Added xfr.pm (cvm -> vhost migration, Fedora 31 upgrade).

diff --git a/sources/xfr.pm/config b/sources/xfr.pm/config
new file mode 100644 (file)
index 0000000..6747fee
--- /dev/null
+++ b/sources/xfr.pm/config
@@ -0,0 +1,23 @@
+lxc.include = /usr/share/lxc/config/common.conf
+
+lxc.arch = x86_64
+lxc.uts.name = xfr.pm.user.hu
+lxc.rootfs.path = __CONTAINER_PATH__/rootfs
+lxc.mount.auto = proc:rw sys:ro
+lxc.mount.entry = __CONTAINER_FILESYSTEMS_PATH__/www.xfr var/www.xfr none bind,create=dir 0 0
+
+lxc.net.0.type = veth
+lxc.net.0.flags = up
+lxc.net.0.link = brh-dev
+lxc.net.0.hwaddr = 02:0c:18:03:ad:fb
+
+lxc.cgroup.devices.allow =
+lxc.cgroup.devices.deny =
+
+lxc.autodev = 1
+
+lxc.signal.halt = SIGRTMIN+4
+
+lxc.start.auto = 1
+lxc.start.order = 14
+lxc.start.delay = 3

diff --git a/sources/xfr.pm/envvars b/sources/xfr.pm/envvars
new file mode 100644 (file)
index 0000000..7ba7872
--- /dev/null
+++ b/sources/xfr.pm/envvars
@@ -0,0 +1,4 @@
+DISTRIBUTION=Fedora
+DISTRIBUTION_VERSION=31
+BASE_PACKAGES="NetworkManager hostname initscripts iproute iputils logrotate rootfiles rsyslog tar vim-minimal"
+SPEC_PACKAGES="httpd mod_wsgi"

diff --git a/sources/xfr.pm/firstboot/01_setupnetworking.sh b/sources/xfr.pm/firstboot/01_setupnetworking.sh
new file mode 100755 (executable)
index 0000000..c36534e
--- /dev/null
+++ b/sources/xfr.pm/firstboot/01_setupnetworking.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active NetworkManager.service
+NM_RC=$?
+WAITED=0
+while [ $NM_RC -ne 0 ]
+do
+    echo -n .
+    sleep 1
+    WAITED=1
+    systemctl --quiet is-active NetworkManager.service
+    NM_RC=$?
+done
+[ $WAITED -eq 1 ] && echo
+
+CONNECTIONS=$(nmcli --terse connection show | wc -l)
+while [ $CONNECTIONS -ne 1 ]
+do
+    echo "Number of connections: $CONNECTIONS" >&2
+    sleep 1
+    CONNECTIONS=$(nmcli --terse connection show | wc -l)
+done
+
+nmcli --terse connection show | grep ':$' >/dev/null
+ALL_CONNECTION_DEVICES_KNOWN=$?
+while [ $ALL_CONNECTION_DEVICES_KNOWN -eq 0 ]
+do
+    echo "Not all connection devices are known yet" >&2
+    sleep 1
+    nmcli --terse connection show | grep ':$' >/dev/null
+    ALL_CONNECTION_DEVICES_KNOWN=$?
+done
+
+CONNECTION_LINE=$(nmcli --terse connection show)
+CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
+CONNECTION_DEVICE=$(echo $CONNECTION_LINE | cut -f 4 -d ':')
+
+nmcli connection delete uuid "$CONNECTION_UUID"
+
+nmcli connection add \
+    connection.autoconnect yes \
+    connection.id perimeter \
+    connection.interface-name $CONNECTION_DEVICE \
+    connection.type 802-3-ethernet \
+    ipv4.addresses "192.168.173.251/24" \
+    ipv4.dns "192.168.173.174" \
+    ipv4.dns-search "pm.user.hu" \
+    ipv4.gateway "192.168.173.254" \
+    ipv4.method "manual" \
+    ipv6.method "ignore" \
+    save yes
+
+nmcli connection show

diff --git a/sources/xfr.pm/firstboot/02_settimezone.sh b/sources/xfr.pm/firstboot/02_settimezone.sh
new file mode 100755 (executable)
index 0000000..20b2a71
--- /dev/null
+++ b/sources/xfr.pm/firstboot/02_settimezone.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+
+sleep 1
+systemctl --quiet is-active dbus.service
+DBUS_RC=$?
+WAITED=0
+while [ $DBUS_RC -ne 0 ]
+do
+    if [ $WAITED -eq 0 ]
+    then
+        echo -n "Waiting for dbus.service"
+    fi
+    echo -n .
+    sleep 1
+    WAITED=1
+    systemctl --quiet is-active dbus.service
+    DBUS_RC=$?
+done
+[ $WAITED -ne 0 ] && echo
+timedatectl set-timezone Europe/Budapest

diff --git a/sources/xfr.pm/firstboot/03_setupldap.sh b/sources/xfr.pm/firstboot/03_setupldap.sh
new file mode 100755 (executable)
index 0000000..4b58626
--- /dev/null
+++ b/sources/xfr.pm/firstboot/03_setupldap.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+
+exit 0
+authselect select sssd with-mkhomedir --force
+
+cat >>/etc/openldap/ldap.conf <<EOF
+BASE dc=user,dc=hu
+URI ldap://ldap.usr.user.hu
+EOF

diff --git a/sources/xfr.pm/firstboot/99_cleanup.sh b/sources/xfr.pm/firstboot/99_cleanup.sh
new file mode 100755 (executable)
index 0000000..b87f2f4
--- /dev/null
+++ b/sources/xfr.pm/firstboot/99_cleanup.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH

diff --git a/sources/xfr.pm/postinstall/01_setownership.sh b/sources/xfr.pm/postinstall/01_setownership.sh
new file mode 100755 (executable)
index 0000000..f2e6b94
--- /dev/null
+++ b/sources/xfr.pm/postinstall/01_setownership.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install
+
+chown -R root.root $SOURCE_PATH/*

diff --git a/sources/xfr.pm/postinstall/02_setpermissions.sh b/sources/xfr.pm/postinstall/02_setpermissions.sh
new file mode 100755 (executable)
index 0000000..241386a
--- /dev/null
+++ b/sources/xfr.pm/postinstall/02_setpermissions.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+SOURCE_PATH=$REAL_PATH/install

diff --git a/sources/xfr.pm/postinstall/03_installfiles.sh b/sources/xfr.pm/postinstall/03_installfiles.sh
new file mode 100755 (executable)
index 0000000..f190caf
--- /dev/null
+++ b/sources/xfr.pm/postinstall/03_installfiles.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+tar --create \
+    --directory=$REAL_PATH \
+    --to-stdout \
+    install \
+    | tar --extract \
+          --backup \
+          --directory=/ \
+          --no-overwrite-dir \
+          --strip-components=1 \
+          --suffix=.orig

diff --git a/sources/xfr.pm/postinstall/10_setupservices.sh b/sources/xfr.pm/postinstall/10_setupservices.sh
new file mode 100755 (executable)
index 0000000..761dcc2
--- /dev/null
+++ b/sources/xfr.pm/postinstall/10_setupservices.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+
+systemctl enable httpd.service
+systemctl enable NetworkManager-wait-online.service
+
+systemctl enable logrotate.timer
+
+systemctl mask wpa_supplicant.service

diff --git a/sources/xfr.pm/postinstall/99_cleanup.sh b/sources/xfr.pm/postinstall/99_cleanup.sh
new file mode 100755 (executable)
index 0000000..b87f2f4
--- /dev/null
+++ b/sources/xfr.pm/postinstall/99_cleanup.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+
+REAL_PATH=$(dirname $(realpath $0))
+
+echo rm -Rf $REAL_PATH

diff --git a/sources/xfr.pm/postinstall/install/etc/hosts b/sources/xfr.pm/postinstall/install/etc/hosts
new file mode 100644 (file)
index 0000000..5683c3d
--- /dev/null
+++ b/sources/xfr.pm/postinstall/install/etc/hosts
@@ -0,0 +1,4 @@
+127.0.0.1      localhost.localdomain localhost localhost4.localdomain4 localhost4
+::1            localhost6.localdomain6 localhost6
+
+192.168.173.251        xfr.pm.user.hu xfr

diff --git a/sources/xfr.pm/postinstall/install/etc/httpd/conf.d/xfr.80.conf b/sources/xfr.pm/postinstall/install/etc/httpd/conf.d/xfr.80.conf
new file mode 100644 (file)
index 0000000..c8733f4
--- /dev/null
+++ b/sources/xfr.pm/postinstall/install/etc/httpd/conf.d/xfr.80.conf
@@ -0,0 +1,86 @@
+WSGISocketPrefix run/wsgi
+
+<VirtualHost *:80>
+    ServerName xfr.userrendszerhaz.hu
+    ServerAdmin webadmin@userrendszerhaz.hu
+    DocumentRoot "/var/www.xfr/htdocs.80"
+
+    <Directory /var/www.xfr/htdocs.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+
+    <Directory /var/www.xfr/htdocs.80/avonxfr>
+        AuthType Basic
+        AuthName "Avon File Transfer"
+        AuthUserFile /var/www.xfr/auth/avonxfr.users
+        Require valid-user
+
+        Options Indexes
+    </Directory>
+
+    Alias /avonxfr/download /var/www.xfr/htdocs.80/avonxfr/download
+
+    <Directory /var/www.xfr/htdocs.80/avonxfr/download>
+        Options Indexes
+    </Directory>
+
+    <Directory /var/www.xfr/htdocs.80/erstexfr>
+        AuthType Basic
+        AuthName "Erste File Transfer"
+        AuthUserFile /var/www.xfr/auth/erstexfr.users
+        Require valid-user
+
+        Options Indexes
+    </Directory>
+
+    Alias /erstexfr/download /var/www.xfr/htdocs.80/erstexfr/download
+
+    <Directory /var/www.xfr/htdocs.80/erstexfr/download>
+        Options Indexes
+    </Directory>
+
+    <Directory /var/www.xfr/htdocs.80/onyfxfr>
+        AuthType Basic
+        AuthName "ONYF File Transfer"
+        AuthUserFile /var/www.xfr/auth/onyfxfr.users
+        Require valid-user
+
+        Options Indexes
+    </Directory>
+
+    Alias /onyfxfr/download /var/www.xfr/htdocs.80/onyfxfr/download
+
+    <Directory /var/www.xfr/htdocs.80/onyfxfr/download>
+        Options Indexes
+    </Directory>
+
+    <Directory /var/www.xfr/htdocs.80/ubisxfr>
+        AuthType Basic
+        AuthName "UBIS File Transfer"
+        AuthUserFile /var/www.xfr/auth/ubisxfr.users
+        Require valid-user
+
+        Options Indexes
+    </Directory>
+
+    Alias /ubisxfr/download /var/www.xfr/htdocs.80/ubisxfr/download
+
+    <Directory /var/www.xfr/htdocs.80/ubisxfr/download>
+        Options Indexes
+    </Directory>
+
+    WSGIDaemonProcess was.80 processes=1 threads=1 maximum-requests=10000 shutdown-timeout=5
+    WSGIProcessGroup was.80
+    WSGIScriptAlias /avonxfr/upload/do /var/www.xfr/wsgi.80/upload.wsgi
+    WSGIScriptAlias /erstexfr/upload/do /var/www.xfr/wsgi.80/upload.wsgi
+    WSGIScriptAlias /onyfxfr/upload/do /var/www.xfr/wsgi.80/upload.wsgi
+    WSGIScriptAlias /ubisxfr/upload/do /var/www.xfr/wsgi.80/upload.wsgi
+
+    <Directory /var/www.xfr/wsgi.80>
+        <RequireAny>
+            Require all granted
+        </RequireAny>
+    </Directory>
+</VirtualHost>