Many updates.

2024-07-06 15:48:30 +01:00 · 2024-07-06 15:48:30 +01:00 · 7ccb1aa296
commit 7ccb1aa296
parent a3a0d1b51c
37 changed files with 96 additions and 43 deletions
--- a/etc/.gitignore
+++ b/etc/.gitignore
@ -28,8 +28,8 @@
 /exports
 /exports.d/
 /fonts/
+/forgejo.conf
 /gai.conf
-/gitea.conf
 /gprofng.rc
 /group-
 /grub.d/
@ -69,6 +69,7 @@
 /protocols
 /resolv.conf
 /rpc
+/rsyncd.conf
 /screenrc
 /securetty
 /security/
--- a/etc/apache/httpd.conf
+++ b/etc/apache/httpd.conf
@ -305,9 +305,9 @@ DirectoryIndex	disabled
  </Directory>
 </IfModule>

-<Directory /data/www/html>
+<Directory /data/var/www/html>
  Options		Includes MultiViews SymLinksIfOwnerMatch
-  AllowOverride		AuthConfig FileInfo Indexes Limit
+  AllowOverride		AuthConfig FileInfo Indexes Limit Options

  Require		all granted

@ -336,7 +336,7 @@ DirectoryIndex	disabled
 </Directory>

 <IfModule cgid_module>
-  <Directory /data/www/cgi-bin/>
+  <Directory /data/var/www/cgi-bin/>
    Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
    AllowOverride	AuthConfig FileInfo Limit

--- a/etc/apache/sites.d/_default_.conf
+++ b/etc/apache/sites.d/_default_.conf
@ -55,11 +55,11 @@
    RedirectMatch	permanent	^/(?!(\.well-known|httpd-errordocs)/)(.*)	https://afterdark.org.uk/$2
  </IfModule>
  <IfModule !ssl_module>
-    ScriptAlias		/cgi-bin/	/data/www/cgi-bin/
+    ScriptAlias		/cgi-bin/	/data/var/www/cgi-bin/

-    DocumentRoot	/data/www/html/
+    DocumentRoot	/data/var/www/html/

-    CustomLog		/data/www/logs/httpd-access		VHostCombined   env=!no_log
+    CustomLog		/data/var/www/logs/httpd-access		VHostCombined   env=!no_log

    <Proxy *>
      Require		all granted
@ -67,8 +67,8 @@
    # Do NOT add backslashes to the end of the urls.
    ProxyPass		/git		http://127.0.0.1:9100
    ProxyPassReverse	/git		http://127.0.0.1:9100
-    ProxyPass		/terrastate	http://127.0.0.1:9200
-    ProxyPassReverse	/terrastate	http://127.0.0.1:9200
+    ProxyPass		/ts		http://127.0.0.1:9200
+    ProxyPassReverse	/ts		http://127.0.0.1:9200

    <IfModule userdir_module>
      UserDir		/data/home/*/www/html
@ -90,11 +90,11 @@
    SetEnvIf			REQUEST_URI	^/robots\.txt$		no_log
    SetEnvIf			REQUEST_URI	^/favicon\.ico$		no_log

-    ScriptAlias			/cgi-bin/	/data/www/cgi-bin/
+    ScriptAlias			/cgi-bin/	/data/var/www/cgi-bin/

-    DocumentRoot		/data/www/html/
+    DocumentRoot		/data/var/www/html/

-    CustomLog			/data/www/logs/httpd-access		VHostCombined   env=!no_log
+    CustomLog			/data/var/www/logs/httpd-access		VHostCombined   env=!no_log

    <Proxy *>
      Require			all granted
@ -102,8 +102,8 @@
    # Dot NOT add backslashes to the end of the urls.
    ProxyPass			/git		http://127.0.0.1:9100
    ProxyPassReverse		/git		http://127.0.0.1:9100
-    ProxyPass			/terrastate	http://127.0.0.1:9200
-    ProxyPassReverse		/terrastate	http://127.0.0.1:9200
+    ProxyPass			/ts		http://127.0.0.1:9200
+    ProxyPassReverse		/ts		http://127.0.0.1:9200

    <IfModule userdir_module>
      UserDir			/data/home/*/www/html
--- a/etc/autofs/auto.storage
+++ b/etc/autofs/auto.storage
@ -1,7 +1,5 @@
 home		-vers=4,hard,acl,rw,fsc		192.168.67.245:/home
 media		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/media
-gitea		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/gitea
-gitroot		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/gitroot
 slackware	-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/slackware
 tmp		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/tmp
-www		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/www
+var		-vers=4,hard,acl,rw,fsc		192.168.67.245:/data/var
--- a/etc/cron.daily/cronjob-dehdrated
+++ b/etc/cron.daily/cronjob-dehdrated
@ -1 +0,0 @@
-/opt/bin/cronjob-dehdrated
--- a/etc/cron.daily/cronjob-dehydrated
+++ b/etc/cron.daily/cronjob-dehydrated
@ -0,0 +1 @@
+/opt/bin/cronjob-dehydrated
--- a/etc/default/terraform-http-backend
+++ b/etc/default/terraform-http-backend
@ -0,0 +1,7 @@
+# Note: must include / on the end!
+export TF_STORAGE_DIR=/data/var/terraform-http-backend/
+export TF_AUTH_ENABLED=false
+# export TF_USERNAME=admin
+# export TF_PASSWORD=admin
+export TF_PORT=9200
+export TF_IP=127.0.0.1
--- a/etc/forgejo.conf.gpg
+++ b/etc/forgejo.conf.gpg
--- a/etc/gitea.conf.gpg
+++ b/etc/gitea.conf.gpg
--- a/etc/group
+++ b/etc/group
@ -34,5 +34,5 @@ ntpd:x:997:
 rpc:x:996:
 _mlocate:x:995:
 _apache:x:994:
-_gitea:x:993:
-_terrastate:x:992:
+_forgejo:x:993:
+_ts:x:992:
--- a/etc/gshadow.gpg
+++ b/etc/gshadow.gpg
@ -1,3 +1 @@
-Œ
	b§cù¡$òÒÀ>B¤ýî0‚~J˜:ßŸâX…½ÿ\M¼ Û3Vø½-°34ùŒúU…%‰8œ–=§ðßYÑ¥ñáøèj*Y¿£gÓïÐ†W÷µOšâIõq0Y'rÄA<ý£Ý*m§bÓ:…^HÑ
-è+<Ÿeñ‹ZUÿ¬‰Yß²Æë“ª”<C2AA>k‰ëÐ¡v#Y3¿Ì^Ær}æe¸z #‘
-ES9,‡ÿÄv¦½çûJð¬sæ¢WÇš`š=<3D>dÓè#—Á]osœÔ]ä.qÀP’RÌ{û·Çv—õH²×A^Ã°ÖvsŽ*ç4ÇgümêÝÑŸàð…=
+<EFBFBD>
	c»¿”ת בעְׂ>Dב-<2D>פ8<D7A4>צ]ֵב¬¸ך<C2B8>ֳ<>ְ	<09>₪zd*‡<><E280A1>ִ•<D6B4>ע”·^y0<>?A׀k<D780>לוּ°°ב'o”ֱsֹb·Bc1k2jֶ‎ם†חT'PV¥w×o%]¯"ָ׀¼0+Hֻ,G/;9¡‏<C2A1>`R±שב0ׂT2>{"<22>¯׃o]כ#אח¡<D797>×¹3Pד-<2D>ֻKזֳk<D6B3>°<EFBFBD>bµrM«¨<C2AB>ֶ/·ׂ<C2B7>ֻF£?MW]<5D>µ!ֿקכ<D7A7>T<05><0’D(לVh¾<68>E£‰<C2A3>TPY:!דו¼z´‎<C2B4>7{!׃·<D783>gזתֽ¼ <20>³הC¼Q^<5E>»Wַ€ּעסL<12>)ײs’0<E28099>]<5D><>*
--- a/etc/passwd
+++ b/etc/passwd
@ -7,5 +7,5 @@ ntpd:x:997:997:ntpd unprivileged user:/var/db/ntpd:/sbin/nologin
 rpc:x:996:996:rpc unprivileged user:/var/empty:/sbin/nologin
 _mlocate:x:995:995:_mlocate unprivileged user:/var/empty:/sbin/nologin
 _apache:x:994:994:_apache unprivileged user:/srv/www/apache:/sbin/nologin
-_gitea:x:993:993:_gitea unprivileged user:/var/lib/gitea:/bin/bash
-_terrastate:x:992:992:_terrastate unprivileged user:/var/lib/terrastate:/sbin/nologin
+_forgejo:x:993:993:_forgejo unprivileged user:/var/lib/forgejo:/bin/bash
+_ts:x:992:992:_ts unprivileged user:/var/lib/ts:/bin/bash
--- a/etc/php8.2/.gitignore
+++ b/etc/php8.2/.gitignore
@ -1 +0,0 @@
-*.default
--- a/etc/php8.3/.gitignore
+++ b/etc/php8.3/.gitignore
@ -0,0 +1 @@
+/*.orig
--- a/etc/php8.3/php-fpm.conf
+++ b/etc/php8.3/php-fpm.conf
--- a/etc/php8.3/php-fpm.d/.gitignore
+++ b/etc/php8.3/php-fpm.d/.gitignore
@ -0,0 +1 @@
+/*.orig
--- a/etc/php8.3/php-fpm.d/www.conf
+++ b/etc/php8.3/php-fpm.d/www.conf
--- a/etc/php8.3/php.ini
+++ b/etc/php8.3/php.ini
--- a/etc/pkglist
+++ b/etc/pkglist
@ -21,6 +21,9 @@ bash
 bc
 bind-libs
 bind-utils
+binutils
+binutils-doc
+binutils-libs
 brltty
 brotli
 btrfs-progs
@ -67,7 +70,7 @@ gawk
 gdbm
 gdk-pixbuf
 git
-gitea
+git-lfs
 glib
 glibc
 glibc-locales
@ -75,6 +78,7 @@ glibmm
 gmp
 gnupg
 gnutls
+go
 graphite
 grep
 grub
@ -131,8 +135,10 @@ libargon2
 libaspell
 libassuan
 libasyncns
+libatomic
 libblkid
 libbluetooth
+libbpf
 libcap
 libcap-ng
 libcap-progs
@ -143,6 +149,7 @@ libcups
 libcurl
 libdatrie
 libdb
+libdebuginfod
 libdrm
 libedit
 libefivar
@ -172,6 +179,7 @@ libjpeg-turbo
 libkeyutils
 libkmod
 libksba
+liblastlog2
 libldap
 libldns
 libltdl
@ -197,6 +205,7 @@ libpciaccess
 libpcre
 libpcre2
 libpng
+libpsl
 libpulseaudio
 libreadline8
 librsvg
@ -230,6 +239,9 @@ libvoikko
 libvorbis
 libxbps
 libxcb
+libxcrypt
+libxcrypt-compat
+libxcrypt-devel
 libxkbcommon
 libxkbfile
 libxml2
@ -245,9 +257,11 @@ linux-firmware-intel
 linux-firmware-network
 linux-firmware-nvidia
 linux6.5
+linux6.6
 logrotate
 lowdown
 lsof
+lua54
 lvm2
 lynx
 lzo
@ -313,24 +327,25 @@ php-snmp
 php-sqlite
 php-tidy
 php-xsl
-php8.2
-php8.2-cgi
-php8.2-enchant
-php8.2-fpm
-php8.2-intl
-php8.2-ldap
-php8.2-mysql
-php8.2-odbc
-php8.2-snmp
-php8.2-sqlite
-php8.2-tidy
-php8.2-xsl
+php8.3
+php8.3-cgi
+php8.3-enchant
+php8.3-fpm
+php8.3-intl
+php8.3-ldap
+php8.3-mysql
+php8.3-odbc
+php8.3-snmp
+php8.3-sqlite
+php8.3-tidy
+php8.3-xsl
 pick
 pinentry
 pinfo
 pixman
 popt
 procps-ng
+public-suffix
 python3
 python3-pip
 python3-setuptools
@ -352,6 +367,8 @@ sqlite
 sshguard
 sudo
 tar
+terraform
+tflint
 thin-provisioning-tools
 tiff
 traceroute
--- a/etc/runit/runsvdir/default/forgejo
+++ b/etc/runit/runsvdir/default/forgejo
@ -0,0 +1 @@
+/etc/sv/forgejo
--- a/etc/runit/runsvdir/default/gitea
+++ b/etc/runit/runsvdir/default/gitea
@ -1 +0,0 @@
-/etc/sv/gitea
--- a/etc/runit/runsvdir/default/php-fpm8.2
+++ b/etc/runit/runsvdir/default/php-fpm8.2
@ -1 +0,0 @@
-/etc/sv/php-fpm8.2
--- a/etc/runit/runsvdir/default/php-fpm8.3
+++ b/etc/runit/runsvdir/default/php-fpm8.3
@ -0,0 +1 @@
+/etc/sv/php-fpm8.3
--- a/etc/runit/runsvdir/default/terraform-http-backend
+++ b/etc/runit/runsvdir/default/terraform-http-backend
@ -0,0 +1 @@
+/etc/sv/terraform-http-backend
--- a/etc/runit/shutdown.d/75-force-unmounts.sh
+++ b/etc/runit/shutdown.d/75-force-unmounts.sh
@ -1 +0,0 @@
-umount -f -r -a -t nosysfs,noproc,nodevtmpfs,notmpfs
--- a/etc/runit/shutdown.d/75-unmount-remote.sh
+++ b/etc/runit/shutdown.d/75-unmount-remote.sh
@ -0,0 +1,5 @@
+msg "Unmounting remote filesystems..."
+
+sync
+
+umount -l -r -t nfs,nfs4
--- a/etc/shadow.gpg
+++ b/etc/shadow.gpg
--- a/etc/sv/.gitignore
+++ b/etc/sv/.gitignore
@ -32,7 +32,7 @@
 /mdadm/
 /nfs-server/
 /ntpd
-/php-fpm8.2/
+/php-fpm8.3/
 /rpcbind/
 /rpcblkmapd/
 /rpcgssd/
--- a/etc/sv/forgejo/.gitignore
+++ b/etc/sv/forgejo/.gitignore
@ -0,0 +1 @@
+/supervise
--- a/etc/sv/forgejo/log/.gitignore
+++ b/etc/sv/forgejo/log/.gitignore
@ -0,0 +1 @@
+/supervise
--- a/etc/sv/forgejo/log/run
+++ b/etc/sv/forgejo/log/run
@ -0,0 +1,2 @@
+#!/bin/sh
+exec vlogger -t forgejo -p daemon
--- a/etc/sv/forgejo/run
+++ b/etc/sv/forgejo/run
@ -0,0 +1,13 @@
+#!/bin/sh
+exec 2>&1
+
+# USER and HOME are needed because gitea doesn't actually check the user it
+# runs as, but instead just grabs the variables from the variables.
+export USER=_forgejo
+export HOME=/data/var/forgejo
+
+# gitea needs to run from its home for SSH to work properly
+export GITEA_WORK_DIR="${HOME}"
+
+cd "${HOME}"
+exec chpst -u _forgejo:_forgejo /opt/bin/forgejo web --config /etc/forgejo.conf 2>&1
--- a/etc/sv/terraform-http-backend/.gitignore
+++ b/etc/sv/terraform-http-backend/.gitignore
@ -0,0 +1 @@
+/supervise
--- a/etc/sv/terraform-http-backend/conf
+++ b/etc/sv/terraform-http-backend/conf
@ -0,0 +1 @@
+/etc/default/terraform-http-backend
--- a/etc/sv/terraform-http-backend/log/.gitignore
+++ b/etc/sv/terraform-http-backend/log/.gitignore
@ -0,0 +1 @@
+/supervise
--- a/etc/sv/terraform-http-backend/log/run
+++ b/etc/sv/terraform-http-backend/log/run
@ -0,0 +1,2 @@
+#!/bin/sh
+exec vlogger -t terraform-http-backend -p daemon
--- a/etc/sv/terraform-http-backend/run
+++ b/etc/sv/terraform-http-backend/run
@ -0,0 +1,4 @@
+#!/bin/sh
+exec 2>&1
+[ -r conf ] && . ./conf
+exec chpst -u _ts:_ts /opt/bin/terraform-http-backend 2>&1
				`@ -1 +0,0 @@`
				`umount -f -r -a -t nosysfs,noproc,nodevtmpfs,notmpfs`