KAZ/kaz-vagrant
12
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Initial commit

Browse Source
This commit is contained in:
fabrice.regnier
2022-11-30 19:43:06 +01:00
commit 2477cdfbe9
31 changed files with 2677 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
files/.emacs Normal file
View File

@ -0,0 +1,48 @@
(custom-set-variables
;; custom-set-variables was added by Custom.
;; If you edit it by hand, you could mess it up, so be careful.
;; Your init file should contain only one such instance.
;; If there is more than one, they won't work right.
'(ansi-color-faces-vector
[default default default italic underline success warning error])
'(ansi-color-names-vector
["black" "red3" "ForestGreen" "yellow3" "blue" "magenta3" "DeepSkyBlue" "gray50"])
'(custom-enabled-themes '(Monokai))
'(inverse-video t)
)
(custom-set-faces
;; custom-set-faces was added by Custom.
;; If you edit it by hand, you could mess it up, so be careful.
;; Your init file should contain only one such instance.
;; If there is more than one, they won't work right.
)
(require 'ansi-color)
(defun ansi-color-region ()
"Color the ANSI escape sequences in the acitve region.
Sequences start with an escape \033 (typically shown as \"^[\")
and end with \"m\", e.g. this is two sequences
^[[46;1mTEXT^[[0m
where the first sequence says to diplay TEXT as bold with
a cyan background and the second sequence turns it off.
This strips the ANSI escape sequences and if the buffer is saved,
the sequences will be lost."
(interactive)
(if (not (region-active-p))
(message "ansi-color-region: region is not active"))
(if buffer-read-only
;; read-only buffers may be pointing a read-only file system, so don't mark the buffer as
;; modified. If the buffer where to become modified, a warning will be generated when emacs
;; tries to autosave.
(let ((inhibit-read-only t)
(modified (buffer-modified-p)))
(ansi-color-apply-on-region (region-beginning) (region-end))
(set-buffer-modified-p modified))
(ansi-color-apply-on-region (region-beginning) (region-end))))
(add-to-list 'load-path "~/.emacs.d/dockerfile-mode/")
(require 'dockerfile-mode)
;;(add-to-list 'auto-mode-alist '("Dockerfile\\'" . dockerfile-mode))
(setq auto-mode-alist (cons '("Dockerfile\\'" . dockerfile-mode) auto-mode-alist))

229
files/.emacs.d/dockerfile-mode/dockerfile-mode.el Normal file
View File

@ -0,0 +1,229 @@
;;; dockerfile-mode.el --- Major mode for editing Docker's Dockerfiles -*- lexical-binding: t -*-
;; Copyright (c) 2013 Spotify AB
;; Package-Requires: ((emacs "24") (s "1.12"))
;; Homepage: https://github.com/spotify/dockerfile-mode
;;
;; Licensed under the Apache License, Version 2.0 (the "License"); you may not
;; use this file except in compliance with the License. You may obtain a copy of
;; the License at
;;
;; http://www.apache.org/licenses/LICENSE-2.0
;;
;; Unless required by applicable law or agreed to in writing, software
;; distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
;; WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
;; License for the specific language governing permissions and limitations under
;; the License.
;;; Commentary:
;; Provides a major mode `dockerfile-mode' for use with the standard
;; `Dockerfile' file format. Additional convenience functions allow
;; images to be built easily.
;;; Code:
(require 'sh-script)
(require 'rx)
(require 's)
(declare-function cygwin-convert-file-name-to-windows "cygw32.c" (file &optional absolute-p))
(defgroup dockerfile nil
"dockerfile code editing commands for Emacs."
:link '(custom-group-link :tag "Font Lock Faces group" font-lock-faces)
:prefix "dockerfile-"
:group 'languages)
(defcustom dockerfile-mode-hook nil
"*Hook called by `dockerfile-mode'."
:type 'hook
:group 'dockerfile)
(defcustom dockerfile-mode-command "docker"
"Which binary to use to build images"
:group 'dockerfile
:type 'string)
(defcustom dockerfile-use-sudo nil
"Runs docker builder command with sudo."
:type 'boolean
:group 'dockerfile)
(defcustom dockerfile-build-args nil
"List of --build-arg to pass to docker build.
Each element of the list will be passed as a separate
--build-arg to the docker build command."
:type '(repeat string)
:group 'dockerfile)
(defface dockerfile-image-name
'((t (:inherit (font-lock-type-face bold))))
"Face to highlight the base image name after FROM instruction.")
(defface dockerfile-image-alias
'((t (:inherit (font-lock-constant-face bold))))
"Face to highlight the base image alias inf FROM ... AS <alias> construct.")
(defconst dockerfile--from-regex
(rx "from " (group (+? nonl)) (or " " eol) (? "as " (group (1+ nonl)))))
(defvar dockerfile-font-lock-keywords
`(,(cons (rx (or line-start "onbuild ")
(group (or "from" "maintainer" "run" "cmd" "expose" "env" "arg"
"add" "copy" "entrypoint" "volume" "user" "workdir" "onbuild"
"label" "stopsignal" "shell" "healthcheck"))
word-boundary)
font-lock-keyword-face)
(,dockerfile--from-regex
(1 'dockerfile-image-name)
(2 'dockerfile-image-alias nil t))
,@(sh-font-lock-keywords)
,@(sh-font-lock-keywords-2)
,@(sh-font-lock-keywords-1))
"Default `font-lock-keywords' for `dockerfile mode'.")
(defvar dockerfile-mode-map
(let ((map (make-sparse-keymap))
(menu-map (make-sparse-keymap)))
(define-key map "\C-c\C-b" #'dockerfile-build-buffer)
(define-key map "\C-c\M-b" #'dockerfile-build-no-cache-buffer)
(define-key map "\C-c\C-c" #'comment-region)
(define-key map [menu-bar dockerfile-mode] (cons "Dockerfile" menu-map))
(define-key menu-map [dfc]
'(menu-item "Comment Region" comment-region
:help "Comment Region"))
(define-key menu-map [dfb]
'(menu-item "Build" dockerfile-build-buffer
:help "Send the Dockerfile to docker build"))
(define-key menu-map [dfb]
'(menu-item "Build without cache" dockerfile-build-no-cache-buffer
:help "Send the Dockerfile to docker build without cache"))
map))
(defvar dockerfile-mode-syntax-table
(let ((table (make-syntax-table)))
(modify-syntax-entry ?# "<" table)
(modify-syntax-entry ?\n ">" table)
(modify-syntax-entry ?' "\"" table)
(modify-syntax-entry ?= "." table)
table)
"Syntax table for `dockerfile-mode'.")
(define-abbrev-table 'dockerfile-mode-abbrev-table nil
"Abbrev table used while in `dockerfile-mode'.")
(unless dockerfile-mode-abbrev-table
(define-abbrev-table 'dockerfile-mode-abbrev-table ()))
(defun dockerfile-indent-line-function ()
"Indent lines in a Dockerfile.
Lines beginning with a keyword are ignored, and any others are
indented by one `tab-width'."
(unless (member (get-text-property (point-at-bol) 'face)
'(font-lock-comment-delimiter-face font-lock-keyword-face))
(save-excursion
(beginning-of-line)
(skip-chars-forward "[ \t]" (point-at-eol))
(unless (equal (point) (point-at-eol)) ; Ignore empty lines.
;; Delete existing whitespace.
(delete-char (- (point-at-bol) (point)))
(indent-to tab-width)))))
(defun dockerfile-build-arg-string ()
"Create a --build-arg string for each element in `dockerfile-build-args'."
(mapconcat (lambda (arg) (concat "--build-arg " (shell-quote-argument arg)))
dockerfile-build-args " "))
(defun dockerfile-standard-filename (file)
"Convert the FILE name to OS standard.
If in Cygwin environment, uses Cygwin specific function to convert the
file name. Otherwise, uses Emacs' standard conversion function."
(if (fboundp 'cygwin-convert-file-name-to-windows)
(s-replace "\\" "\\\\" (cygwin-convert-file-name-to-windows file))
(convert-standard-filename file)))
(defun dockerfile-tag-string (image-name)
"Return a --tag shell-quoted IMAGE-NAME string or an empty string if image-name is blank."
(if (string= image-name "") "" (format "--tag %s " (shell-quote-argument image-name))))
(defvar dockerfile-image-name nil
"Name of the dockerfile currently being used.
This can be set in file or directory-local variables.")
(define-obsolete-variable-alias 'docker-image-name 'dockerfile-image-name)
(defvar dockerfile-image-name-history nil
"History of image names read by `dockerfile-read-image-name'.")
(defun dockerfile-read-image-name ()
"Read a docker image name."
(read-string "Image name: " dockerfile-image-name 'dockerfile-image-name-history))
;;;###autoload
(defun dockerfile-build-buffer (image-name &optional no-cache)
"Build an image called IMAGE-NAME based upon the buffer.
If prefix arg NO-CACHE is set, don't cache the image.
The build string will be of the format:
`sudo docker build --no-cache --tag IMAGE-NAME --build-args arg1.. -f filename directory`"
(interactive (list (dockerfile-read-image-name) prefix-arg))
(save-buffer)
(compilation-start
(format
"%s%s build %s %s %s -f %s %s"
(if dockerfile-use-sudo "sudo " "")
dockerfile-mode-command
(if no-cache "--no-cache" "")
(dockerfile-tag-string image-name)
(dockerfile-build-arg-string)
(shell-quote-argument (dockerfile-standard-filename (buffer-file-name)))
(shell-quote-argument (dockerfile-standard-filename default-directory)))
nil
(lambda (_) (format "*docker-build-output: %s *" image-name))))
;;;###autoload
(defun dockerfile-build-no-cache-buffer (image-name)
"Build an image called IMAGE-NAME based upon the buffer without cache."
(interactive (list (dockerfile-read-image-name)))
(dockerfile-build-buffer image-name t))
(defun dockerfile--imenu-function ()
"Find the previous headline from point.
Search for a FROM instruction. If an alias is used this is
returned, otherwise the base image name is used."
(when (re-search-backward dockerfile--from-regex nil t)
(let ((data (match-data)))
(when (match-string 2)
;; we drop the first match group because
;; imenu-generic-expression can only use one offset, so we
;; normalize to `1'.
(set-match-data (list (nth 0 data) (nth 1 data) (nth 4 data) (nth 5 data))))
t)))
;;;###autoload
(define-derived-mode dockerfile-mode prog-mode "Dockerfile"
"A major mode to edit Dockerfiles.
\\{dockerfile-mode-map}
"
(set-syntax-table dockerfile-mode-syntax-table)
(set (make-local-variable 'imenu-generic-expression)
`(("Stage" dockerfile--imenu-function 1)))
(set (make-local-variable 'require-final-newline) mode-require-final-newline)
(set (make-local-variable 'comment-start) "#")
(set (make-local-variable 'comment-end) "")
(set (make-local-variable 'comment-start-skip) "#+ *")
(set (make-local-variable 'parse-sexp-ignore-comments) t)
(set (make-local-variable 'font-lock-defaults)
'(dockerfile-font-lock-keywords nil t))
(setq local-abbrev-table dockerfile-mode-abbrev-table)
(set (make-local-variable 'indent-line-function) #'dockerfile-indent-line-function))
;;;###autoload
(add-to-list 'auto-mode-alist '("Dockerfile\\(?:\\..*\\)?\\'" . dockerfile-mode))
(provide 'dockerfile-mode)
;;; dockerfile-mode.el ends here

10
files/10-monitor.conf Normal file
View File

@ -0,0 +1,10 @@
Section "ServerFlags"
Option "StandbyTime" "0"
Option "SuspendTime" "0"
Option "OffTime" "0"
Option "BlankTime" "0"
EndSection
Section "Extensions"
Option "DPMS" "Disable"
EndSection

44
files/clawsmail/addclawsuser.sh Executable file
View File

@ -0,0 +1,44 @@
#!/bin/bash
# Configure claws mail
set -e
#if [ -z $KAZGUARD ] ; then exit 1; fi
DIR=`dirname $0`
cd `dirname $0`
# $domain, $mailname, $password
name=$1
domainname=$2
password=$3
number=$4
# cp -ar claws-mail ~/.claws-mail
mkdir -p ~/.claws-mail
cat claws-mail/accountrc > /tmp/accountrc
sed -i -e "s/\$name/$name/" /tmp/accountrc
sed -i -e "s/\$domainname/$domainname/" /tmp/accountrc
sed -i -e "s/\$number/$number/" /tmp/accountrc
cat /tmp/accountrc >> ~/.claws-mail/accountrc
if [ ! -f ~/.claws-mail/folderlist.xml ]; then
cp claws-mail/folderlist_skel.xml ~/.claws-mail/folderlist.xml
fi
cat claws-mail/folderlist.xml > /tmp/folderlist.xml
sed -i -e "s/\$name/$name/" /tmp/folderlist.xml
sed -i -e "s/\$domainname/kaz\.bzh/" /tmp/folderlist.xml
sed -i -e "s/\$number/$number/" /tmp/folderlist.xml
sed -i -e "s/<\/folderlist>//" ~/.claws-mail/folderlist.xml
cat /tmp/folderlist.xml >> ~/.claws-mail/folderlist.xml
echo "</folderlist>" >> ~/.claws-mail/folderlist.xml
cp claws-mail/clawsrc ~/.claws-mail/
# chmod +x genpasswd
pass=`./genpasswd $password`
#gcc genpasswd.c -o genpasswd -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/lib/x86_64-linux-gnu/glib-2.0/include/ -lglib-2.0 -lgnutls
echo -e "[account:$number]\nrecv $pass" >> ~/.claws-mail/passwordstorerc

106
files/clawsmail/claws-mail/accountrc Normal file
View File

@ -0,0 +1,106 @@
[Account: $number]
domain=kaz.local
name=$name@$domainname
account_name=IMAP
is_default=1
address=$name@$domainname
organization=
protocol=1
receive_server=mail.$domainname
recvtype=3
smtp_server=smtp.$domainname
nntp_server=
local_mbox=/var/mail
use_mail_command=0
mail_command=/usr/sbin/sendmail -t -i
use_nntp_auth=0
use_nntp_auth_onconnect=0
user_id=$name@$domainname
use_apop_auth=0
remove_mail=1
message_leave_time=7
message_leave_hour=0
enable_size_limit=0
size_limit=1024
filter_on_receive=1
filterhook_on_receive=1
imap_auth_method=0
receive_at_get_all=1
max_news_articles=300
inbox=#mh/Mailbox/inbox
local_inbox=#mh/Mailbox/inbox
imap_directory=
imap_subsonly=1
low_bandwidth=0
generate_msgid=1
generate_xmailer=1
add_custom_header=0
msgid_with_addr=0
use_smtp_auth=0
smtp_auth_method=0
smtp_user_id=
pop_before_smtp=0
pop_before_smtp_timeout=5
signature_type=0
signature_path=/home/debian/.signature
auto_signature=1
signature_separator=--
set_autocc=0
auto_cc=
set_autobcc=0
auto_bcc=
set_autoreplyto=0
auto_replyto=
enable_default_dictionary=0
default_dictionary=
enable_default_alt_dictionary=0
default_alt_dictionary=
compose_with_format=0
compose_subject_format=
compose_body_format=
reply_with_format=0
reply_quotemark=
reply_body_format=
forward_with_format=0
forward_quotemark=
forward_body_format=
default_privacy_system=
default_encrypt=0
default_encrypt_reply=1
default_sign=0
default_sign_reply=1
save_clear_text=0
encrypt_to_self=0
privacy_prefs=
ssl_pop=0
ssl_imap=0
ssl_nntp=0
ssl_smtp=0
ssl_certs_auto_accept=0
use_nonblocking_ssl=1
in_ssl_client_cert_file=
out_ssl_client_cert_file=
set_smtpport=0
smtp_port=25
set_popport=0
pop_port=110
set_imapport=0
imap_port=143
set_nntpport=0
nntp_port=119
set_domain=0
domain=
gnutls_set_priority=0
gnutls_priority=
set_tunnelcmd=0
tunnelcmd=
mark_crosspost_read=0
crosspost_color=0
set_sent_folder=0
sent_folder=
set_queue_folder=0
queue_folder=
set_draft_folder=0
draft_folder=
set_trash_folder=0
trash_folder=

94
files/clawsmail/claws-mail/accountrc.tmpl Normal file
View File

@ -0,0 +1,94 @@
[AccountTemplate]
#you can use $DEFAULTDOMAIN here
#domain must be defined before the variables that use it
#by default, domain is extracted from the hostname
#domain=
#you can use $USERNAME for name (this is the default)
#name=
#you can use $LOGIN, $NAME_MAIL and $DOMAIN here
#$NAME_MAIL is the name without uppercase and with dots instead
#of spaces
#the default is $NAME_MAIL@$DOMAIN
#email=
#you can use $DOMAIN here
#the default organization is empty
#organization=
#you can use $DOMAIN here
#the default is smtp.$DOMAIN
#smtpserver=
#Whether to use smtp authentication
#the default is 0 (no)
#smtpauth=
#SMTP username
#you can use $LOGIN, $NAME_MAIL, $DOMAIN or $EMAIL here
#the default is empty (same as reception username)
#smtpuser=
#SMTP password
#the default is empty (same as reception password)
#smtppass=
#recvtype can be:
#0 for pop3
#3 for imap
#5 for a local mbox file
#recvtype=
#you can use $DOMAIN here
#the default is {pop,imap}.$DOMAIN
#recvserver=
#you can use $LOGIN, $NAME_MAIL, $DOMAIN or $EMAIL here
#default is $LOGIN
#recvuser=
#default is empty
#recvpass=
#imap dir if imap (relative to the home on the server)
#default is empty
#imapdir=
#show subscribed folders only, if imap
#default is TRUE
#subsonly=
#mbox file if local
#you can use $LOGIN here
#default is /var/mail/$LOGIN
#mboxfile=
#mailbox name if pop3 or local
#relative path from the user's home
#default is "Mail"
#mailbox=
#whether to use encryption on SMTP connections
#default is 0, 1 is SSL/TLS, 2 is STARTTLS
#smtpssl=
#whether to use encryption on POP3 or IMAP connections
#default is 0, 1 is SSL/TLS, 2 is STARTTLS
#recvssl=
#SSL/TLS client certificate path for SMTP
#default is empty (no certificate)
#smtpssl_cert=
#SSL/TLS client certificate path for POP/IMAP
#default is empty (no certificate)
#recvssl_cert=
#SSL/TLS client certificate password for SMTP
#default is empty (no password)
#smtpssl_cert_pass=
#SSL/TLS client certificate password for POP/IMAP
#default is empty (no password)
#recvssl_cert_pass=

410
files/clawsmail/claws-mail/clawsrc Normal file
View File

@ -0,0 +1,410 @@
[Common]
config_version=2
use_ext_inc=0
ext_inc_path=/usr/bin/mh/inc
autochk_newmail=0
autochk_interval=600
check_on_startup=0
open_inbox_on_inc=0
scan_all_after_inc=0
newmail_notify_manu=0
newmail_notify_auto=0
newmail_notify_cmd=
receive_dialog_mode=2
receivewin_width=460
receivewin_height=-1
no_receive_error_panel=0
close_receive_dialog=1
save_message=1
confirm_send_queued_messages=0
send_dialog_mode=0
sendwin_width=460
sendwin_height=-1
outgoing_charset=AUTO
encoding_method=0
outgoing_fallback_to_ascii=1
rewrite_first_from=1
warn_empty_subj=1
hide_timezone=0
allow_jisx0201_kana=0
auto_ext_editor=0
forward_as_attachment=0
redirect_keep_from=0
undo_level=50
compose_with_format=0
compose_subject_format=
compose_body_format=Hello,\n
show_compose_margin=0
type_any_header=0
linewrap_length=72
linewrap_quotation=1
linewrap_pastes=1
primary_paste_unselects=0
linewrap_auto=1
auto_indent=1
autosave=1
autosave_length=50
autosave_encrypted=0
warn_large_insert=1
warn_large_insert_size=500
enable_aspell=0
dictionary=fr_FR
alt_dictionary=
use_alternate_dict=0
check_while_typing=1
recheck_when_changing_dict=1
misspelled_color=#ff0000
use_both_dicts=0
reply_with_quote=1
compose_dnd_insert_or_attach=0
reply_account_autoselect=1
forward_account_autoselect=1
reedit_account_autoselect=1
default_reply_list=1
show_ruler=1
reply_quote_mark=>
reply_quote_format=On %d\n%f wrote:\n\n%q\n%X
forward_quote_mark=>
forward_quote_format=\n\nBegin forwarded message:\n\n?d{Date: %d\n}?f{From: %f\n}?t{To: %t\n}?c{Cc: %c\n}?n{Newsgroups: %n\n}?s{Subject: %s\n}\n\n%M
quote_chars=>
widget_font=
message_font=-misc-fixed-medium-r-normal--14-*-*-*-*-*-*-*
small_font=-*-helvetica-medium-r-normal--10-*-*-*-*-*-*-*
bold_font=-*-helvetica-bold-r-normal--12-*-*-*-*-*-*-*
normal_font=-*-helvetica-medium-r-normal--12-*-*-*-*-*-*-*
widget_font_gtk2=
message_font_gtk2=Monospace 10
print_font_gtk2=Monospace 9
small_font_gtk2=Sans 10
normal_font_gtk2=Sans 10
bold_font_gtk2=Sans Bold 10
use_different_print_font=0
derive_from_normal_font=1
custom_color1=#ff9900
custom_colorlabel1=Orange
custom_color2=#ff0000
custom_colorlabel2=Red
custom_color3=#ff66ff
custom_colorlabel3=Pink
custom_color4=#00ccff
custom_colorlabel4=Sky blue
custom_color5=#0000ff
custom_colorlabel5=Blue
custom_color6=#009900
custom_colorlabel6=Green
custom_color7=#663333
custom_colorlabel7=Brown
custom_color8=#aaaaaa
custom_colorlabel8=Grey
custom_color9=#c07254
custom_colorlabel9=Light brown
custom_color10=#c00000
custom_colorlabel10=Dark red
custom_color11=#cc1074
custom_colorlabel11=Dark pink
custom_color12=#5094cd
custom_colorlabel12=Steel blue
custom_color13=#ffd500
custom_colorlabel13=Gold
custom_color14=#00d800
custom_colorlabel14=Bright green
custom_color15=#c060c0
custom_colorlabel15=Magenta
display_image=1
resize_image=1
inline_image=1
display_folder_unread_num=0
newsgroup_abbrev_len=16
translate_header=0
default_sort_key=3
default_sort_type=1
use_address_book=0
thread_by_subject=1
date_format=%a %x %H:%M
msgview_date_format=0
next_on_delete=0
bold_unread=1
enable_thread=1
toolbar_style=3
toolbar_detachable=0
show_col_headers=1
show_statusbar=1
show_searchbar=1
summary_col_show_mark=1
summary_col_show_unread=1
summary_col_show_subject=1
summary_col_show_from=1
summary_col_show_to=0
summary_col_show_date=1
summary_col_show_mime=1
summary_col_show_size=1
summary_col_show_number=0
summary_col_show_score=0
summary_col_show_locked=0
summary_col_show_tags=0
summary_col_pos_mark=0
summary_col_pos_unread=1
summary_col_pos_mime=2
summary_col_pos_subject=3
summary_col_pos_from=4
summary_col_pos_date=5
summary_col_pos_size=6
summary_col_pos_number=7
summary_col_pos_score=8
summary_col_pos_locked=9
summary_col_pos_to=10
summary_col_pos_tags=11
summary_col_size_mark=10
summary_col_size_unread=13
summary_col_size_mime=10
summary_col_size_subject=200
summary_col_size_from=120
summary_col_size_to=120
summary_col_size_date=118
summary_col_size_size=45
summary_col_size_number=40
summary_col_size_score=40
summary_col_size_locked=13
summary_col_size_tags=150
folderwin_x=16
folderwin_y=16
folderview_width=270
folderview_height=493
folderview_visible=1
folder_col_show_folder=1
folder_col_show_new=1
folder_col_show_unread=1
folder_col_show_total=1
folder_col_pos_folder=0
folder_col_pos_new=1
folder_col_pos_unread=2
folder_col_pos_total=3
folder_col_size_folder=120
folder_col_size_new=32
folder_col_size_unread=32
folder_col_size_total=32
summaryview_width=523
summaryview_height=262
main_messagewin_x=256
main_messagewin_y=210
messageview_width=523
messageview_height=228
messageview_visible=1
mainview_x=350
mainview_y=58
mainview_width=523
mainview_height=600
mainwin_x=350
mainwin_y=58
mainwin_maximised=0
mainwin_fullscreen=0
mainwin_menubar=1
mainwin_width=800
mainwin_height=600
messagewin_width=600
messagewin_height=540
mimeview_tree_height=60
sourcewin_width=600
sourcewin_height=500
compose_width=600
compose_height=560
compose_notebook_height=130
compose_x=0
compose_y=0
enable_color=1
quote_level1_color=#0000b3
quote_level2_color=#0000b3
quote_level3_color=#0000b3
enable_bgcolor=0
quote_level1_bgcolor=#cccccc
quote_level2_bgcolor=#d4d4d4
quote_level3_bgcolor=#dddddd
uri_color=#007f00
emphasis_color=#0000cf
target_folder_color=#da1cca
signature_color=#797979
recycle_quote_colors=0
display_header_pane=0
display_header=1
display_xface=1
render_html=1
invoke_plugin_on_html=0
promote_html_part=0
line_space=2
never_send_retrcpt=0
enable_smooth_scroll=0
scroll_step=1
scroll_half_page=0
hide_quoted=1
respect_flowed_format=0
show_all_headers=0
show_other_header=0
attach_desc=1
attach_save_directory=
attach_load_directory=
mime_textviewer=
mime_open_command=gedit '%s'
show_inline_attachments=1
layout_mode=0
always_show_message_when_selected=0
select_on_entry=3
show_tooltips=1
summary_select_prio1=2
summary_select_prio2=3
summary_select_prio3=1
summary_select_prio4=5
summary_select_prio5=0
summary_select_prio6=0
summary_select_prio7=0
mark_as_read_on_new_window=0
mark_as_read_delay=0
immediate_execution=1
nextunreadmsg_dialog=1
summary_from_show=0
pixmap_theme_path=INTERNAL_DEFAULT
ask_mark_all_read=1
ask_apply_per_account_filtering_rules=1
apply_per_account_filtering_rules=0
addressbook_use_editaddress_dialog=1
addressbook_hpaned_pos=-1
addressbook_vpaned_pos=-1
uri_open_command=firefox '%s'
ext_editor_command=gedit '%s'
cmds_use_system_default=1
add_address_by_click=0
session_passwords=0
confirm_on_exit=0
clean_trash_on_exit=0
ask_on_cleaning=1
warn_queued_on_exit=1
work_offline=0
summary_quicksearch_type=0
summary_quicksearch_recurse=1
io_timeout_secs=60
hide_score=-9999
important_score=1
clip_log=1
log_length=500
enable_log_standard=1
enable_log_warning=1
enable_log_error=1
enable_log_status=1
log_msg_color=#00af00
log_warn_color=#af0000
log_error_color=#af0000
log_in_color=#000000
log_out_color=#0000ef
log_status_ok_color=#00af00
log_status_nok_color=#0000af
log_status_skip_color=#aa00aa
enable_filtering_debug=0
filtering_debug_level=1
enable_filtering_debug_inc=1
enable_filtering_debug_manual=1
enable_filtering_debug_folder_proc=0
enable_filtering_debug_pre_proc=0
enable_filtering_debug_post_proc=0
filtering_debug_clip_log=1
filtering_debug_log_length=500
gtk_can_change_accels=0
color_new=#0000b3
filteringwin_width=500
filteringwin_height=-1
filteringactionwin_width=490
filteringactionwin_height=-1
matcherwin_width=520
matcherwin_height=-1
templateswin_width=480
templateswin_height=-1
actionswin_width=486
actionswin_height=-1
tagswin_width=486
tagswin_height=-1
addressbookwin_width=520
addressbookwin_height=-1
addressbookeditpersonwin_width=640
addressbookeditpersonwin_height=320
addressbookeditgroupwin_width=580
addressbookeditgroupwin_height=340
pluginswin_width=-1
pluginswin_height=-1
prefswin_width=600
prefswin_height=-1
folderitemwin_width=500
folderitemwin_height=-1
zero_replacement_char=0
editaccountwin_width=500
editaccountwin_height=-1
accountswin_width=500
accountswin_height=-1
logwin_width=520
logwin_height=-1
filtering_debugwin_width=600
filtering_debugwin_height=-1
folderselwin_width=300
folderselwin_height=-1
addressaddwin_width=300
addressaddwin_height=-1
addressbook_folderselwin_width=300
addressbook_folderselwin_height=-1
aboutwin_width=450
aboutwin_height=500
addrgather_width=450
addrgather_height=-1
news_subscribe_width=450
news_subscribe_height=400
warn_dnd=1
utf8_instead_of_locale_for_broken_mail=0
enable_swap_from=0
use_stripes_everywhere=1
use_stripes_in_summaries=1
stripes_color_offset=4000
enable_hscrollbar=1
folderview_vscrollbar_policy=0
textview_cursor_visible=0
hover_timeout=500
cache_max_mem_usage=4096
cache_min_keep_time=15
thread_by_subject_max_age=10
last_opened_folder=#imap/hacker@isp-a.milxc/Trash
goto_last_folder_on_startup=0
summary_quicksearch_sticky=1
summary_quicksearch_dynamic=0
summary_quicksearch_autorun=0
statusbar_update_step=10
compose_no_markup=0
skip_ssl_cert_check=0
live_dangerously=0
save_parts_readwrite=0
hide_quotes=0
unsafe_ssl_certs=0
real_time_sync=0
print_paper_type=
print_paper_orientation=0
print_margin_top=-1
print_margin_bottom=-1
print_margin_left=-1
print_margin_right=-1
print_use_color=0
print_use_collate=0
print_use_reverse=0
print_use_duplex=0
print_imgs=1
print_previewwin_width=600
print_previewwin_height=-1
use_networkmanager=1
use_shred=0
two_line_vertical=1
inherit_folder_properties=0
flush_metadata=1
nav_history_length=50
diff_added_color=#008b8b
diff_deleted_color=#6a5acd
diff_hunk_color=#a52a2a
folder_search_wildcard=1
address_search_wildcard=1
enable_avatars=3
use_master_passphrase=0
master_passphrase=
master_passphrase_salt=uO5gxcSFnCOAN3ESLXOZyqoz3aJemnEKsaaxqPtD5zyrigsCfpqE7ahXNY4N9A3qnEIBv/3PAqxeTUq9VrKr9g==
master_passphrase_pbkdf2_rounds=50000

6
files/clawsmail/claws-mail/folderlist.xml Normal file
View File

@ -0,0 +1,6 @@
<folder type="imap" sort="0" collapsed="0" account_id="$number" name="$name@$domainname">
<folderitem last_change="0" last_sync="0" uidnext="0" last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="0" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="Trash" name="Trash" type="trash" />
<folderitem last_change="0" last_sync="0" uidnext="0" last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="0" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="Sent" name="Sent" type="outbox" />
<folderitem last_change="0" last_sync="0" uidnext="0" last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="0" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="Drafts" name="Drafts" type="draft" />
<folderitem last_change="0" last_sync="0" uidnext="0" last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="0" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="INBOX" name="INBOX" type="inbox" />
</folder>

10
files/clawsmail/claws-mail/folderlist_skel.xml Normal file
View File

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<folderlist>
<folder type="mh" path="Mail" sort="0" collapsed="1" name="Boîte aux lettres">
<folderitem last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="1641582172" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="inbox" name="inbox" type="inbox" />
<folderitem last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="1641582172" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="draft" name="draft" type="draft" />
<folderitem last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="1641582172" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="trash" name="trash" type="trash" />
<folderitem last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="1641582172" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="sent" name="sent" type="outbox" />
<folderitem last_seen="0" order="0" watched="0" ignore="0" locked="0" forwarded="0" replied="0" total="0" marked="0" unreadmarked="0" unread="0" new="0" mtime="1641582350" sort_type="descending" sort_key="date" hidereadthreads="0" hidedelmsgs="0" hidereadmsgs="0" threaded="1" thread_collapsed="0" collapsed="0" path="queue" name="queue" type="queue" />
</folder>
</folderlist>

2
files/clawsmail/claws-mail/passwordstorerc Normal file
View File

@ -0,0 +1,2 @@
[account:1]
recv $password

BIN
files/clawsmail/genpasswd Executable file
View File

Binary file not shown.

333
files/clawsmail/genpasswd.c Normal file
View File

@ -0,0 +1,333 @@
/* customized from claws mail source code */
/* pkcs5_pbkdf2.c - Password-Based Key Derivation Function 2
* Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
*
* Modifications for Claws Mail are:
* Copyright (c) 2016 the Claws Mail team
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
* Copyright (C) 2016 The Claws Mail Team
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include <glib.h>
#include <sys/types.h>
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>
#define CHECKSUM_BLOCKLEN 64
/*
* HMAC-SHA-1 (from RFC 2202).
*/
static void
hmac_sha1(const guchar *text, size_t text_len, const guchar *key,
size_t key_len, guchar *digest)
{
GChecksum *cksum;
gssize digestlen = g_checksum_type_get_length(G_CHECKSUM_SHA1);
gsize outlen;
guchar k_pad[CHECKSUM_BLOCKLEN];
guchar tk[digestlen];
gint i;
if (key_len > CHECKSUM_BLOCKLEN) {
cksum = g_checksum_new(G_CHECKSUM_SHA1);
g_checksum_update(cksum, key, key_len);
outlen = digestlen;
g_checksum_get_digest(cksum, tk, &outlen);
g_checksum_free(cksum);
key = tk;
key_len = digestlen;
}
memset(k_pad, 0, sizeof k_pad);
memcpy(k_pad, key, key_len);
for (i = 0; i < CHECKSUM_BLOCKLEN; i++)
k_pad[i] ^= 0x36;
cksum = g_checksum_new(G_CHECKSUM_SHA1);
g_checksum_update(cksum, k_pad, CHECKSUM_BLOCKLEN);
g_checksum_update(cksum, text, text_len);
outlen = digestlen;
g_checksum_get_digest(cksum, digest, &outlen);
g_checksum_free(cksum);
memset(k_pad, 0, sizeof k_pad);
memcpy(k_pad, key, key_len);
for (i = 0; i < CHECKSUM_BLOCKLEN; i++)
k_pad[i] ^= 0x5c;
cksum = g_checksum_new(G_CHECKSUM_SHA1);
g_checksum_update(cksum, k_pad, CHECKSUM_BLOCKLEN);
g_checksum_update(cksum, digest, digestlen);
outlen = digestlen;
g_checksum_get_digest(cksum, digest, &outlen);
g_checksum_free(cksum);
}
#undef CHECKSUM_BLOCKLEN
/*
* Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
* Code based on IEEE Std 802.11-2007, Annex H.4.2.
*/
gint
pkcs5_pbkdf2(const gchar *pass, size_t pass_len, const guchar *salt,
size_t salt_len, guchar *key, size_t key_len, guint rounds)
{
gssize digestlen = g_checksum_type_get_length(G_CHECKSUM_SHA1);
guchar *asalt, obuf[digestlen];
guchar d1[digestlen], d2[digestlen];
guint i, j;
guint count;
size_t r;
if (pass == NULL || salt == NULL || key == NULL)
return -1;
if (rounds < 1 || key_len == 0)
return -1;
if (salt_len == 0 || salt_len > SIZE_MAX - 4)
return -1;
if ((asalt = malloc(salt_len + 4)) == NULL)
return -1;
memcpy(asalt, salt, salt_len);
for (count = 1; key_len > 0; count++) {
asalt[salt_len + 0] = (count >> 24) & 0xff;
asalt[salt_len + 1] = (count >> 16) & 0xff;
asalt[salt_len + 2] = (count >> 8) & 0xff;
asalt[salt_len + 3] = count & 0xff;
hmac_sha1(asalt, salt_len + 4, pass, pass_len, d1);
memcpy(obuf, d1, sizeof(obuf));
for (i = 1; i < rounds; i++) {
hmac_sha1(d1, sizeof(d1), pass, pass_len, d2);
memcpy(d1, d2, sizeof(d1));
for (j = 0; j < sizeof(obuf); j++)
obuf[j] ^= d1[j];
}
r = MIN(key_len, digestlen);
memcpy(key, obuf, r);
key += r;
key_len -= r;
};
memset(asalt, 0, salt_len + 4);
free(asalt);
memset(d1, 0, sizeof(d1));
memset(d2, 0, sizeof(d2));
memset(obuf, 0, sizeof(obuf));
return 0;
}
//
# include <gnutls/gnutls.h>
# include <gnutls/crypto.h>
#include <glib.h>
#include <glib/gi18n.h>
#include <stdlib.h>
/* Length of stored key derivation, before base64. */
#define KD_LENGTH 64
/* Length of randomly generated and saved salt, used for key derivation.
* Also before base64. */
#define KD_SALT_LENGTH 64
char* monsalt;
int get_random_bytes(char* dst, int len) {
return 1;
}
static void _generate_salt()
{
guchar salt[KD_SALT_LENGTH];
if (!get_random_bytes(salt, KD_SALT_LENGTH)) {
printf("Could not get random bytes for kd salt.\n");
return;
}
monsalt = g_base64_encode(salt, KD_SALT_LENGTH);
}
#undef KD_SALT_LENGTH
static guchar *_make_key_deriv(const gchar *passphrase, guint rounds,
guint length)
{
guchar *kd, *salt;
gchar *saltpref = "uO5gxcSFnCOAN3ESLXOZyqoz3aJemnEKsaaxqPtD5zyrigsCfpqE7ahXNY4N9A3qnEIBv/3PAqxeTUq9VrKr9g==";
gsize saltlen;
gint ret;
/* Grab our salt, generating and saving a new random one if needed. */
if (saltpref == NULL || strlen(saltpref) == 0) {
_generate_salt();
saltpref = "uO5gxcSFnCOAN3ESLXOZyqoz3aJemnEKsaaxqPtD5zyrigsCfpqE7ahXNY4N9A3qnEIBv/3PAqxeTUq9VrKr9g==";
}
salt = g_base64_decode(saltpref, &saltlen);
kd = g_malloc0(length);
//START_TIMING("PBKDF2");
ret = pkcs5_pbkdf2(passphrase, strlen(passphrase), salt, saltlen,
kd, length, rounds);
//END_TIMING();
g_free(salt);
if (ret == 0) {
return kd;
}
g_free(kd);
return NULL;
}
#define BUFSIZE 128
#define IVLEN 16
gchar *password_encrypt_gnutls(const gchar *password,
const gchar *encryption_passphrase)
{
gnutls_cipher_algorithm_t algo = GNUTLS_CIPHER_AES_256_CBC;
gnutls_cipher_hd_t handle;
gnutls_datum_t key, iv;
int keylen, blocklen, ret, len, i;
unsigned char *buf, *encbuf, *base, *output;
guint rounds = 5000;
g_return_val_if_fail(password != NULL, NULL);
g_return_val_if_fail(encryption_passphrase != NULL, NULL);
/* ivlen = gnutls_cipher_get_iv_size(algo);*/
keylen = gnutls_cipher_get_key_size(algo);
blocklen = gnutls_cipher_get_block_size(algo);
/* digestlen = gnutls_hash_get_len(digest); */
/* Take the passphrase and compute a key derivation of suitable
* length to be used as encryption key for our block cipher. */
key.data = _make_key_deriv(encryption_passphrase, rounds, keylen);
key.size = keylen;
/* Prepare random IV for cipher */
iv.data = malloc(IVLEN);
iv.size = IVLEN;
if (!get_random_bytes(iv.data, IVLEN)) {
g_free(key.data);
g_free(iv.data);
return NULL;
}
/* Initialize the encryption */
ret = gnutls_cipher_init(&handle, algo, &key, &iv);
if (ret < 0) {
g_free(key.data);
g_free(iv.data);
return NULL;
}
/* Find out how big buffer (in multiples of BUFSIZE)
* we need to store the password. */
i = 1;
len = strlen(password);
while(len >= i * BUFSIZE)
i++;
len = i * BUFSIZE;
/* Fill buf with one block of random data, our password, pad the
* rest with zero bytes. */
buf = malloc(len + blocklen);
memset(buf, 0, len + blocklen);
if (!get_random_bytes(buf, blocklen)) {
g_free(buf);
g_free(key.data);
g_free(iv.data);
gnutls_cipher_deinit(handle);
return NULL;
}
memcpy(buf + blocklen, password, strlen(password));
/* Encrypt into encbuf */
encbuf = malloc(len + blocklen);
memset(encbuf, 0, len + blocklen);
ret = gnutls_cipher_encrypt2(handle, buf, len + blocklen,
encbuf, len + blocklen);
if (ret < 0) {
g_free(key.data);
g_free(iv.data);
g_free(buf);
g_free(encbuf);
gnutls_cipher_deinit(handle);
return NULL;
}
/* Cleanup */
gnutls_cipher_deinit(handle);
g_free(key.data);
g_free(iv.data);
g_free(buf);
/* And finally prepare the resulting string:
* "{algorithm,rounds}base64encodedciphertext" */
base = g_base64_encode(encbuf, len + blocklen);
//printf("base is %s\n", base);
g_free(encbuf);
output = g_strdup_printf("{%s,%d}%s",
gnutls_cipher_get_name(algo), rounds, base);
g_free(base);
//printf(output);
return output;
}
int main(int argc, char* argv[]) {
//printf("pass %s %s\n", password_encrypt_gnutls("totfrefrgo", "passkey0"), gnutls_cipher_get_name(GNUTLS_CIPHER_AES_256_CBC));
printf(password_encrypt_gnutls(argv[1], "passkey0"));
//printf(argv[1]);
}

78
files/kaz.sh Executable file
View File

@ -0,0 +1,78 @@
#!/bin/bash
if [ -z "${KAZGUARD}" ] ; then
exit 1
fi
DIR=$(cd "$(dirname $0)"; pwd)
cd "${DIR}"
set -e
export VAGRANT_SRC_DIR=/vagrant/files
mkdir -p "${VAGRANT_SRC_DIR}/log/"
export DebugLog="${VAGRANT_SRC_DIR}/log/log-kaz-$(date +%y-%m-%d-%T)-"
(
echo "########## ********** Start kaz.sh $(date +%D-%T)"
#pour la résolution de noms dans /etc/hosts
SERVICES_LIST="smtp mail ldap www depot tableur pad webmail sondage garradin test-garradin wiki git agora cloud office cachet quotas"
docker-clean -a
rm -rf /kaz
if [ -z "${KAZBRANCH}" ] ; then
KAZBRANCH="master"
fi
echo -e "\n #### git checkout ${KAZBRANCH}\n"
# copie des sources
cd /
[ -f kaz ] || git clone https://git.kaz.bzh/KAZ/kaz.git
(cd /kaz ; git checkout "${KAZBRANCH}" )
find /kaz -name \*.sh -exec chmod a+x {} \;
# pour ceux qui disposent d'un cache apt local et pas la fibre
if [ -f "${VAGRANT_SRC_DIR}/.apt-mirror-config" ]; then
rsync -a "${VAGRANT_SRC_DIR}/.apt-mirror-config" /kaz/
fi
if [ -f "${VAGRANT_SRC_DIR}/.proxy-config" ]; then
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /etc/profile.d/proxy.sh
rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /kaz/
fi
if [ -f "${VAGRANT_SRC_DIR}/.docker-config.json" ]; then
mkdir -p /root/.docker
rsync -a "${VAGRANT_SRC_DIR}/.docker-config.json" /root/.docker/config.json
fi
echo -e "\n #### rsync download\n"
[ -d "${VAGRANT_SRC_DIR}/kaz/download" ] &&
rsync -a "${VAGRANT_SRC_DIR}/kaz/download/" /kaz/download/
[ -d "${VAGRANT_SRC_DIR}/kaz/git" ] &&
rsync -a "${VAGRANT_SRC_DIR}/kaz/git/" /kaz/git/
[ -f "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" ] &&
[ ! -f "/kaz/config/dockers.env" ] &&
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" /kaz/config/dockers.env
for type in mail orga proxy withMail withoutMail ; do
[ -f "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" ] &&
[ ! -f "/kaz/config/config/container-${type}.list" ] &&
rsync -a "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" /kaz/config/
done
echo -e "\n #### secretGen\n"
/kaz/bin/secretGen.sh
#possibilité de lancer vagrant up NOKAZ="true" quand on construit la machine
if [ "${NOKAZ}" == "true" ]; then
echo "on ne lance pas install.sh"
else
echo "on lance install.sh"
/kaz/bin/install.sh
fi
# clear apt cache
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y
DEBIAN_FRONTEND=noninteractive apt-get clean
echo "########## ********** End kaz.sh $(date +%D-%T)"
) > >(tee ${DebugLog}stdout.log) 2> >(tee ${DebugLog}stderr.log >&2)

3
files/kaz/config/container-mail.list Normal file
View File

@ -0,0 +1,3 @@
# e-mail server composer
postfix
sympa

1
files/kaz/config/container-orga.list Normal file
View File

@ -0,0 +1 @@
# orga composer

1
files/kaz/config/container-proxy.list Normal file
View File

@ -0,0 +1 @@
proxy

9
files/kaz/config/container-withMail.list Normal file
View File

@ -0,0 +1,9 @@
cloud
dokuwiki
#framadate
garradin
gitea
jirafeau
#mattermost
roundcube
#keycloak

10
files/kaz/config/container-withoutMail.list Normal file
View File

@ -0,0 +1,10 @@
cachet
jirafeau
ethercalc
collabora
ethercalc
etherpad
ldap
quotas
web
#vigilo

120
files/kaz/config/dockers.env Normal file
View File

@ -0,0 +1,120 @@
# Les variables d'environnements utilisées
# par les dockers via le lien :
# .env -> ../../config/dockers.env
#######################################
# prod / dev / local
mode=local
########################################
# choix du domaine
# prod=kaz.bzh / dev=dev.kaz.bzh / local=kaz.local
domain=kaz.local
########################################
# choix du domaine des mails sympa
# prod=kaz.bzh / dev=kaz2.ovh / local=kaz.local
domain_sympa=kaz.local
########################################
# choix d'un serveur partiel
# site=site-2
site=
########################################
# Pour garradin qui met en "dure" dans
# sa config l'URL pour l'atteindre
# prod=https (gandi) / dev=https (letsencrypt) / local=http
httpProto=https
# prod=89.234.186.111 / dev=192.168.57.1 / local=127.0.0.1
MAIN_IP=127.0.0.1
# prod=89.234.186.151 / dev=192.168.57.2 / local=127.0.0.2
SYMPA_IP=127.0.0.2
########################################
# noms des services
# ou www (mais bof)
webHost=
cachetHost=cachet
calcHost=tableur
cloudHost=cloud
dateHost=sondage
dokuwikiHost=wiki
fileHost=depot
garHost=garradin
gitHost=git
gravHost=grav
ldapHost=ldap
matterHost=agora
officeHost=office
padHost=pad
quotasHost=quotas
smtpHost=smtp
sympaHost=listes
vigiloHost=vigilo
webmailHost=webmail
wordpressHost=wp
########################################
# noms des containers
cachetServName=cachetServ
dokuwikiServName=dokuwikiServ
ethercalcServName=ethercalcServ
etherpadServName=etherpadServ
framadateServName=framadateServ
garradinServName=garradinServ
gitServName=gitServ
gravServName=gravServ
jirafeauServName=jirafeauServ
ldapServName=ldapServ
mattermostServName=mattermostServ
nextcloudServName=nextcloudServ
officeServName=officeServ
proxyServName=proxyServ
quotasServName=quotasServ
roundcubeServName=roundcubeServ
smtpServName=mailServ
sympaServName=sympaServ
vigiloServName=vigiloServ
webServName=webServ
wordpressServName=wpServ
cachetDBName=cachetDB
ethercalcDBName=ethercalcDB
etherpadDBName=etherpadDB
framadateDBName=framadateDB
gitDBName=gitDB
mattermostDBName=mattermostDB
nextcloudDBName=nextcloudDB
quotasDBName=quotasDB
roundcubeDBName=roundcubeDB
sympaDBName=sympaDB
vigiloDBName=vigiloDB
wordpressDBName=wpDB
ldapIUName=ldapIU
########################################
# politique de redémarrage
# prod=always / test=unless-stopped / local=no
restartPolicy=no
########################################
# devrait être dans env-jirafeauServ
# mais seuls les variables de ".env" sont
# utilisables pour le montage des volumes
jirafeauDir=/var/jirafeauData/lkuDM16R5Sp4QHr/
ldapRoot=dc=kaz,dc=local
########################################
# services activés par container.sh
# variables d'environneements utilisées
# pour le tmpl du mandataire (proxy)

10
files/keyboard Normal file
View File

@ -0,0 +1,10 @@
# KEYBOARD CONFIGURATION FILE
# Consult the keyboard(5) manual page.
XKBMODEL="pc105"
XKBLAYOUT="fr"
XKBVARIANT="latin9"
XKBOPTIONS="terminate:ctrl_alt_bksp"
BACKSPACE="guess"

315
files/provision.sh Executable file
View File

@ -0,0 +1,315 @@
#!/bin/bash
if [ -z "${KAZGUARD}" ] ; then
exit 1
fi
resize2fs /dev/sda1
DIR=$(cd "$(dirname $0)"; pwd)
cd "${DIR}"
set -e
export VAGRANT_SRC_DIR=/vagrant/files
mkdir -p "${VAGRANT_SRC_DIR}/log/"
export DebugLog="${VAGRANT_SRC_DIR}/log/log-vagrant-$(date +%y-%m-%d-%T)-"
(
echo "########## ********** Start Vagrant $(date +%D-%T)"
#pour la résolution de noms dans /etc/hosts
SERVICES_LIST="smtp mail ldap www depot tableur pad webmail sondage garradin test-garradin wiki git agora cloud office cachet quotas"
# Copie de qques fichiers
cp "${VAGRANT_SRC_DIR}/keyboard" /etc/default/keyboard
# Lock grub (https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1758060.html)
sysctl -w net.ipv4.ip_forward=1
DEBIAN_FRONTEND=noninteractive apt-mark hold grub*
# MAJ et install
sed -i -e 's/main.*/main contrib non-free/' /etc/apt/sources.list
if [ -f "${VAGRANT_SRC_DIR}/.apt-mirror-config" ]; then
# pour ceux qui disposent d'un cache apt local et pas la fibre
# suffit d'indiquer "host:port" dans le fichier ".apt-mirror-config"
. "${VAGRANT_SRC_DIR}/.apt-mirror-config"
sed -i \
-e "s%s\?://deb.debian.org%://${APT_MIRROR_DEBIAN}%g" \
-e "s%s\?://security.debian.org%://${APT_MIRROR_DEBIAN_SECURITY}%g" \
-e "s%s\?://archive.ubuntu.com%://${APT_MIRROR_UBUNTU}%g" \
-e "s%s\?://security.ubuntu.com%://${APT_MIRROR_UBUNTU_SECURITY}%g" \
/etc/apt/sources.list
fi
DEBIAN_FRONTEND=noninteractive apt-get --allow-releaseinfo-change update
DEBIAN_FRONTEND=noninteractive apt-get -y upgrade
DEBIAN_FRONTEND=noninteractive apt-get -y dist-upgrade
DEBIAN_FRONTEND=noninteractive apt-get install -y apg curl git sudo unzip rsync firefox-esr tcpdump net-tools mousepad wireshark swapspace whois ldap-utils # could be with --no-install-recommends
DEBIAN_FRONTEND=noninteractive apt-get install -y xfce4 lightdm xfce4-terminal xserver-xorg gitk # needs to install recommends
ssh-keygen -t rsa -b 4096 -N '' <<<$'\ny'
rsync /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys
# Pour le confort de chacun
# Le fihcier .customDocker.sh contient
# DEBIAN_FRONTEND=noninteractive apt-get install -y joe
# DEBIAN_FRONTEND=noninteractive apt-get install -y emacs
# DEBIAN_FRONTEND=noninteractive apt-get install -y vim
if [ -f "${VAGRANT_SRC_DIR}/.customDocker.sh" ]; then
chmod a+x "${VAGRANT_SRC_DIR}/.customDocker.sh"
"${VAGRANT_SRC_DIR}/.customDocker.sh"
fi
# Localisation du $LANG, en par défaut, timezone Paris
if [ -z "${HOSTLANG}" ] ; then
HOSTLANG="en_US.UTF-8"
fi
echo "Europe/Paris" > /etc/timezone
ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime
dpkg-reconfigure -f noninteractive tzdata
sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
sed -i -e "s/# ${HOSTLANG} /${HOSTLANG} /" /etc/locale.gen
echo "LANG=\"${HOSTLANG}\"">/etc/default/locale
dpkg-reconfigure --frontend=noninteractive locales || true # don't fail for a locales problem
update-locale LANG=${HOSTLANG} || true # don't fail for a locales problem
echo -e "\n #### create user\n"
# Creation des utilisateurs
usermod -p $(mkpasswd --method=sha-512 root) root
useradd -m -s "/bin/bash" -p $(mkpasswd --method=sha-512 debian) debian || true # don't fail if user already exists
# augmentation de la taille de /run si lowmem
#echo "tmpfs /run tmpfs nosuid,noexec,size=26M 0 0" >> /etc/fstab
#mount -o remount /run
# Désactivation de la mise en veille de l'écran
mkdir -p /etc/X11/xorg.conf.d/
rsync -a "${VAGRANT_SRC_DIR}/10-monitor.conf" /etc/X11/xorg.conf.d/
# mv /etc/xdg/autostart/light-locker.desktop /etc/xdg/autostart/light-locker.desktop.bak
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y light-locker
#faut virer exim, il fout la grouille avec le docker postfix
DEBIAN_FRONTEND=noninteractive apt-get remove --purge -y exim4-base exim4-config exim4-daemon-light
#login ssh avec mot de passe
sed -i "s/PasswordAuthentication no/PasswordAuthentication yes/" /etc/ssh/sshd_config
if ! grep -q "PasswordAuthentication yes" /etc/ssh/sshd_config 2>/dev/null; then
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
fi
# autorisation du routing et augmentation inotify
if ! grep -q "net.ipv4.ip_forward" /etc/sysctl.conf 2>/dev/null; then
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
fi
sed -i "s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/" /etc/sysctl.conf
if ! grep -q "fs.inotify.max_queued_events" /etc/sysctl.conf 2>/dev/null; then
echo -e "fs.inotify.max_queued_events=1048576\nfs.inotify.max_user_instances=1048576\nfs.inotify.max_user_watches=1048576" >> /etc/sysctl.conf
fi
sysctl -p
# enable bash autocompletion
if ! grep -q "/usr/share/bash-completion/bash_completion" /etc/bash.bashrc 2>/dev/null; then
cat >> /etc/bash.bashrc <<EOF
# enable bash completion in interactive shells
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
EOF
fi
# XFCE4 panel: use default config
# source: https://forum.xfce.org/viewtopic.php?pid=36585#p36585
rsync -a /etc/xdg/xfce4/panel/default.xml /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
# Permetre l'édition emacs des lignes de commande (exemple "Esc. flèche gauche" pour "déplace d'un mot à gauche")
TERM_CFG=/root/.config/xfce4/terminal/terminalrc
mkdir -p $(dirname "${TERM_CFG}")
touch "${TERM_CFG}"
if ! grep -q "ShortcutsNoMnemonics" "${TERM_CFG}" 2>/dev/null; then
echo -e "[Configuration]\nShortcutsNoMnemonics=TRUE" >> "${TERM_CFG}"
fi
echo -e "\n #### set swapspace\n"
# free swapspace at shutdown
sed -i -e 's/ExecStart=\/usr\/sbin\/swapspace/ExecStart=\/usr\/sbin\/swapspace\nExecStop=\/usr\/sbin\/swapspace -e/' /lib/systemd/system/swapspace.service
systemctl daemon-reload
# limit journald log size
mkdir -p /etc/systemd/journald.conf.d
if [ ! -f /etc/systemd/journald.conf.d/sizelimit.conf ]; then
cat > /etc/systemd/journald.conf.d/sizelimit.conf <<EOF
[Journal]
SystemMaxUse=20M
SystemMaxFileSize=2M
EOF
fi
# KAZ specific things
#installation de docker, docker-compose et on y fourre le user debian dans le groupe idoine
DEBIAN_FRONTEND=noninteractive apt-get install -y docker.io docker-compose docker-clean
usermod -G docker debian
# activation dans alias dans /root/.bashrc
sed -i \
-e 's/^\# alias/alias/g' \
-e 's/^\# export/export/g' \
-e 's/^\# eval/eval/g' \
/root/.bashrc
if ! grep -q "for file in /dockers" /root/.bashrc 2>/dev/null; then
cat >> /root/.bashrc <<EOF
# enable bash completion in interactive shells
if ! shopt -oq posix; then
if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
fi
for file in /kaz/bin/.*-completion.bash ; do
source "\${file}"
done
EOF
fi
# # Localisation du $LANG, en par défaut, timezone Paris
# if [ -z "${KAZBRANCH}" ] ; then
# KAZBRANCH="develop-vm"
# fi
# echo -e "\n #### git checkout ${KAZBRANCH}\n"
#
# # copie des sources
# cd /
# [ -f kaz ] || git clone https://git.kaz.bzh/KAZ/kaz.git
# (cd /kaz ; git checkout "${KAZBRANCH}" )
# find /kaz -name \*.sh -exec chmod a+x {} \;
#
# # pour ceux qui disposent d'un cache apt local et pas la fibre
# if [ -f "${VAGRANT_SRC_DIR}/.apt-mirror-config" ]; then
# rsync -a "${VAGRANT_SRC_DIR}/.apt-mirror-config" /kaz/
# fi
# if [ -f "${VAGRANT_SRC_DIR}/.proxy-config" ]; then
# rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /etc/profile.d/proxy.sh
# rsync -a "${VAGRANT_SRC_DIR}/.proxy-config" /kaz/
# fi
# if [ -f "${VAGRANT_SRC_DIR}/.docker-config.json" ]; then
# mkdir -p /root/.docker
# rsync -a "${VAGRANT_SRC_DIR}/.docker-config.json" /root/.docker/config.json
# fi
# Ajout d'un serveur DNS sur la VM
#*****************ATTENTION: semble inutile. peut-être privilégié les entrées dans /etc/hosts tout simplement ?
DEBIAN_FRONTEND=noninteractive apt-get install -y dnsmasq
#***********DEBUT CERTIF*******************
#*****************ATTENTION: MARCHE PAS (il faut accepter toutes les exceptions de sécurité
echo -e "\n #### mkcert\n"
# Récupérer mkcert et générer la CA
DEBIAN_FRONTEND=noninteractive apt-get install -y libnss3-tools
mkdir -p /root/mkcert
cd /root/mkcert
if [ ! -f mkcert ]; then
wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64 -O mkcert
chmod +x mkcert
mkdir -p /etc/letsencrypt/local/
export CAROOT=/etc/letsencrypt/local/
/root/mkcert/mkcert -install # CA dans /etc/letsencrypt/local/
cd "${CAROOT}"
/root/mkcert/mkcert "*.kaz.local" # cert et clé dans /etc/letsencrypt/local/
mkdir -p /etc/letsencrypt/live/kaz.local/
ln -s ../../local/_wildcard.kaz.local.pem /etc/letsencrypt/live/kaz.local/fullchain.pem
ln -s ../../local/_wildcard.kaz.local-key.pem /etc/letsencrypt/live/kaz.local/privkey.pem
fi
# Essai pour faire accepter la CA à FFOX dès le début
# Add to Firefox store
if [ ! -f /usr/lib/firefox-esr/distribution/policies.json ]; then
cat > /usr/lib/firefox-esr/distribution/policies.json << EOF
{
"policies": {
"Certificates": {
"ImportEnterpriseRoots": true,
"Install": ["/etc/letsencrypt/local/rootCA.pem"]
}
}
}
EOF
fi
#***********FIN CERTIF*******************
#ajout des services dans le host
echo -e "\n #### update /etc/hosts\n"
if ! grep -q "\skaz.local\b" /etc/hosts 2>/dev/null; then
echo "127.0.0.1 kaz.local" >>/etc/hosts
fi
if ! grep -q "\slistes.kaz.local\b" /etc/hosts 2>/dev/null; then
echo "127.0.0.2 listes.kaz.local" >>/etc/hosts
fi
for SERVICE in ${SERVICES_LIST}; do
if ! grep -q "\s${SERVICE}.kaz.local\b" /etc/hosts 2>/dev/null; then
sed -i /etc/hosts \
-e "/\skaz.local\b/ s/$/ ${SERVICE}.kaz.local/"
fi
done
echo -e "\n #### clawsmail\n"
# les scripts de créations de BAL pour clawsmail
cp -ar "${VAGRANT_SRC_DIR}/clawsmail" /
cd /clawsmail
chmod +x addclawsuser.sh
chmod +x genpasswd
#client pour tester la messagerie
DEBIAN_FRONTEND=noninteractive apt-get install -y claws-mail
# On met le KAZGUARD pour la mise au point
echo "export KAZGUARD='true'" >> /root/.bashrc
# echo -e "\n #### rsync download\n"
# [ -d "${VAGRANT_SRC_DIR}/kaz/download" ] &&
# rsync -a "${VAGRANT_SRC_DIR}/kaz/download/" /kaz/download/
# [ -d "${VAGRANT_SRC_DIR}/kaz/git" ] &&
# rsync -a "${VAGRANT_SRC_DIR}/kaz/git/" /kaz/git/
# [ -f "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" ] &&
# [ ! -f "/kaz/config/dockers.env" ] &&
# rsync -a "${VAGRANT_SRC_DIR}/kaz/config/dockers.env" /kaz/config/dockers.env
# for type in mail orga proxy withMail withoutMail ; do
# [ -f "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" ] &&
# [ ! -f "/kaz/config/config/container-${type}.list" ] &&
# rsync -a "${VAGRANT_SRC_DIR}/kaz/config/container-${type}.list" /kaz/config/
# done
#
# echo -e "\n #### secretGen\n"
# /kaz/bin/secretGen.sh
#
# #possibilité de lancer vagrant up NOKAZ="true" quand on construit la machine
# if [ "${NOKAZ}" == "true" ]; then
# echo "on ne lance pas install.sh"
# else
# echo "on lance install.sh"
# /kaz/bin/install.sh
# fi
${VAGRANT_SRC_DIR}/kaz.sh
# clear apt cache
DEBIAN_FRONTEND=noninteractive apt-get autoremove -y
DEBIAN_FRONTEND=noninteractive apt-get clean
echo "########## ********** End Vagrant $(date +%D-%T)"
) > >(tee ${DebugLog}stdout.log) 2> >(tee ${DebugLog}stderr.log >&2)
reboot

15
files/test.html Normal file
View File

@ -0,0 +1,15 @@
<html>
<a href="https://kaz.local">https://kaz.local</a><br/>
<a href="https://www.kaz.local">https://www.kaz.local</a><br/>
<a href="https://depot.kaz.local">https://depot.kaz.local</a><br/>
<a href="https://tableur.kaz.local">https://tableur.kaz.local</a><br/>
<a href="https://pad.kaz.local">https://pad.kaz.local</a><br/>
<a href="https://webmail.kaz.local">https://webmail.kaz.local</a><br/>
<a href="https://sondage.kaz.local">https://sondage.kaz.local</a><br/>
<a href="https://test-garradin.kaz.local">https://test-garradin.kaz.local</a><br/>
<a href="https://wiki.kaz.local">https://wiki.kaz.local</a><br/>
<a href="https://git.kaz.local">https://git.kaz.local</a><br/>
<a href="https://office.kaz.local">https://office.kaz.local</a><br/>
<a href="https://cloud.kaz.local">https://cloud.kaz.local</a><br/>
<a href="https://agora.kaz.local">https://agora.kaz.local</a><br/>
</html>