README.md

@@ -67,7 +67,6 @@ see https://linuxize.com/post/how-to-add-swap-space-on-ubuntu-20-04/
 # ufw allow ssh
 # ufw allow http
 # ufw allow https
-# ufw allow 1883 # MQTT
 # ufw enable
 ```
 
@@ -187,7 +186,7 @@ Group=joerg
 ExecStartPre=/usr/bin/docker-compose pull --quiet --ignore-pull-failures
 ExecStartPre=/usr/bin/docker-compose build --pull
 
-ExecStart=/usr/bin/docker-compose up --remove-orphans --no-color
+ExecStart=/usr/bin/docker-compose up --remove-orphans
 
 ExecStop=/usr/bin/docker-compose down --remove-orphans
 
@@ -205,70 +204,6 @@ WantedBy=multi-user.target
 # systemctl enable --now docker-compose@nbit_websites
 ```
 
-## Logging
-
-```bash
-root@moby:~# cat /etc/docker/daemon.json
-{
-	"log-driver": "syslog",
-	"log-opts": {
-		"syslog-address": "unixgram:///dev/log",
-		"tag": "docker/{{.Name}}"
-	}
-}
-```
-
-```bash
-root@moby:~# grep -C 3 PreserveFQDN /etc/rsyslog.conf
-$IncludeConfig /etc/rsyslog.d/*.conf
-
-# see https://www.commandprompt.com/blog/docker-logging-with-rsyslog/
-$PreserveFQDN on
-```
-
-```bash
-root@moby:~# cat /etc/rsyslog.d/10-docker.conf
-$FileCreateMode 0644
-$template DockerDaemonLogFileName, "/var/log/docker/docker.log"
-$template DockerContainerLogFileName, "/var/log/docker/%SYSLOGTAG:R,ERE,1,FIELD:docker/(.*)\[--end:secpath-replace%.log"
-if $programname == 'dockerd'
-then {
-	?DockerDaemonLogFileName
-	stop
-}
-if $programname == 'containerd'
-then {
-	?DockerDaemonLogFileName
-	stop
-}
-if $programname == 'docker'
-then {
-	if $syslogtag contains 'docker/'
-	then {
-		?DockerContainerLogFileName
-		stop
-	}
-}
-$FileCreateMode 0600
-```
-
-```bash
-root@moby:~# cat /etc/logrotate.d/rsyslog-docker
-/var/log/docker/*.log
-{
-	daily
-	rotate 10
-	minsize 200M
-	missingok
-	notifempty
-	compress
-	sharedscripts
-	postrotate
-		/usr/lib/rsyslog/rsyslog-rotate
-	endscript
-}
-```
-
 
 ## Wordpress behind Traefik
 
@@ -315,100 +250,3 @@ for dnsserver in ns1.nbit.ch ns2.nbit.ch ; do
   sleep 10
 done
 ```
-
-
-### DNS Slave Server
-
-Dieser Server dient auch als DNS Slave Server (ns2.nbit.ch)
-
-```bash
-# ufw allow domain
-# apt install bind9
-
-add Zones to /etc/bind/named.conf.local:
-
-zone "nbit.ch" IN {
-  type slave;
-  file "nbit.ch.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "linux-freelancer.ch" IN {
-  type slave;
-  file "linux-freelancer.ch.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "mini-beieli.ch" IN {
-  type slave;
-  file "mini-beieli.ch.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "wo-bisch.ch" IN {
-  type slave;
-  file "wo-bischch.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "ch-wirth.ch" IN {
-  type slave;
-  file "ch-wirth.ch.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "cmoag.com" IN {
-  type slave;
-  file "cmoag.com.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-
-zone "acmoag.com" IN {
-  type slave;
-  file "acmoag.com.zone";
-  allow-notify { 94.130.184.127; 2a01:4f8:c2c:12ed::1; };
-  masters {
-    94.130.184.127; 2a01:4f8:c2c:12ed::1;
-  };
-  allow-transfer {
-        127.0.0.1;
-  };
-};
-```
-

nbit-mqtt/README.md

@@ -1,10 +0,0 @@
-MQTT Broker for shelly, mqtt.nbit.ch, no TLS, Port 1883
-
-Setup, see https://www.laub-home.de/wiki/Eclipse_Mosquitto_Secure_MQTT_Broker_Docker_Installation#Mosquitto_via_Docker_Compose
-
-Create User:
-$ docker-compose exec mosquitto mosquitto_passwd -c /mosquitto/config/mosquitto.passwd mqtt
-
-
-Idea for Python Script:
-https://schroederdennis.de/monitoring/tasmota-mqtt-daten-mit-grafana-visualisieren-python-influxdb-script/

nbit-mqtt/docker-compose.yml

@@ -1,42 +0,0 @@
-version: '3.7'
-
-services:
-  mosquitto:
-    image: eclipse-mosquitto:latest
-    restart: always
-    volumes:
-      - /home/joerg/nbit-mqtt/config:/mosquitto/config
-      - /home/joerg/nbit-mqtt/data:/mosquitto/data
-      - /home/joerg/nbit-mqtt/log:/mosquitto/log
-    environment:
-      TZ: Europe/Zurich
-    network_mode: host
-    tty: true
-
-  mqtt2log:
-    build: mqtt2log-build
-    tty: true
-    volumes:
-      - /home/joerg/nbit-mqtt/data-shellies:/data
-
-  mqtt2prometheus:
-    image: ghcr.io/hikhvar/mqtt2prometheus:latest 
-    command:
-      - /mqtt2prometheus
-      - -log-level
-      - debug
-      - -config
-      - /config.yaml
-    ports:
-      - 9641:9641
-    volumes:
-      - type: bind
-        source: ./mqtt2prometheus-config.yaml
-        target: /config.yaml
-
-  prometheus:
-    image: prom/prometheus:latest
-    volumes:
-      - type: bind
-        source: ./prometheus.yml
-        target: /etc/prometheus/prometheus.yml

nbit-mqtt/mqtt2log-build/Dockerfile

@@ -1,5 +0,0 @@
-FROM python:3.10
-ADD . /code
-WORKDIR /code
-RUN pip install --root-user-action ignore -r requirements.txt 
-CMD ["python", "mqtt2log.py"]

nbit-mqtt/mqtt2log-build/mqtt2log.py

@@ -1,65 +0,0 @@
-import re
-import json
-from typing import NamedTuple
-from datetime import datetime
- 
-import paho.mqtt.client as mqtt
- 
-MQTT_ADDRESS = 'mqtt.nbit.ch'
-MQTT_USER = 'mqtt'
-MQTT_PASSWORD = 'mqtt7355@'
-MQTT_TOPIC = 'shellies/events/rpc'
-MQTT_CLIENT_ID = 'MQTT_Logfile_Bridge'
- 
-def on_connect(client, userdata, flags, rc):
-    """ The callback for when the client receives a CONNACK response from the server."""
-    print('Connected with result code ' + str(rc))
-    client.subscribe(MQTT_TOPIC)
- 
-def _parse_mqtt_message(topic, payload):
-    print("_parse_mqtt_message")
-    payload = json.loads(payload)
-    src = payload.get('src','N/A')
-    if 'params' in payload.keys():
-        ts = payload['params'].get('ts',-1)
-        if 'switch:0' in payload['params'].keys():
-            if 'aenergy' in payload['params']['switch:0'].keys():
-                if 'total' in payload['params']['switch:0']['aenergy'].keys():
-                    return "E,%.0f,%s,%.3f" % (ts,src,payload['params']['switch:0']['aenergy']['total'])
-            if 'apower' in payload['params']['switch:0'].keys():
-                return "P,%.0f,%s,%.1f" % (ts,src,payload['params']['switch:0']['apower'])
-    else:
-        return None
-
-def write2file(msg):
-    now = datetime.now() # current date and time
-    filename = "/data/" + now.strftime("%Y%m%d") + ".log"
-    f = open(filename, "a")
-    f.write(msg + "\n")
-    f.close()
- 
-def on_message(client, userdata, msg):
-    """The callback for when a PUBLISH message is received from the server."""
-    #print(msg.topic + ' ' + str(msg.payload))
-    result = _parse_mqtt_message(msg.topic, msg.payload.decode('utf-8'))
-    if result is None:
-        print("Couldn't parse sensor data!")
-        print(msg.payload.decode('utf-8'))
-        return
-    else:
-        write2file(result)
-        return
- 
-def main():
-    mqtt_client = mqtt.Client(MQTT_CLIENT_ID)
-    mqtt_client.username_pw_set(MQTT_USER, MQTT_PASSWORD)
-    mqtt_client.on_connect = on_connect
-    mqtt_client.on_message = on_message
- 
-    mqtt_client.connect(MQTT_ADDRESS, 1883)
-    mqtt_client.loop_forever()
- 
- 
-if __name__ == '__main__':
-    print('MQTT to Logfile bridge')
-    main()

nbit-mqtt/mqtt2log-build/requirements.txt

@@ -1 +0,0 @@
-paho-mqtt

nbit-mqtt/mqtt2prometheus-config.yaml

@@ -1,33 +0,0 @@
-mqtt:
-  server: tcp://mqtt.nbit.ch:1883
-  user: mqtt
-  password: mqtt7355@
-  topic_path: shellies/events/rpc
-  device_id_regex: "(.*/)?(?P<deviceid>.*)"
-  qos: 0
-cache:
-  timeout: 24h
-json_parsing:
-  separator: .
-metrics:
-    # The name of the metric in prometheus
-  - prom_name: aenergy_total
-    # The name of the metric in a MQTT JSON message
-    mqtt_name: params.switch:0.aenergy.total
-    # The prometheus help text for this metric
-    help: total energy
-    # The prometheus type for this metric. Valid values are: "gauge" and "counter"
-    type: gauge
-    # A map of string to string for constant labels. This labels will be attached to every prometheus metric
-    const_labels:
-      sensor_type: shelly
-  - prom_name: apower
-    # The name of the metric in a MQTT JSON message
-    mqtt_name: params.switch:0.apower
-    # The prometheus help text for this metric
-    help: current power
-    # The prometheus type for this metric. Valid values are: "gauge" and "counter"
-    type: gauge
-    # A map of string to string for constant labels. This labels will be attached to every prometheus metric
-    const_labels:
-      sensor_type: shelly

nbit-mqtt/prometheus.yml

@@ -1,19 +0,0 @@
-global:
-  scrape_interval: 5m
-  scrape_timeout: 10s
-  evaluation_interval: 15s
-scrape_configs:
-  - job_name: mqtt2prometheus
-    honor_timestamps: true
-    scrape_interval: 5m
-    scrape_timeout: 10s
-    metrics_path: /metrics
-    scheme: http
-    static_configs:
-      - targets:
-          - mqtt2prometheus:9641
-remote_write:
-  - basic_auth:
-      password: eyJrIjoiOWJlNzM1ODYzY2JjZmE5MTA5YTcyNzJlNTk3MjllY2U3YjViMDk1NSIsIm4iOiJzdGFjay00NDQyODktZWFzeXN0YXJ0LXByb20tcHVibGlzaGVyIiwiaWQiOjcxNzI1MX0=
-      username: 589349
-    url: https://prometheus-prod-01-eu-west-0.grafana.net/api/prom/push

proxy/docker-compose.yml

@@ -3,7 +3,7 @@ version: "3.5"
 services:
 
   traefik:
-    image: "traefik:v2.9"
+    image: "traefik:v2.4"
     command:
       #- "--log.level=DEBUG"
       - "--api.insecure=true"
@@ -19,8 +19,10 @@ services:
       - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
       - "--providers.file.directory=/configuration/"
       - "--providers.file.watch=true"
-      - "--accesslog=true"
-    network_mode: host
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8080:8080"
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
       - "data-volume:/letsencrypt"

wo-bisch_dev/docker-compose.yml

@@ -1,62 +0,0 @@
-version: '3.7'
-services:
-  influxdb:
-    image: influxdb:latest
-    volumes:
-      - influxdb2:/var/lib/influxdb2
-    restart: always
-    expose:
-      - 8086
-
-  redis:
-    image: redis:latest
-    restart: always
-    expose:
-      - 5432
-    volumes:
-      - cache:/data
-
-  telegraf:
-    image: telegraf:latest
-    restart: always
-    volumes:
-      - lorahandlerdata:/data
-      - ./telegraf.conf:/etc/telegraf/telegraf.conf
-
-  lorahandler:
-    image: wo-bisch-lorahandler:latest
-    restart: always
-    volumes:
-      - lorahandlerdata:/data
-    environment:
-      - REDIS_CONNECTION_STRING=redis:6379
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.wobischdevlorahandler.rule=Host(`dev2.wo-bisch.ch`) && PathPrefix(`/lorahandler`)
-      - traefik.http.routers.wobischdevlorahandler.entrypoints=websecure
-
-  web:
-    image: wo-bisch-web:latest
-    restart: always
-    environment:
-      - REDIS_CONNECTION_STRING=redis:6379
-      - INFLUX_URL=http://influxdb:8086/api/v2/query?org=wobischorg
-      - INFLUX_RO_TOKEN=TQvQxxLLAj1kTKWuEqcx7BA-KfE6WtJUeDlPa_Dnvms6Zqf6uh6lMbpXtzcsCjKO_x3PrpxxGDR5E6YnDB5PFg==
-      - STRIPE_KEY=sk_test_51Icq29K2XyHQRTs20aEeyUHH3WgE6nBkAKUFuXsQtbnZNIP5fap5zTLTaA0XvhIcRHkqt3vJ2nui6df8R9VDuDDh00nhzmWdHr
-      - STRIPE_PK=pk_test_51Icq29K2XyHQRTs2DeltUIWrbFb5evfJVGaQzMv4r50g8Q7HAUkSFr7BBGv0aP1damXIhM6fZ4Yf9Wz0qW6TpTVi00dWcW7J1O
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.wobischdev.rule=Host(`dev2.wo-bisch.ch`)
-      - traefik.http.routers.wobischdev.entrypoints=websecure
-      - traefik.http.routers.wobischdev.tls.certresolver=myresolver
-      - traefik.http.routers.wobischdev.tls.domains[0].main=dev2.wo-bisch.ch
-
-volumes:
-  influxdb2:
-  cache:
-  lorahandlerdata:
-
-networks:
-  default:
-    external: true
-    name: proxy_default

wo-bisch_dev/telegraf.conf

@@ -1,31 +0,0 @@
-[global_tags]
-
-# Configuration for telegraf agent
-[agent]
-  interval = "10s"
-  round_interval = true
-  metric_batch_size = 1000
-  metric_buffer_limit = 100000
-  collection_jitter = "0s"
-  flush_interval = "10s"
-  flush_jitter = "0s"
-  precision = ""
-  debug = false
-  quiet = false
-  logfile = ""
-  hostname = ""
-  omit_hostname = false
-
-[[inputs.tail]]
-  files = ["/data/wo-bisch-lorahandler.log"]
-  from_beginning = false
-  pipe = false
-  tagexclude = ["path","host"]
-  data_format = "influx"
-
-# Configuration for sending metrics to InfluxDB 2.0
-[[outputs.influxdb_v2]]
-  urls = ["http://influxdb:8086"]
-  token = "PWuleFEPB2YSduUkzkcW94V_-KFDK5Fi3MAeaA999Qe51OsGlJJSrcZ41pUAppCwF-z3rUNnyFQQJs8fCSTFzg=="
-  organization = "wobischorg"
-  bucket = "wobischbucket"

wordpress-acmoag/docker-compose.yml

@@ -1,7 +1,7 @@
 version: '3.7'
 services:
   db_wp_acmoag:
-    image: mysql:8.0
+    image: mysql:8.0.19
     cap_add:
       - SYS_NICE  # CAP_SYS_NICE
     command: '--default-authentication-plugin=mysql_native_password'

wordpress-cmoag/docker-compose.yml

@@ -1,7 +1,7 @@
 version: '3.7'
 services:
   db:
-    image: mysql:8.0
+    image: mysql:8.0.19
     cap_add:
       - SYS_NICE  # CAP_SYS_NICE
     command: '--default-authentication-plugin=mysql_native_password'