diff options
| author | Paul Buetow <paul@buetow.org> | 2022-04-15 16:05:51 +0100 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2022-04-15 16:05:51 +0100 |
| commit | facb0483b52cd9e171d48a078ca2d78d36abaf54 (patch) | |
| tree | 3ce6a74f51300bd2b0db01a97eca0d6bcfd498ac | |
| parent | de6175300bd4fe3106c5b5b3af6c72519369e673 (diff) | |
rexification of more
| -rw-r--r-- | openbsd/frontends/Rexfile | 51 | ||||
| -rw-r--r-- | openbsd/frontends/etc/relayd.conf.tpl (renamed from openbsd/frontends/etc/relayd.conf:blowfish) | 4 | ||||
| -rw-r--r-- | openbsd/frontends/etc/relayd.conf:twofish | 20 |
3 files changed, 53 insertions, 22 deletions
diff --git a/openbsd/frontends/Rexfile b/openbsd/frontends/Rexfile index 756b326..0d16905 100644 --- a/openbsd/frontends/Rexfile +++ b/openbsd/frontends/Rexfile @@ -13,17 +13,65 @@ parallelism 5; task 'id', group => 'frontends', sub { say run 'id' }; task 'dump_info', group => 'frontends', sub { dump_system_information }; +our $ipv6address = sub { + my $hostname = shift; + return '2a01:4f8:c17:20f1::42' if $hostname eq 'blowfish'; + return '2401:c080:1000:45af:5400:3ff:fec6:ca1d' if $hostname eq 'twofish'; + return '::1'; +}; + +desc 'Install various packages'; +task 'packages', group => 'frontends', + sub { + pkg 'rsync', ensure => present; + pkg 'sudo', ensure => present; + pkg 'tig', ensure => present; + pkg 'vger', ensure => present; + pkg 'zsh', ensure => present; + }; + +desc 'Setup httpd'; +task 'httpd', group => 'frontends', + sub { + file '/etc/httpd.conf', + source => './etc/httpd.conf', + owner => 'www', + group => 'wheel', + mode => '644', + on_change => sub { + service 'httpd' => 'restart'; + }; + service 'httpd', ensure => 'started'; + }; + desc 'Setup inetd'; task 'inetd', group => 'frontends', sub { file '/etc/inetd.conf', source => './etc/inetd.conf', + owner => 'www', + group => 'wheel', + mode => '644', on_change => sub { service 'inetd' => 'restart'; }; service 'inetd', ensure => 'started'; }; +desc 'Setup relayd'; +task 'relayd', group => 'frontends', + sub { + file '/etc/relayd.conf', + content => template('./etc/relayd.conf.tpl', ipv6address => $ipv6address), + owner => 'root', + group => 'wheel', + mode => '600', + on_change => sub { + service 'relayd' => 'restart'; + }; + service 'relayd', ensure => 'started'; + }; + desc 'Setup HA'; task 'ha', group => 'frontends', sub { @@ -44,7 +92,10 @@ task 'ha', group => 'frontends', desc 'frontend'; task 'frontend', group => 'frontends', sub { + packages(); + httpd(); inetd(); + relayd(); ha(); }; diff --git a/openbsd/frontends/etc/relayd.conf:blowfish b/openbsd/frontends/etc/relayd.conf.tpl index a46877f..d8553b2 100644 --- a/openbsd/frontends/etc/relayd.conf:blowfish +++ b/openbsd/frontends/etc/relayd.conf.tpl @@ -8,13 +8,13 @@ tcp protocol "gemini" { } relay "gemini4" { - listen on 23.88.35.144 port 1965 tls + listen on <%= $vio0_ip %> port 1965 tls protocol "gemini" forward to 127.0.0.1 port 11965 } relay "gemini6" { - listen on 2a01:4f8:c17:20f1::42 port 1965 tls + listen on <%= $ipv6address->($hostname) %> port 1965 tls protocol "gemini" forward to 127.0.0.1 port 11965 } diff --git a/openbsd/frontends/etc/relayd.conf:twofish b/openbsd/frontends/etc/relayd.conf:twofish deleted file mode 100644 index de65edf..0000000 --- a/openbsd/frontends/etc/relayd.conf:twofish +++ /dev/null @@ -1,20 +0,0 @@ -log connection - -tcp protocol "gemini" { - tls keypair buetow.org - tls keypair snonux.de - tls keypair foo.zone - tls keypair irregular.ninja -} - -relay "gemini4" { - listen on 108.160.134.135 port 1965 tls - protocol "gemini" - forward to 127.0.0.1 port 11965 -} - -relay "gemini6" { - listen on 2401:c080:1000:45af:5400:3ff:fec6:ca1d port 1965 tls - protocol "gemini" - forward to 127.0.0.1 port 11965 -} |