tadgy/system-configs
1
0
Fork 0
Code Releases Wiki Activity

Initial commit.

Browse source
This commit is contained in:
Darren 'Tadgy' Austin 2023-09-30 17:45:44 +01:00
commit e34a2333a7
32 changed files with 309 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.gitignore vendored Normal file
View file

@ -0,0 +1,20 @@
bin
boot/
data/
dev/
home/
lib
lib32
lib64
lost+found/
media/
mnt/
opt/
proc/
root/
run/
sbin
srv/
sys/
tmp/
usr/

3
README
View file

@ -1,3 +0,0 @@
System configurations are stored in a seperate branch for each host or purpose.
Check out (git checkout) the appropriate branch to find the configurations.

102
etc/.gitignore vendored Normal file
View file

@ -0,0 +1,102 @@
*~
*.lock
*.orig
*.OLD
acpi/
bash/
bindresvport.blacklist
ca-certificates/
ca-certificates.conf
colors/
cron.d/
cron.hourly/
cron.monthly/
cron.weekly/
crypttab
cups/
dbus-1/
default/
depmod.d/
dhcpcd.conf
dns/
dracut.conf
dracut.conf.d/
e2scrub.conf
environment
ethertypes
exports
exports.d/
filesystems
fonts/
gai.conf
group-
grub.d/
gshadow
gshadow-
gtk-3.0/
host.conf
hosts
idmapd.conf
inputrc
iproute2/
iptables/
issue
kernel.d/
ld.so.conf
ld.so.conf.d/
libnl/
localtime
login.defs
lvm/
lynx.cfg
lynx.lss
mail.rc
mailx.rc
man.conf
mke2fs.conf
modprobe.d/
modules-load.d/
mtab
netconfig
nsswitch.conf
ntp.conf
os-release
pam.d/
passwd
passwd-
pkcs11/
profile
profile.d/
protocols
rc.local
rc.shutdown*
resolv.conf
rpc
runit/
screenrc
securetty
security/
services
shadow
shadow-
shells
skel/
ssl/
subgid
subgid-
subuid
subuid-
sudo.conf
sudoers
sudoers.dist
sv/
sysctl.conf
sysctl.d/
udev/
vmware-tools/
wpa_supplicant/
xattr.conf
xbps.d/
xdg/
xtables.conf
zzz.d/

6
etc/autofs/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
auto.master
auto.misc
auto.net*
auto.smb*
autofs.conf
autofs_ldap_auth.conf

1
etc/autofs/auto.master.d/storage.autofs Normal file
View file

@ -0,0 +1 @@
/data /etc/autofs/auto.storage browse

5
etc/autofs/auto.storage Normal file
View file

@ -0,0 +1,5 @@
home -vers=4,hard,acl,rw,fsc 192.168.67.245:/home
media -vers=4,hard,acl,rw,fsc 192.168.67.245:/data/media
slackware -vers=4,hard,acl,rw,fsc 192.168.67.245:/data/slackware
tmp -vers=4,hard,acl,rw,fsc 192.168.67.245:/data/tmp
www -vers=4,hard,acl,rw,fsc 192.168.67.245:/data/www

6
etc/certificates/.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
_DH_.pem
_msmtp_-afterdark.lan-cert.pem
_msmtp_-afterdark.lan-key.pem
_msmtp_-afterdark.lan-key.pem.gpg
_msmtp_-cert.pem
_msmtp_-key.pem

2
etc/cron.daily/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
makewhatis
shadow

9
etc/cron.daily/warn-git-status Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
source /etc/mail.conf "git-status" || exit 1
CONFIGSTATUS="$(cd / && git status | egrep -ve "^(On branch|Your branch|No commits|nothing|$)" -e "\(use")"
[[ -z "$CONFIGSTATUS" ]] && exit 0
mailx "${MAILX_ARGS[@]}" -r "$EMAIL_FROM" -s "git statuses" "${EMAIL_TO[@]}" <<<"$CONFIGSTATUS"

3
etc/fstab Normal file
View file

@ -0,0 +1,3 @@
UUID=55f6f46d-b408-4416-994d-faadde6c54aa / ext4 defaults 0 1
UUID=e87a8703-cc91-446b-84a4-17b38194b3d2 none swap defaults 0 0
tmpfs /tmp tmpfs defaults,nosuid,nodev 0 0

34
etc/group Normal file
View file

@ -0,0 +1,34 @@
root:x:0:
bin:x:1:
sys:x:2:
kmem:x:3:
wheel:x:4:tadgy
tty:x:5:
tape:x:6:
daemon:x:7:
floppy:x:8:
disk:x:9:
lp:x:10:
dialout:x:11:
audio:x:12:
video:x:13:
utmp:x:14:
adm:x:15:
cdrom:x:16:
optical:x:17:
mail:x:18:
storage:x:19:
scanner:x:20:
network:x:21:
kvm:x:24:
input:x:25:
plugdev:x:26:
usbmon:x:27:
sgx:x:28:
nogroup:x:99:
users:x:100:
admin:x:101:tadgy
_dhcpcd:x:999:
_uuidd:x:998:
ntpd:x:997:
rpc:x:996:

BIN
etc/gshadow.gpg Normal file
View file

Binary file not shown.

1
etc/hostname Normal file
View file

@ -0,0 +1 @@
chuckie.afterdark.lan

2
etc/locale.conf Normal file
View file

@ -0,0 +1,2 @@
LANG=en_GB.UTF-8
LC_COLLATE=C

21
etc/mail.conf Normal file
View file

@ -0,0 +1,21 @@
# This file is sourced by various scripts that need to send emails.
case "$(hostname -d)" in
afterdark.lan)
EMAIL_DOMAIN="afterdark.org.uk"
;;
*)
EMAIL_DOMAIN="slackware.network"
;;
esac
EMAIL_FROM="${HOSTNAME%%.*} <noreply@$EMAIL_DOMAIN>"
EMAIL_TO=("Systems Administrator <sysadmin@$EMAIL_DOMAIN>")
case "$1" in
sbosrcarch)
MAILX_ARGS=("-c" "Urchlay <urchlay@slackware.uk>")
;;
esac
true

1
etc/msmtp-aliases Normal file
View file

@ -0,0 +1 @@
default: sysadmin@afterdark.org.uk

13
etc/msmtprc Normal file
View file

@ -0,0 +1,13 @@
account default
host gw.afterdark.lan
timeout 300
domain chuckie.afterdark.lan
tls off
tls_starttls off
tls_trust_file /etc/ssl/certs/ca-certificates.crt
tls_cert_file /etc/certificates/_msmtp_-cert.pem
tls_key_file /etc/certificates/_msmtp_-key.pem
auto_from on
maildomain afterdark.org.uk
syslog LOG_MAIL
aliases /etc/msmtp-aliases

47
etc/rc.conf Normal file
View file

@ -0,0 +1,47 @@
# /etc/rc.conf - system configuration for void
# Set the host name.
#
# NOTE: it's preferred to declare the hostname in /etc/hostname instead:
# - echo myhost > /etc/hostname
#
#HOSTNAME="void-live"
# Set RTC to UTC or localtime.
HARDWARECLOCK="UTC"
# Set timezone, availables timezones can be found at /usr/share/zoneinfo.
#
# NOTE: it's preferred to set the timezone in /etc/localtime instead:
# - ln -sf /usr/share/zoneinfo/<timezone> /etc/localtime
# Setting the timezone here requires a reboot to apply any changes/fixes
# and read-write access to the filesystem.
#
#TIMEZONE="Europe/Madrid"
# Keymap to load, see loadkeys(8).
KEYMAP=uk
# Console font to load, see setfont(8).
#FONT="lat9w-16"
# Console map to load, see setfont(8).
#FONT_MAP=
# Font unimap to load, see setfont(8).
#FONT_UNIMAP=
# Amount of ttys which should be setup.
#TTYS=
# Set the mode for cgroup mounts.
# hybrid: mount cgroup v1 under /sys/fs/cgroup and
# cgroup v2 under /sys/fs/cgroup/unified
# legacy: mount cgroup v1 /sys/fs/cgroup
# unified: mount cgroup v2 under /sys/fs/cgroup
#CGROUP_MODE=hybrid
# Set this to true only if you do not want seed files to actually credit the
# RNG, for example if you plan to replicate this file system image and do not
# have the wherewithal to first delete the contents of /var/lib/seedrng.
#SEEDRNG_SKIP_CREDIT=false

2
etc/shadow.gpg Normal file
View file

@ -0,0 +1,2 @@
Œ  ø úBÏSœòÒÀ‰bªÒv|õú,¢ŒÖæe.~Þª¶KŒFÙ=!GXwÞs¦ÕÛfJ×LÎ%cçô¶¥¢o"®ÇÿÁŽÔzyÞO7Ù¥¬HÝÛ{—蘤Äþkss;NÈB†WBGƒd¨Æθ<C38E>D@ ¥U1f†”èÅc„rëÒe!ˆok<6F>>„ÅàöU÷òw.@ƉGžæ¼³½Htä Ã/HÈ[ÓµµuÛ0áÌþÁ_¦ä‘ºR§~¸wM¶©úBw¶ô¬(<28>å@/™©êBêMÐ{ž©4QÍ2ñ;Ø|ÆFÊhðVCW.z<><ôZæ¬M‰è©ð¹7õeÍ”<C38D>º{¢<>ÛKÜ&¢$§4e·íúèQŠcÁ1"˜ ìwº/ "Ó!býu¾l„ÒK‘å±
e#êíK-$I:¶Æœ©Á

5
etc/ssh/.gitignore vendored Normal file
View file

@ -0,0 +1,5 @@
*_key
moduli
sshd_config
sshd_config.d/
ssh_config

BIN
etc/ssh/ssh_host_ecdsa_key.gpg Normal file
View file

Binary file not shown.

1
etc/ssh/ssh_host_ecdsa_key.pub Normal file
View file

@ -0,0 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBG+VCvLAdhS4yFB+KisMidAUZP6QSMOHWbEAK2194VAVdowZi/dJDNfH59QbEtI7wJ+y35pX5fXExWXbinUnKP0= root@void-live

2
etc/ssh/ssh_host_ed25519_key.gpg Normal file
View file

@ -0,0 +1,2 @@
Œ  ïìH¡¬ižõòÒÀXÛ«§*l×X;à³aêN0<>ýÇbC{JëòºØ+eåïº<C3AF><>~ Ö4 M{wÌ)ç&ˆ·àªq2«Ä<C2AB>Øœ=SÛDA¬ñ<C2AC><C3B1>É[p\iŽ!o@€'4è<34>Dß㓼¤ú†÷ùÞï<C39E>Rm±9 ìšY¯Œ¤Ø: ø”Â\¹Aµk} e®æ•hz<68>ÞwYƒ{0̾χ¦<E280A1>ft7ðévÍá_<C3A1><1D>Ì»ºÓçøËÆziC<69>@„ð>kIaIsà0]ÿ7³Î”±Ìk£ŒjS±‰ÄÕ¿®ò®˜dB¨¾ÂªÃo_¶V[ä±™d½Þ¢Ù-~h—ˆ5Ï¢bÒŒùrT”Ę"n¯öÛ³ÛÉÈ%¯G^Qª[Iv7‰lå('Êëàp÷¿4?¶Ð¢ê•)g{MS3üMdO-ã¬{±Àë-k
f IzÁ¹ùç{&@êU•&S

1
etc/ssh/ssh_host_ed25519_key.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETA3xleyhRRvvu/+RzMsacrAo9YQiPW0LYXojch+V9D root@void-live

BIN
etc/ssh/ssh_host_rsa_key.gpg Normal file
View file

Binary file not shown.

1
etc/ssh/ssh_host_rsa_key.pub Normal file
View file

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCu/CWfLeiY97WzgmeDxWTsIuGEPY6aAzk6O67kyEozRwikgB54asxzI2gYxmnoJ7gHO0VjWg1PnE+I0cRyplxKummxwU9opRZ6xT3ehLXRJKWfFKIAQsVt5OncC/S1m496Me2B18WnXYcWhZkxo38DQpOOFtXkEGNuu/Q9juBBk1bkw56Ntn9ArKVQ2jBmGrodC329TK16mss1rN+RlEGrEpVU+EI8W1m/qYSs6menmWGvx92BPPn0ujCGOQZSYus4r07ebl2Xuy8ZCbdOdyqWfUW2CpQ5pokSIW5OtXiX6Gqgfb8KorG+wDaJs2tpSalvp9AR06rIfjlEFte4gszr5vuvnciKE0imVTvGbySUs6/0VB/lyCXzgWB12T9qIVdBop72pLfHFTkVG29yfQ5KlmPAw+WKAr9GQnsLQq3NwJQ9JyU/9+1Ak05A+X2+Cq0vMR45a8+/uo2aysLATeEW9Ew1cooQaJM350IVKy8QwOA1Af3cy+Y2fcDPuqwYHZU= root@void-live

2
etc/sudoers.d/defaults Normal file
View file

@ -0,0 +1,2 @@
## Set the password prompting timeout to 30 mins.
Defaults timestamp_timeout = 30

2
etc/sudoers.d/root-access Normal file
View file

@ -0,0 +1,2 @@
## Allow users access to root using their own passwords.
tadgy ALL=(root) ALL

1
etc/sudoers.d/wheel Normal file
View file

@ -0,0 +1 @@
%wheel ALL=(ALL:ALL) ALL

12
var/.gitignore vendored Normal file
View file

@ -0,0 +1,12 @@
cache/
chroot/
db/
empty/
lib/
lock
log/
mail/
opt/
run
service
tmp/

2
var/spool/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
cronstamps/
mail

5
var/spool/cron/root Normal file
View file

@ -0,0 +1,5 @@
# Run the hourly, daily, weekly, and monthly cron jobs.
0 * * * * ID=sys-hourly /usr/bin/run-parts /etc/cron.hourly >/dev/null
0 0 * * * ID=sys-daily /usr/bin/run-parts /etc/cron.daily >/dev/null
0 0 * * 0 ID=sys-weekly /usr/bin/run-parts /etc/cron.weekly >/dev/null
0 0 1 * * ID=sys-monthly /usr/bin/run-parts /etc/cron.monthly >/dev/null