myron/do-server-config
1
0
Fork 0
mirror of https://github.com/myronblair/do-server-config synced 2026-06-30 17:50:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

[orbis] Weekly backup 2026-06-09 — 52 files changed, 2700 insertions(+)

Browse Source
This commit is contained in:
DO Server Backup
2026-06-09 03:53:55 +00:00
parent 5b1f83b1ea
commit 34e2485b9a
52 changed files with 2700 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cron/root_custom
+5
View File
@@ -0,0 +1,5 @@
* * * * * /usr/local/bin/jarvis-deploy.sh
*/5 * * * * /usr/local/bin/jarvis-watchdog.sh
0 2 * * * /usr/local/bin/jarvis-backup.sh >> /var/backups/jarvis/backup.log 2>&1
0 2 * * * su -s /bin/bash tomto8868 -c '/usr/local/bin/ttg-backup.sh' >> /home/tomtomgames.com/backups/backup.log 2>&1
0 4 * * 0 /usr/local/bin/do-server-backup >> /var/log/do-server-backup.log 2>&1
cron/root_full
+32
View File
@@ -0,0 +1,32 @@
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup >/dev/null 2>&1
0 0 1 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup >/dev/null 2>&1
0 2 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/upgradeCritical.py >/dev/null 2>&1
0 0 * * 4 /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/renew.py >/dev/null 2>&1
7 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
0 0 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Daily
0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Weekly
*/30 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '30 Minutes'
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Hour'
0 */6 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '6 Hours'
0 */12 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '12 Hours'
0 1 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Day'
0 0 */3 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '3 Days'
0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Week'
*/3 * * * * if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then systemctl restart lsws; fi
09,39 * * * * /usr/local/CyberCP/bin/cleansessions >/dev/null 2>&1
* * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py run_scheduled_scans >/usr/local/lscp/logs/scheduled_scans.log 2>&1
*/5 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/pdnsHealthCheck.py >/dev/null 2>&1
*/3 * * * * /usr/local/lsws/lsphp85/bin/lsphp /home/jarvis.orbishosting.com/api/endpoints/facts_collector.php >> /home/jarvis.orbishosting.com/logs/cron.log 2>&1
*/5 * * * * /usr/local/lsws/lsphp85/bin/lsphp /home/jarvis.orbishosting.com/api/endpoints/stats_cache.php >> /home/jarvis.orbishosting.com/logs/cron.log 2>&1
* * * * * /usr/local/bin/jarvis-deploy.sh
*/5 * * * * /usr/local/bin/jarvis-watchdog.sh
0 2 * * * /usr/local/bin/jarvis-backup.sh >> /var/backups/jarvis/backup.log 2>&1
*/15 * * * * /usr/local/lsws/lsphp85/bin/lsphp /home/jarvis.orbishosting.com/api/endpoints/calendar_sync.php >> /home/jarvis.orbishosting.com/logs/cron.log 2>&1
0 2 * * * su -s /bin/bash tomto8868 -c '/usr/local/bin/ttg-backup.sh' >> /home/tomtomgames.com/backups/backup.log 2>&1
0 4 * * 0 /usr/local/bin/do-server-backup >> /var/log/do-server-backup.log 2>&1
infra/README.md
+48
View File
@@ -0,0 +1,48 @@
# DO Server Infrastructure
DigitalOcean server at 165.22.1.228 (CyberPanel / OpenLiteSpeed).
## Directory Structure
- `cron/` — Root crontab (CyberPanel + JARVIS entries)
- `systemd/` — Custom systemd service units
- `agent/` — JARVIS agent config template
## Deploy workflow
1. Edit code in site repos (myronblair/*)
2. `git push origin main`
3. On server: `cd /home/<site>/public_html && git pull origin main`
## JARVIS agent install
```bash
cp agent/config.json /opt/jarvis-agent/config.json
systemctl enable jarvis-agent
systemctl start jarvis-agent
```
## Cloudflare Rocket Loader — IMPORTANT
JARVIS (and all sites) sit behind Cloudflare with **Rocket Loader enabled**.
Rocket Loader does two things that break JavaScript login forms:
1. Changes `<script>` tag `type` to a fake value, deferring execution.
2. Injects `if (!window.__cfRLUnblockHandlers) return false;` into **every**
`onclick=`, `onkeydown=`, and other inline HTML event attributes,
blocking them until Rocket Loader finishes loading.
### Rules for any page with JavaScript that must run immediately:
- Add `data-cfasync="false"` to ALL `<script>` tags.
- **Never use inline event handler attributes** (`onclick=`, `onkeydown=`, etc.)
on HTML elements — Rocket Loader will block them.
- Attach all event listeners via `addEventListener()` in JavaScript.
- Use `XMLHttpRequest` instead of `fetch()` for auth calls (more compatible).
- Put scripts **after** their target DOM elements (end of body), not in `<head>`,
so the elements exist when the script runs without needing DOMContentLoaded.
### Current login implementation (jarvis repo: public_html/login.html)
Standalone `/login.html` page handles all auth. `index.html` redirects to
`/login.html` if no `jarvis_token` in sessionStorage.
- Script is at end of body, after elements, with `data-cfasync="false"`
- All handlers attached via `addEventListener` — no inline attributes
- Uses XHR (not fetch) to POST to `/api/auth`
infra/agent/config.template.json
+8
View File
@@ -0,0 +1,8 @@
{
"server_url": "https://165.22.1.228",
"host_header": "jarvis.orbishosting.com",
"registration_key": "REPLACE_WITH_AGENT_REGISTRATION_KEY",
"agent_type": "linux",
"heartbeat_interval": 10,
"metrics_interval": 30
}
infra/cron/do-server.crontab
+26
View File
@@ -0,0 +1,26 @@
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/findBWUsage.py >/dev/null 2>&1
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py hourlyCleanup >/dev/null 2>&1
0 0 1 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/postfixSenderPolicy/client.py monthlyCleanup >/dev/null 2>&1
0 2 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/upgradeCritical.py >/dev/null 2>&1
0 0 * * 4 /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/renew.py >/dev/null 2>&1
7 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
0 0 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Daily
0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py Weekly
*/30 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '30 Minutes'
0 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Hour'
0 */6 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '6 Hours'
0 */12 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '12 Hours'
0 1 * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Day'
0 0 */3 * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '3 Days'
0 0 * * 0 /usr/local/CyberCP/bin/python /usr/local/CyberCP/IncBackups/IncScheduler.py '1 Week'
*/3 * * * * if ! find /home/*/public_html/ -maxdepth 2 -type f -newer /usr/local/lsws/cgid -name '.htaccess' -exec false {} +; then systemctl restart lsws; fi
09,39 * * * * /usr/local/CyberCP/bin/cleansessions >/dev/null 2>&1
* * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/manage.py run_scheduled_scans >/usr/local/lscp/logs/scheduled_scans.log 2>&1
*/5 * * * * /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/pdnsHealthCheck.py >/dev/null 2>&1
*/3 * * * * /usr/local/lsws/lsphp85/bin/lsphp /home/jarvis.orbishosting.com/api/endpoints/facts_collector.php >> /home/jarvis.orbishosting.com/logs/cron.log 2>&1
*/5 * * * * /usr/local/lsws/lsphp85/bin/lsphp /home/jarvis.orbishosting.com/api/endpoints/stats_cache.php >> /home/jarvis.orbishosting.com/logs/cron.log 2>&1
infra/fusionpbx/README.md
+75
View File
@@ -0,0 +1,75 @@
# FusionPBX Custom Configs (134.209.72.226)
## Yealink T48S Provisioning — Critical Fixes
### Problem: BLF buttons never applied from provisioning
Root cause: nginx rewrite for `{mac}.boot` stripped the `file=` param, so FusionPBX
served the full 122KB config as a boot file. Yealink ignores DSS keys in .boot files —
they only apply from .cfg files.
### Fix 1: nginx rewrite (in /etc/nginx/sites-enabled/fusionpbx)
OLD: rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.boot)$" /app/provision/index.php?mac=$1;
NEW: rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.boot)$" /app/provision/index.php?mac=$1&file=%7b%24mac%7d.boot;
### Fix 2: {$mac}.boot template
Created: /var/www/fusionpbx/resources/templates/provision/yealink/t48s/{$mac}.boot
Content: boot file with includes pointing to y000000000065.cfg and {$mac}.cfg
Phone flow: {mac}.boot (164 bytes) → y000000000065.cfg → {mac}.cfg (full config applied)
### Fix 3: y000000000065.cfg template changes
- features.auto_linekeys.enable = 0 (prevents phone overriding BLF keys)
### Fix 4: All y000000000000.boot templates
- overwrite_mode = 1 (forces re-provision on every reboot, default was 0)
### Fix 5: External sofia profile
- manage-presence = passive (not true — BLF SUBSCRIBEs delegate to internal profile)
- Fix: UPDATE v_sip_profile_settings SET value='passive' WHERE profile=external AND name='manage-presence'
- Then delete /var/cache/fusionpbx/FusionPBX.configuration.sofia.conf and reload sofia
## Device Profile "yealink" (UUID 2c68fe07-b29a-4429-a3c2-7ce9010c69ff)
| Key | Type | Value | Label | Notes |
|-----|------|-------|-------|-------|
| 1 | 16 (BLF) | 1000 | Myron 1000 | |
| 2 | 16 (BLF) | 1001 | Tommy 1001 | |
| 3 | 16 (BLF) | 1002 | Myron Vanguard | |
| 4 | 12 | 1003 | PC Slingshot | |
| 5 | 12 | 1004 | Epic Travel | |
| 6 | 12 | 1005 | Toms Java | |
| 7 | 13 (Speed Dial) | *5901 | Park 5901 | Press during call=park, idle=retrieve |
| 8 | 13 (Speed Dial) | *5902 | Park 5902 | |
| 9 | 13 (Speed Dial) | *5903 | Park 5903 | |
| 11 | 16 (BLF) | *724 | Page All | |
Park buttons use Speed Dial (type=13) not BLF — BLF for park requires mod_presence
which is not installed. Speed Dial works: press during call parks it, press idle retrieves.
## BLF Type Reference (Yealink T48S firmware 66.86.x, FusionPBX)
- type=16 = BLF (requires pickup_value field in template)
- type=13 = Speed Dial
- type=12 = (user-defined)
- type=1 = Line
## Provisioning URL
- Server: https://fusion.orbishosting.com/app/provision/
- Auth: provision-master / Joker1974!!! (Digest)
- After factory reset: must re-enter manually via Menu > Settings > Advanced > Auto Provision
- Firmware 66.86.0.15: requires power cycle after "Update Now" to register
## fail2ban Whitelist (/etc/fail2ban/jail.local)
- 107.178.2.130 (office)
- 97.154.109.245 (home WAN)
## Phones
- Ext 1000 (Myron): MAC 805ec0350477, firmware 66.86.0.15, IP 10.48.200.2
- Ext 1001 (Tommy): MAC 805e0c150c4f, firmware 66.86.0.160, IP 10.48.200.43
## IVR Audio
- /var/lib/freeswitch/recordings/134.209.72.226/ivr_menu.wav
- American male voice (Festival TTS), 27s, 8kHz 16-bit mono PCM
## mod_presence
- NOT installed — FreeSWITCH built from source at /usr/src/freeswitch-1.11/
- Basic extension BLF works via manage-presence=true on internal sofia profile
- Park slot BLF would require mod_presence — workaround: Speed Dial buttons
infra/fusionpbx/fail2ban/jail.local
+10
View File
@@ -0,0 +1,10 @@
[DEFAULT]
ignoreip = 127.0.0.1/8 ::1 107.178.2.130 97.154.109.245
[ssh]
enabled = true
port = 22
protocol = ssh
filter = sshd
logpath = /var/log/auth.log
action = iptables-allports[name=sshd, protocol=all]
infra/fusionpbx/nginx_yealink_rewrite.txt
+9
View File
@@ -0,0 +1,9 @@
# In /etc/nginx/sites-enabled/fusionpbx
# Critical fix: pass file= param so FusionPBX returns a boot file (not full config)
# Phone ignores DSS/BLF keys when received in a .boot file — must come from .cfg
# CORRECT:
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.boot)$" /app/provision/index.php?mac=$1&file=%7b%24mac%7d.boot;
# WRONG (original — serves full 122KB config as .boot, phone ignores linekeys):
# rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.boot)$" /app/provision/index.php?mac=$1;
infra/fusionpbx/provision/yealink/t48s/y000000000000.boot
+7
View File
@@ -0,0 +1,7 @@
#!version:1.0.0.1
## The header above must appear as-is in the first line
include:config "y000000000065.cfg"
include:config "{$mac}.cfg"
overwrite_mode = 1
infra/fusionpbx/provision/yealink/t48s/{$mac}.boot
+7
View File
@@ -0,0 +1,7 @@
#!version:1.0.0.1
## The header above must appear as-is in the first line
include:config "y000000000065.cfg"
include:config "{$mac}.cfg"
overwrite_mode = 1
infra/systemd/do-agent.service
+19
View File
@@ -0,0 +1,19 @@
[Unit]
Description=The DigitalOcean Monitoring Agent
After=network-online.target
Wants=network-online.target
[Service]
User=do-agent
ExecStart=/opt/digitalocean/bin/do-agent --syslog
Restart=always
OOMScoreAdjust=-900
SyslogIdentifier=DigitalOceanAgent
PrivateTmp=yes
ProtectSystem=full
ProtectHome=yes
NoNewPrivileges=yes
[Install]
WantedBy=multi-user.target
infra/systemd/droplet-agent.service
+19
View File
@@ -0,0 +1,19 @@
[Unit]
Description=The DigitalOcean Droplet Agent
After=network-online.target
Wants=network-online.target
[Service]
User=root
Environment=TERM=xterm-256color
ExecStart=/opt/digitalocean/bin/droplet-agent
Restart=always
RestartSec=10
TimeoutStopSec=90
KillMode=process
OOMScoreAdjust=-900
SyslogIdentifier=DropletAgent
[Install]
WantedBy=multi-user.target
infra/systemd/fastapi_ssh_server.service
+14
View File
@@ -0,0 +1,14 @@
[Unit]
Description=FastAPI SSH Web Terminal Server
After=network.target
[Service]
Type=simple
WorkingDirectory=/usr/local/CyberCP
ExecStart=/usr/local/CyberCP/bin/python3 -m uvicorn fastapi_ssh_server:app --host 0.0.0.0 --port 8888 --ssl-keyfile=/usr/local/lscp/conf/key.pem --ssl-certfile=/usr/local/lscp/conf/cert.pem
Restart=on-failure
User=root
Group=root
[Install]
WantedBy=multi-user.target
infra/systemd/jarvis-agent.service
+14
View File
@@ -0,0 +1,14 @@
[Unit]
Description=JARVIS Agent
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/python3 /usr/local/bin/jarvis-agent.py
Restart=always
RestartSec=30
User=root
[Install]
WantedBy=multi-user.target
mysql/databases.txt
View File
mysql/my.cnf
+4
View File
@@ -0,0 +1,4 @@
[client]
user=root
password="Z9Of4NVs6ji74x"
network/50-cloud-init.yaml
+35
View File
@@ -0,0 +1,35 @@
network:
version: 2
ethernets:
eth0:
match:
macaddress: "ca:f2:89:fc:20:19"
addresses:
- "165.22.1.228/20"
- "10.10.0.6/16"
- "2604:A880:0400:00D1:0000:0004:6C93:1001/64"
nameservers:
addresses:
- 67.207.67.2
- 67.207.67.3
search: []
accept-ra: false
set-name: "eth0"
mtu: 1500
routes:
- to: "::/0"
via: "2604:A880:0400:00D1:0000:0000:0000:0001"
- to: "0.0.0.0/0"
via: "165.22.0.1"
eth1:
match:
macaddress: "a6:ed:de:24:aa:2b"
addresses:
- "10.116.0.5/20"
nameservers:
addresses:
- 67.207.67.2
- 67.207.67.3
search: []
set-name: "eth1"
mtu: 1500
network/hostname
+1
View File
@@ -0,0 +1 @@
orbis
network/hosts
+15
View File
@@ -0,0 +1,15 @@
# Your system has configured 'manage_etc_hosts' as True.
# As a result, if you wish for changes to this file to persist
# then you will need to either
# a.) make changes to the master file in /etc/cloud/templates/hosts.debian.tmpl
# b.) change or remove the value of 'manage_etc_hosts' in
# /etc/cloud/cloud.cfg or cloud-config from user-data
#
127.0.0.1 localhost
127.0.1.1 orbis.orbishosting.com
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ols-vhosts/epictravelexpeditions.com/vhost.conf
Executable
+95
View File
@@ -0,0 +1,95 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@epictravelexpeditions.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:epict6387 php
}
extprocessor epict6387 {
type lsapi
address UDS://tmp/lshttpd/epict6387.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser epict6387
extGroup epict6387
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/epictravelexpeditions.com/privkey.pem
certFile /etc/letsencrypt/live/epictravelexpeditions.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
<Directory /home/admin_epicftp/public_html>
AllowOverride All
Require all granted
</Directory>
ols-vhosts/httpd_vhosts_summary.txt
+90
View File
@@ -0,0 +1,90 @@
address uds://tmp/lshttpd/lsphp.sock
virtualHost Example{
vhRoot Example/
configFile conf/vhosts/Example/vhconf.conf
listener Default{
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map tomtomgames.com tomtomgames.com
address *:80
listeners Default
listeners Default
virtualHost tomtomgames.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
listener SSL {
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
address *:443
map tomtomgames.com tomtomgames.com
virtualHost mail.tomtomgames.com {
vhRoot /home/tomtomgames.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
listener SSL IPv6 {
map mail.jarvis.orbishosting.com mail.jarvis.orbishosting.com
map jarvis.orbishosting.com jarvis.orbishosting.com
map mail.tomtomgames.com mail.tomtomgames.com
map orbis.orbishosting.com orbis.orbishosting.com
map mail.parkerslingshotrentals.com mail.parkerslingshotrentals.com
map parkerslingshotrentals.com parkerslingshotrentals.com
map mail.tomsjavajive.com mail.tomsjavajive.com
map tomsjavajive.com tomsjavajive.com
map mail.epictravelexpeditions.com mail.epictravelexpeditions.com
map epictravelexpeditions.com epictravelexpeditions.com
map mail.orbishosting.com mail.orbishosting.com
map orbishosting.com orbishosting.com
address [ANY]:443
map mail.tomtomgames.com mail.tomtomgames.com
virtualHost orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost mail.orbishosting.com {
vhRoot /home/orbishosting.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost epictravelexpeditions.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost mail.epictravelexpeditions.com {
vhRoot /home/epictravelexpeditions.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost tomsjavajive.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost mail.tomsjavajive.com {
vhRoot /home/tomsjavajive.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost parkerslingshotrentals.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost mail.parkerslingshotrentals.com {
vhRoot /home/parkerslingshotrentals.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost orbis.orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost jarvis.orbishosting.com {
vhRoot /home/$VH_NAME
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
virtualHost mail.jarvis.orbishosting.com {
vhRoot /home/jarvis.orbishosting.com
configFile $SERVER_ROOT/conf/vhosts/$VH_NAME/vhost.conf
ols-vhosts/jarvis.orbishosting.com/vhost.conf
Executable
+95
View File
@@ -0,0 +1,95 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@orbishosting.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:jarvi5150 php
}
extprocessor jarvi5150 {
type lsapi
address UDS://tmp/lshttpd/jarvi5150.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser jarvi5150
extGroup jarvi5150
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
rules <<<END_RULES
RewriteRule ^/api(/.*)?$ /api.php [QSA,L]
END_RULES
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/jarvis.orbishosting.com/privkey.pem
certFile /etc/letsencrypt/live/jarvis.orbishosting.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.epictravelexpeditions.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/epictravelexpeditions.com/mail.epictravelexpeditions.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@epictravelexpeditions.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/epictravelexpeditions.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/epictravelexpeditions.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:epict63878843 php
}
extprocessor epict63878843 {
type lsapi
address UDS://tmp/lshttpd/epict63878843.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser epict6387
extGroup epict6387
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.epictravelexpeditions.com/privkey.pem
certFile /etc/letsencrypt/live/mail.epictravelexpeditions.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.jarvis.orbishosting.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/jarvis.orbishosting.com/mail.jarvis.orbishosting.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@orbishosting.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/jarvis.orbishosting.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/jarvis.orbishosting.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:jarvi51504675 php
}
extprocessor jarvi51504675 {
type lsapi
address UDS://tmp/lshttpd/jarvi51504675.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser jarvi5150
extGroup jarvi5150
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.jarvis.orbishosting.com/privkey.pem
certFile /etc/letsencrypt/live/mail.jarvis.orbishosting.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.orbishosting.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/orbishosting.com/mail.orbishosting.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@orbishosting.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/orbishosting.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/orbishosting.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:orbis26822325 php
}
extprocessor orbis26822325 {
type lsapi
address UDS://tmp/lshttpd/orbis26822325.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser orbis2682
extGroup orbis2682
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.orbishosting.com/privkey.pem
certFile /etc/letsencrypt/live/mail.orbishosting.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.parkerslingshotrentals.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/parkerslingshotrentals.com/mail.parkerslingshotrentals.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@parkerslingshotrentals.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/parkerslingshotrentals.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/parkerslingshotrentals.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:parke19097990 php
}
extprocessor parke19097990 {
type lsapi
address UDS://tmp/lshttpd/parke19097990.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser parke1909
extGroup parke1909
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.parkerslingshotrentals.com/privkey.pem
certFile /etc/letsencrypt/live/mail.parkerslingshotrentals.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.tomsjavajive.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/tomsjavajive.com/mail.tomsjavajive.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@tomsjavajive.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/tomsjavajive.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/tomsjavajive.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:tomsj47102323 php
}
extprocessor tomsj47102323 {
type lsapi
address UDS://tmp/lshttpd/tomsj47102323.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser tomsj4710
extGroup tomsj4710
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.tomsjavajive.com/privkey.pem
certFile /etc/letsencrypt/live/mail.tomsjavajive.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/mail.tomtomgames.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot /home/tomtomgames.com/mail.tomtomgames.com
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@tomtomgames.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/tomtomgames.com.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/tomtomgames.com.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
scripthandler {
add lsapi:tomto88683808 php
}
extprocessor tomto88683808 {
type lsapi
address UDS://tmp/lshttpd/tomto88683808.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 60
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp73/bin/lsphp
extUser tomto8868
extGroup tomto8868
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/mail.tomtomgames.com/privkey.pem
certFile /etc/letsencrypt/live/mail.tomtomgames.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/orbis.orbishosting.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@cyberpanel.net
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:orbis1968 php
}
extprocessor orbis1968 {
type lsapi
address UDS://tmp/lshttpd/orbis1968.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp80/bin/lsphp
extUser orbis1968
extGroup orbis1968
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/orbis.orbishosting.com/privkey.pem
certFile /etc/letsencrypt/live/orbis.orbishosting.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/orbishosting.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@orbishosting.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:orbis2682 php
}
extprocessor orbis2682 {
type lsapi
address UDS://tmp/lshttpd/orbis2682.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser orbis2682
extGroup orbis2682
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/orbishosting.com/privkey.pem
certFile /etc/letsencrypt/live/orbishosting.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/parkerslingshotrentals.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@parkerslingshotrentals.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:parke1909 php
}
extprocessor parke1909 {
type lsapi
address UDS://tmp/lshttpd/parke1909.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser parke1909
extGroup parke1909
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/parkerslingshotrentals.com/privkey.pem
certFile /etc/letsencrypt/live/parkerslingshotrentals.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/site-list.txt
+9
View File
@@ -0,0 +1,9 @@
# Websites on DO server — 2026-06-09
- epictravelexpeditions.com (5.4M)
- jarvis.orbishosting.com (440K)
- orbishosting.com (113M)
- orbis.orbishosting.com (288K)
- parkerslingshotrentals.com (1.6M)
- tomsjavajive.com (5.0M)
- tomtomgames.com (4.3M)
ols-vhosts/tomsjavajive.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@tomsjavajive.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:tomsj4710 php
}
extprocessor tomsj4710 {
type lsapi
address UDS://tmp/lshttpd/tomsj4710.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser tomsj4710
extGroup tomsj4710
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/tomsjavajive.com/privkey.pem
certFile /etc/letsencrypt/live/tomsjavajive.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
ols-vhosts/tomtomgames.com/vhost.conf
Executable
+91
View File
@@ -0,0 +1,91 @@
docRoot $VH_ROOT/public_html
vhDomain $VH_NAME
vhAliases www.$VH_NAME
adminEmails admin@tomtomgames.com
enableGzip 1
enableIpGeo 1
index {
useServer 0
indexFiles index.php, index.html
}
errorlog $VH_ROOT/logs/$VH_NAME.error_log {
useServer 0
logLevel WARN
rollingSize 10M
}
accesslog $VH_ROOT/logs/$VH_NAME.access_log {
useServer 0
logFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
logHeaders 5
rollingSize 10M
keepDays 10
compressArchive 1
}
scripthandler {
add lsapi:tomto8868 php
}
extprocessor tomto8868 {
type lsapi
address UDS://tmp/lshttpd/tomto8868.sock
maxConns 10
env LSAPI_CHILDREN=10
initTimeout 600
retryTimeout 0
persistConn 1
pcKeepAliveTimeout 1
respBuffer 0
autoStart 1
path /usr/local/lsws/lsphp85/bin/lsphp
extUser tomto8868
extGroup tomto8868
memSoftLimit 1024M
memHardLimit 1024M
procSoftLimit 400
procHardLimit 500
}
phpIniOverride {
}
module cache {
storagePath /usr/local/lsws/cachedata/$VH_NAME
}
rewrite {
enable 1
autoLoadHtaccess 1
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
rewrite {
enable 0
}
addDefaultCharset off
phpIniOverride {
}
}
vhssl {
keyFile /etc/letsencrypt/live/tomtomgames.com/privkey.pem
certFile /etc/letsencrypt/live/tomtomgames.com/fullchain.pem
certChain 1
sslProtocol 24
enableECDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
scripts/do-server-backup
Executable
+17
View File
@@ -0,0 +1,17 @@
#!/usr/bin/env bash
PAT="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"
REPO_URL="https://${PAT}@github.com/myronblair/do-server-config.git"
REPO_DIR="/opt/do-server-config"
if [[ -d "$REPO_DIR/.git" ]]; then
cd "$REPO_DIR"
git config user.email "backup@orbishosting.com"
git config user.name "DO Server Backup"
git pull --rebase origin main -q 2>/dev/null || true
else
git clone "$REPO_URL" "$REPO_DIR"
cd "$REPO_DIR"
git config user.email "backup@orbishosting.com"
git config user.name "DO Server Backup"
fi
exec bash "$REPO_DIR/backup.sh"
scripts/jarvis-agent.py
Executable
+477
View File
@@ -0,0 +1,477 @@
#!/usr/bin/env python3
"""
JARVIS Agent — lightweight system monitor for Linux machines.
Registers with JARVIS, reports metrics, and executes commands.
Install: sudo bash /opt/jarvis-agent/install.sh
Config: /etc/jarvis-agent/config.json
Logs: journalctl -u jarvis-agent -f
"""
import json
import os
import platform
import socket
import subprocess
import sys
import time
import urllib.request
import urllib.error
import uuid
from datetime import datetime
from pathlib import Path
CONFIG_PATH = "/etc/jarvis-agent/config.json"
STATE_PATH = "/var/lib/jarvis-agent/state.json"
AGENT_VERSION = "2.3" # bumped on each release
# ── Config helpers ────────────────────────────────────────────────────────────
def load_config() -> dict:
if not os.path.exists(CONFIG_PATH):
print(f"[ERROR] Config not found at {CONFIG_PATH}. Run the installer first.", flush=True)
sys.exit(1)
with open(CONFIG_PATH) as f:
return json.load(f)
def load_state() -> dict:
if os.path.exists(STATE_PATH):
with open(STATE_PATH) as f:
return json.load(f)
return {}
def save_state(state: dict):
Path(STATE_PATH).parent.mkdir(parents=True, exist_ok=True)
with open(STATE_PATH, "w") as f:
json.dump(state, f, indent=2)
# ── HTTP helpers ──────────────────────────────────────────────────────────────
import ssl as _ssl
def _make_ssl_ctx(verify: bool) -> _ssl.SSLContext | None:
if not verify:
ctx = _ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = _ssl.CERT_NONE
return ctx
return None
_host_header: str = "" # set from config at startup
def api_post(url: str, payload: dict, headers: dict = {}, timeout: int = 15,
ssl_verify: bool = True) -> dict:
body = json.dumps(payload).encode()
req = urllib.request.Request(url, data=body, method="POST")
req.add_header("Content-Type", "application/json")
req.add_header("User-Agent", "JARVIS-Agent/1.0")
if _host_header:
req.add_header("Host", _host_header)
for k, v in headers.items():
req.add_header(k, v)
try:
ctx = _make_ssl_ctx(ssl_verify)
with urllib.request.urlopen(req, timeout=timeout, context=ctx) as resp:
return json.loads(resp.read().decode())
except urllib.error.HTTPError as e:
return {"error": f"HTTP {e.code}: {e.read().decode()[:200]}"}
except Exception as e:
return {"error": str(e)}
def api_get(url: str, headers: dict = {}, timeout: int = 10,
ssl_verify: bool = True) -> dict:
req = urllib.request.Request(url)
req.add_header("User-Agent", "JARVIS-Agent/1.0")
if _host_header:
req.add_header("Host", _host_header)
for k, v in headers.items():
req.add_header(k, v)
try:
ctx = _make_ssl_ctx(ssl_verify)
with urllib.request.urlopen(req, timeout=timeout, context=ctx) as resp:
return json.loads(resp.read().decode())
except Exception as e:
return {"error": str(e)}
# ── Registration ──────────────────────────────────────────────────────────────
def get_local_ip() -> str:
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
ip = s.getsockname()[0]
s.close()
return ip
except Exception:
return "unknown"
def detect_capabilities(cfg: dict) -> list:
caps = ["metrics", "commands"]
# Check for Proxmox
if os.path.exists("/usr/bin/pvesh") or os.path.exists("/usr/sbin/pveversion"):
caps.append("proxmox")
# Check for Docker
if os.path.exists("/usr/bin/docker") or os.path.exists("/usr/local/bin/docker"):
caps.append("docker")
# Check for Ollama
if os.path.exists("/usr/local/bin/ollama") or os.path.exists("/usr/bin/ollama"):
caps.append("ollama")
# Check for Home Assistant
if os.path.exists("/etc/homeassistant") or os.path.exists("/config/configuration.yaml"):
caps.append("homeassistant")
return caps
def register(cfg: dict, state: dict) -> str:
"""Register with JARVIS. Returns api_key."""
hostname = cfg.get("hostname", socket.gethostname())
agent_type = cfg.get("agent_type", "linux")
ip = get_local_ip()
capabilities = detect_capabilities(cfg)
agent_id = cfg.get("agent_id", f"{hostname}_{socket.gethostname()[:8]}")
ssl_verify = bool(cfg.get("ssl_verify", True))
print(f"[JARVIS] Registering as '{agent_id}' ({agent_type}) from {ip}...", flush=True)
result = api_post(
f"{cfg['jarvis_url']}/api/agent/register",
{
"hostname": hostname,
"agent_type": agent_type,
"ip_address": ip,
"capabilities": capabilities,
"agent_id": agent_id,
},
headers={"X-Registration-Key": cfg["registration_key"]},
ssl_verify=ssl_verify,
)
if "error" in result:
print(f"[ERROR] Registration failed: {result['error']}", flush=True)
return ""
api_key = result.get("api_key", "")
if api_key:
state["api_key"] = api_key
state["agent_id"] = result.get("agent_id", agent_id)
save_state(state)
print(f"[JARVIS] Registered. agent_id={state['agent_id']}", flush=True)
return api_key
# ── Metrics collection ────────────────────────────────────────────────────────
def read_cpu_percent() -> float:
try:
with open("/proc/stat") as f:
line = f.readline()
fields = list(map(int, line.split()[1:]))
idle = fields[3]
total = sum(fields)
return round((1 - idle / total) * 100, 1) if total else 0.0
except Exception:
return 0.0
_last_cpu = None
def get_cpu_percent() -> float:
global _last_cpu
try:
with open("/proc/stat") as f:
line = f.readline()
fields = list(map(int, line.split()[1:]))
idle = fields[3] + fields[4] # idle + iowait
total = sum(fields)
if _last_cpu:
d_idle = idle - _last_cpu[0]
d_total = total - _last_cpu[1]
result = round((1 - d_idle / d_total) * 100, 1) if d_total else 0.0
else:
result = 0.0
_last_cpu = (idle, total)
return result
except Exception:
return 0.0
def get_memory() -> dict:
mem = {}
try:
with open("/proc/meminfo") as f:
for line in f:
parts = line.split()
if parts[0] in ("MemTotal:", "MemAvailable:", "MemFree:", "Buffers:", "Cached:"):
mem[parts[0].rstrip(":")] = int(parts[1])
total = mem.get("MemTotal", 0)
available = mem.get("MemAvailable", 0)
used = total - available
return {
"total_mb": round(total / 1024, 1),
"used_mb": round(used / 1024, 1),
"free_mb": round(available / 1024, 1),
"percent": round(used / total * 100, 1) if total else 0,
}
except Exception:
return {}
def get_disk() -> list:
disks = []
try:
result = subprocess.run(["df", "-h", "--output=source,fstype,size,used,avail,pcent,target"],
capture_output=True, text=True, timeout=5)
lines = result.stdout.strip().split("\n")[1:]
for line in lines:
parts = line.split()
if len(parts) >= 7:
mount = parts[6]
if not any(mount.startswith(x) for x in ["/sys", "/proc", "/dev/pts", "/run", "/snap"]):
disks.append({
"mount": mount,
"size": parts[2],
"used": parts[3],
"avail": parts[4],
"percent": parts[5].rstrip("%"),
})
except Exception:
pass
return disks
def get_uptime() -> dict:
try:
with open("/proc/uptime") as f:
secs = float(f.read().split()[0])
days = int(secs // 86400)
hours = int((secs % 86400) // 3600)
minutes = int((secs % 3600) // 60)
return {"seconds": int(secs), "days": days, "hours": hours, "minutes": minutes,
"human": f"{days}d {hours}h {minutes}m"}
except Exception:
return {}
def get_services(cfg: dict) -> list:
watch = cfg.get("watch_services", ["ollama", "homeassistant", "mysql", "nginx", "apache2"])
statuses = []
for svc in watch:
try:
r = subprocess.run(["systemctl", "is-active", svc], capture_output=True, text=True, timeout=3)
statuses.append({"service": svc, "status": r.stdout.strip()})
except Exception:
statuses.append({"service": svc, "status": "unknown"})
return statuses
def get_load() -> list:
try:
with open("/proc/loadavg") as f:
parts = f.read().split()
return [float(parts[0]), float(parts[1]), float(parts[2])]
except Exception:
return [0, 0, 0]
def collect_metrics(cfg: dict) -> dict:
# First reading for CPU delta
get_cpu_percent()
time.sleep(1)
return {
"hostname": cfg.get("hostname", socket.gethostname()),
"cpu_percent": get_cpu_percent(),
"memory": get_memory(),
"disk": get_disk(),
"uptime": get_uptime(),
"load": get_load(),
"services": get_services(cfg),
"platform": platform.system(),
"timestamp": datetime.utcnow().isoformat() + "Z",
}
# ── Proxmox metrics ───────────────────────────────────────────────────────────
def collect_proxmox_metrics(cfg: dict) -> dict | None:
try:
result = subprocess.run(
["pvesh", "get", "/nodes/pve/status", "--output-format", "json"],
capture_output=True, text=True, timeout=10
)
node_status = json.loads(result.stdout)
vms_result = subprocess.run(
["pvesh", "get", "/nodes/pve/qemu", "--output-format", "json"],
capture_output=True, text=True, timeout=10
)
vms = json.loads(vms_result.stdout)
return {"node": node_status, "vms": vms}
except Exception as e:
return {"error": str(e)}
# ── Command execution ─────────────────────────────────────────────────────────
def execute_command(cmd: dict) -> dict:
cmd_type = cmd.get("command_type", "")
cmd_data = cmd.get("command_data", {})
try:
if cmd_type == "restart_service":
svc = cmd_data.get("service", "")
if not svc or "/" in svc:
return {"success": False, "error": "Invalid service name"}
r = subprocess.run(["systemctl", "restart", svc], capture_output=True, text=True, timeout=30)
return {"success": r.returncode == 0, "stdout": r.stdout, "stderr": r.stderr}
elif cmd_type == "get_logs":
svc = cmd_data.get("service", "")
lines = min(int(cmd_data.get("lines", 50)), 200)
if not svc or "/" in svc:
return {"success": False, "error": "Invalid service name"}
r = subprocess.run(["journalctl", "-u", svc, "-n", str(lines), "--no-pager"],
capture_output=True, text=True, timeout=15)
return {"success": True, "output": r.stdout}
elif cmd_type == "ping":
host = cmd_data.get("host", "8.8.8.8")
r = subprocess.run(["ping", "-c", "3", "-W", "2", host], capture_output=True, text=True, timeout=15)
return {"success": r.returncode == 0, "output": r.stdout}
elif cmd_type == "update":
updated = self_update(cfg)
return {"success": True, "updated": updated}
elif cmd_type == "shell":
# Guard reads LOCAL config, not the server-supplied payload
if not cfg.get("allow_shell_commands", False):
return {"success": False, "error": "Shell commands not enabled in agent config"}
cmd_str = cmd_data.get("command", "")
r = subprocess.run(cmd_str, shell=True, capture_output=True, text=True, timeout=30)
return {"success": True, "stdout": r.stdout[:2000], "stderr": r.stderr[:500]}
else:
return {"success": False, "error": f"Unknown command type: {cmd_type}"}
except subprocess.TimeoutExpired:
return {"success": False, "error": "Command timed out"}
except Exception as e:
return {"success": False, "error": str(e)}
# ── Main loop ─────────────────────────────────────────────────────────────────
def main():
global _host_header
cfg = load_config()
state = load_state()
jarvis_url = cfg["jarvis_url"].rstrip("/")
ssl_verify = bool(cfg.get("ssl_verify", True))
_host_header = cfg.get("host_header", "")
poll_interval = int(cfg.get("poll_interval", 30))
heartbeat_every = int(cfg.get("heartbeat_every", 10))
# Register if no API key yet — loop (not recurse) to avoid stack overflow
api_key = state.get("api_key", "")
while not api_key:
api_key = register(cfg, state)
if not api_key:
print("[ERROR] Could not register with JARVIS. Retrying in 60s...", flush=True)
time.sleep(60)
headers = {"X-Agent-Key": api_key}
last_metrics = 0
last_update_chk = 0
update_interval = int(cfg.get("update_check_hours", 24)) * 3600
tick = 0
print(f"[JARVIS] Agent v{AGENT_VERSION} running. Polling {jarvis_url} every {heartbeat_every}s.", flush=True)
while True:
tick += 1
now = time.time()
try:
# Heartbeat + get commands
hb = api_post(f"{jarvis_url}/api/agent/heartbeat", {}, headers, ssl_verify=ssl_verify)
if "error" in hb:
print(f"[WARN] Heartbeat failed: {hb['error']}", flush=True)
else:
commands = hb.get("commands", [])
for cmd in commands:
print(f"[CMD] Executing: {cmd['command_type']}", flush=True)
result = execute_command(cmd)
api_post(f"{jarvis_url}/api/agent/command_result",
{"command_id": cmd["id"], "success": result.get("success", False), "result": result},
headers, ssl_verify=ssl_verify)
# Self-update check (every update_interval seconds, default 24h)
if now - last_update_chk >= update_interval:
last_update_chk = now
self_update(cfg) # restarts process if update found
# Push metrics every poll_interval seconds
if now - last_metrics >= poll_interval:
metrics = collect_metrics(cfg)
api_post(f"{jarvis_url}/api/agent/metrics",
{"type": "system", "data": metrics}, headers, ssl_verify=ssl_verify)
# Proxmox metrics if available
if "proxmox" in detect_capabilities(cfg):
px = collect_proxmox_metrics(cfg)
if px:
api_post(f"{jarvis_url}/api/agent/metrics",
{"type": "proxmox", "data": px}, headers, ssl_verify=ssl_verify)
last_metrics = now
except Exception as e:
print(f"[ERROR] Loop error: {e}", flush=True)
time.sleep(heartbeat_every)
# ── Self-update ────────────────────────────────────────────────────────────────
def self_update(cfg: dict) -> bool:
"""Check JARVIS server for a newer version of this script.
Verifies SHA-256 hash from <update_url>.sha256 before replacing."""
import hashlib
jarvis_url = cfg.get("jarvis_url", "").rstrip("/")
default_update_url = f"{jarvis_url}/agent/jarvis-agent.py" if jarvis_url else ""
update_url = cfg.get("update_url", default_update_url)
if not update_url:
return False
script_path = os.path.abspath(__file__)
try:
# Download expected hash first
hash_url = update_url + ".sha256"
req_hash = urllib.request.Request(hash_url)
req_hash.add_header("User-Agent", "JARVIS-Agent/1.0")
if _host_header:
req_hash.add_header("Host", _host_header)
try:
with urllib.request.urlopen(req_hash, timeout=10) as resp:
expected_hash = resp.read().decode().strip().split()[0]
except Exception:
expected_hash = None
# Download new script
req = urllib.request.Request(update_url)
req.add_header("User-Agent", "JARVIS-Agent/1.0")
if _host_header:
req.add_header("Host", _host_header)
with urllib.request.urlopen(req, timeout=30) as resp:
new_content = resp.read()
# Verify hash if available — abort if mismatch
if expected_hash:
actual_hash = hashlib.sha256(new_content).hexdigest()
if actual_hash != expected_hash:
print(f"[JARVIS] Update hash mismatch (expected {expected_hash[:16]}… got {actual_hash[:16]}…) — aborting", flush=True)
return False
with open(script_path, "rb") as f:
current = f.read()
if new_content != current:
print(f"[JARVIS] Update verified — replacing {script_path} and restarting...", flush=True)
with open(script_path, "wb") as f:
f.write(new_content)
os.execv(sys.executable, [sys.executable] + sys.argv)
return True
return False
except Exception as e:
print(f"[JARVIS] Self-update check failed: {e}", flush=True)
return False
if __name__ == "__main__":
main()
scripts/jarvis-backup.sh
Executable
+97
View File
@@ -0,0 +1,97 @@
#!/bin/bash
# JARVIS Full Backup — websites + databases
# Runs daily via cron, also triggered on-demand from admin portal
BACKUP_DIR="/var/backups/jarvis"
LOCK_FILE="$BACKUP_DIR/backup.lock"
LOG_FILE="$BACKUP_DIR/backup.log"
MANIFEST="$BACKUP_DIR/manifest.json"
KEEP_DAYS=7
DB_USER="root"
DB_PASS="b71e5c1a8c7457541b9c1db822de37adfa271926a38b6c20"
DATABASES="jarvis_db toms_tjj_db tomt_ttg_db epic_parkersling epic_epic_db parker_db"
SITES=(
"/home/epictravelexpeditions.com/public_html"
"/home/epictravelexpeditions.com/parkerslingshot"
"/home/jarvis.orbishosting.com/public_html"
"/home/orbishosting.com/public_html"
"/home/orbis.orbishosting.com/public_html"
"/home/parkerslingshotrentals.com/public_html"
"/home/tomsjavajive.com/public_html"
"/home/tomtomgames.com/public_html"
)
mkdir -p "$BACKUP_DIR"
# Prevent concurrent runs
if [ -f "$LOCK_FILE" ]; then
AGE=$(( $(date +%s) - $(stat -c %Y "$LOCK_FILE") ))
if [ "$AGE" -lt 3600 ]; then
echo "$(date): Backup already running (lock age ${AGE}s)" >> "$LOG_FILE"
exit 1
fi
rm -f "$LOCK_FILE"
fi
TIMESTAMP=$(date +%Y-%m-%d_%H-%M-%S)
WORK_DIR=$(mktemp -d)
BACKUP_NAME="jarvis_backup_${TIMESTAMP}"
FINAL_FILE="$BACKUP_DIR/${BACKUP_NAME}.tar.gz"
echo "$(date): Starting backup $TIMESTAMP" > "$LOG_FILE"
echo "$TIMESTAMP" > "$LOCK_FILE"
trap "rm -f '$LOCK_FILE'; rm -rf '$WORK_DIR'" EXIT
mkdir -p "$WORK_DIR/sql" "$WORK_DIR/sites"
# ── SQL Dumps ────────────────────────────────────────────────────────────────
echo "$(date): Dumping databases..." >> "$LOG_FILE"
for DB in $DATABASES; do
mysqldump -u"$DB_USER" -p"$DB_PASS" --single-transaction --quick \
"$DB" 2>/dev/null > "$WORK_DIR/sql/${DB}.sql"
if [ $? -eq 0 ]; then
SIZE=$(du -sh "$WORK_DIR/sql/${DB}.sql" | cut -f1)
echo "$(date): $DB$SIZE" >> "$LOG_FILE"
else
echo "$(date): $DB — FAILED (may not exist)" >> "$LOG_FILE"
rm -f "$WORK_DIR/sql/${DB}.sql"
fi
done
# ── Website Files ────────────────────────────────────────────────────────────
echo "$(date): Archiving website files..." >> "$LOG_FILE"
for SITE in "${SITES[@]}"; do
if [ -d "$SITE" ]; then
SLUG=$(echo "$SITE" | sed 's|/home/||;s|/|_|g')
tar -czf "$WORK_DIR/sites/${SLUG}.tar.gz" -C "$(dirname "$SITE")" "$(basename "$SITE")" 2>/dev/null
SIZE=$(du -sh "$WORK_DIR/sites/${SLUG}.tar.gz" | cut -f1)
echo "$(date): $SITE$SIZE" >> "$LOG_FILE"
fi
done
# ── Final Archive ────────────────────────────────────────────────────────────
echo "$(date): Creating final archive..." >> "$LOG_FILE"
tar -czf "$FINAL_FILE" -C "$WORK_DIR" sql sites 2>/dev/null
FINAL_SIZE=$(du -sh "$FINAL_FILE" | cut -f1)
FINAL_BYTES=$(stat -c %s "$FINAL_FILE")
echo "$(date): Done — $FINAL_FILE ($FINAL_SIZE)" >> "$LOG_FILE"
# ── Update Manifest ───────────────────────────────────────────────────────────
BACKUPS_JSON="["
FIRST=1
for F in $(ls -t "$BACKUP_DIR"/jarvis_backup_*.tar.gz 2>/dev/null); do
FNAME=$(basename "$F")
FSIZE=$(stat -c %s "$F")
FDATE=$(stat -c %y "$F" | cut -d. -f1)
[ $FIRST -eq 0 ] && BACKUPS_JSON+=","
BACKUPS_JSON+="{\"file\":\"$FNAME\",\"size\":$FSIZE,\"date\":\"$FDATE\"}"
FIRST=0
done
BACKUPS_JSON+="]"
echo "{\"backups\":$BACKUPS_JSON,\"updated\":\"$(date -Iseconds)\"}" > "$MANIFEST"
# ── Cleanup old backups ───────────────────────────────────────────────────────
find "$BACKUP_DIR" -name "jarvis_backup_*.tar.gz" -mtime +$KEEP_DAYS -delete
echo "$(date): Backup complete. Kept last $KEEP_DAYS days." >> "$LOG_FILE"
scripts/jarvis-deploy.sh
Executable
+84
View File
@@ -0,0 +1,84 @@
#!/bin/bash
# JARVIS Auto-Deploy Runner — processes GitHub webhook queue every minute.
# Validates PHP syntax before deploying; auto-reverts on bad code.
# Restarts OLS after JARVIS deploys to pick up PHP changes.
QUEUE=/tmp/jarvis-deploy-queue.txt
LOG=/home/jarvis.orbishosting.com/logs/deploy.log
PHP=/usr/bin/php8.3
TS() { date '+%Y-%m-%d %H:%M:%S'; }
log() { echo "[$(TS)] $1" >> "$LOG"; }
[ ! -f "$QUEUE" ] && exit 0
[ ! -s "$QUEUE" ] && exit 0
# Atomically take ownership of the queue via rename — prevents TOCTOU loss of
# entries written between a cat and truncate
PROCESSING="${QUEUE}.processing"
mv "$QUEUE" "$PROCESSING" 2>/dev/null || exit 0
SNAPSHOT=$(cat "$PROCESSING")
rm -f "$PROCESSING"
while IFS= read -r path; do
[ -z "$path" ] && continue
[ ! -d "$path/.git" ] && log "SKIP $path — not a git repo" && continue
log "Deploying $path"
cd "$path" || continue
BEFORE=$(git rev-parse HEAD 2>/dev/null)
git fetch origin main >> "$LOG" 2>&1
REMOTE=$(git rev-parse origin/main 2>/dev/null)
if [ "$BEFORE" = "$REMOTE" ]; then
log "Already up to date: $path"
continue
fi
git pull origin main >> "$LOG" 2>&1
AFTER=$(git rev-parse HEAD 2>/dev/null)
CHANGED=$(git diff --name-only "$BEFORE" "$AFTER" 2>/dev/null)
# PHP syntax validation — check every changed .php file
SYNTAX_OK=true
BAD_FILE=""
while IFS= read -r f; do
[[ "$f" != *.php ]] && continue
[ ! -f "$f" ] && continue
if ! $PHP -l "$f" > /dev/null 2>&1; then
SYNTAX_OK=false
BAD_FILE="$f"
break
fi
done <<< "$CHANGED"
if [ "$SYNTAX_OK" = false ]; then
log "SYNTAX ERROR in $BAD_FILE — reverting locally and pushing revert to GitHub"
git reset --hard "$BEFORE" >> "$LOG" 2>&1
# Push the revert so GitHub matches the live server — prevents infinite re-deploy loop
git push --force origin HEAD:main >> "$LOG" 2>&1
PUSH_EXIT=$?
if [ $PUSH_EXIT -ne 0 ]; then
log "WARNING: Force-push of revert failed (exit $PUSH_EXIT) — bad commit still on GitHub"
fi
# Insert alert into JARVIS DB
BAD_ESCAPED=$(printf '%s' "$BAD_FILE" | sed "s/'/\\\\\\'/g")
mysql -u jarvis_user -pJ4rv1s_Pr0t0c0l_2026! jarvis_db -se \
"INSERT INTO alerts (alert_type,title,message,severity)
VALUES ('deploy_fail','Deploy reverted: syntax error',
'PHP syntax error in $BAD_ESCAPED. Commit $AFTER was reverted and force-pushed to GitHub.','critical');" 2>/dev/null
log "Reverted. Bad commit: $AFTER"
continue
fi
log "Deploy OK ($BEFORE -> $AFTER): $path"
log "Changed: $(echo "$CHANGED" | tr '\n' ' ')"
# Restart OLS after any JARVIS deploy to pick up PHP changes
if [[ "$path" == *"jarvis"* ]]; then
systemctl reload lsws 2>/dev/null || systemctl restart lsws 2>/dev/null
log "OLS reloaded for JARVIS deploy"
fi
done <<< "$SNAPSHOT"
scripts/jarvis-watchdog.sh
Executable
+118
View File
@@ -0,0 +1,118 @@
#!/bin/bash
# JARVIS Self-Healing Watchdog — runs every 5 min via root cron
# Checks: lsws, mysql, redis, JARVIS HTTP, disk, memory
# Auto-heals: restarts failed services, restarts offline Proxmox VM agents
# Logs to: /home/jarvis.orbishosting.com/logs/watchdog.log
LOG=/home/jarvis.orbishosting.com/logs/watchdog.log
MYSQL="mysql -u jarvis_user -pJ4rv1s_Pr0t0c0l_2026! jarvis_db -se"
TS() { date '+%Y-%m-%d %H:%M:%S'; }
log() { echo "[$(TS)] $1" >> "$LOG"; }
# Escape single quotes for MySQL string interpolation in bash
sql_esc() { printf '%s' "$1" | sed "s/'/\\\\''/g"; }
alert() {
local type="$1" title="$2" msg="$3" sev="${4:-warning}"
local e_type e_title e_msg e_sev
e_type=$(sql_esc "$type"); e_title=$(sql_esc "$title")
e_msg=$(sql_esc "$msg"); e_sev=$(sql_esc "$sev")
$MYSQL "INSERT IGNORE INTO alerts (alert_type,title,message,severity,source_key,auto_resolve)
VALUES ('$e_type','$e_title','$e_msg','$e_sev','watchdog:$e_type',1);" 2>/dev/null
}
resolve() {
local e_key
e_key=$(sql_esc "$1")
$MYSQL "UPDATE alerts SET resolved=1,resolved_at=NOW()
WHERE source_key='watchdog:$e_key' AND resolved=0;" 2>/dev/null
}
# ── Service health ─────────────────────────────────────────────────────────────
for SVC in lsws mysql redis; do
if ! systemctl is-active --quiet "$SVC"; then
log "HEAL: $SVC is down — restarting"
systemctl restart "$SVC"
if systemctl is-active --quiet "$SVC"; then
log "HEAL: $SVC restarted successfully"
alert "service_down" "$SVC restarted" "JARVIS watchdog restarted $SVC which was stopped." "warning"
else
log "ERROR: $SVC failed to restart"
alert "service_down" "$SVC failed to restart" "$SVC is down and could not be restarted automatically." "critical"
fi
else
resolve "service_down_$SVC"
fi
done
# ── JARVIS HTTP self-check ─────────────────────────────────────────────────────
HTTP_CODE=$(curl -sk -o /dev/null -w "%{http_code}" --max-time 10 https://jarvis.orbishosting.com/api.php 2>/dev/null)
if [[ "$HTTP_CODE" == "5"* ]] || [[ -z "$HTTP_CODE" ]]; then
log "HEAL: JARVIS HTTP returned $HTTP_CODE — restarting lsws"
systemctl restart lsws
alert "jarvis_http" "JARVIS HTTP error — restarted OLS" "JARVIS returned HTTP $HTTP_CODE. OpenLiteSpeed was restarted." "critical"
else
resolve "jarvis_http"
fi
# ── Disk usage ─────────────────────────────────────────────────────────────────
DISK_PCT=$(df / | awk 'NR==2{print $5}' | tr -d '%')
if [ "$DISK_PCT" -ge 90 ]; then
log "ALERT: Disk at ${DISK_PCT}% (critical)"
alert "disk_critical" "Disk ${DISK_PCT}% full on DO server" "Root filesystem is ${DISK_PCT}% full. Immediate cleanup required." "critical"
elif [ "$DISK_PCT" -ge 80 ]; then
log "WARN: Disk at ${DISK_PCT}%"
alert "disk_warning" "Disk ${DISK_PCT}% full on DO server" "Root filesystem is ${DISK_PCT}% full." "warning"
else
$MYSQL "UPDATE alerts SET resolved=1,resolved_at=NOW() WHERE source_key IN ('watchdog:disk_critical','watchdog:disk_warning') AND resolved=0;" 2>/dev/null
fi
# ── Memory usage ──────────────────────────────────────────────────────────────
MEM_TOTAL=$(grep MemTotal /proc/meminfo | awk '{print $2}')
MEM_AVAIL=$(grep MemAvailable /proc/meminfo | awk '{print $2}')
MEM_PCT=$(( (MEM_TOTAL - MEM_AVAIL) * 100 / MEM_TOTAL ))
if [ "$MEM_PCT" -ge 90 ]; then
log "ALERT: Memory at ${MEM_PCT}%"
alert "mem_critical" "Memory ${MEM_PCT}% used on DO server" "DO server memory is ${MEM_PCT}% used." "critical"
fi
# ── Offline agent auto-restart (Proxmox VMs only) ─────────────────────────────
# Map: agent_id → [proxmox_ip, vmid]
declare -A AGENT_PVE=(
["ollama_vm"]="orbisne.fortiddns.com 210"
["ha_vm"]="orbisne.fortiddns.com 101"
["networkbackup_vm"]="10.48.200.91 302"
)
OFFLINE=$($MYSQL "SELECT agent_id FROM registered_agents
WHERE status='offline' AND last_seen < DATE_SUB(NOW(), INTERVAL 5 MINUTE)
AND agent_type='linux';" 2>/dev/null)
for AID in $OFFLINE; do
# Check if we have a Proxmox mapping for this agent
for KEY in "${!AGENT_PVE[@]}"; do
if [[ "$AID" == *"$KEY"* ]] || [[ "$KEY" == *"$AID"* ]]; then
PVE_INFO=(${AGENT_PVE[$KEY]})
PVE_IP="${PVE_INFO[0]}"
VMID="${PVE_INFO[1]}"
log "HEAL: Attempting to restart jarvis-agent on $AID (VM $VMID @ $PVE_IP)"
sshpass -p 'Joker1974!!!' ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 \
root@"$PVE_IP" \
"qm guest exec $VMID -- systemctl restart jarvis-agent" 2>/dev/null
log "HEAL: Restart command sent to $AID (exit: $?)"
alert "agent_offline" "Auto-restarted agent: $AID" \
"Agent $AID was offline. JARVIS watchdog sent restart command via Proxmox." "warning"
break
fi
done
done
# ── Deploy log rotation (keep last 1000 lines) ────────────────────────────────
for LOGFILE in "$LOG" /home/jarvis.orbishosting.com/logs/deploy.log /home/jarvis.orbishosting.com/logs/cron.log; do
[ -f "$LOGFILE" ] || continue
LINES=$(wc -l < "$LOGFILE")
if [ "$LINES" -gt 1000 ]; then
tail -500 "$LOGFILE" > "${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "$LOGFILE"
fi
done
scripts/ttg-backup.sh
Executable
+35
View File
@@ -0,0 +1,35 @@
#!/bin/bash
BACKUP_DIR="/home/tomtomgames.com/backups"
SITE_DIR="/home/tomtomgames.com/public_html"
DB_NAME="tomt_ttg_db"
DB_USER="tomt_ttg_user"
DB_PASS='q#q+mrOcozsa7I6J'
DATE=$(date +%Y-%m-%d_%H-%M-%S)
SQL_FILE="/tmp/ttg_db_${DATE}.sql"
ZIP_FILE="${BACKUP_DIR}/ttg_backup_${DATE}.zip"
mkdir -p "$BACKUP_DIR"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting backup..."
/usr/bin/mysqldump -u "$DB_USER" "-p${DB_PASS}" "$DB_NAME" > "$SQL_FILE" 2>&1
if [ $? -ne 0 ] || [ ! -s "$SQL_FILE" ]; then
echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: Database export failed"
rm -f "$SQL_FILE"; exit 1
fi
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Database exported ($(du -sh "$SQL_FILE" | cut -f1))"
/usr/bin/zip -r "$ZIP_FILE" "$SITE_DIR" "$SQL_FILE" -x "*/backups/*" > /dev/null 2>&1
RC=$?; rm -f "$SQL_FILE"
if [ $RC -ne 0 ] || [ ! -f "$ZIP_FILE" ]; then
echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: Archive creation failed"
rm -f "$ZIP_FILE"; exit 1
fi
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Archive created: $(basename "$ZIP_FILE") ($(du -sh "$ZIP_FILE" | cut -f1))"
ls -t "${BACKUP_DIR}"/ttg_backup_*.zip 2>/dev/null | tail -n +8 | while read old; do
rm -f "$old"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Pruned: $(basename "$old")"
done
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Backup complete."
smtp-docs/README.md
+15
View File
@@ -0,0 +1,15 @@
# SMTP / Email Credentials — All Websites
Private repository. Contains SMTP and email API credentials for all managed websites.
| Site | Provider | Status |
|------|----------|--------|
| tomsjavajive.com | CyberMail | ✅ Live |
| tomtomgames.com | CyberMail | ✅ Live |
| epictravelexpeditions.com | SendGrid | ⚠️ Key not configured |
| parkerslingshot.epictravelexpeditions.com | Mailjet | ⚠️ Keys not configured |
| parkerslingshotrentals.com | Mailjet | ⚠️ Keys not configured |
**CyberMail dashboard:** https://platform.cyberpersons.com
**API key management:** https://platform.cyberpersons.com/email/api-keys/
**Webmail / hosting:** https://platform.cyberpersons.com/email/webmail/hosting/
smtp-docs/epictravelexpeditions.com.md
+25
View File
@@ -0,0 +1,25 @@
# epictravelexpeditions.com — Email Configuration
**Provider:** CyberMail by CyberPersons
**Status:** ✅ LIVE — uses orbishosting.com verified domain
**Sending domain:** orbishosting.com
## Config File (gitignored)
`/home/epictravelexpeditions.com/public_html/api/config.php`
```php
define("CYBERMAIL_API_KEY", "sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d");
define("MAIL_FROM", "noreply@orbishosting.com");
define("MAIL_FROM_NAME", "Epic Travel Expeditions");
define("ADMIN_EMAIL", "admin@epictravelexpeditions.com");
```
## Mailer File
`/home/epictravelexpeditions.com/public_html/api/includes/mailer.php`
- `sendgridSend()` — now calls CyberMail API (name kept for backward compat)
- `sendContactAlert()` — contact form → admin
- `sendContactConfirmation()` — auto-reply to visitor
## Emails Sent
- Contact form submissions → admin
- Contact confirmation → visitor
smtp-docs/jarvis.orbishosting.com.md
+4
View File
@@ -0,0 +1,4 @@
# jarvis.orbishosting.com — Email Configuration
**Status:** No outbound transactional email configured.
JARVIS is an internal AI dashboard — no customer-facing email sending.
smtp-docs/orbishosting.com.md
+21
View File
@@ -0,0 +1,21 @@
# orbishosting.com — Email Configuration (Shared SMTP Domain)
**Provider:** CyberMail by CyberPersons
**Status:** ✅ LIVE — domain verified
**Used as sending domain for:** epictravelexpeditions.com, parkerslingshot, parkerslingshotrentals.com
## API Credentials (use over HTTPS — DO blocks SMTP port 587)
- **API Key:** `sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d`
- **Endpoint:** `POST https://platform.cyberpersons.com/email/v1/send`
- **Auth:** `Authorization: Bearer {api_key}`
- **From:** `noreply@orbishosting.com`
## SMTP Credentials (for non-DO servers)
- **Host:** mail.cyberpersons.com
- **Port:** 587
- **Security:** STARTTLS
- **Username:** `smtp_6ab6cbe01dd919d7`
- **Password:** `BRYog0jWCrI4vMm3AlTwyXXo5MVzvSmU`
## CyberMail Dashboard
- https://platform.cyberpersons.com
smtp-docs/parkerslingshot.epictravelexpeditions.com.md
+21
View File
@@ -0,0 +1,21 @@
# parkerslingshot.epictravelexpeditions.com — Email Configuration
**Provider:** CyberMail by CyberPersons
**Status:** ✅ LIVE — uses orbishosting.com verified domain
**Sending domain:** orbishosting.com
## Config File (gitignored — db.php)
`/home/epictravelexpeditions.com/parkerslingshot/db.php`
```php
define("CYBERMAIL_API_KEY", "sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d");
define("MAIL_FROM", "noreply@orbishosting.com");
define("MAIL_FROM_NAME", "Parker County Slingshot Rentals");
define("ADMIN_EMAIL", "info@parkerslingshotrentals.com");
```
## Emails Sent
- Booking confirmation → customer
- Booking alert → admin
- Payment declined notice → customer + admin
- Waiver signed confirmation → customer + admin
smtp-docs/parkerslingshotrentals.com.md
+21
View File
@@ -0,0 +1,21 @@
# parkerslingshotrentals.com — Email Configuration
**Provider:** CyberMail by CyberPersons
**Status:** ✅ LIVE — uses orbishosting.com verified domain
**Sending domain:** orbishosting.com
## Config File (in git — db.php)
`/home/parkerslingshotrentals.com/public_html/db.php`
```php
define("CYBERMAIL_API_KEY", "sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d");
define("MAIL_FROM", "noreply@orbishosting.com");
define("MAIL_FROM_NAME", "Parker County Slingshot Rentals");
define("ADMIN_EMAIL", "info@parkerslingshotrentals.com");
```
## Emails Sent
- Booking confirmation → customer
- Booking alert → admin
- Waiver signed confirmation → customer + admin
- Admin manual reminder → customer (from admin panel)
smtp-docs/tomsjavajive.com.md
+49
View File
@@ -0,0 +1,49 @@
# tomsjavajive.com — Email Configuration
**Provider:** CyberMail (CyberPersons)
**Status:** ✅ Live — domain verified
## API (Primary — used for all transactional email)
| Setting | Value |
|---------|-------|
| Endpoint | `POST https://platform.cyberpersons.com/email/v1/send` |
| API Key | `sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d` |
| Auth Header | `Authorization: Bearer sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d` |
| From Address | noreply@tomsjavajive.com |
| From Name | Toms Java Jive |
## SMTP (Backup — blocked by DigitalOcean port 587)
| Setting | Value |
|---------|-------|
| Host | mail.cyberpersons.com |
| Port | 587 |
| Security | STARTTLS |
| Username | smtp_49a1fa9c0f15d2d7 |
| Password | T3mOFSMK1SG1l4D1d7N8NefRd8xypwMy |
## Server Files
| File | Purpose |
|------|---------|
| `/home/tomsjavajive.com/public_html/config/config.php` | `CYBERMAIL_API_KEY`, `SMTP_*` constants |
| `/home/tomsjavajive.com/public_html/includes/email.php` | Email class — all transactional sends |
## Emails Sent
- Order confirmation, shipping notification, password reset, welcome, abandoned cart
## CyberMail API Quick Reference
- **Status check:** `GET https://platform.cyberpersons.com/email/v1/messages/{message_id}`
- **Account stats:** `GET https://platform.cyberpersons.com/email/v1/account/stats`
- **Management:** https://platform.cyberpersons.com
## Error Codes
| HTTP | Code | Meaning |
|------|------|---------|
| 400 | invalid_request | Missing fields or bad email format |
| 403 | domain_not_verified | Domain not verified |
| 403 | account_inactive | Account suspended |
| 429 | rate_limit_exceeded | Rate limit hit (includes retry_after) |
| 500 | send_failed | Sending failed after failover |
| 503 | service_unavailable | No healthy mail nodes |
smtp-docs/tomtomgames.com.md
+35
View File
@@ -0,0 +1,35 @@
# tomtomgames.com — Email Configuration
**Provider:** CyberMail (CyberPersons)
**Status:** ✅ Live — domain verified
## API (Primary)
| Setting | Value |
|---------|-------|
| Endpoint | `POST https://platform.cyberpersons.com/email/v1/send` |
| API Key | `sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d` |
| Auth Header | `Authorization: Bearer sk_live_d52bf062797105aeaafac9954c21ff988e9b41b77315807d` |
| From Address | noreply@tomtomgames.com |
| From Name | TomTomGames |
## SMTP (Backup — blocked by DigitalOcean port 587)
| Setting | Value |
|---------|-------|
| Host | mail.cyberpersons.com |
| Port | 587 |
| Security | STARTTLS |
| Username | smtp_ad34c4d915da7bfc |
| Password | m47o2-UqPgM-IBeYNRz-uHSJAHnPGe9w |
## Server Files
| File | Purpose |
|------|---------|
| `/home/tomtomgames.com/includes/config.php` | `CYBERMAIL_API_KEY`, `SMTP_*` constants |
| `/home/tomtomgames.com/includes/mailer.php` | `cybermailSend()`, `sendVerificationEmail()`, `sendgridSend()` alias |
## Emails Sent
- Account verification email (registration + resend)
- Password reset (from admin panel)
ssh/authorized_keys
+4
View File
@@ -0,0 +1,4 @@
# Added and Managed by DigitalOcean Droplet Agent (code name: DOTTY)
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNIbUSWm6l0NcFEOukQGx5br54nFbjP2FzR7QYBT0dYs5j/AeuQ9WiOomkJMV6zcfUTKpAjUJJtbk1S9SXWrnq8= {"os_user":"root","actor_email":"myronblair@gmail.com","expire_at":"2026-05-27T18:25:20Z"}-dotty_ssh
# Added and Managed by DigitalOcean Droplet Agent (code name: DOTTY)
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMZhO/c3NsDBamiit4eMAIlm/zpg02RzEUNpeupB4azjrvTgAAij1UGlJ5wu4fkT7U//2GRdL4QmDbPYR0uBapQ= {"os_user":"root","actor_email":"myronblair@gmail.com","expire_at":"2026-05-27T18:24:59Z"}-dotty_ssh
systemd/fastapi_ssh_server.service
+14
View File
@@ -0,0 +1,14 @@
[Unit]
Description=FastAPI SSH Web Terminal Server
After=network.target
[Service]
Type=simple
WorkingDirectory=/usr/local/CyberCP
ExecStart=/usr/local/CyberCP/bin/python3 -m uvicorn fastapi_ssh_server:app --host 0.0.0.0 --port 8888 --ssl-keyfile=/usr/local/lscp/conf/key.pem --ssl-certfile=/usr/local/lscp/conf/cert.pem
Restart=on-failure
User=root
Group=root
[Install]
WantedBy=multi-user.target
systemd/jarvis-agent.service
+14
View File
@@ -0,0 +1,14 @@
[Unit]
Description=JARVIS Agent
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/python3 /usr/local/bin/jarvis-agent.py
Restart=always
RestartSec=30
User=root
[Install]
WantedBy=multi-user.target
wireguard/wg0.conf
+11
View File
@@ -0,0 +1,11 @@
[Interface]
PrivateKey = YNWpzXKA9xI486wf3Ya4tIs2vgjaRVaClQKKx0Z1V0g=
Address = 10.201.0.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
# Alpine LXC wg-exit client
PublicKey = zTik4LA5WlzlP83iz/8Qjx5wDwIDJJtBcoqenBXjew8=
AllowedIPs = 10.201.0.2/32, 10.200.0.0/24