rebrand as frontends

11 files changed, 325 insertions, 0 deletions

diff --git a/openbsd/frontends/etc/httpd.conf b/openbsd/frontends/etc/httpd.conf
new file mode 100644
index 0000000..76e8afb
--- /dev/null
+++ b/openbsd/frontends/etc/httpd.conf
@@ -0,0 +1,71 @@
+server "default" {
+	listen on * port 80
+	location "/.well-known/acme-challenge/*" {
+		root "/acme"
+		request strip 2
+	}
+	location * {
+		block return 302 "https://snonux.de"
+	}
+}
+
+server "default" {
+	listen on * tls port 443
+	tls {
+		certificate "/etc/ssl/buetow.org.fullchain.pem"
+		key "/etc/ssl/private/buetow.org.key"
+	}
+	location * {
+		block return 302 "https://snonux.de"
+	}
+	location "/.well-known/acme-challenge/*" {
+		root "/acme"
+		request strip 2
+	}
+}
+
+server "snonux.de" {
+	listen on * tls port 443
+	tls {
+		certificate "/etc/ssl/snonux.de.fullchain.pem"
+		key "/etc/ssl/private/snonux.de.key"
+	}
+	location "/*" {
+		root "/htdocs/gemtexter/snonux.de"
+		directory auto index
+	}
+	location "/.well-known/acme-challenge/*" {
+		root "/acme"
+		request strip 2
+	}
+}
+
+server "buetow.org" {
+	listen on * tls port 443
+	tls {
+		certificate "/etc/ssl/buetow.org.fullchain.pem"
+		key "/etc/ssl/private/buetow.org.key"
+	}
+	location * {
+		block return 302 "https://snonux.de$DOCUMENT_URI"
+	}
+	location "/.well-known/acme-challenge/*" {
+		root "/acme"
+		request strip 2
+	}
+}
+
+server "dtail.dev" {
+	listen on * tls port 443
+	tls {
+		certificate "/etc/ssl/dtail.dev.fullchain.pem"
+		key "/etc/ssl/private/dtail.dev.key"
+	}
+	location * {
+		block return 302 "https://github.dtail.dev"
+	}
+	location "/.well-known/acme-challenge/*" {
+		root "/acme"
+		request strip 2
+	}
+}
diff --git a/openbsd/frontends/etc/mail/aliases b/openbsd/frontends/etc/mail/aliases
new file mode 100644
index 0000000..91bf1d0
--- /dev/null
+++ b/openbsd/frontends/etc/mail/aliases
@@ -0,0 +1,103 @@
+#
+#	$OpenBSD: aliases,v 1.68 2020/01/24 06:17:37 tedu Exp $
+#
+#  Aliases in this file will NOT be expanded in the header from
+#  Mail, but WILL be visible over networks or from /usr/libexec/mail.local.
+#
+#	>>>>>>>>>>	The program "newaliases" must be run after
+#	>> NOTE >>	this file is updated for any changes to
+#	>>>>>>>>>>	show through to smtpd.
+#
+
+# Basic system aliases -- these MUST be present
+MAILER-DAEMON: postmaster
+postmaster: root
+
+# General redirections for important pseudo accounts
+daemon:	root
+ftp-bugs: root
+operator: root
+www:	root
+admin:	root
+
+# Redirections for pseudo accounts that should not receive mail
+_bgpd: /dev/null
+_dhcp: /dev/null
+_dpb: /dev/null
+_dvmrpd: /dev/null
+_eigrpd: /dev/null
+_file: /dev/null
+_fingerd: /dev/null
+_ftp: /dev/null
+_hostapd: /dev/null
+_identd: /dev/null
+_iked: /dev/null
+_isakmpd: /dev/null
+_iscsid: /dev/null
+_ldapd: /dev/null
+_ldpd: /dev/null
+_mopd: /dev/null
+_nsd: /dev/null
+_ntp: /dev/null
+_ospfd: /dev/null
+_ospf6d: /dev/null
+_pbuild: /dev/null
+_pfetch: /dev/null
+_pflogd: /dev/null
+_ping: /dev/null
+_pkgfetch: /dev/null
+_pkguntar: /dev/null
+_portmap: /dev/null
+_ppp: /dev/null
+_rad: /dev/null
+_radiusd: /dev/null
+_rbootd: /dev/null
+_relayd: /dev/null
+_ripd: /dev/null
+_rstatd: /dev/null
+_rusersd: /dev/null
+_rwalld: /dev/null
+_smtpd: /dev/null
+_smtpq: /dev/null
+_sndio: /dev/null
+_snmpd: /dev/null
+_spamd: /dev/null
+_switchd: /dev/null
+_syslogd: /dev/null
+_tcpdump: /dev/null
+_traceroute: /dev/null
+_tftpd: /dev/null
+_unbound: /dev/null
+_unwind: /dev/null
+_vmd: /dev/null
+_x11:   /dev/null
+_ypldap: /dev/null
+bin:	/dev/null
+build:	/dev/null
+nobody:	/dev/null
+_tftp_proxy: /dev/null
+_ftp_proxy: /dev/null
+_sndiop: /dev/null
+_syspatch: /dev/null
+_slaacd: /dev/null
+sshd:   /dev/null
+
+# Well-known aliases -- these should be filled in!
+root: paul
+manager: root
+dumper: root
+
+# RFC 2142: NETWORK OPERATIONS MAILBOX NAMES
+abuse:		root
+noc:		root
+security:	root
+
+# RFC 2142: SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES
+hostmaster:	root
+# usenet:	root
+# news:		usenet
+webmaster:	root
+# ftp:		root
+
+paul: paul.buetow@protonmail.com
+albena: albena.buetow@protonmail.com
diff --git a/openbsd/frontends/etc/mail/smtpd.conf b/openbsd/frontends/etc/mail/smtpd.conf
new file mode 100644
index 0000000..552d186
--- /dev/null
+++ b/openbsd/frontends/etc/mail/smtpd.conf
@@ -0,0 +1,23 @@
+# This is the smtpd server system-wide configuration file.
+# See smtpd.conf(5) for more information.
+
+# I used https://www.checktls.com/TestReceiver for testing.
+
+pki "buetow_org_tls" cert "/etc/ssl/buetow.org.fullchain.pem"
+pki "buetow_org_tls" key "/etc/ssl/private/buetow.org.key"
+
+table aliases file:/etc/mail/aliases
+table virtualdomains file:/etc/mail/virtualdomains
+table virtualusers file:/etc/mail/virtualusers
+
+listen on socket
+listen on all tls pki "buetow_org_tls" hostname "buetow.org"
+#listen on all
+
+action localmail mbox alias <aliases>
+action receive mbox virtual <virtualusers>
+action outbound relay
+
+match from any for domain <virtualdomains> action receive
+match from local for local action localmail
+match from local for any action outbound
diff --git a/openbsd/frontends/etc/mail/virtualdomains b/openbsd/frontends/etc/mail/virtualdomains
new file mode 100644
index 0000000..9bdd68a
--- /dev/null
+++ b/openbsd/frontends/etc/mail/virtualdomains
@@ -0,0 +1,11 @@
+buetow.org
+paul.buetow.org
+mx.buetow.org
+de.buetow.org
+bg.buetow.org
+uk.buetow.org
+us.buetow.org
+es.buetow.org
+dev.buetow.org
+snonux.de
+dtail.dev
diff --git a/openbsd/frontends/etc/mail/virtualusers b/openbsd/frontends/etc/mail/virtualusers
new file mode 100644
index 0000000..5ae0b24
--- /dev/null
+++ b/openbsd/frontends/etc/mail/virtualusers
@@ -0,0 +1,2 @@
+albena@buetow.org albena.buetow@protonmail.com
+@ paul.buetow@protonmail.com
diff --git a/openbsd/frontends/etc/myname b/openbsd/frontends/etc/myname
new file mode 100644
index 0000000..66796b2
--- /dev/null
+++ b/openbsd/frontends/etc/myname
@@ -0,0 +1 @@
+blowfish.buetow.org
diff --git a/openbsd/frontends/etc/rc.conf.local b/openbsd/frontends/etc/rc.conf.local
new file mode 100644
index 0000000..d8c4856
--- /dev/null
+++ b/openbsd/frontends/etc/rc.conf.local
@@ -0,0 +1,2 @@
+pkg_scripts="uptimed httpd geminid"
+httpd_flags=
diff --git a/openbsd/frontends/etc/rc.d/geminid b/openbsd/frontends/etc/rc.d/geminid
new file mode 100755
index 0000000..f9d6701
--- /dev/null
+++ b/openbsd/frontends/etc/rc.d/geminid
@@ -0,0 +1,13 @@
+#!/bin/ksh
+
+daemon="/usr/local/bin/geminid"
+daemon_user="www"
+
+. /etc/rc.d/rc.subr
+
+rc_reload=NO
+rc_start() {
+	${rcexec} "${daemon} ${daemon_flags} 2>&1 | logger -t geminid &"
+}
+
+rc_cmd $1 &
diff --git a/openbsd/frontends/etc/tmux.conf b/openbsd/frontends/etc/tmux.conf
new file mode 100644
index 0000000..1449326
--- /dev/null
+++ b/openbsd/frontends/etc/tmux.conf
@@ -0,0 +1,24 @@
+set-option -g allow-rename off
+set-option -g default-terminal "screen-256color"
+set-option -g history-limit 100000
+set-option -g status-bg '#444444'
+set-option -g status-fg '#ffa500'
+
+set-window-option -g mode-keys vi
+
+bind-key h select-pane -L
+bind-key j select-pane -D
+bind-key k select-pane -U
+bind-key l select-pane -R
+
+bind-key H resize-pane -L 5
+bind-key J resize-pane -D 5
+bind-key K resize-pane -U 5
+bind-key L resize-pane -R 5
+
+bind-key b break-pane -d
+bind-key c new-window -c '#{pane_current_path}'
+bind-key p setw synchronize-panes off
+bind-key P setw synchronize-panes on
+bind-key r source-file ~/.tmux.conf \; display-message "~/.tmux.conf reloaded"
+bind-key T choose-tree
diff --git a/openbsd/frontends/opt/src/gemini/README.md b/openbsd/frontends/opt/src/gemini/README.md
new file mode 100644
index 0000000..b056838
--- /dev/null
+++ b/openbsd/frontends/opt/src/gemini/README.md
@@ -0,0 +1,10 @@
+Custom gemini server configuration
+=================================
+
+```
+git clone https://github.com/a-h/gemini
+cp -Rpv ./myserver ./gemini/myserver
+cd ./gemini/myserver
+go build main.go
+doas cp -p ./main /usr/local/bin/geminid
+```
diff --git a/openbsd/frontends/opt/src/gemini/myserver/main.go b/openbsd/frontends/opt/src/gemini/myserver/main.go
new file mode 100644
index 0000000..09bcb3f
--- /dev/null
+++ b/openbsd/frontends/opt/src/gemini/myserver/main.go
@@ -0,0 +1,65 @@
+package main
+
+import (
+	"context"
+	"crypto/tls"
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/a-h/gemini"
+)
+
+type configuration struct {
+	// Domain name, e.g. localhost.
+	domain string
+	// Certfile is the path to a server cerfificate file.
+	certFile string
+	// Keyfile is the path to a server key file.
+	keyFile string
+	// Path to Gemini content to serve.
+	path string
+}
+
+func main() {
+	config := []configuration{
+		{
+			domain:   "buetow.org",
+			certFile: "/etc/ssl/buetow.org.fullchain.pem",
+			keyFile:  "/etc/ssl/private/buetow.org.key",
+			path:     "/var/gemini/gemtexter/buetow.org",
+		},
+		{
+			domain:   "snonux.de",
+			certFile: "/etc/ssl/snonux.de.fullchain.pem",
+			keyFile:  "/etc/ssl/private/snonux.de.key",
+			path:     "/var/gemini/gemtexter/snonux.de",
+		},
+	}
+
+	// Load the config.
+	domainToHandler := map[string]*gemini.DomainHandler{}
+
+	for i := 0; i < len(config); i++ {
+		c := config[i]
+		h := gemini.FileSystemHandler(gemini.Dir(c.path))
+		cert, err := tls.LoadX509KeyPair(c.certFile, c.keyFile)
+		if err != nil {
+			fmt.Printf("error: failed to load certificates for domain %q: %v\n", c.domain, err)
+			os.Exit(1)
+		}
+		dh := gemini.NewDomainHandler(c.domain, cert, h)
+		domainToHandler[c.domain] = dh
+	}
+
+	// Start the server.
+	ctx := context.Background()
+	server := gemini.NewServer(ctx, ":1965", domainToHandler)
+	server.ReadTimeout = time.Second * 5
+	server.WriteTimeout = time.Second * 10
+	err := server.ListenAndServe()
+	if err != nil {
+		fmt.Printf("error: %v\n", err)
+		os.Exit(1)
+	}
+}