More cleanup

homelab/configs/litestream/vaultwarden.yml

@@ -1,8 +0,0 @@
-dbs:
-  - path: /data/db.sqlite3
-    replicas:
-      - type:     sftp
-        host:     ${LITESTREAM_USERNAME}.your-storagebox.de
-        user:     ${LITESTREAM_USERNAME}
-        password: ${LITESTREAM_PASSWORD}
-        path:     /

homelab/configs/litestream/wlm.yml

@@ -1,8 +0,0 @@
-dbs:
-  - path: wlm/db.sqlite3
-    replicas:
-      - type:     sftp
-        host:     ${LITESTREAM_USERNAME}.your-storagebox.de
-        user:     ${LITESTREAM_USERNAME}
-        password: ${LITESTREAM_PASSWORD}
-        path:     /

homelab/configs/vaultwarden.json

@@ -1,46 +0,0 @@
-{
-    "domain": "https://pw.gmem.ca",
-    "sends_allowed": true,
-    "incomplete_2fa_time_limit": 3,
-    "disable_icon_download": false,
-    "signups_allowed": true,
-    "signups_verify": true,
-    "signups_verify_resend_time": 3600,
-    "signups_verify_resend_limit": 6,
-    "invitations_allowed": true,
-    "emergency_access_allowed": true,
-    "password_iterations": 100000,
-    "show_password_hint": false,
-    "admin_token": "9LUmJy5usLYsdVJip9fD",
-    "invitation_org_name": "pw.gmem.ca",
-    "ip_header": "X-Real-IP",
-    "icon_redirect_code": 302,
-    "icon_cache_ttl": 2592000,
-    "icon_cache_negttl": 259200,
-    "icon_download_timeout": 10,
-    "icon_blacklist_non_global_ips": true,
-    "disable_2fa_remember": false,
-    "authenticator_disable_time_drift": false,
-    "require_device_email": false,
-    "reload_templates": false,
-    "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
-    "disable_admin_token": false,
-    "_enable_yubico": true,
-    "_enable_duo": false,
-    "_enable_smtp": true,
-    "smtp_host": "smtp.gmail.com",
-    "smtp_ssl": true,
-    "smtp_explicit_tls": true,
-    "smtp_port": 465,
-    "smtp_from": "bladesimmer@gmail.com",
-    "smtp_from_name": "pw.gmem.ca",
-    "smtp_username": "bladesimmer@gmail.com",
-    "smtp_password": "prhusffmjrfbbmtp",
-    "smtp_timeout": 15,
-    "smtp_accept_invalid_certs": false,
-    "smtp_accept_invalid_hostnames": false,
-    "_enable_email_2fa": false,
-    "email_token_size": 6,
-    "email_expiration_time": 600,
-    "email_attempts_limit": 3
-  }

homelab/tailscale-serve/app/Dockerfile

@@ -1,7 +0,0 @@
-FROM python:3-alpine
-
-WORKDIR /app
-
-COPY . .
-
-CMD [ "python", "main.py" ]

homelab/tailscale-serve/app/main.py

@@ -1,18 +0,0 @@
-import socket
-import ssl
-import os
-
-
-HOST = "127.0.0.1"
-PORT = 8443
-
-
-if __name__ == "__main__":
-    context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
-    context.load_cert_chain(os.getenv('CERT_FILE'), os.getenv('CERT_KEYFILE'))
-    with socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) as sock:
-        sock.bind((HOST, PORT))
-        sock.listen(5)
-        with context.wrap_socket(sock, server_side=True) as ssock:
-            conn, addr = ssock.accept()
-            conn.send('Hello, Tailscale Funnel!'.encode('utf-8'))

homelab/tailscale-serve/deployment.yaml

@@ -1,114 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nginx-tailscale-serve
-spec:
-  selector:
-    matchLabels:
-      app: nginx-tailscale-serve
-  template:
-    metadata:
-      labels:
-        app: nginx-tailscale-serve
-    spec:
-      initContainers:
-      - name: tailscale-init
-        image: icr.gmem.ca/tailscale
-        resources:
-          requests:
-            memory: "1Mi"
-            cpu: "1m"
-          limits:
-            memory: "128Mi"
-            cpu: "500m"
-        env:
-          - name: MODE
-            value: "cert"
-          - name: TAILSCALE_CERT_FILE
-            value: "/tailscale/cert"
-          - name: TAILSCALE_CERT_KEY
-            value: "/tailscale/key"
-          - name: TAILSCALE_CERT_DOMAIN
-            value: "kubernetes-test.chimera-blues.ts.net"
-          - name: TAILSCALE_HOSTNAME
-            value: "kubernetes-test"
-          - name: TAILSCALED_TUN
-            value: "userspace-networking"
-          - name: TAILSCALED_STATE
-            value: "/tailscale/tailscaled.state"
-          - name: TAILSCALE_AUTH_KEY
-            valueFrom:
-              secretKeyRef:
-                name: tailscale-auth
-                key: TS_AUTH_KEY
-                optional: true
-        volumeMounts:
-        - name: data
-          mountPath: /tailscale
-      containers:
-      - name: nginx
-        image: nginx
-        resources:
-          limits:
-            memory: "32Mi"
-            cpu: "100m"
-          requests:
-            memory: "16Mi"
-            cpu: "1m"
-        ports:
-        - containerPort: 80
-      - name: tailscale-serve
-        image: icr.gmem.ca/tailscale
-        resources:
-          requests:
-            memory: "1Mi"
-            cpu: "1m"
-          limits:
-            memory: "128Mi"
-            cpu: "500m"
-        env:
-          - name: TAILSCALE_HOSTNAME
-            value: "kubernetes-test"
-          - name: TAILSCALED_TUN
-            value: "userspace-networking"
-          - name: TAILSCALE_FUNNEL_PROXY
-            value: "80"
-          - name: TAILSCALED_STATE
-            value: "/tailscale/tailscaled.state"
-          - name: TAILSCALE_AUTH_KEY
-            valueFrom:
-              secretKeyRef:
-                name: tailscale-auth
-                key: TS_AUTH_KEY
-                optional: true
-        volumeMounts:
-        - name: data
-          mountPath: /tailscale
-      volumes:
-      - name: data
-        persistentVolumeClaim:
-          claimName: tailscale-state
----
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: tailscale-state
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 1Gi
-  storageClassName: nfs-client
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: nginx-tailscale-serve
-spec:
-  selector:
-    app: nginx-tailscale-serve
-  ports:
-  - port: 80
-    targetPort: 80