tuto3: Ready for 2023
This commit is contained in:
parent
d23dc76713
commit
33bc82e28c
53
tuto3.yml
53
tuto3.yml
@ -1,5 +1,5 @@
|
||||
kernel:
|
||||
image: linuxkit/kernel:5.10.92
|
||||
image: linuxkit/kernel:5.15.27
|
||||
# cmdline: "console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.token=LqCdJDfniA"
|
||||
cmdline: "console=tty0"
|
||||
|
||||
@ -130,8 +130,7 @@ services:
|
||||
- /var/lib/adlin/wks-rh1resolv.conf:/etc/resolv.conf
|
||||
|
||||
- name: mainrouter
|
||||
#image: nemunaire/adlin-tuto3:485bb9556ca3bc33e7fee16edd93c05f35eb1455
|
||||
image: nemunaire/router-tuto3:c07718ca23c03ff5033c4042f0cbeca6c26d4e6f
|
||||
image: nemunaire/router-tuto3:ad91a16906567e1dcf90b39519691bea16954053
|
||||
net: /run/netns/router
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -154,7 +153,7 @@ services:
|
||||
- /lib/preinit/30_failsafe_wait:/lib/preinit/30_failsafe_wait
|
||||
- /lib/preinit/99_10_failsafe_login:/lib/preinit/99_10_failsafe_login
|
||||
- name: matrix
|
||||
image: nemunaire/tinydeb:2ec3c0260da7242df267799dfe08fe2eb0d014b1
|
||||
image: nemunaire/tinydeb:642bb2fd0ed04a0f72ff21096c7aa656cce5d34f
|
||||
net: /run/netns/chat
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -170,7 +169,7 @@ services:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
- /etc/dresolv.conf:/etc/resolv.conf
|
||||
- name: ns-resolv
|
||||
image: nemunaire/resolver:4988e30d81f3b1782e7bc520d2d24123930d72a6
|
||||
image: nemunaire/resolver:37943d61abe99963ca57666576af76461add2948
|
||||
net: /run/netns/ns
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -186,7 +185,7 @@ services:
|
||||
- /etc/unbound:/etc/unbound:ro
|
||||
- /etc/services:/etc/services:ro
|
||||
- name: ns-auth
|
||||
image: nemunaire/nsd:b96e6b002e08afd42e4c77ee71766264c42cac57
|
||||
image: docker.io/nemunaire/nsd:37be535f826c14608bff17e2ab0688df526282c0
|
||||
net: /run/netns/ns-auth
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -209,7 +208,7 @@ services:
|
||||
- /var/lib/adlin/nsd
|
||||
- /var/lib/adlin/nsd-db
|
||||
- name: db
|
||||
image: postgres:alpine
|
||||
image: postgres:10-alpine
|
||||
net: /run/netns/db
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -221,7 +220,7 @@ services:
|
||||
- LANG=en_US.utf8
|
||||
- PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/"
|
||||
- PGDATA=/var/lib/postgresql/data
|
||||
- POSTGRES_PASSWORD=adlin2022
|
||||
- POSTGRES_PASSWORD=adlin2023
|
||||
binds:
|
||||
- /etc/services:/etc/services:ro
|
||||
- /initdb/:/docker-entrypoint-initdb.d/:ro
|
||||
@ -238,7 +237,7 @@ services:
|
||||
# env:
|
||||
# - MM_USERNAME=mattermost
|
||||
# - MM_DBNAME=mattermost
|
||||
# - MM_PASSWORD=adlin2022
|
||||
# - MM_PASSWORD=adlin2023
|
||||
# binds:
|
||||
# - /etc/services:/etc/services:ro
|
||||
# - /etc/hosts:/etc/hosts:ro
|
||||
@ -253,18 +252,18 @@ services:
|
||||
- all
|
||||
command: ["/bin/sh", "-c", "sleep 10; /usr/bin/miniflux"]
|
||||
env:
|
||||
- DATABASE_URL=postgres://miniflux:adlin2022@db/miniflux?sslmode=disable
|
||||
- DATABASE_URL=postgres://miniflux:adlin2023@db/miniflux?sslmode=disable
|
||||
- RUN_MIGRATIONS=1
|
||||
- CREATE_ADMIN=1
|
||||
- ADMIN_USERNAME=adeline
|
||||
- ADMIN_PASSWORD=adlin2022
|
||||
- ADMIN_PASSWORD=adlin2023
|
||||
- LISTEN_ADDR=0.0.0.0:8080
|
||||
binds:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
- /etc/dresolv.conf:/etc/resolv.conf
|
||||
- /etc/services:/etc/services:ro
|
||||
- name: web
|
||||
image: nemunaire/tinydeb:2ec3c0260da7242df267799dfe08fe2eb0d014b1
|
||||
image: nemunaire/tinydeb:642bb2fd0ed04a0f72ff21096c7aa656cce5d34f
|
||||
net: /run/netns/web
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -281,7 +280,7 @@ services:
|
||||
|
||||
# Workstation testers
|
||||
- name: minichecker-wks-rh2
|
||||
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
|
||||
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
|
||||
net: /run/netns/wks-rh2
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -291,7 +290,7 @@ services:
|
||||
- /var/lib/adlin/wks-rh2resolv.conf:/etc/resolv.conf
|
||||
- /var/lib/adlin/wireguard/:/etc/wireguard/:ro
|
||||
- name: minichecker-wks-dg1
|
||||
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
|
||||
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
|
||||
net: /run/netns/wks-dg1
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -302,7 +301,7 @@ services:
|
||||
- /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf
|
||||
- /var/lib/adlin/wireguard/:/etc/wireguard/:ro
|
||||
- name: minichecker-wks-cm1
|
||||
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
|
||||
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
|
||||
net: /run/netns/wks-cm1
|
||||
pid: new
|
||||
ipc: new
|
||||
@ -377,7 +376,7 @@ files:
|
||||
#!/bin/sh
|
||||
set -e
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
|
||||
CREATE USER miniflux WITH PASSWORD 'adlin2022';
|
||||
CREATE USER miniflux WITH PASSWORD 'adlin2023';
|
||||
CREATE DATABASE miniflux;
|
||||
GRANT ALL PRIVILEGES ON DATABASE miniflux TO miniflux;
|
||||
EOSQL
|
||||
@ -388,14 +387,14 @@ files:
|
||||
|
||||
- path: /initdb/init-matrix.sql
|
||||
contents: |
|
||||
CREATE USER matrix WITH PASSWORD 'adlin2022';
|
||||
CREATE USER matrix WITH PASSWORD 'adlin2023';
|
||||
CREATE DATABASE matrix ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0 OWNER matrix;
|
||||
GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
|
||||
mode: "0444"
|
||||
|
||||
- path: /initdb/init-website.sql
|
||||
contents: |
|
||||
CREATE USER website WITH PASSWORD 'adlin2022';
|
||||
CREATE USER website WITH PASSWORD 'adlin2023';
|
||||
CREATE DATABASE website ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0 OWNER website;
|
||||
GRANT ALL PRIVILEGES ON DATABASE website TO website;
|
||||
mode: "0444"
|
||||
@ -572,13 +571,13 @@ files:
|
||||
[ -f /var/lib/adlin/wrt-etc/config/network ] || cat > /var/lib/adlin/wrt-etc/config/network <<EOF
|
||||
|
||||
config interface 'loopback'
|
||||
option ifname 'lo'
|
||||
option device 'lo'
|
||||
option proto 'static'
|
||||
option ipaddr '127.0.0.1'
|
||||
option netmask '255.0.0.0'
|
||||
|
||||
config interface 'wan'
|
||||
option ifname 'eth0'
|
||||
option device 'eth0'
|
||||
option proto 'dhcp'
|
||||
|
||||
EOF
|
||||
@ -628,7 +627,7 @@ files:
|
||||
option endpoint_port '42912'
|
||||
|
||||
config interface 'srv'
|
||||
option ifname 'ethsrv'
|
||||
option device 'ethsrv'
|
||||
option proto 'static'
|
||||
option netmask '255.255.255.0'
|
||||
option ipaddr '172.23.42.1'
|
||||
@ -685,7 +684,7 @@ files:
|
||||
- path: /etc/init.d/800-rw-passwd.sh
|
||||
contents: |
|
||||
#!/bin/sh
|
||||
sed -ri '/^root/s@^root::.*$@root:$1$ChIJgCib$1IYTTG.wKCXqbo1RMEQCc0:18706:0:99999:7:::@' /var/lib/adlin/wrt-etc/shadow
|
||||
sed -ri '/^root/s@^root::.*$@root:$1$XMaL.0yJ$Z9imHkT2P9ddci.FeYhVK0:18706:0:99999:7:::@' /var/lib/adlin/wrt-etc/shadow
|
||||
mkdir -p /var/lib/adlin/wrt-etc/dropbear/
|
||||
[ -f /var/lib/adlin/authorized_keys ] && ! [ -f /var/lib/adlin/wrt-etc/dropbear/authorized_keys ] && cp /var/lib/adlin/authorized_keys /var/lib/adlin/wrt-etc/dropbear/authorized_keys
|
||||
|
||||
@ -697,11 +696,11 @@ files:
|
||||
|
||||
for svc in matrix ns-auth ns-resolv web
|
||||
do
|
||||
sed -ri '/^root/s@^.*$@root:$6$4/xWhDY0JERkg6eg$ZKglx2TQT2ITM525di2aOhda9r9L.kUjYArPTF5pVTzi3/SRe.My4Z5Cg9vabK0ax2kZ.lLPFHA8v7jw.0N/8.:18707:0:99999:7:::@' /containers/services/${svc}/rootfs/etc/shadow
|
||||
sed -ri '/^root/s@^.*$@root:$6$R0XGKnrwzA4kTcET$6JsBy0Ib7xzy3OUZLq81/Cu4XswmOzv4VmCBJ76jAq/lJ049rxrHsyzGhUY8TONLdlbKfm0.EhCKB4NLivdck/:18707:0:99999:7:::@' /containers/services/${svc}/rootfs/etc/shadow
|
||||
cp /etc/services /containers/services/${svc}/rootfs/etc/services
|
||||
mkdir -p /containers/services/${svc}/rootfs/root/.ssh
|
||||
[ -f /var/lib/adlin/authorized_keys ] && cp /var/lib/adlin/authorized_keys /containers/services/${svc}/rootfs/root/.ssh/authorized_keys
|
||||
nsenter -t $(ctr -n services.linuxkit t ls | grep ${svc} | awk '{ print $2 }') -a -- ssh-keygen -A
|
||||
nsenter -t $(ctr -n services.linuxkit t ls | grep ${svc} | awk '{ print $2 }') -a -- sh -c 'ssh-keygen -A; service sshd restart;'
|
||||
done
|
||||
|
||||
exit 0
|
||||
@ -718,7 +717,7 @@ files:
|
||||
contents: |
|
||||
#!/bin/sh
|
||||
sleep 20
|
||||
nsenter -t $(pgrep procd | head -1) -a -- curl -s -u adeline:adlin2022 -d @- http://172.23.42.6:8080/v1/import < /root/feeds.opml 2> /dev/null > /dev/null
|
||||
nsenter -t $(pgrep procd | head -1) -a -- curl -s -u adeline:adlin2023 -d @- http://172.23.42.6:8080/v1/import < /root/feeds.opml 2> /dev/null > /dev/null
|
||||
exit 0
|
||||
mode: "0555"
|
||||
|
||||
@ -907,7 +906,7 @@ files:
|
||||
|
||||
- path: etc/rshadow
|
||||
contents: |
|
||||
root:$1$ChIJgCib$1IYTTG.wKCXqbo1RMEQCc0:18706:0:99999:7:::
|
||||
root:$1$XMaL.0yJ$Z9imHkT2P9ddci.FeYhVK0:18706:0:99999:7:::
|
||||
daemon:*:0:0:99999:7:::
|
||||
ftp:*:0:0:99999:7:::
|
||||
network:*:0:0:99999:7:::
|
||||
@ -945,7 +944,7 @@ files:
|
||||
|
||||
- path: etc/wshadow
|
||||
contents: |
|
||||
root:$6$4/xWhDY0JERkg6eg$ZKglx2TQT2ITM525di2aOhda9r9L.kUjYArPTF5pVTzi3/SRe.My4Z5Cg9vabK0ax2kZ.lLPFHA8v7jw.0N/8.:18707:0:99999:7:::
|
||||
root:$6$R0XGKnrwzA4kTcET$6JsBy0Ib7xzy3OUZLq81/Cu4XswmOzv4VmCBJ76jAq/lJ049rxrHsyzGhUY8TONLdlbKfm0.EhCKB4NLivdck/:18707:0:99999:7:::
|
||||
daemon:*:17575:0:99999:7:::
|
||||
bin:*:17575:0:99999:7:::
|
||||
sys:*:17575:0:99999:7:::
|
||||
|
Reference in New Issue
Block a user