diff --git a/seed/applicationservice/2022.03.08/base-fedora-35/applicationservice.yml b/seed/applicationservice/2022.03.08/base-fedora-35/applicationservice.yml
new file mode 100644
index 00000000..95843bc3
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-35/applicationservice.yml
@@ -0,0 +1,4 @@
+format: '0.1'
+description: Information de base d'un serveur fedora version 35
+depends:
+ - base-fedora
diff --git a/seed/applicationservice/2022.03.08/base-fedora-35/dictionaries/00-fedora-35.xml b/seed/applicationservice/2022.03.08/base-fedora-35/dictionaries/00-fedora-35.xml
new file mode 100644
index 00000000..038e8cb9
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-35/dictionaries/00-fedora-35.xml
@@ -0,0 +1,10 @@
+
+
+
+
+
+ 35
+
+
+
+
diff --git a/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/postinstall/base_fedora_35.sh b/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/postinstall/base_fedora_35.sh
new file mode 100644
index 00000000..219e52e7
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/postinstall/base_fedora_35.sh
@@ -0,0 +1,7 @@
+# ACTIVE NETWORKD
+mkdir $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants
+chmod 775 $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants
+ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/dbus-org.freedesktop.network1.service"
+ln -s /usr/lib/systemd/system/systemd-networkd.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/multi-user.target.wants/systemd-networkd.service"
+ln -s /usr/lib/systemd/system/systemd-networkd-wait-online.service "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service"
+ln -s /usr/lib/systemd/system/systemd-networkd.socket "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/lib/systemd/system/sockets.target.wants/systemd-networkd.socket"
diff --git a/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/preinstall/base_fedora_35.sh b/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/preinstall/base_fedora_35.sh
new file mode 100644
index 00000000..7f1c6694
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/base-fedora-35/manual/image/preinstall/base_fedora_35.sh
@@ -0,0 +1 @@
+RELEASEVER=35
diff --git a/seed/applicationservice/2022.03.08/base-fedora/manual/image/preinstall/base_fedora.sh b/seed/applicationservice/2022.03.08/base-fedora/manual/image/preinstall/base_fedora.sh
index 260e7404..8ed111aa 100644
--- a/seed/applicationservice/2022.03.08/base-fedora/manual/image/preinstall/base_fedora.sh
+++ b/seed/applicationservice/2022.03.08/base-fedora/manual/image/preinstall/base_fedora.sh
@@ -1,4 +1,4 @@
-BASE_PKG="systemd systemd-networkd systemd-resolved fedora-release-container lsof strace"
+BASE_PKG="systemd systemd-networkd systemd-resolved fedora-release-container lsof strace glibc-langpack-fr"
INSTALL_TOOL="dnf"
OS_NAME='fedora'
REPO_DIR="$IMAGE_NAME_RISOTTO_IMAGE_DIR/etc/yum.repos.d/"
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/preprocessors b/seed/applicationservice/2022.03.08/base-fedora/packer/image/preprocessors
deleted file mode 100755
index 24363887..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/preprocessors
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-echo "Preprocessors"
-
-if [ ! -z $https_proxy ]; then
- echo "echo 'export https_proxy=$https_proxy' > /tmp/proxy.sh" > scripts/00-proxy
-fi
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json b/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json
deleted file mode 100644
index c8f1838e..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json
+++ /dev/null
@@ -1,63 +0,0 @@
-{
- "builders": [
- {
- "format": "qcow2",
- "headless": true,
- "output_directory": "{{user `tmp_directory`}}/output",
- "shutdown_command": "echo packer | sudo -S shutdown -P now",
- "ssh_password": "qemubuild",
- "ssh_username": "qemubuild",
- "ssh_wait_timeout": "120m",
- "type": "qemu",
- "disk_interface": "virtio",
- "vm_name": "image.img",
- "qemuargs": [
- ["-drive", "file=output/image.img,if=virtio,cache=writeback,discard=ignore,format=qcow2"],
- ["-drive", "if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.fd"]
- ],
- "memory": "2048",
- "vnc_bind_address": "0.0.0.0",
- "disk_image": true,
- "iso_checksum": "{{user `iso_checksum` }}",
- "iso_url": "{{user `iso_url` }}",
- "iso_checksum_type": "sha256"
- }
- ],
- "provisioners": [
- {
- "type": "file",
- "source": "{{user `tmp_directory`}}/scripts",
- "destination": "/tmp/scripts"
- },
- {
- "type": "shell",
- "inline": [
- "sudo chown root: /tmp/scripts/*",
- "sudo chmod +x /tmp/scripts/*",
- "sudo risotto-run-parts /tmp/scripts/"
- ]
- }
- ],
- "post-processors": [
- {
- "type": "shell-local",
- "inline": [
- "sleep 5",
- "mkdir -p {{user `tmp_directory`}}/tmp",
- "echo 'Syst Prep'",
- "LIBGUESTFS_BACKEND=direct virt-sysprep --delete \"/var/*\" --delete \"/home/*\" -a {{user `tmp_directory`}}/output/image.img",
- "echo 'Sparsify before shink'",
- "LIBGUESTFS_BACKEND=direct virt-sparsify --check-tmpdir=ignore --tmp {{user `tmp_directory`}}/tmp/ {{user `tmp_directory`}}/output/image.img {{user `tmp_directory`}}/output/sparse.img",
- "echo 'Shink'",
- "guestfish add {{user `tmp_directory`}}/output/sparse.img : run : resize2fs-M /dev/sda2",
- "truncate -s $(virt-df {{user `tmp_directory`}}/output/sparse.img --csv|tail -n +2|awk -F, '{x+=$3}END{print x + 16012}')K {{user `tmp_directory`}}/output/shrink.img",
- "virt-resize --shrink /dev/sda2 {{user `tmp_directory`}}/output/sparse.img {{user `tmp_directory`}}/output/shrink.img",
- "echo 'Sparsify and convert to qcow2'",
- "LIBGUESTFS_BACKEND=direct virt-sparsify --check-tmpdir=ignore --tmp {{user `tmp_directory`}}/tmp/ --compress --convert qcow2 {{user `tmp_directory`}}/output/shrink.img {{user `tmp_directory`}}/image.img",
- "echo 'SHASUM'",
- "sha256sum {{user `tmp_directory`}}/image.img > {{user `tmp_directory`}}/image.sha256",
- "rm -rf {{user `tmp_directory`}}/tmp {{user `tmp_directory`}}/output"
- ]
- }
- ]
-}
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json.ext2 b/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json.ext2
deleted file mode 100644
index e5c962ab..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/recipe.json.ext2
+++ /dev/null
@@ -1,63 +0,0 @@
-{
- "builders": [
- {
- "format": "qcow2",
- "headless": true,
- "output_directory": "{{user `tmp_directory`}}/output",
- "shutdown_command": "echo packer | sudo -S shutdown -P now",
- "ssh_password": "qemubuild",
- "ssh_username": "qemubuild",
- "ssh_wait_timeout": "120m",
- "type": "qemu",
- "disk_interface": "virtio",
- "vm_name": "image.img",
- "qemuargs": [
- ["-drive", "file=output/image.img,if=virtio,cache=writeback,discard=ignore,format=qcow2"],
- ["-drive", "if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.fd"]
- ],
- "memory": "2048",
- "vnc_bind_address": "0.0.0.0",
- "disk_image": true,
- "iso_checksum": "{{user `iso_checksum` }}",
- "iso_url": "{{user `iso_url` }}",
- "iso_checksum_type": "sha256"
- }
- ],
- "provisioners": [
- {
- "type": "file",
- "source": "{{user `tmp_directory`}}/scripts",
- "destination": "/tmp/scripts"
- },
- {
- "type": "shell",
- "inline": [
- "sudo chown root: /tmp/scripts/*",
- "sudo chmod +x /tmp/scripts/*",
- "sudo risotto-run-parts /tmp/scripts/"
- ]
- }
- ],
- "post-processors": [
- {
- "type": "shell-local",
- "inline": [
- "sleep 5",
- "mkdir -p {{user `tmp_directory`}}/tmp",
- "echo 'Syst Prep'",
- "LIBGUESTFS_BACKEND=direct virt-sysprep --delete \"/var/*\" --delete \"/home/*\" -a {{user `tmp_directory`}}/output/image.img",
- "echo 'Sparsify before shink'",
- "LIBGUESTFS_BACKEND=direct virt-sparsify --check-tmpdir=ignore --tmp {{user `tmp_directory`}}/tmp/ {{user `tmp_directory`}}/output/image.img {{user `tmp_directory`}}/output/sparse.img",
- "echo 'Shink'",
- "guestfish add {{user `tmp_directory`}}/output/sparse.img : run : resize2fs-M /dev/sda2",
- "truncate -s $(virt-df {{user `tmp_directory`}}/output/sparse.img --csv|tail -n +2|awk -F, '{x+=$3}END{print x + 16384}')K {{user `tmp_directory`}}/output/shrink.img",
- "virt-resize --shrink /dev/sda2 {{user `tmp_directory`}}/output/sparse.img {{user `tmp_directory`}}/output/shrink.img",
- "echo 'Sparsify and convert to qcow2'",
- "LIBGUESTFS_BACKEND=direct virt-sparsify --check-tmpdir=ignore --tmp {{user `tmp_directory`}}/tmp/ --compress --convert qcow2 {{user `tmp_directory`}}/output/shrink.img {{user `tmp_directory`}}/image.img",
- "echo 'SHASUM'",
- "sha256sum {{user `tmp_directory`}}/image.img > {{user `tmp_directory`}}/image.sha256",
- "rm -rf {{user `tmp_directory`}}/tmp {{user `tmp_directory`}}/output"
- ]
- }
- ]
-}
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/10-update b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/10-update
deleted file mode 100644
index b63561f7..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/10-update
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-[ -e /tmp/proxy.sh ] && . /tmp/proxy.sh
-microdnf update
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/40-remove_microdnf b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/40-remove_microdnf
deleted file mode 100644
index ec980845..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/40-remove_microdnf
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-set -xe
-
-microdnf clean all
-for package in microdnf libdnf libpeas libstdc++ gobject-introspection libsolv librepo libmodulemd file-libs zchunk-libs libyaml gpgme gnupg2 libassuan libksba libusbx npth; do
- rpm -e $package || true
-done
-rm -rf /var/lib/dnf
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/50-rpm_vaccum b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/50-rpm_vaccum
deleted file mode 100644
index a3015ae7..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/50-rpm_vaccum
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-set -xe
-
-rpm -qa | sort > /tmp/rpm.txt
-# try to remove this packages
-PKG=" rpm rpm-libs curl libcurl lua-libs libarchive sqlite-libs libnghttp2 libssh libbrotli libpsl publicsuffix-list-dafsa libxml2 libssh-config elfutils-libs dbus-broker "
-# exclude package
-PKG2=""
-while read -r a; do
- pkg="$(echo "$a" | awk '{ print $1 }' | awk -F'(' '{ print $1 }')"
- [ -n "$PKG2" ] && PKG2="$PKG2\n"
- PKG2="$PKG2$pkg"
-done <<< "$( rpm --test -ev $PKG 2>&1 | grep -v ^'erreur' )"
-
-while read -r b; do
- pkg=$(rpm -q $b --quiet && echo $b || rpm -qf $(find / -name $b -print -quit) --query --queryformat "%{NAME}\n";)
- echo "Ne pas désinstaller $pkg"
- PKG=${PKG// $pkg / }
-done <<< "$(echo -e $PKG2 | sort -u)"
-
-echo "Suppression de $PKG"
-rpm -e $PKG
-
-echo "Remove rpm database"
-rm -rf /var/lib/rpm/*
-rm -rf /usr/lib/rpm
-mv /tmp/rpm.txt /var/lib/rpm/rpm.txt
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/60-tmpfiles b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/60-tmpfiles
deleted file mode 100644
index 50940431..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/60-tmpfiles
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-rm -rf /etc/X11 /etc/firewalld /etc/pki/rpm-gpg /etc/yum.repos.d /etc/dconf
-make_volatile /etc
-#
-make_volatile /var/lib/rpm
-
-sed -i 's/ ro$/ ro systemd.volatile=yes selinux=1 net.ifnames=0/g' /boot/efi/loader/entries/fedora.conf
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/70-locale b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/70-locale
deleted file mode 100644
index d8cbf03f..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/70-locale
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-find /usr/share/locale/ -mindepth 1 -maxdepth 1 ! -name fr ! -name fr_FR -exec rm -rf '{}' \;
-find /usr/lib/locale/ -mindepth 1 -maxdepth 1 ! -name fr_FR.utf8 ! -name C.utf8 -exec rm -rf '{}' \;
-find /usr/lib/kbd/keymaps/xkb/ -type f ! -name fr-oss.map.gz -delete
-find /usr/lib/kbd/consolefonts/ -type f ! -name eurlatgr.psfu.gz -delete
-rm -rf /usr/share/bash-completion
-rm -rf /usr/share/pkgconfig
-rm -rf /usr/share/licenses/
-rm -rf /usr/share/zsh
-rm -rf /usr/lib/.build-id
-rm -rf /usr/lib/debug
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/80-log b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/80-log
deleted file mode 100644
index be3836fa..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/80-log
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-rm -rf /var/cache/* /var/log/*
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/90-initrd b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/90-initrd
deleted file mode 100644
index 8586e421..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/90-initrd
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-KERNELVERSION=$(ls /lib/modules)
-if [ -f "/boot/efi/$KERNELVERSION/initrd.cdrom" ]; then
- mv "/boot/efi/$KERNELVERSION/initrd.cdrom" "/boot/efi/$KERNELVERSION/initrd"
-fi
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/99-reduce b/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/99-reduce
deleted file mode 100644
index 2ba994bd..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/image/scripts/99-reduce
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-
-set -ex
-#
-#duperemove -rd /
-#
-#for size in 1000000000 100000000 10000000 1000000 100000 10000 1000 100 10 1; do
-# echo "========================= $size ========================="
-# while btrfs filesystem resize -$size /; do :; done
-#done
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/make_volatile b/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/make_volatile
deleted file mode 100644
index feae040b..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/make_volatile
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/bash
-set -e
-DESTDIR='/usr/lib/tmpfiles.d'
-CONF_DST='/usr/share/factory'
-EXCLUDES="^(/etc/passwd|/etc/group|/etc/.updated|/etc/.pwd.lock|/etc/pam.d|/etc/systemd/network/dhcp.network|/etc/sudoers.d/qemubuild)$"
-ONLY_COPY="^(/etc/localtime)$"
-FORCE_LINKS="^(/etc/udev/hwdb.bin)$"
-
-function file_dir_in_tmpfiles() {
- letter=$1
- directory=$2
- mode=$(stat --format "%a" "$directory")
- user=$(stat --format "%U" "$directory")
- group=$(stat --format "%G" "$directory")
- echo "$letter $directory $mode $user $group - -"
-}
-
-function calc_symlink_in_tmpfiles() {
- dest_name=$1
- src_file=$(readlink "$dest_name")
- symlink_in_tmpfiles "$dest_name" "$src_file"
-}
-
-function symlink_in_tmpfiles() {
- dest_name=$1
- src_file=$2
- echo "L+ $dest_name - - - - $src_file"
-}
-
-function main() {
- dir_config_orig=$1
-
- mkdir -p "$DESTDIR"
- mkdir -p "$CONF_DST$dir_config_orig"
- name="${dir_config_orig//\//-}"
- systemd_conf="$DESTDIR/risotto$name.conf"
- echo "" > $systemd_conf
- while IFS= read -r -d '' src_file; do
- dest_file="$CONF_DST$src_file"
- echo $src_file
- if [[ "$src_file" =~ $EXCLUDES ]]; then
- echo "$src_file: exclude" >&2
- elif [[ -L "$src_file" ]]; then
- calc_symlink_in_tmpfiles "$src_file" >> $systemd_conf
- elif [[ "$src_file" =~ $FORCE_LINKS ]]; then
- symlink_in_tmpfiles "$src_file" "$dest_file" >> $systemd_conf
- elif [[ -d "$src_file" ]]; then
- file_dir_in_tmpfiles 'd' "$src_file" >> $systemd_conf
- [[ ! -d "$dest_file" ]] && mkdir -p "$dest_file"
- #echo "$src_file: directory ok"
- else
- if [[ ! "$src_file" =~ $ONLY_COPY ]]; then
- file_dir_in_tmpfiles "C" "$src_file" >> $systemd_conf
- fi
- [[ -e "$dest_file" ]] && rm -f "$dest_file"
- # not a symlink... an hardlink
- ln "$src_file" "$dest_file"
- #echo "$src_file: file ok"
- fi
- done < <(find "$dir_config_orig" -print0)
-}
-main "$1"
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/risotto-run-parts b/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/risotto-run-parts
deleted file mode 100644
index 10a4bb05..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/bin/risotto-run-parts
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/usr/bin/bash
-# run-parts - concept taken from Debian
-
-set +xe
-
-if [ $# -lt 1 ]; then
- echo "Usage: risotto-run-parts "
- exit 1
-fi
-
-if [ ! -d $1 ]; then
- echo "Not a directory: $1"
- exit 1
-fi
-
-# Ignore *~ and *, scripts
-for i in $(LC_ALL=C; echo ${1%/}/*[^~,]) ; do
- [ -d $i ] && continue
- [ ! -x $i ] && continue
- echo "execute $i"
- $i 2>&1
-done
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/http/ks-34.cfg b/seed/applicationservice/2022.03.08/base-fedora/packer/os/http/ks-34.cfg
deleted file mode 100644
index 0090bf86..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/http/ks-34.cfg
+++ /dev/null
@@ -1,169 +0,0 @@
-# Keyboard layouts
-keyboard --xlayouts='fr (oss)'
-# System language
-lang fr_FR.UTF-8
-# Required settings
-rootpw qemubuild
-user --name=qemubuild --password=qemubuild --groups=wheel
-authconfig --enableshadow --enablemd5
-
-# System timezone
-timezone Europe/Paris --utc
-repo --name=fedora --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
-repo --name=updates --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
-url --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-\$releasever&arch=\$basearch%%EXTRA_URL%%
-
-# Optional settings
-#bootloader --location=mbr
-bootloader --disabled
-clearpart --all --initlabel
-firstboot --enable
-#install
-network --bootproto=dhcp
-reboot
-selinux --enforcing
-#services --enabled=sshd,zram-swap,systemd-networkd,systemd-resolved
-services --enabled=sshd --disabled=systemd-vconsole-setup
-skipx
-text
-zerombr
-
-# Disk partition
-part / --fstype="ext2" --ondisk=vda --grow
-# btrfs : part btrfs.50 --fstype="btrfs" --ondisk=vda --grow
-part /boot/efi --fstype="efi" --ondisk=vda --size=30 --fsoptions="umask=0077,shortname=winnt"
-
-#btrfs none --label=fedora_fedora btrfs.50
-#btrfs / --subvol --name=root LABEL=fedora_fedora
-
-# Packages
-%packages --excludedocs --instLangs=fr --nocore --exclude-weakdeps
-#@core --nodefaults
-audit
-bash
-coreutils
-#dracut-config-generic
-# btrfs duperemove
-#glibc-langpack-fr
-kbd
-kernel-core
-microdnf
-openssh-server
-openssh-clients
-qemu-guest-agent
-systemd-networkd
-#rpm
-#shadow-utils
-screen
-sudo
-systemd
-#util-linux
--zram
-#
--kernel
-%end
-
-# Post
-%post
-
-# for microdnf
-touch /etc/dnf/dnf.conf
-
-# add qemubuild to sudo
-echo "qemubuild ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/qemubuild
-
-# remove unecessary directories
-rm -rf /usr/share/doc
-rm -rf /usr/share/licenses
-#rm -rfv /usr/share/icons/*
-# remove some random help txt files
-rm -fv /usr/share/gnupg/help*.txt
-# Pruning random things
-rm usr/lib/rpm/rpm.daily
-#some random not-that-useful binaries
-rm -fv /usr/bin/pinky
-
-# if you want to change the timezone, bind-mount it from the host or reinstall tzdata
-localzone=$(readlink /etc/localtime)
-mv $localzone /tmp
-rm -rfv /usr/share/zoneinfo
-mkdir -p $(dirname $localzone)
-mv /tmp/$(basename $localzone) $localzone
-
-# configure systemd-networkd
-echo """[Match]
-Name=*
-
-[Network]
-DHCP=yes""" > /etc/systemd/network/dhcp.network
-SYSTEMDDIR=/usr/lib/systemd/system
-MULTI=$SYSTEMDDIR/multi-user.target.wants
-ln -sf ../systemd-networkd.service $MULTI/systemd-networkd.service
-ln -sf ../systemd-resolved.service $MULTI/systemd-resolved.service
-
-# initramfs have to mount iso9660 partition
-# install bootload
-SYSDISK="/dev/vda2"
-MACHINEID=`cat /etc/machine-id`
-KERNELVERSION=`ls /lib/modules`
-DISK=`lsblk -n $SYSDISK -o uuid`
-mkdir /boot/$MACHINEID
-# btrfs : echo "root=UUID=$DISK ro rootflags=subvol=root" > /etc/kernel/cmdline
-echo "root=UUID=$DISK ro" > /etc/kernel/cmdline
-# add CDROM driver
-echo 'add_drivers+=" iso9660 "' > /etc/dracut.conf.d/cdrom.conf
-kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz
-mv /boot/$MACHINEID/$KERNELVERSION /boot/efi
-# // ADD MOUNT INSTRUCTION IN INITRAMFS
-# build second initrd file that mount cdrom to /usr
-#echo 'add_fstab+=/tmp/fstab' >> /etc/dracut.conf.d/cdrom.conf
-#echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,relatime,x-systemd.after=sysroot.mount,x-systemd.before=systemd-volatile-root.service 0 0" > /tmp/fstab
-#echo "/dev/sr0 /sysroot/usr/local/lib iso9660 ro,x-initrd.mount,nosuid,noexec,uid=0,gid=0,mode=400 0 0" > /tmp/fstab
-echo "[Unit]
-DefaultDependencies=no
-After=sysroot.mount
-Before=initrd-udevadm-cleanup-db.service
-#Before=systemd-volatile-root.service
-After=blockdev@dev-sr0.target
-
-[Service]
-Type=oneshot
-ExecStart=mount /dev/sr0 /sysroot/usr/local/lib -t iso9660 -o defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400
-" > /usr/lib/systemd/system/sysroot-usr-local-lib.service
-
-# // VERSION .mount
-#[Mount]
-#Where=/sysroot/usr/local/lib
-#What=/dev/sr0
-#Type=iso9660
-#Options=defaults,ro,nosuid,noexec,uid=0,gid=0,mode=400" > /usr/lib/systemd/system/sysroot-usr-local-lib.mount
-mkdir -p /usr/lib/systemd/system/initrd-root-fs.target.requires
-cd /usr/lib/systemd/system/initrd-root-fs.target.requires
-#ln -sf ../sysroot-usr-local-lib.mount .
-ln -sf ../sysroot-usr-local-lib.service .
-#echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.mount /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.mount "' >> /etc/dracut.conf.d/cdrom.conf
-echo 'install_items+=" /usr/lib/systemd/system/sysroot-usr-local-lib.service /usr/lib/systemd/system/initrd-root-fs.target.requires/sysroot-usr-local-lib.service "' >> /etc/dracut.conf.d/cdrom.conf
-kernel-install add $KERNELVERSION /lib/modules/$KERNELVERSION/vmlinuz
-mv /boot/$MACHINEID/$KERNELVERSION/initrd /boot/efi/$KERNELVERSION/initrd.cdrom
-rm -f /etc/dracut.conf.d/cdrom.conf
- // END INITRAMFS
-# rename entry file without machine ID
-mv /boot/loader/entries/$MACHINEID-$KERNELVERSION.conf /boot/loader/entries/fedora.conf
-sed -i "/^machine-id /d" /boot/loader/entries/fedora.conf
-sed -i "s@/boot/$MACHINEID/$KERNELVERSION/@/$KERNELVERSION/@g" /boot/loader/entries/fedora.conf
-# move it in EFI directory for systemd-boot
-mv /boot/loader /boot/efi
-# remove unused file
-rm -rf /lib/modules/$KERNELVERSION/vmlinuz /boot/initramfs* /boot/$MACHINEID
-# install systemd-boot
-bootctl install
-
-# remove authselect and dracut
-microdnf -y remove dracut xz acl authselect authselect-compat authselect-libs chrony cpio libkcapi-hmaccalc libkcapi linux-firmware linux-firmware-whence
-# remove python3
-microdnf -y remove python3 python3-libs python-pip-wheel python-setuptools-wheel gdbm-libs
-# remove langpacks fr
-microdnf -y remove langpacks-fr langpacks-core-fr langpacks-core-font-fr dejavu-sans-fonts fonts-filesystem
-rm -f /var/lib/systemd/random-seed
-rm -rfv /var/lib/authselect
-%end
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/preprocessors b/seed/applicationservice/2022.03.08/base-fedora/packer/os/preprocessors
deleted file mode 100755
index 66a9da61..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/preprocessors
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-echo "Preprocessors"
-
-if [ ! -z $https_proxy ]; then
- sed -i "s@%%EXTRA_URL%%@ --proxy=$https_proxy@g" http/ks-34.cfg
-else
- sed -i "s@%%EXTRA_URL%%@@g" http/ks-34.cfg
-fi
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/recipe.json b/seed/applicationservice/2022.03.08/base-fedora/packer/os/recipe.json
deleted file mode 100644
index 03e6ac77..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/recipe.json
+++ /dev/null
@@ -1,71 +0,0 @@
-{
- "builders": [
- {
- "format": "qcow2",
- "headless": true,
- "output_directory": "{{user `tmp_directory`}}/output",
- "shutdown_command": "echo packer | sudo -S shutdown -P now",
- "ssh_password": "qemubuild",
- "ssh_username": "qemubuild",
- "ssh_wait_timeout": "120m",
- "type": "qemu",
- "disk_interface": "virtio",
- "vm_name": "image.img",
- "qemuargs": [
- ["-drive", "file=output/image.img,if=virtio,cache=writeback,discard=ignore,format=qcow2"],
- ["-drive", "if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.fd"]
- ],
- "memory": "2048",
- "vnc_bind_address": "0.0.0.0",
- "boot_command": [
- "e inst.text inst.gpt inst.ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks-34.cfg x "
- ],
- "disk_size": "4096",
- "iso_checksum_type": "sha256",
- "iso_checksum": "e1a38b9faa62f793ad4561b308c31f32876cfaaee94457a7a9108aaddaeec406",
- "iso_url": "https://download.fedoraproject.org/pub/fedora/linux/releases/34/Server/x86_64/iso/Fedora-Server-netinst-x86_64-34-1.2.iso",
- "http_directory": "{{user `tmp_directory`}}/http"
- }
- ],
- "provisioners": [
- {
- "type": "file",
- "source": "{{user `tmp_directory`}}/bin",
- "destination": "/tmp/bin"
- },
- {
- "type": "shell",
- "inline": [
- "sudo mv /tmp/bin/* /usr/local/bin",
- "sudo chown root: /usr/local/bin/*",
- "sudo chmod +x /usr/local/bin/*"
- ]
- },
- {
- "type": "file",
- "source": "{{user `tmp_directory`}}/scripts",
- "destination": "/tmp/scripts"
- },
- {
- "type": "shell",
- "inline": [
- "sudo chown root: /tmp/scripts/*",
- "sudo chmod +x /tmp/scripts/*",
- "sudo risotto-run-parts /tmp/scripts/"
- ]
- }
- ],
- "post-processors": [
- {
- "type": "shell-local",
- "inline": [
- "sleep 5",
- "mkdir -p {{user `tmp_directory`}}/tmp",
- "LIBGUESTFS_BACKEND=direct virt-sysprep -a {{user `tmp_directory`}}/output/image.img",
- "LIBGUESTFS_BACKEND=direct virt-sparsify --check-tmpdir=ignore --tmp {{user `tmp_directory`}}/tmp/ --compress {{user `tmp_directory`}}/output/image.img {{user `tmp_directory`}}/image.img",
- "sha256sum {{user `tmp_directory`}}/image.img > {{user `tmp_directory`}}/image.sha256",
- "rm -rf {{user `tmp_directory`}}/tmp {{user `tmp_directory`}}/output"
- ]
- }
- ]
-}
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/30-rpm_vaccum b/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/30-rpm_vaccum
deleted file mode 100644
index ff1d4f0c..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/30-rpm_vaccum
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-set -xe
-
-echo VACUUM |sqlite3 /var/lib/rpm/rpmdb.sqlite
-
-exit 0
-
diff --git a/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/40-locale b/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/40-locale
deleted file mode 100644
index 85a77799..00000000
--- a/seed/applicationservice/2022.03.08/base-fedora/packer/os/scripts/40-locale
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-find /usr/share/locale/ -mindepth 1 -maxdepth 1 ! -name fr ! -name fr_FR -exec rm -rf '{}' \;
-find /usr/lib/locale/ -mindepth 1 -maxdepth 1 ! -name fr_FR.utf8 ! -name C.utf8 -exec rm -rf '{}' \;
-find /usr/share/terminfo -mindepth 1 -maxdepth 1 ! -name l ! -name d ! -name s -exec rm -rf '{}' \;
-find /usr/share/terminfo/s/screen -type f ! -name screen-256color -delete
-find /usr/lib/kbd/keymaps/xkb/ -type f ! -name fr-oss.map.gz -delete
-find /usr/lib/kbd/consolefonts/ -type f ! -name eurlatgr.psfu.gz -delete
-rm -rf /usr/lib/kbd/consoletrans
-rm -rf /usr/lib/kbd/unimaps
-rm -rf /usr/lib/kernel
-rm -rf /usr/lib/systemd/boot
-rm -rf /usr/share/bash-completion
-rm -rf /usr/share/pkgconfig
-rm -rf /usr/share/licenses/
-rm -rf /usr/lib/debug
-exit 0
diff --git a/seed/applicationservice/2022.03.08/base/dictionaries/00-base.xml b/seed/applicationservice/2022.03.08/base/dictionaries/00-base.xml
index 71039c37..a8e25115 100644
--- a/seed/applicationservice/2022.03.08/base/dictionaries/00-base.xml
+++ b/seed/applicationservice/2022.03.08/base/dictionaries/00-base.xml
@@ -1,5 +1,10 @@
+
+
+ /etc/locale.conf
+
+
diff --git a/seed/applicationservice/2022.03.08/gitea/dictionaries/31_gitea.xml b/seed/applicationservice/2022.03.08/gitea/dictionaries/31_gitea.xml
index a1b096c8..5bb7b32a 100644
--- a/seed/applicationservice/2022.03.08/gitea/dictionaries/31_gitea.xml
+++ b/seed/applicationservice/2022.03.08/gitea/dictionaries/31_gitea.xml
@@ -19,9 +19,6 @@
-
- /gitea/
-
/
@@ -82,23 +79,19 @@
43
gitea_lfs_jwt_secret
-
- https://
+
revprox_client_external_domainname
revprox_client_location
user/oauth2/
domain_name_eth0
/callback
-
oauth2_client_login
-
- https://
+
revprox_client_external_domainname
revprox_client_location
user/oauth2/
domain_name_eth0
-
oauth2_client_external
diff --git a/seed/applicationservice/2022.03.08/gitea/manual/image/postinstall/gitea.sh b/seed/applicationservice/2022.03.08/gitea/manual/image/postinstall/gitea.sh
index 5a10d1a0..8de3db79 100644
--- a/seed/applicationservice/2022.03.08/gitea/manual/image/postinstall/gitea.sh
+++ b/seed/applicationservice/2022.03.08/gitea/manual/image/postinstall/gitea.sh
@@ -8,17 +8,16 @@ VERSION=$(wget https://dl.gitea.io/gitea/version.json -q -O - | jq -r '.latest.v
mkdir -p ~/gitea/
-if [ ! -f "~/gitea/gitea-$VERSION-linux-amd64.xz" ]; then
- wget https://dl.gitea.io/gitea/$VERSION/gitea-$VERSION-linux-amd64.xz -O ~/gitea/gitea-$VERSION-linux-amd64.xz
+if [ ! -f ~/"gitea/gitea-$VERSION-linux-amd64.xz" ]; then
+ wget "https://dl.gitea.io/gitea/$VERSION/gitea-$VERSION-linux-amd64.xz" -O ~/"gitea/gitea-$VERSION-linux-amd64.xz"
fi
-if [ ! -f "~/gitea/gitea-$VERSION-linux-amd64.xz.asc" ]; then
- wget https://dl.gitea.io/gitea/$VERSION/gitea-$VERSION-linux-amd64.xz.asc -O ~/gitea/gitea-$VERSION-linux-amd64.xz.asc
+if [ ! -f ~/"gitea/gitea-$VERSION-linux-amd64.xz.asc" ]; then
+ wget "https://dl.gitea.io/gitea/$VERSION/gitea-$VERSION-linux-amd64.xz.asc" -O ~/"gitea/gitea-$VERSION-linux-amd64.xz.asc"
fi
-gpg --verify ~/gitea/gitea-$VERSION-linux-amd64.xz.asc ~/gitea/gitea-$VERSION-linux-amd64.xz
-
-cp -a ~/gitea/gitea-$VERSION-linux-amd64.xz .
-xz -d gitea-$VERSION-linux-amd64.xz
-mv gitea-$VERSION-linux-amd64 $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/bin/gitea
-chmod +x $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/bin/gitea
+gpg --verify ~/"gitea/gitea-$VERSION-linux-amd64.xz.asc" ~/"gitea/gitea-$VERSION-linux-amd64.xz"
+cp -a ~/"gitea/gitea-$VERSION-linux-amd64.xz" .
+xz -d "gitea-$VERSION-linux-amd64.xz"
+mv "gitea-$VERSION-linux-amd64" "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/bin/gitea"
+chmod +x "$IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/bin/gitea"
diff --git a/seed/applicationservice/2022.03.08/gitea/manual/image/preinstall/mailman.sh b/seed/applicationservice/2022.03.08/gitea/manual/image/preinstall/gitea.sh
similarity index 100%
rename from seed/applicationservice/2022.03.08/gitea/manual/image/preinstall/mailman.sh
rename to seed/applicationservice/2022.03.08/gitea/manual/image/preinstall/gitea.sh
diff --git a/seed/applicationservice/2022.03.08/host-systemd-machined/dictionaries/21-machined.xml b/seed/applicationservice/2022.03.08/host-systemd-machined/dictionaries/21-machined.xml
index 4ea85412..98d32b0e 100644
--- a/seed/applicationservice/2022.03.08/host-systemd-machined/dictionaries/21-machined.xml
+++ b/seed/applicationservice/2022.03.08/host-systemd-machined/dictionaries/21-machined.xml
@@ -19,7 +19,7 @@
-
+
diff --git a/seed/applicationservice/2022.03.08/mailman/dictionaries/31_mailman.xml b/seed/applicationservice/2022.03.08/mailman/dictionaries/31_mailman.xml
index f024d844..023fcd45 100644
--- a/seed/applicationservice/2022.03.08/mailman/dictionaries/31_mailman.xml
+++ b/seed/applicationservice/2022.03.08/mailman/dictionaries/31_mailman.xml
@@ -21,11 +21,6 @@
-
-
- /mailman
-
-
True
@@ -50,12 +45,10 @@
cleartext
postorius_secret_key
-
- https://
+
revprox_client_external_domainname
revprox_client_location
/accounts/risotto/login/
-
oauth2_client_external
diff --git a/seed/applicationservice/2022.03.08/mailman/funcs/mailman.py b/seed/applicationservice/2022.03.08/mailman/funcs/mailman.py
index ff94fd26..8e72ae1a 100644
--- a/seed/applicationservice/2022.03.08/mailman/funcs/mailman.py
+++ b/seed/applicationservice/2022.03.08/mailman/funcs/mailman.py
@@ -1,4 +1,4 @@
-from utils import multi_function as _multi_function
+from risotto.utils import multi_function as _multi_function
from itertools import chain
diff --git a/seed/applicationservice/2022.03.08/nextcloud/dictionaries/31_nextcloud.xml b/seed/applicationservice/2022.03.08/nextcloud/dictionaries/31_nextcloud.xml
index f548a847..4bff5373 100644
--- a/seed/applicationservice/2022.03.08/nextcloud/dictionaries/31_nextcloud.xml
+++ b/seed/applicationservice/2022.03.08/nextcloud/dictionaries/31_nextcloud.xml
@@ -18,11 +18,6 @@
-
-
- /nextcloud
-
-
True
diff --git a/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.init b/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.init
index b1e0f0fe..db827d6d 100644
--- a/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.init
+++ b/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.init
@@ -44,9 +44,13 @@ fi
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapUserDisplayName "sn"
/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapConfigurationActive "1"
#/usr/bin/php /usr/share/nextcloud/occ ldap:set-config s01 ldapTLS "1"
-# cron
+# Cron
/usr/bin/php /usr/share/nextcloud/occ config:app:set core backgroundjobs_mode --value=cron
-# need network
+# Need network
/usr/bin/php /usr/share/nextcloud/occ app:disable weather_status
+# Maintenance
+/usr/bin/php /usr/share/nextcloud/occ upgrade
+/usr/bin/php /usr/share/nextcloud/occ files:scan --all -q
+/usr/bin/php /usr/share/nextcloud/occ maintenance:repair -q
exit 0
diff --git a/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.service b/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.service
index a5611330..052de7a3 100644
--- a/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.service
+++ b/seed/applicationservice/2022.03.08/nextcloud/templates/nextcloud.service
@@ -9,8 +9,6 @@ WorkingDirectory=/usr/share/nextcloud
#FIXME
ExecStart=+/usr/bin/chmod +w /etc/nextcloud/config.php
ExecStart=/etc/nextcloud/nextcloud.init
-ExecStart=/usr/bin/php occ files:scan --all -q
-ExecStart=/usr/bin/php occ maintenance:repair -q
ExecStart=+/usr/bin/chmod -w /etc/nextcloud/config.php
User=apache
Group=apache
diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/DEBUG b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/DEBUG
new file mode 100644
index 00000000..8dc5dae1
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/DEBUG
@@ -0,0 +1,2 @@
+sed -i 's@error_log syslog:server=unix:/dev/log;@error_log syslog:server=unix:/dev/log debug;@g' /etc/nginx/nginx.conf
+systemctl restart nginx
diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml
index fbeefb00..328d849b 100644
--- a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml
+++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml
@@ -22,7 +22,7 @@
-
+
diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/extras/nginx/00-nginx.xml b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/extras/nginx/00-nginx.xml
index 0bbc5d7b..059344cc 100644
--- a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/extras/nginx/00-nginx.xml
+++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/extras/nginx/00-nginx.xml
@@ -6,8 +6,9 @@
False
-
-
+
+
+
diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/funcs/nginx.py b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/funcs/nginx.py
index d4b6ef56..6f84a4ef 100644
--- a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/funcs/nginx.py
+++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/funcs/nginx.py
@@ -1,5 +1,5 @@
from typing import List as _List
-from utils import multi_function
+from risotto.utils import multi_function
@multi_function
diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf
index 7e7c55e8..3105fed1 100644
--- a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf
+++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf
@@ -39,7 +39,7 @@ server {
# Configuration HTTPS %%domainname
server {
- listen 443 ssl;
+ listen 443 ssl http2;
ssl_certificate %%nginx_certificate_filename[%%idx];
ssl_certificate_key %%nginx_private_key_filename[%%idx];
ssl_client_certificate %%nginx_chain_filename[%%idx];
@@ -51,12 +51,12 @@ server {
%for %%location in %%revprox['revprox_location_' + family]
location %%location {
- # FIXME proxy_bind A.A.A.A;
- %set %%location_str = %%str(%%location)
- %if %%location_str != '/' and not %%location_str.endswith('/')
- rewrite ^(%%location_str)$ $1/ permanent;
- %end if
+ # FIXME proxy_bind A.A.A.A;
proxy_pass %%location['revprox_url_' + family];
+# %if %%location['revprox_is_websocket_' + family]
+# proxy_set_header Upgrade $http_upgrade;
+# proxy_set_header Connection "upgrade";
+# %else
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
@@ -65,6 +65,7 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Destination $dest;
+# %end if
proxy_ssl_trusted_certificate /etc/pki/ca-trust/source/anchors/ca_ReverseProxy.crt;
proxy_ssl_verify on;
proxy_ssl_verify_depth 2;
@@ -73,6 +74,7 @@ server {
index error.html;
root /var/www/html;
}
+# If user missing '/'
%if %%location_str != '/' and %%location_str.endswith('/')
location %%location_str[:-1] {
rewrite ^(%%location_str[:-1])$ $1/ permanent;
diff --git a/seed/applicationservice/2022.03.08/nsd/packer/image/scripts/20-nsd b/seed/applicationservice/2022.03.08/nsd/packer/image/scripts/20-nsd
deleted file mode 100644
index 1f22a348..00000000
--- a/seed/applicationservice/2022.03.08/nsd/packer/image/scripts/20-nsd
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-[ -e /tmp/proxy.sh ] && . /tmp/proxy.sh
-microdnf -y --nodocs --noplugins install nsd
-# make_volatile /var/lib/nsd
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/oauth2-client/dictionaries/30_oauth2_client.xml b/seed/applicationservice/2022.03.08/oauth2-client/dictionaries/30_oauth2_client.xml
index 47152535..a025e4dc 100644
--- a/seed/applicationservice/2022.03.08/oauth2-client/dictionaries/30_oauth2_client.xml
+++ b/seed/applicationservice/2022.03.08/oauth2-client/dictionaries/30_oauth2_client.xml
@@ -68,11 +68,9 @@
oauth2_client_id
oauth2_client_token_signature_algo
-
- https://
+
revprox_client_external_domainname
revprox_client_location
-
oauth2_client_external
diff --git a/seed/applicationservice/2022.03.08/openldap-server/packer/image/scripts/20-openldap-server b/seed/applicationservice/2022.03.08/openldap-server/packer/image/scripts/20-openldap-server
deleted file mode 100644
index fad86719..00000000
--- a/seed/applicationservice/2022.03.08/openldap-server/packer/image/scripts/20-openldap-server
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-microdnf -y --nodocs --noplugins install openldap-servers
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/postgresql-server/manual/image/preinstall/postgresql_server.sh b/seed/applicationservice/2022.03.08/postgresql-server/manual/image/preinstall/postgresql_server.sh
index a533301e..6ddfa5cc 100644
--- a/seed/applicationservice/2022.03.08/postgresql-server/manual/image/preinstall/postgresql_server.sh
+++ b/seed/applicationservice/2022.03.08/postgresql-server/manual/image/preinstall/postgresql_server.sh
@@ -1 +1 @@
-PKG="$PKG postgresql-server glibc-langpack-fr"
+PKG="$PKG postgresql-server"
diff --git a/seed/applicationservice/2022.03.08/provider-systemd-machined/dictionaries/21-machined.xml b/seed/applicationservice/2022.03.08/provider-systemd-machined/dictionaries/21-machined.xml
index 96757310..7c072855 100644
--- a/seed/applicationservice/2022.03.08/provider-systemd-machined/dictionaries/21-machined.xml
+++ b/seed/applicationservice/2022.03.08/provider-systemd-machined/dictionaries/21-machined.xml
@@ -15,7 +15,7 @@
/var/lib/risotto/configurations
-
+
diff --git a/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml b/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml
index aaeb9a08..15689525 100644
--- a/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml
+++ b/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml
@@ -12,9 +12,14 @@
-
- /
-
+
+
+ /
+
+
+ False
+
+
@@ -58,7 +63,7 @@
revprox_client_server_domainname
- clients
+ revprox_clients
revprox_client_external_domainname
ip
0
@@ -66,15 +71,22 @@
revprox_client_server_domainname
- location
+ revprox_location
revprox_client_external_domainname
revprox_client_location
revprox_client_server_domainname
- location
+ revprox_is_websocket
+ revprox_client_external_domainname
+
+ revprox_client_is_websocket
+
+
+ revprox_client_server_domainname
+ revprox_url
+ revprox_location
revprox_client_location
- url
revprox_client_external_domainname
revprox_client_web_address
diff --git a/seed/applicationservice/2022.03.08/roundcube/dictionaries/31_roundcube.xml b/seed/applicationservice/2022.03.08/roundcube/dictionaries/31_roundcube.xml
index cf390962..7304b841 100644
--- a/seed/applicationservice/2022.03.08/roundcube/dictionaries/31_roundcube.xml
+++ b/seed/applicationservice/2022.03.08/roundcube/dictionaries/31_roundcube.xml
@@ -12,11 +12,6 @@
-
-
- /roundcube
-
-
True
@@ -37,12 +32,10 @@
cleartext
roundcube_des_key
-
- https://
+
revprox_client_external_domainname
revprox_client_location
/index.php/login/oauth
-
oauth2_client_login
diff --git a/seed/applicationservice/2022.03.08/unbound/packer/image/scripts/20-unbound b/seed/applicationservice/2022.03.08/unbound/packer/image/scripts/20-unbound
deleted file mode 100644
index 21f743d4..00000000
--- a/seed/applicationservice/2022.03.08/unbound/packer/image/scripts/20-unbound
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-
-set -xe
-
-[ -e /tmp/proxy.sh ] && . /tmp/proxy.sh
-microdnf -y --nodocs --noplugins install unbound
-make_volatile /var/lib/unbound
-
-exit 0
diff --git a/seed/applicationservice/2022.03.08/unbound/templates/unbound.conf b/seed/applicationservice/2022.03.08/unbound/templates/unbound.conf
index f1587904..503d8b06 100644
--- a/seed/applicationservice/2022.03.08/unbound/templates/unbound.conf
+++ b/seed/applicationservice/2022.03.08/unbound/templates/unbound.conf
@@ -578,6 +578,13 @@ server:
# Ignore chain of trust. Domain is treated as insecure.
# domain-insecure: "example.com"
+ #>GNUNUX
+%for %%authority in %%unbound_forward_address
+ %for %%zone in %%authority.unbound_forward_zones
+ domain-insecure: "%%zone"
+ %end for
+%end for
+ #
-
- /vaultwarden
-
-
+
+
+ /
+ /notifications/hub
+ /notifications/hub/negotiate
+
+
+
vaultwarden
@@ -42,5 +46,12 @@
vaultwarden_device_identifier
+
+ True
+ False
+ revprox_client_location
+ /notifications/hub
+ revprox_client_is_websocket
+
diff --git a/seed/applicationservice/2022.03.08/vaultwarden/manual/image/postinstall/vaultwarden.sh b/seed/applicationservice/2022.03.08/vaultwarden/manual/image/postinstall/vaultwarden.sh
new file mode 100644
index 00000000..6771d087
--- /dev/null
+++ b/seed/applicationservice/2022.03.08/vaultwarden/manual/image/postinstall/vaultwarden.sh
@@ -0,0 +1,3 @@
+# locale in jslib/common/src/models/domain/globalState.ts is "en" by default, change it to "fr"
+# this information is store in browser local storage
+sed -i 's/this.locale="en",/this.locale="fr",/g' $IMAGE_NAME_RISOTTO_IMAGE_DIR/usr/share/vaultwarden/app/main.*.js
diff --git a/seed/applicationservice/2022.03.08/vaultwarden/templates/vaultwarden_config.env b/seed/applicationservice/2022.03.08/vaultwarden/templates/vaultwarden_config.env
index 7515fc4b..731bc089 100644
--- a/seed/applicationservice/2022.03.08/vaultwarden/templates/vaultwarden_config.env
+++ b/seed/applicationservice/2022.03.08/vaultwarden/templates/vaultwarden_config.env
@@ -256,7 +256,11 @@ INVITATION_ORG_NAME=%%vaultwarden_org_name
## For U2F to work, the server must use HTTPS, you can use Let's Encrypt for free certs
# DOMAIN=https://bw.domain.tld:8443
#>GNUNUX
-DOMAIN=https://%%revprox_client_external_domainname%%revprox_client_location
+%set %%location = %%str(%%revprox_client_location[0])
+%if %%location.endswith('/')
+ %set %%location = %%location[:-1]
+%end if
+DOMAIN=https://%%revprox_client_external_domainname%%location
#GNUNUX
ROCKET_PORT=443
-ROCKET_TLS='{certs="/etc/pki/tls/certs/revproxy.crt",key="/etc/pki/tls/private/revproxy.key"}'
+ROCKET_TLS='{certs="/etc/pki/tls/certs/revprox.crt",key="/etc/pki/tls/private/revprox.key"}'
#