8a556f59d3
test: initialize local apt repository for testing
...
This with the combination of `podman run --rm -v "$PWD:/tmp/shione" -it
debian:stable /bin/bash` allows me to quickly install packages to
validate that the installation process is valid. Post-deployment
failures/mis-configurations are another problem.
2024-10-08 22:56:46 +02:00
cd8f0e853f
nginx: generate certificates for test targets
...
Podman will be used to test the generated Debian packages to ensure that
they work properly. However, this means that it is NOT shione and
therefore cannot solve letsencrypt challenge among many other things
that can only be done by shione. The goal is to have a staging area that
can mock the latter.
2024-10-08 22:53:57 +02:00
207bf43a8b
cgit: implement initial postinstall logic
...
Mainly creating `git` user if missing as well as restarting relevant
systemd services.
2024-10-08 22:53:01 +02:00
394d13aaaa
gitignore: ignore build ans wireguard directories
2024-10-08 22:52:10 +02:00
bf417c04a1
gbp: set build directory to ./build
2024-10-08 22:51:37 +02:00
52ec354da9
ssh: limit overall login attempts and interactions
...
Additionally also disable any unnecessary/unused features by default.
2024-10-08 22:49:47 +02:00
ceeba484f6
nginx: fix nginx default config path to be hidden
2024-10-08 22:49:01 +02:00
56a088c5db
nginx: drop letsencrypt conf in favor of mozilla ssl
...
`certbox` argument parsing and plugin management isn't very suitable
when it comes to automating nginx configuration through Debian
packaging. It is not possible to instruct it to *only* generate
letsencrypt ssl configuration for nginx which breaks the postinst
script. Also missing fancyindex dependency was added.
2024-10-08 22:42:54 +02:00
e43be67041
cgit: add missing comma in dependencies list
2024-10-08 22:38:32 +02:00
74ab982cf1
nftables: fix broken displace logic
...
It seems that my package was broken due to a somewhat misinterpretation
of `config-package-dev` documentation.
2024-10-08 22:35:31 +02:00
bc1e6e4ca6
cgit: postinst: enable and start fcgiwrap service
2024-08-29 00:56:58 +02:00
057c70453f
cgit: init config package
2024-08-29 00:54:49 +02:00
4b786bf6c7
wireguard: postinst: enable and start wg0 service
2024-08-28 22:12:40 +02:00
1c18557adc
nginx: postinst: setup certbot and restart service
2024-08-28 22:11:24 +02:00
eac275250a
build: explicitly call gbp with --export-dir=WC
2024-08-27 22:40:56 +02:00
f1deb27e4e
gbp: git export current working copy
2024-08-27 22:22:56 +02:00
196cb5c2be
clean: remove debhelper artifacts
...
TODO: Maybe gbp supports this already?
2024-08-27 22:22:07 +02:00
12866b24a3
wireguard: add trailing slash
2024-08-27 22:22:07 +02:00
7832894da0
nftables: add missing comma
2024-08-27 22:22:07 +02:00
f49f9dff3d
todo: integrate deb-systemd-invoke
2024-08-27 22:22:07 +02:00
c1ccf5ae7d
build: copy wireguard secrets
2024-08-27 22:22:07 +02:00
3bdf09e661
wireguard: document initial setup
2024-08-27 22:22:06 +02:00
3ef40e24e4
wireguard: init config package
2024-08-27 22:22:06 +02:00
9a6e5684fa
nginx: init config package
2024-08-27 22:22:06 +02:00
c4b3df829d
nftables: init config package
2024-08-27 22:22:06 +02:00
d6b858d610
openssh-server: init config package
2024-08-27 22:22:06 +02:00
ae9610a361
init gbp configuration
2024-08-27 22:22:05 +02:00
34ba3b0eb6
debian: init shione-config source package
2024-08-27 22:22:05 +02:00
ef465844c9
license: agplv3
2024-08-27 22:22:05 +02:00
5aa7d77ef2
.gitignore: ignore misc artifacts and secret files
2024-08-27 22:22:05 +02:00
ba65814042
readme: init
2024-08-27 22:22:05 +02:00
