']['public_url'] + env[:btcpay_store_id] = node['akkounts']['btcpay']['store_id'] + env[:btcpay_auth_token] = credentials["btcpay_auth_token"] end +# +# Discourse +# + env[:discourse_public_url] = "https://#{node['discourse']['domain']}" env[:discourse_connect_secret] = credentials['discourse_connect_secret'] +# +# Drone CI +# + env[:droneci_public_url] = node["droneci"]["public_url"] +# +# ejabberd +# + ejabberd_private_ip_addresses = [] search(:node, "role:ejabberd").each do |node| ejabberd_private_ip_addresses << node["knife_zero"]["host"] @@ -98,12 +118,21 @@ if ejabberd_private_ip_addresses.size > 0 env[:ejabberd_admin_url] = node['akkounts']['ejabberd']['admin_url'] end +# +# Gitea +# + env[:gitea_public_url] = "https://#{node['gitea']['domain']}" +# +# lndhub.go +# + if lndhub_host node.override["akkounts"]["lndhub"]["api_url"] = "http://#{lndhub_host}:3026" env[:lndhub_legacy_api_url] = node["akkounts"]["lndhub"]["api_url"] env[:lndhub_api_url] = node["akkounts"]["lndhub"]["api_url"] + env[:lndhub_admin_token] = credentials["lndhub_admin_token"] env[:lndhub_public_url] = node["akkounts"]["lndhub"]["public_url"] env[:lndhub_public_key] = node["akkounts"]["lndhub"]["public_key"] if postgres_readonly_host @@ -115,10 +144,57 @@ if lndhub_host end end +# +# Mastodon +# + env[:mastodon_public_url] = "https://#{node['kosmos-mastodon']['domain']}" +env[:mastodon_address_domain] = node['kosmos-mastodon']['user_address_domain'] + +# +# MediaWiki +# env[:mediawiki_public_url] = node['mediawiki']['url'] +# +# Nostr +# + +env[:nostr_private_key] = credentials['nostr_private_key'] +env[:nostr_public_key] = node['akkounts']['nostr']['public_key'] + +# +# remoteStorage / Liquor Cabinet +# + +env[:rs_storage_url] = "https://#{node['liquor-cabinet']['domain']}" + +rs_redis_host = search(:node, "role:redis_server").first["knife_zero"]["host"] rescue nil +rs_redis_port = node['liquor-cabinet']['redis_port'] +rs_redis_db = node['liquor-cabinet']['redis_db'] +if rs_redis_host + env[:rs_redis_url] = "redis://#{rs_redis_host}:#{rs_redis_port}/#{rs_redis_db}" +end + +# +# S3 +# + +if node['akkounts']['s3_enabled'] + env[:s3_enabled] = true + env[:s3_endpoint] = node['akkounts']['s3_endpoint'] + env[:s3_region] = node['akkounts']['s3_region'] + env[:s3_bucket] = node['akkounts']['s3_bucket'] + env[:s3_alias_host] = node['akkounts']['s3_alias_host'] + env[:s3_access_key] = credentials['s3_access_key'] + env[:s3_secret_key] = credentials['s3_secret_key'] +end + +# +# Akkounts Deployment +# + systemd_unit "akkounts.service" do content({ Unit: { diff --git a/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts_api.erb b/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts_api.erb index 945de09..02e1112 100644 --- a/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts_api.erb +++ b/site-cookbooks/kosmos-akkounts/templates/nginx_conf_akkounts_api.erb @@ -18,7 +18,7 @@ server { access_log <%= node[:openresty][:log_dir] %>/<%= @domain %>.access.log json; error_log <%= node[:openresty][:log_dir] %>/<%= @domain %>.error.log warn; - location /kredits/ { + location / { add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Methods' 'GET' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; @@ -31,6 +31,6 @@ server { proxy_buffers 1024 8k; proxy_http_version 1.1; - proxy_pass http://_akkounts_api/api/kredits/; + proxy_pass http://_akkounts_api/api/; } } diff --git a/site-cookbooks/kosmos-base/recipes/letsencrypt.rb b/site-cookbooks/kosmos-base/recipes/letsencrypt.rb index e13c3db..22b0939 100644 --- a/site-cookbooks/kosmos-base/recipes/letsencrypt.rb +++ b/site-cookbooks/kosmos-base/recipes/letsencrypt.rb @@ -2,27 +2,6 @@ # Cookbook Name:: kosmos-base # Recipe:: letsencrypt # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. unless platform?('ubuntu') raise "This recipe only supports Ubuntu installs" diff --git a/site-cookbooks/kosmos-base/resources/tls_cert_for.rb b/site-cookbooks/kosmos-base/resources/tls_cert_for.rb index c359ac4..c633166 100644 --- a/site-cookbooks/kosmos-base/resources/tls_cert_for.rb +++ b/site-cookbooks/kosmos-base/resources/tls_cert_for.rb @@ -3,6 +3,8 @@ provides :tls_cert_for property :domain, [String, Array], name_property: true property :auth, [String, NilClass], default: nil +property :deploy_hook, [String, NilClass], default: nil +property :acme_domain, [String, NilClass], default: nil default_action :create @@ -17,13 +19,35 @@ action :create do case new_resource.auth when "gandi_dns" - gandi_api_data_bag_item = data_bag_item('credentials', 'gandi_api_5apps') + gandi_api_credentials = data_bag_item('credentials', 'gandi_api') hook_path = "/root/gandi_dns_certbot_hook.sh" + hook_auth_command = "#{hook_path} auth" + hook_cleanup_command = "#{hook_path} cleanup" + + if new_resource.acme_domain + hook_auth_command += " #{new_resource.acme_domain}" + hook_cleanup_command += " #{new_resource.acme_domain}" + end + template hook_path do cookbook "kosmos-base" - variables gandi_api_key: gandi_api_data_bag_item["key"] - mode 0770 + variables access_token: gandi_api_credentials["access_token"] + mode 0700 + sensitive true + end + + if new_resource.deploy_hook + deploy_hook_path = "/etc/letsencrypt/renewal-hooks/#{domains.first}" + + file deploy_hook_path do + content new_resource.deploy_hook + mode 0755 + owner "root" + group "root" + end + elsif node.run_list.roles.include?("openresty_proxy") + deploy_hook_path = "/etc/letsencrypt/renewal-hooks/post/openresty" end # Generate a Let's Encrypt cert (only if no cert has been generated before). @@ -34,10 +58,10 @@ action :create do --preferred-challenges dns \ --manual-public-ip-logging-ok \ --agree-tos \ - --manual-auth-hook '#{hook_path} auth' \ - --manual-cleanup-hook '#{hook_path} cleanup' \ - --deploy-hook /etc/letsencrypt/renewal-hooks/post/openresty \ + --manual-auth-hook '#{hook_auth_command}' \ + --manual-cleanup-hook '#{hook_cleanup_command}' \ --email ops@kosmos.org \ + #{"--deploy-hook #{deploy_hook_path}" if defined?(deploy_hook_path)} \ #{domains.map {|d| "-d #{d}" }.join(" ")} CMD not_if do diff --git a/site-cookbooks/kosmos-base/templates/default/gandi_dns_certbot_hook.sh.erb b/site-cookbooks/kosmos-base/templates/default/gandi_dns_certbot_hook.sh.erb index 4c59a11..2a5f0eb 100755 --- a/site-cookbooks/kosmos-base/templates/default/gandi_dns_certbot_hook.sh.erb +++ b/site-cookbooks/kosmos-base/templates/default/gandi_dns_certbot_hook.sh.erb @@ -1,21 +1,16 @@ #!/usr/bin/env bash -# - set -euf -o pipefail # ************** USAGE ************** # -# Example usage (with this hook file saved in /root/): +# Example usage: # -# sudo su - # certbot certonly --manual --preferred-challenges dns --manual-public-ip-logging-ok --agree-tos -d "5apps.com" -d muc.5apps.com -d "xmpp.5apps.com" \ # --manual-auth-hook "/root/letsencrypt_hook.sh auth" --manual-cleanup-hook "/root/letsencrypt_hook.sh cleanup" # -# This hook requires configuration, continue reading. -# # ************** CONFIGURATION ************** # -# GANDI_API_KEY: Your Gandi Live API key +# ACCESS_TOKEN: Your Gandi Live API key # # PROVIDER_UPDATE_DELAY: # How many seconds to wait after updating your DNS records. This may be required, @@ -25,10 +20,16 @@ set -euf -o pipefail # # Defaults to 30 seconds. # -GANDI_API_KEY="<%= @gandi_api_key %>" +# VALIDATION_DOMAIN: +# Domain to create ACME DNS entries on. Use this when redirecting ACME subdomains +# from the original domain to a proxy validation domain that we control. +# +ACCESS_TOKEN="<%= @access_token %>" PROVIDER_UPDATE_DELAY=10 +VALIDATION_DOMAIN="${2:-}" regex='.*\.(.*\..*)' + if [[ $CERTBOT_DOMAIN =~ $regex ]] then DOMAIN="${BASH_REMATCH[1]}" @@ -36,25 +37,41 @@ else DOMAIN="${CERTBOT_DOMAIN}" fi +if [[ -n "$VALIDATION_DOMAIN" ]] +then + if [[ $VALIDATION_DOMAIN =~ $regex ]] + then + ACME_BASE_DOMAIN="${BASH_REMATCH[1]}" + else + echo "Validation domain has to be a subdomain, but it is not: \"${VALIDATION_DOMAIN}\"" + exit 1 + fi + ACME_DOMAIN="${CERTBOT_DOMAIN}.${VALIDATION_DOMAIN}" +else + ACME_BASE_DOMAIN="${DOMAIN}" + ACME_DOMAIN="_acme-challenge.${CERTBOT_DOMAIN}" +fi + # To be invoked via Certbot's --manual-auth-hook function auth { - curl -s -D- -H "Content-Type: application/json" \ - -H "X-Api-Key: ${GANDI_API_KEY}" \ - -d "{\"rrset_name\": \"_acme-challenge.${CERTBOT_DOMAIN}.\", - \"rrset_type\": \"TXT\", - \"rrset_ttl\": 3600, - \"rrset_values\": [\"${CERTBOT_VALIDATION}\"]}" \ - "https://dns.api.gandi.net/api/v5/domains/${DOMAIN}/records" + curl -s -D- \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${ACCESS_TOKEN}" \ + -d "{\"rrset_name\": \"${ACME_DOMAIN}.\", + \"rrset_type\": \"TXT\", + \"rrset_ttl\": 300, + \"rrset_values\": [\"${CERTBOT_VALIDATION}\"]}" \ + "https://api.gandi.net/v5/livedns/domains/${ACME_BASE_DOMAIN}/records" - - sleep ${PROVIDER_UPDATE_DELAY} + sleep ${PROVIDER_UPDATE_DELAY} } # To be invoked via Certbot's --manual-cleanup-hook function cleanup { - curl -s -X DELETE -H "Content-Type: application/json" \ - -H "X-Api-Key: ${GANDI_API_KEY}" \ - https://dns.api.gandi.net/api/v5/domains/${DOMAIN}/records/_acme-challenge.${CERTBOT_DOMAIN}./TXT + curl -s -X DELETE \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${ACCESS_TOKEN}" \ + "https://api.gandi.net/v5/livedns/domains/${ACME_BASE_DOMAIN}/records/${ACME_DOMAIN}./TXT" } HANDLER=$1; shift; diff --git a/site-cookbooks/kosmos-bitcoin/attributes/default.rb b/site-cookbooks/kosmos-bitcoin/attributes/default.rb index 8fdd455..8883d71 100644 --- a/site-cookbooks/kosmos-bitcoin/attributes/default.rb +++ b/site-cookbooks/kosmos-bitcoin/attributes/default.rb @@ -1,5 +1,5 @@ -node.default['bitcoin']['version'] = '25.0' -node.default['bitcoin']['checksum'] = '5df67cf42ca3b9a0c38cdafec5bbb517da5b58d251f32c8d2a47511f9be1ebc2' +node.default['bitcoin']['version'] = '26.0' +node.default['bitcoin']['checksum'] = 'ab1d99276e28db62d1d9f3901e85ac358d7f1ebcb942d348a9c4e46f0fcdc0a1' node.default['bitcoin']['username'] = 'satoshi' node.default['bitcoin']['usergroup'] = 'bitcoin' node.default['bitcoin']['network'] = 'mainnet' @@ -31,7 +31,7 @@ node.default['bitcoin']['conf'] = { node.default['bitcoin']['tor_enabled'] = true node.default['c-lightning']['repo'] = 'https://github.com/ElementsProject/lightning' -node.default['c-lightning']['revision'] = 'v0.10.2' +node.default['c-lightning']['revision'] = 'v23.11.1' node.default['c-lightning']['source_dir'] = '/opt/c-lightning' node.default['c-lightning']['lightning_dir'] = "/home/#{node['bitcoin']['username']}/.lightning" node.default['c-lightning']['alias'] = 'ln3.kosmos.org' @@ -40,7 +40,7 @@ node.default['c-lightning']['log_level'] = 'info' node.default['c-lightning']['public_ip'] = '148.251.237.73' node.default['lnd']['repo'] = 'https://github.com/lightningnetwork/lnd' -node.default['lnd']['revision'] = 'v0.16.4-beta' +node.default['lnd']['revision'] = 'v0.17.3-beta' node.default['lnd']['source_dir'] = '/opt/lnd' node.default['lnd']['lnd_dir'] = "/home/#{node['bitcoin']['username']}/.lnd" node.default['lnd']['alias'] = 'ln2.kosmos.org' @@ -59,7 +59,7 @@ node.default['lnd']['tor'] = { } node.default['boltz']['repo'] = 'https://github.com/BoltzExchange/boltz-lnd.git' -node.default['boltz']['revision'] = 'v1.2.6' +node.default['boltz']['revision'] = 'v1.2.7' node.default['boltz']['source_dir'] = '/opt/boltz' node.default['boltz']['boltz_dir'] = "/home/#{node['bitcoin']['username']}/.boltz-lnd" node.default['boltz']['grpc_host'] = '127.0.0.1' @@ -70,7 +70,7 @@ node.default['boltz']['rest_port'] = '9003' node.default['boltz']['no_macaroons'] = 'false' node.default['rtl']['repo'] = 'https://github.com/Ride-The-Lightning/RTL.git' -node.default['rtl']['revision'] = 'v0.12.1' +node.default['rtl']['revision'] = 'v0.15.0' node.default['rtl']['host'] = '10.1.1.163' node.default['rtl']['port'] = '3000' @@ -98,7 +98,7 @@ node.default['dotnet']['ms_packages_src_url'] = "https://packages.microsoft.com/ node.default['dotnet']['ms_packages_src_checksum'] = "4df5811c41fdded83eb9e2da9336a8dfa5594a79dc8a80133bd815f4f85b9991" node.default['nbxplorer']['repo'] = 'https://github.com/dgarage/NBXplorer' -node.default['nbxplorer']['revision'] = 'v2.3.66' +node.default['nbxplorer']['revision'] = 'v2.5.0' node.default['nbxplorer']['source_dir'] = '/opt/nbxplorer' node.default['nbxplorer']['config_path'] = "/home/#{node['bitcoin']['username']}/.nbxplorer/Main/settings.config" node.default['nbxplorer']['port'] = '24445' @@ -106,7 +106,7 @@ node.default['nbxplorer']['postgres']['database'] = 'nbxplorer' node.default['nbxplorer']['postgres']['user'] = 'nbxplorer' node.default['btcpay']['repo'] = 'https://github.com/btcpayserver/btcpayserver' -node.default['btcpay']['revision'] = 'v1.11.6' +node.default['btcpay']['revision'] = 'v1.12.5' node.default['btcpay']['source_dir'] = '/opt/btcpay' node.default['btcpay']['config_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/Main/settings.config" node.default['btcpay']['log_path'] = "/home/#{node['bitcoin']['username']}/.btcpayserver/debug.log" diff --git a/site-cookbooks/kosmos-bitcoin/recipes/dotnet.rb b/site-cookbooks/kosmos-bitcoin/recipes/dotnet.rb index d2478d0..d2d4f30 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/dotnet.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/dotnet.rb @@ -30,4 +30,4 @@ execute 'apt_update' do action :nothing end -apt_package 'dotnet-sdk-7.0' +apt_package 'dotnet-sdk-8.0' diff --git a/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb b/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb index a0592b4..42103d3 100644 --- a/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb +++ b/site-cookbooks/kosmos-bitcoin/recipes/rtl.rb @@ -3,6 +3,7 @@ # Recipe:: rtl # +node.override["nodejs"]["repo"] = "https://deb.nodesource.com/node_18.x" include_recipe 'kosmos-nodejs' app_name = "rtl" diff --git a/site-cookbooks/kosmos-ejabberd/attributes/default.rb b/site-cookbooks/kosmos-ejabberd/attributes/default.rb index a603fee..42960c5 100644 --- a/site-cookbooks/kosmos-ejabberd/attributes/default.rb +++ b/site-cookbooks/kosmos-ejabberd/attributes/default.rb @@ -1,7 +1,9 @@ node.default["ejabberd"]["version"] = "23.10" node.default["ejabberd"]["package_version"] = "1" node.default["ejabberd"]["checksum"] = "1b02108c81e22ab28be84630d54061f0584b76d5c2702e598352269736b05e77" -node.default["ejabberd"]["turn_ip_address"] = nil +node.default["ejabberd"]["turn_domain"] = "turn.kosmos.org" +node.default["ejabberd"]["stun_auth_realm"] = "kosmos.org" node.default["ejabberd"]["stun_turn_port"] = 3478 +node.default["ejabberd"]["stun_turn_port_tls"] = 5349 node.default["ejabberd"]["turn_min_port"] = 50000 -node.default["ejabberd"]["turn_max_port"] = 50050 +node.default["ejabberd"]["turn_max_port"] = 50999 diff --git a/site-cookbooks/kosmos-ejabberd/recipes/coturn.rb b/site-cookbooks/kosmos-ejabberd/recipes/coturn.rb new file mode 100644 index 0000000..0e73322 --- /dev/null +++ b/site-cookbooks/kosmos-ejabberd/recipes/coturn.rb @@ -0,0 +1,52 @@ +# +# Cookbook:: kosmos-ejabberd +# Recipe:: coturn +# + +apt_package 'coturn' + +domain = node["ejabberd"]["turn_domain"] +credentials = data_bag_item("credentials", "ejabberd") + +tls_cert_for domain do + auth "gandi_dns" + action :create +end + +template "/etc/turnserver.conf" do + source "turnserver.conf.erb" + mode 0644 + variables listening_port: node["ejabberd"]["stun_turn_port"], + tls_listening_port: node["ejabberd"]["stun_turn_port_tls"], + listening_ip: node["ipaddress"], + relay_ip: node["ipaddress"], + min_port: node["ejabberd"]["turn_min_port"], + max_port: node["ejabberd"]["turn_max_port"], + realm: node["ejabberd"]["stun_auth_realm"], + static_auth_secret: credentials["stun_secret"], + cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem", + pkey: "/etc/letsencrypt/live/#{domain}/privkey.pem" + notifies :restart, "service[coturn]", :delayed +end + +firewall_rule 'ejabberd_stun_turn' do + port node["ejabberd"]["stun_turn_port"] + protocol :udp + command :allow +end + +firewall_rule 'ejabberd_stun_turn_tls' do + port node["ejabberd"]["stun_turn_port_tls"] + protocol :tcp + command :allow +end + +firewall_rule 'ejabberd_turn' do + port node["ejabberd"]["turn_min_port"]..node["ejabberd"]["turn_max_port"] + protocol :udp + command :allow +end + +service "coturn" do + action [:enable, :start] +end diff --git a/site-cookbooks/kosmos-ejabberd/recipes/default.rb b/site-cookbooks/kosmos-ejabberd/recipes/default.rb index 1ab71ae..189a476 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb @@ -154,6 +154,11 @@ admin_users = ejabberd_credentials['admins'] hosts.each do |host| ldap_rootdn = "uid=service,ou=#{host[:name]},cn=applications,dc=kosmos,dc=org" + if host[:name] == "kosmos.org" + ldap_filter = "(&(objectClass=person)(serviceEnabled=xmpp))" + else + ldap_filter = "(objectClass=person)" + end template "/opt/ejabberd/conf/#{host[:name]}.yml" do source "vhost.yml.erb" @@ -167,7 +172,8 @@ hosts.each do |host| ldap_base: ldap_base, ldap_server: ldap_domain, ldap_rootdn: ldap_rootdn, - ldap_encryption_type: ldap_encryption_type + ldap_encryption_type: ldap_encryption_type, + ldap_filter: ldap_filter notifies :reload, "service[ejabberd]", :delayed end end @@ -183,10 +189,10 @@ template "/opt/ejabberd/conf/ejabberd.yml" do sensitive true variables hosts: hosts, admin_users: admin_users, - stun_auth_realm: "kosmos.org", + turn_domain: node["ejabberd"]["turn_domain"], stun_secret: ejabberd_credentials['stun_secret'], - turn_ip_address: node["ejabberd"]["turn_ip_address"], stun_turn_port: node["ejabberd"]["stun_turn_port"], + stun_turn_port_tls: node["ejabberd"]["stun_turn_port_tls"], turn_min_port: node["ejabberd"]["turn_min_port"], turn_max_port: node["ejabberd"]["turn_max_port"], private_ip_address: node["knife_zero"]["host"], diff --git a/site-cookbooks/kosmos-ejabberd/recipes/letsencrypt.rb b/site-cookbooks/kosmos-ejabberd/recipes/letsencrypt.rb index 77aea83..872f060 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/letsencrypt.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/letsencrypt.rb @@ -33,11 +33,11 @@ file "/etc/letsencrypt/renewal-hooks/post/ejabberd" do group "root" end -gandi_api_data_bag_item = data_bag_item('credentials', 'gandi_api_5apps') +gandi_api_credentials = data_bag_item('credentials', 'gandi_api') template "/root/gandi_dns_certbot_hook.sh" do - variables gandi_api_key: gandi_api_data_bag_item["key"] - mode 0770 + variables access_token: gandi_api_credentials["access_token"] + mode 0700 end # Generate a Let's Encrypt cert (only if no cert has been generated before). @@ -52,7 +52,7 @@ end # Generate a Let's Encrypt cert (only if no cert has been generated before). # The systemd timer will take care of renewing execute "letsencrypt cert for 5apps xmpp" do - command "certbot certonly --manual --preferred-challenges dns --manual-public-ip-logging-ok --agree-tos --manual-auth-hook \"/root/gandi_dns_certbot_hook.sh auth\" --manual-cleanup-hook \"/root/gandi_dns_certbot_hook.sh cleanup\" --deploy-hook \"/etc/letsencrypt/renewal-hooks/post/ejabberd\" --email ops@5apps.com -d 5apps.com -d muc.5apps.com -d xmpp.5apps.com -d uploads.xmpp.5apps.com -n" + command "certbot certonly --manual --preferred-challenges dns --manual-public-ip-logging-ok --agree-tos --manual-auth-hook \"/root/gandi_dns_certbot_hook.sh auth letsencrypt.kosmos.chat\" --manual-cleanup-hook \"/root/gandi_dns_certbot_hook.sh cleanup letsencrypt.kosmos.chat\" --deploy-hook \"/etc/letsencrypt/renewal-hooks/post/ejabberd\" --email ops@5apps.com -d 5apps.com -d muc.5apps.com -d xmpp.5apps.com -d uploads.xmpp.5apps.com -n" not_if do File.exist?("/etc/letsencrypt/live/5apps.com/fullchain.pem") end diff --git a/site-cookbooks/kosmos-ejabberd/recipes/nginx.rb b/site-cookbooks/kosmos-ejabberd/recipes/nginx.rb index 9514014..1aded5c 100644 --- a/site-cookbooks/kosmos-ejabberd/recipes/nginx.rb +++ b/site-cookbooks/kosmos-ejabberd/recipes/nginx.rb @@ -19,7 +19,7 @@ end openresty_stream "ejabberd" do template "nginx_conf_streams.erb" - variables ejabberd_hosts: ["10.1.1.113"], + variables ejabberd_hosts: ["10.1.1.123"], stun_turn_port: node["ejabberd"]["stun_turn_port"], turn_min_port: node["ejabberd"]["turn_min_port"], turn_max_port: node["ejabberd"]["turn_max_port"] diff --git a/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb b/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb index 87a84a0..6c6bc4f 100644 --- a/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb +++ b/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb @@ -87,16 +87,6 @@ listen: ## "/pub/archive": mod_http_fileserver ## register: true captcha: false - - - port: <%= @stun_turn_port %> - transport: udp - module: ejabberd_stun - auth_realm: <%= @stun_auth_realm %> - use_turn: true - tls: false - turn_ipv4_address: <%= @turn_ip_address %> - turn_min_port: <%= @turn_min_port %> - turn_max_port: <%= @turn_max_port %> s2s_use_starttls: optional @@ -106,8 +96,10 @@ auth_method: sql default_db: sql shaper: - normal: 1000 - fast: 50000 + normal: + rate: 3000 + burst_size: 20000 + fast: 100000 max_fsm_queue: 10000 @@ -131,7 +123,7 @@ shaper_rules: max_user_sessions: 10 max_user_offline_messages: - 5000: admin - - 100 + - 1000 c2s_shaper: - none: admin - normal @@ -238,20 +230,34 @@ modules: store_current_id: true mod_shared_roster: {} mod_stun_disco: + offer_local_services: false + credentials_lifetime: 300 secret: <%= @stun_secret %> services: - - host: <%= @turn_ip_address %> + host: <%= @turn_domain %> port: <%= @stun_turn_port %> type: stun transport: udp restricted: false - - host: <%= @turn_ip_address %> + host: <%= @turn_domain %> + port: <%= @stun_turn_port_tls %> + type: stuns + transport: tcp + restricted: false + - + host: <%= @turn_domain %> port: <%= @stun_turn_port %> type: turn transport: udp restricted: true + - + host: <%= @turn_domain %> + port: <%= @stun_turn_port_tls %> + type: turns + transport: tcp + restricted: true mod_vcard: search: false mod_vcard_xupdate: {} diff --git a/site-cookbooks/kosmos-ejabberd/templates/gandi_dns_certbot_hook.sh.erb b/site-cookbooks/kosmos-ejabberd/templates/gandi_dns_certbot_hook.sh.erb index d0ed9dc..2a5f0eb 100755 --- a/site-cookbooks/kosmos-ejabberd/templates/gandi_dns_certbot_hook.sh.erb +++ b/site-cookbooks/kosmos-ejabberd/templates/gandi_dns_certbot_hook.sh.erb @@ -1,21 +1,16 @@ #!/usr/bin/env bash -# - set -euf -o pipefail # ************** USAGE ************** # -# Example usage (with this hook file saved in /root/): +# Example usage: # -# sudo su - # certbot certonly --manual --preferred-challenges dns --manual-public-ip-logging-ok --agree-tos -d "5apps.com" -d muc.5apps.com -d "xmpp.5apps.com" \ # --manual-auth-hook "/root/letsencrypt_hook.sh auth" --manual-cleanup-hook "/root/letsencrypt_hook.sh cleanup" # -# This hook requires configuration, continue reading. -# # ************** CONFIGURATION ************** # -# GANDI_API_KEY: Your Gandi Live API key +# ACCESS_TOKEN: Your Gandi Live API key # # PROVIDER_UPDATE_DELAY: # How many seconds to wait after updating your DNS records. This may be required, @@ -25,10 +20,16 @@ set -euf -o pipefail # # Defaults to 30 seconds. # -GANDI_API_KEY="<%= @gandi_api_key %>" -PROVIDER_UPDATE_DELAY=30 +# VALIDATION_DOMAIN: +# Domain to create ACME DNS entries on. Use this when redirecting ACME subdomains +# from the original domain to a proxy validation domain that we control. +# +ACCESS_TOKEN="<%= @access_token %>" +PROVIDER_UPDATE_DELAY=10 +VALIDATION_DOMAIN="${2:-}" regex='.*\.(.*\..*)' + if [[ $CERTBOT_DOMAIN =~ $regex ]] then DOMAIN="${BASH_REMATCH[1]}" @@ -36,25 +37,41 @@ else DOMAIN="${CERTBOT_DOMAIN}" fi +if [[ -n "$VALIDATION_DOMAIN" ]] +then + if [[ $VALIDATION_DOMAIN =~ $regex ]] + then + ACME_BASE_DOMAIN="${BASH_REMATCH[1]}" + else + echo "Validation domain has to be a subdomain, but it is not: \"${VALIDATION_DOMAIN}\"" + exit 1 + fi + ACME_DOMAIN="${CERTBOT_DOMAIN}.${VALIDATION_DOMAIN}" +else + ACME_BASE_DOMAIN="${DOMAIN}" + ACME_DOMAIN="_acme-challenge.${CERTBOT_DOMAIN}" +fi + # To be invoked via Certbot's --manual-auth-hook function auth { - curl -s -D- -H "Content-Type: application/json" \ - -H "X-Api-Key: ${GANDI_API_KEY}" \ - -d "{\"rrset_name\": \"_acme-challenge.${CERTBOT_DOMAIN}.\", - \"rrset_type\": \"TXT\", - \"rrset_ttl\": 3600, - \"rrset_values\": [\"${CERTBOT_VALIDATION}\"]}" \ - "https://dns.api.gandi.net/api/v5/domains/${DOMAIN}/records" + curl -s -D- \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${ACCESS_TOKEN}" \ + -d "{\"rrset_name\": \"${ACME_DOMAIN}.\", + \"rrset_type\": \"TXT\", + \"rrset_ttl\": 300, + \"rrset_values\": [\"${CERTBOT_VALIDATION}\"]}" \ + "https://api.gandi.net/v5/livedns/domains/${ACME_BASE_DOMAIN}/records" - - sleep ${PROVIDER_UPDATE_DELAY} + sleep ${PROVIDER_UPDATE_DELAY} } # To be invoked via Certbot's --manual-cleanup-hook function cleanup { - curl -s -X DELETE -H "Content-Type: application/json" \ - -H "X-Api-Key: ${GANDI_API_KEY}" \ - https://dns.api.gandi.net/api/v5/domains/${DOMAIN}/records/_acme-challenge.${CERTBOT_DOMAIN}./TXT + curl -s -X DELETE \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer ${ACCESS_TOKEN}" \ + "https://api.gandi.net/v5/livedns/domains/${ACME_BASE_DOMAIN}/records/${ACME_DOMAIN}./TXT" } HANDLER=$1; shift; diff --git a/site-cookbooks/kosmos-ejabberd/templates/turnserver.conf.erb b/site-cookbooks/kosmos-ejabberd/templates/turnserver.conf.erb new file mode 100644 index 0000000..cdb1054 --- /dev/null +++ b/site-cookbooks/kosmos-ejabberd/templates/turnserver.conf.erb @@ -0,0 +1,708 @@ +# Coturn TURN SERVER configuration file +# +# Boolean values note: where boolean value is supposed to be used, +# you can use '0', 'off', 'no', 'false', 'f' as 'false, +# and you can use '1', 'on', 'yes', 'true', 't' as 'true' +# If the value is missed, then it means 'true'. +# + +# Listener interface device (optional, Linux only). +# NOT RECOMMENDED. +# +#listening-device=eth0 + +# TURN listener port for UDP and TCP (Default: 3478). +# Note: actually, TLS & DTLS sessions can connect to the +# "plain" TCP & UDP port(s), too - if allowed by configuration. +# +listening-port=<%= @listening_port %> + +# TURN listener port for TLS (Default: 5349). +# Note: actually, "plain" TCP & UDP sessions can connect to the TLS & DTLS +# port(s), too - if allowed by configuration. The TURN server +# "automatically" recognizes the type of traffic. Actually, two listening +# endpoints (the "plain" one and the "tls" one) are equivalent in terms of +# functionality; but we keep both endpoints to satisfy the RFC 5766 specs. +# For secure TCP connections, we currently support SSL version 3 and +# TLS version 1.0, 1.1 and 1.2. +# For secure UDP connections, we support DTLS version 1. +# +tls-listening-port=<%= @tls_listening_port %> + +# Alternative listening port for UDP and TCP listeners; +# default (or zero) value means "listening port plus one". +# This is needed for RFC 5780 support +# (STUN extension specs, NAT behavior discovery). The TURN Server +# supports RFC 5780 only if it is started with more than one +# listening IP address of the same family (IPv4 or IPv6). +# RFC 5780 is supported only by UDP protocol, other protocols +# are listening to that endpoint only for "symmetry". +# +#alt-listening-port=0 + +# Alternative listening port for TLS and DTLS protocols. +# Default (or zero) value means "TLS listening port plus one". +# +#alt-tls-listening-port=0 + +# Listener IP address of relay server. Multiple listeners can be specified. +# If no IP(s) specified in the config file or in the command line options, +# then all IPv4 and IPv6 system IPs will be used for listening. +# +listening-ip=<%= @listening_ip %> +#listening-ip=10.207.21.238 +#listening-ip=2607:f0d0:1002:51::4 + +# Auxiliary STUN/TURN server listening endpoint. +# Aux servers have almost full TURN and STUN functionality. +# The (minor) limitations are: +# +# 1) Auxiliary servers do not have alternative ports and +# they do not support STUN RFC 5780 functionality (CHANGE REQUEST). +# +# 2) Auxiliary servers also are never returning ALTERNATIVE-SERVER reply. +# +# Valid formats are 1.2.3.4:5555 for IPv4 and [1:2::3:4]:5555 for IPv6. +# +# There may be multiple aux-server options, each will be used for listening +# to client requests. +# +#aux-server=172.17.19.110:33478 +#aux-server=[2607:f0d0:1002:51::4]:33478 + +# (recommended for older Linuxes only) +# Automatically balance UDP traffic over auxiliary servers (if configured). +# The load balancing is using the ALTERNATE-SERVER mechanism. +# The TURN client must support 300 ALTERNATE-SERVER response for this +# functionality. +# +#udp-self-balance + +# Relay interface device for relay sockets (optional, Linux only). +# NOT RECOMMENDED. +# +#relay-device=eth1 + +# Relay address (the local IP address that will be used to relay the +# packets to the peer). +# Multiple relay addresses may be used. +# The same IP(s) can be used as both listening IP(s) and relay IP(s). +# +# If no relay IP(s) specified, then the turnserver will apply the default +# policy: it will decide itself which relay addresses to be used, and it +# will always be using the client socket IP address as the relay IP address +# of the TURN session (if the requested relay address family is the same +# as the family of the client socket). +# +relay-ip=<%= @relay_ip %> +#relay-ip=2607:f0d0:1002:51::5 + +# For Amazon EC2 users: +# +# TURN Server public/private address mapping, if the server is behind NAT. +# In that situation, if a -X is used in form "-X " then that ip will be reported +# as relay IP address of all allocations. This scenario works only in a simple case +# when one single relay address is be used, and no RFC5780 functionality is required. +# That single relay address must be mapped by NAT to the 'external' IP. +# The "external-ip" value, if not empty, is returned in XOR-RELAYED-ADDRESS field. +# For that 'external' IP, NAT must forward ports directly (relayed port 12345 +# must be always mapped to the same 'external' port 12345). +# +# In more complex case when more than one IP address is involved, +# that option must be used several times, each entry must +# have form "-X ", to map all involved addresses. +# RFC5780 NAT discovery STUN functionality will work correctly, +# if the addresses are mapped properly, even when the TURN server itself +# is behind A NAT. +# +# By default, this value is empty, and no address mapping is used. +# +#external-ip=60.70.80.91 +# +#OR: +# +#external-ip=60.70.80.91/172.17.19.101 +#external-ip=60.70.80.92/172.17.19.102 + + +# Number of the relay threads to handle the established connections +# (in addition to authentication thread and the listener thread). +# If explicitly set to 0 then application runs relay process in a +# single thread, in the same thread with the listener process +# (the authentication thread will still be a separate thread). +# +# If this parameter is not set, then the default OS-dependent +# thread pattern algorithm will be employed. Usually the default +# algorithm is the most optimal, so you have to change this option +# only if you want to make some fine tweaks. +# +# In the older systems (Linux kernel before 3.9), +# the number of UDP threads is always one thread per network listening +# endpoint - including the auxiliary endpoints - unless 0 (zero) or +# 1 (one) value is set. +# +#relay-threads=0 + +# Lower and upper bounds of the UDP relay endpoints: +# (default values are 49152 and 65535) +# +min-port=<%= @min_port %> +max-port=<%= @max_port %> + +# Uncomment to run TURN server in 'normal' 'moderate' verbose mode. +# By default the verbose mode is off. +verbose + +# Uncomment to run TURN server in 'extra' verbose mode. +# This mode is very annoying and produces lots of output. +# Not recommended under any normal circumstances. +# +#Verbose + +# Uncomment to use fingerprints in the TURN messages. +# By default the fingerprints are off. +# +#fingerprint + +# Uncomment to use long-term credential mechanism. +# By default no credentials mechanism is used (any user allowed). +# +#lt-cred-mech + +# This option is opposite to lt-cred-mech. +# (TURN Server with no-auth option allows anonymous access). +# If neither option is defined, and no users are defined, +# then no-auth is default. If at least one user is defined, +# in this file or in command line or in usersdb file, then +# lt-cred-mech is default. +# +#no-auth + +# TURN REST API flag. +# (Time Limited Long Term Credential) +# Flag that sets a special authorization option that is based upon authentication secret. +# +# This feature's purpose is to support "TURN Server REST API", see +# "TURN REST API" link in the project's page +# https://github.com/coturn/coturn/ +# +# This option is used with timestamp: +# +# usercombo -> "timestamp:userid" +# turn user -> usercombo +# turn password -> base64(hmac(secret key, usercombo)) +# +# This allows TURN credentials to be accounted for a specific user id. +# If you don't have a suitable id, the timestamp alone can be used. +# This option is just turning on secret-based authentication. +# The actual value of the secret is defined either by option static-auth-secret, +# or can be found in the turn_secret table in the database (see below). +# +# Read more about it: +# - https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00 +# - https://www.ietf.org/proceedings/87/slides/slides-87-behave-10.pdf +# +# Be aware that use-auth-secret overrides some part of lt-cred-mech. +# Notice that this feature depends internally on lt-cred-mech, so if you set +# use-auth-secret then it enables internally automatically lt-cred-mech option +# like if you enable both. +# +# You can use only one of the to auth mechanisms in the same time because, +# both mechanism use the username and password validation in different way. +# +# This way be aware that you can't use both auth mechnaism in the same time! +# Use in config either the lt-cred-mech or the use-auth-secret +# to avoid any confusion. +# +use-auth-secret + +# 'Static' authentication secret value (a string) for TURN REST API only. +# If not set, then the turn server +# will try to use the 'dynamic' value in turn_secret table +# in user database (if present). The database-stored value can be changed on-the-fly +# by a separate program, so this is why that other mode is 'dynamic'. +# +static-auth-secret=<%= @static_auth_secret %> + +# Server name used for +# the oAuth authentication purposes. +# The default value is the realm name. +# +#server-name=blackdow.carleon.gov + +# Flag that allows oAuth authentication. +# +#oauth + +# 'Static' user accounts for long term credentials mechanism, only. +# This option cannot be used with TURN REST API. +# 'Static' user accounts are NOT dynamically checked by the turnserver process, +# so that they can NOT be changed while the turnserver is running. +# +#user=username1:key1 +#user=username2:key2 +# OR: +#user=username1:password1 +#user=username2:password2 +# +# Keys must be generated by turnadmin utility. The key value depends +# on user name, realm, and password: +# +# Example: +# $ turnadmin -k -u ninefingers -r north.gov -p youhavetoberealistic +# Output: 0xbc807ee29df3c9ffa736523fb2c4e8ee +# ('0x' in the beginning of the key is what differentiates the key from +# password. If it has 0x then it is a key, otherwise it is a password). +# +# The corresponding user account entry in the config file will be: +# +#user=ninefingers:0xbc807ee29df3c9ffa736523fb2c4e8ee +# Or, equivalently, with open clear password (less secure): +#user=ninefingers:youhavetoberealistic +# + +# SQLite database file name. +# +# Default file name is /var/db/turndb or /usr/local/var/db/turndb or +# /var/lib/turn/turndb. +# +#userdb=/var/db/turndb + +# PostgreSQL database connection string in the case that we are using PostgreSQL +# as the user database. +# This database can be used for long-term credential mechanism +# and it can store the secret value for secret-based timed authentication in TURN RESP API. +# See http://www.postgresql.org/docs/8.4/static/libpq-connect.html for 8.x PostgreSQL +# versions connection string format, see +# http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING +# for 9.x and newer connection string formats. +# +#psql-userdb="host= dbname= user= password= connect_timeout=30" + +# MySQL database connection string in the case that we are using MySQL +# as the user database. +# This database can be used for long-term credential mechanism +# and it can store the secret value for secret-based timed authentication in TURN RESP API. +# +# Optional connection string parameters for the secure communications (SSL): +# ca, capath, cert, key, cipher +# (see http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html for the +# command options description). +# +# Use string format as below (space separated parameters, all optional): +# +#mysql-userdb="host= dbname= user= password= port= connect_timeout= read_timeout=" + +# If you want to use in the MySQL connection string the password in encrypted format, +# then set in this option the MySQL password encryption secret key file. +# +# Warning: If this option is set, then mysql password must be set in "mysql-userdb" in encrypted format! +# If you want to use cleartext password then do not set this option! +# +# This is the file path which contain secret key of aes encryption while using password encryption. +# +#secret-key-file=/path/ + +# MongoDB database connection string in the case that we are using MongoDB +# as the user database. +# This database can be used for long-term credential mechanism +# and it can store the secret value for secret-based timed authentication in TURN RESP API. +# Use string format is described at http://hergert.me/docs/mongo-c-driver/mongoc_uri.html +# +#mongo-userdb="mongodb://[username:password@]host1[:port1][,host2[:port2],...[,hostN[:portN]]][/[database][?options]]" + +# Redis database connection string in the case that we are using Redis +# as the user database. +# This database can be used for long-term credential mechanism +# and it can store the secret value for secret-based timed authentication in TURN RESP API. +# Use string format as below (space separated parameters, all optional): +# +#redis-userdb="ip= dbname= password= port= connect_timeout=" + +# Redis status and statistics database connection string, if used (default - empty, no Redis stats DB used). +# This database keeps allocations status information, and it can be also used for publishing +# and delivering traffic and allocation event notifications. +# The connection string has the same parameters as redis-userdb connection string. +# Use string format as below (space separated parameters, all optional): +# +#redis-statsdb="ip= dbname= password= port= connect_timeout=" + +# The default realm to be used for the users when no explicit +# origin/realm relationship was found in the database, or if the TURN +# server is not using any database (just the commands-line settings +# and the userdb file). Must be used with long-term credentials +# mechanism or with TURN REST API. +# +# Note: If default realm is not specified at all, then realm falls back to the host domain name. +# If domain name is empty string, or '(None)', then it is initialized to am empty string. +# +realm=<%= @realm %> + +# The flag that sets the origin consistency +# check: across the session, all requests must have the same +# main ORIGIN attribute value (if the ORIGIN was +# initially used by the session). +# +#check-origin-consistency + +# Per-user allocation quota. +# default value is 0 (no quota, unlimited number of sessions per user). +# This option can also be set through the database, for a particular realm. +# +#user-quota=0 + +# Total allocation quota. +# default value is 0 (no quota). +# This option can also be set through the database, for a particular realm. +# +#total-quota=0 + +# Max bytes-per-second bandwidth a TURN session is allowed to handle +# (input and output network streams are treated separately). Anything above +# that limit will be dropped or temporary suppressed (within +# the available buffer limits). +# This option can also be set through the database, for a particular realm. +# +#max-bps=0 + +# +# Maximum server capacity. +# Total bytes-per-second bandwidth the TURN server is allowed to allocate +# for the sessions, combined (input and output network streams are treated separately). +# +# bps-capacity=0 + +# Uncomment if no UDP client listener is desired. +# By default UDP client listener is always started. +# +#no-udp + +# Uncomment if no TCP client listener is desired. +# By default TCP client listener is always started. +# +#no-tcp + +# Uncomment if no TLS client listener is desired. +# By default TLS client listener is always started. +# +#no-tls + +# Uncomment if no DTLS client listener is desired. +# By default DTLS client listener is always started. +# +#no-dtls + +# Uncomment if no UDP relay endpoints are allowed. +# By default UDP relay endpoints are enabled (like in RFC 5766). +# +#no-udp-relay + +# Uncomment if no TCP relay endpoints are allowed. +# By default TCP relay endpoints are enabled (like in RFC 6062). +# +#no-tcp-relay + +# Uncomment if extra security is desired, +# with nonce value having limited lifetime. +# By default, the nonce value is unique for a session, +# and has unlimited lifetime. +# Set this option to limit the nonce lifetime. +# It defaults to 600 secs (10 min) if no value is provided. After that delay, +# the client will get 438 error and will have to re-authenticate itself. +# +#stale-nonce=600 + +# Uncomment if you want to set the maximum allocation +# time before it has to be refreshed. +# Default is 3600s. +# +#max-allocate-lifetime=3600 + + +# Uncomment to set the lifetime for the channel. +# Default value is 600 secs (10 minutes). +# This value MUST not be changed for production purposes. +# +#channel-lifetime=600 + +# Uncomment to set the permission lifetime. +# Default to 300 secs (5 minutes). +# In production this value MUST not be changed, +# however it can be useful for test purposes. +# +#permission-lifetime=300 + +# Certificate file. +# Use an absolute path or path relative to the +# configuration file. +# +cert=<%= @cert %> + +# Private key file. +# Use an absolute path or path relative to the +# configuration file. +# Use PEM file format. +# +pkey=<%= @pkey %> + +# Private key file password, if it is in encoded format. +# This option has no default value. +# +#pkey-pwd=... + +# Allowed OpenSSL cipher list for TLS/DTLS connections. +# Default value is "DEFAULT". +# +#cipher-list="DEFAULT" + +# CA file in OpenSSL format. +# Forces TURN server to verify the client SSL certificates. +# By default it is not set: there is no default value and the client +# certificate is not checked. +# +# Example: +#CA-file=/etc/ssh/id_rsa.cert + +# Curve name for EC ciphers, if supported by OpenSSL +# library (TLS and DTLS). The default value is prime256v1, +# if pre-OpenSSL 1.0.2 is used. With OpenSSL 1.0.2+, +# an optimal curve will be automatically calculated, if not defined +# by this option. +# +#ec-curve-name=prime256v1 + +# Use 566 bits predefined DH TLS key. Default size of the key is 1066. +# +#dh566 + +# Use 2066 bits predefined DH TLS key. Default size of the key is 1066. +# +#dh2066 + +# Use custom DH TLS key, stored in PEM format in the file. +# Flags --dh566 and --dh2066 are ignored when the DH key is taken from a file. +# +#dh-file= + +# Flag to prevent stdout log messages. +# By default, all log messages are going to both stdout and to +# the configured log file. With this option everything will be +# going to the configured log only (unless the log file itself is stdout). +# +#no-stdout-log + +# Option to set the log file name. +# By default, the turnserver tries to open a log file in +# /var/log, /var/tmp, /tmp and current directories directories +# (which open operation succeeds first that file will be used). +# With this option you can set the definite log file name. +# The special names are "stdout" and "-" - they will force everything +# to the stdout. Also, the "syslog" name will force everything to +# the system log (syslog). +# In the runtime, the logfile can be reset with the SIGHUP signal +# to the turnserver process. +# +#log-file=/var/tmp/turn.log + +# Option to redirect all log output into system log (syslog). +# +syslog + +# This flag means that no log file rollover will be used, and the log file +# name will be constructed as-is, without PID and date appendage. +# This option can be used, for example, together with the logrotate tool. +# +#simple-log + +# Option to set the "redirection" mode. The value of this option +# will be the address of the alternate server for UDP & TCP service in form of +# [:]. The server will send this value in the attribute +# ALTERNATE-SERVER, with error 300, on ALLOCATE request, to the client. +# Client will receive only values with the same address family +# as the client network endpoint address family. +# See RFC 5389 and RFC 5766 for ALTERNATE-SERVER functionality description. +# The client must use the obtained value for subsequent TURN communications. +# If more than one --alternate-server options are provided, then the functionality +# can be more accurately described as "load-balancing" than a mere "redirection". +# If the port number is omitted, then the default port +# number 3478 for the UDP/TCP protocols will be used. +# Colon (:) characters in IPv6 addresses may conflict with the syntax of +# the option. To alleviate this conflict, literal IPv6 addresses are enclosed +# in square brackets in such resource identifiers, for example: +# [2001:db8:85a3:8d3:1319:8a2e:370:7348]:3478 . +# Multiple alternate servers can be set. They will be used in the +# round-robin manner. All servers in the pool are considered of equal weight and +# the load will be distributed equally. For example, if we have 4 alternate servers, +# then each server will receive 25% of ALLOCATE requests. A alternate TURN server +# address can be used more than one time with the alternate-server option, so this +# can emulate "weighting" of the servers. +# +# Examples: +#alternate-server=1.2.3.4:5678 +#alternate-server=11.22.33.44:56789 +#alternate-server=5.6.7.8 +#alternate-server=[2001:db8:85a3:8d3:1319:8a2e:370:7348]:3478 + +# Option to set alternative server for TLS & DTLS services in form of +# :. If the port number is omitted, then the default port +# number 5349 for the TLS/DTLS protocols will be used. See the previous +# option for the functionality description. +# +# Examples: +#tls-alternate-server=1.2.3.4:5678 +#tls-alternate-server=11.22.33.44:56789 +#tls-alternate-server=[2001:db8:85a3:8d3:1319:8a2e:370:7348]:3478 + +# Option to suppress TURN functionality, only STUN requests will be processed. +# Run as STUN server only, all TURN requests will be ignored. +# By default, this option is NOT set. +# +#stun-only + +# Option to suppress STUN functionality, only TURN requests will be processed. +# Run as TURN server only, all STUN requests will be ignored. +# By default, this option is NOT set. +# +#no-stun + +# This is the timestamp/username separator symbol (character) in TURN REST API. +# The default value is ':'. +# rest-api-separator=: + +# Flag that can be used to allow peers on the loopback addresses (127.x.x.x and ::1). +# This is an extra security measure. +# +# (To avoid any security issue that allowing loopback access may raise, +# the no-loopback-peers option is replaced by allow-loopback-peers.) +# +# Allow it only for testing in a development environment! +# In production it adds a possible security vulnerability, so for security reasons +# it is not allowed using it together with empty cli-password. +# +#allow-loopback-peers + +# Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*). +# This is an extra security measure. +# +#no-multicast-peers + +# Option to set the max time, in seconds, allowed for full allocation establishment. +# Default is 60 seconds. +# +#max-allocate-timeout=60 + +# Option to allow or ban specific ip addresses or ranges of ip addresses. +# If an ip address is specified as both allowed and denied, then the ip address is +# considered to be allowed. This is useful when you wish to ban a range of ip +# addresses, except for a few specific ips within that range. +# +# This can be used when you do not want users of the turn server to be able to access +# machines reachable by the turn server, but would otherwise be unreachable from the +# internet (e.g. when the turn server is sitting behind a NAT) +# +# Examples: +# denied-peer-ip=83.166.64.0-83.166.95.255 +# allowed-peer-ip=83.166.68.45 + +# File name to store the pid of the process. +# Default is /var/run/turnserver.pid (if superuser account is used) or +# /var/tmp/turnserver.pid . +# +#pidfile="/var/run/turnserver.pid" + +# Require authentication of the STUN Binding request. +# By default, the clients are allowed anonymous access to the STUN Binding functionality. +# +#secure-stun + +# Mobility with ICE (MICE) specs support. +# +#mobility + +# Allocate Address Family according +# If enabled then TURN server allocates address family according the TURN +# Client <=> Server communication address family. +# (By default coTURN works according RFC 6156.) +# !!Warning: Enabling this option breaks RFC6156 section-4.2 (violates use default IPv4)!! +# +#keep-address-family + + +# User name to run the process. After the initialization, the turnserver process +# will make an attempt to change the current user ID to that user. +# +#proc-user= + +# Group name to run the process. After the initialization, the turnserver process +# will make an attempt to change the current group ID to that group. +# +#proc-group= + +# Turn OFF the CLI support. +# By default it is always ON. +# See also options cli-ip and cli-port. +# +no-cli + +#Local system IP address to be used for CLI server endpoint. Default value +# is 127.0.0.1. +# +#cli-ip=127.0.0.1 + +# CLI server port. Default is 5766. +# +#cli-port=5766 + +# CLI access password. Default is empty (no password). +# For the security reasons, it is recommended to use the encrypted +# for of the password (see the -P command in the turnadmin utility). +# +# Secure form for password 'qwerty': +# +#cli-password=$5$79a316b350311570$81df9cfb9af7f5e5a76eada31e7097b663a0670f99a3c07ded3f1c8e59c5658a +# +# Or unsecure form for the same password: +# +#cli-password=qwerty + +# Enable Web-admin support on https. By default it is Disabled. +# If it is enabled it also enables a http a simple static banner page +# with a small reminder that the admin page is available only on https. +# +#web-admin + +# Local system IP address to be used for Web-admin server endpoint. Default value is 127.0.0.1. +# +#web-admin-ip=127.0.0.1 + +# Web-admin server port. Default is 8080. +# +#web-admin-port=8080 + +# Web-admin server listen on STUN/TURN worker threads +# By default it is disabled for security resons! (Not recommended in any production environment!) +# +#web-admin-listen-on-workers + +# Server relay. NON-STANDARD AND DANGEROUS OPTION. +# Only for those applications when we want to run +# server applications on the relay endpoints. +# This option eliminates the IP permissions check on +# the packets incoming to the relay endpoints. +# +#server-relay + +# Maximum number of output sessions in ps CLI command. +# This value can be changed on-the-fly in CLI. The default value is 256. +# +#cli-max-output-sessions + +# Set network engine type for the process (for internal purposes). +# +#ne=[1|2|3] + +# Do not allow an TLS/DTLS version of protocol +# +#no-tlsv1 +#no-tlsv1_1 +#no-tlsv1_2 diff --git a/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb b/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb index 30fd806..4424256 100644 --- a/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb +++ b/site-cookbooks/kosmos-ejabberd/templates/vhost.yml.erb @@ -16,7 +16,7 @@ host_config: ldap_password: "<%= @host[:ldap_password] %>" ldap_encrypt: <%= @ldap_encryption_type %> ldap_base: "ou=<%= @host[:name] %>,<%= @ldap_base %>" - ldap_filter: "(objectClass=person)" + ldap_filter: "<%= @ldap_filter %>" <% end -%> append_host_config: diff --git a/site-cookbooks/kosmos-ipfs/attributes/default.rb b/site-cookbooks/kosmos-ipfs/attributes/default.rb index e4ee1b0..7f68772 100644 --- a/site-cookbooks/kosmos-ipfs/attributes/default.rb +++ b/site-cookbooks/kosmos-ipfs/attributes/default.rb @@ -62,4 +62,4 @@ node.default['kosmos-ipfs']['ipfs']['config'] = { node.default['kosmos-ipfs']['nginx']['domain'] = "ipfs.kosmos.org" node.default['kosmos-ipfs']['nginx']['external_api_port'] = 5444 -node.default['kosmos-ipfs']['kredits-pinner']['revision'] = "v2.2.0" +node.default['kosmos-ipfs']['kredits-pinner']['revision'] = "v2.3.0" diff --git a/site-cookbooks/kosmos-mastodon/recipes/default.rb b/site-cookbooks/kosmos-mastodon/recipes/default.rb index 9c8ab3b..5c2d3cb 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/default.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/default.rb @@ -44,7 +44,7 @@ end elasticsearch_service 'elasticsearch' -postgresql_data_bag_item = data_bag_item('credentials', 'postgresql') +postgresql_credentials = data_bag_item('credentials', 'postgresql') mastodon_path = node["kosmos-mastodon"]["directory"] mastodon_user = "mastodon" @@ -75,7 +75,7 @@ npm_package "yarn" do version "1.22.4" end -ruby_version = "3.0.6" +ruby_version = "3.3.0" ruby_path = "/opt/ruby_build/builds/#{ruby_version}" bundle_path = "#{ruby_path}/bin/bundle" @@ -168,7 +168,22 @@ execute "restart mastodon services" do notifies :restart, "service[mastodon-streaming]", :delayed end -mastodon_credentials = data_bag_item('credentials', 'mastodon') +credentials = data_bag_item('credentials', 'mastodon') + +ldap_config = { + host: "ldap.kosmos.local", + port: 389, + method: "plain", + base: "ou=kosmos.org,cn=users,dc=kosmos,dc=org", + bind_dn: credentials["ldap_bind_dn"], + password: credentials["ldap_password"], + uid: "cn", + mail: "mail", + search_filter: "(&(|(cn=%{email})(mail=%{email}))(serviceEnabled=mastodon))", + uid_conversion_enabled: "true", + uid_conversion_search: "-", + uid_conversion_replace: "_" +} template "#{mastodon_path}/.env.#{rails_env}" do source "env.erb" @@ -178,21 +193,22 @@ template "#{mastodon_path}/.env.#{rails_env}" do variables redis_url: node["kosmos-mastodon"]["redis_url"], domain: node["kosmos-mastodon"]["domain"], alternate_domains: node["kosmos-mastodon"]["alternate_domains"], - paperclip_secret: mastodon_credentials['paperclip_secret'], - secret_key_base: mastodon_credentials['secret_key_base'], - otp_secret: mastodon_credentials['otp_secret'], - smtp_login: mastodon_credentials['smtp_user_name'], - smtp_password: mastodon_credentials['smtp_password'], + paperclip_secret: credentials['paperclip_secret'], + secret_key_base: credentials['secret_key_base'], + otp_secret: credentials['otp_secret'], + ldap: ldap_config, + smtp_login: credentials['smtp_user_name'], + smtp_password: credentials['smtp_password'], smtp_from_address: "mail@#{node['kosmos-mastodon']['domain']}", s3_endpoint: node["kosmos-mastodon"]["s3_endpoint"], s3_region: node["kosmos-mastodon"]["s3_region"], s3_bucket: node["kosmos-mastodon"]["s3_bucket"], s3_alias_host: node["kosmos-mastodon"]["s3_alias_host"], - aws_access_key_id: mastodon_credentials['s3_key_id'], - aws_secret_access_key: mastodon_credentials['s3_secret_key'], - vapid_private_key: mastodon_credentials['vapid_private_key'], - vapid_public_key: mastodon_credentials['vapid_public_key'], - db_pass: postgresql_data_bag_item['mastodon_user_password'], + aws_access_key_id: credentials['s3_key_id'], + aws_secret_access_key: credentials['s3_secret_key'], + vapid_private_key: credentials['vapid_private_key'], + vapid_public_key: credentials['vapid_public_key'], + db_pass: postgresql_credentials['mastodon_user_password'], db_host: "pg.kosmos.local", default_locale: node["kosmos-mastodon"]["default_locale"], allowed_private_addresses: node["kosmos-mastodon"]["allowed_private_addresses"], diff --git a/site-cookbooks/kosmos-mastodon/recipes/nginx.rb b/site-cookbooks/kosmos-mastodon/recipes/nginx.rb index 405be3a..bcb1d83 100644 --- a/site-cookbooks/kosmos-mastodon/recipes/nginx.rb +++ b/site-cookbooks/kosmos-mastodon/recipes/nginx.rb @@ -34,6 +34,7 @@ end tls_cert_for server_name do auth "gandi_dns" + acme_domain "letsencrypt.kosmos.org" action :create end diff --git a/site-cookbooks/kosmos-mastodon/templates/default/env.erb b/site-cookbooks/kosmos-mastodon/templates/default/env.erb index e81a6fa..4e1fae1 100644 --- a/site-cookbooks/kosmos-mastodon/templates/default/env.erb +++ b/site-cookbooks/kosmos-mastodon/templates/default/env.erb @@ -29,6 +29,23 @@ SMTP_LOGIN=<%= @smtp_login %> SMTP_PASSWORD=<%= @smtp_password %> SMTP_FROM_ADDRESS=<%= @smtp_from_address %> +<% if @ldap %> +# LDAP configuration +LDAP_ENABLED=true +LDAP_HOST=<%= @ldap[:host] %> +LDAP_PORT=<%= @ldap[:port] %> +LDAP_METHOD='<%= @ldap[:method] %>' +LDAP_BASE='<%= @ldap[:base] %>' +LDAP_BIND_DN='<%= @ldap[:bind_dn] %>' +LDAP_PASSWORD='<%= @ldap[:password] %>' +LDAP_UID=<%= @ldap[:uid] %> +LDAP_MAIL=<%= @ldap[:mail] %> +LDAP_SEARCH_FILTER='<%= @ldap[:search_filter] %>' +LDAP_UID_CONVERSION_ENABLED=<%= @ldap[:uid_conversion_enabled] %> +LDAP_UID_CONVERSION_SEARCH=<%= @ldap[:uid_conversion_search] %> +LDAP_UID_CONVERSION_REPLACE=<%= @ldap[:uid_conversion_replace] %> +<% end %> + # Optional asset host for multi-server setups # CDN_HOST=assets.example.com diff --git a/site-cookbooks/kosmos-mastodon/templates/default/nginx_conf_mastodon.erb b/site-cookbooks/kosmos-mastodon/templates/default/nginx_conf_mastodon.erb index 11d23a3..e0d404d 100644 --- a/site-cookbooks/kosmos-mastodon/templates/default/nginx_conf_mastodon.erb +++ b/site-cookbooks/kosmos-mastodon/templates/default/nginx_conf_mastodon.erb @@ -32,6 +32,12 @@ server { <% if @onion_address %> add_header Onion-Location https://mastodon.<%= @onion_address %>$request_uri; <% end %> + + location ~ ^/.well-known/(lnurlp|keysend) { + add_header 'Access-Control-Allow-Origin' '*'; + proxy_ssl_server_name on; + proxy_pass https://accounts.kosmos.org; + } } <% if @onion_address %> diff --git a/site-cookbooks/kosmos-postfix/recipes/default.rb b/site-cookbooks/kosmos-postfix/recipes/default.rb index 8fa2c14..53e0837 100644 --- a/site-cookbooks/kosmos-postfix/recipes/default.rb +++ b/site-cookbooks/kosmos-postfix/recipes/default.rb @@ -2,39 +2,21 @@ # Cookbook Name:: kosmos-postfix # Recipe:: default # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. + +node.default['postfix']['main']['smtp_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' +node.default['postfix']['main']['smtpd_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' + +return if node.run_list.roles.include?("email_server") smtp_credentials = Chef::EncryptedDataBagItem.load('credentials', 'smtp') -node.override['postfix']['sasl']['smtp_sasl_user_name'] = smtp_credentials['user_name'] -node.override['postfix']['sasl']['smtp_sasl_passwd'] = smtp_credentials['password'] -node.override['postfix']['sasl_password_file'] = "#{node['postfix']['conf_dir']}/sasl_passwd" +node.default['postfix']['sasl']['smtp_sasl_user_name'] = smtp_credentials['user_name'] +node.default['postfix']['sasl']['smtp_sasl_passwd'] = smtp_credentials['password'] +node.default['postfix']['sasl_password_file'] = "#{node['postfix']['conf_dir']}/sasl_passwd" # Postfix doesn't support smtps relayhost, use STARTSSL instead -node.override['postfix']['main']['relayhost'] = smtp_credentials['relayhost'] -node.override['postfix']['main']['smtp_sasl_auth_enable'] = 'yes' -node.override['postfix']['main']['smtp_sasl_password_maps'] = "hash:#{node['postfix']['sasl_password_file']}" -node.override['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous' -node.override['postfix']['main']['smtp_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' -node.override['postfix']['main']['smtpd_tls_CAfile'] = '/etc/ssl/certs/ca-certificates.crt' +node.default['postfix']['main']['relayhost'] = smtp_credentials['relayhost'] +node.default['postfix']['main']['smtp_sasl_auth_enable'] = 'yes' +node.default['postfix']['main']['smtp_sasl_password_maps'] = "hash:#{node['postfix']['sasl_password_file']}" +node.default['postfix']['main']['smtp_sasl_security_options'] = 'noanonymous' include_recipe 'postfix::default' diff --git a/site-cookbooks/kosmos_email/.gitignore b/site-cookbooks/kosmos_email/.gitignore new file mode 100644 index 0000000..f1e57b8 --- /dev/null +++ b/site-cookbooks/kosmos_email/.gitignore @@ -0,0 +1,25 @@ +.vagrant +*~ +*# +.#* +\#*# +.*.sw[a-z] +*.un~ + +# Bundler +Gemfile.lock +gems.locked +bin/* +.bundle/* + +# test kitchen +.kitchen/ +kitchen.local.yml + +# Chef Infra +Berksfile.lock +.zero-knife.rb +Policyfile.lock.json + +.idea/ + diff --git a/site-cookbooks/kosmos_email/CHANGELOG.md b/site-cookbooks/kosmos_email/CHANGELOG.md new file mode 100644 index 0000000..b33cc1a --- /dev/null +++ b/site-cookbooks/kosmos_email/CHANGELOG.md @@ -0,0 +1,7 @@ +# kosmos_email CHANGELOG + +This file is used to list changes made in each version of the kosmos_email cookbook. + +## 0.1.0 + +Initial release. diff --git a/site-cookbooks/kosmos_email/LICENSE b/site-cookbooks/kosmos_email/LICENSE new file mode 100644 index 0000000..b28fde8 --- /dev/null +++ b/site-cookbooks/kosmos_email/LICENSE @@ -0,0 +1,20 @@ +Copyright (c) Kosmos Developers + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/site-cookbooks/kosmos_email/attributes/default.rb b/site-cookbooks/kosmos_email/attributes/default.rb new file mode 100644 index 0000000..9463a3d --- /dev/null +++ b/site-cookbooks/kosmos_email/attributes/default.rb @@ -0,0 +1,9 @@ +node.default["email"]["root_directory"] = "/var/vmail" +node.default["email"]["domain"] = "example.com" +node.default["email"]["hostname"] = "mail.example.com" +node.default["email"]["report_contact"] = "abuse@example.com" +node.default["email"]["ldap_host"] = "ldap.kosmos.local" +node.default["email"]["ldap_search_base"] = "cn=users,dc=kosmos,dc=org" +node.default["email"]["virtual_aliases"] = { + "admin@example.com" => "administrator@example.com" +} diff --git a/site-cookbooks/kosmos_email/chefignore b/site-cookbooks/kosmos_email/chefignore new file mode 100644 index 0000000..cc170ea --- /dev/null +++ b/site-cookbooks/kosmos_email/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen.yml* +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/site-cookbooks/kosmos_email/compliance/README.md b/site-cookbooks/kosmos_email/compliance/README.md new file mode 100644 index 0000000..947be3e --- /dev/null +++ b/site-cookbooks/kosmos_email/compliance/README.md @@ -0,0 +1,25 @@ +# compliance + +This directory contains Chef InSpec profile, waiver and input objects which are used with the Chef Infra Compliance Phase. + +Detailed information on the Chef Infra Compliance Phase can be found in the [Chef Documentation](https://docs.chef.io/chef_compliance_phase/). + +```plain +./compliance +├── inputs +├── profiles +└── waivers +``` + +Use the `chef generate` command from Chef Workstation to create content for these directories: + +```sh +# Generate a Chef InSpec profile +chef generate profile PROFILE_NAME + +# Generate a Chef InSpec waiver file +chef generate waiver WAIVER_NAME + +# Generate a Chef InSpec input file +chef generate input INPUT_NAME +``` diff --git a/site-cookbooks/kosmos_email/kitchen.yml b/site-cookbooks/kosmos_email/kitchen.yml new file mode 100644 index 0000000..3e87682 --- /dev/null +++ b/site-cookbooks/kosmos_email/kitchen.yml @@ -0,0 +1,53 @@ +--- +driver: + name: dokken + chef_version: 18.2.7 + pull_platform_image: false + pull_chef_image: false + memory_limit: 2147483648 # 2GB + volumes: + # saves the apt archieves outside of the container + - /var/cache/apt/archives/:/var/cache/apt/archives/ + ## The forwarded_port port feature lets you connect to ports on the VM guest via + ## localhost on the host. + ## see also: https://www.vagrantup.com/docs/networking/forwarded_ports + # network: + # - ["forwarded_port", { guest: 4444, host: 4444 }] + +transport: + name: dokken + +provisioner: + name: dokken + # clean_dokken_sandbox: false + # You may wish to disable always updating cookbooks in CI or other testing environments. + # For example: + # always_update_cookbooks: <%= !ENV['CI'] %> + # always_update_cookbooks: false + + ## product_name and product_version specifies a specific Chef product and version to install. + ## see the Chef documentation for more details: https://docs.chef.io/workstation/config_yml_kitchen/ + # product_name: chef + # product_version: 16 + +verifier: + name: inspec + +platforms: + - name: ubuntu-22.04 + driver: + image: dokken/ubuntu-22.04 + privileged: true + pid_one_command: /usr/lib/systemd/systemd + intermediate_instructions: + # prevent APT from deleting the APT folder + - RUN rm /etc/apt/apt.conf.d/docker-clean + +suites: + - name: default + run_list: + - recipe[kosmos_email::default] + verifier: + inspec_tests: + - test/integration/default + attributes: diff --git a/site-cookbooks/kosmos_email/metadata.rb b/site-cookbooks/kosmos_email/metadata.rb new file mode 100644 index 0000000..71cf8ef --- /dev/null +++ b/site-cookbooks/kosmos_email/metadata.rb @@ -0,0 +1,11 @@ +name 'kosmos_email' +maintainer 'Kosmos Developers' +maintainer_email 'ops@kosmos.org' +license 'MIT' +description 'Installs/configures an email service' +version '0.1.0' +chef_version '>= 18.0' + +depends "hostname" +depends "unbound" +depends "postfix" diff --git a/site-cookbooks/kosmos_email/recipes/default.rb b/site-cookbooks/kosmos_email/recipes/default.rb new file mode 100644 index 0000000..01f85a3 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/default.rb @@ -0,0 +1,43 @@ +# +# Cookbook:: kosmos_email +# Recipe:: default +# + +domain = node["email"]["domain"] +hostname = node["email"]["hostname"] +root_dir = node["email"]["root_directory"] +ip_addr = node["knife_zero"]["host"] +extra_hostnames = ["smtp.#{domain}", "imap.#{domain}"] + +node.override["set_fqdn"] = hostname +include_recipe "hostname" + +user "vmail" do + gid "mail" + system true + manage_home false +end + +directory root_dir do + owner "vmail" + group "mail" +end + +tls_cert_for hostname do + domain ([hostname]+extra_hostnames) + auth "gandi_dns" + deploy_hook "systemctl reload postfix.service && systemctl reload dovecot.service" + action :create +end + +firewall_rule "private network access" do + command :allow + protocol :tcp + source "10.1.1.0/24" +end + +include_recipe 'unbound' +include_recipe 'kosmos_email::opendkim' +include_recipe 'kosmos_email::spamassassin' +include_recipe 'kosmos_email::postfix' +include_recipe 'kosmos_email::dovecot' diff --git a/site-cookbooks/kosmos_email/recipes/dovecot.rb b/site-cookbooks/kosmos_email/recipes/dovecot.rb new file mode 100644 index 0000000..0a6f1f7 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/dovecot.rb @@ -0,0 +1,90 @@ +# +# Cookbook:: kosmos_email +# Recipe:: dovecot +# + +%w[ + dovecot-core + dovecot-imapd + dovecot-ldap + dovecot-lmtpd + dovecot-pop3d +].each do |pkg| + apt_package pkg +end + +domain = node["email"]["domain"] +hostname = node["email"]["hostname"] +root_dir = node["email"]["root_directory"] +ip_addr = node["knife_zero"]["host"] + +ldap_search_base = node["email"]["ldap_search_base"] +ldap_user_filter = "(&(objectClass=person)(mailRoutingAddress=%u))" + +credentials = Chef::EncryptedDataBagItem.load('credentials', 'email') + +template "/etc/dovecot/dovecot.conf" do + source "dovecot.conf.erb" + mode 0644 + # TODO variables protocols: "imap pop3 lmtp" + variables protocols: "imap lmtp", + # TODO find by email_proxy role + haproxy_trusted_networks: "10.1.1.167/32" + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/dovecot-ldap.conf.ext" do + source "dovecot-ldap.conf.ext.erb" + mode 0600 + variables uris: "ldap://ldap.kosmos.local", # TODO add list of all IPs instead? + dn: credentials['ldap_dn'], + dnpass: credentials['ldap_dnpass'], + base: ldap_search_base, + user_filter: ldap_user_filter, + user_attrs: "", + pass_filter: ldap_user_filter, + pass_attrs: "mailRoutingAddress=user,mailpassword=password", + default_pass_scheme: "BLF-CRYPT" + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/conf.d/10-auth.conf" do + source "dovecot_10-auth.conf.erb" + mode 0644 + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/conf.d/10-mail.conf" do + source "dovecot_10-mail.conf.erb" + mode 0644 + variables mail_uid: "vmail", + mail_gid: "mail", + mail_location: "mbox:~/mail:INBOX=~/mail/INBOX", + mail_home: "#{root_dir}/%d/%n" + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/conf.d/10-master.conf" do + source "dovecot_10-master.conf.erb" + mode 0644 + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/conf.d/10-ssl.conf" do + source "dovecot_10-ssl.conf.erb" + mode 0644 + variables ssl: "required", + ssl_cert: node['postfix']['main']['smtpd_tls_cert_file'], + ssl_key: node['postfix']['main']['smtpd_tls_key_file'] + notifies :restart, "service[dovecot]", :delayed +end + +template "/etc/dovecot/conf.d/15-mailboxes.conf" do + source "dovecot_15-mailboxes.conf.erb" + mode 0644 + notifies :restart, "service[dovecot]", :delayed +end + +service "dovecot" do + action [:enable, :start] +end diff --git a/site-cookbooks/kosmos_email/recipes/firewall.rb b/site-cookbooks/kosmos_email/recipes/firewall.rb new file mode 100644 index 0000000..d4a76c0 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/firewall.rb @@ -0,0 +1,34 @@ +# +# Cookbook:: kosmos_email +# Recipe:: firewall +# + +firewall_rule "SMTP" do + command :allow + port 25 + protocol :tcp +end + +firewall_rule "SMTPS" do + command :allow + port 465 + protocol :tcp +end + +firewall_rule "SMTPS" do + command :allow + port 587 + protocol :tcp +end + +firewall_rule "IMAP" do + command :allow + port 143 + protocol :tcp +end + +firewall_rule "IMAPS" do + command :allow + port 993 + protocol :tcp +end diff --git a/site-cookbooks/kosmos_email/recipes/opendkim.rb b/site-cookbooks/kosmos_email/recipes/opendkim.rb new file mode 100644 index 0000000..1447895 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/opendkim.rb @@ -0,0 +1,74 @@ +# +# Cookbook:: kosmos_email +# Recipe:: opendkim +# + +%w[ + opendkim + opendkim-tools +].each do |pkg| + apt_package pkg +end + +domain = node["email"]["domain"] +selector = "mail" +socket = "inet:12301@localhost" + +template "/etc/opendkim.conf" do + source "opendkim.conf.erb" + mode 0644 + variables domain: domain, + selector: selector, + socket: socket + notifies :restart, "service[opendkim]", :delayed +end + +template "/etc/default/opendkim" do + source "opendkim_default.erb" + mode 0644 + variables socket: socket + notifies :restart, "service[opendkim]", :delayed +end + +directory "/run/opendkim" do + owner "opendkim" + group "opendkim" + action :create +end + +directory "/etc/opendkim" + +template "/etc/opendkim/keytable" do + source "opendkim_keytable.erb" + mode 0644 + variables domain: domain, + selector: selector + notifies :restart, "service[opendkim]", :delayed +end + +template "/etc/opendkim/signingtable" do + source "opendkim_signingtable.erb" + mode 0644 + variables domain: domain, + selector: selector + notifies :restart, "service[opendkim]", :delayed +end + +directory "/etc/opendkim/keys/#{domain}" do + recursive true +end + +execute "Create DKIM keys" do + cwd "/etc/opendkim/keys/#{domain}" + command "opendkim-genkey -s #{selector} -d #{domain}" + creates "/etc/opendkim/keys/#{domain}/#{selector}.private" +end + +file "/etc/opendkim/keys/#{domain}/#{selector}.private" do + owner "opendkim" + group "opendkim" +end + +service "opendkim" do + action [:enable, :start] +end diff --git a/site-cookbooks/kosmos_email/recipes/postfix.rb b/site-cookbooks/kosmos_email/recipes/postfix.rb new file mode 100644 index 0000000..3b61533 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/postfix.rb @@ -0,0 +1,197 @@ +# +# Cookbook:: kosmos_email +# Recipe:: postfix +# + +%w[ + postfix + postfix-ldap +].each do |pkg| + apt_package pkg +end + +domain = node["email"]["domain"] +hostname = node["email"]["hostname"] +root_dir = node["email"]["root_directory"] +ip_addr = node["knife_zero"]["host"] + +ldap_host = node["email"]["ldap_host"] +ldap_search_base = node["email"]["ldap_search_base"] + +credentials = Chef::EncryptedDataBagItem.load('credentials', 'email') + +node.normal["postfix"]["mail_type"] = "master" +node.normal["postfix"]["use_relay_restrictions_maps"] = true +node.normal["postfix"]["relay_restrictions"] = { domain => "OK", hostname => "OK" } + +node.normal['postfix']['main']['myhostname'] = hostname +node.normal['postfix']['main']['mydomain'] = "$myhostname" +node.normal['postfix']['main']['myorigin'] = "$myhostname" +node.normal['postfix']['main']['mynetworks'] = ["10.1.1.0/24", "127.0.0.0/8"] +node.normal['postfix']['main']['smtp_use_tls'] = "yes" +node.normal['postfix']['main']['smtp_tls_security_level'] = "may" +node.normal['postfix']['main']['smtpd_use_tls'] = "yes" +node.normal['postfix']['main']['smtpd_tls_cert_file'] = "/etc/letsencrypt/live/#{hostname}/fullchain.pem" +node.normal['postfix']['main']['smtpd_tls_key_file'] = "/etc/letsencrypt/live/#{hostname}/privkey.pem" +node.normal['postfix']['main']['smtpd_peername_lookup'] = "no" +node.normal['postfix']['main']['mailbox_transport'] = "lmtp:unix:private/dovecot-lmtp" +node.normal['postfix']['main']['virtual_transport'] = "lmtp:unix:private/dovecot-lmtp" +node.normal['postfix']['main']['smtputf8_enable'] = "no" +node.normal['postfix']['main']['recipient_delimiter'] = "+" +node.normal['postfix']['main']['virtual_alias_maps'] = "hash:#{root_dir}/aliases, ldap:/etc/postfix/ldap-virtual_alias_maps.cf" +node.normal['postfix']['main']['virtual_mailbox_domains'] = "ldap:/etc/postfix/ldap-virtual_mailbox_domains.cf" +node.normal['postfix']['main']['virtual_mailbox_maps'] = "ldap:/etc/postfix/ldap-virtual_mailbox_maps.cf" +node.normal['postfix']['main']['smtpd_sender_login_maps'] = "ldap:/etc/postfix/ldap-smtpd_sender_login_maps.cf" +node.normal['postfix']['main']['milter_protocol'] = "6" +node.normal['postfix']['main']['milter_default_action'] = "accept" +node.normal['postfix']['main']['smtpd_milters'] = "inet:localhost:12301 local:spamass/spamass.sock" +node.normal['postfix']['main']['non_smtpd_milters'] = "inet:localhost:12301" + +node.normal['postfix']['master'] = { + "#{ip_addr}:2525": { + "active": true, + "order": 1, + "type": "inet", + "private": false, + "maxproc": "1", + "command": "postscreen", + "args": [ + "-o postscreen_upstream_proxy_protocol=haproxy", + "-o postscreen_cache_map=btree:$data_directory/postscreen_2525_cache", + "-o syslog_name=postfix/2525" + ] + }, + "#{ip_addr}:10587": { + "active": true, + "order": 2, + "type": "inet", + "private": false, + "chroot": true, + "command": "smtpd", + "args": [ + "-o syslog_name=postfix/10587", + "-o smtpd_tls_security_level=encrypt", + "-o smtpd_tls_wrappermode=no", + "-o smtpd_sasl_auth_enable=yes", + "-o smtpd_sender_restrictions=reject_sender_login_mismatch", + "-o smtpd_relay_restrictions=permit_sasl_authenticated,reject", + "-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject", + "-o smtpd_sasl_type=dovecot", + "-o smtpd_sasl_path=private/auth", + "-o smtpd_upstream_proxy_protocol=haproxy", + ] + }, + "#{ip_addr}:10465": { + "active": true, + "order": 3, + "type": "inet", + "private": false, + "chroot": true, + "command": "smtpd", + "args": [ + "-o syslog_name=postfix/10465", + "-o smtpd_tls_wrappermode=yes", + "-o smtpd_sasl_auth_enable=yes", + "-o smtpd_relay_restrictions=permit_sasl_authenticated,reject", + "-o smtpd_sender_restrictions=reject_sender_login_mismatch", + "-o smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject", + "-o smtpd_sasl_type=dovecot", + "-o smtpd_sasl_path=private/auth", + "-o smtpd_upstream_proxy_protocol=haproxy", + ] + }, + "smtpd": { + "active": true, + "order": 100, + "type": "pass", + "chroot": true, + "command": "smtpd", + "args": [] + }, + "dnsblog": { + "active": true, + "order": 101, + "type": "unix", + "chroot": true, + "maxproc": "0", + "command": "dnsblog", + "args": [] + }, + "tlsproxy": { + "active": true, + "order": 102, + "type": "unix", + "chroot": true, + "maxproc": "0", + "command": "tlsproxy", + "args": [] + } +} + +bash "compile_postfix_aliases" do + cwd root_dir + code "postmap #{root_dir}/aliases" + action :nothing + notifies :restart, "service[postfix]", :delayed +end + +template "#{root_dir}/aliases" do + source "virtual-aliases.erb" + mode 0755 + variables aliases: node["email"]["virtual_aliases"] + notifies :run, "bash[compile_postfix_aliases]", :immediately +end + +ldap_default_variables = { + server_host: ldap_host, + bind_dn: credentials['ldap_dn'], + bind_pw: credentials['ldap_dnpass'], + search_base: ldap_search_base +} + +template "/etc/postfix/ldap-virtual_mailbox_domains.cf" do + source "postfix_ldap-map.cf.erb" + mode 0600 + variables ldap_default_variables.merge({ + query_filter: "mailRoutingAddress=*@%s", + result_attribute: "mailRoutingAddress", + result_format: "%d" + }) + notifies :restart, "service[postfix]", :delayed +end + +template "/etc/postfix/ldap-virtual_alias_maps.cf" do + source "postfix_ldap-map.cf.erb" + mode 0600 + variables ldap_default_variables.merge({ + query_filter: "(&(mailRoutingAddress=%s)(mailForwardingAddress=*))", + result_attribute: "mailForwardingAddress" + }) + notifies :restart, "service[postfix]", :delayed +end + +template "/etc/postfix/ldap-virtual_mailbox_maps.cf" do + source "postfix_ldap-map.cf.erb" + mode 0600 + variables ldap_default_variables.merge({ + query_filter: "mailRoutingAddress=%s", + result_attribute: "mailRoutingAddress" + }) + notifies :restart, "service[postfix]", :delayed +end + +template "/etc/postfix/ldap-smtpd_sender_login_maps.cf" do + source "postfix_ldap-map.cf.erb" + mode 0600 + variables ldap_default_variables.merge({ + query_filter: "mailRoutingAddress=%s", + result_attribute: "mailRoutingAddress, mailForwardingAddress" + }) + notifies :restart, "service[postfix]", :delayed +end + +include_recipe 'postfix::server' + +service "postfix" do + action [:enable, :start] +end diff --git a/site-cookbooks/kosmos_email/recipes/spamassassin.rb b/site-cookbooks/kosmos_email/recipes/spamassassin.rb new file mode 100644 index 0000000..3971c62 --- /dev/null +++ b/site-cookbooks/kosmos_email/recipes/spamassassin.rb @@ -0,0 +1,34 @@ +# +# Cookbook:: kosmos_email +# Recipe:: spamassassin +# + +%w[ + spamassassin + spamc + spamass-milter +].each do |pkg| + apt_package pkg +end + +domain = node["email"]["domain"] +report_contact = node["email"]["report_contact"] + +template "/etc/default/spamassassin" do + source "spamassassin_default.erb" + mode 0644 + variables options: "-u debian-spamd --nouser-config --max-children 10" + notifies :restart, "service[spamassassin]", :delayed +end + +template "/etc/spamassassin/local.cf" do + source "spamassassin_local.cf.erb" + mode 0644 + variables whitelist_auth: "*@#{domain}", + report_contact: report_contact + notifies :restart, "service[spamassassin]", :delayed +end + +service "spamassassin" do + action [:enable, :start] +end diff --git a/site-cookbooks/kosmos_email/templates/dovecot-ldap.conf.ext.erb b/site-cookbooks/kosmos_email/templates/dovecot-ldap.conf.ext.erb new file mode 100644 index 0000000..10ca936 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot-ldap.conf.ext.erb @@ -0,0 +1,151 @@ +# This file is commonly accessed via passdb {} or userdb {} section in +# conf.d/auth-ldap.conf.ext + +# This file is opened as root, so it should be owned by root and mode 0600. +# +# http://wiki2.dovecot.org/AuthDatabase/LDAP +# +# NOTE: If you're not using authentication binds, you'll need to give +# dovecot-auth read access to userPassword field in the LDAP server. +# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should +# already be something like this: + +# access to attribute=userPassword +# by dn="" read # add this +# by anonymous auth +# by self write +# by * none + +# Space separated list of LDAP hosts to use. host:port is allowed too. +#hosts = + +# LDAP URIs to use. You can use this instead of hosts list. Note that this +# setting isn't supported by all LDAP libraries. +uris = <%= @uris %> + +# Distinguished Name - the username used to login to the LDAP server. +# Leave it commented out to bind anonymously (useful with auth_bind=yes). +dn = <%= @dn %> + +# Password for LDAP server, if dn is specified. +dnpass = <%= @dnpass %> + +# Use SASL binding instead of the simple binding. Note that this changes +# ldap_version automatically to be 3 if it's lower. +#sasl_bind = no +# SASL mechanism name to use. +#sasl_mech = +# SASL realm to use. +#sasl_realm = +# SASL authorization ID, ie. the dnpass is for this "master user", but the +# dn is still the logged in user. Normally you want to keep this empty. +#sasl_authz_id = + +# Use TLS to connect to the LDAP server. +#tls = no +# TLS options, currently supported only with OpenLDAP: +#tls_ca_cert_file = +#tls_ca_cert_dir = +#tls_cipher_suite = +# TLS cert/key is used only if LDAP server requires a client certificate. +#tls_cert_file = +#tls_key_file = +# Valid values: never, hard, demand, allow, try +#tls_require_cert = + +# Use the given ldaprc path. +#ldaprc_path = + +# LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. +# -1 = everything. You may need to recompile OpenLDAP with debugging enabled +# to get enough output. +#debug_level = 1 + +# Use authentication binding for verifying password's validity. This works by +# logging into LDAP server using the username and password given by client. +# The pass_filter is used to find the DN for the user. Note that the pass_attrs +# is still used, only the password field is ignored in it. Before doing any +# search, the binding is switched back to the default DN. +#auth_bind = no + +# If authentication binding is used, you can save one LDAP request per login +# if users' DN can be specified with a common template. The template can use +# the standard %variables (see user_filter). Note that you can't +# use any pass_attrs if you use this setting. +# +# If you use this setting, it's a good idea to use a different +# dovecot-ldap.conf.ext for userdb (it can even be a symlink, just as long as +# the filename is different in userdb's args). That way one connection is used +# only for LDAP binds and another connection is used for user lookups. +# Otherwise the binding is changed to the default DN before each user lookup. +# +# For example: +# auth_bind_userdn = cn=%u,ou=people,o=org +# +#auth_bind_userdn = + +# LDAP protocol version to use. Likely 2 or 3. +#ldap_version = 3 + +# LDAP base. %variables can be used here. +# For example: dc=mail, dc=example, dc=org +base = <%= @base %> + +# Dereference: never, searching, finding, always +#deref = never + +# Search scope: base, onelevel, subtree +#scope = subtree + +# User attributes are given in LDAP-name=dovecot-internal-name list. The +# internal names are: +# uid - System UID +# gid - System GID +# home - Home directory +# mail - Mail location +# +# There are also other special fields which can be returned, see +# http://wiki2.dovecot.org/UserDatabase/ExtraFields +user_attrs = <%= @user_attrs %> + +# Filter for user lookup. Some variables can be used (see +# http://wiki2.dovecot.org/Variables for full list): +# %u - username +# %n - user part in user@domain, same as %u if there's no domain +# %d - domain part in user@domain, empty if user there's no domain +user_filter = <%= @user_filter %> + +# Password checking attributes: +# user: Virtual user name (user@domain), if you wish to change the +# user-given username to something else +# password: Password, may optionally start with {type}, eg. {crypt} +# There are also other special fields which can be returned, see +# http://wiki2.dovecot.org/PasswordDatabase/ExtraFields +pass_attrs = <%= @pass_attrs %> + +# If you wish to avoid two LDAP lookups (passdb + userdb), you can use +# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll +# also have to include user_attrs in pass_attrs field prefixed with "userdb_" +# string. For example: +#pass_attrs = uid=user,userPassword=password,\ +# homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid + +# Filter for password lookups +pass_filter = <%= @pass_filter %> + +# Attributes and filter to get a list of all users +#iterate_attrs = uid=user +#iterate_filter = (objectClass=posixAccount) + +# Default password scheme. "{scheme}" before password overrides this. +# List of supported schemes is in: http://wiki2.dovecot.org/Authentication +default_pass_scheme = <%= @default_pass_scheme %> + +# By default all LDAP lookups are performed by the auth master process. +# If blocking=yes, auth worker processes are used to perform the lookups. +# Each auth worker process creates its own LDAP connection so this can +# increase parallelism. With blocking=no the auth master process can +# keep 8 requests pipelined for the LDAP connection, while with blocking=yes +# each connection has a maximum of 1 request running. For small systems the +# blocking=no is sufficient and uses less resources. +#blocking = no diff --git a/site-cookbooks/kosmos_email/templates/dovecot.conf.erb b/site-cookbooks/kosmos_email/templates/dovecot.conf.erb new file mode 100644 index 0000000..6b29a7f --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot.conf.erb @@ -0,0 +1,105 @@ +## Dovecot configuration file + +# If you're in a hurry, see http://wiki2.dovecot.org/QuickConfiguration + +# "doveconf -n" command gives a clean output of the changed settings. Use it +# instead of copy&pasting files when posting to the Dovecot mailing list. + +# '#' character and everything after it is treated as comments. Extra spaces +# and tabs are ignored. If you want to use either of these explicitly, put the +# value inside quotes, eg.: key = "# char and trailing whitespace " + +# Most (but not all) settings can be overridden by different protocols and/or +# source/destination IPs by placing the settings inside sections, for example: +# protocol imap { }, local 127.0.0.1 { }, remote 10.0.0.0/8 { } + +# Default values are shown for each setting, it's not required to uncomment +# those. These are exceptions to this though: No sections (e.g. namespace {}) +# or plugin settings are added by default, they're listed only as examples. +# Paths are also just examples with the real defaults being based on configure +# options. The paths listed here are for configure --prefix=/usr +# --sysconfdir=/etc --localstatedir=/var + +# Enable installed protocols +protocols = <%= @protocols %> +#!include_try /usr/share/dovecot/protocols.d/*.protocol + +# A comma separated list of IPs or hosts where to listen in for connections. +# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces. +# If you want to specify non-default ports or anything more complex, +# edit conf.d/master.conf. +#listen = *, :: + +# Base directory where to store runtime data. +#base_dir = /var/run/dovecot/ + +# Name of this instance. In multi-instance setup doveadm and other commands +# can use -i to select which instance is used (an alternative +# to -c ). The instance name is also added to Dovecot processes +# in ps output. +#instance_name = dovecot + +# Greeting message for clients. +#login_greeting = Dovecot ready. + +# Space separated list of trusted network ranges. Connections from these +# IPs are allowed to override their IP addresses and ports (for logging and +# for authentication checks). disable_plaintext_auth is also ignored for +# these networks. Typically you'd specify your IMAP proxy servers here. +#login_trusted_networks = + +# Space separated list of login access check sockets (e.g. tcpwrap) +#login_access_sockets = + +# With proxy_maybe=yes if proxy destination matches any of these IPs, don't do +# proxying. This isn't necessary normally, but may be useful if the destination +# IP is e.g. a load balancer's IP. +#auth_proxy_self = + +# Show more verbose process titles (in ps). Currently shows user name and +# IP address. Useful for seeing who are actually using the IMAP processes +# (eg. shared mailboxes or if same uid is used for multiple accounts). +#verbose_proctitle = no + +# Should all processes be killed when Dovecot master process shuts down. +# Setting this to "no" means that Dovecot can be upgraded without +# forcing existing client connections to close (although that could also be +# a problem if the upgrade is e.g. because of a security fix). +#shutdown_clients = yes + +# If non-zero, run mail commands via this many connections to doveadm server, +# instead of running them directly in the same process. +#doveadm_worker_count = 0 +# UNIX socket or host:port used for connecting to doveadm server +#doveadm_socket_path = doveadm-server + +# Space separated list of environment variables that are preserved on Dovecot +# startup and passed down to all of its child processes. You can also give +# key=value pairs to always set specific settings. +#import_environment = TZ + +## +## Dictionary server settings +## + +# Dictionary can be used to store key=value lists. This is used by several +# plugins. The dictionary can be accessed either directly or though a +# dictionary server. The following dict block maps dictionary names to URIs +# when the server is used. These can then be referenced using URIs in format +# "proxy::". + +dict { + #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext +} + +# Most of the actual configuration gets included below. The filenames are +# first sorted by their ASCII value and parsed in that order. The 00-prefixes +# in filenames are intended to make it easier to understand the ordering. +!include conf.d/*.conf + +# A config file can also tried to be included without giving an error if +# it's not found: +!include_try local.conf + +haproxy_trusted_networks = <%= @haproxy_trusted_networks %> +haproxy_timeout = 3s diff --git a/site-cookbooks/kosmos_email/templates/dovecot_10-auth.conf.erb b/site-cookbooks/kosmos_email/templates/dovecot_10-auth.conf.erb new file mode 100644 index 0000000..7c079aa --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot_10-auth.conf.erb @@ -0,0 +1,127 @@ +## +## Authentication processes +## + +# Disable LOGIN command and all other plaintext authentications unless +# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP +# matches the local IP (ie. you're connecting from the same computer), the +# connection is considered secure and plaintext authentication is allowed. +# See also ssl=required setting. +disable_plaintext_auth = yes + +# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that +# bsdauth and PAM require cache_key to be set for caching to be used. +#auth_cache_size = 0 +# Time to live for cached data. After TTL expires the cached record is no +# longer used, *except* if the main database lookup returns internal failure. +# We also try to handle password changes automatically: If user's previous +# authentication was successful, but this one wasn't, the cache isn't used. +# For now this works only with plaintext authentication. +#auth_cache_ttl = 1 hour +# TTL for negative hits (user not found, password mismatch). +# 0 disables caching them completely. +#auth_cache_negative_ttl = 1 hour + +# Space separated list of realms for SASL authentication mechanisms that need +# them. You can leave it empty if you don't want to support multiple realms. +# Many clients simply use the first one listed here, so keep the default realm +# first. +#auth_realms = + +# Default realm/domain to use if none was specified. This is used for both +# SASL realms and appending @domain to username in plaintext logins. +#auth_default_realm = + +# List of allowed characters in username. If the user-given username contains +# a character not listed in here, the login automatically fails. This is just +# an extra check to make sure user can't exploit any potential quote escaping +# vulnerabilities with SQL/LDAP databases. If you want to allow all characters, +# set this value to empty. +#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ + +# Username character translations before it's looked up from databases. The +# value contains series of from -> to characters. For example "#@/@" means +# that '#' and '/' characters are translated to '@'. +#auth_username_translation = + +# Username formatting before it's looked up from databases. You can use +# the standard variables here, eg. %Lu would lowercase the username, %n would +# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into +# "-AT-". This translation is done after auth_username_translation changes. +auth_username_format = %Lu + +# If you want to allow master users to log in by specifying the master +# username within the normal username string (ie. not using SASL mechanism's +# support for it), you can specify the separator character here. The format +# is then . UW-IMAP uses "*" as the +# separator, so that could be a good choice. +#auth_master_user_separator = + +# Username to use for users logging in with ANONYMOUS SASL mechanism +#auth_anonymous_username = anonymous + +# Maximum number of dovecot-auth worker processes. They're used to execute +# blocking passdb and userdb queries (eg. MySQL and PAM). They're +# automatically created and destroyed as needed. +#auth_worker_max_count = 30 + +# Host name to use in GSSAPI principal names. The default is to use the +# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab +# entries. +#auth_gssapi_hostname = + +# Kerberos keytab to use for the GSSAPI mechanism. Will use the system +# default (usually /etc/krb5.keytab) if not specified. You may need to change +# the auth service to run as root to be able to read this file. +#auth_krb5_keytab = + +# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and +# ntlm_auth helper. +#auth_use_winbind = no + +# Path for Samba's ntlm_auth helper binary. +#auth_winbind_helper_path = /usr/bin/ntlm_auth + +# Time to delay before replying to failed authentications. +#auth_failure_delay = 2 secs + +# Require a valid SSL client certificate or the authentication fails. +#auth_ssl_require_client_cert = no + +# Take the username from client's SSL certificate, using +# X509_NAME_get_text_by_NID() which returns the subject's DN's +# CommonName. +#auth_ssl_username_from_cert = no + +# Space separated list of wanted authentication mechanisms: +# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp +# gss-spnego +# NOTE: See also disable_plaintext_auth setting. +auth_mechanisms = plain login + +## +## Password and user databases +## + +# +# Password database is used to verify user's password (and nothing more). +# You can have multiple passdbs and userdbs. This is useful if you want to +# allow both system users (/etc/passwd) and virtual users to login without +# duplicating the system users into virtual database. +# +# +# +# User database specifies where mails are located and what user/group IDs +# own them. For single-UID configuration use "static" userdb. +# +# + +#!include auth-deny.conf.ext +#!include auth-master.conf.ext + +#!include auth-system.conf.ext +#!include auth-sql.conf.ext +!include auth-ldap.conf.ext +#!include auth-passwdfile.conf.ext +#!include auth-checkpassword.conf.ext +#!include auth-static.conf.ext diff --git a/site-cookbooks/kosmos_email/templates/dovecot_10-mail.conf.erb b/site-cookbooks/kosmos_email/templates/dovecot_10-mail.conf.erb new file mode 100644 index 0000000..21c0ee2 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot_10-mail.conf.erb @@ -0,0 +1,386 @@ +## +## Mailbox locations and namespaces +## + +# Location for users' mailboxes. The default is empty, which means that Dovecot +# tries to find the mailboxes automatically. This won't work if the user +# doesn't yet have any mail, so you should explicitly tell Dovecot the full +# location. +# +# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u) +# isn't enough. You'll also need to tell Dovecot where the other mailboxes are +# kept. This is called the "root mail directory", and it must be the first +# path given in the mail_location setting. +# +# There are a few special variables you can use, eg.: +# +# %u - username +# %n - user part in user@domain, same as %u if there's no domain +# %d - domain part in user@domain, empty if there's no domain +# %h - home directory +# +# See doc/wiki/Variables.txt for full list. Some examples: +# +# mail_location = maildir:~/Maildir +# mail_location = mbox:~/mail:INBOX=/var/mail/%u +# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n +# +# +# +mail_location = <%= @mail_location %> + +mail_home = <%= @mail_home %> + +# If you need to set multiple mailbox locations or want to change default +# namespace settings, you can do it by defining namespace sections. +# +# You can have private, shared and public namespaces. Private namespaces +# are for user's personal mails. Shared namespaces are for accessing other +# users' mailboxes that have been shared. Public namespaces are for shared +# mailboxes that are managed by sysadmin. If you create any shared or public +# namespaces you'll typically want to enable ACL plugin also, otherwise all +# users can access all the shared mailboxes, assuming they have permissions +# on filesystem level to do so. +namespace inbox { +} + +# Example shared namespace configuration +#namespace { + #type = shared + #separator = / + + # Mailboxes are visible under "shared/user@domain/" + # %%n, %%d and %%u are expanded to the destination user. + #prefix = shared/%%u/ + + # Mail location for other users' mailboxes. Note that %variables and ~/ + # expands to the logged in user's data. %%n, %%d, %%u and %%h expand to the + # destination user's data. + #location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u + + # Use the default namespace for saving subscriptions. + #subscriptions = no + + # List the shared/ namespace only if there are visible shared mailboxes. + #list = children +#} +# Should shared INBOX be visible as "shared/user" or "shared/user/INBOX"? +#mail_shared_explicit_inbox = no + +# System user and group used to access mails. If you use multiple, userdb +# can override these by returning uid or gid fields. You can use either numbers +# or names. +mail_uid = <%= @mail_uid %> +mail_gid = <%= @mail_gid %> + +# Group to enable temporarily for privileged operations. Currently this is +# used only with INBOX when either its initial creation or dotlocking fails. +# Typically this is set to "mail" to give access to /var/mail. +mail_privileged_group = mail + +# Grant access to these supplementary groups for mail processes. Typically +# these are used to set up access to shared mailboxes. Note that it may be +# dangerous to set these if users can create symlinks (e.g. if "mail" group is +# set here, ln -s /var/mail ~/mail/var could allow a user to delete others' +# mailboxes, or ln -s /secret/shared/box ~/mail/mybox would allow reading it). +#mail_access_groups = + +# Allow full filesystem access to clients. There's no access checks other than +# what the operating system does for the active UID/GID. It works with both +# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/ +# or ~user/. +#mail_full_filesystem_access = no + +# Dictionary for key=value mailbox attributes. This is used for example by +# URLAUTH and METADATA extensions. +#mail_attribute_dict = + +# A comment or note that is associated with the server. This value is +# accessible for authenticated users through the IMAP METADATA server +# entry "/shared/comment". +#mail_server_comment = "" + +# Indicates a method for contacting the server administrator. According to +# RFC 5464, this value MUST be a URI (e.g., a mailto: or tel: URL), but that +# is currently not enforced. Use for example mailto:admin@example.com. This +# value is accessible for authenticated users through the IMAP METADATA server +# entry "/shared/admin". +#mail_server_admin = + +## +## Mail processes +## + +# Don't use mmap() at all. This is required if you store indexes to shared +# filesystems (NFS or clustered filesystem). +#mmap_disable = no + +# Rely on O_EXCL to work when creating dotlock files. NFS supports O_EXCL +# since version 3, so this should be safe to use nowadays by default. +#dotlock_use_excl = yes + +# When to use fsync() or fdatasync() calls: +# optimized (default): Whenever necessary to avoid losing important data +# always: Useful with e.g. NFS when write()s are delayed +# never: Never use it (best performance, but crashes can lose data) +#mail_fsync = optimized + +# Locking method for index files. Alternatives are fcntl, flock and dotlock. +# Dotlocking uses some tricks which may create more disk I/O than other locking +# methods. NFS users: flock doesn't work, remember to change mmap_disable. +#lock_method = fcntl + +# Directory where mails can be temporarily stored. Usually it's used only for +# mails larger than >= 128 kB. It's used by various parts of Dovecot, for +# example LDA/LMTP while delivering large mails or zlib plugin for keeping +# uncompressed mails. +#mail_temp_dir = /tmp + +# Valid UID range for users, defaults to 500 and above. This is mostly +# to make sure that users can't log in as daemons or other system users. +# Note that denying root logins is hardcoded to dovecot binary and can't +# be done even if first_valid_uid is set to 0. +#first_valid_uid = 500 +#last_valid_uid = 0 + +# Valid GID range for users, defaults to non-root/wheel. Users having +# non-valid GID as primary group ID aren't allowed to log in. If user +# belongs to supplementary groups with non-valid GIDs, those groups are +# not set. +#first_valid_gid = 1 +#last_valid_gid = 0 + +# Maximum allowed length for mail keyword name. It's only forced when trying +# to create new keywords. +#mail_max_keyword_length = 50 + +# ':' separated list of directories under which chrooting is allowed for mail +# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too). +# This setting doesn't affect login_chroot, mail_chroot or auth chroot +# settings. If this setting is empty, "/./" in home dirs are ignored. +# WARNING: Never add directories here which local users can modify, that +# may lead to root exploit. Usually this should be done only if you don't +# allow shell access for users. +#valid_chroot_dirs = + +# Default chroot directory for mail processes. This can be overridden for +# specific users in user database by giving /./ in user's home directory +# (eg. /home/./user chroots into /home). Note that usually there is no real +# need to do chrooting, Dovecot doesn't allow users to access files outside +# their mail directory anyway. If your home directories are prefixed with +# the chroot directory, append "/." to mail_chroot. +#mail_chroot = + +# UNIX socket path to master authentication server to find users. +# This is used by imap (for shared users) and lda. +#auth_socket_path = /var/run/dovecot/auth-userdb + +# Directory where to look up mail plugins. +#mail_plugin_dir = /usr/lib/dovecot/modules + +# Space separated list of plugins to load for all services. Plugins specific to +# IMAP, LDA, etc. are added to this list in their own .conf files. +#mail_plugins = + +## +## Mailbox handling optimizations +## + +# Mailbox list indexes can be used to optimize IMAP STATUS commands. They are +# also required for IMAP NOTIFY extension to be enabled. +#mailbox_list_index = yes + +# Trust mailbox list index to be up-to-date. This reduces disk I/O at the cost +# of potentially returning out-of-date results after e.g. server crashes. +# The results will be automatically fixed once the folders are opened. +#mailbox_list_index_very_dirty_syncs = yes + +# Should INBOX be kept up-to-date in the mailbox list index? By default it's +# not, because most of the mailbox accesses will open INBOX anyway. +#mailbox_list_index_include_inbox = no + +# The minimum number of mails in a mailbox before updates are done to cache +# file. This allows optimizing Dovecot's behavior to do less disk writes at +# the cost of more disk reads. +#mail_cache_min_mail_count = 0 + +# When IDLE command is running, mailbox is checked once in a while to see if +# there are any new mails or other changes. This setting defines the minimum +# time to wait between those checks. Dovecot can also use inotify and +# kqueue to find out immediately when changes occur. +#mailbox_idle_check_interval = 30 secs + +# Save mails with CR+LF instead of plain LF. This makes sending those mails +# take less CPU, especially with sendfile() syscall with Linux and FreeBSD. +# But it also creates a bit more disk I/O which may just make it slower. +# Also note that if other software reads the mboxes/maildirs, they may handle +# the extra CRs wrong and cause problems. +#mail_save_crlf = no + +# Max number of mails to keep open and prefetch to memory. This only works with +# some mailbox formats and/or operating systems. +#mail_prefetch_count = 0 + +# How often to scan for stale temporary files and delete them (0 = never). +# These should exist only after Dovecot dies in the middle of saving mails. +#mail_temp_scan_interval = 1w + +# How many slow mail accesses sorting can perform before it returns failure. +# With IMAP the reply is: NO [LIMIT] Requested sort would have taken too long. +# The untagged SORT reply is still returned, but it's likely not correct. +#mail_sort_max_read_count = 0 + +protocol !indexer-worker { + # If folder vsize calculation requires opening more than this many mails from + # disk (i.e. mail sizes aren't in cache already), return failure and finish + # the calculation via indexer process. Disabled by default. This setting must + # be 0 for indexer-worker processes. + #mail_vsize_bg_after_count = 0 +} + +## +## Maildir-specific settings +## + +# By default LIST command returns all entries in maildir beginning with a dot. +# Enabling this option makes Dovecot return only entries which are directories. +# This is done by stat()ing each entry, so it causes more disk I/O. +# (For systems setting struct dirent->d_type, this check is free and it's +# done always regardless of this setting) +#maildir_stat_dirs = no + +# When copying a message, do it with hard links whenever possible. This makes +# the performance much better, and it's unlikely to have any side effects. +#maildir_copy_with_hardlinks = yes + +# Assume Dovecot is the only MUA accessing Maildir: Scan cur/ directory only +# when its mtime changes unexpectedly or when we can't find the mail otherwise. +#maildir_very_dirty_syncs = no + +# If enabled, Dovecot doesn't use the S= in the Maildir filenames for +# getting the mail's physical size, except when recalculating Maildir++ quota. +# This can be useful in systems where a lot of the Maildir filenames have a +# broken size. The performance hit for enabling this is very small. +#maildir_broken_filename_sizes = no + +# Always move mails from new/ directory to cur/, even when the \Recent flags +# aren't being reset. +#maildir_empty_new = no + +## +## mbox-specific settings +## + +# Which locking methods to use for locking mbox. There are four available: +# dotlock: Create .lock file. This is the oldest and most NFS-safe +# solution. If you want to use /var/mail/ like directory, the users +# will need write access to that directory. +# dotlock_try: Same as dotlock, but if it fails because of permissions or +# because there isn't enough disk space, just skip it. +# fcntl : Use this if possible. Works with NFS too if lockd is used. +# flock : May not exist in all systems. Doesn't work with NFS. +# lockf : May not exist in all systems. Doesn't work with NFS. +# +# You can use multiple locking methods; if you do the order they're declared +# in is important to avoid deadlocks if other MTAs/MUAs are using multiple +# locking methods as well. Some operating systems don't allow using some of +# them simultaneously. +# +# The Debian value for mbox_write_locks differs from upstream Dovecot. It is +# changed to be compliant with Debian Policy (section 11.6) for NFS safety. +# Dovecot: mbox_write_locks = dotlock fcntl +# Debian: mbox_write_locks = fcntl dotlock +# +#mbox_read_locks = fcntl +#mbox_write_locks = fcntl dotlock + +# Maximum time to wait for lock (all of them) before aborting. +#mbox_lock_timeout = 5 mins + +# If dotlock exists but the mailbox isn't modified in any way, override the +# lock file after this much time. +#mbox_dotlock_change_timeout = 2 mins + +# When mbox changes unexpectedly we have to fully read it to find out what +# changed. If the mbox is large this can take a long time. Since the change +# is usually just a newly appended mail, it'd be faster to simply read the +# new mails. If this setting is enabled, Dovecot does this but still safely +# fallbacks to re-reading the whole mbox file whenever something in mbox isn't +# how it's expected to be. The only real downside to this setting is that if +# some other MUA changes message flags, Dovecot doesn't notice it immediately. +# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK +# commands. +#mbox_dirty_syncs = yes + +# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE, +# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored. +#mbox_very_dirty_syncs = no + +# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK +# commands and when closing the mailbox). This is especially useful for POP3 +# where clients often delete all mails. The downside is that our changes +# aren't immediately visible to other MUAs. +#mbox_lazy_writes = yes + +# If mbox size is smaller than this (e.g. 100k), don't write index files. +# If an index file already exists it's still read, just not updated. +#mbox_min_index_size = 0 + +# Mail header selection algorithm to use for MD5 POP3 UIDLs when +# pop3_uidl_format=%m. For backwards compatibility we use apop3d inspired +# algorithm, but it fails if the first Received: header isn't unique in all +# mails. An alternative algorithm is "all" that selects all headers. +#mbox_md5 = apop3d + +## +## mdbox-specific settings +## + +# Maximum dbox file size until it's rotated. +#mdbox_rotate_size = 10M + +# Maximum dbox file age until it's rotated. Typically in days. Day begins +# from midnight, so 1d = today, 2d = yesterday, etc. 0 = check disabled. +#mdbox_rotate_interval = 0 + +# When creating new mdbox files, immediately preallocate their size to +# mdbox_rotate_size. This setting currently works only in Linux with some +# filesystems (ext4, xfs). +#mdbox_preallocate_space = no + +## +## Mail attachments +## + +# sdbox and mdbox support saving mail attachments to external files, which +# also allows single instance storage for them. Other backends don't support +# this for now. + +# Directory root where to store mail attachments. Disabled, if empty. +#mail_attachment_dir = + +# Attachments smaller than this aren't saved externally. It's also possible to +# write a plugin to disable saving specific attachments externally. +#mail_attachment_min_size = 128k + +# Filesystem backend to use for saving attachments: +# posix : No SiS done by Dovecot (but this might help FS's own deduplication) +# sis posix : SiS with immediate byte-by-byte comparison during saving +# sis-queue posix : SiS with delayed comparison and deduplication +#mail_attachment_fs = sis posix + +# Hash format to use in attachment filenames. You can add any text and +# variables: %{md4}, %{md5}, %{sha1}, %{sha256}, %{sha512}, %{size}. +# Variables can be truncated, e.g. %{sha256:80} returns only first 80 bits +#mail_attachment_hash = %{sha1} + +# Settings to control adding $HasAttachment or $HasNoAttachment keywords. +# By default, all MIME parts with Content-Disposition=attachment, or inlines +# with filename parameter are consired attachments. +# add-flags - Add the keywords when saving new mails or when fetching can +# do it efficiently. +# content-type=type or !type - Include/exclude content type. Excluding will +# never consider the matched MIME part as attachment. Including will only +# negate an exclusion (e.g. content-type=!foo/* content-type=foo/bar). +# exclude-inlined - Exclude any Content-Disposition=inline MIME part. +#mail_attachment_detection_options = diff --git a/site-cookbooks/kosmos_email/templates/dovecot_10-master.conf.erb b/site-cookbooks/kosmos_email/templates/dovecot_10-master.conf.erb new file mode 100644 index 0000000..a55a9a6 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot_10-master.conf.erb @@ -0,0 +1,113 @@ +#default_process_limit = 100 +#default_client_limit = 1000 + +# Default VSZ (virtual memory size) limit for service processes. This is mainly +# intended to catch and kill processes that leak memory before they eat up +# everything. +#default_vsz_limit = 256M + +# Login user is internally used by login processes. This is the most untrusted +# user in Dovecot system. It shouldn't have access to anything at all. +#default_login_user = dovenull + +# Internal user is used by unprivileged processes. It should be separate from +# login user, so that login processes can't disturb other processes. +#default_internal_user = dovecot + +service imap-login { + inet_listener imap { + port = 143 + } + inet_listener imaps { + port = 993 + ssl = yes + } + inet_listener imap_haproxy { + port = 10143 + haproxy = yes + } + inet_listener imaps_haproxy { + port = 10993 + ssl = yes + haproxy = yes + } + + # Number of connections to handle before starting a new process. Typically + # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 + # is faster. + #service_count = 1 + + # Number of processes to always keep waiting for more connections. + #process_min_avail = 0 + + # If you set service_count=0, you probably need to grow this. + #vsz_limit = $default_vsz_limit +} + +service pop3-login { + inet_listener pop3 { + #port = 110 + } + inet_listener pop3s { + #port = 995 + #ssl = yes + } +} + +service submission-login { + inet_listener submission { + #port = 587 + } +} + +service lmtp { + unix_listener /var/spool/postfix/private/dovecot-lmtp { + mode = 0600 + user = postfix + group = postfix + } +} + +service imap { + # Most of the memory goes to mmap()ing files. You may need to increase this + # limit if you have huge mailboxes. + #vsz_limit = $default_vsz_limit + + # Max. number of IMAP processes (connections) + #process_limit = 1024 +} + +service pop3 { + # Max. number of POP3 processes (connections) + #process_limit = 1024 +} + +service submission { + # Max. number of SMTP Submission processes (connections) + #process_limit = 1024 +} + +service auth { + unix_listener /var/spool/postfix/private/auth { + mode = 0660 + user = postfix + group = postfix + } +} + +service auth-worker { + # Auth worker process is run as root by default, so that it can access + # /etc/shadow. If this isn't necessary, the user should be changed to + # $default_internal_user. + #user = root +} + +service dict { + # If dict proxy is used, mail processes should have access to its socket. + # For example: mode=0660, group=vmail and global mail_access_groups=vmail + unix_listener dict { + #mode = 0600 + #user = + #group = + } +} diff --git a/site-cookbooks/kosmos_email/templates/dovecot_10-ssl.conf.erb b/site-cookbooks/kosmos_email/templates/dovecot_10-ssl.conf.erb new file mode 100644 index 0000000..649a26a --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/dovecot_10-ssl.conf.erb @@ -0,0 +1,83 @@ +## +## SSL settings +## + +# SSL/TLS support: yes, no, required. +ssl = <%= @ssl %> + +# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before +# dropping root privileges, so keep the key file unreadable by anyone but +# root. Included doc/mkcert.sh can be used to easily generate self-signed +# certificate, just make sure to update the domains in dovecot-openssl.cnf +ssl_cert = <<%= @ssl_cert %> +ssl_key = <<%= @ssl_key %> + +# If key file is password protected, give the password here. Alternatively +# give it when starting dovecot with -p parameter. Since this file is often +# world-readable, you may want to place this setting instead to a different +# root owned 0600 file by using ssl_key_password = +Selector <%= @selector %> +#KeyFile /etc/dkimkeys/example.private + +# In Debian, opendkim runs as user "opendkim". A umask of 007 is required when +# using a local socket with MTAs that access the socket as a non-privileged +# user (for example, Postfix). You may need to add user "postfix" to group +# "opendkim" in that case. +UserID opendkim +UMask 007 + +# Socket for the MTA connection (required). If the MTA is inside a chroot jail, +# it must be ensured that the socket is accessible. In Debian, Postfix runs in +# a chroot in /var/spool/postfix, therefore a Unix socket would have to be +# configured as shown on the last line below. +Socket local:/run/opendkim/opendkim.sock +#Socket inet:8891@localhost +#Socket inet:8891 +#Socket local:/var/spool/postfix/opendkim/opendkim.sock + +PidFile /run/opendkim/opendkim.pid + +# Hosts for which to sign rather than verify, default is 127.0.0.1. See the +# OPERATION section of opendkim(8) for more information. +#InternalHosts 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12 + +KeyTable refile:/etc/opendkim/keytable +SigningTable refile:/etc/opendkim/signingtable + +# The trust anchor enables DNSSEC. In Debian, the trust anchor file is provided +# by the package dns-root-data. +TrustAnchorFile /usr/share/dns/root.key +#Nameservers 127.0.0.1 + +Socket <%= @socket %> diff --git a/site-cookbooks/kosmos_email/templates/opendkim_default.erb b/site-cookbooks/kosmos_email/templates/opendkim_default.erb new file mode 100644 index 0000000..08e9032 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/opendkim_default.erb @@ -0,0 +1,31 @@ +# NOTE: This is a legacy configuration file. It is not used by the opendkim +# systemd service. Please use the corresponding configuration parameters in +# /etc/opendkim.conf instead. +# +# Previously, one would edit the default settings here, and then execute +# /lib/opendkim/opendkim.service.generate to generate systemd override files at +# /etc/systemd/system/opendkim.service.d/override.conf and +# /etc/tmpfiles.d/opendkim.conf. While this is still possible, it is now +# recommended to adjust the settings directly in /etc/opendkim.conf. +# +#DAEMON_OPTS="" +# Change to /var/spool/postfix/run/opendkim to use a Unix socket with +# postfix in a chroot: +#RUNDIR=/var/spool/postfix/run/opendkim +RUNDIR=/run/opendkim +# +# Uncomment to specify an alternate socket +# Note that setting this will override any Socket value in opendkim.conf +# default: +#SOCKET=local:$RUNDIR/opendkim.sock +# listen on all interfaces on port 54321: +#SOCKET=inet:54321 +# listen on loopback on port 12345: +#SOCKET=inet:12345@localhost +# listen on 192.0.2.1 on port 12345: +#SOCKET=inet:12345@192.0.2.1 +SOCKET=<%= @socket %> +USER=opendkim +GROUP=opendkim +PIDFILE=$RUNDIR/$NAME.pid +EXTRAAFTER= diff --git a/site-cookbooks/kosmos_email/templates/opendkim_keytable.erb b/site-cookbooks/kosmos_email/templates/opendkim_keytable.erb new file mode 100644 index 0000000..9935194 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/opendkim_keytable.erb @@ -0,0 +1 @@ +<%= @selector %>._domainkey.<%= @domain %> <%= @domain %>:<%= @selector %>:/etc/opendkim/keys/<%= @domain %>/mail.private diff --git a/site-cookbooks/kosmos_email/templates/opendkim_signingtable.erb b/site-cookbooks/kosmos_email/templates/opendkim_signingtable.erb new file mode 100644 index 0000000..5f21353 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/opendkim_signingtable.erb @@ -0,0 +1 @@ +*@<%= @domain %> <%= @selector %>._domainkey.<%= @domain %> diff --git a/site-cookbooks/kosmos_email/templates/postfix_ldap-map.cf.erb b/site-cookbooks/kosmos_email/templates/postfix_ldap-map.cf.erb new file mode 100644 index 0000000..2711e0d --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/postfix_ldap-map.cf.erb @@ -0,0 +1,10 @@ +server_host = <%= @server_host %> +bind_dn = <%= @bind_dn %> +bind_pw = <%= @bind_pw %> + +search_base = <%= @search_base %> +query_filter = <%= @query_filter %> +result_attribute = <%= @result_attribute %> +<% if @result_format %> +result_format = <%= @result_format %> +<% end %> diff --git a/site-cookbooks/kosmos_email/templates/spamass-milter.erb b/site-cookbooks/kosmos_email/templates/spamass-milter.erb new file mode 100644 index 0000000..8922fb5 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/spamass-milter.erb @@ -0,0 +1,28 @@ +# spamass-milt startup defaults + +# OPTIONS are passed directly to spamass-milter. +# man spamass-milter for details + +# Non-standard configuration notes: +# See README.Debian if you use the -x option with sendmail +# You should not pass the -d option in OPTIONS; use SOCKET for that. + +# Default, use the spamass-milter user as the default user, ignore +# messages from localhost +OPTIONS="-u spamass-milter -i 127.0.0.1" + +# Reject emails with spamassassin scores > 15. +#OPTIONS="${OPTIONS} -r 15" + +# Do not modify Subject:, Content-Type: or body. +#OPTIONS="${OPTIONS} -m" + +###################################### +# If /usr/sbin/postfix is executable, the following are set by +# default. You can override them by uncommenting and changing them +# here. +###################################### +# SOCKET="/var/spool/postfix/spamass/spamass.sock" +# SOCKETOWNER="postfix:postfix" +# SOCKETMODE="0660" +###################################### diff --git a/site-cookbooks/kosmos_email/templates/spamassassin_default.erb b/site-cookbooks/kosmos_email/templates/spamassassin_default.erb new file mode 100644 index 0000000..624688a --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/spamassassin_default.erb @@ -0,0 +1,33 @@ +# /etc/default/spamassassin +# Duncan Findlay + +# WARNING: please read README.spamd before using. +# There may be security risks. + +# Prior to version 3.4.2-1, spamd could be enabled by setting +# ENABLED=1 in this file. This is no longer supported. Instead, please +# use the update-rc.d command, invoked for example as "update-rc.d +# spamassassin enable", to enable the spamd service. + +# Options +# See man spamd for possible options. The -d option is automatically added. + +# SpamAssassin uses a preforking model, so be careful! You need to +# make sure --max-children is not set to anything higher than 5, +# unless you know what you're doing. + +OPTIONS="<%= @options %>" + +# Pid file +# Where should spamd write its PID to file? If you use the -u or +# --username option above, this needs to be writable by that user. +# Otherwise, the init script will not be able to shut spamd down. +PIDFILE="/var/run/spamd.pid" + +# Set nice level of spamd +#NICE="--nicelevel 15" + +# Cronjob +# Set to anything but 0 to enable the cron job to automatically update +# spamassassin's rules on a nightly basis +CRON=0 diff --git a/site-cookbooks/kosmos_email/templates/spamassassin_local.cf.erb b/site-cookbooks/kosmos_email/templates/spamassassin_local.cf.erb new file mode 100644 index 0000000..c196054 --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/spamassassin_local.cf.erb @@ -0,0 +1,119 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +dns_available yes +dns_server 127.0.0.1 + +whitelist_auth <%= @whitelist_auth %> + +# A 'contact address' users should contact for more info. (replaces +# _CONTACTADDRESS_ in the report template) +report_contact <%= @report_contact %> + + +# Add *****SPAM***** to the Subject header of spam e-mails +# +# rewrite_header Subject *****SPAM***** + + +# Save spam messages as a message/rfc822 MIME attachment instead of +# modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 + + +# Set which networks or hosts are considered 'trusted' by your mail +# server (i.e. not spammers) +# +# trusted_networks 212.17.35. + + +# Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock + + +# Set the threshold at which a message is considered spam (default: 5.0) +# +# required_score 5.0 + + +# Use Bayesian classifier (default: 1) +# +# use_bayes 1 + + +# Bayesian classifier auto-learning (default: 1) +# +# bayes_auto_learn 1 + + +# Set headers which may provide inappropriate cues to the Bayesian +# classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +# Whether to decode non- UTF-8 and non-ASCII textual parts and recode +# them to UTF-8 before the text is given over to rules processing. +# +# normalize_charset 1 + +# Textual body scan limit (default: 50000) +# +# Amount of data per email text/* mimepart, that will be run through body +# rules. This enables safer and faster scanning of large messages, +# perhaps having very large textual attachments. There should be no need +# to change this well tested default. +# +# body_part_scan_size 50000 + +# Textual rawbody data scan limit (default: 500000) +# +# Amount of data per email text/* mimepart, that will be run through +# rawbody rules. +# +# rawbody_part_scan_size 500000 + +# Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +# default: strongly-whitelisted mails are *really* whitelisted now, if the +# shortcircuiting plugin is active, causing early exit to save CPU load. +# Uncomment to turn this on +# +# SpamAssassin tries hard not to launch DNS queries before priority -100. +# If you want to shortcircuit without launching unneeded queries, make +# sure such rule priority is below -100. These examples are already: +# +# shortcircuit USER_IN_WHITELIST on +# shortcircuit USER_IN_DEF_WHITELIST on +# shortcircuit USER_IN_ALL_SPAM_TO on +# shortcircuit SUBJECT_IN_WHITELIST on + +# the opposite; blacklisted mails can also save CPU +# +# shortcircuit USER_IN_BLACKLIST on +# shortcircuit USER_IN_BLACKLIST_TO on +# shortcircuit SUBJECT_IN_BLACKLIST on + +# if you have taken the time to correctly specify your "trusted_networks", +# this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED on + +# and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99 spam +# shortcircuit BAYES_00 ham + +endif # Mail::SpamAssassin::Plugin::Shortcircuit diff --git a/site-cookbooks/kosmos_email/templates/virtual-aliases.erb b/site-cookbooks/kosmos_email/templates/virtual-aliases.erb new file mode 100644 index 0000000..8aa699b --- /dev/null +++ b/site-cookbooks/kosmos_email/templates/virtual-aliases.erb @@ -0,0 +1,3 @@ +<% @aliases.each do |k, v| %> +<%= "#{k}\t#{v}" %> +<% end %> diff --git a/site-cookbooks/kosmos_email/test/integration/default/default_test.rb b/site-cookbooks/kosmos_email/test/integration/default/default_test.rb new file mode 100644 index 0000000..cd23e4f --- /dev/null +++ b/site-cookbooks/kosmos_email/test/integration/default/default_test.rb @@ -0,0 +1,16 @@ +# Chef InSpec test for recipe kosmos_email::default + +# The Chef InSpec reference, with examples and extensive documentation, can be +# found at https://docs.chef.io/inspec/resources/ + +describe package('postfix') do + it { should be_installed } +end + +# describe package('dovecot-core') do +# it { should be_installed } +# end + +describe port(25) do + it { should be_listening } +end diff --git a/site-cookbooks/kosmos_garage/recipes/nginx_web.rb b/site-cookbooks/kosmos_garage/recipes/nginx_web.rb index 27919e3..f7a6823 100644 --- a/site-cookbooks/kosmos_garage/recipes/nginx_web.rb +++ b/site-cookbooks/kosmos_garage/recipes/nginx_web.rb @@ -3,6 +3,8 @@ # Recipe:: nginx_web # +gandi_api_credentials = data_bag_item('credentials', 'gandi_api') + file "#{node['openresty']['dir']}/conf.d/garage.conf" do content <<-EOF upstream garage_web { @@ -40,8 +42,12 @@ end # node['garage']['s3_web_domains'].each do |domain_name| + second_level_domain = domain_name.match(/(?:.*\.)?([^.]+\.[^.]+)$/) { $1 } + proxy_validation = !gandi_api_credentials["domains"].include?(second_level_domain) + tls_cert_for domain_name do auth "gandi_dns" + acme_domain "letsencrypt.kosmos.org" if proxy_validation action :create end diff --git a/site-cookbooks/kosmos_gitea/attributes/default.rb b/site-cookbooks/kosmos_gitea/attributes/default.rb index bfc5865..73292e4 100644 --- a/site-cookbooks/kosmos_gitea/attributes/default.rb +++ b/site-cookbooks/kosmos_gitea/attributes/default.rb @@ -1,7 +1,5 @@ -gitea_version = "1.20.5" -node.default["gitea"]["version"] = gitea_version -node.default["gitea"]["binary_url"] = "https://dl.gitea.io/gitea/#{gitea_version}/gitea-#{gitea_version}-linux-amd64" -node.default["gitea"]["binary_checksum"] = "ae8d21f36098a62272fcfa67ecbb567d0ba6cf5aecaaab29a6b98a407d435bdf" +node.default["gitea"]["version"] = "1.22.0" +node.default["gitea"]["checksum"] = "a31086f073cb9592d28611394b2de3655db515d961e4fdcf5b549cb40753ef3d" node.default["gitea"]["working_directory"] = "/var/lib/gitea" node.default["gitea"]["port"] = 3000 node.default["gitea"]["postgresql_host"] = "localhost:5432" @@ -16,5 +14,5 @@ node.default["gitea"]["config"] = { } } -node.default["gitea"]["act_runner"]["download_url"] = "https://dl.gitea.com/act_runner/main/act_runner-main-linux-amd64" -node.default["gitea"]["act_runner"]["checksum"] = "577ec7c64e7458b1e97cbe61d02da1ba1f4ddf24281b175f24f65101e72c000c" +node.default["gitea"]["act_runner"]["version"] = "0.2.6" +node.default["gitea"]["act_runner"]["checksum"] = "234c2bdb871e7b0bfb84697f353395bfc7819faf9f0c0443845868b64a041057" diff --git a/site-cookbooks/kosmos_gitea/recipes/act_runner.rb b/site-cookbooks/kosmos_gitea/recipes/act_runner.rb index e34382e..0d8725c 100644 --- a/site-cookbooks/kosmos_gitea/recipes/act_runner.rb +++ b/site-cookbooks/kosmos_gitea/recipes/act_runner.rb @@ -3,6 +3,8 @@ # Recipe:: act_runner # +version = node["gitea"]["act_runner"]["version"] +download_url = "https://dl.gitea.com/act_runner/#{version}/act_runner-#{version}-linux-amd64" working_directory = node["gitea"]["working_directory"] gitea_credentials = data_bag_item("credentials", "gitea") runners = gitea_credentials["runners"] @@ -24,7 +26,7 @@ end end remote_file "/usr/local/bin/act_runner" do - source node["gitea"]["act_runner"]["download_url"] + source download_url checksum node["gitea"]["act_runner"]["checksum"] mode "0750" end @@ -66,6 +68,7 @@ act_runner register \ WorkingDirectory: runner_dir, Environment: "HOME=/root", ExecStart: "/usr/local/bin/act_runner daemon", + ExecStartPre: "/bin/sleep 3", # Wait for Gitea's API to be up when restarting at the same time Restart: "always", }, Install: { diff --git a/site-cookbooks/kosmos_gitea/recipes/default.rb b/site-cookbooks/kosmos_gitea/recipes/default.rb index b9009f5..afae849 100644 --- a/site-cookbooks/kosmos_gitea/recipes/default.rb +++ b/site-cookbooks/kosmos_gitea/recipes/default.rb @@ -3,6 +3,8 @@ # Recipe:: default # +version = node["gitea"]["version"] +download_url = "https://dl.gitea.io/gitea/#{version}/gitea-#{version}-linux-amd64" working_directory = node["gitea"]["working_directory"] git_home_directory = "/home/git" repository_root_directory = "#{git_home_directory}/gitea-repositories" @@ -107,8 +109,8 @@ template "#{config_directory}/app.ini" do end remote_file gitea_binary_path do - source node['gitea']['binary_url'] - checksum node['gitea']['binary_checksum'] + source download_url + checksum node['gitea']['checksum'] mode "0755" notifies :restart, "service[gitea]", :delayed end diff --git a/site-cookbooks/kosmos_gitea/templates/default/app.ini.erb b/site-cookbooks/kosmos_gitea/templates/default/app.ini.erb index e676409..5c79bba 100644 --- a/site-cookbooks/kosmos_gitea/templates/default/app.ini.erb +++ b/site-cookbooks/kosmos_gitea/templates/default/app.ini.erb @@ -112,3 +112,7 @@ MINIO_USE_SSL=<%= c["use_ssl"] %> [actions] ENABLED = true <% end %> + +[other] +SHOW_FOOTER_VERSION = false +SHOW_FOOTER_TEMPLATE_LOAD_TIME = false diff --git a/site-cookbooks/kosmos_kvm/attributes/default.rb b/site-cookbooks/kosmos_kvm/attributes/default.rb index 6dc8c18..63ae50a 100644 --- a/site-cookbooks/kosmos_kvm/attributes/default.rb +++ b/site-cookbooks/kosmos_kvm/attributes/default.rb @@ -7,6 +7,6 @@ node.default["kosmos_kvm"]["host"]["qemu_base_image"] = { } # A systemd.timer OnCalendar config value -node.default["kosmos_kvm"]["backup"]["schedule"] = "daily" +node.default["kosmos_kvm"]["backup"]["schedule"] = "0/3:00" # Node/VM names excluded from backups node.default["kosmos_kvm"]["backup"]["nodes_excluded"] = [] diff --git a/site-cookbooks/kosmos_kvm/files/backup_vm.sh b/site-cookbooks/kosmos_kvm/files/backup_vm.sh index 3cf7a39..5b6fe07 100644 --- a/site-cookbooks/kosmos_kvm/files/backup_vm.sh +++ b/site-cookbooks/kosmos_kvm/files/backup_vm.sh @@ -22,8 +22,5 @@ borg create -v $REPOSITORY::$1_$(date +%F_%H-%M) \ /var/lib/libvirt/images/$1.qcow2 \ /root/backups/vm_meta/$1.xml -echo "Pivoting base image back to original" -virsh blockcommit $1 vda --pivot --base=/var/lib/libvirt/images/$1.qcow2 - -echo "Removing snapshot image" -rm /var/lib/libvirt/images/$1.hotswap.qcow2 +echo "Pivoting base image back to original, and removing the snapshot image" +virsh blockcommit $1 vda --pivot --base=/var/lib/libvirt/images/$1.qcow2 && rm /var/lib/libvirt/images/$1.hotswap.qcow2 diff --git a/site-cookbooks/kosmos_kvm/recipes/backup.rb b/site-cookbooks/kosmos_kvm/recipes/backup.rb index e2da98a..09b6e9a 100644 --- a/site-cookbooks/kosmos_kvm/recipes/backup.rb +++ b/site-cookbooks/kosmos_kvm/recipes/backup.rb @@ -7,6 +7,14 @@ apt_package "borgbackup" borg_credentials = data_bag_item("credentials", "borg") +if borg_credentials["nodes"].keys.include?(node.name) + passphrase = borg_credentials["nodes"][node.name]["passphrase"] + repository = borg_credentials["nodes"][node.name]["repository"] +else + passphrase = borg_credentials["passphrase"] + repository = borg_credentials["repository"] +end + file "/root/.ssh/borg_rsa" do content borg_credentials["ssh_key"] mode '0600' @@ -15,8 +23,8 @@ end file "/root/.borg_credentials.env" do content <<-EOF BORG_RSH='ssh -i /root/.ssh/borg_rsa' -BORG_PASSPHRASE=#{borg_credentials["passphrase"]} -BORG_REPO='#{borg_credentials["repository"]}' +BORG_PASSPHRASE=#{passphrase} +BORG_REPO='#{repository}' EOF end @@ -54,7 +62,7 @@ end vm_domains = search(:node, "role:kvm_guest").map{|n| n["hostname"] } \ & `virsh list --name`.strip.chomp.split("\n") -vm_domains.reject! { |d| node["kosmos_kvm"]["backup"]["nodes_excluded"].include?(d) } +vm_domains.reject! { |d| node["kosmos_kvm"]["backup"]["nodes_excluded"].any?{ |n| d.match?(/^#{n}/) } } template "/root/backups/backup_all_vms.sh" do source "backup_all_vms.sh.erb" diff --git a/site-cookbooks/kosmos_liquor-cabinet/.gitignore b/site-cookbooks/kosmos_liquor-cabinet/.gitignore new file mode 100644 index 0000000..f1e57b8 --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/.gitignore @@ -0,0 +1,25 @@ +.vagrant +*~ +*# +.#* +\#*# +.*.sw[a-z] +*.un~ + +# Bundler +Gemfile.lock +gems.locked +bin/* +.bundle/* + +# test kitchen +.kitchen/ +kitchen.local.yml + +# Chef Infra +Berksfile.lock +.zero-knife.rb +Policyfile.lock.json + +.idea/ + diff --git a/site-cookbooks/kosmos_liquor-cabinet/CHANGELOG.md b/site-cookbooks/kosmos_liquor-cabinet/CHANGELOG.md new file mode 100644 index 0000000..bc1846e --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/CHANGELOG.md @@ -0,0 +1,7 @@ +# kosmos_liquor-cabinet CHANGELOG + +This file is used to list changes made in each version of the kosmos_liquor-cabinet cookbook. + +## 0.1.0 + +Initial release. diff --git a/site-cookbooks/kosmos_liquor-cabinet/LICENSE b/site-cookbooks/kosmos_liquor-cabinet/LICENSE new file mode 100644 index 0000000..a00749b --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2024 Kosmos Developers + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/site-cookbooks/kosmos_liquor-cabinet/README.md b/site-cookbooks/kosmos_liquor-cabinet/README.md new file mode 100644 index 0000000..5c0b08f --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/README.md @@ -0,0 +1,7 @@ +# kosmos_liquor-cabinet + +Installs/configures the [Liquor Cabinet][1] [remoteStorage][2] API server and +reverse proxy. + +[1]: https://gitea.kosmos.org/5apps/liquor-cabinet +[2]: https://remotestorage.io diff --git a/site-cookbooks/kosmos_liquor-cabinet/attributes/default.rb b/site-cookbooks/kosmos_liquor-cabinet/attributes/default.rb new file mode 100644 index 0000000..6c4b547 --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/attributes/default.rb @@ -0,0 +1,4 @@ +node.default['liquor-cabinet']['app_server_role'] = 'liquor_cabinet' +node.default['liquor-cabinet']['max_upload_size'] = 100 # MB +node.default['liquor-cabinet']['server_name'] = 'storage.example.com' +node.default['liquor-cabinet']['root_redirect_url'] = 'https://example.com/storage' diff --git a/site-cookbooks/kosmos_liquor-cabinet/chefignore b/site-cookbooks/kosmos_liquor-cabinet/chefignore new file mode 100644 index 0000000..cc170ea --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen.yml* +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/site-cookbooks/kosmos_liquor-cabinet/kitchen.yml b/site-cookbooks/kosmos_liquor-cabinet/kitchen.yml new file mode 100644 index 0000000..bd2abe1 --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/kitchen.yml @@ -0,0 +1,37 @@ +--- +driver: + name: dokken + privileged: true # allows systemd services to start + +provisioner: + name: dokken + +transport: + name: dokken + +verifier: + name: inspec + +platforms: + # @see https://github.com/chef-cookbooks/testing_examples/blob/main/kitchen.dokken.yml + # @see https://hub.docker.com/u/dokken + - name: ubuntu-20.04 + driver: + image: dokken/ubuntu-20.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: centos-8 + driver: + image: dokken/centos-8 + pid_one_command: /usr/lib/systemd/systemd + +suites: + - name: default + run_list: + - recipe[kosmos_liquor-cabinet::default] + verifier: + inspec_tests: + - test/integration/default + attributes: diff --git a/site-cookbooks/kosmos_liquor-cabinet/metadata.rb b/site-cookbooks/kosmos_liquor-cabinet/metadata.rb new file mode 100644 index 0000000..1ab8e56 --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/metadata.rb @@ -0,0 +1,12 @@ +name 'kosmos_liquor-cabinet' +maintainer 'Kosmos Developers' +maintainer_email 'ops@kosmos.org' +license 'MIT' +description 'Installs/configures Liquor Cabinet API and reverse proxy' +version '0.1.0' +chef_version '>= 18.2' +issues_url 'https://gitea.kosmos.org/kosmos/chef/issues' +# source_url 'https://gitea.kosmos.org/kosmos/chef' + +depends 'liquor_cabinet' +depends 'kosmos_openresty' diff --git a/site-cookbooks/kosmos_liquor-cabinet/recipes/default.rb b/site-cookbooks/kosmos_liquor-cabinet/recipes/default.rb new file mode 100644 index 0000000..1e6d8f8 --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/recipes/default.rb @@ -0,0 +1,6 @@ +# +# Cookbook:: kosmos_liquor-cabinet +# Recipe:: default +# + +include_recipe 'liquor_cabinet' diff --git a/site-cookbooks/kosmos_liquor-cabinet/recipes/nginx.rb b/site-cookbooks/kosmos_liquor-cabinet/recipes/nginx.rb new file mode 100644 index 0000000..e3c1b6b --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/recipes/nginx.rb @@ -0,0 +1,30 @@ +# +# Cookbook:: kosmos_liquor-cabinet +# Recipe:: nginx +# + +app_name = node['liquor-cabinet']['app_name'] +domain = node[app_name]['domain'] + +tls_cert_for domain do + auth "gandi_dns" + action :create +end + +upstream_hosts = [] +search(:node, "role:#{node[app_name]['app_server_role']}").each do |node| + upstream_hosts << node["knife_zero"]["host"] +end +upstream_hosts.push("localhost") if upstream_hosts.empty? + +openresty_site domain do + template "nginx_conf_liquor-cabinet.erb" + variables app_name: app_name, + server_name: domain, + root_redirect_url: node[app_name]['root_redirect_url'], + max_upload_size: node['liquor-cabinet']['max_upload_size'], + upstream_hosts: upstream_hosts, + upstream_port: node[app_name]['rainbows']['port'], + ssl_cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem", + ssl_key: "/etc/letsencrypt/live/#{domain}/privkey.pem" +end diff --git a/site-cookbooks/kosmos_liquor-cabinet/templates/nginx_conf_liquor-cabinet.erb b/site-cookbooks/kosmos_liquor-cabinet/templates/nginx_conf_liquor-cabinet.erb new file mode 100644 index 0000000..fb4602e --- /dev/null +++ b/site-cookbooks/kosmos_liquor-cabinet/templates/nginx_conf_liquor-cabinet.erb @@ -0,0 +1,79 @@ +# +# Generated by Chef +# +upstream _<%= @app_name %> { +<% @upstream_hosts.each do |host| -%> + server <%= host %>:<%= @upstream_port %>; +<% end -%> +} + +# TODO use cookbook attribute when enabling +# variables_hash_max_size 2048; + +server { + listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>80; + listen [::]:80; + server_name <%= @server_name %>; + # Redirect to https + location / { + return 301 https://<%= @server_name %>$request_uri; + } +} + +server { + listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2; + listen [::]:443 ssl http2; + server_name <%= @server_name %>; + + access_log <%= node[:nginx][:log_dir] %>/<%= @app_name %>.access.log; # TODO json_liquor_cabinet; + error_log <%= node[:nginx][:log_dir] %>/<%= @app_name %>.error.log warn; + + add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"; + + # TODO + # log_by_lua_file "<%= @log_by_lua_file %>"; + + # We need strong ETags, disable compression + gzip off; + # brotli off; + # pagespeed off; + + # Set a large maximum upload size + client_max_body_size <%= @max_upload_size %>m; + + # TODO + # Use rate limiting (the zone is defined in + # /etc/nginx/conf.d/rate_limiting.conf) + # limit_req zone=per_ip burst=5000; + + location = / { + return 301 <%= @root_redirect_url %>; + } + + location / { + try_files $uri @proxy; + } + + location @proxy { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Host $http_host; + + proxy_redirect off; + + proxy_buffering on; + # Increase number of buffers. Default is 8 + proxy_buffers 1024 8k; + + # Needed for big uploads + proxy_read_timeout 180s; + proxy_send_timeout 180s; + + proxy_pass http://_<%= @app_name %>; + + proxy_next_upstream error timeout http_502 http_500; + } + + ssl_certificate <%= @ssl_cert %>; + ssl_certificate_key <%= @ssl_key %>; +} diff --git a/site-cookbooks/kosmos_redis/recipes/backup.rb b/site-cookbooks/kosmos_redis/recipes/backup.rb new file mode 100644 index 0000000..44041f6 --- /dev/null +++ b/site-cookbooks/kosmos_redis/recipes/backup.rb @@ -0,0 +1,11 @@ +# +# Cookbook Name:: kosmos_redis +# Recipe:: backup +# + +databases = node['redisio']['servers'].map do |server, _| + "dump-#{server['port']}" +end +node.override["backup"]["redis"]["databases"] = databases + +include_recipe "backup" diff --git a/site-cookbooks/kosmos_redis/recipes/default.rb b/site-cookbooks/kosmos_redis/recipes/default.rb index 7153aca..dfc0031 100644 --- a/site-cookbooks/kosmos_redis/recipes/default.rb +++ b/site-cookbooks/kosmos_redis/recipes/default.rb @@ -3,16 +3,10 @@ # Recipe:: default # +node.normal['redisio']['servers'] = [{ + 'port' => '6379', + 'protected_mode' => 'no' +}] + include_recipe 'redisio::default' include_recipe 'redisio::enable' - -unless node.chef_environment == "development" - include_recipe "kosmos_redis::firewall" - - # Backup the databases to S3 - databases = node['redisio']['servers'].map do |server, _| - "dump-#{server['port']}" - end - node.override["backup"]["redis"]["databases"] = databases - include_recipe "backup" -end diff --git a/site-cookbooks/kosmos_redis/recipes/replica.rb b/site-cookbooks/kosmos_redis/recipes/replica.rb new file mode 100644 index 0000000..d968c7b --- /dev/null +++ b/site-cookbooks/kosmos_redis/recipes/replica.rb @@ -0,0 +1,19 @@ +# +# Cookbook Name:: kosmos_redis +# Recipe:: replica +# + +primary_host = search(:node, 'role:redis_server').first['knife_zero']['host'] rescue nil + +if primary_host.nil? + Chef::Log.warn("No node found with 'redis_server' role. Stopping here.") + return +end + +node.normal['redisio']['servers'] = [{ + 'port' => '6379', + 'replicaof' => { 'address' => primary_host, 'port' => '6379' } +}] + +include_recipe 'redisio::default' +include_recipe 'redisio::enable' diff --git a/site-cookbooks/kosmos_website/templates/nginx_conf_website.erb b/site-cookbooks/kosmos_website/templates/nginx_conf_website.erb index 3432221..5ae24c1 100644 --- a/site-cookbooks/kosmos_website/templates/nginx_conf_website.erb +++ b/site-cookbooks/kosmos_website/templates/nginx_conf_website.erb @@ -18,15 +18,8 @@ server { ssl_certificate <%= @ssl_cert %>; ssl_certificate_key <%= @ssl_key %>; - location /.well-known/lnurlp/ { + location ~ ^/.well-known/(webfinger|nostr|lnurlp|keysend) { proxy_ssl_server_name on; - rewrite /.well-known/lnurlp/([^/]+) /lnurlpay/$1@kosmos.org break; - proxy_pass https://accounts.kosmos.org; - } - - location /.well-known/keysend/ { - proxy_ssl_server_name on; - rewrite /.well-known/keysend/([^/]+) /keysend/$1@kosmos.org break; proxy_pass https://accounts.kosmos.org; } } diff --git a/site-cookbooks/liquor_cabinet/.gitignore b/site-cookbooks/liquor_cabinet/.gitignore new file mode 100644 index 0000000..f1e57b8 --- /dev/null +++ b/site-cookbooks/liquor_cabinet/.gitignore @@ -0,0 +1,25 @@ +.vagrant +*~ +*# +.#* +\#*# +.*.sw[a-z] +*.un~ + +# Bundler +Gemfile.lock +gems.locked +bin/* +.bundle/* + +# test kitchen +.kitchen/ +kitchen.local.yml + +# Chef Infra +Berksfile.lock +.zero-knife.rb +Policyfile.lock.json + +.idea/ + diff --git a/site-cookbooks/liquor_cabinet/CHANGELOG.md b/site-cookbooks/liquor_cabinet/CHANGELOG.md new file mode 100644 index 0000000..feaf621 --- /dev/null +++ b/site-cookbooks/liquor_cabinet/CHANGELOG.md @@ -0,0 +1,7 @@ +# liquor_cabinet CHANGELOG + +This file is used to list changes made in each version of the liquor_cabinet cookbook. + +## 0.1.0 + +Initial release. diff --git a/site-cookbooks/liquor_cabinet/LICENSE b/site-cookbooks/liquor_cabinet/LICENSE new file mode 100644 index 0000000..a00749b --- /dev/null +++ b/site-cookbooks/liquor_cabinet/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2024 Kosmos Developers + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/site-cookbooks/liquor_cabinet/README.md b/site-cookbooks/liquor_cabinet/README.md new file mode 100644 index 0000000..1f7bc27 --- /dev/null +++ b/site-cookbooks/liquor_cabinet/README.md @@ -0,0 +1,6 @@ +# liquor_cabinet + +Installs/configures the [Liquor Cabinet][1] [remoteStorage][2] API server. + +[1]: https://gitea.kosmos.org/5apps/liquor-cabinet +[2]: https://remotestorage.io diff --git a/site-cookbooks/liquor_cabinet/attributes/default.rb b/site-cookbooks/liquor_cabinet/attributes/default.rb new file mode 100644 index 0000000..467aebb --- /dev/null +++ b/site-cookbooks/liquor_cabinet/attributes/default.rb @@ -0,0 +1,28 @@ +node.default['liquor-cabinet']['app_name'] = "liquor-cabinet" +node.default['liquor-cabinet']['user'] = "deploy" +node.default['liquor-cabinet']['group'] = "deploy" +node.default['liquor-cabinet']['repo'] = 'https://gitea.kosmos.org/5apps/liquor-cabinet.git' +node.default['liquor-cabinet']['revision'] = 'master' +node.default['liquor-cabinet']['deploy_path'] = "/opt/#{node['liquor-cabinet']['app_name']}" +node.default['liquor-cabinet']['redis_server_role'] = 'redis_server' +node.default['liquor-cabinet']['redis_port'] = 6379 +node.default['liquor-cabinet']['redis_db'] = 1 +node.default['liquor-cabinet']['s3_endpoint'] = nil +node.default['liquor-cabinet']['s3_region'] = nil +node.default['liquor-cabinet']['s3_bucket'] = nil +node.default['liquor-cabinet']['ufw_source_allowed'] = nil +node.default['liquor-cabinet']['maintenance_mode_enabled'] = false +node.default['liquor-cabinet']['ruby']['version'] = "3.1.4" +node.default['liquor-cabinet']['rainbows'] = { + 'port' => 3000, + 'preload_app' => true, + 'timeout' => 60, + 'worker_processes' => node['cpu']['total'], + 'worker_connections' => 100, + 'client_header_buffer_size' => 1024, + 'client_max_body_size' => 104857600, + 'client_max_header_size' => 114688, + 'copy_stream' => 'IO', + 'keepalive_requests' => 100, + 'keepalive_timeout' => 5 +} diff --git a/site-cookbooks/liquor_cabinet/chefignore b/site-cookbooks/liquor_cabinet/chefignore new file mode 100644 index 0000000..cc170ea --- /dev/null +++ b/site-cookbooks/liquor_cabinet/chefignore @@ -0,0 +1,115 @@ +# Put files/directories that should be ignored in this file when uploading +# to a Chef Infra Server or Supermarket. +# Lines that start with '# ' are comments. + +# OS generated files # +###################### +.DS_Store +ehthumbs.db +Icon? +nohup.out +Thumbs.db +.envrc + +# EDITORS # +########### +.#* +.project +.settings +*_flymake +*_flymake.* +*.bak +*.sw[a-z] +*.tmproj +*~ +\#* +REVISION +TAGS* +tmtags +.vscode +.editorconfig + +## COMPILED ## +############## +*.class +*.com +*.dll +*.exe +*.o +*.pyc +*.so +*/rdoc/ +a.out +mkmf.log + +# Testing # +########### +.circleci/* +.codeclimate.yml +.delivery/* +.foodcritic +.kitchen* +.mdlrc +.overcommit.yml +.rspec +.rubocop.yml +.travis.yml +.watchr +.yamllint +azure-pipelines.yml +Dangerfile +examples/* +features/* +Guardfile +kitchen.yml* +mlc_config.json +Procfile +Rakefile +spec/* +test/* + +# SCM # +####### +.git +.gitattributes +.gitconfig +.github/* +.gitignore +.gitkeep +.gitmodules +.svn +*/.bzr/* +*/.git +*/.hg/* +*/.svn/* + +# Berkshelf # +############# +Berksfile +Berksfile.lock +cookbooks/* +tmp + +# Bundler # +########### +vendor/* +Gemfile +Gemfile.lock + +# Policyfile # +############## +Policyfile.rb +Policyfile.lock.json + +# Documentation # +############# +CODE_OF_CONDUCT* +CONTRIBUTING* +documentation/* +TESTING* +UPGRADING* + +# Vagrant # +########### +.vagrant +Vagrantfile diff --git a/site-cookbooks/liquor_cabinet/kitchen.yml b/site-cookbooks/liquor_cabinet/kitchen.yml new file mode 100644 index 0000000..e309743 --- /dev/null +++ b/site-cookbooks/liquor_cabinet/kitchen.yml @@ -0,0 +1,37 @@ +--- +driver: + name: dokken + privileged: true # allows systemd services to start + +provisioner: + name: dokken + +transport: + name: dokken + +verifier: + name: inspec + +platforms: + # @see https://github.com/chef-cookbooks/testing_examples/blob/main/kitchen.dokken.yml + # @see https://hub.docker.com/u/dokken + - name: ubuntu-20.04 + driver: + image: dokken/ubuntu-20.04 + pid_one_command: /bin/systemd + intermediate_instructions: + - RUN /usr/bin/apt-get update + + - name: centos-8 + driver: + image: dokken/centos-8 + pid_one_command: /usr/lib/systemd/systemd + +suites: + - name: default + run_list: + - recipe[liquor_cabinet::default] + verifier: + inspec_tests: + - test/integration/default + attributes: diff --git a/site-cookbooks/liquor_cabinet/metadata.rb b/site-cookbooks/liquor_cabinet/metadata.rb new file mode 100644 index 0000000..bd24a4c --- /dev/null +++ b/site-cookbooks/liquor_cabinet/metadata.rb @@ -0,0 +1,12 @@ +name 'liquor_cabinet' +maintainer 'Kosmos Developers' +maintainer_email 'ops@kosmos.org' +license 'MIT' +description 'Installs/configures the Liquor Cabinet remoteStorage API server' +version '0.1.0' +chef_version '>= 18.2' +issues_url 'https://gitea.kosmos.org/kosmos/chef/issues' +# source_url 'https://gitea.kosmos.org/kosmos/chef' + +depends 'firewall' +depends "ruby_build" diff --git a/site-cookbooks/liquor_cabinet/recipes/default.rb b/site-cookbooks/liquor_cabinet/recipes/default.rb new file mode 100644 index 0000000..39687cd --- /dev/null +++ b/site-cookbooks/liquor_cabinet/recipes/default.rb @@ -0,0 +1,139 @@ +# +# Cookbook:: liquor_cabinet +# Recipe:: default +# + +app_name = node['liquor-cabinet']['app_name'] +deploy_user = node[app_name]['user'] +deploy_group = node[app_name]['group'] +deploy_path = node[app_name]['deploy_path'] +credentials = Chef::EncryptedDataBagItem.load('credentials', app_name) + +ruby_version = node[app_name]['ruby']['version'] +ruby_path = "/opt/ruby_build/builds/#{ruby_version}" +bundle_path = "#{ruby_path}/bin/bundle" +rack_env = node.chef_environment == "production" ? "production" : "development" + +ruby_build_install 'v20231225' +ruby_build_definition ruby_version do + prefix_path ruby_path +end + +group deploy_group + +user deploy_user do + group deploy_group + manage_home true + shell "/bin/bash" +end + +directory deploy_path do + owner deploy_user + group deploy_group + mode '0750' +end + +redis_server_role = node[app_name]['redis_server_role'] +redis_host = search(:node, "role:#{redis_server_role}").first['knife_zero']['host'] rescue nil +if redis_host.nil? + Chef::Log.warn("No node found with '#{redis_server_role}' role. Stopping here.") + return +end + +git deploy_path do + repository node[app_name]['repo'] + revision node[app_name]['revision'] + user deploy_user + group deploy_group + notifies :restart, "service[#{app_name}]", :delayed +end + +directory "#{deploy_path}/tmp" do + owner deploy_user + group deploy_group + mode 0750 +end + +execute "bundle install" do + user deploy_user + cwd deploy_path + command "#{bundle_path} install --without development,test --deployment" +end + +template "#{deploy_path}/config.yml.erb" do + source 'config.yml.erb' + owner deploy_user + group deploy_group + mode '0600' + sensitive true + variables environment: rack_env, + redis_host: redis_host, + redis_port: node[app_name]['redis_port'], + redis_db: node[app_name]['redis_db'], + s3_endpoint: node[app_name]['s3_endpoint'], + s3_region: node[app_name]['s3_region'], + s3_bucket: node[app_name]['s3_bucket'], + s3_access_key: credentials['s3_access_key'], + s3_secret_key: credentials['s3_secret_key'], + maintenance_mode_enabled: node[app_name]['maintenance_mode_enabled'] + # TODO sentry_dsn: credentials['sentry_dsn'] + notifies :restart, "service[#{app_name}]", :delayed +end + +directory '/etc/rainbows' do + owner deploy_user + group deploy_group + mode '0750' +end + +template "/etc/rainbows/#{app_name}.rb" do + source 'rainbows.rb.erb' + owner deploy_user + group deploy_group + mode '0640' + variables user: deploy_user, + group: deploy_group, + app_name: app_name, + working_directory: deploy_path, + config: node[app_name]['rainbows'] + notifies :restart, "service[#{app_name}]", :delayed +end + +systemd_unit "#{app_name}.service" do + content({ + Unit: { + Description: "Liquor Cabinet remoteStorage HTTP API", + Documentation: ["https://gitea.kosmos.org/5apps/liquor-cabinet"], + After: "syslog.target network.target" + }, + Service: { + Type: "simple", + User: deploy_user, + WorkingDirectory: deploy_path, + Environment: "RACK_ENV=#{rack_env}", + ExecStart: "#{bundle_path} exec rainbows -c /etc/rainbows/#{app_name}.rb -E #{rack_env}", + PIDFile: "#{deploy_path}/tmp/rainbows.pid", + TimeoutSec: "10", + Restart: "on-failure", + }, + Install: { + WantedBy: "multi-user.target" + } + }) + verify false + triggers_reload true + action [:create, :enable] +end + +service app_name do + action [:enable, :start] +end + +if node[app_name]['ufw_source_allowed'] + firewall_rule app_name do + command :allow + protocol :tcp + port node[app_name]['rainbows']['port'] + source node[app_name]['ufw_source_allowed'] + end +end diff --git a/site-cookbooks/liquor_cabinet/templates/config.yml.erb b/site-cookbooks/liquor_cabinet/templates/config.yml.erb new file mode 100644 index 0000000..615d28d --- /dev/null +++ b/site-cookbooks/liquor_cabinet/templates/config.yml.erb @@ -0,0 +1,12 @@ +<%= @environment %>: + maintenance: <%= @maintenance_mode_enabled %> + redis: + host: <%= @redis_host %> + port: <%= @redis_port %> + db: <%= @redis_db %> + s3: + endpoint: <%= @s3_endpoint %> + region: <%= @s3_region %> + bucket: <%= @s3_bucket %> + access_key_id: <%= @s3_access_key %> + secret_key_id: <%= @s3_secret_key %> diff --git a/site-cookbooks/liquor_cabinet/templates/rainbows.rb.erb b/site-cookbooks/liquor_cabinet/templates/rainbows.rb.erb new file mode 100644 index 0000000..4cf5125 --- /dev/null +++ b/site-cookbooks/liquor_cabinet/templates/rainbows.rb.erb @@ -0,0 +1,32 @@ +## +# Rainbows config at /etc/rainbows/<%= @app_name %>.rb +# Managed by Chef - Local changes will be overwritten by Chef runs +## + +# What ports/sockets to listen on, and what options for them. +listen "<%= @config['port'] %>", { tcp_nodelay: true, backlog: 100 } + +# What the timeout for killing busy workers is, in seconds +timeout <%= @config['timeout'] %> + +# Whether the app should be pre-loaded +preload_app <%= @config['preload_app'] %> + +# How many worker processes +worker_processes <%= @config['worker_processes'] %> + +# Run forked children as specified user/group +user "<%= @user %>", "<%= @group %>" + +pid "<%= @working_directory %>/tmp/rainbows.pid" + +Rainbows! do + use :ThreadSpawn + client_header_buffer_size <%= @config['client_header_buffer_size'] %> + client_max_body_size <%= @config['client_max_body_size'] %> + client_max_header_size <%= @config['client_max_header_size'] %> + copy_stream <%= @config['copy_stream'] %> + keepalive_requests <%= @config['keepalive_requests'] %> + keepalive_timeout <%= @config['keepalive_timeout'] %> + worker_connections <%= @config['worker_connections'] %> +end diff --git a/site-cookbooks/sockethub/recipes/proxy.rb b/site-cookbooks/sockethub/recipes/proxy.rb index a62b5fd..17744f7 100644 --- a/site-cookbooks/sockethub/recipes/proxy.rb +++ b/site-cookbooks/sockethub/recipes/proxy.rb @@ -24,10 +24,10 @@ file "/etc/letsencrypt/renewal-hooks/post/nginx" do group "root" end -gandi_api_data_bag_item = data_bag_item('credentials', 'gandi_api_5apps') +gandi_api_credentials = data_bag_item('credentials', 'gandi_api') template "/root/gandi_dns_certbot_hook.sh" do - variables gandi_api_key: gandi_api_data_bag_item["key"] + variables gandi_api_key: gandi_api_credentials["key"] mode 0770 end