Commit graph

31 commits

Author SHA1 Message Date
8a556f59d3
test: initialize local apt repository for testing
This with the combination of `podman run --rm -v "$PWD:/tmp/shione" -it
debian:stable /bin/bash` allows me to quickly install packages to
validate that the installation process is valid. Post-deployment
failures/mis-configurations are another problem.
2024-10-08 22:56:46 +02:00
cd8f0e853f
nginx: generate certificates for test targets
Podman will be used to test the generated Debian packages to ensure that
they work properly. However, this means that it is NOT shione and
therefore cannot solve letsencrypt challenge among many other things
that can only be done by shione. The goal is to have a staging area that
can mock the latter.
2024-10-08 22:53:57 +02:00
207bf43a8b
cgit: implement initial postinstall logic
Mainly creating `git` user if missing as well as restarting relevant
systemd services.
2024-10-08 22:53:01 +02:00
394d13aaaa
gitignore: ignore build ans wireguard directories 2024-10-08 22:52:10 +02:00
bf417c04a1
gbp: set build directory to ./build 2024-10-08 22:51:37 +02:00
52ec354da9
ssh: limit overall login attempts and interactions
Additionally also disable any unnecessary/unused features by default.
2024-10-08 22:49:47 +02:00
ceeba484f6
nginx: fix nginx default config path to be hidden 2024-10-08 22:49:01 +02:00
56a088c5db
nginx: drop letsencrypt conf in favor of mozilla ssl
`certbox` argument parsing and plugin management isn't very suitable
when it comes to automating nginx configuration through Debian
packaging. It is not possible to instruct it to *only* generate
letsencrypt ssl configuration for nginx which breaks the postinst
script. Also missing fancyindex dependency was added.
2024-10-08 22:42:54 +02:00
e43be67041
cgit: add missing comma in dependencies list 2024-10-08 22:38:32 +02:00
74ab982cf1
nftables: fix broken displace logic
It seems that my package was broken due to a somewhat misinterpretation
of `config-package-dev` documentation.
2024-10-08 22:35:31 +02:00
bc1e6e4ca6
cgit: postinst: enable and start fcgiwrap service 2024-08-29 00:56:58 +02:00
057c70453f
cgit: init config package 2024-08-29 00:54:49 +02:00
4b786bf6c7
wireguard: postinst: enable and start wg0 service 2024-08-28 22:12:40 +02:00
1c18557adc
nginx: postinst: setup certbot and restart service 2024-08-28 22:11:24 +02:00
eac275250a
build: explicitly call gbp with --export-dir=WC 2024-08-27 22:40:56 +02:00
f1deb27e4e
gbp: git export current working copy 2024-08-27 22:22:56 +02:00
196cb5c2be
clean: remove debhelper artifacts
TODO: Maybe gbp supports this already?
2024-08-27 22:22:07 +02:00
12866b24a3
wireguard: add trailing slash 2024-08-27 22:22:07 +02:00
7832894da0
nftables: add missing comma 2024-08-27 22:22:07 +02:00
f49f9dff3d
todo: integrate deb-systemd-invoke 2024-08-27 22:22:07 +02:00
c1ccf5ae7d
build: copy wireguard secrets 2024-08-27 22:22:07 +02:00
3bdf09e661
wireguard: document initial setup 2024-08-27 22:22:06 +02:00
3ef40e24e4
wireguard: init config package 2024-08-27 22:22:06 +02:00
9a6e5684fa
nginx: init config package 2024-08-27 22:22:06 +02:00
c4b3df829d
nftables: init config package 2024-08-27 22:22:06 +02:00
d6b858d610
openssh-server: init config package 2024-08-27 22:22:06 +02:00
ae9610a361
init gbp configuration 2024-08-27 22:22:05 +02:00
34ba3b0eb6
debian: init shione-config source package 2024-08-27 22:22:05 +02:00
ef465844c9
license: agplv3 2024-08-27 22:22:05 +02:00
5aa7d77ef2
.gitignore: ignore misc artifacts and secret files 2024-08-27 22:22:05 +02:00
ba65814042
readme: init 2024-08-27 22:22:05 +02:00