Initial commit

2025-07-11 15:48:18 +08:00
commit 1d7f6cc8fc
12 changed files with 743 additions and 0 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,2 @@
 # Auto detect text files and perform LF normalization
 * text=auto
--- a/21
+++ b/21
@@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2025 YuanHui
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/deploy_caddy.yml
+++ b/deploy_caddy.yml
@@ -0,0 +1,47 @@
 ---
 - name: Deploy and Reload Caddy & frpc on Heterogeneous Systems
  hosts: caddy_servers
  become: yes
  # # 'pre_tasks' 会在所有常规 'tasks' 之前执行
  # pre_tasks:
  #   - name: "(Alpine Only) Ensure Python 3 is installed for Ansible"
  #     # 使用 'raw' 模块，因为它不依赖 Python
  #     # 这是一个标准的在 Alpine 上引导 Ansible 的方法
  #     raw: test -e /usr/bin/python3 || (apk update && apk add python3)
  #     register: result
  #     changed_when: "'OK' in result.stdout or 'fetch' in result.stdout"
  #     # 'when' 条件确保这个任务只在 Alpine 系统上运行
  #     when: ansible_os_family == "Alpine"
  tasks:
    # --- Caddy 任务 (保持不变) ---
    - name: "Copy Caddyfile for {{ inventory_hostname }}"
      copy:
        src: "files/{{ inventory_hostname }}/Caddyfile"
        dest: /etc/caddy/Caddyfile
        owner: root
        group: caddy
        mode: '0644'
        validate: 'caddy validate --config %s --adapter caddyfile'
      notify: Reload Caddy
  handlers:
    # --- Caddy Handlers (保持不变) ---
    - name: Reload Caddy on systemd systems (e.g., Ubuntu)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      systemd:
        name: caddy
        state: reloaded
      # This handler ONLY runs on systems with systemd
      when: ansible_service_mgr == "systemd"
    - name: Reload Caddy on OpenRC systems (e.g., Alpine)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      # For Alpine, we use the 'command' module to call its service manager
      command: rc-service caddy reload
      # This handler ONLY runs on systems with openrc
      when: ansible_service_mgr == "openrc"
--- a/deploy_clash.yml
+++ b/deploy_clash.yml
@@ -0,0 +1,83 @@
 ---
 - name: Deploy and Reload Caddy & frpc on Heterogeneous Systems
  hosts: caddy_servers
  become: yes
  # # 'pre_tasks' 会在所有常规 'tasks' 之前执行
  # pre_tasks:
  #   - name: "(Alpine Only) Ensure Python 3 is installed for Ansible"
  #     # 使用 'raw' 模块，因为它不依赖 Python
  #     # 这是一个标准的在 Alpine 上引导 Ansible 的方法
  #     raw: test -e /usr/bin/python3 || (apk update && apk add python3)
  #     register: result
  #     changed_when: "'OK' in result.stdout or 'fetch' in result.stdout"
  #     # 'when' 条件确保这个任务只在 Alpine 系统上运行
  #     when: ansible_os_family == "Alpine"
  tasks:
    # --- Caddy 任务 (保持不变) ---
    - name: "Copy Caddyfile for {{ inventory_hostname }}"
      copy:
        src: "files/{{ inventory_hostname }}/Caddyfile"
        dest: /etc/caddy/Caddyfile
        owner: root
        group: caddy
        mode: '0644'
        validate: 'caddy validate --config %s --adapter caddyfile'
      notify: Reload Caddy
    # --- 新增的 FRPC 任务 ---
    - name: "Copy frpc.toml for {{ inventory_hostname }}"
      # 使用 copy 模块部署 frpc.toml
      copy:
        src: "files/{{ inventory_hostname }}/frp/frpc.toml"
        dest: /etc/frp/frpc.toml
        owner: root
        group: root # 根据您服务器上的实际情况，frp的用户组可能是root或frp
        mode: '0640' # toml文件可能包含敏感信息，使用更严格的权限
      # 当这个任务只在 192.168.31.102 上执行
      when: inventory_hostname == "192.168.31.101"
      # 当文件变更时，通知 "Restart frpc" 这个 handler
      notify: Restart frpc
    # --- 新增的 DOCKER COMPOSE 任务 ---
    - name: "Copy docker-compose.yml for {{ inventory_hostname }}"
      copy:
        src: "files/{{ inventory_hostname }}/ddns-go/docker-compose.yml"
        dest: /root/ddns-go/docker-compose.yml
        owner: root
        group: root
        mode: '0644'
      when: inventory_hostname == "192.168.31.101"
      notify: Relaunch Docker Compose application
  handlers:
    # --- Caddy Handlers (保持不变) ---
    - name: Reload Caddy on systemd systems (e.g., Ubuntu)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      systemd:
        name: caddy
        state: reloaded
      # This handler ONLY runs on systems with systemd
      when: ansible_service_mgr == "systemd"
    - name: Reload Caddy on OpenRC systems (e.g., Alpine)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      # For Alpine, we use the 'command' module to call its service manager
      command: rc-service caddy reload
      # This handler ONLY runs on systems with openrc
      when: ansible_service_mgr == "openrc"
    # --- 新增的 FRPC Handler ---
    - name: Restart frpc
      # frpc 运行在 Alpine (OpenRC) 上，所以我们直接使用 command 模块
      command: rc-service frpc restart
      # 这个 handler 监听 "Restart frpc" 通知
      listen: "Restart frpc"
    # --- 新增的 DOCKER COMPOSE Handler ---
    - name: Relaunch Docker Compose application
      # 使用 command 模块来执行 docker compose 命令，以应用新的配置
      # 'docker compose' 是新版语法，如果您的服务器是旧版 docker-compose，请使用 'docker-compose'
      command: docker compose -f /root/ddns-go/docker-compose.yml up -d --remove-orphans
      listen: "Relaunch Docker Compose application"
--- a/deploy_docker.yml
+++ b/deploy_docker.yml
@@ -0,0 +1,83 @@
 ---
 - name: Deploy and Reload Caddy & frpc on Heterogeneous Systems
  hosts: caddy_servers
  become: yes
  # # 'pre_tasks' 会在所有常规 'tasks' 之前执行
  # pre_tasks:
  #   - name: "(Alpine Only) Ensure Python 3 is installed for Ansible"
  #     # 使用 'raw' 模块，因为它不依赖 Python
  #     # 这是一个标准的在 Alpine 上引导 Ansible 的方法
  #     raw: test -e /usr/bin/python3 || (apk update && apk add python3)
  #     register: result
  #     changed_when: "'OK' in result.stdout or 'fetch' in result.stdout"
  #     # 'when' 条件确保这个任务只在 Alpine 系统上运行
  #     when: ansible_os_family == "Alpine"
  tasks:
    # --- Caddy 任务 (保持不变) ---
    - name: "Copy Caddyfile for {{ inventory_hostname }}"
      copy:
        src: "files/{{ inventory_hostname }}/Caddyfile"
        dest: /etc/caddy/Caddyfile
        owner: root
        group: caddy
        mode: '0644'
        validate: 'caddy validate --config %s --adapter caddyfile'
      notify: Reload Caddy
    # --- 新增的 FRPC 任务 ---
    - name: "Copy frpc.toml for {{ inventory_hostname }}"
      # 使用 copy 模块部署 frpc.toml
      copy:
        src: "files/{{ inventory_hostname }}/frp/frpc.toml"
        dest: /etc/frp/frpc.toml
        owner: root
        group: root # 根据您服务器上的实际情况，frp的用户组可能是root或frp
        mode: '0640' # toml文件可能包含敏感信息，使用更严格的权限
      # 当这个任务只在 192.168.31.102 上执行
      when: inventory_hostname == "192.168.31.101"
      # 当文件变更时，通知 "Restart frpc" 这个 handler
      notify: Restart frpc
    # --- 新增的 DOCKER COMPOSE 任务 ---
    - name: "Copy docker-compose.yml for {{ inventory_hostname }}"
      copy:
        src: "files/{{ inventory_hostname }}/ddns-go/docker-compose.yml"
        dest: /root/ddns-go/docker-compose.yml
        owner: root
        group: root
        mode: '0644'
      when: inventory_hostname == "192.168.31.101"
      notify: Relaunch Docker Compose application
  handlers:
    # --- Caddy Handlers (保持不变) ---
    - name: Reload Caddy on systemd systems (e.g., Ubuntu)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      systemd:
        name: caddy
        state: reloaded
      # This handler ONLY runs on systems with systemd
      when: ansible_service_mgr == "systemd"
    - name: Reload Caddy on OpenRC systems (e.g., Alpine)
      # Both handlers listen for the same notification
      listen: "Reload Caddy"
      # For Alpine, we use the 'command' module to call its service manager
      command: rc-service caddy reload
      # This handler ONLY runs on systems with openrc
      when: ansible_service_mgr == "openrc"
    # --- 新增的 FRPC Handler ---
    - name: Restart frpc
      # frpc 运行在 Alpine (OpenRC) 上，所以我们直接使用 command 模块
      command: rc-service frpc restart
      # 这个 handler 监听 "Restart frpc" 通知
      listen: "Restart frpc"
    # --- 新增的 DOCKER COMPOSE Handler ---
    - name: Relaunch Docker Compose application
      # 使用 command 模块来执行 docker compose 命令，以应用新的配置
      # 'docker compose' 是新版语法，如果您的服务器是旧版 docker-compose，请使用 'docker-compose'
      command: docker compose -f /root/ddns-go/docker-compose.yml up -d --remove-orphans
      listen: "Relaunch Docker Compose application"
--- a/files/.DS_Store
+++ b/files/.DS_Store
--- a/files/154.204.181.192/Caddyfile
+++ b/files/154.204.181.192/Caddyfile
@@ -0,0 +1,175 @@
 # The Caddyfile is an easy way to configure your Caddy web server.
 #
 # Unless the file starts with a global options block, the first
 # uncommented line is always the address of your site.
 #
 # To use your own domain name (with automatic HTTPS), first make
 # sure your domain's A/AAAA DNS records are properly pointed to
 # this machine's public IP, then replace ":80" below with your
 # domain name.
 #:80 {
 #	# Set this path to your site's directory.
 #	root * /usr/share/caddy
 #
 #	# Enable the static file server.
 #	file_server
 #
 #	# Another common task is to set up a reverse proxy:
 #	# reverse_proxy localhost:8080
 #
 #	# Or serve a PHP site through php-fpm:
 #	# php_fastcgi localhost:9000
 #}
 # Refer to the Caddy docs for more information:
 # https://caddyserver.com/docs/caddyfile
 # ------------------------------
 # simpla.dev Services
 # ------------------------------
 # 定义一个名为 (securityHeaders) 的可重用代码片段
 (securityHeaders) {
 	header {
 		# Strict-Transport-Security (HSTS)
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
 		# X-Frame-Options
 		X-Frame-Options "SAMEORIGIN"
 		# X-Content-Type-Options
 		X-Content-Type-Options "nosniff"
 		# Referrer-Policy
 		Referrer-Policy "strict-origin-when-cross-origin"
 		# Permissions-Policy
 		Permissions-Policy "camera=(), microphone=(), geolocation=()"
 		# Content-Security-Policy (CSP) - 通用起点
 		Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;"
 		# 移除 Server 标识
 		-Server
 	}
 }
 simpla.dev {
 	# 设置网站根目录
 	root * /srv/simpla.dev
 	# 开启文件服务
 	file_server
 	import securityHeaders
 }
 hugo.simpla.dev {
 	reverse_proxy http://127.0.0.1:1313
 	# import securityHeaders
 }
 daed.simpla.dev {
 	reverse_proxy http://127.0.0.1:2023
 	import securityHeaders
 }
 gitea.simpla.dev {
 	reverse_proxy http://127.0.0.1:3000
 	import securityHeaders
 }
 lobe.simpla.dev {
 	reverse_proxy http://127.0.0.1:3210
 	# import securityHeaders
 }
 fndav.simpla.dev {
 	reverse_proxy http://127.0.0.1:5005
 	# import securityHeaders
 }
 openlist.simpla.dev {
 	reverse_proxy http://127.0.0.1:5244
 	# import securityHeaders
 }
 fnos.simpla.dev {
 	reverse_proxy http://127.0.0.1:5666
 	# import securityHeaders
 }
 frps.simpla.dev {
 	reverse_proxy http://127.0.0.1:7001
 	import securityHeaders
 }
 frpc.simpla.dev {
 	reverse_proxy http://127.0.0.1:7400
 	import securityHeaders
 }
 pve.simpla.dev {
 	handle {
 		reverse_proxy https://127.0.0.1:8006 {
 			transport http {
 				tls_insecure_skip_verify
 			}
 			header_up Host {http.reverse_proxy.host}
 			header_up X-Forwarded-Host {host}
 		}
 		# import securityHeaders
 	}
 }
 kubepi.simpla.dev {
 	reverse_proxy http://127.0.0.1:8090
 	import securityHeaders
 }
 ddns.simpla.dev {
 	reverse_proxy http://127.0.0.1:9876
 	import securityHeaders
 }
 dify.simpla.dev {
 	reverse_proxy http://127.0.0.1:10080
 	import securityHeaders
 }
 1panel.simpla.dev {
 	reverse_proxy http://127.0.0.1:21643
 	import securityHeaders
 }
 gotify.simpla.dev {
 	reverse_proxy http://127.0.0.1:40266
 	import securityHeaders
 }
 b.simpla.dev {
 	# 将所有收到的请求转发到目标网站
    reverse_proxy https://b.watch {
        # (可选) 修改发送到目标服务器的 Host 请求头
        header_up Host {http.reverse_proxy.upstream.hostport}
    }
 }
 # ------------------------------
 # k3s Services
 # ------------------------------
 argocd.simpla.dev {
 	reverse_proxy http://127.0.0.1:20180
 	import securityHeaders
 }
 markword.simpla.dev {
    reverse_proxy http://127.0.0.1:20180
 	import securityHeaders
 }
 n8n.simpla.dev {
    reverse_proxy http://127.0.0.1:20180
 	import securityHeaders
 }
--- a/files/192.168.31.100/Caddyfile
+++ b/files/192.168.31.100/Caddyfile
@@ -0,0 +1,178 @@
 # Caddy's configuration file
 # see: https://caddyserver.com/docs/caddyfile
 # The Caddyfile is an easy way to configure your Caddy web server.
 #
 # Unless the file starts with a global options block, the first
 # uncommented line is always the address of your site.
 #
 # To use your own domain name (with automatic HTTPS), first make
 # sure your domain's A/AAAA DNS records are properly pointed to
 # this machine's public IP, then replace ":80" below with your
 # domain name.
 #:80 {
 #	# Set this path to your site's directory.
 #	root * /usr/share/caddy
 #
 #	# Enable the static file server.
 #	file_server
 #
 #	# Another common task is to set up a reverse proxy:
 #	# reverse_proxy localhost:8080
 #
 #	# Or serve a PHP site through php-fpm:
 #	# php_fastcgi localhost:9000
 #}
 # Refer to the Caddy docs for more information:
 # https://caddyserver.com/docs/caddyfile
 # ------------------------------
 # simpla.dev Services
 # ------------------------------
 # 定义一个名为 (securityHeaders) 的可重用代码片段
 (securityHeaders) {
 	header {
 		# Strict-Transport-Security (HSTS)
 		Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
 		# X-Frame-Options
 		X-Frame-Options "SAMEORIGIN"
 		# X-Content-Type-Options
 		X-Content-Type-Options "nosniff"
 		# Referrer-Policy
 		Referrer-Policy "strict-origin-when-cross-origin"
 		# Permissions-Policy
 		Permissions-Policy "camera=(), microphone=(), geolocation=()"
 		# Content-Security-Policy (CSP) - 通用起点
 		Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;"
 		# 移除 Server 标识
 		-Server
 	}
 }
 simpla.dev {
 	# 设置网站根目录
 	root * /srv/simpla.dev
 	# 开启文件服务
 	file_server
 	import securityHeaders
 }
 frps.simpla.dev {
 	reverse_proxy http://154.204.181.192:7001
 	import securityHeaders
 }
 pve.simpla.dev {
 	handle {
 		reverse_proxy https://192.168.31.2:8006 {
 			transport http {
 				tls_insecure_skip_verify
 			}
 			header_up Host {http.reverse_proxy.host}
 			header_up X-Forwarded-Host {host}
 		}
 		# import securityHeaders
 	}
 }
 fndav.simpla.dev {
 	reverse_proxy http://192.168.31.3:5005
 	# import securityHeaders
 }
 fnos.simpla.dev {
 	reverse_proxy http://192.168.31.3:5666
 	# import securityHeaders
 }
 hugo.simpla.dev {
 	reverse_proxy http://192.168.31.100:1313
 	# import securityHeaders
 }
 gitea.simpla.dev {
 	reverse_proxy http://192.168.31.100:3000
 	import securityHeaders
 }
 lobe.simpla.dev {
 	reverse_proxy http://192.168.31.100:3210
 	# import securityHeaders
 }
 openlist.simpla.dev {
 	reverse_proxy http://192.168.31.100:5244
 	# import securityHeaders
 }
 frpc.simpla.dev {
 	reverse_proxy http://192.168.31.100:7400
 	import securityHeaders
 }
 dify.simpla.dev {
 	reverse_proxy http://192.168.31.100:8080
 	import securityHeaders
 }
 kubepi.simpla.dev {
 	reverse_proxy http://192.168.31.100:8090
 	import securityHeaders
 }
 ddns.simpla.dev {
 	reverse_proxy http://192.168.31.100:9876
 	import securityHeaders
 }
 1panel.simpla.dev {
 	reverse_proxy http://192.168.31.100:21643
 	import securityHeaders
 }
 gotify.simpla.dev {
 	reverse_proxy http://192.168.31.100:40266
 	import securityHeaders
 }
 daed.simpla.dev {
 	reverse_proxy http://192.168.31.200:2023
 	# import securityHeaders
 }
 b.simpla.dev {
 	# 将所有收到的请求转发到目标网站
    reverse_proxy https://b.watch {
        # (可选) 修改发送到目标服务器的 Host 请求头
        header_up Host {http.reverse_proxy.upstream.hostport}
    }
 }
 # ------------------------------
 # k3s Services
 # ------------------------------
 argocd.simpla.dev {
 	reverse_proxy http://192.168.31.201:80
 	import securityHeaders
 }
 markword.simpla.dev {
    reverse_proxy http://192.168.31.201:80
 	import securityHeaders
 }
 n8n.simpla.dev {
 	reverse_proxy http://192.168.31.201:80
 	import securityHeaders
 }
--- a/files/192.168.31.100/frp/frpc.toml
+++ b/files/192.168.31.100/frp/frpc.toml
@@ -0,0 +1,123 @@
 serverAddr = "154.204.181.192"
 serverPort = 15443
 auth.method = "token"
 auth.token = "lostecho"
 webServer.addr = "0.0.0.0"
 webServer.port = 7400
 webServer.user = "lostecho"
 webServer.password = "Yuanhui1234!"
 webServer.pprofEnable = false
 loginFailExit=false
 [[proxies]]
 name = "pve"
 type = "tcp"
 localIP = "192.168.31.2"
 localPort = 8006
 remotePort = 8006
 [[proxies]]
 name = "fndav"
 type = "tcp"
 localIP = "192.168.31.3"
 localPort = 5005
 remotePort = 5005
 [[proxies]]
 name = "fnos"
 type = "tcp"
 localIP = "192.168.31.3"
 localPort = 5666
 remotePort = 5666
 [[proxies]]
 name = "hugo"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 1313
 remotePort = 1313
 [[proxies]]
 name = "gitea"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 3000
 remotePort = 3000
 [[proxies]]
 name = "lobe"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 3210
 remotePort = 3210
 [[proxies]]
 name = "openlist"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 5244
 remotePort = 5244
 [[proxies]]
 name = "frpc"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 7400
 remotePort = 7400
 [[proxies]]
 name = "dify"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 8080
 remotePort = 10080
 [[proxies]]
 name = "kubepi"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 8090
 remotePort = 8090
 [[proxies]]
 name = "ddns"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 9876
 remotePort = 9876
 [[proxies]]
 name = "1panel"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 21643
 remotePort = 21643
 [[proxies]]
 name = "gotify"
 type = "tcp"
 localIP = "192.168.31.100"
 localPort = 40266
 remotePort = 40266
 [[proxies]]
 name = "daed"
 type = "tcp"
 localIP = "192.168.31.200"
 localPort = 2023
 remotePort = 2023
 [[proxies]]
 name = "k8s"
 type = "tcp"
 localIP = "192.168.31.201"
 localPort = 80
 remotePort = 20180
 # tls
 #transport.tls.certFile = "/etc/frp/ssl/client.crt"
 #transport.tls.keyFile = "/etc/frp/ssl/client.key"
 #transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"
--- a/files/192.168.31.100/openlist/docker-compose.yml
+++ b/files/192.168.31.100/openlist/docker-compose.yml
@@ -0,0 +1,14 @@
 version: '3.3'
 services:
  openlist:
    image: 'openlistteam/openlist:latest'
    container_name: openlist
    volumes:
      - './data:/opt/openlist/data'
    ports:
      - '5244:5244'
    environment:
      - PUID=0
      - PGID=0
      - UMASK=022
    restart: unless-stopped
--- a/inventory.ini
+++ b/inventory.ini
@@ -0,0 +1,17 @@
 [caddy_servers]
 # 本地 1panel 服务器
 192.168.31.100
 # 远程 Ubuntu 服务器
 154.204.181.192
 [all:vars]
 # 请替换成您登录服务器的用户名
 ansible_user=root
 # --- 可选配置 ---
 # 如果您的本地服务器不需要通过SSH，而是直接在本机执行
 192.168.31.100 ansible_ssh_private_key_file=~/.ssh/id_ed25519.pub
 # 如果您的远程服务器需要使用特定的SSH密钥
 154.204.181.192 ansible_ssh_private_key_file=~/.ssh/id_ed25519.pub
		`@@ -0,0 +1,2 @@`
							`# Auto detect text files and perform LF normalization`
							`* text=auto`