Update for mkosi 15.1
This commit is contained in:
parent
086247b34b
commit
e3b9f4b027
81 changed files with 45 additions and 22 deletions
|
@ -4,12 +4,10 @@ Autologin = yes
|
|||
[Output]
|
||||
Format = directory
|
||||
Hostname = servnest.test
|
||||
CacheDirectory = ../mkosi.cache/
|
||||
OutputDirectory = /var/lib/machines
|
||||
|
||||
[Content]
|
||||
RemoveFiles = /.git,/.gitignore,/mkosi.*,/*.md
|
||||
Cache = ../mkosi.cache/
|
||||
ExtraTree = ./
|
||||
BasePackages = yes
|
||||
WithDocs = yes
|
||||
WithNetwork = yes
|
||||
Packages =
|
|
@ -22,8 +22,6 @@ if [[ $OS = "arch" ]]; then
|
|||
|
||||
mkdir -p /srv/servnest/ht/usr/lib
|
||||
ln /usr/lib/libc.so.6 /srv/servnest/ht/usr/lib/libc.so.6
|
||||
|
||||
systemctl enable httpd
|
||||
fi
|
||||
|
||||
if [[ $OS = "debian" ]]; then
|
|
@ -17,6 +17,8 @@ policy:
|
|||
algorithm: "ed25519"
|
||||
nsec3: "on"
|
||||
nsec3-iterations: 10
|
||||
delete-delay: 60d
|
||||
dnskey-management: "incremental"
|
||||
|
||||
template:
|
||||
- id: "servnest"
|
|
@ -1,9 +1,9 @@
|
|||
#!/usr/bin/bash
|
||||
|
||||
sudo -u $knot mkdir -p /var/lib/knot/confdb/
|
||||
mkdir -p /var/lib/knot/confdb/
|
||||
|
||||
# Load configuration in Knot database
|
||||
sudo -u $knot knotc conf-import /install/knot.conf
|
||||
knotc conf-import /install/knot.conf
|
||||
|
||||
# We need servnest to be allowed to configure Knot
|
||||
usermod -aG $knot $servnest # Add user $servnest to group $knot
|
|
@ -1,6 +1,7 @@
|
|||
error_log = syslog
|
||||
|
||||
extension = pdo_sqlite
|
||||
extension = sqlite3
|
||||
extension = gettext
|
||||
# Only required for the check.php script
|
||||
extension = curl
|
||||
|
@ -8,4 +9,3 @@ extension = curl
|
|||
# Optional
|
||||
expose_php = Off
|
||||
zend_extension = opcache
|
||||
opcache.jit_buffer_size = 32M
|
|
@ -22,7 +22,6 @@ chmod u=r,g=,o= /etc/sftpgo/ed25519
|
|||
|
||||
# For systemd
|
||||
cp /install/sftpgo.service /etc/systemd/system/
|
||||
systemctl enable sftpgo
|
||||
|
||||
# Allow listening on privileged ports
|
||||
setcap 'cap_net_bind_service=+ep' /usr/local/bin/sftpgo
|
1
mkosi.extra/root/.ssh/authorized_keys
Normal file
1
mkosi.extra/root/.ssh/authorized_keys
Normal file
|
@ -0,0 +1 @@
|
|||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFkueXNjIEZVGbR1kLlDKrbRjKIvXaqbVHMVpGqH3L0/ miraty@Cerise
|
1
mkosi.extra/srv/servnest/core
Submodule
1
mkosi.extra/srv/servnest/core
Submodule
|
@ -0,0 +1 @@
|
|||
Subproject commit 63554b4908a088f5da0dc3a5806415cfa7b88701
|
21
mkosi.finalize
Executable file
21
mkosi.finalize
Executable file
|
@ -0,0 +1,21 @@
|
|||
#!/usr/bin/bash
|
||||
|
||||
if [ "$container" != "mkosi" ]; then
|
||||
exec mkosi-chroot "$SCRIPT" "$@"
|
||||
fi
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
source /etc/os-release
|
||||
export OS=$ID
|
||||
|
||||
if [[ $OS = "arch" ]]; then
|
||||
systemctl enable sshd
|
||||
systemctl enable knot
|
||||
systemctl enable nginx
|
||||
systemctl enable httpd
|
||||
systemctl enable tor
|
||||
systemctl enable php-fpm
|
||||
fi
|
||||
|
||||
systemctl enable sftpgo
|
|
@ -1,4 +1,9 @@
|
|||
#!/usr/bin/bash
|
||||
|
||||
if [ "$container" != "mkosi" ]; then
|
||||
exec mkosi-chroot "$SCRIPT" "$@"
|
||||
fi
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
source /etc/os-release
|
||||
|
@ -14,15 +19,12 @@ chown $sftpgo: /usr/local/bin/sftpgo
|
|||
chmod u=rx,g=,o= /usr/local/bin/sftpgo
|
||||
|
||||
if [[ $OS = "arch" ]]; then
|
||||
systemctl enable sshd
|
||||
systemctl enable knot
|
||||
systemctl enable nginx
|
||||
systemctl enable tor
|
||||
systemctl enable php-fpm
|
||||
|
||||
pacman-key --init
|
||||
pacman-key --populate
|
||||
fi
|
||||
|
||||
# Enable testing option
|
||||
sed -i 's/local_only_check = false/local_only_check = true/' /srv/servnest/core/config.ini
|
||||
|
||||
chmod u=rwX,g=rX,o=rX / /etc
|
||||
chmod -R u=rwX,g=rX,o=rX /etc/php
|
||||
|
|
|
@ -3,11 +3,12 @@ Distribution = arch
|
|||
|
||||
|
||||
|
||||
[Output]
|
||||
Output = /var/lib/machines/servnest-arch
|
||||
|
||||
[Content]
|
||||
Packages =
|
||||
systemd
|
||||
pacman
|
||||
archlinux-keyring
|
||||
apache
|
||||
nginx-mod-headers-more
|
||||
certbot-nginx
|
||||
|
@ -16,5 +17,8 @@ Packages =
|
|||
go
|
||||
openssh
|
||||
iputils
|
||||
gettext
|
||||
which
|
||||
sshpass
|
||||
sed
|
||||
coreutils
|
|
@ -3,11 +3,9 @@ Distribution = debian
|
|||
Release = testing
|
||||
Mirror = https://deb.debian.org/debian
|
||||
|
||||
[Output]
|
||||
Output = /var/lib/machines/servnest-debian
|
||||
|
||||
[Content]
|
||||
Packages =
|
||||
dbus
|
||||
apt-transport-tor
|
||||
apache2
|
||||
libnginx-mod-http-headers-more-filter
|
|
@ -1 +0,0 @@
|
|||
Subproject commit 25b1d30cbebef6bde5bb26b4de92ef78a29924a6
|
Loading…
Reference in a new issue