10 files changed, 349 insertions, 0 deletions

diff --git a/frontends/etc/httpd.conf b/frontends/etc/httpd.conf
new file mode 100644
index 0000000..41cde32
--- /dev/null
+++ b/frontends/etc/httpd.conf
@@ -0,0 +1,158 @@
+server "foo.zone" {
+  listen on * port 80
+  block return 302 "https://foo.zone"
+}
+
+server "www.foo.zone" {
+  listen on * port 80
+  block return 302 "https://www.foo.zone"
+}
+
+server "foo.zone" {
+  alias "www.foo.zone"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/foo.zone.fullchain.pem"
+    key "/etc/ssl/private/foo.zone.key"
+  }
+  location "/*" {
+    root "/htdocs/gemtexter/foo.zone"
+    directory auto index
+  }
+}
+
+server "irregular.ninja" {
+  listen on * port 80
+  block return 302 "https://irregular.ninja"
+}
+
+server "www.irregular.ninja" {
+  listen on * port 80
+  block return 302 "https://www.irregular.ninja"
+}
+
+server "irregular.ninja" {
+  alias "www.irregular.ninja"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/irregular.ninja.fullchain.pem"
+    key "/etc/ssl/private/irregular.ninja.key"
+  }
+  location "/*" {
+    root "/htdocs/irregular.ninja"
+    directory auto index
+  }
+}
+
+server "snonux.de" {
+  alias "www.snonux.de"
+  listen on * port 80
+        block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "snonux.de" {
+  alias "www.snonux.de"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/snonux.de.fullchain.pem"
+    key "/etc/ssl/private/snonux.de.key"
+  }
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "foo.surf" {
+  alias "www.foo.surf"
+  listen on * port 80
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "foo.surf" {
+  alias "www.foo.surf"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/foo.surf.fullchain.pem"
+    key "/etc/ssl/private/foo.surf.key"
+  }
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "sidewalk.ninja" {
+  alias "www.sidewalk.ninja"
+  listen on * port 80
+  block return 302 "https://irregular.ninja$REQUEST_URI"
+}
+
+server "sidewalk.ninja" {
+  alias "www.sidewalk.ninja"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/sidewalk.ninja.fullchain.pem"
+    key "/etc/ssl/private/sidewalk.ninja.key"
+  }
+  block return 302 "https://irregular.ninja$REQUEST_URI"
+}
+
+server "buetow.org" {
+  alias "www.buetow.org"
+  listen on * port 80
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "paul.buetow.org" {
+  alias "contact.buetow.org"
+  listen on * port 80
+  block return 302 "https://foo.zone/contact-information.html"
+}
+
+server "tmp.buetow.org" {
+  listen on * port 80
+  block return 302 "https://buetow.org/tmp/"
+}
+
+server "buetow.org" {
+  alias "www.buetow.org"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/buetow.org.fullchain.pem"
+    key "/etc/ssl/private/buetow.org.key"
+  }
+  root "/htdocs/buetow.org"
+  location match "/tmp/.*" {
+    directory auto index
+  }
+  location match "/.*" {
+          block return 302 "https://foo.zone$REQUEST_URI"
+  }
+}
+
+server "dtail.dev" {
+  alias "www.dtail.dev"
+  listen on * port 80
+  block return 302 "https://dail.dev"
+}
+
+server "dtail.dev" {
+  alias "www.dtail.dev"
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/dtail.dev.fullchain.pem"
+    key "/etc/ssl/private/dtail.dev.key"
+  }
+  location * {
+    block return 302 "https://github.dtail.dev"
+  }
+}
+
+server "default" {
+  listen on * port 80
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
+
+server "default" {
+  listen on * tls port 443
+  tls {
+    certificate "/etc/ssl/foo.zone.fullchain.pem"
+    key "/etc/ssl/private/foo.zone.key"
+  }
+  block return 302 "https://foo.zone$REQUEST_URI"
+}
diff --git a/frontends/etc/inetd.conf b/frontends/etc/inetd.conf
new file mode 100644
index 0000000..7176af4
--- /dev/null
+++ b/frontends/etc/inetd.conf
@@ -0,0 +1,2 @@
+127.0.0.1:11965 stream tcp nowait www /usr/local/bin/vger vger -v
+*:4242 stream tcp nowait www /bin/cat cat /var/run/ha.status
diff --git a/frontends/etc/mail/aliases b/frontends/etc/mail/aliases
new file mode 100644
index 0000000..91bf1d0
--- /dev/null
+++ b/frontends/etc/mail/aliases
@@ -0,0 +1,103 @@
+#
+#	$OpenBSD: aliases,v 1.68 2020/01/24 06:17:37 tedu Exp $
+#
+#  Aliases in this file will NOT be expanded in the header from
+#  Mail, but WILL be visible over networks or from /usr/libexec/mail.local.
+#
+#	>>>>>>>>>>	The program "newaliases" must be run after
+#	>> NOTE >>	this file is updated for any changes to
+#	>>>>>>>>>>	show through to smtpd.
+#
+
+# Basic system aliases -- these MUST be present
+MAILER-DAEMON: postmaster
+postmaster: root
+
+# General redirections for important pseudo accounts
+daemon:	root
+ftp-bugs: root
+operator: root
+www:	root
+admin:	root
+
+# Redirections for pseudo accounts that should not receive mail
+_bgpd: /dev/null
+_dhcp: /dev/null
+_dpb: /dev/null
+_dvmrpd: /dev/null
+_eigrpd: /dev/null
+_file: /dev/null
+_fingerd: /dev/null
+_ftp: /dev/null
+_hostapd: /dev/null
+_identd: /dev/null
+_iked: /dev/null
+_isakmpd: /dev/null
+_iscsid: /dev/null
+_ldapd: /dev/null
+_ldpd: /dev/null
+_mopd: /dev/null
+_nsd: /dev/null
+_ntp: /dev/null
+_ospfd: /dev/null
+_ospf6d: /dev/null
+_pbuild: /dev/null
+_pfetch: /dev/null
+_pflogd: /dev/null
+_ping: /dev/null
+_pkgfetch: /dev/null
+_pkguntar: /dev/null
+_portmap: /dev/null
+_ppp: /dev/null
+_rad: /dev/null
+_radiusd: /dev/null
+_rbootd: /dev/null
+_relayd: /dev/null
+_ripd: /dev/null
+_rstatd: /dev/null
+_rusersd: /dev/null
+_rwalld: /dev/null
+_smtpd: /dev/null
+_smtpq: /dev/null
+_sndio: /dev/null
+_snmpd: /dev/null
+_spamd: /dev/null
+_switchd: /dev/null
+_syslogd: /dev/null
+_tcpdump: /dev/null
+_traceroute: /dev/null
+_tftpd: /dev/null
+_unbound: /dev/null
+_unwind: /dev/null
+_vmd: /dev/null
+_x11:   /dev/null
+_ypldap: /dev/null
+bin:	/dev/null
+build:	/dev/null
+nobody:	/dev/null
+_tftp_proxy: /dev/null
+_ftp_proxy: /dev/null
+_sndiop: /dev/null
+_syspatch: /dev/null
+_slaacd: /dev/null
+sshd:   /dev/null
+
+# Well-known aliases -- these should be filled in!
+root: paul
+manager: root
+dumper: root
+
+# RFC 2142: NETWORK OPERATIONS MAILBOX NAMES
+abuse:		root
+noc:		root
+security:	root
+
+# RFC 2142: SUPPORT MAILBOX NAMES FOR SPECIFIC INTERNET SERVICES
+hostmaster:	root
+# usenet:	root
+# news:		usenet
+webmaster:	root
+# ftp:		root
+
+paul: paul.buetow@protonmail.com
+albena: albena.buetow@protonmail.com
diff --git a/frontends/etc/mail/smtpd.conf.tpl b/frontends/etc/mail/smtpd.conf.tpl
new file mode 100644
index 0000000..2fb68e3
--- /dev/null
+++ b/frontends/etc/mail/smtpd.conf.tpl
@@ -0,0 +1,23 @@
+# This is the smtpd server system-wide configuration file.
+# See smtpd.conf(5) for more information.
+
+# I used https://www.checktls.com/TestReceiver for testing.
+
+pki "buetow_org_tls" cert "/etc/ssl/buetow.org.fullchain.pem"
+pki "buetow_org_tls" key "/etc/ssl/private/buetow.org.key"
+
+table aliases file:/etc/mail/aliases
+table virtualdomains file:/etc/mail/virtualdomains
+table virtualusers file:/etc/mail/virtualusers
+
+listen on socket
+listen on all tls pki "buetow_org_tls" hostname "<%= $mail_hostname->($hostname) %>"
+#listen on all
+
+action localmail mbox alias <aliases>
+action receive mbox virtual <virtualusers>
+action outbound relay
+
+match from any for domain <virtualdomains> action receive
+match from local for local action localmail
+match from local for any action outbound
diff --git a/frontends/etc/mail/virtualdomains b/frontends/etc/mail/virtualdomains
new file mode 100644
index 0000000..9bdd68a
--- /dev/null
+++ b/frontends/etc/mail/virtualdomains
@@ -0,0 +1,11 @@
+buetow.org
+paul.buetow.org
+mx.buetow.org
+de.buetow.org
+bg.buetow.org
+uk.buetow.org
+us.buetow.org
+es.buetow.org
+dev.buetow.org
+snonux.de
+dtail.dev
diff --git a/frontends/etc/mail/virtualusers b/frontends/etc/mail/virtualusers
new file mode 100644
index 0000000..5ae0b24
--- /dev/null
+++ b/frontends/etc/mail/virtualusers
@@ -0,0 +1,2 @@
+albena@buetow.org albena.buetow@protonmail.com
+@ paul.buetow@protonmail.com
diff --git a/frontends/etc/myname.tpl b/frontends/etc/myname.tpl
new file mode 100644
index 0000000..dcd4ca0
--- /dev/null
+++ b/frontends/etc/myname.tpl
@@ -0,0 +1 @@
+<%= $fqdns->($vio0_ip) %>
diff --git a/frontends/etc/rc.conf.local b/frontends/etc/rc.conf.local
new file mode 100644
index 0000000..842f16d
--- /dev/null
+++ b/frontends/etc/rc.conf.local
@@ -0,0 +1,5 @@
+httpd_flags=
+inetd_flags=
+nsd_flags=
+pkg_scripts="uptimed httpd"
+relayd_flags=
diff --git a/frontends/etc/relayd.conf.tpl b/frontends/etc/relayd.conf.tpl
new file mode 100644
index 0000000..d8553b2
--- /dev/null
+++ b/frontends/etc/relayd.conf.tpl
@@ -0,0 +1,20 @@
+log connection
+
+tcp protocol "gemini" {
+    tls keypair buetow.org
+    tls keypair snonux.de
+    tls keypair foo.zone
+    tls keypair irregular.ninja
+}
+
+relay "gemini4" {
+    listen on <%= $vio0_ip %> port 1965 tls
+    protocol "gemini"
+    forward to 127.0.0.1 port 11965
+}
+
+relay "gemini6" {
+    listen on <%= $ipv6address->($hostname) %> port 1965 tls
+    protocol "gemini"
+    forward to 127.0.0.1 port 11965
+}
diff --git a/frontends/etc/tmux.conf b/frontends/etc/tmux.conf
new file mode 100644
index 0000000..1449326
--- /dev/null
+++ b/frontends/etc/tmux.conf
@@ -0,0 +1,24 @@
+set-option -g allow-rename off
+set-option -g default-terminal "screen-256color"
+set-option -g history-limit 100000
+set-option -g status-bg '#444444'
+set-option -g status-fg '#ffa500'
+
+set-window-option -g mode-keys vi
+
+bind-key h select-pane -L
+bind-key j select-pane -D
+bind-key k select-pane -U
+bind-key l select-pane -R
+
+bind-key H resize-pane -L 5
+bind-key J resize-pane -D 5
+bind-key K resize-pane -U 5
+bind-key L resize-pane -R 5
+
+bind-key b break-pane -d
+bind-key c new-window -c '#{pane_current_path}'
+bind-key p setw synchronize-panes off
+bind-key P setw synchronize-panes on
+bind-key r source-file ~/.tmux.conf \; display-message "~/.tmux.conf reloaded"
+bind-key T choose-tree