From 476f3794faf0d5e863f2912e5fe1dc8cb76abc07 Mon Sep 17 00:00:00 2001 From: Alexandre <44178713+alexbelgium@users.noreply.github.com> Date: Mon, 12 Jan 2026 13:49:39 +0100 Subject: [PATCH] nobuild --- karakeep/CHANGELOG.md | 226 ------------------ karakeep/DOCS.md | 42 ---- karakeep/Dockerfile | 121 ---------- karakeep/README.md | 1 - karakeep/addon_info.yaml | 16 -- karakeep/build.yaml | 3 - karakeep/config.yaml | 68 ------ karakeep/icon.png | Bin 2112 -> 0 bytes karakeep/logo.png | Bin 30742 -> 0 bytes karakeep/rootfs/etc/fonts/local.conf | 31 --- karakeep/rootfs/etc/nginx/includes/mime.types | 96 -------- .../etc/nginx/includes/proxy_params.conf | 15 -- .../rootfs/etc/nginx/includes/resolver.conf | 1 - .../etc/nginx/includes/server_params.conf | 6 - .../rootfs/etc/nginx/includes/ssl_params.conf | 8 - karakeep/rootfs/etc/nginx/nginx.conf | 52 ---- karakeep/rootfs/etc/nginx/servers/.gitkeep | 0 .../rootfs/etc/nginx/templates/direct.gtpl | 31 --- .../rootfs/etc/nginx/templates/upstream.gtpl | 3 - .../init-addon-config/dependencies.d/base | 0 .../s6-overlay/s6-rc.d/init-addon-config/run | 59 ----- .../s6-overlay/s6-rc.d/init-addon-config/type | 1 - .../s6-overlay/s6-rc.d/init-addon-config/up | 1 - .../dependencies.d/init-folders | 0 .../dependencies.d/svc-chrome | 0 .../dependencies.d/svc-meilisearch | 0 .../dependencies.d/init-addon-config | 0 .../etc/s6-overlay/s6-rc.d/init-folders/run | 8 - .../etc/s6-overlay/s6-rc.d/init-folders/type | 1 - .../etc/s6-overlay/s6-rc.d/init-folders/up | 1 - .../dependencies.d/init-addon-config | 0 .../etc/s6-overlay/s6-rc.d/init-nginx/run | 49 ---- .../etc/s6-overlay/s6-rc.d/init-nginx/type | 1 - .../etc/s6-overlay/s6-rc.d/init-nginx/up | 1 - .../svc-chrome/dependencies.d/init-folders | 0 .../etc/s6-overlay/s6-rc.d/svc-chrome/run | 148 ------------ .../etc/s6-overlay/s6-rc.d/svc-chrome/type | 1 - .../etc/s6-overlay/s6-rc.d/svc-chrome/up | 1 - .../dependencies.d/init-folders | 0 .../s6-overlay/s6-rc.d/svc-meilisearch/run | 12 - .../s6-overlay/s6-rc.d/svc-meilisearch/type | 1 - .../etc/s6-overlay/s6-rc.d/svc-meilisearch/up | 1 - .../svc-nginx/dependencies.d/init-nginx | 0 .../etc/s6-overlay/s6-rc.d/svc-nginx/run | 9 - .../etc/s6-overlay/s6-rc.d/svc-nginx/type | 1 - .../etc/s6-overlay/s6-rc.d/svc-nginx/up | 1 - .../s6-rc.d/user/contents.d/init-addon-config | 0 .../s6-rc.d/user/contents.d/init-nginx | 0 .../s6-rc.d/user/contents.d/svc-chrome | 0 .../s6-rc.d/user/contents.d/svc-meilisearch | 0 .../s6-rc.d/user/contents.d/svc-nginx | 0 .../usr/local/bin/ssl-check-generate.sh | 47 ---- karakeep/rootfs/usr/local/bin/ssl-keygen.sh | 57 ----- karakeep/rootfs/var/log/nginx/.gitkeep | 0 54 files changed, 1121 deletions(-) delete mode 100644 karakeep/CHANGELOG.md delete mode 100644 karakeep/DOCS.md delete mode 100644 karakeep/Dockerfile delete mode 100644 karakeep/README.md delete mode 100644 karakeep/addon_info.yaml delete mode 100644 karakeep/build.yaml delete mode 100644 karakeep/config.yaml delete mode 100644 karakeep/icon.png delete mode 100644 karakeep/logo.png delete mode 100644 karakeep/rootfs/etc/fonts/local.conf delete mode 100644 karakeep/rootfs/etc/nginx/includes/mime.types delete mode 100644 karakeep/rootfs/etc/nginx/includes/proxy_params.conf delete mode 100644 karakeep/rootfs/etc/nginx/includes/resolver.conf delete mode 100644 karakeep/rootfs/etc/nginx/includes/server_params.conf delete mode 100644 karakeep/rootfs/etc/nginx/includes/ssl_params.conf delete mode 100644 karakeep/rootfs/etc/nginx/nginx.conf delete mode 100644 karakeep/rootfs/etc/nginx/servers/.gitkeep delete mode 100644 karakeep/rootfs/etc/nginx/templates/direct.gtpl delete mode 100644 karakeep/rootfs/etc/nginx/templates/upstream.gtpl delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/dependencies.d/base delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/init-folders delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-chrome delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-meilisearch delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/dependencies.d/init-addon-config delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-addon-config delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/dependencies.d/init-folders delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/dependencies.d/init-folders delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-nginx delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/run delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/type delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/up delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-addon-config delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-chrome delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-meilisearch delete mode 100644 karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx delete mode 100755 karakeep/rootfs/usr/local/bin/ssl-check-generate.sh delete mode 100755 karakeep/rootfs/usr/local/bin/ssl-keygen.sh delete mode 100644 karakeep/rootfs/var/log/nginx/.gitkeep diff --git a/karakeep/CHANGELOG.md b/karakeep/CHANGELOG.md deleted file mode 100644 index 08ca4a644..000000000 --- a/karakeep/CHANGELOG.md +++ /dev/null @@ -1,226 +0,0 @@ -# 0.30.0 (New year release 🎁) - -Welcome to the 0.30.0 release of Karakeep and happy new year! This release comes with "2025 wrapped" (a bit late), PDF archives, new reader settings, avatars, reddit crawling improvements, and more! Huge thanks to our contributors for this release @esimkowitz, @Moondragon85, @rzxczxc, @colado, @Yeraze, @eriktews and everyone who shipped code, triaged bugs, or shared feedback for this release. - -> If you enjoy using Karakeep, consider supporting the project [here ☕️](https://buymeacoffee.com/mbassem) or via GitHub [here](https://github.com/sponsors/MohamedBassem). - -Buy Me A Coffee - -And in case you missed it, we now have a ☁️ managed offering ☁️ for those who don't want to self-host. We're in public beta now and you can signup [here](https://cloud.karakeep.app) 🎉. - -# New Features 🚀 - -- 2025 Wrapped is here to celebrate your year in Karakeep (#2322). -- PDF archives - - Archive bookmarks as PDFs, generated automatically during crawling or on-demand (#2309). - - Set `CRAWLER_STORE_PDF=true` to enable auto PDF archiving. -- Unified reader settings (font, size, etc) across all devices with per-device overrides (#2230). By @esimkowitz! -- Better metadata extraction: - - Reddit posts should now be crawled correctly, and banners should be fetched more reliably. - - Fixed YouTube thumbnail and author extraction. - - Fixed Amazon product image extraction (where it was sometimes showing the prime logo) (#2204, #2108). By @Yeraze -- Upload custom user avatars for more personal profiles (#2296). -- AI Setting customization: - - Customize tag styling (case, separators, language) per user. It's highly recommended to set the tag style for more consistent tags (#2312). - - Per-user toggles to disable auto-tagging and/or auto-summarization (#2275). -- Others: - - Import libraries from Matter with full export support (#2245). By @Moondragon85 - - Bulk remove bookmarks from lists (#2279). - - Add a new rule condition to rule engine: "URL Does Not Contain" (#2280). - - Configure an OpenAI proxy via `OPENAI_PROXY_URL` (#2231). By @rzxczxc - - Added `is:broken` search qualifier to show links that failed crawling (#2225). - - Edit list now in the mobile app (#2310). By @colado - -# UX Improvements ✨ - -- Our docs got a facelift! The docs got some styling, the pages got re-organized and we now have a "Using Karakeep" section that explains some of the core concepts of Karakeep. -- Replace bookmark banners and download attachments directly from the drop down menu (#2328). -- Sidebar scrollbar looks cleaner, and pending list invites show as a badge in the sidebar. -- Bookmark edit dialog now includes notes. -- Bookmark owner avatars now show up in collaborative lists. -- Mobile UI/UX improvements: - - Fixed title on mobile to be at most 2 lines long. - - Mobile settings screens should now feel more native (#2307). - - OLED-friendly colors in the Android app matching the colors of the ios app (#1958). - - Toasts on iOS now appear correctly above the open modals (#2320). By @colado - - Shared lists now appear in a dedicated subsection on mobile. - - Adding a bookmark to a list now shows a spinner during loading (#2283). - - Server version now appears in mobile settings (#2276). - - Fixed the confusing "tick button" beside the server address during login. - -# Fixes 🔧 - -- Fixed missing db indicies that was causing slow bookmark queries (#2246, #2287). -- Improved Ollama summaries by using the generate endpoint (#2324). By @eriktews -- Fixed HTML bookmark imports failing on empty folder names (#2300). -- Fixed non-link bookmarks stuck in pending summarization (#1605). -- Improved tagging prompts and error-page detection. -- Reject spoofed content types on file uploads. -- Preserve failure counts when rescheduling rate-limited domains (#2303). -- Fixed duplicate backdrop buttons in reader view (#2234). By @colado -- RSS feed fetching is now spread over the hour (#2227). -- Asset preprocessing worker timeout is now configurable (91784cd2). -- Fixed bypassing email verification in apiKey.exchange. -- Added limits on number of rss feeds and webhooks per user configurable by admins. -- Fixed a bug where failed crawling leave bookmarks as pending tagging in the admin dashboard. - -# For Developers 🛠️ - -- OpenTelemetry integration with OTLP exporter (#2318, #2321). -- CLI can list users for admins. -- We're now defaulting to Node.js 24 (the current LTS). -- Breaking: In bookmark APIs `includeContent` now defaults to `false`. This change was announced a couple months ago, and is taking effect in this release. - -# Community Projects 💡 - -- Karakeep integration for Home Assistant (#2196) by @sli-cka. Get it from [here](https://github.com/sli-cka/karakeep-homeassistant). - -# Screenshots 📸 - -## Wrapped 2025 - -![karakeep-wrapped-2025](https://github.com/user-attachments/assets/0e1e3d25-c827-4974-8f0a-9b7b4a75f859) - -## Reader Settings - -![https://github.com/user-attachments/assets/4d81cb80-f9b8-43f2-998a-736f18e33038](https://github.com/user-attachments/assets/4d81cb80-f9b8-43f2-998a-736f18e33038). - - -### AI Settings - -![https://github.com/user-attachments/assets/48032bf6-5413-44ee-9c3b-ac7b385aeccf](https://github.com/user-attachments/assets/48032bf6-5413-44ee-9c3b-ac7b385aeccf) - - - -# Upgrading 📦 - -To upgrade: -* If you're using `KARAKEEP_VERSION=release`, run `docker compose pull && docker compose up -d`. -* If you're pinning it to a specific version, bump the version and then run `docker compose pull && docker compose up -d`. - -# All Commits - -* i18n: fix en_US translation - @MohamedBassem in d472a3a1 -* fix: fix wrapped feature to only show bookmarks in 2025 - @MohamedBassem in 4077e286 -* i18n: Sync weblate translations - Weblate in 401ea6a9 -* chore: drop the experimental tag from the rule engine - @MohamedBassem in bf9d6105 -* fix: show a toast during banner upload - @MohamedBassem in 9555f409 -* fix: don't switch the bookmark back to pending on recrawl - @MohamedBassem in 79400d04 -* fix: use the Ollama generate endpoint instead of chat (#2324) - @eriktews in e8c79f29 -* feat: add replace banner and attachment download (#2328) - @MohamedBassem in 3d652eee -* feat: Add bulk remove from list (#2279) - @MohamedBassem in 7a76216e -* feat: add "URL Does Not Contain" condition to rule engine (#2280) - @MohamedBassem in b20ba9cf -* feat: 2025 wrapped (#2322) - @MohamedBassem in a0b4a26a -* chore: worker tracing (#2321) - @MohamedBassem in 7ab7db8e -* feat(landing): add corporate pricing - @MohamedBassem in d852ee1a -* fix(mobile): mobile modal UI issues (#2320) - @colado in a43d375f -* ci: fix tests - @MohamedBassem in 9d6b1282 -* feat: change default for tag style to be title case with spaces - @MohamedBassem in 9098a5a6 -* fix: more tagging tweaks - @MohamedBassem in c1cbaa8a -* build: fix broken CI - @MohamedBassem in a5ce977d -* fix: change prompt to better recognize error pages - @MohamedBassem in f5a5c14e -* refactor: reduce duplication in compare-models tool - @MohamedBassem in f00287ed -* chore: add tracing for email functions - @MohamedBassem in ba8d84a5 -* feat(mobile): create new list edit screen (#2310) - @colado in 30fa06fe -* feat: Add open telemetry (#2318) - @MohamedBassem in 5537fe85 -* fix: reset tagging status on crawl failure (#2316) - @MohamedBassem in f7920bdc -* feat: add the ability to specify a different changelog version - @MohamedBassem in 10820761 -* fix: remove duplicate mobile backdrop button in reader view (#2234) - @esimkowitz in 3f44e319 -* fix(landing): fix cloud banner on mobile - @MohamedBassem in 23f28530 -* refactor: add suspense boundary in sidebar layout - @MohamedBassem in 3c3d8685 -* feat(mobile): make the settings menu look more native (#2307) - @MohamedBassem in 6ee48ffb -* feat(web): better looking scrollbar in the sidebar - @MohamedBassem in f7523a21 -* feat(mobile): use oled friendly colors for android app. fixes #1958 - @MohamedBassem in e800d744 -* refactor: migrate toasts to sonner - @MohamedBassem in 173fb99a -* feat: add customizable tag styles (#2312) - @MohamedBassem in af3010ab -* feat: add Matter import support (#2245) - @Moondragon85 in 93630ce8 -* feat: support archiving as pdf (#2309) - @MohamedBassem in 267db791 -* feat: add OPENAI_PROXY_URL configuration and support for proxy in OpenAI client (#2231) - @rzxczxc in bb6b742a -* fix(tests): fix the asset upload tests - @MohamedBassem in e82694de -* fix: reject spoofed content types on uploads - @MohamedBassem in 2dbdf76c -* deps: upgrade tesseract to v7 - @MohamedBassem in 347793ad -* feat(landing): announce cloud public beta in landing page - @MohamedBassem in c3b2326c -* chore: add a tool for comparing perf of different models - @MohamedBassem in 1dfa5d12 -* feat: add notes to the bookmark edit dialog - @MohamedBassem in ecb7a710 -* fix(restate): change journal retention for services to 3d - @MohamedBassem in 0efffdcc -* fix(cli): migrate bookmark source in migration command - @MohamedBassem in 65cfa871 -* fix: preserve failure count when rescheduling rate limited domains (#2303) - @MohamedBassem in ddd4b578 -* feat: show bookmark owner icon in shared lists (#2277) - @MohamedBassem in ef27670f -* fix: make avatars public - @MohamedBassem in f7d34627 -* refactor: move assets to their own model (#2301) - @MohamedBassem in 013ca67c -* feat: add support for user avatars (#2296) - @MohamedBassem in 314c363e -* fix: handle empty folder names in HTML bookmark imports (#2300) - @MohamedBassem in 3408e6e4 -* feat: add a warning about viewing archives inline. fixes #2286 - @MohamedBassem in e336513f -* fix(tests): fix the user setting tests - @MohamedBassem in 258bebe0 -* feat: Add user settings to disable auto tagging/summarization (#2275) - @MohamedBassem in 0bdba54b -* feat(mobile): Convert server address editing to modal in mobile app (#2290) - @MohamedBassem in ece68ed0 -* fix: check quota usage instead bookmark transaction - @MohamedBassem in ca4bfa4c -* fix: optimize tagging db queries (#2287) - @MohamedBassem in e18dc4c9 -* docs: shuffle some docs around - @MohamedBassem in 4762da12 -* docs: add RSS feeds integration documentation (#2288) - @MohamedBassem in 903aa5e9 -* feat(restate): Add a var to control whether to expose core services or not - @MohamedBassem in dc8ab862 -* feat: add more restate semaphore controls - @MohamedBassem in 58eb6c00 -* feat(mobile): Show shared lists under a subsection - @MohamedBassem in 837dea5e -* fix(mobile): Fix title line clamp to 2 lines - @MohamedBassem in 15cfa137 -* fix(mobile): Add loading spinner to mobile list button (#2283) - @MohamedBassem in 7b98c52a -* feat: add server version display to mobile app settings (#2276) - @MohamedBassem in bd969b34 -* fix: add authentication checks to settings layout (#2274) - @MohamedBassem in e53f3ae5 -* fix: only trigger search autocomplete on first search char - @MohamedBassem in 92e352f3 -* feat(landing): remove waitlist link. fixes #2270 - @MohamedBassem in e842c5a7 -* fix: don't fail the script if the user karakeep already exists. fixes #2242 - @MohamedBassem in e78e5129 -* fix: collapse reader settings by default - @MohamedBassem in 3955f91a -* docs: Add icons beside category names - @MohamedBassem in 9021822a -* Revert "fix: fix restate service to return control to restate service on timeout" - @MohamedBassem in 510174db -* feat: Add unified reader settings with local overrides (#2230) - @esimkowitz in 7f4202af -* fix: fix restate service to return control to restate service on timeout - @MohamedBassem in 6db14ac4 -* fix: non-link bookmarks where stuck in pending summarization. Fixes #1605 - @MohamedBassem in d7357118 -* fix: move trpc error logging inside the dev check - @MohamedBassem in 0b65e5a4 -* fix: Fix Amazon product image extraction on amazon.com URLs (#2108) - @Yeraze in b3196354 -* feat: use reddit API for metadata extraction. Fixes #1853 #1883 - @MohamedBassem in f5c32d94 -* fix: use GET requests for the content type request - @MohamedBassem in d6dd8ebd -* docs: fix sidebar on mobile - @MohamedBassem in f111cba9 -* feat: Add limits on number of rss feeds and webhooks per user - @MohamedBassem in 74df8bd7 -* release(cli): Bump CLI version to 0.29.1 - @MohamedBassem in 697c853a -* readme: some readme updates - @MohamedBassem in 1ebc721c -* docs: Update screenshots in docs - @MohamedBassem in c6cf4188 -* docs: Adding user guides - @MohamedBassem in 04b9c291 -* docs: drop docs for old versions - @MohamedBassem in fecb0079 -* docs: restructure the docs - @MohamedBassem in af69f637 -* docs: restyle the docs - @MohamedBassem in b4344401 -* ci: run CI with node 24 - @MohamedBassem in 2bdba536 -* deps: Upgrade to nodejs 24 - @MohamedBassem in 480abce4 -* fix!: changing default for includeContent to be false in the API - @MohamedBassem in 1369ad01 -* deps: Upgrade nextjs to 15.3.8 - @MohamedBassem in 80278ecf -* deps: Upgrade nextjs to 15.3.7 - @MohamedBassem in 74bdc186 -* fix: add more indicies for faster bookmark queries (#2246) - @MohamedBassem in 683083f4 -* feat: make asset preprocessing worker timeout configurable - @Claude in 91784cd2 -* fix: Add cache control header on asset endpoints - @MohamedBassem in 3e8cc745 -* chore: Allowing multi user benchmarks and adding more coverage - @MohamedBassem in 265b6773 -* feat(cli): Add ability to list users for the admin in the CLI - @MohamedBassem in 69a756aa -* fix: fix correctly accounting for text bookmark in import sessions. #2208 - @MohamedBassem in 6886385c -* fix: check import quota before importing bookmarks (#2232) - @MohamedBassem in 20d3761c -* build: fix typecheck error in query explainer - @MohamedBassem in b6c2dadd -* fix: migrate to metascraper-x from metascraper-twitter - @MohamedBassem in c6f93b3b -* feat: add is:broken search qualifier for broken links (#2225) - @MohamedBassem in 1f43f232 -* feat: spread feed fetch scheduling deterministically over the hour (#2227) - @MohamedBassem in 13a090c4 -* fix: better extraction for youtube thumbnails. #2204 - @MohamedBassem in e3cc5463 -* fix: remove queue triggers outside of updateTags transaction - @MohamedBassem in cf2a12c8 -* chore: add benchmarks (#2229) - @MohamedBassem in 6180c662 -* build: dont update latest tags on release - @MohamedBassem in de98873a -* deps: Upgrade nextjs to 15.3.6 - @MohamedBassem in 20081a3a -* feat: add a notification badge for list invitations - @MohamedBassem in 3c6b8e97 -* docs: add karakeep integration for Home Assistant (#2196) - @sli-cka in 9a339385 -* fix: regen turnstile token on signup resubmission - @MohamedBassem in 9257b534 -* feat(landing): Add more features to the homepage - @MohamedBassem in 9a6d36f2 -* ci: run arm docker image builds on arm machines - @MohamedBassem in 3421246d -* ci: parallelize the docker workflow for platforms - @MohamedBassem in 2e889617 -* fix: reenable idempotency key for search indexing - @MohamedBassem in 2ef751ef -* fix: fix bypass email verification in apiKey.exchange - @MohamedBassem in e4f434e7 -* readme: add collaborative lists to the list of features - @MohamedBassem in d6d319d3 -* fix: Add restate queued idempotency (#2169) - @MohamedBassem in a71b9505 -* feat: add support for turnstile on signup - @MohamedBassem in b12c1c3a -* build: fix npm trusted publishing - @MohamedBassem in 4898b6be -* release: cli, mcp and sdk - @MohamedBassem in 28d6750e -* release(extension): Release version 1.2.8 - @MohamedBassem in fdea0861 -* release(mobile): Bump mobile version to 1.8.3 - @MohamedBassem in 8da5b598 -* release(docs): release the 0.29 docs - @MohamedBassem in 97c386a4 diff --git a/karakeep/DOCS.md b/karakeep/DOCS.md deleted file mode 100644 index f1ab2789a..000000000 --- a/karakeep/DOCS.md +++ /dev/null @@ -1,42 +0,0 @@ -# Home Assistant add-on: Karakeep (all-in-one) 💾 by Fabio Garavini - -The Karakeep Addon is a bookmark-everything app with a touch of AI, designed specifically for data hoarders. This addon allows you to save and organize your favorite bookmarks, with features like AI-powered search and recommendation. - -## Configuration - -- `NEXTAUTH_URL`: The URL of the Karakeep instance. Example `http://:3011`. -- `TZ`: The timezone to use for the addon. Example `Europe/Rome`. -- `DISABLE_SIGNUPS`: Whether to disable signups for new users. Defaults to `false`. -- `NEXTAUTH_SECRET`: A secret key used for authentication. Defaults to a random value. -- `MAX_ASSET_SIZE_MB`: The maximum size of assets (e.g. images) that can be uploaded. Defaults to `4`. -- `OCR_LANGS`: A comma-separated list of languages to use for optical character recognition (OCR). Defaults to `eng`. -- `OCR_CONFIDENCE_THRESHOLD`: The minimum confidence threshold for OCR results. Defaults to `50`. -- `OPENAI_API_KEY`: An API key for OpenAI. Optional. -- `OPENAI_BASE_URL`: The base URL of the OpenAI API. Optional. -- `OLLAMA_BASE_URL`: The base URL of the OLLAMA API. Optional. -- `INFERENCE_TEXT_MODEL`: The text model to use for inference. Defaults to `gpt-4o-mini`. -- `INFERENCE_IMAGE_MODEL`: The image model to use for inference. Defaults to `gpt-4o-mini`. -- `EMBEDDING_TEXT_MODEL`: The text model to use for embedding. Defaults to `text-embedding-3-small`. -- `INFERENCE_CONTEXT_LENGTH`: The length of the context to use for inference. Defaults to `2048`. -- `INFERENCE_LANG`: The language to use for inference. Defaults to `english`. -- `INFERENCE_JOB_TIMEOUT_SEC`: The timeout for inference jobs in seconds. Defaults to `30`. - -More informations about other configs can be found in the [official documentation](https://docs.karakeep.app/configuration) - -## Ports - -The Karakeep Addon exposes the following ports: - -- `3000/tcp`: The web UI port. - -## Installation - -To install the Karakeep Addon, follow these steps: - -1. Open the Home Assistant UI and navigate to the Add-ons page. -1. Click the "Karakeep" addon. -1. Click the "Install" button. -1. (Optional) under `Configuration` set `NEXTAUTH_URL` as specified above -1. Click the "Open Web UI" button. -1. Create a new user. -1. Happy hoarding! diff --git a/karakeep/Dockerfile b/karakeep/Dockerfile deleted file mode 100644 index 60cadba20..000000000 --- a/karakeep/Dockerfile +++ /dev/null @@ -1,121 +0,0 @@ -# check=skip=SecretsUsedInArgOrEnv -ARG BUILD_FROM=ghcr.io/karakeep-app/karakeep:0.30.0 - -ARG MEILI_VERSION="v1.13.3" - -FROM getmeili/meilisearch:${MEILI_VERSION} AS meilisearch - -FROM ${BUILD_FROM} - -# Environment variables -ENV \ - DATA_DIR="/share/karakeep" \ - MEILI_DIR="/config/meili" \ - DISABLE_NEW_RELEASE_CHECK=true \ - BROWSER_WEB_URL="http://127.0.0.1:9222" \ - MEILI_ADDR="http://127.0.0.1:7700" \ - MEILI_MASTER_KEY="0uIHQXWthY2L2yqCWGVGu2axN+l4qcDEc+Of/7e8X7bEyZ8k" \ - MEILI_NO_ANALYTICS=true \ - XDG_CACHE_HOME="/data/cache" - -ENV \ - CHROME_BIN=/usr/bin/chromium-browser \ - CHROME_PATH=/usr/lib/chromium/ \ - CHROMIUM_FLAGS="--disable-software-rasterizer --disable-dev-shm-usage" \ - MEILI_HTTP_ADDR=0.0.0.0:7700 \ - MEILI_SERVER_PROVIDER=docker \ - MEILI_ENV=production - -ENV \ - SERVICE_PORT=3000 \ - NGINX_PORT=8080 - -# NGINX Install -RUN \ - apk add --no-cache \ - bash \ - openssl \ - nginx \ - && rm -rf /etc/nginx - -# Set shell -SHELL ["/bin/bash", "-o", "pipefail", "-c"] - -# Addon base configuration -ARG BUILD_ARCH=amd64 -# renovate: datasource=github-releases packageName=hassio-addons/bashio -ARG BASHIO_VERSION="v0.17.5" -# renovate: datasource=github-releases packageName=home-assistant/tempio -ARG TEMPIO_VERSION="2024.11.2" -RUN \ - set -o pipefail \ - && apk add --no-cache --virtual .build-dependencies \ - tar \ - xz \ - && apk add --no-cache \ - libcrypto3 \ - libssl3 \ - musl-utils \ - musl \ - curl \ - jq \ - tzdata \ - \ - && curl -J -L "https://github.com/hassio-addons/bashio/archive/${BASHIO_VERSION}.tar.gz" -o /tmp/bashio.tar.gz \ - && mkdir /tmp/bashio \ - && tar zxvf /tmp/bashio.tar.gz --strip 1 -C /tmp/bashio \ - \ - && mv /tmp/bashio/lib /usr/lib/bashio \ - && ln -s /usr/lib/bashio/bashio /usr/bin/bashio \ - \ - && curl -L -s "https://github.com/home-assistant/tempio/releases/download/${TEMPIO_VERSION}/tempio_${BUILD_ARCH}" -o /usr/bin/tempio \ - && chmod a+x /usr/bin/tempio \ - \ - && apk del --no-cache --purge .build-dependencies \ - && rm -rf /tmp/* - -# Installs latest Chromium package. -RUN \ - apk upgrade --no-cache --available \ - && apk add --no-cache \ - chromium \ - chromium-swiftshader \ - ttf-freefont \ - font-noto-emoji \ - font-wqy-zenhei \ - && mkdir -p /usr/src/chrome \ - && adduser -D chrome \ - && chown -R chrome:chrome /usr/src/chrome - -COPY --from=meilisearch /bin/meilisearch /bin/meilitool /bin/ - -COPY .common/addon-config / -COPY .common/nginx / - -COPY rootfs/ / - -ARG BUILD_VERSION \ - BUILD_DATE \ - BUILD_DESCRIPTION \ - BUILD_NAME \ - BUILD_REF \ - BUILD_REPOSITORY - -LABEL \ - io.hass.name="${BUILD_NAME}" \ - io.hass.description="${BUILD_DESCRIPTION}" \ - io.hass.arch="${BUILD_ARCH}" \ - io.hass.type="addon" \ - io.hass.version="${BUILD_VERSION}" \ - maintainer="Fabio Garavini " \ - org.opencontainers.image.title="${BUILD_NAME}" \ - org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ - org.opencontainers.image.vendor="Fabio Garavini Hassio Add-ons" \ - org.opencontainers.image.authors="Fabio Garavini " \ - org.opencontainers.image.licenses="MIT" \ - org.opencontainers.image.url="https://github.com/fabio-garavini" \ - org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ - org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ - org.opencontainers.image.created=${BUILD_DATE} \ - org.opencontainers.image.revision=${BUILD_REF} \ - org.opencontainers.image.version=${BUILD_VERSION} diff --git a/karakeep/README.md b/karakeep/README.md deleted file mode 100644 index 2c67d8988..000000000 --- a/karakeep/README.md +++ /dev/null @@ -1 +0,0 @@ -Borrowed from Fabio Garavini \ No newline at end of file diff --git a/karakeep/addon_info.yaml b/karakeep/addon_info.yaml deleted file mode 100644 index fe068df2b..000000000 --- a/karakeep/addon_info.yaml +++ /dev/null @@ -1,16 +0,0 @@ -source: - type: docker - repo: ghcr.io/karakeep-app/karakeep - current_version: 0.30.0 - version_template: regex:^(?\d+)\.(?\d+)\.(?\d+)$ -config: - version_template: "{{major}}.{{minor}}.{{patch}}" - patch: 0 - image: fabioogaravini/hassio-karakeep -build: - image: ghcr.io/karakeep-app/karakeep - version_template: "{{major}}.{{minor}}.{{patch}}" -changelog: - source: github-releases - repo: karakeep-app/karakeep - version_template: v{{major}}.{{minor}}.{{patch}} diff --git a/karakeep/build.yaml b/karakeep/build.yaml deleted file mode 100644 index 63b14388d..000000000 --- a/karakeep/build.yaml +++ /dev/null @@ -1,3 +0,0 @@ -build_from: - aarch64: ghcr.io/karakeep-app/karakeep:0.30.0 - amd64: ghcr.io/karakeep-app/karakeep:0.30.0 diff --git a/karakeep/config.yaml b/karakeep/config.yaml deleted file mode 100644 index 44a362310..000000000 --- a/karakeep/config.yaml +++ /dev/null @@ -1,68 +0,0 @@ -name: Karakeep -version: 0.30.0-5 -slug: karakeep -description: bookmark-everything app with a touch of AI for the data hoarders out there -url: https://karakeep.app/ -webui: "[PROTO:ssl]://[HOST]:[PORT:8080]" -arch: - - aarch64 - - amd64 -init: false -hassio_api: true -map: - - type: addon_config - read_only: false - - type: share - read_only: false - - type: ssl -backup: cold -backup_exclude: - - "**/logs" -schema: - TZ: str? - ssl: bool - certfile: str? - keyfile: str? - BROWSER_WEB_URL: str? - DISABLE_SIGNUPS: bool - NEXTAUTH_SECRET: password - MAX_ASSET_SIZE_MB: int? - NEXTAUTH_URL: str? - OCR_LANGS: str? - OCR_CONFIDENCE_THRESHOLD: int(0,100)? - OPENAI_BASE_URL: str? - OPENAI_API_KEY: password? - OLLAMA_BASE_URL: str? - INFERENCE_TEXT_MODEL: str? - INFERENCE_IMAGE_MODEL: str? - EMBEDDING_TEXT_MODEL: str? - INFERENCE_CONTEXT_LENGTH: int(0,)? - INFERENCE_LANG: str? - INFERENCE_JOB_TIMEOUT_SEC: int(0,)? - CRAWLER_DOWNLOAD_BANNER_IMAGE: bool - CRAWLER_STORE_SCREENSHOT: bool - CRAWLER_FULL_PAGE_SCREENSHOT: bool - CRAWLER_FULL_PAGE_ARCHIVE: bool - CRAWLER_JOB_TIMEOUT_SEC: int(0,)? - CRAWLER_NAVIGATE_TIMEOUT_SEC: int(0,)? - CRAWLER_VIDEO_DOWNLOAD: bool? - CRAWLER_VIDEO_DOWNLOAD_MAX_SIZE: int? - CRAWLER_VIDEO_DOWNLOAD_TIMEOUT_SEC: int(0,)? - CRAWLER_ENABLE_ADBLOCKER: bool -options: - TZ: Etc/UTC - ssl: true - certfile: fullchain.pem - keyfile: privkey.pem - DISABLE_SIGNUPS: false - NEXTAUTH_SECRET: jnE2An0WyIKZvO+WgKJrn8WPW+c3DzV+c9ntBp8CdobTOmpJ - MAX_ASSET_SIZE_MB: 4 - CRAWLER_DOWNLOAD_BANNER_IMAGE: true - CRAWLER_STORE_SCREENSHOT: false - CRAWLER_FULL_PAGE_SCREENSHOT: false - CRAWLER_FULL_PAGE_ARCHIVE: false - CRAWLER_ENABLE_ADBLOCKER: true -ports: - 8080/tcp: 3011 -ports_description: - 8080/tcp: Web UI diff --git a/karakeep/icon.png b/karakeep/icon.png deleted file mode 100644 index 11f17c6b8029bdcd25e86ab6f79a18f9b9092496..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2112 zcmY*a2{e@JAO0kbC3lphjAd-eQW%wzJ5e+}%G<2#qB~MfNOXnHK7nEn@6a zsTu2pMuswBGBL(n(=xt6?$`gG|GDSB+iyANea~~=_kDiP%`>(bX-Nf1005+MSPOf| zl73C`EzrtFNPU8gNQ6D+xCoQ4xS$t&(3!(bAJw2sYA`slE z(0fU27_gEwu|#K8@HFGJ=Fj6aOG){DZX>kZ`25K8BTQL5l8IF)@Cm35Ifm7_(HwnM zeZElE?5gJc>1Cbv*4&etaW-;E;u{6u*f%oz_r!@Q;ZMGa2BdaiP@fXKib2!dpStt# z9t0Y?B;Nyw3QNX|oju8#d$Y*7Cv}-lUR$mIqF^uIDkfa-*|o@5za4FU-wge$11wRN z=>MEaD%OEgQ&aP>tIG`pLEWh|Uze&swgzQ@UUF|rjKd;1WBWKWuhYk;4JLeEDLkE- z@iKy%e}+Weea36~)$-zEiNgH+r%w7p^801q_w295i;IhqkK8;N3`SsZum-(irbyq& zD58m^R6lbmWBf&m`rNq`0L&HxW#HNHZ2iyA%FQ7(EbnR#l?tO`#za{sOj+Iy zB0lH_WxhxY7HzekFM?E={rwkgtQSg=5FB;-&?z-xXlSTYOiU}E&(AL@sVXfkbuXdJ z+974$t_pZ^;+qc~JzCYZ?V3`k{(!+41+JcdwiBi zB#!j-q`aX}=uBpvu5;~~sIv|xn9gc%mjdW)2Pdb8M4|#dDr(_#e_>nPDw%**;pcE? ztUW#NJ$dpZk~?wG=G3V#bAu&1+S=ymH1Ay1Ny`&Uca}TT2TD=4v1+ z2aamF)j4CblG9Q|uXuKgmEY#DMe<37ST^zh|F zi(5dwG*|IGQ>f61MqFoSCzWkKcjwdR3+-2UQ6DBFsPd#>V_phsYJB`pSuI;6DQMt4 z>*4GnY0XoOzNSV-XZ?pt4Q-1Pk?z&7QqodU*lW-24b|&0oo-EyjY!ffEm-eLM}hj? zrl9xxlL`A3#@rvLFl;F}I zH|wgZjHob)oYtpLvj^DQae6Qt3q4$4fBy+|q4<{;9?c7sIo8g5_w_-l8%+mikxC$#FP%Asf7K ztl%WtpX%?Wch?-vda$NO3hE0T$#-X2cMxg^)fA@_2y|gIy(zE%(nLSrkJmO(ARUhW(I)W@u{h)jbThQJ~C2I*g|8E zPQOa486F<47)+wF4K`g%-0#{}(bs1s4To!{RqU&6Ve@4!Zf&(fbC^miR z+?Aydb`VJ+K+f-I-Q9`g(2s!-ih$VIiM65E2KpC6AJ3Y1y;D`}HMmEWAgzWlN{B?1 zKds!+(eaL-pP$o57i;VEA3SE5w6yfTZ_ATE2ZQ zKy-F+ak*G_EMY2k^#?a8QEJdIFVCWnJ%R8{SX(h9tPAmu4i4v%lamcOk7{acuKrlW zJx|z(7d~2`1v`6tduPhO zU$2`wOdc7rj}R<y|h;o zkX1C~svYjq}G8nETneII3dOYt!dRo1Fh_LviJHH-`SzD^7WQINI40;3jyg!3B3p^ zCiLDxCG=`&(x2no&v)H_;kj#Fe&J+h&di=YyS`?hx7wO2v=^>lfWct2fa(Jj3`XGy zgPr<8c^+!9H%K*v{+)71sVJTrCGZA9KhD}JXehv7pQ5M_Ezd!}Z(6CMG+;0vE*LB* z1P0rOnt~Q!Fb_c(Y{>!!lS+WWu02bseIx@7g#ix~9={k{ne?uA*{+x07?#^KNDXzr zE*5p2)4nJB5l$6u_2CW3;^7|n9a}B>Bh>nh`s->}h7SsGr3a6)u@BxYiPFy>9{(vU z(nnQ89wSPnZuW20pDt z{t2JwOyq(8H>8LEGCtg96V9$dR?mbfk9LFgjr&*sy-iiFbWKjPjdRZg%%!C0q2S?^ zyhjMZx)Iz%&i*$dsheh;TSAO53hZ3GkipfMY~2L+qW&xIFqmj^$m&ZC0ElqBedT_q zNt|`O>ezqsc0cR=rI+Wv&8?^oo!;K+fSbSX+xhQ}9y_xw`c)@@?$Y^;Z$tS34cd49 zYtKl;K1ge##T*I~USz_auEoHO;Wdi?>+}BGck<+rn zI*wxhTgN7*)W2|15hglvS@FLyu+Cf1>Z@fvMt%XF+N2!G|h~JoxFvsVT^%QDosC+`P zhTvYbfx#Bo1YA%3+tmJp7RG;18Cr11|ECe3sVTi$G4W#Nz4wn`3SqA`lX1Z+N%uKY zaorkmHr_lfzHtjj2bs*jf68C)aoD9%3)BmayEHZ2kH`oP4pvW>lQnky^ib~iTP^FF z*|>IqI~D%F@mpACJgxh$x7^5~oe?ZThn#-0m!2r;o@4Rfbg&+s%Xr%IgS9&9mOBZO z?lyGthtGolb!Ftj9a+8=cK4PK897k>&uGeWT8>xHv1GL?w}((Moc*_ppfvF4%)gfw z7^sZ@Jq5|dl>XBR*#Fn~mnHviWC+Gp5w=>{N+)eSsH@-EktiZ!^({g@<=&^1KQrIZ zO9Od{vc8^k9f=s}wd&jM^Ie@qRZ~fSpXXD(%xt>T_=5fkgDjUNH7&kNYT3G^VTTyX z;+!z3XUx~mTdr=?kr2ZfXK<@ON27h@lhw85gRVpo?%gS07wGlW(Q@1QF6s4-ztgff zS93HSZPaliVr};W}$)EUr{-+QIFz8ilelFuSo+pLy2`=Sm zrKhdp$NAY${u%mUj`w#~p9~GX?kORYy+yix`M|pB(LWpSxxf9WKy#kAn4C zQ1d@7q;gnN543!F%dlB!E6Zb>=4}(OU0^=@=62-8EB}qi*oHd>8!=0JI*N~4V^aLc zgqoc(2lolrHmbiNA`I4JbQyo2kCukUdbM)6OM2>e3+i*?&y8gHsu2 z)LbhSvMQVO9G?x7KeRO4Od6*A=em0CL4?l~RsVXox1b`Qqy?S!%YOumzJqAGz`&*c zU4eoPt0vGO%2QHb7WChWu=h7DsVj&>#xAMh{Iz%LR`JOe|2itUp^mQW4uvrS0l&i~ z|NMA$?%zp$6obf!jWhFEOmQP3B=;Ax{;z`%>Zr`oOil7?+)VXulb+)E=e_Uq0VAi2 z#O?dCS$$VNd5@1zas97j6*|u%3D;j=4u=De^dn_=3_kx`{prIN#)Xj2*{eL}d&vK5 zgM8FNM4nFW+$;7&3(s*UiT~@cOt}a%E$a|&Ck^Omb?%J2q&FST3Ytfelzoo8LY8h;QPq(Wzc6Wd?5K zchRR!e1Y@m4(EJ!==-s4Z{*>Bz2Y$#ytM0n!>cGUl{B@Kv{m9AaHIk@an|q={99;y zbTD%@IrL`j6jg}9CatvjspsloSb@B}foa`(N%6GT<8gV+gozV9rI1*Kx<^NMQn#x- zzBZmY1umW`H8kH4=v`f#TVs`Gb;3R zCiG=^GFCYHCmvqKwWk2md+~bm=ndmOJ9XX-;NeP?e0SjL1+vW7a2-h!wt;|n(wNN7 zxx27U39B^U&d>AO^xE~iX&g8Wv-bTGb!9Pp#;IOvx+h*wwq?ZEGe!?| z&bvmvbV{?vEa4Q`)YZLR ztBk`qEg-~1x&Tn)c0 zA0brtVA;Z`GLWTXe)@(cxecz*xu@&lR4aqdp}w!*sY>4R#&_ym);|(17)#r!ZVLQZ zTT<_rwz>p&_uvS(oLn+smsyi2SmW5=HmOvuls&Fl+VNh~4~Qdi4^As!A^_&Izqh=* z>fT@5Okqjqru$&J2{g{J4>p|q*lEX}x-_tGiXp@O{Q2{c0SqJcsR?wB+NSf}gl!9p z6LJ82!Ht0`&2?MBtv=)+zJ2BfmS2n93dR3!=z43bt)e(k+uu9wkMIk)h6_-i!#&DH zD9?B3@9!Ho57rdgGY0bgLvQu->i}C%;v)V zZ^L?lyH(hH#_1A#@^b+tgIuX8ua5z#gV9H3T!gj3IPC1L0A05AYw#L)+^dWW_&r!LxcDK!y_6%c;iHVcEDsvCO&fW);vL}-W-rc@aw=Jo)>6f{@HNjMjWAc87 z_VVnjzO+H{Khe(>Ko_n(&q501y1F{~7raD^xmWi3n*GKmSsd6=^{y#1Y){XmK$-n2 z#*nTKPMfBZ4&n3g8qwL=JNGd~X`~up2g&Rw(#W}LBu5Ay6n}9fCrzjU0y4*?ogBfU ze5+&c!FfNH2twAGYmu73keN2y?gbX44pT3L=IZKrbUa$l;>k~E7VoK1X5AK*{23&=AQKxrG{KVW zh-Uq(LHLBK2to@e)&Ke+ zk$?ae8$g)^k}uGu3QQSodVki_2(&fHD%d91>@mRawl>aX#Do8+ zFR#U}u1G4;q3&oi{UoJ*;m_D`qj=R?TPx(Zin5fOWp^h;ymC`L^Zf$_zSxKleK>HW z-ajJX^Y{Xo4jxkMyF9{IiDpcH%jrlvdO&<*d$dCuPt~o*dk{21zYN@wpBcTCI43~} z;egpG@TV9&tTvLu@ov>1s4fhraZeX(xS0@FPJvz?8QsGU_S5h4ia&QPt5o$H^;NZV zO5Q?KT{tqrtK`Fn)KKTO`s9qc_Ed>vp2)qj$uv?HA{Ld<)NeGhP9OQ?a7dk;DJSpp z{+lP72>ZdABHYj*bZ(&np_4v9gnqfyAM{=x89YAEHW z{CVSy#LK$%{DAk*Kc{y$cwfeI*66zMBwP@9bT}AYca3v%)@ixql#6>;|bVVl`i!}dtXIRHw5=P zN4J|=A6~;tVCicd1zSHoC!%gPsgpOc3O+NhUtcOU+Vfv&lmNUJ_0eAL)^Zf zX(vZdGX2w_u5q8`qRraj2F;rp%#o_z1WngRpp;p&o+kMOWj1FXE!^rHx^_K|4>e?6 z%QcIOxJFBZ-p0nSrK=hC7f&xezU*B9Pgf@o!_$E>HMo74l^;>PhzDhZkW*8&i}pv| zy{K&xOA3P1OFWzA=9Cmg?{s$;9Apz}p9kCMwVkkI{N!*U!kuNF#E#x%9Z)&>0s%87 zgN~l^Kv3ZkiY-qJI0=i0tG0BDKgz#sVRzjE)e-UaX-ZE>koSiFjiuj>6ra_Klo6#N^jfZxglsvNdd?upaSZh%g^n{mYQ;+Cudl6h@OeEqEb6Z z@-jA&0x67A=?DE}<7}Cpn-gKpEG!k>YTS}?INliopf~WoRXnFQ;6w)fZ6IF}C2h

tB?z zv9P#F!S+1*{(af^T7Y^H93uQchxq5{Q}=<;ZS({3dq7jItg(18+!nqEAQg#)pVxc> z!K|mXE?K6Ry|duvs)?@KaTS5Gc~aMtg*ShAAp~MG#iRTYXN)^e3(RF>#ZK&%cD#@` z_-1?^JKin77D9;R6c?@W(K;?PZ5P=7RKu*?WtIJ80!C%SQ+BS=&3*C%OStxo3P<;? zzu|a?x5JjoeLh6z4Cxzh>cFsu2ZuVVQ_BeIs zw|@TH%Wkze#@+2#oaSDaBD=gz!7PXRz^vHP$(saylua5dQ#pLeVia5Ue)_$F{y=N* zZ{Yy5Hn?Oi$F5{pHvFlUDzm7ni^j(_z7haf64}>NCy!#?2ICZ%*_N~6ZQW5g|61pp zXs4}d?oq9Kj0Du6?Y02Mk&iVzp!G~g7&CrS)N^H|{@2x#id)R4FQT{1JG zJdxxZmVc_Wa#comudkyRE)oLF(oi2(-l#T<67CZV zGdG_&St@sb!B)=m{?tC?Cv1W;1~dK>Je>9(&+6+6F?oPo3Tkf3aXzN<0r6(VdTybi zn!jV5@H5hTA%o0L$bo%4RwmLID-Y!Z0otbXyvCbw`dXMw7nCIkQ1+boVnr~8h${e+ z>emq{Blu3<-G*5EN?rp|gB0OQCZkqgEA~nyXCIemfidPyp2^tl=&m>M2o1bDnEofl z7V9U9hFvE(0cpvk$fUJtH-tk>dU9C+_jW_5d5rLK+|O|_^v>v|-^Go^T(}OO<7uYD z{vq4B_3Vz1o^(517M!KwsLRzIVP`Ie*1n`+5*e)>MQQ*-BthE?l^{gg&=8lM} z3mZrpY>9@~$a5MVv_aJUNQyb1DArmC8D+9(H+8tv6Jo^d`WIm?jZgZ>b6K6QKZp%! zB`P$OYeys%frq?Ecz1jVAB{o_ew<4yEk%i5_VLXO`5jHNo~0@%g9T+8Jh1^&7l1Cn zO^0AD=G zcW{#}>cHaMoKj1i6Mj_rqQzEGDk^kXmY5|l6d;I{U)Mz}E3ENstu{0OZYbiun&@x{ zHZey-C96AGRbX?GoFm#&x4pvzYi zQ9_ntnFeurnQi3ePxl9K#0Y4BE;5nZ zwDdV~MQYhl=<+wNy(jRf^QkeU2C<0}+Z=4BD5{oCTs84?L!vf~{Y|v^Uc8J~<+n$O z!8|Uihgq!A!fyx}#Xc{bz!Dtq?0`3yO{@Pxd2Jf3O4b4!_F2~ z?1kAaQmU|as!JW^!x<#mSd-FGJ_gmm0oS7R zYq=ecMhe#|iDbm=!_+`6Q9krDvhTnvR1(ovVG=m!>sq&YK>9}e#gCB=~fb%=1CLJ%eP zg*s1 z%e)|K_($aY@VKN9r@e|7U#xInV7|6!%OALl{f__v#}>~bEb86C!cy0`&^GTh@~9}8 zR4(KTrPztqQSg(Gy>jn0+>F3153Oa5!Zo3Eo-0r~9)*hY$(Y2e0^)gBP+HQQdv1lX zMqbG|Gyw~aeR?g77N_(~Tpua~O&M|E4okjRy6Gd!cGer}3ps1<;Ak$w3Cf79h`grw zoWx}zeszFksxu@sabH5mTMfKMc_!S#2Xy}cM}sntQ{{(;?9#b%9`C%UTw9Ew8gw^{ z$KZ`0cbjRs-h2Md20`Eg#(hTb;oe1wIV4;5W69rBQ$F!qQY#6z#$^{;QEzqpS>l)) z(~W90IB=p5{3e1T^0^=;WV*t2hG=l#s&ee-R>t5p^T6?uJZk7DDKpu7Lg<75=b=7F z?OpH3h2}CI?$iL@9hWK}i1HDuOw{xWE64RKbF?w z4tr$pi3eUSDftc4)6muXAU%9f8_Q*N9ESv2yai_nhx$aLBKW!{x#s$6Hx|3CUezy_ zDwZd8UVKqIxvFT)aWrOaObVCZd@pk$IT)KgJqiq6iBulrCnPQ!(CPd=lW&o1$xiqf zEyy?-f=aJB0KmYn9wLDg=nB7t;~fDJ4lHUB1DiD~w6xCSheM@o@uV$LuOY!KTiab~ z-Y-IKDS~i>0B-q8I09&l74DCAHok>RQoeSc!r55XSEGM5wMrj6xfI&S98a1@I1Klh z9B@j04L=1t?xZnha!uyi3xOuUc}K4P+zr$LyW6gR=1s9xu_px>Y7;63L7CjoPQHFE zo==g9)%uH`jC~Xz6whu}Jp~26@*ZXL`u-+j!S5b|nYBY|L&A1nD*}fWPvr>0e0J?8Pu%&g=ne?3k4}l6h^=>#Y`e@`cuqiPJRWsi5P)OFZAlt>2P>S*mrh64aYk;rCdU zT9gMJ3SO#2YkY|swhPn)$R7T!w+s;Iq8Tn~v*n4$`_>F-($j{OmRYh zTyk8aEw=P;j2v!tN||Iy>IcLxzDtQGeZ0QX#)%M6zR|_Qj0T;+qU&+z2s>!GgBB~zvTX5xfvAAX$) zx77oqD9_Ne-yJ+sSymls(dKSr%B5%)WW!hoT7GxI)ZarNjY<76Bd%ntJg3!qauYYe zl4UjJ;b@-B-Bs=MVKjUra5@R~7M9lGgFqiIMqbM;93JzK$bGC<1Fc!%JN9Wx>PSQk z%{Icd_ZYnToUL`E1sgoj{7bs}efL>ml;GL&yQf0Yxmb_6+O;@%H{fR5xwE|d$r(;P zj|Sqdg+3BWC{0Zu>GIk4Plo?FIk`=UXT88n`lKk~h$UfKqDKd1XFJ8lauWeL29YV| zM%lg;x7{$@0!A2lNKRUxr$S`;M7b`M!Ag+isR4(EdhzS(sug(^q{;B#V)UHe3dFJLp#tkW zX9g=5?_}CRNrhaxHDBg;7EFq9xxWuUj4;39p#_@%1%tMsSb#i?{j5gMRdX9x+gT0o z$Ed58S%a~t^Yz7gZ0pIKi4&jyK#}Ka-ntv>89;N{ZkqS|dmuohTPRS;qj35W+wN|M zd%AR{)Q)Y3dxtzH4s01?dq3@S4Elm;+%BY&K!t$3_MvBY+DTb_nM$;0cqhhx_9w8`i@+ zIBPSVP7TDR7p9ey2_zTYgSGEjv!^NEmvmLlqAs6?u26Dl!NQ-C$3kXlB!`xsy9E#o z3l>LZ9P5JDath6jxutPfrM092l#NvSXqazi9VSKBi3KiMR=cC&XkWOCEK>rh9V)cA zbFd|AU>KN!Aq`*+Nm;97@HXzf``{7ke2GlM*WbtYi5WC%Jx^U;@&~rP`_FnkKJaw~%^wfvNUJRPYH1q!Sd3$@ zjY((2U(`LV!YW93)r3^Eke1Ti5+mDw#$iv%cnv!?eanFt*OG`>!+`1h-py|uz_B#C zbma!$`-3`EI=OY6YqUwJ?XVT$pwL)eOHt5z?8k|2Zc)p(3fyD-=Kl&#kxgT8nz36M z5i8K;=yqG3BP28J!C#G8axIE?E!+vsv-_vdFUI9!56X!*QAzU}89y-g5}mu38{+C^7)3mxZ`dR~1Z z8q7A8;C%ag2QJ^e5GUAhn{X|E)4d1_`k3;VItv2QtchhZO7WdQBD0$}?XDAH$!GYr z+#gktw!pz*lA#d1zE z=e#An$jp@ex|;HZP>WE$W{eM%tu4HunahE11oV}8P9_Pv7fjzSDEauS&JVd)#jY!~ zUL}q36D3Fu222jb%=o*}^jP#pJcqzP9DM%9idFJlcE`fB7+Q9;Dp&4|NwJojIx+m+ zE>3z7=Ba@g*K~JE6{aj*o=PFHh)q^y^`(?;g)i4)KL@L12h4uFM#{my6S2h?%BLlg zM*R=>7<8htT}%AA(98)ZP9p(<90Wb!c&zOBo;X=d(8NXKm2E*CtXZ2Ig8X3AWoBS^ zj`VCMTx}olwjH>UG{@;M?_mS->6BCwRFXzdI-k2C zsmA#0qzI?-Tw)^=fvKLpk?y>)ogGnmL+OQ>3Wu7w;4NFKv|&!eOkCU1_Mp3d@{nvJ z7a?GA9b~?3f3TDY+Q@GD@j@Ym5kRK}j75^9vC^QQ7{LLQ;ly1Z^Y zjBvZBGEvI0)k6uC;M`MIJ2+TJpw9$iJsW#QxzK!%ms~Jd<`q-VKo2c%)Azfs$T8zb zb3GLz&|#J!-gZ&<9WK4Yfc3m+tUdY73)1^?z-uonaQh-G)r zn#1N-gRlD8rC47H*!)5NZUlwvmXGXh%RGBp5mW^ZMkDwl)5|QYJJ<(=HHe^8ouNqR zYCD!WU^}QO8!j7P(r8`+#UQ4CVlDlm4lwmR=(srvqp6cXwLGkAAoV!@eSh608~C0N zQn<8WE~jIyzHsiqTN}9@g7?+}wLE^@s}o#Jbb4Xu(`0j$AyK(uP|brDKjCA$w??nU zoH6tqqjUF>wg7aCqdcsd*rAk!9hKNFzEz8BBuKPYZx{VH*Ib}aW*=CuL3X)umpX~oeyV!@eqs$HqQ^>zI z4{xw1)7xwz+qwZV8C&^*aqubtVM38xo<(a?dmdwZibgH?<8SaiMPhgtzpn%F{`cD5 z!5F@XBYo6R;p)2+^}HLs&zI59&(o|Wp-yFJ+yIzAdZ1Mz_s09vJgVraJlvFsyxYUM z_2VB40(E!yjB`_8wOt!jupjvX)patxgbZL)Y7$wvu6-&Ibs^!`A2_>7$Vs3X_#Wd| z{_4}d#+aep2=Dk@wG4qDz#|hm0|V8@_biA>{_;lOPvp4?6rhXEdbk0*&d@fM_Y0Em*V)erxXq^7E zyrPdW8F=XlIRxjWI(Vt*ohh%Nge;$Xe>#f(-^b-NAi78SZX^Xvh7D9 z7L_P7)C*_^Lb;VWF+56Ehxp8M&=;lbTSb`D3?8e4qU-^^#jfyLU(8CZu!E<9vpRVN z-j+Ry8@*<&Ni=FL@(EF6W_=(lD}nA@9llf zMf#=_qWyFbnC|sQa%Z99Hn4rGir(MDe2_vwiy7AcJ2=MU_?So5hC4cKThW=aLjeo3``U$`GoIdLplR9+sDMi2|z4toTlt;N{#d6>=GZuRc`HK<5ygefQjc|5ki2|IicITTAz6H!aFT|q3mV+ zwg?|V5{O%QM&qoNXgPs(=!T;I!m7pc-+v<0!{%{p4$O_EDiDI9oJ%6xNl6mer2;0> z`(BF6aH4O@W-TvacbVfWKWfMqk3Bb~IB-W^f2;r{V~iHKSiQ?!7? zIJkbx_VW#-x3};;hoA0H7U?bdE$bLU1f9dt`PV21+9WVCVuU@#82FwVQGGlx8{6XN z4=VLfCUPn5xsB;ELMmr=9`wtv755nYu|F1Qr=4EuB#E`^>qLFuOiCtM@!7S>0bDyj z4%Skv2N}0_r!n=zD%t_jBrm9k+GF#&S^J z{|l&ivN@k94R%iG(!GA|sYR5kEYTppONf=h;)`xSE&A@m#OqP*GFGKWerAdRD<(w< zc`ZWb<^9E@XS6ixkVfK@$^EO>I^8j>DK@bdfj*#^(EtThv{kPo1YK?>$=|nqdqXxC zzbdso#gr}hg7)|^_1LHQVpcH;&QVSRADf-k@cEJTL~Az&&&Pk6n1_plnCM`ZLV5#< z>IVGUy(^5PY=9gG4fOy%WYwp(VjVIpcYZr(GW7}Q3>Bg6oc24Cv7Vja(=xU!npIbz z%W*`miqCaB^SKM(?zzc=lhSjmBmN;x(|_RI4v*wdcnG$vYbQIEj1`tePqV6y|ilf#+Esd2*YwL5T#Nl?)%Kjr;+$CRBSbk)bmsO;Mf?hlEo>v#kG_?^Kc z1n!g;!-ddA$k;@Eh96ZSku|HXY>}V!`#L_0cDp=cKa?fJr$k2m?u3@g9_E;kB=qqu z&FEkzR<%#6SU{7}m!2{z`a1(ZgtY=!w37qlNblK}=ambscr2-@OQEaU3#WUoia>=5 zgaNv?9}d9OoOVXo8sO$0K6V??C+`l{ixR3{zr6I!seQ~!5D3&zClA6!Ak)u|BwlH$sP2Yu$&^!1kg{8=%{ejWWQQHwyv#o zY+lnC0jP`(U?PsekxV+1*+rv2nGR(L?OE2>8-{bfya{nSsYk5d`K>H#l1{Q5=2HHy z0?K5~%=ZTXH|%~iu8)>A-fLg{b5v8A#Ecz97EpgY zqGxyX9^nGtlJTo6bL(Xg0Z1@+k$A~V3E5KCZo}{y9z-LEw4%cf>L{P|ERbM4i zL8aOc=bT17LmIn_`Ig7s*`_u<)W(F${ftc|f0-qhIX)UTjVAH1*)Mx~Oe;WK4uXoM zC{Op;K&XUc*gC}xz|A6}(e`;IpJiPVKiiKzSANY$C_F6VvRB}wO zdWAwCzGy(j@)aW_xVcuDI%H0vi#^FJOlT)Hd?G;{Qm)2}#Tuyfjh2tKi(8 z8L92VM`^l$S=yHkKr9_>(?Je<3_<|Pl3o@=jOuvyVqgHpNkps(2QY4}nB zFf{~u-oX!YHIisN$EKH#+SuzeV%Uh+`bz1Sg8r}>ZQ>2Cd>psjn+mC z9I9nYt>hPw>vE-3g37dwmNWpfsh>N6(gY#8GokiK;`c*lM0rh4*XHufdR1=s=Dddy zBSra$&w31Yw9@_c%h#pW9(+l1-5yUj_O}vLQf2Udt0=zkRx;h|N1t43WtC><0karu z&DL=tF+wQcQoOvh*fl#(hz$gY4Fz%A1v8B-ZAUr#J|o9*q}CQFTR@WKfk-EB>GZVg z^r3O3ug^g+t&!a_ocnq8kv`n}5%P41b8?(D4qNs^By=PWDsjeajy$0JDy-P!4wZ~K zST01&f*tB*E2oP!Hk}y?9QsKW4mmx~_;}9BRyl(reUsz}3HT@vp#h428SRG;J}0N9 zQ9pNq7*+u>ERJt^xJjx)+I7MuiIiOHZZMThx?#!G2OyS5HJx2q988`5%KLq&;yrN| zlak8aRkrx9iOahpj*jf#-4CQ3sqyuZiE>i7}s@8NAi7tz9eoJ;!ODn1sNs z%z2p_W$qun$h>~(JZ5WX>#syTP#F)@_t4tgjjPCYdRssRczPz$i`Xo6 zYCF3AY3t|93LJKWtJclHSA~7q*n^zFXvKk&ZOMB?+~E{ z3>A;`?o6jzcUM@gUMCioiG_~nX?fWmY`qF`a`8tH)5PX_IcCv64vWntdp3UjxHbAFNPG+pM?~mK=l^aw(Z~{qn;lDl9bh~Ms$UvA9wxzr%V`29XQbFtSNW8x$2#IQJYldr1cKw5i>V1!_r#fJ@T*s5;)EYqU zCQW692@+AHk-yyk4H$|V{p4}Wa$LHN%UdCAJP=Z^szMDd4}*T~W$WLU@hp^Vw3R+Y zHzs<@ueW^R1nv;aOg{m1Su2sxc_#GlH%{GZe=C~l$;o8g z-5j}jF6pT{u}^*&TJu2fF~5-kWc@h^LeP?99*sh0U}MW5)==JbTON>G5&T%R4X#96 zA3QZyP`z$HdPic4+WgAPM%mjgLfszrId-}j$_x?ser-9b|fX@L>%(1{&2 z>KT~va!s&Q!xUYGK9Y3JxyTEisMRsx9R~L-ufXg|I;AFd*5Q(U9NIiOpku1_I=1qw z-c?Y~fa@~;_Ucb8i89No2K)K8FZU=9I@K{rqs5ct;jKI-pmTSq!`^ZnUTjzPHI<{X zv8UIe7@?B zd%gY*O*aLiFYA2o9S}O6u{js0f77}o8v&=T{dSGT``M84a$p@Y@d6=gG4#DaxBg~ zpm}%eRv#7TMM?v?iw~|ms1?n-be0Br38yM>i!THQo_+G>ve5z}J0|Vm=o8nhB9U)C zC2@4~IBi}glQbn#Zj&x4QodtW@P(0^Yr$`Xm~PzKllMhWVDeJbW z*rlfhiOo?#*BGX?81(Pf>DrmL?1(%_X3XobGAr7A!(oRxMYTTu;em0=ZaChO%aId6 z-AxK=4LT0}kXd`0;!N8wrKWtNj*9~WsumfRc2#`AS#LtruC@NG0iNO*g6i&;rkmB} zt>~RPFFB|CNvI^wm-fZ5UiX38bC81!DHW67|z+o2~5Sr1Mb6Vh( zF=uUH!D)djPFYe?Yj6N{y7)|&1P$%)hd-Qu03YbH2}U*VituR==kRx)UEC1fuvH%- zx?{%H0)8Z1SS|5i(Df|R7%8^<{@5+`6Q_nlLa9@FAa}jX>qEJXQ^{}u`MEzdW3BPR zA>&Aw_5y?YyMZC<&9& z8Id@ZdiYBYj(QD>OJm^xqWbK}cfo-nBiK7E?NVHZvbWZ=z>Wm?h5Zrwf;Fi2TCKyY7V=2i6d6AI4WZR#J=QzfO4f$dL+_*O8=q= zs>$VE1uT_Tp;I(whj-3sBs$?f`C@6}&z{rOZrV=0m#TxGVl~8Eq4}2o&SynwWPM=+ zZwbwKcx-q0`Xj`)3*zUx#Aw8N*_ddy&N2$I8d2(x40ZW7Tek{MyLw*kRaqDNI`N|+Iq!H}y!Tf^K8twks_UDf5ODqMK=qyIz(8F{ABifL@6yxDZr z!J{>k(e0}7YJ|wy%?etpBK!kkL1hloQ>4*V=q$A`n%cq8MDpbnH+XiR8;H6 z9NcNif4P=dLub$~STW}Og;=>3s)(3ac%hUMLU-Tg2e6`3JS1XSuv2@J6E^vOwE(b@ zmUWlBp15Zd1ux@7&+-ZPUSw)5^Jh=^Z!*Ihe;9fQ+7;h_HKUu4n(u}xIk76`zej{x z;0J>OPhYe8rID75oo1?yeHqtLaH_iq`T2v#@d4`6USSqmeFQ%Z&mb&kd=s+dfz)n` z^M`0_sdm9dsu;8E>0FJgb-j=BR$(#}D^KnW(8*!-`3fmae%U@i+OYag-tC?q{QU{q z9G8XLhl8Qs_mCDmO)-a=i_mNi(!K~)jZj^+EHkg%y8Yu)MnR^w^j^JErQ4ln_g@~& zo(a@-WtCo=-K&#Iq6waHI&~rO&CYpc5RS{g{p`#Jv(j&b?SX z+Regb`_x_jQ*Rl4q3ug7>uypye`v-eBlqOx37!8tB%aO`h~on{Zm;yH(nJ5l{1X7Gw35f)3h}}Bt+q86zXs?z0)B@ z(B`Yxnt{+@_h3F~q*ZYEv&v7|zYId|m^MXaMqgML{1ERjn5tS4ryBg0M>l51ET3-N zs?vNoWY-CGNrL!yhQ&J87a6~V3|Onr8RUF82)y_#kNq5Qt}pn`tNQfJXygq46Y$|+ zw`m|uPs74o-6ZcF>n_TpP(%Hq?s!q`Mx+1ZFYkq+lSJ)9_AOZGYE-LFv)I*%^>x^= z_at|oMF7Q?APs79>-<#V3mU!C$Lf3Rr?ouq6};qPKAk7bct%fzX0^>TrFd;fy-5!z=9iv^w}1MxnE#I&4-@*sPQhoKrIzP*+|PY@{!{pd8*r{ncCgU%CXRIJ$A#AB zlAu&%{SlX=?!!pmJR@ASWJhG!zBPk^fFFR>`W{=a(6Xh8wlD`T#Dmvu(hEcFp2_?VCV zvnVD6wf5VdW6Qy=<|T=I%#0?OO{_WdhkB#+U0bHa2GcX!CkK@mo;9}CbLCv7 z_xNTV*mcyc^CoOyrmRVtHbHQ>Tf^l0dgDt2r#re|C4$+RLz5B&(>MF+I-xFf7MZ-$9PBLeozUmK_ z4eEsGn7%}{a!n0C>0;HQH!EI4Yh{){R$WqCa@wC(sbDo_qw&41EV^t|0fFC{|`Rj=v8;YLJJ{-~# zM_~q+cwz}xepqD4mm0jD>0z#pHFz(a`C$Brv9z+)fKxm_Ht<9PI+X~~vqfZ6$c8;6 zI^oR(mO>LDiNw=Qev7LQx;3lTikmluyHenMo5xp*4FTcZD=s_ z1I1;t53DDf)l!O!FE0JjxHXJg{UrD75uvzf+U-w1NzSo#I$d48ESg9Raa#6!_3@8L zuXe@AQu8;e_34v$wf_YY`FMul64A|@Dg7`R(%b2@K1MPMZFIy6b%JF z-y0dOkeU)ZTU2(oxAA95=!dVK+^bLhN*Fy_{}W>;hG3@AtOm!OX%P^Y`8x5G^gGrhkDR;I;24)1Qx3k}8vCEroe zn!Zv17Or0$P^|w|9e;P;xH$=uI63N-x!wD6e>VgVN@$#`EJJluf4Z^iz@p5#b<_+E|Kn(kPd03Te_vBrI8+BRAN9tQlvo; zDJco1j#5fWH#3SzHw+E;;P?Ic-uo}y`@ElLe&9UMF#DXfUu*5xT6^u+QB%Pjyx5d& zy}L_o>!fk)fFD!ohNdXe^PBL{IXn{hVj4R!a#z@=B#Jf#E$@N0OTXhnj^^q7$)>=z zwW1}8coX-<=O)fm0JqUBwpoQ}m~DKD$AKM{)IC8g8K?qRg8XYP)wD0qVwu*;&P8kR z^$YD(e;jusIm)Bn0);@3(pNnsm7GckUXXZgb0Ch1?};nxF;&^jcqgxb5ow?PC7Tx> zS9?S?jPgGtjq(dZR%meV;CbR?-1~tEN0|9!)oCFF5Ld`eJ+-2y(zLoZ9%tlfMiwM2 zDH9$Qyf7FiSdDimUX=cY1$pOgZWf$KG#*-Qnf_OV2s%Ori zI>_!&9X9=YgL>E4$7_l?A6Oc?ewdj%J=U!P?mxlBspfS7gA&JJ|0%Ha50jDI1Yh6_ zk-GRjm;UIym%Zs4Ys-RYeKRvX38h!;LhNU*en6c_Y7snaa z3ezqAkZlIa_p<@ZMh;QozqmL4QN9Dw93ComDe~!x$hirDuV%+wedEPX-4zTp=kFl5 zhUtqH2qT^qR4AD~6QM}GRUcMeP#Yxj)l5*gHWZJ~#sTpFe|xGOz-4;uS||;H$CkSp zPf<>{vYnr~j7a`lLM&eMsW&CLxC{QhhE!VAY-w&4ot15-*Qp=|FVyea^;5QC8T#T2 zaqcZOrh}sdNP4%~Wx{pu&Wg`tA$!hFusc$XWJtL}s`uzgtH#;f$@#P@p5_wdiaOcf zOhUR96pNnMFOm$w>D&(FN@S82`S6m$8#{oW2XSSbJ1a%c}UhMW>s z;pu=5#F=|(=Y#-AaxsU#3cbrxSU1R<4 zq;x(_7JP}`DrG}O1s3QrgApQ~f z9QH{`XGkHY7oRcC;CBShWW`VU2zse9``*(Wc-37-B1q=?^NVQJK1*UG&vk~{g$qQIXFKn$OiAsv!M&) z{0Jv;<}rz-__PKf)CmEol&_oFf-=o;a*G-wwHQ4QCf z@e6?l!d*3VcoF|*Uv%;47mC!r$&Wz0r`{*04+fszxAlz+cfnv^UN-Vh&2QGVv=&r4 z5e>gM(Yw3`^-T~*la@)KFi8d|aX~9oW+l&I0^_0Zn)=g9Ty{ho+y-0vD`cM@lUBD3 zPTUl)_W()Ybop0#5d1?zxB2nrA69Pvn0tc$_|gF`G_hsa%)%I{0GV^VZogMMduCFe z44l!|j!LM+lU3kOd1prSNdq2${Y=LWY3sv73rQOTYj+4Kw1T5GDVu^%=S}5w?IoU2 z8xj3FzPiC65rfq0Hq30i-_U*M!iXldBqoNi-LFKnB3*#SvM;yrxzVn*{e;is40Zmz zcNENmxsmLb(;r~6lIi`_h(X52z6T2EFwl+?Ks8~VKob|!Mm$1}(Rc6yb}}M+b$*P* zo=h&5`?bq%|17xt3k9X{7pZY)OX>I@n)xR?{f;ZKy^#q-hK^Ngm7lD+zryF9tE&sz zd|k50!gmF6-Y^G>8#P~@ZLCdJ(Svd?M)48bpkj(cs*c1j5RcB^UgF~#@FqP5ETf^3 zsAL=D+z_(c*Y~%>vP`ilugU(rQMepqUEj!>(YwtctsLx4i^#2@*Xp(n?*_&p-Vj0nTa<_~NJmUh|upIwz~ZDJ~Y#i*oW{ri&}F&2e_rwZ!157Qp$ z%=mT@yesGS(1YE3=UCy~@lgBY363jQ%{B|uYU!rsjB`sL{&yM?A-U3u)f{fIHvx&e*Z*CJH9d<@O0#lPEv&dP$xt!UmiYtdCnAshBnSP z(cf!3H0Vj7caALi9eQikfhIE3BV3-@ z>2Bq?(nPLOhsd2ORJ447)jme3&p)*usSQxYF#e>=tsh<|1QLPdv{QO*aSD_Qq6}QAJej-=Od8f01f{|W} zg0#E1e0Sc6Lp?|%mnq)VlEy>^-L9YmCugN?#W0% z^B^Btsx)*=O`i~j#e?j=jDLLv5dpPvSsD(+PQ;CdoS%prYv93N+%-l1@ra~GEb)bJ zE^>xYyotWKTM_@&M;KH@gzo+2v@dPF?~>&E5@oi(gDMt-nZgc4UyQ6Mk)yn#L^u#r zD81P3rGZvlu|>vqn5~WiQ~B$0&1}zfwD9_KV-X|%8$zNH4U0sQG9`=Wagv?V17YCwObR zt78{cIviK`u;dNVTULkA-m(JbI5$Umg6R z3Awf$4PAV|-Dqg6!7}_u;L-1VL=rE>4hgUZEEKn_dj}S!`Ba7a1aLA%qwp(}6>~mT z{tR{!w=eM*9L=e$k=hMKdp(nSvyI=1eTaK!kFUZPHQW|C6^oQt;T3G>@#YXt{)_!I z6eg5Pp{por$LCt8n#l0u2Y3F!V(8Ao?lF^)Eu>|$jt~?%;(Di=uy3p0?XMZoS+t5g z$i{7(dWr279{&30Ri)-(+#0&~Ayw+^XIJXqg-*Qfcnr%z#t*DDD-fIAK zD=HLZ+nA@<-xeNm<{9Z>8NTZ2cUoCwRdzj2mzAxTQ{V8>OjI%yf&1`c%JJr1V zjnHo)aZFDk7Zi3$1|{2)XhkdAd8r0&7rj~#Q-T6|$VJ5?36ZbUM;r;}eOlxdVkSpR z1q7N~^W)@FT*>g6JI&=y zgy5?de+j2NTnRzf0WQPAb^R7{${IZmleP4TQ6Q?zZNG~CFmH}*`O`2~#-V$K?<5=V z)GHQ?C*u3_O)8i?_PT?~5T-=E&*hbp`6-8YQ@M10-$dbF#=s{(3m!yGzqjj*-UD^K zQVn(QM}bS=@Cy#Ae!{LzkM0+{8?j81M``xo0vymkQ+AZNi(a8K!fzYt-_6U`WeK@X zpOFTvPlWWlkELrZRDK-;PWRi6&w(SVg!4e;lNEDiiVxb8oLnS}Z*$M-JuHh9*6(v( z4t*w|vHU9B!LTc1pMJ{3Ie&E-JCUdWDjcrp0>iPz$J^l^#s<_y&j;hXcrWRZ8m0~W zy=}LD=9;OTOYaeFf7tBU7>mX_PV?#1nbtfzWZd7V9($)o8gjI5{C!Jir}bdkwKTVR zr~Nz=loJPEFuTW9rqHFQv@v?t{Z*Qy`r~oUkA*GxzO}C5&4LSKQLDd=tz$i?@4# z&7sJyY0&K1EV=7@8S~K(_A(lEdAmLQDLXf;2FVlZjF`p=tKWk#=J%=$Wgxwj_+pnB}7YJlCq%EKpl&@)~xBZ|3yLeKuBu zZlCZ_tfjEWziY#I5j&HDTw!71Cf}B7;k4U+8;8;b2p{=(u)X=3uMUCf1W60QZTE)v zWPKC%O7Us*(sJiN*{+;=Al#9@?J5Zi`8=jJ-BgjniNRU1#plU@2#&P879@r&wL6}! zNnd&SL!CC}Kz4_(Wa|8n_8%lec*0$_Bcg4qwfG* z685sfdjbc~;=y(0hM;XPwD_H^Ef3VbVphn5A1}NC72`6d9)}KM@h`MxN_w4`O zjILsOtRoc=O34Y4p}w#oa|z$@@+p zaCBURQZ^by>EueMgJ4SbT==rrMX8q-9&rYCj{nW}(nYny-^vEp;hFUfYujTEgOs2% zI-BCp&K8s?k`~$lhc4ddY>QzES_AFJe=W1#;nQU8UI`E!vNB}}>H{7!OhGs&iAwrN zDcn@9`Ww!Cnev>_mqeeqrG|FE36n56Mzcue`}F4HV*>Q~xEIWy-G8WOlu-HFK;y{oF~+)5dAidiea-G1 z6g?DUgddLln5;l~bzEjelQ6oGS_%vt6{A`TwG#K_a6_F3E~U#!gs)g9)@TFRy47EK zX3Ggxbl;z2YV>G<*2j448JCbwlA+ykVvp^CE9Iie9m~+^_oJNwo+w{g$8u8tA!(^xC2qG*h% zs=obrCq?lYtLd~R)p)gyLOZA!=Laf8a<(La@`R#bCc_GXP9T+Q##62DM>+tHwrh+> z47y*)>EF~%Y{T(mp zbh9!|*Vv^`uQ17lc;D!-dZQKbBFBSt0CF>VkBlK@y-ACqlXK?ei;B1gWStp%EMC(> z8H#s*qHZsgT0d$z#5SAma{KB8t>(I6Q+v5U6%?6iQ}8XVP5A-9Z_7-L1g2pSGxPmU?;1(judaavku1}vhL+?rU& ztEtR81@}3O0Z@JL8z^Mii{#ET`wZ{6#LV3!Jn*wayWd?%65O)dMOw3-wz`-|wBY7@pTj51;5i z`i)CL$yn|Lw_l!v*ozFxDWiHj5rX8G_?Gs<_RssMkulTMuHXTk)1;3QvJ>dh0&ArORPwD;*ND&6WE4s(R1bG9HWs9x(QUCvg__5f9pzh@u`e( zdgxnSrhebIVy+bZf*q|0m)A)O_b|L?_>^}R>-<4qpATNiy-APK74p=Wf;j>ggSkOD z$2-|xi~Hrp%<#ixX52EkCr8TTyx6)i@?DzUH*}ZnF^C;wsl43Ct-7gsCo(HQg%$GaQk7XfyaK?+K0kmdo zl|KU{_n-Pjuxap9O}qnkkoXpH8gASa9_(~$rOLEHrcq@~7&guDe5loH>#>zBtO9E9 z`WUrmHDV+3Yh*>=#{8m{-O}ffcf>Wkqdb0qI-h*Fg$P_?I-}JsOS8AAWOg;*Q4Q|5 zmAU<(nwV0P=R))0s1~iHr&WCT`-tl+TwS-0Jm4I38$QG{x5E}Dv7CcXw?>#s1CKs-6Qn7`#Yk--G92LS!gkOglw>-owNsz^zWKbq zrW#yMBomkw+BJ@jug-TQJ!-znGwtvc z6!y#s-TwTFPJG?)I${_7mBFWr99OeER|e4z&X7l}{L2RP)1CdAh^lgXqL0)3sjSMV z;4*$x$qH@sj6B}qk6-Wz+}5Wj#?HC1CTzKcH3IAirP?=*>t2kuq@64RhatOt;{oL_ zdXEfkTKO{Ul%}i$t#ze-VM|QgVr7`w<0n}q+$`u{U*H{p8nhXEOTF~33Cuy}1!jaU5>g#lN2 z;$X5Q0`NAnM=FrT%BIUL3RTn2i0WJX%W9sx|mv`PsT$C?ej(Xm9rnjG zvX`Yi_Yg+{Z_&MXCz!CAaC+___T7)0cLm(MBjEL&#|laX1fPkU$xbQ@d0JzL5t>eP z!h8Go<7)Rm-U=r@#Jd^;ju~(n@GrV|D|Cm7gQ#S5u^MsOw}0s~YC|w3K0hqVUWGq= z{==e%qYm7&ZjC`y5O+T1qpV<^4YkIEDwzi@xoj#K-Ssj=QZ4f~(t-u^2b_l@$piYU z4?q2I@uzLf)~MkqB=}{6bNOl*n*_GFM^;9Xi2GQWXf$jA&nkU==w=^IBlzU5Yr6H* z>V^8uPrV9=6=KIixp=v1Be^$}oE1h^!%${g-1PDLKq?3$9fY4>5Nfg6z^37dq((uw z>_hA#4yMR#E5<0?6e>xJ>xw`T<3V-GwhKVAmy#BP1Xyv}p~Ic#0Lj+LDHr-pbnVYP z3GDKMKxA=MTt7#A-&3amo%>%O4FoXk=Hhm&h!y2uYDL?K3n5*O3=XL(hbfU*+)v8y zFmZErsApX_^n?T7(*j3twjuiZ$AE6|rgW7xJ}=Mh$!z1~iKImxy=Hx+l8g6Bk|^pZ zlJ(J#Hi8^Cnk=xDqvGq%eUcN2-NIj{G6UEo9K2&`Ur~|yq0{5K)nt?&@979!+jSv% z>Tqr_drB#m%_Sg`AgZszw;CHljnJFkqaKke=&*aF0*{4r#e>a3m(^lcxUw!ZPL^P2 zM~(UmRG?H1pHL6jIV4To-1cNH>@g-~)?V!A!omAbif{y9dCj|J@UdoE=Ez{kh_3e__XL%R-{8@wrrYP;SXin zKitGoVm8-5N@}3I{5`IjV+DS2GIqrSy6(50-aQ!(48J5^u11&J#25J9nY&{ zZxQ6EpTKTlr;w!@S`{q{773LA$(oqYcecF%yR-;{Dea<=@n=j10$pOZs7=|su8Sao zSn|A#*T3ncaNPA8tIwX(h_-Lki6orcI|#&z5PKEnEi=MxU~qVk*^P$amxcX9WLnm{ z%S8_-aW>aE)|lgPq7!MV(CKoM&&<;bEzH_qiHh0=yO}HmY+o^?EmUh|H6;U{0KM^? z4_G4NDC4=p%JHPhTEpL*O3YUvp|Pj&3oK!M?UaojmcKevaxnloqrv4|$6|A>xQ~G( z4zIQ4;{@Qy9}2BfdU9%7zc-O?!IvVRyILLN!a9dY(#J)Ap`M0v^Ja9bDMux~DQ`ab zXRKtaTNnL8Vt$-80rU|8Y{@ilU1!u53mQ1il@$h8B=h#*j8IRD zlpcper}Huk?n14g7q35^GvpI6JV@(E=YoVn18L%{WU(&t?RZ*iyZUBVD(E2po<<$4 zl-O5Sd=^lX^|ty1P71bE@=;IzrVFyhM-5#RvDvs`p(7oAUE@t~e&^#<8 zcHoEJ03!xr{TsT_fz4F*L6kOH4U9oWc3jX75u)GyjCl+nqtc^El(d{QeN}w2#nicw57IvUHE;l z1T^Sgv^~kcY5RWl((#@A8a>F88?*2kk~oDo)|B~I*c&EkY)$!NYy>Hh`|m`FqIlOe za%wOdHjtrvK)@>;5*AIP#KRhnB`jMnG|f|Tkq*DnzeY{U{^d*qi5pnaMPe&u)v#f@ zxacg!Pfn{_Z9hu?ttTo|ltCyE_YyU5nTXzMWXy3Yv9r!44s)xz$B}RiwfE=351$=vnos~w&u335A55;fabS;8*UHHDKYU0PAWsSZE#%e$IT`DhL_rK<7?@pG6e*Xe$ zeUo{7&ITV`?-zEjGqtr%>I45UFvbSZyWe>dx`^|I5-z{xY%0$TjiKOkR}f9&GyU25n zt@@g_C-4W zOiL&vuHRv7STwW$HalsS*TAoe#SM|cx)x>7$mtD-ZsN8&OS!Gf6=n5~oU}eE)Si}D z;pfuG>n#2)O%gOFBvvmd9N*TaN-p|~bok1=>VRV8{4bUg>%=&VEj{|7{c@GXidzBR z$J?*v*QS(zoA`nKHWoD=Aiip^V99{7Ffn#JHp5Ggr*6Mc%AbG25t2k|tb-g}JYh`D z*!kThf9>plcPS97=v*X!VDWxa=t4``I0%1wiz9tHNU5MJfs-OmKFD($JYvv%=OepQ z&-I8@(=ZiYS&Qh~aXln4hY4q>e z2t4`Lcwg^RO5cF7Px*6@9D&BQjA^oNWcBM-%O2g69d5 zzU_bRL_tZ_0u8mR9#+kI4R?}%b9sN{wb%e2paDoLYa9zl7u!8%GdYPM*ZN~JVW}8s zU(`rByW&MRlDK>T;LLPX5QFG&CZ*JH#5@OSkTy2S*O~eJal#W_#(Q6?p%Ors08qU7 zw{xb*pj{QJfH#RV)YG-)uI$<_7fa!pV&U}vkukA)ZvFMf?^%&8h^<&EuRwd|A0ffH zE;=>RwRMxD8K;l0F9^)&rJyJItYvej%a3g(ZAFV@8@8SwLWIp%)oow?a=`?Dj^g<|0Mj zxMbjNS6pg+SEq8BK(zA;xp*M72Gm42BDWv?eFp4!AK6vO;%_RY zEwz!+xT_O5FnDWVE>Vm@WZeAY-;~jsw(R!5`;;DAu2DKc;B_lEp@gf#P1@TqpsI%1 z^3ngnA(#lt;0b8(HWM9#yz%V!bdVCYt(a=_n?Lp3ddD;}h5c%XM zQp(bZw_JZF@EaX)9C@yO{&iWjs~k8&wr^)Jq|UA!clFT@)=KGz1g%kc9C)L-fpX>i zx$_z}J$JYw2ds(ZtOw;uMCidaV(AxHwElfU>_yH)04SgsqvY{S1ba{nIz>smz*(m43DBl{?AhUXx)?A~8%8Q2_xTtZhU%*b z7*s1`t4hOXHn7n#U6p-;u=otw@YGm5<|#_Yq>Uq5Iw*ho_e}RcTYivVn@FoQ>2RY`Fe&VssG%@<^OG$Rvci?D3$2KDc10N zm`s%dKbjfRFD;fbk(~J`lpIV{)`y24b6B`MO-hxNU(4!Bx|Ab+wQK+&l$R6NIFshc z&`rv3y~Sg>OM_*oP7>^18&Px=h1KVAmUxldXRMLT=sFaOBHvpba_pXU^0>4F8k`YkHTRO6 zw=`viHZ%_zENNGX_){<2N>+Sc2&bl3Ppys{>c01>0~hNSWC*4fF++w1wswRx{cp@_J9(Z!Ka! zX5)eo_g$STg!g_Rp3HM^9i}^XH)#DqXoxhZdQlIS`R9{%$r|6{&-GZ|K7rMkV}j?1 z%miCdAC82&!xeeLaW^Ic8)lTLj&xke>Q>0 z1nTAY9>Lo-QKsBn`;`y2v<7rpxURz>tt#4Q!E&L4S&%0aG!tXLXUy`&x2J}B!lpj= zgbUOCR&kY2hST|Rl_ufI zb8*Eb4qRQl&Ky4|RBE-NrnjiMjHLhIRVJ_Dmf#B5DcUHp-rSP`t3Nd3vdjJL=Cy$4 z!BrI4-n{W7LYLKoF(Gfm@ogBDHJ5lOCdKmKGZIvu0C z`b!|0Blwp7jxbPEnDCb%pc$=XFr*4Q$07x%5gZ|fz`-69();KGTUKn>1`Rmu*3<~u zr|;~*9Y7AmXX5tokP4SO=fCfQ$5~$D&t-&Wue#1L1}%E4yA?!Wp>Qz}RT`52d?97j z?px#074#`_81lo8=f1LmTr2S*GyvKN+ZN%t8Sv&)(hF`J96!Op%~IpvZ_l Ry?L>ihKjE8$A`Ah{} - - - - - sans-serif - - Main sans-serif font name goes here - Noto Color Emoji - Noto Emoji - - - - - serif - - Main serif font name goes here - Noto Color Emoji - Noto Emoji - - - - - monospace - - Main monospace font name goes here - Noto Color Emoji - Noto Emoji - - - \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/includes/mime.types b/karakeep/rootfs/etc/nginx/includes/mime.types deleted file mode 100644 index c23021204..000000000 --- a/karakeep/rootfs/etc/nginx/includes/mime.types +++ /dev/null @@ -1,96 +0,0 @@ -types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/atom+xml atom; - application/rss+xml rss; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/svg+xml svg svgz; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/webp webp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - - font/woff woff; - font/woff2 woff2; - - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.apple.mpegurl m3u8; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.oasis.opendocument.graphics odg; - application/vnd.oasis.opendocument.presentation odp; - application/vnd.oasis.opendocument.spreadsheet ods; - application/vnd.oasis.opendocument.text odt; - application/vnd.openxmlformats-officedocument.presentationml.presentation - pptx; - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet - xlsx; - application/vnd.openxmlformats-officedocument.wordprocessingml.document - docx; - application/vnd.wap.wmlc wmlc; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/xspf+xml xspf; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - - video/3gpp 3gpp 3gp; - video/mp2t ts; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/includes/proxy_params.conf b/karakeep/rootfs/etc/nginx/includes/proxy_params.conf deleted file mode 100644 index 7aa69699a..000000000 --- a/karakeep/rootfs/etc/nginx/includes/proxy_params.conf +++ /dev/null @@ -1,15 +0,0 @@ -proxy_http_version 1.1; -proxy_ignore_client_abort off; -proxy_read_timeout 86400s; -proxy_redirect off; -proxy_send_timeout 86400s; -proxy_max_temp_file_size 0; - -proxy_set_header Accept-Encoding ""; -proxy_set_header Connection $connection_upgrade; -proxy_set_header Host $http_host; -proxy_set_header Upgrade $http_upgrade; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-NginX-Proxy true; -proxy_set_header X-Real-IP $remote_addr; \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/includes/resolver.conf b/karakeep/rootfs/etc/nginx/includes/resolver.conf deleted file mode 100644 index be0943d63..000000000 --- a/karakeep/rootfs/etc/nginx/includes/resolver.conf +++ /dev/null @@ -1 +0,0 @@ -resolver 127.0.0.11 ipv6=off; \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/includes/server_params.conf b/karakeep/rootfs/etc/nginx/includes/server_params.conf deleted file mode 100644 index f67263b2c..000000000 --- a/karakeep/rootfs/etc/nginx/includes/server_params.conf +++ /dev/null @@ -1,6 +0,0 @@ -root /dev/null; -server_name $hostname; - -add_header X-Content-Type-Options nosniff; -add_header X-XSS-Protection "1; mode=block"; -add_header X-Robots-Tag none; \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/includes/ssl_params.conf b/karakeep/rootfs/etc/nginx/includes/ssl_params.conf deleted file mode 100644 index adb5185f2..000000000 --- a/karakeep/rootfs/etc/nginx/includes/ssl_params.conf +++ /dev/null @@ -1,8 +0,0 @@ -ssl_protocols TLSv1.2 TLSv1.3; -ssl_prefer_server_ciphers off; -ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; -ssl_session_timeout 10m; -ssl_session_cache shared:SSL:10m; -ssl_session_tickets off; -#ssl_stapling on; -#ssl_stapling_verify on; \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/nginx.conf b/karakeep/rootfs/etc/nginx/nginx.conf deleted file mode 100644 index cb593fd2a..000000000 --- a/karakeep/rootfs/etc/nginx/nginx.conf +++ /dev/null @@ -1,52 +0,0 @@ -# Run nginx in foreground. -daemon off; - -# This is run inside Docker. -user root; - -# Pid storage location. -pid /var/run/nginx.pid; - -# Set number of worker processes. -worker_processes 1; - -# Enables the use of JIT for regular expressions to speed-up their processing. -pcre_jit on; - -# Write error log to the add-on log. -error_log /proc/1/fd/1 error; - -# Load allowed environment vars -env HASSIO_TOKEN; - -# Load dynamic modules. -include /etc/nginx/modules/*.conf; - -# Max num of simultaneous connections by a worker process. -events { - worker_connections 512; -} - -http { - include /etc/nginx/includes/mime.types; - - access_log off; - client_max_body_size 4G; - default_type application/octet-stream; - gzip on; - keepalive_timeout 65; - sendfile on; - server_tokens off; - tcp_nodelay on; - tcp_nopush on; - - map $http_upgrade $connection_upgrade { - default upgrade; - '' close; - } - - include /etc/nginx/includes/resolver.conf; - include /etc/nginx/includes/upstream.conf; - - include /etc/nginx/servers/*.conf; -} \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/servers/.gitkeep b/karakeep/rootfs/etc/nginx/servers/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/nginx/templates/direct.gtpl b/karakeep/rootfs/etc/nginx/templates/direct.gtpl deleted file mode 100644 index 2c8d137a1..000000000 --- a/karakeep/rootfs/etc/nginx/templates/direct.gtpl +++ /dev/null @@ -1,31 +0,0 @@ -server { - {{ if not .ssl }} - listen {{ .port }} default_server; - {{ else }} - listen {{ .port }} default_server ssl; - {{ end }} - - include /etc/nginx/includes/server_params.conf; - include /etc/nginx/includes/proxy_params.conf; - - {{ if .ssl }} - include /etc/nginx/includes/ssl_params.conf; - - ssl_certificate {{ .certfile }}; - ssl_certificate_key {{ .keyfile }}; - {{ end }} - - location / { - {{ if .ingress_user }} - set $ingress_user ""; - - if ($remote_addr = 172.30.32.2) { - set $ingress_user {{ .ingress_user }}; - } - - proxy_set_header X-WebAuth-User $ingress_user; - {{ end }} - - proxy_pass {{ .protocol }}://backend; - } -} \ No newline at end of file diff --git a/karakeep/rootfs/etc/nginx/templates/upstream.gtpl b/karakeep/rootfs/etc/nginx/templates/upstream.gtpl deleted file mode 100644 index d37ee59f9..000000000 --- a/karakeep/rootfs/etc/nginx/templates/upstream.gtpl +++ /dev/null @@ -1,3 +0,0 @@ -upstream backend { - server 127.0.0.1:{{ .port }}; -} \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/dependencies.d/base b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/dependencies.d/base deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/run deleted file mode 100644 index e3fba3022..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/run +++ /dev/null @@ -1,59 +0,0 @@ -#!/command/with-contenv bash -# shellcheck shell=bash - -set -e - -echo " Loading env variables:" - -OPTIONS_SOURCE=/data/options.json - -while read -r -d $'\0' key && read -r value; do - - line="$key=$value" - - # log redacted config - case "$key" in - *PASS*|*SECRET*|*KEY*|*TOKEN*) - echo " $key=******" - ;; - *) - echo " $line" - ;; - esac - - export $key=$value - - # set .env - echo "$line" >> /.env || true - - # set /etc/environment - echo "$line" >> /etc/environment - - # For s6 - if [ -d /var/run/s6/container_environment ]; then - printf "%s" "$value" > /var/run/s6/container_environment/"$key" - fi - - echo "export $line" >> ~/.bashrc -done < <( - jq -r ' - reduce to_entries[] as $item ( - {}; - if $item.value | type == "object" then - . + $item.value - else - . + { ($item.key): $item.value } - end - ) - | to_entries[] - | "\(.key)\u0000\(.value|tostring)" - ' "$OPTIONS_SOURCE" -) - -if [ -n "$TZ" ] && [ -f /etc/localtime ]; then - if [ -f /usr/share/zoneinfo/"$TZ" ]; then - echo "Timezone set to $TZ" - ln -snf /usr/share/zoneinfo/"$TZ" /etc/localtime - echo "$TZ" >/etc/timezone - fi -fi \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/type deleted file mode 100644 index 3d92b15f2..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/type +++ /dev/null @@ -1 +0,0 @@ -oneshot \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/up deleted file mode 100644 index b6f7a938e..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-addon-config/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/init-addon-config/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/init-folders b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/init-folders deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-chrome b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-chrome deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-meilisearch b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-db-migration/dependencies.d/svc-meilisearch deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/dependencies.d/init-addon-config b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/dependencies.d/init-addon-config deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run deleted file mode 100644 index eb00b6a41..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/run +++ /dev/null @@ -1,8 +0,0 @@ -#!/command/with-contenv bash -# shellcheck shell=bash - -set -e - -if [ ! -d "$DATA_DIR" ]; then - mkdir -p "$DATA_DIR" -fi \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type deleted file mode 100644 index 3d92b15f2..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/type +++ /dev/null @@ -1 +0,0 @@ -oneshot \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up deleted file mode 100644 index 1fd74db37..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-folders/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/init-folders/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-addon-config b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/dependencies.d/init-addon-config deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/run deleted file mode 100644 index 8203b6a4f..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/run +++ /dev/null @@ -1,49 +0,0 @@ -#!/command/with-contenv bashio -# shellcheck shell=bash - -set -e - -OPTIONS_SOURCE=/data/options.json - -service_port=${SERVICE_PORT:-80} -service_protocol=${SERVICE_PROTOCOL:-http} -nginx_port=${NGINX_PORT:-8080} -certfile="/ssl/$(jq -r '.certfile' $OPTIONS_SOURCE)" -keyfile="/ssl/$(jq -r '.keyfile' $OPTIONS_SOURCE)" -ingress_user=$(jq -r '.ingress_user' $OPTIONS_SOURCE) - -# Generate upstream configuration -printf '{ "port": "%s" }' "$service_port" \ - | tempio \ - -template /etc/nginx/templates/upstream.gtpl \ - -out /etc/nginx/includes/upstream.conf - -if jq -e '.ssl == true' $OPTIONS_SOURCE > /dev/null; then - # Require certfile and keyfile - #bashio::config.require 'certfile' - #bashio::config.require 'keyfile' - - # If certfile or keyfile does not exist, generate self-signed cert - if [ ! -f "$certfile" ] || [ ! -f "$keyfile" ]; then - bashio::log.warning "SSL is enabled, but either certfile, keyfile or both are missing. Falling back to a self-signed certificate..." - - certfile="/data/ssl/fullchain.pem" - keyfile="/data/ssl/privkey.pem" - - /usr/local/bin/ssl-check-generate.sh "$certfile" "$keyfile" true - else - /usr/local/bin/ssl-check-generate.sh "$certfile" "$keyfile" false - fi -fi - -printf '{ - "certfile": "%s", - "keyfile": "%s", - "port": "%s", - "protocol": "%s", - "ssl": %s, - "ingress_user": "%s" -}' "$certfile" "$keyfile" "$nginx_port" "$service_protocol" "$(jq -r '.ssl' $OPTIONS_SOURCE)" "$ingress_user" \ - | tempio \ - -template /etc/nginx/templates/direct.gtpl \ - -out /etc/nginx/servers/direct.conf diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/type deleted file mode 100644 index 3d92b15f2..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/type +++ /dev/null @@ -1 +0,0 @@ -oneshot \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/up deleted file mode 100644 index 60ba159c2..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/init-nginx/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/init-nginx/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/dependencies.d/init-folders b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/dependencies.d/init-folders deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/run deleted file mode 100644 index 5f5a1108b..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/run +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/bash -# shellcheck shell=bash -set -euo pipefail - -############################ -# Configurable directories # -############################ - -CHROME_CACHE_DIR="/data/cache" -CHROME_PROFILE_DIR="/data/chrome-profile" -EXT_BASE_DIR="/data/extensions" - -# Extension IDs (Chrome Web Store) -# uBlock Origin (MV2): cjpalhdlnbpafiamejdnhcphjbkeiagm -# I don't care about cookies: fihnjjcciajhdojfnbdddfaoknhalnja -UBLOCK_ID="cjpalhdlnbpafiamejdnhcphjbkeiagm" -IDCAC_ID="fihnjjcciajhdojfnbdddfaoknhalnja" - -UBLOCK_DIR="${EXT_BASE_DIR}/ublock" -IDCAC_DIR="${EXT_BASE_DIR}/idontcareaboutcookies" - -################################# -# Ensure persistent writable FS # -################################# - -mkdir -p "$CHROME_CACHE_DIR" "$CHROME_PROFILE_DIR" "$EXT_BASE_DIR" -chown -R chrome:chrome "$CHROME_CACHE_DIR" "$CHROME_PROFILE_DIR" "$EXT_BASE_DIR" - -######################## -# Helper: download CRX # -######################## - -need_bin() { - local b="$1" - if ! command -v "$b" >/dev/null 2>&1; then - echo "Missing required binary: $b" - exit 1 - fi -} - -crx_to_zip() { - # CRX2/CRX3 contains a header before the ZIP payload. - # We locate the first ZIP local-file header "PK\003\004" and write from there. - local crx="$1" - local zip="$2" - - python3 - "$crx" "$zip" <<'PY' -import sys - -crx_path, zip_path = sys.argv[1], sys.argv[2] -with open(crx_path, "rb") as f: - data = f.read() - -sig = b"PK\x03\x04" -i = data.find(sig) -if i == -1: - raise SystemExit("Could not find ZIP signature in CRX (PK\\x03\\x04).") - -with open(zip_path, "wb") as f: - f.write(data[i:]) -PY -} - -download_and_unpack_extension() { - local ext_id="$1" - local out_dir="$2" - local name="$3" - - # Skip if already unpacked - if [ -f "${out_dir}/manifest.json" ]; then - return 0 - fi - - need_bin python3 - need_bin curl - need_bin unzip - - mkdir -p "$out_dir" - chown -R chrome:chrome "$out_dir" - - local tmpdir - tmpdir="$(mktemp -d)" - # shellcheck disable=SC2064 - trap "rm -rf '$tmpdir'" EXIT - - local crx="${tmpdir}/${name}.crx" - local zip="${tmpdir}/${name}.zip" - - # CWS update endpoint (works for most public extensions) - # Note: prodversion is just a hint; keep it reasonably recent. - local url - url="https://clients2.google.com/service/update2/crx?response=redirect&prodversion=120.0.0.0&acceptformat=crx2,crx3&x=id%3D${ext_id}%26installsource%3Dondemand%26uc" - - echo "Downloading ${name} (${ext_id})..." - curl -fsSL "$url" -o "$crx" - - echo "Unpacking ${name}..." - crx_to_zip "$crx" "$zip" - - # Unzip into a clean directory - rm -rf "${out_dir:?}/"* - unzip -q "$zip" -d "$out_dir" - - chown -R chrome:chrome "$out_dir" - - # Basic validation - if [ ! -f "${out_dir}/manifest.json" ]; then - echo "Failed to unpack ${name}: manifest.json not found in ${out_dir}" - exit 1 - fi - - rm -rf "$tmpdir" - trap - EXIT -} - -######################### -# Download extensions # -######################### - -download_and_unpack_extension "$UBLOCK_ID" "$UBLOCK_DIR" "ublock-origin" -download_and_unpack_extension "$IDCAC_ID" "$IDCAC_DIR" "i-dont-care-about-cookies" - -EXTENSIONS="${UBLOCK_DIR},${IDCAC_DIR}" - -######################### -# Start Chromium # -######################### - -cd /usr/src/chrome - -# Use exec so s6 can manage the process; avoid backgrounding and /dev/null-ing -exec su chrome -c " - chromium-browser \ - --headless=new \ - --no-sandbox \ - --disable-gpu \ - --disable-dev-shm-usage \ - --disable-crash-reporter \ - --no-crash-upload \ - --hide-scrollbars \ - --remote-debugging-address=0.0.0.0 \ - --remote-debugging-port=9222 \ - --user-data-dir='${CHROME_PROFILE_DIR}' \ - --disk-cache-dir='${CHROME_CACHE_DIR}' \ - --disable-extensions-except='${EXTENSIONS}' \ - --load-extension='${EXTENSIONS}' \ - about:blank -" diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/type deleted file mode 100644 index 1780f9f44..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/type +++ /dev/null @@ -1 +0,0 @@ -longrun \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/up deleted file mode 100644 index ea0dde696..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-chrome/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/svc-chrome/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/dependencies.d/init-folders b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/dependencies.d/init-folders deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/run deleted file mode 100644 index a5e5681b3..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/run +++ /dev/null @@ -1,12 +0,0 @@ -#!/command/with-contenv bash -# shellcheck shell=bash - -set -e - -if [ ! -d "$MEILI_DIR" ]; then - mkdir -p "$MEILI_DIR" -fi - -cd "$MEILI_DIR" - -exec /bin/meilisearch --no-analytics --experimental-dumpless-upgrade \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/type deleted file mode 100644 index 1780f9f44..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/type +++ /dev/null @@ -1 +0,0 @@ -longrun \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/up deleted file mode 100644 index a3be200b9..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-meilisearch/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/svc-meilisearch/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-nginx b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/dependencies.d/init-nginx deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/run b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/run deleted file mode 100644 index 96acd5752..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/run +++ /dev/null @@ -1,9 +0,0 @@ -#!/command/with-contenv bashio -# shellcheck shell=bash - -set -e - -bashio::net.wait_for "$SERVICE_PORT" localhost 900 - -bashio::log.info "Starting NGinx..." -exec nginx diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/type b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/type deleted file mode 100644 index 1780f9f44..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/type +++ /dev/null @@ -1 +0,0 @@ -longrun \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/up b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/up deleted file mode 100644 index e0a24bcc0..000000000 --- a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/svc-nginx/up +++ /dev/null @@ -1 +0,0 @@ -/etc/s6-overlay/s6-rc.d/svc-nginx/run \ No newline at end of file diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-addon-config b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-addon-config deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/init-nginx deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-chrome b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-chrome deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-meilisearch b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-meilisearch deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx b/karakeep/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/svc-nginx deleted file mode 100644 index e69de29bb..000000000 diff --git a/karakeep/rootfs/usr/local/bin/ssl-check-generate.sh b/karakeep/rootfs/usr/local/bin/ssl-check-generate.sh deleted file mode 100755 index d18267890..000000000 --- a/karakeep/rootfs/usr/local/bin/ssl-check-generate.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/command/with-contenv bashio -# shellcheck shell=bash - -set -e - -# Check for required arguments -if [ $# -ne 3 ]; then - bashio::log.error "[ssl-check-generate.sh] missing: " - exit 1 -fi - -bashio::log.debug "SSL Certificate check" - -renew_days=90 - -certfile="$1" -keyfile="$2" -selfsigned=${3:-true} - -if [ ! -f "$certfile" ] || [ ! -f "$keyfile" ]; then - if [ "$selfsigned" = "true" ]; then - /usr/local/bin/ssl-keygen.sh "$certfile" "$keyfile" - exit 0 - else - bashio::log.error "[ssl-check-generate.sh] either certfile, keyfile, or both are missing" - exit 1 - fi -fi - -enddate=$(openssl x509 -enddate -noout -in "$certfile" 2>/dev/null || true) -if [ -n "$enddate" ]; then - expiry_date=$(echo "$enddate" | cut -d= -f2 | sed 's/ GMT$//') - expiry_ts=$(date -d "$expiry_date" +%s) - now_ts=$(date +%s) - days_left=$(( (expiry_ts - now_ts) / 86400 )) - - if [ "$days_left" -le "$renew_days" ]; then - bashio::log.info "Self-signed cert expiring in $days_left days, regenerating..." - /usr/local/bin/ssl-keygen.sh "$certfile" "$keyfile" - fi -else - bashio::log.error "Unable to determine ssl certificate expiry date" -fi - -if pgrep -x nginx >/dev/null 2>&1; then - nginx -s reload -fi \ No newline at end of file diff --git a/karakeep/rootfs/usr/local/bin/ssl-keygen.sh b/karakeep/rootfs/usr/local/bin/ssl-keygen.sh deleted file mode 100755 index da821340d..000000000 --- a/karakeep/rootfs/usr/local/bin/ssl-keygen.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/command/with-contenv bashio -# shellcheck shell=bash - -set -e - -# Check for required arguments -if [ $# -ne 2 ]; then - bashio::log.error "[ssl-keygen.sh] missing: " - exit 1 -fi - -certfile="$1" -keyfile="$2" - -[ -f "$certfile" ] && rm -f "$certfile" -[ -f "$keyfile" ] && rm -f "$keyfile" - -mkdir -p "$(dirname "$certfile")" && mkdir -p "$(dirname "$keyfile")" - -if ! hostname="$(bashio::info.hostname 2> /dev/null)" || [ -z "$hostname" ]; then - hostname="homeassistant" -fi -tmp_openssl_cfg=$(mktemp) -trap 'rm -f "$tmp_openssl_cfg"' EXIT - -cat > "$tmp_openssl_cfg" <