dot

packages and services management
Log | Files | Refs | README

commit 8705d2b8dd46187d4bbc923d1d42ab80611bb14b
parent c505ff1678ec488b438fef12c33bfcf637853f3b
Author: Josuah Demangeon <mail@josuah.net>
Date:   Sat, 10 Nov 2018 13:07:10 +0100

s6: overhaul cleanup and fixup

Diffstat:
Mqmail/locals | 1+
Mqmail/me | 1-
Mqmail/rcpthosts | 1-
Ds6/acme-client/josuah.net/data/conf | 20--------------------
Ms6/acme-client/x/run | 11+++++------
Ms6/axfrdns-tcp/x/run | 4+---
Ms6/curvevpn-client/x/run | 3+--
Ms6/curvevpn-server/x/run | 7+++----
Ms6/dnscache/x/run | 6++----
Rs6/ftpd/x/env/IP -> s6/ffingerd-tcp/x/env/HOST | 0
As6/ffingerd-tcp/x/env/PORT | 1+
Ms6/ffingerd-tcp/x/run | 7+++++--
As6/fossil/x/env/PORT_A | 1+
As6/fossil/x/env/PORT_H | 1+
As6/fossil/x/env/ROOT | 1+
Ms6/fossil/x/run | 17++++++++---------
Ds6/ftpd/x/run | 10----------
Rs6/geomyidae/x/env/BASE -> s6/geomyidae/x/env/ROOT | 0
Ms6/geomyidae/x/run | 7+++----
Rs6/ftpd/x/env/IP -> s6/git-daemon/x/env/HOST | 0
As6/git-daemon/x/env/PORT | 1+
As6/git-daemon/x/env/ROOT | 1+
Ms6/git-daemon/x/run | 11+++++++----
Ds6/httpd/x/run | 7-------
Rs6/httpfile-tcp/x/data/Makefile -> s6/httpfile-tcp/x/Makefile | 0
Rs6/ftpd/x/env/IP -> s6/httpfile-tcp/x/env/HOST | 0
As6/httpfile-tcp/x/env/PORT | 1+
As6/httpfile-tcp/x/env/USER | 1+
Ms6/httpfile-tcp/x/run | 14++++++++------
Rs6/httpfile-tls/x/data/Makefile -> s6/httpfile-tls/x/Makefile | 0
Rs6/ftpd/x/env/IP -> s6/httpfile-tls/x/env/HOST | 0
As6/httpfile-tls/x/env/PORT | 1+
Ms6/httpfile-tls/x/run | 14+++++++-------
Ms6/ii-tcp/x/run | 14++------------
Ms6/ii-tls/x/run | 11+++++------
Ms6/mpop/x/run | 3+--
As6/ngircd-tls/josuah.net/data/conf | 43+++++++++++++++++++++++++++++++++++++++++++
Rs6/ngircd-tls/x/data/motd -> s6/ngircd-tls/josuah.net/data/motd | 0
Ds6/ngircd-tls/x/data/conf | 45---------------------------------------------
Ms6/ntpclient/x/run | 3+--
As6/qemu-tap/x/env/DISPLAY | 1+
As6/qemu-tap/x/env/MAC | 1+
As6/qemu-tap/x/env/MEM | 1+
As6/qemu-tap/x/env/NAME | 1+
As6/qemu-tap/x/env/ROOT | 1+
Ms6/qemu-tap/x/run | 20+++++++++++---------
As6/qemu-user/x/env/DISPLAY | 1+
As6/qemu-user/x/env/MAC | 1+
As6/qemu-user/x/env/MEM | 1+
Ms6/qemu-user/x/env/NAME | 1+
As6/qemu-user/x/env/PORT_SSH | 1+
As6/qemu-user/x/env/ROOT | 1+
Ms6/qemu-user/x/run | 21++++++++++++---------
Ds6/qmail-pop3d/type | 1-
Rs6/qmail-pop3d/env/CERTFILE -> s6/qmail-pop3d/x/env/CERTFILE | 0
Rs6/qmail-pop3d/env/HOST -> s6/qmail-pop3d/x/env/HOST | 0
Rs6/qmail-pop3d/env/KEYFILE -> s6/qmail-pop3d/x/env/KEYFILE | 0
Rs6/qmail-pop3d/env/MAILDIR -> s6/qmail-pop3d/x/env/MAILDIR | 0
As6/qmail-pop3d/x/env/PORT | 1+
Ms6/qmail-pop3d/x/run | 10+++++-----
Rs6/httpd/x/type -> s6/qmail-pop3d/x/type | 0
Ms6/qmail-send/x/run | 5++---
As6/qmail-tcp/x/env/USER | 1+
Ms6/qmail-tcp/x/run | 10++++------
Rs6/ftpd/x/env/IP -> s6/qmail-tls/x/env/HOST | 0
As6/qmail-tls/x/env/PORT | 1+
As6/qmail-tls/x/env/USER | 1+
Ms6/qmail-tls/x/run | 13+++++++------
Ms6/ratox/x/run | 3++-
Ms6/s6-log/x/run | 3+--
Ms6/ssh-agent/x/run | 4+---
Ms6/tinc/x/run | 5+----
Ms6/tinydns/x/run | 8++++----
Ms6/tinysshd/x/run | 3+--
Ms6/tor/x/run | 2+-
As6/venti/x/env/PORT_A | 1+
As6/venti/x/env/PORT_H | 1+
As6/venti/x/env/ROOT | 1+
Ms6/venti/x/run | 13++++++++-----
Ms6/walldns/x/run | 3+--
80 files changed, 191 insertions(+), 220 deletions(-)

diff --git a/qmail/locals b/qmail/locals @@ -1 +1,2 @@ localhost +josuah.net diff --git a/qmail/me b/qmail/me @@ -1,2 +1 @@ josuah.net -localhost diff --git a/qmail/rcpthosts b/qmail/rcpthosts @@ -1,2 +1 @@ josuah.net -localhost diff --git a/s6/acme-client/josuah.net/data/conf b/s6/acme-client/josuah.net/data/conf @@ -1,20 +0,0 @@ -authority letsencrypt { - api url "https://acme-v01.api.letsencrypt.org/directory" - account key "/etc/acme/letsencrypt-privkey.pem" -} - -authority letsencrypt-staging { - api url "https://acme-staging.api.letsencrypt.org/directory" - account key "/etc/acme/letsencrypt-staging-privkey.pem" -} - -domain josuah.net { - alternative names { - mail.josuah.net - git.josuah.net - } - domain key "data/ssl/josuah.net.key" - domain certificate "data/ssl/josuah.net.crt" - domain full chain certificate "data/ssl/josuah.net.pem" - sign with letsencrypt -} diff --git a/s6/acme-client/x/run b/s6/acme-client/x/run @@ -1,10 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas -n AGREEMENT_URL AGREEMENT_URL - importas -n WWWDIR WWWDIR - importas -n SSLDIR SSLDIR - importas -n DOMAIN DOMAIN +fdmove -c 2 1 s6-envdir env multisubstitute { + importas AGREEMENT_URL AGREEMENT_URL + importas WWWDIR WWWDIR + importas SSLDIR SSLDIR + importas DOMAIN DOMAIN } # It uses ":well-known" instead of ".well-known" because httpfile(1) diff --git a/s6/axfrdns-tcp/x/run b/s6/axfrdns-tcp/x/run @@ -1,11 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas USER USER } s6-envuidgid $USER s6-softliimt 300000 - s6-tcpserver -vDRHl0 0.0.0.0 53 axrfdns diff --git a/s6/curvevpn-client/x/run b/s6/curvevpn-client/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas NAME NAME importas PUBKEY PUBKEY importas IP IP diff --git a/s6/curvevpn-server/x/run b/s6/curvevpn-server/x/run @@ -1,14 +1,13 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas NAME NAME importas IP IP importas PORT PORT - importas ROOT ROOT + importas BASE BASE importas EXT EXT } -cd $ROOT +cd $BASE if { rm -f lock/???????????????????????????????????????????????????????????????? } curvevpn-server $NAME data/key $IP $PORT $EXT curvevpn-message diff --git a/s6/dnscache/x/run b/s6/dnscache/x/run @@ -1,11 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env { +fdmove -c 2 1 s6-envdir env { importas DATALIMIT DATALIMIT } s6-envguid dns s6-softlimit -o 250 -d $DATALIMIT - -pipeline { dd 'if=/dev/random' } +pipeline { dd if=/dev/random } dnscache diff --git a/s6/ftpd/x/env/IP b/s6/ffingerd-tcp/x/env/HOST diff --git a/s6/ffingerd-tcp/x/env/PORT b/s6/ffingerd-tcp/x/env/PORT @@ -0,0 +1 @@ +79 diff --git a/s6/ffingerd-tcp/x/run b/s6/ffingerd-tcp/x/run @@ -1,4 +1,7 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 +fdmove -c 2 1 s6-envdir env multisubstitute { + importas HOST HOST + importas PORT PORT +} -s6-tcpclient 0.0.0.0 79 ffingerd +s6-tcpclient $HOST $PORT ffingerd diff --git a/s6/fossil/x/env/PORT_A b/s6/fossil/x/env/PORT_A @@ -0,0 +1 @@ +17034 diff --git a/s6/fossil/x/env/PORT_H b/s6/fossil/x/env/PORT_H @@ -0,0 +1 @@ +8080 diff --git a/s6/fossil/x/env/ROOT b/s6/fossil/x/env/ROOT @@ -0,0 +1 @@ +/var/venti diff --git a/s6/fossil/x/run b/s6/fossil/x/run @@ -1,13 +1,12 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas VENTI VENTI +fdmove -c 2 1 s6-envdir env multisubstitute { + importas ROOT ROOT + importas PORT_A PORT_A + importas PORT_H PORT_H } -if { mkdir -p $VENTI } -/var/venti - +cd $ROOT fossil -s - -c /etc/fossil/conf - -a tcp!*!17034 - -h tcp!*!8080 + -c data/conf + -a tcp!*!$PORT_A + -h tcp!*!$PORT_H diff --git a/s6/ftpd/x/run b/s6/ftpd/x/run @@ -1,10 +0,0 @@ -#!/local/bin/execlineb -P -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas HOST HOST - importas PORT PORT -} - -s6-envuidgid www -s6-tcpserver -vD -b50 -c100 $HOST $PORT -ftpd /var/www/ diff --git a/s6/geomyidae/x/env/BASE b/s6/geomyidae/x/env/ROOT diff --git a/s6/geomyidae/x/run b/s6/geomyidae/x/run @@ -1,9 +1,8 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas HOST HOST importas PORT PORT - importas BASE BASE + importas ROOT ROOT } -geomyidae -d -b $BASE -h $HOST -p $PORT +geomyidae -d -b $ROOT -h $HOST -p $PORT diff --git a/s6/ftpd/x/env/IP b/s6/git-daemon/x/env/HOST diff --git a/s6/git-daemon/x/env/PORT b/s6/git-daemon/x/env/PORT @@ -0,0 +1 @@ +9418 diff --git a/s6/git-daemon/x/env/ROOT b/s6/git-daemon/x/env/ROOT @@ -0,0 +1 @@ +/var/git diff --git a/s6/git-daemon/x/run b/s6/git-daemon/x/run @@ -1,8 +1,11 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 +fdmove -c 2 1 s6-envdir env multisubstitute { + importas HOST HOST + importas PORT PORT + importas ROOT ROOT +} -s6-tcpserver 0.0.0.0 9418 +s6-tcpserver $HOST $PORT git daemon --inetd - --export-all - --base-path=/var/git + --base-path=$ROOT diff --git a/s6/httpd/x/run b/s6/httpd/x/run @@ -1,7 +0,0 @@ -#!/usr/bin/env execlineb -fdmove -c 2 1 - -s6-envuidgid www -s6-tcpserver -vD -b50 -c100 0.0.0.0 80 - -httpd /var/www/ diff --git a/s6/httpfile-tcp/x/data/Makefile b/s6/httpfile-tcp/x/Makefile diff --git a/s6/ftpd/x/env/IP b/s6/httpfile-tcp/x/env/HOST diff --git a/s6/httpfile-tcp/x/env/PORT b/s6/httpfile-tcp/x/env/PORT @@ -0,0 +1 @@ +80 diff --git a/s6/httpfile-tcp/x/env/USER b/s6/httpfile-tcp/x/env/USER @@ -0,0 +1 @@ +www diff --git a/s6/httpfile-tcp/x/run b/s6/httpfile-tcp/x/run @@ -1,8 +1,10 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env +fdmove -c 2 1 s6-envdir env multisubstitute { + importas HOST HOST + importas PORT PORT + importas USER USER +} -s6-envuidgid www -s6-tcpserver -vD -b50 -c100 0.0.0.0 80 - -httpfile-httpd /var/www/ +s6-envuidgid $USER +s6-tcpserver -vD -b50 -c100 $HOST $PORT +httpfile-httpd diff --git a/s6/httpfile-tls/x/data/Makefile b/s6/httpfile-tls/x/Makefile diff --git a/s6/ftpd/x/env/IP b/s6/httpfile-tls/x/env/HOST diff --git a/s6/httpfile-tls/x/env/PORT b/s6/httpfile-tls/x/env/PORT @@ -0,0 +1 @@ +80 diff --git a/s6/httpfile-tls/x/run b/s6/httpfile-tls/x/run @@ -1,13 +1,13 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas -n ACCESSFILE ACCESSFILE +fdmove -c 2 1 s6-envdir env multisubstitute { + importas ACCESSFILE ACCESSFILE + importas HOST HOST + importas PORT PORT + importas USER USER } -s6-envuidgid www - +s6-envuidgid $USER unexport ACCESSFILE -s6-tlsserver -vD -b50 -c100 0.0.0.0 443 - +s6-tlsserver -vD -b50 -c100 $HOST $PORT export ACCESSFILE $ACCESSFILE httpfile-httpd diff --git a/s6/ii-tcp/x/run b/s6/ii-tcp/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas HOST HOST importas PORT PORT importas USER USER @@ -8,15 +7,6 @@ s6-envdir env multisubstitute { importas NAME NAME } -ifelse -n { test -f $CAFILE } { - redirfd -r 0 /dev/null - redirfd -w 1 $CAFILE - openssl s_client -showcerts -connect $HOST:6697 -} - s6-setuidgid $USER s6-tcpclient $HOST $PORT -ii -s $HOST - -n $NICK - -f $NAME - -k PASS +ii -s $HOST -n $NICK -f $NAME -k PASS diff --git a/s6/ii-tls/x/run b/s6/ii-tls/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas HOST HOST importas PORT PORT importas USER USER @@ -11,10 +10,10 @@ s6-envdir env multisubstitute { ifelse -n { test -f ${CAFILE} } { redirfd -r 0 /dev/null - redirfd -w 1 ${CAFILE} + redirfd -w 1 $CAFILE openssl s_client -showcerts -connect ${HOST}:${PORT} } -s6-setuidgid ${USER} -s6-tlsclient ${HOST} ${PORT} -ii -s ${HOST} -n ${NICK} -f ${NAME} -k PASS +s6-setuidgid $USER +s6-tlsclient $HOST $PORT +ii -s $HOST -n $NICK -f $NAME -k PASS diff --git a/s6/mpop/x/run b/s6/mpop/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas USER USER } diff --git a/s6/ngircd-tls/josuah.net/data/conf b/s6/ngircd-tls/josuah.net/data/conf @@ -0,0 +1,43 @@ +[Global] + Name = josuah.net + AdminInfo1 = josuah + AdminInfo2 = XXX + AdminEMail = mail@josuah.net + Info = XXX + MotdFile = data/motd + Ports = 6697 + +[Limits] + MaxConnections = 128 + MaxConnectionsIP = 20 + MaxJoins = 50 + MaxNickLength = 10 + PingTimeout = 120 + PongTimeout = 120 + +[Options] + AllowedChannelTypes = #&+ + AllowRemoteOper = yes + CloakHost = %x + #CloakHostSalt = XXX + DefaultUserModes = iC + DNS = no + Ident = no + MorePrivacy = yes + OperCanUseMode = yes + OperChanPAutoOp = yes + +[SSL] + Ports = 6697 + CertFile = /etc/ssl/josuah.net/cert.pem + DHFile = /etc/ssl/dhparam.pem + KeyFile = /etc/ssl/josuah.net/privkey.pem + CipherList = AES+RSA:!SSLv3 + +[Operator] + Name = josuah + Password = XXX + Mask = josuah!XXX + +[Server] + #XXX diff --git a/s6/ngircd-tls/x/data/motd b/s6/ngircd-tls/josuah.net/data/motd diff --git a/s6/ngircd-tls/x/data/conf b/s6/ngircd-tls/x/data/conf @@ -1,45 +0,0 @@ -[Global] - Name = josuah.net - AdminInfo1 = josuah - AdminInfo2 = XXX - AdminEMail = mail@josuah.net - Info = XXX - MotdFile = data/motd - Network = XXX - Ports = 6697 - -[Limits] - MaxConnections = 128 - MaxConnectionsIP = 20 - MaxJoins = 50 - MaxNickLength = 10 - PingTimeout = 120 - PongTimeout = 120 - -[Options] - AllowedChannelTypes = #&+ - AllowRemoteOper = yes - CloakHost = %x%x - CloakHostSalt = XXX - DefaultUserModes = iC - DNS = no - Ident = no - MorePrivacy = yes - OperCanUseMode = yes - OperChanPAutoOp = yes - -[SSL] - Ports = 6697 - CertFile = /etc/ssl/josuah.net/cert.pem - DHFile = /etc/ssl/dhparam.pem - KeyFile = /etc/ssl/josuah.net/privkey.pem - KeyFilePassword = XXX - CipherList = AES+RSA - -[Operator] - Name = josuah - Password = XXX - Mask = josuah!XXX - -[Server] - #XXX diff --git a/s6/ntpclient/x/run b/s6/ntpclient/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas HOST HOST } diff --git a/s6/qemu-tap/x/env/DISPLAY b/s6/qemu-tap/x/env/DISPLAY @@ -0,0 +1 @@ +none diff --git a/s6/qemu-tap/x/env/MAC b/s6/qemu-tap/x/env/MAC @@ -0,0 +1 @@ +52:54:00:00:00:00 diff --git a/s6/qemu-tap/x/env/MEM b/s6/qemu-tap/x/env/MEM @@ -0,0 +1 @@ +333m diff --git a/s6/qemu-tap/x/env/NAME b/s6/qemu-tap/x/env/NAME @@ -0,0 +1 @@ +vm diff --git a/s6/qemu-tap/x/env/ROOT b/s6/qemu-tap/x/env/ROOT @@ -0,0 +1 @@ +/var/iso diff --git a/s6/qemu-tap/x/run b/s6/qemu-tap/x/run @@ -1,11 +1,14 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas NAME NAME + importas MEM MEM + importas MAC MAC + importas DISPLAY DISPLAY + importas ROOT ROOT } # qemu without networking services, using a tap ethernet device - +# # The virtual machine main interface (nic,vlan=0) is communicating # through a tap device (tap,vlan=0) in the host that is not connected to # anything yet. A bridge needs to be setup between this interface and @@ -13,11 +16,10 @@ s6-envdir env multisubstitute { qemu-system-x86_64 -name $NAME - -m 333M + -m $MEM -netdev tap,id=nd0,ifname=tap0,script=no,downscript=no - -device virtio-net,netdev=nd0,mac=52:54:00:00:00:00 - /var/iso/$NAME.iso + -device virtio-net,netdev=nd0,mac=$MAC + -display $DISPLAY + $ROOT/$NAME.iso -# -display none -# -display curses -# -display vnc=0.0.0.0:0 +# -display # none # curses # vnc=0.0.0.0:0 # diff --git a/s6/qemu-user/x/env/DISPLAY b/s6/qemu-user/x/env/DISPLAY @@ -0,0 +1 @@ +none diff --git a/s6/qemu-user/x/env/MAC b/s6/qemu-user/x/env/MAC @@ -0,0 +1 @@ +52:54:00:00:00:00 diff --git a/s6/qemu-user/x/env/MEM b/s6/qemu-user/x/env/MEM @@ -0,0 +1 @@ +333m diff --git a/s6/qemu-user/x/env/NAME b/s6/qemu-user/x/env/NAME @@ -0,0 +1 @@ +vm diff --git a/s6/qemu-user/x/env/PORT_SSH b/s6/qemu-user/x/env/PORT_SSH @@ -0,0 +1 @@ +10000 diff --git a/s6/qemu-user/x/env/ROOT b/s6/qemu-user/x/env/ROOT @@ -0,0 +1 @@ +/var/iso diff --git a/s6/qemu-user/x/run b/s6/qemu-user/x/run @@ -1,21 +1,24 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir envmultisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas NAME NAME + importas MEM MEM + importas MAC MAC + importas DISPLAY DISPLAY + importas ROOT ROOT + importas PORT_SSH PORT_SSH } -# qemu with facilitated networking services - +# qemu with networking in user mode: managed by qemu +# # The virtual machine communicates with the hypervisor, which setups # a lot of servers (dns, tftp, dhcp...) for ease of use. qemu-system-x86_64 -name $NAME - -m 333M + -m $MEM -netdev user,id=nd0,hostfwd=tcp::10000-:22 -device e1000,netdev=nd0 - -display none - /var/iso/$NAME.iso + -display $DISPLAY + $ROOT/$NAME.iso -# -display curses -# -display vnc=0.0.0.0:0 +# -display # none # curses # vnc=0.0.0.0:0 # diff --git a/s6/qmail-pop3d/type b/s6/qmail-pop3d/type @@ -1 +0,0 @@ -longrun diff --git a/s6/qmail-pop3d/env/CERTFILE b/s6/qmail-pop3d/x/env/CERTFILE diff --git a/s6/qmail-pop3d/env/HOST b/s6/qmail-pop3d/x/env/HOST diff --git a/s6/qmail-pop3d/env/KEYFILE b/s6/qmail-pop3d/x/env/KEYFILE diff --git a/s6/qmail-pop3d/env/MAILDIR b/s6/qmail-pop3d/x/env/MAILDIR diff --git a/s6/qmail-pop3d/x/env/PORT b/s6/qmail-pop3d/x/env/PORT @@ -0,0 +1 @@ +995 diff --git a/s6/qmail-pop3d/x/run b/s6/qmail-pop3d/x/run @@ -1,9 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir env multisubstitute { - importas -n HOST HOST - importas -n MAILDIR MAILDIR +fdmove -c 2 1 s6-envdir env multisubstitute { + importas HOST HOST + importas PORT PORT + importas MAILDIR MAILDIR } -s6-tlsserver 0.0.0.0 995 +s6-tlsserver $HOST $PORT qmail-popup $HOST checkpassword qmail-pop3d $MAILDIR diff --git a/s6/httpd/x/type b/s6/qmail-pop3d/x/type diff --git a/s6/qmail-send/x/run b/s6/qmail-send/x/run @@ -1,7 +1,6 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas -n MAILDIR MAILDIR +fdmove -c 2 1 s6-envdir env multisubstitute { + importas MAILDIR MAILDIR } qmail-start $MAILDIR diff --git a/s6/qmail-tcp/x/env/USER b/s6/qmail-tcp/x/env/USER @@ -0,0 +1 @@ +qmaild diff --git a/s6/qmail-tcp/x/run b/s6/qmail-tcp/x/run @@ -1,11 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas -n HOST HOST - importas -n PORT PORT +fdmove -c 2 1 s6-envdir env multisubstitute { + importas HOST HOST + importas PORT PORT } -s6-envuidgid qmaild - +s6-envuidgid $USER s6-tcpserver -U $HOST $PORT qmail-smtpd diff --git a/s6/ftpd/x/env/IP b/s6/qmail-tls/x/env/HOST diff --git a/s6/qmail-tls/x/env/PORT b/s6/qmail-tls/x/env/PORT @@ -0,0 +1 @@ +465 diff --git a/s6/qmail-tls/x/env/USER b/s6/qmail-tls/x/env/USER @@ -0,0 +1 @@ +qmaild diff --git a/s6/qmail-tls/x/run b/s6/qmail-tls/x/run @@ -1,10 +1,11 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { - importas -n ACCESSFILE ACCESSFILE +fdmove -c 2 1 s6-envdir env multisubstitute { + importas ACCESSFILE ACCESSFILE + importas USER USER + importas HOST HOST + importas PORT PORT } -s6-envuidgid qmaild - -s6-tlsserver -U 0.0.0.0 465 +s6-envuidgid $USER +s6-tlsserver -U $HOST $PORT qmail-smtpd diff --git a/s6/ratox/x/run b/s6/ratox/x/run @@ -3,4 +3,5 @@ fdmove -c 2 1 backtick home { homeof $USER } if { mkdir -p $home/tox } cd $home/tox -exec ratox +s6-setuidgid $USER +ratox diff --git a/s6/s6-log/x/run b/s6/s6-log/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas SERVICE SERVICE } diff --git a/s6/ssh-agent/x/run b/s6/ssh-agent/x/run @@ -1,11 +1,9 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas USER USER } backtick -n home { homeof $USER } importas home home s6-setuidgid $USER -if { whoami } ssh-agent -d -a ${home}/.ssh/auth.sock diff --git a/s6/tinc/x/run b/s6/tinc/x/run @@ -1,7 +1,4 @@ #!/usr/bin/env execlineb fdmove -c 2 1 -tincd -D - -d 5 - --config=./data - --pidfile=./data/pid +tincd -D -d 5 --config=data --pidfile=pid diff --git a/s6/tinydns/x/run b/s6/tinydns/x/run @@ -1,7 +1,7 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir env - -s6-envuidgid dns +fdmove -c 2 1 s6-envdir env multisubstitute { + importas USER USER +} +s6-envuidgid $USER tinydns diff --git a/s6/tinysshd/x/run b/s6/tinysshd/x/run @@ -1,6 +1,5 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 -s6-envdir env multisubstitute { +fdmove -c 2 1 s6-envdir env multisubstitute { importas HOST HOST importas PORT PORT } diff --git a/s6/tor/x/run b/s6/tor/x/run @@ -1,4 +1,4 @@ #!/usr/bin/env execlineb fdmove -c 2 1 -tor -f ./data/conf +tor -f data/conf diff --git a/s6/venti/x/env/PORT_A b/s6/venti/x/env/PORT_A @@ -0,0 +1 @@ +17034 diff --git a/s6/venti/x/env/PORT_H b/s6/venti/x/env/PORT_H @@ -0,0 +1 @@ +8080 diff --git a/s6/venti/x/env/ROOT b/s6/venti/x/env/ROOT @@ -0,0 +1 @@ +/var/venti diff --git a/s6/venti/x/run b/s6/venti/x/run @@ -1,9 +1,12 @@ #!/usr/bin/env execlineb -fdmove -c 2 1 +fdmove -c 2 1 s6-envuidgid env multisubstitute { + importas ROOT ROOT + importas PORT_A PORT_A + importas PORT_H PORT_H +} s6-setuidgid venti - venti -s - -c data/conf - -a tcp!*!17034 - -h tcp!*!8080 + -c $ROOT + -a tcp!*!$PORT_A + -h tcp!*!$PORT_H diff --git a/s6/walldns/x/run b/s6/walldns/x/run @@ -1,5 +1,4 @@ #!/usr/bin/env execlineb -fdmove -c 1 -s6-envdir env +fdmove -c 1 s6-envdir env walldns