Update for mkosi 15.1

mkosi.conf

@@ -4,12 +4,10 @@ Autologin = yes
 [Output]
 Format = directory
 Hostname = servnest.test
+CacheDirectory = ../mkosi.cache/
+OutputDirectory = /var/lib/machines
 
 [Content]
-RemoveFiles = /.git,/.gitignore,/mkosi.*,/*.md
-Cache = ../mkosi.cache/
-ExtraTree = ./
-BasePackages = yes
 WithDocs = yes
 WithNetwork = yes
 Packages =

mkosi.extra/install/apache.sh

@@ -22,8 +22,6 @@ if [[ $OS = "arch" ]]; then
 
 	mkdir -p /srv/servnest/ht/usr/lib
 	ln /usr/lib/libc.so.6 /srv/servnest/ht/usr/lib/libc.so.6
-
-	systemctl enable httpd
 fi
 
 if [[ $OS = "debian" ]]; then

mkosi.extra/install/knot.conf

@@ -17,6 +17,8 @@ policy:
     algorithm: "ed25519"
     nsec3: "on"
     nsec3-iterations: 10
+    delete-delay: 60d
+    dnskey-management: "incremental"
 
 template:
   - id: "servnest"

mkosi.extra/install/knot.sh

@@ -1,9 +1,9 @@
 #!/usr/bin/bash
 
-sudo -u $knot mkdir -p /var/lib/knot/confdb/
+mkdir -p /var/lib/knot/confdb/
 
 # Load configuration in Knot database
-sudo -u $knot knotc conf-import /install/knot.conf
+knotc conf-import /install/knot.conf
 
 # We need servnest to be allowed to configure Knot
 usermod -aG $knot $servnest # Add user $servnest to group $knot

mkosi.extra/install/php.ini

@@ -1,6 +1,7 @@
 error_log = syslog
 
 extension = pdo_sqlite
+extension = sqlite3
 extension = gettext
 # Only required for the check.php script
 extension = curl
@@ -8,4 +9,3 @@ extension = curl
 # Optional
 expose_php = Off
 zend_extension = opcache
-opcache.jit_buffer_size = 32M

mkosi.extra/install/sftpgo.sh

@@ -22,7 +22,6 @@ chmod u=r,g=,o= /etc/sftpgo/ed25519
 
 # For systemd
 cp /install/sftpgo.service /etc/systemd/system/
-systemctl enable sftpgo
 
 # Allow listening on privileged ports
 setcap 'cap_net_bind_service=+ep' /usr/local/bin/sftpgo

mkosi.extra/root/.ssh/authorized_keys

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFkueXNjIEZVGbR1kLlDKrbRjKIvXaqbVHMVpGqH3L0/ miraty@Cerise

mkosi.extra/srv/servnest/core

@@ -0,0 +1 @@
+Subproject commit 63554b4908a088f5da0dc3a5806415cfa7b88701

mkosi.finalize

@@ -0,0 +1,21 @@
+#!/usr/bin/bash
+
+if [ "$container" != "mkosi" ]; then
+	exec mkosi-chroot "$SCRIPT" "$@"
+fi
+
+set -euo pipefail
+
+source /etc/os-release
+export OS=$ID
+
+if [[ $OS = "arch" ]]; then
+	systemctl enable sshd
+	systemctl enable knot
+	systemctl enable nginx
+	systemctl enable httpd
+	systemctl enable tor
+	systemctl enable php-fpm
+fi
+
+systemctl enable sftpgo

mkosi.postinst

@@ -1,4 +1,9 @@
 #!/usr/bin/bash
+
+if [ "$container" != "mkosi" ]; then
+	exec mkosi-chroot "$SCRIPT" "$@"
+fi
+
 set -euo pipefail
 
 source /etc/os-release
@@ -14,15 +19,12 @@ chown $sftpgo: /usr/local/bin/sftpgo
 chmod u=rx,g=,o= /usr/local/bin/sftpgo
 
 if [[ $OS = "arch" ]]; then
-	systemctl enable sshd
-	systemctl enable knot
-	systemctl enable nginx
-	systemctl enable tor
-	systemctl enable php-fpm
-
 	pacman-key --init
 	pacman-key --populate
 fi
 
 # Enable testing option
 sed -i 's/local_only_check = false/local_only_check = true/' /srv/servnest/core/config.ini
+
+chmod    u=rwX,g=rX,o=rX /        /etc
+chmod -R u=rwX,g=rX,o=rX /etc/php

mkosi.presets/sn-arch.conf

@@ -3,11 +3,12 @@ Distribution = arch
 
 
 
-[Output]
-Output = /var/lib/machines/servnest-arch
 
 [Content]
 Packages =
+	systemd
+	pacman
+	archlinux-keyring
 	apache
 	nginx-mod-headers-more
 	certbot-nginx
@@ -16,5 +17,8 @@ Packages =
 	go
 	openssh
 	iputils
+	gettext
 	which
 	sshpass
+	sed
+	coreutils

mkosi.presets/sn-debian.conf

@@ -3,11 +3,9 @@ Distribution = debian
 Release = testing
 Mirror = https://deb.debian.org/debian
 
-[Output]
-Output = /var/lib/machines/servnest-debian
-
 [Content]
 Packages =
+	dbus
 	apt-transport-tor
 	apache2
 	libnginx-mod-http-headers-more-filter

srv/servnest/core

@@ -1 +0,0 @@
-Subproject commit 25b1d30cbebef6bde5bb26b4de92ef78a29924a6