pijul-suite/INSTALL.md
2024-07-22 20:56:35 +03:00

2.6 KiB

install crates-pijul, pijul id new, pil21
clone pijul-tests manually, run braid.sh first time, del pijul-tests

cat .profile
ulimit -s unlimited
ulimit -c unlimited
export TZ="Europe/Riga"
export EDITOR=micro
export PATH=$PATH:~/pil21:~/pijul/target/release:~/.cargo/bin
alias xup='sudo pacman -Syu'
alias mi='micro'
alias xup='sudo pacman -Syu'
alias g1='git commit -aqm . && git push -q'
alias pdb='pijul reset --force && pijul pull -a && cargo update && nice cargo build --release'
alias pi='pijul'
alias pin='pijul pull -a'
alias pir='pijul rec -am"."'
alias pis='pijul diff --short --untracked'
alias pre='pijul record -am"." && pijul push -a'

apk add bash cronie, switch

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/suite/pil21:/home/suite/pijul/target/release:/home/suite/.cargo/bin
0 4 * * *       /home/suite/pijul-suite/start.l -main 1>/dev/null 2>&1

acme.sh --register-account -m tankf33der@disroot.org
acme.sh --issue -d pulsar.pb1n.de -w /var/www/localhost/htdocs --keylength ec-256
acme.sh --install-cert -d pulsar.pb1n.de --key-file /etc/lighttpd/pulsar.key --fullchain-file /etc/lighttpd/pulsar.pem

apk add opensmptd
rc-update add smptd
cat secrets
myrelay mpech@envs.net:qwerty123
cat smtpd.conf
table aliases file:/etc/smtpd/aliases
table secrets file:/etc/smtpd/secrets
listen on lo
action "local" maildir alias <aliases>
action "relay" relay host smtp+tls://myrelay@mail.envs.net:587 auth <secrets>
match for local action "local"
match from local for any action "relay"

server.bind = "0.0.0.0"
server.port = "80"
$SERVER["socket"] == "[::]:80" {  }
server.document-root = "/var/www/localhost/htdocs"
server.username      = "lighttpd"
server.groupname     = "lighttpd"
server.pid-file      = "/run/lighttpd.pid"
# accesslog.filename     = "/var/log/lighttpd/access.log"
server.modules = (
        "mod_redirect",
        "mod_dirlisting",
        "mod_openssl",
        "mod_setenv",
        # "mod_accesslog"
)
dir-listing.activate = "enable"
dir-listing.set-footer = "lighttpd"

url.redirect = ("^[^?]*/$" => "$0?C=M&O=A")

$HTTP["scheme"] == "http" {
    url.redirect = ("" => "https://${url.authority}${url.path}${qsa}")
}

ssl.privkey = "/etc/lighttpd/pulsar.key"
ssl.pemfile = "/etc/lighttpd/pulsar.pem"
$SERVER["socket"] == "*:443" {ssl.engine  = "enable"}
$SERVER["socket"] == "[::]:443" {ssl.engine  = "enable"}
var.response_header_policy = (
  "strict-transport-security" => "max-age=63072000; includeSubDomains; preload",
  "x-frame-options" => "DENY",
  "x-content-type-options" => "nosniff",
  "x-xss-protection" => "1; mode=block",
  "permissions-policy" => "interest-cohort=()"
)
setenv.set-response-header += var.response_header_policy