| index : archinstall32 | |
| Archlinux32 installer | gitolite user |
| summaryrefslogtreecommitdiff |
| author | Anton Hvornum <anton.feeds@gmail.com> | 2019-06-14 21:46:52 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-14 21:46:52 +0200 |
| commit | 12d509a4f6c34fd11c8beffad0bf21cc933c7645 (patch) | |
| tree | 8085442eeba817de24ad63c1a96d00560a5c0ec4 | |
| parent | 652e77c20cb24a34528961386ad6745cd22a7507 (diff) | |
| -rw-r--r-- | deployments/00:01:23:45:67:89.json | 65 |
diff --git a/deployments/00:01:23:45:67:89.json b/deployments/00:01:23:45:67:89.json new file mode 100644 index 00000000..b09fcaea --- /dev/null +++ b/deployments/00:01:23:45:67:89.json @@ -0,0 +1,65 @@ +{ + "args" : { + "password" : "0000", + "include" : "webserver", + "packages" : "openssh sudo openvpn easy-rsa", + "post" : "stay" + }, + "post" : { + "install database": "postgresql", + "Configure database": { + "su - postgres -c \"psql -c \\\"CREATE DATABASE pdns;\\\"\"" : {"boot" : true}, + "su - postgres -c \"psql -c \\\"CREATE USER pdns WITH ENCRYPTED PASSWORD 'testpass';\\\"\"" : {"boot" : true}, + "su - postgres -c \"psql -c \\\"GRANT ALL PRIVILEGES ON DATABASE pdns TO pdns;\\\"\"" : {"boot" : true} + }, + "Configure OpenVPN" : { + "mkdir -p /etc/openvpn/server/vpn_ccd" : null, + "echo 'port 112' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true, "debug" : true}, + "echo 'proto udp' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'dev tap' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'ca ca.crt' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'cert vpn.hvornum.se.crt' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'key vpn.hvornum.se.key' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'tls-crypt ta.key' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'dh dh.pem' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'server 10.0.50.0 255.255.255.0' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'ifconfig-pool-persist ipp.txt' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'client-config-dir /vpn_ccd' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'client-to-client' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'keepalive 10 120' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'cipher AES-256-CBC' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'tls-version-min 1.2' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'auth SHA512' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'compress lz4-v2' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'push \"compress lz4-v2\"' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'user nobody' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'group nobody' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'persist-key' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'persist-tun' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'verb 4' >> /mnt/etc/openvpn/server/vpn.hvornum.se.conf": {"no-chroot" : true}, + "echo 'push \"dhcp-option DNS 8.8.8.8\"' >> /mnt/etc/openvpn/server/vpn_ccd/nas.hvornum.se": {"no-chroot" : true}, + "echo 'push \"redirect-gateway autolocal bypass-dhcp\"' >> /mnt/etc/openvpn/server/vpn_ccd/nas.hvornum.se": {"no-chroot" : true}, + "echo 'push \"dhcp-option DNS 8.8.8.8\"' >> /mnt/etc/openvpn/server/vpn_ccd/laptop": {"no-chroot" : true}, + "echo 'push \"redirect-gateway def1 bypass-dhcp\"' >> /mnt/etc/openvpn/server/vpn_ccd/laptop": {"no-chroot" : true} + }, + "Create vhost table" : { + "echo 'defaultzone = { docroot \"/srv/http/default\"; index [\"index.html\"]; };' >> /mnt/etc/lighttpd2/vhost.conf": {"no-chroot" : true, "debug" : true}, + "echo 'hvornum = { docroot \"/srv/http/default\"; index [\"index.html\"]; };' >> /mnt/etc/lighttpd2/vhost.conf": {"no-chroot" : true, "debug" : true}, + "echo 'vhost.map [default => defaultzone, \\'hvornum.se\\' => hvornum];' >> /mnt/etc/lighttpd2/vhost.conf": {"no-chroot" : true} + }, + "Configure helpers" : { + "echo '[Unit]' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo 'Description=MOTD Updater' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo '[Service]' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo 'ExecStart=/usr/bin/motd_updater' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo '[Install]' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo 'WantedBy=multi-user.target' >> /mnt/etc/systemd/system/issue.service": {"no-chroot" : true}, + "echo '#!/bin/bash' > /mnt/usr/bin/motd_updater": {"no-chroot" : true}, + "echo 'cat /etc/hostname > /etc/issue' >> /mnt/usr/bin/motd_updater": {"no-chroot" : true}, + "echo 'ip addr | grep \"inet \" | cut -d\"'\" \"'\" -f 2 >> /etc/issue' >> /mnt/usr/bin/motd_updater": {"no-chroot" : true}, + "chmod +x /mnt/usr/bin/motd_updater": {"no-chroot" : true}, + "systemctl enable issue.service": {"boot" : true} + } + } +} |