diff options
40 files changed, 2137 insertions, 673 deletions
diff --git a/core/conf/fstab b/core/conf/fstab index b579488..67bc4e4 100644 --- a/core/conf/fstab +++ b/core/conf/fstab @@ -15,7 +15,7 @@ #/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 #devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 #tmp /tmp tmpfs defaults 0 0 -#shm /dev/shm tmpfs defaults 0 0 +shm /dev/shm tmpfs defaults 0 0 #usb /proc/bus/usb usbfs defaults 0 0 devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 diff --git a/core/conf/hosts b/core/conf/hosts index ee776e2..449949b 100644 --- a/core/conf/hosts +++ b/core/conf/hosts @@ -1,13 +1,27 @@ # # /etc/hosts: static lookup table for host names # - -# IPv4 +# IPv4 LocalHosts 127.0.0.1 localhost.localdomain localhost -127.0.0.1 c9.localdomain c9 +127.0.0.1 c9.core c9 + +127.0.0.1 wiki.localhost +127.0.0.1 git.localhost +127.0.0.1 doc.localhost +127.0.0.1 ports.localhost + +# IPv4 Intranet +#<ip-address> <hostname.domain.org> <aliases> + +10.0.0.254 c9.core +10.0.0.254 wiki.c9.core +10.0.0.254 git.c9.core +10.0.0.254 doc.c9.core +10.0.0.254 ports.c9.core +# IPv4 Internet #<ip-address> <hostname.domain.org> <aliases> -192.168.1.9 core.privat-network.net c9.core +10.0.0.254 core.privat-network.net # IPv6 #::1 ip6-localhost ip6-loopback diff --git a/core/conf/rc.d/iptables b/core/conf/rc.d/iptables index 3f29928..bb5cf91 100644 --- a/core/conf/rc.d/iptables +++ b/core/conf/rc.d/iptables @@ -3,80 +3,79 @@ # /etc/rc.d/iptables: load/unload iptable rules # -case $1 in -start) - echo "Starting IPv4 firewall filter table..." - /usr/sbin/iptables-restore < /etc/iptables/rules.v4 - ;; -stop) - echo "Stopping firewall and deny everyone..." - iptables -F - iptables -X - iptables -t nat -F - iptables -t nat -X - iptables -t mangle -F - iptables -t mangle -X - iptables -t raw -F - iptables -t raw -X - iptables -t security -F - iptables -t security -X +rules=rules.v4 +#rules=vlan.v4 + +iptables_clear () { + echo "clear all iptables tables" + iptables -F + iptables -X + iptables -t nat -F + iptables -t nat -X + iptables -t mangle -F + iptables -t mangle -X + iptables -t raw -F + iptables -t raw -X + iptables -t security -F + iptables -t security -X +} +case $1 in + start) + iptables_clear + echo "starting IPv4 firewall filter table..." + /usr/sbin/iptables-restore < /etc/iptables/${rules} + ;; + stop) + iptables_clear + echo "stopping firewall and deny everyone..." /usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -P FORWARD DROP /usr/sbin/iptables -P OUTPUT DROP - # Unlimited on local - /usr/sbin/iptables -A INPUT -i lo -j ACCEPT - /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT + # Unlimited on local + /usr/sbin/iptables -A INPUT -i lo -j ACCEPT + /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT - # log everything else and drop - /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " - /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " - /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " + # log everything else and drop + /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " + /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " + /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " - ;; -open) - echo "Outgoing Open firewall and deny everyone..." - iptables -F - iptables -X - iptables -t nat -F - iptables -t nat -X - iptables -t mangle -F - iptables -t mangle -X - iptables -t raw -F - iptables -t raw -X - iptables -t security -F - iptables -t security -X + ;; + open) + iptables_clear + echo "outgoing Open firewall and deny everyone..." /usr/sbin/iptables -P INPUT DROP /usr/sbin/iptables -P FORWARD DROP /usr/sbin/iptables -P OUTPUT ACCEPT - # Unlimited on local - /usr/sbin/iptables -A INPUT -i lo -j ACCEPT - /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT - - # Accept passive - /usr/sbin/iptables -A INPUT -p tcp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + /usr/sbin/iptables -A OUTPUT -j ACCEPT - /usr/sbin/iptables -A INPUT -p udp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + # Unlimited on local + /usr/sbin/iptables -A INPUT -i lo -j ACCEPT + /usr/sbin/iptables -A OUTPUT -o lo -j ACCEPT + # Accept passive + /usr/sbin/iptables -A INPUT -p tcp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT + /usr/sbin/iptables -A INPUT -p udp --dport 1024: -m state --state ESTABLISHED,RELATED -j ACCEPT - # log everything else and drop - /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " - #/usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " - /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " + # log everything else and drop + /usr/sbin/iptables -A INPUT -j LOG --log-level 7 --log-prefix "iptables: INPUT: " + /usr/sbin/iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "iptables: OUTPUT: " + /usr/sbin/iptables -A FORWARD -j LOG --log-level 7 --log-prefix "iptables: FORWARD: " - ;; + ;; -restart) - $0 stop - $0 start - ;; -*) + restart) + $0 stop + $0 start + ;; + *) - echo "usage: $0 [start|stop|restart]" - ;; + echo "usage: $0 [start|stop|restart]" + ;; esac # End of file diff --git a/core/configure.html b/core/configure.html index d7bbc25..66ed69c 100644 --- a/core/configure.html +++ b/core/configure.html @@ -222,7 +222,7 @@ #/dev/dvd /dvd udf ro,user,noauto,unhide 0 0 #/dev/floppy/0 /floppy vfat user,noauto,unhide 0 0 #tmp /tmp tmpfs defaults 0 0 - #shm /dev/shm tmpfs defaults 0 0 + shm /dev/shm tmpfs defaults 0 0 #usb /proc/bus/usb usbfs defaults 0 0 devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0 diff --git a/core/install.html b/core/install.html index f95910f..be98a0d 100644 --- a/core/install.html +++ b/core/install.html @@ -18,6 +18,13 @@ <a href="http://crux.nu/Main/Handbook3-2">Hand book 3.2</a>, .</p> + <p>If you are booting from crux iso and is not your keyboard + layout of choice run;</p> + + <pre> + # loadkeys dvorak + </pre> + <h2 id="step1">1.1.1. Download Iso</h2> <a href="http://crux.nu/Main/Download">Download Page</a> @@ -33,143 +40,114 @@ <p>Prepare disk or target location where new system will be installed. Follow steps describe how to create efi and - separate partitions such as; boot, root, var, tmp, - usr, ports, swap and home. Information about + separate partitions such as; + bios grub, EFI, swap, boot, root, var, usr and home. + Information about <a href="http://devil-detail.blogspot.pt/2013/07/install-grub2-on-gpt-disk-dedicated-partition.html">gpt partition table</a>. </p> + <p>Create gpt label and set unit size to use;</p> <pre> (parted) mklabel gpt + (parted) unit mib + </pre> + + <h3>bootloader</h3> + + <p>Partition used by grub boot loader. Partition size 2M;</p> + + <pre> + mkpart primary 1 3 + name 1 grub + set 1 bios_grub on </pre> <h3>/boot/efi</h3> <p>EFI System Partition, ESP type EF00. Partition with between 500M and 100M is recommended for standard - installations.</p> + installations. Partition size 128M;</p> <pre> - (parted) mkpart ESP fat32 1MiB 120MiB + (parted) mkpart ESP fat32 3 131 + (parted) name 2 boot + (parted) set 2 boot on </pre> + <h3>Swap (ram)</h3> + + <p>Swap partition general advice is same size as memory ram, + ports system configured to build on ram need at least 34G + to build firefox. Other swap partitions can be added later for port + build on ram. Partition size 512M;</p> + <pre> - (parted) align-check opt 1 + (parted) mkpart primary linux-swap 131 643 + (parted) name 3 swap </pre> <h3>/boot</h3> - <p>Boot partition. Partition with 1G provides - room for crux iso to boot directly from grub.</p> - - <pre> - (parted) mkpart primary ext4 120MiB 1000MiB - </pre> + <p>Boot partition. Partition with 1G provide room for kernels and + crux iso that can be directly boot from grub (without root partition). + Partition size 1G;</p> <pre> - (parted) align-check optimal 2 + (parted) mkpart primary ext4 643 1667 + (parted) name 4 boot </pre> <h3>/</h3> - <p>Normal installation root partition uses 200MB-500MB, being - 1G recommended. Since we have plenty of space a partition - with 2G will be used to host a complete backup of final installation - configuration.</p> + <p>Normal core crux installation root partition uses approximately 2G, + without /usr 200MB-500M. Minimum 2G is recommended. Partition size 2.4G;</p> <pre> - (parted) mkpart primary ext4 1000MiB 3000MiB + (parted) mkpart primary ext4 1667 4096 + (parted) name 5 root </pre> - <pre> - (parted) align-check optimal 3 - </pre> + <p>Core system can be installed from here, additional partitions can be + created now or later.</p> <h3>/var</h3> - <p>Var partition is recommended 100MiB-500MiB, we will - use 1G;</dd> - - <pre> - (parted) mkpart primary ext4 3000MiB 4000MiB - </pre> - - <pre> - (parted) align-check optimal 4 - </pre> - - <h3>/tmp</h3> - - <p>Temp partition with 20M-50M;</dd> - - <pre> - (parted) mkpart primary ext4 4000MiB 4050MiB - </pre> + <p>Var partition is recommended 100MiB-500MiB. Partition size 1G;</dd> <pre> - (parted) align-check optimal 5 + (parted) mkpart primary ext4 4096 5120 + (parted) name 6 var </pre> <h3>/usr</h3> - <p>User partition with 4G is recommended for a desktop - setup, we will use 8G;</dd> - - <pre> - (parted) mkpart primary ext4 4050MiB 12000MiB - </pre> + <p>User partition with 4G-8G is recommended for a desktop setup, we will use 8G;</dd> <pre> - (parted) align-check optimal 6 + (parted) mkpart primary ext4 5120 13312 + (parted) name 7 usr </pre> <h3>/home</h3> - <p>Home partition with 180G;</dd> - - <pre> - (parted) mkpart primary ext4 12000MiB 192000MiB - </pre> - - <pre> - (parted) align-check optimal 7 - </pre> - - <h3>/usr/ports</h3> - - <p>Ports partition with 120G allows to host sources, package - backups and ports;</dd> - - <pre> - (parted) mkpart primary ext4 192000MiB 312000MiB - </pre> - - <pre> - (parted) align-check optimal 8 - </pre> - - <h3>Swap (ram)</h3> - - <p>Swap partition general advice is same size as memory ram, - ports system configured to build on ram need at least 30G - to build firefox. Other swap partitions can be added later for port - build on ram.</p> + <p>Home partition can have limited size for later creation of lvm or fill the rest of + disk space;</dd> <pre> - (parted) mkpart primary linux-swap 312000MiB 342000MiB + (parted) mkpart primary ext4 13312 -1 + (parted) name 8 home </pre> - <p>Create filesystems;</p> + <h3>Create filesystems</h3> <pre> - $ export BLK_EFI=/dev/sda1 - $ export BLK_BOOT=/dev/sda2 - $ export BLK_ROOT=/dev/sda3 - $ export BLK_VAR=/dev/sda4 - $ export BLK_TMP=/dev/sda5 - $ export BLK_USR=/dev/sda6 - $ export BLK_HOME=/dev/sda7 - $ export BLK_PRT=/dev/sda8 - $ export BLK_SWAP=/dev/sda9 + $ export BLK_EFI=/dev/sda2 + $ export BLK_SWAP=/dev/sda3 + $ export BLK_BOOT=/dev/sda4 + $ export BLK_ROOT=/dev/sda5 + $ export BLK_VAR=/dev/sda6 + $ export BLK_USR=/dev/sda7 + $ export BLK_HOME=/dev/sda8 </pre> <pre> @@ -184,10 +162,8 @@ $ sudo mkfs.ext4 $BLK_BOOT $ sudo mkfs.ext4 $BLK_ROOT $ sudo mkfs.ext4 $BKL_VAR - $ sudo mkfs.ext4 $BKL_TMP $ sudo mkfs.ext4 $BKL_USR $ sudo mkfs.ext4 $BKL_HOME - $ sudo mkfs.ext4 $BKL_PRT </pre> <h2 id="step3">1.1.3. Prepare Install</h2> @@ -222,7 +198,6 @@ $ sudo mkdir -p $CHROOT/var/lib/pkg $ sudo mount $BLK_USR $CHROOT/usr - $ sudo mount $BLK_PRT $CHROOT/usr/ports $ sudo mount $BLK_HOME $CHROOT/home </pre> diff --git a/dev/gdbc.html b/dev/c/index.html index f5b2c74..09374c6 100644 --- a/dev/gdbc.html +++ b/dev/c/index.html @@ -2,12 +2,12 @@ <html dir="ltr" lang="en"> <head> <meta charset='utf-8'> - <title>GDB - C</title> + <title>C & GDB</title> </head> <body> + <a href="../index.html">Development Index</a> - <a href="index.html">Development Index</a> - <h1>GDB - C</h1> + <h1>C & GDB</h1> <p><a href="http://blog.fourthbit.com/2013/06/18/creating-an-open-source-program-in-c-with-autotools-part-1-of-2/">C program with autotools</a> </p> @@ -87,11 +87,17 @@ strace -c ./program </pre> - <a href="index.html">Development Index</a> - <p>This is part of the c9-doc Manual. + + <a href="../index.html">Development Index</a> + <p> + This is part of the c9-doc Manual. Copyright (C) 2016 - c9 Team. - See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + c9 team. + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p> + + </body> + </html> + diff --git a/dev/git.html b/dev/git/index.html index 5d65b32..40ae49d 100644 --- a/dev/git.html +++ b/dev/git/index.html @@ -6,7 +6,7 @@ </head> <body> - <a href="index.html">Development Index</a> + <a href="../index.html">Development Index</a> <h1>Git</h1> <p>First configure your global identity, configuration @@ -252,7 +252,16 @@ $ git -D h-1.2.2 </pre> - <h2 id="local">Local Workflow</h2> + <h2 id="local">2. Local Workflow</h2> + + <h3 id="working">2.1. Working area</h3> + + <p>Mark all deleted to commit;</p> + + <pre> + $ git ls-files --deleted -z | xargs -0 git rm + </pre> + <p>Mark all deleted to commit;</p> @@ -260,6 +269,14 @@ $ git ls-files --deleted -z | xargs -0 git rm </pre> + <h3 id="logdiff">2.2. Logs and commits</h3> + + <p>Create patch files to target branch/tag/ref;</p> + + <pre> + $ git format-patch --no-prefix software-v0.0.1 + </pre> + <p>Last commit that affected current path</p> <pre> @@ -274,11 +291,53 @@ $ git checkout f000^ -- path/to/file </pre> - <a href="index.html">Development Index</a> + <h3 id="remote">2.3. Working with remotes</h3> + + <p>Adding a new remote;</p> + + <pre> + $ git remote add newremotename https://github.com/user/repo.git + </pre> + + <p>Update all branches with remote;</p> + + <pre> + $ git fetch --all + $ git pull --all + </pre> + + <p>If you want to track all remotes run this line + and then the commands mentioned above;</p> + + <pre> + $ for remote in `git branch -r`; do git branch --track ${remote#origin/} $remote; done + </pre> + + <p>Future updates;</p> + + <pre> + $ git fetch --all + $ git pull --all + </pre> + + <p>Update local branches removed on remote set;</p> + + <pre> + $ git config --global fetch.prune true + </pre> + + + <p>This will prune on fetch or you can keep it manually;</p> + + <pre> + $ git remote prune origin + </pre> + + <a href="../index.html">Development Index</a> <p>This is part of the c9-doc Manual. Copyright (C) 2016 c9 Team. - See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p> </body> </html> diff --git a/dev/index.html b/dev/index.html index 3d20e72..befe5d6 100644 --- a/dev/index.html +++ b/dev/index.html @@ -11,29 +11,44 @@ <p>Tools for development and debugging</p> - <h2 id="scr">Source Code Revision</h2> + <h2>Git</h2> + + <p>Git is a distributed version control system, this document is meant to be distributed using git.</p> <ul> - <li><a href="git.html">Git</a> + <li><a href="git/index.html#teamwork">1. Team workflow</a> <ul> - <li><a href="git.html#teamwork">1. Team workflow</a> - <ul> - <li><a href="git.html#feature">1.1. Feature</a></li> - <li><a href="git.html#release">1.2. Release</a></li> - <li><a href="git.html#tags">1.3. Tags</a></li> - <li><a href="git.html#hotfix">1.4. Hotfix</a></li> - </ul> - </li> - <li><a href="git.html#local">2. Local Workflow</a></li> + <li><a href="git/index.html#feature">1.1. Feature</a></li> + <li><a href="git/index.html#release">1.2. Release</a></li> + <li><a href="git/index.html#tags">1.3. Tags</a></li> + <li><a href="git/index.html#hotfix">1.4. Hotfix</a></li> + </ul> + </li> + <li><a href="git/index.html#local">2. Local Workflow</a> + <ul> + <li><a href="git/index.html#working">2.1. Working area</a></li> + <li><a href="git/index.html#logdiff">2.2. Logs and commits</a></li> + <li><a href="git/index.html#remote">2.3. Working with remotes</a></li> </ul> </li> </ul> - <h2 id="c">C</h2> + <h2 id="c">C & GDB</h2> + + <p>C is functional compiled language created by Dennis Ritchie. BSD, Linux and Minix kernels use this language + as primary language.</p> + + <ul> + <li><a href="c/index.html">Hello World</a></li> + <li><a href="">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="">Input & Output</a></li> + </ul> <ul> <li><a href="http://inti.sourceforge.net/tutorial/libinti/autotoolsproject.html">Autotools</a></li> - <li><a href="gdbc.html">GDB</a></li> </ul> <h2>Shell Script</h2> @@ -43,38 +58,61 @@ use bash;</p> <ul> - <li><a href="dash.html">Dash - Scripting</a> + <li><a href="shell/dash.html">Dash - Scripting</a> <ul> - <li><a href="dash.html#hello">Hello World</a></li> - <li><a href="dash.html#io">Input / Output</a></li> - <li><a href="dash.html#var">Variables</a></li> - <li><a href="dash.html#if">Conditions</a></li> + <li><a href="shell/dash.html#hello">Hello World</a></li> + <li><a href="shell/dash.html#var">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="shell/dash.html#if">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="shell/dash.html#io">Input & Output</a></li> </ul> </li> </ul> <h2>Python</h2> <ul> - <li>Python</li> + <li><a href="python/index.html">Hello World</a></li> + <li><a href="">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="">Input & Output</a></li> </ul> <h2>Perl</h2> <ul> - <li>Perl</li> + <li><a href="perl/index.html">Hello World</a></li> + <li><a href="">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="">Input & Output</a></li> </ul> + <h2>JavaScript</h2> <ul> - <li>JavaScript</li> + <li><a href="js/index.html">Hello World</a></li> + <li><a href="">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="">Input & Output</a></li> </ul> <h2>PHP</h2> - <ul> - <li>PHP</li> + <li><a href="php/index.html">Hello World</a></li> + <li><a href="">Types & Variables</a></li> + <li><a href="">Operators & Expressions</a></li> + <li><a href="">Control Flow</a></li> + <li><a href="">Functions</a></li> + <li><a href="">Input & Output</a></li> </ul> <ul> + <li><a href="php/laravel.html">Laravel Framework</a></li> <li>PHP Unit</li> </ul> diff --git a/dev/js/index.html b/dev/js/index.html new file mode 100644 index 0000000..ae7e946 --- /dev/null +++ b/dev/js/index.html @@ -0,0 +1,24 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>c9 JavaScript</title> + </head> + <body> + <a href="../index.html">Development Index</a> + + <h1>c9 JavaScript</h1> + + <a href="../index.html">Development Index</a> + <p> + This is part of the c9-doc Manual. + Copyright (C) 2016 + c9 team. + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + + </body> + +</html> + diff --git a/dev/perl/index.html b/dev/perl/index.html new file mode 100644 index 0000000..247a96f --- /dev/null +++ b/dev/perl/index.html @@ -0,0 +1,24 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>c9 Perl</title> + </head> + <body> + <a href="../index.html">Development Index</a> + + <h1>c9 Perl</h1> + + <a href="../index.html">Development Index</a> + <p> + This is part of the c9-doc Manual. + Copyright (C) 2016 + c9 team. + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + + </body> + +</html> + diff --git a/dev/php/index.html b/dev/php/index.html new file mode 100644 index 0000000..2a44270 --- /dev/null +++ b/dev/php/index.html @@ -0,0 +1,24 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>c9 PHP</title> + </head> + <body> + <a href="../index.html">Development Index</a> + + <h1>c9 PHP</h1> + + <a href="../index.html">Development Index</a> + <p> + This is part of the c9-doc Manual. + Copyright (C) 2016 + c9 team. + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + + </body> + +</html> + diff --git a/dev/python/index.html b/dev/python/index.html new file mode 100644 index 0000000..e9b78eb --- /dev/null +++ b/dev/python/index.html @@ -0,0 +1,39 @@ +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>c9 Python</title> + </head> + <body> + <a href="../index.html">Development Index</a> + + <h1>c9 Python</h1> + + <pre> + test="/root/data" + dir= test + "/other" + print(dir) + </pre> + + <p>Debugging;</p> + + <pre> + import pdb + pdb.set_trace() + </pre> + + <p>Run your program;</p> + + <a href="../index.html">Development Index</a> + <p> + This is part of the c9-doc Manual. + Copyright (C) 2016 + c9 team. + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + for copying conditions.</p> + + + </body> + +</html> + diff --git a/dev/dash.html b/dev/shell/dash.html index 0329559..3a0e6de 100644 --- a/dev/dash.html +++ b/dev/shell/dash.html @@ -6,7 +6,7 @@ </head> <body> - <a href="index.html">Development Index</a> + <a href="../index.html">Development Index</a> <h1>Dash - Scripting</h1> <h2 id="hello">Hello World</h2> @@ -14,11 +14,11 @@ <h2 id="var">Variables</h2> <h2 id="if">Conditions</h2> - <a href="index.html">Development Index</a> + <a href="../index.html">Development Index</a> <p>This is part of the c9-doc Manual. Copyright (C) 2016 c9 Team. - See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> + See the file <a href="../../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p> </body> </html> diff --git a/index.html b/index.html index 09ac409..581569e 100644 --- a/index.html +++ b/index.html @@ -8,42 +8,19 @@ <h1>c9 Doc</h1> - <ul> - <li><a href="core/index.html">Core OS</a></li> - <li><a href="tools/index.html">Tools</a></li> - <li><a href="dev/index.html">Development</a></li> - <li><a href="host.html">Host</a></li> - </ul> - - <ul> - <li><a href="manifesto.html">Manifesto</a></li> - <li><a href="legal/index.html">Labor law</a></li> - <li><a href="links.html">Links</a></li> - <li><a href="team.html">Team</a></li> - </ul> - - <h2>About this doc</h2> + <ul> + <li><a href="core/index.html">Core OS</a></li> + <li><a href="tools/index.html">Tools</a></li> + <li><a href="dev/index.html">Development</a></li> + <li><a href="host.html">Host</a></li> + </ul> - <p>Version;</p> - - <pre> - rev 0.2.7 - </pre> - - <p>Current upstream git repository;</p> - - <p> - <a href="https://github.com/s1lvino/c9-doc">https://github.com/s1lvino/c9-doc</a> - </p> - <p>Current ports upstream git repository;</p> - - <p> - <a href="https://github.com/s1lvino/c9-ports">https://github.com/s1lvino/c9-ports</a> - </p> + <h2>Ports</h2> - <p>Content of - <a href="core/conf/ports/c9-ports.httpup">c9-ports.httpup</a>; + <p>Httup file + <a href="core/conf/ports/c9-ports.httpup">c9-ports.httpup</a> of c9-ports + <a href="https://s1lvino.github.io/c9-ports/">c9-ports</a></p> </p> <pre> @@ -56,14 +33,32 @@ # End of file </pre> + <h2>About</h2> + + <p>Version;</p> + + <pre> + rev 0.3.0 + </pre> + + <p><a href="manifesto.html">Manifesto</a> helps to have general + idea, <a href="legal/index.html">legal</a> try's to address bureaucracy + and <a href="links.html">Links</a> contains relevant + references. Current upstream git repository;</p> + + <p> + <a href="https://github.com/s1lvino/c9-doc">https://github.com/s1lvino/c9-doc</a> + </p> + + <h2>License</h2> <p>Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software - Foundation; with the Invariant Sections being just "Manifesto", - and Links". A copy of the license is included in the section - entitled "GNU Free Documentation License".</p> + Foundation; with the Invariant Sections being this page "Index", + "Manifesto", "Team" and Links". A copy of the license is included + in the section entitled "GNU Free Documentation License".</p> <p><a href="fdl-1.3-standalone.html">Gnu Free Documentation License</a></p> diff --git a/tools/conf/etc/gitweb.conf b/tools/conf/etc/gitweb.conf new file mode 100644 index 0000000..26034fb --- /dev/null +++ b/tools/conf/etc/gitweb.conf @@ -0,0 +1,22 @@ +# The directories where your projects are. Must not end with a slash. +our $projectroot = "/srv/gitolite/repositories"; + +# Base URLs for links displayed in the web interface. +our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com); + +our $site_name = "gitweb"; +our $git_temp = "/srv/www/gitweb_tmp"; + +our $projects_list = "/srv/gitolite/projects.list"; + +our $projects_list_group_categories = 1; + +our $home_link_str="GitWeb"; + +$feature{'highlight'}{'default'} = [1]; + +$feature{'pathinfo'}{'default'} = [1]; + +our @extra_breadcrumbs = ( + [ 'HomePage' => 'https://core.privat-network.net/' ], +); diff --git a/tools/conf/etc/iptables/vlan.v4 b/tools/conf/etc/iptables/vlan.v4 new file mode 100644 index 0000000..8c87389 --- /dev/null +++ b/tools/conf/etc/iptables/vlan.v4 @@ -0,0 +1,170 @@ +# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016 +*security +:INPUT ACCEPT [6:2056] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [6:2056] +COMMIT +# Completed on Sat Oct 15 17:20:41 2016 +# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016 +*raw +:PREROUTING ACCEPT [7:2092] +:OUTPUT ACCEPT [6:2056] +COMMIT +# Completed on Sat Oct 15 17:20:41 2016 +# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016 +*mangle +:PREROUTING ACCEPT [7:2092] +:INPUT ACCEPT [6:2056] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [6:2056] +:POSTROUTING ACCEPT [6:2056] +COMMIT +# Completed on Sat Oct 15 17:20:41 2016 +# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016 +*filter +:INPUT DROP [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT DROP [0:0] +-A INPUT -i lo -j ACCEPT +-A INPUT -i br0 -j ACCEPT +-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop sync: " --log-level 7 +-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP +-A INPUT -f -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop frag: " +-A INPUT -f -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,PSH,URG -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop null: " +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP +-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop syn rst syn rs" +-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop xmas: " +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -m limit --limit 5/min --limit-burst 7 -j LOG --log-prefix "iptables: drop fin scan: " +-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP +-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,ACK,URG -j DROP +################################################################################# +# INPUT +# Established connections and passive +# + +# Allow established from dns server +#-A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# INPUT accept passive +-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED -j ACCEPT + + +# Allow irc +-A INPUT -p tcp -m tcp --sport 6667 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow xmmp +-A INPUT -p tcp -m tcp --sport 5222 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT +# Allow established from https server +-A INPUT -p tcp -m tcp --sport 443 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT +-A INPUT -p udp -m udp --sport 443 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT + +# Allow established from http server +-A INPUT -p tcp -m tcp --sport 80 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from rsync server +-A INPUT -p tcp -m tcp --sport 873 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from pop3s server +-A INPUT -p tcp -m tcp --sport 995 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from smtps server +-A INPUT -p tcp -m tcp --sport 465 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from ntp server +-A INPUT -p udp -m udp --sport 123 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from whois server +-A INPUT -p tcp -m tcp --sport 43 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +# Allow established from ftp server +-A INPUT -p tcp -m tcp --sport 20 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +-A INPUT -p tcp -m tcp --sport 21 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +-A INPUT -p tcp -m tcp --sport 22 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +################################################################################## +# INPUT +# New and established connections to local servers +# + +# allow ping +-A INPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT +-A INPUT -p icmp --icmp-type 0 -m state --state ESTABLISHED,RELATED -j ACCEPT + +# INPUT accept from wlp7s0 to dns server +#-A INPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT + +# INPUT accept from wlp7s0 to https server +-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT +# INPUT accept from wlp7s0 to ssh server +-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 2222 -m state --state ESTABLISHED -j ACCEPT +-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 2222 -m state --state NEW -m limit --limit 6/min --limit-burst 3 -j ACCEPT + +-A FORWARD -i br0 -j ACCEPT + +-A INPUT -j LOG --log-prefix "iptables: INPUT: " --log-level 7 +-A FORWARD -j LOG --log-prefix "iptables: FORWARD: " --log-level 7 + +################################################################################## +# Output +# Connections to remote servers +# +-A OUTPUT -o lo -j ACCEPT +-A OUTPUT -o br0 -j ACCEPT + +# Allow ping +-A OUTPUT -p icmp --icmp-type 8 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT +# Allow to ssh clients +-A OUTPUT -p tcp -m tcp --sport 2222 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT + +# Allow to dns +#-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow from dns server +#-A OUTPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT + +# Allow irc +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 6667 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow xmmp +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 5222 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT + + +# Allow to rsync server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 873 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to pop3s server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 995 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to smtps server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 465 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to ntp server +-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 123 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to ftp server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 20 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to https server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT +-A OUTPUT -p udp -m udp --sport 1024:65535 --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT +# Allow to http server +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT + +################################################################################## +# Output +# Connections from local servers +# + + +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED -j ACCEPT +-A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state NEW -j ACCEPT + + +-A OUTPUT -j LOG --log-prefix "iptables: OUTPUT: " --log-level 7 +COMMIT +# Completed on Sat Oct 15 17:20:41 2016 +# Generated by iptables-save v1.6.0 on Sat Oct 15 17:20:41 2016 +*nat +:PREROUTING ACCEPT [1:36] +:INPUT ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] + +-A POSTROUTING -s 10.0.0.0/24 -d 10.0.0.0/24 -j ACCEPT +-A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE +#-A POSTROUTING -o wlp7s0 -j MASQUERADE + +COMMIT +# Completed on Sat Oct 15 17:20:41 2016 diff --git a/tools/conf/etc/nginx/sites-enabled/git.localhost.conf b/tools/conf/etc/nginx/sites-enabled/git.localhost.conf new file mode 100644 index 0000000..d114ab8 --- /dev/null +++ b/tools/conf/etc/nginx/sites-enabled/git.localhost.conf @@ -0,0 +1,25 @@ +server { + listen 443 ssl; + + server_name git.localhost git.c9.core git.core.privat-network.net; + + root /srv/www/gitweb; + + location /static/ { + # static files (png/css) served from /usr/share/gitweb/static + root /usr/share/gitweb ; + expires 30d; + } + + location / { + index gitweb.cgi + fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; + fastcgi_param DOCUMENT_ROOT /srv/www/gitweb/; + fastcgi_param SCRIPT_NAME /gitweb.cgi$fastcgi_path_info; + fastcgi_split_path_info ^()(/?.+)$; + + include fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.sock; + } + +} diff --git a/tools/conf/etc/rc.d/blan b/tools/conf/etc/rc.d/blan index f75d272..f3ea322 100755 --- a/tools/conf/etc/rc.d/blan +++ b/tools/conf/etc/rc.d/blan @@ -4,60 +4,55 @@ # DEV="br0" -PHY="enp8s0" -ADDR=10.0.0.1 +ADDR=10.0.0.254 NET=10.0.0.0 +GW=192.168.1.254 MASK=24 -GTW=10.0.0.1 -NTAPS=$((`/usr/bin/nproc`-1)) + +# one tap for each cpu core +NTAPS=$((`/usr/bin/nproc`)) case $1 in - start) - /sbin/ip link add name ${DEV} type bridge - /sbin/ip link set dev ${DEV} up - - /bin/sleep 0.2s - /sbin/ip route flush dev ${PHY} - /sbin/ip addr flush dev ${PHY} - /sbin/ip link set dev ${PHY} master ${DEV} - - /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast + - - for i in `/usr/bin/seq $NTAPS` - do - TAP="tap$i" - echo $TAP - /sbin/ip tuntap add ${TAP} mode tap group kvm - /sbin/ip link set ${TAP} up - /bin/sleep 0.2s - #brctl addif $switch $1 - /sbin/ip link set ${TAP} master ${DEV} - done - - exit 0 - ;; - stop) - - for i in `/usr/bin/seq $NTAPS` - do - TAP="tap$i" - /sbin/ip link del ${TAP} - echo $TAP - done - - /sbin/ip link set dev ${DEV} down - /sbin/ip route flush dev ${DEV} - /sbin/ip link del ${DEV} - exit 0 - ;; - restart) - $0 stop - $0 start - ;; - *) - echo "Usage: $0 [start|stop|restart]" - ;; + start) + /sbin/ip link add name ${DEV} type bridge + /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast + + /sbin/ip link set dev ${DEV} up + /bin/sleep 0.2s + + for i in `/usr/bin/seq $NTAPS` + do + TAP="tap$i" + echo "Setting up ${TAP} tap interface." + /sbin/ip tuntap add ${TAP} mode tap group kvm + /sbin/ip link set ${TAP} up + /bin/sleep 0.2s + /sbin/ip link set ${TAP} master ${DEV} + done + + exit 0 + ;; + stop) + + for i in `/usr/bin/seq $NTAPS` + do + TAP="tap$i" + echo "Deleting ${TAP} tap interface." + /sbin/ip link del ${TAP} + done + + /sbin/ip link set dev ${DEV} down + /sbin/ip route flush dev ${DEV} + /sbin/ip link del ${DEV} + exit 0 + ;; + restart) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 [start|stop|restart]" + ;; esac # End of file diff --git a/tools/conf/etc/skel/.xinitrc b/tools/conf/etc/skel/.xinitrc new file mode 100644 index 0000000..ac94b39 --- /dev/null +++ b/tools/conf/etc/skel/.xinitrc @@ -0,0 +1,16 @@ + +##twm & +##xclock -geometry 50x50-1+1 & +##xterm -geometry 80x50+494+51 & +##xterm -geometry 80x20+494-0 & +##exec xterm -geometry 80x66+0+0 -name login +# +##xrandr --output eDP1 --mode 1024x768 +#xrandr --dpi 100 +#xgamma -gamma 0.8 +syndaemon -d +# +## Start the window manager + +#exec dwm +exec openbox diff --git a/tools/conf/srv/gitolite/.gitolite.rc b/tools/conf/srv/gitolite/.gitolite.rc new file mode 100644 index 0000000..fa18e4e --- /dev/null +++ b/tools/conf/srv/gitolite/.gitolite.rc @@ -0,0 +1,200 @@ +# configuration variables for gitolite + +# This file is in perl syntax. But you do NOT need to know perl to edit it -- +# just mind the commas, use single quotes unless you know what you're doing, +# and make sure the brackets and braces stay matched up! + +# (Tip: perl allows a comma after the last item in a list also!) + +# HELP for commands can be had by running the command with "-h". + +# HELP for all the other FEATURES can be found in the documentation (look for +# "list of non-core programs shipped with gitolite" in the master index) or +# directly in the corresponding source file. + +%RC = ( + + # ------------------------------------------------------------------ + + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 027, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => '.*', + + # comment out if you don't need all the extra detail in the logfile + LOG_EXTRA => 1, + # logging options + # 1. leave this section as is for 'normal' gitolite logging (default) + # 2. uncomment this line to log ONLY to syslog: + # LOG_DEST => 'syslog', + # 3. uncomment this line to log to syslog and the normal gitolite log: + # LOG_DEST => 'syslog,normal', + # 4. prefixing "repo-log," to any of the above will **also** log just the + # update records to "gl-log" in the bare repo directory: + # LOG_DEST => 'repo-log,normal', + # LOG_DEST => 'repo-log,syslog', + # LOG_DEST => 'repo-log,syslog,normal', + + # roles. add more roles (like MANAGER, TESTER, ...) here. + # WARNING: if you make changes to this hash, you MUST run 'gitolite + # compile' afterward, and possibly also 'gitolite trigger POST_COMPILE' + ROLES => { + READERS => 1, + WRITERS => 1, + }, + + # enable caching (currently only Redis). PLEASE RTFM BEFORE USING!!! + # CACHE => 'Redis', + + # ------------------------------------------------------------------ + + # rc variables used by various features + + # the 'info' command prints this as additional info, if it is set + # SITE_INFO => 'Please see http://blahblah/gitolite for more help', + + # the CpuTime feature uses these + # display user, system, and elapsed times to user after each git operation + # DISPLAY_CPU_TIME => 1, + # display a warning if total CPU times (u, s, cu, cs) crosses this limit + # CPU_TIME_WARN_LIMIT => 0.1, + + # the Mirroring feature needs this + # HOSTNAME => "foo", + + # TTL for redis cache; PLEASE SEE DOCUMENTATION BEFORE UNCOMMENTING! + # CACHE_TTL => 600, + + # ------------------------------------------------------------------ + + # suggested locations for site-local gitolite code (see cust.html) + + # this one is managed directly on the server + # LOCAL_CODE => "$ENV{HOME}/local", + + # or you can use this, which lets you put everything in a subdirectory + # called "local" in your gitolite-admin repo. For a SECURITY WARNING + # on this, see http://gitolite.com/gitolite/non-core.html#pushcode + LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", + + # ------------------------------------------------------------------ + + # List of commands and features to enable + + ENABLE => [ + + # COMMANDS + + # These are the commands enabled by default + 'help', + 'desc', + 'info', + 'perms', + 'writable', + + # Uncomment or add new commands here. + # 'create', + # 'fork', + # 'mirror', + # 'readme', + # 'sskm', + # 'D', + + # These FEATURES are enabled by default. + + # essential (unless you're using smart-http mode) + 'ssh-authkeys', + + # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz' + 'git-config', + + # creates git-daemon-export-ok files; if you don't use git-daemon, comment this out + 'daemon', + + # creates projects.list file; if you don't use gitweb, comment this out + 'gitweb', + + # These FEATURES are disabled by default; uncomment to enable. If you + # need to add new ones, ask on the mailing list :-) + + # user-visible behaviour + + # prevent wild repos auto-create on fetch/clone + # 'no-create-on-read', + # no auto-create at all (don't forget to enable the 'create' command!) + # 'no-auto-create', + + # access a repo by another (possibly legacy) name + # 'Alias', + + # give some users direct shell access. See documentation in + # sts.html for details on the following two choices. + # "Shell $ENV{HOME}/.gitolite.shell-users", + # 'Shell alice bob', + + # set default roles from lines like 'option default.roles-1 = ...', etc. + # 'set-default-roles', + + # show more detailed messages on deny + # 'expand-deny-messages', + + # show a message of the day + # 'Motd', + + # system admin stuff + + # enable mirroring (don't forget to set the HOSTNAME too!) + # 'Mirroring', + + # allow people to submit pub files with more than one key in them + # 'ssh-authkeys-split', + + # selective read control hack + # 'partial-copy', + + # manage local, gitolite-controlled, copies of read-only upstream repos + 'upstream', + + # updates 'description' file instead of 'gitweb.description' config item + # 'cgit', + + # allow repo-specific hooks to be added + 'repo-specific-hooks', + + # performance, logging, monitoring... + + # be nice + # 'renice 10', + + # log CPU times (user, system, cumulative user, cumulative system) + # 'CpuTime', + + # syntactic_sugar for gitolite.conf and included files + + # allow backslash-escaped continuation lines in gitolite.conf + # 'continuation-lines', + + # create implicit user groups from directory names in keydir/ + # 'keysubdirs-as-groups', + + # allow simple line-oriented macros + # 'macros', + + # Kindergarten mode + + # disallow various things that sensible people shouldn't be doing anyway + # 'Kindergarten', + ], + +); + +# ------------------------------------------------------------------------------ +# per perl rules, this should be the last line in such a file: +1; + +# Local variables: +# mode: perl +# End: +# vim: set syn=perl: diff --git a/tools/conf/srv/gitolite/deploy-web-doc b/tools/conf/srv/gitolite/deploy-web-doc new file mode 100755 index 0000000..ae8e2db --- /dev/null +++ b/tools/conf/srv/gitolite/deploy-web-doc @@ -0,0 +1,42 @@ +#!/bin/bash +###################################################################### +# +# Put this file in your gitolite-admin; +# ~/gitolite-admin/local/hooks/repo-specific/deploy-web-doc +# +# set host to empty to create package for each push +# or set remote host to create package based on last deployed push +# host="https://doc.localhost" +host="" +# set name of witch branch should be deployed +branch_to_deploy="deploy_branch" + +###################################################################### + + +url="$host/.last_deploy" +source /srv/gitolite/deploy/hook.sh +read oldrev newrev refname +push_branch=$(git rev-parse --symbolic --abbrev-ref $refname) + +#SCRIPT_VARS=$(set) +#echo "project: $PROJECT" +#echo "local dir: $PWD" > /srv/gitolite/deploy/${GL_REPO} +#echo "${SCRIPT_VARS}" >> /srv/gitolite/deploy/${GL_REPO} + +if [[ $push_branch = $branch_to_deploy ]]; then + + # if host empty we make local tracking + if [[ $host = "" ]]; then + if [[ $(is_initial ${GL_REPO}) = "true" ]]; then + oldrev="initial" + fi + else + if [[ ! $(valid_url $url) = "true" ]]; then + echo "Deploy: set $url on remote to start creating packages" + exit 1 + fi + oldrev=$(get_remote_rev $url) + fi + create_package ${GL_REPO} ${PWD} ${oldrev} ${newrev} "deploy-web.sh" +fi diff --git a/tools/conf/srv/gitolite/deploy-web.sh b/tools/conf/srv/gitolite/deploy-web.sh new file mode 100644 index 0000000..01e92ac --- /dev/null +++ b/tools/conf/srv/gitolite/deploy-web.sh @@ -0,0 +1,75 @@ +#!/bin/bash + +pkg_path=$1 + +www_root="/srv/www" +www_user="nginx" +www_group="www" + +pkg_file="${pkg_path}/project" +pkg_rm="${pkg_path}/deleted" +pkg_files="${pkg_path}/files" + +if [ ! -f ${pkg_file} ]; then + echo "Deploy web: invalid pkg_file ${pkg_file}" + exit 1 +fi + +pkg_name=$(head -1 ${pkg_file}) +pkg_new=$(head -3 ${pkg_file} | tail -1) +pkg_new7=$(echo ${pkg_new} | cut -c1-7) + +pkg_www="${www_root}/${pkg_name}" +pkg_back="${pkg_www}/backup_deploy" +pkg_last="${pkg_www}/.last_deploy" + +if [ ! -d ${pkg_www} ]; then + echo "Deploy web: invalid pkg_www ${pkg_www}" + exit 1 +fi + +# first backup all data +if [[ ! $(ls ${pkg_www} | grep -v "backup_deploy") = "" ]]; then + if [ ! -d ${pkg_back} ]; then + sudo -u ${www_user} mkdir -p ${pkg_back} + fi + backup_file="${pkg_back}/${pkg_name}-$(date '+%Y-%j-%H-%M-%S').tar.gz" + echo "Deploy web: making backup ${backup_file}" + sudo -u ${www_user} tar --exclude ${pkg_back} --xattrs -zcpf ${backup_file} ${pkg_www} +fi + +# remove files and directories that have been deleted +if [ -f ${pkg_rm} ]; then + + echo "Deploy web: files to delete:" + # first we delete files + while read deleted_file; do + deleted_file="${pkg_www}/${deleted_file}" + if [ -f ${deleted_file} ]; then + echo "file rm ${deleted_file}" + rm ${deleted_file} + fi + done <${pkg_rm} + + # delete directories + while read deleted_file; do + deleted_file="${pkg_www}/${deleted_file}" + if [ -d ${deleted_file} ]; then + echo "file rm ${deleted_file}" + rm ${deleted_file} + fi + done <${pkg_rm} + +fi + +# copy new files to destination +if [ -d ${pkg_files} ]; then + echo "Deploy web: cp from ${pkg_files} to ${pkg_www}" + sudo -u ${www_user} cp -r ${pkg_files}/* ${pkg_www} +fi + +echo ${pkg_new} > ${pkg_last} +echo "Deploy: scripts/deployweb.sh ${pkg_name} ${pkg_new7} deployed." + +#remove temporary package +rm -r ${pkg_path} diff --git a/tools/conf/srv/gitolite/deploy.sh b/tools/conf/srv/gitolite/deploy.sh new file mode 100755 index 0000000..df11f4a --- /dev/null +++ b/tools/conf/srv/gitolite/deploy.sh @@ -0,0 +1,175 @@ +#!/bin/bash + +# origin package directory +packages_dir="/srv/gitolite/deploy/packages" +# temporary work directory +deploy_dir="/srv/gitolite/deploy/deploy_dir" +# scripts to deploy packages +deploy_scripts="/srv/gitolite/deploy/scripts" + +function get_script(){ + # receives package path return script to call + local pkg_path=$1 + echo $(head -2 ${pkg_path}/project | tail -1) +} + +function get_new(){ + # receives package path return commit hash (new) + local pkg_path=$1 + echo $(head -3 ${pkg_path}/project | tail -1) +} + +function get_dep(){ + # receives package path return previews commit hash (old) + local pkg_path=$1 + + new=$(head -3 ${pkg_path}/project | tail -1) + old=$(head -4 ${pkg_path}/project | tail -1) + + if [[ ! ${new} = ${old} ]]; then + echo ${old} | cut -c1-7 + fi +} + +function project_extract(){ + + # project directory containing extracted packages + local prj_dir=$1 + + # final extracted package + local prj_pkg="${prj_dir}/package" + + # temporary vars for swapping/iterating pkg_news + local pkg_new="" + local pkg_old="" + local pkg_dir="" + local pkg_temp="" + local pkg_next=1 + local pkg_del="" + local x=0 + local y=0 + + # array with all the news hashes + local pkg_news=($(ls ${prj_dir})) + + # total new packages + local total=${#pkg_news[@]} + + echo "Deploy: $(basename ${prj_dir}) extracting packages ${pkg_news[*]}" + + # find first package + for pkg_new in ${pkg_news[@]} + do + # get package dependency + pkg_dir="${prj_dir}/${pkg_new}" + pkg_old=$(get_dep ${pkg_dir}) + if [[ ! " ${pkg_news[@]} " =~ " ${pkg_old} " ]]; then + # pkg_news don't contain package + # we found initial package + pkg_temp=${pkg_news[0]} + pkg_news[0]=${pkg_new} + pkg_news[${x}]=${pkg_temp} + break + fi + x=$((${x}+1)) + done + + # Order packages by dependency start with first package + for (( y=0; y<${total}; y++ )) + do + pkg_next=$(($y+1)) + if [[ ${pkg_next} = ${total} ]]; then + ## we are in the last one + break + fi + + pkg_new=${pkg_news[$y]} + for (( x=pkg_next; x<${total}; x++ )) + do + pkg_dir="${prj_dir}/${pkg_news[${x}]}" + pkg_old=$(get_dep ${pkg_dir}) + # is dependent on current + if [[ ${pkg_old} = ${pkg_new} ]]; then + pkg_temp=${pkg_news[${pkg_next}]} + pkg_news[${pkg_next}]=${pkg_news[${x}]} + pkg_news[${x}]=${pkg_temp} + # we can break and pass next one + break + fi + done + done + + # create project final package directory + mkdir -p ${prj_pkg}/files + + # copy project information of last commit + cp ${prj_dir}/${pkg_news[$((${total}-1))]}/project ${prj_pkg} + + # now that packages are ordered we can start creating files + for pkg_new in ${pkg_news[@]} + do + pkg_dir=${prj_dir}/${pkg_new} + tar xf ${pkg_dir}/files.tar.xz \ + --directory ${prj_pkg}/files + + # if deleted files exists + if [ -f "${pkg_dir}/deleted" ]; then + # first collect all files/directories don't exist + while read pkg_del; do + # if file don't exist add entry to project deleted file + pkg_temp="${prj_pkg}/files/${pkg_del}" + if [ ! -f ${pkg_temp} ]; then + if [ ! -d ${pkg_temp} ]; then + # is not a file or directory from previous packages + echo ${pkg_del} >> ${prj_pkg}/deleted + fi + fi + done <${prj_dir}/${pkg_new}/deleted + + # delete directories and files + while read pkg_del; do + pkg_temp="${prj_pkg}/files/${pkg_del}" + if [ -d ${pkg_temp} ]; then + rm -r ${pkg_temp} + elif [ -f ${pkg_temp} ]; then + rm ${pkg_temp} + fi + done <${prj_dir}/${pkg_new}/deleted + fi + + #remove temporary directory + rm -r ${prj_dir}/${pkg_new} + done + + # call project deploy script + call_script=${deploy_scripts}/$(get_script $prj_pkg) + echo "Deploy: calling deploy script: ${call_script}" + /bin/bash ${call_script} ${prj_pkg} + +} + +if [[ ! $(ls ${deploy_dir}) = "" ]]; then + rm -r ${deploy_dir}/* +fi + +# first extract all packages from origin directory +for pkg_path in `find ${packages_dir} -type f -name "*.tar.gz"` +do + if [ -f ${pkg_path} ]; then + pkg_name=$(basename ${pkg_path}) + pkg_proj=$(echo ${pkg_name} | cut -d "_" -f 1) + pkg_new7=$(echo ${pkg_name} | tail -c -15 | cut -c -7) + pkg_temp=${deploy_dir}/${pkg_proj}/${pkg_new7} + mkdir -p ${pkg_temp} + tar xf ${pkg_path} --directory ${pkg_temp} + rm ${pkg_path} + fi +done + +# loop for all projects and deploy them +for prj_dir in `find ${deploy_dir} -maxdepth 1 -mindepth 1 -type d` +do + # order index of hashes based on old commit + echo "prj_dir $prj_dir" + project_extract ${prj_dir} +done diff --git a/tools/conf/srv/gitolite/gitolite.conf b/tools/conf/srv/gitolite/gitolite.conf new file mode 100644 index 0000000..09133ec --- /dev/null +++ b/tools/conf/srv/gitolite/gitolite.conf @@ -0,0 +1,80 @@ +@guests = gitweb +@interns = silvino +@dev = silvino +@teamleads = silvino +@staff = @interns @dev @teamleads + +repo @secret + - = @guests + option deny-rules = 1 + +repo @floss + RW+ = @dev @staff + R = @all + +repo @project + RW+ = @teamleads + - master = @dev + - refs/tags/v[0-9] = @dev + RW+ develop/ = @dev + RW+ feature/ = @dev + RW+ hot-fix/ = @dev + RW = @dev + R = @interns + +repo @mirror + RW+ release/ = @teamleads + RW+ develop/ = @dev + RW+ feature/ = @dev + RW+ hot-fix/ = @dev + R = @all + +repo gitolite-admin + RW+ = gitolite + +repo c9-doc c9-ports c9-pmwiki c9-assistant + config gitweb.owner = "c9 team" + config gitweb.category = "c9" + +repo linux-pck + config gitweb.owner = "c9 team" + config gitweb.category = "mirrors" + +repo opt core contrib + config gitweb.owner = "crux" + config gitweb.category = "crux" + +repo c9-doc + config gitweb.description = "c9 documentation" + option hook.post-receive = deploy-web-doc + +repo c9-ports + config gitweb.description = "c9 ports" + +repo c9-pmwiki + config gitweb.description = "c9 wiki" + option hook.post-receive = deploy-web-doc + +repo c9-assistant + config gitweb.owner = "c9 team" + config gitweb.description = "c9 open assistant" + +repo core + config gitweb.description = "crux core collection" + +repo opt + config gitweb.description = "crux opt collection" + +repo contrib + config gitweb.description = "crux contrib collection" + +repo linux-pck + config gitweb.description = "PCK or Parabola Community Kernel are multiple patches, pf-kernel and zen-kernel for Linux-libre kernel" + option upstream.url = git://git.parabola.nu/pck.git + option upstream.nice = 120 + + +@secret = gitolite-admin +@project = c9-doc c9-ports c9-pmwiki c9-assistant +@project = core opt contrib +@mirror = linux-pck diff --git a/tools/conf/srv/gitolite/hook.sh b/tools/conf/srv/gitolite/hook.sh new file mode 100644 index 0000000..1f977ca --- /dev/null +++ b/tools/conf/srv/gitolite/hook.sh @@ -0,0 +1,95 @@ +#!/bin/bash + +# final packages dir +packages_dir="/srv/gitolite/deploy/packages" +# hook work directory +hook_dir="/srv/gitolite/deploy/hook_dir" + +function is_initial(){ + local prj_name=$1 + if [ ! -d ${hook_dir}/${prj_name} ]; then + echo "true" + else + echo "false" + fi +} + +function get_remote_rev(){ + echo $(wget --no-check-certificate -qO- $1) +} + +function valid_url(){ + if [[ `wget -S --spider $1 --no-check-certificate 2>&1 | grep 'HTTP/1.1 200 OK'` ]]; + then + echo "true"; + fi +} + +function create_package(){ + # project name + local prj_name=$1 + # git repository directory + local git_dir=$2 + # last/old commit revision + local pkg_old=$3 + # new commit revision + local pkg_new=$4 + # script deploy call when extracting this package + local pkg_script=$5 + + local pkg_new7=$(echo $pkg_new | cut -c1-7) + + # project directory + local prj_dir="${hook_dir}/${prj_name}" + # package directory + local pkg_dir="${prj_dir}/${pkg_new7}" + # final tar file + local pkg_tar="${packages_dir}/${prj_name}_${pkg_new7}.tar.gz" + + # if temporary work directory exists maybe other process is creating packages + if [ -d "$pkg_dir" ]; then + echo "Deploy: temporary directory ${pkg_dir} exists, maybe other precess" + exit 1 + fi + # create temporary directory for this package + mkdir -p ${pkg_dir} + + echo "Deploy: ${prj_name} ${pkg_new7} package call ${pkg_script} on deploy." + + # save metadata to be used by deploy script + echo $prj_name > ${pkg_dir}/project + echo $pkg_script >> ${pkg_dir}/project + echo $pkg_new >> ${pkg_dir}/project + + # if is a valid old commit create a package with changes since then + # else create a full package (all files) + local is_commit=$(git --git-dir=${git_dir} cat-file -t ${pkg_old} 2>&1) + if [[ $is_commit = "commit" ]]; then + echo "Deploy: creating package from old commit." + # list with files to extract (Added Copied Modified Renamed) + file_list=$(git --git-dir=${git_dir} --no-pager diff \ + --diff-filter=ACMR \ + --name-only ${pkg_old} ${pkg_new}) + + # create tar archive with same name as commit hash with files + git --git-dir=${git_dir} archive -o ${pkg_dir}/files.tar.xz ${pkg_new} ${file_list} + + # first we create list of files to be removed + git --git-dir=${git_dir} --no-pager diff \ + --diff-filter=DR \ + --name-status -t ${pkg_old} ${pkg_new} | cut -f 2 > ${pkg_dir}/deleted + + # save old commit on metadata + echo $pkg_old >> ${pkg_dir}/project + else + echo "Deploy: creating initial package." + git --git-dir=${git_dir} archive -o ${pkg_dir}/files.tar.xz ${pkg_new} + + fi + + tar -zcpf ${pkg_tar} --directory=${pkg_dir} . + + echo "Deploy: package ${pkg_tar} ready !" + rm -r ${pkg_dir} + return 0 +} diff --git a/tools/gitolite.html b/tools/gitolite.html index 58d6d96..94abda0 100644 --- a/tools/gitolite.html +++ b/tools/gitolite.html @@ -23,7 +23,7 @@ <pre> # mkdir -p /srv/gitolite - # useradd -U -d /srv/gitolite gitolite + # useradd -r -s /bin/bash -m -d /srv/gitolite gitolite # chown gitolite:gitolite /srv/gitolite </pre> @@ -38,10 +38,20 @@ <p>Copy public key that will be used for authenticating gitolite administrator, read <a href="openssh.html#ssh">ssh</a> how to - create one.</p> + create one, key don't need to have password. + If the server is on remote a remote + machine you can use scp to copy the public key;</p> <pre> - $ sudo install -o gitolite -g gitolite /home/bob/.ssh/gitolite.pub /srv/gitolite/gitolite.pub + $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/ + bob@core.privat-network.net's password: + gitolite.pub 100% 390 0.4KB/s 00:00 + </pre> + + <p>Then on remote machine;</p> + + <pre> + # cp /home/admin/gitolite.pub /srv/gitolite.pub </pre> <pre> @@ -62,7 +72,7 @@ </pre> <pre> - $ ssh -v -i ~/.ssh/gitulite_rsa gitolite@localhost -p 2222 + $ ssh -v -i ~/.ssh/gitolite gitolite@localhost -p 2222 </pre> <h2 id="admin">3. Gitolite Administration</h2> @@ -72,7 +82,7 @@ Start by cloning gitolite-adimin;</p> <pre> - $ git clone gitolite:gitolite-admin + $ git clone git-admin:gitolite-admin </pre> <h3>3.1. Recover Admin Account</h3> @@ -127,38 +137,55 @@ edit conf/gitolite.conf;</p> <pre> - @dev = alice david - @interns = clair - @dev = bob - @teamleads = mike + @guests = gitweb + @interns = bob alice + @dev = fred mary joe + @teamleads = mary @staff = @interns @dev @teamleads - @proj-repos = sysdoc storm atom + repo @secret + - = @guests + option deny-rules = 1 repo @floss - R = @all + RW+ = @dev @staff + R = @all + + repo @project + RW+ = @teamleads + - master = @dev + - refs/tags/v[0-9] = @dev + RW+ develop/ = @dev + RW+ feature/ = @dev + RW+ hot-fix/ = @dev + RW = @dev + R = @interns - repo @proto - RW+ = @staff + repo gitolite-admin + RW+ = gitolite - repo @proj-repos - RW+ = @teamleads - - master = @dev - - refs/tags/v[0-9] = @dev - RW+ develop/ = @dev - RW+ feature/ = @dev - RW+ hot-fix/ = @dev - RW = @dev - R = @managers + repo c9-doc c9-ports c9-pmwiki + config gitweb.owner = "c9 team" + config gitweb.category = "c9" - repo atom sysdoc - option hook.post-receive = deployweb + repo c9-doc + config gitweb.description = "c9 documentation" + option hook.post-receive = deploy-web-doc - repo testing - RW+ = @staff + repo c9-ports + config gitweb.description = "c9 ports" - repo gitolite-admin - RW+ = mike + repo c9-pmwiki + config gitweb.description = "c9 wiki" + option hook.post-receive = deploy-web-doc + + repo c9-assistant + config gitweb.owner = "c9 team" + config gitweb.category = "c9" + config gitweb.description = "c9 open assistant" + + @secret = gitolite-admin + @project = c9-doc c9-ports c9-pmwiki c9-assistant </pre> <p>Commit and push;</p> @@ -174,13 +201,13 @@ <pre> # cd /srv/gitolite/repositories/ - # mv void.git sysdoc.git + # mv void.git c9-doc.git </pre> <p>On workstation edit conf/gitolite.conf;</p> <pre> - repo sysdoc + repo c9-doc RW+ = bob </pre> @@ -191,12 +218,44 @@ $ git push </pre> + <h4>3.3.3 Delete Repository</h4> + + <pre> + # cd /srv/gitolite/repositories/ + # rm -rf c9-doc.git + </pre> + + <p>On workstation edit conf/gitolite.conf and remove c9-doc.</p> + <h2 id="hooks">4. Gitolite Hooks</h2> + <p>This document creates three scripts, one is run when gitolite receives + push to a project with hook active, second script is run under root + user to allow operations where gitolite user have no rights, third one + is project specific.</p> + + <p>This example try to have a separate creation of a package and its deployment, + in case deploy script is not on the same machine other method can be used to send + the package.</p> + + <p>A normal package will have a files.tar with all or new files to extract, + if necessary a deleted file with the list of files to be removed and a + project file with data about the package like new hash commit, or witch + script to call to deploy.</p> + + <p>Package is created under gitolite + <a href="conf/srv/gitolite/hook.sh">/srv/gitolite/deploy/hook.sh</a> + script and + <a href="conf/srv/gitolite/deploy.sh">/srv/gitolite/deploy/deploy.sh</a>, + deploy in this example is called called by cron.</p> + + <h3 id="gtl-activate">4.1. Activate Hooks</h3> + <p>Example from <a href="http://gitolite.com/gitolite/cookbook.html#v3.6-variation-repo-specific-hooks">Cookbook</a> how to apply hooks only to certain repos. Uncomment or add - this line on /srv/gitolite/.gitolite.rc, within the %RC block;</p> + this line on <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>, + within the %RC block;</p> <pre> LOCAL_CODE => "$rc{GL_ADMIN_BASE}/local", @@ -206,194 +265,244 @@ or add it to the ENABLE list if it doesn't exist.</p> <pre> - GIT_CONFIG_KEYS => '.*', - </pre> - - <pre> # allow repo-specific hooks to be added 'repo-specific-hooks', </pre> - <p>Put your hooks into your gitolite-admin clone, as follows:</p> + <p>Create directory on gitolite-admin clone;</p> <pre> $ cd ~/gitolite-admin $ mkdir -p local/hooks/repo-specific </pre> - <p>Create the same directory on remote as gitolite;</p> + <p>Now add your hooks to that directory, but instead of using the + git "standard" names (pre-receive, post-receive, post-update), + you use descriptive names (e.g. "deploy", "RSS-post", etc).</p> + + <p>On remote run;</p> <pre> # su - gitolite - $ mkdir local/hooks/repo-specific + $ mkdir .gitolite/local/hooks/repo-specific + $ gitolite setup </pre> - <p>Now add your hooks to that directory, but instead of using the - git "standard" names (pre-receive, post-receive, post-update), - you use descriptive names (e.g. "deploy", "RSS-post", etc).</p> + <h3 id="gtl-deploy">4.2. Deploy and Hook script</h3> - <h3 id="gtl-deploy">4.1. Deploy Hook</h3> + <p>Create deploy directory on remote, /srv/gitolite/deploy + was chosen to have less impact on the package system;</p> - <p>This manual create two users; one gitolite that handle git - central server and system www for web servers. To avoid permission - problems this example use gitolite hooks and cron. By using cron - we have permission to use chown, this way files end up with right - www user ownership and permissions.</p> + <pre> + $ sudo -u gitolite mkdir /srv/gitolite/deploy + </pre> + + <p>Script + <a href="conf/srv/gitolite/hook.sh">/srv/gitolite/deploy/hook.sh</a> + receives call create_package "project-name" "git-dir" + "valid oldrev/invalid" "newrev" "script/to/call.sh" from gitolite hook + and creates a package.</p> - <p>This hook allows to select wich branch is deployed and if exists, - calls a script inside project folder with user www. This allows to - do post deploy (checkout) tasks such as composer update.</p> + <pre> + $ sudo -u gitolite cp conf/srv/gitolite/hook.sh /srv/gitolite/deploy/ + </pre> - <p>Create <a href="../conf/srv/gitoliteolite/deployweb">deployweb</a> - in gitolite-admin/local/hooks/repo-specific;</p> + <p>Script + <a href="conf/srv/gitolite/deploy.sh">/srv/gitolite/deploy/deploy.sh</a> + loops for each package, extracts, order commit hashes to create final + snapshot of files and call script to handle deploy.</p> <pre> - $ vim ~/gitolite-admin/local/hooks/repo-specific/deployweb + $ sudo -u gitolite cp conf/srv/gitolite/deploy.sh /srv/gitolite/deploy/ </pre> + <h3 id="gtl-setup">4.3. Setup project hook</h3> + + <p>Project hooks create a package by calling hook.sh script and + deploy a package being called by deploy.sh. Deploy script is a + simple example that handle multiple web projects.</p> + + <h4>4.3.1. Hook Script</h4> + + <p>Create + <a href="conf/srv/gitolite/deploy-web-doc">gitolite-admin/local/hooks/repo-specific/deploy-web-doc</a>;</p> + <pre> #!/bin/bash - ###################################################################### # # Put this file in your gitolite-admin; - # ~/gitolite-admin/local/hooks/repo-specific/deployweb + # ~/gitolite-admin/local/hooks/repo-specific/deploy-web-doc # - while read oldrev newrev refname - do - BRANCH=$(git rev-parse --symbolic --abbrev-ref $refname) - echo "Commit was for branch $BRANCH" + # set host to empty to create package for each push + # or set remote host to create package based on last deployed push + # host="https://doc.localhost" + host="" + # set name of witch branch should be deployed + branch_to_deploy="deploy_branch" - if [[ "$BRANCH" == "master" ]];then + ###################################################################### - # Get project name from current directory (without .git) - PROJECT=$(basename "$PWD") - PROJECT=${PROJECT%.git} - echo "Project $PROJECT added to deploy list." - echo $PWD > /srv/gitolite/deploy/$PROJECT - fi + url="$host/.last_deploy" + source /srv/gitolite/deploy/hook.sh + read oldrev newrev refname + push_branch=$(git rev-parse --symbolic --abbrev-ref $refname) - done - </pre> + #SCRIPT_VARS=$(set) + #echo "project: $PROJECT" + #echo "local dir: $PWD" > /srv/gitolite/deploy/${GL_REPO} + #echo "${SCRIPT_VARS}" >> /srv/gitolite/deploy/${GL_REPO} - <p>Create deploy directory on remote;</p> + if [[ $push_branch = $branch_to_deploy ]]; then - <pre> - # su - gitolite - $ mkdir deploy + # if host empty we make local tracking + if [[ $host = "" ]]; then + if [[ $(is_initial ${GL_REPO}) = "true" ]]; then + oldrev="initial" + fi + else + if [[ ! $(valid_url $url) = "true" ]]; then + echo "Deploy: set $url on remote to start creating packages" + exit 1 + fi + oldrev=$(get_remote_rev $url) + fi + create_package ${GL_REPO} ${PWD} ${oldrev} ${newrev} "deploy-web.sh" + fi </pre> - <p>Add scripts to the repos you want them to be active in - your conf file. For example:</p> + <p>Activate this hook, the idea is to start with this one as a template working + and then implement the final one. Edit gitolite admin configuration file and + activate:</p> <pre> - repo atom @baz - option hook.post-receive = deployweb + repo c9-doc + config gitweb.description = "c9 documentation" + option hook.post-receive = deploy-web-doc </pre> <p>Add, commit, and push the admin repo;</p> <pre> - $ git add -u && git commit -m "deploy hook" + $ git add local/hooks/repo-specific/hook-deployweb + $ git add -u && git commit -m "added deploy c9 hook" </pre> - <p>On remote run;</p> + <p>Now we can test if our script is functioning by creating a branch on c9-doc + making a random change and push;<p> <pre> - # su - gitolite - $ gitolite setup + $ cd c9-doc + $ git checkout -b deploy_branch </pre> - <p>Create deploy script that cron will call - every minute, this script will check inside - /srv/gitolite/deploy folder for projects that have - been updated.</p> + <h4>4.3.2. Deploy Script</h4> - <p>Create <a href="../conf/srv/gitolite/deploy.sh">deploy.sh</a> in - /usr/share/gitolite;</p> + <p>Create + <a href="conf/srv/gitolite/deploy-web.sh">/srv/gitolite/deploy/scripts/deploy-web.sh</a>;</p> <pre> - $ vim /usr/share/gitolite/deploy.sh - </pre> + #!/bin/bash - <pre> - #!/bin/sh + pkg_path=$1 - ###################################################################### - # - # Put this file in; - # /usr/share/gitolite/deploy.sh - # - DIR_WWW=/srv/www/ - DEPLOY_BRANCH=master - TARGET_USER=www + www_root="/srv/www" + www_user="nginx" + www_group="www" - for DP_FILE in /srv/gitolite/deploy/* - do + pkg_file="${pkg_path}/project" + pkg_rm="${pkg_path}/deleted" + pkg_files="${pkg_path}/files" - if [ ! -f "$DP_FILE" ]; then - # Nothing to do ;) - #echo "Deploy: invalid DP_FILE" - exit 1; + if [ ! -f ${pkg_file} ]; then + echo "Deploy web: invalid pkg_file ${pkg_file}" + exit 1 fi - # Get project name - PROJECT=$(basename "$DP_FILE") - echo "Deploy: PROJECT=${PROJECT}" + pkg_name=$(head -1 ${pkg_file}) + pkg_new=$(head -3 ${pkg_file} | tail -1) + pkg_new7=$(echo ${pkg_new} | cut -c1-7) + + pkg_www="${www_root}/${pkg_name}" + pkg_back="${pkg_www}/backup_deploy" + pkg_last="${pkg_www}/.last_deploy" - # Get git repository path and verify if exists - DIR_GIT=$(head -n 1 $DP_FILE) - if [ ! -d "$DIR_GIT" ]; then - echo "Deploy: invalid DIR_GIT: ${DIR_GIT}" - exit 2; + if [ ! -d ${pkg_www} ]; then + echo "Deploy web: invalid pkg_www ${pkg_www}" + exit 1 fi - echo "Deploy: DIR_GIT=${DIR_GIT}" - - # Get directory to deploy and verify if exists - GIT_WORK_TREE=${DIR_WWW}${PROJECT}/ - if [ ! -d "$GIT_WORK_TREE" ]; then - echo "Deploy: invalid GIT_WORK_TREE: ${GIT_WORK_TREE}" - echo "Deploy: creating directory: $GIT_WORK_TREE}" - mkdir -p $GIT_WORK_TREE + + # first backup all data + if [[ ! $(ls ${pkg_www} | grep -v "backup_deploy") = "" ]]; then + if [ ! -d ${pkg_back} ]; then + sudo -u ${www_user} mkdir -p ${pkg_back} + fi + backup_file="${pkg_back}/${pkg_name}-$(date '+%Y-%j-%H-%M-%S').tar.gz" + echo "Deploy web: making backup ${backup_file}" + sudo -u ${www_user} tar --exclude ${pkg_back} --xattrs -zcpf ${backup_file} ${pkg_www} fi - echo "Deploy: GIT_WORK_TREE={$GIT_WORK_TREE}" - # Deploy (checkout) - echo "Deploy: starting git checkout" + # remove files and directories that have been deleted + if [ -f ${pkg_rm} ]; then - git --git-dir=$DIR_GIT \ - --work-tree=$GIT_WORK_TREE \ - checkout -f $DEPLOY_BRANCH + echo "Deploy web: files to delete:" + # first we delete files + while read deleted_file; do + deleted_file="${pkg_www}/${deleted_file}" + if [ -f ${deleted_file} ]; then + echo "file rm ${deleted_file}" + rm ${deleted_file} + fi + done <${pkg_rm} + + # delete directories + while read deleted_file; do + deleted_file="${pkg_www}/${deleted_file}" + if [ -d ${deleted_file} ]; then + echo "file rm ${deleted_file}" + rm ${deleted_file} + fi + done <${pkg_rm} + fi - # Fix ownership and permissions - echo "Deploy: fixing permissions" + # copy new files to destination + if [ -d ${pkg_files} ]; then + echo "Deploy web: cp from ${pkg_files} to ${pkg_www}" + sudo -u ${www_user} cp -r ${pkg_files}/* ${pkg_www} + fi - echo "Deploy: setting owner: chown -R ${TARGET_USER}" - chown -R ${TARGET_USER}:${TARGET_USER} $GIT_WORK_TREE + echo ${pkg_new} > ${pkg_last} + echo "Deploy: scripts/deployweb.sh ${pkg_name} ${pkg_new7} deployed." - echo "Deploy: setting directory permissions: chmod 755" - find $GIT_WORK_TREE -type d -print0 | xargs -0 chmod 755 + #remove temporary package + rm -r ${pkg_path} + </pre> - echo "Deploy: setting file permissions: chmod 644" - find $GIT_WORK_TREE -type f -print0 | xargs -0 chmod 644 + <h4>4.3.3. Debuging hooks</h4> - # Call project script - if [ -f "${GIT_WORK_TREE}/deploy.sh" ]; then - echo "Deploy: calling ${GIT_WORK_TREE}deploy.sh" - cd ${GIT_WORK_TREE} - sudo -u ${TARGET_USER} sh ${GIT_WORK_TREE}deploy.sh - fi + <p>Comment gitolite admin repo script "if" and uncomment debug sections, this allow to + source the file with environment of hook.</p> - # Done with project - echo "Deploy: removing deploy file="$DP_FILE - rm $DP_FILE + <p>Later you can delete this branch locally and remote and start fresh. To test + if hook is called each time you push run;</p> - exit 0; - done + + <pre> + $ echo $(( ( RANDOM % 10 ) +1 )) >> index.html && git add -u && git commit -m "test deploy" && git push git </pre> + <p>See if a file was created in /srv/gitolite/deploy with name of project and + with environmental variables of gitolite script.</p> + + <p>From now on you can test changes directly on + /srv/gitolite/.gitolite/local/hooks/repo-specific/hook-deployweb + and repeat above command to see the results or create a separate script with + all variables generated by above script set so you don't have to push at all.</p> + + <h4 id="gtl-deploy">4.4. Deploy with Cron</h4> + <p>Add cron job to call deploy script every minute;</p> <pre> @@ -406,9 +515,9 @@ # # this way it will log - # * * * * * /usr/share/gitolite/deploy.sh + # * * * * * /usr/share/gitolite/deployweb # without log - * * * * * /usr/share/gitolite/deploy.sh > /dev/null 2>&1 + * * * * * /usr/share/gitolite/deployweb > /dev/null 2>&1 @hourly ID=sys.hourly /usr/sbin/runjobs /etc/cron/hourly @daily ID=sys.daily /usr/sbin/runjobs /etc/cron/daily @@ -418,6 +527,106 @@ # End of file </pre> + <h2 id="gitweb">5. Gitweb</h2> + + <pre> + $ prt-get depinst p5-cgi p5-cgi-session libcgi \ + fcgiwrap spawn-fcgi highlight + </pre> + + <h3>5.1. Configure gitweb</h3> + + <p>Edit /etc/gitweb.conf</p> + + <pre> + our $git_temp = "/srv/www/gitweb_tmp"; + + our $projects_list = "/srv/gitolite/projects.list"; + # The directories where your projects are. Must not end with a slash. + our $projectroot = "/srv/gitolite/repositories"; + + # Base URLs for links displayed in the web interface. + our @git_base_url_list = qw(git://core.privat-network.com http://git@core.private-network.com); + + our $projects_list_group_categories = 1; + </pre> + + <h3>5.2. Configure nginx</h3> + + <p>Edit /etc/rc.d/fcgiwrap to run as nginx user member of gitolite + and www group;</p> + + <pre> + USER=nginx + GROUP=nginx + </pre> + + <pre> + # usermod -G www,gitolite nginx + </pre> + + <p>Create link from gitweb to web server folder;</p> + + <pre> + # ln -s /usr/share/gitweb /srv/www + </pre> + + <p>Add this to default or main + <a href="nginx.html#virtual-host">nginx virtual host</a>;</p> + + <pre> + location /gitweb/gitweb.cgi { + alias /srv/www/gitweb; + include fastcgi_params; + gzip off; + fastcgi_param SCRIPT_FILENAME /srv/www/gitweb/gitweb.cgi; + fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; + fastcgi_pass unix:/var/run/fcgiwrap.sock; + } + + location /gitweb { + alias /srv/www/gitweb; + index gitweb.cgi; + } + </pre> + + <h3>5.3. Configure gitolite</h3> + + <p>Edit + <a href="conf/srv/gitolite/.gitolite.rc">/srv/gitolite/.gitolite.rc</a>, + change UMASK and GIT_CONFIG_KEYS to;</p> + + <pre> + # default umask gives you perms of '0700'; see the rc file docs for + # how/why you might change this + UMASK => 027, + + # look for "git-config" in the documentation + GIT_CONFIG_KEYS => '.*', + </pre> + + <p>Fix permissions;</p> + + <pre> + $ sudo chown -R gitolite:gitolite /srv/gitolite + $ sudo chmod g+rx /srv/gitolite/projects.list + $ sudo chmod -R 755 /srv/gitolite/repositories/ + </pre> + + <p>Edit gitolite-admin/conf/gitolite.conf;</p> + + <pre> + repo c9-doc + config gitweb.owner = c9 team + config gitweb.description = c9 documentation + config gitweb.category = c9 + + repo c9-ports + config gitweb.owner = c9 team + config gitweb.description = c9 ports + config gitweb.category = c9 + </pre> + <a href="index.html">Tools Index</a> <p>This is part of the c9-doc Manual. Copyright (C) 2016 diff --git a/tools/index.html b/tools/index.html index 1b63a92..71fc2e4 100644 --- a/tools/index.html +++ b/tools/index.html @@ -133,12 +133,23 @@ <li><a href="openssh.html#reverse">3. Reverse connection</a></li> </ul> </li> + <li><a href="nginx.html">Nginx</a> + <ul> + <li><a href="nginx.html#install">1. Install Nginx</a></li> + <li><a href="nginx.html#certs">2. Certificates</a></li> + <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li> + <li><a href="nginx.html#server">4. Server with PHP</a></li> + <li><a href="nginx.html#userdir">5. User Directory</a></li> + <li><a href="nginx.html#logs">6. Logs</a></li> + </ul> + </li> <li><a href="gitolite.html">Gitolite</a> <ul> <li><a href="gitolite.html#install">1. Install Gitolite</a></li> <li><a href="gitolite.html#config">2. Configure Gitolite</a></li> <li><a href="gitolite.html#admin">3. Gitolite Administration</a></li> <li><a href="gitolite.html#hooks">4. Gitolite Hooks</a></li> + <li><a href="gitolite.html#gitweb">5. Gitweb</a></li> </ul> </li> <li><a href="postgresql.html">Postgresql</a> @@ -152,16 +163,6 @@ <li><a href="postgresql.html#psql">7. Psql</a></li> </ul> </li> - <li><a href="nginx.html">Nginx</a> - <ul> - <li><a href="nginx.html#install">1. Install Nginx</a></li> - <li><a href="nginx.html#certs">2. Certificates</a></li> - <li><a href="nginx.html#nginxconf">3. Nginx Configuration</a></li> - <li><a href="nginx.html#server">4. Server with PHP</a></li> - <li><a href="nginx.html#userdir">5. User Directory</a></li> - <li><a href="nginx.html#logs">6. Logs</a></li> - </ul> - </li> </ul> <a href="../index.html">Documentation Index</a> diff --git a/tools/network.html b/tools/network.html index 43e4616..0dc51d6 100644 --- a/tools/network.html +++ b/tools/network.html @@ -14,30 +14,15 @@ by <a href="../core/network.html">net and wlan</a> scripts, they allow to connect to the internet in the most common environments.</p> + <p>For network statistics and monitoring see <a href="tcpdump.html">tcpdump</a>.</p> + <h2 id="bridge">Bridges</h2> <p>See <a href="conf/etc/rc.d/blan">/etc/rc.d/blan</a> on how to create interfaces at startup or as source to do it in automatic way;</p> - <pre> - DEV="br0" - PHY="enp8s0" - </pre> - - <pre> - # ip link add name ${DEV} type bridge - # ip link set dev ${DEV} up - </pre> - <pre> - # ip route flush dev ${PHY} - # ip addr flush dev ${PHY} - # ip link set dev ${PHY} master ${DEV} - </pre> - - <pre> - # ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast + - </pre> + <p>For more information about bridges <a href="http://ebtables.netfilter.org/br_fw_ia/br_fw_ia.html#section7">Bridges with iptables</a></p> <a href="index.html">Tools Index</a> <p>This is part of the c9 Manual. diff --git a/tools/nginx.html b/tools/nginx.html index 0ded2b6..5a2e00c 100644 --- a/tools/nginx.html +++ b/tools/nginx.html @@ -257,7 +257,7 @@ /etc/php/conf.d/pdo_pgsql.ini </pre> - <h3>4.2. Setup Virtual Host</h3> + <h3 id="virtual-host">4.2. Setup Virtual Host</h3> <p>Server (virtual host) with pmwiki and flyspray, check <a href="conf/etc/nginx/sites/">/etc/nginx/sites</a> diff --git a/tools/openssh.html b/tools/openssh.html index d0a549c..70fe76f 100644 --- a/tools/openssh.html +++ b/tools/openssh.html @@ -196,31 +196,28 @@ <h3 id="sshpubkey">2.1. Install Public Keys</h3> - <p>Send gitolite.pub public key to server. In this example - bob (administrator of gitolite) is on same host, - first copy is public key to admin home directory;</p> + <p>Example how to give ssh access to bob user to admin account + using public key authentication. Is necessary to make user public + key available in the server, this can be done by several ways, in + this example the public key will be copied using scp;</p> <pre> - # install -o admin -g admin /home/bob/.ssh/gitolite.pub /home/admin/.ssh/gitolite.pub - </pre> - - <p>If the server is on remote a remote machine;</p> - - <pre> - $ scp /home/bob/.ssh/gitolite.pub admin@core.privat-network.net:/home/admin/.ssh/ + $ scp /home/bob/.ssh/id_rsa.pub admin@core.privat-network.net:/home/admin/.ssh/ bob@core.privat-network.net's password: - gitolite.pub 100% 390 0.4KB/s 00:00 + id_rsa.pub 100% 390 0.4KB/s 00:00 </pre> - <p>In case of bob public key for normal ssh login, admin can - add his public key to authorized keys;</p> + <p>Login on remote as admin and add bob public key to authorized keys;</p> <pre> - $ cat bob_rsa.pub >> ~/.ssh/authorized_keys + $ cat ~/.ssh/bob_rsa.pub >> ~/.ssh/authorized_keys </pre> + <p>Now bob can login as admin on remote server using publik key + athentication;</p> + <pre> - $ ssh -P 2222 bob@remote.org + $ ssh -P 2222 admin@remote.org </pre> <h3 id="sshid">2.2. Configure Identities</h3> @@ -230,53 +227,49 @@ -i flag. Create or edit ~/.ssh/config</p> <pre> - Host admin + Host core Hostname core.privat-network.net IdentityFile ~/.ssh/id_rsa Port 2222 User admin - Host gitolite - Hostname core.privat-network.net - IdentityFile ~/.ssh/gitolite - Port 2222 - User gitolite - - Host box + Host git Hostname core.privat-network.net IdentityFile ~/.ssh/id_rsa Port 2222 - User bob + User gitolite - Host devbox + Host git-admin Hostname core.privat-network.net - IdentityFile ~/.ssh/id_rsa + IdentityFile ~/.ssh/gitolite Port 2222 User gitolite </pre> - <p>Now you can just type;</p> + <p>Now you can just type ssh core to connect core.privat-network.net on + port 2222 with ~/.ssh/id_rsa as identity, or to connect to git server as + gitolite admin;</p> <pre> - $ ssh box + $ ssh git-admin </pre> - <p>On remote start <a href"../systools/tmux.html">tmux</a> - and detach from the session with ctrl + b d</p> - - <p>Create alias on ~/.profile;</p> + <p>To take advantage of tmux first login on remote and start + <a href"../systools/tmux.html">tmux</a>, detach from the session + with ctrl + b d. Change ~/.bashrc and add follow alias;</p> <pre> - alias boxtmux="ssh servername -t tmux a" + alias core-server="ssh core -t tmux a" </pre> <p>Source it and attach to remote;</p> <pre> - $ boxtmux + $ source ~/.profile + $ core-server </pre> - <p>Logout just detach from session with ctrl + b d </p> + <p>To logout just detach from tmux session with ctrl + b d </p> <h2 id="reverse">3. Reverse connection</h2> diff --git a/tools/qemu.html b/tools/qemu.html index 0079dfc..86fb7aa 100644 --- a/tools/qemu.html +++ b/tools/qemu.html @@ -12,7 +12,9 @@ <h2 id="kern">1. Host System</h2> - <p>Load modules, in this case kvm of intel cpu;</p> + <p>Prepare host system for virtual machines, this includes create new user, + loading necessary modules and configure network. Load kvm module, in this example + intel module is loaded but depends on host cpu;</p> <pre> # modprobe -a kvm-intel tun virtio @@ -27,6 +29,7 @@ <h2 id="disk">2. Disk images</h2> + <p>Qemu supports multiple disk images types.</p> <dl> <dt>img</dt> <dd>Raw disk image, allows dd to a physical device.</dd> @@ -115,67 +118,109 @@ KERNEL=="tun", GROUP="kvm", MODE="0660", OPTIONS+="static_node=net/tun" </pre> + <h3>2.1. Routing</h3> - <h3>2.1. Public Bridge</h3> - - <p>Create <a href="network.html#bridge">bridge</a>, create new - tap and add it to bridge;</p> - - <pre> - # DEV="br0" - # TAP="tap1" - </pre> - - <pre> - # ip tuntap add ${TAP} mode tap group kvm - # ip link set ${TAP} up - </pre> + <p>Create interface with correct permissions set for kvm group.</p> <pre> - # ip link set ${TAP} master ${DEV} + # sysctl -w net.ipv4.ip_forward=1 + # iptables -A INPUT -i br0 -j ACCEPT + # iptables -A FORWARD -i br0 -j ACCEPT + # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -d 10.0.0.0/24 -j ACCEPT + # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE </pre> - <h3>2.2. Routing</h3> + <h3>2.2. Public Bridge</h3> - <p>Create interface with correct permissions set for kvm group.</p> + <p>Create <a href="network.html#bridge">bridge</a>, create new + tap and add it to bridge;</p> <pre> - # sysctl -w net.ipv4.ip_forward=1 - # iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE + DEV="br0" + + ADDR=10.0.0.254 + NET=10.0.0.0 + GW=192.168.1.254 + MASK=24 + + # one tap for each cpu core + NTAPS=$((`/usr/bin/nproc`)) + + case $1 in + start) + /sbin/ip link add name ${DEV} type bridge + /sbin/ip addr add ${ADDR}/${MASK} dev ${DEV} broadcast + + /sbin/ip link set dev ${DEV} up + /bin/sleep 0.2s + + for i in `/usr/bin/seq $NTAPS` + do + TAP="tap$i" + echo "Setting up ${TAP} tap interface." + /sbin/ip tuntap add ${TAP} mode tap group kvm + /sbin/ip link set ${TAP} up + /bin/sleep 0.2s + /sbin/ip link set ${TAP} master ${DEV} + done + + exit 0 + ;; + stop) + + for i in `/usr/bin/seq $NTAPS` + do + TAP="tap$i" + echo "Deleting ${TAP} tap interface." + /sbin/ip link del ${TAP} + done + + /sbin/ip link set dev ${DEV} down + /sbin/ip route flush dev ${DEV} + /sbin/ip link del ${DEV} + exit 0 + ;; + restart) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 [start|stop|restart]" + ;; + esac + + # End of file </pre> <h2 id="guest">Guest System</h2> - <p>Start qemu with 512 of ram, mydisk.img as disk and boot from iso</p> - <p>See <a href="scripts/system-qemu.sh">scripts/system-qemu.sh</a>, as template. Run virtual machine that uses above tap device;</p> <pre> - $ ISO=~/crux-3.2.iso - $ IMG=~/crux-img.qcow2 - $ TAP="tap1" + #!/bin/bash - $ qemu-system-x86_64 \ - -enable-kvm \ - -m 1024 \ - -boot d \ - -cdrom ${ISO} \ - -hda ${IMG} \ - -net nic,model=virtio -net tap,ifname=${TAP},script=no,downscript=no - </pre> + function rmac_addr (){ + printf '54:60:BE:EF:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) + } - <pre> - $ ISO=~/crux-3.2.iso - $ IMG=~/crux-img.qcow2 + #boot=d + boot=$1 + #iso=crux-3.2.iso + iso=$2 + #image=crux-img.qcow2 + image=$3 + #tap="tap1" + tap=$4 + mac=$(rmac_addr) - $ qemu-system-x86_64 \ + qemu-system-x86_64 \ -enable-kvm \ -m 1024 \ - -boot d \ - -cdrom ${ISO} \ - -hda ${IMG} \ - -net nic,model=virtio -net tap,ifname=${TAP},script=no,downscript=no + -boot ${boot} \ + -cdrom ${iso} \ + -hda ${image} \ + -device e1000,netdev=t0,mac=${mac} \ + -netdev tap,id=t0,ifname=${tap},script=no,downscript=no </pre> <a href="index.html">Tools Index</a> diff --git a/tools/scripts/autoport.sh b/tools/scripts/autoport.sh new file mode 100644 index 0000000..9965936 --- /dev/null +++ b/tools/scripts/autoport.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# Root Directory +DIR=$(dirname "$PWD"); + +DIR_CONF=$DIR"/conf" +COL_DIR=$DIR"/c9-ports/" + +#rm ck4up.conf +for port in ${COL_DIR}*/ ; do + + echo "Checking port $port" + # (cd $port && git clean -f -d . ) + # prtwash -p -s $port + prtverify -m clean-repo $port + + #echo "${port}Pkgfile;" + #source ${port}Pkgfile; + + #echo "$name md5 ${source[0]} @TAR@" >> ck4up.conf +done + +portspage --title=c9-ports . > index.html +httpup-repgen $COL_DIR diff --git a/tools/scripts/external-ports.sh b/tools/scripts/external-ports.sh new file mode 100644 index 0000000..21f42cb --- /dev/null +++ b/tools/scripts/external-ports.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +prt-get printf "%i %p %n \n" | grep "yes /usr/ports" \ + | grep -v "ports/contrib" \ + | grep -v "ports/opt" \ + | grep -v "ports/core" \ + | grep -v "ports/xorg" \ + | grep -v "ports/c9-ports" diff --git a/tools/scripts/pkgmk-test.conf b/tools/scripts/pkgmk-test.conf new file mode 100644 index 0000000..2336685 --- /dev/null +++ b/tools/scripts/pkgmk-test.conf @@ -0,0 +1,38 @@ +# +# /etc/pkgmk.conf: pkgmk(8) configuration +# + +export CFLAGS="-O2 -march=x86-64" +export CXXFLAGS="${CFLAGS}" + +export MAKEFLAGS="-j4" + +case ${PKGMK_ARCH} in + "64"|"") + ;; + "32") + export CFLAGS="${CFLAGS} -m32" + export CXXFLAGS="${CXXFLAGS} -m32" + export LDFLAGS="${LDFLAGS} -m32" + export PKG_CONFIG_LIBDIR="/usr/lib32/pkgconfig" + ;; + *) + echo "Unknown architecture selected! Exiting." + exit 1 + ;; +esac + + PKGMK_SOURCE_MIRRORS=(https://ports.c9.core/distfiles/) +# PKGMK_SOURCE_DIR="$PWD" +# PKGMK_PACKAGE_DIR="$PWD" +# PKGMK_WORK_DIR="$PWD/work" +# PKGMK_DOWNLOAD="no" +# PKGMK_IGNORE_FOOTPRINT="no" +# PKGMK_IGNORE_NEW="no" +# PKGMK_NO_STRIP="no" +# PKGMK_DOWNLOAD_PROG="wget" +# PKGMK_WGET_OPTS="" +# PKGMK_CURL_OPTS="" +# PKGMK_COMPRESSION_MODE="gz" + + diff --git a/tools/scripts/pkgmk-test.sh b/tools/scripts/pkgmk-test.sh new file mode 100644 index 0000000..5509ac2 --- /dev/null +++ b/tools/scripts/pkgmk-test.sh @@ -0,0 +1,5 @@ +#!/bin/bash +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" +CONF=${DIR}/pkgmk-test.conf + +fakeroot pkgmk -cf $CONF -d $1 diff --git a/tools/scripts/replace.sh b/tools/scripts/replace.sh index 8e393f0..e925e7d 100644..100755 --- a/tools/scripts/replace.sh +++ b/tools/scripts/replace.sh @@ -1,5 +1,6 @@ #!/bin/sh +# find and replace string on files folder=$1 oldstring=$2 newstring=$3 diff --git a/tools/storage.html b/tools/storage.html index 894873b..109c6fa 100644 --- a/tools/storage.html +++ b/tools/storage.html @@ -30,6 +30,20 @@ <h2 id="mv">2. Moving data</h2> + <p>Temp partition with 20M-50M;</dd> + + <pre> + (parted) mkpart primary ext4 4000MiB 4050MiB + </pre> + + <p>Ports partition with 120G allows to host sources, package + backups and ports;</dd> + + <pre> + (parted) mkpart primary ext4 192000MiB 312000MiB + </pre> + + <p>Reboot into single-user mode where services aren't started and networking is offline.<p> <pre> @@ -52,8 +66,14 @@ <p>Edit the <a href="../conf/etc/fstab">/etc/fstab</a>file:</p> <pre> + # Temporary Data /tmp + UUID=50bf6e55-6461-4dd4-b315-65b53cac0995 /tmp ext4 defaults,nodev,nosuid,noexec 0 0 + # Server Data /srv UUID=6fadcb98-e442-4af7-a5f2-1ddb6100a8c4 /srv ext4 defaults 0 2 + + # Ports Data /usr/ports + UUID=d1df6743-d3cb-4d5a-badb-96cef3181095 /usr/ports ext4 defaults,nodev,nosuid,noexec 0 0 </pre> <p>Reboot in normal mode.</p> diff --git a/tools/tcpdump.html b/tools/tcpdump.html index ef15b59..8c9932a 100644 --- a/tools/tcpdump.html +++ b/tools/tcpdump.html @@ -8,6 +8,10 @@ <h1>TCPDump</h1> <pre> + iftop + </pre> + + <pre> tcpdump -vvv -s 0 -l -n port 53 </pre> diff --git a/tools/vim.html b/tools/vim.html index d483e29..528c777 100644 --- a/tools/vim.html +++ b/tools/vim.html @@ -53,10 +53,21 @@ <p>Vertical split;</p> <pre> - :sp + :vsp + </pre> + + <p>Change horizontal to vertical</p> + <pre> + ctrl+w H + </pre> + + <p>Change vertical to horizontal</p> + <pre> + ctrl+w J </pre> <p>Move between window splits;</p> + <pre> ctrl+w (k,j,l,h) </pre> @@ -97,7 +108,6 @@ selection or object. For example to delete the next two words press: d + 2 + w. List of important operators objects, selections;</p> - <pre> <pre> operator + count + object diff --git a/tools/x.html b/tools/x.html index 214c8fc..3c6aff7 100644 --- a/tools/x.html +++ b/tools/x.html @@ -1,146 +1,175 @@ -<html> - <p>Add <a href="https://crux.nu/portdb/?a=getup&q=6c37">6c37</a> - port collection and activate on /etc/prt-get.conf above xorg.</p> - -<pre> -$ sudo prt-get depinst xorg-server -$ sudo prt-get depinst xorg-xinit -$ sudo prt-get depinst xkeyboard-config -$ sudo prt-get depinst xorg-xf86-input-evdev -$ sudo prt-get depinst xorg-font-dejavu-ttf -$ sudo prt-get depinst xorg-xrdb -$ sudo prt-get depinst xorg-xmodmap -$ sudo prt-get depinst xorg-xrandr -$ sudo prt-get depinst xorg-xgamma -$ sudo prt-get depinst xorg-xf86-input-synaptics -$ sudo prt-get depinst xsel -<pre> - -<pre> -$ sudo prt-get depinst dwm -$ sudo prt-get depinst dmenu -$ sudo prt-get depinst st -</pre> - -<p>/usr/etc/X11/xinit/xinitrc</p> - -<pre> -#!/bin/sh - -userresources=$HOME/.Xresources -usermodmap=$HOME/.Xmodmap -sysresources=/usr/etc/X11/xinit/.Xresources -sysmodmap=/usr/etc/X11/xinit/.Xmodmap - -# merge in defaults and keymaps - -if [ -f $sysresources ]; then - xrdb -merge $sysresources - -fi - -if [ -f $sysmodmap ]; then - xmodmap $sysmodmap -fi - -if [ -f "$userresources" ]; then - xrdb -merge "$userresources" - -fi - -if [ -f "$usermodmap" ]; then - xmodmap "$usermodmap" -fi - -# start some nice programs - -if [ -d /usr/etc/X11/xinit/xinitrc.d ] ; then - for f in /usr/etc/X11/xinit/xinitrc.d/?*.sh ; do - [ -x "$f" ] && . "$f" - done - unset f -fi - -#twm & -#xclock -geometry 50x50-1+1 & -#xterm -geometry 80x50+494+51 & -#xterm -geometry 80x20+494-0 & -#exec xterm -geometry 80x66+0+0 -name login - -#xrandr --output eDP1 --mode 1024x768 -xrandr --dpi 100 -xgamma -gamma 0.8 -syndaemon -d - -# Start the window manager -exec dwm -</pre> - -<p>/etc/X11/xorg.conf.d/10-keyboard.conf</p> - -<pre> - Section "InputClass" - Identifier "Keyboard Defaults" - MatchIsKeyboard "yes" - Option "XkbLayout" "dvorak" - EndSection -</pre> - -<p>/etc/X11/xorg.conf.d/50-synaptics.conf</p> - -<pre> -# Example xorg.conf.d snippet that assigns the touchpad driver -# to all touchpads. See xorg.conf.d(5) for more information on -# InputClass. -# DO NOT EDIT THIS FILE, your distribution will likely overwrite -# it when updating. Copy (and rename) this file into -# /etc/X11/xorg.conf.d first. -# Additional options may be added in the form of -# Option "OptionName" "value" -# -Section "InputClass" - Identifier "touchpad catchall" - Driver "synaptics" - MatchIsTouchpad "on" -# This option is recommend on all Linux systems using evdev, but cannot be -# enabled by default. See the following link for details: -# http://who-t.blogspot.com/2010/11/how-to-ignore-configuration-errors.html -# MatchDevicePath "/dev/input/event*" - Option "TapButton1" "1" - Option "TapButton2" "3" - Option "TapButton3" "2" - Option "VertEdgeScroll" "on" - Option "VertTwoFingerScroll" "on" - Option "HorizEdgeScroll" "on" - Option "HorizTwoFingerScroll" "on" -EndSection - -Section "InputClass" - Identifier "touchpad ignore duplicates" - MatchIsTouchpad "on" - MatchOS "Linux" - MatchDevicePath "/dev/input/mouse*" - Option "Ignore" "on" -EndSection - -# This option enables the bottom right corner to be a right button on clickpads -# and the right and middle top areas to be right / middle buttons on clickpads -# with a top button area. -# This option is only interpreted by clickpads. -Section "InputClass" - Identifier "Default clickpad buttons" - MatchDriver "synaptics" - Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0" - Option "SecondarySoftButtonAreas" "58% 0 0 15% 42% 58% 0 15%" -EndSection - -# This option disables software buttons on Apple touchpads. -# This option is only interpreted by clickpads. -Section "InputClass" - Identifier "Disable clickpad buttons on Apple touchpads" - MatchProduct "Apple|bcm5974" - MatchDriver "synaptics" - Option "SoftButtonAreas" "0 0 0 0 0 0 0 0" -EndSection -</pre> - +<!DOCTYPE html> +<html dir="ltr" lang="en"> + <head> + <meta charset='utf-8'> + <title>X</title> + </head> + <body> + + <a href="index.html">Tools Index</a> + + <h1>X</h1> + + + <h2>Install</h2> + + <p>Add <a href="https://crux.nu/portdb/?a=getup&q=6c37">6c37</a> + port collection and activate on /etc/prt-get.conf above xorg.</p> + + <pre> + $ sudo prt-get depinst xorg-server + $ sudo prt-get depinst xorg-xinit + $ sudo prt-get depinst xkeyboard-config + $ sudo prt-get depinst xorg-xf86-input-evdev + $ sudo prt-get depinst xorg-font-dejavu-ttf + $ sudo prt-get depinst xorg-xrdb + $ sudo prt-get depinst xorg-xmodmap + $ sudo prt-get depinst xorg-xrandr + $ sudo prt-get depinst xorg-xgamma + $ sudo prt-get depinst xorg-xf86-input-synaptics + $ sudo prt-get depinst xsel + </pre> + + <pre> + $ sudo prt-get depinst dwm + $ sudo prt-get depinst dmenu + $ sudo prt-get depinst st + </pre> + + <h2>Configure</h2> + + <p>/usr/etc/X11/xinit/xinitrc</p> + + <pre> + #!/bin/sh + + userresources=$HOME/.Xresources + usermodmap=$HOME/.Xmodmap + sysresources=/usr/etc/X11/xinit/.Xresources + sysmodmap=/usr/etc/X11/xinit/.Xmodmap + + # merge in defaults and keymaps + + if [ -f $sysresources ]; then + xrdb -merge $sysresources + + fi + + if [ -f $sysmodmap ]; then + xmodmap $sysmodmap + fi + + if [ -f "$userresources" ]; then + xrdb -merge "$userresources" + + fi + + if [ -f "$usermodmap" ]; then + xmodmap "$usermodmap" + fi + + # start some nice programs + + if [ -d /usr/etc/X11/xinit/xinitrc.d ] ; then + for f in /usr/etc/X11/xinit/xinitrc.d/?*.sh ; do + [ -x "$f" ] && . "$f" + done + unset f + fi + </pre> + + <p>/etc/X11/xorg.conf.d/10-keyboard.conf</p> + + <pre> + Section "InputClass" + Identifier "Keyboard Defaults" + MatchIsKeyboard "yes" + Option "XkbLayout" "dvorak" + EndSection + </pre> + + <p>/etc/X11/xorg.conf.d/50-synaptics.conf</p> + + <pre> + # Example xorg.conf.d snippet that assigns the touchpad driver + # to all touchpads. See xorg.conf.d(5) for more information on + # InputClass. + # DO NOT EDIT THIS FILE, your distribution will likely overwrite + # it when updating. Copy (and rename) this file into + # /etc/X11/xorg.conf.d first. + # Additional options may be added in the form of + # Option "OptionName" "value" + # + Section "InputClass" + Identifier "touchpad catchall" + Driver "synaptics" + MatchIsTouchpad "on" + # This option is recommend on all Linux systems using evdev, but cannot be + # enabled by default. See the following link for details: + # http://who-t.blogspot.com/2010/11/how-to-ignore-configuration-errors.html + # MatchDevicePath "/dev/input/event*" + Option "TapButton1" "1" + Option "TapButton2" "3" + Option "TapButton3" "2" + Option "VertEdgeScroll" "on" + Option "VertTwoFingerScroll" "on" + Option "HorizEdgeScroll" "on" + Option "HorizTwoFingerScroll" "on" + EndSection + + Section "InputClass" + Identifier "touchpad ignore duplicates" + MatchIsTouchpad "on" + MatchOS "Linux" + MatchDevicePath "/dev/input/mouse*" + Option "Ignore" "on" + EndSection + + # This option enables the bottom right corner to be a right button on clickpads + # and the right and middle top areas to be right / middle buttons on clickpads + # with a top button area. + # This option is only interpreted by clickpads. + Section "InputClass" + Identifier "Default clickpad buttons" + MatchDriver "synaptics" + Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0" + Option "SecondarySoftButtonAreas" "58% 0 0 15% 42% 58% 0 15%" + EndSection + + # This option disables software buttons on Apple touchpads. + # This option is only interpreted by clickpads. + Section "InputClass" + Identifier "Disable clickpad buttons on Apple touchpads" + MatchProduct "Apple|bcm5974" + MatchDriver "synaptics" + Option "SoftButtonAreas" "0 0 0 0 0 0 0 0" + EndSection + </pre> + + <p>Example of ~/.xinitrc;</p> + + <pre> + #twm & + #xclock -geometry 50x50-1+1 & + #xterm -geometry 80x50+494+51 & + #xterm -geometry 80x20+494-0 & + #exec xterm -geometry 80x66+0+0 -name login + + #xrandr --output eDP1 --mode 1024x768 + xrandr --dpi 100 + xgamma -gamma 0.8 + syndaemon -d + + # Start the window manager + exec dwm + </pre> + + <a href="index.html">Tools Index</a> + + <p> + This is part of the c9-doc Manual. + Copyright (C) 2016 + c9 team. + See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p> + </body> +</html> |