new appliance: guacamole
This commit is contained in:
parent
7c0d2b8eb0
commit
ff38725854
|
@ -0,0 +1,56 @@
|
|||
preinstall:
|
||||
# switch to hardened, build hardened toolchain, rebuild everything
|
||||
mkdir -p $(CHROOT)/etc/portage/profile
|
||||
echo "-hardened" >> $(CHROOT)/etc/portage/profile/use.mask
|
||||
$(inroot) $(EMERGE) $(USEPKG) --oneshot gcc
|
||||
$(inroot) $(EMERGE) $(USEPKG) --oneshot binutils virtual/libc
|
||||
-$(gcc_config)
|
||||
$(inroot) $(EMERGE) $(USEPKG) --emptytree @world
|
||||
$(inroot) bash -c 'yes YES | etc-update --automode -9'
|
||||
|
||||
postinstall: base/timesyncd.conf base/firstboot.start
|
||||
# Konfigurationen anpassen
|
||||
cp base/timesyncd.conf $(CHROOT)/etc/systemd/timesyncd.conf
|
||||
mkdir -p $(CHROOT)/etc/local.d
|
||||
cp base/firstboot.start $(CHROOT)/etc/local.d/firstboot.start
|
||||
touch $(CHROOT)/firstboot
|
||||
sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers
|
||||
sed -i 's#^auth.*$$#auth [success=2 default=ignore] pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth include system-auth#' $(CHROOT)/etc/pam.d/sudo
|
||||
echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock
|
||||
$(inroot) useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin
|
||||
$(inroot) passwd -d admin; $(inroot) passwd -e admin
|
||||
$(inroot) systemctl enable tmux@root.service
|
||||
cp base/tmux.conf $(CHROOT)/root/.tmux.conf
|
||||
|
||||
# Beispiel feste IP-Adresse
|
||||
cp base/00-eth0.network $(CHROOT)/00-eth0.network.example
|
||||
|
||||
# MariaDB-Konfiguration ($$, weil make ein $ entfernt)
|
||||
sed -i "s/^character-set-server.*$$/character-set-server = utf8mb4/" $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "collation-server = utf8mb4_general_ci" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "transaction_isolation = READ-COMMITTED" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "binlog_format = ROW" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "expire_logs_days = 3" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "innodb_file_per_table = 1" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
echo "innodb_large_prefix = on" >> $(CHROOT)/etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
cp mariadb/my.cnf.root $(CHROOT)/root/.my.cnf
|
||||
chmod 0600 $(CHROOT)/root/.my.cnf
|
||||
rm -rf $(CHROOT)/var/lib/mysql/*
|
||||
$(inroot) bash -c 'yes gentoo | emerge --config dev-db/mariadb'
|
||||
|
||||
# Nginx
|
||||
mv $(CHROOT)/etc/nginx/nginx.conf $(CHROOT)/etc/nginx/nginx.conf.orig
|
||||
cp nginx/nginx.conf $(CHROOT)/etc/nginx/nginx.conf
|
||||
|
||||
# Guacamole
|
||||
$(inroot) /usr/share/tomcat-8.5/gentoo/tomcat-instance-manager.bash --create
|
||||
echo >> $(CHROOT)/etc/conf.d/tomcat-8.5
|
||||
echo "# Guacamole" >> $(CHROOT)/etc/conf.d/tomcat-8.5
|
||||
echo "TOMCAT_EXTRA_CLASSPATH=\"/usr/share/jdbc-mysql/lib/jdbc-mysql.jar\"" >> $(CHROOT)/etc/conf.d/tomcat-8.5
|
||||
echo "GUACAMOLE_HOME=/etc/guacamole" >> $(CHROOT)/etc/conf.d/tomcat-8.5
|
||||
cp tomcat/tomcat.start $(CHROOT)/usr/bin/tomcat-8.5
|
||||
cp tomcat/tomcat.systemd $(CHROOT)/etc/systemd/system/tomcat-8.5.service
|
||||
ln -sf /usr/share/guacamole-client/guacamole.war $(CHROOT)/var/lib/tomcat-8.5/webapps/
|
||||
|
||||
clean:
|
|
@ -0,0 +1,7 @@
|
|||
Erstkonfiguration
|
||||
=================
|
||||
|
||||
- für variable Daten (Datenbanken, Konfiguration) muß eine mit ext4 formatierte Datenpartition mit dem Label "DATA" vorhanden sein. Diese wird nach /DATA gemountet.
|
||||
- feste IP-Adresse und /etc/hosts konfigurieren
|
||||
- evtl. Nginx-Zertifikat neu erzeugen
|
||||
- unter VMware evtl. open-vm-tools aktivieren
|
|
@ -0,0 +1,22 @@
|
|||
# Beispiel für feste IP-Adreß-Konfiguration:
|
||||
# Anpassen und als 00-eth0.network nach /etc/systemd/network verschieben
|
||||
# (s. "man systemd.network", "man systemd-resolved")
|
||||
#
|
||||
# NICHT VERGESSEN: entsprechende Einträge in /etc/hosts hinzufügen
|
||||
# <IPv4> <FQDN> <Hostname>
|
||||
# <IPv6> <FQDN> <Hostname>
|
||||
|
||||
[Match]
|
||||
Name=eth0
|
||||
|
||||
[Network]
|
||||
Description=1. Netzwerk-Port
|
||||
Address=192.168.1.2/24
|
||||
Address=fdb5:78b:64cc:0:f8c0::2/64
|
||||
Gateway=192.168.1.1
|
||||
Gateway=fdb5:78b:64cc:0:f8c0::1
|
||||
DNS=192.168.1.3
|
||||
DNS=fdb5:78b:64cc:0:f8c0::3
|
||||
NTP=192.168.1.4
|
||||
NTP=fdb5:78b:64cc:0:f8c0::4
|
||||
Domains=privacyidea.de
|
|
@ -0,0 +1,81 @@
|
|||
#!/bin/bash
|
||||
|
||||
# base settings
|
||||
set -e
|
||||
|
||||
[ -e /firstboot ] || exit 0
|
||||
|
||||
echo 'Setting defaults...'
|
||||
localectl --no-convert set-keymap de-latin1-nodeadkeys
|
||||
|
||||
echo 'Activate services...'
|
||||
timedatectl set-ntp true
|
||||
|
||||
# variables
|
||||
LABEL="DATA"
|
||||
DATABASE_PASS="Di1sgMySQLPwd."
|
||||
|
||||
# Data partition
|
||||
echo 'Mount data partition...'
|
||||
mkdir -p /$LABEL
|
||||
if [ ! -L "/dev/disk/by-label/$LABEL" ]; then
|
||||
echo 'ERROR: Data partition not found!'
|
||||
echo "Please create a data partition with ext4 filesystem and label \"$LABEL\":"
|
||||
echo "# cfdisk /dev/<disk> (use GPT label, create linux partition)"
|
||||
echo "# mkfs.ext4 -L $LABEL /dev/<partition>"
|
||||
exit 1
|
||||
fi
|
||||
if ! grep -Fq "LABEL=$LABEL" /etc/fstab; then
|
||||
echo "LABEL=$LABEL /$LABEL ext4 noatime 0 1" >> /etc/fstab
|
||||
fi
|
||||
mount -a
|
||||
if ! mount | grep /$LABEL > /dev/null; then
|
||||
echo "ERROR: Could not mount data partition!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -d "/$LABEL/var/lib/mysql/guacamole_db" ]; then
|
||||
echo 'Initialize MariaDB...'
|
||||
systemctl stop mariadb
|
||||
mkdir -p /$LABEL/var/lib/mysql
|
||||
rm -rf /$LABEL/var/lib/mysql/*
|
||||
cp -a /var/lib/mysql/. /$LABEL/var/lib/mysql
|
||||
sed -i "s:^datadir.*:datadir = /$LABEL/var/lib/mysql:" /etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
systemctl start mariadb
|
||||
|
||||
echo 'Create Guacamole database...'
|
||||
mysql -u root -e "CREATE DATABASE guacamole_db;"
|
||||
mysql -u root -e "CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY '$DATABASE_PASS';"
|
||||
mysql -u root -e "GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';"
|
||||
mysql -u root -e "FLUSH PRIVILEGES;"
|
||||
sed -i "s/#mysql-hostname: localhost/mysql-hostname: localhost/" /etc/guacamole/guacamole.properties
|
||||
sed -i "s/#mysql-port: 3306/mysql-port: 3306/" /etc/guacamole/guacamole.properties
|
||||
sed -i "s/#mysql-database: guacamole/mysql-database: guacamole_db/" /etc/guacamole/guacamole.properties
|
||||
sed -i "s/#mysql-username: guacamole/mysql-username: guacamole_user/" /etc/guacamole/guacamole.properties
|
||||
sed -i "s/#mysql-password: some_password/mysql-password: $DATABASE_PASS/" /etc/guacamole/guacamole.properties
|
||||
|
||||
echo 'Initialize Guacamole database...'
|
||||
cat /usr/share/guacamole-client/schema/mysql/001-create-schema.sql | mysql -u root guacamole_db
|
||||
cat /usr/share/guacamole-client/schema/mysql/002-create-admin-user.sql | mysql -u root guacamole_db
|
||||
|
||||
else
|
||||
echo 'Start MariaDB...'
|
||||
sed -i "s:^datadir.*:datadir = /$LABEL/var/lib/mysql:" /etc/mysql/mariadb.d/50-distro-server.cnf
|
||||
systemctl start mariadb
|
||||
fi
|
||||
echo 'Enable database...'
|
||||
systemctl enable mariadb
|
||||
|
||||
echo 'Start and enable Guacamole proxy daemon...'
|
||||
systemctl start guacd
|
||||
systemctl enable guacd
|
||||
|
||||
echo 'Start and enable Guacamole Tomcat instance...'
|
||||
systemctl start tomcat-8.5
|
||||
systemctl enable tomcat-8.5
|
||||
|
||||
echo 'Start and enable Nginx...'
|
||||
systemctl start nginx
|
||||
systemctl enable nginx
|
||||
|
||||
rm /firstboot
|
|
@ -0,0 +1,12 @@
|
|||
# This file is part of systemd.
|
||||
#
|
||||
# systemd is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation; either version 2.1 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# See timesyncd.conf(5) for details.
|
||||
|
||||
[Time]
|
||||
NTP=0.de.pool.ntp.org 1.de.pool.ntp.org 2.de.pool.ntp.org 3.de.pool.ntp.org
|
||||
FallbackNTP=0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org
|
|
@ -0,0 +1,3 @@
|
|||
set -g mouse on
|
||||
set-option -g set-titles on
|
||||
set-option -g set-titles-string "#S / #T"
|
|
@ -0,0 +1,21 @@
|
|||
##HOSTNAME = $(APPLIANCE)
|
||||
##TIMEZONE = UTC
|
||||
DISK_SIZE = 8.0G
|
||||
##SWAP_SIZE = 30
|
||||
##SWAP_FILE = $(CHROOT)/.swap
|
||||
##ARCH = amd64-hardened
|
||||
##MAKEOPTS = -j10 -l10
|
||||
##PRUNE_CRITICAL = NO
|
||||
##CHANGE_PASSWORD = YES
|
||||
##HEADLESS = NO
|
||||
##SOFTWARE = 1
|
||||
##PKGLIST = 0
|
||||
##RSYNC_MIRROR = rsync://rsync15.de.gentoo.org/gentoo/
|
||||
##KERNEL_PKG = gentoo-sources
|
||||
KERNEL_CONFIG = appliances/$(APPLIANCE)/kernel.config
|
||||
ENABLE_SSHD = YES
|
||||
TIMEZONE=Europe/Berlin
|
||||
LOCALE=de_DE.utf8
|
||||
REPO_NAMES = unitas-misc unitas-guacamole
|
||||
REPO_URI_unitas-misc = https://dev.unitas-network.de/r/Gentoo/unitas-misc.git
|
||||
REPO_URI_unitas-guacamole = https://dev.unitas-network.de/r/Gentoo/unitas-guacamole.git
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,8 @@
|
|||
CFLAGS="-O2 -pipe"
|
||||
CXXFLAGS="-O2 -pipe"
|
||||
USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc"
|
||||
MAKEOPTS="-j5"
|
||||
VIDEO_CARDS="vmware"
|
||||
ACCEPT_LICENSE="*"
|
||||
PYTHON_TARGETS="python3_7"
|
||||
PYTHON_SINGLE_TARGET="python3_7"
|
|
@ -0,0 +1,7 @@
|
|||
[mysqladmin]
|
||||
user = root
|
||||
password = gentoo
|
||||
|
||||
[mysql]
|
||||
user = root
|
||||
password = gentoo
|
|
@ -0,0 +1,80 @@
|
|||
user nginx nginx;
|
||||
worker_processes 1;
|
||||
|
||||
error_log /var/log/nginx/error_log info;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
use epoll;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main
|
||||
'$remote_addr - $remote_user [$time_local] '
|
||||
'"$request" $status $bytes_sent '
|
||||
'"$http_referer" "$http_user_agent" '
|
||||
'"$gzip_ratio"';
|
||||
|
||||
client_header_timeout 10m;
|
||||
client_body_timeout 10m;
|
||||
send_timeout 10m;
|
||||
|
||||
connection_pool_size 256;
|
||||
client_header_buffer_size 1k;
|
||||
large_client_header_buffers 4 2k;
|
||||
request_pool_size 4k;
|
||||
|
||||
gzip off;
|
||||
|
||||
output_buffers 1 32k;
|
||||
postpone_output 1460;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
|
||||
keepalive_timeout 75 20;
|
||||
|
||||
ignore_invalid_headers on;
|
||||
|
||||
index index.html;
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
access_log /var/log/nginx/localhost.access_log main;
|
||||
error_log /var/log/nginx/localhost.error_log info;
|
||||
|
||||
root /var/www/localhost/htdocs;
|
||||
|
||||
location /guacamole/ {
|
||||
proxy_pass http://localhost:8080/guacamole/;
|
||||
proxy_buffering off;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
# SSL example
|
||||
#server {
|
||||
# listen 127.0.0.1:443;
|
||||
# server_name localhost;
|
||||
|
||||
# ssl on;
|
||||
# ssl_certificate /etc/ssl/nginx/nginx.pem;
|
||||
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
|
||||
|
||||
# access_log /var/log/nginx/localhost.ssl_access_log main;
|
||||
# error_log /var/log/nginx/localhost.ssl_error_log info;
|
||||
|
||||
# root /var/www/localhost/htdocs;
|
||||
#}
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
# Grundsystem
|
||||
app-emulation/open-vm-tools
|
||||
sys-auth/pam_ssh_agent_auth
|
||||
|
||||
# Guacamole
|
||||
dev-java/javatoolkit
|
||||
net-libs/libtelnet
|
||||
net-misc/guacamole-server
|
||||
www-apps/guacamole-client
|
|
@ -0,0 +1,2 @@
|
|||
# wir wollen nicht icedtea-bin, sondern openjdk-jre-bin
|
||||
dev-java/icedtea-bin
|
|
@ -0,0 +1,27 @@
|
|||
# base
|
||||
app-admin/sudo -sendmail
|
||||
app-editors/nano ncurses
|
||||
app-emulation/open-vm-tools pic -modules
|
||||
app-misc/mc -slang
|
||||
dev-lang/python ssl threads xml
|
||||
dev-libs/libpcre cxx jit
|
||||
dev-libs/libpcre2 jit
|
||||
dev-util/pkgconfig internal-glib
|
||||
dev-vcs/git -python
|
||||
net-misc/openssh ssl
|
||||
net-misc/wget ssl
|
||||
sys-apps/hwids udev
|
||||
sys-apps/kmod tools
|
||||
sys-apps/net-tools hostname
|
||||
sys-apps/portage ipc
|
||||
sys-auth/pambase nullok sha512
|
||||
sys-devel/gcc cxx nptl
|
||||
sys-kernel/gentoo-sources symlink
|
||||
|
||||
# Monitoring
|
||||
net-analyzer/zabbix agent
|
||||
|
||||
# Guacamole
|
||||
media-plugins/alsa-plugins pulseaudio
|
||||
net-misc/guacamole-server encode pulseaudio rdp ssh telnet vnc vorbis webp
|
||||
www-apps/guacamole-client ldap mysql
|
|
@ -0,0 +1,130 @@
|
|||
#!/bin/sh
|
||||
# Author: Jens Koegler <j.koegler@web.de>
|
||||
# based on the original init.d script
|
||||
# set debugging on
|
||||
# set -x
|
||||
die() {
|
||||
usage
|
||||
exit 1
|
||||
}
|
||||
|
||||
usage() {
|
||||
cat <<EOL
|
||||
Usage: ${BASH_SOURCE} [start|stop] <instance-name>
|
||||
Usage: NAME=<instance> ${BASH_SOURCE} [start|stop]
|
||||
Instance-name can be the environment variable NAME
|
||||
EOL
|
||||
}
|
||||
|
||||
if ([[ $# -gt 2 ]] || [[ $# -eq 0 ]]); then
|
||||
die
|
||||
fi
|
||||
|
||||
RUN=$1
|
||||
TOMCAT=`basename ${BASH_SOURCE}`
|
||||
if [ $# -eq 2 ]; then
|
||||
printf -v INSTANCE "%s-%s" "$TOMCAT" "$2"
|
||||
else
|
||||
if [[ -z ${NAME} ]]; then
|
||||
printf -v INSTANCE "%s" "$TOMCAT"
|
||||
else
|
||||
printf -v INSTANCE "%s-%s" "$TOMCAT" "$NAME"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -f /etc/conf.d/${INSTANCE} ]]; then
|
||||
source /etc/conf.d/${INSTANCE}
|
||||
else
|
||||
echo "The configuration file /etc/conf.d/${INSTANCE} does not exist"
|
||||
die
|
||||
fi
|
||||
|
||||
: ${CATALINA_HOME:=/usr/share/${TOMCAT}}
|
||||
: ${CATALINA_BASE:=/var/lib/${INSTANCE}}
|
||||
: ${CATALINA_TMPDIR:=/var/tmp/${INSTANCE}}
|
||||
|
||||
: ${TOMCAT_START:=start}
|
||||
|
||||
: ${JPDA_TRANSPORT:="dt_socket"}
|
||||
: ${JPDA_ADDRESS:="8000"}
|
||||
: ${JPDA_OPTS="-Xdebug -Xrunjdwp:transport=${JPDA_TRANSPORT},address=${JPDA_ADDRESS},server=y,suspend=n"}
|
||||
|
||||
if [ ! -e "${CATALINA_TMPDIR}" ]; then
|
||||
mkdir -p "${CATALINA_TMPDIR}"
|
||||
chown tomcat:tomcat "${CATALINA_TMPDIR}"
|
||||
fi
|
||||
|
||||
export JAVA_HOME=`java-config ${TOMCAT_JVM:+--select-vm ${TOMCAT_JVM}} --jre-home`
|
||||
export CLASSPATH="${CATALINA_HOME}/bin/bootstrap.jar:${CATALINA_HOME}/bin/tomcat-juli.jar"
|
||||
|
||||
start() {
|
||||
|
||||
if [ ! -e "${CATALINA_TMPDIR}" ]; then
|
||||
mkdir -p "${CATALINA_TMPDIR}"
|
||||
chown tomcat:tomcat "${CATALINA_TMPDIR}"
|
||||
fi
|
||||
|
||||
local DEPEND=$(java-config --query DEPEND --package ${TOMCAT}):${TOMCAT_EXTRA_JARS}
|
||||
DEPEND=${DEPEND%:}
|
||||
|
||||
local GCLASSPATH=$(java-config --with-dependencies --classpath "${DEPEND//:/,}"):${TOMCAT_EXTRA_CLASSPATH}
|
||||
GCLASSPATH=${GCLASSPATH%:}
|
||||
|
||||
local cmd=java args=
|
||||
if [ "${TOMCAT_START}" = "debug" ] || [ "${TOMCAT_START}" = "-security debug" ] ; then
|
||||
cmd=jdb
|
||||
args="${args} -sourcepath ${CATALINA_HOME}/../../jakarta-tomcat-catalina/catalina/src/share"
|
||||
fi
|
||||
if [ "${TOMCAT_START}" = "-security debug" ] || [ "${TOMCAT_START}" = "-security start" ]; then
|
||||
args="${args} -Djava.security.manager"
|
||||
args="${args} -Djava.security.policy=${CATALINA_BASE}/conf/catalina.policy"
|
||||
fi
|
||||
if [ "${TOMCAT_START}" = "jpda start" ] ; then
|
||||
args="${args} ${JPDA_OPTS}"
|
||||
fi
|
||||
if [ -r "${CATALINA_HOME}"/bin/tomcat-juli.jar ]; then
|
||||
args="${args} -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \
|
||||
-Djava.util.logging.config.file=${CATALINA_BASE}/conf/logging.properties"
|
||||
fi
|
||||
|
||||
${JAVA_HOME}/bin/${cmd} \
|
||||
${JAVA_OPTS} \
|
||||
${args} \
|
||||
'-XX:OnOutOfMemoryError=kill -9 %%p' \
|
||||
-Dcatalina.base="${CATALINA_BASE}" \
|
||||
-Dcatalina.home="${CATALINA_HOME}" \
|
||||
-Djava.io.tmpdir="${CATALINA_TMPDIR}" \
|
||||
-Dgentoo.classpath="${GCLASSPATH//:/,}" \
|
||||
-classpath "${CLASSPATH}" \
|
||||
org.apache.catalina.startup.Bootstrap \
|
||||
${CATALINA_OPTS} \
|
||||
${TOMCAT_START}
|
||||
|
||||
}
|
||||
|
||||
stop() {
|
||||
|
||||
${JAVA_HOME}/bin/java \
|
||||
${JAVA_OPTS} \
|
||||
${args} \
|
||||
-Dcatalina.base="${CATALINA_BASE}" \
|
||||
-Dcatalina.home="${CATALINA_HOME}" \
|
||||
-Djava.io.tmpdir="${CATALINA_TMPDIR}" \
|
||||
-Dgentoo.classpath="${GCLASSPATH//:/,}" \
|
||||
-classpath "${CLASSPATH}" \
|
||||
org.apache.catalina.startup.Bootstrap stop
|
||||
|
||||
}
|
||||
|
||||
case "${RUN}" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
*)
|
||||
die
|
||||
;;
|
||||
esac
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
[Unit]
|
||||
Description=Apache Tomcat Web Application Container
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
EnvironmentFile=/etc/conf.d/tomcat-8.5
|
||||
Environment=SHELL=/bin/bash
|
||||
ExecStart=/usr/bin/tomcat-8.5 start
|
||||
ExecStop=/usr/bin/tomcat-8.5 stop
|
||||
SuccessExitStatus=143
|
||||
User=tomcat
|
||||
Group=tomcat
|
||||
TimeoutStopSec=90
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,19 @@
|
|||
[Unit]
|
||||
Description=Apache Tomcat Web Application Container
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
EnvironmentFile=/etc/conf.d/tomcat-8.5-%i
|
||||
Environment="NAME=%i"
|
||||
Environment=SHELL=/bin/bash
|
||||
ExecStart=/usr/bin/tomcat-8.5 start
|
||||
ExecStop=/usr/bin/tomcat-8.5 stop
|
||||
SuccessExitStatus=143
|
||||
User=tomcat
|
||||
Group=tomcat
|
||||
TimeoutStopSec=90
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -0,0 +1,16 @@
|
|||
app-admin/logrotate
|
||||
app-admin/sudo
|
||||
app-emulation/open-vm-tools
|
||||
app-emulation/qemu-guest-agent
|
||||
app-misc/mc
|
||||
app-misc/tmuxservice
|
||||
net-analyzer/zabbix
|
||||
sys-auth/pam_ssh_agent_auth
|
||||
sys-fs/mdadm
|
||||
sys-power/acpid
|
||||
app-crypt/certbot-nginx
|
||||
dev-db/mariadb
|
||||
dev-java/openjdk-jre-bin:8
|
||||
net-misc/guacamole-server
|
||||
www-apps/guacamole-client
|
||||
www-servers/nginx
|
|
@ -18,8 +18,8 @@ install_snmpbuilder:
|
|||
$(inroot) test -f /var/cache/distfiles/$(SB_TARBALL) || \
|
||||
$(inroot) wget -P /var/cache/distfiles $(SB_URL)
|
||||
$(inroot) tar xf /var/cache/distfiles/$(SB_TARBALL) -C /tmp
|
||||
cp $(CHROOT)/tmp/snmpbuilder-$(OF_COMMIT)/snmp_builder.php $(CHROOT)/var/www/localhost/htdocs/zabbix/
|
||||
cp -r $(CHROOT)/tmp/snmpbuilder-$(OF_COMMIT)/snmp_builder $(CHROOT)/var/www/localhost/htdocs/zabbix/
|
||||
cp $(CHROOT)/tmp/snmpbuilder-$(SB_COMMIT)/snmp_builder.php $(CHROOT)/var/www/localhost/htdocs/zabbix/
|
||||
cp -r $(CHROOT)/tmp/snmpbuilder-$(SB_COMMIT)/snmp_builder $(CHROOT)/var/www/localhost/htdocs/zabbix/
|
||||
sed -i 's#/var/www/html/zabbix/snmp_builder/mibs#/var/www/localhost/htdocs/zabbix/snmp_builder/mibs#' $(CHROOT)/var/www/localhost/htdocs/zabbix/snmp_builder.php
|
||||
patch -d $(CHROOT)/var/www/localhost/htdocs/zabbix/ -p1 < zabbix/snmp_builder.diff
|
||||
|
||||
|
@ -127,8 +127,6 @@ postinstall: base/timesyncd.conf base/firstboot.start
|
|||
$(inroot)chown zabbix:zabbix /var/log/snmptt
|
||||
|
||||
# Zabbix SNMP Builder
|
||||
<------># oletools zur Office-Macro-Erkennung in rspamd
|
||||
<------>$(MAKE) install_snmpbuilder
|
||||
<------>$(MAKE) install_
|
||||
## $(MAKE) install_snmpbuilder
|
||||
|
||||
clean:
|
||||
|
|
|
@ -4,5 +4,5 @@ sys-auth/pam_ssh_agent_auth ~amd64 ~x86
|
|||
|
||||
# Zabbix
|
||||
##dev-db/mariadb ~amd64 ~x86
|
||||
net-analyzer/zabbix **
|
||||
net-analyzer/zabbix ~amd64 ~x86
|
||||
net-analyzer/snmptt ~amd64 ~x86
|
||||
|
|
Reference in New Issue