danarchy_deploy 0.2.6 → 0.2.8

data/templates/services/postfix/main.cf.erb

@@ -0,0 +1,28 @@
+smtpd_banner = $myhostname ESMTP $mail_name
+biff = no
+
+# TLS parameters
+smtpd_use_tls = <%= @variables[:use_tls] %>
+smtpd_tls_auth_only = <%= @variables[:use_tls] %>
+smtpd_tls_cert_file = <%= @variables[:ssl_cert] %>
+smtpd_tls_key_file = <%= @variables[:ssl_key] %>
+smtpd_tls_CAfile = <%= @variables[:ssl_cacert] %>
+
+smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
+smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
+
+# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
+# information on enabling SSL in the smtp client.
+
+smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
+myhostname = <%= @variables[:hostname] %>
+alias_maps = hash:/etc/aliases
+alias_database = hash:/etc/aliases
+myorigin = /etc/mailname
+mydestination = <%= @variables[:hostname] %>, localhost
+relayhost = <%= @variables[:relayhost] %>
+mynetworks = <%= @variables[:mynetworks] %> 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
+mailbox_size_limit = 0
+recipient_delimiter = +
+inet_interfaces = all
+inet_protocols = ipv4

data/templates/services/postfix/master.cf.erb

@@ -0,0 +1,124 @@
+#
+# Postfix master process configuration file.  For details on the format
+# of the file, see the master(5) manual page (command: "man 5 master" or
+# on-line: http://www.postfix.org/master.5.html).
+#
+# Do not forget to execute "postfix reload" after editing this file.
+#
+# ==========================================================================
+# service type  private unpriv  chroot  wakeup  maxproc command + args
+#               (yes)   (yes)   (yes)   (never) (100)
+# ==========================================================================
+smtp      inet  n       -       -       -       -       smtpd
+#smtp      inet  n       -       -       -       1       postscreen
+#smtpd     pass  -       -       -       -       -       smtpd
+#dnsblog   unix  -       -       -       -       0       dnsblog
+#tlsproxy  unix  -       -       -       -       0       tlsproxy
+submission inet n       -       -       -       -       smtpd
+  -o syslog_name=postfix/submission
+  -o smtpd_tls_security_level=encrypt
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_reject_unlisted_recipient=no
+#  -o smtpd_client_restrictions=$mua_client_restrictions
+#  -o smtpd_helo_restrictions=$mua_helo_restrictions
+#  -o smtpd_sender_restrictions=$mua_sender_restrictions
+#  -o smtpd_recipient_restrictions=
+#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+smtps     inet  n       -       -       -       -       smtpd
+  -o syslog_name=postfix/smtps
+#  -o smtpd_tls_wrappermode=yes
+#  -o smtpd_sasl_auth_enable=yes
+#  -o smtpd_reject_unlisted_recipient=no
+#  -o smtpd_client_restrictions=$mua_client_restrictions
+#  -o smtpd_helo_restrictions=$mua_helo_restrictions
+#  -o smtpd_sender_restrictions=$mua_sender_restrictions
+#  -o smtpd_recipient_restrictions=
+#  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
+#  -o milter_macro_daemon_name=ORIGINATING
+#628       inet  n       -       -       -       -       qmqpd
+pickup    unix  n       -       -       60      1       pickup
+cleanup   unix  n       -       -       -       0       cleanup
+qmgr      unix  n       -       n       300     1       qmgr
+#qmgr     unix  n       -       n       300     1       oqmgr
+tlsmgr    unix  -       -       -       1000?   1       tlsmgr
+rewrite   unix  -       -       -       -       -       trivial-rewrite
+bounce    unix  -       -       -       -       0       bounce
+defer     unix  -       -       -       -       0       bounce
+trace     unix  -       -       -       -       0       bounce
+verify    unix  -       -       -       -       1       verify
+flush     unix  n       -       -       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+proxywrite unix -       -       n       -       1       proxymap
+smtp      unix  -       -       -       -       -       smtp
+relay     unix  -       -       -       -       -       smtp
+#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
+showq     unix  n       -       -       -       -       showq
+error     unix  -       -       -       -       -       error
+retry     unix  -       -       -       -       -       error
+discard   unix  -       -       -       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       -       -       -       lmtp
+anvil     unix  -       -       -       -       1       anvil
+scache    unix  -       -       -       -       1       scache
+#
+# ====================================================================
+# Interfaces to non-Postfix software. Be sure to examine the manual
+# pages of the non-Postfix software to find out what options it wants.
+#
+# Many of the following services use the Postfix pipe(8) delivery
+# agent.  See the pipe(8) man page for information about ${recipient}
+# and other message envelope options.
+# ====================================================================
+#
+# maildrop. See the Postfix MAILDROP_README file for details.
+# Also specify in main.cf: maildrop_destination_recipient_limit=1
+#
+maildrop  unix  -       n       n       -       -       pipe
+  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
+#
+# ====================================================================
+#
+# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
+#
+# Specify in cyrus.conf:
+#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
+#
+# Specify in main.cf one or more of the following:
+#  mailbox_transport = lmtp:inet:localhost
+#  virtual_transport = lmtp:inet:localhost
+#
+# ====================================================================
+#
+# Cyrus 2.1.5 (Amos Gouaux)
+# Also specify in main.cf: cyrus_destination_recipient_limit=1
+#
+#cyrus     unix  -       n       n       -       -       pipe
+#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
+#
+# ====================================================================
+# Old example of delivery via Cyrus.
+#
+#old-cyrus unix  -       n       n       -       -       pipe
+#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
+#
+# ====================================================================
+#
+# See the Postfix UUCP_README file for configuration details.
+#
+uucp      unix  -       n       n       -       -       pipe
+  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
+#
+# Other external delivery methods.
+#
+ifmail    unix  -       n       n       -       -       pipe
+  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
+bsmtp     unix  -       n       n       -       -       pipe
+  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
+scalemail-backend unix	-	n	n	-	2	pipe
+  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
+mailman   unix  -       n       n       -       -       pipe
+  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
+  ${nexthop} ${user}
+

data/templates/services/postfix/mysql-virtual-alias-maps.cf.erb

@@ -0,0 +1,5 @@
+user = <%= @variables[:user] %>
+password = <%= @variables[:password] %>
+hosts = <%= @variables[:hosts] %>
+dbname = <%= @variables[:dbname] %>
+query = SELECT destination FROM aliases WHERE source='%s'

data/templates/services/postfix/mysql-virtual-mailbox-domains.cf.erb

@@ -0,0 +1,5 @@
+user = <%= @variables[:user] %>
+password = <%= @variables[:password] %>
+hosts = <%= @variables[:hosts] %>
+dbname = <%= @variables[:dbname] %>
+query = SELECT 1 FROM domains WHERE domain='%s'

data/templates/services/postfix/mysql-virtual-mailbox-maps.cf.erb

@@ -0,0 +1,5 @@
+user = <%= @variables[:user] %>
+password = <%= @variables[:password] %>
+hosts = <%= @variables[:hosts] %>
+dbname = <%= @variables[:dbname] %>
+query = SELECT 1 FROM users WHERE email='%s'

data/templates/system/authorized_keys.erb

@@ -0,0 +1,5 @@
+# Deployed by dAnarchyDeploy
+
+<% @variables[:authorized_keys].each do |key| -%>
+<%= "#{key}" %>
+<% end -%>

data/templates/system/crontab.erb

@@ -0,0 +1,8 @@
+# DanarchyDeploy crontab
+SHELL=<%= @variables[:shell] || '/bin/bash' %>
+PATH=<%= @variables[:path] || '/bin:/usr/bin' %>
+BASH_ENV=<%= @variables[:env] || '~/.bashrc' %>
+
+<% @variables[:jobs].each do |job| -%>
+<%= "#{job[:schedule]}\t#{job[:command]}" %>
+<% end -%>

data/templates/system/dmcrypt.erb

@@ -0,0 +1,17 @@
+# DanarchyDeploy dmcrypt
+# How long to wait for each timeout (in seconds).
+dmcrypt_key_timeout=1
+
+# Max number of checks to perform (see dmcrypt_key_timeout).
+#dmcrypt_max_timeout=300
+
+# Number of password retries.
+dmcrypt_retries=2
+
+<% @variables.each do |device, volume| -%>
+<%= "# Encrypted volume name|volgroup|device: #{device}" %>
+<% volume[:variables].each do |key, value| -%>
+<%= key -%>=<%= value %>
+<% end -%>
+<%# intentionally left blank %>
+<% end -%>

data/templates/system/exports.erb

@@ -0,0 +1,4 @@
+# DanarchyDeploy NFS exports
+<% @variables.each do |export| -%>
+<%= "#{export[:filesystem]}\t#{export[:clients]}(#{export[:options]})" %>
+<% end -%>

data/templates/system/fstab.erb

@@ -0,0 +1,4 @@
+# DanarchyDeploy fstab
+<% @variables.each do |mount| -%>
+<%= "#{mount[:filesystem]}\t#{mount[:mountpoint]}\t#{mount[:type]}\t#{mount[:opts]}\t#{mount[:'dump/pass']}" %>
+<% end -%>

data/templates/system/sudoers.erb

@@ -0,0 +1,5 @@
+# Deployed by dAnarchyDeploy
+
+<% @variables[:rules].each do |r| -%>
+<%= "#{r}" %>
+<% end -%>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: danarchy_deploy
 version: !ruby/object:Gem::Version
-  version: 0.2.6
+  version: 0.2.8
 platform: ruby
 authors:
 - Dan James
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-05-16 00:00:00.000000000 Z
+date: 2024-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: danarchy_couchdb
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.17'
+        version: '2.20'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.17'
+        version: '2.20'
 description: DanarchyDeploy intends to simplify Gentoo Linux (and other distro) deployments
   down to a single template from an input JSON or YAML file, or from a CouchDB file.
 email:
@@ -73,14 +73,14 @@ email:
 executables:
 - console-dd
 - danarchy_deploy
-- setup
+- setup-dd
 extensions: []
 extra_rdoc_files: []
 files:
+- ".asdf_versions.json"
 - ".gitignore"
 - ".rspec"
-- ".ruby-gemset"
-- ".ruby-version"
+- ".tool-versions"
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile
@@ -90,7 +90,7 @@ files:
 - Rakefile
 - bin/console-dd
 - bin/danarchy_deploy
-- bin/setup
+- bin/setup-dd
 - danarchy_deploy.gemspec
 - lib/danarchy_deploy.rb
 - lib/danarchy_deploy/applicator.rb
@@ -126,7 +126,40 @@ files:
 - lib/danarchy_deploy/templater.rb
 - lib/danarchy_deploy/users.rb
 - lib/danarchy_deploy/version.rb
+- templates/applications/nginx/domain.conf.erb
+- templates/applications/php/phpfpm.conf.erb
+- templates/applications/php/user.conf.erb
+- templates/applications/wordpress/mysql_user_privileges.sql.erb
+- templates/applications/wordpress/wp-config.php.erb
+- templates/asdf/asdf.sh.erb
 - templates/deploy_template.json
+- templates/distcc/distccd.erb
+- templates/distcc/hosts.erb
+- templates/portage/make.conf.erb
+- templates/portage/package.use/bindist
+- templates/portage/package.use/documentation
+- templates/services/memcached/memcached.erb
+- templates/services/mysql/my.cnf.erb
+- templates/services/mysql/root_my.cnf.erb
+- templates/services/mysql/user_db_grants.sql.erb
+- templates/services/mysql/user_db_grants.sql.erb_cleanupUsers
+- templates/services/nginx/nginx.conf.erb
+- templates/services/php/php-fpm.conf.erb
+- templates/services/postfix/localmail.initial_setup.sh
+- templates/services/postfix/localmail.main.cf.erb
+- templates/services/postfix/mailname.erb
+- templates/services/postfix/mailrelayhost_main.cf.erb
+- templates/services/postfix/main.cf.erb
+- templates/services/postfix/master.cf.erb
+- templates/services/postfix/mysql-virtual-alias-maps.cf.erb
+- templates/services/postfix/mysql-virtual-mailbox-domains.cf.erb
+- templates/services/postfix/mysql-virtual-mailbox-maps.cf.erb
+- templates/system/authorized_keys.erb
+- templates/system/crontab.erb
+- templates/system/dmcrypt.erb
+- templates/system/exports.erb
+- templates/system/fstab.erb
+- templates/system/sudoers.erb
 homepage: https://github.com/danarchy85/danarchy_deploy
 licenses:
 - MIT
@@ -147,7 +180,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.5.11
 signing_key:
 specification_version: 4
 summary: Pushes deployments locally or remotely based on a JSON/YAML/CouchDB template.

data/.ruby-gemset

@@ -1 +0,0 @@
-danarchy_deploy

data/.ruby-version

@@ -1 +0,0 @@
-ruby-2.7.2