vasilito/RedBear-OS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
RedBear-OS/config/x86_64/server-demo.toml
T
vasilito 61e1a1335c Migrate all init scripts from legacy format to .service TOML units 
Convert 14 config files from the legacy init script format (plain-text
commands) to the systemd-style TOML .service format. The init daemon
supports both formats; this eliminates the legacy path entirely so that
all services use the richer, more structured TOML unit format.

Key changes per config:
- base.toml: split 00_base into 00_base.service (tmpdir) + 00_sudo.service
  (sudo daemon); remove redundant 00_drivers and 10_net (handled by
  existing .service files from the base recipe)
- minimal.toml: split 30_console into 29_activate_console.service +
  30_console.service + 31_debug_console.service
- desktop-minimal.toml: convert 20_display and 30_console to .service,
  add 29_activate_console and 31_debug_console overrides
- x11.toml: convert 10_dbus, 10_xenv, 20_orbital, 30_console
- redoxer.toml: split 10_net into 10_smolnetd.service + 10_dhcpd.service,
  convert 30_redoxer
- redbear-legacy-*.toml: update override references to .service paths
- acid.toml, auto-test.toml, os-test.toml, sys-build.toml: direct conversions
2026-04-25 12:20:09 +01:00

324 lines
6.1 KiB
TOML
Raw Permalink Blame History

# Configuration for server stack demonstration
include = ["../server.toml"]
# General settings
[general]
# Filesystem size in MiB
filesystem_size = 4096
# Package settings
[packages]
# Daemons
openssh = {}
nginx = {}
rustysd = {}
# Backends
php84 = {}
composer = {}
luajit = {}
python312 = {}
# go = {}
# zig = {}
# Tools
nano = {}
neovim = {}
rsync = {}
vim = {}
sqlite3 = {}
# tmux = {}
htop = {}
# Content
website = {}
[[files]]
path = "/usr/lib/init.d/98_keygen_sh.service"
data = """
[unit]
description = "SSH key generation"
requires_weak = ["00_base.target"]
[service]
cmd = "bash"
args = ["/root/keygen.sh"]
type = "oneshot"
"""
[[files]]
path = "/usr/lib/init.d/99_rustysd.service"
data = """
[unit]
description = "Rustysd service manager"
requires_weak = ["98_keygen_sh.service"]
[service]
cmd = "rustysd"
args = ["--conf", "/etc/rustysd"]
envs = { RSDCTL_ADDR = "/var/run/rustysd/control.socket" }
type = "oneshot_async"
"""
[[files]]
path = "/etc/rustysd/system/network-online.target"
data = """
[Unit]
Description=The target after networks has online
[Install]
WantedBy=default.target
"""
[[files]]
path = "/etc/rustysd/system/multi-user.target"
data = """
[Unit]
Description=The target after user administrations has online
[Install]
WantedBy=default.target
"""
[[files]]
path = "/etc/rustysd/system/nginx.service"
data = """
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/nginx -g "daemon off;"
[Install]
WantedBy=multi-user.target
"""
[[files]]
path = "/etc/rustysd/system/ssh.service"
data = """
[Unit]
Description=OpenBSD Secure Shell server
After=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/sshd -D
[Install]
WantedBy=multi-user.target
"""
[[files]]
path = "/etc/rustysd/system/php.service"
data = """
[Unit]
Description=OpenBSD Secure Shell server
After=network-online.target
[Service]
Type=simple
# currently php-fpm not that quite work
ExecStart=env PWD=/var/www/html php -S localhost:9000
# ExecStart=/usr/bin/php-fpm --fpm-config /etc/php/84/php-fpm.conf --nodaemonize
[Install]
WantedBy=multi-user.target
"""
[[files]]
path = "/var/www/html/index.php"
data = """
<?php
echo "Hello from PHP on Red Bear OS!";
"""
[[files]]
path = "/var/www/html/phpinfo.php"
data = """
<?php phpinfo();
"""
[[files]]
path = "/var/www/html/README"
data = """
This is a demonstration into PHP server.
At the moment to run composer you have to run it like:
> php /bin/composer install
"""
[[files]]
postinstall = true
data = ""
path = "/etc/nginx/conf.d"
directory = true
[[files]]
postinstall = true
path = "/etc/nginx/nginx.conf"
data = """
user nginx;
# currently nginx does a lot spin locking for some reason
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
include mime.types;
include fastcgi.conf;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
"""
[[files]]
postinstall = true
path = "/etc/nginx/conf.d/localhost.conf"
data = """
server {
listen 80;
server_name localhost;
root /usr/share/website;
absolute_redirect off;
location / {
index index.html index.htm;
}
}
"""
[[files]]
postinstall = true
path = "/etc/nginx/conf.d/php-www.conf"
data = """
server {
listen 8081;
server_name localhost;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location ~ \\.php$ {
# because we're not using PHP FPM (see rustysd php.service)
# include fastcgi_params;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
proxy_pass http://127.0.0.1:9000;
}
}
"""
[[files]]
postinstall = true
path = "/etc/php/84/php-fpm.conf"
data = """
error_log=/var/log/php-fpm.log
include=/etc/php/84/php-fpm.d/*.conf
"""
[[files]]
postinstall = true
path = "/etc/php/84/php-fpm.d/www.conf"
data = """
[www]
user = user
group = user
listen = 127.0.0.1:9000
pm = static
pm.max_children = 1
"""
[[files]]
postinstall = true
path = "/etc/ssh/sshd_config"
data = """
Port 22
AddressFamily inet
AuthorizedKeysFile .ssh/authorized_keys
PermitRootLogin yes
PasswordAuthentication yes
PermitEmptyPasswords yes
Subsystem sftp /usr/libexec/sftp-server
"""
[users.nobody]
password = ""
shell = "/usr/bin/ion" #TODO: nologin?
[users.nginx]
password = ""
shell = "/usr/bin/ion" #TODO: nologin?
[[files]]
path = "/root/keygen.sh"
data = """
#!/usr/bin/env bash
if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ""
fi
"""
[[files]]
path = "/home/user/server.sh"
data = """
#!/usr/bin/env bash
/bin/sshd -D &
nginx -g "daemon off;" &
php-fpm --nodaemonize &
"""
[[files]]
path = "/home/user/Welcome.txt"
data = """
##############################################################################
# Welcome to Red Bear OS Server Demo!
#
# This is a quick demonstration of Red Bear OS used as server stack.
# At the moment we support SSH, NGINX, Python, PHP. There's more to come
#
# This server demo is insecure by design, we encourage you to get familiar into
# basics of server security if you wish to use this as a production server.
#
# There should be rustysd already running, if not, you can try start it manually
# > sudo rustysd --conf /etc/rustysd
#
# You can also try running all daemons manually
# > sudo bash server.sh
#
# The server will start port 22 (ssh), 80 (static web) and 8081 (php)
# If you use the Red Bear OS build system, starting QEMU with `net=redir`
# should expose those port to 8022, 8080 and 8081.
# Try logging in to console via SSH with `ssh user@localhost -p 8022`
#
##############################################################################
"""
Reference in New Issue View Git Blame Copy Permalink