chore: domain.de -> example.com

Author: felbinger

docs/B._Installation/20_reverse-proxy.md

@@ -15,7 +15,7 @@
     ```
     ```shell
     # acme.sh installieren und default ca auf Let's Encrypt setzen
-    curl https://get.acme.sh | sh -s email=acme@domain.de
+    curl https://get.acme.sh | sh -s email=acme@example.com
     ln -s /root/.acme.sh/acme.sh /usr/bin/acme.sh
     acme.sh --install-cronjob
 
@@ -78,20 +78,20 @@
         #- "--entrypoints.websecure.http.middlewares=mw_hsts@file,mw_compress@file"
         - "--entryPoints.websecure.http.tls=true"
         - "--entryPoints.websecure.http.tls.certresolver=myresolver"
-        - "--entryPoints.websecure.http.tls.domains[0].main=domain.de"
-        - "--entryPoints.websecure.http.tls.domains[0].sans=*.domain.de"
+        - "--entryPoints.websecure.http.tls.domains[0].main=example.com"
+        - "--entryPoints.websecure.http.tls.domains[0].sans=*.example.com"
 
         - "--certificatesresolvers.myresolver.acme.dnschallenge=true"
         - "--certificatesresolvers.myresolver.acme.dnschallenge.provider=cloudflare"
         - "--certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1:53,8.8.8.8:53"
         - "--certificatesresolvers.myresolver.acme.dnschallenge.delayBeforeCheck=10"
-        - "--certificatesresolvers.myresolver.acme.email=admin@domain.de"
+        - "--certificatesresolvers.myresolver.acme.email=admin@example.com"
         - "--certificatesresolvers.myresolver.acme.storage=/acme/acme.json"
         #- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
         labels:
         - "traefik.enable=true"
         - "traefik.http.services.srv_traefik.loadbalancer.server.port=8080"
-        - "traefik.http.routers.r_traefik.rule=Host(`traefik.domain.de`)"
+        - "traefik.http.routers.r_traefik.rule=Host(`traefik.example.com`)"
         - "traefik.http.routers.r_traefik.entrypoints=websecure"
         env_file: .traefik.env
         ports:
@@ -124,7 +124,7 @@
         - "traefik.http.middlewares.error30x.errors.query=/error/30x.html"
 
         # DOMAIN ROOT CONTENT
-        - "traefik.http.routers.r_static_root.rule=HostRegexp(`domain.de`, `{subdomain:[a-z0-9]+}.domain.de`)"
+        - "traefik.http.routers.r_static_root.rule=HostRegexp(`example.com`, `{subdomain:[a-z0-9]+}.example.com`)"
         - "traefik.http.routers.r_static_root.entrypoints=websecure"
         - "traefik.http.routers.r_static_root.priority=10"
         - "traefik.http.middlewares.mw_static_root.addprefix.prefix=/domain_root/"
@@ -225,7 +225,7 @@
 
     ```shell
     # Beispielkonfiguration für Cloudflare DNS API
-    CF_Token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX acme.sh --issue --keylength ec-384 --dns dns_cf -d service.domain.de
+    CF_Token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX acme.sh --issue --keylength ec-384 --dns dns_cf -d service.example.com
     ```
 
     Optional kann nun eine eigene IPv6 Adresse für diesen virtual Host konfiguriert werden:
@@ -241,7 +241,7 @@
             address 2001:db8:1234:5678::1/64
             gateway 2001:db8::1
 
-            # service.domain.de
+            # service.example.com
             post-up ip -6 a add 2001:db8:1234:5678:5eca:dc9d:fd4e:6564/64 dev $IFACE
             pre-down ip -6 a del 2001:db8:1234:5678:5eca:dc9d:fd4e:6564/64 dev $IFACE
         ```
@@ -276,7 +276,7 @@
             - 2001:db8:4a:90a:d8d5:dbf4:fd80:8f80
         ```
 
-    Nun kann der V-Host unter dem Pfad `/etc/nginx/sites-available/service.domain.de` erstellt werden:
+    Nun kann der V-Host unter dem Pfad `/etc/nginx/sites-available/service.example.com` erstellt werden:
 
     !!! note
         Standardmäßig wird der nginx auf beiden Adressfamilien exposiert.
@@ -298,12 +298,12 @@
     ```nginx
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name service.domain.de;               # <---
+        server_name service.example.com;               # <---
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
 
-        ssl_certificate /root/.acme.sh/service.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/service.domain.de_ecc/service.domain.de.key;
+        ssl_certificate /root/.acme.sh/service.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/service.example.com_ecc/service.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -337,7 +337,7 @@
     Zum Abschluss kann die Konfiguration aktiviert, getestet und angewandt werden.
 
     ```shell
-    ln -s /etc/nginx/sites-available/service.domain.de \
+    ln -s /etc/nginx/sites-available/service.example.com \
         /etc/nginx/sites-enabled/
 
     nginx -t && systemctl reload nginx
@@ -362,7 +362,7 @@
         labels:
         - "traefik.enable=true"
         - "traefik.http.services.srv_service-name.loadbalancer.server.port=80"
-        - "traefik.http.routers.r_service-name.rule=Host(`service.domain.de`)"
+        - "traefik.http.routers.r_service-name.rule=Host(`service.example.com`)"
         - "traefik.http.routers.r_service-name.entrypoints=websecure"
     ```
 

docs/C._Services/bookstack.md

@@ -29,7 +29,7 @@ services:
       - "DB_HOST=mariadb"
       - "DB_USER=bookstack"
       - "DB_DATABASE=bookstack"
-      - "APP_URL=https://bookstack.domain.de"
+      - "APP_URL=https://bookstack.example.com"
     volumes:
       - "/srv/bookstack/config:/config"
     ports:
@@ -53,16 +53,16 @@ DB_PASS=S3cr3T
     ```
 
     ```nginx
-    # /etc/nginx/sites-available/bookstack.domain.de
+    # /etc/nginx/sites-available/bookstack.example.com
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name bookstack.domain.de;
+        server_name bookstack.example.com;
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
         http2 on;
 
-        ssl_certificate /root/.acme.sh/bookstack.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/bookstack.domain.de_ecc/bookstack.domain.de.key;
+        ssl_certificate /root/.acme.sh/bookstack.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/bookstack.example.com_ecc/bookstack.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -97,7 +97,7 @@ DB_PASS=S3cr3T
         labels:
           - "traefik.enable=true"
           - "traefik.http.services.srv_bookstack.loadbalancer.server.port=80"
-          - "traefik.http.routers.r_bookstack.rule=Host(`bookstack.domain.de`)"
+          - "traefik.http.routers.r_bookstack.rule=Host(`bookstack.example.com`)"
           - "traefik.http.routers.r_bookstack.entrypoints=websecure"
     ```
 
@@ -109,22 +109,22 @@ Hier ist eine Anleitung wie man SAML2 Authentifizierung mit einem *Keycloak* Ser
 
 Zuerst müssen wir Keycloak konfigurieren.
 
-Erstellt man einen neuen Client mit `https://bookstack.domain.de/saml2/metadata` als Client ID und `saml` als Client
+Erstellt man einen neuen Client mit `https://bookstack.example.com/saml2/metadata` als Client ID und `saml` als Client
 Protokoll, so kann man die Einstellungen des neuen Clients wie folgt bearbeiten.
 
 | Setting                   | Value                           |
 |---------------------------|---------------------------------|
 | Client Signature Required | OFF                             |
-| Root URL                  | `https://bookstack.domain.de/`  |
-| Valid Redirect URIs       | `https://bookstack.domain.de/*` |
-| Base URL                  | `https://bookstack.domain.de/`  |
+| Root URL                  | `https://bookstack.example.com/`  |
+| Valid Redirect URIs       | `https://bookstack.example.com/*` |
+| Base URL                  | `https://bookstack.example.com/`  |
 
 Fine Grain SAML Endpoint Konfiguration:
 
 | Setting                                     | Value                                   |
 |---------------------------------------------|-----------------------------------------|
-| Assertion Consumer Service POST Binding URL | `https://bookstack.domain.de/saml2/acs` |
-| Logout Service Redirect Binding URL         | `https://bookstack.domain.de/saml2/sls` |
+| Assertion Consumer Service POST Binding URL | `https://bookstack.example.com/saml2/acs` |
+| Logout Service Redirect Binding URL         | `https://bookstack.example.com/saml2/sls` |
 
 Wenn man das gespeichert hat, so können wir u den "Mappers"-Tab gehen und einen neuen Mapper wie folgt erstellen:
 
@@ -181,20 +181,20 @@ SAML2_EXTERNAL_ID_ATTRIBUTE=user.username
 SAML2_DISPLAY_NAME_ATTRIBUTES=user.username
 
 # Identity Provider entityID URL
-SAML2_IDP_ENTITYID=https://keycloak.domain.de/auth/realms/YOURREALM
+SAML2_IDP_ENTITYID=https://keycloak.example.com/auth/realms/YOURREALM
 
 # Auto-load metatadata from the IDP
 # Setting this to true negates the need to specify the next three options
 SAML2_AUTOLOAD_METADATA=false
 
 # Identity Provider single-sign-on service URL
 # Not required if using the autoload option above.
-SAML2_IDP_SSO=https://keycloak.domain.de/auth/realms/YOURREALM/protocol/saml
+SAML2_IDP_SSO=https://keycloak.example.com/auth/realms/YOURREALM/protocol/saml
 
 # Identity Provider single-logout-service URL
 # Not required if using the autoload option above.
 # Not required if your identity provider does not support SLS.
-SAML2_IDP_SLO=https://keycloak.domain.de/auth/realms/YOURREALM/protocol/saml
+SAML2_IDP_SLO=https://keycloak.example.com/auth/realms/YOURREALM/protocol/saml
 
 # Identity Provider x509 public certificate data.
 # Not required if using the autoload option above.

docs/C._Services/calibre.md

@@ -33,16 +33,16 @@ services:
     ```
 
     ```nginx
-    # /etc/nginx/sites-available/calibre.domain.de
+    # /etc/nginx/sites-available/calibre.example.com
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name calibre.domain.de;
+        server_name calibre.example.com;
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
         http2 on;
 
-        ssl_certificate /root/.acme.sh/calibre.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/calibre.domain.de_ecc/calibre.domain.de.key;
+        ssl_certificate /root/.acme.sh/calibre.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/calibre.example.com_ecc/calibre.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -77,6 +77,6 @@ services:
         labels:
           - "traefik.enable=true"
           - "traefik.http.services.srv_calibre.loadbalancer.server.port=8083"
-          - "traefik.http.routers.r_calibre.rule=Host(`calibre.domain.de`)"
+          - "traefik.http.routers.r_calibre.rule=Host(`calibre.example.com`)"
           - "traefik.http.routers.r_calibre.entrypoints=websecure"
     ```

docs/C._Services/gitea.md

@@ -30,16 +30,16 @@ services:
     ```
 
     ```nginx
-    # /etc/nginx/sites-available/gitea.domain.de
+    # /etc/nginx/sites-available/gitea.example.com
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name gitea.domain.de;
+        server_name gitea.example.com;
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
         http2 on;
 
-        ssl_certificate /root/.acme.sh/gitea.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/gitea.domain.de_ecc/gitea.domain.de.key;
+        ssl_certificate /root/.acme.sh/gitea.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/gitea.example.com_ecc/gitea.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -74,10 +74,10 @@ services:
         labels:
           - "traefik.enable=true"
           - "traefik.http.services.srv_gitea.loadbalancer.server.port=3000"
-          - "traefik.http.routers.r_gitea.rule=Host(`gitea.domain.de`)"
+          - "traefik.http.routers.r_gitea.rule=Host(`gitea.example.com`)"
           - "traefik.http.routers.r_gitea.entrypoints=websecure"
     ```
 
 ## OpenID/KeyCloak
 * Server Settings -> `Authentication Sources` -> OAuth2 -> OpenID-Connect
-* Discovery URL: `https://id.domain.de/auth/realms/<realm>/.well-known/openid-configuration`
+* Discovery URL: `https://id.example.com/auth/realms/<realm>/.well-known/openid-configuration`

docs/C._Services/gitlab.md

@@ -16,7 +16,7 @@ services:
     restart: always
     environment:
       GITLAB_OMNIBUS_CONFIG: |
-        external_url 'http://git.domain.de'
+        external_url 'http://git.example.com'
         letsencrypt['enable'] = false
     ports:
       - "[::1]:8000:80"
@@ -33,16 +33,16 @@ services:
     ```
 
     ```nginx
-    # /etc/nginx/sites-available/gitlab.domain.de
+    # /etc/nginx/sites-available/gitlab.example.com
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name gitlab.domain.de;
+        server_name gitlab.example.com;
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
         http2 on;
 
-        ssl_certificate /root/.acme.sh/gitlab.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/gitlab.domain.de_ecc/gitlab.domain.de.key;
+        ssl_certificate /root/.acme.sh/gitlab.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/gitlab.example.com_ecc/gitlab.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -77,7 +77,7 @@ services:
         labels:
           - "traefik.enable=true"
           - "traefik.http.services.srv_gitlab.loadbalancer.server.port=80"
-          - "traefik.http.routers.r_gitlab.rule=Host(`gitlab.domain.de`)"
+          - "traefik.http.routers.r_gitlab.rule=Host(`gitlab.example.com`)"
           - "traefik.http.routers.r_gitlab.entrypoints=websecure"
     ```
 
@@ -92,18 +92,18 @@ GITLAB_OMNIBUS_CONFIG Environment variable hinzufügen
 
 ```shell
         gitlab_rails['gitlab_email_enabled'] = true
-        gitlab_rails['gitlab_email_from'] = 'gitlab@domain.de'
-        gitlab_rails['gitlab_email_display_name'] = 'gitlab@domain.de'
-        gitlab_rails['gitlab_email_reply_to'] = 'gitlab@domain.de'
+        gitlab_rails['gitlab_email_from'] = 'gitlab@example.com'
+        gitlab_rails['gitlab_email_display_name'] = 'gitlab@example.com'
+        gitlab_rails['gitlab_email_reply_to'] = 'gitlab@example.com'
         gitlab_rails['smtp_enable'] = true
-        gitlab_rails['smtp_address'] = 'gitlab@domain.de'
+        gitlab_rails['smtp_address'] = 'gitlab@example.com'
         gitlab_rails['smtp_port'] = 587
-        gitlab_rails['smtp_user_name'] = 'gitlab@domain.de'
+        gitlab_rails['smtp_user_name'] = 'gitlab@example.com'
         gitlab_rails['smtp_password'] = 'S3cr3T'
-        gitlab_rails['smtp_domain'] = 'smtp.domain.de'
+        gitlab_rails['smtp_domain'] = 'smtp.example.com'
         gitlab_rails['smtp_authentication'] = 'login'
         gitlab_rails['smtp_enable_starttls_auto'] = true
-		gitlab_rails['gitlab_root_email'] = 'admin@domain.de'
+		gitlab_rails['gitlab_root_email'] = 'admin@example.com'
 ```
 
 ## OpenID / Keycloak
@@ -119,11 +119,11 @@ GITLAB_OMNIBUS_CONFIG environment Variable hinzufügen.
         gitlab_rails['omniauth_providers'] = [
           {
             "name" => "oauth2_generic",
-            "app_id" => "gitlab.domain.de",
+            "app_id" => "gitlab.example.com",
             "app_secret" => "",
             'args' => {
               client_options: {
-                'site' => 'https://id.domain.de',
+                'site' => 'https://id.example.com',
                 'user_info_url' => '/realms/main/protocol/openid-connect/userinfo',
                 'authorize_url' => '/realms/main/protocol/openid-connect/auth',
                 'token_url' => '/realms/main/protocol/openid-connect/token'
@@ -133,7 +133,7 @@ GITLAB_OMNIBUS_CONFIG environment Variable hinzufügen.
                  attributes: { username: 'username'}
               }
             },
-            'redirect_uri' =>  'https://gitlab.domain.de/users/auth/oauth2_generic/callback'
+            'redirect_uri' =>  'https://gitlab.example.com/users/auth/oauth2_generic/callback'
           }
         ]
         gitlab_rails['omniauth_allow_bypass_two_factor'] = ["oauth2_generic"]

docs/C._Services/grafana.md

@@ -43,16 +43,16 @@ Entfernen Sie anschließend die Kommentarzeichen vor den Volumes in der Containe
     ```
 
     ```nginx
-    # /etc/nginx/sites-available/grafana.domain.de
+    # /etc/nginx/sites-available/grafana.example.com
     # https://ssl-config.mozilla.org/#server=nginx&version=1.27.3&config=modern&openssl=3.4.0&ocsp=false&guideline=5.7
     server {
-        server_name grafana.domain.de;
+        server_name grafana.example.com;
         listen 0.0.0.0:443 ssl;
         listen [::]:443 ssl;
         http2 on;
 
-        ssl_certificate /root/.acme.sh/grafana.domain.de_ecc/fullchain.cer;
-        ssl_certificate_key /root/.acme.sh/grafana.domain.de_ecc/grafana.domain.de.key;
+        ssl_certificate /root/.acme.sh/grafana.example.com_ecc/fullchain.cer;
+        ssl_certificate_key /root/.acme.sh/grafana.example.com_ecc/grafana.example.com.key;
         ssl_session_timeout 1d;
         ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
         ssl_session_tickets off;
@@ -87,7 +87,7 @@ Entfernen Sie anschließend die Kommentarzeichen vor den Volumes in der Containe
         labels:
           - "traefik.enable=true"
           - "traefik.http.services.srv_grafana.loadbalancer.server.port=3000"
-          - "traefik.http.routers.r_grafana.rule=Host(`grafana.domain.de`)"
+          - "traefik.http.routers.r_grafana.rule=Host(`grafana.example.com`)"
           - "traefik.http.routers.r_grafana.entrypoints=websecure"
     ```