Update for mkosi 15.1

This commit is contained in:
Miraty 2023-09-04 20:12:28 +02:00
parent 086247b34b
commit e3b9f4b027
81 changed files with 45 additions and 22 deletions

View file

@ -4,12 +4,10 @@ Autologin = yes
[Output]
Format = directory
Hostname = servnest.test
CacheDirectory = ../mkosi.cache/
OutputDirectory = /var/lib/machines
[Content]
RemoveFiles = /.git,/.gitignore,/mkosi.*,/*.md
Cache = ../mkosi.cache/
ExtraTree = ./
BasePackages = yes
WithDocs = yes
WithNetwork = yes
Packages =

View file

@ -22,8 +22,6 @@ if [[ $OS = "arch" ]]; then
mkdir -p /srv/servnest/ht/usr/lib
ln /usr/lib/libc.so.6 /srv/servnest/ht/usr/lib/libc.so.6
systemctl enable httpd
fi
if [[ $OS = "debian" ]]; then

View file

@ -17,6 +17,8 @@ policy:
algorithm: "ed25519"
nsec3: "on"
nsec3-iterations: 10
delete-delay: 60d
dnskey-management: "incremental"
template:
- id: "servnest"

View file

@ -1,9 +1,9 @@
#!/usr/bin/bash
sudo -u $knot mkdir -p /var/lib/knot/confdb/
mkdir -p /var/lib/knot/confdb/
# Load configuration in Knot database
sudo -u $knot knotc conf-import /install/knot.conf
knotc conf-import /install/knot.conf
# We need servnest to be allowed to configure Knot
usermod -aG $knot $servnest # Add user $servnest to group $knot

View file

@ -1,6 +1,7 @@
error_log = syslog
extension = pdo_sqlite
extension = sqlite3
extension = gettext
# Only required for the check.php script
extension = curl
@ -8,4 +9,3 @@ extension = curl
# Optional
expose_php = Off
zend_extension = opcache
opcache.jit_buffer_size = 32M

View file

@ -22,7 +22,6 @@ chmod u=r,g=,o= /etc/sftpgo/ed25519
# For systemd
cp /install/sftpgo.service /etc/systemd/system/
systemctl enable sftpgo
# Allow listening on privileged ports
setcap 'cap_net_bind_service=+ep' /usr/local/bin/sftpgo

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFkueXNjIEZVGbR1kLlDKrbRjKIvXaqbVHMVpGqH3L0/ miraty@Cerise

@ -0,0 +1 @@
Subproject commit 63554b4908a088f5da0dc3a5806415cfa7b88701

21
mkosi.finalize Executable file
View file

@ -0,0 +1,21 @@
#!/usr/bin/bash
if [ "$container" != "mkosi" ]; then
exec mkosi-chroot "$SCRIPT" "$@"
fi
set -euo pipefail
source /etc/os-release
export OS=$ID
if [[ $OS = "arch" ]]; then
systemctl enable sshd
systemctl enable knot
systemctl enable nginx
systemctl enable httpd
systemctl enable tor
systemctl enable php-fpm
fi
systemctl enable sftpgo

View file

@ -1,4 +1,9 @@
#!/usr/bin/bash
if [ "$container" != "mkosi" ]; then
exec mkosi-chroot "$SCRIPT" "$@"
fi
set -euo pipefail
source /etc/os-release
@ -14,15 +19,12 @@ chown $sftpgo: /usr/local/bin/sftpgo
chmod u=rx,g=,o= /usr/local/bin/sftpgo
if [[ $OS = "arch" ]]; then
systemctl enable sshd
systemctl enable knot
systemctl enable nginx
systemctl enable tor
systemctl enable php-fpm
pacman-key --init
pacman-key --populate
fi
# Enable testing option
sed -i 's/local_only_check = false/local_only_check = true/' /srv/servnest/core/config.ini
chmod u=rwX,g=rX,o=rX / /etc
chmod -R u=rwX,g=rX,o=rX /etc/php

View file

@ -3,11 +3,12 @@ Distribution = arch
[Output]
Output = /var/lib/machines/servnest-arch
[Content]
Packages =
systemd
pacman
archlinux-keyring
apache
nginx-mod-headers-more
certbot-nginx
@ -16,5 +17,8 @@ Packages =
go
openssh
iputils
gettext
which
sshpass
sed
coreutils

View file

@ -3,11 +3,9 @@ Distribution = debian
Release = testing
Mirror = https://deb.debian.org/debian
[Output]
Output = /var/lib/machines/servnest-debian
[Content]
Packages =
dbus
apt-transport-tor
apache2
libnginx-mod-http-headers-more-filter

@ -1 +0,0 @@
Subproject commit 25b1d30cbebef6bde5bb26b4de92ef78a29924a6