Initial commit of configuration for core.

etc/.gitignore

@@ -0,0 +1,49 @@
+/acpi/
+/alpine-release
+/apk/
+/bash/
+/busybox-paths.d/
+/doas.conf
+/doas.d/
+/environment
+/fstab
+/group-
+/init.d/
+/inittab
+/inputrc
+/issue
+/lbu/
+/logrotate.d/
+/mail.rc
+/mdev.conf
+/modprobe.d/
+/modules
+/modules-load.d/
+/motd
+/mtab
+/nanorc
+/nsswitch.conf
+/opt/
+/os-release
+/passwd-
+/pkcs11/
+/profile
+/profile.d/
+/protocols
+/rc.conf
+/secfixes.d/
+/securetty
+/security/
+/services
+/shadow
+/shadow-
+/shells
+/ssl/
+/ssl1.1/
+/sudo.conf
+/sudo_logsrvd.conf
+/sudoers
+/sysctl.conf
+/sysctl.d/
+/terminfo/
+/udhcpc/

etc/conf.d/.gitignore

@@ -0,0 +1,25 @@
+/apache2
+/consolefont
+/crond
+/devfs
+/dmesg
+/fsck
+/hwclock
+/killprocs
+/klogd
+/loadkmap
+/localmount
+/modloop
+/modules
+/msmtp
+/mtab
+/net-online
+/netmount
+/ntpd
+/rdate
+/seedrng
+/staticroute
+/swap
+/swclock
+/syslog
+/watchdog

etc/conf.d/bootmisc

@@ -0,0 +1,15 @@
+# List of /tmp directories we should clean up
+clean_tmp_dirs="/tmp"
+
+# Should we wipe the tmp paths completely or just selectively remove known
+# locks / files / etc... ?
+wipe_tmp="NO"
+
+# Write the initial dmesg log into /var/log/dmesg after boot
+# This may be useful if you need the kernel boot log afterwards
+log_dmesg="NO"
+
+# Save the previous dmesg log to dmesg.old
+# This may be useful if you need to compare the current boot to the
+# previous one.
+previous_dmesg=no

etc/conf.d/node-exporter

@@ -0,0 +1,7 @@
+# /etc/conf.d/node-exporter
+
+# Custom arguments can be specified like:
+#
+# ARGS="--web.listen-address=':9100'"
+
+ARGS="--web.listen-address='5.101.171.215:9100'"

etc/conf.d/samba

@@ -0,0 +1,11 @@
+# Add "bgqd" to daemon_list if you want start the background queue daemon from here as well
+# Add "winbindd" to daemon_list if you want start winbind from here as well
+#daemon_list="smbd nmbd"
+# Use "samba" alone for role based samba4 services (eg: ad-dc).
+daemon_list="samba"
+
+#smbd_options="-D"
+#nmbd_options="-D"
+#winbindd_options="-D"
+#bgqd_options="-D"
+#samba_options=""

etc/conf.d/sshd

@@ -0,0 +1,26 @@
+# Configuration for /etc/init.d/sshd
+
+# Path of sshd_config file.
+#cfgfile="/etc/ssh/sshd_config"
+
+# Any random options you want to pass to sshd.
+# See the sshd(8) manpage for more info.
+#command_args=""
+
+# Space-separated list of SSH host key types to generate if they do
+# not already exist. An empty value means generate all of the default
+# set of dsa, ecdsa, ed25519, and rsa types.
+#
+# Example: "ed25519 rsa".
+#
+key_types_to_generate="ecdsa ed25519 rsa"
+
+# The number of bits to use for a generated ECDSA SSH host key.
+# Defaults to 256 bits if not set.
+#
+#ecdsa_bit_size="256"
+
+# Number of bits for use for a generated RSA SSH host key.
+# Defaults to 3072 bits if not set.
+#
+#rsa_bit_size="3072"

etc/conf.d/terraform-http-backend

@@ -0,0 +1,6 @@
+export TF_STORAGE_DIR=/var/lib/terraform-http-backend
+export TF_AUTH_ENABLED=true
+export TF_USERNAME=sysadmin
+export TF_PASSWORD=sunsa
+export TF_PORT=9200
+export TF_IP=127.0.0.1

etc/crontabs/root

@@ -0,0 +1,7 @@
+# do daily/weekly/monthly maintenance
+# min		hour	day	month	weekday	command
+0,15,30,45	*	*	*	*	run-parts /etc/periodic/15min
+0		*	*	*	*	run-parts /etc/periodic/hourly
+0		0	*	*	*	run-parts /etc/periodic/daily
+0		0	*	*	6	run-parts /etc/periodic/weekly
+0		0	1	*	*	run-parts /etc/periodic/monthly

etc/group

@@ -0,0 +1,40 @@
+root:x:0:root
+bin:x:1:root,bin,daemon
+daemon:x:2:root,bin,daemon
+sys:x:3:root,bin
+adm:x:4:root,daemon
+tty:x:5:
+disk:x:6:root
+lp:x:7:lp
+kmem:x:9:
+wheel:x:10:root
+floppy:x:11:root
+mail:x:12:mail
+news:x:13:news
+uucp:x:14:uucp
+cron:x:16:cron
+audio:x:18:
+cdrom:x:19:
+dialout:x:20:root
+ftp:x:21:
+sshd:x:22:
+input:x:23:
+tape:x:26:root
+video:x:27:root
+netdev:x:28:
+kvm:x:34:kvm
+games:x:35:
+shadow:x:42:
+www-data:x:82:apache
+users:x:100:games
+ntp:x:123:
+abuild:x:300:
+utmp:x:406:
+ping:x:999:
+nogroup:x:65533:
+nobody:x:65534:
+klogd:x:101:klogd
+apache:x:102:apache
+prometheus:x:103:prometheus
+thb:x:500:thb
+sysadmin:x:1000:sysadmin

etc/hostname

@@ -0,0 +1 @@
+core.slackware.uk.net

etc/hosts

@@ -0,0 +1,3 @@
+127.0.1.1	core core.slackware.uk.net
+127.0.0.1	localhost localhost.localdomain
+::1		localhost localhost.localdomain

etc/local.d/.gitignore

@@ -0,0 +1 @@
+/README

etc/local.d/terraform-http-backend.start

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+[ ! -r /etc/conf.d/terraform-http-backend ] && exit 1
+source /etc/conf.d/terraform-http-backend || exit 1
+
+doas -u thb /opt/sbin/terraform-http-backend >/dev/null 2>&1 &

etc/network/.gitignore

@@ -0,0 +1,6 @@
+/if-down.d/
+/if-post-down.d/
+/if-post-up.d/
+/if-pre-down.d/
+/if-pre-up.d/
+/if-up.d/

etc/network/interfaces

@@ -0,0 +1,5 @@
+auto eth0
+iface eth0 inet static
+  address 5.101.171.215/28
+  gateway 5.101.171.209
+  mtu 9000

etc/passwd

@@ -0,0 +1,22 @@
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/bin:/sbin/nologin
+daemon:x:2:2:daemon:/sbin:/sbin/nologin
+lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
+sync:x:5:0:sync:/sbin:/bin/sync
+shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+halt:x:7:0:halt:/sbin:/sbin/halt
+mail:x:8:12:mail:/var/mail:/sbin/nologin
+news:x:9:13:news:/usr/lib/news:/sbin/nologin
+uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin
+cron:x:16:16:cron:/var/spool/cron:/sbin/nologin
+ftp:x:21:21::/var/lib/ftp:/sbin/nologin
+sshd:x:22:22:sshd:/dev/null:/sbin/nologin
+games:x:35:35:games:/usr/games:/sbin/nologin
+ntp:x:123:123:NTP:/var/empty:/sbin/nologin
+guest:x:405:100:guest:/dev/null:/sbin/nologin
+nobody:x:65534:65534:nobody:/:/sbin/nologin
+klogd:x:100:101:klogd:/dev/null:/sbin/nologin
+apache:x:101:102:apache:/var/www:/sbin/nologin
+prometheus:x:102:103:prometheus:/var/lib/prometheus:/sbin/nologin
+thb:x:500:500:terraform http backend:/var/lib/terraform-http-backend:/sbin/nologin
+sysadmin:x:1000:1000:Systems' Administrator:/home/sysadmin:/bin/bash

etc/periodic/daily/cronjob-dehydrated

@@ -0,0 +1 @@
+/opt/sbin/cronjob-dehydrated

etc/periodic/daily/cronjob-update-packages-list

@@ -0,0 +1 @@
+/opt/sbin/cronjob-update-packages-list

etc/periodic/daily/cronjob-warn-git-status

@@ -0,0 +1 @@
+/opt/sbin/cronjob-warn-git-status

etc/resolv.conf

@@ -0,0 +1,6 @@
+options timeout:2
+options edns0
+search slackware.uk.net
+nameserver 5.101.171.216
+nameserver 5.101.171.217
+nameserver 185.176.90.169

etc/runlevels/boot/.gitignore

@@ -0,0 +1 @@
+/devfs

etc/runlevels/boot/hostname

@@ -0,0 +1 @@
+/etc/init.d/hostname

etc/runlevels/boot/rsyslog

@@ -0,0 +1 @@
+/etc/init.d/rsyslog

etc/runlevels/default/.gitignore

@@ -0,0 +1,2 @@
+/crond
+/networking

etc/runlevels/default/apache2

@@ -0,0 +1 @@
+/etc/init.d/apache2

etc/runlevels/default/node-exporter

@@ -0,0 +1 @@
+/etc/init.d/node-exporter

etc/runlevels/default/php-fpm83

@@ -0,0 +1 @@
+/etc/init.d/php-fpm83

etc/runlevels/default/samba

@@ -0,0 +1 @@
+/etc/init.d/samba

etc/runlevels/default/sshd

@@ -0,0 +1 @@
+/etc/init.d/sshd

etc/runlevels/shutdown/samba

@@ -0,0 +1 @@
+/etc/init.d/samba

etc/sudoers.d/defaults

@@ -0,0 +1,2 @@
+## Set the password prompting timeout to 30 mins.
+Defaults timestamp_timeout = 30

etc/sudoers.d/root-access

@@ -0,0 +1,5 @@
+## Allow certain users access to root using their own passwords.
+tadgy ALL=(root) ALL
+
+## Allow the 'sysadmin' user access to root without a password.
+sysadmin ALL=(root) NOPASSWD: ALL