backup/backup.sh

@@ -49,5 +49,5 @@ ssh -o StrictHostKeyChecking=no -l "${REMOTE_USER}" "${REMOTE_SERVER}" "mkdir -p
 
 cd ${LOCAL_FOLDER_PATH}
 echo "Copying files."
-rsync -e "ssh -o StrictHostKeyChecking=no" --verbose --archive "${link_parameter}" * "${REMOTE_USER}"@"${REMOTE_SERVER}":"${remote_folder}"
+rsync -e "ssh -o StrictHostKeyChecking=no" --verbose --archive "${link_parameter}" * "${REMOTE_USER}"@"${REMOTE_SERVER}":"${remote_folder}" || exit 20
 echo "Done copying files."

dashy/conf.yml

@@ -57,6 +57,16 @@ sections:
         icon: https://content.oversecured.com/icons/favicon.svg
         url: https://blog.oversecured.com
         target: newtab
+      - title: Osmedeus
+        description: Recon Engine
+        icon: https://docs.osmedeus.org/static/images/favicon.png
+        url: https://osmedeus.dodges.it/ui/#/
+        target: newtab
+      - title: PortSwigger Academy
+        description: PortSwigger learning platform
+        icon: https://portswigger.net/content/images/logos/favicon.ico
+        url: https://portswigger.net/web-security/dashboard
+        target: newtab
   - name: House
     icon: fas fa-house
     items:
@@ -71,9 +81,11 @@ sections:
       - title: NetAtmo
         description: Home Weather monitoring
         icon: https://my.netatmo.com/images/favicons/favicon.ico?v=64ff12c57e738
+        url: https://my.netatmo.com/app/station
       - title: quitt
         description: Cleaning lady
         icon: https://quitt.ch/wp-content/uploads/quitt-logo@2x.png
+        url: https://quitt.ch
   - name: Dodges
     icon: fas fa-rocket
     items:

ingress/ingress.yaml

@@ -426,4 +426,38 @@ spec:
             port:
               number: 80
   ingressClassName: nginx
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: osmedeus-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt"
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    nginx.org/client-max-body-size: "500m"
+    nginx.org/proxy-connect-timeout: "60s"
+    nginx.org/proxy-read-timeout: "60s"
+    # Uncomment to allow solving HTTP01 challenge
+    nginx.org/hsts: "True"
+    # ingress.kubernetes.io/ssl-redirect: "false"
+    # nginx.org/redirect-to-https: "false"
+    # Upstream uses HTTPS, so connect in HTTPS.
+    nginx.org/ssl-services: "osmedeus"
+spec:
+  tls:
+  - hosts:
+    - osmedeus.dodges.it
+    secretName: osmedeus-le-secret
+  rules:
+  - host: osmedeus.dodges.it
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: osmedeus
+            port:
+              number: 8000
+  ingressClassName: nginx
 

nextcloud/image/Dockerfile

@@ -1,4 +1,4 @@
-FROM nextcloud:27.1.5-apache
+FROM nextcloud:28.0.1-apache
 
 RUN apt-get update && apt-get install -y \
     supervisor \
@@ -9,6 +9,6 @@ COPY supervisord.conf /
 
 ENV NEXTCLOUD_UPDATE=1
 
-RUN echo '*/15 * * * * php /var/www/html/occ preview:pre-generate' >> /var/spool/cron/crontabs/www-data
+RUN echo '*/15 * * * * php /var/www/html/occ preview:generate' >> /var/spool/cron/crontabs/www-data
 
 CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]]

nextcloud/nextcloud-dply.yaml

@@ -26,7 +26,7 @@ spec:
                   - amd64
       containers:
         - name: nextcloud
-          image: qdii/nextcloud:27.1.5-apache
+          image: qdii/nextcloud:28.0.1-apache
           env:
           - name: MYSQL_DATABASE
             value: "nextcloud"

osmedeus/Dockerfile

@@ -0,0 +1,16 @@
+FROM j3ssie/essential-build:latest
+ARG DEBIAN_FRONTEND=noninteractive
+SHELL ["/bin/bash", "-c"]
+ENV PATH "$PATH:/root/osmedeus-base/binaries/"
+WORKDIR /root/
+
+RUN curl -fsSL https://public-premium-osm.s3.ap-southeast-1.amazonaws.com/2f7f17ae60a47e598d0ac206227afcd7/premium.sh -o /tmp/install.sh
+RUN chmod +x /tmp/install.sh
+RUN /tmp/install.sh
+
+COPY config.yaml /root/.osmedeus/config.yaml
+COPY datasources.yaml /root/osmedeus-base/data/amass-config/datasources.yaml
+
+EXPOSE 8000
+CMD ["/usr/local/bin/osmedeus","server"]
+ENTRYPOINT ["osmedeus"]

osmedeus/config.yaml

@@ -0,0 +1,38 @@
+client:
+    dest: http://127.0.0.1:8000
+    jwt: ""
+    password: 12312345
+    username: qdii
+database:
+    db_host: 127.0.0.1
+    db_name: osm-core
+    db_pass: DB_PASS
+    db_path: /root/.osmedeus/sqlite.db
+    db_port: "3306"
+    db_type: filesystem
+    db_user: root
+environments:
+    backups: /root/.osmedeus/backups
+    binaries: /root/osmedeus-base/binaries
+    cloud_config: /root/osmedeus-base/cloud
+    data: /root/osmedeus-base/data
+    instances: /root/.osmedeus/instances
+    provider_config: /root/.osmedeus/provider
+    storages: /root/.osmedeus/storages
+    workflows: /root/osmedeus-base/workflow
+    workspaces: /root/workspaces-osmedeus
+mics:
+    docs: https://docs.osmedeus.org
+server:
+    bind: 0.0.0.0:8000
+    cert_file: /root/.osmedeus/server/ssl/cert.pem
+    cors: '*'
+    key_file: /root/.osmedeus/server/ssl/key.pem
+    master_pass: ""
+    prefix: b7f917c91b94cee3e6b
+    secret: 2d6790747a4cb7f917c91b94cee3e6b2
+    ui: /root/.osmedeus/server/ui
+tactic:
+    aggressive: 40
+    default: 10
+    gently: 5

osmedeus/datasources.yaml

@@ -0,0 +1,238 @@
+datasources:
+  - name: 360PassiveDNS
+    ttl: 3600
+    creds:
+      account: 
+        apikey: null
+  - name: ASNLookup
+    creds:
+      account: 
+        apikey: 3787d47123mshaf501d0b44daa57p14a394jsn9b4e4c1bc32c
+  - name: Ahrefs
+    ttl: 4320
+    creds:
+      account: 
+        apikey: null
+  - name: AlienVault
+    creds:
+      account: 
+        apikey: 5c423e7821d317401148a8756db087ebb312e208d10c2ad94a77b343c7cce5a9
+  - name: BeVigil
+    creds:
+      account: 
+        apikey: null
+  - name: BigDataCloud
+    creds:
+      account: 
+        apikey: null
+  - name: BinaryEdge
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: BufferOver
+    creds:
+      account: 
+        apikey: null
+  - name: BuiltWith
+    ttl: 10080
+    creds:
+      account: 
+        apikey: 20741f26-421b-4f92-84bb-99bafdc672fc
+  - name: C99
+    ttl: 4320
+    creds:
+      account1: 
+        apikey: null
+      account2: 
+        apikey: null
+  - name: Censys
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+        secret: null
+  - name: Chaos
+    ttl: 4320
+    creds:
+      account: 
+        apikey: null
+  - name: CIRCL
+    creds:
+      account: 
+        username: null
+        password: null
+  - name: CertCentral
+    creds:
+      account: 
+        username: null
+        apikey: null
+  - name: DNSDB
+    ttl: 4320
+    creds:
+      account: 
+        apikey: null
+  - name: DNSlytics
+    creds:
+      account: 
+        apikey: null
+  - name: DNSRepo
+    creds:
+      account: 
+        apikey: null
+  - name: Deepinfo
+    creds:
+      account: 
+        apikey: null
+  - name: Detectify
+    creds:
+      account: 
+        apikey: null
+  - name: FacebookCT
+    ttl: 4320
+    creds:
+      app1: 
+        apikey: null
+        secret: null
+      app2: 
+        apikey: null
+        secret: null
+  - name: FOFA
+    ttl: 10080
+    creds:
+      account: 
+        username: null
+        apikey: null
+  - name: FullHunt
+    creds:
+      account: 
+        apikey: null
+  - name: GitHub
+    ttl: 4320
+    creds:
+      accountname: 
+        apikey: null
+  - name: GitLab
+    ttl: 4320
+    creds:
+      accountname: 
+        apikey: null
+  - name: HackerTarget
+    ttl: 1440
+    creds:
+      account: 
+        apikey: null
+  - name: Hunter
+    creds:
+      account: 
+        apikey: null
+  - name: IntelX
+    creds:
+      account: 
+        apikey: null
+  - name: IPdata
+    creds:
+      account: 
+        apikey: null
+  - name: IPinfo
+    creds:
+      account: 
+        apikey: null
+  - name: LeakIX
+    creds:
+      account: 
+        apikey: null
+  - name: Netlas
+    creds:
+      account: 
+        apikey: null
+  - name: ONYPHE
+    ttl: 4320
+    creds:
+      account: 
+        apikey: null
+  - name: Pastebin
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: PassiveTotal
+    ttl: 10080
+    creds:
+      account: 
+        username: null
+        apikey: null
+  - name: PentestTools
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: PublicWWW
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: Quake
+    ttl: 4320
+    creds:
+      account: 
+        apikey: null
+  - name: SOCRadar
+    creds:
+      account: 
+        apikey: null
+  - name: SecurityTrails
+    ttl: 1440
+    creds:
+      account: 
+        apikey: null
+  - name: Shodan
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: Spamhaus
+    ttl: 1440
+    creds:
+      account: 
+        username: null
+        password: null
+  - name: ThreatBook
+    creds:
+      account1: 
+        apikey: null
+  - name: URLScan
+    creds:
+      account: 
+        apikey: null
+  - name: VirusTotal
+    ttl: 10080
+    creds:
+      account: 
+        apikey: null
+  - name: WhoisXMLAPI
+    creds:
+      account: 
+        apikey: null
+  - name: Yandex
+    ttl: 1440
+    creds:
+      account: 
+        username: null
+        apikey: null
+  - name: ZETAlytics
+    ttl: 1440
+    creds:
+      account: 
+        apikey: null
+  - name: ZoomEye
+    ttl: 1440
+    creds:
+      account: 
+        username: 120bce0313ca 
+        password: nwOM=b8`W%uZd<z~xkHtsC[UgCI;H"                     
+
+# this is the global options that will be considered. For example, minimum_ttl would be a global option used to compare
+# the minimum_ttl to the other datasources ttl.
+global_options: 
+  minimum_ttl: 1440

osmedeus/osmedeus.yaml

@@ -0,0 +1,105 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: osmedeus-pv
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteMany
+  nfs:
+    path: /volume2/FastNFS/osmedeus
+    server: 192.168.2.44
+    readOnly: false
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: osmedeus
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: osmedeus
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: osmedeus
+  template:
+    metadata:
+      labels:
+        name: osmedeus
+        nginx: backend
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                - key: kubernetes.io/arch
+                  operator: In
+                  values:
+                  - amd64
+      containers:
+        - name: osmedeus
+          image: qdii/osmedeus:4.6.3
+          imagePullPolicy: "Always"
+          command: ["/usr/local/bin/osmedeus","server"]
+          args: ["osmedeus"]
+          env:
+          - name: TELEGRAM_CHANNEL
+            valueFrom:
+              secretKeyRef:
+                name: telegram
+                key: channel
+          - name: TELEGRAM_API_TOKEN
+            valueFrom:
+              secretKeyRef:
+                name: telegram
+                key: apitoken
+          volumeMounts:
+          - name: osmedeus
+            mountPath: /root/workspaces-osmedeus
+          ports:
+            - containerPort: 8000
+              name: http
+          livenessProbe:
+            initialDelaySeconds: 300
+            timeoutSeconds: 10
+            httpGet:
+              path: "/ui/#"
+              scheme: "HTTPS"
+              port: 8000
+              httpHeaders:
+                - name: Host
+                  value: "osmedeus.dodges.it"
+      imagePullSecrets:
+        - name: regcred
+      volumes:
+        - name: osmedeus
+          persistentVolumeClaim:
+            claimName: osmedeus
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: osmedeus
+spec:
+  type: ClusterIP
+  ipFamilyPolicy: PreferDualStack
+  selector:
+    name: osmedeus
+  ports:
+    - protocol: TCP
+      port: 8000
+      targetPort: 8000
+      name: http