From 1f266d2130b505f0cc4db3a4ec63effbfd70e5c8 Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Wed, 13 Jul 2016 16:33:46 +0000 Subject: more --- Makefile | 2 ++ config-certbot.PKGBUILD | 29 +++++++--------- config-service-git.PKGBUILD | 75 ++++++++++++++++++++++++++++++++++++++++ config-service-projects.PKGBUILD | 27 +++++++++++++++ config-timedate-utc.PKGBUILD | 16 --------- config-winston-base.PKGBUILD | 13 +++++-- 6 files changed, 128 insertions(+), 34 deletions(-) create mode 100644 config-service-git.PKGBUILD create mode 100644 config-service-projects.PKGBUILD delete mode 100644 config-timedate-utc.PKGBUILD diff --git a/Makefile b/Makefile index db4f325..ce976fa 100644 --- a/Makefile +++ b/Makefile @@ -21,6 +21,8 @@ $(foreach p,$(patsubst %.PKGBUILD,%,$(pkgbuilds)), \ repo-add $*.db.tar.gz $(filter %.pkg.tar.xz,$^) touch --no-create --no-dereference $*.db $*.db.tar.gz $*.files $*.files.tar.gz +.var.pkgfiles: $(pkgbuilds) + .var.%: FORCE @printf '%s' '$(subst ','\\'',$($*))' | sed 's/^/#/' | ./write-ifchanged $@ -include $(wildcard .var.*) diff --git a/config-certbot.PKGBUILD b/config-certbot.PKGBUILD index caff71c..77b6e56 100644 --- a/config-certbot.PKGBUILD +++ b/config-certbot.PKGBUILD @@ -1,5 +1,5 @@ . ${BUILDFILE%/*}/common.sh -pkgver=20160713.4 +pkgver=20160713.5 depends=(certbot) @@ -22,20 +22,18 @@ cd "$pkgdir" # add this domain as a Subject Alternative Name". You have to re-run # the same (long) command to get the cert, but with the domain added. # So, I've encapsulated this into the script -# `/etc/ssl/misc/certbot-get`. Edit the array of domains at the top -# of the script, then run it. +# `/etc/ssl/misc/certbot-get`. Edit `/etc/ssl/misc/certbot-get.d/` to +# manipulate the list of domains, then run the script. add-file -m755 etc/ssl/misc/certbot-get <<<'#!/bin/bash - -# The first name listed should be the canonical host name -domains=( - winston.parabola.nu - {git,projects}.{parabola.nu,parabolagnulinux.org} -) - -######################################################################## { set -eu + # The first name listed should be the canonical host name + domains=( + $(hostname -f) + $(find -L "$0.d" -type f -executable -exec {} \;) + ) + if [[ "`whoami`" != '\''keys'\'' ]]; then >&2 printf '\''%q: This script must be run as user `%s'\''\'\'''\''\n'\'' "$0" keys exit 1 @@ -45,11 +43,10 @@ domains=( Our "\`${0##*/}\`" script is used to '\''*add*'\'' or '\''*remove*'\'' certificates\; use '\''`certbot renew`'\'' to - renew them. To use "${0##*/}," edit the - '\''hostnames=()'\'' list of domains at the beginning of the - script, '\''then'\'' run it to get a new certificate with a - new Subject Alternative Name field matching the new - list of domains. + renew them. To use "${0##*/}," edit "\`${0##*/}.d/\`" to + manipulate the list of domains, '\''then'\'' run it to get a + new certificate with a new Subject Alternative Name field + matching the new list of domains. $'\''\n\n'\''Are you sure that you are ready to run this? It will eat into the "Let'\''s Encrypt" usage limit. diff --git a/config-service-git.PKGBUILD b/config-service-git.PKGBUILD new file mode 100644 index 0000000..607c519 --- /dev/null +++ b/config-service-git.PKGBUILD @@ -0,0 +1,75 @@ +. ${BUILDFILE%/*}/common.sh +pkgver=20160713.2 + +depends=(git cgit uwsgi-plugin-cgi config-uwsgi) + +package() { +cd "$pkgdir" + +add-file -m755 etc/ssl/misc/certbot-get.d/10-git <&1" +EOF + + +# ## transport: git protocol + +add-unit etc/systemd/system/sockets.target.wants/git-daemon.socket + +# ## transport: HTTPS + +# The git web interface is cgit, which is managed by uWSGI speaking +# uwsgi/modifier1=9, which is the variant of the uwsgi protocol for +# CGI requests. +add-file etc/nginx/sites/server-git.parabola.nu.conf <