You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
1 year ago | |
---|---|---|
Containerfile | 1 year ago | |
README.md | 1 year ago | |
startup.bash | 1 year ago | |
tmux.conf | 1 year ago |
README.md
Files
tmux.conf
: Tmux configurationstartup.bash
: Startup scriptsshd_config
: sshd config for host
Volumes
These directories should be volumes to persistent storage
/var/lib/zerotier-one
: ZeroTier identity and config information/home/thurstylark/.config/weechat
: Weechat config
Secrets
These Secrets should be set up on first start for the init to work properly
tl-weechat-ztnetaddr
: ZeroTier network address that the container should be connected to- type: string
- format: ZeroTier Network Address
- notes: This address is used during container runtime startup to check that it's joined to the specified network, and to automatically join the specified network if it isn't already.
tl-weechat-pass
: Weechat Secured Data passphrase- type: string
tl-weechat-authorizedkeys
: Content of the container user's~/.ssh/authorized_keys
- type: text file
- format: OpenSSH authorized_keys
Notes
Weechat Secured Data
Ref: https://weechat.org/files/doc/stable/weechat_user.en.html#secured_data
One of my goals for this setup is to get my weechat configs into a state where I can host them publicly. That means removing or obscuring all sensetive information from the conf files, at least in plain-text.
Unlock on startup
By default, weechat waits for user input on startup to gather the Secured Data passphrase before doing anything else. This step can be skipped by setting sec.crypt.passphrase_command.
Because we have set up a container secret for this passphrase already, all we really need to do is read its contents...
/set sec.crypt.passphrase_command "/usr/bin/cat /run/secrets/tl-weechat-pass"