From 17033403b9d49feaa08ba534dfd4ec0072537ba0 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Tue, 17 Jan 2023 21:48:07 +0100 Subject: [PATCH] fedora 37 --- .../dictionaries/11-fedora-version.xml | 13 ++ .../image/postinstall/base_fedora_version.sh | 7 + .../manual/image/preinstall/base_fedora_37.sh | 1 + .../image/preinstall/base_fedora_version.sh | 1 + seed/base-fedora-37/templates/login | 17 ++ seed/base/dictionaries/00-base.xml | 17 ++ seed/gitea/applicationservice.yml | 4 + seed/gitea/dictionaries/32_gitea.xml | 17 ++ seed/gitea/templates/gitea.service | 17 ++ .../templates/RPM-GPG-KEY-fedora-37-x86_64 | 29 +++ seed/nginx-common/templates/nginx.conf.Debian | 103 +++++++++ seed/nginx-common/templates/nginx.conf.Fedora | 112 ++++++++++ .../templates/ca_External.crt | 1 + seed/postfix-relay/tests/test_smtp.py | 201 ++++++++++++++++++ .../templates/reverse-proxy.yml | 1 + 15 files changed, 541 insertions(+) create mode 100644 seed/base-fedora-37/dictionaries/11-fedora-version.xml create mode 100644 seed/base-fedora-37/manual/image/postinstall/base_fedora_version.sh create mode 100644 seed/base-fedora-37/manual/image/preinstall/base_fedora_37.sh create mode 100644 seed/base-fedora-37/manual/image/preinstall/base_fedora_version.sh create mode 100644 seed/base-fedora-37/templates/login create mode 100644 seed/base/dictionaries/00-base.xml create mode 100644 seed/gitea/applicationservice.yml create mode 100644 seed/gitea/dictionaries/32_gitea.xml create mode 100644 seed/gitea/templates/gitea.service create mode 100644 seed/host-systemd-machined/templates/RPM-GPG-KEY-fedora-37-x86_64 create mode 100644 seed/nginx-common/templates/nginx.conf.Debian create mode 100644 seed/nginx-common/templates/nginx.conf.Fedora create mode 100644 seed/nginx-reverse-proxy/templates/ca_External.crt create mode 100644 seed/postfix-relay/tests/test_smtp.py create mode 100644 seed/reverse-proxy-client/templates/reverse-proxy.yml diff --git a/seed/base-fedora-37/dictionaries/11-fedora-version.xml b/seed/base-fedora-37/dictionaries/11-fedora-version.xml new file mode 100644 index 0000000..8449d3e --- /dev/null +++ b/seed/base-fedora-37/dictionaries/11-fedora-version.xml @@ -0,0 +1,13 @@ + + + + + + + diff --git a/seed/base-fedora-37/manual/image/postinstall/base_fedora_version.sh b/seed/base-fedora-37/manual/image/postinstall/base_fedora_version.sh new file mode 100644 index 0000000..f19a831 --- /dev/null +++ b/seed/base-fedora-37/manual/image/postinstall/base_fedora_version.sh @@ -0,0 +1,7 @@ +# ACTIVE NETWORKD +mkdir $IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/network-online.target.wants +chmod 775 $IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/network-online.target.wants +ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/dbus-org.freedesktop.network1.service" +ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/multi-user.target.wants/systemd-networkd.service" +ln -s /usr/lib/systemd/system/systemd-networkd-wait-online.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service" +ln -s /usr/lib/systemd/system/systemd-networkd.socket "$IMAGE_NAME_RISOTTO_IMAGE_DIR_TMP/usr/lib/systemd/system/sockets.target.wants/systemd-networkd.socket" diff --git a/seed/base-fedora-37/manual/image/preinstall/base_fedora_37.sh b/seed/base-fedora-37/manual/image/preinstall/base_fedora_37.sh new file mode 100644 index 0000000..e1ae882 --- /dev/null +++ b/seed/base-fedora-37/manual/image/preinstall/base_fedora_37.sh @@ -0,0 +1 @@ +BASE_PKG="$BASE_PKG pam util-linux" diff --git a/seed/base-fedora-37/manual/image/preinstall/base_fedora_version.sh b/seed/base-fedora-37/manual/image/preinstall/base_fedora_version.sh new file mode 100644 index 0000000..efe8b60 --- /dev/null +++ b/seed/base-fedora-37/manual/image/preinstall/base_fedora_version.sh @@ -0,0 +1 @@ +RELEASEVER=37 diff --git a/seed/base-fedora-37/templates/login b/seed/base-fedora-37/templates/login new file mode 100644 index 0000000..84c2f83 --- /dev/null +++ b/seed/base-fedora-37/templates/login @@ -0,0 +1,17 @@ +#GNUNUX File from util-linux-*.x86_64 (not installed) +#%PAM-1.0 +auth substack system-auth +auth include postlogin +account required pam_nologin.so +account include system-auth +password include system-auth +# pam_selinux.so close should be the first session rule +session required pam_selinux.so close +session required pam_loginuid.so +# pam_selinux.so open should only be followed by sessions to be executed in the user context +session required pam_selinux.so open +session required pam_namespace.so +session optional pam_keyinit.so force revoke +session include system-auth +session include postlogin +-session optional pam_ck_connector.so diff --git a/seed/base/dictionaries/00-base.xml b/seed/base/dictionaries/00-base.xml new file mode 100644 index 0000000..dd9f34d --- /dev/null +++ b/seed/base/dictionaries/00-base.xml @@ -0,0 +1,17 @@ + + + + + + + copy_tests + copy_tests + + + False + copy_tests + + + + diff --git a/seed/gitea/applicationservice.yml b/seed/gitea/applicationservice.yml new file mode 100644 index 0000000..d0bbcf1 --- /dev/null +++ b/seed/gitea/applicationservice.yml @@ -0,0 +1,4 @@ +format: '0.1' +description: Transitional package for Gitea to Forgejo +depends: + - forgejo diff --git a/seed/gitea/dictionaries/32_gitea.xml b/seed/gitea/dictionaries/32_gitea.xml new file mode 100644 index 0000000..7cf6116 --- /dev/null +++ b/seed/gitea/dictionaries/32_gitea.xml @@ -0,0 +1,17 @@ + + + + + + + + + + + + + gitea_mail_sender + forgejo_mail_sender + + + diff --git a/seed/gitea/templates/gitea.service b/seed/gitea/templates/gitea.service new file mode 100644 index 0000000..cec11ce --- /dev/null +++ b/seed/gitea/templates/gitea.service @@ -0,0 +1,17 @@ +[Unit] +Description=Gitea transitional +Before=risotto.target + +[Service] +Type=oneshot +ExecStart=/bin/bash -c '%slurp +[ -d /srv/gitea/lib/data/gitea-repositories ] && mv /srv/gitea/lib/data/gitea-repositories /srv/gitea/lib/data/forgejo-repositories; %slurp +[ -d /srv/gitea ] && (mv /srv/gitea/* /srv/forgejo; rmdir /srv/gitea); %slurp +find /srv/forgejo/lib/data/forgejo-repositories/*/*.git/hooks -name gitea | while read a; do b=$(dirname $a); mv $b/gitea $b/forgejo; done; %slurp +sed -i 's/gitea/forgejo/g' /srv/forgejo/lib/data/forgejo-repositories/*/*.git/hooks/proc-receive; %slurp +sed -i 's/gitea/forgejo/g' /srv/forgejo/lib/data/forgejo-repositories/*/*.git/hooks/pre-receive.d/forgejo; %slurp +sed -i 's/gitea/forgejo/g' /srv/forgejo/lib/data/forgejo-repositories/*/*.git/hooks/update.d/forgejo; %slurp +sed -i 's/gitea/forgejo/g' /srv/forgejo/lib/data/forgejo-repositories/*/*.git/hooks/post-receive.d/forgejo; %slurp +sed -i 's/gitea/forgejo/g' /srv/forgejo/lib/data/forgejo-repositories/*/*.git/config; %slurp +exit 0%slurp +' diff --git a/seed/host-systemd-machined/templates/RPM-GPG-KEY-fedora-37-x86_64 b/seed/host-systemd-machined/templates/RPM-GPG-KEY-fedora-37-x86_64 new file mode 100644 index 0000000..8ed5fff --- /dev/null +++ b/seed/host-systemd-machined/templates/RPM-GPG-KEY-fedora-37-x86_64 @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGESvNwBEAC7HsCDTlugVeDSMFX6aW3zAPFMfvBssNj+89fdmbxcI9t7UY6f +HvkkGziUET8e+9jB8R2/wXQCGOw1J+sfmwO4aN0LdVQjhKvVNj+F5jWt3m5FAIBa +OTWS6Kvqw2ECTpH7fD86541eK3BuCni6d5U3PCd73t976FcUmpQ/1AthqMksM0Jz +cJapvNmLTCR0NZ2XyyLmn/K1hgNXe8G5j0cSrJiY+Zpz5aQkT96j96Jm6W2A+tBI +icU4n6V4vlj2TxmCumtXJGXGBGJnof/dCgh45aqi+sk5c429ns+5sooYcaEJojj6 +FYSITv10l+az6ZMJz/j61VYSkhMY8hQ4Wd+yL2JVzLE9N9V0L95sX1yEZ5ILmzwx +oRKe4WHSBE6yMxNWobv7hmC+3ZC5mLPaEDS/g/0xuQj9Sy9eT2mhhFPxOv29YQ+P +sC3zXHJMMT0tlGd72PVHQQ0JYONfMhcC+7AHGFGz8p4/wor2jIFG1ouqE6Lfzm8o +XWZMYm3AydlrP/xkYaoWNE3jL/+dskSBr/Yz7ZzlkAqH9lb1HKnXQLTrw6gz6pmI +KufSDXjEFNxnFI/9gMlshJtk5+QSDzezmxFm+NMviSvDUNAVIzrU1D84dauBYph4 +OrJVeECQHEotny/I53AdlVwLYB4TWkObzTs6vtV7Pz1TK2CmHpe3UW72xwARAQAB +tDFGZWRvcmEgKDM3KSA8ZmVkb3JhLTM3LXByaW1hcnlAZmVkb3JhcHJvamVjdC5v +cmc+iQJOBBMBCAA4FiEErLXuToMcdLt8Fo0n9VrT+1MjVSoFAmESvNwCGw8FCwkI +BwIGFQoJCAsCBBYCAwECHgECF4AACgkQ9VrT+1MjVSoPMhAAist7kK/YtcyBL/dt +P55hPrkJT6Ay+e2Dvt4Pixe4iT32Y3jG12aoX2LY//mxVOOpV+EhXYTTb5aLt2Jj +a8/qCKJFk7zuCOxa1hgdRcjoR7ZbU0lNjD9mMCax/YT9QafcaMEib/FlknP3g1SN +GRSKLObTJd6BbtZXCE80JRIX+Dy6+/Oz7LXRXeKpiimhlXT1wuTaqAJEtuHdQvg7 +dkL4DzAJ2FiURVd5gvgo266WaCMafJjFRrSGHJm0c+V+0Z9NsuH80JbPm+rCUh5U +E9PMyztqlqtldtqc1+aZ1iUbVuXY059BUmlAhmf5sAlBktY+hEabH/4kmfGccbBL +TyBIn03Y9q9173okZSUe6q16m/hbbWI8dwkSpIADZbGGJbRi8PJpCg9y6KI355qD +atE2irleoy6eXqpKa+uPTRBk7i/r6jDoA+u+tZyFfcEnwvSWP8cN1j5mNklvITZl +YF1n5b3fejkZVdOmRZQNkyzMxYEd4UZFQZNYrx0nltAagRS8b5ikqNk2UTl+dyBG +k9gLOSZhAa2JdmAqwe9rT69jaa4kZMLlxPPC3246s83t0s7lp7vF+zLPfPSvxpsU +tg+fuT+OFKWYdBFF7VkEA+wezHAznIP6TPyQXbBpkzE889/hOXy4BYs0wy8Bpda/ +Ve2Ba329f99dSCZKImi5DPCxJY4= +=ZmVd +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/seed/nginx-common/templates/nginx.conf.Debian b/seed/nginx-common/templates/nginx.conf.Debian new file mode 100644 index 0000000..0b843e6 --- /dev/null +++ b/seed/nginx-common/templates/nginx.conf.Debian @@ -0,0 +1,103 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user www-data; +worker_processes auto; +#GNUNUX error_log /var/log/nginx/error.log; +#>GNUNUX +error_log syslog:server=unix:/dev/log; +#GNUNUX + access_log syslog:server=unix:/dev/log combined; + error_log syslog:server=unix:/dev/log error; + #GNUNUX +#error_log /var/log/nginx/error.log notice; +error_log syslog:server=unix:/dev/log; +#GNUNUX + access_log syslog:server=unix:/dev/log combined; + error_log syslog:server=unix:/dev/log error; +#GNUNUX + tcp_nodelay on; +#GNUNUX + #ssl_certificate "/etc/pki/nginx/server.crt"; + #ssl_certificate_key "/etc/pki/nginx/private/server.key"; + ssl_certificate %%revprox_crt_file; + ssl_certificate_key %%revprox_key_file; + %if %%getVar('revprox_client_external_domainnames', None) + ssl_client_certificate %%revprox_ca_file; + %else + ssl_client_certificate /etc/pki/ca-trust/source/anchors/ca_HTTP.crt; + %end if + #