--- /dev/null
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = wiki.in.useribm.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.mount.auto = proc:rw sys:ro
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__ data none bind,create=dir 0 0
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = bri-dev
+lxc.net.0.hwaddr = 02:0c:18:03:6d:ef
+
+lxc.autodev = 1
+
+lxc.cgroup2.devices.allow = a
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = __CONTAINER_START_ORDER__
+lxc.start.delay = 5
--- /dev/null
+DISTRIBUTION=Fedora
+DISTRIBUTION_VERSION=35
+ROOT_PACKAGES="hostname initscripts iproute rootfiles systemd-udev"
+BASE_PACKAGES="NetworkManager iputils logrotate rsyslog tar vim-minimal"
+SPEC_PACKAGES="dokuwiki httpd mod_ssl php-ldap python3-certbot-apache"
--- /dev/null
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active NetworkManager.service
+NM_RC=$?
+WAITED=0
+while [ $NM_RC -ne 0 ]
+do
+ echo -n .
+ sleep 1
+ WAITED=1
+ systemctl --quiet is-active NetworkManager.service
+ NM_RC=$?
+done
+[ $WAITED -eq 1 ] && echo
+
+CONNECTIONS=$(nmcli --terse connection show | wc -l)
+while [ $CONNECTIONS -ne 1 ]
+do
+ echo "Number of connections: $CONNECTIONS" >&2
+ sleep 1
+ CONNECTIONS=$(nmcli --terse connection show | wc -l)
+done
+
+nmcli --terse connection show | grep ':$' >/dev/null
+ALL_CONNECTION_DEVICES_KNOWN=$?
+while [ $ALL_CONNECTION_DEVICES_KNOWN -eq 0 ]
+do
+ echo "Not all connection devices are known yet" >&2
+ sleep 1
+ nmcli --terse connection show | grep ':$' >/dev/null
+ ALL_CONNECTION_DEVICES_KNOWN=$?
+done
+
+CONNECTION_LINE=$(nmcli --terse connection show)
+CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
+CONNECTION_DEVICE=$(echo $CONNECTION_LINE | cut -f 4 -d ':')
+
+nmcli connection delete uuid "$CONNECTION_UUID"
+
+nmcli connection add \
+ connection.autoconnect yes \
+ connection.id internal \
+ connection.interface-name $CONNECTION_DEVICE \
+ connection.type 802-3-ethernet \
+ ipv4.addresses "10.228.109.239/16" \
+ ipv4.dns "10.228.109.104, 10.228.109.253" \
+ ipv4.dns-search "in.useribm.hu" \
+ ipv4.gateway "10.228.109.254" \
+ ipv4.method "manual" \
+ ipv6.addresses "2a02:d400:0000:f268:000c:18ff:fe03:6def/64" \
+ ipv6.dns "2a02:d400:0000:f268:000c:18ff:fe03:6dfd, 2a02:d400:0000:f268:000c:18ff:fe03:6d68" \
+ ipv6.dns-search "in.useribm.hu" \
+ ipv6.gateway "2a02:d400:0000:f268:000c:18ff:fe03:6dfe" \
+ ipv6.method "manual" \
+ save yes
+
+nmcli connection show
--- /dev/null
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active dbus.service
+DBUS_RC=$?
+WAITED=0
+while [ $DBUS_RC -ne 0 ]
+do
+ if [ $WAITED -eq 0 ]
+ then
+ echo -n "Waiting for dbus.service"
+ fi
+ echo -n .
+ sleep 1
+ WAITED=1
+ systemctl --quiet is-active dbus.service
+ DBUS_RC=$?
+done
+[ $WAITED -ne 0 ] && echo
+timedatectl set-timezone Europe/Budapest
--- /dev/null
+#!/bin/sh
+
+
+exit 0
+authselect select sssd with-mkhomedir --force
+
+cat >>/etc/openldap/ldap.conf <<EOF
+BASE dc=user,dc=hu
+URI ldap://ldap.in.useribm.hu
+EOF
--- /dev/null
+#!/bin/sh
+
+
+for f in /etc/httpd/conf.d/*.le
+do
+ cf=$(echo $f | sed 's/^\(.*\).le$/\1/')
+ mv $f $cf
+done
+/usr/bin/cp \
+ --archive \
+ /usr/lib/python3.10/site-packages/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf \
+ /etc/letsencrypt/options-ssl-apache.conf
+systemctl enable httpd.service
+systemctl start httpd.service
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
+
+chown -R root.root $SOURCE_PATH/*
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
+
+chown apache.apache $SOURCE_PATH/etc/dokuwiki/*
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
+
+touch $SOURCE_PATH/etc/dokuwiki/local.php
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+tar --create \
+ --directory=$REAL_PATH \
+ --exclude=.placeholder \
+ --to-stdout \
+ install \
+ | tar --extract \
+ --backup \
+ --directory=/ \
+ --no-overwrite-dir \
+ --strip-components=1 \
+ --suffix=.orig
--- /dev/null
+#!/bin/sh
+
+
+systemctl enable httpd.service
+
+systemctl enable NetworkManager-wait-online.service
+
+systemctl enable logrotate.timer
--- /dev/null
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH
--- /dev/null
+ws.pm.useribm.hu /etc/letsencrypt etc
--- /dev/null
+<?php
+/**
+ * This is an example of how a local.php could look like.
+ * Simply copy the options you want to change from dokuwiki.php
+ * to this file and change them.
+ *
+ * When using the installer, a correct local.php file be generated for
+ * you automatically.
+ */
+
+
+$conf['title'] = 'USER Wiki'; // what to show in the title
+$conf['baseurl'] = 'https://wiki.useribm.hu'; // URL to server including protocol - blank for autodetect
+$conf['savedir'] = '/data/dokuwiki/data'; // where to store all the files
+
+$conf['useacl'] = 1; // use Access Control Lists to restrict access
+$conf['superuser'] = 'zfelleg';
+
+$conf['authtype'] = 'authldap';
+
+$conf['plugin']['authldap']['server'] = 'ldap://ldap.in.useribm.hu:389';
+$conf['plugin']['authldap']['usertree'] = 'ou=People,dc=user,dc=hu';
+$conf['plugin']['authldap']['grouptree'] = 'ou=Group,dc=user,dc=hu';
+$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
+$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))';
+$conf['plugin']['authldap']['version'] = 3;
+$conf['plugin']['authldap']['attributes'] = array();
--- /dev/null
+# users.auth.php
+# <?php exit()?>
+# Don't modify the lines above
+#
+# Userfile
+#
+# Format:
+#
+# login:passwordhash:Real Name:email:groups,comma,separated
+zfelleg:$2y$10$FCyVO45in9u5IIkEwmX8vuqT5LSc588dgNcSGIpp0vMP9YgR9Uxpq:Zoltán Felleg:zoltan.felleg@userrendszerhaz.hu:admins,users
--- /dev/null
+
+Alias / /usr/share/dokuwiki/
+
+<Directory /usr/share/dokuwiki>
+ <RequireAny>
+ Require all granted
+ </RequireAny>
+</Directory>
+
+<Directory /usr/share/dokuwiki/bin>
+ Order Deny,Allow
+ Deny from all
+</Directory>
+
+<Directory /usr/share/dokuwiki/conf>
+ Order Deny,Allow
+ Deny from all
+</Directory>
+
+<Directory /usr/share/dokuwiki/inc>
+ Order Deny,Allow
+ Deny from all
+</Directory>
+
+<Directory /usr/share/dokuwiki/vendor>
+ Order Deny,Allow
+ Deny from all
+</Directory>
+
https://git.useribm.hu / user-lxc.git / commitdiff