From 2c9845db4bc00221bc3c2343a020208f7f532166 Mon Sep 17 00:00:00 2001 From: Cullum Smith Date: Thu, 31 Oct 2024 21:36:39 -0400 Subject: many fixes --- .../local/etc/asterisk/queues.conf.asterisk_server | 20 +++++--- .../policies/managed/policies.json.desktop | 60 +++++++++++++++------- .../dovecot-ldap-userdb.conf.ext.imap_server | 10 ++-- .../etc/icinga2/conf.d/services.conf.icinga_server | 29 +++++++---- .../icinga2/conf.d/templates.conf.icinga_server | 4 +- files/usr/local/etc/postfix/main.cf.smtp_server | 3 +- files/usr/local/etc/postfix/master.cf.smtp_server | 3 +- .../local/etc/poudriere.d/make.conf.pkg_repository | 4 +- .../local/etc/poudriere.d/pkglist.pkg_repository | 8 ++- .../local/etc/prosody/prosody.cfg.lua.xmpp_server | 2 + .../etc/rspamd/local.d/logging.inc.smtp_server | 2 +- files/usr/local/etc/xdg/kdeglobals.desktop | 5 ++ files/usr/local/etc/xdg/kdeglobals.laptop | 1 + .../local/etc/xdg/kdeglobals.roadwarrior_laptop | 1 + .../lib/firefox/distribution/policies.json.desktop | 55 ++++++++++++++++---- .../lib/libreoffice/program/sofficerc.desktop | 4 +- .../local/libexec/poudriere-cron.pkg_repository | 8 +-- .../local/libexec/prosody-acme-proxy.xmpp_server | 2 +- .../libexec/prosody-update-roster.xmpp_server | 12 +++-- files/usr/local/sbin/jailctl.freebsd_hypervisor | 14 ++--- .../local/share/applications/gajim.desktop.desktop | 20 ++++++++ .../local/share/applications/gajim.desktop.laptop | 1 + .../applications/gajim.desktop.roadwarrior_laptop | 1 + 23 files changed, 192 insertions(+), 77 deletions(-) create mode 100644 files/usr/local/etc/xdg/kdeglobals.desktop create mode 120000 files/usr/local/etc/xdg/kdeglobals.laptop create mode 120000 files/usr/local/etc/xdg/kdeglobals.roadwarrior_laptop create mode 100644 files/usr/local/share/applications/gajim.desktop.desktop create mode 120000 files/usr/local/share/applications/gajim.desktop.laptop create mode 120000 files/usr/local/share/applications/gajim.desktop.roadwarrior_laptop (limited to 'files/usr/local') diff --git a/files/usr/local/etc/asterisk/queues.conf.asterisk_server b/files/usr/local/etc/asterisk/queues.conf.asterisk_server index 87b8ed4..8849690 100644 --- a/files/usr/local/etc/asterisk/queues.conf.asterisk_server +++ b/files/usr/local/etc/asterisk/queues.conf.asterisk_server @@ -6,12 +6,12 @@ shared_lastcall = yes log_membername_as_agent = yes $(for queue in ${asterisk_queues:-}; do - eval "queue_strategy=\${asterisk_queue_${queue}_strategy}" + eval "queue_strategy=\${asterisk_queue_${queue}_strategy:-ringall}" eval "queue_timeout=\${asterisk_queue_${queue}_timeout:-15}" eval "queue_retry=\${asterisk_queue_${queue}_retry:-5}" eval "queue_ringinuse=\${asterisk_queue_${queue}_ringinuse:-yes}" - eval "queue_members=\${asterisk_queue_${queue}_members}" - echo "\ + eval "queue_members=\${asterisk_queue_${queue}_members:-}" + cat < PJSIP/${member},0,${member_name},PJSIP/${member}" -done; done) +timeoutrestart = yes +EOF + for member in $queue_members; do + eval "member_name=\${asterisk_ext_${member}_cid_name}" + cat < PJSIP/${member},0,${member_name},PJSIP/${member} +EOF + done +done) diff --git a/files/usr/local/etc/chromium/policies/managed/policies.json.desktop b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop index 93544cf..1391d09 100644 --- a/files/usr/local/etc/chromium/policies/managed/policies.json.desktop +++ b/files/usr/local/etc/chromium/policies/managed/policies.json.desktop @@ -14,15 +14,6 @@ "CloudReportingEnabled": false, "DefaultBrowserSettingEnabled": false, "DefaultCookiesSetting": 1, - "DefaultSearchProviderEnabled": true, - "DefaultSearchProviderName": "DuckDuckGo", - "DefaultSearchProviderIconURL": "https://duckduckgo.com/favicon.ico", - "DefaultSearchProviderEncodings": [ - "UTF-8" - ], - "DefaultSearchProviderSearchURL": "https://duckduckgo.com/?q={searchTerms}", - "DefaultSearchProviderSuggestURL":"https://duckduckgo.com/ac/?q={searchTerms}&type=list", - "DefaultSearchProviderNewTabURL":"https://duckduckgo.com/chrome_newtab", "DnsOverHttpsMode": "off", "EnableAuthNegotiatePort": true, "EnableMediaRouter": false, @@ -44,9 +35,45 @@ { "toplevel_name": "Internal" }, + { + "name": "Bitwarden", + "url": "https://bitwarden.${domain}/" + }, + { + "name": "CUPS", + "url": "https://cups.${domain}/" + }, + { + "name": "DAViCal", + "url": "https://dav.${domain}/" + }, + { + "name": "Icinga", + "url": "https://icinga.${domain}/" + }, + { + "name": "Invidious", + "url": "https://invidious.${domain}/" + }, { "name": "Poudriere", "url": "http://pkg.${domain}/poudriere" + }, + { + "name": "Rspamd", + "url": "https://smtp.${domain}/" + }, + { + "name": "Tiny Tiny RSS", + "url": "https://ttrss.${domain}/" + }, + { + "name": "UniFi Controller", + "url": "https://unifi.${domain}/" + }, + { + "name": "ZNC", + "url": "https://znc.${domain}/" } ], "ExtensionSettings": { @@ -67,25 +94,22 @@ "extensions": { "cjpalhdlnbpafiamejdnhcphjbkeiagm": { "toOverwrite": { - "selectedFilterLists": [ + "filterLists": [ "user-filters", "ublock-filters", "ublock-badware", "ublock-privacy", - "ublock-abuse", + "ublock-quick-fixes", "ublock-unbreak", - "ublock-annoyances", - "ublock-cookies-easylist", - "fanboy-cookiemonster", "easylist", "easyprivacy", + "adguard-spyware-url", "urlhaus-1", "plowe-0", - "fanboy-annoyance", - "fanboy-social", + "fanboy-cookiemonster", + "ublock-cookies-easylist", "fanboy-thirdparty_social", - "adguard-spyware-url", - "ublock-quick-fixes" + "ublock-annoyances" ] }, "toAdd": { diff --git a/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server index fc939a6..6a7ce4e 100644 --- a/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server +++ b/files/usr/local/etc/dovecot/dovecot-ldap-userdb.conf.ext.imap_server @@ -6,11 +6,11 @@ sasl_realm = ${realm} base = ${users_basedn} user_filter = (|(mailAddress=%u)(uid=%u)) -user_attrs = \ - =user=%{ldap:uid}, \ - =uid=${dovecot_vmail_uid}, \ - =gid=${dovecot_vmail_uid}, \ - =home=${dovecot_vmail_dir}/%{ldap:uid} \ +user_attrs = \\ + =user=%{ldap:uid}, \\ + =uid=${dovecot_vmail_uid}, \\ + =gid=${dovecot_vmail_uid}, \\ + =home=${dovecot_vmail_dir}/%{ldap:uid}, \\ mailQuota=quota_rule=\*:storage=%{ldap:mailQuota} iterate_attrs = uid=user diff --git a/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server index 4340192..116fe44 100644 --- a/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server +++ b/files/usr/local/etc/icinga2/conf.d/services.conf.icinga_server @@ -219,6 +219,20 @@ apply Service "cups-cert" { assign where ("cups-servers" in host.groups) } +apply Service for (vhost in host.vars.xmpp_vhosts) { + check_command = "tcp" + name = vhost + "-xmpp" + display_name = vhost + " xmpp" + vars.tcp_port = 5223 + vars.tcp_ssl = true + vars.tcp_sni = vhost + vars.tcp_certificate = ${icinga_cert_days_warn} + "," + ${icinga_cert_days_crit} + vars.tcp_wtime = ${icinga_response_time_warn} + vars.tcp_ctime = ${icinga_response_time_crit} + vars.tcp_send = "" + vars.tcp_expect = " /dev/null - poudriere bulk -j "$jail" -f /usr/local/etc/poudriere.d/idm-pkglist -p "$ports_tree" -z idm > /dev/null - poudriere bulk -j "$jail" -f /usr/local/etc/poudriere.d/pkglist -p "$ports_tree" > /dev/null + poudriere jail -u -j "$jail" > /dev/null + poudriere bulk -j "$jail" -f /usr/local/etc/poudriere.d/idm-pkglist -p "$ports_tree" -z idm > /dev/null + poudriere pkgclean -j "$jail" -f /usr/local/etc/poudriere.d/idm-pkglist -p "$ports_tree" -z idm -y > /dev/null + poudriere bulk -j "$jail" -f /usr/local/etc/poudriere.d/pkglist -p "$ports_tree" > /dev/null + poudriere pkgclean -j "$jail" -f /usr/local/etc/poudriere.d/pkglist -p "$ports_tree" -y > /dev/null done poudriere distclean -p "$ports_tree" -a -y > /dev/null diff --git a/files/usr/local/libexec/prosody-acme-proxy.xmpp_server b/files/usr/local/libexec/prosody-acme-proxy.xmpp_server index d69017b..70faddd 100644 --- a/files/usr/local/libexec/prosody-acme-proxy.xmpp_server +++ b/files/usr/local/libexec/prosody-acme-proxy.xmpp_server @@ -37,7 +37,7 @@ md5_old=$(cat "$CHECKSUM_FILE") printf 'get certs/%s.crt\n' "$@" printf 'get certs/%s.key\n' "$@" printf 'quit\n' -} | sftp -b - "$acmeproxy_target" +} | /usr/local/bin/sftp -b - "$acmeproxy_target" # Get md5 of the new certificates. md5_new=$(md5sum "$CERT_DIR"/*.crt "$CERT_DIR"/*.key | tee "$CHECKSUM_FILE") diff --git a/files/usr/local/libexec/prosody-update-roster.xmpp_server b/files/usr/local/libexec/prosody-update-roster.xmpp_server index 1b79747..84c0c6e 100644 --- a/files/usr/local/libexec/prosody-update-roster.xmpp_server +++ b/files/usr/local/libexec/prosody-update-roster.xmpp_server @@ -6,8 +6,9 @@ use warnings; use Net::LDAP; use Authen::SASL; -@ARGV == 1 or die "usage: $0 ROLE_NAME\n"; +@ARGV == 2 or die "usage: $0 ROLE_NAME ROSTER_FILE\n"; my $role = $ARGV[0]; +my $roster = $ARGV[1]; open my $fh, '<', '/usr/local/etc/openldap/ldap.conf' or quit($!); my %config; @@ -25,7 +26,7 @@ my $uri = $config{URI} // die("URI not specified\n"); my $users_basedn = $config{USERS_BASE} // die("USERS_BASE not specified\n"); my $roles_basedn = $config{ROLES_BASE} // die("ROLES_BASE not specified\n"); -my $conn = Net::LDAP->new($ldap_uris, version => '3') or die "$@"; +my $conn = Net::LDAP->new($uri, version => '3') or die "$@"; my $sasl = Authen::SASL->new($mech); my $status = $conn->bind(sasl => $sasl); $status->code and die $status->error; @@ -36,12 +37,13 @@ my $search = $conn->search( filter => "(&(memberOf=cn=$role,$roles_basedn)(mailAddress=*))", attrs => ['mailAddress', 'cn']); -print "[Internal]\n"; - +open $fh, '>', $roster or die "failed to open file for writing: $roster\n"; +print $fh "[Internal]\n"; foreach my $entry ($search->entries) { my $jid = ($entry->get_value('mailAddress'))[0]; my $cn = ($entry->get_value('cn'))[0] // $jid; - print "$jid=$cn\n"; + print $fh "$jid=$cn\n"; } +close $fh; system('prosodyctl reload'); diff --git a/files/usr/local/sbin/jailctl.freebsd_hypervisor b/files/usr/local/sbin/jailctl.freebsd_hypervisor index df48f57..8719297 100644 --- a/files/usr/local/sbin/jailctl.freebsd_hypervisor +++ b/files/usr/local/sbin/jailctl.freebsd_hypervisor @@ -193,14 +193,14 @@ Options: zfs create -v "${JAIL_DATASET}/${name}" zfs clone \ $ZFS_OPTS \ - -o quota="$os_quota" \ + -o refquota="$os_quota" \ "$snapshot" "${JAIL_DATASET}/${name}/os" # Create delegated 'data' dataset. zfs create -v \ $ZFS_OPTS \ -o mountpoint=none \ - -o quota="$data_quota" \ + -o refquota="$data_quota" \ "${JAIL_DATASET}/${name}/data" # Copy timezone configuration from host. @@ -761,7 +761,7 @@ cmd::reprovision(){ zfs::ensure_snapshot snapshot "${JAIL_DATASET}/templates/${template}" # Stash old configuration data. - old_quota=$(zfs get -Hp -o value quota "${JAIL_DATASET}/${jail}/os") + old_quota=$(zfs get -Hp -o value refquota "${JAIL_DATASET}/${jail}/os") old_hostname=$(sysrc -f "${JAIL_HOME}/${jail}/os/etc/rc.conf" -qn hostname) old_ifconfig=$(sysrc -f "${JAIL_HOME}/${jail}/os/etc/rc.conf" -qn ifconfig_jail0) old_defaultrouter=$(sysrc -f "${JAIL_HOME}/${jail}/os/etc/rc.conf" -qn defaultrouter) ||: @@ -773,7 +773,7 @@ cmd::reprovision(){ zfs destroy -v -f -r "${JAIL_DATASET}/${jail}/os" zfs clone \ $ZFS_OPTS \ - -o quota="$old_quota" \ + -o refquota="$old_quota" \ "$snapshot" "${JAIL_DATASET}/${jail}/os" # Copy timezone configuration from host. @@ -839,7 +839,7 @@ cmd::shell(){ jail::exists "$jail" || die "no such jail: ${jail}" jail::running "$jail" || die "jail not running: ${jail}" - jail::exec "$jail" /bin/csh + jail::exec "$jail" /bin/sh } cmd::show(){ @@ -857,7 +857,7 @@ cmd::show(){ printf -- '------------------------- JAIL CONFIGURATION -------------------------\n' cat "${JAIL_HOME}/${jail}/jail.conf" printf -- '\n---------------------------- ZFS DATASET -----------------------------\n' - zfs list -o name,quota,used,avail,mountpoint -S name \ + zfs list -o name,refquota,used,avail,mountpoint -S name \ "${JAIL_DATASET}/${jail}/os" \ "${JAIL_DATASET}/${jail}/data" } @@ -878,7 +878,7 @@ cmd::status(){ printf -- '---------------------------- JAIL STATUS -----------------------------\n' jls -j "$jail" -h jid name path osrelease host.hostname 2>/dev/null | column -t printf -- '\n---------------------------- ZFS DATASET -----------------------------\n' - zfs list -o name,quota,used,avail,mountpoint -S name \ + zfs list -o name,refquota,used,avail,mountpoint -S name \ "${JAIL_DATASET}/${jail}/os" \ "${JAIL_DATASET}/${jail}/data" \ | sed "s|^${JAIL_DATASET}/${jail}/||" \ diff --git a/files/usr/local/share/applications/gajim.desktop.desktop b/files/usr/local/share/applications/gajim.desktop.desktop new file mode 100644 index 0000000..ef5a3c9 --- /dev/null +++ b/files/usr/local/share/applications/gajim.desktop.desktop @@ -0,0 +1,20 @@ +[Desktop Entry] +Categories=Network;InstantMessaging;GTK;Chat; +Name=Gajim +GenericName=XMPP Chat Client +Comment=A fully-featured XMPP chat client +Keywords=chat;messaging;im;xmpp;voip; +Exec=gajim %u +Icon=org.gajim.Gajim +StartupNotify=false +X-GNOME-SingleWindow=true +X-GNOME-UsesNotifications=true +Terminal=false +Type=Application +MimeType=x-scheme-handler/xmpp; +Actions=StartChat; + +[Desktop Action StartChat] +Exec=gajim --start-chat +Name=Start a new chat +Icon=org.gajim.Gajim diff --git a/files/usr/local/share/applications/gajim.desktop.laptop b/files/usr/local/share/applications/gajim.desktop.laptop new file mode 120000 index 0000000..f1edc09 --- /dev/null +++ b/files/usr/local/share/applications/gajim.desktop.laptop @@ -0,0 +1 @@ +gajim.desktop.desktop \ No newline at end of file diff --git a/files/usr/local/share/applications/gajim.desktop.roadwarrior_laptop b/files/usr/local/share/applications/gajim.desktop.roadwarrior_laptop new file mode 120000 index 0000000..f1edc09 --- /dev/null +++ b/files/usr/local/share/applications/gajim.desktop.roadwarrior_laptop @@ -0,0 +1 @@ +gajim.desktop.desktop \ No newline at end of file -- cgit v1.2.3