RubyGems - ConfigLMM - Versions diffs - 0.3.0 → 0.5.0 - Mend

ConfigLMM 0.3.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +70 -0
data/CNAME +1 -0
data/Examples/.lmm.state.yaml +159 -0
data/Examples/ConfigLMM.mm.yaml +32 -0
data/Examples/Implemented.mm.yaml +252 -4
data/Examples/SmallBusiness.mm.yaml +492 -0
data/Plugins/Apps/Answer/answer.lmm.rb +165 -0
data/Plugins/Apps/Answer/answer@.service +40 -0
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.conf.erb +0 -3
data/Plugins/Apps/ArchiSteamFarm/ArchiSteamFarm.lmm.rb +0 -1
data/Plugins/Apps/Authentik/Authentik-ProxyOutpost.container +20 -0
data/Plugins/Apps/Authentik/Authentik-Server.container +7 -1
data/Plugins/Apps/Authentik/Authentik-Worker.container +7 -1
data/Plugins/Apps/Authentik/Authentik.conf.erb +18 -6
data/Plugins/Apps/Authentik/Authentik.lmm.rb +232 -45
data/Plugins/Apps/BookStack/BookStack.conf.erb +38 -0
data/Plugins/Apps/BookStack/BookStack.container +20 -0
data/Plugins/Apps/BookStack/BookStack.lmm.rb +91 -0
data/Plugins/Apps/Cassandra/Cassandra.lmm.rb +9 -19
data/Plugins/Apps/ClickHouse/ClickHouse.container +28 -0
data/Plugins/Apps/ClickHouse/ClickHouse.lmm.rb +113 -0
data/Plugins/Apps/ClickHouse/Config/listen.yaml +2 -0
data/Plugins/Apps/ClickHouse/Config/logger.yaml +8 -0
data/Plugins/Apps/ClickHouse/Config/zookeepers.yaml +5 -0
data/Plugins/Apps/ClickHouse/Connection.rb +96 -0
data/Plugins/Apps/Discourse/Discourse-Sidekiq.container +22 -0
data/Plugins/Apps/Discourse/Discourse.conf.erb +38 -0
data/Plugins/Apps/Discourse/Discourse.container +21 -0
data/Plugins/Apps/Discourse/Discourse.lmm.rb +156 -0
data/Plugins/Apps/Dovecot/Dovecot.lmm.rb +87 -52
data/Plugins/Apps/ERPNext/ERPNext-Frontend.container +24 -0
data/Plugins/Apps/ERPNext/ERPNext-Queue.container +22 -0
data/Plugins/Apps/ERPNext/ERPNext-Scheduler.container +22 -0
data/Plugins/Apps/ERPNext/ERPNext-Websocket.container +24 -0
data/Plugins/Apps/ERPNext/ERPNext.container +23 -0
data/Plugins/Apps/ERPNext/ERPNext.lmm.rb +204 -0
data/Plugins/Apps/ERPNext/ERPNext.network +12 -0
data/Plugins/Apps/ERPNext/sites/apps.json +10 -0
data/Plugins/Apps/ERPNext/sites/apps.txt +3 -0
data/Plugins/Apps/ERPNext/sites/common_site_config.json +11 -0
data/Plugins/Apps/GitLab/GitLab.container +9 -2
data/Plugins/Apps/GitLab/GitLab.lmm.rb +52 -33
data/Plugins/Apps/Homepage/Homepage.conf.erb +86 -0
data/Plugins/Apps/Homepage/Homepage.container +19 -0
data/Plugins/Apps/Homepage/Homepage.lmm.rb +54 -0
data/Plugins/Apps/IPFS/IPFS.conf.erb +0 -3
data/Plugins/Apps/IPFS/IPFS.lmm.rb +0 -1
data/Plugins/Apps/InfluxDB/InfluxDB.conf.erb +0 -3
data/Plugins/Apps/InfluxDB/InfluxDB.lmm.rb +0 -1
data/Plugins/Apps/Jackett/Jackett.conf.erb +0 -3
data/Plugins/Apps/Jackett/Jackett.lmm.rb +0 -1
data/Plugins/Apps/Jellyfin/Jellyfin.conf.erb +0 -3
data/Plugins/Apps/Jellyfin/Jellyfin.lmm.rb +0 -1
data/Plugins/Apps/LetsEncrypt/LetsEncrypt.lmm.rb +78 -0
data/Plugins/Apps/LetsEncrypt/hooks/dovecot.sh +2 -0
data/Plugins/Apps/LetsEncrypt/hooks/nginx.sh +2 -0
data/Plugins/Apps/LetsEncrypt/hooks/postfix.sh +2 -0
data/Plugins/Apps/LetsEncrypt/renew-certificates.service +7 -0
data/Plugins/Apps/LetsEncrypt/renew-certificates.timer +12 -0
data/Plugins/Apps/LetsEncrypt/rfc2136.ini +11 -0
data/Plugins/Apps/LibreTranslate/LibreTranslate.container +21 -0
data/Plugins/Apps/LibreTranslate/LibreTranslate.lmm.rb +34 -0
data/Plugins/Apps/Lobsters/Containerfile +81 -0
data/Plugins/Apps/Lobsters/Lobsters-Tasks.container +26 -0
data/Plugins/Apps/Lobsters/Lobsters.conf.erb +99 -0
data/Plugins/Apps/Lobsters/Lobsters.container +27 -0
data/Plugins/Apps/Lobsters/Lobsters.lmm.rb +196 -0
data/Plugins/Apps/Lobsters/crontab +3 -0
data/Plugins/Apps/Lobsters/database.yml +26 -0
data/Plugins/Apps/Lobsters/entrypoint.sh +30 -0
data/Plugins/Apps/Lobsters/generateCredentials.rb +19 -0
data/Plugins/Apps/Lobsters/lobsters-cron.sh +25 -0
data/Plugins/Apps/Lobsters/lobsters-daily.sh +23 -0
data/Plugins/Apps/Lobsters/puma.rb +49 -0
data/Plugins/Apps/MariaDB/Connection.rb +55 -0
data/Plugins/Apps/MariaDB/MariaDB.lmm.rb +122 -0
data/Plugins/Apps/Mastodon/Mastodon-Sidekiq.container +22 -0
data/Plugins/Apps/Mastodon/Mastodon-Streaming.container +20 -0
data/Plugins/Apps/Mastodon/Mastodon.conf.erb +34 -45
data/Plugins/Apps/Mastodon/Mastodon.container +28 -0
data/Plugins/Apps/Mastodon/Mastodon.lmm.rb +240 -5
data/Plugins/Apps/Mastodon/configlmm.rake +30 -0
data/Plugins/Apps/Mastodon/entrypoint.sh +16 -0
data/Plugins/Apps/Matrix/Element.container +19 -0
data/Plugins/Apps/Matrix/Matrix.conf.erb +47 -9
data/Plugins/Apps/Matrix/Matrix.lmm.rb +119 -5
data/Plugins/Apps/Matrix/Synapse.container +22 -0
data/Plugins/Apps/Matrix/config.json +50 -0
data/Plugins/Apps/Matrix/homeserver.yaml +70 -0
data/Plugins/Apps/Matrix/log.config +30 -0
data/Plugins/Apps/Netdata/Netdata.conf.erb +0 -3
data/Plugins/Apps/Netdata/Netdata.lmm.rb +0 -1
data/Plugins/Apps/Nextcloud/Nextcloud.conf.erb +3 -4
data/Plugins/Apps/Nextcloud/Nextcloud.lmm.rb +155 -48
data/Plugins/Apps/Nextcloud/autoconfig.php +13 -0
data/Plugins/Apps/Nextcloud/config.php +10 -1
data/Plugins/Apps/Nextcloud/nextcloudcron.service +8 -0
data/Plugins/Apps/Nextcloud/nextcloudcron.timer +10 -0
data/Plugins/Apps/Nginx/Connection.rb +93 -0
data/Plugins/Apps/Nginx/conf.d/configlmm.conf +54 -4
data/Plugins/Apps/Nginx/conf.d/languages.conf +21 -0
data/Plugins/Apps/Nginx/config-lmm/errors.conf +33 -22
data/Plugins/Apps/Nginx/config-lmm/gateway-errors.conf +20 -0
data/Plugins/Apps/Nginx/config-lmm/proxy.conf +6 -2
data/Plugins/Apps/Nginx/main.conf.erb +7 -3
data/Plugins/Apps/Nginx/nginx.conf +2 -2
data/Plugins/Apps/Nginx/nginx.lmm.rb +103 -81
data/Plugins/Apps/Nginx/proxy.conf.erb +24 -6
data/Plugins/Apps/Odoo/Odoo.conf.erb +0 -3
data/Plugins/Apps/Odoo/Odoo.container +7 -1
data/Plugins/Apps/Odoo/Odoo.lmm.rb +4 -5
data/Plugins/Apps/Ollama/Ollama.container +26 -0
data/Plugins/Apps/Ollama/Ollama.lmm.rb +73 -0
data/Plugins/Apps/OpenTelemetry/Config/config.yaml +704 -0
data/Plugins/Apps/OpenTelemetry/OpenTelemetry.lmm.rb +154 -0
data/Plugins/Apps/OpenVidu/Ingress.container +23 -0
data/Plugins/Apps/{GitLab/GitLab.conf.erb → OpenVidu/OpenVidu.conf.erb} +8 -3
data/Plugins/Apps/OpenVidu/OpenVidu.container +21 -0
data/Plugins/Apps/OpenVidu/OpenVidu.lmm.rb +94 -0
data/Plugins/Apps/OpenVidu/OpenViduCall.conf.erb +32 -0
data/Plugins/Apps/OpenVidu/OpenViduCall.container +20 -0
data/Plugins/Apps/OpenVidu/ingress.yaml +10 -0
data/Plugins/Apps/OpenVidu/livekit.yaml +13 -0
data/Plugins/Apps/PHP-FPM/Connection.rb +91 -0
data/Plugins/Apps/PHP-FPM/PHP-FPM.lmm.rb +31 -4
data/Plugins/Apps/Peppermint/Peppermint.conf.erb +2 -9
data/Plugins/Apps/Peppermint/Peppermint.container +7 -1
data/Plugins/Apps/Peppermint/Peppermint.lmm.rb +29 -33
data/Plugins/Apps/Perplexica/Perplexica.container +25 -0
data/Plugins/Apps/Perplexica/Perplexica.lmm.rb +92 -0
data/Plugins/Apps/Perplexica/config.toml +26 -0
data/Plugins/Apps/Podman/Connection.rb +24 -0
data/Plugins/Apps/Podman/Podman.lmm.rb +80 -0
data/Plugins/Apps/Podman/storage.conf +6 -0
data/Plugins/Apps/Postfix/Postfix.lmm.rb +249 -145
data/Plugins/Apps/PostgreSQL/Connection.rb +97 -0
data/Plugins/Apps/PostgreSQL/PostgreSQL.lmm.rb +204 -99
data/Plugins/Apps/Pterodactyl/Pterodactyl.conf.erb +0 -3
data/Plugins/Apps/Pterodactyl/Pterodactyl.lmm.rb +0 -2
data/Plugins/Apps/Pterodactyl/Wings.conf.erb +0 -3
data/Plugins/Apps/RVM/RVM.lmm.rb +57 -0
data/Plugins/Apps/Roundcube/Roundcube.conf.erb +72 -0
data/Plugins/Apps/Roundcube/Roundcube.lmm.rb +141 -0
data/Plugins/Apps/SSH/SSH.lmm.rb +9 -15
data/Plugins/Apps/SearXNG/SearXNG.container +22 -0
data/Plugins/Apps/SearXNG/SearXNG.lmm.rb +79 -0
data/Plugins/Apps/SearXNG/limiter.toml +40 -0
data/Plugins/Apps/SearXNG/settings.yml +2 -0
data/Plugins/Apps/SigNoz/Config/alerts.yml +11 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-config.yaml +110 -0
data/Plugins/Apps/SigNoz/Config/otel-collector-opamp-config.yaml +1 -0
data/Plugins/Apps/SigNoz/Config/prometheus.yml +18 -0
data/Plugins/Apps/SigNoz/SigNoz-Collector.container +23 -0
data/Plugins/Apps/SigNoz/SigNoz-Migrator.container +17 -0
data/Plugins/Apps/SigNoz/SigNoz.conf.erb +61 -0
data/Plugins/Apps/SigNoz/SigNoz.container +26 -0
data/Plugins/Apps/SigNoz/SigNoz.lmm.rb +319 -0
data/Plugins/Apps/Solr/log4j2.xml +89 -0
data/Plugins/Apps/Solr/solr.lmm.rb +82 -0
data/Plugins/Apps/Sunshine/Sunshine.conf.erb +0 -3
data/Plugins/Apps/Sunshine/Sunshine.lmm.rb +0 -1
data/Plugins/Apps/Tunnel/tunnel.lmm.rb +59 -0
data/Plugins/Apps/Tunnel/tunnelTCP.service +9 -0
data/Plugins/Apps/Tunnel/tunnelTCP.socket +9 -0
data/Plugins/Apps/Tunnel/tunnelUDP.service +9 -0
data/Plugins/Apps/Tunnel/tunnelUDP.socket +9 -0
data/Plugins/Apps/UVdesk/UVdesk.conf.erb +0 -3
data/Plugins/Apps/Umami/Umami.container +19 -0
data/Plugins/Apps/Umami/Umami.lmm.rb +108 -0
data/Plugins/Apps/Valkey/Valkey.lmm.rb +64 -20
data/Plugins/Apps/Vaultwarden/Vaultwarden.conf.erb +9 -6
data/Plugins/Apps/Vaultwarden/Vaultwarden.container +7 -1
data/Plugins/Apps/Vaultwarden/Vaultwarden.lmm.rb +67 -28
data/Plugins/Apps/Wiki.js/Wiki.js.conf.erb +39 -0
data/Plugins/Apps/Wiki.js/Wiki.js.container +20 -0
data/Plugins/Apps/Wiki.js/Wiki.js.lmm.rb +55 -0
data/Plugins/Apps/YaCy/YaCy.conf.erb +93 -0
data/Plugins/Apps/YaCy/YaCy.container +21 -0
data/Plugins/Apps/YaCy/YaCy.lmm.rb +160 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.container +24 -0
data/Plugins/Apps/ZooKeeper/ZooKeeper.lmm.rb +68 -0
data/Plugins/Apps/bitmagnet/bitmagnet.conf.erb +0 -3
data/Plugins/Apps/bitmagnet/bitmagnet.lmm.rb +0 -1
data/Plugins/Apps/gollum/gollum.conf.erb +40 -4
data/Plugins/Apps/gollum/gollum.container +10 -1
data/Plugins/Apps/gollum/gollum.lmm.rb +56 -47
data/Plugins/Apps/llama.cpp/llama.cpp.container +28 -0
data/Plugins/Apps/llama.cpp/llama.cpp.lmm.rb +90 -0
data/Plugins/Apps/vLLM/vLLM.container +32 -0
data/Plugins/Apps/vLLM/vLLM.lmm.rb +89 -0
data/Plugins/OS/General/Utils.lmm.rb +26 -0
data/Plugins/OS/Linux/Connection.rb +472 -0
data/Plugins/OS/Linux/Debian/preseed.cfg.erb +81 -0
data/Plugins/OS/Linux/Distributions.yaml +32 -0
data/Plugins/OS/Linux/Flavours.yaml +24 -0
data/Plugins/OS/Linux/Grub/grub.cfg +10 -0
data/Plugins/OS/Linux/HTTP.rb +32 -0
data/Plugins/OS/Linux/Linux.lmm.rb +708 -174
data/Plugins/OS/Linux/Packages.yaml +67 -3
data/Plugins/OS/Linux/Proxmox/answer.toml.erb +30 -0
data/Plugins/OS/Linux/Services.yaml +8 -0
data/Plugins/OS/Linux/Shell.rb +70 -0
data/Plugins/OS/Linux/Syslinux/default +8 -0
data/Plugins/OS/Linux/WireGuard/WireGuard.lmm.rb +93 -40
data/Plugins/OS/Linux/WireGuard/wg0.conf.erb +3 -0
data/Plugins/OS/Linux/openSUSE/autoinst.xml.erb +29 -3
data/Plugins/OS/Linux/systemd/systemd.lmm.rb +13 -11
data/Plugins/OS/Routers/Aruba/ArubaInstant.lmm.rb +6 -5
data/Plugins/Platforms/GitHub.lmm.rb +73 -28
data/Plugins/Platforms/GoDaddy/GoDaddy.lmm.rb +10 -7
data/Plugins/Platforms/Proxmox/Proxmox.lmm.rb +402 -0
data/Plugins/Platforms/Proxmox/XTerm.rb +321 -0
data/Plugins/Platforms/libvirt/libvirt.lmm.rb +41 -15
data/Plugins/Platforms/porkbun.lmm.rb +12 -2
data/Plugins/Platforms/porkbun_spec.rb +2 -2
data/Plugins/Services/DNS/AmberBit.lmm.rb +1 -1
data/Plugins/Services/DNS/ArubaItDNS.lmm.rb +1 -1
data/Plugins/Services/DNS/NICLV.lmm.rb +1 -1
data/Plugins/Services/DNS/PowerDNS.lmm.rb +130 -41
data/Plugins/Services/DNS/tonic.lmm.rb +22 -12
data/bootstrap.sh +41 -3
data/lib/ConfigLMM/Framework/plugins/dns.rb +4 -3
data/lib/ConfigLMM/Framework/plugins/linuxApp.rb +187 -144
data/lib/ConfigLMM/Framework/plugins/nginxApp.rb +54 -6
data/lib/ConfigLMM/Framework/plugins/plugin.rb +68 -140
data/lib/ConfigLMM/Framework/plugins/store.rb +4 -4
data/lib/ConfigLMM/Framework/variables.rb +75 -0
data/lib/ConfigLMM/Framework.rb +1 -0
data/lib/ConfigLMM/cli.rb +13 -5
data/lib/ConfigLMM/commands/cleanup.rb +1 -0
data/lib/ConfigLMM/commands/configsCommand.rb +38 -5
data/lib/ConfigLMM/commands/diff.rb +33 -9
data/lib/ConfigLMM/context.rb +22 -3
data/lib/ConfigLMM/io/configList.rb +85 -7
data/lib/ConfigLMM/io/connection.rb +143 -0
data/lib/ConfigLMM/io/dhcp.rb +330 -0
data/lib/ConfigLMM/io/http.rb +78 -0
data/lib/ConfigLMM/io/local.rb +207 -0
data/lib/ConfigLMM/io/pxe.rb +92 -0
data/lib/ConfigLMM/io/ssh.rb +156 -0
data/lib/ConfigLMM/io/tftp.rb +105 -0
data/lib/ConfigLMM/io.rb +2 -0
data/lib/ConfigLMM/secrets/envStore.rb +39 -0
data/lib/ConfigLMM/secrets/fileStore.rb +43 -0
data/lib/ConfigLMM/state.rb +12 -3
data/lib/ConfigLMM/version.rb +2 -1
data/lib/ConfigLMM.rb +1 -0
data/{Examples → scripts}/configlmmAuth.sh +7 -5
metadata +257 -9

data/Plugins/Apps/Roundcube/Roundcube.lmm.rb ADDED Viewed

@@ -0,0 +1,141 @@
+module ConfigLMM
+    module LMM
+        class Roundcube < Framework::NginxApp
+            USER = 'roundcube'
+            HOME_DIR = '/var/lib/roundcube'
+            PACKAGE_NAME = 'Roundcube'
+            def actionRoundcubeDeploy(id, target, activeState, context, options)
+                raise Framework::PluginProcessError.new('Domain field must be set!') unless target['Domain']
+                target['Database'] ||= {}
+                if target['Location'] && target['Location'] != '@me'
+                    uri = Addressable::URI.parse(target['Location'])
+                    raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
+                    self.class.sshStart(uri) do |ssh|
+                        Framework::LinuxApp.ensurePackages([PHP_FPM::PHPFPM_PACKAGE], ssh)
+                        Framework::LinuxApp.ensureServiceAutoStartOverSSH(PHP_FPM::PHPFPM_SERVICE, ssh)
+                        distroInfo = Framework::LinuxApp.ensurePackages([PACKAGE_NAME], ssh)
+                        addUserCmd = "#{distroInfo['CreateServiceUser']} --home-dir '#{HOME_DIR}' --create-home --comment 'Roundcube' #{USER}"
+                        self.class.exec(addUserCmd, ssh, true)
+                        self.class.exec("chmod o-rwx #{HOME_DIR}", ssh)
+                        self.class.exec("touch /var/log/php/roundcube.errors.log", ssh)
+                        self.class.exec("touch /var/log/php/roundcube.mail.log", ssh)
+                        self.class.exec("chown #{USER}:#{USER} /var/log/php/roundcube.errors.log", ssh)
+                        self.class.exec("chown #{USER}:#{USER} /var/log/php/roundcube.mail.log", ssh)
+                        self.class.exec("chown -R #{USER}:#{USER} /var/log/roundcubemail /var/lib/roundcubemail", ssh)
+                        PHP_FPM::fixConfigFileOverSSH(distroInfo, ssh)
+                        roundcubeBaseDir = '/usr/share/webapps/roundcubemail'
+                        if distroInfo['Name'] == 'openSUSE Leap'
+                            roundcubeBaseDir = '/srv/www/roundcubemail'
+                        end
+                        self.class.exec("sed -i 's|$config\\[\\'des_key\\'\\].*|$config\\[\\'des_key\\'\\] = \\'#{SecureRandom.alphanumeric(24)}\\';|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                        self.class.exec("sed -i 's|$config\\[\\'product_name\\'\\].*|$config\\[\\'product_name\\'\\] = \\'Webmail\\';|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                        if target['IMAP']['Host']
+                            protocol = ''
+                            if target['IMAP']['Port'] == 993
+                                protocol = 'ssl://'
+                            end
+                            self.class.exec("sed -i 's|$config\\[\\'imap_host\\'\\].*|$config\\[\\'imap_host\\'\\] = \\'#{protocol}#{target['IMAP']['Host']}:#{target['IMAP']['Port']}\\';|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                        end
+                        if target['SMTP']['Host']
+                            protocol = ''
+                            if target['SMTP']['Port'] == 465
+                                protocol = 'ssl://'
+                            end
+                            self.class.exec("sed -i 's|$config\\[\\'smtp_host\\'\\].*|$config\\[\\'smtp_host\\'\\] = \\'#{protocol}#{target['SMTP']['Host']}:#{target['SMTP']['Port']}\\';|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                        end
+                        target['Database'] ||= {}
+                        if !target['Database']['Type'] || target['Database']['Type'] == 'pgsql'
+                            password = SecureRandom.alphanumeric(20)
+                            PostgreSQL.createRemoteUserAndDBOverSSH(target['Database'], USER, password, ssh)
+                            self.class.exec("sed -i 's|$config\\[\\'db_dsnw\\'\\].*|$config\\[\\'db_dsnw\\'\\] = \\'pgsql://#{USER}:#{password}@#{target['Database']['HostName']}/#{USER}\\';|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                        end
+                        self.updateRemoteFile(ssh, roundcubeBaseDir + '/config/config.inc.php', options, false, '//') do |configLines|
+                            if target['Settings']
+                                target['Settings'].each do |name, value|
+                                    configLines << "$config['#{name}'] = '#{value}';\n"
+                                end
+                            end
+                            configLines << "$config['login_lc'] = 0;\n"
+                            configLines << "$config['enable_installer'] = true;\n"
+                        end
+                        target['User'] = USER unless target['User']
+                        name = 'roundcube'
+                        target['PHP-FPM'] ||= {}
+                        if distroInfo['Name'] == 'openSUSE Leap'
+                            target['PHP-FPM']['chdir'] = roundcubeBaseDir
+                        end
+                        self.updateRemoteFile(ssh, PHP_FPM.configDir(distroInfo) + name + '.conf', options, false, ';') do |configLines|
+                            PHP_FPM.writeConfig(name, target, distroInfo, configLines)
+                        end
+                        Framework::LinuxApp.startServiceOverSSH(PHP_FPM::PHPFPM_SERVICE, ssh)
+                        if !target.key?('Proxy') || target['Proxy']
+                            self.class.ensurePackage(ssh)
+                            self.class.prepareNginxConfig(target, ssh)
+                            self.writeNginxConfig(__dir__, 'Roundcube', id, target, state, context, options)
+                            if distroInfo['Name'] == 'openSUSE Leap'
+                                nginxFile = options['output'] + '/nginx/servers-lmm/Roundcube.conf'
+                                `sed -i 's|root .*|root #{roundcubeBaseDir}/public_html;|' #{nginxFile}`
+                            end
+                            self.deployNginxConfig(id, target, activeState, context, options)
+                            Framework::LinuxApp.startServiceOverSSH(NGINX_PACKAGE, ssh)
+                            self.class.reload(ssh)
+                        end
+                        self.class.exec("curl 'https://#{target['Domain']}/installer/index.php?_step=3' -X POST --data-raw 'initdb=Initialize+database'", ssh)
+                        self.class.exec("rm -f #{roundcubeBaseDir}/public_html/installer", ssh)
+                        self.class.exec("sed -i 's|$config\\[\\'enable_installer\\'\\].*|$config\\[\\'enable_installer\\'\\] = false;|' #{roundcubeBaseDir}/config/config.inc.php", ssh)
+                    end
+                else
+                    # TODO
+                end
+            end
+            def cleanup(configs, state, context, options)
+                cleanupType(:Roundcube, configs, state, context, options) do |item, id, state, context, options, connection|
+                    cleanupConfig(item, id, state, context, options, connection)
+                end
+            end
+            def cleanupConfig(item, id, state, context, options, connection)
+                if item['Proxy'].nil? || item['Proxy']
+                    self.cleanupNginxConfig('Roundcube', id, state, context, options, connection)
+                    self.class.reload(connection, options[:dry])
+                end
+                distroInfo = Framework::LinuxApp.currentDistroInfo(connection)
+                connection.rm(PHP_FPM.configDir(distroInfo) + 'roundcube.conf', options[:dry])
+                Framework::LinuxApp.reloadService(PHP_FPM::PHPFPM_SERVICE, connection, options[:dry])
+                Framework::LinuxApp.removePackage(PACKAGE_NAME, connection, options[:dry])
+                state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+                if options[:destroy]
+                    item['Database'] ||= {}
+                    if !item['Database']['Type'] || item['Database']['Type'] == 'pgsql'
+                        PostgreSQL.dropUserAndDB(item['Database'], USER, connection, options[:dry])
+                    end
+                    Framework::LinuxApp.deleteUserAndGroup(USER, connection, options[:dry])
+                    connection.rm('/var/log/roundcubemail', options[:dry])
+                    connection.rm('/var/log/php/roundcube.access.log', options[:dry])
+                    connection.rm('/var/log/php/roundcube.errors.log', options[:dry])
+                    connection.rm('/var/log/php/roundcube.mail.log', options[:dry])
+                    state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                end
+            end
+        end
+    end
+end

data/Plugins/Apps/SSH/SSH.lmm.rb CHANGED Viewed

@@ -4,24 +4,21 @@ module ConfigLMM
         class SSH < Framework::LinuxApp
             CONFIG_FILE = '/etc/ssh/sshd_config'
+            SSHD_SERVICE = :sshd
             def actionSSHDeploy(id, target, activeState, context, options)
-                if target['Location'] && target['Location'] != '@me'
-                    uri = Addressable::URI.parse(target['Location'])
-                    raise Framework::PluginProcessError.new("#{id}: Unknown Protocol: #{uri.scheme}!") if uri.scheme != 'ssh'
-                    self.class.sshStart(uri) do |ssh|
+                self.withConnection(target['Location'], target) do |connection|
+                    Linux.withConnection(connection) do |linuxConnection|
                         if target['Port']
-                            self.class.sshExec!(ssh, "sed -i 's|^Port |#Port |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, '^Port ', '#Port ', options)
                         end
                         if target['ListenAddress']
-                            self.class.sshExec!(ssh, "sed -i 's|^ListenAddress |#ListenAddress |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, '^ListenAddress ', '#ListenAddress ', options)
                         end
                         target['Settings'].to_h.each do |name, value|
-                            self.class.sshExec!(ssh, "sed -i 's|^#{name} |##{name} |' #{CONFIG_FILE}")
+                            linuxConnection.fileReplace(CONFIG_FILE, "^#{name} ", "##{name} ", options)
                         end
-                        updateRemoteFile(ssh, CONFIG_FILE, options) do |configLines|
+                        linuxConnection.updateFile(CONFIG_FILE, options) do |configLines|
                             if target['Port']
                                 configLines << "Port #{target['Port']}\n"
                             end
@@ -36,16 +33,13 @@ module ConfigLMM
                             configLines
                         end
                         if target['Port']
-                          Framework::LinuxApp.firewallAddPortOverSSH(target['Port'].to_s + '/tcp', uri)
+                            linuxConnection.firewallAddPort(target['Port'].to_s + '/tcp', options)
                         end
+                        linuxConnection.reloadService(SSHD_SERVICE, options)
                     end
-                else
-                    # TODO
                 end
             end
         end
     end
 end

data/Plugins/Apps/SearXNG/SearXNG.container ADDED Viewed

@@ -0,0 +1,22 @@
+[Unit]
+Description=SearXNG container
+After=local-fs.target
+[Container]
+ContainerName=SearXNG
+Image=docker.io/searxng/searxng:latest
+EnvironmentFile=/var/lib/searxng/.config/containers/systemd/SearXNG.env
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:18800:8080
+UserNS=keep-id:uid=1000,gid=1000
+Volume=/var/lib/searxng/config:/etc/searxng
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SearXNG/SearXNG.lmm.rb ADDED Viewed

@@ -0,0 +1,79 @@
+module ConfigLMM
+    module LMM
+        class SearXNG < Framework::Plugin
+            USER = 'searxng'
+            HOME_DIR = '/var/lib/searxng'
+            PORT = 18800
+            def actionSearXNGDeploy(id, target, activeState, context, options)
+                self.withConnection(target['Location'], target) do |connection|
+                    Linux.withConnection(connection) do |linuxConnection|
+                        Podman.ensurePresent(linuxConnection, options)
+                        Podman.createUser(USER, HOME_DIR, 'SearXNG', linuxConnection, options)
+                        linuxConnection.withUserShell(USER) do |shell|
+                                shell.createDirs(options, '~/config')
+                        end
+                        if !linuxConnection.filePresent?(HOME_DIR + '/config/limiter.toml', { **options, 'dry': false })
+                            linuxConnection.upload(__dir__ + '/limiter.toml', HOME_DIR + '/config/', options)
+                        end
+                        settings = YAML.load_file(__dir__ + '/settings.yml')
+                        if target['Settings']
+                            settings.merge!(target['Settings'])
+                        end
+                        settingsFile = options['output'] + '/settings.yml'
+                        File.write(settingsFile, settings.to_yaml)
+                        linuxConnection.upload(settingsFile, HOME_DIR + '/config/', options)
+                        path = Podman.containersPath(HOME_DIR)
+                        secret = SecureRandom.alphanumeric(30)
+                        linuxConnection.fileWrite("#{path}/SearXNG.env", "SEARXNG_SECRET=#{secret}", { **options, hide: true })
+                        if target['Valkey']
+                            host = Podman.updateHost(target['Valkey']['Host'])
+                            valkeyPassword = nil
+                            if target['Valkey']['SecretId']
+                                valkeyPassword = context.secrets.load(target['Valkey']['SecretId'], 'VALKEY_PASSWORD')
+                            end
+                            redisURL = Valkey.connectionURL({ host: host, password: valkeyPassword })
+                            linuxConnection.fileAppend("#{path}/SearXNG.env", "SEARXNG_REDIS_URL=#{redisURL}", { **options, hide: true })
+                        end
+                        linuxConnection.setUserGroup("#{path}/SearXNG.env", USER, USER, options)
+                        linuxConnection.setPrivate("#{path}/SearXNG.env", options)
+                        linuxConnection.upload(__dir__ + '/SearXNG.container', path, options)
+                        linuxConnection.reloadUserServices(USER, options)
+                        linuxConnection.restartUserService(USER, 'SearXNG', options)
+                    end
+                end
+            end
+            def cleanup(configs, state, context, options)
+                cleanupType(:SearXNG, configs, state, context, options) do |item, id, state, context, options, connection|
+                    Linux.withConnection(connection) do |linuxConnection|
+                        linuxConnection.stopUserService(USER, 'SearXNG', options)
+                        path = Podman.containersPath(HOME_DIR)
+                        linuxConnection.rm(path + '/SearXNG.container', options[:dry])
+                        state.item(id)['Status'] = State::STATUS_DELETED unless options[:dry]
+                        if options[:destroy]
+                            linuxConnection.deleteUserAndGroup(USER, options)
+                            state.item(id)['Status'] = State::STATUS_DESTROYED unless options[:dry]
+                        end
+                    end
+                end
+            end
+        end
+    end
+end

data/Plugins/Apps/SearXNG/limiter.toml ADDED Viewed

@@ -0,0 +1,40 @@
+[real_ip]
+# Number of values to trust for X-Forwarded-For.
+x_for = 1
+# The prefix defines the number of leading bits in an address that are compared
+# to determine whether or not an address is part of a (client) network.
+ipv4_prefix = 32
+ipv6_prefix = 48
+[botdetection.ip_limit]
+# To get unlimited access in a local network, by default link-local addresses
+# (networks) are not monitored by the ip_limit
+filter_link_local = false
+# activate link_token method in the ip_limit method
+link_token = false
+[botdetection.ip_lists]
+# In the limiter, the ip_lists method has priority over all other methods -> if
+# an IP is in the pass_ip list, it has unrestricted access and it is also not
+# checked if e.g. the "user agent" suggests a bot (e.g. curl).
+block_ip = [
+  # '93.184.216.34',  # IPv4 of example.org
+  # '257.1.1.1',      # invalid IP --> will be ignored, logged in ERROR class
+]
+pass_ip = [
+  # '192.168.0.0/16',      # IPv4 private network
+  # 'fe80::/10'            # IPv6 linklocal / wins over botdetection.ip_limit.filter_link_local
+]
+# Activate passlist of (hardcoded) IPs from the SearXNG organization,
+# e.g. `check.searx.space`.
+pass_searxng_org = true

data/Plugins/Apps/SearXNG/settings.yml ADDED Viewed

	@@ -0,0 +1,2 @@
1	+
2	+ use_default_settings: true

data/Plugins/Apps/SigNoz/Config/alerts.yml ADDED Viewed

@@ -0,0 +1,11 @@
+groups:
+- name: ExampleCPULoadGroup
+  rules:
+  - alert: HighCpuLoad
+    expr: system_cpu_load_average_1m > 0.1
+    for: 0m
+    labels:
+      severity: warning
+    annotations:
+      summary: High CPU load
+      description: "CPU load is > 0.1\n  VALUE = {{ $value }}\n  LABELS = {{ $labels }}"

data/Plugins/Apps/SigNoz/Config/otel-collector-config.yaml ADDED Viewed

@@ -0,0 +1,110 @@
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 10.0.2.100:4317
+      http:
+        endpoint: 10.0.2.100:4318
+  prometheus:
+    config:
+      global:
+        scrape_interval: 60s
+      scrape_configs:
+        # otel-collector internal metrics
+        - job_name: otel-collector
+          static_configs:
+          - targets:
+              - 127.0.0.1:8888
+            labels:
+              job_name: otel-collector
+processors:
+  batch:
+    send_batch_size: 10000
+    send_batch_max_size: 11000
+    timeout: 10s
+  signozspanmetrics/delta:
+    metrics_exporter: clickhousemetricswrite
+    metrics_flush_interval: 60s
+    latency_histogram_buckets: [100us, 1ms, 2ms, 6ms, 10ms, 50ms, 100ms, 250ms, 500ms, 1000ms, 1400ms, 2000ms, 5s, 10s, 20s, 40s, 60s ]
+    dimensions_cache_size: 100000
+    aggregation_temporality: AGGREGATION_TEMPORALITY_DELTA
+    enable_exp_histogram: true
+    dimensions:
+      - name: service.namespace
+        default: default
+      - name: deployment.environment
+        default: default
+      # This is added to ensure the uniqueness of the timeseries
+      # Otherwise, identical timeseries produced by multiple replicas of
+      # collectors result in incorrect APM metrics
+      - name: signoz.collector.id
+      - name: service.version
+      - name: browser.platform
+      - name: browser.mobile
+      - name: k8s.cluster.name
+      - name: k8s.node.name
+      - name: k8s.namespace.name
+      - name: host.name
+      - name: host.type
+      - name: container.name
+extensions:
+  health_check:
+    endpoint: 10.0.2.100:13133
+  zpages:
+    endpoint: 10.0.2.100:55679
+  pprof:
+    endpoint: 10.0.2.100:1777
+exporters:
+  clickhousetraces:
+    datasource: tcp://10.0.2.2:19100/signoz_traces
+    low_cardinal_exception_grouping: false
+    use_new_schema: true
+  clickhousemetricswrite:
+    endpoint: tcp://10.0.2.2:19100/signoz_metrics
+    resource_to_telemetry_conversion:
+      enabled: true
+  clickhousemetricswrite/prometheus:
+    endpoint: tcp://10.0.2.2:19100/signoz_metrics
+  signozclickhousemetrics:
+    dsn: tcp://10.0.2.2:19100/signoz_metrics
+  clickhouselogsexporter:
+    dsn: tcp://10.0.2.2:19100/signoz_logs
+    timeout: 10s
+    use_new_schema: true
+  # logging: {}
+service:
+  telemetry:
+    logs:
+      encoding: json
+    metrics:
+      readers:
+        - pull:
+            exporter:
+              prometheus:
+                host: 127.0.0.1
+                port: 8888
+  extensions:
+    - health_check
+    - zpages
+    - pprof
+  pipelines:
+    traces:
+      receivers: [otlp]
+      processors: [signozspanmetrics/delta, batch]
+      exporters: [clickhousetraces]
+    metrics:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [clickhousemetricswrite, signozclickhousemetrics]
+    metrics/prometheus:
+      receivers: [prometheus]
+      processors: [batch]
+      exporters: [clickhousemetricswrite/prometheus, signozclickhousemetrics]
+    logs:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [clickhouselogsexporter]

data/Plugins/Apps/SigNoz/Config/otel-collector-opamp-config.yaml ADDED Viewed

	@@ -0,0 +1 @@
1	+ server_endpoint: ws://10.0.2.2:4320/v1/opamp

data/Plugins/Apps/SigNoz/Config/prometheus.yml ADDED Viewed

@@ -0,0 +1,18 @@
+# my global config
+global:
+  scrape_interval:     5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+  evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+  # scrape_timeout is set to the global default (10s).
+# Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+rule_files:
+  # - "first_rules.yml"
+  # - "second_rules.yml"
+  - 'alerts.yml'
+# A scrape configuration containing exactly one endpoint to scrape:
+# Here it's Prometheus itself.
+scrape_configs: []
+remote_read:
+  - url: tcp://10.0.2.2:19100/signoz_metrics

data/Plugins/Apps/SigNoz/SigNoz-Collector.container ADDED Viewed

@@ -0,0 +1,23 @@
+[Unit]
+Description=OpenTelemetry Collector container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz-Collector
+Image=docker.io/signoz/signoz-otel-collector:$VERSION
+Exec=--config=/etc/otel/otel-collector-config.yaml --copy-path=/var/tmp/collector-config.yaml --manager-config=/etc/otel/otel-collector-opamp-config.yaml
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:4317:4317
+PublishPort=127.0.0.1:4318:4318
+Volume=/var/lib/signoz-collector/otel-collector-config.yaml:/etc/otel/otel-collector-config.yaml
+Volume=/var/lib/signoz-collector/otel-collector-opamp-config.yaml:/etc/otel/otel-collector-opamp-config.yaml
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SigNoz/SigNoz-Migrator.container ADDED Viewed

@@ -0,0 +1,17 @@
+[Unit]
+Description=SigNoz Migrator container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz-Migrator
+Image=docker.io/signoz/signoz-schema-migrator:$VERSION
+Exec=sync --cluster-name default --dsn=$DSN
+Network=slirp4netns:allow_host_loopback=true
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=10min
+[Install]
+WantedBy=multi-user.target default.target

data/Plugins/Apps/SigNoz/SigNoz.conf.erb ADDED Viewed

@@ -0,0 +1,61 @@
+upstream <%= config['Name'] %> {
+    server <%= config['Server'] %>;
+}
+server {
+    <% if config['NginxVersion'] >= 1.25 %>
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        http2 on;
+        http3 on;
+        quic_retry on;
+        add_header Alt-Svc 'h3=":443"; ma=86400';
+    <% else %>
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+    <% end %>
+    include config-lmm/errors.conf;
+    include config-lmm/security.conf;
+    include config-lmm/ssl.conf;
+    server_name <%= config['Domain'] %>;
+    <% if config['CertName'] %>
+        ssl_certificate "/etc/letsencrypt/live/<%= config['CertName'] %>/fullchain.pem";
+        ssl_certificate_key "/etc/letsencrypt/live/<%= config['CertName'] %>/privkey.pem";
+        ssl_trusted_certificate "/etc/letsencrypt/live/<%= config['CertName'] %>/chain.pem";
+    <% end %>
+    client_max_body_size 24M;
+    large_client_header_buffers 8 128k;
+    location / {
+        proxy_pass http://<%= config['Name'] %>;
+        include config-lmm/proxy.conf;
+    }
+    location ~ ^/api/(v1|v3)/logs/(tail|livetail){
+        proxy_pass http://<%= config['Name'] %>;
+        # connection will be closed if no data is read for 600s between successive read operations
+        proxy_read_timeout 600s;
+        # dont buffer the data send it directly to client.
+        proxy_buffering off;
+        proxy_cache off;
+    }
+    location /api {
+        proxy_pass http://<%= config['Name'] %>/api;
+        # connection will be closed if no data is read for 600s between successive read operations
+        proxy_read_timeout 600s;
+    }
+    location /ws {
+        proxy_pass  http://<%= config['Name'] %>/ws;
+        proxy_read_timeout 600s;
+    }
+}

data/Plugins/Apps/SigNoz/SigNoz.container ADDED Viewed

@@ -0,0 +1,26 @@
+[Unit]
+Description=SigNoz container
+After=local-fs.target
+[Container]
+ContainerName=SigNoz
+Image=docker.io/signoz/signoz-community:$VERSION
+Exec=--use-logs-new-schema=true --use-trace-new-schema=true --cluster default
+EnvironmentFile=/var/lib/signoz/.config/containers/systemd/SigNoz.env
+Network=slirp4netns:allow_host_loopback=true
+PublishPort=127.0.0.1:4320:4320
+PublishPort=127.0.0.1:6060:6060
+PublishPort=127.0.0.1:18600:8080
+Volume=/var/lib/signoz/config:/root/config
+Volume=/var/lib/signoz/data:/var/lib/signoz
+LogDriver=journald
+AutoUpdate=registry
+[Service]
+TimeoutStartSec=6min
+TimeoutStopSec=3min
+Restart=on-failure
+[Install]
+WantedBy=multi-user.target default.target