VA
/
appliances-old
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

lamp: Update

This commit is contained in:
Jörg Deckert 2020-06-15 19:08:18 +02:00
parent ff38725854
commit d51087fb5a
15 changed files with 1021 additions and 761 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lamp/Makefile
View File

@ -8,33 +8,30 @@ preinstall:
$(inroot) $(EMERGE) $(USEPKG) --emptytree @world $(inroot) $(EMERGE) $(USEPKG) --emptytree @world
$(inroot) bash -c 'yes YES | etc-update --automode -9' $(inroot) bash -c 'yes YES | etc-update --automode -9'
# Unitas-Portage-Overlay einbinden postinstall: base/timesyncd.conf base/firstboot.start
$(inroot) $(EMERGE) -n $(USEPKG) app-portage/layman
sed -i 's/check_official : Yes/check_official : No/' $(CHROOT)/etc/layman/layman.cfg
wget -P $(CHROOT)/etc/layman/overlays http://dev.unitas-network.de/raw/Gentoo/Unitas.git/master/unitas-overlays.xml
$(inroot) layman -l | grep -q unitas || $(inroot) layman -La unitas
postinstall: timesyncd.conf firstboot.start
# Konfigurationen anpassen # Konfigurationen anpassen
cp timesyncd.conf $(CHROOT)/etc/systemd/timesyncd.conf cp base/timesyncd.conf $(CHROOT)/etc/systemd/timesyncd.conf
mkdir -p $(CHROOT)/etc/local.d mkdir -p $(CHROOT)/etc/local.d
cp firstboot.start $(CHROOT)/etc/local.d/firstboot.start cp base/firstboot.start $(CHROOT)/etc/local.d/firstboot.start
touch $(CHROOT)/firstboot touch $(CHROOT)/firstboot
sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers
sed -i 's#^auth.*$$#auth [success=2 default=ignore] pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth include system-auth#' $(CHROOT)/etc/pam.d/sudo sed -i 's#^auth.*$$#auth [success=2 default=ignore] pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth include system-auth#' $(CHROOT)/etc/pam.d/sudo
echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock
$(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin $(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin
$(inroot) passwd -d admin; $(inroot) passwd -e admin $(inroot) passwd -d admin; $(inroot) passwd -e admin
$(inroot) systemctl enable screen@adm.service $(inroot) systemctl enable tmux@root.service
cp base/tmux.conf $(CHROOT)/root/.tmux.conf
# Beispiel feste IP-Adresse # Beispiel feste IP-Adresse
cp 00-eth0.network $(CHROOT)/00-eth0.network.example cp base/00-eth0.network $(CHROOT)/00-eth0.network.example
# MariaDB-Konfiguration ($$, weil make ein $ entfernt) # MariaDB-Konfiguration ($$, weil make ein $ entfernt)
echo "s/^character-set-server.*$$/character-set-server = utf8mb4\ncollation-server = utf8mb4_general_ci\ntransaction_isolation = READ-COMMITTED\nbinlog_format = ROW\nexpire_logs_days = 3/" sed -i "s/^character-set-server.*$$/character-set-server = utf8mb4/" $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
sed -i "s/^character-set-server.*$$/character-set-server = utf8mb4\ncollation-server = utf8mb4_general_ci\ntransaction_isolation = READ-COMMITTED\nbinlog_format = ROW\nexpire_logs_days = 3/" $(CHROOT)/etc/mysql/my.cnf sed -iE 's/^\(log-bin\)/#\1/' $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
sed -i "s/^innodb_file_per_table.*$$/innodb_file_per_table=1\ninnodb_file_format=barracuda\ninnodb_large_prefix=on/" $(CHROOT)/etc/mysql/my.cnf echo >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
sed -i "s/default-character-set=utf8/default-character-set=utf8mb4/" $(CHROOT)/etc/mysql/my.cnf echo "# innodb tuning" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
echo "innodb_buffer_pool_size = 2G" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
echo "innodb_strict_mode = OFF" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
cp mariadb/my.cnf.root $(CHROOT)/root/.my.cnf cp mariadb/my.cnf.root $(CHROOT)/root/.my.cnf
chmod 0600 $(CHROOT)/root/.my.cnf chmod 0600 $(CHROOT)/root/.my.cnf
rm -rf $(CHROOT)/var/lib/mysql/* rm -rf $(CHROOT)/var/lib/mysql/*

0
lamp/00-eth0.network → lamp/base/00-eth0.network
View File

10
lamp/firstboot.start → lamp/base/firstboot.start
View File

@ -34,13 +34,17 @@ if ! mount | grep /$LABEL > /dev/null; then
exit 1 exit 1
fi fi
# Database
echo 'Initialize MariaDB...'
systemctl stop mariadb
if [ ! -d "/$LABEL/var/lib/mysql/mysql" ]; then if [ ! -d "/$LABEL/var/lib/mysql/mysql" ]; then
echo 'Initialize MariaDB...'
systemctl stop mariadb
mkdir -p /$LABEL/var/lib/mysql mkdir -p /$LABEL/var/lib/mysql
rm -rf /$LABEL/var/lib/mysql/* rm -rf /$LABEL/var/lib/mysql/*
cp -a /var/lib/mysql/. /$LABEL/var/lib/mysql cp -a /var/lib/mysql/. /$LABEL/var/lib/mysql
sed -i "s:^datadir.*:datadir = /$LABEL/var/lib/mysql:" /etc/mysql/my.cnf
fi fi
sed -i "s:^datadir.*:datadir = /$LABEL/var/lib/mysql:" /etc/mysql/mariadb.d/50-distro-server.cnf
systemctl start mariadb
echo 'Enable database...'
systemctl enable mariadb
rm /firstboot rm /firstboot

0
lamp/timesyncd.conf → lamp/base/timesyncd.conf
View File

3
lamp/base/tmux.conf Normal file
View File

@ -0,0 +1,3 @@
set -g mouse on
set-option -g set-titles on
set-option -g set-titles-string "#S / #T"

1683
lamp/kernel.config
View File

File diff suppressed because it is too large Load Diff

2
lamp/lamp.cfg
View File

@ -16,3 +16,5 @@ KERNEL_CONFIG = appliances/$(APPLIANCE)/kernel.config
ENABLE_SSHD = YES ENABLE_SSHD = YES
TIMEZONE=Europe/Berlin TIMEZONE=Europe/Berlin
LOCALE=de_DE.utf8 LOCALE=de_DE.utf8
REPO_NAMES = unitas-misc
REPO_URI_unitas-misc = https://dev.unitas-network.de/r/Gentoo/unitas-misc.git

8
lamp/make.conf
View File

@ -1,7 +1,9 @@
CFLAGS="-O2 -pipe" CFLAGS="-O2 -pipe"
CXXFLAGS="-O2 -pipe" CXXFLAGS="-O2 -pipe"
USE="hardened justify pie ssp urandom xattr -fortran -jit -orc -pch -pic -prelink -profile -tcc" USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc"
MAKEOPTS="-j5" MAKEOPTS="-j5"
PYTHON_TARGETS="python2_7 python3_6" ACCEPT_LICENSE="*"
PHP_TARGETS="php7-2" PYTHON_TARGETS="python3_7"
PYTHON_SINGLE_TARGET="python3_7"
PHP_TARGETS="php7-4"
VIDEO_CARDS="vmware" VIDEO_CARDS="vmware"

18
lamp/package.keywords
View File

@ -1,18 +1,6 @@
# Grundsystem # Grundsystem
app-emulation/open-vm-tools ~amd64 ~x86 app-emulation/open-vm-tools
sys-auth/pam_ssh_agent_auth ~amd64 ~x86 sys-auth/pam_ssh_agent_auth
# MySQL
dev-db/mariadb ~amd64 ~x86
# GeoIP # GeoIP
dev-php/maxmind-db-reader ~amd64 ~x86 dev-php/maxmind-db-reader
# LetsEncrypt
app-crypt/acme ~amd64 ~x86
app-crypt/certbot ~amd64 ~x86
app-crypt/certbot-apache ~amd64 ~x86
dev-python/zope-component ~amd64 ~x86
dev-python/parsedatetime ~amd64 ~x86
dev-python/pyrfc3339 ~amd64 ~x86
dev-python/python-augeas ~amd64 ~x86

3
lamp/package.use
View File

@ -6,6 +6,7 @@ dev-lang/python ssl threads xml
dev-libs/libpcre cxx jit dev-libs/libpcre cxx jit
dev-libs/libpcre2 jit dev-libs/libpcre2 jit
dev-util/pkgconfig internal-glib dev-util/pkgconfig internal-glib
dev-vcs/git -python
net-misc/openssh ssl net-misc/openssh ssl
net-misc/wget ssl net-misc/wget ssl
sys-apps/hwids udev sys-apps/hwids udev
@ -24,6 +25,6 @@ dev-php/maxmind-db-reader extension
# LAMP # LAMP
app-eselect/eselect-php apache2 fpm app-eselect/eselect-php apache2 fpm
dev-lang/php apache2 bcmath curl exif gd imap intl ldap ldap-sasl mysql mysqli pdo sockets sqlite sysvipc truetype unicode xmlreader xmlrpc xmlwriter zip dev-lang/php apache2 bcmath curl exif gd gmp imap intl ldap ldap-sasl mysql mysqli pdo sockets sqlite sysvipc truetype unicode xmlreader xmlrpc xmlwriter zip
media-gfx/imagemagick -openmp media-gfx/imagemagick -openmp
www-servers/apache apache2_modules_proxy apache2_modules_proxy_ajp apache2_modules_proxy_connect apache2_modules_proxy_http apache2_modules_proxy_wstunnel www-servers/apache apache2_modules_proxy apache2_modules_proxy_ajp apache2_modules_proxy_connect apache2_modules_proxy_http apache2_modules_proxy_wstunnel

15
lamp/php/php.ini-opcache.diff
View File

@ -1,6 +1,6 @@
--- php.ini.orig 2018-07-29 20:00:00.000000000 +0200 --- php.ini.orig 2020-06-10 17:18:21.946478636 +0200
+++ php.ini 2018-09-13 14:49:00.000000000 +0200 +++ php.ini 2020-06-10 17:49:47.009780070 +0200
@@ -1779,20 +1779,20 @@ @@ -1766,20 +1766,20 @@
[opcache] [opcache]
; Determines if Zend OPCache is enabled ; Determines if Zend OPCache is enabled
@ -8,8 +8,7 @@
+opcache.enable=1 +opcache.enable=1
; Determines if Zend OPCache is enabled for the CLI version of PHP ; Determines if Zend OPCache is enabled for the CLI version of PHP
-;opcache.enable_cli=0 ;opcache.enable_cli=0
+opcache.enable_cli=1
; The OPcache shared memory storage size. ; The OPcache shared memory storage size.
-;opcache.memory_consumption=128 -;opcache.memory_consumption=128
@ -26,7 +25,7 @@
; The maximum percentage of "wasted" memory until a restart is scheduled. ; The maximum percentage of "wasted" memory until a restart is scheduled.
;opcache.max_wasted_percentage=5 ;opcache.max_wasted_percentage=5
@@ -1810,14 +1810,14 @@ @@ -1797,14 +1797,14 @@
; How often (in seconds) to check file timestamps for changes to the shared ; How often (in seconds) to check file timestamps for changes to the shared
; memory storage allocation. ("1" means validate once per second, but only ; memory storage allocation. ("1" means validate once per second, but only
; once per request. "0" means always validate) ; once per request. "0" means always validate)
@ -41,5 +40,5 @@
-;opcache.save_comments=1 -;opcache.save_comments=1
+opcache.save_comments=1 +opcache.save_comments=1
; If enabled, a fast shutdown sequence is used for the accelerated code ; Allow file existence override (file_exists, etc.) performance feature.
; Depending on the used Memory Manager this may cause some incompatibilities. ;opcache.enable_file_override=0

3
lamp/world
View File

@ -1,8 +1,9 @@
app-admin/logrotate app-admin/logrotate
app-admin/sudo app-admin/sudo
app-emulation/open-vm-tools app-emulation/open-vm-tools
app-emulation/qemu-guest-agent
app-misc/mc app-misc/mc
app-misc/screenservice app-misc/tmuxservice
net-analyzer/zabbix net-analyzer/zabbix
sys-auth/pam_ssh_agent_auth sys-auth/pam_ssh_agent_auth
sys-fs/mdadm sys-fs/mdadm

4
zabbix/make.conf
View File

@ -3,6 +3,6 @@ CXXFLAGS="-O2 -pipe"
USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc" USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc"
MAKEOPTS="-j5" MAKEOPTS="-j5"
ACCEPT_LICENSE="*" ACCEPT_LICENSE="*"
PYTHON_TARGETS="python3_6" PYTHON_TARGETS="python3_7"
PYTHON_SINGLE_TARGET="python3_6" PYTHON_SINGLE_TARGET="python3_7"
VIDEO_CARDS="vmware" VIDEO_CARDS="vmware"

1
zabbix/world
View File

@ -16,6 +16,7 @@ dev-perl/Config-General
dev-perl/JSON-XS dev-perl/JSON-XS
dev-perl/libwww-perl dev-perl/libwww-perl
dev-tcltk/expect dev-tcltk/expect
net-analyzer/l2dm-lldp
net-analyzer/net-snmp net-analyzer/net-snmp
net-analyzer/nmap net-analyzer/nmap
net-analyzer/snmptt net-analyzer/snmptt

5
zabbix/zabbix.cfg
View File

@ -16,5 +16,6 @@ KERNEL_CONFIG = appliances/$(APPLIANCE)/kernel.config
ENABLE_SSHD = YES ENABLE_SSHD = YES
TIMEZONE=Europe/Berlin TIMEZONE=Europe/Berlin
LOCALE=de_DE.utf8 LOCALE=de_DE.utf8
REPO_NAMES = unitas REPO_NAMES = unitas-misc unitas-zabbix
REPO_URI_unitas = https://dev.unitas-network.de/r/Gentoo/Unitas.git REPO_URI_unitas-misc = https://dev.unitas-network.de/r/Gentoo/unitas-misc.git
REPO_URI_unitas-zabbix = https://dev.unitas-network.de/r/Gentoo/unitas-zabbix.git