Progress so far

2020-11-01 15:28:32 +01:00 · 2020-11-01 15:28:32 +01:00 · 3e8fd15544
commit 3e8fd15544
parent 3239986905
36 changed files with 159 additions and 232 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+software-configs/murmur-redxen-config/murmur.ini
+software-configs/haproxy-redxen-config/cert.pem
--- a/lxc-configs/haproxy-redxen-lxc/APKBUILD
+++ b/lxc-configs/haproxy-redxen-lxc/APKBUILD
@ -1,22 +0,0 @@
-# Contributor: Alex Denes <caskd@redxen.eu>
-# Maintainer: Alex Denes <caskd@redxen.eu>
-pkgname=haproxy-redxen-lxc
-pkgver=1
-pkgrel=0
-pkgdesc="HAProxy LXC configuration files"
-url="https://git.redxen.eu/RedXen"
-arch="noarch"
-license="none"
-depends="lxc"
-options="!check"
-install="$pkgname.post-install $pkgname.post-deinstall"
-source="
-	config
-"
-
-package() {
-	install -dm755 "$pkgdir"/containers/haproxy
-	install -Dm644 config "$pkgdir"/var/lib/lxc/haproxy/config
-}
-
-sha512sums="9f4137aca385dbb62370babfa9a50ca82cd4a27453a6939d3f5236150ef8d18f09817ff008ddd21afc247cb0337b3e5415b499f0a384df286de03e3fd5d51725  config"
--- a/lxc-configs/haproxy-redxen-lxc/config
+++ b/lxc-configs/haproxy-redxen-lxc/config
@ -1,13 +0,0 @@
-lxc.net.0.type = none
-lxc.rootfs.path = dir:/containers/haproxy
-lxc.init.cmd = /usr/sbin/haproxy -Wf /etc/haproxy/main.cfg -p /run/haproxy.pid
-lxc.signal.halt = SIGTERM
-lxc.signal.reboot = SIGTERM
-lxc.tty.max = 1
-lxc.pty.max = 1
-lxc.cap.drop = sys_module mac_admin mac_override sys_time
-lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
-lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
-lxc.mount.entry = tmpfs run tmpfs defaults,create=dir 0 0
-lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
-lxc.mount.entry = /sys/kernel/security sys/kernel/security none ro,bind,optional 0 0
--- a/lxc-configs/haproxy-redxen-lxc/haproxy-redxen-lxc.post-deinstall
+++ b/lxc-configs/haproxy-redxen-lxc/haproxy-redxen-lxc.post-deinstall
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/bin/rm /containers/haproxy -rf
--- a/lxc-configs/haproxy-redxen-lxc/haproxy-redxen-lxc.post-install
+++ b/lxc-configs/haproxy-redxen-lxc/haproxy-redxen-lxc.post-install
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/sbin/apk --allow-untrusted -p /containers/haproxy -X http://dl-cdn.alpinelinux.org/alpine/edge/main -X http://dl-cdn.alpinelinux.org/alpine/edge/community -X https://redxen.eu/pub/alpine/software-configs add --initdb haproxy-redxen-config
--- a/lxc-configs/hitch-redxen-lxc/APKBUILD
+++ b/lxc-configs/hitch-redxen-lxc/APKBUILD
@ -1,22 +0,0 @@
-# Contributor: Alex Denes <caskd@redxen.eu>
-# Maintainer: Alex Denes <caskd@redxen.eu>
-pkgname=hitch-redxen-lxc
-pkgver=1
-pkgrel=0
-pkgdesc="Hitch LXC configuration files"
-url="https://git.redxen.eu/RedXen"
-arch="noarch"
-license="none"
-depends="lxc"
-options="!check"
-install="$pkgname.post-install $pkgname.post-deinstall"
-source="
-	config
-"
-
-package() {
-	install -dm755 "$pkgdir"/containers/hitch
-	install -Dm644 config "$pkgdir"/var/lib/lxc/hitch/config
-}
-
-sha512sums="3ffa1ad21c273a248a8d7884b32216bf4fe565d27fac9a5787a9ce14adfa04739cd2cd41871d3a79923d76a358a377ea1d71284f807434e5a5dfa0d46204ae82  config"
--- a/lxc-configs/hitch-redxen-lxc/config
+++ b/lxc-configs/hitch-redxen-lxc/config
@ -1,12 +0,0 @@
-lxc.net.0.type = none
-lxc.rootfs.path = dir:/containers/hitch
-lxc.init.cmd = /usr/sbin/hitch --config=/etc/hitch/main.conf
-lxc.signal.halt = SIGTERM
-lxc.signal.reboot = SIGTERM
-lxc.tty.max = 1
-lxc.pty.max = 1
-lxc.cap.drop = sys_module mac_admin mac_override sys_time
-lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
-lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
-lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
-lxc.mount.entry = /sys/kernel/security sys/kernel/security none ro,bind,optional 0 0
--- a/lxc-configs/hitch-redxen-lxc/hitch-redxen-lxc.post-deinstall
+++ b/lxc-configs/hitch-redxen-lxc/hitch-redxen-lxc.post-deinstall
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/bin/rm /containers/hitch -rf
--- a/lxc-configs/hitch-redxen-lxc/hitch-redxen-lxc.post-install
+++ b/lxc-configs/hitch-redxen-lxc/hitch-redxen-lxc.post-install
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/sbin/apk --allow-untrusted -p /containers/hitch -X http://dl-cdn.alpinelinux.org/alpine/edge/main -X http://dl-cdn.alpinelinux.org/alpine/edge/community -X https://redxen.eu/pub/alpine/software-configs add --initdb hitch-redxen-config
--- a/lxc-configs/unbound-redxen-lxc/APKBUILD
+++ b/lxc-configs/unbound-redxen-lxc/APKBUILD
@ -1,22 +0,0 @@
-# Contributor: Alex Denes <caskd@redxen.eu>
-# Maintainer: Alex Denes <caskd@redxen.eu>
-pkgname=unbound-redxen-lxc
-pkgver=1
-pkgrel=0
-pkgdesc="Unbound LXC configuration files"
-url="https://git.redxen.eu/RedXen"
-arch="noarch"
-license="none"
-depends="lxc"
-options="!check"
-install="$pkgname.post-install $pkgname.post-deinstall"
-source="
-	config
-"
-
-package() {
-	install -dm755 "$pkgdir"/containers/unbound
-	install -Dm644 config "$pkgdir"/var/lib/lxc/unbound/config
-}
-
-sha512sums="8f0200fb4f116fbc330ca42c54f86b7abed3eb69f8b7a91028f05e47348408fb7d67c8ffa2ceabfa6715ad4ae44c1873ad917ce5f288be1a779db9852ddb9110  config"
--- a/lxc-configs/unbound-redxen-lxc/config
+++ b/lxc-configs/unbound-redxen-lxc/config
@ -1,12 +0,0 @@
-lxc.net.0.type = none
-lxc.rootfs.path = dir:/containers/unbound
-lxc.init.cmd = /usr/sbin/unbound -c /etc/unbound/main.conf
-lxc.signal.halt = SIGTERM
-lxc.signal.reboot = SIGTERM
-lxc.tty.max = 1
-lxc.pty.max = 1
-lxc.cap.drop = sys_module mac_admin mac_override sys_time
-lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
-lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
-lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
-lxc.mount.entry = /sys/kernel/security sys/kernel/security none ro,bind,optional 0 0
--- a/lxc-configs/unbound-redxen-lxc/unbound-redxen-lxc.post-deinstall
+++ b/lxc-configs/unbound-redxen-lxc/unbound-redxen-lxc.post-deinstall
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/bin/rm /containers/unbound -rf
--- a/lxc-configs/unbound-redxen-lxc/unbound-redxen-lxc.post-install
+++ b/lxc-configs/unbound-redxen-lxc/unbound-redxen-lxc.post-install
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/sbin/apk --allow-untrusted -p /containers/unbound -X http://dl-cdn.alpinelinux.org/alpine/edge/main -X http://dl-cdn.alpinelinux.org/alpine/edge/community -X https://redxen.eu/pub/alpine/software-configs add --initdb unbound-redxen-config
--- a/lxc-configs/varnish-redxen-lxc/APKBUILD
+++ b/lxc-configs/varnish-redxen-lxc/APKBUILD
@ -1,22 +0,0 @@
-# Contributor: Alex Denes <caskd@redxen.eu>
-# Maintainer: Alex Denes <caskd@redxen.eu>
-pkgname=varnish-redxen-lxc
-pkgver=1
-pkgrel=0
-pkgdesc="Varnish LXC configuration files"
-url="https://git.redxen.eu/RedXen"
-arch="noarch"
-license="none"
-depends="lxc"
-options="!check"
-install="$pkgname.post-install $pkgname.post-deinstall"
-source="
-	config
-"
-
-package() {
-	install -dm755 "$pkgdir"/containers/varnish
-	install -Dm644 config "$pkgdir"/var/lib/lxc/varnish/config
-}
-
-sha512sums="6bfa0290eba1925b4f6635c1ee2d8eda3b18a0fdc286bbecd86ea98dbc7480125ae0026ecbc2c73c3d074abcf7b6143f3337be121e8160054624d304c17281ed  config"
--- a/lxc-configs/varnish-redxen-lxc/config
+++ b/lxc-configs/varnish-redxen-lxc/config
@ -1,12 +0,0 @@
-lxc.net.0.type = none
-lxc.rootfs.path = dir:/containers/varnish
-lxc.init.cmd = /usr/sbin/varnishd -F -a :7102,PROXY -p default_ttl=300 -p default_grace=240 -p default_keep=120 -p feature=+http2 -p tcp_fastopen=on -p nuke_limit=0 -f /etc/varnish/main.vcl
-lxc.signal.halt = SIGTERM
-lxc.signal.reboot = SIGTERM
-lxc.tty.max = 1
-lxc.pty.max = 1
-lxc.cap.drop = sys_module mac_admin mac_override sys_time
-lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
-lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
-lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
-lxc.mount.entry = /sys/kernel/security sys/kernel/security none ro,bind,optional 0 0
--- a/lxc-configs/varnish-redxen-lxc/varnish-redxen-lxc.post-deinstall
+++ b/lxc-configs/varnish-redxen-lxc/varnish-redxen-lxc.post-deinstall
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/bin/rm /containers/varnish -rf
--- a/lxc-configs/varnish-redxen-lxc/varnish-redxen-lxc.post-install
+++ b/lxc-configs/varnish-redxen-lxc/varnish-redxen-lxc.post-install
@ -1,3 +0,0 @@
-#!/bin/sh
-
-/sbin/apk --allow-untrusted -p /containers/varnish -X http://dl-cdn.alpinelinux.org/alpine/edge/main -X http://dl-cdn.alpinelinux.org/alpine/edge/community -X https://redxen.eu/pub/alpine/software-configs add --initdb varnish-redxen-config
--- a/openrc-configs/haproxy-redxen-openrc/APKBUILD
+++ b/openrc-configs/haproxy-redxen-openrc/APKBUILD
@ -0,0 +1,22 @@
+# Contributor: Alex Denes <caskd@redxen.eu>
+# Maintainer: Alex Denes <caskd@redxen.eu>
+pkgname=haproxy-redxen-openrc
+pkgver=1
+pkgrel=0
+pkgdesc="HAProxy OpenRC service files"
+url="https://git.redxen.eu/RedXen"
+arch="noarch"
+license="none"
+depends="openrc haproxy-redxen-config"
+source="
+	runfile
+	conffile
+"
+options="!check"
+
+package() {
+	install -Dm755 runfile "$pkgdir"/etc/init.d/haproxy-redxen
+	install -Dm644 conffile "$pkgdir"/etc/conf.d/haproxy-redxen
+}
+sha512sums="3f9a179d756d65cd739badce185fe335d7743a37f81e38c2577ca51209c1f3921ffe19046deb599d832d53687ecd3faa1f9889e33f07d9ada15344ce0a86fd33  runfile
+169316df39a2e6eb01117985c7cea3b8a0b0a5f1f9fd2e13ec8a3d7d2be7205f610ef9a4d00f989d9430a4865194d1854170bdeb1793de2b8009d864c1330c8a  conffile"
--- a/openrc-configs/haproxy-redxen-openrc/conffile
+++ b/openrc-configs/haproxy-redxen-openrc/conffile
@ -0,0 +1,6 @@
+
+# Configuration file to start with
+CONF="main.cfg"
+
+# Extra options
+EXTRA_OPTS="-C /etc/haproxy"
--- a/openrc-configs/haproxy-redxen-openrc/runfile
+++ b/openrc-configs/haproxy-redxen-openrc/runfile
@ -0,0 +1,6 @@
+#!/sbin/openrc-run
+
+description="Start OpenRC service for HAProxy"
+command="/usr/sbin/haproxy"
+pidfile="/run/haproxy.pid"
+command_args="-D -p ${pidfile} -f ${CONF} ${EXTRA_OPTS}"
--- a/openrc-configs/murmur-redxen-openrc/APKBUILD
+++ b/openrc-configs/murmur-redxen-openrc/APKBUILD
@ -0,0 +1,22 @@
+# Contributor: Alex Denes <caskd@redxen.eu>
+# Maintainer: Alex Denes <caskd@redxen.eu>
+pkgname=murmur-redxen-openrc
+pkgver=1
+pkgrel=0
+pkgdesc="Murmur OpenRC service files"
+url="https://git.redxen.eu/RedXen"
+arch="noarch"
+license="none"
+depends="openrc murmur-redxen-config"
+source="
+	runfile
+	conffile
+"
+options="!check"
+
+package() {
+	install -Dm755 runfile "$pkgdir"/etc/init.d/murmur-redxen
+	install -Dm644 conffile "$pkgdir"/etc/conf.d/murmur-redxen
+}
+sha512sums="5c6ecf55d22c0b37d8af2b1158484369faa54eb2df9da9b5c734fadedb4fe3345c577ffd267bc3a5e60a224f59d24d52f5159a90ffec92785df5e5052860eaf3  runfile
+ce487bcbf14b6875bae9fbbdd9d2e847b6606a33c78498631abf131283716f6db94daece70813f842f9167f48a39555ff9cdf13a4223de65a013a9fe4e43a9e9  conffile"
--- a/openrc-configs/murmur-redxen-openrc/conffile
+++ b/openrc-configs/murmur-redxen-openrc/conffile
@ -0,0 +1,6 @@
+
+# Configuration file to start with
+CONF="/etc/murmur/murmur.ini"
+
+# Extra options
+EXTRA_OPTS=""
--- a/openrc-configs/murmur-redxen-openrc/runfile
+++ b/openrc-configs/murmur-redxen-openrc/runfile
@ -0,0 +1,8 @@
+#!/sbin/openrc-run
+
+description="Start OpenRC service for Murmur"
+command="/usr/bin/murmurd"
+command_args="-ini ${CONF} ${EXTRA_OPTS}"
+pidfile="/run/murmur.pid"
+supervisor=supervise-daemon
+command_background=true
--- a/openrc-configs/unbound-redxen-openrc/APKBUILD
+++ b/openrc-configs/unbound-redxen-openrc/APKBUILD
@ -0,0 +1,22 @@
+# Contributor: Alex Denes <caskd@redxen.eu>
+# Maintainer: Alex Denes <caskd@redxen.eu>
+pkgname=unbound-redxen-openrc
+pkgver=1
+pkgrel=0
+pkgdesc="Unbound OpenRC service files"
+url="https://git.redxen.eu/RedXen"
+arch="noarch"
+license="none"
+depends="openrc unbound-redxen-config"
+source="
+	runfile
+	conffile
+"
+options="!check"
+
+package() {
+	install -Dm755 runfile "$pkgdir"/etc/init.d/unbound-redxen
+	install -Dm644 conffile "$pkgdir"/etc/conf.d/unbound-redxen
+}
+sha512sums="78abad5f8d6e8fae7e563cfe772ae57bd284cca35aea6db12ba6afb234d34d95bba534e23cf7275e95011d4a7ccabadce714483b2d9286d9cbe92acf8cd98e9b  runfile
+ac23baec2a74f5c866b0afa7bf09958f348b2bca9a44755f8e07cbc251bc8770b51e76f2a8d3469cacfaa81ff7708de223e5ba1f2625eda7c72cb618a0b907ad  conffile"
--- a/openrc-configs/unbound-redxen-openrc/conffile
+++ b/openrc-configs/unbound-redxen-openrc/conffile
@ -0,0 +1,6 @@
+
+# Configuration file to start with
+CONF="/etc/unbound/main.conf"
+
+# Extra options
+EXTRA_OPTS=""
--- a/openrc-configs/unbound-redxen-openrc/runfile
+++ b/openrc-configs/unbound-redxen-openrc/runfile
@ -0,0 +1,6 @@
+#!/sbin/openrc-run
+
+description="Start OpenRC service for Unbound"
+command="/usr/sbin/unbound"
+command_args="-c ${CONF} ${EXTRA_OPTS}"
+pidfile="/run/unbound.pid"
--- a/software-configs/haproxy-redxen-config/APKBUILD
+++ b/software-configs/haproxy-redxen-config/APKBUILD
@ -8,16 +8,19 @@ url="https://git.redxen.eu/RedXen"
 arch="noarch"
 license="none"
 depends="haproxy"
-source="main.cfg"
+source="
+	main.cfg
+	cert.pem
+"
+
+package() {
+	install -Dm644 main.cfg "$pkgdir"/etc/haproxy/main.cfg
+	install -Dm400 cert.pem "$pkgdir"/etc/haproxy/cert.pem
+}

 check() {
 	haproxy -c -f main.cfg
 }

-package() {
-	install -d "$pkgdir"/etc/haproxy
-	install -Dm644 *.cfg "$pkgdir"/etc/haproxy
-}
-
-
-sha512sums="33d7b52a068edc80311ab7437d74928cc21812d830166e94de170c8f2ce7eab42a665631cf06efc39c525d7bfff78a85754633b8b5b5f2f49c108b9a60501e43  main.cfg"
+sha512sums="aca02946028ab884700c45028bec1e08144bd02a90edb394afc56a2e88a8fcd82672313e9dc9100a5bd8711047e5dbd1b83a8d9df03fe1625d68f49efbe0add3  main.cfg
+3cd81a03287793d2b52aca54c0ba3d702d3d4af34c2ca7e36d39f46309403873424a2c64a899c79139890556c038197bf491da20ce5fba1e01e3bdd3a81132cb  cert.pem"
--- a/software-configs/haproxy-redxen-config/main.cfg
+++ b/software-configs/haproxy-redxen-config/main.cfg
@ -36,74 +36,20 @@ resolvers local
  hold timeout         3s
  hold valid           5s

-listen 0-dev
-  mode tcp
-  bind ipv4@*:2442,ipv6@*:2442
-  option tcp-check
-  server dev-0 10.0.0.10:2443 
-
-listen 1-social
+listen mumble
  mode tcp
  bind ipv4@*:64738,ipv6@*:64738
  option tcp-check
-  server social-0 10.0.0.10:6401 
-
-listen 2-games
-  mode tcp
-  bind ipv4@*:25565,ipv6@*:25565
-  option tcp-check
-  server games-0 10.0.0.7:25560 
-
-listen 3-games
-  mode tcp
-  bind ipv4@*:7777,ipv6@*:7777
-  option tcp-check
-  server games-0 10.0.0.7:7776 
+  server-template mumble 1 mumble.routinginfo.redxen.localhost

 frontend http
  mode http
-  bind /haproxy.sock mode 660 alpn h2,http/1.1
+  bind ipv4@:443,ipv6@:443 ssl crt cert.pem alpn h2,http/1.1

  acl root url /

-  use_backend backend-grafana if { hdr_beg(host) -i stats }
-  use_backend backend-gitea if { hdr_beg(host) -i git }
-  use_backend backend-transmission if { hdr_beg(host) -i seed }
-  use_backend backend-seedown if { hdr_beg(host) -i sd }
-  use_backend backend-pleroma if { hdr_beg(host) -i social }
-  use_backend backend-homepage if { hdr(host) -i redxen.eu }
-  use_backend backend-deavmi-proxy if { hdr_beg(host) -i deavmi-proxy }
-
-  redirect prefix /web code 302  if { hdr_beg(host) -i seed } { url / }
  http-response add-header X-Forwarded-Proto https
  http-response set-header X-XSS-Protection 1;\ mode=block
  http-response set-header X-Content-Type-Options nosniff
  http-response set-header Referrer-Policy no-referrer-when-downgrade
  http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains;\ preload
-
-backend backend-grafana
-  server-template grafana 5 _grafana._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ stats.redxen.eu
-
-backend backend-gitea
-  server-template gitea 1 _gitea._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ git.redxen.eu
-
-backend backend-transmission
-  server-template transmission 1 _transmission._tcp.redxen.localhost
-
-backend backend-seedown
-  server-template seedown 1 _seedown._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ sd.redxen.eu
-
-backend backend-pleroma
-  server-template pleroma 1 _pleroma._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ social.redxen.eu
-
-backend backend-homepage
-  server-template homepage 1 _homepage._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ root.redxen.eu
-
-backend backend-deavmi-proxy
-  server-template deavmi-proxy 1 _deavmi-proxy._tcp.redxen.localhost
-  option httpchk HEAD / HTTP/1.1\r\nHost:\ deavmi-proxy.redxen.eu
--- a/software-configs/murmur-redxen-config/.internal.conf.swp
+++ b/software-configs/murmur-redxen-config/.internal.conf.swp
--- a/software-configs/murmur-redxen-config/.redxen-dns.conf.swp
+++ b/software-configs/murmur-redxen-config/.redxen-dns.conf.swp
--- a/software-configs/murmur-redxen-config/APKBUILD
+++ b/software-configs/murmur-redxen-config/APKBUILD
@ -0,0 +1,21 @@
+# Contributor: Alex Denes <caskd@redxen.eu>
+# Maintainer: Alex Denes <caskd@redxen.eu>
+pkgname=murmur-redxen-config
+pkgver=1
+pkgrel=0
+pkgdesc="Murmur configurations and related."
+url="https://git.redxen.eu/RedXen"
+arch="noarch"
+license="none"
+depends="murmur"
+options="!check" # Murmur doesn't offer a way to check configs
+source="
+	murmur.ini
+"
+
+package() {
+	install -Dm644 murmur.ini "$pkgdir"/etc/murmur/murmur.ini
+}
+
+
+sha512sums="5f1e47f7c0a9235c73b9e45a93e51218bc5a6c44bc26a04db784df0b42881000e6103245c112b96ac5ee2fc03f0864b51fed54c671b102c7a2e47746be369a5d  murmur.ini"
--- a/software-configs/unbound-redxen-config/APKBUILD
+++ b/software-configs/unbound-redxen-config/APKBUILD
@ -28,6 +28,6 @@ package() {


 sha512sums="0741bc9c6e94a656f35ae452288f0212a2a2df9eda3688a2d3f04012d686adee5f03e3e9f4c72685626f672baaacbd00be71ee0d8699989f47abfd34b72b2b3d  main.conf
-1c10935777559c174fc36a966e224e5e0ed23f197c209ce40e15312d28e1650293a487017f765da9ea5979ae8720af6af34aa4c6edbb4d0db1c3b00c1bcd7954  base.conf
-8b46eaad1ff1cde6d97ef12549b34da0d58f44ec08a9f47965e006f56e80c6a045a88b30ffd9c0f2b8051dd298861dc717bd98fe4c509d136fc9e1580c359713  internal.conf
+598ad87d4dfed44d9711fb8164610306907454a3aea3333dc16a098839d9217e86d65075d9a4c3b0ca03d283059d05e99cbd7e9fba9a61b706f99ed356fffb08  base.conf
+528cfdbd0b38a77179e1aaf13df606ec5172a4e9273c97566709a8b7a3c08464085009a97013dd1e3d721b35d93a2d4a8f73d51cbc795b610a2e878313b324a5  internal.conf
 dc2ea0e9e1d4552927ea78f8cb2754284f3d9ce1c2390b3030e08ed6dfc63162764665579726fef8a27a52f12a89181a5008ccdb0b2f39886e11b2c898e0fc12  redxen-dns.conf"
--- a/software-configs/unbound-redxen-config/base.conf
+++ b/software-configs/unbound-redxen-config/base.conf
@ -15,7 +15,8 @@ server:
 	port: 53
 	prefetch: yes
 	prefetch-key: yes
-	do-daemonize: no
+	do-daemonize: yes
+	pidfile: "/run/unbound.pid"
 	minimal-responses: no
 	logfile: ""
 	cache-min-ttl: 60
--- a/software-configs/unbound-redxen-config/internal.conf
+++ b/software-configs/unbound-redxen-config/internal.conf
@ -1,2 +1,13 @@
 server:
 	local-zone: "redxen.localhost." static
+
+	# Machines
+	local-data: "8101153.nbg1-dc3.hetzner.redxen.localhost. 86400 IN A "
+	local-data: "8201371.fsn1-dc14.hetzner.redxen.localhost. 86400 IN A "
+
+	# Familiar names
+	local-data: "lain.nurnberg.redxen.localhost. 86400 IN CNAME 8101153.nbg1-dc3.hetzner.redxen.localhost."
+	local-data: "arisu.falkenstein.redxen.localhost. 86400 IN CNAME 8201371.fsn1-dc14.hetzner.redxen.localhost."
+	
+	# Services
+	local-data: "mumble.routinginfo.redxen.localhost. 60 IN SRV 0 5 7573 8101153.nbg1-dc3.hetzner.redxen.localhost."
--- a/software-configs/varnish-redxen-config/APKBUILD
+++ b/software-configs/varnish-redxen-config/APKBUILD
@ -16,4 +16,4 @@ package() {
 }


-sha512sums="9347cd8ba1f420397661aa5388cd29ee9ab8a5c170355b49dbff8878234c6c160ef5229a57eaaaeae880b4ddb7b0f17da557e53c082fbabb09c0e2048e0be045  main.vcl"
+sha512sums="6674a942017c0f1be2ff6eefb9f2a92a0f7d615e4ce367e880bceef0ec2646f3aac4180f2bb32557ac9ae8590b02882d05afbc7478bee9069a8138945e6835fc  main.vcl"
--- a/software-configs/varnish-redxen-config/main.vcl
+++ b/software-configs/varnish-redxen-config/main.vcl
@ -2,8 +2,8 @@ vcl 4.1;
 import std;

 backend default {
-	.host                   = "haproxy.routinginfo.redxen.localhost";
-	.port                   = "7202";
+	.host                   = "127.0.0.1";
+	.port                   = "7500";
 	.max_connections        = 300;
 	.first_byte_timeout     = 240s;
 	.connect_timeout        = 10s;