Committing files 04/15/2023 08:23:32
This commit is contained in:
parent
f1c406a61a
commit
4e73cc7011
799
root/database/pgsql/data/postgresql.conf
Normal file
799
root/database/pgsql/data/postgresql.conf
Normal file
@ -0,0 +1,799 @@
|
|||||||
|
# -----------------------------
|
||||||
|
# PostgreSQL configuration file
|
||||||
|
# -----------------------------
|
||||||
|
#
|
||||||
|
# This file consists of lines of the form:
|
||||||
|
#
|
||||||
|
# name = value
|
||||||
|
#
|
||||||
|
# (The "=" is optional.) Whitespace may be used. Comments are introduced with
|
||||||
|
# "#" anywhere on a line. The complete list of parameter names and allowed
|
||||||
|
# values can be found in the PostgreSQL documentation.
|
||||||
|
#
|
||||||
|
# The commented-out settings shown in this file represent the default values.
|
||||||
|
# Re-commenting a setting is NOT sufficient to revert it to the default value;
|
||||||
|
# you need to reload the server.
|
||||||
|
#
|
||||||
|
# This file is read on server startup and when the server receives a SIGHUP
|
||||||
|
# signal. If you edit the file on a running system, you have to SIGHUP the
|
||||||
|
# server for the changes to take effect, run "pg_ctl reload", or execute
|
||||||
|
# "SELECT pg_reload_conf()". Some parameters, which are marked below,
|
||||||
|
# require a server shutdown and restart to take effect.
|
||||||
|
#
|
||||||
|
# Any parameter can also be given as a command-line option to the server, e.g.,
|
||||||
|
# "postgres -c log_connections=on". Some parameters can be changed at run time
|
||||||
|
# with the "SET" SQL command.
|
||||||
|
#
|
||||||
|
# Memory units: B = bytes Time units: us = microseconds
|
||||||
|
# kB = kilobytes ms = milliseconds
|
||||||
|
# MB = megabytes s = seconds
|
||||||
|
# GB = gigabytes min = minutes
|
||||||
|
# TB = terabytes h = hours
|
||||||
|
# d = days
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# FILE LOCATIONS
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# The default values of these variables are driven from the -D command-line
|
||||||
|
# option or PGDATA environment variable, represented here as ConfigDir.
|
||||||
|
|
||||||
|
#data_directory = 'ConfigDir' # use data in another directory
|
||||||
|
# (change requires restart)
|
||||||
|
#hba_file = 'ConfigDir/pg_hba.conf' # host-based authentication file
|
||||||
|
# (change requires restart)
|
||||||
|
#ident_file = 'ConfigDir/pg_ident.conf' # ident configuration file
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
# If external_pid_file is not explicitly set, no extra PID file is written.
|
||||||
|
#external_pid_file = '' # write an extra PID file
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# CONNECTIONS AND AUTHENTICATION
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Connection Settings -
|
||||||
|
|
||||||
|
#listen_addresses = 'localhost' # what IP address(es) to listen on;
|
||||||
|
# comma-separated list of addresses;
|
||||||
|
# defaults to 'localhost'; use '*' for all
|
||||||
|
# (change requires restart)
|
||||||
|
listen_addresses = '*'
|
||||||
|
#port = 5432 # (change requires restart)
|
||||||
|
max_connections = 100 # (change requires restart)
|
||||||
|
#superuser_reserved_connections = 3 # (change requires restart)
|
||||||
|
#unix_socket_directories = '/var/run/postgresql, /tmp' # comma-separated list of directories
|
||||||
|
# (change requires restart)
|
||||||
|
#unix_socket_group = '' # (change requires restart)
|
||||||
|
#unix_socket_permissions = 0777 # begin with 0 to use octal notation
|
||||||
|
# (change requires restart)
|
||||||
|
#bonjour = off # advertise server via Bonjour
|
||||||
|
# (change requires restart)
|
||||||
|
#bonjour_name = '' # defaults to the computer name
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
# - TCP settings -
|
||||||
|
# see "man tcp" for details
|
||||||
|
|
||||||
|
#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds;
|
||||||
|
# 0 selects the system default
|
||||||
|
#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds;
|
||||||
|
# 0 selects the system default
|
||||||
|
#tcp_keepalives_count = 0 # TCP_KEEPCNT;
|
||||||
|
# 0 selects the system default
|
||||||
|
#tcp_user_timeout = 0 # TCP_USER_TIMEOUT, in milliseconds;
|
||||||
|
# 0 selects the system default
|
||||||
|
|
||||||
|
#client_connection_check_interval = 0 # time between checks for client
|
||||||
|
# disconnection while running queries;
|
||||||
|
# 0 for never
|
||||||
|
|
||||||
|
# - Authentication -
|
||||||
|
|
||||||
|
#authentication_timeout = 1min # 1s-600s
|
||||||
|
#password_encryption = scram-sha-256 # scram-sha-256 or md5
|
||||||
|
#db_user_namespace = off
|
||||||
|
|
||||||
|
# GSSAPI using Kerberos
|
||||||
|
#krb_server_keyfile = 'FILE:${sysconfdir}/krb5.keytab'
|
||||||
|
#krb_caseins_users = off
|
||||||
|
|
||||||
|
# - SSL -
|
||||||
|
|
||||||
|
#ssl = off
|
||||||
|
#ssl_ca_file = ''
|
||||||
|
#ssl_cert_file = 'server.crt'
|
||||||
|
#ssl_crl_file = ''
|
||||||
|
#ssl_crl_dir = ''
|
||||||
|
#ssl_key_file = 'server.key'
|
||||||
|
#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
|
||||||
|
#ssl_prefer_server_ciphers = on
|
||||||
|
#ssl_ecdh_curve = 'prime256v1'
|
||||||
|
#ssl_min_protocol_version = 'TLSv1.2'
|
||||||
|
#ssl_max_protocol_version = ''
|
||||||
|
#ssl_dh_params_file = ''
|
||||||
|
#ssl_passphrase_command = ''
|
||||||
|
#ssl_passphrase_command_supports_reload = off
|
||||||
|
|
||||||
|
|
||||||
|
# *H9sHZughaS*Kqhm
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# RESOURCE USAGE (except WAL)
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Memory -
|
||||||
|
|
||||||
|
shared_buffers = 128MB # min 128kB
|
||||||
|
# (change requires restart)
|
||||||
|
#huge_pages = try # on, off, or try
|
||||||
|
# (change requires restart)
|
||||||
|
#huge_page_size = 0 # zero for system default
|
||||||
|
# (change requires restart)
|
||||||
|
#temp_buffers = 8MB # min 800kB
|
||||||
|
#max_prepared_transactions = 0 # zero disables the feature
|
||||||
|
# (change requires restart)
|
||||||
|
# Caution: it is not advisable to set max_prepared_transactions nonzero unless
|
||||||
|
# you actively intend to use prepared transactions.
|
||||||
|
#work_mem = 4MB # min 64kB
|
||||||
|
#hash_mem_multiplier = 1.0 # 1-1000.0 multiplier on hash table work_mem
|
||||||
|
#maintenance_work_mem = 64MB # min 1MB
|
||||||
|
#autovacuum_work_mem = -1 # min 1MB, or -1 to use maintenance_work_mem
|
||||||
|
#logical_decoding_work_mem = 64MB # min 64kB
|
||||||
|
#max_stack_depth = 2MB # min 100kB
|
||||||
|
#shared_memory_type = mmap # the default is the first option
|
||||||
|
# supported by the operating system:
|
||||||
|
# mmap
|
||||||
|
# sysv
|
||||||
|
# windows
|
||||||
|
# (change requires restart)
|
||||||
|
dynamic_shared_memory_type = posix # the default is the first option
|
||||||
|
# supported by the operating system:
|
||||||
|
# posix
|
||||||
|
# sysv
|
||||||
|
# windows
|
||||||
|
# mmap
|
||||||
|
# (change requires restart)
|
||||||
|
#min_dynamic_shared_memory = 0MB # (change requires restart)
|
||||||
|
|
||||||
|
# - Disk -
|
||||||
|
|
||||||
|
#temp_file_limit = -1 # limits per-process temp file space
|
||||||
|
# in kilobytes, or -1 for no limit
|
||||||
|
|
||||||
|
# - Kernel Resources -
|
||||||
|
|
||||||
|
#max_files_per_process = 1000 # min 64
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
# - Cost-Based Vacuum Delay -
|
||||||
|
|
||||||
|
#vacuum_cost_delay = 0 # 0-100 milliseconds (0 disables)
|
||||||
|
#vacuum_cost_page_hit = 1 # 0-10000 credits
|
||||||
|
#vacuum_cost_page_miss = 2 # 0-10000 credits
|
||||||
|
#vacuum_cost_page_dirty = 20 # 0-10000 credits
|
||||||
|
#vacuum_cost_limit = 200 # 1-10000 credits
|
||||||
|
|
||||||
|
# - Background Writer -
|
||||||
|
|
||||||
|
#bgwriter_delay = 200ms # 10-10000ms between rounds
|
||||||
|
#bgwriter_lru_maxpages = 100 # max buffers written/round, 0 disables
|
||||||
|
#bgwriter_lru_multiplier = 2.0 # 0-10.0 multiplier on buffers scanned/round
|
||||||
|
#bgwriter_flush_after = 512kB # measured in pages, 0 disables
|
||||||
|
|
||||||
|
# - Asynchronous Behavior -
|
||||||
|
|
||||||
|
#backend_flush_after = 0 # measured in pages, 0 disables
|
||||||
|
#effective_io_concurrency = 1 # 1-1000; 0 disables prefetching
|
||||||
|
#maintenance_io_concurrency = 10 # 1-1000; 0 disables prefetching
|
||||||
|
#max_worker_processes = 8 # (change requires restart)
|
||||||
|
#max_parallel_workers_per_gather = 2 # taken from max_parallel_workers
|
||||||
|
#max_parallel_maintenance_workers = 2 # taken from max_parallel_workers
|
||||||
|
#max_parallel_workers = 8 # maximum number of max_worker_processes that
|
||||||
|
# can be used in parallel operations
|
||||||
|
#parallel_leader_participation = on
|
||||||
|
#old_snapshot_threshold = -1 # 1min-60d; -1 disables; 0 is immediate
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# WRITE-AHEAD LOG
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Settings -
|
||||||
|
|
||||||
|
#wal_level = replica # minimal, replica, or logical
|
||||||
|
# (change requires restart)
|
||||||
|
#fsync = on # flush data to disk for crash safety
|
||||||
|
# (turning this off can cause
|
||||||
|
# unrecoverable data corruption)
|
||||||
|
#synchronous_commit = on # synchronization level;
|
||||||
|
# off, local, remote_write, remote_apply, or on
|
||||||
|
#wal_sync_method = fsync # the default is the first option
|
||||||
|
# supported by the operating system:
|
||||||
|
# open_datasync
|
||||||
|
# fdatasync (default on Linux and FreeBSD)
|
||||||
|
# fsync
|
||||||
|
# fsync_writethrough
|
||||||
|
# open_sync
|
||||||
|
#full_page_writes = on # recover from partial page writes
|
||||||
|
#wal_log_hints = off # also do full page writes of non-critical updates
|
||||||
|
# (change requires restart)
|
||||||
|
#wal_compression = off # enable compression of full-page writes
|
||||||
|
#wal_init_zero = on # zero-fill new WAL files
|
||||||
|
#wal_recycle = on # recycle WAL files
|
||||||
|
#wal_buffers = -1 # min 32kB, -1 sets based on shared_buffers
|
||||||
|
# (change requires restart)
|
||||||
|
#wal_writer_delay = 200ms # 1-10000 milliseconds
|
||||||
|
#wal_writer_flush_after = 1MB # measured in pages, 0 disables
|
||||||
|
#wal_skip_threshold = 2MB
|
||||||
|
|
||||||
|
#commit_delay = 0 # range 0-100000, in microseconds
|
||||||
|
#commit_siblings = 5 # range 1-1000
|
||||||
|
|
||||||
|
# - Checkpoints -
|
||||||
|
|
||||||
|
#checkpoint_timeout = 5min # range 30s-1d
|
||||||
|
#checkpoint_completion_target = 0.9 # checkpoint target duration, 0.0 - 1.0
|
||||||
|
#checkpoint_flush_after = 256kB # measured in pages, 0 disables
|
||||||
|
#checkpoint_warning = 30s # 0 disables
|
||||||
|
max_wal_size = 1GB
|
||||||
|
min_wal_size = 80MB
|
||||||
|
|
||||||
|
# - Archiving -
|
||||||
|
|
||||||
|
#archive_mode = off # enables archiving; off, on, or always
|
||||||
|
# (change requires restart)
|
||||||
|
#archive_command = '' # command to use to archive a logfile segment
|
||||||
|
# placeholders: %p = path of file to archive
|
||||||
|
# %f = file name only
|
||||||
|
# e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f'
|
||||||
|
#archive_timeout = 0 # force a logfile segment switch after this
|
||||||
|
# number of seconds; 0 disables
|
||||||
|
|
||||||
|
# - Archive Recovery -
|
||||||
|
|
||||||
|
# These are only used in recovery mode.
|
||||||
|
|
||||||
|
#restore_command = '' # command to use to restore an archived logfile segment
|
||||||
|
# placeholders: %p = path of file to restore
|
||||||
|
# %f = file name only
|
||||||
|
# e.g. 'cp /mnt/server/archivedir/%f %p'
|
||||||
|
#archive_cleanup_command = '' # command to execute at every restartpoint
|
||||||
|
#recovery_end_command = '' # command to execute at completion of recovery
|
||||||
|
|
||||||
|
# - Recovery Target -
|
||||||
|
|
||||||
|
# Set these only when performing a targeted recovery.
|
||||||
|
|
||||||
|
#recovery_target = '' # 'immediate' to end recovery as soon as a
|
||||||
|
# consistent state is reached
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_name = '' # the named restore point to which recovery will proceed
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_time = '' # the time stamp up to which recovery will proceed
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_xid = '' # the transaction ID up to which recovery will proceed
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_lsn = '' # the WAL LSN up to which recovery will proceed
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_inclusive = on # Specifies whether to stop:
|
||||||
|
# just after the specified recovery target (on)
|
||||||
|
# just before the recovery target (off)
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_timeline = 'latest' # 'current', 'latest', or timeline ID
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_target_action = 'pause' # 'pause', 'promote', 'shutdown'
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# REPLICATION
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Sending Servers -
|
||||||
|
|
||||||
|
# Set these on the primary and on any standby that will send replication data.
|
||||||
|
|
||||||
|
#max_wal_senders = 10 # max number of walsender processes
|
||||||
|
# (change requires restart)
|
||||||
|
#max_replication_slots = 10 # max number of replication slots
|
||||||
|
# (change requires restart)
|
||||||
|
#wal_keep_size = 0 # in megabytes; 0 disables
|
||||||
|
#max_slot_wal_keep_size = -1 # in megabytes; -1 disables
|
||||||
|
#wal_sender_timeout = 60s # in milliseconds; 0 disables
|
||||||
|
#track_commit_timestamp = off # collect timestamp of transaction commit
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
# - Primary Server -
|
||||||
|
|
||||||
|
# These settings are ignored on a standby server.
|
||||||
|
|
||||||
|
#synchronous_standby_names = '' # standby servers that provide sync rep
|
||||||
|
# method to choose sync standbys, number of sync standbys,
|
||||||
|
# and comma-separated list of application_name
|
||||||
|
# from standby(s); '*' = all
|
||||||
|
#vacuum_defer_cleanup_age = 0 # number of xacts by which cleanup is delayed
|
||||||
|
|
||||||
|
# - Standby Servers -
|
||||||
|
|
||||||
|
# These settings are ignored on a primary server.
|
||||||
|
|
||||||
|
#primary_conninfo = '' # connection string to sending server
|
||||||
|
#primary_slot_name = '' # replication slot on sending server
|
||||||
|
#promote_trigger_file = '' # file name whose presence ends recovery
|
||||||
|
#hot_standby = on # "off" disallows queries during recovery
|
||||||
|
# (change requires restart)
|
||||||
|
#max_standby_archive_delay = 30s # max delay before canceling queries
|
||||||
|
# when reading WAL from archive;
|
||||||
|
# -1 allows indefinite delay
|
||||||
|
#max_standby_streaming_delay = 30s # max delay before canceling queries
|
||||||
|
# when reading streaming WAL;
|
||||||
|
# -1 allows indefinite delay
|
||||||
|
#wal_receiver_create_temp_slot = off # create temp slot if primary_slot_name
|
||||||
|
# is not set
|
||||||
|
#wal_receiver_status_interval = 10s # send replies at least this often
|
||||||
|
# 0 disables
|
||||||
|
#hot_standby_feedback = off # send info from standby to prevent
|
||||||
|
# query conflicts
|
||||||
|
#wal_receiver_timeout = 60s # time that receiver waits for
|
||||||
|
# communication from primary
|
||||||
|
# in milliseconds; 0 disables
|
||||||
|
#wal_retrieve_retry_interval = 5s # time to wait before retrying to
|
||||||
|
# retrieve WAL after a failed attempt
|
||||||
|
#recovery_min_apply_delay = 0 # minimum delay for applying changes during recovery
|
||||||
|
|
||||||
|
# - Subscribers -
|
||||||
|
|
||||||
|
# These settings are ignored on a publisher.
|
||||||
|
|
||||||
|
#max_logical_replication_workers = 4 # taken from max_worker_processes
|
||||||
|
# (change requires restart)
|
||||||
|
#max_sync_workers_per_subscription = 2 # taken from max_logical_replication_workers
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# QUERY TUNING
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Planner Method Configuration -
|
||||||
|
|
||||||
|
#enable_async_append = on
|
||||||
|
#enable_bitmapscan = on
|
||||||
|
#enable_gathermerge = on
|
||||||
|
#enable_hashagg = on
|
||||||
|
#enable_hashjoin = on
|
||||||
|
#enable_incremental_sort = on
|
||||||
|
#enable_indexscan = on
|
||||||
|
#enable_indexonlyscan = on
|
||||||
|
#enable_material = on
|
||||||
|
#enable_memoize = on
|
||||||
|
#enable_mergejoin = on
|
||||||
|
#enable_nestloop = on
|
||||||
|
#enable_parallel_append = on
|
||||||
|
#enable_parallel_hash = on
|
||||||
|
#enable_partition_pruning = on
|
||||||
|
#enable_partitionwise_join = off
|
||||||
|
#enable_partitionwise_aggregate = off
|
||||||
|
#enable_seqscan = on
|
||||||
|
#enable_sort = on
|
||||||
|
#enable_tidscan = on
|
||||||
|
|
||||||
|
# - Planner Cost Constants -
|
||||||
|
|
||||||
|
#seq_page_cost = 1.0 # measured on an arbitrary scale
|
||||||
|
#random_page_cost = 4.0 # same scale as above
|
||||||
|
#cpu_tuple_cost = 0.01 # same scale as above
|
||||||
|
#cpu_index_tuple_cost = 0.005 # same scale as above
|
||||||
|
#cpu_operator_cost = 0.0025 # same scale as above
|
||||||
|
#parallel_setup_cost = 1000.0 # same scale as above
|
||||||
|
#parallel_tuple_cost = 0.1 # same scale as above
|
||||||
|
#min_parallel_table_scan_size = 8MB
|
||||||
|
#min_parallel_index_scan_size = 512kB
|
||||||
|
#effective_cache_size = 4GB
|
||||||
|
|
||||||
|
#jit_above_cost = 100000 # perform JIT compilation if available
|
||||||
|
# and query more expensive than this;
|
||||||
|
# -1 disables
|
||||||
|
#jit_inline_above_cost = 500000 # inline small functions if query is
|
||||||
|
# more expensive than this; -1 disables
|
||||||
|
#jit_optimize_above_cost = 500000 # use expensive JIT optimizations if
|
||||||
|
# query is more expensive than this;
|
||||||
|
# -1 disables
|
||||||
|
|
||||||
|
# - Genetic Query Optimizer -
|
||||||
|
|
||||||
|
#geqo = on
|
||||||
|
#geqo_threshold = 12
|
||||||
|
#geqo_effort = 5 # range 1-10
|
||||||
|
#geqo_pool_size = 0 # selects default based on effort
|
||||||
|
#geqo_generations = 0 # selects default based on effort
|
||||||
|
#geqo_selection_bias = 2.0 # range 1.5-2.0
|
||||||
|
#geqo_seed = 0.0 # range 0.0-1.0
|
||||||
|
|
||||||
|
# - Other Planner Options -
|
||||||
|
|
||||||
|
#default_statistics_target = 100 # range 1-10000
|
||||||
|
#constraint_exclusion = partition # on, off, or partition
|
||||||
|
#cursor_tuple_fraction = 0.1 # range 0.0-1.0
|
||||||
|
#from_collapse_limit = 8
|
||||||
|
#jit = on # allow JIT compilation
|
||||||
|
#join_collapse_limit = 8 # 1 disables collapsing of explicit
|
||||||
|
# JOIN clauses
|
||||||
|
#plan_cache_mode = auto # auto, force_generic_plan or
|
||||||
|
# force_custom_plan
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# REPORTING AND LOGGING
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Where to Log -
|
||||||
|
|
||||||
|
#log_destination = 'stderr' # Valid values are combinations of
|
||||||
|
# stderr, csvlog, syslog, and eventlog,
|
||||||
|
# depending on platform. csvlog
|
||||||
|
# requires logging_collector to be on.
|
||||||
|
|
||||||
|
# This is used when logging to stderr:
|
||||||
|
logging_collector = on # Enable capturing of stderr and csvlog
|
||||||
|
# into log files. Required to be on for
|
||||||
|
# csvlogs.
|
||||||
|
# (change requires restart)
|
||||||
|
|
||||||
|
# These are only used if logging_collector is on:
|
||||||
|
#log_directory = 'log' # directory where log files are written,
|
||||||
|
# can be absolute or relative to PGDATA
|
||||||
|
log_filename = 'postgresql-%a.log' # log file name pattern,
|
||||||
|
# can include strftime() escapes
|
||||||
|
#log_file_mode = 0600 # creation mode for log files,
|
||||||
|
# begin with 0 to use octal notation
|
||||||
|
log_rotation_age = 1d # Automatic rotation of logfiles will
|
||||||
|
# happen after that time. 0 disables.
|
||||||
|
log_rotation_size = 0 # Automatic rotation of logfiles will
|
||||||
|
# happen after that much log output.
|
||||||
|
# 0 disables.
|
||||||
|
log_truncate_on_rotation = on # If on, an existing log file with the
|
||||||
|
# same name as the new log file will be
|
||||||
|
# truncated rather than appended to.
|
||||||
|
# But such truncation only occurs on
|
||||||
|
# time-driven rotation, not on restarts
|
||||||
|
# or size-driven rotation. Default is
|
||||||
|
# off, meaning append to existing files
|
||||||
|
# in all cases.
|
||||||
|
|
||||||
|
# These are relevant when logging to syslog:
|
||||||
|
#syslog_facility = 'LOCAL0'
|
||||||
|
#syslog_ident = 'postgres'
|
||||||
|
#syslog_sequence_numbers = on
|
||||||
|
#syslog_split_messages = on
|
||||||
|
|
||||||
|
# This is only relevant when logging to eventlog (Windows):
|
||||||
|
# (change requires restart)
|
||||||
|
#event_source = 'PostgreSQL'
|
||||||
|
|
||||||
|
# - When to Log -
|
||||||
|
|
||||||
|
#log_min_messages = warning # values in order of decreasing detail:
|
||||||
|
# debug5
|
||||||
|
# debug4
|
||||||
|
# debug3
|
||||||
|
# debug2
|
||||||
|
# debug1
|
||||||
|
# info
|
||||||
|
# notice
|
||||||
|
# warning
|
||||||
|
# error
|
||||||
|
# log
|
||||||
|
# fatal
|
||||||
|
# panic
|
||||||
|
|
||||||
|
#log_min_error_statement = error # values in order of decreasing detail:
|
||||||
|
# debug5
|
||||||
|
# debug4
|
||||||
|
# debug3
|
||||||
|
# debug2
|
||||||
|
# debug1
|
||||||
|
# info
|
||||||
|
# notice
|
||||||
|
# warning
|
||||||
|
# error
|
||||||
|
# log
|
||||||
|
# fatal
|
||||||
|
# panic (effectively off)
|
||||||
|
|
||||||
|
#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements
|
||||||
|
# and their durations, > 0 logs only
|
||||||
|
# statements running at least this number
|
||||||
|
# of milliseconds
|
||||||
|
|
||||||
|
#log_min_duration_sample = -1 # -1 is disabled, 0 logs a sample of statements
|
||||||
|
# and their durations, > 0 logs only a sample of
|
||||||
|
# statements running at least this number
|
||||||
|
# of milliseconds;
|
||||||
|
# sample fraction is determined by log_statement_sample_rate
|
||||||
|
|
||||||
|
#log_statement_sample_rate = 1.0 # fraction of logged statements exceeding
|
||||||
|
# log_min_duration_sample to be logged;
|
||||||
|
# 1.0 logs all such statements, 0.0 never logs
|
||||||
|
|
||||||
|
|
||||||
|
#log_transaction_sample_rate = 0.0 # fraction of transactions whose statements
|
||||||
|
# are logged regardless of their duration; 1.0 logs all
|
||||||
|
# statements from all transactions, 0.0 never logs
|
||||||
|
|
||||||
|
# - What to Log -
|
||||||
|
|
||||||
|
#debug_print_parse = off
|
||||||
|
#debug_print_rewritten = off
|
||||||
|
#debug_print_plan = off
|
||||||
|
#debug_pretty_print = on
|
||||||
|
#log_autovacuum_min_duration = -1 # log autovacuum activity;
|
||||||
|
# -1 disables, 0 logs all actions and
|
||||||
|
# their durations, > 0 logs only
|
||||||
|
# actions running at least this number
|
||||||
|
# of milliseconds.
|
||||||
|
#log_checkpoints = off
|
||||||
|
#log_connections = off
|
||||||
|
#log_disconnections = off
|
||||||
|
#log_duration = off
|
||||||
|
#log_error_verbosity = default # terse, default, or verbose messages
|
||||||
|
#log_hostname = off
|
||||||
|
#log_line_prefix = '%m [%p] ' # special values:
|
||||||
|
# %a = application name
|
||||||
|
# %u = user name
|
||||||
|
# %d = database name
|
||||||
|
# %r = remote host and port
|
||||||
|
# %h = remote host
|
||||||
|
# %b = backend type
|
||||||
|
# %p = process ID
|
||||||
|
# %P = process ID of parallel group leader
|
||||||
|
# %t = timestamp without milliseconds
|
||||||
|
# %m = timestamp with milliseconds
|
||||||
|
# %n = timestamp with milliseconds (as a Unix epoch)
|
||||||
|
# %Q = query ID (0 if none or not computed)
|
||||||
|
# %i = command tag
|
||||||
|
# %e = SQL state
|
||||||
|
# %c = session ID
|
||||||
|
# %l = session line number
|
||||||
|
# %s = session start timestamp
|
||||||
|
# %v = virtual transaction ID
|
||||||
|
# %x = transaction ID (0 if none)
|
||||||
|
# %q = stop here in non-session
|
||||||
|
# processes
|
||||||
|
# %% = '%'
|
||||||
|
# e.g. '<%u%%%d> '
|
||||||
|
#log_lock_waits = off # log lock waits >= deadlock_timeout
|
||||||
|
#log_recovery_conflict_waits = off # log standby recovery conflict waits
|
||||||
|
# >= deadlock_timeout
|
||||||
|
#log_parameter_max_length = -1 # when logging statements, limit logged
|
||||||
|
# bind-parameter values to N bytes;
|
||||||
|
# -1 means print in full, 0 disables
|
||||||
|
#log_parameter_max_length_on_error = 0 # when logging an error, limit logged
|
||||||
|
# bind-parameter values to N bytes;
|
||||||
|
# -1 means print in full, 0 disables
|
||||||
|
#log_statement = 'none' # none, ddl, mod, all
|
||||||
|
#log_replication_commands = off
|
||||||
|
#log_temp_files = -1 # log temporary files equal or larger
|
||||||
|
# than the specified size in kilobytes;
|
||||||
|
# -1 disables, 0 logs all temp files
|
||||||
|
log_timezone = 'America/Los_Angeles'
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# PROCESS TITLE
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#cluster_name = '' # added to process titles if nonempty
|
||||||
|
# (change requires restart)
|
||||||
|
#update_process_title = on
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# STATISTICS
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Query and Index Statistics Collector -
|
||||||
|
|
||||||
|
#track_activities = on
|
||||||
|
#track_activity_query_size = 1024 # (change requires restart)
|
||||||
|
#track_counts = on
|
||||||
|
#track_io_timing = off
|
||||||
|
#track_wal_io_timing = off
|
||||||
|
#track_functions = none # none, pl, all
|
||||||
|
#stats_temp_directory = 'pg_stat_tmp'
|
||||||
|
|
||||||
|
|
||||||
|
# - Monitoring -
|
||||||
|
|
||||||
|
#compute_query_id = auto
|
||||||
|
#log_statement_stats = off
|
||||||
|
#log_parser_stats = off
|
||||||
|
#log_planner_stats = off
|
||||||
|
#log_executor_stats = off
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# AUTOVACUUM
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#autovacuum = on # Enable autovacuum subprocess? 'on'
|
||||||
|
# requires track_counts to also be on.
|
||||||
|
#autovacuum_max_workers = 3 # max number of autovacuum subprocesses
|
||||||
|
# (change requires restart)
|
||||||
|
#autovacuum_naptime = 1min # time between autovacuum runs
|
||||||
|
#autovacuum_vacuum_threshold = 50 # min number of row updates before
|
||||||
|
# vacuum
|
||||||
|
#autovacuum_vacuum_insert_threshold = 1000 # min number of row inserts
|
||||||
|
# before vacuum; -1 disables insert
|
||||||
|
# vacuums
|
||||||
|
#autovacuum_analyze_threshold = 50 # min number of row updates before
|
||||||
|
# analyze
|
||||||
|
#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum
|
||||||
|
#autovacuum_vacuum_insert_scale_factor = 0.2 # fraction of inserts over table
|
||||||
|
# size before insert vacuum
|
||||||
|
#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze
|
||||||
|
#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum
|
||||||
|
# (change requires restart)
|
||||||
|
#autovacuum_multixact_freeze_max_age = 400000000 # maximum multixact age
|
||||||
|
# before forced vacuum
|
||||||
|
# (change requires restart)
|
||||||
|
#autovacuum_vacuum_cost_delay = 2ms # default vacuum cost delay for
|
||||||
|
# autovacuum, in milliseconds;
|
||||||
|
# -1 means use vacuum_cost_delay
|
||||||
|
#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for
|
||||||
|
# autovacuum, -1 means use
|
||||||
|
# vacuum_cost_limit
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# CLIENT CONNECTION DEFAULTS
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Statement Behavior -
|
||||||
|
|
||||||
|
#client_min_messages = notice # values in order of decreasing detail:
|
||||||
|
# debug5
|
||||||
|
# debug4
|
||||||
|
# debug3
|
||||||
|
# debug2
|
||||||
|
# debug1
|
||||||
|
# log
|
||||||
|
# notice
|
||||||
|
# warning
|
||||||
|
# error
|
||||||
|
#search_path = '"$user", public' # schema names
|
||||||
|
#row_security = on
|
||||||
|
#default_table_access_method = 'heap'
|
||||||
|
#default_tablespace = '' # a tablespace name, '' uses the default
|
||||||
|
#default_toast_compression = 'pglz' # 'pglz' or 'lz4'
|
||||||
|
#temp_tablespaces = '' # a list of tablespace names, '' uses
|
||||||
|
# only default tablespace
|
||||||
|
#check_function_bodies = on
|
||||||
|
#default_transaction_isolation = 'read committed'
|
||||||
|
#default_transaction_read_only = off
|
||||||
|
#default_transaction_deferrable = off
|
||||||
|
#session_replication_role = 'origin'
|
||||||
|
#statement_timeout = 0 # in milliseconds, 0 is disabled
|
||||||
|
#lock_timeout = 0 # in milliseconds, 0 is disabled
|
||||||
|
#idle_in_transaction_session_timeout = 0 # in milliseconds, 0 is disabled
|
||||||
|
#idle_session_timeout = 0 # in milliseconds, 0 is disabled
|
||||||
|
#vacuum_freeze_table_age = 150000000
|
||||||
|
#vacuum_freeze_min_age = 50000000
|
||||||
|
#vacuum_failsafe_age = 1600000000
|
||||||
|
#vacuum_multixact_freeze_table_age = 150000000
|
||||||
|
#vacuum_multixact_freeze_min_age = 5000000
|
||||||
|
#vacuum_multixact_failsafe_age = 1600000000
|
||||||
|
#bytea_output = 'hex' # hex, escape
|
||||||
|
#xmlbinary = 'base64'
|
||||||
|
#xmloption = 'content'
|
||||||
|
#gin_pending_list_limit = 4MB
|
||||||
|
|
||||||
|
# - Locale and Formatting -
|
||||||
|
|
||||||
|
datestyle = 'iso, mdy'
|
||||||
|
#intervalstyle = 'postgres'
|
||||||
|
timezone = 'America/Los_Angeles'
|
||||||
|
#timezone_abbreviations = 'Default' # Select the set of available time zone
|
||||||
|
# abbreviations. Currently, there are
|
||||||
|
# Default
|
||||||
|
# Australia (historical usage)
|
||||||
|
# India
|
||||||
|
# You can create your own file in
|
||||||
|
# share/timezonesets/.
|
||||||
|
#extra_float_digits = 1 # min -15, max 3; any value >0 actually
|
||||||
|
# selects precise output mode
|
||||||
|
#client_encoding = sql_ascii # actually, defaults to database
|
||||||
|
# encoding
|
||||||
|
|
||||||
|
# These settings are initialized by initdb, but they can be changed.
|
||||||
|
lc_messages = 'en_US.UTF-8' # locale for system error message
|
||||||
|
# strings
|
||||||
|
lc_monetary = 'en_US.UTF-8' # locale for monetary formatting
|
||||||
|
lc_numeric = 'en_US.UTF-8' # locale for number formatting
|
||||||
|
lc_time = 'en_US.UTF-8' # locale for time formatting
|
||||||
|
|
||||||
|
# default configuration for text search
|
||||||
|
default_text_search_config = 'pg_catalog.english'
|
||||||
|
|
||||||
|
# - Shared Library Preloading -
|
||||||
|
|
||||||
|
#local_preload_libraries = ''
|
||||||
|
#session_preload_libraries = ''
|
||||||
|
#shared_preload_libraries = '' # (change requires restart)
|
||||||
|
#jit_provider = 'llvmjit' # JIT library to use
|
||||||
|
|
||||||
|
# - Other Defaults -
|
||||||
|
|
||||||
|
#dynamic_library_path = '$libdir'
|
||||||
|
#gin_fuzzy_search_limit = 0
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# LOCK MANAGEMENT
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#deadlock_timeout = 1s
|
||||||
|
#max_locks_per_transaction = 64 # min 10
|
||||||
|
# (change requires restart)
|
||||||
|
#max_pred_locks_per_transaction = 64 # min 10
|
||||||
|
# (change requires restart)
|
||||||
|
#max_pred_locks_per_relation = -2 # negative values mean
|
||||||
|
# (max_pred_locks_per_transaction
|
||||||
|
# / -max_pred_locks_per_relation) - 1
|
||||||
|
#max_pred_locks_per_page = 2 # min 0
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# VERSION AND PLATFORM COMPATIBILITY
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# - Previous PostgreSQL Versions -
|
||||||
|
|
||||||
|
#array_nulls = on
|
||||||
|
#backslash_quote = safe_encoding # on, off, or safe_encoding
|
||||||
|
#escape_string_warning = on
|
||||||
|
#lo_compat_privileges = off
|
||||||
|
#quote_all_identifiers = off
|
||||||
|
#standard_conforming_strings = on
|
||||||
|
#synchronize_seqscans = on
|
||||||
|
|
||||||
|
# - Other Platforms and Clients -
|
||||||
|
|
||||||
|
#transform_null_equals = off
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# ERROR HANDLING
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
#exit_on_error = off # terminate session on any error?
|
||||||
|
#restart_after_crash = on # reinitialize after backend crash?
|
||||||
|
#data_sync_retry = off # retry or panic on failure to fsync
|
||||||
|
# data?
|
||||||
|
# (change requires restart)
|
||||||
|
#recovery_init_sync_method = fsync # fsync, syncfs (Linux 5.8+)
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# CONFIG FILE INCLUDES
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# These options allow settings to be loaded from files other than the
|
||||||
|
# default postgresql.conf. Note that these are directives, not variable
|
||||||
|
# assignments, so they can usefully be given more than once.
|
||||||
|
|
||||||
|
#include_dir = '...' # include files ending in '.conf' from
|
||||||
|
# a directory, e.g., 'conf.d'
|
||||||
|
#include_if_exists = '...' # include file only if it exists
|
||||||
|
#include = '...' # include file
|
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
# CUSTOMIZED OPTIONS
|
||||||
|
#------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# Add settings for extensions here
|
10
root/etc/authselect/dconf-db
Normal file
10
root/etc/authselect/dconf-db
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
[org/gnome/login-screen]
|
||||||
|
enable-smartcard-authentication=false
|
||||||
|
enable-fingerprint-authentication=false
|
||||||
|
enable-password-authentication=true
|
||||||
|
|
8
root/etc/authselect/dconf-locks
Normal file
8
root/etc/authselect/dconf-locks
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
/org/gnome/login-screen/enable-smartcard-authentication
|
||||||
|
/org/gnome/login-screen/enable-fingerprint-authentication
|
||||||
|
/org/gnome/login-screen/enable-password-authentication
|
6
root/etc/authselect/fingerprint-auth
Normal file
6
root/etc/authselect/fingerprint-auth
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
auth required pam_debug.so auth=authinfo_unavail
|
22
root/etc/authselect/nsswitch.conf
Normal file
22
root/etc/authselect/nsswitch.conf
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
# In order of likelihood of use to accelerate lookup.
|
||||||
|
passwd: files sss systemd
|
||||||
|
shadow: files
|
||||||
|
group: files sss systemd
|
||||||
|
hosts: files myhostname resolve [!UNAVAIL=return] dns
|
||||||
|
services: files sss
|
||||||
|
netgroup: files sss
|
||||||
|
sudoers: files sss
|
||||||
|
automount: files sss
|
||||||
|
|
||||||
|
aliases: files
|
||||||
|
ethers: files
|
||||||
|
gshadow: files
|
||||||
|
networks: files dns
|
||||||
|
protocols: files
|
||||||
|
publickey: files
|
||||||
|
rpc: files
|
32
root/etc/authselect/password-auth
Normal file
32
root/etc/authselect/password-auth
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
auth required pam_env.so
|
||||||
|
auth required pam_faildelay.so delay=2000000
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_localuser.so
|
||||||
|
auth sufficient pam_unix.so nullok
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular
|
||||||
|
auth sufficient pam_sss.so forward_pass
|
||||||
|
auth required pam_deny.so
|
||||||
|
|
||||||
|
account required pam_unix.so
|
||||||
|
account sufficient pam_localuser.so
|
||||||
|
account sufficient pam_usertype.so issystem
|
||||||
|
account [default=bad success=ok user_unknown=ignore] pam_sss.so
|
||||||
|
account required pam_permit.so
|
||||||
|
|
||||||
|
password requisite pam_pwquality.so local_users_only
|
||||||
|
password sufficient pam_unix.so yescrypt shadow nullok use_authtok
|
||||||
|
password sufficient pam_sss.so use_authtok
|
||||||
|
password required pam_deny.so
|
||||||
|
|
||||||
|
session optional pam_keyinit.so revoke
|
||||||
|
session required pam_limits.so
|
||||||
|
-session optional pam_systemd.so
|
||||||
|
session optional pam_oddjob_mkhomedir.so
|
||||||
|
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||||
|
session required pam_unix.so
|
||||||
|
session optional pam_sss.so
|
11
root/etc/authselect/postlogin
Normal file
11
root/etc/authselect/postlogin
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
session optional pam_umask.so silent
|
||||||
|
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
|
||||||
|
session [default=1] pam_lastlog.so nowtmp showfailed
|
||||||
|
session optional pam_lastlog.so silent noupdate showfailed
|
6
root/etc/authselect/smartcard-auth
Normal file
6
root/etc/authselect/smartcard-auth
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
auth required pam_debug.so auth=authinfo_unavail
|
32
root/etc/authselect/system-auth
Normal file
32
root/etc/authselect/system-auth
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
# Generated by authselect on Sat Feb 11 00:24:04 2023
|
||||||
|
# Do not modify this file manually, use authselect instead. Any user changes will be overwritten.
|
||||||
|
# You can stop authselect from managing your configuration by calling 'authselect opt-out'.
|
||||||
|
# See authselect(8) for more details.
|
||||||
|
|
||||||
|
auth required pam_env.so
|
||||||
|
auth required pam_faildelay.so delay=2000000
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_localuser.so
|
||||||
|
auth sufficient pam_unix.so nullok
|
||||||
|
auth [default=1 ignore=ignore success=ok] pam_usertype.so isregular
|
||||||
|
auth sufficient pam_sss.so forward_pass
|
||||||
|
auth required pam_deny.so
|
||||||
|
|
||||||
|
account required pam_unix.so
|
||||||
|
account sufficient pam_localuser.so
|
||||||
|
account sufficient pam_usertype.so issystem
|
||||||
|
account [default=bad success=ok user_unknown=ignore] pam_sss.so
|
||||||
|
account required pam_permit.so
|
||||||
|
|
||||||
|
password requisite pam_pwquality.so local_users_only
|
||||||
|
password sufficient pam_unix.so yescrypt shadow nullok use_authtok
|
||||||
|
password sufficient pam_sss.so use_authtok
|
||||||
|
password required pam_deny.so
|
||||||
|
|
||||||
|
session optional pam_keyinit.so revoke
|
||||||
|
session required pam_limits.so
|
||||||
|
-session optional pam_systemd.so
|
||||||
|
session optional pam_oddjob_mkhomedir.so
|
||||||
|
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||||
|
session required pam_unix.so
|
||||||
|
session optional pam_sss.so
|
0
root/etc/cockpit/disallowed-users
Normal file
0
root/etc/cockpit/disallowed-users
Normal file
263
root/etc/dirsrv/config/slapd-collations.conf
Normal file
263
root/etc/dirsrv/config/slapd-collations.conf
Normal file
@ -0,0 +1,263 @@
|
|||||||
|
#
|
||||||
|
# BEGIN COPYRIGHT BLOCK
|
||||||
|
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
|
||||||
|
# Copyright (C) 2018 Red Hat, Inc.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# License: GPL (version 3 or any later version).
|
||||||
|
# See LICENSE for details.
|
||||||
|
# END COPYRIGHT BLOCK
|
||||||
|
#
|
||||||
|
#######################################################################
|
||||||
|
# Collations
|
||||||
|
#######################################################################
|
||||||
|
# collation language country variant strength decomposition oid oid ...
|
||||||
|
|
||||||
|
collation "" "" "" 1 3 2.16.840.1.113730.3.3.2.0.1 default
|
||||||
|
collation ar "" "" 1 3 2.16.840.1.113730.3.3.2.1.1 ar
|
||||||
|
collation be "" "" 1 3 2.16.840.1.113730.3.3.2.2.1 be be-BY
|
||||||
|
collation bg "" "" 1 3 2.16.840.1.113730.3.3.2.3.1 bg bg-BG
|
||||||
|
collation ca "" "" 1 3 2.16.840.1.113730.3.3.2.4.1 ca ca-ES
|
||||||
|
collation cs "" "" 1 3 2.16.840.1.113730.3.3.2.5.1 cs cs-CZ
|
||||||
|
collation da "" "" 1 3 2.16.840.1.113730.3.3.2.6.1 da da-DK
|
||||||
|
collation de "" "" 1 3 2.16.840.1.113730.3.3.2.7.1 de de-DE
|
||||||
|
collation de AT "" 1 3 2.16.840.1.113730.3.3.2.8.1 de-AT
|
||||||
|
collation de CH "" 1 3 2.16.840.1.113730.3.3.2.9.1 de-CH
|
||||||
|
collation el "" "" 1 3 2.16.840.1.113730.3.3.2.10.1 el
|
||||||
|
collation en "" "" 1 3 2.16.840.1.113730.3.3.2.11.1 en
|
||||||
|
collation en CA "" 1 3 2.16.840.1.113730.3.3.2.12.1 en-CA
|
||||||
|
collation en GB "" 1 3 2.16.840.1.113730.3.3.2.13.1 en-GB
|
||||||
|
collation en IE "" 1 3 2.16.840.1.113730.3.3.2.14.1 en-IE
|
||||||
|
collation es "" "" 1 3 2.16.840.1.113730.3.3.2.15.1 es es-ES
|
||||||
|
collation et "" "" 1 3 2.16.840.1.113730.3.3.2.16.1 et et-EE
|
||||||
|
collation fi "" "" 1 3 2.16.840.1.113730.3.3.2.17.1 fi fi-FI
|
||||||
|
collation fr "" "" 1 3 2.16.840.1.113730.3.3.2.18.1 fr fr-FR
|
||||||
|
collation fr BE "" 1 3 2.16.840.1.113730.3.3.2.19.1 fr-BE
|
||||||
|
collation fr CA "" 1 3 2.16.840.1.113730.3.3.2.20.1 fr-CA
|
||||||
|
collation fr CH "" 1 3 2.16.840.1.113730.3.3.2.21.1 fr-CH
|
||||||
|
collation hr "" "" 1 3 2.16.840.1.113730.3.3.2.22.1 hr hr-HR
|
||||||
|
collation hu "" "" 1 3 2.16.840.1.113730.3.3.2.23.1 hu hu-HU
|
||||||
|
collation is "" "" 1 3 2.16.840.1.113730.3.3.2.24.1 is is-IS
|
||||||
|
collation it "" "" 1 3 2.16.840.1.113730.3.3.2.25.1 it
|
||||||
|
collation it CH "" 1 3 2.16.840.1.113730.3.3.2.26.1 it-CH
|
||||||
|
collation iw "" "" 1 3 2.16.840.1.113730.3.3.2.27.1 iw
|
||||||
|
collation ja "" "" 1 3 2.16.840.1.113730.3.3.2.28.1 ja ja-JP
|
||||||
|
collation ko "" "" 1 3 2.16.840.1.113730.3.3.2.29.1 ko ko-KR
|
||||||
|
collation lt "" "" 1 3 2.16.840.1.113730.3.3.2.30.1 lt lt-LT
|
||||||
|
collation lv "" "" 1 3 2.16.840.1.113730.3.3.2.31.1 lv lv-LV
|
||||||
|
collation mk "" "" 1 3 2.16.840.1.113730.3.3.2.32.1 mk mk-MK
|
||||||
|
collation nl "" "" 1 3 2.16.840.1.113730.3.3.2.33.1 nl
|
||||||
|
collation nl BE "" 1 3 2.16.840.1.113730.3.3.2.34.1 nl-BE
|
||||||
|
collation no "" "" 1 3 2.16.840.1.113730.3.3.2.35.1 no
|
||||||
|
collation no NO B 1 3 2.16.840.1.113730.3.3.2.36.1 no-NO-B
|
||||||
|
collation no NO NY 1 3 2.16.840.1.113730.3.3.2.37.1 no-NO-NY
|
||||||
|
collation pl "" "" 1 3 2.16.840.1.113730.3.3.2.38.1 pl pl-PL
|
||||||
|
collation ro "" "" 1 3 2.16.840.1.113730.3.3.2.39.1 ro
|
||||||
|
collation ru "" "" 1 3 2.16.840.1.113730.3.3.2.40.1 ru
|
||||||
|
collation sh "" "" 1 3 2.16.840.1.113730.3.3.2.41.1 sh
|
||||||
|
collation sk "" "" 1 3 2.16.840.1.113730.3.3.2.42.1 sk
|
||||||
|
collation sl "" "" 1 3 2.16.840.1.113730.3.3.2.43.1 sl
|
||||||
|
collation sq "" "" 1 3 2.16.840.1.113730.3.3.2.44.1 sq
|
||||||
|
collation sr "" "" 1 3 2.16.840.1.113730.3.3.2.45.1 sr
|
||||||
|
collation sv "" "" 1 3 2.16.840.1.113730.3.3.2.46.1 sv
|
||||||
|
collation tr "" "" 1 3 2.16.840.1.113730.3.3.2.47.1 tr tr-TR
|
||||||
|
collation uk "" "" 1 3 2.16.840.1.113730.3.3.2.48.1 uk uk-UA
|
||||||
|
collation zh "" "" 1 3 2.16.840.1.113730.3.3.2.49.1 zh
|
||||||
|
collation zh TW "" 1 3 2.16.840.1.113730.3.3.2.50.1 zh-TW
|
||||||
|
collation af "" "" 1 3 2.16.840.1.113730.3.3.2.51.1 af
|
||||||
|
collation af NA "" 1 3 2.16.840.1.113730.3.3.2.52.1 af-NA
|
||||||
|
collation af ZA "" 1 3 2.16.840.1.113730.3.3.2.53.1 af-ZA
|
||||||
|
collation ar AE "" 1 3 2.16.840.1.113730.3.3.2.54.1 ar-AE
|
||||||
|
collation ar BH "" 1 3 2.16.840.1.113730.3.3.2.55.1 ar-BH
|
||||||
|
collation ar DZ "" 1 3 2.16.840.1.113730.3.3.2.56.1 ar-DZ
|
||||||
|
collation ar EG "" 1 3 2.16.840.1.113730.3.3.2.57.1 ar-EG
|
||||||
|
collation ar IQ "" 1 3 2.16.840.1.113730.3.3.2.58.1 ar-IQ
|
||||||
|
collation ar JO "" 1 3 2.16.840.1.113730.3.3.2.59.1 ar-JO
|
||||||
|
collation ar KW "" 1 3 2.16.840.1.113730.3.3.2.60.1 ar-KW
|
||||||
|
collation ar LB "" 1 3 2.16.840.1.113730.3.3.2.61.1 ar-LB
|
||||||
|
collation ar LY "" 1 3 2.16.840.1.113730.3.3.2.62.1 ar-LY
|
||||||
|
collation ar MA "" 1 3 2.16.840.1.113730.3.3.2.63.1 ar-MA
|
||||||
|
collation ar OM "" 1 3 2.16.840.1.113730.3.3.2.64.1 ar-OM
|
||||||
|
collation ar QA "" 1 3 2.16.840.1.113730.3.3.2.65.1 ar-QA
|
||||||
|
collation ar SA "" 1 3 2.16.840.1.113730.3.3.2.66.1 ar-SA
|
||||||
|
collation ar SD "" 1 3 2.16.840.1.113730.3.3.2.67.1 ar-SD
|
||||||
|
collation ar SY "" 1 3 2.16.840.1.113730.3.3.2.68.1 ar-SY
|
||||||
|
collation ar TN "" 1 3 2.16.840.1.113730.3.3.2.69.1 ar-TN
|
||||||
|
collation ar YE "" 1 3 2.16.840.1.113730.3.3.2.70.1 ar-YE
|
||||||
|
collation as "" "" 1 3 2.16.840.1.113730.3.3.2.71.1 as
|
||||||
|
collation as IN "" 1 3 2.16.840.1.113730.3.3.2.72.1 as-IN
|
||||||
|
collation az "" "" 1 3 2.16.840.1.113730.3.3.2.73.1 az
|
||||||
|
collation az Latn "" 1 3 2.16.840.1.113730.3.3.2.74.1 az-Latn
|
||||||
|
collation az Latn AZ 1 3 2.16.840.1.113730.3.3.2.75.1 az-Latn-AZ
|
||||||
|
collation bn "" "" 1 3 2.16.840.1.113730.3.3.2.76.1 bn
|
||||||
|
collation bn BD "" 1 3 2.16.840.1.113730.3.3.2.77.1 bn-BD
|
||||||
|
collation bn IN "" 1 3 2.16.840.1.113730.3.3.2.78.1 bn-IN
|
||||||
|
collation bs "" "" 1 3 2.16.840.1.113730.3.3.2.79.1 bs bs-BA
|
||||||
|
collation chr "" "" 1 3 2.16.840.1.113730.3.3.2.80.1 chr
|
||||||
|
collation chr US "" 1 3 2.16.840.1.113730.3.3.2.81.1 chr-US
|
||||||
|
collation cy "" "" 1 3 2.16.840.1.113730.3.3.2.82.1 cy cy-GB
|
||||||
|
collation de BE "" 1 3 2.16.840.1.113730.3.3.2.83.1 de-BE
|
||||||
|
collation de LI "" 1 3 2.16.840.1.113730.3.3.2.84.1 de-LI
|
||||||
|
collation de LU "" 1 3 2.16.840.1.113730.3.3.2.85.1 de-LU
|
||||||
|
collation el CY "" 1 3 2.16.840.1.113730.3.3.2.86.1 el-CY
|
||||||
|
collation el GR "" 1 3 2.16.840.1.113730.3.3.2.87.1 el-GR
|
||||||
|
collation en AS "" 1 3 2.16.840.1.113730.3.3.2.88.1 en-AS
|
||||||
|
collation en AU "" 1 3 2.16.840.1.113730.3.3.2.89.1 en-AU
|
||||||
|
collation en BE "" 1 3 2.16.840.1.113730.3.3.2.90.1 en-BE
|
||||||
|
collation en BW "" 1 3 2.16.840.1.113730.3.3.2.91.1 en-BW
|
||||||
|
collation en BZ "" 1 3 2.16.840.1.113730.3.3.2.92.1 en-BZ
|
||||||
|
collation en GU "" 1 3 2.16.840.1.113730.3.3.2.93.1 en-GU
|
||||||
|
collation en GY "" 1 3 2.16.840.1.113730.3.3.2.94.1 en-GY
|
||||||
|
collation en HK "" 1 3 2.16.840.1.113730.3.3.2.95.1 en-HK
|
||||||
|
collation en IN "" 1 3 2.16.840.1.113730.3.3.2.96.1 en-IN
|
||||||
|
collation en JM "" 1 3 2.16.840.1.113730.3.3.2.97.1 en-JM
|
||||||
|
collation en MH "" 1 3 2.16.840.1.113730.3.3.2.98.1 en-MH
|
||||||
|
collation en MP "" 1 3 2.16.840.1.113730.3.3.2.99.1 en-MP
|
||||||
|
collation en MT "" 1 3 2.16.840.1.113730.3.3.2.100.1 en-MT
|
||||||
|
collation en MU "" 1 3 2.16.840.1.113730.3.3.2.101.1 en-MU
|
||||||
|
collation en NA "" 1 3 2.16.840.1.113730.3.3.2.102.1 en-NA
|
||||||
|
collation en NZ "" 1 3 2.16.840.1.113730.3.3.2.103.1 en-NZ
|
||||||
|
collation en PH "" 1 3 2.16.840.1.113730.3.3.2.104.1 en-PH
|
||||||
|
collation en PK "" 1 3 2.16.840.1.113730.3.3.2.105.1 en-PK
|
||||||
|
collation en SG "" 1 3 2.16.840.1.113730.3.3.2.106.1 en-SG
|
||||||
|
collation en TT "" 1 3 2.16.840.1.113730.3.3.2.107.1 en-TT
|
||||||
|
collation en UM "" 1 3 2.16.840.1.113730.3.3.2.108.1 en-UM
|
||||||
|
collation en US "" 1 3 2.16.840.1.113730.3.3.2.109.1 en-US
|
||||||
|
collation en US POSIX 1 3 2.16.840.1.113730.3.3.2.110.1 en-US-POSIX
|
||||||
|
collation en VI "" 1 3 2.16.840.1.113730.3.3.2.111.1 en-VI
|
||||||
|
collation en ZA "" 1 3 2.16.840.1.113730.3.3.2.112.1 en-ZA
|
||||||
|
collation en ZW "" 1 3 2.16.840.1.113730.3.3.2.113.1 en-ZW
|
||||||
|
collation es AR "" 1 3 2.16.840.1.113730.3.3.2.114.1 es-AR
|
||||||
|
collation es BO "" 1 3 2.16.840.1.113730.3.3.2.115.1 es-BO
|
||||||
|
collation es CL "" 1 3 2.16.840.1.113730.3.3.2.116.1 es-CL
|
||||||
|
collation es CO "" 1 3 2.16.840.1.113730.3.3.2.117.1 es-CO
|
||||||
|
collation es CR "" 1 3 2.16.840.1.113730.3.3.2.118.1 es-CR
|
||||||
|
collation es DO "" 1 3 2.16.840.1.113730.3.3.2.119.1 es-DO
|
||||||
|
collation es EC "" 1 3 2.16.840.1.113730.3.3.2.120.1 es-EC
|
||||||
|
collation es ES "" 1 3 2.16.840.1.113730.3.3.2.121.1 es-ES
|
||||||
|
collation es GQ "" 1 3 2.16.840.1.113730.3.3.2.122.1 es-GQ
|
||||||
|
collation es GT "" 1 3 2.16.840.1.113730.3.3.2.123.1 es-GT
|
||||||
|
collation es HN "" 1 3 2.16.840.1.113730.3.3.2.124.1 es-HN
|
||||||
|
collation es MX "" 1 3 2.16.840.1.113730.3.3.2.125.1 es-MX
|
||||||
|
collation es NI "" 1 3 2.16.840.1.113730.3.3.2.126.1 es-NI
|
||||||
|
collation es PA "" 1 3 2.16.840.1.113730.3.3.2.127.1 es-PA
|
||||||
|
collation es PE "" 1 3 2.16.840.1.113730.3.3.2.128.1 es-PE
|
||||||
|
collation es PR "" 1 3 2.16.840.1.113730.3.3.2.129.1 es-PR
|
||||||
|
collation es PY "" 1 3 2.16.840.1.113730.3.3.2.130.1 es-PY
|
||||||
|
collation es SV "" 1 3 2.16.840.1.113730.3.3.2.131.1 es-SV
|
||||||
|
collation es US "" 1 3 2.16.840.1.113730.3.3.2.132.1 es-US
|
||||||
|
collation es UY "" 1 3 2.16.840.1.113730.3.3.2.133.1 es-UY
|
||||||
|
collation es VE "" 1 3 2.16.840.1.113730.3.3.2.134.1 es-VE
|
||||||
|
collation fa "" "" 1 3 2.16.840.1.113730.3.3.2.135.1 fa fa-IR
|
||||||
|
collation fil "" "" 1 3 2.16.840.1.113730.3.3.2.136.1 fil fil-PH
|
||||||
|
collation fo "" "" 1 3 2.16.840.1.113730.3.3.2.137.1 fo fo-FO
|
||||||
|
collation fr BF "" 1 3 2.16.840.1.113730.3.3.2.138.1 fr-BF
|
||||||
|
collation fr BI "" 1 3 2.16.840.1.113730.3.3.2.139.1 fr-BI
|
||||||
|
collation fr BJ "" 1 3 2.16.840.1.113730.3.3.2.140.1 fr-BJ
|
||||||
|
collation fr BL "" 1 3 2.16.840.1.113730.3.3.2.141.1 fr-BL
|
||||||
|
collation fr CD "" 1 3 2.16.840.1.113730.3.3.2.142.1 fr-CD
|
||||||
|
collation fr CF "" 1 3 2.16.840.1.113730.3.3.2.143.1 fr-CF
|
||||||
|
collation fr CG "" 1 3 2.16.840.1.113730.3.3.2.144.1 fr-CG
|
||||||
|
collation fr CI "" 1 3 2.16.840.1.113730.3.3.2.145.1 fr-CI
|
||||||
|
collation fr CM "" 1 3 2.16.840.1.113730.3.3.2.146.1 fr-CM
|
||||||
|
collation fr DJ "" 1 3 2.16.840.1.113730.3.3.2.147.1 fr-DJ
|
||||||
|
collation fr GA "" 1 3 2.16.840.1.113730.3.3.2.148.1 fr-GA
|
||||||
|
collation fr GN "" 1 3 2.16.840.1.113730.3.3.2.149.1 fr-GN
|
||||||
|
collation fr GP "" 1 3 2.16.840.1.113730.3.3.2.150.1 fr-GP
|
||||||
|
collation fr GQ "" 1 3 2.16.840.1.113730.3.3.2.151.1 fr-GQ
|
||||||
|
collation fr KM "" 1 3 2.16.840.1.113730.3.3.2.152.1 fr-KM
|
||||||
|
collation fr LU "" 1 3 2.16.840.1.113730.3.3.2.153.1 fr-LU
|
||||||
|
collation fr MC "" 1 3 2.16.840.1.113730.3.3.2.154.1 fr-MC
|
||||||
|
collation fr MF "" 1 3 2.16.840.1.113730.3.3.2.155.1 fr-MF
|
||||||
|
collation fr MG "" 1 3 2.16.840.1.113730.3.3.2.156.1 fr-MG
|
||||||
|
collation fr ML "" 1 3 2.16.840.1.113730.3.3.2.157.1 fr-ML
|
||||||
|
collation fr MQ "" 1 3 2.16.840.1.113730.3.3.2.158.1 fr-MQ
|
||||||
|
collation fr NE "" 1 3 2.16.840.1.113730.3.3.2.159.1 fr-NE
|
||||||
|
collation fr RE "" 1 3 2.16.840.1.113730.3.3.2.160.1 fr-RE
|
||||||
|
collation fr RW "" 1 3 2.16.840.1.113730.3.3.2.161.1 fr-RW
|
||||||
|
collation fr SN "" 1 3 2.16.840.1.113730.3.3.2.162.1 fr-SN
|
||||||
|
collation fr TD "" 1 3 2.16.840.1.113730.3.3.2.163.1 fr-TD
|
||||||
|
collation fr TG "" 1 3 2.16.840.1.113730.3.3.2.164.1 fr-TG
|
||||||
|
collation ga "" "" 1 3 2.16.840.1.113730.3.3.2.165.1 ga
|
||||||
|
collation ga IE "" 1 3 2.16.840.1.113730.3.3.2.166.1 ga-IE
|
||||||
|
collation ga IN "" 1 3 2.16.840.1.113730.3.3.2.167.1 ga-IN
|
||||||
|
collation ha "" "" 1 3 2.16.840.1.113730.3.3.2.168.1 ha
|
||||||
|
collation ha Latn "" 1 3 2.16.840.1.113730.3.3.2.169.1 ha-Latn
|
||||||
|
collation ha Latn GH 1 3 2.16.840.1.113730.3.3.2.170.1 ha-Latn-GH
|
||||||
|
collation ha Latn NE 1 3 2.16.840.1.113730.3.3.2.171.1 ha-Latn-NE
|
||||||
|
collation ha Latn NG 1 3 2.16.840.1.113730.3.3.2.172.1 ha-Latn-NG
|
||||||
|
collation he "" "" 1 3 2.16.840.1.113730.3.3.2.173.1 he he-IL
|
||||||
|
collation hi "" "" 1 3 2.16.840.1.113730.3.3.2.174.1 hi hi-IN
|
||||||
|
collation hy "" "" 1 3 2.16.840.1.113730.3.3.2.175.1 hy hy-AM
|
||||||
|
collation id "" "" 1 3 2.16.840.1.113730.3.3.2.176.1 id id-ID
|
||||||
|
collation ig "" "" 1 3 2.16.840.1.113730.3.3.2.177.1 ig ig-NG
|
||||||
|
collation it IT "" 1 3 2.16.840.1.113730.3.3.2.178.1 it-IT
|
||||||
|
collation ka "" "" 1 3 2.16.840.1.113730.3.3.2.179.1 ka
|
||||||
|
collation ka GE "" 1 3 2.16.840.1.113730.3.3.2.180.1 ka-GE
|
||||||
|
collation kk "" "" 1 3 2.16.840.1.113730.3.3.2.181.1 kk kk-KZ
|
||||||
|
collation kl "" "" 1 3 2.16.840.1.113730.3.3.2.182.1 kl kl-GL
|
||||||
|
collation kn "" "" 1 3 2.16.840.1.113730.3.3.2.183.1 kn kn-IN
|
||||||
|
collation kok "" "" 1 3 2.16.840.1.113730.3.3.2.184.1 kok kok-IN
|
||||||
|
collation ml "" "" 1 3 2.16.840.1.113730.3.3.2.185.1 ml ml-IN
|
||||||
|
collation ms "" "" 1 3 2.16.840.1.113730.3.3.2.186.1 ms
|
||||||
|
collation ms BN "" 1 3 2.16.840.1.113730.3.3.2.187.1 ms-BN
|
||||||
|
collation ms MY "" 1 3 2.16.840.1.113730.3.3.2.188.1 ms-MY
|
||||||
|
collation mt "" "" 1 3 2.16.840.1.113730.3.3.2.189.1 mt mt-MT
|
||||||
|
collation nl NL "" 1 3 2.16.840.1.113730.3.3.2.190.1 nl-NL
|
||||||
|
collation nn "" "" 1 3 2.16.840.1.113730.3.3.2.191.1 nn nn-NO
|
||||||
|
collation om "" "" 1 3 2.16.840.1.113730.3.3.2.192.1 om
|
||||||
|
collation om ET "" 1 3 2.16.840.1.113730.3.3.2.193.1 om-ET
|
||||||
|
collation om KE "" 1 3 2.16.840.1.113730.3.3.2.194.1 om-KE
|
||||||
|
collation or "" "" 1 3 2.16.840.1.113730.3.3.2.195.1 or or-IN
|
||||||
|
collation pa "" "" 1 3 2.16.840.1.113730.3.3.2.196.1 pa
|
||||||
|
collation pa Arab "" 1 3 2.16.840.1.113730.3.3.2.197.1 pa-Arab
|
||||||
|
collation pa Arab PK 1 3 2.16.840.1.113730.3.3.2.198.1 pa-Arab-PK
|
||||||
|
collation pa Guru "" 1 3 2.16.840.1.113730.3.3.2.199.1 pa-Guru
|
||||||
|
collation pa Guru IN 1 3 2.16.840.1.113730.3.3.2.200.1 pa-Guru-IN
|
||||||
|
collation ps "" "" 1 3 2.16.840.1.113730.3.3.2.201.1 ps ps-AF
|
||||||
|
collation pt "" "" 1 3 2.16.840.1.113730.3.3.2.202.1 pt
|
||||||
|
collation pt BR "" 1 3 2.16.840.1.113730.3.3.2.203.1 pt-BR
|
||||||
|
collation pt PT "" 1 3 2.16.840.1.113730.3.3.2.204.1 pt-PT
|
||||||
|
collation ro MD "" 1 3 2.16.840.1.113730.3.3.2.205.1 ro-MD
|
||||||
|
collation ro RO "" 1 3 2.16.840.1.113730.3.3.2.206.1 ro-RO
|
||||||
|
collation ru MD "" 1 3 2.16.840.1.113730.3.3.2.207.1 ru-MD
|
||||||
|
collation ru RU "" 1 3 2.16.840.1.113730.3.3.2.208.1 ru-RU
|
||||||
|
collation ru UA "" 1 3 2.16.840.1.113730.3.3.2.209.1 ru-UA
|
||||||
|
collation si "" "" 1 3 2.16.840.1.113730.3.3.2.210.1 si si-LK
|
||||||
|
collation sk SK "" 1 3 2.16.840.1.113730.3.3.2.211.1 sk-SK
|
||||||
|
collation sl SI "" 1 3 2.16.840.1.113730.3.3.2.212.1 sl-SI
|
||||||
|
collation sq AL "" 1 3 2.16.840.1.113730.3.3.2.213.1 sq-AL
|
||||||
|
collation sr Cyrl "" 1 3 2.16.840.1.113730.3.3.2.214.1 sr-Cyrl
|
||||||
|
collation sr Cyrl BA 1 3 2.16.840.1.113730.3.3.2.215.1 sr-Cyrl-BA
|
||||||
|
collation sr Cyrl ME 1 3 2.16.840.1.113730.3.3.2.216.1 sr-Cyrl-ME
|
||||||
|
collation sr Cyrl RS 1 3 2.16.840.1.113730.3.3.2.217.1 sr-Cyrl-RS
|
||||||
|
collation sr Latn "" 1 3 2.16.840.1.113730.3.3.2.218.1 sr-Latn
|
||||||
|
collation sr Latn BA 1 3 2.16.840.1.113730.3.3.2.219.1 sr-Latn-BA
|
||||||
|
collation sr Latn ME 1 3 2.16.840.1.113730.3.3.2.220.1 sr-Latn-ME
|
||||||
|
collation sr Latn RS 1 3 2.16.840.1.113730.3.3.2.221.1 sr-Latn-RS
|
||||||
|
collation sv FI "" 1 3 2.16.840.1.113730.3.3.2.222.1 sv-FI
|
||||||
|
collation sv SE "" 1 3 2.16.840.1.113730.3.3.2.223.1 sv-SE
|
||||||
|
collation sw "" "" 1 3 2.16.840.1.113730.3.3.2.224.1 sw
|
||||||
|
collation sw KE "" 1 3 2.16.840.1.113730.3.3.2.225.1 sw-KE
|
||||||
|
collation sw TZ "" 1 3 2.16.840.1.113730.3.3.2.226.1 sw-TZ
|
||||||
|
collation ta "" "" 1 3 2.16.840.1.113730.3.3.2.227.1 ta
|
||||||
|
collation ta IN "" 1 3 2.16.840.1.113730.3.3.2.228.1 ta-IN
|
||||||
|
collation ta LK "" 1 3 2.16.840.1.113730.3.3.2.229.1 ta-LK
|
||||||
|
collation te "" "" 1 3 2.16.840.1.113730.3.3.2.230.1 te te-IN
|
||||||
|
collation th "" "" 1 3 2.16.840.1.113730.3.3.2.231.1 th th-TH
|
||||||
|
collation ur "" "" 1 3 2.16.840.1.113730.3.3.2.232.1 ur
|
||||||
|
collation ur IN "" 1 3 2.16.840.1.113730.3.3.2.233.1 ur-IN
|
||||||
|
collation ur PK "" 1 3 2.16.840.1.113730.3.3.2.234.1 ur-PK
|
||||||
|
collation vi "" "" 1 3 2.16.840.1.113730.3.3.2.235.1 vi vi-VN
|
||||||
|
collation yo "" "" 1 3 2.16.840.1.113730.3.3.2.236.1 yo yo-NG
|
||||||
|
collation zh Hans "" 1 3 2.16.840.1.113730.3.3.2.237.1 zh-Hans
|
||||||
|
collation zh Hans CN 1 3 2.16.840.1.113730.3.3.2.238.1 zh-Hans-CN
|
||||||
|
collation zh Hans SG 1 3 2.16.840.1.113730.3.3.2.239.1 zh-Hans-SG
|
||||||
|
collation zh Hant HK 1 3 2.16.840.1.113730.3.3.2.240.1 zh-Hant-HK
|
||||||
|
collation zh Hant MO 1 3 2.16.840.1.113730.3.3.2.241.1 zh-Hant-MO
|
||||||
|
collation zh Hant TW 1 3 2.16.840.1.113730.3.3.2.242.1 zh-Hant-TW
|
||||||
|
collation zu "" "" 1 3 2.16.840.1.113730.3.3.2.243.1 zu
|
||||||
|
collation zu ZA "" 1 3 2.16.840.1.113730.3.3.2.244.1 zu-ZA
|
||||||
|
|
||||||
|
collation "" "" "" 3 3 2.16.840.1.113730.3.3.2.0.3
|
||||||
|
collation en "" "" 3 3 2.16.840.1.113730.3.3.2.11.3
|
726
root/etc/dirsrv/schema/kerberos.schema
Normal file
726
root/etc/dirsrv/schema/kerberos.schema
Normal file
@ -0,0 +1,726 @@
|
|||||||
|
# Novell Kerberos Schema Definitions
|
||||||
|
# Novell Inc.
|
||||||
|
# 1800 South Novell Place
|
||||||
|
# Provo, UT 84606
|
||||||
|
#
|
||||||
|
# VeRsIoN=1.0
|
||||||
|
# CoPyRiGhT=(c) Copyright 2006, Novell, Inc. All rights reserved
|
||||||
|
#
|
||||||
|
# OIDs:
|
||||||
|
# joint-iso-ccitt(2)
|
||||||
|
# country(16)
|
||||||
|
# us(840)
|
||||||
|
# organization(1)
|
||||||
|
# Novell(113719)
|
||||||
|
# applications(1)
|
||||||
|
# kerberos(301)
|
||||||
|
# Kerberos Attribute Type(4) attr# version#
|
||||||
|
# specific attribute definitions
|
||||||
|
# Kerberos Attribute Syntax(5)
|
||||||
|
# specific syntax definitions
|
||||||
|
# Kerberos Object Class(6) class# version#
|
||||||
|
# specific class definitions
|
||||||
|
#
|
||||||
|
# iso(1)
|
||||||
|
# member-body(2)
|
||||||
|
# United States(840)
|
||||||
|
# mit (113554)
|
||||||
|
# infosys(1)
|
||||||
|
# ldap(4)
|
||||||
|
# attributeTypes(1)
|
||||||
|
# Kerberos(6)
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
# Attribute Type Definitions #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
##### This is the principal name in the RFC 1964 specified format
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.1.1
|
||||||
|
NAME 'krbPrincipalName'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SUBSTR caseExactSubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
||||||
|
|
||||||
|
##### If there are multiple krbPrincipalName values for an entry, this
|
||||||
|
##### is the canonical principal name in the RFC 1964 specified
|
||||||
|
##### format. (If this attribute does not exist, then all
|
||||||
|
##### krbPrincipalName values are treated as canonical.)
|
||||||
|
|
||||||
|
attributetype ( 1.2.840.113554.1.4.1.6.1
|
||||||
|
NAME 'krbCanonicalName'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SUBSTR caseExactSubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
##### This specifies the type of the principal, the types could be any of
|
||||||
|
##### the types mentioned in section 6.2 of RFC 4120
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.3.1
|
||||||
|
NAME 'krbPrincipalType'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### This flag is used to find whether directory User Password has to be used
|
||||||
|
##### as kerberos password.
|
||||||
|
##### TRUE, if User Password is to be used as the kerberos password.
|
||||||
|
##### FALSE, if User Password and the kerberos password are different.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.5.1
|
||||||
|
NAME 'krbUPEnabled'
|
||||||
|
DESC 'Boolean'
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### The time at which the principal expires
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.6.1
|
||||||
|
NAME 'krbPrincipalExpiration'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### The krbTicketFlags attribute holds information about the kerberos flags for a principal
|
||||||
|
##### The values (0x00000001 - 0x00800000) are reserved for standards and
|
||||||
|
##### values (0x01000000 - 0x80000000) can be used for proprietary extensions.
|
||||||
|
##### The flags and values as per RFC 4120 and MIT implementation are,
|
||||||
|
##### DISALLOW_POSTDATED 0x00000001
|
||||||
|
##### DISALLOW_FORWARDABLE 0x00000002
|
||||||
|
##### DISALLOW_TGT_BASED 0x00000004
|
||||||
|
##### DISALLOW_RENEWABLE 0x00000008
|
||||||
|
##### DISALLOW_PROXIABLE 0x00000010
|
||||||
|
##### DISALLOW_DUP_SKEY 0x00000020
|
||||||
|
##### DISALLOW_ALL_TIX 0x00000040
|
||||||
|
##### REQUIRES_PRE_AUTH 0x00000080
|
||||||
|
##### REQUIRES_HW_AUTH 0x00000100
|
||||||
|
##### REQUIRES_PWCHANGE 0x00000200
|
||||||
|
##### DISALLOW_SVR 0x00001000
|
||||||
|
##### PWCHANGE_SERVICE 0x00002000
|
||||||
|
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.8.1
|
||||||
|
NAME 'krbTicketFlags'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### The maximum ticket lifetime for a principal in seconds
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.9.1
|
||||||
|
NAME 'krbMaxTicketLife'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Maximum renewable lifetime for a principal's ticket in seconds
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.10.1
|
||||||
|
NAME 'krbMaxRenewableAge'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Forward reference to the Realm object.
|
||||||
|
##### (FDN of the krbRealmContainer object).
|
||||||
|
##### Example: cn=ACME.COM, cn=Kerberos, cn=Security
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.14.1
|
||||||
|
NAME 'krbRealmReferences'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### List of LDAP servers that kerberos servers can contact.
|
||||||
|
##### The attribute holds data in the ldap uri format,
|
||||||
|
##### Examples: acme.com#636, 164.164.164.164#1636, ldaps://acme.com:636
|
||||||
|
#####
|
||||||
|
##### The values of this attribute need to be updated, when
|
||||||
|
##### the LDAP servers listed here are renamed, moved or deleted.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.15.1
|
||||||
|
NAME 'krbLdapServers'
|
||||||
|
EQUALITY caseIgnoreMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
||||||
|
|
||||||
|
|
||||||
|
##### A set of forward references to the KDC Service objects.
|
||||||
|
##### (FDNs of the krbKdcService objects).
|
||||||
|
##### Example: cn=kdc - server 1, ou=uvw, o=xyz
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.17.1
|
||||||
|
NAME 'krbKdcServers'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### A set of forward references to the Password Service objects.
|
||||||
|
##### (FDNs of the krbPwdService objects).
|
||||||
|
##### Example: cn=kpasswdd - server 1, ou=uvw, o=xyz
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.18.1
|
||||||
|
NAME 'krbPwdServers'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds the Host Name or the ip address,
|
||||||
|
##### transport protocol and ports of the kerberos service host
|
||||||
|
##### The format is host_name-or-ip_address#protocol#port
|
||||||
|
##### Protocol can be 0 or 1. 0 is for UDP. 1 is for TCP.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.24.1
|
||||||
|
NAME 'krbHostServer'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds the scope for searching the principals
|
||||||
|
##### under krbSubTree attribute of krbRealmContainer
|
||||||
|
##### The value can either be 1 (ONE) or 2 (SUB_TREE).
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.25.1
|
||||||
|
NAME 'krbSearchScope'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### FDNs pointing to Kerberos principals
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.26.1
|
||||||
|
NAME 'krbPrincipalReferences'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute specifies which attribute of the user objects
|
||||||
|
##### be used as the principal name component for Kerberos.
|
||||||
|
##### The allowed values are cn, sn, uid, givenname, fullname.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.28.1
|
||||||
|
NAME 'krbPrincNamingAttr'
|
||||||
|
EQUALITY caseIgnoreMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### A set of forward references to the Administration Service objects.
|
||||||
|
##### (FDNs of the krbAdmService objects).
|
||||||
|
##### Example: cn=kadmindd - server 1, ou=uvw, o=xyz
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.29.1
|
||||||
|
NAME 'krbAdmServers'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### Maximum lifetime of a principal's password
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.30.1
|
||||||
|
NAME 'krbMaxPwdLife'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Minimum lifetime of a principal's password
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.31.1
|
||||||
|
NAME 'krbMinPwdLife'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Minimum number of character clases allowed in a password
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.32.1
|
||||||
|
NAME 'krbPwdMinDiffChars'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Minimum length of the password
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.33.1
|
||||||
|
NAME 'krbPwdMinLength'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Number of previous versions of passwords that are stored
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.34.1
|
||||||
|
NAME 'krbPwdHistoryLength'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Number of consecutive pre-authentication failures before lockout
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.5322.21.2.1
|
||||||
|
NAME 'krbPwdMaxFailure'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Period after which bad preauthentication count will be reset
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.5322.21.2.2
|
||||||
|
NAME 'krbPwdFailureCountInterval'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Period in which lockout is enforced
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.5322.21.2.3
|
||||||
|
NAME 'krbPwdLockoutDuration'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Policy attribute flags
|
||||||
|
|
||||||
|
attributetype ( 1.2.840.113554.1.4.1.6.2
|
||||||
|
NAME 'krbPwdAttributes'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Policy maximum ticket lifetime
|
||||||
|
|
||||||
|
attributetype ( 1.2.840.113554.1.4.1.6.3
|
||||||
|
NAME 'krbPwdMaxLife'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Policy maximum ticket renewable lifetime
|
||||||
|
|
||||||
|
attributetype ( 1.2.840.113554.1.4.1.6.4
|
||||||
|
NAME 'krbPwdMaxRenewableLife'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Allowed enctype:salttype combinations for key changes
|
||||||
|
|
||||||
|
attributetype ( 1.2.840.113554.1.4.1.6.5
|
||||||
|
NAME 'krbPwdAllowedKeysalts'
|
||||||
|
EQUALITY caseIgnoreIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### FDN pointing to a Kerberos Password Policy object
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.36.1
|
||||||
|
NAME 'krbPwdPolicyReference'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### The time at which the principal's password expires
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.37.1
|
||||||
|
NAME 'krbPasswordExpiration'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds the principal's key (krbPrincipalKey) that is encrypted with
|
||||||
|
##### the master key (krbMKey).
|
||||||
|
##### The attribute is ASN.1 encoded.
|
||||||
|
#####
|
||||||
|
##### The format of the value for this attribute is explained below,
|
||||||
|
##### KrbKeySet ::= SEQUENCE {
|
||||||
|
##### attribute-major-vno [0] UInt16,
|
||||||
|
##### attribute-minor-vno [1] UInt16,
|
||||||
|
##### kvno [2] UInt32,
|
||||||
|
##### mkvno [3] UInt32 OPTIONAL,
|
||||||
|
##### keys [4] SEQUENCE OF KrbKey,
|
||||||
|
##### ...
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### KrbKey ::= SEQUENCE {
|
||||||
|
##### salt [0] KrbSalt OPTIONAL,
|
||||||
|
##### key [1] EncryptionKey,
|
||||||
|
##### s2kparams [2] OCTET STRING OPTIONAL,
|
||||||
|
##### ...
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### KrbSalt ::= SEQUENCE {
|
||||||
|
##### type [0] Int32,
|
||||||
|
##### salt [1] OCTET STRING OPTIONAL
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### EncryptionKey ::= SEQUENCE {
|
||||||
|
##### keytype [0] Int32,
|
||||||
|
##### keyvalue [1] OCTET STRING
|
||||||
|
##### }
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.39.1
|
||||||
|
NAME 'krbPrincipalKey'
|
||||||
|
EQUALITY octetStringMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
|
||||||
|
|
||||||
|
|
||||||
|
##### FDN pointing to a Kerberos Ticket Policy object.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.40.1
|
||||||
|
NAME 'krbTicketPolicyReference'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### Forward reference to an entry that starts sub-trees
|
||||||
|
##### where principals and other kerberos objects in the realm are configured.
|
||||||
|
##### Example: ou=acme, ou=pq, o=xyz
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.41.1
|
||||||
|
NAME 'krbSubTrees'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### Holds the default encryption/salt type combinations of principals for
|
||||||
|
##### the Realm. Stores in the form of key:salt strings. This will be
|
||||||
|
##### subset of the supported encryption/salt types.
|
||||||
|
##### Example: aes256-cts-hmac-sha384-192:normal
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.42.1
|
||||||
|
NAME 'krbDefaultEncSaltTypes'
|
||||||
|
EQUALITY caseIgnoreMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
||||||
|
|
||||||
|
|
||||||
|
##### Holds the supported encryption/salt type combinations of principals for
|
||||||
|
##### the Realm. Stores in the form of key:salt strings.
|
||||||
|
##### The supported encryption types are mentioned in RFC 3961
|
||||||
|
##### The supported salt types are,
|
||||||
|
##### NORMAL
|
||||||
|
##### V4
|
||||||
|
##### NOREALM
|
||||||
|
##### ONLYREALM
|
||||||
|
##### SPECIAL
|
||||||
|
##### AFS3
|
||||||
|
##### Example: aes256-cts-hmac-sha384-192:normal
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.43.1
|
||||||
|
NAME 'krbSupportedEncSaltTypes'
|
||||||
|
EQUALITY caseIgnoreMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds the principal's old keys (krbPwdHistory) that is encrypted with
|
||||||
|
##### the kadmin/history key.
|
||||||
|
##### The attribute is ASN.1 encoded.
|
||||||
|
#####
|
||||||
|
##### The format of the value for this attribute is explained below,
|
||||||
|
##### KrbKeySet ::= SEQUENCE {
|
||||||
|
##### attribute-major-vno [0] UInt16,
|
||||||
|
##### attribute-minor-vno [1] UInt16,
|
||||||
|
##### kvno [2] UInt32,
|
||||||
|
##### mkvno [3] UInt32 OPTIONAL -- actually kadmin/history key,
|
||||||
|
##### keys [4] SEQUENCE OF KrbKey,
|
||||||
|
##### ...
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### KrbKey ::= SEQUENCE {
|
||||||
|
##### salt [0] KrbSalt OPTIONAL,
|
||||||
|
##### key [1] EncryptionKey,
|
||||||
|
##### s2kparams [2] OCTET STRING OPTIONAL,
|
||||||
|
##### ...
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### KrbSalt ::= SEQUENCE {
|
||||||
|
##### type [0] Int32,
|
||||||
|
##### salt [1] OCTET STRING OPTIONAL
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### EncryptionKey ::= SEQUENCE {
|
||||||
|
##### keytype [0] Int32,
|
||||||
|
##### keyvalue [1] OCTET STRING
|
||||||
|
##### }
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.44.1
|
||||||
|
NAME 'krbPwdHistory'
|
||||||
|
EQUALITY octetStringMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
|
||||||
|
|
||||||
|
|
||||||
|
##### The time at which the principal's password last password change happened.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.45.1
|
||||||
|
NAME 'krbLastPwdChange'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
##### The time at which the principal was last administratively unlocked.
|
||||||
|
|
||||||
|
attributetype ( 1.3.6.1.4.1.5322.21.2.5
|
||||||
|
NAME 'krbLastAdminUnlock'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
##### This attribute holds the kerberos master key.
|
||||||
|
##### This can be used to encrypt principal keys.
|
||||||
|
##### This attribute has to be secured in directory.
|
||||||
|
#####
|
||||||
|
##### This attribute is ASN.1 encoded.
|
||||||
|
##### The format of the value for this attribute is explained below,
|
||||||
|
##### KrbMKey ::= SEQUENCE {
|
||||||
|
##### kvno [0] UInt32,
|
||||||
|
##### key [1] MasterKey
|
||||||
|
##### }
|
||||||
|
#####
|
||||||
|
##### MasterKey ::= SEQUENCE {
|
||||||
|
##### keytype [0] Int32,
|
||||||
|
##### keyvalue [1] OCTET STRING
|
||||||
|
##### }
|
||||||
|
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.46.1
|
||||||
|
NAME 'krbMKey'
|
||||||
|
EQUALITY octetStringMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
|
||||||
|
|
||||||
|
|
||||||
|
##### This stores the alternate principal names for the principal in the RFC 1964 specified format
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.47.1
|
||||||
|
NAME 'krbPrincipalAliases'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
||||||
|
|
||||||
|
|
||||||
|
##### The time at which the principal's last successful authentication happened.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.48.1
|
||||||
|
NAME 'krbLastSuccessfulAuth'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### The time at which the principal's last failed authentication happened.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.49.1
|
||||||
|
NAME 'krbLastFailedAuth'
|
||||||
|
EQUALITY generalizedTimeMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute stores the number of failed authentication attempts
|
||||||
|
##### happened for the principal since the last successful authentication.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.50.1
|
||||||
|
NAME 'krbLoginFailedCount'
|
||||||
|
EQUALITY integerMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
||||||
|
SINGLE-VALUE)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds the application specific data.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.51.1
|
||||||
|
NAME 'krbExtraData'
|
||||||
|
EQUALITY octetStringMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attributes holds references to the set of directory objects.
|
||||||
|
##### This stores the DNs of the directory objects to which the
|
||||||
|
##### principal object belongs to.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.52.1
|
||||||
|
NAME 'krbObjectReferences'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### This attribute holds references to a Container object where
|
||||||
|
##### the additional principal objects and stand alone principal
|
||||||
|
##### objects (krbPrincipal) can be created.
|
||||||
|
|
||||||
|
attributetype ( 2.16.840.1.113719.1.301.4.53.1
|
||||||
|
NAME 'krbPrincContainerRef'
|
||||||
|
EQUALITY distinguishedNameMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12)
|
||||||
|
|
||||||
|
|
||||||
|
##### A list of authentication indicator strings, one of which must be satisfied
|
||||||
|
##### to authenticate to the principal as a service.
|
||||||
|
##### FreeIPA OID:
|
||||||
|
##### joint-iso-ccitt(3) country(16) us(840) organization(1) netscape(113730)
|
||||||
|
##### ldap(3) freeipa(8) krb5(15) attributes(2)
|
||||||
|
attributetype ( 2.16.840.1.113730.3.8.15.2.1
|
||||||
|
NAME 'krbPrincipalAuthInd'
|
||||||
|
EQUALITY caseExactMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
|
||||||
|
|
||||||
|
|
||||||
|
##### A list of services to which a service principal can delegate.
|
||||||
|
attributetype ( 1.3.6.1.4.1.5322.21.2.4
|
||||||
|
NAME 'krbAllowedToDelegateTo'
|
||||||
|
EQUALITY caseExactIA5Match
|
||||||
|
SUBSTR caseExactSubstringsMatch
|
||||||
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26)
|
||||||
|
|
||||||
|
########################################################################
|
||||||
|
########################################################################
|
||||||
|
# Object Class Definitions #
|
||||||
|
########################################################################
|
||||||
|
|
||||||
|
#### This is a kerberos container for all the realms in a tree.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.1.1
|
||||||
|
NAME 'krbContainer'
|
||||||
|
SUP top
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( cn ) )
|
||||||
|
|
||||||
|
|
||||||
|
##### The krbRealmContainer is created per realm and holds realm specific data.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.2.1
|
||||||
|
NAME 'krbRealmContainer'
|
||||||
|
SUP top
|
||||||
|
STRUCTURAL
|
||||||
|
MUST ( cn )
|
||||||
|
MAY ( krbMKey $ krbUPEnabled $ krbSubTrees $ krbSearchScope $ krbLdapServers $ krbSupportedEncSaltTypes $ krbDefaultEncSaltTypes $ krbTicketPolicyReference $ krbKdcServers $ krbPwdServers $ krbAdmServers $ krbPrincNamingAttr $ krbPwdPolicyReference $ krbPrincContainerRef ) )
|
||||||
|
|
||||||
|
|
||||||
|
##### An instance of a class derived from krbService is created per
|
||||||
|
##### kerberos authentication or administration server in an realm and holds
|
||||||
|
##### references to the realm objects. These references is used to further read
|
||||||
|
##### realm specific data to service AS/TGS requests. Additionally this object
|
||||||
|
##### contains some server specific data like pathnames and ports that the
|
||||||
|
##### server uses. This is the identity the kerberos server logs in with. A key
|
||||||
|
##### pair for the same is created and the kerberos server logs in with the same.
|
||||||
|
#####
|
||||||
|
##### krbKdcService, krbAdmService and krbPwdService derive from this class.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.3.1
|
||||||
|
NAME 'krbService'
|
||||||
|
SUP top
|
||||||
|
ABSTRACT
|
||||||
|
MUST ( cn )
|
||||||
|
MAY ( krbHostServer $ krbRealmReferences ) )
|
||||||
|
|
||||||
|
|
||||||
|
##### Representative object for the KDC server to bind into a LDAP directory
|
||||||
|
##### and have a connection to access Kerberos data with the required
|
||||||
|
##### access rights.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.4.1
|
||||||
|
NAME 'krbKdcService'
|
||||||
|
SUP krbService
|
||||||
|
STRUCTURAL )
|
||||||
|
|
||||||
|
|
||||||
|
##### Representative object for the Kerberos Password server to bind into a LDAP directory
|
||||||
|
##### and have a connection to access Kerberos data with the required
|
||||||
|
##### access rights.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.5.1
|
||||||
|
NAME 'krbPwdService'
|
||||||
|
SUP krbService
|
||||||
|
STRUCTURAL )
|
||||||
|
|
||||||
|
|
||||||
|
###### The principal data auxiliary class. Holds principal information
|
||||||
|
###### and is used to store principal information for Person, Service objects.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.8.1
|
||||||
|
NAME 'krbPrincipalAux'
|
||||||
|
SUP top
|
||||||
|
AUXILIARY
|
||||||
|
MAY ( krbPrincipalName $ krbCanonicalName $ krbUPEnabled $ krbPrincipalKey $ krbTicketPolicyReference $ krbPrincipalExpiration $ krbPasswordExpiration $ krbPwdPolicyReference $ krbPrincipalType $ krbPwdHistory $ krbLastPwdChange $ krbLastAdminUnlock $ krbPrincipalAliases $ krbLastSuccessfulAuth $ krbLastFailedAuth $ krbLoginFailedCount $ krbExtraData $ krbAllowedToDelegateTo $ krbPrincipalAuthInd ) )
|
||||||
|
|
||||||
|
|
||||||
|
###### This class is used to create additional principals and stand alone principals.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.9.1
|
||||||
|
NAME 'krbPrincipal'
|
||||||
|
SUP top
|
||||||
|
MUST ( krbPrincipalName )
|
||||||
|
MAY ( krbObjectReferences ) )
|
||||||
|
|
||||||
|
|
||||||
|
###### The principal references auxiliary class. Holds all principals referred
|
||||||
|
###### from a service
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.11.1
|
||||||
|
NAME 'krbPrincRefAux'
|
||||||
|
SUP top
|
||||||
|
AUXILIARY
|
||||||
|
MAY krbPrincipalReferences )
|
||||||
|
|
||||||
|
|
||||||
|
##### Representative object for the Kerberos Administration server to bind into a LDAP directory
|
||||||
|
##### and have a connection Id to access Kerberos data with the required access rights.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.13.1
|
||||||
|
NAME 'krbAdmService'
|
||||||
|
SUP krbService
|
||||||
|
STRUCTURAL )
|
||||||
|
|
||||||
|
|
||||||
|
##### The krbPwdPolicy object is a template password policy that
|
||||||
|
##### can be applied to principals when they are created.
|
||||||
|
##### These policy attributes will be in effect, when the Kerberos
|
||||||
|
##### passwords are different from users' passwords (UP).
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.14.1
|
||||||
|
NAME 'krbPwdPolicy'
|
||||||
|
SUP top
|
||||||
|
MUST ( cn )
|
||||||
|
MAY ( krbMaxPwdLife $ krbMinPwdLife $ krbPwdMinDiffChars $ krbPwdMinLength $ krbPwdHistoryLength $ krbPwdMaxFailure $ krbPwdFailureCountInterval $ krbPwdLockoutDuration $ krbPwdAttributes $ krbPwdMaxLife $ krbPwdMaxRenewableLife $ krbPwdAllowedKeysalts ) )
|
||||||
|
|
||||||
|
|
||||||
|
##### The krbTicketPolicyAux holds Kerberos ticket policy attributes.
|
||||||
|
##### This class can be attached to a principal object or realm object.
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.16.1
|
||||||
|
NAME 'krbTicketPolicyAux'
|
||||||
|
SUP top
|
||||||
|
AUXILIARY
|
||||||
|
MAY ( krbTicketFlags $ krbMaxTicketLife $ krbMaxRenewableAge ) )
|
||||||
|
|
||||||
|
|
||||||
|
##### The krbTicketPolicy object is an effective ticket policy that is associated with a realm or a principal
|
||||||
|
|
||||||
|
objectclass ( 2.16.840.1.113719.1.301.6.17.1
|
||||||
|
NAME 'krbTicketPolicy'
|
||||||
|
SUP top
|
||||||
|
MUST ( cn ) )
|
||||||
|
|
2532
root/etc/dirsrv/slapd-medusa/dse.ldif
Normal file
2532
root/etc/dirsrv/slapd-medusa/dse.ldif
Normal file
File diff suppressed because it is too large
Load Diff
2532
root/etc/dirsrv/slapd-medusa/dse.ldif.bak
Normal file
2532
root/etc/dirsrv/slapd-medusa/dse.ldif.bak
Normal file
File diff suppressed because it is too large
Load Diff
2532
root/etc/dirsrv/slapd-medusa/dse.ldif.startOK
Normal file
2532
root/etc/dirsrv/slapd-medusa/dse.ldif.startOK
Normal file
File diff suppressed because it is too large
Load Diff
BIN
root/etc/dirsrv/slapd-medusa/key4.db
Normal file
BIN
root/etc/dirsrv/slapd-medusa/key4.db
Normal file
Binary file not shown.
1
root/etc/dirsrv/slapd-medusa/noise.txt
Normal file
1
root/etc/dirsrv/slapd-medusa/noise.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
4eTiIy84sfDz0Eiyv.wC.KwxxAj.kGFMVA6UNWaYBR6YvKly6RrC0n4HGu8tvHUdKrIGwEuCJH0V16ao632Q9k15hOecgCtVsPALWiGPl0122dQvSoZDRkgeOG4iemUi91eB0aY9fRtdGkyqrIbHlRY9s8PTL6XulAaGrR0FfFV6pMCZnLNsCR3S1Atv9AOJKEPgIvmp8fyudR4VA1sLfsvqbAtf2xovHdNqhhIJ8lKbW4u0Z7Mketa4uEroY.UbI
|
1
root/etc/dirsrv/slapd-medusa/pin.txt
Normal file
1
root/etc/dirsrv/slapd-medusa/pin.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
Internal (Software) Token:UpU0cFftep2vlX1yLvqgzt4HtDUROfkGSlQ0.LuGKZVHBG5fv6sHUuE1cGilYLRYc
|
5
root/etc/dirsrv/slapd-medusa/pkcs11.txt
Normal file
5
root/etc/dirsrv/slapd-medusa/pkcs11.txt
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
library=
|
||||||
|
name=NSS Internal PKCS #11 Module
|
||||||
|
parameters=configdir='/etc/dirsrv/slapd-medusa' certPrefix='' keyPrefix='' secmod='secmod.db' flags= updatedir='' updateCertPrefix='' updateKeyPrefix='' updateid='' updateTokenDescription='' cryptoTokenDescription='Communicator Generic Crypto Svcs' dbTokenDescription='Internal (Software) Token ' minPS=0
|
||||||
|
NSS=trustOrder=75 cipherOrder=100 slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,SHA256,SHA512,Camellia,SEED,ECC,RANDOM askpw=any timeout=0 ] } Flags=internal,critical
|
||||||
|
|
1
root/etc/dirsrv/slapd-medusa/pwdfile.txt
Normal file
1
root/etc/dirsrv/slapd-medusa/pwdfile.txt
Normal file
@ -0,0 +1 @@
|
|||||||
|
UpU0cFftep2vlX1yLvqgzt4HtDUROfkGSlQ0.LuGKZVHBG5fv6sHUuE1cGilYLRYc
|
14
root/etc/dirsrv/slapd-medusa/schema/99user.ldif
Normal file
14
root/etc/dirsrv/slapd-medusa/schema/99user.ldif
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
#
|
||||||
|
# BEGIN COPYRIGHT BLOCK
|
||||||
|
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
|
||||||
|
# Copyright (C) 2005 Red Hat, Inc.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# License: GPL (version 3 or any later version).
|
||||||
|
# See LICENSE for details.
|
||||||
|
# END COPYRIGHT BLOCK
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# User-defined schema
|
||||||
|
#
|
||||||
|
dn: cn=schema
|
8
root/etc/dirsrv/ssca/README.txt
Normal file
8
root/etc/dirsrv/ssca/README.txt
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
|
||||||
|
SSCA - Simple Self-Signed Certificate Authority
|
||||||
|
|
||||||
|
This is part of the 389 Directory Server project's lib389 toolkit. It
|
||||||
|
creates a simple, standalone certificate authority for testing and
|
||||||
|
development purposes. It's suitable for evaluation and testing purposes
|
||||||
|
only.
|
||||||
|
|
708
root/etc/dnsmasq.conf
Normal file
708
root/etc/dnsmasq.conf
Normal file
@ -0,0 +1,708 @@
|
|||||||
|
# Configuration file for dnsmasq.
|
||||||
|
#
|
||||||
|
# Format is one option per line, legal options are the same
|
||||||
|
# as the long options legal on the command line. See
|
||||||
|
# "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details.
|
||||||
|
|
||||||
|
# Listen on this specific port instead of the standard DNS port
|
||||||
|
# (53). Setting this to zero completely disables DNS function,
|
||||||
|
# leaving only DHCP and/or TFTP.
|
||||||
|
#port=5353
|
||||||
|
|
||||||
|
# The following two options make you a better netizen, since they
|
||||||
|
# tell dnsmasq to filter out queries which the public DNS cannot
|
||||||
|
# answer, and which load the servers (especially the root servers)
|
||||||
|
# unnecessarily. If you have a dial-on-demand link they also stop
|
||||||
|
# these requests from bringing up the link unnecessarily.
|
||||||
|
|
||||||
|
# Never forward plain names (without a dot or domain part)
|
||||||
|
#domain-needed
|
||||||
|
# Never forward addresses in the non-routed address spaces.
|
||||||
|
#bogus-priv
|
||||||
|
|
||||||
|
# Uncomment these to enable DNSSEC validation and caching:
|
||||||
|
# (Requires dnsmasq to be built with DNSSEC option.)
|
||||||
|
#conf-file=/usr/share/dnsmasq/trust-anchors.conf
|
||||||
|
#dnssec
|
||||||
|
|
||||||
|
# Replies which are not DNSSEC signed may be legitimate, because the domain
|
||||||
|
# is unsigned, or may be forgeries. Setting this option tells dnsmasq to
|
||||||
|
# check that an unsigned reply is OK, by finding a secure proof that a DS
|
||||||
|
# record somewhere between the root and the domain does not exist.
|
||||||
|
# The cost of setting this is that even queries in unsigned domains will need
|
||||||
|
# one or more extra DNS queries to verify.
|
||||||
|
#dnssec-check-unsigned
|
||||||
|
|
||||||
|
# Uncomment this to filter useless windows-originated DNS requests
|
||||||
|
# which can trigger dial-on-demand links needlessly.
|
||||||
|
# Note that (amongst other things) this blocks all SRV requests,
|
||||||
|
# so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.
|
||||||
|
# This option only affects forwarding, SRV records originating for
|
||||||
|
# dnsmasq (via srv-host= lines) are not suppressed by it.
|
||||||
|
#filterwin2k
|
||||||
|
|
||||||
|
# Change this line if you want dns to get its upstream servers from
|
||||||
|
# somewhere other that /etc/resolv.conf
|
||||||
|
#resolv-file=
|
||||||
|
|
||||||
|
# By default, dnsmasq will send queries to any of the upstream
|
||||||
|
# servers it knows about and tries to favour servers to are known
|
||||||
|
# to be up. Uncommenting this forces dnsmasq to try each query
|
||||||
|
# with each server strictly in the order they appear in
|
||||||
|
# /etc/resolv.conf
|
||||||
|
#strict-order
|
||||||
|
|
||||||
|
# If you don't want dnsmasq to read /etc/resolv.conf or any other
|
||||||
|
# file, getting its servers from this file instead (see below), then
|
||||||
|
# uncomment this.
|
||||||
|
#no-resolv
|
||||||
|
|
||||||
|
# If you don't want dnsmasq to poll /etc/resolv.conf or other resolv
|
||||||
|
# files for changes and re-read them then uncomment this.
|
||||||
|
#no-poll
|
||||||
|
|
||||||
|
# Add other name servers here, with domain specs if they are for
|
||||||
|
# non-public domains.
|
||||||
|
#server=/localnet/192.168.0.1
|
||||||
|
|
||||||
|
# Example of routing PTR queries to nameservers: this will send all
|
||||||
|
# address->name queries for 192.168.3/24 to nameserver 10.1.2.3
|
||||||
|
#server=/3.168.192.in-addr.arpa/10.1.2.3
|
||||||
|
|
||||||
|
# Add local-only domains here, queries in these domains are answered
|
||||||
|
# from /etc/hosts or DHCP only.
|
||||||
|
#local=/localnet/
|
||||||
|
|
||||||
|
# Add domains which you want to force to an IP address here.
|
||||||
|
# The example below send any host in double-click.net to a local
|
||||||
|
# web-server.
|
||||||
|
#address=/double-click.net/127.0.0.1
|
||||||
|
|
||||||
|
# --address (and --server) work with IPv6 addresses too.
|
||||||
|
#address=/www.thekelleys.org.uk/fe80::20d:60ff:fe36:f83
|
||||||
|
|
||||||
|
# Add the IPs of all queries to yahoo.com, google.com, and their
|
||||||
|
# subdomains to the vpn and search ipsets:
|
||||||
|
#ipset=/yahoo.com/google.com/vpn,search
|
||||||
|
|
||||||
|
# Add the IPs of all queries to yahoo.com, google.com, and their
|
||||||
|
# subdomains to netfilters sets, which is equivalent to
|
||||||
|
# 'nft add element ip test vpn { ... }; nft add element ip test search { ... }'
|
||||||
|
#nftset=/yahoo.com/google.com/ip#test#vpn,ip#test#search
|
||||||
|
|
||||||
|
# Use netfilters sets for both IPv4 and IPv6:
|
||||||
|
# This adds all addresses in *.yahoo.com to vpn4 and vpn6 for IPv4 and IPv6 addresses.
|
||||||
|
#nftset=/yahoo.com/4#ip#test#vpn4
|
||||||
|
#nftset=/yahoo.com/6#ip#test#vpn6
|
||||||
|
|
||||||
|
# You can control how dnsmasq talks to a server: this forces
|
||||||
|
# queries to 10.1.2.3 to be routed via eth1
|
||||||
|
# server=10.1.2.3@eth1
|
||||||
|
|
||||||
|
# and this sets the source (ie local) address used to talk to
|
||||||
|
# 10.1.2.3 to 192.168.1.1 port 55 (there must be an interface with that
|
||||||
|
# IP on the machine, obviously).
|
||||||
|
# server=10.1.2.3@192.168.1.1#55
|
||||||
|
|
||||||
|
# If you want dnsmasq to change uid and gid to something other
|
||||||
|
# than the default, edit the following lines.
|
||||||
|
user=dnsmasq
|
||||||
|
group=dnsmasq
|
||||||
|
|
||||||
|
# If you want dnsmasq to listen for DHCP and DNS requests only on
|
||||||
|
# specified interfaces (and the loopback) give the name of the
|
||||||
|
# interface (eg eth0) here.
|
||||||
|
# Repeat the line for more than one interface.
|
||||||
|
#interface=
|
||||||
|
# Listen only on localhost by default
|
||||||
|
interface=lo
|
||||||
|
# Or you can specify which interface _not_ to listen on
|
||||||
|
#except-interface=
|
||||||
|
# Or which to listen on by address (remember to include 127.0.0.1 if
|
||||||
|
# you use this.)
|
||||||
|
#listen-address=
|
||||||
|
# If you want dnsmasq to provide only DNS service on an interface,
|
||||||
|
# configure it as shown above, and then use the following line to
|
||||||
|
# disable DHCP and TFTP on it.
|
||||||
|
#no-dhcp-interface=
|
||||||
|
|
||||||
|
# Serve DNS and DHCP only to networks directly connected to this machine.
|
||||||
|
# Any interface= line will override it.
|
||||||
|
#local-service
|
||||||
|
|
||||||
|
# On systems which support it, dnsmasq binds the wildcard address,
|
||||||
|
# even when it is listening on only some interfaces. It then discards
|
||||||
|
# requests that it shouldn't reply to. This has the advantage of
|
||||||
|
# working even when interfaces come and go and change address. If you
|
||||||
|
# want dnsmasq to really bind only the interfaces it is listening on,
|
||||||
|
# uncomment this option. About the only time you may need this is when
|
||||||
|
# running another nameserver on the same machine.
|
||||||
|
#
|
||||||
|
# To listen only on localhost and do not receive packets on other
|
||||||
|
# interfaces, bind only to lo device. Comment out to bind on single
|
||||||
|
# wildcard socket.
|
||||||
|
bind-interfaces
|
||||||
|
|
||||||
|
# Comment out above line and uncoment following 2 lines.
|
||||||
|
# Update interface name, use ip link to get its name.
|
||||||
|
#bind-dynamic
|
||||||
|
#interface=eno1
|
||||||
|
|
||||||
|
# If you don't want dnsmasq to read /etc/hosts, uncomment the
|
||||||
|
# following line.
|
||||||
|
#no-hosts
|
||||||
|
# or if you want it to read another file, as well as /etc/hosts, use
|
||||||
|
# this.
|
||||||
|
#addn-hosts=/etc/banner_add_hosts
|
||||||
|
|
||||||
|
# Set this (and domain: see below) if you want to have a domain
|
||||||
|
# automatically added to simple names in a hosts-file.
|
||||||
|
#expand-hosts
|
||||||
|
|
||||||
|
# Set the domain for dnsmasq. this is optional, but if it is set, it
|
||||||
|
# does the following things.
|
||||||
|
# 1) Allows DHCP hosts to have fully qualified domain names, as long
|
||||||
|
# as the domain part matches this setting.
|
||||||
|
# 2) Sets the "domain" DHCP option thereby potentially setting the
|
||||||
|
# domain of all systems configured by DHCP
|
||||||
|
# 3) Provides the domain part for "expand-hosts"
|
||||||
|
#domain=thekelleys.org.uk
|
||||||
|
|
||||||
|
# Set a different domain for a particular subnet
|
||||||
|
#domain=wireless.thekelleys.org.uk,192.168.2.0/24
|
||||||
|
|
||||||
|
# Same idea, but range rather then subnet
|
||||||
|
#domain=reserved.thekelleys.org.uk,192.68.3.100,192.168.3.200
|
||||||
|
|
||||||
|
# Uncomment this to enable the integrated DHCP server, you need
|
||||||
|
# to supply the range of addresses available for lease and optionally
|
||||||
|
# a lease time. If you have more than one network, you will need to
|
||||||
|
# repeat this for each network on which you want to supply DHCP
|
||||||
|
# service.
|
||||||
|
#dhcp-range=192.168.0.50,192.168.0.150,12h
|
||||||
|
|
||||||
|
# This is an example of a DHCP range where the netmask is given. This
|
||||||
|
# is needed for networks we reach the dnsmasq DHCP server via a relay
|
||||||
|
# agent. If you don't know what a DHCP relay agent is, you probably
|
||||||
|
# don't need to worry about this.
|
||||||
|
#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h
|
||||||
|
|
||||||
|
# This is an example of a DHCP range which sets a tag, so that
|
||||||
|
# some DHCP options may be set only for this network.
|
||||||
|
#dhcp-range=set:red,192.168.0.50,192.168.0.150
|
||||||
|
|
||||||
|
# Use this DHCP range only when the tag "green" is set.
|
||||||
|
#dhcp-range=tag:green,192.168.0.50,192.168.0.150,12h
|
||||||
|
|
||||||
|
# Specify a subnet which can't be used for dynamic address allocation,
|
||||||
|
# is available for hosts with matching --dhcp-host lines. Note that
|
||||||
|
# dhcp-host declarations will be ignored unless there is a dhcp-range
|
||||||
|
# of some type for the subnet in question.
|
||||||
|
# In this case the netmask is implied (it comes from the network
|
||||||
|
# configuration on the machine running dnsmasq) it is possible to give
|
||||||
|
# an explicit netmask instead.
|
||||||
|
#dhcp-range=192.168.0.0,static
|
||||||
|
|
||||||
|
# Enable DHCPv6. Note that the prefix-length does not need to be specified
|
||||||
|
# and defaults to 64 if missing/
|
||||||
|
#dhcp-range=1234::2, 1234::500, 64, 12h
|
||||||
|
|
||||||
|
# Do Router Advertisements, BUT NOT DHCP for this subnet.
|
||||||
|
#dhcp-range=1234::, ra-only
|
||||||
|
|
||||||
|
# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
|
||||||
|
# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
|
||||||
|
# hosts. Use the DHCPv4 lease to derive the name, network segment and
|
||||||
|
# MAC address and assume that the host will also have an
|
||||||
|
# IPv6 address calculated using the SLAAC algorithm.
|
||||||
|
#dhcp-range=1234::, ra-names
|
||||||
|
|
||||||
|
# Do Router Advertisements, BUT NOT DHCP for this subnet.
|
||||||
|
# Set the lifetime to 46 hours. (Note: minimum lifetime is 2 hours.)
|
||||||
|
#dhcp-range=1234::, ra-only, 48h
|
||||||
|
|
||||||
|
# Do DHCP and Router Advertisements for this subnet. Set the A bit in the RA
|
||||||
|
# so that clients can use SLAAC addresses as well as DHCP ones.
|
||||||
|
#dhcp-range=1234::2, 1234::500, slaac
|
||||||
|
|
||||||
|
# Do Router Advertisements and stateless DHCP for this subnet. Clients will
|
||||||
|
# not get addresses from DHCP, but they will get other configuration information.
|
||||||
|
# They will use SLAAC for addresses.
|
||||||
|
#dhcp-range=1234::, ra-stateless
|
||||||
|
|
||||||
|
# Do stateless DHCP, SLAAC, and generate DNS names for SLAAC addresses
|
||||||
|
# from DHCPv4 leases.
|
||||||
|
#dhcp-range=1234::, ra-stateless, ra-names
|
||||||
|
|
||||||
|
# Do router advertisements for all subnets where we're doing DHCPv6
|
||||||
|
# Unless overridden by ra-stateless, ra-names, et al, the router
|
||||||
|
# advertisements will have the M and O bits set, so that the clients
|
||||||
|
# get addresses and configuration from DHCPv6, and the A bit reset, so the
|
||||||
|
# clients don't use SLAAC addresses.
|
||||||
|
#enable-ra
|
||||||
|
|
||||||
|
# Supply parameters for specified hosts using DHCP. There are lots
|
||||||
|
# of valid alternatives, so we will give examples of each. Note that
|
||||||
|
# IP addresses DO NOT have to be in the range given above, they just
|
||||||
|
# need to be on the same network. The order of the parameters in these
|
||||||
|
# do not matter, it's permissible to give name, address and MAC in any
|
||||||
|
# order.
|
||||||
|
|
||||||
|
# Always allocate the host with Ethernet address 11:22:33:44:55:66
|
||||||
|
# The IP address 192.168.0.60
|
||||||
|
#dhcp-host=11:22:33:44:55:66,192.168.0.60
|
||||||
|
|
||||||
|
# Always set the name of the host with hardware address
|
||||||
|
# 11:22:33:44:55:66 to be "fred"
|
||||||
|
#dhcp-host=11:22:33:44:55:66,fred
|
||||||
|
|
||||||
|
# Always give the host with Ethernet address 11:22:33:44:55:66
|
||||||
|
# the name fred and IP address 192.168.0.60 and lease time 45 minutes
|
||||||
|
#dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
|
||||||
|
|
||||||
|
# Give a host with Ethernet address 11:22:33:44:55:66 or
|
||||||
|
# 12:34:56:78:90:12 the IP address 192.168.0.60. Dnsmasq will assume
|
||||||
|
# that these two Ethernet interfaces will never be in use at the same
|
||||||
|
# time, and give the IP address to the second, even if it is already
|
||||||
|
# in use by the first. Useful for laptops with wired and wireless
|
||||||
|
# addresses.
|
||||||
|
#dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.60
|
||||||
|
|
||||||
|
# Give the machine which says its name is "bert" IP address
|
||||||
|
# 192.168.0.70 and an infinite lease
|
||||||
|
#dhcp-host=bert,192.168.0.70,infinite
|
||||||
|
|
||||||
|
# Always give the host with client identifier 01:02:02:04
|
||||||
|
# the IP address 192.168.0.60
|
||||||
|
#dhcp-host=id:01:02:02:04,192.168.0.60
|
||||||
|
|
||||||
|
# Always give the InfiniBand interface with hardware address
|
||||||
|
# 80:00:00:48:fe:80:00:00:00:00:00:00:f4:52:14:03:00:28:05:81 the
|
||||||
|
# ip address 192.168.0.61. The client id is derived from the prefix
|
||||||
|
# ff:00:00:00:00:00:02:00:00:02:c9:00 and the last 8 pairs of
|
||||||
|
# hex digits of the hardware address.
|
||||||
|
#dhcp-host=id:ff:00:00:00:00:00:02:00:00:02:c9:00:f4:52:14:03:00:28:05:81,192.168.0.61
|
||||||
|
|
||||||
|
# Always give the host with client identifier "marjorie"
|
||||||
|
# the IP address 192.168.0.60
|
||||||
|
#dhcp-host=id:marjorie,192.168.0.60
|
||||||
|
|
||||||
|
# Enable the address given for "judge" in /etc/hosts
|
||||||
|
# to be given to a machine presenting the name "judge" when
|
||||||
|
# it asks for a DHCP lease.
|
||||||
|
#dhcp-host=judge
|
||||||
|
|
||||||
|
# Never offer DHCP service to a machine whose Ethernet
|
||||||
|
# address is 11:22:33:44:55:66
|
||||||
|
#dhcp-host=11:22:33:44:55:66,ignore
|
||||||
|
|
||||||
|
# Ignore any client-id presented by the machine with Ethernet
|
||||||
|
# address 11:22:33:44:55:66. This is useful to prevent a machine
|
||||||
|
# being treated differently when running under different OS's or
|
||||||
|
# between PXE boot and OS boot.
|
||||||
|
#dhcp-host=11:22:33:44:55:66,id:*
|
||||||
|
|
||||||
|
# Send extra options which are tagged as "red" to
|
||||||
|
# the machine with Ethernet address 11:22:33:44:55:66
|
||||||
|
#dhcp-host=11:22:33:44:55:66,set:red
|
||||||
|
|
||||||
|
# Send extra options which are tagged as "red" to
|
||||||
|
# any machine with Ethernet address starting 11:22:33:
|
||||||
|
#dhcp-host=11:22:33:*:*:*,set:red
|
||||||
|
|
||||||
|
# Give a fixed IPv6 address and name to client with
|
||||||
|
# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
|
||||||
|
# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
|
||||||
|
# Note also that the [] around the IPv6 address are obligatory.
|
||||||
|
#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
|
||||||
|
|
||||||
|
# Ignore any clients which are not specified in dhcp-host lines
|
||||||
|
# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
|
||||||
|
# This relies on the special "known" tag which is set when
|
||||||
|
# a host is matched.
|
||||||
|
#dhcp-ignore=tag:!known
|
||||||
|
|
||||||
|
# Send extra options which are tagged as "red" to any machine whose
|
||||||
|
# DHCP vendorclass string includes the substring "Linux"
|
||||||
|
#dhcp-vendorclass=set:red,Linux
|
||||||
|
|
||||||
|
# Send extra options which are tagged as "red" to any machine one
|
||||||
|
# of whose DHCP userclass strings includes the substring "accounts"
|
||||||
|
#dhcp-userclass=set:red,accounts
|
||||||
|
|
||||||
|
# Send extra options which are tagged as "red" to any machine whose
|
||||||
|
# MAC address matches the pattern.
|
||||||
|
#dhcp-mac=set:red,00:60:8C:*:*:*
|
||||||
|
|
||||||
|
# If this line is uncommented, dnsmasq will read /etc/ethers and act
|
||||||
|
# on the ethernet-address/IP pairs found there just as if they had
|
||||||
|
# been given as --dhcp-host options. Useful if you keep
|
||||||
|
# MAC-address/host mappings there for other purposes.
|
||||||
|
#read-ethers
|
||||||
|
|
||||||
|
# Send options to hosts which ask for a DHCP lease.
|
||||||
|
# See RFC 2132 for details of available options.
|
||||||
|
# Common options can be given to dnsmasq by name:
|
||||||
|
# run "dnsmasq --help dhcp" to get a list.
|
||||||
|
# Note that all the common settings, such as netmask and
|
||||||
|
# broadcast address, DNS server and default route, are given
|
||||||
|
# sane defaults by dnsmasq. You very likely will not need
|
||||||
|
# any dhcp-options. If you use Windows clients and Samba, there
|
||||||
|
# are some options which are recommended, they are detailed at the
|
||||||
|
# end of this section.
|
||||||
|
|
||||||
|
# Override the default route supplied by dnsmasq, which assumes the
|
||||||
|
# router is the same machine as the one running dnsmasq.
|
||||||
|
#dhcp-option=3,1.2.3.4
|
||||||
|
|
||||||
|
# Do the same thing, but using the option name
|
||||||
|
#dhcp-option=option:router,1.2.3.4
|
||||||
|
|
||||||
|
# Override the default route supplied by dnsmasq and send no default
|
||||||
|
# route at all. Note that this only works for the options sent by
|
||||||
|
# default (1, 3, 6, 12, 28) the same line will send a zero-length option
|
||||||
|
# for all other option numbers.
|
||||||
|
#dhcp-option=3
|
||||||
|
|
||||||
|
# Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5
|
||||||
|
#dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5
|
||||||
|
|
||||||
|
# Send DHCPv6 option. Note [] around IPv6 addresses.
|
||||||
|
#dhcp-option=option6:dns-server,[1234::77],[1234::88]
|
||||||
|
|
||||||
|
# Send DHCPv6 option for namservers as the machine running
|
||||||
|
# dnsmasq and another.
|
||||||
|
#dhcp-option=option6:dns-server,[::],[1234::88]
|
||||||
|
|
||||||
|
# Ask client to poll for option changes every six hours. (RFC4242)
|
||||||
|
#dhcp-option=option6:information-refresh-time,6h
|
||||||
|
|
||||||
|
# Set option 58 client renewal time (T1). Defaults to half of the
|
||||||
|
# lease time if not specified. (RFC2132)
|
||||||
|
#dhcp-option=option:T1,1m
|
||||||
|
|
||||||
|
# Set option 59 rebinding time (T2). Defaults to 7/8 of the
|
||||||
|
# lease time if not specified. (RFC2132)
|
||||||
|
#dhcp-option=option:T2,2m
|
||||||
|
|
||||||
|
# Set the NTP time server address to be the same machine as
|
||||||
|
# is running dnsmasq
|
||||||
|
#dhcp-option=42,0.0.0.0
|
||||||
|
|
||||||
|
# Set the NIS domain name to "welly"
|
||||||
|
#dhcp-option=40,welly
|
||||||
|
|
||||||
|
# Set the default time-to-live to 50
|
||||||
|
#dhcp-option=23,50
|
||||||
|
|
||||||
|
# Set the "all subnets are local" flag
|
||||||
|
#dhcp-option=27,1
|
||||||
|
|
||||||
|
# Send the etherboot magic flag and then etherboot options (a string).
|
||||||
|
#dhcp-option=128,e4:45:74:68:00:00
|
||||||
|
#dhcp-option=129,NIC=eepro100
|
||||||
|
|
||||||
|
# Specify an option which will only be sent to the "red" network
|
||||||
|
# (see dhcp-range for the declaration of the "red" network)
|
||||||
|
# Note that the tag: part must precede the option: part.
|
||||||
|
#dhcp-option = tag:red, option:ntp-server, 192.168.1.1
|
||||||
|
|
||||||
|
# The following DHCP options set up dnsmasq in the same way as is specified
|
||||||
|
# for the ISC dhcpcd in
|
||||||
|
# https://web.archive.org/web/20040313070105/http://us1.samba.org/samba/ftp/docs/textdocs/DHCP-Server-Configuration.txt
|
||||||
|
# adapted for a typical dnsmasq installation where the host running
|
||||||
|
# dnsmasq is also the host running samba.
|
||||||
|
# you may want to uncomment some or all of them if you use
|
||||||
|
# Windows clients and Samba.
|
||||||
|
#dhcp-option=19,0 # option ip-forwarding off
|
||||||
|
#dhcp-option=44,0.0.0.0 # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
|
||||||
|
#dhcp-option=45,0.0.0.0 # netbios datagram distribution server
|
||||||
|
#dhcp-option=46,8 # netbios node type
|
||||||
|
|
||||||
|
# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.
|
||||||
|
#dhcp-option=252,"\n"
|
||||||
|
|
||||||
|
# Send RFC-3397 DNS domain search DHCP option. WARNING: Your DHCP client
|
||||||
|
# probably doesn't support this......
|
||||||
|
#dhcp-option=option:domain-search,eng.apple.com,marketing.apple.com
|
||||||
|
|
||||||
|
# Send RFC-3442 classless static routes (note the netmask encoding)
|
||||||
|
#dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
|
||||||
|
|
||||||
|
# Send vendor-class specific options encapsulated in DHCP option 43.
|
||||||
|
# The meaning of the options is defined by the vendor-class so
|
||||||
|
# options are sent only when the client supplied vendor class
|
||||||
|
# matches the class given here. (A substring match is OK, so "MSFT"
|
||||||
|
# matches "MSFT" and "MSFT 5.0"). This example sets the
|
||||||
|
# mtftp address to 0.0.0.0 for PXEClients.
|
||||||
|
#dhcp-option=vendor:PXEClient,1,0.0.0.0
|
||||||
|
|
||||||
|
# Send microsoft-specific option to tell windows to release the DHCP lease
|
||||||
|
# when it shuts down. Note the "i" flag, to tell dnsmasq to send the
|
||||||
|
# value as a four-byte integer - that's what microsoft wants. See
|
||||||
|
# http://technet2.microsoft.com/WindowsServer/en/library/a70f1bb7-d2d4-49f0-96d6-4b7414ecfaae1033.mspx?mfr=true
|
||||||
|
#dhcp-option=vendor:MSFT,2,1i
|
||||||
|
|
||||||
|
# Send the Encapsulated-vendor-class ID needed by some configurations of
|
||||||
|
# Etherboot to allow is to recognise the DHCP server.
|
||||||
|
#dhcp-option=vendor:Etherboot,60,"Etherboot"
|
||||||
|
|
||||||
|
# Send options to PXELinux. Note that we need to send the options even
|
||||||
|
# though they don't appear in the parameter request list, so we need
|
||||||
|
# to use dhcp-option-force here.
|
||||||
|
# See http://syslinux.zytor.com/pxe.php#special for details.
|
||||||
|
# Magic number - needed before anything else is recognised
|
||||||
|
#dhcp-option-force=208,f1:00:74:7e
|
||||||
|
# Configuration file name
|
||||||
|
#dhcp-option-force=209,configs/common
|
||||||
|
# Path prefix
|
||||||
|
#dhcp-option-force=210,/tftpboot/pxelinux/files/
|
||||||
|
# Reboot time. (Note 'i' to send 32-bit value)
|
||||||
|
#dhcp-option-force=211,30i
|
||||||
|
|
||||||
|
# Set the boot filename for netboot/PXE. You will only need
|
||||||
|
# this if you want to boot machines over the network and you will need
|
||||||
|
# a TFTP server; either dnsmasq's built-in TFTP server or an
|
||||||
|
# external one. (See below for how to enable the TFTP server.)
|
||||||
|
#dhcp-boot=pxelinux.0
|
||||||
|
|
||||||
|
# The same as above, but use custom tftp-server instead machine running dnsmasq
|
||||||
|
#dhcp-boot=pxelinux,server.name,192.168.1.100
|
||||||
|
|
||||||
|
# Boot for iPXE. The idea is to send two different
|
||||||
|
# filenames, the first loads iPXE, and the second tells iPXE what to
|
||||||
|
# load. The dhcp-match sets the ipxe tag for requests from iPXE.
|
||||||
|
#dhcp-boot=undionly.kpxe
|
||||||
|
#dhcp-match=set:ipxe,175 # iPXE sends a 175 option.
|
||||||
|
#dhcp-boot=tag:ipxe,http://boot.ipxe.org/demo/boot.php
|
||||||
|
|
||||||
|
# Encapsulated options for iPXE. All the options are
|
||||||
|
# encapsulated within option 175
|
||||||
|
#dhcp-option=encap:175, 1, 5b # priority code
|
||||||
|
#dhcp-option=encap:175, 176, 1b # no-proxydhcp
|
||||||
|
#dhcp-option=encap:175, 177, string # bus-id
|
||||||
|
#dhcp-option=encap:175, 189, 1b # BIOS drive code
|
||||||
|
#dhcp-option=encap:175, 190, user # iSCSI username
|
||||||
|
#dhcp-option=encap:175, 191, pass # iSCSI password
|
||||||
|
|
||||||
|
# Test for the architecture of a netboot client. PXE clients are
|
||||||
|
# supposed to send their architecture as option 93. (See RFC 4578)
|
||||||
|
#dhcp-match=peecees, option:client-arch, 0 #x86-32
|
||||||
|
#dhcp-match=itanics, option:client-arch, 2 #IA64
|
||||||
|
#dhcp-match=hammers, option:client-arch, 6 #x86-64
|
||||||
|
#dhcp-match=mactels, option:client-arch, 7 #EFI x86-64
|
||||||
|
|
||||||
|
# Do real PXE, rather than just booting a single file, this is an
|
||||||
|
# alternative to dhcp-boot.
|
||||||
|
#pxe-prompt="What system shall I netboot?"
|
||||||
|
# or with timeout before first available action is taken:
|
||||||
|
#pxe-prompt="Press F8 for menu.", 60
|
||||||
|
|
||||||
|
# Available boot services. for PXE.
|
||||||
|
#pxe-service=x86PC, "Boot from local disk"
|
||||||
|
|
||||||
|
# Loads <tftp-root>/pxelinux.0 from dnsmasq TFTP server.
|
||||||
|
#pxe-service=x86PC, "Install Linux", pxelinux
|
||||||
|
|
||||||
|
# Loads <tftp-root>/pxelinux.0 from TFTP server at 1.2.3.4.
|
||||||
|
# Beware this fails on old PXE ROMS.
|
||||||
|
#pxe-service=x86PC, "Install Linux", pxelinux, 1.2.3.4
|
||||||
|
|
||||||
|
# Use bootserver on network, found my multicast or broadcast.
|
||||||
|
#pxe-service=x86PC, "Install windows from RIS server", 1
|
||||||
|
|
||||||
|
# Use bootserver at a known IP address.
|
||||||
|
#pxe-service=x86PC, "Install windows from RIS server", 1, 1.2.3.4
|
||||||
|
|
||||||
|
# If you have multicast-FTP available,
|
||||||
|
# information for that can be passed in a similar way using options 1
|
||||||
|
# to 5. See page 19 of
|
||||||
|
# http://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
|
||||||
|
|
||||||
|
|
||||||
|
# Enable dnsmasq's built-in TFTP server
|
||||||
|
#enable-tftp
|
||||||
|
|
||||||
|
# Set the root directory for files available via FTP.
|
||||||
|
#tftp-root=/var/ftpd
|
||||||
|
|
||||||
|
# Do not abort if the tftp-root is unavailable
|
||||||
|
#tftp-no-fail
|
||||||
|
|
||||||
|
# Make the TFTP server more secure: with this set, only files owned by
|
||||||
|
# the user dnsmasq is running as will be send over the net.
|
||||||
|
#tftp-secure
|
||||||
|
|
||||||
|
# This option stops dnsmasq from negotiating a larger blocksize for TFTP
|
||||||
|
# transfers. It will slow things down, but may rescue some broken TFTP
|
||||||
|
# clients.
|
||||||
|
#tftp-no-blocksize
|
||||||
|
|
||||||
|
# Set the boot file name only when the "red" tag is set.
|
||||||
|
#dhcp-boot=tag:red,pxelinux.red-net
|
||||||
|
|
||||||
|
# An example of dhcp-boot with an external TFTP server: the name and IP
|
||||||
|
# address of the server are given after the filename.
|
||||||
|
# Can fail with old PXE ROMS. Overridden by --pxe-service.
|
||||||
|
#dhcp-boot=/var/ftpd/pxelinux.0,boothost,192.168.0.3
|
||||||
|
|
||||||
|
# If there are multiple external tftp servers having a same name
|
||||||
|
# (using /etc/hosts) then that name can be specified as the
|
||||||
|
# tftp_servername (the third option to dhcp-boot) and in that
|
||||||
|
# case dnsmasq resolves this name and returns the resultant IP
|
||||||
|
# addresses in round robin fashion. This facility can be used to
|
||||||
|
# load balance the tftp load among a set of servers.
|
||||||
|
#dhcp-boot=/var/ftpd/pxelinux.0,boothost,tftp_server_name
|
||||||
|
|
||||||
|
# Set the limit on DHCP leases, the default is 150
|
||||||
|
#dhcp-lease-max=150
|
||||||
|
|
||||||
|
# The DHCP server needs somewhere on disk to keep its lease database.
|
||||||
|
# This defaults to a sane location, but if you want to change it, use
|
||||||
|
# the line below.
|
||||||
|
#dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
|
||||||
|
|
||||||
|
# Set the DHCP server to authoritative mode. In this mode it will barge in
|
||||||
|
# and take over the lease for any client which broadcasts on the network,
|
||||||
|
# whether it has a record of the lease or not. This avoids long timeouts
|
||||||
|
# when a machine wakes up on a new network. DO NOT enable this if there's
|
||||||
|
# the slightest chance that you might end up accidentally configuring a DHCP
|
||||||
|
# server for your campus/company accidentally. The ISC server uses
|
||||||
|
# the same option, and this URL provides more information:
|
||||||
|
# http://www.isc.org/files/auth.html
|
||||||
|
#dhcp-authoritative
|
||||||
|
|
||||||
|
# Set the DHCP server to enable DHCPv4 Rapid Commit Option per RFC 4039.
|
||||||
|
# In this mode it will respond to a DHCPDISCOVER message including a Rapid Commit
|
||||||
|
# option with a DHCPACK including a Rapid Commit option and fully committed address
|
||||||
|
# and configuration information. This must only be enabled if either the server is
|
||||||
|
# the only server for the subnet, or multiple servers are present and they each
|
||||||
|
# commit a binding for all clients.
|
||||||
|
#dhcp-rapid-commit
|
||||||
|
|
||||||
|
# Run an executable when a DHCP lease is created or destroyed.
|
||||||
|
# The arguments sent to the script are "add" or "del",
|
||||||
|
# then the MAC address, the IP address and finally the hostname
|
||||||
|
# if there is one.
|
||||||
|
#dhcp-script=/bin/echo
|
||||||
|
|
||||||
|
# Set the cachesize here.
|
||||||
|
#cache-size=150
|
||||||
|
|
||||||
|
# If you want to disable negative caching, uncomment this.
|
||||||
|
#no-negcache
|
||||||
|
|
||||||
|
# Normally responses which come from /etc/hosts and the DHCP lease
|
||||||
|
# file have Time-To-Live set as zero, which conventionally means
|
||||||
|
# do not cache further. If you are happy to trade lower load on the
|
||||||
|
# server for potentially stale date, you can set a time-to-live (in
|
||||||
|
# seconds) here.
|
||||||
|
#local-ttl=
|
||||||
|
|
||||||
|
# If you want dnsmasq to detect attempts by Verisign to send queries
|
||||||
|
# to unregistered .com and .net hosts to its sitefinder service and
|
||||||
|
# have dnsmasq instead return the correct NXDOMAIN response, uncomment
|
||||||
|
# this line. You can add similar lines to do the same for other
|
||||||
|
# registries which have implemented wildcard A records.
|
||||||
|
#bogus-nxdomain=64.94.110.11
|
||||||
|
|
||||||
|
# If you want to fix up DNS results from upstream servers, use the
|
||||||
|
# alias option. This only works for IPv4.
|
||||||
|
# This alias makes a result of 1.2.3.4 appear as 5.6.7.8
|
||||||
|
#alias=1.2.3.4,5.6.7.8
|
||||||
|
# and this maps 1.2.3.x to 5.6.7.x
|
||||||
|
#alias=1.2.3.0,5.6.7.0,255.255.255.0
|
||||||
|
# and this maps 192.168.0.10->192.168.0.40 to 10.0.0.10->10.0.0.40
|
||||||
|
#alias=192.168.0.10-192.168.0.40,10.0.0.0,255.255.255.0
|
||||||
|
|
||||||
|
# Change these lines if you want dnsmasq to serve MX records.
|
||||||
|
|
||||||
|
# Return an MX record named "maildomain.com" with target
|
||||||
|
# servermachine.com and preference 50
|
||||||
|
#mx-host=maildomain.com,servermachine.com,50
|
||||||
|
|
||||||
|
# Set the default target for MX records created using the localmx option.
|
||||||
|
#mx-target=servermachine.com
|
||||||
|
|
||||||
|
# Return an MX record pointing to the mx-target for all local
|
||||||
|
# machines.
|
||||||
|
#localmx
|
||||||
|
|
||||||
|
# Return an MX record pointing to itself for all local machines.
|
||||||
|
#selfmx
|
||||||
|
|
||||||
|
# Change the following lines if you want dnsmasq to serve SRV
|
||||||
|
# records. These are useful if you want to serve ldap requests for
|
||||||
|
# Active Directory and other windows-originated DNS requests.
|
||||||
|
# See RFC 2782.
|
||||||
|
# You may add multiple srv-host lines.
|
||||||
|
# The fields are <name>,<target>,<port>,<priority>,<weight>
|
||||||
|
# If the domain part if missing from the name (so that is just has the
|
||||||
|
# service and protocol sections) then the domain given by the domain=
|
||||||
|
# config option is used. (Note that expand-hosts does not need to be
|
||||||
|
# set for this to work.)
|
||||||
|
|
||||||
|
# A SRV record sending LDAP for the example.com domain to
|
||||||
|
# ldapserver.example.com port 389
|
||||||
|
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389
|
||||||
|
|
||||||
|
# A SRV record sending LDAP for the example.com domain to
|
||||||
|
# ldapserver.example.com port 389 (using domain=)
|
||||||
|
#domain=example.com
|
||||||
|
#srv-host=_ldap._tcp,ldapserver.example.com,389
|
||||||
|
|
||||||
|
# Two SRV records for LDAP, each with different priorities
|
||||||
|
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,1
|
||||||
|
#srv-host=_ldap._tcp.example.com,ldapserver.example.com,389,2
|
||||||
|
|
||||||
|
# A SRV record indicating that there is no LDAP server for the domain
|
||||||
|
# example.com
|
||||||
|
#srv-host=_ldap._tcp.example.com
|
||||||
|
|
||||||
|
# The following line shows how to make dnsmasq serve an arbitrary PTR
|
||||||
|
# record. This is useful for DNS-SD. (Note that the
|
||||||
|
# domain-name expansion done for SRV records _does_not
|
||||||
|
# occur for PTR records.)
|
||||||
|
#ptr-record=_http._tcp.dns-sd-services,"New Employee Page._http._tcp.dns-sd-services"
|
||||||
|
|
||||||
|
# Change the following lines to enable dnsmasq to serve TXT records.
|
||||||
|
# These are used for things like SPF and zeroconf. (Note that the
|
||||||
|
# domain-name expansion done for SRV records _does_not
|
||||||
|
# occur for TXT records.)
|
||||||
|
|
||||||
|
#Example SPF.
|
||||||
|
#txt-record=example.com,"v=spf1 a -all"
|
||||||
|
|
||||||
|
#Example zeroconf
|
||||||
|
#txt-record=_http._tcp.example.com,name=value,paper=A4
|
||||||
|
|
||||||
|
# Provide an alias for a "local" DNS name. Note that this _only_ works
|
||||||
|
# for targets which are names from DHCP or /etc/hosts. Give host
|
||||||
|
# "bert" another name, bertrand
|
||||||
|
#cname=bertand,bert
|
||||||
|
|
||||||
|
# For debugging purposes, log each DNS query as it passes through
|
||||||
|
# dnsmasq.
|
||||||
|
#log-queries
|
||||||
|
|
||||||
|
# Log lots of extra information about DHCP transactions.
|
||||||
|
#log-dhcp
|
||||||
|
|
||||||
|
# Include another lot of configuration options.
|
||||||
|
#conf-file=/etc/dnsmasq.more.conf
|
||||||
|
#conf-dir=/etc/dnsmasq.d
|
||||||
|
|
||||||
|
# Include all the files in a directory except those ending in .bak
|
||||||
|
#conf-dir=/etc/dnsmasq.d,.bak
|
||||||
|
|
||||||
|
# Include all files in a directory which end in .conf
|
||||||
|
#conf-dir=/etc/dnsmasq.d/,*.conf
|
||||||
|
|
||||||
|
# Include all files in /etc/dnsmasq.d except RPM backup files
|
||||||
|
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig
|
||||||
|
|
||||||
|
# If a DHCP client claims that its name is "wpad", ignore that.
|
||||||
|
# This fixes a security hole. see CERT Vulnerability VU#598349
|
||||||
|
#dhcp-name-match=set:wpad-ignore,wpad
|
||||||
|
#dhcp-ignore-names=tag:wpad-ignore
|
||||||
|
|
17
root/etc/fstab
Normal file
17
root/etc/fstab
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
|
||||||
|
#
|
||||||
|
# /etc/fstab
|
||||||
|
# Created by anaconda on Mon Jan 16 20:45:32 2023
|
||||||
|
#
|
||||||
|
# Accessible filesystems, by reference, are maintained under '/dev/disk/'.
|
||||||
|
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
|
||||||
|
#
|
||||||
|
# After editing this file, run 'systemctl daemon-reload' to update systemd
|
||||||
|
# units generated from this file.
|
||||||
|
#
|
||||||
|
/dev/mapper/fedora_medusa-root / xfs defaults 0 0
|
||||||
|
UUID=c8c7437c-a14f-41aa-aa28-b1cfad21044c /boot xfs defaults 0 0
|
||||||
|
UUID=c8b73610-7988-479b-a970-080b0c0c4338 /home_new auto defaults 0 0
|
||||||
|
UUID=da9f470f-35de-4ba8-a03f-8831ef0d4e88 /database auto defaults 0 0
|
||||||
|
UUID=61C9-3A22 /media/320 auto defaults 0 0
|
||||||
|
UUID=9c4956b5-2f9e-46d7-8db3-4e6081347c01 /gocd auto defaults 0 0
|
@ -65,17 +65,61 @@
|
|||||||
</config-repos>
|
</config-repos>
|
||||||
<pipelines group="defaultGroup" />
|
<pipelines group="defaultGroup" />
|
||||||
<pipelines group="System-Configuration">
|
<pipelines group="System-Configuration">
|
||||||
<pipeline name="capture-files">
|
<pipeline name="capture_files" lockBehavior="unlockWhenFinished">
|
||||||
<materials>
|
<materials>
|
||||||
<git url="ssh://gogs@git.jcolebrand.info:4022/cbrand/system_configuration.git" branch="main" />
|
<git url="ssh://gogs@git.jcolebrand.info:4022/cbrand/system_configuration.git" branch="main" autoUpdate="false" materialName="system_configuration" />
|
||||||
</materials>
|
</materials>
|
||||||
<stage name="run-capture">
|
<stage name="capture" cleanWorkingDir="true">
|
||||||
|
<approval type="manual" allowOnlyOnSuccess="true" />
|
||||||
<jobs>
|
<jobs>
|
||||||
<job name="powershell">
|
<job name="capture">
|
||||||
<tasks>
|
<tasks>
|
||||||
<exec command="sudo">
|
<exec command="sudo">
|
||||||
<arg>pwsh</arg>
|
<arg>pwsh</arg>
|
||||||
<arg>capture.ps1</arg>
|
<arg>capture.ps1</arg>
|
||||||
|
</exec>
|
||||||
|
<exec command="pwsh">
|
||||||
|
<arg>upload.ps1</arg>
|
||||||
|
</exec>
|
||||||
|
</tasks>
|
||||||
|
</job>
|
||||||
|
</jobs>
|
||||||
|
</stage>
|
||||||
|
</pipeline>
|
||||||
|
<pipeline name="apply_files" lockBehavior="unlockWhenFinished">
|
||||||
|
<materials>
|
||||||
|
<git url="ssh://gogs@git.jcolebrand.info:4022/cbrand/system_configuration.git" branch="main" autoUpdate="false" materialName="system_configuration" />
|
||||||
|
</materials>
|
||||||
|
<stage name="apply" cleanWorkingDir="true">
|
||||||
|
<approval type="manual" allowOnlyOnSuccess="true" />
|
||||||
|
<jobs>
|
||||||
|
<job name="apply">
|
||||||
|
<tasks>
|
||||||
|
<exec command="sudo">
|
||||||
|
<arg>pwsh</arg>
|
||||||
|
<arg>capture.ps1</arg>
|
||||||
|
</exec>
|
||||||
|
<exec command="pwsh">
|
||||||
|
<arg>upload.ps1</arg>
|
||||||
|
</exec>
|
||||||
|
</tasks>
|
||||||
|
</job>
|
||||||
|
</jobs>
|
||||||
|
</stage>
|
||||||
|
</pipeline>
|
||||||
|
</pipelines>
|
||||||
|
<pipelines group="Database-Maintenance">
|
||||||
|
<pipeline name="run-ldap2pg" lockBehavior="unlockWhenFinished">
|
||||||
|
<materials>
|
||||||
|
<git url="ssh://gogs@git.jcolebrand.info:4022/cbrand/system_configuration.git" branch="main" autoUpdate="false" />
|
||||||
|
</materials>
|
||||||
|
<stage name="run-ldap2pg">
|
||||||
|
<approval type="manual" />
|
||||||
|
<jobs>
|
||||||
|
<job name="run-ldap2pg">
|
||||||
|
<tasks>
|
||||||
|
<exec command="pwsh">
|
||||||
|
<arg>runldap2pg.ps1</arg>
|
||||||
<runif status="passed" />
|
<runif status="passed" />
|
||||||
</exec>
|
</exec>
|
||||||
</tasks>
|
</tasks>
|
||||||
@ -84,4 +128,25 @@
|
|||||||
</stage>
|
</stage>
|
||||||
</pipeline>
|
</pipeline>
|
||||||
</pipelines>
|
</pipelines>
|
||||||
|
<pipelines group="jellyfin">
|
||||||
|
<pipeline name="moviedrop" lockBehavior="unlockWhenFinished">
|
||||||
|
<timer>0 0 4 ? * *</timer>
|
||||||
|
<materials>
|
||||||
|
<git url="ssh://gogs@git.jcolebrand.info:4022/cbrand/system_configuration.git" branch="main" autoUpdate="false" />
|
||||||
|
</materials>
|
||||||
|
<stage name="moviedrop">
|
||||||
|
<approval type="manual" />
|
||||||
|
<jobs>
|
||||||
|
<job name="moviedrop">
|
||||||
|
<tasks>
|
||||||
|
<exec command="sudo">
|
||||||
|
<arg>pwsh</arg>
|
||||||
|
<arg>moviedrop.ps1</arg>
|
||||||
|
</exec>
|
||||||
|
</tasks>
|
||||||
|
</job>
|
||||||
|
</jobs>
|
||||||
|
</stage>
|
||||||
|
</pipeline>
|
||||||
|
</pipelines>
|
||||||
</cruise>
|
</cruise>
|
||||||
|
85
root/etc/go/cruise-config.xml.bak
Normal file
85
root/etc/go/cruise-config.xml.bak
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
|
<cruise xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="cruise-config.xsd" schemaVersion="139">
|
||||||
|
<server jobTimeout="10" agentAutoRegisterKey="a1887244-6e5b-41a0-b04c-299f9d555fda" webhookSecret="0aab7ed7-9e7d-4b7d-ba65-9f51ae793460" serverId="fb4411a5-449d-4c2b-b8f8-ec9c53107a20" tokenGenerationKey="c306d243-81cd-4201-9fdf-5457ef2b78d7">
|
||||||
|
<security>
|
||||||
|
<authConfigs>
|
||||||
|
<authConfig id="jcolebrand.info" pluginId="cd.go.authentication.ldap">
|
||||||
|
<property>
|
||||||
|
<key>Url</key>
|
||||||
|
<value>ldaps://medusa.jcolebrand.info</value>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>SearchBases</key>
|
||||||
|
<value>dc=jcolebrand,dc=info</value>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>ManagerDN</key>
|
||||||
|
<value>cn=go,ou=services,dc=jcolebrand,dc=info</value>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>Password</key>
|
||||||
|
<encryptedValue>AES:wOo1/UYbNwt/wswcXBLjyw==:QcPbN2VPu1ElhyBCXXSL0A==</encryptedValue>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>UserSearchFilter</key>
|
||||||
|
<value />
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>UserLoginFilter</key>
|
||||||
|
<value>(uid={0})</value>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>DisplayNameAttribute</key>
|
||||||
|
<value>uid</value>
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>EmailAttribute</key>
|
||||||
|
<value />
|
||||||
|
</property>
|
||||||
|
<property>
|
||||||
|
<key>SearchTimeout</key>
|
||||||
|
<value />
|
||||||
|
</property>
|
||||||
|
</authConfig>
|
||||||
|
</authConfigs>
|
||||||
|
<admins>
|
||||||
|
<user>cbrand</user>
|
||||||
|
</admins>
|
||||||
|
</security>
|
||||||
|
<artifacts>
|
||||||
|
<artifactsDir>/gocd/artifacts</artifactsDir>
|
||||||
|
<purgeSettings>
|
||||||
|
<purgeStartDiskSpace>50.0</purgeStartDiskSpace>
|
||||||
|
<purgeUptoDiskSpace>50.0</purgeUptoDiskSpace>
|
||||||
|
</purgeSettings>
|
||||||
|
</artifacts>
|
||||||
|
</server>
|
||||||
|
<config-repos>
|
||||||
|
<config-repo id="pipeline" pluginId="json.config.plugin">
|
||||||
|
<git url="ssh://git.jcolebrand.info:4022/jcolebrand.info/pipeline.git" branch="main" />
|
||||||
|
<rules>
|
||||||
|
<allow action="refer" type="*">jcolebrand.info</allow>
|
||||||
|
<allow action="refer" type="*">defaultGroup</allow>
|
||||||
|
</rules>
|
||||||
|
</config-repo>
|
||||||
|
</config-repos>
|
||||||
|
<pipelines group="defaultGroup">
|
||||||
|
<pipeline name="jcolebrand.info">
|
||||||
|
<materials>
|
||||||
|
<git url="http://git.jcolebrand.info/jcolebrand.info/gocd.git" branch="main" />
|
||||||
|
</materials>
|
||||||
|
<stage name="stage-1">
|
||||||
|
<jobs>
|
||||||
|
<job name="hello-world">
|
||||||
|
<tasks>
|
||||||
|
<exec command="/usr/bin/pwsh">
|
||||||
|
<arg>hello.ps1</arg>
|
||||||
|
<runif status="any" />
|
||||||
|
</exec>
|
||||||
|
</tasks>
|
||||||
|
</job>
|
||||||
|
</jobs>
|
||||||
|
</stage>
|
||||||
|
</pipeline>
|
||||||
|
</pipelines>
|
||||||
|
</cruise>
|
11
root/etc/hosts
Normal file
11
root/etc/hosts
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# Loopback entries; do not change.
|
||||||
|
# For historical reasons, localhost precedes localhost.localdomain:
|
||||||
|
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
|
||||||
|
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
|
||||||
|
# See hosts(5) for proper format and other examples:
|
||||||
|
# 192.168.1.10 foo.mydomain.org foo
|
||||||
|
# 192.168.1.13 bar.mydomain.org bar
|
||||||
|
192.168.50.2 medusa.jcolebrand.info
|
||||||
|
192.168.50.3 euryale.jcolebrand.info
|
||||||
|
192.168.50.2 watch.jcolebrand.info
|
||||||
|
|
36
root/etc/httpd/conf.d/BackupPC.conf
Normal file
36
root/etc/httpd/conf.d/BackupPC.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
<DirectoryMatch /usr/(share|libexec)/BackupPC/>
|
||||||
|
# BackupPC requires valid authentication in order for the web interface to
|
||||||
|
# function properly. One can view the web interface without authentication
|
||||||
|
# though all functionality is disabled.
|
||||||
|
#
|
||||||
|
# htpasswd -c /etc/BackupPC/apache.users yourusername
|
||||||
|
#
|
||||||
|
|
||||||
|
AuthType Basic
|
||||||
|
AuthUserFile /etc/BackupPC/apache.users
|
||||||
|
AuthName "BackupPC"
|
||||||
|
|
||||||
|
<IfModule mod_authz_core.c>
|
||||||
|
# Apache 2.4
|
||||||
|
<RequireAll>
|
||||||
|
Require valid-user
|
||||||
|
<RequireAny>
|
||||||
|
Require local
|
||||||
|
</RequireAny>
|
||||||
|
</RequireAll>
|
||||||
|
</IfModule>
|
||||||
|
<IfModule !mod_authz_core.c>
|
||||||
|
# Apache 2.2
|
||||||
|
order deny,allow
|
||||||
|
deny from all
|
||||||
|
allow from 127.0.0.1
|
||||||
|
allow from ::1
|
||||||
|
require valid-user
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
</DirectoryMatch>
|
||||||
|
|
||||||
|
|
||||||
|
Alias /BackupPC/images /usr/share/BackupPC/html/
|
||||||
|
ScriptAlias /BackupPC /usr/libexec/BackupPC/BackupPC_Admin
|
||||||
|
ScriptAlias /backuppc /usr/libexec/BackupPC/BackupPC_Admin
|
12
root/etc/httpd/conf.d/lookup_identity.conf
Normal file
12
root/etc/httpd/conf.d/lookup_identity.conf
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
|
||||||
|
# Load the module in /etc/httpd/conf.modules.d/55-lookup_identity.conf
|
||||||
|
|
||||||
|
# <Location /login>
|
||||||
|
# LookupUserAttr mail REMOTE_USER_EMAIL " "
|
||||||
|
# LookupUserAttr givenname REMOTE_USER_FIRSTNAME
|
||||||
|
# LookupUserAttr sn REMOTE_USER_LASTNAME
|
||||||
|
# LookupUserAttrIter custom REMOTE_USER_CUSTOM
|
||||||
|
# LookupUserGroups REMOTE_USER_GROUPS ":"
|
||||||
|
# LookupUserGroupsIter REMOTE_USER_GROUP
|
||||||
|
# </Location>
|
||||||
|
|
0
root/etc/httpd/conf.d/nss.conf
Normal file
0
root/etc/httpd/conf.d/nss.conf
Normal file
19
root/etc/httpd/conf.d/pgadmin4.conf
Normal file
19
root/etc/httpd/conf.d/pgadmin4.conf
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
LoadModule wsgi_module modules/mod_wsgi.so
|
||||||
|
WSGIDaemonProcess pgadmin processes=1 threads=25 python-home=/usr/pgadmin4/venv
|
||||||
|
WSGIScriptAlias /pgadmin4 /usr/pgadmin4/web/pgAdmin4.wsgi
|
||||||
|
|
||||||
|
<Directory /usr/pgadmin4/web/>
|
||||||
|
WSGIProcessGroup pgadmin
|
||||||
|
WSGIApplicationGroup %{GLOBAL}
|
||||||
|
<IfModule mod_authz_core.c>
|
||||||
|
# Apache 2.4
|
||||||
|
Require all granted
|
||||||
|
</IfModule>
|
||||||
|
<IfModule !mod_authz_core.c>
|
||||||
|
# Apache 2.2
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from All
|
||||||
|
Allow from 127.0.0.1
|
||||||
|
Allow from ::1
|
||||||
|
</IfModule>
|
||||||
|
</Directory>
|
219
root/etc/httpd/conf.d/ssl.conf
Normal file
219
root/etc/httpd/conf.d/ssl.conf
Normal file
@ -0,0 +1,219 @@
|
|||||||
|
#
|
||||||
|
# When we also provide SSL we have to listen to the
|
||||||
|
# standard HTTPS port in addition.
|
||||||
|
#
|
||||||
|
Listen 443 https
|
||||||
|
|
||||||
|
##
|
||||||
|
## SSL Global Context
|
||||||
|
##
|
||||||
|
## All SSL configuration in this context applies both to
|
||||||
|
## the main server and all SSL-enabled virtual hosts.
|
||||||
|
##
|
||||||
|
|
||||||
|
# Pass Phrase Dialog:
|
||||||
|
# Configure the pass phrase gathering process.
|
||||||
|
# The filtering dialog program (`builtin' is a internal
|
||||||
|
# terminal dialog) has to provide the pass phrase on stdout.
|
||||||
|
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
|
||||||
|
|
||||||
|
# Inter-Process Session Cache:
|
||||||
|
# Configure the SSL Session Cache: First the mechanism
|
||||||
|
# to use and second the expiring timeout (in seconds).
|
||||||
|
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
|
||||||
|
SSLSessionCacheTimeout 300
|
||||||
|
|
||||||
|
# Pseudo Random Number Generator (PRNG):
|
||||||
|
# Configure one or more sources to seed the PRNG of the
|
||||||
|
# SSL library. The seed data should be of good random quality.
|
||||||
|
# WARNING! On some platforms /dev/random blocks if not enough entropy
|
||||||
|
# is available. This means you then cannot use the /dev/random device
|
||||||
|
# because it would lead to very long connection times (as long as
|
||||||
|
# it requires to make more entropy available). But usually those
|
||||||
|
# platforms additionally provide a /dev/urandom device which doesn't
|
||||||
|
# block. So, if available, use this one instead. Read the mod_ssl User
|
||||||
|
# Manual for more details.
|
||||||
|
SSLRandomSeed startup file:/dev/urandom 256
|
||||||
|
SSLRandomSeed connect builtin
|
||||||
|
#SSLRandomSeed startup file:/dev/random 512
|
||||||
|
#SSLRandomSeed connect file:/dev/random 512
|
||||||
|
#SSLRandomSeed connect file:/dev/urandom 512
|
||||||
|
|
||||||
|
#
|
||||||
|
# Use "SSLCryptoDevice" to enable any supported hardware
|
||||||
|
# accelerators. Use "openssl engine -v" to list supported
|
||||||
|
# engine names. NOTE: If you enable an accelerator and the
|
||||||
|
# server does not start, consult the error logs and ensure
|
||||||
|
# your accelerator is functioning properly.
|
||||||
|
#
|
||||||
|
SSLCryptoDevice builtin
|
||||||
|
#SSLCryptoDevice ubsec
|
||||||
|
|
||||||
|
##
|
||||||
|
## SSL Virtual Host Context
|
||||||
|
##
|
||||||
|
|
||||||
|
<VirtualHost _default_:443>
|
||||||
|
|
||||||
|
# General setup for the virtual host, inherited from global configuration
|
||||||
|
#DocumentRoot "/var/www/html"
|
||||||
|
#ServerName www.example.com:443
|
||||||
|
|
||||||
|
# Use separate log files for the SSL virtual host; note that LogLevel
|
||||||
|
# is not inherited from httpd.conf.
|
||||||
|
ErrorLog logs/ssl_error_log
|
||||||
|
TransferLog logs/ssl_access_log
|
||||||
|
LogLevel warn
|
||||||
|
|
||||||
|
# SSL Engine Switch:
|
||||||
|
# Enable/Disable SSL for this virtual host.
|
||||||
|
SSLEngine on
|
||||||
|
|
||||||
|
# List the protocol versions which clients are allowed to connect with.
|
||||||
|
# The OpenSSL system profile is configured by default. See
|
||||||
|
# update-crypto-policies(8) for more details.
|
||||||
|
#SSLProtocol all -SSLv3
|
||||||
|
#SSLProxyProtocol all -SSLv3
|
||||||
|
|
||||||
|
# User agents such as web browsers are not configured for the user's
|
||||||
|
# own preference of either security or performance, therefore this
|
||||||
|
# must be the prerogative of the web server administrator who manages
|
||||||
|
# cpu load versus confidentiality, so enforce the server's cipher order.
|
||||||
|
SSLHonorCipherOrder on
|
||||||
|
|
||||||
|
# SSL Cipher Suite:
|
||||||
|
# List the ciphers that the client is permitted to negotiate.
|
||||||
|
# See the mod_ssl documentation for a complete list.
|
||||||
|
# The OpenSSL system profile is configured by default. See
|
||||||
|
# update-crypto-policies(8) for more details.
|
||||||
|
SSLCipherSuite PROFILE=SYSTEM
|
||||||
|
SSLProxyCipherSuite PROFILE=SYSTEM
|
||||||
|
|
||||||
|
# Point SSLCertificateFile at a PEM encoded certificate. If
|
||||||
|
# the certificate is encrypted, then you will be prompted for a
|
||||||
|
# pass phrase. Note that restarting httpd will prompt again. Keep
|
||||||
|
# in mind that if you have both an RSA and a DSA certificate you
|
||||||
|
# can configure both in parallel (to also allow the use of DSA
|
||||||
|
# ciphers, etc.)
|
||||||
|
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
|
||||||
|
# require an ECC certificate which can also be configured in
|
||||||
|
# parallel.
|
||||||
|
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
|
||||||
|
|
||||||
|
# Server Private Key:
|
||||||
|
# If the key is not combined with the certificate, use this
|
||||||
|
# directive to point at the key file. Keep in mind that if
|
||||||
|
# you've both a RSA and a DSA private key you can configure
|
||||||
|
# both in parallel (to also allow the use of DSA ciphers, etc.)
|
||||||
|
# ECC keys, when in use, can also be configured in parallel
|
||||||
|
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
|
||||||
|
|
||||||
|
# Server Certificate Chain:
|
||||||
|
# Point SSLCertificateChainFile at a file containing the
|
||||||
|
# concatenation of PEM encoded CA certificates which form the
|
||||||
|
# certificate chain for the server certificate. Alternatively
|
||||||
|
# the referenced file can be the same as SSLCertificateFile
|
||||||
|
# when the CA certificates are directly appended to the server
|
||||||
|
# certificate for convenience.
|
||||||
|
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
|
||||||
|
|
||||||
|
# Certificate Authority (CA):
|
||||||
|
# Set the CA certificate verification path where to find CA
|
||||||
|
# certificates for client authentication or alternatively one
|
||||||
|
# huge file containing all of them (file must be PEM encoded)
|
||||||
|
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
|
||||||
|
# Client Authentication (Type):
|
||||||
|
# Client certificate verification type and depth. Types are
|
||||||
|
# none, optional, require and optional_no_ca. Depth is a
|
||||||
|
# number which specifies how deeply to verify the certificate
|
||||||
|
# issuer chain before deciding the certificate is not valid.
|
||||||
|
#SSLVerifyClient require
|
||||||
|
#SSLVerifyDepth 10
|
||||||
|
|
||||||
|
# Access Control:
|
||||||
|
# With SSLRequire you can do per-directory access control based
|
||||||
|
# on arbitrary complex boolean expressions containing server
|
||||||
|
# variable checks and other lookup directives. The syntax is a
|
||||||
|
# mixture between C and Perl. See the mod_ssl documentation
|
||||||
|
# for more details.
|
||||||
|
#<Location />
|
||||||
|
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
|
||||||
|
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
|
||||||
|
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
|
||||||
|
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
|
||||||
|
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
|
||||||
|
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
|
||||||
|
#</Location>
|
||||||
|
|
||||||
|
# SSL Engine Options:
|
||||||
|
# Set various options for the SSL engine.
|
||||||
|
# o FakeBasicAuth:
|
||||||
|
# Translate the client X.509 into a Basic Authorisation. This means that
|
||||||
|
# the standard Auth/DBMAuth methods can be used for access control. The
|
||||||
|
# user name is the `one line' version of the client's X.509 certificate.
|
||||||
|
# Note that no password is obtained from the user. Every entry in the user
|
||||||
|
# file needs this password: `xxj31ZMTZzkVA'.
|
||||||
|
# o ExportCertData:
|
||||||
|
# This exports two additional environment variables: SSL_CLIENT_CERT and
|
||||||
|
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
|
||||||
|
# server (always existing) and the client (only existing when client
|
||||||
|
# authentication is used). This can be used to import the certificates
|
||||||
|
# into CGI scripts.
|
||||||
|
# o StdEnvVars:
|
||||||
|
# This exports the standard SSL/TLS related `SSL_*' environment variables.
|
||||||
|
# Per default this exportation is switched off for performance reasons,
|
||||||
|
# because the extraction step is an expensive operation and is usually
|
||||||
|
# useless for serving static content. So one usually enables the
|
||||||
|
# exportation for CGI and SSI requests only.
|
||||||
|
# o StrictRequire:
|
||||||
|
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
|
||||||
|
# under a "Satisfy any" situation, i.e. when it applies access is denied
|
||||||
|
# and no other module can change it.
|
||||||
|
# o OptRenegotiate:
|
||||||
|
# This enables optimized SSL connection renegotiation handling when SSL
|
||||||
|
# directives are used in per-directory context.
|
||||||
|
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
|
||||||
|
<FilesMatch "\.(cgi|shtml|phtml|php)$">
|
||||||
|
SSLOptions +StdEnvVars
|
||||||
|
</FilesMatch>
|
||||||
|
<Directory "/var/www/cgi-bin">
|
||||||
|
SSLOptions +StdEnvVars
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
# SSL Protocol Adjustments:
|
||||||
|
# The safe and default but still SSL/TLS standard compliant shutdown
|
||||||
|
# approach is that mod_ssl sends the close notify alert but doesn't wait for
|
||||||
|
# the close notify alert from client. When you need a different shutdown
|
||||||
|
# approach you can use one of the following variables:
|
||||||
|
# o ssl-unclean-shutdown:
|
||||||
|
# This forces an unclean shutdown when the connection is closed, i.e. no
|
||||||
|
# SSL close notify alert is sent or allowed to be received. This violates
|
||||||
|
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
|
||||||
|
# this when you receive I/O errors because of the standard approach where
|
||||||
|
# mod_ssl sends the close notify alert.
|
||||||
|
# o ssl-accurate-shutdown:
|
||||||
|
# This forces an accurate shutdown when the connection is closed, i.e. a
|
||||||
|
# SSL close notify alert is sent and mod_ssl waits for the close notify
|
||||||
|
# alert of the client. This is 100% SSL/TLS standard compliant, but in
|
||||||
|
# practice often causes hanging connections with brain-dead browsers. Use
|
||||||
|
# this only for browsers where you know that their SSL implementation
|
||||||
|
# works correctly.
|
||||||
|
# Notice: Most problems of broken clients are also related to the HTTP
|
||||||
|
# keep-alive facility, so you usually additionally want to disable
|
||||||
|
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
|
||||||
|
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
|
||||||
|
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
|
||||||
|
# "force-response-1.0" for this.
|
||||||
|
BrowserMatch "MSIE [2-5]" \
|
||||||
|
nokeepalive ssl-unclean-shutdown \
|
||||||
|
downgrade-1.0 force-response-1.0
|
||||||
|
|
||||||
|
# Per-Server Logging:
|
||||||
|
# The home of a custom SSL log file. Use this when you want a
|
||||||
|
# compact non-error SSL logfile on a virtual host basis.
|
||||||
|
CustomLog logs/ssl_request_log \
|
||||||
|
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
|
||||||
|
|
||||||
|
</VirtualHost>
|
||||||
|
|
36
root/etc/httpd/conf.d/userdir.conf
Normal file
36
root/etc/httpd/conf.d/userdir.conf
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
#
|
||||||
|
# UserDir: The name of the directory that is appended onto a user's home
|
||||||
|
# directory if a ~user request is received.
|
||||||
|
#
|
||||||
|
# The path to the end user account 'public_html' directory must be
|
||||||
|
# accessible to the webserver userid. This usually means that ~userid
|
||||||
|
# must have permissions of 711, ~userid/public_html must have permissions
|
||||||
|
# of 755, and documents contained therein must be world-readable.
|
||||||
|
# Otherwise, the client will only receive a "403 Forbidden" message.
|
||||||
|
#
|
||||||
|
<IfModule mod_userdir.c>
|
||||||
|
#
|
||||||
|
# UserDir is disabled by default since it can confirm the presence
|
||||||
|
# of a username on the system (depending on home directory
|
||||||
|
# permissions).
|
||||||
|
#
|
||||||
|
UserDir disabled
|
||||||
|
|
||||||
|
#
|
||||||
|
# To enable requests to /~user/ to serve the user's public_html
|
||||||
|
# directory, remove the "UserDir disabled" line above, and uncomment
|
||||||
|
# the following line instead:
|
||||||
|
#
|
||||||
|
#UserDir public_html
|
||||||
|
</IfModule>
|
||||||
|
|
||||||
|
#
|
||||||
|
# Control access to UserDir directories. The following is an example
|
||||||
|
# for a site where these directories are restricted to read-only.
|
||||||
|
#
|
||||||
|
<Directory "/home/*/public_html">
|
||||||
|
AllowOverride FileInfo AuthConfig Limit Indexes
|
||||||
|
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||||||
|
Require method GET POST OPTIONS
|
||||||
|
</Directory>
|
||||||
|
|
20
root/etc/httpd/conf.d/welcome.conf
Normal file
20
root/etc/httpd/conf.d/welcome.conf
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
#
|
||||||
|
# This configuration file enables the default "Welcome" page if there
|
||||||
|
# is no default index page present for the root URL. To disable the
|
||||||
|
# Welcome page, comment out all the lines below.
|
||||||
|
#
|
||||||
|
# NOTE: if this file is removed, it will be restored on upgrades.
|
||||||
|
#
|
||||||
|
<LocationMatch "^/+$">
|
||||||
|
Options -Indexes
|
||||||
|
ErrorDocument 403 /.noindex.html
|
||||||
|
</LocationMatch>
|
||||||
|
|
||||||
|
<Directory /usr/share/httpd/noindex>
|
||||||
|
AllowOverride None
|
||||||
|
Require all granted
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
Alias /.noindex.html /usr/share/httpd/noindex/index.html
|
||||||
|
Alias /poweredby.png /usr/share/httpd/icons/apache_pb3.png
|
||||||
|
Alias /system_noindex_logo.png /usr/share/httpd/icons/system_noindex_logo.png
|
1
root/etc/httpd/conf.modules.d/00-brotli.conf
Normal file
1
root/etc/httpd/conf.modules.d/00-brotli.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule brotli_module modules/mod_brotli.so
|
3
root/etc/httpd/conf.modules.d/00-dav.conf
Normal file
3
root/etc/httpd/conf.modules.d/00-dav.conf
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
LoadModule dav_module modules/mod_dav.so
|
||||||
|
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||||||
|
LoadModule dav_lock_module modules/mod_dav_lock.so
|
1
root/etc/httpd/conf.modules.d/00-lua.conf
Normal file
1
root/etc/httpd/conf.modules.d/00-lua.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule lua_module modules/mod_lua.so
|
23
root/etc/httpd/conf.modules.d/00-mpm.conf
Normal file
23
root/etc/httpd/conf.modules.d/00-mpm.conf
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
# Select the MPM module which should be used by uncommenting exactly
|
||||||
|
# one of the following LoadModule lines. See the httpd.conf(5) man
|
||||||
|
# page for more information on changing the MPM.
|
||||||
|
|
||||||
|
# prefork MPM: Implements a non-threaded, pre-forking web server
|
||||||
|
# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
|
||||||
|
#
|
||||||
|
# NOTE: If enabling prefork, the httpd_graceful_shutdown SELinux
|
||||||
|
# boolean should be enabled, to allow graceful stop/shutdown.
|
||||||
|
#
|
||||||
|
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||||
|
|
||||||
|
# worker MPM: Multi-Processing Module implementing a hybrid
|
||||||
|
# multi-threaded multi-process web server
|
||||||
|
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
|
||||||
|
#
|
||||||
|
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
|
||||||
|
|
||||||
|
# event MPM: A variant of the worker MPM with the goal of consuming
|
||||||
|
# threads only for connections with active processing
|
||||||
|
# See: http://httpd.apache.org/docs/2.4/mod/event.html
|
||||||
|
#
|
||||||
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
18
root/etc/httpd/conf.modules.d/00-optional.conf
Normal file
18
root/etc/httpd/conf.modules.d/00-optional.conf
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
#
|
||||||
|
# This file lists modules included with the Apache HTTP Server
|
||||||
|
# which are not enabled by default.
|
||||||
|
#
|
||||||
|
|
||||||
|
#LoadModule asis_module modules/mod_asis.so
|
||||||
|
#LoadModule buffer_module modules/mod_buffer.so
|
||||||
|
#LoadModule heartbeat_module modules/mod_heartbeat.so
|
||||||
|
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||||||
|
#LoadModule usertrack_module modules/mod_usertrack.so
|
||||||
|
#LoadModule dialup_module modules/mod_dialup.so
|
||||||
|
#LoadModule charset_lite_module modules/mod_charset_lite.so
|
||||||
|
#LoadModule log_debug_module modules/mod_log_debug.so
|
||||||
|
#LoadModule log_forensic_module modules/mod_log_forensic.so
|
||||||
|
#LoadModule ratelimit_module modules/mod_ratelimit.so
|
||||||
|
#LoadModule reflector_module modules/mod_reflector.so
|
||||||
|
#LoadModule sed_module modules/mod_sed.so
|
||||||
|
#LoadModule speling_module modules/mod_speling.so
|
18
root/etc/httpd/conf.modules.d/00-proxy.conf
Normal file
18
root/etc/httpd/conf.modules.d/00-proxy.conf
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# This file configures all the proxy modules:
|
||||||
|
LoadModule proxy_module modules/mod_proxy.so
|
||||||
|
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
|
||||||
|
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
|
||||||
|
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
|
||||||
|
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
|
||||||
|
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||||||
|
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||||||
|
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||||||
|
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||||||
|
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||||||
|
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||||||
|
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||||||
|
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||||||
|
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
|
||||||
|
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
||||||
|
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
|
||||||
|
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
|
1
root/etc/httpd/conf.modules.d/00-ssl.conf
Normal file
1
root/etc/httpd/conf.modules.d/00-ssl.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule ssl_module modules/mod_ssl.so
|
2
root/etc/httpd/conf.modules.d/00-systemd.conf
Normal file
2
root/etc/httpd/conf.modules.d/00-systemd.conf
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
# This file configures systemd module:
|
||||||
|
LoadModule systemd_module modules/mod_systemd.so
|
11
root/etc/httpd/conf.modules.d/01-cgi.conf
Normal file
11
root/etc/httpd/conf.modules.d/01-cgi.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# This configuration file loads a CGI module appropriate to the MPM
|
||||||
|
# which has been configured in 00-mpm.conf. mod_cgid should be used
|
||||||
|
# with a threaded MPM; mod_cgi with the prefork MPM.
|
||||||
|
|
||||||
|
<IfModule !mpm_prefork_module>
|
||||||
|
LoadModule cgid_module modules/mod_cgid.so
|
||||||
|
</IfModule>
|
||||||
|
<IfModule mpm_prefork_module>
|
||||||
|
LoadModule cgi_module modules/mod_cgi.so
|
||||||
|
</IfModule>
|
||||||
|
|
6
root/etc/httpd/conf.modules.d/01-session.conf
Normal file
6
root/etc/httpd/conf.modules.d/01-session.conf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
LoadModule session_module modules/mod_session.so
|
||||||
|
LoadModule session_cookie_module modules/mod_session_cookie.so
|
||||||
|
LoadModule session_dbd_module modules/mod_session_dbd.so
|
||||||
|
LoadModule auth_form_module modules/mod_auth_form.so
|
||||||
|
|
||||||
|
#LoadModule session_crypto_module modules/mod_session_crypto.so
|
1
root/etc/httpd/conf.modules.d/10-auth_gssapi.conf
Normal file
1
root/etc/httpd/conf.modules.d/10-auth_gssapi.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule auth_gssapi_module modules/mod_auth_gssapi.so
|
1
root/etc/httpd/conf.modules.d/10-h2.conf
Normal file
1
root/etc/httpd/conf.modules.d/10-h2.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule http2_module modules/mod_http2.so
|
1
root/etc/httpd/conf.modules.d/10-proxy_h2.conf
Normal file
1
root/etc/httpd/conf.modules.d/10-proxy_h2.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
LoadModule proxy_http2_module modules/mod_proxy_http2.so
|
6
root/etc/httpd/conf.modules.d/10-wsgi-python3.conf
Normal file
6
root/etc/httpd/conf.modules.d/10-wsgi-python3.conf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
# NOTE: mod_wsgi_python3 can not coexist in the same apache process as
|
||||||
|
# mod_wsgi (python2). Only load if mod_wsgi is not already loaded.
|
||||||
|
|
||||||
|
<IfModule !wsgi_module>
|
||||||
|
LoadModule wsgi_module modules/mod_wsgi_python3.so
|
||||||
|
</IfModule>
|
3
root/etc/httpd/conf.modules.d/55-lookup_identity.conf
Normal file
3
root/etc/httpd/conf.modules.d/55-lookup_identity.conf
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
|
||||||
|
# LoadModule lookup_identity_module modules/mod_lookup_identity.so
|
||||||
|
|
171
root/etc/idmapd.conf
Normal file
171
root/etc/idmapd.conf
Normal file
@ -0,0 +1,171 @@
|
|||||||
|
[General]
|
||||||
|
#Verbosity = 0
|
||||||
|
# The following should be set to the local NFSv4 domain name
|
||||||
|
# The default is the host's DNS domain name.
|
||||||
|
#Domain = local.domain.edu
|
||||||
|
|
||||||
|
# In multi-domain environments, some NFS servers will append the identity
|
||||||
|
# management domain to the owner and owner_group in lieu of a true NFSv4
|
||||||
|
# domain. This option can facilitate lookups in such environments. If
|
||||||
|
# set to a value other than "none", the nsswitch plugin will first pass
|
||||||
|
# the name to the password/group lookup function without stripping the
|
||||||
|
# domain off. If that mapping fails then the plugin will try again using
|
||||||
|
# the old method (comparing the domain in the string to the Domain value,
|
||||||
|
# stripping it if it matches, and passing the resulting short name to the
|
||||||
|
# lookup function). Valid values are "user", "group", "both", and
|
||||||
|
# "none". The default is "none".
|
||||||
|
#No-Strip = none
|
||||||
|
|
||||||
|
# Winbind has a quirk whereby doing a group lookup in UPN format
|
||||||
|
# (e.g. staff@americas.example.com) will cause the group to be
|
||||||
|
# displayed prefixed with the full domain in uppercase
|
||||||
|
# (e.g. AMERICAS.EXAMPLE.COM\staff) instead of in the familiar netbios
|
||||||
|
# name format (e.g. AMERICAS\staff). Setting this option to true
|
||||||
|
# causes the name to be reformatted before passing it to the group
|
||||||
|
# lookup function in order to work around this. This setting is
|
||||||
|
# ignored unless No-Strip is set to either "both" or "group".
|
||||||
|
# The default is "false".
|
||||||
|
#Reformat-Group = false
|
||||||
|
|
||||||
|
# The following is a comma-separated list of Kerberos realm
|
||||||
|
# names that should be considered to be equivalent to the
|
||||||
|
# local realm, such that <user>@REALM.A can be assumed to
|
||||||
|
# be the same user as <user>@REALM.B
|
||||||
|
# If not specified, the default local realm is the domain name,
|
||||||
|
# which defaults to the host's DNS domain name,
|
||||||
|
# translated to upper-case.
|
||||||
|
# Note that if this value is specified, the local realm name
|
||||||
|
# must be included in the list!
|
||||||
|
#Local-Realms =
|
||||||
|
|
||||||
|
[Mapping]
|
||||||
|
|
||||||
|
#Nobody-User = nobody
|
||||||
|
#Nobody-Group = nobody
|
||||||
|
|
||||||
|
[Translation]
|
||||||
|
|
||||||
|
# Translation Method is an comma-separated, ordered list of
|
||||||
|
# translation methods that can be used. Distributed methods
|
||||||
|
# include "nsswitch", "umich_ldap", and "static". Each method
|
||||||
|
# is a dynamically loadable plugin library.
|
||||||
|
# New methods may be defined and inserted in the list.
|
||||||
|
# The default is "nsswitch".
|
||||||
|
#Method = nsswitch
|
||||||
|
|
||||||
|
# Optional. This is a comma-separated, ordered list of
|
||||||
|
# translation methods to be used for translating GSS
|
||||||
|
# authenticated names to ids.
|
||||||
|
# If this option is omitted, the same methods as those
|
||||||
|
# specified in "Method" are used.
|
||||||
|
#GSS-Methods = <alternate method list for translating GSS names>
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------#
|
||||||
|
# The following are used only for the "static" Translation Method.
|
||||||
|
#-------------------------------------------------------------------#
|
||||||
|
[Static]
|
||||||
|
|
||||||
|
# A "static" list of GSS-Authenticated names to
|
||||||
|
# local user name mappings
|
||||||
|
|
||||||
|
#someuser@REALM = localuser
|
||||||
|
|
||||||
|
|
||||||
|
#-------------------------------------------------------------------#
|
||||||
|
# The following are used only for the "umich_ldap" Translation Method.
|
||||||
|
#-------------------------------------------------------------------#
|
||||||
|
|
||||||
|
[UMICH_SCHEMA]
|
||||||
|
|
||||||
|
# server information (REQUIRED)
|
||||||
|
LDAP_server = medusa.jcolebrand.info
|
||||||
|
|
||||||
|
# the default search base (REQUIRED)
|
||||||
|
LDAP_base = dc=jcolebrand,dc=info
|
||||||
|
|
||||||
|
#-----------------------------------------------------------#
|
||||||
|
# The remaining options have defaults (as shown)
|
||||||
|
# and are therefore not required.
|
||||||
|
#-----------------------------------------------------------#
|
||||||
|
|
||||||
|
# whether or not to perform canonicalization on the
|
||||||
|
# name given as LDAP_server
|
||||||
|
#LDAP_canonicalize_name = true
|
||||||
|
|
||||||
|
# absolute search base for (people) accounts
|
||||||
|
# Service accounts are considered people accounts too
|
||||||
|
LDAP_people_base = dc=jcolebrand,dc=info
|
||||||
|
|
||||||
|
# absolute search base for groups
|
||||||
|
LDAP_group_base = ou=groups,dc=jcolebrand,dc=info
|
||||||
|
|
||||||
|
# Whether to follow ldap referrals
|
||||||
|
#LDAP_follow_referrals = true
|
||||||
|
|
||||||
|
# Set to true to enable SSL - anything else is not enabled
|
||||||
|
LDAP_use_ssl = true
|
||||||
|
|
||||||
|
# Controls the LDAP server certificate validation behavior
|
||||||
|
# It can take the same values as ldap.conf(5)'s TLS_REQCERT
|
||||||
|
# tunable
|
||||||
|
#LDAP_tls_reqcert = "hard"
|
||||||
|
|
||||||
|
# Location of CA certificate, mandatory if LDAP_tls_reqcert
|
||||||
|
# is not set to "never"
|
||||||
|
#LDAP_ca_cert = /etc/ldapca.cert
|
||||||
|
|
||||||
|
# SASL mechanism to use while binding to LDAP
|
||||||
|
#LDAP_sasl_mech = <SASL mech>
|
||||||
|
|
||||||
|
# SASL realm to be used for SASL auth
|
||||||
|
#LDAP_sasl_realm = <SASL realm>
|
||||||
|
|
||||||
|
# Authentication identity to be used for SASL auth
|
||||||
|
#LDAP_sasl_authcid = <SASL authcid>
|
||||||
|
|
||||||
|
# Authorization identity for SASL auth
|
||||||
|
#LDAP_sasl_authzid = <SASL authzid>
|
||||||
|
|
||||||
|
# Cyrus SASL security properties
|
||||||
|
#LDAP_sasl_secprops = <secprops>
|
||||||
|
|
||||||
|
# Specifies whether the LDAP server hostname should be canonicalised.
|
||||||
|
# If set to yes LDAP lib with do a reverse hostname lookup.
|
||||||
|
# If this is not set the LDAP library's default will be used.
|
||||||
|
#LDAP_sasl_canonicalize <yes | no>
|
||||||
|
|
||||||
|
# Specifies the kerberos ticket cache to be used
|
||||||
|
#LDAP_sasl_krb5_ccname = <kerberos ticket cache>
|
||||||
|
|
||||||
|
# Objectclass mapping information
|
||||||
|
|
||||||
|
# Mapping for the person (account) object class
|
||||||
|
#NFSv4_person_objectclass = NFSv4RemotePerson
|
||||||
|
|
||||||
|
# Mapping for the nfsv4name attribute the person object
|
||||||
|
#NFSv4_name_attr = NFSv4Name
|
||||||
|
|
||||||
|
# Mapping for the UID number
|
||||||
|
#NFSv4_uid_attr = UIDNumber
|
||||||
|
|
||||||
|
# Mapping for the GSSAPI Principal name
|
||||||
|
#GSS_principal_attr = GSSAuthName
|
||||||
|
|
||||||
|
# Mapping for the account name attribute (usually uid)
|
||||||
|
# The value for this attribute must match the value of
|
||||||
|
# the group member attribute - NFSv4_member_attr
|
||||||
|
#NFSv4_acctname_attr = uid
|
||||||
|
|
||||||
|
# Mapping for the group object class
|
||||||
|
#NFSv4_group_objectclass = NFSv4RemoteGroup
|
||||||
|
|
||||||
|
# Mapping for the GID attribute
|
||||||
|
#NFSv4_gid_attr = GIDNumber
|
||||||
|
|
||||||
|
# Mapping for the Group NFSv4 name
|
||||||
|
#NFSv4_group_attr = NFSv4Name
|
||||||
|
|
||||||
|
# Mapping for the Group member attribute (usually memberUID)
|
||||||
|
# The value of this attribute must match the value of NFSv4_acctname_attr
|
||||||
|
#NFSv4_member_attr = memberUID
|
||||||
|
|
42
root/etc/krb5.conf
Normal file
42
root/etc/krb5.conf
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
# To opt out of the system crypto-policies configuration of krb5, remove the
|
||||||
|
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
|
||||||
|
includedir /etc/krb5.conf.d/
|
||||||
|
|
||||||
|
[logging]
|
||||||
|
default = FILE:/var/log/krb5libs.log
|
||||||
|
kdc = FILE:/var/log/krb5kdc.log
|
||||||
|
admin_server = FILE:/var/log/kadmind.log
|
||||||
|
|
||||||
|
[libdefaults]
|
||||||
|
dns_lookup_realm = false
|
||||||
|
ticket_lifetime = 24h
|
||||||
|
renew_lifetime = 7d
|
||||||
|
forwardable = true
|
||||||
|
rdns = false
|
||||||
|
pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
spake_preauth_groups = edwards25519
|
||||||
|
dns_canonicalize_hostname = fallback
|
||||||
|
qualify_shortname = ""
|
||||||
|
default_realm = JCOLEBRAND.INFO
|
||||||
|
default_ccache_name = KEYRING:persistent:%{uid}
|
||||||
|
|
||||||
|
[realms]
|
||||||
|
JCOLEBRAND.INFO = {
|
||||||
|
kdc = medusa.jcolebrand.info
|
||||||
|
admin_server = medusa.jcolebrand.info
|
||||||
|
database_module = LDAP
|
||||||
|
}
|
||||||
|
|
||||||
|
[domain_realm]
|
||||||
|
.jcolebrand.info = JCOLEBRAND.INFO
|
||||||
|
jcolebrand.info = JCOLEBRAND.INFO
|
||||||
|
|
||||||
|
[dbmodules]
|
||||||
|
LDAP = {
|
||||||
|
ldap_kerberos_container_dn = "cn=mit-krb5,ou=apps,dc=jcolebrand,dc=info"
|
||||||
|
db_library = kldap
|
||||||
|
ldap_kdc_dn = "cn=krb5-kdc,ou=profile,dc=jcolebrand,dc=info"
|
||||||
|
ldap_kadmind_dn = "cn=krb5-adm,ou=profile,dc=jcolebrand,dc=info"
|
||||||
|
ldap_cert_path = /etc/ssl/certs/ISRG_Root_X1.1.pem
|
||||||
|
ldap_servers = ldaps://jcolebrand.info
|
||||||
|
}
|
56
root/etc/krb5.conf.save
Normal file
56
root/etc/krb5.conf.save
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
# To opt out of the system crypto-policies configuration of krb5, remove the
|
||||||
|
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
|
||||||
|
includedir /etc/krb5.conf.d/
|
||||||
|
|
||||||
|
[logging]
|
||||||
|
default = FILE:/var/log/krb5libs.log
|
||||||
|
kdc = FILE:/var/log/krb5kdc.log
|
||||||
|
admin_server = FILE:/var/log/kadmind.log
|
||||||
|
|
||||||
|
[libdefaults]
|
||||||
|
dns_lookup_realm = false
|
||||||
|
ticket_lifetime = 24h
|
||||||
|
renew_lifetime = 7d
|
||||||
|
forwardable = true
|
||||||
|
rdns = false
|
||||||
|
pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
spake_preauth_groups = edwards25519
|
||||||
|
dns_canonicalize_hostname = fallback
|
||||||
|
qualify_shortname = ""
|
||||||
|
default_realm = JCOLEBRAND.INFO
|
||||||
|
default_ccache_name = KEYRING:persistent:%{uid}
|
||||||
|
|
||||||
|
[realms]
|
||||||
|
JCOLEBRAND.INFO = {
|
||||||
|
kdc = medusa.jcolebrand.info
|
||||||
|
admin_server = medusa.jcolebrand.info
|
||||||
|
database_module = LDAP
|
||||||
|
}
|
||||||
|
|
||||||
|
[domain_realm]
|
||||||
|
.example.com = JCOLEBRAND.INFO
|
||||||
|
example.com = JCOLEBRAND.INFO
|
||||||
|
|
||||||
|
[dbmodules]
|
||||||
|
JCOLEBRAND.INFO = {
|
||||||
|
ldap_kerberos_container_dn = "cn=krbcontainer,dc=jcolebrand,dc=info"
|
||||||
|
db_library = kldap
|
||||||
|
ldap_kdc_dn = "cn=kdc service,ou=profile,dc=jcolebrand,dc=info"
|
||||||
|
ldap_kadmind_dn = "cn=kadmin service,ou=profile,dc=jcolebrand,dc=info"
|
||||||
|
ldap_cert_path = /etc/ssl/certs/ISRG_Root_X1.1.pem
|
||||||
|
ldap_servers = ldaps://jcolebrand.info
|
||||||
|
}
|
||||||
|
|
||||||
|
[dbmodules]
|
||||||
|
EXAMPLE.COM = {
|
||||||
|
db_library = kldap
|
||||||
|
}
|
||||||
|
|
||||||
|
[dbdefaults]
|
||||||
|
ldap_servers = ldapi:///
|
||||||
|
ldap_kerberos_container_dn = "cn=mit-krb5,ou=apps,dc=examle,dc=com"
|
||||||
|
ldap_kdc_dn = "uid=krb5-kdc,ou=dso,dc=examle,dc=com"
|
||||||
|
ldap_kadmind_dn = "uid=krb5-adm,ou=dso,dc=examle,dc=com"
|
||||||
|
ldap_service_password_file = /etc/secrets/krb5-ldap.pass
|
||||||
|
ldap_conns_per_server = 5
|
||||||
|
disable_last_success = true
|
BIN
root/etc/krb5.keytab
Normal file
BIN
root/etc/krb5.keytab
Normal file
Binary file not shown.
@ -0,0 +1 @@
|
|||||||
|
{"body": {}, "uri": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/87589503"}
|
@ -0,0 +1,33 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFnjCCBIagAwIBAgISA+4kMlyxNplZdw9rUGQY9ioXMA0GCSqGSIb3DQEBCwUA
|
||||||
|
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
|
||||||
|
EwJSMzAeFw0yMzAyMTEwNzU0MTBaFw0yMzA1MTIwNzU0MDlaMCExHzAdBgNVBAMT
|
||||||
|
Fm1lZHVzYS5qY29sZWJyYW5kLmluZm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
||||||
|
ggEKAoIBAQC/YFmBVNmtid7+IrqwZLno7NLtkFM3B0xzHglRqD8NKerQnRE9oNtR
|
||||||
|
bzMi/4+DYIQwQ0q/2ut5qGqGKxv8nh60hT31NV0OqEHP7esL6cBzKOu42KxOdaZ6
|
||||||
|
v6xE0zi3eyqJpMwuxfLcx4kbiKsr/OxyYY/Sh+mbaia7JHmqym7Kmh+l86fDsVwe
|
||||||
|
HrW5kwTB8qUtAV62s3Zx2VIAQL2VQAO6hl5oaB/Qlv7Y4hbF/GvW3jDEqn3j0j38
|
||||||
|
6GWMEJAJpb55sMWHPKcb18DAJmVxMn1pxySeoGhzTjstAM5f+NdET4MLsfbwIzpX
|
||||||
|
nVMXVf1MU3Lym5Alr630XsLYO3ajhMhjAgMBAAGjggK9MIICuTAOBgNVHQ8BAf8E
|
||||||
|
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
|
||||||
|
MAAwHQYDVR0OBBYEFJdbL/wx73dsBWfXvjxIK9E2VfVEMB8GA1UdIwQYMBaAFBQu
|
||||||
|
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
|
||||||
|
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
|
||||||
|
ZW5jci5vcmcvMIGMBgNVHREEgYQwgYGCE2FwaS5qY29sZWJyYW5kLmluZm+CD2pj
|
||||||
|
b2xlYnJhbmQuaW5mb4IWbWVkdXNhLmpjb2xlYnJhbmQuaW5mb4IVdmlkZW8uamNv
|
||||||
|
bGVicmFuZC5pbmZvghV3YXRjaC5qY29sZWJyYW5kLmluZm+CE3d3dy5qY29sZWJy
|
||||||
|
YW5kLmluZm8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm
|
||||||
|
BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEE
|
||||||
|
AdZ5AgQCBIH1BIHyAPAAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20
|
||||||
|
mQAAAYY/rpKNAAAEAwBHMEUCIQDfMECO/mgG0b4hh0dywELto7fHs6Wi+4cio1IQ
|
||||||
|
27LzvgIgZqQ2vxMVLFy+WkWkXsHLBBTeDszqRIv6favGmukKKSAAdgB6MoxU2Lct
|
||||||
|
tiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYY/rpKgAAAEAwBHMEUCIQDyLKeU
|
||||||
|
urcHgdVVGM3p9f55HlGInbFqVN8xVJ8Ogzyu/QIgYym3mcplpjd+5pafp/1a1kwv
|
||||||
|
rPa2Rec89yiodZf8G7MwDQYJKoZIhvcNAQELBQADggEBAFuxhfJYMBR+0pJSjG9L
|
||||||
|
2QQUWw4paFj2Y21Zxnfy5CeS2CJeOelNAqpGfl7E5FRpkrZaiJG0jXpP5oLigFnA
|
||||||
|
C/Y3Rs2wQ+SzuPErzTO3QynSbbjWOgbKxS5oipeIoNXF8ZBSnTctaMNTK90Edqnh
|
||||||
|
0Is8I5x1v9V7XdsADQp8btEKuF2bqr1PdE6KNQyDncm0P3Kbnvi2QNgZgEjQF2e9
|
||||||
|
VNgUmIaNTsOUiPudeMW9o3FecyEFLd0Rmj1GdHYi5mjdnf/D4/xHrfl1QQtEjqje
|
||||||
|
fbsfu2iYxF7xfqSAWs3nbuDxdxh6IVjImJkTIaY+5nnzDcfwhbpBRhcDv51IUyKM
|
||||||
|
DU8=
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,61 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,61 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,93 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFhzCCBG+gAwIBAgISBDxG2iPivOV0PPMapQQA8vmWMA0GCSqGSIb3DQEBCwUA
|
||||||
|
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
|
||||||
|
EwJSMzAeFw0yMzAyMDUwODU3MzZaFw0yMzA1MDYwODU3MzVaMCAxHjAcBgNVBAMT
|
||||||
|
FXZpZGVvLmpjb2xlYnJhbmQuaW5mbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
|
||||||
|
AQoCggEBAP1FrAK94neuVu+QmvjuJXL7b7uprChD+/tCMC1Z1Pj9eNHUKYpm5iHU
|
||||||
|
/K/7RBrK7UgxyyCkgL/ep22VsqPwFEPNnMovb5u2Q+js7sIxlkw9rhadRfcBBRra
|
||||||
|
R1uudFXi9WiI2Fktj3LXgLKAGCtOWs0lLHGdoUEY6oBzvMNTXcG5KklVXcBuX38X
|
||||||
|
GsCtbp1K8slPP2A5Slqru33d5M9T161D3nBTf+iXxvq4V6HIFBomYPS8hpx7iQ3S
|
||||||
|
/mg5ik6DVEylrTEaKKFxhqT74jkwcfUz1hJJKEz/aHl5jtmOclil69BgIoXeiKkw
|
||||||
|
+SAhUOEc2NQZY7AimfXCrcfPBhPUue8CAwEAAaOCAqcwggKjMA4GA1UdDwEB/wQE
|
||||||
|
AwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw
|
||||||
|
ADAdBgNVHQ4EFgQUoZrMsw3F/j/yUDlaKRk3qkWGu8wwHwYDVR0jBBgwFoAUFC6z
|
||||||
|
F7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVo
|
||||||
|
dHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxl
|
||||||
|
bmNyLm9yZy8wdQYDVR0RBG4wbIIPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNv
|
||||||
|
bGVicmFuZC5pbmZvghV2aWRlby5qY29sZWJyYW5kLmluZm+CFXdhdGNoLmpjb2xl
|
||||||
|
YnJhbmQuaW5mb4ITd3d3Lmpjb2xlYnJhbmQuaW5mbzBMBgNVHSAERTBDMAgGBmeB
|
||||||
|
DAECATA3BgsrBgEEAYLfEwEBATAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3BzLmxl
|
||||||
|
dHNlbmNyeXB0Lm9yZzCCAQYGCisGAQQB1nkCBAIEgfcEgfQA8gB3AHoyjFTYty22
|
||||||
|
IOo44FIe6YQWcDIThU070ivBOlejUutSAAABhiECfRYAAAQDAEgwRgIhANgR1NAM
|
||||||
|
3zADl4DTefPwdVDG81XVngUxafuRZEbGjiagAiEAv5Ph20RWoodpMlJX9URrUwn8
|
||||||
|
9zjb1ReLdO5zLqJMq/MAdwCt9776fP8QyIudPZwePhhqtGcpXc+xDCTKhYY069yC
|
||||||
|
igAAAYYhAn0jAAAEAwBIMEYCIQDbBtPv8Vu0+zs7dsQKeCa6+lTWg091Ejfw3r+H
|
||||||
|
wbA95QIhAKC6DClqUmHdlLohTIeFLI9LonwzcTZeMs5LBMZb0WkkMA0GCSqGSIb3
|
||||||
|
DQEBCwUAA4IBAQAk71YJmt1Druf/bJBg4T7fMhV+Oz+L4blRNpKpSZlYCb/RyjBR
|
||||||
|
uR1ljoEiy1dEFp3lxMhOI2yKqHiv5Ia2A671ASaMq9tp6WsXWTESZfJVZM/igjKv
|
||||||
|
jQuCM1f+4tmh4o4U4FfcT4IoaZB9azcmuVAEsoee83mBtPDY3tRMNuuDUIGjXcby
|
||||||
|
pejGqcjTlaWc78B/8Ak3Phfi/XrbWEe7HVAgPqMYpoI9pUhSZhTYJ2cqSD9x7tmK
|
||||||
|
xlLdC3ECEbOcXcY9uPUuWyplMTJTqFabgSC35WEPieJ61qrU+VOae9eaElsZw7dq
|
||||||
|
GvJ0oNWfJNssweuND0UZkxdbjv0ePjkx1dMg
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,94 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFnjCCBIagAwIBAgISA+4kMlyxNplZdw9rUGQY9ioXMA0GCSqGSIb3DQEBCwUA
|
||||||
|
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
|
||||||
|
EwJSMzAeFw0yMzAyMTEwNzU0MTBaFw0yMzA1MTIwNzU0MDlaMCExHzAdBgNVBAMT
|
||||||
|
Fm1lZHVzYS5qY29sZWJyYW5kLmluZm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
||||||
|
ggEKAoIBAQC/YFmBVNmtid7+IrqwZLno7NLtkFM3B0xzHglRqD8NKerQnRE9oNtR
|
||||||
|
bzMi/4+DYIQwQ0q/2ut5qGqGKxv8nh60hT31NV0OqEHP7esL6cBzKOu42KxOdaZ6
|
||||||
|
v6xE0zi3eyqJpMwuxfLcx4kbiKsr/OxyYY/Sh+mbaia7JHmqym7Kmh+l86fDsVwe
|
||||||
|
HrW5kwTB8qUtAV62s3Zx2VIAQL2VQAO6hl5oaB/Qlv7Y4hbF/GvW3jDEqn3j0j38
|
||||||
|
6GWMEJAJpb55sMWHPKcb18DAJmVxMn1pxySeoGhzTjstAM5f+NdET4MLsfbwIzpX
|
||||||
|
nVMXVf1MU3Lym5Alr630XsLYO3ajhMhjAgMBAAGjggK9MIICuTAOBgNVHQ8BAf8E
|
||||||
|
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
|
||||||
|
MAAwHQYDVR0OBBYEFJdbL/wx73dsBWfXvjxIK9E2VfVEMB8GA1UdIwQYMBaAFBQu
|
||||||
|
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
|
||||||
|
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
|
||||||
|
ZW5jci5vcmcvMIGMBgNVHREEgYQwgYGCE2FwaS5qY29sZWJyYW5kLmluZm+CD2pj
|
||||||
|
b2xlYnJhbmQuaW5mb4IWbWVkdXNhLmpjb2xlYnJhbmQuaW5mb4IVdmlkZW8uamNv
|
||||||
|
bGVicmFuZC5pbmZvghV3YXRjaC5qY29sZWJyYW5kLmluZm+CE3d3dy5qY29sZWJy
|
||||||
|
YW5kLmluZm8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm
|
||||||
|
BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEE
|
||||||
|
AdZ5AgQCBIH1BIHyAPAAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20
|
||||||
|
mQAAAYY/rpKNAAAEAwBHMEUCIQDfMECO/mgG0b4hh0dywELto7fHs6Wi+4cio1IQ
|
||||||
|
27LzvgIgZqQ2vxMVLFy+WkWkXsHLBBTeDszqRIv6favGmukKKSAAdgB6MoxU2Lct
|
||||||
|
tiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYY/rpKgAAAEAwBHMEUCIQDyLKeU
|
||||||
|
urcHgdVVGM3p9f55HlGInbFqVN8xVJ8Ogzyu/QIgYym3mcplpjd+5pafp/1a1kwv
|
||||||
|
rPa2Rec89yiodZf8G7MwDQYJKoZIhvcNAQELBQADggEBAFuxhfJYMBR+0pJSjG9L
|
||||||
|
2QQUWw4paFj2Y21Zxnfy5CeS2CJeOelNAqpGfl7E5FRpkrZaiJG0jXpP5oLigFnA
|
||||||
|
C/Y3Rs2wQ+SzuPErzTO3QynSbbjWOgbKxS5oipeIoNXF8ZBSnTctaMNTK90Edqnh
|
||||||
|
0Is8I5x1v9V7XdsADQp8btEKuF2bqr1PdE6KNQyDncm0P3Kbnvi2QNgZgEjQF2e9
|
||||||
|
VNgUmIaNTsOUiPudeMW9o3FecyEFLd0Rmj1GdHYi5mjdnf/D4/xHrfl1QQtEjqje
|
||||||
|
fbsfu2iYxF7xfqSAWs3nbuDxdxh6IVjImJkTIaY+5nnzDcfwhbpBRhcDv51IUyKM
|
||||||
|
DU8=
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD9RawCveJ3rlbv
|
||||||
|
kJr47iVy+2+7qawoQ/v7QjAtWdT4/XjR1CmKZuYh1Pyv+0Qayu1IMcsgpIC/3qdt
|
||||||
|
lbKj8BRDzZzKL2+btkPo7O7CMZZMPa4WnUX3AQUa2kdbrnRV4vVoiNhZLY9y14Cy
|
||||||
|
gBgrTlrNJSxxnaFBGOqAc7zDU13BuSpJVV3Abl9/FxrArW6dSvLJTz9gOUpaq7t9
|
||||||
|
3eTPU9etQ95wU3/ol8b6uFehyBQaJmD0vIace4kN0v5oOYpOg1RMpa0xGiihcYak
|
||||||
|
++I5MHH1M9YSSShM/2h5eY7ZjnJYpevQYCKF3oipMPkgIVDhHNjUGWOwIpn1wq3H
|
||||||
|
zwYT1LnvAgMBAAECggEALfOenk66UJGKh2OaonB+zepNnuRNbm7LQI6FNC04xUYj
|
||||||
|
zhoqwUgjF99PS1SQyjWoMHGMU6tVCrrIcMr4wuKzooujF1Hc84jxsEiQlx4tET8d
|
||||||
|
n0/AmmyOcw1IZht0UwLfGKy/aAqqnKD54ij4eZ75PYAxnJmHYMq2/UBCbsPo3lUw
|
||||||
|
LzvoHwiOx54cwOUDm2PBzZeo83VPQZpzfUvDoqexkDNHRVF0g8MVMoPqntT4sF6t
|
||||||
|
K5W8/HPObUoVqRapJ/xcivNUcF+hEORzV1ALXPicUYzzidAip4mMnGNe9z9+pIUx
|
||||||
|
xt8JXzh+s3x78QkaugioeUkAwH3hWQ+2yenvVjqZqQKBgQD9kNrAcamK6GJElIK+
|
||||||
|
pyosVXpgn252IoN6Ae/O/Qyowbj9h256/X8MkYO2FpKY9OJB2nfo+MV9isVopvyu
|
||||||
|
Iww/w1ZY+bdyCGmOhvDRVicTFISEp0kNXCsTndD9zGNzl1PYYbL/xvD0yajoqow1
|
||||||
|
jZbXgFTSpE5vR5M18aU5PrES2QKBgQD/tBh+3aiDErhnDp9CqCDmdbHUV0Tot7S/
|
||||||
|
GCfO3ygUK+5Ffq7rHvh0tMXQc6zEMxdT8R2lM/9bRFjodTLHYS597cKGyROEaU9b
|
||||||
|
YrRGjK5hJUXfvCc5vwQPUXLHDm2kmUzb+x6BogFwx67qloWkiFwsMbrQEyVkLU6H
|
||||||
|
Lz+uBRkmBwKBgQCQnwTVTD659m7N1LJ5kRhxrtMctvImuOqqNN6U/SkyO0OKfqsZ
|
||||||
|
xOmovnoT6e31BX7itns7yl/BidusI8nsfBrpZz0hhFQH2xpxay+BBhVFQaePjWYS
|
||||||
|
E6aSCqn/h4qVjBMLUDXqwon94+LNyTAs/zOweAZpGcOOnpEs7EUjUEloiQKBgQDz
|
||||||
|
L9wwJC2U4yP/15c99Nq9c+f5tDn0PmsnZxjNFc1vScylyXMgaGcRz69mrez8+D5S
|
||||||
|
djmkmcxdh6YrBvORTerCl3JvcCMgxmtT1Y7wnfFmsOVAgRipQfLhgqvvhtheN/Iy
|
||||||
|
MSV1UpeeJDtGHnvh3FIVMgKiy+K+4JwT06rznSOq1wKBgDkxVCMIBufVdh1D6mLr
|
||||||
|
QCVdUVXhkrM9BFRM0N9kFKDhcUKKaa3VVhn3Qgu5+VqVwv0XH34/43fx0ZUx4wG1
|
||||||
|
A3lhmDjvUNG5cse3tuLHD3by9Q8Wt5TFqi9P5AfBTtQK45qw6NI7dB1CpxLb2PD6
|
||||||
|
CYLttG4ycWOeuJaXHBKJOeUe
|
||||||
|
-----END PRIVATE KEY-----
|
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/YFmBVNmtid7+
|
||||||
|
IrqwZLno7NLtkFM3B0xzHglRqD8NKerQnRE9oNtRbzMi/4+DYIQwQ0q/2ut5qGqG
|
||||||
|
Kxv8nh60hT31NV0OqEHP7esL6cBzKOu42KxOdaZ6v6xE0zi3eyqJpMwuxfLcx4kb
|
||||||
|
iKsr/OxyYY/Sh+mbaia7JHmqym7Kmh+l86fDsVweHrW5kwTB8qUtAV62s3Zx2VIA
|
||||||
|
QL2VQAO6hl5oaB/Qlv7Y4hbF/GvW3jDEqn3j0j386GWMEJAJpb55sMWHPKcb18DA
|
||||||
|
JmVxMn1pxySeoGhzTjstAM5f+NdET4MLsfbwIzpXnVMXVf1MU3Lym5Alr630XsLY
|
||||||
|
O3ajhMhjAgMBAAECggEAAJcjcL0s2LRNQCJ4qBmNVWuTMyfQfc5Tw5MAf5sPpNmQ
|
||||||
|
9g7b3wiyZW/J+7VH5j7ebeQ7awVQ0aLJOA2Gy3CZprtnTn/IQKG/slN0fBI71ENZ
|
||||||
|
ulmIVulHAP17subndyHNvyZ0SO7A9eubpc071wIYGXOBrFrhSeGcv/nMlkWQkVz+
|
||||||
|
vVKQGKeRTXyp5gJdlImJyUupK8fTPFzlQJTx9GpBYWvKMrvnUf3ZhtuAN2ZZOLz6
|
||||||
|
RCQ6vMBgBy37JCSWDNTsHEcQQ6qfJ1OCqxexRz3Jg8/s/e6XCwLW9SOLWBKI/mSI
|
||||||
|
jRXT4g+eDfetsl9wQB+70f9ERT0oE6YJ+bs7qtC27QKBgQD8sfdsC+agWyd7lLCJ
|
||||||
|
wc1gLlg1bU9Z4w141oyBJnOw0tBLh2I8Wu37aUfyufg6H1h8s+XKgGFKYaX2jPnX
|
||||||
|
/QIUZEXkJRQxT31jjFi32ymnatiubc8YZ7wT8T60yCa3jJo/cu9eMERRNB5dVr04
|
||||||
|
InxymssADTHXgHUBSC56j21gDwKBgQDB4RXWlcipzE+0IApHcGqd2xiKmQFQ1g+o
|
||||||
|
zwTvNBJdmfqrdXhYEsz6UL5lYKJn8GrBvlw1XeuKaP3vNq/b489hTPUokgaq6LwG
|
||||||
|
vpflklIHwS0+91Yue5353YW5sx5vz4Rpz0A7iTlkjLm9okbuz9VNq/XFWnAAY+8G
|
||||||
|
XBt5xRz+bQKBgBwO8sc3hxM1K+wn9XZGY7STUM4V5iK3+G37fLx2dZAjyGcqkDjd
|
||||||
|
a+FnrkqAZdSmWF/4ZcKXgLYOo6v9uVxHRqzW+X+8skJLbkPYeJ1po3VogsjTfpRa
|
||||||
|
KGMafXj7ZHkrDpGPBI8z0tIldF2u3PHXunPLRlEqJeek5tkOl8KaHG33AoGAJGk1
|
||||||
|
RLuUl+76+QUbaRc/rq27Cix6Bshs4HMgphvNZy7H2POSyledj1UirL9dQM/x/LjX
|
||||||
|
cF5XIgNdzVMj69P42nktgZULE4Xp6gpZVJAKP9KTwMOKt+gXXxmvR5TQHoeGgqid
|
||||||
|
k5DN6ohTSb30PF1j3dZxrcKyTiB2f2dE8bWHIHECgYEAlTNL6rWMTrniy35bYsxM
|
||||||
|
2BG932Wy1VQBt6E1pPRa2liRo6ZyGBgMKmXjvu6TiapNq97JRBTQSneVkWxPWg4i
|
||||||
|
d3dkTpiVQNnou+H9HtxevsuO/JK+Zsu7ECpaKzL5VRYnN7CUa9UhbsJfnkRi9rC5
|
||||||
|
ZxB2ZawNg8sEmTw8zA7ZQvw=
|
||||||
|
-----END PRIVATE KEY-----
|
16
root/etc/letsencrypt/csr/0003_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0003_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICeTCCAWECAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhW
|
||||||
|
a4NmdWvmsTgYkqt7Owbt/c7dN20okLKsym7fTxp6YzS0130SGY2x/fnbmngBZu3q
|
||||||
|
czGFs7MwBdy5zsSOMgWR/72zLECxoLg3U0palCy8X7Q4rWkThZRFgljgmZ9jk4QY
|
||||||
|
61XyhSioONTb7//R6KrMNiIwccc8RPMmxGzplnUQU5bzcV8ODxv8HhO694ngG4zB
|
||||||
|
LjRBW+KJlrcMSry9FgBUibLjk1gQk89ZdDwng+MvoQRUU1+4Ea8oyfNI9Tu6ZCa1
|
||||||
|
o3iqtDKNWnoNnYqggpidSF/fleI6bVGRvPbrelvBmzXEeI5IqlF0Ow8QsllYM8d1
|
||||||
|
R+XQ9R9NAW+F7Z91UjECAwEAAaA0MDIGCSqGSIb3DQEJDjElMCMwIQYDVR0RBBow
|
||||||
|
GIIWbWVkdXNhLmpjb2xlYnJhbmQuaW5mbzANBgkqhkiG9w0BAQsFAAOCAQEAbFgy
|
||||||
|
Q4C10KzqOiX2v1e3yBT4ipWk+BB3KX1OF38vqq9ku0fTFTm3Ir16FworbtRQr3KU
|
||||||
|
1kytPQXRZ9htZ71t3+cUJR5kkZ/nU6GA9jJz3OWo4Q/UOD7Uo9xgqqjnTICwZ2kU
|
||||||
|
d5lmry10MkH2lf55gSPIDAPGmptpFwMu/Qf2K8LIZH25H8+gL0hpTQw8d5xmwg4g
|
||||||
|
LOjwC+mPee7r40ul2YxQxkMDsfK48BE9vgYBTG4rf4KTW5AaBJjWy14umAsVXLDu
|
||||||
|
VW9pqU80qRXGeVEMzoqvOU6cTSiCwPAJbRNY53V8Yzrq8fRbpeGBlSefmSgUyL1E
|
||||||
|
guFx9XBV6cwZuh3Bhw==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0004_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0004_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICeTCCAWECAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIjp
|
||||||
|
l1TiP9KAVnXe4x21yPXser0XF6U/av2bprQPk7b2G60CY/mtIYw/CkP9qfmRTkPF
|
||||||
|
nsDhJRakyXOb4G0g/ZCy+b4PIecaePtiLeqf8OnRfbu2g43o1nrDbzZ/6pUA+Iy8
|
||||||
|
7i6ii0Ivd2916g7vrBwEzcPWFs4wLp6MtFV9E1KPkSQOZY/oGLAxyZcQJElyqw9n
|
||||||
|
bw/GE0jBOw/xSMqBZ8j6ntk8PoezoVN4ScudNznAnf4f2jCaLlzn0tal/IVmcdF9
|
||||||
|
SVPIQbXtEjZB4Pc/3UXnGt1sKO09SV0Vrkbp5YkXVZje5iWqJ0xsPUI7GwZ6DUV+
|
||||||
|
krazlsC5LgRGAn2lmBsCAwEAAaA0MDIGCSqGSIb3DQEJDjElMCMwIQYDVR0RBBow
|
||||||
|
GIIWbWVkdXNhLmpjb2xlYnJhbmQuaW5mbzANBgkqhkiG9w0BAQsFAAOCAQEAeRq+
|
||||||
|
t5u3QXgTnqysKAWQ7WIdcmOyOn9eVsiGwcNJKLrphu/mb/4OcRQQxOFr0vknagYc
|
||||||
|
M/+S1Yk+IhklLH7Zc04JqSdedpRyY/fo02Te9dwnQsYd+pujX8Pk+f14JiTUDRMC
|
||||||
|
XqQS2cRgA3S1nDL3+NkvrR6aTfrm0fkQZozS9HUl8n4JU7V4jvrhakSfV1AQUc1+
|
||||||
|
OSWPFJEwhbenViuAd4aLWbPM8vXF94RoZbMv2S9FpwyrvRVDc9/fp7LmgGMgBdKH
|
||||||
|
DrMDQpy4S0T7BYhKMCaFEs4vGQJTuZwlGg1JqjpIZvZetf6PFNmqwT1K9NpbHDGW
|
||||||
|
WozYvS9iF+RiFtdgeg==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0005_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0005_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICeTCCAWECAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN99
|
||||||
|
xzn1sG1eVxOnXBB37BsJjPPK+gSQTZ+tI+ZcSEvPh8OnnvMXp2fktJfZYHyJSluj
|
||||||
|
KLL5IoKQUocXSUKXyuMWrQd94P4lGAMLXac7Clcl3Y6+A6HRMpqVQN+dtCGeWAgc
|
||||||
|
1U8soCRIQoH1i6k0/sfC5Z4xT0O/tjRODnTg8x0HPznHaKL7FIGeSSJW70WoRuwU
|
||||||
|
M72QDwPIvZsOn0i7X5btClTT9bNRHjo4Uf2KK4bl2MVcuA7S8SlZacgk5rBMAKXQ
|
||||||
|
0capW0M2KqiTJ8QZM3zVxe8WDPS65W3BxIdA7r3kgNnEFfvAXwbe02dvJM8csvxv
|
||||||
|
ypQQ8LJ+Lp1CxBzD4sMCAwEAAaA0MDIGCSqGSIb3DQEJDjElMCMwIQYDVR0RBBow
|
||||||
|
GIIWbWVkdXNhLmpjb2xlYnJhbmQuaW5mbzANBgkqhkiG9w0BAQsFAAOCAQEAGy8+
|
||||||
|
r3JVxuS6eJji2LwSd9ujpS+9dlr2RIhPG2Lc3xZj+ztgZ+dIL1Cks6J/DZJFDmMk
|
||||||
|
hlMWfzyVCc3rGTkLr8mJzQCgC+2tNDDMNMHTfYufVg9yKk4G3AdyMHmgpoRqtteW
|
||||||
|
jXztkKhOXP1Gww5wsPmnIyQiX7efTsTOFmaj3U33/tAyEWskane/y/JzvgyaX5t2
|
||||||
|
TldDsOEQy4z4clk89g3x5KSqgOpmye+F9OUWLDTVokzN5gL//jsAgzUbZmcAyxfD
|
||||||
|
uXyFX4WbtcwLnPhtCBhWeARkf+BvQUxQK8Pjm9Un2Ixz+q8NPzLbctAcoeMw25T5
|
||||||
|
evuJxIxcGKcNZYNZfA==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0006_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0006_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICeTCCAWECAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNk
|
||||||
|
tMsMWXn37tSVQKgFPsWSaxLAEU9s73g1fC0PEqj4oiHRqsFjzLOZp6zvARgvIieL
|
||||||
|
/dul0FZrnkGtnUEXQqg6+zE5dqKTshRtbcn4hIV99+FXszcvmYVrDAeNjkAM9CN8
|
||||||
|
uT8Nn/svTVCOimJcC0t3IVxylduV54f74fGCSoCSSREyNjVSOMa/Hm94O9UrIFP/
|
||||||
|
ljp5+J52B53h2ZdPTTTqMY8wFJV/Fvb3ajwsJUhzVEMyLObickSK/2wLlCtFCPqG
|
||||||
|
EaT85qlpY1YMh3/nZeKkl/c8oC6ylNzZ1GVkLPLrWWPE7XyK5PsZtz/QaYR9CaWD
|
||||||
|
UFpBQmywcFBbTpDzQzsCAwEAAaA0MDIGCSqGSIb3DQEJDjElMCMwIQYDVR0RBBow
|
||||||
|
GIIWbWVkdXNhLmpjb2xlYnJhbmQuaW5mbzANBgkqhkiG9w0BAQsFAAOCAQEAWzYY
|
||||||
|
EAK+wd5c/dwEKV1AYkrsPiBlKlHTmihF7AOVWkmE3atkqzE+BbFXNz+s6Wy/fblo
|
||||||
|
RgQY7yDZS0Cuk2t0oeSlBAAnd41/AmtHQ4FFR+oQ4g43oUucwIq+JNhoRaef9KjR
|
||||||
|
PR+mho1GfsKEM3n+NVHAtv/zuYGmp1lA0e23CiYgYlHI7ArgczDH0NaIj8bntmiF
|
||||||
|
fdXyOEkuZCLLRT8Erf9pK3q+FiDSmJg5Fgv3bWNPhLAxGWDXVmc4sU3cA/quqMSN
|
||||||
|
F9TSmlmwgumqcJ28Vvns/E2wIKhGctTSQNaf6f0vA9900pNKwahnqRB3znX5dWhZ
|
||||||
|
O3LhEt5oE4uEyLgFng==
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0007_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0007_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICcjCCAVoCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKzM
|
||||||
|
u2bgPigRNzLOIwcpjEuhjqW2vvtvoA5qdQnasfrqmd52qzPtvGJHQbOJFF0Uvbpp
|
||||||
|
sQwnURTHcUbLys8kVxj+cq+XtLW/d0d8/imrSZG1zBzIb0FuW/k5EPCTgl5Ig6mq
|
||||||
|
c/gvE/K44Czdh46nbvcxVZtXs4pAh0UghpkX0TSyqTl8NBcF3duTb9a3jIWlHGcz
|
||||||
|
gi028Fn7fUf2kdSytQU75oPiVLAZiOTDA3FJFirkW1+3Y8W6RmhmsUdfXL8mZ7Ca
|
||||||
|
fYHZb2wKwDdrXkH+aieStm9R2/X6yt/9K6wBI0mXU2L0FYmxV6PuR37Be96hTwT6
|
||||||
|
3sHoc4Ip/+j7wWrEjHcCAwEAAaAtMCsGCSqGSIb3DQEJDjEeMBwwGgYDVR0RBBMw
|
||||||
|
EYIPamNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQBZkfVXFNYjIv4c
|
||||||
|
9a7hrFa2o3O5GO7pYPENaq6B+1oqugUu3U/5PtSx2BdlqidQrBS0ivimJRlQgQ0Y
|
||||||
|
r1KFLpVXSGfNd/rmAt0CxmMVQGGhQTYjayLwTX7SPaRFHjcKiCNNxK0tZ6Xcw/fr
|
||||||
|
MH1LRuzrpSiQw/OgZqSefu/U0rqmYMKTyNZX4DvaWAT7Sa4ZWc4dRPFKdiFnI504
|
||||||
|
nFV4+JScCOQzTB7a9b6f7XFVbm2We8o4A7WAzOeNarqB9GuSQ1vL5aRsGWVTW0D5
|
||||||
|
L2zTgNOzqceXbhR+PHwVNXLNw+ctoHdaHoZPO0l3RtMH71G5EwWd8mxf19NZO85P
|
||||||
|
8tSbZcGm
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0008_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0008_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICcjCCAVoCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMsx
|
||||||
|
ol34i+79CDX+QFxh713uQ7p6p+SHri8WkZLcoNp4hRhkOk6kDLG/Kw+B2jfO/kl3
|
||||||
|
0AQkGKhEtVIcWbpmeXCSizGDS7dMAyeT6s+EKuzxbXLbNsm/K+obsKm7vCZCd+yK
|
||||||
|
GAPq2En8AJzbhVYWHZOrX7zXUGv0m+RDMSdl1Hkg+1qdYUgY3p14osr4MDaDbstT
|
||||||
|
cPW/U63W1DkHPI0s4eJjua01upjfekdXYmbIHclPXvEF4X1q/96NvHGKgQ9RtDaH
|
||||||
|
j+iVL2jAdc9N94JNEkIzmiERbwDVcY6upo3aHTAP+1J2V5aaPQwbxgNAmeEeVq5i
|
||||||
|
OQ4/e1CJzl6t+bvbcU8CAwEAAaAtMCsGCSqGSIb3DQEJDjEeMBwwGgYDVR0RBBMw
|
||||||
|
EYIPamNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQC2k3SQt3BHFuxV
|
||||||
|
Ub+ShmqO9na3ZGx+eZ8BonrQ81VGQLkuj5bIzqVGPvgmeYhx8+sI7OhvZIgeRJg/
|
||||||
|
u24a/CsNgGrl1VL1nqlMNCeoImkqy+B9RUbQCif2XsFW+WTJ7imAZJVUXf2wmXed
|
||||||
|
OsQKvIp4Jb6+grcLGnoWDYOKXmacEK/7Kq7ttXu7V2Zf1nj4pnIDdCnyjEPnmmFH
|
||||||
|
6pbbn+Aj2ol9GIoq/OUGImZ1mHXk3Um0fOZOSrz6qLXiPEVxOjOVYSo67/G8VDIP
|
||||||
|
tc4KLe4PAU7u0he8nOzrYmHK7TR8kCsZlUXNwagbZvIwtnjag6PNsIuvIIKQkXWE
|
||||||
|
WFA1GkNN
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0009_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0009_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICcjCCAVoCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQI
|
||||||
|
6rQz5AodJk++Bsk25XMOiNFhV/+tMFS9V7TsNFSjvdviGAPq17bWQ0yf2bclBQNG
|
||||||
|
eJvLERgMY29cHNepaNnbhcKartL/M5rV89r7fk9l00T2gwUYuTKOQtGbvCJct6QO
|
||||||
|
dOVA/yNrm28aFxp3zKGgz+nZS00mimEZi/QIPC3DXSx/nGUca2am9S/DPYujPhkd
|
||||||
|
afKFrIb3rvhKunR/3ScVDr+yl8dubUZP7vZqLmnJf00TzSSbicAxz7EkKazZABLV
|
||||||
|
Oe0kxFKpl4vCU7WN2SQFDGvxCzWuawF60ispDFPeFdO/nmNAEfkjv9l0XbJdvC0/
|
||||||
|
1d1Z+fWlgvGUpR/tIAECAwEAAaAtMCsGCSqGSIb3DQEJDjEeMBwwGgYDVR0RBBMw
|
||||||
|
EYIPamNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQCtpZvzxLlt53UZ
|
||||||
|
G3uYKxW+BZidqCkax7yZcpOpolgwYv7Nh6MyP4kI73Tgm2wC6EwJiAuXtCiRei7q
|
||||||
|
MHYVln5aWUK7VGejBi6TsNCGYhshiPXkYV7H222PycXxearAi3uFiHeZTNZJZlLR
|
||||||
|
eeqDj/FTtQZ0j/i/vhlLYCwGNwWb+U4LxMJxFjDa832miQsCEaOqDkwlA88voUJN
|
||||||
|
R2bjG+aI8tDHAfXpzMnkPF0T0Xz1GxOOShGxwFwnIf6R4Xx0gjHCFN9PGmJfgeSg
|
||||||
|
odYtKL3kYu/+s9TgBblCjn4X6XbdEy3XEnTEsosie9sy8XEcNOBEBJoaVAj/faQS
|
||||||
|
NmWzCF/6
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
16
root/etc/letsencrypt/csr/0010_csr-certbot.pem
Normal file
16
root/etc/letsencrypt/csr/0010_csr-certbot.pem
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICcjCCAVoCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMf1
|
||||||
|
enm8e9RPeQblkFEvndP9LnRfJUJp/SbdSITBg5lOHWPLSoGdzyYZIFJMH/4bH5br
|
||||||
|
dcQcmJam1UjiQybuC7JYyr6+7S62o3PoslDcnwUK8iCj6VbEM9OwVmRkKXy4SqgY
|
||||||
|
pbAquo1+UCpU1yDogJHeybaqSRaLplRr24nvpKZxlVvkeNzfYW5Wmh2eFDCuynnK
|
||||||
|
zS+p2f4GQRqeCsR00z0++QIvuQKBf+YjP7gKBh49Wc7igEcoOvZOsHTE8MZx7Qb2
|
||||||
|
5h9atEnyA0EQOVVY4d9dNPNvMFJyjiOcSMih3tNRBivseeEoZaIM21yMP3y94n3S
|
||||||
|
y5YXrHPSVuLKipT6sYUCAwEAAaAtMCsGCSqGSIb3DQEJDjEeMBwwGgYDVR0RBBMw
|
||||||
|
EYIPamNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQAjr9iT8PbpJ2ws
|
||||||
|
INwAkxsQEJcM9Rlxq8CstMjK1ICm/6pgE2XavH/VTBm0LEFzk3k23Q7TV9GXqRd8
|
||||||
|
f498WP4AxcyUk3oPLp5QRV2IFjMBrYrj4sIZxERAsTwt3NJaOw6poLDkLDzg7SCI
|
||||||
|
yaPxpOjXtRthg7eZRyMa0h0wN67BLSbCZI7YWOhzY9r+Q1RbXDBq7lmzyOJDdqfW
|
||||||
|
XmUgvH5cuJmdJOopyXCo6/4nyic5SDaDdtRBZKnrZ1gP6mP+snLfT9OZUSlX/4KS
|
||||||
|
4EQYCCKuBsik6RTo1oXy/OvHOJeiOSxKZaMyaZpqCCPsS0QWgp4HO6OUVUbZhKss
|
||||||
|
D9coWpOr
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
17
root/etc/letsencrypt/csr/0011_csr-certbot.pem
Normal file
17
root/etc/letsencrypt/csr/0011_csr-certbot.pem
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICnzCCAYcCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALto
|
||||||
|
u/6wMVhVCAomZPQx8tvgkOBw+ZRqiK/bxPOdPn5/AJ0uImPg3TVO7CT6V45iCwCl
|
||||||
|
EABNrnSckC284TyoLbl+0X3IJI9W+I2y05D4bQh63X8Hv53W3jiQ0lI8fdvJsOHS
|
||||||
|
m9sOlRc95hAxLycZMqavDAK8nsdcLun2TqsRQmljB9HszPgbNUQfg12OBJHfkNlA
|
||||||
|
Jjy06Hk/TG+gWDbfHRCrt3VtbFOr7F16lYpyt43+S++1kFZPIBDaLhBN7jnLUO6f
|
||||||
|
JvAh2WhAvPamieqf2L86J8Elovo72NJvyVeIeqpkmAJ/+6oXscJb+s5i428ql17J
|
||||||
|
YNXji4R+7Kbx1pNUqwcCAwEAAaBaMFgGCSqGSIb3DQEJDjFLMEkwRwYDVR0RBEAw
|
||||||
|
PoIPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNvbGVicmFuZC5pbmZvghN3d3cu
|
||||||
|
amNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQChPyYKd2oluqP8VzGd
|
||||||
|
bBLQ2NTOFP0DwOBW/p5NwKdKapK1FQc7N6VDbpmv7Nei/4I4UQPOwQlfBRT+RkXa
|
||||||
|
UjnpK9LRwTbp0CGWq+8CrS3U8FbfPAVurKNkUebkV+EGoqYkQV3HUwbK0859iPyO
|
||||||
|
oeJnbUitwHXfyB8MXKmXbO9vxTf3S2BCuS8mhSvVJuNhHD+jCFUvMemYBB/TrjNU
|
||||||
|
2rIKzT/iI3vriFJ2jXPZmghbTvh9FearGjMbGHinSYpgyI2e0bs9UBvRIl33V3bl
|
||||||
|
pKXWtVYGZGSZAkLgKKrsNeWGOV2T+fgAEjSlAUymxsbYn23Suxb+90us1e65kODB
|
||||||
|
JkPb
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
18
root/etc/letsencrypt/csr/0012_csr-certbot.pem
Normal file
18
root/etc/letsencrypt/csr/0012_csr-certbot.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICzzCCAbcCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKVe
|
||||||
|
eIWFqsEaoBmBxH0wwQ34gXRCBpSnzr28zHb39oiwWPbM6QjLdlk6XTqz98n9vs9n
|
||||||
|
oI2uSHQvdTaqvJBdkrnQTVXtnZ7mSY0i1x6qmbn2SzqKHIhcZCh8A5XW3o32Fnrj
|
||||||
|
UsaWPOFhthPetUEfGHoVBu20csU4ntW7ck4wDXoVlOJ7qAyKO5PR8XU3Lgs9l/fA
|
||||||
|
og+qUo3rKcxIuv98BjGA8WQDFW2X2keCNAQpi9cIOHNjQs5H8DkF2SN62Y09M+51
|
||||||
|
4LMq0+2Da25bqV+bNGhUAHYeEiIKW+gVlXcbeR6jzKJHR4mqGyDuZSW3hoof3ZbS
|
||||||
|
ryiTtiVzHhL3SMIEIbcCAwEAAaCBiTCBhgYJKoZIhvcNAQkOMXkwdzB1BgNVHREE
|
||||||
|
bjBsghV2aWRlby5qY29sZWJyYW5kLmluZm+CFXdhdGNoLmpjb2xlYnJhbmQuaW5m
|
||||||
|
b4IPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNvbGVicmFuZC5pbmZvghN3d3cu
|
||||||
|
amNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQBef3cVj7rfV4xSapRO
|
||||||
|
LLo6a6tVDu2HOpF+Rr5nmIKCS6ncSMz4Qr3+dOJ0P6iR3Dz9lPzzHNQomtnf1c2C
|
||||||
|
7kMvK8DDXvBPmPn/It/mJeOuFVssKTcAu2zDLfWSadjFmg01zLN5jXVcFPJvx92N
|
||||||
|
ap1w0XDut+N+6PHyLUl2F7dRa4uJuC+SK7Uy5CldPOLtL1kkdsXfFZ7gqK38dZ2x
|
||||||
|
XY5YFEgjQO+bTeG2HXteMAQXFhILU3v8tjJ7hLwb9eZiRdKGVRm89dCKSQBlqw1V
|
||||||
|
lo3E3Lw5sGHsL1nJ7MkBur1kw9nmr2Kufbu1Jj7726MNu7HZNPCqJrfUrlrjjUUc
|
||||||
|
3/up
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
18
root/etc/letsencrypt/csr/0013_csr-certbot.pem
Normal file
18
root/etc/letsencrypt/csr/0013_csr-certbot.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICzzCCAbcCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQL
|
||||||
|
GG76uFoqmsbZhrzmTJiyK/4IwnTlvSZbkjCL1WCskfwoTBBgX1OsBZ098kZFT/AX
|
||||||
|
eSDF140w0FxLMAbpbPR/TADFTKywrXpqJBkN6Pi/hFzy8E49lLeqDWACusF7fJNX
|
||||||
|
OtS/fxyR0wujwaZdSgQph2UHuqgo6ZAhag13RYRMaF4xE93e4EcTS8b/4xzGbdjq
|
||||||
|
7inorVFyg1/4p+xzOlZWvCx9quZLh7Zxw+xyk4HTsAd2QyNFLQ3DTVO4pl+lAHYN
|
||||||
|
Cj8gWW9VA/0WSuX5+dmmIVLNPj0NKrEPUNf0AQio8H659h3XOqVP7us5yJb3yGIn
|
||||||
|
V1p4NUxWpreSJeg9MakCAwEAAaCBiTCBhgYJKoZIhvcNAQkOMXkwdzB1BgNVHREE
|
||||||
|
bjBsghV2aWRlby5qY29sZWJyYW5kLmluZm+CFXdhdGNoLmpjb2xlYnJhbmQuaW5m
|
||||||
|
b4IPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNvbGVicmFuZC5pbmZvghN3d3cu
|
||||||
|
amNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQCNwNPovWQwVnCxrgGA
|
||||||
|
fWINb2nm5BXTE1iS/vlzBOtxTfrjRI1/JaiALtRkGbu/+Yg3peQfNsQGEob3rV1Q
|
||||||
|
gKLbxhzvqgxqS/miR31L3KjBsJlo0NdTk6QV+cQcZHVuXQB1S95jn9VCclj2kCqm
|
||||||
|
aoEZwLqakF26Xl3chS7BkbuzGVFYkT5r0B4leD5xdz5tJ0O9nACAvQJ7NT/coDpn
|
||||||
|
0rtegBU6f5ZM22PZ/SfotEjsZA7JxnzOYmeqydvQioLXbwotoQ8ellZhp9wBvGOU
|
||||||
|
08JJc1qkUvG0knYEyO5/8b5fTlMlU6de6jYNDG+7v+ROs3jQ5Je5QfLFLuZIrjOl
|
||||||
|
5vZV
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
18
root/etc/letsencrypt/csr/0014_csr-certbot.pem
Normal file
18
root/etc/letsencrypt/csr/0014_csr-certbot.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICzzCCAbcCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKli
|
||||||
|
n08q2qV4SpUPmD3hZEKYR2F2lGmFfGT73TnQSYtUsuUyX2kT757LiiMFQoUl6VMz
|
||||||
|
Mk77BKHEGsgsdcN1LPMoHiXMgO1lJFZE7JelEvdgAKPuY5KCadbC5I1lOrgOYXHZ
|
||||||
|
goLmC1BjNBtimr+GDhm9PSqy9YoFpyeDwNEobWZaNQPrtSUMEYVvai335A/NwO/l
|
||||||
|
mFyw1zmjDy6erPe0bg6zDePsZ1BGCfdByTIYV13YJ+8fuX5hSsYIRNYwJzGEUF8J
|
||||||
|
EmO91t3X/RQVdx2t97rftUebO80cMOUGjzmszcQcpr9KHHgYnhOL6+PLn2jyWMPz
|
||||||
|
AKQK4QyK3O/5khjXH00CAwEAAaCBiTCBhgYJKoZIhvcNAQkOMXkwdzB1BgNVHREE
|
||||||
|
bjBsghV2aWRlby5qY29sZWJyYW5kLmluZm+CFXdhdGNoLmpjb2xlYnJhbmQuaW5m
|
||||||
|
b4IPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNvbGVicmFuZC5pbmZvghN3d3cu
|
||||||
|
amNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQAdZ/SJDd0FHRjdSGh8
|
||||||
|
CtBe6XO+wbP5Q8CwtrhA6e3I8+D6rq4lzKPFM7fHYu+6p0h/0WYyD5/W/m9aWWjb
|
||||||
|
ROd6ztSm355WX9AJx7sBHUD7jmCSkwriBcCPIpNCRB6VFjn8eP7go2OMcGXx55xx
|
||||||
|
+id1CB2WB4JNmnOEFFDJIEM36JfUqPuVbotDmRSduj9PtD88vtrI8/phwtfJOK53
|
||||||
|
Eh/OFHDi2A1oznxXtkK3AZuiNFfo3Or8yaLITMmI1RXk8MN5tAyeym08J3QMAR7g
|
||||||
|
yEUuTmXFAhASDj1Qpcuywf/X6EcMPs5o/yPXklwCPyPXI6gRpdrhlV24dsk0cWIm
|
||||||
|
1W/P
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
18
root/etc/letsencrypt/csr/0015_csr-certbot.pem
Normal file
18
root/etc/letsencrypt/csr/0015_csr-certbot.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIICzzCCAbcCAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAP1F
|
||||||
|
rAK94neuVu+QmvjuJXL7b7uprChD+/tCMC1Z1Pj9eNHUKYpm5iHU/K/7RBrK7Ugx
|
||||||
|
yyCkgL/ep22VsqPwFEPNnMovb5u2Q+js7sIxlkw9rhadRfcBBRraR1uudFXi9WiI
|
||||||
|
2Fktj3LXgLKAGCtOWs0lLHGdoUEY6oBzvMNTXcG5KklVXcBuX38XGsCtbp1K8slP
|
||||||
|
P2A5Slqru33d5M9T161D3nBTf+iXxvq4V6HIFBomYPS8hpx7iQ3S/mg5ik6DVEyl
|
||||||
|
rTEaKKFxhqT74jkwcfUz1hJJKEz/aHl5jtmOclil69BgIoXeiKkw+SAhUOEc2NQZ
|
||||||
|
Y7AimfXCrcfPBhPUue8CAwEAAaCBiTCBhgYJKoZIhvcNAQkOMXkwdzB1BgNVHREE
|
||||||
|
bjBsghV2aWRlby5qY29sZWJyYW5kLmluZm+CFXdhdGNoLmpjb2xlYnJhbmQuaW5m
|
||||||
|
b4IPamNvbGVicmFuZC5pbmZvghZtZWR1c2EuamNvbGVicmFuZC5pbmZvghN3d3cu
|
||||||
|
amNvbGVicmFuZC5pbmZvMA0GCSqGSIb3DQEBCwUAA4IBAQAYQTSaxYPDJh3VD9ql
|
||||||
|
EGaJFszsIxSRK5fTUqhlb1u9OYcvqegtExvPHCwtYDLdLGQ4S9FbUJm4KtUF1X5e
|
||||||
|
axwDu/wbWFNUWOTA++lVfYnN7+2lGPZTx9E7B7Rz9seaocIBr5l57sODtVIj8uFn
|
||||||
|
GSTtmVRZLR8A41KxpRBclCUE3glSJL8IqmqfgLoEwPGHw7OeoBNyjIeBSRZF1bh4
|
||||||
|
NO0l8ShcoSMC5AkKwMBrKvEGpfBcZuwpuaGLmTl9yFNuBDerPo/GREQlXnF2X/UT
|
||||||
|
SvkviOXMc0G8Gzf9yTraLhfi0MG38y/7ci2mEJyR6aLk6TKI6xhRR2WiFHrnnKGZ
|
||||||
|
c7jf
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
18
root/etc/letsencrypt/csr/0016_csr-certbot.pem
Normal file
18
root/etc/letsencrypt/csr/0016_csr-certbot.pem
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN CERTIFICATE REQUEST-----
|
||||||
|
MIIC6TCCAdECAQAwADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9g
|
||||||
|
WYFU2a2J3v4iurBkuejs0u2QUzcHTHMeCVGoPw0p6tCdET2g21FvMyL/j4NghDBD
|
||||||
|
Sr/a63moaoYrG/yeHrSFPfU1XQ6oQc/t6wvpwHMo67jYrE51pnq/rETTOLd7Komk
|
||||||
|
zC7F8tzHiRuIqyv87HJhj9KH6ZtqJrskearKbsqaH6Xzp8OxXB4etbmTBMHypS0B
|
||||||
|
XrazdnHZUgBAvZVAA7qGXmhoH9CW/tjiFsX8a9beMMSqfePSPfzoZYwQkAmlvnmw
|
||||||
|
xYc8pxvXwMAmZXEyfWnHJJ6gaHNOOy0Azl/410RPgwux9vAjOledUxdV/UxTcvKb
|
||||||
|
kCWvrfRewtg7dqOEyGMCAwEAAaCBozCBoAYJKoZIhvcNAQkOMYGSMIGPMIGMBgNV
|
||||||
|
HREEgYQwgYGCFm1lZHVzYS5qY29sZWJyYW5kLmluZm+CD2pjb2xlYnJhbmQuaW5m
|
||||||
|
b4ITd3d3Lmpjb2xlYnJhbmQuaW5mb4IVdmlkZW8uamNvbGVicmFuZC5pbmZvghV3
|
||||||
|
YXRjaC5qY29sZWJyYW5kLmluZm+CE2FwaS5qY29sZWJyYW5kLmluZm8wDQYJKoZI
|
||||||
|
hvcNAQELBQADggEBADguF1eDuTME2Piz5i0MsfbtATcJ48cyrkt5zDuCgHGQ0ud3
|
||||||
|
QvvNp3DLiu3ozyLI+vvucuoBWQamoHrb3vk0sm2QdUh1ULLGNS6TdBywASqfIIMG
|
||||||
|
Cl2j3wFfDCOY2hELw2a792mLO4cq//+ZqmEztrewrxCnGMYYZnwwdNDu772zr6Cg
|
||||||
|
aKsyathccv9M9/R6tTemI158gaNeLGXJyEi15LkjO3L3+QF8QRlUbNJpJgY4CYfJ
|
||||||
|
Kxsf3eqMkbCZLkqx19icIdvZtgKp8KatzmtN61SKGFLpqeGpwE7xYtVm+XJlXGEn
|
||||||
|
i4grb8H8P/An7gmO0CUVNOjqBzN/g9907ee77VM=
|
||||||
|
-----END CERTIFICATE REQUEST-----
|
28
root/etc/letsencrypt/keys/0003_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0003_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIVmuDZnVr5rE4
|
||||||
|
GJKrezsG7f3O3TdtKJCyrMpu308aemM0tNd9EhmNsf3525p4AWbt6nMxhbOzMAXc
|
||||||
|
uc7EjjIFkf+9syxAsaC4N1NKWpQsvF+0OK1pE4WURYJY4JmfY5OEGOtV8oUoqDjU
|
||||||
|
2+//0eiqzDYiMHHHPETzJsRs6ZZ1EFOW83FfDg8b/B4TuveJ4BuMwS40QVviiZa3
|
||||||
|
DEq8vRYAVImy45NYEJPPWXQ8J4PjL6EEVFNfuBGvKMnzSPU7umQmtaN4qrQyjVp6
|
||||||
|
DZ2KoIKYnUhf35XiOm1Rkbz263pbwZs1xHiOSKpRdDsPELJZWDPHdUfl0PUfTQFv
|
||||||
|
he2fdVIxAgMBAAECggEADMHOClnDp+mShukvq8pG1bfhdeMJ1MJkxm/w2xMOwTei
|
||||||
|
ahiK8UyuAmMfcmHsyfAC6ysHB1QFf6dS9D2DwGnynv6vS5flfUAiZSCmxeETNu8O
|
||||||
|
5BXI2xxSYQD1Hi49MhRf8CU7FSfCmXZu2gUgWQi3mWq0FsTBdgetN1OUZgAQ4+bX
|
||||||
|
nFWAitIgHM0ddhWyXhbLcrBfS7VRU9uuvsbY8SWNiu1WwLTwO2c5ErxVQ9l++rmE
|
||||||
|
NDwfm0iBl3QSwDmPUHlU8INEKACCeWs8yujqgV17sacIMbyDawIkbA1jD+24Cp81
|
||||||
|
13sfx6ZGxAIf7qGmVdJlX44Bg0qs8xm6ylssUpLhDQKBgQDV9Ft8yxkHOjYQ0Hif
|
||||||
|
oweSwny5xgQIAWE2OSyZmDQOiOOsYNi8lwLo8Iv11hl3JY5sNWd6UGP27WhjCTyp
|
||||||
|
6E6SOM5CxXxFqrC2e9EMCfN/mRqFVDYJF1KMxKaRo/btBB5Q28PqsqsmzobPWwF1
|
||||||
|
zIfc6OYw1qcazeQPEUDA+oiuLQKBgQDvtQUvL9HS7piA+WRz+rYGzhzES1vrmdCq
|
||||||
|
UhG0LfeSt3G+M4711YeG5ShP55xcYZWtm6sVHtdm1w7krhDsWXBtE1NoaabJ0Eec
|
||||||
|
JcJoqVzBiWVrK6PV6YcRE4Rd1gc3s6ruDJbb/f6gAM9lnVuItY/m3CSvtWREbLJV
|
||||||
|
yObs1RD6lQKBgQC6r1ykpxJPnBtQ0JZvtHEHPWxXLNCXq5yHE5w26PeDNy5xWo/C
|
||||||
|
/oErf7if6RCPRdXf1TlVIJAZBU3wHD8ygeEM9UQEPw0QPL+0epUNTCGLVKwvais8
|
||||||
|
A32kFnLA4bCzXsSVCS0JvJxaYBqBE4dSogRqXU19j85/NOepvgQiXnikgQKBgHMD
|
||||||
|
QxKJ+j4f9xJjFvzC/ZW0TX8tvVQFAGbIa/As4g4GcM/XAzAXHSjvSPFV6uM0e1HK
|
||||||
|
UEMZAjc41s+IaVxN6bCcRjfiAYHxqnpUb7wyDuxZlUzfqoOXwhPCbo9rgxkJ3ujL
|
||||||
|
J5M0gniZCunxn5qvqvUVCZE5Env2P3cDpzFZZgUlAoGBAKFdySzf4wRZ5U/6HC7Q
|
||||||
|
bMS+/5HgUaHUHU8Cgj+s8H+HMm4Pmt2nGHfC7uzhjh5aznuQZUv2EE9LPirqS3kI
|
||||||
|
XOtY5rrKKWPyOF92lqARW813frloN+q9OS6CbJPNw6GGTuM91M4d/dExMQ/UwQU1
|
||||||
|
K8KA8JsoEUloNTpRf2OuI80j
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0004_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0004_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCI6ZdU4j/SgFZ1
|
||||||
|
3uMdtcj17Hq9FxelP2r9m6a0D5O29hutAmP5rSGMPwpD/an5kU5DxZ7A4SUWpMlz
|
||||||
|
m+BtIP2Qsvm+DyHnGnj7Yi3qn/Dp0X27toON6NZ6w282f+qVAPiMvO4uootCL3dv
|
||||||
|
deoO76wcBM3D1hbOMC6ejLRVfRNSj5EkDmWP6BiwMcmXECRJcqsPZ28PxhNIwTsP
|
||||||
|
8UjKgWfI+p7ZPD6Hs6FTeEnLnTc5wJ3+H9owmi5c59LWpfyFZnHRfUlTyEG17RI2
|
||||||
|
QeD3P91F5xrdbCjtPUldFa5G6eWJF1WY3uYlqidMbD1COxsGeg1FfpK2s5bAuS4E
|
||||||
|
RgJ9pZgbAgMBAAECggEAF8FH4495+WERH1Rz3ZTL8Hd+eE6IaMCPJL+b9gP54jXj
|
||||||
|
aWpPxGNYvce2VUOu+UFP7gxc1iR6VepzlZ6HGwgtVqznDiX8AOgj86H+S4ZCu58A
|
||||||
|
jNBHFRlAFX7RTgh1wDKx7WFehjLnrK0lsO4plTvaheYDeaYswMu1WwcYxvhzoNBN
|
||||||
|
KbXjzrQrn77JAgUPI2fnZSY4CVh2yoryHdGiw4VsY1KBjCCvTbt6gE4PpWASlegO
|
||||||
|
yi7bsyt5bh0B2eOqiPDlTNVILEC+qtWN2wjQtChiQ19mMSjfBWrS4kgdwW3jqwqd
|
||||||
|
NTXXJOwj84IKIN0QbCVJOOzk4lEsHhQq2b9GMv4PmQKBgQC+a9zMj09JjgAcCDet
|
||||||
|
IE4WtPgsbQYU7IkszjElIq8gXeqP0p1Yvi371CP7t+kRat8z7UuiNXqgIF6+xqEl
|
||||||
|
ZCRfDCDOxjxU4g/Bt/4xhworkEGQHGAuj59MWIdyjW1b08MXx10fWEhhbG86OAzY
|
||||||
|
XpUzO/dn9lkME24NuHhzKW/lhwKBgQC4EDhRSKPsYWFG4PNSBo+z6nYq8F1tQtou
|
||||||
|
tDbcpQxMTzGKAJq5EPCDK1d1PY/99blkbpUvCuD0byLBdpQPpb1leAO7EHbDqPiy
|
||||||
|
na2SX8XiEueg8JI4rSNUGOhgS+v0YN/6Aw7QqyHzRRik3kw4IylUR8CgIa2J82qU
|
||||||
|
ODanWEGdzQKBgQCxeKXYoNgsnYPMnHwHhsxArXl/Lj000x8l+yYijijZ6a3rTUgI
|
||||||
|
pXcF9blzqPw3l3tfUhHjpCQdiQ3EkCswRhz/2LXbATbJhcdZrLnkPw9jepcgUNHz
|
||||||
|
kzfMV9YlFVqO8tYpG03XINiUtBMWF5chMUWs8n6rDhYAAzvW3c6kxkHbkQKBgQCj
|
||||||
|
VtGDYIEHjcsziQCkc+omcRR4OmHOShswgwCEgXsOZODDZJHpVVz6KgYspnsXlW31
|
||||||
|
8CQ3YOIMSGuBX2c5E42ldAFricq7C0HX0BFt6cvDOZ+PtK0t2oeVY50jh3xWm3ln
|
||||||
|
djs5dgRky5Z5CER/NMTCZAJOmFRWLUsRSWlGzA0+qQKBgQCd+j0fnXPFQJv9zGwu
|
||||||
|
/u1tXbmGMVKfoYiOCJvRP4WuKPubCufon0Lt8U/IbJWC+I3evsGHhBy2TAe42GB7
|
||||||
|
KBXrTEjmu7/nWQ/lVH/uv5UsRHZy850EhtXWSXlZq4pVYbVu5zNunw5w72rpAXUP
|
||||||
|
tUfShS0ps4sgKxEeYu8ZEvWBLg==
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0005_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0005_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDffcc59bBtXlcT
|
||||||
|
p1wQd+wbCYzzyvoEkE2frSPmXEhLz4fDp57zF6dn5LSX2WB8iUpboyiy+SKCkFKH
|
||||||
|
F0lCl8rjFq0HfeD+JRgDC12nOwpXJd2OvgOh0TKalUDfnbQhnlgIHNVPLKAkSEKB
|
||||||
|
9YupNP7HwuWeMU9Dv7Y0Tg504PMdBz85x2ii+xSBnkkiVu9FqEbsFDO9kA8DyL2b
|
||||||
|
Dp9Iu1+W7QpU0/WzUR46OFH9iiuG5djFXLgO0vEpWWnIJOawTACl0NHGqVtDNiqo
|
||||||
|
kyfEGTN81cXvFgz0uuVtwcSHQO695IDZxBX7wF8G3tNnbyTPHLL8b8qUEPCyfi6d
|
||||||
|
QsQcw+LDAgMBAAECggEAASJFuv0MnplubqqYNHsvRvnW7bu3ZgOHaUp7FqWcNkpA
|
||||||
|
wZTdoRUbI9NMuUKAk1Es/+cFg1bxPmFWEdpj5EMZ4+oPCa0xUYjFpOpPWNRbWpLW
|
||||||
|
G23KXe1OSOt970SBD/SaNLxUtrievWBief9RbJPYwRGzkYhlgw37cit9NkmX4itP
|
||||||
|
UOupK+20tjh/bG/Wrsc7emCAzs7TUCK5Je1xcSqH1Gx1x1Z7cU7dRKAeoGs9Vx2b
|
||||||
|
D3xUE9s6PHMZSf80BfI+S7gbBg1kJXwq9gnBtz3PSJ1mFhjdg8dNUjGONCSSwtTl
|
||||||
|
N0BvapeiARFMMlTEqgBWcHWFloHbBloI+RNdn9/J/QKBgQDyF+wUtA316alZYCzX
|
||||||
|
ERkMwHaiHAwCdqxruOierhu4v0S3KBDqXA/z8/cFfKqVR8R5m5PkQggkLwIMDsIK
|
||||||
|
uHCTzsV62hl6epI7uXqslPBKs6t0V/i8kc8yQYLRMD7jA6+k42LQ2ulh7S6h+nqu
|
||||||
|
2Hhi9valdkr51OoHtxvSUof8NwKBgQDsVE35yIY5+4AujsM3rqhv+x/tyEtdzulJ
|
||||||
|
TFPpzp1YWGWSFE70Z5JVZeiQOiSuOchPTzYbpUqJeR76VIgvY9OKIENbbAzWfC0F
|
||||||
|
fPqkwvc610S56xLVeQEuXTsuFh798SK6vg8kxS5NBKr8M59jRxkAfZyGfUmYxm9U
|
||||||
|
n9QGAh6/1QKBgQDEJNGnrIIrHZeRzDRIQ5gSFtWHXkX0sQXdeUEvX00ikAUyiAm8
|
||||||
|
d76NHrqi/XCP5kevZ3eZVk6WUmfMMSDR4sGDX+HsOUyvSSO1s/9KWJmfTJa7epMS
|
||||||
|
5OgEhcNhjT9GWrQyWfCz2smAB9Tic7h2dPiE5ibLxF3WsMS0X4zxCOEYXQKBgQCE
|
||||||
|
IQpLiepJxqw+24CXxCXWHeAXEHHaq9FQMsWDpgngl+OJzaLrEHEHH+froyZY5mNw
|
||||||
|
vAezYzGONNK2AMb3P+fIhQtDtOBklp6RP/PeZEbXdf2tuJkaEwIvCt8IgEOplMTn
|
||||||
|
BVXwJ/IgC2kRgkctuVVoKdJ2etvH98HM3WMsTMkmVQKBgQCO+4RWI8sJ1Fnps+np
|
||||||
|
ZSUZwVxB6+cvrcpn0EAEn5WGea83Rv9J06D+CLkQ6OcASKesr8ViMS7JttaRWqWR
|
||||||
|
CuG6BICejLNVyNeITDW6Ka5gmw1BRqMU7UvxS119YDmX1ngJ/AjC4CV8DxI8o/u0
|
||||||
|
qe6+zN1Zj63KNVjnU8F6y/dy+w==
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0006_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0006_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzZLTLDFl59+7U
|
||||||
|
lUCoBT7FkmsSwBFPbO94NXwtDxKo+KIh0arBY8yzmaes7wEYLyIni/3bpdBWa55B
|
||||||
|
rZ1BF0KoOvsxOXaik7IUbW3J+ISFfffhV7M3L5mFawwHjY5ADPQjfLk/DZ/7L01Q
|
||||||
|
jopiXAtLdyFccpXbleeH++HxgkqAkkkRMjY1UjjGvx5veDvVKyBT/5Y6efiedged
|
||||||
|
4dmXT0006jGPMBSVfxb292o8LCVIc1RDMizm4nJEiv9sC5QrRQj6hhGk/OapaWNW
|
||||||
|
DId/52XipJf3PKAuspTc2dRlZCzy61ljxO18iuT7Gbc/0GmEfQmlg1BaQUJssHBQ
|
||||||
|
W06Q80M7AgMBAAECggEAF/Q3i/FfNUEc+/feBVGF+z283GkXJqLmKwgBR8b+d9+T
|
||||||
|
Tq6/fUlFOSooUJgtbjxE9EDmKeEvO4rtO9nh6KIhfXM6vWzt4XGVUtL12QU9NNII
|
||||||
|
OmfKf3D0r/MGTS/isbzJEMADwF6iYRkE2t/drJqby3zh0IVga0zN+MNyfRwntJka
|
||||||
|
sn7x2IqkPwurQsjP227BgbyMVq4F07D4c0eVwtnMzafKa6Y2ouGIke8TdDTSbyPL
|
||||||
|
77nmKz8JS8nh0r6K1w63tNkqZCU1viOntyzDM51CTJjWuFvBvFXF83JHthEXmFaV
|
||||||
|
EpmDHPdCoW1srPyWQpZgvmWPeNUxzB7V8JR5vPkBwQKBgQDO7euHv/L+wkOF+oSV
|
||||||
|
GmU54v4LS7WtbmQghCAyGC8nIkqTfgq3hcvt54ppv+lVtOgITcn+HpUQoCAjHNe+
|
||||||
|
g0VMDuROw4rOFqvlBgrCUffw8ODtJeQCOxyWrReCm9JZq44j0ixWhc5yFuEJiuD8
|
||||||
|
+g4qqJIopmlblih/SvJUGYFrWwKBgQDd7ygDdK9UaeECbhqvtA5Vl2om78A2bQpw
|
||||||
|
WiSeYsqe6CirVdg2gIbbYLQEzoO8TJjPSvqo2rJofiXzMmB1c8O+zi1S+cvojriG
|
||||||
|
RkfZ8Ei979RcpVWhXxulKSuR7kn1Z8WpnPzozU1EVB2WJTufd22/7VdBM0hdOAtv
|
||||||
|
gJ1rz9ttoQKBgQClczXO5Hq1lz3F8ffv/5rQHd5hybcJZCpKlVnos81/zLs0EqMe
|
||||||
|
+auEHI1e4EMAdBTSDuBifrFRCbaoXHdjrDHMDlwdXdutzBLEm4AevssvqmktNA6K
|
||||||
|
ehjxoJQbqdsWN0T+/xzUUUgvkHt91bzuiECrevzh46x5viXDIXmAJKSF4QKBgA5/
|
||||||
|
RdTb9WwFMo6PFK0vjNQofOWoOZ0UiF8IdGXoPCYfMjDm/aWpxaVk7r11pANT2ZOI
|
||||||
|
6VDIYGkU/HOjccuaUUoQe8N0z84ULJeQ1ba1zHqjxPJ8VlihNtQWGWOB9lDSg4Xt
|
||||||
|
3FN0vbxd5kTdj8R976xe25lFuU9ljtGszBuzyzihAoGAekX01V0nkuoOVm8AKJcm
|
||||||
|
9yQYBij/iiC4CF4lrK4AVP8nnAh4M2tpJn1Zqr1y/BeRJ6PSOX2LT5nFX0S8jUjC
|
||||||
|
f8gK8qLcIdwByt6PePlB+19QDLkn7jRngXMvQgnoCcrwVgCBdpTogg1AWpfhLNGC
|
||||||
|
BSqwmDjlr5nrH7tMLKwzfMM=
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0007_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0007_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCszLtm4D4oETcy
|
||||||
|
ziMHKYxLoY6ltr77b6AOanUJ2rH66pnedqsz7bxiR0GziRRdFL26abEMJ1EUx3FG
|
||||||
|
y8rPJFcY/nKvl7S1v3dHfP4pq0mRtcwcyG9Bblv5ORDwk4JeSIOpqnP4LxPyuOAs
|
||||||
|
3YeOp273MVWbV7OKQIdFIIaZF9E0sqk5fDQXBd3bk2/Wt4yFpRxnM4ItNvBZ+31H
|
||||||
|
9pHUsrUFO+aD4lSwGYjkwwNxSRYq5Ftft2PFukZoZrFHX1y/Jmewmn2B2W9sCsA3
|
||||||
|
a15B/monkrZvUdv1+srf/SusASNJl1Ni9BWJsVej7kd+wXveoU8E+t7B6HOCKf/o
|
||||||
|
+8FqxIx3AgMBAAECggEAP47wcTcS9bbbWD8VCDnihiEO8GoG1kHpG9RRZ0X/B/1J
|
||||||
|
ileYwjlz/KwcAPbvPAt4e7wLaJ5/hsaTJkioOMezl5hjw61nxR//NhbF/7qmjUdS
|
||||||
|
o9WfgnAeuU0hq3N+VMKUVxBApq1eR31zy1zSUwjH2nlVdRVtjvEMMEN17pKhmyFu
|
||||||
|
SSdkTQPClstkefbYtzkXmSYXviSVgCMr38a137BEydHmzxFJ1G23F8naE1xouFJN
|
||||||
|
0CiduEapiwgaVOjt9B81pu/8fkPnWbzG2qUypvuSsHF9ZmeYMMt5CbFretnHuIoU
|
||||||
|
bIM0lCQTex+dJh6p6g1cFfllXcc3BNK0QtNCtPqI5QKBgQDrFolE2JERup8uXdWn
|
||||||
|
qNp/2UN4oO/67vapAErLPo6zkSmvahgccK6ZFNkHrVoqrTPYiyZfu01I3X5Kn9LC
|
||||||
|
jFqG/biu/1DPXSJKk1bws0UlYznIvosinF0TaiQdyONASRmfo+ulYX/87DCc5cAH
|
||||||
|
50iuVJAEjBxem5k7J90gFrBb8wKBgQC8K8GgXs8y6eUf7NlkCpTgVtguP4SNlCy+
|
||||||
|
ippATEGDd7Tb4Xc/M5YqSSb9y/0beZRNjjsnjhqqjPonW/gnAL98km5lDlzf/o1K
|
||||||
|
k+ZSzcm/vwe5dQ9mnx9EKwUZSkgkk7EAmiCMwMCkqEGFbjmdzSO09C2qw3YrCvv/
|
||||||
|
Zcmd7BSCbQKBgQC2h5/7QX+Z2WHg+WB7tiI45DN8BNFv73y7CYwJNMBN8icAmQqx
|
||||||
|
glg+aa59RH7e5e58csZPzDkcm0WEoYVeIuXjLDrqPTi8WN7YMoBtkXPdrKZgFHop
|
||||||
|
XGj0OxRhv+mar2diyT6dARAEDEtOdyDbwhtvqB7OOQ+J8ZxPDwuk75jtOwKBgEpe
|
||||||
|
yOJHVoD67HHXvHvLqteXu01cEVmbjKuqQBjVircZIsQcsnKqQtlnnB+G9fxb6v9U
|
||||||
|
DZEumt95ZI0Vzlgr9YKYpUUPjimBg/pLxiZH60r7h2QHHhUjIspgbl12fFjofnaM
|
||||||
|
c/ztWbY6Qdsom2EA6PHl5/6rzhJo/vwMEMl3uwtpAoGAaZn0I7nnwoxslCeLpq4T
|
||||||
|
3mZ0sJ5gPeXGc93L7Vc1A/wOgBoNFIZMsq7yama5WYRObvI+Aq7i7x3HhkTQ1I6T
|
||||||
|
plyviY4wRdApzWr5I5Xlh/d1YhNuNJPW07xLRWQWsSTrWo7TMAGNreEoJpCPv7r/
|
||||||
|
oNM2K3CM/9BLDbWNad3BE0w=
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0008_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0008_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDLMaJd+Ivu/Qg1
|
||||||
|
/kBcYe9d7kO6eqfkh64vFpGS3KDaeIUYZDpOpAyxvysPgdo3zv5Jd9AEJBioRLVS
|
||||||
|
HFm6Znlwkosxg0u3TAMnk+rPhCrs8W1y2zbJvyvqG7Cpu7wmQnfsihgD6thJ/ACc
|
||||||
|
24VWFh2Tq1+811Br9JvkQzEnZdR5IPtanWFIGN6deKLK+DA2g27LU3D1v1Ot1tQ5
|
||||||
|
BzyNLOHiY7mtNbqY33pHV2JmyB3JT17xBeF9av/ejbxxioEPUbQ2h4/olS9owHXP
|
||||||
|
TfeCTRJCM5ohEW8A1XGOrqaN2h0wD/tSdleWmj0MG8YDQJnhHlauYjkOP3tQic5e
|
||||||
|
rfm723FPAgMBAAECggEAE69KSIpEnDF9MyXffFOsidAEVbN+QmB2mm84SR8Aokmc
|
||||||
|
s0E6eNXhuPKJLGZrCo8OCXYG+++3R83oNv0yICG/UA2SWIictDQz9giZbeMi+XNm
|
||||||
|
JANiqmbPzU1Dbx4V2ysDTTIPo4mDzJ8SPB/0KePYl665hqThUKQQ2is8PtHZpKZF
|
||||||
|
9BADqn7961mWcUxo6Mvo+c+pE+R73L+u7yxzD2ND6UuOcAyopuyik70Z8yykXH9R
|
||||||
|
SFJBcc92TVsN+MU7/QciiA0ep2kPHp/Pb7hE0OuDgsy/mVN3R02hO55ynhlyMjbB
|
||||||
|
j/7tHqCKOsGH++fAsA8WtlRZL2iDa87LSgItG8Mz4QKBgQDQSR6CH/stQ1kfFKaE
|
||||||
|
2sXCOX9t0Yxru11l3an5aFepxufEyly7DpBFevJ/CBpB/r56dNRozDmO5eDKZuLU
|
||||||
|
JxIuNHO6a1D+3BdygCZj+uM3fJ8O24mxgYB/erZtLsbGbXVyqHDU5QEYkyB/od+T
|
||||||
|
SnA5mzKo6AY9VoXjKkwpJDV2nwKBgQD5vekrbI4XgzCoz/glzk0Q3Ceu9/GYbJXp
|
||||||
|
JBvPteVV7CsfhYpNlC0x9fpz1HlhAdwFHqBIqrSFdkMWvbavRo4BqoN+25boWMT+
|
||||||
|
VAucrJ3kWwp3wMo0p/q5qJEIRz46ltthKMWjDKhPHt+BB8FeqG42qYBOUH4T0/F8
|
||||||
|
7w0OARN3UQKBgGKuYd/w2wYk5HKPTB2hsRRGPZOANnFMQgHjNYbO4smzTVe1MJ4H
|
||||||
|
Vl800vNQmXAvC3vlIkXMjHChhREgEdPF9x0hCLuH4MX+7LT49jdkRIajapCVfvU0
|
||||||
|
j/bV4txzzwVwErcSCvMy1IQaIMmXnd+g4u7IEwZnd51UAvcPsSnE1/etAoGAGfRl
|
||||||
|
tjCa99CXjwPGG0+8bKMksKduAVRPpCIvjb+urOZVePos7HEY3VdeBwmu76j8z79m
|
||||||
|
EwdCqZgn0sY2pTKk8YFiFx4FKfKHzpK3fjnmUuQvS1DK8vv+L6tYH08gJYCmHgvZ
|
||||||
|
tl9LYqWnvsYqj4bbpWyqO/lbkP322/AQIEN2XXECgYEAzaFAgT/Cfd4tyj8t5TkP
|
||||||
|
QChzB1YO2h4iozPcoQIepXQ0eK/idySt87nNp9rrpfD3Ftk+R6e9S+oTzq08QYab
|
||||||
|
WibNIj9x1c9/j3eHgHbSHBjpgADAgbg7OHYHkBGe9r+ifsrUvoCWrT0PzjcTpI3I
|
||||||
|
h6D2LbTzKz3TdMFfUy5sTKI=
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0009_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0009_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDECOq0M+QKHSZP
|
||||||
|
vgbJNuVzDojRYVf/rTBUvVe07DRUo73b4hgD6te21kNMn9m3JQUDRnibyxEYDGNv
|
||||||
|
XBzXqWjZ24XCmq7S/zOa1fPa+35PZdNE9oMFGLkyjkLRm7wiXLekDnTlQP8ja5tv
|
||||||
|
Ghcad8yhoM/p2UtNJophGYv0CDwtw10sf5xlHGtmpvUvwz2Loz4ZHWnyhayG9674
|
||||||
|
Srp0f90nFQ6/spfHbm1GT+72ai5pyX9NE80km4nAMc+xJCms2QAS1TntJMRSqZeL
|
||||||
|
wlO1jdkkBQxr8Qs1rmsBetIrKQxT3hXTv55jQBH5I7/ZdF2yXbwtP9XdWfn1pYLx
|
||||||
|
lKUf7SABAgMBAAECggEAGoUiS1KhzQR4hF0uydXVYKVcuQa0QvCJE02yKdWylqi4
|
||||||
|
LKD/orgIisGdxSXy7CXj8bd85YapP1mdshkCBeLzPlXGWLdYY08HCjFblgpj4hXi
|
||||||
|
aPf4bZ4Un9RDEdxBrVxhs54JDmKmoYITOwqKiZgfZNY+imJNH5jRK6WrG05p5b7F
|
||||||
|
fr3Fj0LXZ3Ye3u6J803dRWhBA8ik0GmTRXmMNogclLIE3qToCshZYHe4BngJ6Dtg
|
||||||
|
hjI27x2UaczbM+s26aQjOW7JDu96KKMwKd0iT3cAi1oQ57+6NTAkEKbHAnkNlr0U
|
||||||
|
1jUWS9tFlCYSZBqKEE/82Ye7zJLe/1CzVnVLVgGyKQKBgQDQyfWkx39aW63YlgLT
|
||||||
|
1RhPfoqhPoEmwDPQcrzjPvzRQhLlktRcT7NE4KYFZ/MuHmVnh8m7mAKpqwl7XuVt
|
||||||
|
XLNLP8Y78aogSKSnQeG1HsHj61E5kOTx9DSkgt0JcVOfcvbXn4PrxGSiMkuEThOR
|
||||||
|
TyaunPO1qI2c25o8F3fkBRDTcwKBgQDwXKtz6zdaFhMWy5sU8UdKrR/aFZ9x8Cjh
|
||||||
|
for2VVJymzAy+TCBHyIef552vyUpDqj3GONb1Vh/xpUoHwKJlcML7AF2+VOvwkGq
|
||||||
|
yVld83IK+4doUIwvwFbqrh6EBs+XRafKF4jHGBWMUkKXEjHJPpnT1DFoU1P4UyqO
|
||||||
|
xf9dvVXpuwKBgC3zxTS3E7h3ZRO+MHEe/XLBjxFeCF7W/pBqMFhzjIEh4bbVUhff
|
||||||
|
Er2eE+wsrMEBv5/Bqwy2sB9XnYahpC0lsfBl4ONglOj2FAcb4OlUE6huKjpZQYpf
|
||||||
|
DRcIFk31u0nkq59ZZFeHqf5ow2YjKPtaSFE2Cg15Q3G6g3+mSqTM2J8xAoGBAMn/
|
||||||
|
x2Na6SC/bnl40TMvdo+OoTchdudFQsYHF/ffSrPgMgiUnSvWo1DoRZ9cEnnHxT4s
|
||||||
|
X16dFIwFsvKN5Q8Fmm6Zf72h2a/a3F8Qahdn8Y7DRk/naXjz9texTxn7s1hZBKL1
|
||||||
|
VlCjr/BGbYoSk16iSprYOFGJvgbytdBZG7yG0v3jAoGBAJfsBBU1NRqP4C2cpvI8
|
||||||
|
ZPn/hk93HPJKZJSCMmo3QGky3bxy02EnpUUmPcKDwqPDAzXj76sp76eJG4y5oMGY
|
||||||
|
q/tj77XDPRl5zQ99rhVpP0N5rE8Nj7ayt2pTFj+haP+56CPhLrBceeho4p8Do6D1
|
||||||
|
sy4PDE6IIaNSVTLv56+wd3ch
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0010_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0010_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDH9Xp5vHvUT3kG
|
||||||
|
5ZBRL53T/S50XyVCaf0m3UiEwYOZTh1jy0qBnc8mGSBSTB/+Gx+W63XEHJiWptVI
|
||||||
|
4kMm7guyWMq+vu0utqNz6LJQ3J8FCvIgo+lWxDPTsFZkZCl8uEqoGKWwKrqNflAq
|
||||||
|
VNcg6ICR3sm2qkkWi6ZUa9uJ76SmcZVb5Hjc32FuVpodnhQwrsp5ys0vqdn+BkEa
|
||||||
|
ngrEdNM9PvkCL7kCgX/mIz+4CgYePVnO4oBHKDr2TrB0xPDGce0G9uYfWrRJ8gNB
|
||||||
|
EDlVWOHfXTTzbzBSco4jnEjIod7TUQYr7HnhKGWiDNtcjD98veJ90suWF6xz0lbi
|
||||||
|
yoqU+rGFAgMBAAECggEAQcEAgG2xzrQ/mTv+RCRDY0WbdBshloBiBdi4kydLjis4
|
||||||
|
0Os12f+58c5LaaSs1JO4xJkzRcUdjFTaSDhXWsLmx8QZD7abKkRW5bO8h4i1JiRe
|
||||||
|
UMt13NlyLYeMMUEav2+e5T4Npiu24vaJiBIUGDc8qDs5276NgEN188bwD6DlZPHa
|
||||||
|
CnLLbdwtACheBEnreTJyizj7DYZWfxcgrG7wS78WM2DOO1ItqtArUpeu8fXxoxjF
|
||||||
|
zSp44xzZFHxFUM8XlhdujV5p+6cOIqM6Q2Ohz4jKRN64eY7xsEEACZNo1oV8MXOC
|
||||||
|
vo8T8rK5KhT/9MYfL7uvz6r1B3LnKonXuDUADxAdtQKBgQDbNY7+o90quMPXWSbE
|
||||||
|
ZZyxwhohTR1hvS4h9c0BNE5X4OX2FdyoQ5SsTvb/esrwh+h5num7Rh5GxSTV6nJq
|
||||||
|
SdxqxfRdILaQht4frEKw3stDy4THX/jtDEfHUow7N+XgrZiqR4NshGjTZysuE4ID
|
||||||
|
ARg4cQjZZhL3in1UHHe8MxJTmwKBgQDphNHfqOxq8sGxHqB8hwSa9eq7UkarbxfF
|
||||||
|
ZJATTrSZt6jy0GFzZjphsALoBQZ/ne3aJE2zy+6SKgs+jxGsnYwnDQdXhMm6C1sa
|
||||||
|
g2zolZjkjvgj7JVn9BaaW/3ove3pLpjdrd1yT51BRz7UeeWE9Q/Um4Pvne8ITqh6
|
||||||
|
54ctONcxXwKBgQCvykeeFTKrq/gBnlDkdsguFQZ3ZiwF0XxJZ6C7MoMRHh3MNsP5
|
||||||
|
fBiiBcE2J/bO5W6c+b9em2B0SGy9z4Fpk0nbplvMwwsk48MFi1MAG+rNt0wHxwMM
|
||||||
|
tihpw90JME582znuc+MFBzo5LicGkEZWum399Uevb5gOQ1U2Oo4asqojuQKBgCEE
|
||||||
|
KHBI//Q3Em+qduJkbKBEOMX3YgqHEINWLpCsRhidwQNjtwOL5qE9M4v+eea9O43m
|
||||||
|
KB5NrRN5YlGcBNG1DMXQr8MOAT+Or3jWMCXKUO2v0SGzJ4SlHDUC4KlxgRvA/NgK
|
||||||
|
5w5sdz1th1KfUXY09+IFguf0GoHALU4DQjeAm9xdAoGBAM8JgpVlNIny3xANIz0f
|
||||||
|
ZQ+XR+dJWFVJ+Z6WDLpNf96u7VYTLDzW7qrAq5o6UU27RD1hoYwJdVdm0Z+p9ME4
|
||||||
|
wHFTZzr9hgkAQylWie6ibkmMeDMidrVpec/pgqIgfvTC5VHE3dg08U1Y97DU0VSO
|
||||||
|
1NbaCVO1CGRCNAKe5z0qG0Wr
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0011_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0011_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7aLv+sDFYVQgK
|
||||||
|
JmT0MfLb4JDgcPmUaoiv28TznT5+fwCdLiJj4N01Tuwk+leOYgsApRAATa50nJAt
|
||||||
|
vOE8qC25ftF9yCSPVviNstOQ+G0Iet1/B7+d1t44kNJSPH3bybDh0pvbDpUXPeYQ
|
||||||
|
MS8nGTKmrwwCvJ7HXC7p9k6rEUJpYwfR7Mz4GzVEH4NdjgSR35DZQCY8tOh5P0xv
|
||||||
|
oFg23x0Qq7d1bWxTq+xdepWKcreN/kvvtZBWTyAQ2i4QTe45y1DunybwIdloQLz2
|
||||||
|
ponqn9i/OifBJaL6O9jSb8lXiHqqZJgCf/uqF7HCW/rOYuNvKpdeyWDV44uEfuym
|
||||||
|
8daTVKsHAgMBAAECggEAQPW+SDtRd2FN/pqtXpmbqUxvW2S9lgzRYUenvpuwKE+k
|
||||||
|
alct83njo1E+eFjQFZn1X11XrQtAH8qPDVONrSVMaCJFwjgoOAk48YDdZcA+pvRT
|
||||||
|
p28Lo83xTCEizf+Kzq7cIYKLpIQq+Jnrj4xE4GQTEwTVAHPaA5d36YAHZ7N9ViK1
|
||||||
|
Yqr52Lx4lab3/vfTWW7vGsiEt2A9N2C5x2fzRE5jJaitC+E10tks55y0YHPzLByj
|
||||||
|
GKU7rTQarx4h9oIhki0nn3+FUHq1bvbkodjCrSvMakZRK1x8Jgx+y7MqJ/6d4M3j
|
||||||
|
9N9Qj4YsBVrt9GiA9DwClXuLA7uTHE9w1Gp23XgfNQKBgQDxvHdSgRWWVcDGyJQP
|
||||||
|
v3YxrdMMpJDUtuFqksu9+RMvyudxVq4xtNB+5KpdoLHLF2VI8VfbaeBwHsOZo9d/
|
||||||
|
jHexiOz3E4rsMIEFroL3Pg1BviUFcelfcR60zYkp24CQtK1QKORWJ1csuJY/NlMe
|
||||||
|
kCCwiElVdKL72cebBbONZOaZ+wKBgQDGd6IiCxSjpV3eA14DY+gppioxo31aFCBf
|
||||||
|
WGKMl2FnZ0uD1JSfeY+u+6YwhMVfqGS4N+XgTjxe9i/J09dDZMiJ56cITPeYlUOL
|
||||||
|
Kk35PLaiRdKrBvO9ZuGvdrowiTlnl2IE/1FaqV6Ty4m7N+JFRu5fbPHHwr92HWum
|
||||||
|
OBpIZKzRZQKBgQDKmrsnWylMpvK7qMDvsfjOCnIo1oTMw7qKKB67SlbaZ6UzSQMW
|
||||||
|
hgV5VQ21C0n4fdNWH3ETZNnHHwGxc7DaJlDra2ewbaCx9LUuneUGc+uIfmVo+uAu
|
||||||
|
LhEeWGXtvxsyLTxVQvCdhLt7r/m9YTqpEwNS8ecEyI0RqKWzOEQU7cyYoQKBgQCO
|
||||||
|
feQ1RvlZiOf89zPvgTJ1fKy8mOHt45defSm8QQ+Y2wvXqa/PU8q6Wkj2eszuogs2
|
||||||
|
TEPKKMGleGHVKThbVae5g01kY0Y9EaW96/CxqkqB9VmMm2AyMwSEIt0I7ez+GC0y
|
||||||
|
41C4o/OYb0EC3tug241Xi/OHdaZbGkJow8zy/v0pFQKBgFNOB0a21poi6U9T47bz
|
||||||
|
Vms8S1dfrCA1mzNm8uCpcUeGstlNLMzgMd6/HZkVVlLKSyoNIjuC/j2cnhmE27gf
|
||||||
|
RDD0j6X5rr/bfdSgtlI3AvpNagEIgwS14Cgo1j4mRL5CE4N0OuKJxtz9quWgtwoA
|
||||||
|
FPFFvJUY0+gBsfNhpSHa9yhk
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0012_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0012_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQClXniFharBGqAZ
|
||||||
|
gcR9MMEN+IF0QgaUp869vMx29/aIsFj2zOkIy3ZZOl06s/fJ/b7PZ6CNrkh0L3U2
|
||||||
|
qryQXZK50E1V7Z2e5kmNItceqpm59ks6ihyIXGQofAOV1t6N9hZ641LGljzhYbYT
|
||||||
|
3rVBHxh6FQbttHLFOJ7Vu3JOMA16FZTie6gMijuT0fF1Ny4LPZf3wKIPqlKN6ynM
|
||||||
|
SLr/fAYxgPFkAxVtl9pHgjQEKYvXCDhzY0LOR/A5BdkjetmNPTPudeCzKtPtg2tu
|
||||||
|
W6lfmzRoVAB2HhIiClvoFZV3G3keo8yiR0eJqhsg7mUlt4aKH92W0q8ok7Ylcx4S
|
||||||
|
90jCBCG3AgMBAAECggEACWuz1vtx6lVPeJSFcpJT9S1Khqp6QH68zt9SEJb4svnE
|
||||||
|
3651uhwJLnUeOYlmHNo5RAyFv3yFwSSw+z/HxTunb7F3rmT+fT5mQ0WQVr1mS4tF
|
||||||
|
5txWWshUpl/GPoOCozi5OB/6J7kIV9ierEwcLE0Osmm/PsxwW17p4Ygvr1eadPFt
|
||||||
|
P96zJeRxdHihGi6VeCU39xNnxtJYfflW31WjXv9KFhnksHdt6lApkdqGNrgiZnwZ
|
||||||
|
YlfZnTicoADQignj887/gl4xbSW0KFqhiGoYTpHkJEuvZPH54RdGksEw26VpmdbB
|
||||||
|
Ij7XixT9e9oYJue7ihLWC0HV2nbd3ThGzuLDuc42UQKBgQC6xjvSK5BmiO3baVsz
|
||||||
|
sxUCxaewT2qzePInn92iKaHJaY66cc8M79vg8dSmrlNaybWJsKnyQyK3KR/Fui0P
|
||||||
|
DaJ34nH87j4zNOeMw9dc76wyWBpNvxqvMA4BlNyxtqlxP2tLkDambcqIZehWDjIT
|
||||||
|
LVl4/G056RPa1P/NbiHBvmVKUQKBgQDiqTq50/nXuPry2XLi8mPjCO5W1uboHp48
|
||||||
|
CIWnNVKsCmyxLcfxeEcbckO2Uo5KGwlkXi/E974A9x2Lc0kPdu8WDVahriaU2tbH
|
||||||
|
HBduXgYRGfCOkgeMA1tyJogln3IMT8kd4u0Fxb/Jhwsh+4TfIYGTma9Dpw6PKcSr
|
||||||
|
Ygsj5M2hhwKBgQCZRJtKeN1ihvNJnkdtQYP4ZmKZWFJjPNjak2G49RkCw1CQx1v1
|
||||||
|
bc+t5EVxEpTsZ6JFf2e2mkkerOyZwZHATJwKbRTFTmxUcRGifgN5DGTuW0YajrxD
|
||||||
|
DtgvjA0e+JpLiJNvysROBsKw84+ZLsUA37IQinTHlPDqHuhbmAiziJ5uQQKBgFDx
|
||||||
|
dlNea96p5JRNK0X4ocs2KUdBv3wtUvzFXlV0KW3e2yn622hUN7CJgbzehonYVeZN
|
||||||
|
7Gk+v8/AcACYzwKCyqbpZIKgmo6WCBVa5tM3KJt60/lWFPPfTwzYzc4Bvsy+wWe2
|
||||||
|
3kYtdGwXmdYs6Cp24LtBKuHSCtT9aYp6nNfYocaJAoGANYboo+RaogT7XxG2fln9
|
||||||
|
532iQb1934SBFwkPJMCa2jtmLKi8XoOzj9BF4RNGH6HmKK9I9p30jFvqXnaAzVwc
|
||||||
|
Fyrxfs6MX/iWznQQFhzS8ZlOdtjtEIBqGcLGYU4j1ERQjcJ11LAdqMi3F7RjRtfR
|
||||||
|
eQxnnj5g2cA3MWmRjIygDqI=
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0013_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0013_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCkCxhu+rhaKprG
|
||||||
|
2Ya85kyYsiv+CMJ05b0mW5Iwi9VgrJH8KEwQYF9TrAWdPfJGRU/wF3kgxdeNMNBc
|
||||||
|
SzAG6Wz0f0wAxUyssK16aiQZDej4v4Rc8vBOPZS3qg1gArrBe3yTVzrUv38ckdML
|
||||||
|
o8GmXUoEKYdlB7qoKOmQIWoNd0WETGheMRPd3uBHE0vG/+Mcxm3Y6u4p6K1RcoNf
|
||||||
|
+KfsczpWVrwsfarmS4e2ccPscpOB07AHdkMjRS0Nw01TuKZfpQB2DQo/IFlvVQP9
|
||||||
|
Fkrl+fnZpiFSzT49DSqxD1DX9AEIqPB+ufYd1zqlT+7rOciW98hiJ1daeDVMVqa3
|
||||||
|
kiXoPTGpAgMBAAECggEAAUrOFTe34ovx3q2hfFTzFwPWSWC/yWRy5j2z69p6IpIR
|
||||||
|
b1NQ8BMWRSY2gBvYD/olTE6fB2VPkp7nEUcNWIyXrWBgVKQ5O6YDo9J4uNLNekIl
|
||||||
|
9IZ8Yp1lEcJO6ynyVypWG6IFBl6AzZSPfUi7sogLGHfMR301WPRDjL1apMMDAu0E
|
||||||
|
7arDKzEk0vyQ0NUTPRNf9Vx3GGnJHWBhpgAuuzFklR1PlCSqRFBoZya/jvb8H7qw
|
||||||
|
qgH0dSzryfSHMeyDmuq/qmZvJ8WEIJXli4eKw61nU4CIe18Q4Q2r/TtRDe+JO0nj
|
||||||
|
7Ljpt+4L4qVW4W3fd+wJ3yRrYGiLJXhwftMf63XZIQKBgQDHwc0t70BZkLs1mHwY
|
||||||
|
3x+SnZzQ05q3pHToOGsGdl96y2edf2A0aN9cH95d/TUj7FwhbunRQfXMRtgUvE5h
|
||||||
|
u/FreyWwhgjCgQgOzqGPxRAkJUUCSfP0TLqvWNCM6y02f7MAn94tooIeUitI1VdK
|
||||||
|
zN5h01D3O8lkkf/RPKbl6jkt8QKBgQDSOxo3hxKOFfr1YUXksiDTrSX4NMR2Rvbm
|
||||||
|
NyIoJ8o4iOEjqGhDDWPhbJk+p3B3yKKguLjX969ZZm+r6IMsAOBLZDrBYnmzZM4S
|
||||||
|
GnQW4dpWL22mdUy0nlolmso2+ANUekWLZfGB5XG3MW+DnMNs6Dh+4/wtYI0RbwvZ
|
||||||
|
MTh8kmZnOQKBgFf70qXC1bMdfnfS3AYQcNWhOmr4aRMuCpgmEW3dQZzSbqb+bZ9n
|
||||||
|
+cmX99eqKXfTKZlIQxB6XwtEwPQRJO0DXQicSzN/NeiF8Mik1qB+ieeByu2BKUSX
|
||||||
|
bzrAgcsv4tA4Wt2RjMjI5Ur5ojsITNSTe/fWnbjnyoLTk7vTXSezjM/hAoGBALG0
|
||||||
|
7/ZcIR0mC1r8fL5SrFkCFgR3ZlKsrevwUtkquU+MtPMVWfzEBtf4mplRpEo8uOuu
|
||||||
|
+eDlJ74kTuU7yBWcL/zKnrf1a/ZukZrP7a2iAJO1x7RblxleeckrzR8mCnqQWNT6
|
||||||
|
uWkZ8EPwb9kK3E7lBUyNnw8kfFpuSc+wQZVbk2BRAoGBAKKhEHsNmHEtm0UdFTk9
|
||||||
|
fFMW0WASKGfajSzPofATB2q5xNpQaSvhXMaCzMj2s1bCgoiqSdg1dGLRFlV9LvOO
|
||||||
|
wBk3CtuYaR6CLO1a2paJStnCCrEYsFi5MSdbr1srOOExbi+EeIMVAzeGmJcwJJs+
|
||||||
|
lYfe+7OnreQ+z63HkNr7j8y8
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0014_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0014_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCpYp9PKtqleEqV
|
||||||
|
D5g94WRCmEdhdpRphXxk+9050EmLVLLlMl9pE++ey4ojBUKFJelTMzJO+wShxBrI
|
||||||
|
LHXDdSzzKB4lzIDtZSRWROyXpRL3YACj7mOSgmnWwuSNZTq4DmFx2YKC5gtQYzQb
|
||||||
|
Ypq/hg4ZvT0qsvWKBacng8DRKG1mWjUD67UlDBGFb2ot9+QPzcDv5ZhcsNc5ow8u
|
||||||
|
nqz3tG4Osw3j7GdQRgn3QckyGFdd2CfvH7l+YUrGCETWMCcxhFBfCRJjvdbd1/0U
|
||||||
|
FXcdrfe637VHmzvNHDDlBo85rM3EHKa/Shx4GJ4Ti+vjy59o8ljD8wCkCuEMitzv
|
||||||
|
+ZIY1x9NAgMBAAECggEACpjE5qsDqr5vzAuBtr1XDGOCc7J7bm6PbbHkES3arADM
|
||||||
|
gFI6bdR1dTW+mppFoxbQFghp6U8C5yvhkQxXAbde7Idh+3NjzXY6Y7tEIeiN2zQC
|
||||||
|
Vj8fs5a9EFZ4/e+LUOB1cC3vYEkMBCdwpxXwIHM+hpW0MeuoOM5JussfUPZ6gaCh
|
||||||
|
CYnAq/G1lRII8hYSoXCSiZlY+L6uLRZm1A5xJR2xdRiLo9MKHtIcLTinkMPCQtJ3
|
||||||
|
xbdyxcqhVxuzkfclUpvM99syFm3s2ShWLjnZ1I4sn/7isctRWu0NmHjuqrpH06kr
|
||||||
|
iY7b8BD8On9qRpyweFg2oF+wnANl3Xod+CN6djRF8QKBgQDThX/mxdmiMeG/0K86
|
||||||
|
NB1UUfAt9BAnf7DJI0JRv+/gqJnbjgqVNKebCwcLj7RvXx/PmDu8EhqJUfxtwh+K
|
||||||
|
hQOSP5J6H3CtxmFpmrQA7e3qQSSARCjAG0jp6vMSzfJCFjG1kzK9FACeBEjQI/mR
|
||||||
|
lfSNG+s0128oJqXaAgwczwty2wKBgQDNAN6OVA8fuvnvCi0lRKLwWkgslprCePlF
|
||||||
|
pCHWn/0WF0zZpiLiubM5xDdx3p+opUMMJvxve+xl7xxoFSTi/touiNmgaEP28qzQ
|
||||||
|
gR8F5VKV9OQ/teWsgbjFQhkIzhLMvpbTB/oOyW/lXjUS4Zoqe0jJXzTwyBy6l3jm
|
||||||
|
0N2PqEhK9wKBgQCo5vVW5a3/Yi2N6anCpFK3Pia3yygLIl+cfVc7yDRYBMm3FBlH
|
||||||
|
Q6CCoa+if8HpHOBd+IXai+o8tQcI7fYZulU7tx/T/L8RRFQM68fI5jUQ1au78LFJ
|
||||||
|
lYAHqeEnpuRH+UkAYOYnLY3AoFM0QUXMBx4cf6q1q0HLofDVwMTDTGEr+QKBgFkw
|
||||||
|
tKNVvRLABXdThRq+xuktTlNf3ssXWNRMuZAoITNYRc43stvTkT9jt/+prOrxo78I
|
||||||
|
wzE5yDr9Ee3SrS65VHGEhrJ8Sn2JTViVpMqq4Ahv+FIjsF4iPiJMRJoJFjLQBMyh
|
||||||
|
ntCKIU24c/zX/HvZEWzTKDRNy/n+ZtJ9MrgKrhE3AoGAC9w0FYUKGtOvswOCLMD7
|
||||||
|
YxLsUgIneZWqpht4/Dvlfvrg2D2VIIjKmzYqEeckvI6PCG3xt8lHRmJt/W8B3cN+
|
||||||
|
6DGlkBH4iQmQoy4FIHfakDV/bg6BPRFdrkJKKq6aP4GXft0m02rxePd83L42ENXB
|
||||||
|
MQAMMbKS/rjchEGpDFeSjHQ=
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0015_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0015_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD9RawCveJ3rlbv
|
||||||
|
kJr47iVy+2+7qawoQ/v7QjAtWdT4/XjR1CmKZuYh1Pyv+0Qayu1IMcsgpIC/3qdt
|
||||||
|
lbKj8BRDzZzKL2+btkPo7O7CMZZMPa4WnUX3AQUa2kdbrnRV4vVoiNhZLY9y14Cy
|
||||||
|
gBgrTlrNJSxxnaFBGOqAc7zDU13BuSpJVV3Abl9/FxrArW6dSvLJTz9gOUpaq7t9
|
||||||
|
3eTPU9etQ95wU3/ol8b6uFehyBQaJmD0vIace4kN0v5oOYpOg1RMpa0xGiihcYak
|
||||||
|
++I5MHH1M9YSSShM/2h5eY7ZjnJYpevQYCKF3oipMPkgIVDhHNjUGWOwIpn1wq3H
|
||||||
|
zwYT1LnvAgMBAAECggEALfOenk66UJGKh2OaonB+zepNnuRNbm7LQI6FNC04xUYj
|
||||||
|
zhoqwUgjF99PS1SQyjWoMHGMU6tVCrrIcMr4wuKzooujF1Hc84jxsEiQlx4tET8d
|
||||||
|
n0/AmmyOcw1IZht0UwLfGKy/aAqqnKD54ij4eZ75PYAxnJmHYMq2/UBCbsPo3lUw
|
||||||
|
LzvoHwiOx54cwOUDm2PBzZeo83VPQZpzfUvDoqexkDNHRVF0g8MVMoPqntT4sF6t
|
||||||
|
K5W8/HPObUoVqRapJ/xcivNUcF+hEORzV1ALXPicUYzzidAip4mMnGNe9z9+pIUx
|
||||||
|
xt8JXzh+s3x78QkaugioeUkAwH3hWQ+2yenvVjqZqQKBgQD9kNrAcamK6GJElIK+
|
||||||
|
pyosVXpgn252IoN6Ae/O/Qyowbj9h256/X8MkYO2FpKY9OJB2nfo+MV9isVopvyu
|
||||||
|
Iww/w1ZY+bdyCGmOhvDRVicTFISEp0kNXCsTndD9zGNzl1PYYbL/xvD0yajoqow1
|
||||||
|
jZbXgFTSpE5vR5M18aU5PrES2QKBgQD/tBh+3aiDErhnDp9CqCDmdbHUV0Tot7S/
|
||||||
|
GCfO3ygUK+5Ffq7rHvh0tMXQc6zEMxdT8R2lM/9bRFjodTLHYS597cKGyROEaU9b
|
||||||
|
YrRGjK5hJUXfvCc5vwQPUXLHDm2kmUzb+x6BogFwx67qloWkiFwsMbrQEyVkLU6H
|
||||||
|
Lz+uBRkmBwKBgQCQnwTVTD659m7N1LJ5kRhxrtMctvImuOqqNN6U/SkyO0OKfqsZ
|
||||||
|
xOmovnoT6e31BX7itns7yl/BidusI8nsfBrpZz0hhFQH2xpxay+BBhVFQaePjWYS
|
||||||
|
E6aSCqn/h4qVjBMLUDXqwon94+LNyTAs/zOweAZpGcOOnpEs7EUjUEloiQKBgQDz
|
||||||
|
L9wwJC2U4yP/15c99Nq9c+f5tDn0PmsnZxjNFc1vScylyXMgaGcRz69mrez8+D5S
|
||||||
|
djmkmcxdh6YrBvORTerCl3JvcCMgxmtT1Y7wnfFmsOVAgRipQfLhgqvvhtheN/Iy
|
||||||
|
MSV1UpeeJDtGHnvh3FIVMgKiy+K+4JwT06rznSOq1wKBgDkxVCMIBufVdh1D6mLr
|
||||||
|
QCVdUVXhkrM9BFRM0N9kFKDhcUKKaa3VVhn3Qgu5+VqVwv0XH34/43fx0ZUx4wG1
|
||||||
|
A3lhmDjvUNG5cse3tuLHD3by9Q8Wt5TFqi9P5AfBTtQK45qw6NI7dB1CpxLb2PD6
|
||||||
|
CYLttG4ycWOeuJaXHBKJOeUe
|
||||||
|
-----END PRIVATE KEY-----
|
28
root/etc/letsencrypt/keys/0016_key-certbot.pem
Normal file
28
root/etc/letsencrypt/keys/0016_key-certbot.pem
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/YFmBVNmtid7+
|
||||||
|
IrqwZLno7NLtkFM3B0xzHglRqD8NKerQnRE9oNtRbzMi/4+DYIQwQ0q/2ut5qGqG
|
||||||
|
Kxv8nh60hT31NV0OqEHP7esL6cBzKOu42KxOdaZ6v6xE0zi3eyqJpMwuxfLcx4kb
|
||||||
|
iKsr/OxyYY/Sh+mbaia7JHmqym7Kmh+l86fDsVweHrW5kwTB8qUtAV62s3Zx2VIA
|
||||||
|
QL2VQAO6hl5oaB/Qlv7Y4hbF/GvW3jDEqn3j0j386GWMEJAJpb55sMWHPKcb18DA
|
||||||
|
JmVxMn1pxySeoGhzTjstAM5f+NdET4MLsfbwIzpXnVMXVf1MU3Lym5Alr630XsLY
|
||||||
|
O3ajhMhjAgMBAAECggEAAJcjcL0s2LRNQCJ4qBmNVWuTMyfQfc5Tw5MAf5sPpNmQ
|
||||||
|
9g7b3wiyZW/J+7VH5j7ebeQ7awVQ0aLJOA2Gy3CZprtnTn/IQKG/slN0fBI71ENZ
|
||||||
|
ulmIVulHAP17subndyHNvyZ0SO7A9eubpc071wIYGXOBrFrhSeGcv/nMlkWQkVz+
|
||||||
|
vVKQGKeRTXyp5gJdlImJyUupK8fTPFzlQJTx9GpBYWvKMrvnUf3ZhtuAN2ZZOLz6
|
||||||
|
RCQ6vMBgBy37JCSWDNTsHEcQQ6qfJ1OCqxexRz3Jg8/s/e6XCwLW9SOLWBKI/mSI
|
||||||
|
jRXT4g+eDfetsl9wQB+70f9ERT0oE6YJ+bs7qtC27QKBgQD8sfdsC+agWyd7lLCJ
|
||||||
|
wc1gLlg1bU9Z4w141oyBJnOw0tBLh2I8Wu37aUfyufg6H1h8s+XKgGFKYaX2jPnX
|
||||||
|
/QIUZEXkJRQxT31jjFi32ymnatiubc8YZ7wT8T60yCa3jJo/cu9eMERRNB5dVr04
|
||||||
|
InxymssADTHXgHUBSC56j21gDwKBgQDB4RXWlcipzE+0IApHcGqd2xiKmQFQ1g+o
|
||||||
|
zwTvNBJdmfqrdXhYEsz6UL5lYKJn8GrBvlw1XeuKaP3vNq/b489hTPUokgaq6LwG
|
||||||
|
vpflklIHwS0+91Yue5353YW5sx5vz4Rpz0A7iTlkjLm9okbuz9VNq/XFWnAAY+8G
|
||||||
|
XBt5xRz+bQKBgBwO8sc3hxM1K+wn9XZGY7STUM4V5iK3+G37fLx2dZAjyGcqkDjd
|
||||||
|
a+FnrkqAZdSmWF/4ZcKXgLYOo6v9uVxHRqzW+X+8skJLbkPYeJ1po3VogsjTfpRa
|
||||||
|
KGMafXj7ZHkrDpGPBI8z0tIldF2u3PHXunPLRlEqJeek5tkOl8KaHG33AoGAJGk1
|
||||||
|
RLuUl+76+QUbaRc/rq27Cix6Bshs4HMgphvNZy7H2POSyledj1UirL9dQM/x/LjX
|
||||||
|
cF5XIgNdzVMj69P42nktgZULE4Xp6gpZVJAKP9KTwMOKt+gXXxmvR5TQHoeGgqid
|
||||||
|
k5DN6ohTSb30PF1j3dZxrcKyTiB2f2dE8bWHIHECgYEAlTNL6rWMTrniy35bYsxM
|
||||||
|
2BG932Wy1VQBt6E1pPRa2liRo6ZyGBgMKmXjvu6TiapNq97JRBTQSneVkWxPWg4i
|
||||||
|
d3dkTpiVQNnou+H9HtxevsuO/JK+Zsu7ECpaKzL5VRYnN7CUa9UhbsJfnkRi9rC5
|
||||||
|
ZxB2ZawNg8sEmTw8zA7ZQvw=
|
||||||
|
-----END PRIVATE KEY-----
|
30
root/etc/letsencrypt/live/medusa.jcolebrand.info/chain.pem-0
Normal file
30
root/etc/letsencrypt/live/medusa.jcolebrand.info/chain.pem-0
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
31
root/etc/letsencrypt/live/medusa.jcolebrand.info/chain.pem-1
Normal file
31
root/etc/letsencrypt/live/medusa.jcolebrand.info/chain.pem-1
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,33 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFnjCCBIagAwIBAgISA+4kMlyxNplZdw9rUGQY9ioXMA0GCSqGSIb3DQEBCwUA
|
||||||
|
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
|
||||||
|
EwJSMzAeFw0yMzAyMTEwNzU0MTBaFw0yMzA1MTIwNzU0MDlaMCExHzAdBgNVBAMT
|
||||||
|
Fm1lZHVzYS5qY29sZWJyYW5kLmluZm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
||||||
|
ggEKAoIBAQC/YFmBVNmtid7+IrqwZLno7NLtkFM3B0xzHglRqD8NKerQnRE9oNtR
|
||||||
|
bzMi/4+DYIQwQ0q/2ut5qGqGKxv8nh60hT31NV0OqEHP7esL6cBzKOu42KxOdaZ6
|
||||||
|
v6xE0zi3eyqJpMwuxfLcx4kbiKsr/OxyYY/Sh+mbaia7JHmqym7Kmh+l86fDsVwe
|
||||||
|
HrW5kwTB8qUtAV62s3Zx2VIAQL2VQAO6hl5oaB/Qlv7Y4hbF/GvW3jDEqn3j0j38
|
||||||
|
6GWMEJAJpb55sMWHPKcb18DAJmVxMn1pxySeoGhzTjstAM5f+NdET4MLsfbwIzpX
|
||||||
|
nVMXVf1MU3Lym5Alr630XsLYO3ajhMhjAgMBAAGjggK9MIICuTAOBgNVHQ8BAf8E
|
||||||
|
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
|
||||||
|
MAAwHQYDVR0OBBYEFJdbL/wx73dsBWfXvjxIK9E2VfVEMB8GA1UdIwQYMBaAFBQu
|
||||||
|
sxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYV
|
||||||
|
aHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5s
|
||||||
|
ZW5jci5vcmcvMIGMBgNVHREEgYQwgYGCE2FwaS5qY29sZWJyYW5kLmluZm+CD2pj
|
||||||
|
b2xlYnJhbmQuaW5mb4IWbWVkdXNhLmpjb2xlYnJhbmQuaW5mb4IVdmlkZW8uamNv
|
||||||
|
bGVicmFuZC5pbmZvghV3YXRjaC5qY29sZWJyYW5kLmluZm+CE3d3dy5qY29sZWJy
|
||||||
|
YW5kLmluZm8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAm
|
||||||
|
BggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEE
|
||||||
|
AdZ5AgQCBIH1BIHyAPAAdgC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20
|
||||||
|
mQAAAYY/rpKNAAAEAwBHMEUCIQDfMECO/mgG0b4hh0dywELto7fHs6Wi+4cio1IQ
|
||||||
|
27LzvgIgZqQ2vxMVLFy+WkWkXsHLBBTeDszqRIv6favGmukKKSAAdgB6MoxU2Lct
|
||||||
|
tiDqOOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYY/rpKgAAAEAwBHMEUCIQDyLKeU
|
||||||
|
urcHgdVVGM3p9f55HlGInbFqVN8xVJ8Ogzyu/QIgYym3mcplpjd+5pafp/1a1kwv
|
||||||
|
rPa2Rec89yiodZf8G7MwDQYJKoZIhvcNAQELBQADggEBAFuxhfJYMBR+0pJSjG9L
|
||||||
|
2QQUWw4paFj2Y21Zxnfy5CeS2CJeOelNAqpGfl7E5FRpkrZaiJG0jXpP5oLigFnA
|
||||||
|
C/Y3Rs2wQ+SzuPErzTO3QynSbbjWOgbKxS5oipeIoNXF8ZBSnTctaMNTK90Edqnh
|
||||||
|
0Is8I5x1v9V7XdsADQp8btEKuF2bqr1PdE6KNQyDncm0P3Kbnvi2QNgZgEjQF2e9
|
||||||
|
VNgUmIaNTsOUiPudeMW9o3FecyEFLd0Rmj1GdHYi5mjdnf/D4/xHrfl1QQtEjqje
|
||||||
|
fbsfu2iYxF7xfqSAWs3nbuDxdxh6IVjImJkTIaY+5nnzDcfwhbpBRhcDv51IUyKM
|
||||||
|
DU8=
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,30 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
|
||||||
|
WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||||
|
RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||||
|
AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
|
||||||
|
R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
|
||||||
|
sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
|
||||||
|
NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
|
||||||
|
Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
|
||||||
|
/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
|
||||||
|
AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
|
||||||
|
Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
|
||||||
|
FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
|
||||||
|
AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
|
||||||
|
Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
|
||||||
|
gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
|
||||||
|
PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
|
||||||
|
ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
|
||||||
|
CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
|
||||||
|
lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
|
||||||
|
avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
|
||||||
|
yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
|
||||||
|
yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
|
||||||
|
hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
|
||||||
|
HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
|
||||||
|
MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
|
||||||
|
nLRbwHOoq7hHwg==
|
||||||
|
-----END CERTIFICATE-----
|
@ -0,0 +1,31 @@
|
|||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
|
||||||
|
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
|
||||||
|
DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
|
||||||
|
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||||
|
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
|
||||||
|
AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
|
||||||
|
ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
|
||||||
|
wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
|
||||||
|
LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
|
||||||
|
4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
|
||||||
|
bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
|
||||||
|
sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
|
||||||
|
Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
|
||||||
|
FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
|
||||||
|
SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
|
||||||
|
PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
|
||||||
|
TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
|
||||||
|
SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
|
||||||
|
c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
|
||||||
|
+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
|
||||||
|
ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
|
||||||
|
b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
|
||||||
|
U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
|
||||||
|
5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
|
||||||
|
9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
|
||||||
|
WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
|
||||||
|
he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
|
||||||
|
Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
|
||||||
|
-----END CERTIFICATE-----
|
14
root/etc/letsencrypt/options-ssl-nginx.conf
Normal file
14
root/etc/letsencrypt/options-ssl-nginx.conf
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
# This file contains important security parameters. If you modify this file
|
||||||
|
# manually, Certbot will be unable to automatically provide future security
|
||||||
|
# updates. Instead, Certbot will print and log an error message with a path to
|
||||||
|
# the up-to-date file that you will need to refer to when manually updating
|
||||||
|
# this file. Contents are based on https://ssl-config.mozilla.org
|
||||||
|
|
||||||
|
ssl_session_cache shared:le_nginx_SSL:10m;
|
||||||
|
ssl_session_timeout 1440m;
|
||||||
|
ssl_session_tickets off;
|
||||||
|
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_prefer_server_ciphers off;
|
||||||
|
|
||||||
|
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
|
8
root/etc/letsencrypt/ssl-dhparams.pem
Normal file
8
root/etc/letsencrypt/ssl-dhparams.pem
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIIBCAKCAQEA//////////+t+FRYortKmq/cViAnPTzx2LnFg84tNpWp4TZBFGQz
|
||||||
|
+8yTnc4kmz75fS/jY2MMddj2gbICrsRhetPfHtXV/WVhJDP1H18GbtCFY2VVPe0a
|
||||||
|
87VXE15/V8k1mE8McODmi3fipona8+/och3xWKE2rec1MKzKT0g6eXq8CrGCsyT7
|
||||||
|
YdEIqUuyyOP7uWrat2DX9GgdT0Kj3jlN9K5W7edjcrsZCwenyO4KbXCeAvzhzffi
|
||||||
|
7MA0BM0oNC9hkXL+nOmFg/+OTxIy7vKBg8P+OxtMb61zO7X8vC7CIAXFjvGDfRaD
|
||||||
|
ssbzSibBsu/6iGtCOGEoXJf//////////wIBAg==
|
||||||
|
-----END DH PARAMETERS-----
|
16
root/etc/logrotate.d/libvirtd.qemu
Normal file
16
root/etc/logrotate.d/libvirtd.qemu
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
/var/log/libvirt/qemu/*.log {
|
||||||
|
# The QEMU driver is configured to use virtlogd by
|
||||||
|
# default, which will perform log rollover.
|
||||||
|
# This logrotate config is still installed for cases
|
||||||
|
# where the user has switched off virtlogd.
|
||||||
|
#
|
||||||
|
# If virtlogd is active, ensure that size here is
|
||||||
|
# larger than 'max_size' in the virtlogd config
|
||||||
|
# so that logrotate becomes a no-op
|
||||||
|
size 2097153
|
||||||
|
missingok
|
||||||
|
rotate 4
|
||||||
|
compress
|
||||||
|
delaycompress
|
||||||
|
copytruncate
|
||||||
|
}
|
11
root/etc/logrotate.d/tomcat.disabled
Normal file
11
root/etc/logrotate.d/tomcat.disabled
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
# This is an example config only and is disabled by default
|
||||||
|
# If you wish to use it, you'll need to update /etc/tomcat/logging.properties
|
||||||
|
# to prevent catalina*.log from being rotated by Tomcat
|
||||||
|
/var/log/tomcat/catalina*.log {
|
||||||
|
copytruncate
|
||||||
|
weekly
|
||||||
|
rotate 52
|
||||||
|
compress
|
||||||
|
missingok
|
||||||
|
create 0644 tomcat tomcat
|
||||||
|
}
|
71
root/etc/named.conf
Normal file
71
root/etc/named.conf
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
//
|
||||||
|
// named.conf
|
||||||
|
//
|
||||||
|
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
|
||||||
|
// server as a caching only nameserver (as a localhost DNS resolver only).
|
||||||
|
//
|
||||||
|
// See /usr/share/doc/bind*/sample/ for example named configuration files.
|
||||||
|
//
|
||||||
|
|
||||||
|
options {
|
||||||
|
listen-on port 53 { 127.0.0.1; 192.168.50.2; };
|
||||||
|
listen-on-v6 port 53 { ::1; };
|
||||||
|
directory "/var/named";
|
||||||
|
dump-file "/var/named/data/cache_dump.db";
|
||||||
|
statistics-file "/var/named/data/named_stats.txt";
|
||||||
|
memstatistics-file "/var/named/data/named_mem_stats.txt";
|
||||||
|
secroots-file "/var/named/data/named.secroots";
|
||||||
|
recursing-file "/var/named/data/named.recursing";
|
||||||
|
allow-query { localhost; 192.168.50.0/24; };
|
||||||
|
|
||||||
|
/*
|
||||||
|
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
|
||||||
|
- If you are building a RECURSIVE (caching) DNS server, you need to enable
|
||||||
|
recursion.
|
||||||
|
- If your recursive DNS server has a public IP address, you MUST enable access
|
||||||
|
control to limit queries to your legitimate users. Failing to do so will
|
||||||
|
cause your server to become part of large scale DNS amplification
|
||||||
|
attacks. Implementing BCP38 within your network would greatly
|
||||||
|
reduce such attack surface
|
||||||
|
*/
|
||||||
|
recursion yes;
|
||||||
|
|
||||||
|
dnssec-validation yes;
|
||||||
|
|
||||||
|
managed-keys-directory "/var/named/dynamic";
|
||||||
|
geoip-directory "/usr/share/GeoIP";
|
||||||
|
|
||||||
|
pid-file "/run/named/named.pid";
|
||||||
|
session-keyfile "/run/named/session.key";
|
||||||
|
|
||||||
|
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
|
||||||
|
include "/etc/crypto-policies/back-ends/bind.config";
|
||||||
|
};
|
||||||
|
|
||||||
|
logging {
|
||||||
|
channel default_debug {
|
||||||
|
file "data/named.run";
|
||||||
|
severity dynamic;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "." IN {
|
||||||
|
type hint;
|
||||||
|
file "named.ca";
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "jcolebrand.info" IN {
|
||||||
|
type master;
|
||||||
|
file "forward.jcolebrand.info";
|
||||||
|
allow-update { none; };
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "50.168.192.in-addr.arpa" IN {
|
||||||
|
type master;
|
||||||
|
file "reverse.jcolebrand.info";
|
||||||
|
allow-update { none; };
|
||||||
|
};
|
||||||
|
|
||||||
|
include "/etc/named.rfc1912.zones";
|
||||||
|
include "/etc/named.root.key";
|
||||||
|
|
71
root/etc/named.conf.bak
Normal file
71
root/etc/named.conf.bak
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
//
|
||||||
|
// named.conf
|
||||||
|
//
|
||||||
|
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
|
||||||
|
// server as a caching only nameserver (as a localhost DNS resolver only).
|
||||||
|
//
|
||||||
|
// See /usr/share/doc/bind*/sample/ for example named configuration files.
|
||||||
|
//
|
||||||
|
|
||||||
|
options {
|
||||||
|
listen-on port 53 { 127.0.0.1; 192.168.50.2; };
|
||||||
|
listen-on-v6 port 53 { ::1; };
|
||||||
|
directory "/var/named";
|
||||||
|
dump-file "/var/named/data/cache_dump.db";
|
||||||
|
statistics-file "/var/named/data/named_stats.txt";
|
||||||
|
memstatistics-file "/var/named/data/named_mem_stats.txt";
|
||||||
|
secroots-file "/var/named/data/named.secroots";
|
||||||
|
recursing-file "/var/named/data/named.recursing";
|
||||||
|
allow-query { localhost; 192.168.50.0/24; };
|
||||||
|
|
||||||
|
/*
|
||||||
|
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
|
||||||
|
- If you are building a RECURSIVE (caching) DNS server, you need to enable
|
||||||
|
recursion.
|
||||||
|
- If your recursive DNS server has a public IP address, you MUST enable access
|
||||||
|
control to limit queries to your legitimate users. Failing to do so will
|
||||||
|
cause your server to become part of large scale DNS amplification
|
||||||
|
attacks. Implementing BCP38 within your network would greatly
|
||||||
|
reduce such attack surface
|
||||||
|
*/
|
||||||
|
recursion yes;
|
||||||
|
|
||||||
|
dnssec-validation yes;
|
||||||
|
|
||||||
|
managed-keys-directory "/var/named/dynamic";
|
||||||
|
geoip-directory "/usr/share/GeoIP";
|
||||||
|
|
||||||
|
pid-file "/run/named/named.pid";
|
||||||
|
session-keyfile "/run/named/session.key";
|
||||||
|
|
||||||
|
/* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
|
||||||
|
include "/etc/crypto-policies/back-ends/bind.config";
|
||||||
|
};
|
||||||
|
|
||||||
|
logging {
|
||||||
|
channel default_debug {
|
||||||
|
file "data/named.run";
|
||||||
|
severity dynamic;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "." IN {
|
||||||
|
type hint;
|
||||||
|
file "named.ca";
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "jcolebrand.info" IN {
|
||||||
|
type master;
|
||||||
|
file "forward.jcolebrand.info";
|
||||||
|
allow-update { none; };
|
||||||
|
};
|
||||||
|
|
||||||
|
zone "50.168.192.in-addr.arpa" IN {
|
||||||
|
type master;
|
||||||
|
file "reverse.jcolebrand.info";
|
||||||
|
allow-update { none; };
|
||||||
|
};
|
||||||
|
|
||||||
|
include "/etc/named.rfc1912.zones";
|
||||||
|
include "/etc/named.root.key";
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user