privacyidea: add letsencrypt, sudo ssh forward

This commit is contained in:
Jörg Deckert 2020-02-24 16:57:00 +01:00
parent 0db3a4c2bb
commit a267b8c3c4
4 changed files with 7 additions and 1 deletions

View File

@ -19,6 +19,8 @@ postinstall: base/timesyncd.conf base/firstboot.start
cp base/firstboot.start $(CHROOT)/etc/local.d/firstboot.start cp base/firstboot.start $(CHROOT)/etc/local.d/firstboot.start
touch $(CHROOT)/firstboot touch $(CHROOT)/firstboot
sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers
sed -i 's#^auth.*$$#auth [success=2 default=ignore] pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth include system-auth#' $(CHROOT)/etc/pam.d/sudo
echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock
$(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin $(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin
$(inroot) passwd -d admin; $(inroot) passwd -e admin $(inroot) passwd -d admin; $(inroot) passwd -e admin
$(inroot) systemctl enable tmux@root.service $(inroot) systemctl enable tmux@root.service

View File

@ -1,6 +1,6 @@
CFLAGS="-O2 -pipe" CFLAGS="-O2 -pipe"
CXXFLAGS="-O2 -pipe" CXXFLAGS="-O2 -pipe"
USE="hardened justify pie ssp urandom xattr -fortran -jit -orc -pch -pic -prelink -profile -tcc" USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc"
MAKEOPTS="-j5" MAKEOPTS="-j5"
PYTHON_TARGETS="python3_6" PYTHON_TARGETS="python3_6"
PYTHON_SINGLE_TARGET="python3_6" PYTHON_SINGLE_TARGET="python3_6"

View File

@ -33,3 +33,6 @@ sci-libs/hdf5 -cxx -fortran -hl
# RADIUS (ohne Samba kein rlm_mschap.so) # RADIUS (ohne Samba kein rlm_mschap.so)
net-dialup/freeradius kerberos ldap mysql -python samba net-dialup/freeradius kerberos ldap mysql -python samba
net-fs/samba ads gnutls ldap winbind net-fs/samba ads gnutls ldap winbind
# LDAP
net-nds/openldap overlays perl sasl

View File

@ -8,6 +8,7 @@ net-analyzer/zabbix
sys-auth/pam_ssh_agent_auth sys-auth/pam_ssh_agent_auth
sys-fs/mdadm sys-fs/mdadm
sys-power/acpid sys-power/acpid
app-crypt/certbot-apache
dev-db/mariadb dev-db/mariadb
www-apps/privacyidea www-apps/privacyidea
www-apps/privacyideaadm www-apps/privacyideaadm