diff options
| author | nonlinear <matthew@wishek.com> | 2018-12-15 14:00:00 -0800 |
|---|---|---|
| committer | nonlinear <matthew@wishek.com> | 2018-12-15 14:00:00 -0800 |
| commit | 75f2177d5b68d610b859c18eddb14540d1ee92b5 (patch) | |
| tree | 9dbf12688a51c123f2dd0896dab57c9b5dedc7b0 /installation | |
| parent | 04513a13e0430a72228280739dc401089c7dc8b3 (diff) | |
Update/add OpenBSD config files
Diffstat (limited to 'installation')
| -rw-r--r-- | installation/openbsd/httpd.conf | 36 | ||||
| -rwxr-xr-x | installation/openbsd/rc.d/pleromad | 34 | ||||
| -rw-r--r-- | installation/openbsd/relayd.conf | 44 | ||||
| -rwxr-xr-x | installation/rc.d/pleromad | 26 |
4 files changed, 114 insertions, 26 deletions
diff --git a/installation/openbsd/httpd.conf b/installation/openbsd/httpd.conf new file mode 100644 index 000000000..82f4803fd --- /dev/null +++ b/installation/openbsd/httpd.conf @@ -0,0 +1,36 @@ +# +# Default httpd.conf file for Pleroma on OpenBSD +# Simple installation instructions +# 1. Place file in /etc +# 2. Replace <IPv4 address> with your public IP address +# 3. If using IPv6, uncomment IPv6 lines and replace <IPv6 address> with your public IPv6 address +# 4. Check file using 'doas httpd -n' +# 5. Enable and start httpd: +# # doas rcctl enable httpd +# # doas rcctl start httpd +# + +ext_inet="<IPv4 address>" +#ext_inet6="<IPv6 address>" + +server "default" { + listen on $ext_inet port 80 # Comment to disable listening on IPv4 +# listen on $ext_inet6 port 80 # Comment to disable listening on IPv6 + listen on 127.0.0.1 port 80 # Do NOT comment this line + + log syslog + directory no index + + location "/.well-known/acme-challenge/*" { + root "/acme" + request strip 2 + } + + location "/robots.txt" { root "/htdocs/local/" } + location "/*" { block return 302 "https://$HTTP_HOST$REQUEST_URI" } +} + +types { + include "/usr/share/misc/mime.types" +} + diff --git a/installation/openbsd/rc.d/pleromad b/installation/openbsd/rc.d/pleromad new file mode 100755 index 000000000..19ac4bb51 --- /dev/null +++ b/installation/openbsd/rc.d/pleromad @@ -0,0 +1,34 @@ +#!/bin/ksh +# +# Default init file for Pleroma on OpenBSD +# +# Simple installation instructions: +# 1. Install Pleroma per wiki instructions +# 2. Place this pleromad file in /etc/rc.d +# 3. Enable and start Pleroma +# # doas rcctl enable pleromad +# # doas rcctl start pleromad +# + +daemon="/usr/local/bin/elixir" +daemon_flags="--detached -S /usr/local/bin/mix phx.server" +daemon_user="_pleroma" + +. /etc/rc.d/rc.subr + +rc_reload=NO +pexp="phx.server" + +rc_check() { + pgrep -q -U _pleroma -f "phx.server" +} + +rc_start() { + ${rcexec} "cd pleroma; ${daemon} ${daemon_flags}" +} + +rc_stop() { + pkill -q -U _pleroma -f "phx.server" +} + +rc_cmd $1 diff --git a/installation/openbsd/relayd.conf b/installation/openbsd/relayd.conf new file mode 100644 index 000000000..31c2c1129 --- /dev/null +++ b/installation/openbsd/relayd.conf @@ -0,0 +1,44 @@ +# +# Default relayd.conf file for Pleroma on OpenBSD +# Simple installation instructions: +# 1. Place in /etc +# 2. Replace <ipaddr> with your public IPv4 address +# 3. If using IPv6i, uncomment IPv6 lines and replace <ip6addr> with your public IPv6 address +# 4. Check file using 'doas relayd -n' +# 5. Reload/start relayd +# # doas rcctl enable relayd +# # doas rcctl start relayd +# + +ext_inet="<ipaddr>" +#ext_inet6="<ip6addr>" + +table <pleroma_server> { 127.0.0.1 } +table <httpd_server> { 127.0.0.1 } + +http protocol plerup { # Protocol for upstream pleroma server + #tcp { nodelay, sack, socket buffer 65536, backlog 128 } # Uncomment and adjust as you see fit + tls ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA0-POLY1305" + tls ecdhe secp384r1 + + # Forward some paths to the local server (as pleroma won't respond to them as you might want) + pass request quick path "/robots.txt" forward to <httpd_server> + + # Append a bunch of headers + match request header append "X-Forwarded-For" value "$REMOTE_ADDR" # This two header and the next one are not strictl required by pleroma but adding them won't hurt + match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" + + match request header append "Connection" value "upgrade" + +} + +relay wwwtls { + listen on $ext_inet port https tls # Comment to disable listening on IPv4 +# listen on $ext_inet6 port https tls # Comment to disable listening on IPv6 + + protocol plerup + + forward to <pleroma_server> port 4000 check http "/" code 200 + forward to <httpd_server> port 80 check http "/robots.txt" code 200 +} + diff --git a/installation/rc.d/pleromad b/installation/rc.d/pleromad deleted file mode 100755 index b19ce1e74..000000000 --- a/installation/rc.d/pleromad +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/ksh -# - -daemon="/usr/local/bin/elixir" -daemon_flags="--detached -S /usr/local/bin/mix phx.server" -daemon_user="_pleroma" - -. /etc/rc.d/rc.subr - -rc_reload=NO -#pexp="/usr/local/lib/erlang19/erts-8.3/bin/beam -- -root /usr/local/lib/erlang19 -progname erl19 -- -home /home/_pleroma -- -pa /usr/local/lib/elixir/bin/../lib/eex/ebin /usr/local/lib/elixir/bin/../lib/elixir/ebin /usr/local/lib/elixir/bin/../lib/ex_unit/ebin /usr/local/lib/elixir/bin/../lib/iex/ebin /usr/local/lib/elixir/bin/../lib/logger/ebin /usr/local/lib/elixir/bin/../lib/mix/ebin -elixir ansi_enabled true -noshell -s elixir start_cli -noshell -noinput -extra --detached -S /usr/local/bin/mix phx.server" -pexp="phx.server" - -rc_check() { - pgrep -q -U _pleroma -f "phx.server" -} - -rc_start() { - ${rcexec} "cd pleroma; ${daemon} ${daemon_flags}" -} - -rc_stop() { - pkill -q -U _pleroma -f "phx.server" -} - -rc_cmd $1 |