crime: fix config
This commit is contained in:
parent
dc91b774a4
commit
650a206aa4
8 changed files with 353 additions and 146 deletions
|
@ -39,7 +39,7 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
PermitRootLogin = "prohibit-password";
|
PermitRootLogin = "no";
|
||||||
|
|
||||||
PasswordAuthentication = false;
|
PasswordAuthentication = false;
|
||||||
KbdInteractiveAuthentication = false;
|
KbdInteractiveAuthentication = false;
|
||||||
|
|
|
@ -4,24 +4,18 @@
|
||||||
../../profiles/headless.nix
|
../../profiles/headless.nix
|
||||||
../../profiles/kartoffel.nix
|
../../profiles/kartoffel.nix
|
||||||
../../profiles/lxc.nix
|
../../profiles/lxc.nix
|
||||||
|
../../services/arrs
|
||||||
|
../../services/jellyfin.nix
|
||||||
../../services/nginx.nix
|
../../services/nginx.nix
|
||||||
./nginx.nix
|
|
||||||
];
|
];
|
||||||
networking.hostName = "crime";
|
networking.hostName = "crime";
|
||||||
systemd.network.networks."98-eth-default" = {
|
systemd.network.networks."98-eth-default" = {
|
||||||
address = [
|
address = [
|
||||||
"2a0f:be01:0:100::1337/128"
|
"2a0f:be01:0:100::b00b:a/128"
|
||||||
"2a0f:be01:0:100::1338/128"
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
security.acme.certs = {
|
security.acme.defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
||||||
"fentanyl.trade" = { extraDomainNames = [ "frotti.ng" "watch.kyouma.net" ]; };
|
|
||||||
"crime.kyouma.net" = {};
|
|
||||||
};
|
|
||||||
|
|
||||||
services.jellyfin.enable = true;
|
kyouma.nginx.defaultForbidden = "fentanyl.trade";
|
||||||
services.sonarr.enable = true;
|
|
||||||
services.radarr.enable = true;
|
|
||||||
services.prowlarr.enable = true;
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,114 +0,0 @@
|
||||||
{ pkgs, ... }:
|
|
||||||
let
|
|
||||||
landingPage = pkgs.writeTextDir "index.html" ''
|
|
||||||
<!DOCTYPE html>
|
|
||||||
<html>
|
|
||||||
<head>
|
|
||||||
<title>crime.kyouma.net</title>
|
|
||||||
<style>
|
|
||||||
body {
|
|
||||||
width: 35em;
|
|
||||||
margin: 0 auto;
|
|
||||||
font-family: Tahoma, Verdana, Arial, sans-serif;
|
|
||||||
}
|
|
||||||
</style>
|
|
||||||
</head>
|
|
||||||
<body>
|
|
||||||
<h1>Welcome to crime.kyouma.net!</h1>
|
|
||||||
<p>If you see this page, the nginx web server is successfully installed and
|
|
||||||
working. Further configuration is required.</p>
|
|
||||||
|
|
||||||
<p>Sonarr
|
|
||||||
<a href="https://crime.kyouma.net/sonarr">crime.kyouma.net/sonarr</a><br/>
|
|
||||||
Radarr
|
|
||||||
<a href="https://crime.kyouma.net/radarr">crime.kyouma.net/radarr</a><br/>
|
|
||||||
Prowlarr
|
|
||||||
<a href="https://crime.kyouma.net/prowlarr">crime.kyouma.net/prowlarr</a></p>
|
|
||||||
|
|
||||||
<p><em>Thank you for using nginx.</em></p>
|
|
||||||
</body>
|
|
||||||
</html>
|
|
||||||
'';
|
|
||||||
extraConfig = ''
|
|
||||||
add_header Strict-Transport-Security $hsts_header;
|
|
||||||
add_header X-Content-Type-Options "nosniff" always;
|
|
||||||
add_header X-XSS-Protection "1; mode=block" always;
|
|
||||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
||||||
add_header Referrer-Policy "same-origin" always;
|
|
||||||
'';
|
|
||||||
proxyConfig = ''
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
proxy_set_header X-Forwarded-Protocol $scheme;
|
|
||||||
proxy_set_header X-Forwarded-Host $http_host;
|
|
||||||
'';
|
|
||||||
jellyAddr = "[::1]";
|
|
||||||
jellyWeb = {
|
|
||||||
forceSSL = true;
|
|
||||||
#http3 = true;
|
|
||||||
#quic = true;
|
|
||||||
inherit extraConfig;
|
|
||||||
|
|
||||||
locations = {
|
|
||||||
"= /".return = "302 https://$host/web/";
|
|
||||||
"/" = {
|
|
||||||
proxyPass = "http://${jellyAddr}:8096";
|
|
||||||
extraConfig = ''
|
|
||||||
${proxyConfig}
|
|
||||||
proxy_buffering on;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
"= /web/" = {
|
|
||||||
proxyPass = "http://${jellyAddr}:8096/web/index.html";
|
|
||||||
extraConfig = proxyConfig;
|
|
||||||
};
|
|
||||||
"/socket" = {
|
|
||||||
proxyPass = "http://${jellyAddr}:8096";
|
|
||||||
proxyWebsockets = true;
|
|
||||||
extraConfig = proxyConfig;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
services.nginx = {
|
|
||||||
virtualHosts = {
|
|
||||||
"fentanyl.trade" = jellyWeb // {
|
|
||||||
enableACME = true;
|
|
||||||
};
|
|
||||||
"frotti.ng" = jellyWeb // {
|
|
||||||
useACMEHost = "fentanyl.trade";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kyouma.nginx.virtualHosts = {
|
|
||||||
"watch.kyouma.net" = { redirectTo = "fentanyl.trade"; };
|
|
||||||
"redirect" = {
|
|
||||||
default = true;
|
|
||||||
reuseport = true;
|
|
||||||
useACMEHost = "fentanyl.trade";
|
|
||||||
extraConfig = ''
|
|
||||||
return 403;
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
"crime.kyouma.net" = {
|
|
||||||
listenAddresses = [ "[2a0f:be01:0:100::1338]" ];
|
|
||||||
locations = {
|
|
||||||
"/".root = landingPage;
|
|
||||||
"/sonarr/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:8989";
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
};
|
|
||||||
"/radarr/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:7878";
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
};
|
|
||||||
"/prowlarr/" = {
|
|
||||||
proxyPass = "http://127.0.0.1:9696";
|
|
||||||
recommendedProxySettings = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
58
config/services/arrs/default.nix
Normal file
58
config/services/arrs/default.nix
Normal file
|
@ -0,0 +1,58 @@
|
||||||
|
{ lib, pkgs, ... }: {
|
||||||
|
|
||||||
|
users.groups.crime = {};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
prowlarr.enable = true;
|
||||||
|
} // lib.genAttrs [ "sonarr" "radarr" ] (_: {
|
||||||
|
enable = true;
|
||||||
|
group = "crime";
|
||||||
|
});
|
||||||
|
systemd.services = lib.genAttrs [ "radarr" "sonarr" ] (_: {
|
||||||
|
wants = [ "rclone-mezzomix.service" ];
|
||||||
|
serviceConfig.UMask = "0002";
|
||||||
|
});
|
||||||
|
|
||||||
|
systemd.mounts = lib.singleton {
|
||||||
|
description = "rclone mount";
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" "radarr.service" "sonarr.service" ];
|
||||||
|
|
||||||
|
where = "/mnt/mezzomix";
|
||||||
|
what = "mezzomix@otos.feralhosting.com:private/rtorrent/data";
|
||||||
|
type = "fuse.sshfs";
|
||||||
|
options = "_netdev,rw,nosuid,allow_other,default_permissions,follow_symlinks,identityfile=/etc/keys/ssh_host_ed25519_key";
|
||||||
|
};
|
||||||
|
systemd.automounts = lib.singleton {
|
||||||
|
name = "mnt-mezzomix.automount";
|
||||||
|
where = "/mnt/mezzomix";
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
|
||||||
|
automountConfig.TimeoutIdleSec = 0;
|
||||||
|
};
|
||||||
|
environment.systemPackages = [ pkgs.sshfs ];
|
||||||
|
programs.ssh.ciphers = [ "aes256-ctr" ];
|
||||||
|
|
||||||
|
|
||||||
|
kyouma.nginx.virtualHosts = {
|
||||||
|
"crime.kyouma.net" = {
|
||||||
|
verifyClientCert = true;
|
||||||
|
locations = {
|
||||||
|
"/".root = ./landingPage.html;
|
||||||
|
"/sonarr/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:8989";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
};
|
||||||
|
"/radarr/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:7878";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
};
|
||||||
|
"/prowlarr/" = {
|
||||||
|
proxyPass = "http://127.0.0.1:9696";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
security.acme.certs."crime.kyouma.net" = {};
|
||||||
|
}
|
27
config/services/arrs/landingPage.html
Normal file
27
config/services/arrs/landingPage.html
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>crime.kyouma.net</title>
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
width: 35em;
|
||||||
|
margin: 0 auto;
|
||||||
|
font-family: Tahoma, Verdana, Arial, sans-serif;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>Welcome to crime.kyouma.net!</h1>
|
||||||
|
<p>If you see this page, the nginx web server is successfully installed and
|
||||||
|
working. Further configuration is required.</p>
|
||||||
|
|
||||||
|
<p>Sonarr
|
||||||
|
<a href="https://crime.kyouma.net/sonarr">crime.kyouma.net/sonarr</a><br/>
|
||||||
|
Radarr
|
||||||
|
<a href="https://crime.kyouma.net/radarr">crime.kyouma.net/radarr</a><br/>
|
||||||
|
Prowlarr
|
||||||
|
<a href="https://crime.kyouma.net/prowlarr">crime.kyouma.net/prowlarr</a></p>
|
||||||
|
|
||||||
|
<p><em>Thank you for using nginx.</em></p>
|
||||||
|
</body>
|
||||||
|
</html>
|
41
config/services/jellyfin.nix
Normal file
41
config/services/jellyfin.nix
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
{ lib, ... }: {
|
||||||
|
|
||||||
|
users.groups.crime = {};
|
||||||
|
|
||||||
|
services.jellyfin = {
|
||||||
|
enable = true;
|
||||||
|
group = "crime";
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.jellyfin.serviceConfig.UMask = lib.mkForce "0002";
|
||||||
|
|
||||||
|
kyouma.nginx.virtualHosts = {
|
||||||
|
"watch.kyouma.net".redirectTo = "fentanyl.trade";
|
||||||
|
"fentanyl.trade" = {
|
||||||
|
serverAliases = lib.singleton "frotti.ng";
|
||||||
|
locations = {
|
||||||
|
"= /".return = "302 https://$host/web/";
|
||||||
|
"/" = {
|
||||||
|
proxyPass = "http://[::1]:8096";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
extraConfig = ''
|
||||||
|
proxy_buffering on;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
"= /web/" = {
|
||||||
|
proxyPass = "http://[::1]:8096";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
};
|
||||||
|
"/socket" = {
|
||||||
|
proxyPass = "http://[::1]:8096";
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
security.acme.certs."fentanyl.trade".extraDomainNames = [
|
||||||
|
"frotti.ng"
|
||||||
|
"watch.kyouma.net"
|
||||||
|
];
|
||||||
|
}
|
|
@ -10,21 +10,30 @@
|
||||||
add_header Referrer-Policy "same-origin" always;
|
add_header Referrer-Policy "same-origin" always;
|
||||||
'';
|
'';
|
||||||
createHost = vhostName: vhostCfg: {
|
createHost = vhostName: vhostCfg: {
|
||||||
extraConfig = lib.optionalString (builtins.hasAttr "extraConfig" vhostCfg) (vhostCfg.extraConfig + "\n" + extraConfig);
|
extraConfig = lib.optionalString (vhostCfg ? "extraConfig") (
|
||||||
|
vhostCfg.extraConfig + "\n" + extraConfig
|
||||||
|
) + lib.optionalString (
|
||||||
|
if (vhostCfg ? "verifyClientCert") then
|
||||||
|
vhostCfg.verifyClientCert
|
||||||
|
else false
|
||||||
|
) ''
|
||||||
|
ssl_client_certificate ${./kyouma_Root_CA.pem};
|
||||||
|
ssl_verify_client on;
|
||||||
|
ssl_verify_depth 1;
|
||||||
|
'';
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
#kTLS = true;
|
|
||||||
http3 = true;
|
http3 = true;
|
||||||
quic = true;
|
quic = true;
|
||||||
} //
|
} //
|
||||||
lib.optionalAttrs (!(builtins.hasAttr "useACMEHost" vhostCfg)) {
|
lib.optionalAttrs (!(vhostCfg ? "useACMEHost")) {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
} //
|
} //
|
||||||
lib.optionalAttrs (builtins.hasAttr "redirectTo" vhostCfg) {
|
lib.optionalAttrs (vhostCfg ? "redirectTo") {
|
||||||
enableACME = false;
|
enableACME = false;
|
||||||
useACMEHost = vhostCfg.redirectTo;
|
useACMEHost = vhostCfg.redirectTo;
|
||||||
globalRedirect = vhostCfg.redirectTo;
|
globalRedirect = vhostCfg.redirectTo;
|
||||||
} //
|
} //
|
||||||
(builtins.removeAttrs vhostCfg [ "redirectTo" "extraConfig" ]);
|
(builtins.removeAttrs vhostCfg [ "redirectTo" "extraConfig" "verifyClientCert" ]);
|
||||||
|
|
||||||
in {
|
in {
|
||||||
options = {
|
options = {
|
||||||
|
@ -39,21 +48,21 @@ in {
|
||||||
};
|
};
|
||||||
config = {
|
config = {
|
||||||
services.nginx.virtualHosts = lib.optionalAttrs (cfg.virtualHosts != null) (
|
services.nginx.virtualHosts = lib.optionalAttrs (cfg.virtualHosts != null) (
|
||||||
builtins.mapAttrs (createHost) cfg.virtualHosts) //
|
builtins.mapAttrs (createHost) cfg.virtualHosts
|
||||||
lib.optionalAttrs (cfg.defaultForbidden != null) {
|
) // lib.optionalAttrs (cfg.defaultForbidden != null) {
|
||||||
"redirect" = {
|
"redirect" = {
|
||||||
quic = true;
|
quic = true;
|
||||||
http3 = true;
|
http3 = true;
|
||||||
# reuseport has to be specified on the quic listener
|
# reuseport has to be specified on the quic listener
|
||||||
# when using worker_processes auto;
|
# when using worker_processes auto;
|
||||||
reuseport = true;
|
reuseport = true;
|
||||||
default = true;
|
default = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
useACMEHost = cfg.defaultForbidden;
|
useACMEHost = cfg.defaultForbidden;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
return 403;
|
return 403;
|
||||||
'';
|
'';
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
192
modules/nginx/kyouma_Root_CA.pem
Normal file
192
modules/nginx/kyouma_Root_CA.pem
Normal file
|
@ -0,0 +1,192 @@
|
||||||
|
Certificate:
|
||||||
|
Data:
|
||||||
|
Version: 3 (0x2)
|
||||||
|
Serial Number:
|
||||||
|
47:94:9e:44:65:f4:61:f8:aa:b3:c1:7b:86:38:21:d9:88:a5:88:f0
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Issuer: CN=kyouma Root CA
|
||||||
|
Validity
|
||||||
|
Not Before: Jun 21 14:02:26 2024 GMT
|
||||||
|
Not After : Jun 21 14:02:26 2044 GMT
|
||||||
|
Subject: CN=kyouma Root CA
|
||||||
|
Subject Public Key Info:
|
||||||
|
Public Key Algorithm: rsaEncryption
|
||||||
|
Public-Key: (7680 bit)
|
||||||
|
Modulus:
|
||||||
|
00:f9:d0:a3:4b:d9:77:e3:ec:b4:46:8e:3f:1f:a4:
|
||||||
|
39:22:60:d8:ad:e9:1e:fe:ad:17:f8:30:d6:f6:fa:
|
||||||
|
e9:62:f7:36:25:07:e9:6c:83:91:42:0f:e2:53:f1:
|
||||||
|
ca:70:da:26:7d:bf:bb:1d:d5:4d:5e:99:82:99:39:
|
||||||
|
97:f3:c3:7d:f9:0d:08:e8:d4:ae:fc:45:88:98:8e:
|
||||||
|
a3:bc:2a:bd:16:67:32:59:08:59:eb:a8:de:a6:a7:
|
||||||
|
77:9d:f9:1a:c6:7f:76:92:3d:d7:56:74:2b:a3:5a:
|
||||||
|
97:8f:05:ab:3b:dc:92:61:2e:7f:95:b1:5c:04:da:
|
||||||
|
1e:2e:b9:de:7b:16:b2:85:b4:b4:5a:48:34:9a:bb:
|
||||||
|
18:0d:0a:0a:34:91:f8:8f:f3:79:46:a6:c4:ee:aa:
|
||||||
|
93:88:03:cf:43:a2:ba:1e:bc:65:f1:78:d8:ce:d8:
|
||||||
|
2b:fb:db:33:d6:37:ad:d4:9d:44:38:ff:b5:0d:dc:
|
||||||
|
08:61:2c:fb:f0:86:b2:ef:ff:a8:4f:63:28:13:49:
|
||||||
|
f8:21:4e:cb:22:98:54:de:e7:b4:e2:b6:14:c9:c5:
|
||||||
|
59:04:82:04:a2:39:3c:61:f5:91:99:ff:ac:6e:80:
|
||||||
|
9a:d2:22:7d:51:fb:ad:a3:6a:4c:14:a8:e3:28:d9:
|
||||||
|
22:ac:c8:3d:34:17:5a:40:ce:8d:3c:52:e7:e1:e9:
|
||||||
|
d4:75:0d:3f:b8:dd:d3:d2:56:25:92:fa:75:87:81:
|
||||||
|
fe:59:4a:82:53:d5:e7:03:39:c0:07:84:73:70:d0:
|
||||||
|
fc:fe:3f:06:e0:f9:0f:59:22:74:05:13:65:58:5a:
|
||||||
|
a8:1d:7b:52:4f:47:ed:be:26:57:47:49:57:d5:7f:
|
||||||
|
34:c7:3c:0f:55:d4:17:57:8a:0e:bb:f5:3a:c7:77:
|
||||||
|
f1:7d:06:49:a9:a8:dd:18:0e:a2:97:52:c8:49:e5:
|
||||||
|
39:c7:31:5d:07:c3:58:ed:8e:ae:c7:7c:1b:db:8d:
|
||||||
|
dc:a0:c3:e3:f5:c0:98:35:cf:fc:92:a0:a6:f3:0f:
|
||||||
|
b1:18:95:c0:01:eb:1d:96:8d:02:7b:9a:dc:29:5d:
|
||||||
|
59:f1:2a:dc:53:0e:6b:2b:6b:5d:36:03:a1:bd:e4:
|
||||||
|
e6:b4:1f:5a:66:67:13:4a:2c:7f:56:c9:75:5c:fe:
|
||||||
|
42:20:24:51:18:bb:ea:30:12:8f:88:d1:ad:fe:eb:
|
||||||
|
59:92:8d:1e:be:ff:3e:6e:f2:5a:d9:8c:20:f4:35:
|
||||||
|
ed:bc:01:47:21:d3:10:b9:5d:fe:6a:8e:e0:a3:e3:
|
||||||
|
e5:6f:ac:8b:fc:61:d0:75:a8:a3:92:1f:2c:cc:c1:
|
||||||
|
15:17:36:3b:05:ab:58:76:be:63:9d:30:5d:ed:7d:
|
||||||
|
83:0c:b7:24:8f:10:a8:90:02:ee:68:81:05:cd:d9:
|
||||||
|
4f:2e:cc:ef:97:62:d1:75:6b:82:f3:d0:34:56:d3:
|
||||||
|
59:7e:d9:d3:7d:93:ce:1b:17:de:fd:18:4b:e6:50:
|
||||||
|
72:77:88:60:dd:ff:5e:95:05:61:fe:d8:31:dd:34:
|
||||||
|
1e:e1:6d:61:1e:80:73:05:3e:3b:22:c2:34:07:48:
|
||||||
|
9b:0e:06:8d:a6:81:c4:4d:e9:4d:5d:df:e1:04:cd:
|
||||||
|
5b:85:6e:b2:12:aa:1b:cd:bd:4e:7e:53:ea:59:49:
|
||||||
|
af:11:70:b3:11:87:0f:af:2f:99:ce:e9:69:db:6d:
|
||||||
|
d0:5a:14:1a:95:2f:2f:db:bf:36:62:e1:99:ff:7c:
|
||||||
|
b8:b9:5c:4e:79:33:61:ee:db:4b:6f:40:7d:49:b2:
|
||||||
|
6e:e1:65:9d:f6:45:fe:27:14:24:82:5d:f6:a4:38:
|
||||||
|
01:ac:47:54:da:b6:02:c1:ad:79:71:b6:93:64:ec:
|
||||||
|
a4:06:7b:d6:5e:1c:da:7f:40:16:47:65:47:24:2a:
|
||||||
|
8b:77:32:49:89:c4:9f:26:d4:f9:a6:ba:e6:42:aa:
|
||||||
|
74:fd:7e:1e:d1:75:95:5c:5c:d8:d4:bb:75:05:79:
|
||||||
|
10:7a:df:5a:2b:69:9b:75:28:cb:b5:4e:48:3e:a3:
|
||||||
|
aa:21:04:95:8f:62:3b:46:2f:07:d0:9e:1c:50:9b:
|
||||||
|
3d:ba:6d:1f:c2:a0:41:7f:47:43:57:ef:92:31:47:
|
||||||
|
4a:a2:91:65:43:5c:c1:2b:fd:26:2d:be:41:a7:98:
|
||||||
|
7a:8f:52:89:5f:81:ff:48:7d:04:2a:b8:4d:50:91:
|
||||||
|
f5:af:18:33:44:f2:55:5f:68:87:33:d8:e6:4f:5d:
|
||||||
|
b9:92:ca:06:51:f3:e0:b1:5b:6f:a0:52:fe:6e:98:
|
||||||
|
22:01:5f:c2:fb:45:59:02:67:62:6f:74:2b:79:62:
|
||||||
|
e7:5a:13:a8:db:fd:a2:64:b1:0b:49:2f:f4:61:35:
|
||||||
|
a0:b6:12:2c:ec:24:19:9f:0c:14:85:05:b5:e1:c1:
|
||||||
|
9e:4e:87:a4:88:c9:79:65:1d:12:ac:89:e6:bc:ed:
|
||||||
|
6b:58:90:fd:95:40:3f:2e:ba:ff:b8:52:5d:60:98:
|
||||||
|
32:b9:20:38:a5:08:da:a1:fc:38:89:3c:f1:de:38:
|
||||||
|
cf:60:d8:69:a1:4b:88:51:f7:31:b8:fc:56:dc:56:
|
||||||
|
3a:7a:39:c5:03:23:2a:8f:fa:ab:92:7a:b6:37:da:
|
||||||
|
c1:9f:55:e7:31:b1:c5:be:31:60:08:c2:33:30:ec:
|
||||||
|
cf
|
||||||
|
Exponent: 65537 (0x10001)
|
||||||
|
X509v3 extensions:
|
||||||
|
X509v3 Subject Key Identifier:
|
||||||
|
7B:C0:C6:7B:04:C4:66:0C:CD:32:FF:B0:6F:E1:D9:51:FD:1C:EE:B7
|
||||||
|
X509v3 Basic Constraints: critical
|
||||||
|
CA:TRUE
|
||||||
|
X509v3 Key Usage: critical
|
||||||
|
Certificate Sign, CRL Sign
|
||||||
|
Signature Algorithm: sha256WithRSAEncryption
|
||||||
|
Signature Value:
|
||||||
|
58:b3:2d:00:8e:c2:72:5b:ed:91:8e:3c:98:66:6a:e4:61:c3:
|
||||||
|
0f:d1:51:98:0c:64:79:3d:01:ac:8a:38:7f:af:fc:80:31:83:
|
||||||
|
86:a8:79:b9:0f:18:6d:2e:3a:ef:0a:c0:b1:30:39:7e:a4:3d:
|
||||||
|
ed:4e:35:3e:9e:f1:a3:29:dd:cc:01:1e:62:6b:ed:5b:77:31:
|
||||||
|
b3:4c:91:1d:69:70:20:44:87:e0:37:17:a0:ba:c4:e5:57:c5:
|
||||||
|
90:1a:f2:1e:0d:ac:aa:30:11:c3:da:1c:3f:3a:28:b5:6d:12:
|
||||||
|
ac:45:b6:6c:f0:b2:b2:6e:f0:55:33:8e:29:10:ac:9e:61:ac:
|
||||||
|
35:ec:ed:c7:e3:51:c2:86:52:10:7a:9c:f6:22:5d:65:65:18:
|
||||||
|
62:b7:e9:6e:be:64:46:db:dc:15:45:eb:1a:42:45:83:d7:aa:
|
||||||
|
dd:63:24:4a:ed:b9:d5:35:86:27:22:33:6a:26:4b:32:0a:15:
|
||||||
|
75:18:19:58:e9:6b:b4:84:ac:00:a3:78:d3:9d:7d:25:3c:5e:
|
||||||
|
51:7f:01:ca:90:d1:40:2b:d2:45:e1:4f:fb:6e:8d:2e:cc:04:
|
||||||
|
07:34:07:91:c6:8c:4f:a5:e4:7d:dd:78:0f:b0:9d:01:9d:6e:
|
||||||
|
89:16:6d:3a:94:dd:38:57:bc:49:c2:e1:b5:aa:54:8f:d1:8b:
|
||||||
|
13:db:35:2f:d1:80:5e:45:fb:53:60:61:d5:c3:e1:9c:21:60:
|
||||||
|
a3:83:34:e6:9e:bc:86:70:fe:36:8b:35:55:28:e0:f4:b0:81:
|
||||||
|
ed:37:59:0e:7a:f6:a7:66:a1:b6:36:45:30:95:c8:80:d6:40:
|
||||||
|
a9:12:bf:47:b1:33:09:fa:89:d4:9f:c2:57:75:6a:47:dd:87:
|
||||||
|
3f:b3:d1:3d:13:bc:5e:82:ea:5f:3a:dc:46:35:1e:1f:83:40:
|
||||||
|
1c:1d:5e:ba:37:18:a3:75:2f:60:a7:84:67:9b:79:17:ad:fb:
|
||||||
|
2a:5b:d8:84:5d:f2:ff:cc:81:4c:08:e4:17:ec:b7:cf:ac:4c:
|
||||||
|
0f:91:8a:4c:fa:91:ed:24:39:f9:04:3a:18:b0:b1:c3:57:ed:
|
||||||
|
9b:f1:cf:ab:bf:07:f1:52:ef:57:de:0a:76:e7:e4:c4:5f:69:
|
||||||
|
93:71:0c:d4:3f:23:12:55:8c:3d:e6:79:b3:3c:5e:86:ac:1f:
|
||||||
|
5e:7f:ec:96:d8:da:4d:c9:40:32:ee:b5:cb:6e:86:27:49:45:
|
||||||
|
e6:89:30:80:fa:ba:ef:21:42:92:ba:f8:a7:51:16:61:04:13:
|
||||||
|
da:87:ac:c5:9c:c0:19:55:80:2d:4a:32:bb:30:12:0b:49:15:
|
||||||
|
ec:1e:5b:23:d4:d2:a3:4e:c6:22:19:bc:e2:ba:23:67:88:4c:
|
||||||
|
54:d0:bf:10:61:91:d9:eb:f7:d7:bc:89:ee:83:0d:a3:2c:81:
|
||||||
|
a4:c2:38:58:c3:50:b7:fe:3f:f2:bc:a2:f0:52:9d:04:1f:c2:
|
||||||
|
85:bd:d6:06:77:30:7b:90:3d:29:92:dc:41:a9:40:4b:bb:7c:
|
||||||
|
b7:91:07:65:2b:03:af:e4:a0:18:ab:a5:76:00:bc:10:e8:21:
|
||||||
|
41:c7:d7:53:80:41:21:67:af:fe:d1:9d:14:4c:a9:7e:16:1d:
|
||||||
|
4b:61:a4:f4:b1:e8:88:fe:c4:f1:60:3e:6d:d5:a9:90:14:3e:
|
||||||
|
95:5d:7d:f0:7b:1e:af:5f:80:63:a8:ce:b1:a7:a1:b2:9a:10:
|
||||||
|
f7:d9:e7:00:fa:33:d7:61:c9:35:b1:c2:c9:60:0b:a5:1d:08:
|
||||||
|
a8:b2:1d:56:15:b8:b9:5e:36:b3:df:6a:76:6c:5e:9d:a7:e5:
|
||||||
|
54:dc:1a:6c:c3:34:f2:c2:c6:ee:7a:68:49:a3:41:d6:54:34:
|
||||||
|
78:c9:2b:d2:d2:52:94:23:35:d7:c4:bf:c6:e0:21:18:4f:7a:
|
||||||
|
7a:be:e8:ab:34:fa:f7:4d:1a:4b:3c:37:e9:5f:1c:76:b1:6d:
|
||||||
|
96:70:f5:f5:db:b4:15:ba:2c:71:25:80:b3:98:4a:d3:1a:8d:
|
||||||
|
0e:69:24:de:e3:0c:38:64:82:6e:54:d1:74:47:e5:e5:69:b1:
|
||||||
|
c1:04:12:72:8a:3f:71:c0:9f:dc:db:ba:0e:e8:3d:52:4a:23:
|
||||||
|
56:04:9b:8c:eb:4f:62:19:7f:f5:bd:1e:48:d9:7f:89:84:3c:
|
||||||
|
8d:f5:67:21:d6:81:ee:5a:cd:fa:c2:53:60:a0:97:1e:80:a2:
|
||||||
|
dc:96:89:e6:99:d9:9d:48:23:a0:07:9a:02:06:29:04:eb:03:
|
||||||
|
79:06:6b:a0:41:98:d2:8f:2d:b4:e3:cb:c2:5e:78:74:a1:92:
|
||||||
|
29:c9:7d:07:03:ca:3f:8c:f5:71:f0:c4:7d:6a:1b:ac:33:37:
|
||||||
|
4f:03:54:44:46:b6:76:1c:55:8a:7d:7b:e5:58:4e:a9:f8:e1:
|
||||||
|
fe:7b:f3:a2:f8:e6:3b:e0:0b:5d:47:a8:b7:aa:f8:f3:c0:65:
|
||||||
|
b0:e4:1c:22:8f:9e:b9:d1:8f:a6:4a:a4:28:6f:6c:27:31:49:
|
||||||
|
58:c0:4d:80:3b:e3:e2:22:aa:ec:4e:ba:a5:0d:9e:b8:17:8c:
|
||||||
|
6b:4e:2d:37:6a:cc:f3:2d:0d:6b:34:b4:00:eb:ce:31:0e:a5:
|
||||||
|
c4:85:cd:1e:16:0b
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIIgjCCBKqgAwIBAgIUR5SeRGX0Yfiqs8F7hjgh2YiliPAwDQYJKoZIhvcNAQEL
|
||||||
|
BQAwGTEXMBUGA1UEAwwOa3lvdW1hIFJvb3QgQ0EwHhcNMjQwNjIxMTQwMjI2WhcN
|
||||||
|
NDQwNjIxMTQwMjI2WjAZMRcwFQYDVQQDDA5reW91bWEgUm9vdCBDQTCCA+IwDQYJ
|
||||||
|
KoZIhvcNAQEBBQADggPPADCCA8oCggPBAPnQo0vZd+PstEaOPx+kOSJg2K3pHv6t
|
||||||
|
F/gw1vb66WL3NiUH6WyDkUIP4lPxynDaJn2/ux3VTV6Zgpk5l/PDffkNCOjUrvxF
|
||||||
|
iJiOo7wqvRZnMlkIWeuo3qand535GsZ/dpI911Z0K6Nal48FqzvckmEuf5WxXATa
|
||||||
|
Hi653nsWsoW0tFpINJq7GA0KCjSR+I/zeUamxO6qk4gDz0Oiuh68ZfF42M7YK/vb
|
||||||
|
M9Y3rdSdRDj/tQ3cCGEs+/CGsu//qE9jKBNJ+CFOyyKYVN7ntOK2FMnFWQSCBKI5
|
||||||
|
PGH1kZn/rG6AmtIifVH7raNqTBSo4yjZIqzIPTQXWkDOjTxS5+Hp1HUNP7jd09JW
|
||||||
|
JZL6dYeB/llKglPV5wM5wAeEc3DQ/P4/BuD5D1kidAUTZVhaqB17Uk9H7b4mV0dJ
|
||||||
|
V9V/NMc8D1XUF1eKDrv1Osd38X0GSamo3RgOopdSyEnlOccxXQfDWO2Orsd8G9uN
|
||||||
|
3KDD4/XAmDXP/JKgpvMPsRiVwAHrHZaNAnua3CldWfEq3FMOaytrXTYDob3k5rQf
|
||||||
|
WmZnE0osf1bJdVz+QiAkURi76jASj4jRrf7rWZKNHr7/Pm7yWtmMIPQ17bwBRyHT
|
||||||
|
ELld/mqO4KPj5W+si/xh0HWoo5IfLMzBFRc2OwWrWHa+Y50wXe19gwy3JI8QqJAC
|
||||||
|
7miBBc3ZTy7M75di0XVrgvPQNFbTWX7Z032TzhsX3v0YS+ZQcneIYN3/XpUFYf7Y
|
||||||
|
Md00HuFtYR6AcwU+OyLCNAdImw4GjaaBxE3pTV3f4QTNW4VushKqG829Tn5T6llJ
|
||||||
|
rxFwsxGHD68vmc7padtt0FoUGpUvL9u/NmLhmf98uLlcTnkzYe7bS29AfUmybuFl
|
||||||
|
nfZF/icUJIJd9qQ4AaxHVNq2AsGteXG2k2TspAZ71l4c2n9AFkdlRyQqi3cySYnE
|
||||||
|
nybU+aa65kKqdP1+HtF1lVxc2NS7dQV5EHrfWitpm3Uoy7VOSD6jqiEElY9iO0Yv
|
||||||
|
B9CeHFCbPbptH8KgQX9HQ1fvkjFHSqKRZUNcwSv9Ji2+QaeYeo9SiV+B/0h9BCq4
|
||||||
|
TVCR9a8YM0TyVV9ohzPY5k9duZLKBlHz4LFbb6BS/m6YIgFfwvtFWQJnYm90K3li
|
||||||
|
51oTqNv9omSxC0kv9GE1oLYSLOwkGZ8MFIUFteHBnk6HpIjJeWUdEqyJ5rzta1iQ
|
||||||
|
/ZVAPy66/7hSXWCYMrkgOKUI2qH8OIk88d44z2DYaaFLiFH3Mbj8VtxWOno5xQMj
|
||||||
|
Ko/6q5J6tjfawZ9V5zGxxb4xYAjCMzDszwIDAQABo0IwQDAdBgNVHQ4EFgQUe8DG
|
||||||
|
ewTEZgzNMv+wb+HZUf0c7rcwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
|
||||||
|
AQYwDQYJKoZIhvcNAQELBQADggPBAFizLQCOwnJb7ZGOPJhmauRhww/RUZgMZHk9
|
||||||
|
AayKOH+v/IAxg4aoebkPGG0uOu8KwLEwOX6kPe1ONT6e8aMp3cwBHmJr7Vt3MbNM
|
||||||
|
kR1pcCBEh+A3F6C6xOVXxZAa8h4NrKowEcPaHD86KLVtEqxFtmzwsrJu8FUzjikQ
|
||||||
|
rJ5hrDXs7cfjUcKGUhB6nPYiXWVlGGK36W6+ZEbb3BVF6xpCRYPXqt1jJErtudU1
|
||||||
|
hiciM2omSzIKFXUYGVjpa7SErACjeNOdfSU8XlF/AcqQ0UAr0kXhT/tujS7MBAc0
|
||||||
|
B5HGjE+l5H3deA+wnQGdbokWbTqU3ThXvEnC4bWqVI/RixPbNS/RgF5F+1NgYdXD
|
||||||
|
4ZwhYKODNOaevIZw/jaLNVUo4PSwge03WQ569qdmobY2RTCVyIDWQKkSv0exMwn6
|
||||||
|
idSfwld1akfdhz+z0T0TvF6C6l863EY1Hh+DQBwdXro3GKN1L2CnhGebeRet+ypb
|
||||||
|
2IRd8v/MgUwI5Bfst8+sTA+Rikz6ke0kOfkEOhiwscNX7Zvxz6u/B/FS71feCnbn
|
||||||
|
5MRfaZNxDNQ/IxJVjD3mebM8XoasH15/7JbY2k3JQDLutctuhidJReaJMID6uu8h
|
||||||
|
QpK6+KdRFmEEE9qHrMWcwBlVgC1KMrswEgtJFeweWyPU0qNOxiIZvOK6I2eITFTQ
|
||||||
|
vxBhkdnr99e8ie6DDaMsgaTCOFjDULf+P/K8ovBSnQQfwoW91gZ3MHuQPSmS3EGp
|
||||||
|
QEu7fLeRB2UrA6/koBirpXYAvBDoIUHH11OAQSFnr/7RnRRMqX4WHUthpPSx6Ij+
|
||||||
|
xPFgPm3VqZAUPpVdffB7Hq9fgGOozrGnobKaEPfZ5wD6M9dhyTWxwslgC6UdCKiy
|
||||||
|
HVYVuLleNrPfanZsXp2n5VTcGmzDNPLCxu56aEmjQdZUNHjJK9LSUpQjNdfEv8bg
|
||||||
|
IRhPenq+6Ks0+vdNGks8N+lfHHaxbZZw9fXbtBW6LHElgLOYStMajQ5pJN7jDDhk
|
||||||
|
gm5U0XRH5eVpscEEEnKKP3HAn9zbug7oPVJKI1YEm4zrT2IZf/W9HkjZf4mEPI31
|
||||||
|
ZyHWge5azfrCU2Cglx6AotyWieaZ2Z1II6AHmgIGKQTrA3kGa6BBmNKPLbTjy8Je
|
||||||
|
eHShkinJfQcDyj+M9XHwxH1qG6wzN08DVERGtnYcVYp9e+VYTqn44f5786L45jvg
|
||||||
|
C11HqLeq+PPAZbDkHCKPnrnRj6ZKpChvbCcxSVjATYA74+IiquxOuqUNnrgXjGtO
|
||||||
|
LTdqzPMtDWs0tADrzjEOpcSFzR4WCw==
|
||||||
|
-----END CERTIFICATE-----
|
Loading…
Reference in a new issue