VA
/
virtual-appliance
1
0
Fork 0
Code Issues Pull Requests Releases 6 Wiki Activity

Example appliances removed, only base and default preserved 

The sample appliances have been removed as I do not use them and therefore cannot support them.
This commit is contained in:
Jörg Deckert 2021-02-08 19:16:19 +01:00
parent b2d2b0265f
commit 955be9cc46
87 changed files with 147 additions and 4849 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
appliances/airport/Makefile
View File

@ -1,49 +0,0 @@
APP_ROOT := /var/lib/airport
AIRPORT_REPO ?= https://bitbucket.org/marduk/airport
AIRPORT_BRANCH ?= stable
PGVER := 10
repo := $(CHROOT)/$(APP_ROOT)
etc_issue := $(CHROOT)/etc/issue
services := $(wildcard *.service)
service_targets := $(patsubst %,$(CHROOT)/etc/systemd/system/%,$(services))
$(CHROOT)/etc/systemd/system/%.service: %.service
cp $< $@
RUN systemctl enable $<
$(etc_issue): issue
cp $< $@
$(repo):
hg clone -u $(AIRPORT_BRANCH) $(AIRPORT_REPO) $@
preinstall:
postinstall: settings.py issue nginx.conf $(service_targets) $(repo) $(etc_issue)
RUN eselect postgresql set $(PGVER)
rm -rf $(CHROOT)/var/lib/postgresql/$(PGVER)
RUN bash -c "echo y |$(EMERGE) --config postgresql:$(PGVER)"
RUN systemctl enable postgresql-$(PGVER)
RUN $(EMERGE) --oneshot --noreplace $(USEPKG) dev-python/setuptools dev-python/virtualenv
rm -rf $(CHROOT)/$(APP_ROOT)
hg clone -u $(AIRPORT_BRANCH) $(AIRPORT_REPO) $(CHROOT)/$(APP_ROOT)
chroot $(CHROOT) virtualenv -p /usr/bin/python3 $(APP_ROOT)
RUN $(APP_ROOT)/bin/pip install -r $(APP_ROOT)/requirements.txt
RUN $(APP_ROOT)/bin/pip install psycopg2 uwsgi
COPY settings.py /$(APP_ROOT)/djangoproject/djangoproject
RUN id -u airport >/dev/null || RUN useradd -d $(APP_ROOT) -M -U -G postgres airport
RUN chown -R airport:airport $(APP_ROOT)
ifdef AIRPORT_SERIES
cat settings_$(AIRPORT_SERIES).py >> $(CHROOT)/$(APP_ROOT)/djangoproject/djangoproject/settings.py
RUN cp /$(APP_ROOT)/djangoproject/airport/fixtures/$(AIRPORT_SERIES).json \
/$(APP_ROOT)/djangoproject/airport/fixtures/initial_data.json
endif
$(M4) -D HOSTNAME=$(HOSTNAME) nginx.conf > $(CHROOT)/etc/nginx/nginx.conf
RUN gpasswd -a nginx airport
RUN systemctl enable airport-wsgi.service
RUN systemctl enable airport-gameserver.service
RUN $(EMERGE) --depclean --with-bdeps=n
clean:

16
appliances/airport/airport-gameserver.service
View File

@ -1,16 +0,0 @@
[Unit]
Description=Airport Game Server
Documentation=https://bitbucket.org/marduk/airport/
Requires=airport-pre.service
After=airport-pre.service
After=airport-wsgi.service
[Service]
User=airport
Environment=PYTHONPATH=/var/lib/airport/djangoproject
Environment=DJANGO_SETTINGS_MODULE=djangoproject.settings
WorkingDirectory=/var/lib/airport
ExecStart=/var/lib/airport/bin/python djangoproject/manage.py gameserver --verbosity=2
[Install]
WantedBy=multi-user.target

16
appliances/airport/airport-pre.service
View File

@ -1,16 +0,0 @@
[Unit]
Description=Airport (Pre)
Documentation=https://bitbucket.org/marduk/airport/
Requires=postgresql-10.service
After=postgresql-10.service
[Service]
Type=oneshot
User=airport
Environment=PYTHONPATH=/var/lib/airport/djangoproject
Environment=DJANGO_SETTINGS_MODULE=djangoproject.settings
WorkingDirectory=/var/lib/airport
ExecStart=-/usr/bin/createuser -U postgres -D -S -R airport
ExecStart=-/usr/bin/createdb -U postgres airport
ExecStart=/var/lib/airport/bin/python djangoproject/manage.py migrate auth --noinput
ExecStart=/var/lib/airport/bin/python djangoproject/manage.py migrate --noinput

22
appliances/airport/airport-wsgi.service
View File

@ -1,22 +0,0 @@
[Unit]
Description=Airport WSGI Server
Documentation=https://bitbucket.org/marduk/airport/
Requires=airport-pre.service
After=airport-pre.service
Wants=nginx.service
[Service]
Type=notify
User=airport
WorkingDirectory=/var/lib/airport
Environment=PYTHONPATH=/var/lib/airport/djangoproject
Environment=DJANGO_SETTINGS_MODULE=djangoproject.settings
ExecStart=/var/lib/airport/bin/uwsgi --master -p 4 \
--socket=/var/lib/airport/airport.sock \
--chmod=660 -w djangoproject.wsgi --uid=airport --gid=airport \
--pidfile=/var/lib/airport/airport.pid
PIDFile=/var/lib/airport/airport.pid
KillSignal=SIGQUIT
[Install]
WantedBy=multi-user.target

15
appliances/airport/issue
View File

@ -1,15 +0,0 @@

|
|
|
_|_
/___\\
/_____\\
/oo oo\\
\\___________________________\\ /___________________________/
`-----------|------|--------\\_____/--------|------|-----------'
( ) ( ) O|OOo|oOO|O ( ) ( )
------------------------------------------------------------------------------
Airport Console
------------------------------------------------------------------------------

5
appliances/airport/make.conf
View File

@ -1,5 +0,0 @@
# Settings for Airport
PYTHON_TARGETS="python3_6"
USE_PYTHON="3.6"
NGINX_MODULES_HTTP="auth_basic gzip proxy referer rewrite headers_more uwsgi"
INSTALL_MASK="$INSTALL_MASK /etc/nginx/nginx.conf /etc/issue"

81
appliances/airport/nginx.conf
View File

@ -1,81 +0,0 @@
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 0.0.0.0;
server_name HOSTNAME;
location /static/ {
alias /var/lib/airport/djangoproject/airport/static/;
}
location / {
uwsgi_pass unix:///var/lib/airport/airport.sock;
include /etc/nginx/uwsgi_params;
}
access_log /var/log/nginx/HOSTNAME.access_log main;
error_log /var/log/nginx/HOSTNAME.error_log info;
root /var/www/localhost/htdocs;
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name localhost;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/localhost.ssl_access_log main;
# error_log /var/log/nginx/localhost.ssl_error_log info;
# root /var/www/localhost/htdocs;
#}
}

4
appliances/airport/package.keywords
View File

@ -1,4 +0,0 @@
app-eselect/eselect-postgresql **
dev-db/postgresql:9.6 **
dev-python/virtualenv **
sys-kernel/gentoo-sources ~amd64 ~x86

17
appliances/airport/package.use
View File

@ -1,17 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl sqlite threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
dev-db/postgresql server
www-servers/nginx http

158
appliances/airport/settings.py
View File

@ -1,158 +0,0 @@
# Django settings for djangoproject project.
import os
ALLOWED_HOSTS = ['*']
DEBUG = True
TEMPLATE_DEBUG = DEBUG
ADMINS = (
('Your Name', 'your@email.com'),
)
MANAGERS = ADMINS
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'airport',
'USER': 'airport',
'PASSWORD': '',
'HOST': '',
'PORT': '',
'CONN_MAX_AGE': None,
}
}
# Local time zone for this installation. Choices can be found here:
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
# although not all choices may be available on all operating systems.
# On Unix systems, a value of None will cause Django to use the same
# timezone as the operating system.
# If running in a Windows environment this must be set to the same as your
# system time zone.
TIME_ZONE = 'America/New_York'
# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html
LANGUAGE_CODE = 'en-us'
SITE_ID = 1
# If you set this to False, Django will make some optimizations so as not
# to load the internationalization machinery.
USE_I18N = False
# If you set this to False, Django will not format dates, numbers and
# calendars according to the current locale
USE_L10N = True
# Absolute filesystem path to the directory that will hold user-uploaded files.
# Example: "/home/media/media.lawrence.com/media/"
MEDIA_ROOT = ''
# URL that handles the media served from MEDIA_ROOT. Make sure to use a
# trailing slash.
# Examples: "http://media.lawrence.com/media/", "http://example.com/media/"
MEDIA_URL = ''
# Absolute path to the directory static files should be collected to.
# Don't put anything in this directory yourself; store your static files
# in apps' "static/" subdirectories and in STATICFILES_DIRS.
# Example: "/home/media/media.lawrence.com/static/"
STATIC_ROOT = ''
# URL prefix for static files.
# Example: "http://media.lawrence.com/static/"
STATIC_URL = '/static/'
# URL prefix for admin static files -- CSS, JavaScript and images.
# Make sure to use a trailing slash.
# Examples: "http://foo.com/static/admin/", "/static/admin/".
ADMIN_MEDIA_PREFIX = '/static/admin/'
# Additional locations of static files
STATICFILES_DIRS = (
# Put strings here, like "/home/html/static" or "C:/www/django/static".
# Always use forward slashes, even on Windows.
# Don't forget to use absolute paths, not relative paths.
)
# List of finder classes that know how to find static files in
# various locations.
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
# 'django.contrib.staticfiles.finders.DefaultStorageFinder',
)
# Make this unique, and don't share it with anybody.
SECRET_KEY = '5vv-a3_^4a5uk=88m-jow=62*nvo0)0nn)wh)^ea^l=-+o9zuv'
# List of callables that know how to import templates from various sources.
TEMPLATE_LOADERS = (
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
# 'django.template.loaders.eggs.Loader',
)
TEMPLATE_CONTEXT_PROCESSORS = (
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
'airport.context_processors.externals',
'airport.context_processors.game_name',
)
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
ROOT_URLCONF = 'djangoproject.urls'
TEMPLATE_DIRS = (
# Put strings here, like "/home/html/django_templates" or "C:/www/django/templates".
# Always use forward slashes, even on Windows.
# Don't forget to use absolute paths, not relative paths.
)
INSTALLED_APPS = (
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
#'django.contrib.sites',
'django.contrib.messages',
#'django.contrib.staticfiles',
'django.contrib.humanize',
'airport'
)
# A sample logging configuration. The only tangible logging
# performed by this configuration is to send an email to
# the site admins on every HTTP 500 error.
# See http://docs.djangoproject.com/en/dev/topics/logging for
# more details on how to customize your logging configuration.
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'mail_admins': {
'level': 'ERROR',
'class': 'django.utils.log.AdminEmailHandler'
}
},
'loggers': {
'django.request': {
'handlers': ['mail_admins'],
'level': 'ERROR',
'propagate': True,
},
}
}
AIRPORT = {
'GAMESERVER_MULTIPROCESSING': True,
}

10
appliances/airport/settings_europe.py
View File

@ -1,10 +0,0 @@
AIRPORT = {
'GAME_NAME': 'Airport Europe',
'SCALE_FLIGHT_TIMES': False,
'GAMESERVER_MULTIPROCESSING': True,
'CRUISE_SPEED': 13.0,
'GAMESERVER_LOOP_DELAY': 3,
'MAP_INITIAL_LATITUDE': 53.58,
'MAP_INITIAL_LONGITUDE': 23.11,
}

2
appliances/airport/world
View File

@ -1,2 +0,0 @@
dev-db/postgresql:10
www-servers/nginx

3
appliances/base/Makefile
View File

@ -1,6 +1,3 @@
preinstall:
postinstall:
clean:

14
appliances/base/package.use
View File

@ -1,14 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill

48
appliances/default/Makefile Normal file
View File

@ -0,0 +1,48 @@
HARDENED = $(CHROOT)/var/tmp/hardened
PAM_SSH_AGENT_AUTH = $(CHROOT)/var/tmp/pam_ssh_agent_auth
ADMINUSER = $(CHROOT)/var/tmp/adminuser
timesyncd_conf = $(CHROOT)/etc/systemd/timesyncd.conf
01firstboot = $(CHROOT)/etc/local.d/01firstboot.start
network_example = $(CHROOT)/00-eth0.network.example
tmux_conf = $(CHROOT)//root/.tmux.conf
$(HARDENED):
mkdir -p $(CHROOT)/etc/portage/profile
echo "-hardened" >> $(CHROOT)/etc/portage/profile/use.mask
RUN $(EMERGE) $(USEPKG) --oneshot gcc
RUN $(EMERGE) $(USEPKG) --oneshot binutils virtual/libc
-$(gcc_config)
RUN $(EMERGE) $(USEPKG) --emptytree @world
RUN bash -c 'yes YES | etc-update --automode -9'
touch $(HARDENED)
$(timesyncd_conf): default/timesyncd.conf
cp $< $@
$(01firstboot): default/01firstboot.start
mkdir -p $(CHROOT)/etc/local.d
cp $< $@
touch $(CHROOT)/01firstboot
$(network_example): default/00-eth0.network
cp $< $@
$(tmux_conf): default/tmux.conf
RUN systemctl enable tmux@root.service
cp $< $@
$(PAM_SSH_AGENT_AUTH):
sed -i 's/# %wheel ALL=(ALL) ALL/%wheel ALL=(ALL) ALL/' $(CHROOT)/etc/sudoers
sed -i 's#^auth.*$$#auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth required pam_env.so readenv=1 user_readenv=0\nsession required pam_env.so readenv=1 user_readenv=0\nauth substack system-auth#' $(CHROOT)/etc/pam.d/sudo
sed -i 's#^auth.*$$#auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys\nauth required pam_env.so readenv=1 user_readenv=0\nsession required pam_env.so readenv=1 user_readenv=0\nauth substack system-auth#' $(CHROOT)/etc/pam.d/sudo-i
echo "Defaults env_keep += SSH_AUTH_SOCK" > $(CHROOT)/etc/sudoers.d/ssh_auth_sock
touch $(PAM_SSH_AGENT_AUTH)
$(ADMINUSER):
RUN useradd -m -G users,wheel -s /bin/bash --comment="virtual appliance admin" --uid 2000 admin
RUN passwd -d admin; $(inroot) passwd -e admin
touch $(ADMINUSER)
preinstall: $(HARDENED)
postinstall: $(timesyncd_conf) $(01firstboot) $(network_example) $(tmux_conf) $(PAM_SSH_AGENT_AUTH) $(ADMINUSER)

6
appliances/default/README-default.md Normal file
View File

@ -0,0 +1,6 @@
Initial configuration
=====================
- For dynamic data (configuration, databases) there must be a data partition formatted with ext4 with the label "DATA". This is mounted to /DATA.
- Configure fixed IP address and /etc/hosts.
- under VMware activate open-vm-tools if necessary

21
appliances/default/default/00-eth0.network Normal file
View File

@ -0,0 +1,21 @@
# Example of fixed IP address configuration:
#
# Customize and move as 00-eth0.network to /etc/systemd/network
# (refer to "man systemd.network", "man systemd-resolved")
#
# DON'T FORGET: add appropriate entries in /etc/hosts
# <IPv4> <fqdn> <hostname>
# <IPv6> <fqdn> <hostname>
[Match]
Name=eth0
[Network]
Description=first network port
Address=192.168.1.2/24
Address=fdb5:78b:64cc:0:f8c0::2/64
Gateway=192.168.1.1
Gateway=fdb5:78b:64cc:0:f8c0::1
DNS=192.168.1.3
DNS=fdb5:78b:64cc:0:f8c0::3
Domains=exampledomain.de

36
appliances/default/default/01firstboot.start Executable file
View File

@ -0,0 +1,36 @@
#!/bin/bash
# variables
LABEL="DATA"
# base settings
set -e
[ -e /01firstboot ] || exit 0
echo 'Setting keymap...'
localectl --no-convert set-keymap de-latin1-nodeadkeys
echo 'Activate NTP service...'
timedatectl set-ntp true
# Data partition
echo 'Mount data partition...'
mkdir -p /$LABEL
if [ ! -L "/dev/disk/by-label/$LABEL" ]; then
echo 'ERROR: Data partition not found!'
echo "Please create a data partition with ext4 filesystem and label \"$LABEL\":"
echo "# cfdisk /dev/<disk> (use GPT label, create linux partition)"
echo "# mkfs.ext4 -L $LABEL /dev/<partition>"
exit 1
fi
if ! grep -Fq "LABEL=$LABEL" /etc/fstab; then
echo "LABEL=$LABEL /$LABEL ext4 noatime 0 1" >> /etc/fstab
fi
mount -a
if ! mount | grep /$LABEL > /dev/null; then
echo "ERROR: Could not mount data partition!"
exit 1
fi
rm /01firstboot

5
appliances/default/default/timesyncd.conf Normal file
View File

@ -0,0 +1,5 @@
# See timesyncd.conf(5) for details.
[Time]
NTP=0.de.pool.ntp.org 1.de.pool.ntp.org 2.de.pool.ntp.org 3.de.pool.ntp.org
FallbackNTP=0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org

3
appliances/default/default/tmux.conf Normal file
View File

@ -0,0 +1,3 @@
set -g mouse on
set-option -g set-titles on
set-option -g set-titles-string "#S / #T"

5
appliances/default/make.conf Normal file
View File

@ -0,0 +1,5 @@
CFLAGS="-O2 -pipe"
CXXFLAGS="-O2 -pipe"
USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc"
MAKEOPTS="-j5"
ACCEPT_LICENSE="*"

3
appliances/default/package.accept_keywords Normal file
View File

@ -0,0 +1,3 @@
# Base system
app-emulation/open-vm-tools
sys-auth/pam_ssh_agent_auth

15
appliances/jenkins/package.use → appliances/default/package.use
View File

@ -1,7 +1,13 @@
# Base system
app-admin/sudo -sendmail
app-editors/nano ncurses
app-emulation/open-vm-tools pic -modules -resolutionkms
app-misc/mc -slang
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-libs/libpcre cxx jit
dev-libs/libpcre2 jit
dev-util/pkgconfig internal-glib
dev-vcs/git -gpg -iconv -pcre -pcre-jit -perl -python -threads -webdav
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
@ -11,9 +17,6 @@ sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
# for Jenkins
dev-lang/python sqlite
dev-vcs/mercurial python_targets_python2_7
www-servers/nginx http
# Monitoring
net-analyzer/zabbix agent

11
appliances/default/world Normal file
View File

@ -0,0 +1,11 @@
app-admin/logrotate
app-admin/sudo
app-emulation/open-vm-tools
app-emulation/qemu-guest-agent
app-misc/mc
app-misc/tmuxservice
dev-vcs/git
net-analyzer/zabbix
sys-auth/pam_ssh_agent_auth
sys-fs/mdadm
sys-power/acpid

3
appliances/docker/30-ipforward.conf
View File

@ -1,3 +0,0 @@
net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1

9
appliances/docker/Makefile
View File

@ -1,9 +0,0 @@
preinstall:
postinstall: 30-ipforward.conf eth.network
COPY 30-ipforward.conf /etc/sysctl.d/
COPY eth.network /etc/systemd/network/
RUN systemctl enable docker.service
clean:

1
appliances/docker/docker.cfg
View File

@ -1 +0,0 @@
KERNEL_CONFIG = appliances/$(APPLIANCE)/kernel.config

5
appliances/docker/eth.network
View File

@ -1,5 +0,0 @@
[Match]
[Network]
DHCP=both
IPForward=kernel

3139
appliances/docker/kernel.config
View File

File diff suppressed because it is too large Load Diff

22
appliances/docker/package.keywords
View File

@ -1,22 +0,0 @@
app-emulation/containerd ~x86 ~amd64
app-emulation/docker ~x86 ~amd64
app-emulation/docker-compose ~x86 ~amd64
app-emulation/docker-proxy ~x86 ~amd64
app-emulation/docker-runc ~x86 ~amd64
app-emulation/runc ~x86 ~amd64
dev-go/blackfriday ~x86 ~amd64
dev-go/go-md2man ~x86 ~amd64
dev-go/sanitized-anchor-name ~x86 ~amd64
dev-python/backports-ssl-match-hostname ~x86 ~amd64
dev-python/cached-property ~x86 ~amd64
dev-python/colorama ~x86 ~amd64
dev-python/docker-py ~x86 ~amd64
dev-python/docker-pycreds ~x86 ~amd64
dev-python/dockerpty ~x86 ~amd64
dev-python/jsonschema ~x86 ~amd64
dev-python/strict-rfc3339 ~x86 ~amd64
dev-python/texttable ~x86 ~amd64
dev-python/vcversioner ~x86 ~amd64
dev-python/webcolors ~x86 ~amd64
dev-python/websocket-client ~x86 ~amd64
sys-kernel/gentoo-sources ~x86 ~amd64

21
appliances/docker/package.use
View File

@ -1,21 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-libs/openssl -bindist
dev-util/pkgconfig internal-glib
net-misc/curl ssl
net-misc/openssh ssl -bindist
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
app-emulation/docker aufs btrfs overlay
app-text/asciidoc python_single_target_python2_7 python_targets_python2_7
sys-apps/iproute2 iptables
sys-apps/systemd acl nat pam

2
appliances/docker/world
View File

@ -1,2 +0,0 @@
app-emulation/docker
app-emulation/docker-compose

40
appliances/elasticsearch/Makefile
View File

@ -1,40 +0,0 @@
ES_HOME ?= /var/lib/elasticsearch
ES_VER ?= 6.5.1
ES_TARBALL = elasticsearch-$(ES_VER).tar.gz
ES_URL = https://artifacts.elastic.co/downloads/elasticsearch/$(ES_TARBALL)
preinstall:
create_user:
-RUN useradd --system \
--comment "Elastic Search" \
--home-dir=$(ES_HOME) \
--create-home \
elastic
install_elasticsearch:
RUN test -f /usr/portage/distfiles/$(ES_TARBALL) || \
RUN wget -P /usr/portage/distfiles $(ES_URL)
RUN tar xf /usr/portage/distfiles/$(ES_TARBALL) -C $(ES_HOME)
RUN sh -c 'cd $(ES_HOME) && ln -s elasticsearch-$(ES_VER)/* .'
install_license:
RUN sh -c 'cd $(ES_HOME) && ./bin/plugin install license'
install_marvel: install_license
RUN sh -c 'cd $(ES_HOME) && ./bin/plugin install marvel-agent'
echo 'marvel.agent.enabled: false' >> $(CHROOT)/$(ES_HOME)/config/elasticsearch.yml
postinstall: elasticsearch.service
$(MAKE) create_user
RUN rm -rf $(ES_HOME)
RUN mkdir -p $(ES_HOME)
$(MAKE) install_elasticsearch
RUN chown -R elastic:elastic $(ES_HOME)
COPY elasticsearch.service /etc/systemd/system
RUN systemctl enable elasticsearch.service
clean:
.PHONY: create_user preinstall postinstall clean install_elasticsearch install_marvel install_license

13
appliances/elasticsearch/elasticsearch.service
View File

@ -1,13 +0,0 @@
[Unit]
Description = ElasticSearch full-text search and analytics engine
After = network.target
[Service]
User = elastic
Group = elastic
LimitNOFILE=65536
Environment=ES_HOME=/var/lib/elasticsearch
ExecStart = /var/lib/elasticsearch/bin/elasticsearch
[Install]
WantedBy = multi-user.target

1
appliances/elasticsearch/make.conf
View File

@ -1 +0,0 @@
PYTHON_SINGLE_TARGET=python3_6

1
appliances/elasticsearch/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

14
appliances/elasticsearch/package.use
View File

@ -1,14 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill

1
appliances/elasticsearch/world
View File

@ -1 +0,0 @@
dev-java/icedtea-bin:8

36
appliances/jenkins/Makefile
View File

@ -1,36 +0,0 @@
JENKINS_HOME ?= /var/lib/jenkins
JENKINS_URL = http://mirrors.jenkins-ci.org/war/latest/jenkins.war
preinstall:
create_user:
-RUN useradd --system \
--comment "Jenkins CI" \
--home-dir=$(JENKINS_HOME) \
--create-home \
jenkins
$(CHROOT)/$(JENKINS_HOME)/jenkins.war:
RUN wget -O $(JENKINS_HOME)/jenkins.war $(JENKINS_URL)
install_jenkins:
$(MAKE) $(CHROOT)/$(JENKINS_HOME)/jenkins.war
postinstall: jenkins.service nginx.conf
$(MAKE) create_user
RUN rm -rf $(JENKINS_HOME)
RUN mkdir -p $(JENKINS_HOME)
$(MAKE) install_jenkins
RUN chown -R jenkins:jenkins $(JENKINS_HOME)
COPY jenkins.service /etc/systemd/system
RUN systemctl enable jenkins.service
COPY nginx.conf /etc/nginx/nginx.conf
RUN systemctl enable nginx.service
clean:
.PHONY: create_user preinstall postinstall clean install_jenkins

13
appliances/jenkins/jenkins.service
View File

@ -1,13 +0,0 @@
[Unit]
Description = An extensible open source continuous integration server
After = network.target
Wants = nginx.service
[Service]
User = jenkins
Group = jenkins
Environment=JENKINS_HOME=/var/lib/jenkins
ExecStart = /usr/bin/java -jar ${JENKINS_HOME}/jenkins.war
[Install]
WantedBy = multi-user.target

3
appliances/jenkins/make.conf
View File

@ -1,3 +0,0 @@
# Settings for TeamPlayer
NGINX_MODULES_HTTP="auth_basic gzip proxy referer rewrite headers_more uwsgi"
PYTHON_SINGLE_TARGET=python3_6

82
appliances/jenkins/nginx.conf
View File

@ -1,82 +0,0 @@
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 0.0.0.0;
server_name localhost;
access_log /var/log/nginx/jenkins.access_log main;
error_log /var/log/nginx/jenkins.error_log info;
root /var/www/jenkins/htdocs;
location / {
sendfile off;
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
}
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name localhost;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/jenkins.ssl_access_log main;
# error_log /var/log/nginx/jenkins.ssl_error_log info;
# root /var/www/jenkins/htdocs;
#}
}

1
appliances/jenkins/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

7
appliances/jenkins/world
View File

@ -1,7 +0,0 @@
dev-java/icedtea-bin
dev-python/setuptools
dev-python/virtualenv
dev-vcs/git
dev-vcs/mercurial
dev-vcs/subversion
www-servers/nginx

19
appliances/mariadb/Makefile
View File

@ -1,19 +0,0 @@
system_conf = $(CHROOT)/etc/mysql/my.cnf
root_conf = $(CHROOT)/root/.my.cnf
preinstall:
$(system_conf): my.cnf
cp my.cnf $(system_conf)
$(root_conf): my.cnf.root
cp my.cnf.root $(root_conf)
chmod 0600 $(root_conf)
postinstall: $(system_conf) $(root_conf)
rm -rf $(CHROOT)/var/lib/mysql
RUN bash -c 'yes gentoo | emerge --config dev-db/mariadb'
RUN systemctl enable mariadb
clean:

139
appliances/mariadb/my.cnf
View File

@ -1,139 +0,0 @@
# /etc/mysql/my.cnf: The global mysql configuration file.
# $Id$
# The following options will be passed to all MySQL clients
[client]
#password = your_password
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysql]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[mysqladmin]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[mysqlcheck]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[mysqldump]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[mysqlimport]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[mysqlshow]
character-sets-dir=/usr/share/mysql/charsets
default-character-set=utf8
[myisamchk]
character-sets-dir=/usr/share/mysql/charsets
[myisampack]
character-sets-dir=/usr/share/mysql/charsets
# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations
[mysqld]
character-set-server = utf8
user = mysql
port = 3306
socket = /var/run/mysqld/mysqld.sock
pid-file = /var/run/mysqld/mysqld.pid
log-error = /var/log/mysql/mysqld.err
basedir = /usr
datadir = /var/lib/mysql
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 4M
table_open_cache = 400
sort_buffer_size = 512K
net_buffer_length = 16K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
lc_messages_dir = /usr/share/mysql
#Set this to your desired error message language
lc_messages = en_US
# security:
# using "localhost" in connects uses sockets by default
# skip-networking
#bind-address = 127.0.0.1
log-bin
server-id = 1
# point the following paths to different dedicated disks
tmpdir = /tmp/
#log-update = /path-to-dedicated-directory/hostname
# you need the debug USE flag enabled to use the following directives,
# if needed, uncomment them, start the server and issue
# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
# this will show you *exactly* what's happening in your server ;)
#log = /tmp/mysqld.sql
#gdb
#debug = d:t:i:o,/tmp/mysqld.trace
#one-thread
# the rest of the innodb config follows:
# don't eat too much memory, we're trying to be safe on 64Mb boxes
# you might want to bump this up a bit on boxes with more RAM
innodb_buffer_pool_size = 128M
#
# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-(
# and upstream wants things to be under /var/lib/mysql/, so that's the route
# we have to take for the moment
#innodb_data_home_dir = /var/lib/mysql/
#innodb_log_arch_dir = /var/lib/mysql/
#innodb_log_group_home_dir = /var/lib/mysql/
# you may wish to change this size to be more suitable for your system
# the max is there to avoid run-away growth on your machine
innodb_data_file_path = ibdata1:10M:autoextend:max:128M
# we keep this at around 25% of of innodb_buffer_pool_size
# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size)
innodb_log_file_size = 48M
# this is the default, increase it if you have very large transactions going on
innodb_log_buffer_size = 8M
# this is the default and won't hurt you
# you shouldn't need to tweak it
innodb_log_files_in_group=2
# see the innodb config docs, the other options are not always safe
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 50
innodb_file_per_table
# Uncomment this to get FEDERATED engine support
#plugin-load=federated=ha_federated.so
loose-federated
[mysqldump]
quick
max_allowed_packet = 16M
[mysql]
# uncomment the next directive if you are not familiar with SQL
#safe-updates
[isamchk]
key_buffer_size = 20M
sort_buffer_size = 20M
read_buffer = 2M
write_buffer = 2M
[myisamchk]
key_buffer_size = 20M
sort_buffer_size = 20M
read_buffer_size = 2M
write_buffer_size = 2M
[mysqlhotcopy]
interactive-timeout
[mariadb]

3
appliances/mariadb/my.cnf.root
View File

@ -1,3 +0,0 @@
[mysqladmin]
user = root
password = gentoo

4
appliances/mariadb/package.keywords
View File

@ -1,4 +0,0 @@
dev-db/mariadb ~amd64 ~x86
dev-db/mariadb-connector-c ~amd64 ~x86
dev-db/mysql-connector-c ~amd64 ~x86
sys-kernel/gentoo-sources ~amd64 ~x86

19
appliances/mariadb/package.use
View File

@ -1,19 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
# for mariadb
dev-db/mariadb innodb-snappy server sphinx
dev-db/mariadb-connector-c ssl
net-misc/curl ssl

1
appliances/mariadb/world
View File

@ -1 +0,0 @@
dev-db/mariadb

9
appliances/mongodb/Makefile
View File

@ -1,9 +0,0 @@
preinstall:
postinstall:
sed -i 's/127\.0\.0\.1/0.0.0.0/g' "$(CHROOT)"/etc/mongodb.conf
RUN systemctl enable mongodb.service
clean:

1
appliances/mongodb/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

24
appliances/mongodb/package.use
View File

@ -1,24 +0,0 @@
app-editors/nano ncurses
dev-db/mongodb python_targets_python2_7 ssl tools
dev-lang/python ssl threads xml
dev-libs/boost threads
dev-libs/libpcre cxx
dev-python/certifi python_targets_python2_7
dev-python/cheetah python_targets_python2_7
dev-python/markdown python_targets_python2_7
dev-python/setuptools python_targets_python2_7
dev-util/pkgconfig internal-glib
dev-util/scons python_targets_python2_7
net-misc/curl ssl
net-misc/dhcp client
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-apps/systemd acl
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill

1
appliances/mongodb/world
View File

@ -1 +0,0 @@
dev-db/mongodb

7
appliances/rabbitmq/Makefile
View File

@ -1,7 +0,0 @@
preinstall:
postinstall:
RUN systemctl enable rabbitmq.service
clean:

1
appliances/rabbitmq/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

24
appliances/rabbitmq/package.use
View File

@ -1,24 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
# for rabbitmq
dev-lang/erlang ssl
dev-python/appdirs python_targets_python2_7
dev-python/certifi python_targets_python2_7
dev-python/packaging python_targets_python2_7
dev-python/setuptools python_targets_python2_7
dev-python/simplejson python_targets_python2_7
dev-python/pyparsing python_targets_python2_7
dev-python/six python_targets_python2_7

1
appliances/rabbitmq/world
View File

@ -1 +0,0 @@
net-misc/rabbitmq-server

71
appliances/teamplayer/Makefile
View File

@ -1,71 +0,0 @@
TP_REPO ?= https://bitbucket.org/marduk/teamplayer
TP_BRANCH ?= default
TP_USER = teamplayer
TP_HOME = /opt/teamplayer
TP_DB = /var/lib/teamplayer
PYTHON = $(TP_HOME)/bin/python
PGVER = 11
INSTALL = install
AVAHI := NO
M4_DEFS += -D TP_USER=$(TP_USER) -D TP_HOME=$(TP_HOME) -D TP_DB=$(TP_DB) -D HOSTNAME=$(HOSTNAME) -D PGVER=$(PGVER)
M4C = $(M4) $(M4_DEFS)
rcdefault := /etc/runlevels/default
post_files = bash_profile settings.py teamplayer-pre.service
post_files += teamplayer-wsgi.service teamplayer-spindoctor.service
post_files += issue nginx.conf teamplayer.service
preinstall:
postinstall: $(post_files) $(SCROBBLER_AUTH) urls.py
RUN passwd -d postgres
rm -rf $(CHROOT)/var/lib/postgresql/$(PGVER)/data
RUN eselect postgresql unset
RUN eselect postgresql set $(PGVER)
RUN bash -c "echo y |$(EMERGE) --config postgresql:$(PGVER)"
ifeq ($(AVAHI),YES)
RUN $(EMERGE) --noreplace $(USEPKG) net-dns/avahi
RUN rm -f /etc/avahi/services/*
COPY teamplayer.service /etc/avahi/services
RUN systemctl enable avahi-daemon.service
endif
RUN $(EMERGE) --oneshot --noreplace $(USEPKG) dev-python/setuptools dev-python/virtualenv dev-vcs/mercurial
RUN getent passwd $(TP_USER) || \
RUN useradd -c "Teamplayer Server" -G postgres -U -d $(TP_HOME) $(TP_USER)
rm -rf $(CHROOT)/$(TP_HOME)
mkdir -p $(CHROOT)/$(TP_HOME)
COPY bash_profile $(TP_HOME)/.bash_profile
RUN virtualenv $(TP_HOME)
#RUN bash -c ". $(TP_HOME)/bin/activate ; LANG=en_US.utf8 pip install --no-cache-dir hg+$(TP_REPO)@$(TP_BRANCH)"
RUN --setenv=LANG=en_US.utf8 $(PYTHON) -m pip install --no-cache-dir hg+$(TP_REPO)@$(TP_BRANCH)
RUN $(PYTHON) -m pip install --no-cache-dir psycopg2 uwsgi Whoosh setproctitle
#RUN bash -c ". $(TP_HOME)/bin/activate ; pip install --no-cache-dir psycopg2 uwsgi Whoosh setproctitle"
#RUN bash -c ". $(TP_HOME)/bin/activate ; django-admin.py startproject project $(TP_HOME)"
RUN $(TP_HOME)/bin/django-admin startproject project $(TP_HOME)
chmod +x $(CHROOT)/$(TP_HOME)/manage.py
RUN ln -sf ../manage.py $(TP_HOME)/bin/manage
COPY urls.py $(TP_HOME)/project/urls.py
$(M4C) settings.py >> $(CHROOT)/$(TP_HOME)/project/settings.py
ifdef SCROBBLER_AUTH
cat $(SCROBBLER_AUTH) >> $(CHROOT)/$(TP_HOME)/project/settings.py
endif
RUN bash -c ". $(TP_HOME)/bin/activate; cd $(TP_HOME); DJANGO_SETTINGS_MODULE=project.settings $(TP_HOME)/manage.py collectstatic --noinput"
RUN $(INSTALL) -d -o $(TP_USER) -g $(TP_USER) $(TP_DB)
RUN $(INSTALL) -d -o $(TP_USER) -g $(TP_USER) $(TP_DB)/songs
RUN mkdir -p $(TP_HOME)/library
RUN chown -R $(TP_USER):$(TP_USER) $(TP_HOME)
RUN $(INSTALL) -d -o $(TP_USER) -g $(TP_USER) $(TP_DB)/mpd
$(M4C) teamplayer-pre.service > $(CHROOT)/etc/systemd/system/teamplayer-pre.service
$(M4C) teamplayer-wsgi.service > $(CHROOT)/etc/systemd/system/teamplayer-wsgi.service
$(M4C) teamplayer-spindoctor.service > $(CHROOT)/etc/systemd/system/teamplayer-spindoctor.service
COPY issue /etc/issue
$(M4C) nginx.conf > $(CHROOT)/etc/nginx/nginx.conf
RUN gpasswd -a nginx teamplayer
RUN systemctl enable teamplayer-wsgi.service
RUN systemctl enable teamplayer-spindoctor.service
RUN $(EMERGE) --depclean --with-bdeps=n
clean:

5
appliances/teamplayer/bash_profile
View File

@ -1,5 +0,0 @@
export DJANGO_SETTINGS_MODULE='project.settings'
export PYTHONPATH="$HOME"
PATH="$HOME/bin:$PATH"
export LANG="en_US.UTF-8"
. activate

5
appliances/teamplayer/issue
View File

@ -1,5 +0,0 @@
 ------------------------------------------------------------------------------
TEAMPLAYER CONSOLE
------------------------------------------------------------------------------

5
appliances/teamplayer/make.conf
View File

@ -1,5 +0,0 @@
# Settings for TeamPlayer
NGINX_MODULES_HTTP="auth_basic gzip proxy referer rewrite headers_more uwsgi"
USE_PYTHON="3.6"
PYTHON_TARGETS="python3_6"

82
appliances/teamplayer/nginx.conf
View File

@ -1,82 +0,0 @@
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
client_max_body_size 100000k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 0.0.0.0;
server_name HOSTNAME;
location /static/ {
alias TP_HOME/static/;
}
location / {
uwsgi_pass unix://TP_DB/teamplayer.sock;
include /etc/nginx/uwsgi_params;
}
access_log /var/log/nginx/HOSTNAME.access_log main;
error_log /var/log/nginx/HOSTNAME.error_log info;
root /var/www/localhost/htdocs;
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name localhost;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/localhost.ssl_access_log main;
# error_log /var/log/nginx/localhost.ssl_error_log info;
# root /var/www/localhost/htdocs;
#}
}

7
appliances/teamplayer/package.accept_keywords
View File

@ -1,7 +0,0 @@
app-eselect/eselect-postgresql
dev-db/postgresql
dev-python/pip
dev-python/virtualenv
media-sound/mpd
sys-kernel/gentoo-sources
virtual/python-imaging

0
appliances/teamplayer/package.mask
View File

26
appliances/teamplayer/package.use
View File

@ -1,26 +0,0 @@
app-editors/nano ncurses
dev-db/postgresql server
dev-lang/python sqlite ssl threads xml
dev-python/certifi python_targets_python2_7
dev-python/cffi python_targets_python2_7
dev-python/ply python_targets_python2_7
dev-python/pycparser python_targets_python2_7
dev-python/setuptools python_targets_python2_7
dev-python/zstandard python_targets_python2_7
dev-util/pkgconfig internal-glib
dev-vcs/mercurial python_targets_python2_7
media-libs/flac ogg
media-sound/mpd faad audiofile ffmpeg flac inotify id3tag lame network ogg opus vorbis mad sqlite unicode
media-video/ffmpeg cpudetection mp3 network threads x264
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
virtual/ffmpeg x264 mp3
www-servers/nginx http

143
appliances/teamplayer/settings.py
View File

@ -1,143 +0,0 @@
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'ej83nbqy(+nvr9&mwf8)zvz*4f)h0b@6s@%%f9tnk2ks9cfvx&'
DEBUG = False
ALLOWED_HOSTS = ['*']
# Application definition
INSTALLED_APPS = [
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.humanize',
'haystack',
'rest_framework',
'teamplayer',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'teamplayer.middleware.TeamPlayerMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'project.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'project.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql_psycopg2',
'NAME': 'teamplayer',
'HOST': '',
'PASSWORD': '',
'PORT': '',
'CONN_MAX_AGE': 300,
}
}
# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
AUTH_PROFILE_MODULE = 'teamplayer.UserProfile'
LOGIN_REDIRECT_URL = '/'
REST_FRAMEWORK = {
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
],
}
# Internationalization
# https://docs.djangoproject.com/en/1.10/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.10/howto/static-files/
STATIC_URL = '/static/'
STATIC_ROOT = 'TP_HOME' + '/static/'
MEDIA_ROOT = 'TP_DB'
`TP_HOME' = 'TP_HOME'
HAYSTACK_CONNECTIONS = {
'default': {
'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine',
'PATH': os.path.join(`TP_HOME', 'library_index'),
},
}
HAYSTACK_SIGNAL_PROCESSOR = 'haystack.signals.RealtimeSignalProcessor'
HAYSTACK_CUSTOM_HIGHLIGHTER = 'teamplayer.library.Highlighter'
TEAMPLAYER = {
'STREAM_URL': '/stream.mp3',
'MPD_HOME': 'TP_DB/mpd',
'MPD_LOG': '/dev/null',
'UPLOADED_LIBRARY_DIR': 'TP_HOME/library',
'CROSSFADE': 5,
'SHAKE_THINGS_UP': 7,
'ALWAYS_SHAKE_THINGS_UP': True,
'AUTOFILL_STRATEGY': 'contiguous',
'HTTP_PORT': 8000,
}

15
appliances/teamplayer/teamplayer-pre.service
View File

@ -1,15 +0,0 @@
[Unit]
Description=TeamPlayer (Pre)
Documentation=https://bitbucket.org/marduk/teamplayer/
Requires=postgresql-PGVER.service
After=postgresql-PGVER.service
[Service]
Type=oneshot
User=TP_USER
Environment=PYTHONPATH=TP_HOME
Environment=DJANGO_SETTINGS_MODULE=project.settings
WorkingDirectory=TP_HOME
ExecStart=-/usr/bin/createuser -U postgres -D -S -R TP_USER
ExecStart=-/usr/bin/createdb -U postgres TP_USER
ExecStart=TP_HOME/bin/python manage.py migrate --noinput

16
appliances/teamplayer/teamplayer-spindoctor.service
View File

@ -1,16 +0,0 @@
[Unit]
Description=TeamPlayer Spin Doctor
Documentation=https://bitbucket.org/marduk/teamplayer/
Requires=teamplayer-pre.service
After=teamplayer-pre.service
After=teamplayer-wsgi.service
[Service]
User=TP_USER
Environment=PYTHONPATH=TP_HOME
Environment=DJANGO_SETTINGS_MODULE=project.settings
WorkingDirectory=TP_HOME
ExecStart=TP_HOME/bin/python manage.py spindoctor --verbosity=2
[Install]
WantedBy=multi-user.target

23
appliances/teamplayer/teamplayer-wsgi.service
View File

@ -1,23 +0,0 @@
[Unit]
Description=TeamPlayer WSGI Server
Documentation=https://bitbucket.org/marduk/teamplayer/
Requires=teamplayer-pre.service
After=teamplayer-pre.service
Wants=nginx.service
[Service]
Type=notify
User=teamplayer
WorkingDirectory=/opt/teamplayer
Environment=PYTHONPATH=/opt/teamplayer
Environment=DJANGO_SETTINGS_MODULE=project.settings
WorkingDirectory=/opt/teamplayer
ExecStart=/opt/teamplayer/bin/uwsgi --master -p 4 \
--socket=TP_DB/teamplayer.sock \
--chmod=660 -w project.wsgi --uid=teamplayer --gid=teamplayer \
--pidfile=TP_DB/teamplayer.pid
PIDFile=TP_DB/teamplayer.pid
KillSignal=SIGQUIT
[Install]
WantedBy=multi-user.target

7
appliances/teamplayer/teamplayer.service
View File

@ -1,7 +0,0 @@
<service-group>
<name>TeamPlayer</name>
<service>
<type>_http._tcp</type>
<port>80</port>
</service>
</service-group>

8
appliances/teamplayer/urls.py
View File

@ -1,8 +0,0 @@
from django.conf.urls import include, url
from django.contrib.auth.views import LoginView
urlpatterns = [
url(r'^accounts/login/$', LoginView.as_view()),
url(r'', include('teamplayer.urls')),
]

3
appliances/teamplayer/world
View File

@ -1,3 +0,0 @@
dev-db/postgresql:11
media-sound/mpd
www-servers/nginx

19
appliances/vabuilder/Makefile
View File

@ -1,19 +0,0 @@
VABUILDER_HOME = /var/lib/vabuilder
VABUILDER_REPO = https://bitbucket.org/marduk/virtual-appliance/
VABUILDER_REV = default
M4_DEFS += -D VABUILDER_HOME=$(VABUILDER_HOME) -D HOSTNAME=$(HOSTNAME)
M4C = $(M4) $(M4_DEFS)
preinstall:
postinstall: nginx.conf.m4
RUN rm -rf $(VABUILDER_HOME)
RUN hg clone -u $(VABUILDER_REV) $(VABUILDER_REPO) $(VABUILDER_HOME)
RUN ln -nsf $(VABUILDER_HOME) /root/vabuilder
$(M4C) nginx.conf.m4 > $(CHROOT)/etc/nginx/nginx.conf
RUN systemctl enable nginx.service
clean:

2
appliances/vabuilder/make.conf
View File

@ -1,2 +0,0 @@
PYTHON_SINGLE_TARGET=python3_6
NGINX_MODULES_HTTP="auth_basic fancyindex gzip proxy referer rewrite headers_more uwsgi"

80
appliances/vabuilder/nginx.conf.m4
View File

@ -1,80 +0,0 @@
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 0.0.0.0;
server_name HOSTNAME;
access_log /var/log/nginx/HOSTNAME.access_log main;
error_log /var/log/nginx/HOSTNAME.error_log info;
root /var/www/localhost/htdocs;
location /images/ {
alias VABUILDER_HOME/images/;
fancyindex on;
fancyindex_exact_size off;
fancyindex_localtime on;
}
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name HOSTNAME;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/HOSTNAME.ssl_access_log main;
# error_log /var/log/nginx/HOSTNAME.ssl_error_log info;
# root /var/www/localhost/htdocs;
#}
}

1
appliances/vabuilder/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

20
appliances/vabuilder/package.use
View File

@ -1,20 +0,0 @@
app-editors/nano ncurses
dev-lang/python ssl threads xml
dev-libs/libpcre cxx
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-apps/portage ipc
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-kernel/gentoo-sources symlink
sys-process/procps kill
# appliance-specific
app-emulation/qemu python_targets_python2_7
dev-lang/python ncurses readline
dev-vcs/mercurial python_targets_python2_7
www-servers/nginx http

6
appliances/vabuilder/world
View File

@ -1,6 +0,0 @@
app-emulation/qemu
dev-libs/glib
dev-vcs/git
dev-vcs/mercurial
sys-block/parted
www-servers/nginx

14
appliances/x/Makefile
View File

@ -1,14 +0,0 @@
xdm_files := $(wildcard xdm/*)
xdm_targets := $(patsubst %,$(CHROOT)/etc/X11/%,$(xdm_files))
$(CHROOT)/etc/X11/xdm/%: xdm/%
cp $< $@
preinstall:
postinstall: $(xdm_targets)
RUN systemctl enable xdm
clean:

5
appliances/x/make.conf
View File

@ -1,5 +0,0 @@
PYTHON_TARGETS="python3_6"
PYTHON_SINGLE_TARGET="python3_6"
VIDEO_CARDS=""
INPUT_DEVICES=""
INSTALL_MASK="$INSTALL_MASK /etc/X11/xdm/Xaccess /etc/X11/xdm/xdm-config /etc/X11/xdm/Xservers"

1
appliances/x/package.keywords
View File

@ -1 +0,0 @@
sys-kernel/gentoo-sources ~amd64 ~x86

12
appliances/x/package.use
View File

@ -1,12 +0,0 @@
dev-lang/python ssl xml
dev-libs/libxml2 python
dev-util/pkgconfig internal-glib
net-misc/openssh ssl
net-misc/wget ssl
sys-apps/hwids udev
sys-apps/kmod tools
sys-apps/net-tools hostname
sys-auth/pambase nullok sha512
sys-devel/gcc cxx nptl
sys-process/procps kill
x11-base/xorg-server minimal xorg

33
appliances/x/world
View File

@ -1,33 +0,0 @@
x11-apps/xcalc
x11-apps/xdm
x11-apps/xedit
x11-apps/xeyes
x11-apps/xload
x11-apps/xlogo
x11-apps/iceauth
x11-apps/mkfontdir
x11-apps/mkfontscale
x11-apps/sessreg
x11-apps/setxkbmap
x11-apps/xauth
x11-apps/xbacklight
x11-apps/xdpyinfo
x11-apps/xev
x11-apps/xgamma
x11-apps/xhost
x11-apps/xinput
x11-apps/xkbcomp
x11-apps/xkill
x11-apps/xlsatoms
x11-apps/xlsclients
x11-apps/xmodmap
x11-apps/xprop
x11-apps/xrandr
x11-apps/xrdb
x11-apps/xrefresh
x11-apps/xset
x11-apps/xsetroot
x11-apps/xvinfo
x11-apps/xwd
x11-apps/xwininfo
x11-apps/xwud

101
appliances/x/xdm/Xaccess
View File

@ -1,101 +0,0 @@
# $XdotOrg: Xaccess,v 1.3 2000/08/17 19:54:17 cpqbld Exp $
# $Xorg: Xaccess,v 1.3 2000/08/17 19:54:17 cpqbld Exp $
# $XFree86: xc/programs/xdm/config/Xaccess,v 1.4 2003/07/09 15:27:40 tsi Exp $
#
# Access control file for XDMCP connections
#
# To control Direct and Broadcast access:
#
# pattern
#
# To control Indirect queries:
#
# pattern list of hostnames and/or macros ...
#
# To use the chooser:
#
# pattern CHOOSER BROADCAST
#
# or
#
# pattern CHOOSER list of hostnames and/or macros ...
#
# To define macros:
#
# %name list of hosts ...
#
# To control which addresses xdm listens for requests on:
#
# LISTEN address [list of multicast groups ... ]
#
# The first form tells xdm which displays to respond to itself.
# The second form tells xdm to forward indirect queries from hosts matching
# the specified pattern to the indicated list of hosts.
# The third form tells xdm to handle indirect queries using the chooser;
# the chooser is directed to send its own queries out via the broadcast
# address and display the results on the terminal.
# The fourth form is similar to the third, except instead of using the
# broadcast address, it sends DirectQuerys to each of the hosts in the list
# The fifth form tells xdm which addresses to listen for incoming connections
# on. If present, xdm will only listen for connections on the specified
# interfaces and/or multicast groups.
#
# In all cases, xdm uses the first entry which matches the terminal;
# for IndirectQuery messages only entries with right hand sides can
# match, for Direct and Broadcast Query messages, only entries without
# right hand sides can match.
#
* #any host can get a login window
#
# To hardwire a specific terminal to a specific host, you can
# leave the terminal sending indirect queries to this host, and
# use an entry of the form:
#
#terminal-a host-a
#
# The nicest way to run the chooser is to just ask it to broadcast
# requests to the network - that way new hosts show up automatically.
# Sometimes, however, the chooser can't figure out how to broadcast,
# so this may not work in all environments.
#
#* CHOOSER BROADCAST #any indirect host can get a chooser
#
# If you'd prefer to configure the set of hosts each terminal sees,
# then just uncomment these lines (and comment the CHOOSER line above)
# and edit the %hostlist line as appropriate
#
#%hostlist host-a host-b
#* CHOOSER %hostlist #
#
# If you have a machine with multiple network interfaces or IP addresses
# you can control which interfaces accept XDMCP packets by listing a LISTEN
# line for each interface you want to listen on. You can additionally list
# one or more multicast groups after each address to listen on those groups
# on that address.
#
# If no LISTEN is specified, the default is the same as "LISTEN *" - listen on
# all unicast interfaces, but not for multicast packets. If any LISTEN lines
# are specified, then only the listed interfaces will be listened on.
#
# IANA has assigned FF0X:0:0:0:0:0:0:12B as the permanently assigned
# multicast addresses for XDMCP, where X in the prefix may be replaced
# by any valid scope identifier, such as 1 for Node-Local, 2 for Link-Local,
# 5 for Site-Local, and so on. The default is equivalent to the example shown
# here using the Link-Local version to most closely match the old IPv4 subnet
# broadcast behavior.
#
# LISTEN * ff02:0:0:0:0:0:0:12b
# This example shows listening for multicast on all scopes up to site-local
#
# LISTEN * ff01:0:0:0:0:0:0:12b ff02:0:0:0:0:0:0:12b ff03:0:0:0:0:0:0:12b ff04:0:0:0:0:0:0:12b ff05:0:0:0:0:0:0:12b

13
appliances/x/xdm/Xservers
View File

@ -1,13 +0,0 @@
# $Xorg: Xserv.ws.cpp,v 1.3 2000/08/17 19:54:17 cpqbld Exp $
#
# Xservers file, workstation prototype
#
# This file should contain an entry to start the server on the
# local display; if you have more than one display (not screen),
# you can add entries to the list (one per line). If you also
# have some X terminals connected which do not support XDMCP,
# you can add them here as well. Each X terminal line should
# look like:
# XTerminalName:0 foreign
#
#:0 local /usr/bin/X :0 vt7

41
appliances/x/xdm/xdm-config
View File

@ -1,41 +0,0 @@
! $Xorg: xdm-conf.cpp,v 1.3 2000/08/17 19:54:17 cpqbld Exp $
! $XdotOrg: $
!
!
!
!
! $XFree86: xc/programs/xdm/config/xdm-conf.cpp,v 1.10 2002/11/30 19:11:32 herrb Exp $
!
DisplayManager.errorLogFile: /var/log/xdm.log
DisplayManager.pidFile: /var/run/xdm.pid
DisplayManager.keyFile: /etc/X11/xdm/xdm-keys
DisplayManager.servers: /etc/X11/xdm/Xservers
DisplayManager.accessFile: /etc/X11/xdm/Xaccess
DisplayManager*resources: /etc/X11/xdm/Xresources
DisplayManager.willing: /usr/lib/X11/xdm/Xwilling
! All displays should use authorization, but we cannot be sure
! X terminals may not be configured that way, so they will require
! individual resource settings.
DisplayManager*authorize: true
!
DisplayManager*chooser: /usr/lib/X11/xdm/chooser
DisplayManager*startup: /usr/lib/X11/xdm/Xstartup
DisplayManager*session: /usr/lib/X11/xdm/Xsession
DisplayManager*reset: /usr/lib/X11/xdm/Xreset
DisplayManager*authComplain: true
! The following three resources set up display :0 as the console.
DisplayManager._0.setup: /usr/lib/X11/xdm/Xsetup_0
DisplayManager._0.startup: /usr/lib/X11/xdm/GiveConsole
DisplayManager._0.reset: /usr/lib/X11/xdm/TakeConsole
DisplayManager*loginmoveInterval: 10
! SECURITY: do not listen for XDMCP or Chooser requests
! Comment out this line if you want to manage X terminals with xdm
! DisplayManager.requestPort: 0