--- /dev/null
+#!/bin/sh
+
+
+export PAGER=
+
+
+sleep 1
+systemctl --quiet is-active NetworkManager.service
+NM_RC=$?
+CYCLES_WAITED=0
+while [ $NM_RC -ne 0 ]
+do
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for NetworkManager"
+ fi
+ echo -n .
+ sleep 1
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
+ systemctl --quiet is-active NetworkManager.service
+ NM_RC=$?
+done
+[ $CYCLES_WAITED -gt 0 ] && echo
+
+# wait for the two network connections to come up
+CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
+CYCLES_WAITED=0
+while [ $CONNECTION_DEVICES_UP -lt 2 ]
+do
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ nmcli connection show
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for the network connection"
+ fi
+ echo -n .
+ sleep 1
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
+ CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
+done
+[ $CYCLES_WAITED -gt 0 ] && echo
+
+CONNECTIONS=$(nmcli --terse connection show | wc -l)
+if [ $CONNECTIONS -ne 2 ]
+then
+ echo "Number of connections: $CONNECTIONS instead of 2" >&2
+ exit 1
+fi
+
+CONNECTION_LINE=$(nmcli --terse connection show | grep ':eth0$')
+CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
+CONNECTION_DEVICE=$(echo $CONNECTION_LINE | cut -f 4 -d ':')
+
+nmcli connection delete uuid "$CONNECTION_UUID"
+
+nmcli connection add \
+ connection.autoconnect yes \
+ connection.id internal \
+ connection.interface-name $CONNECTION_DEVICE \
+ connection.type 802-3-ethernet \
+ ipv4.addresses "10.228.109.220/16" \
+ ipv4.dns "10.228.109.159, 10.228.92.159" \
+ ipv4.dns-search "in.useribm.hu" \
+ ipv4.gateway "10.228.109.254" \
+ ipv4.method "manual" \
+ ipv6.addresses "2001:1aa1:000a:7dae:000c:18ff:fe03:6ddc/64" \
+ ipv6.dns "2001:1aa1:000a:7dae:000c:18ff:fe03:6d9f, 2001:1aa1:000a:7dae:000c:18ff:fe03:5c9f" \
+ ipv6.dns-search "in.useribm.hu" \
+ ipv6.gateway "2001:1aa1:000a:7dae:000c:18ff:fe03:6dfe" \
+ ipv6.method "manual" \
+ save yes
+
+nmcli connection show
+
+hostnamectl hostname gitea.in.useribm.hu
+hostnamectl
--- /dev/null
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active dbus.service
+DBUS_RC=$?
+WAITED=0
+while [ $DBUS_RC -ne 0 ]
+do
+ echo -n .
+ sleep 1
+ WAITED=1
+ systemctl --quiet is-active dbus.service
+ DBUS_RC=$?
+done
+[ $WAITED -ne 0 ] && echo
+timedatectl set-timezone Europe/Budapest
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(realpath $(dirname $0))
+DATA_PATH=$(realpath $REAL_PATH/../data)
+
+
+adduser --uid 12269 --user-group git
+exit 0
+useradd --uid 11756 --user-group dvasary
+
+while read UP
+do
+ echo $UP | chpasswd
+done <$DATA_PATH/chpasswd.data
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(realpath $(dirname $0))
+DATA_PATH=$(realpath $REAL_PATH/../data)
+
+
+setup_gitea() {
+ systemctl stop gitea
+ rm --force --recursive /gitea/{custom,etc,data,log}
+ mkdir -p /gitea/{custom,etc,data,log}
+ chown -R git:git /gitea/{custom,data,log}
+ chmod -R 750 /gitea/{custom,data,log}
+ chown root:git /gitea/etc
+ chmod 770 /gitea/etc
+ systemctl start gitea
+
+ #chmod 750 /gitea/etc
+ #chmod 640 /gitea/etc/app.ini
+}
+
+setup_mariadb() {
+ systemctl stop mariadb
+ rm --force --recursive /gitea/mariadb
+ mkdir --parents /gitea/mariadb
+ chown mysql:mysql /gitea/mariadb
+ systemctl start mariadb
+
+ mysql --batch <<EOF
+SET old_passwords=0;
+CREATE USER 'gitea'@'%' IDENTIFIED BY 'gitea';
+CREATE DATABASE gitea CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
+GRANT ALL PRIVILEGES ON gitea.* TO 'gitea';
+FLUSH PRIVILEGES;
+EOF
+}
+
+if [ ! -f /gitea/installed-and-configured ]
+then
+ setup_mariadb
+ setup_gitea
+ touch /gitea/installed-and-configured
+fi
+
+# Authentication Type: LDAP (via BindDN)
+# Authentication Name: fds
+# Security Protocol: LDAPS
+# Host: fds.useribm.hu
+# Port: 636
+# User Search Base: ou=people,dc=user,dc=hu
+# User Filter: (&(objectClass=posixAccount)(|(uid=%[1]s)(mail=%[1]s)))
+# Username Attribute: uid
+# Email Attribute: mail
--- /dev/null
+#!/bin/sh
+
+
+systemctl enable gitea.service
+systemctl enable mariadb.service
+systemctl start mariadb.service
+systemctl start gitea.service
+systemctl enable NetworkManager-wait-online.service
+systemctl start NetworkManager-wait-online.service
+
+systemctl enable logrotate.timer
+systemctl start logrotate.timer
--- /dev/null
+# mode file (relative to /c3d)
+755 firstboot/scripts/*.sh
+600 postinstall/install-data/etc/ssh/ssh_host_*_key
+644 postinstall/install-data/etc/ssh/ssh_host_*_key.pub
+600 postinstall/install-data/etc/ssh/sshd_config.d/*.conf
+755 postinstall/scripts/*.sh
--- /dev/null
+# owner file (relative to /c3d)
--- /dev/null
+#
+# These groups are read by MariaDB server.
+# Use it for options that only the server (but not clients) should see
+#
+# See the examples of server my.cnf files in /usr/share/mysql/
+#
+
+# this is read by the standalone daemon and embedded servers
+[server]
+
+# this is only for the mysqld standalone daemon
+# Settings user and group are ignored when systemd is used.
+# If you need to run mysqld under a different user or group,
+# customize your systemd unit file for mysqld/mariadb according to the
+# instructions in http://fedoraproject.org/wiki/Systemd
+[mysqld]
+datadir=/gitea/mariadb
+socket=/var/lib/mysql/mysql.sock
+log-error=/var/log/mariadb/mariadb.log
+pid-file=/run/mariadb/mariadb.pid
+
+
+#
+# * Galera-related settings
+#
+[galera]
+# Mandatory settings
+#wsrep_on=ON
+#wsrep_provider=
+#wsrep_cluster_address=
+#binlog_format=row
+#default_storage_engine=InnoDB
+#innodb_autoinc_lock_mode=2
+#
+# Allow server to accept connections on all interfaces.
+#
+#bind-address=0.0.0.0
+#
+# Optional setting
+#wsrep_slave_threads=1
+#innodb_flush_log_at_trx_commit=0
+
+# this is only for embedded server
+[embedded]
+
+# This group is only read by MariaDB servers, not by MySQL.
+# If you use the same .cnf file for MySQL and MariaDB,
+# you can put MariaDB-only options here
+[mariadb]
+
+# This group is only read by MariaDB-10.5 servers.
+# If you use the same .cnf file for MariaDB of different versions,
+# use this group for options that older servers don't understand
+[mariadb-10.5]
+
--- /dev/null
+[Unit]
+Description=Gitea (Git with a cup of tea)
+After=syslog.target
+After=network.target
+###
+# Don't forget to add the database service dependencies
+###
+#
+#Wants=mysql.service
+#After=mysql.service
+#
+Wants=mariadb.service
+After=mariadb.service
+#
+#Wants=postgresql.service
+#After=postgresql.service
+#
+#Wants=memcached.service
+#After=memcached.service
+#
+#Wants=redis.service
+#After=redis.service
+#
+###
+# If using socket activation for main http/s
+###
+#
+#After=gitea.main.socket
+#Requires=gitea.main.socket
+#
+###
+# (You can also provide gitea an http fallback and/or ssh socket too)
+#
+# An example of /etc/systemd/system/gitea.main.socket
+###
+##
+## [Unit]
+## Description=Gitea Web Socket
+## PartOf=gitea.service
+##
+## [Socket]
+## Service=gitea.service
+## ListenStream=<some_port>
+## NoDelay=true
+##
+## [Install]
+## WantedBy=sockets.target
+##
+###
+
+[Service]
+# Uncomment the next line if you have repos with lots of files and get a HTTP 500 error because of that
+# LimitNOFILE=524288:524288
+RestartSec=2s
+Type=notify
+User=git
+Group=git
+WorkingDirectory=/gitea/
+# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
+# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=gitea
+ExecStart=/gitea/bin/gitea web --config /gitea/etc/app.ini
+Restart=always
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/gitea
+WatchdogSec=30s
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
+# If you want to bind Gitea to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Gitea its ports as above
+###
+#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+#AmbientCapabilities=CAP_NET_BIND_SERVICE
+###
+# In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
+# set the following value to false to allow capabilities to be applied on gitea process. The following
+# value if set to true sandboxes gitea service and prevent any processes from running with privileges
+# in the host user namespace.
+###
+#PrivateUsers=false
+###
+
+[Install]
+WantedBy=multi-user.target
--- /dev/null
+#!/bin/sh
+
+
+systemctl disable gitea.service
+systemctl disable mariadb.service
+systemctl disable NetworkManager-wait-online.service
+
+systemctl disable logrotate.timer
--- /dev/null
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = gitea.in.useribm.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.rootfs.options = idmap=container
+lxc.mount.auto = proc:rw sys:ro
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ gitea none bind,create=dir 0 0
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = brci-dev
+lxc.net.0.hwaddr = 02:0c:18:03:6d:dc
+
+lxc.autodev = 1
+
+lxc.cgroup2.devices.allow = a
+
+lxc.idmap = u 0 100000 100000
+lxc.idmap = g 0 100000 100000
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = __CONTAINER_START_ORDER__
+lxc.start.delay = 5
--- /dev/null
+DISTRIBUTION=Fedora
+DISTRIBUTION_VERSION=39
+SPEC_PACKAGES="git-all \
+ mariadb-server"
https://git.useribm.hu / user-lxc.git / commitdiff