From af9c83c071414690302ceb5671d473bdcdf278f9 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:00:30 +0100 Subject: [PATCH 01/19] svn: remove this directory as cruft --- svn/cpanpm/hooks/post-commit | 42 --- svn/pause/hooks/commit-email.pl | 583 -------------------------------- svn/pause/hooks/post-commit | 43 --- 3 files changed, 668 deletions(-) delete mode 100755 svn/cpanpm/hooks/post-commit delete mode 100755 svn/pause/hooks/commit-email.pl delete mode 100755 svn/pause/hooks/post-commit diff --git a/svn/cpanpm/hooks/post-commit b/svn/cpanpm/hooks/post-commit deleted file mode 100755 index 154836029..000000000 --- a/svn/cpanpm/hooks/post-commit +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/sh - -# POST-COMMIT HOOK -# -# The post-commit hook is invoked after a commit. Subversion runs -# this hook by invoking a program (script, executable, binary, -# etc.) named `post-commit' (for which -# this file is a template) with the following ordered arguments: -# -# [1] REPOS-PATH (the path to this repository) -# [2] REV (the number of the revision just committed) -# -# Because the commit has already completed and cannot be undone, -# the exit code of the hook program is ignored. The hook program -# can use the `svnlook' utility to help it examine the -# newly-committed tree. -# -# On a Unix system, the normal procedure is to have `post-commit' -# invoke other programs to do the real work, though it may do the -# work itself too. -# -# Note that `post-commit' must be executable by the user(s) who will -# invoke it (typically the user httpd runs as), and that user must -# have filesystem-level permission to access the repository. -# -# On a Windows system, you should name the hook program -# `post-commit.bat' or `post-commit.exe', -# but the basic idea is the same. -# -# Here is an example hook script, for a Unix /bin/sh interpreter: - -REPOS="$1" -REV="$2" - -/home/SVN/repos/pause/hooks/commit-email.pl "$REPOS" "$REV" cpanpm-code-commits -# log-commit.py --repository "$REPOS" --revision "$REV" - -# -commit-email.pl "$REPOS" "$REV" commit-watchers@example.org -# -log-commit.py --repository "$REPOS" --revision "$REV" -# +/usr/local/public-svn/Perl-Repository-APC/hooks/commit-email.pl "$REPOS" "$REV" - # k@k242.linux.bogus -# +# log-commit.py --repository "$REPOS" --revision "$REV" diff --git a/svn/pause/hooks/commit-email.pl b/svn/pause/hooks/commit-email.pl deleted file mode 100755 index 7fd69092e..000000000 --- a/svn/pause/hooks/commit-email.pl +++ /dev/null @@ -1,583 +0,0 @@ -#!/usr/bin/perl -w - -# ==================================================================== -# commit-email.pl: send a commit email for commit REVISION in -# repository REPOS to some email addresses. -# -# For usage, see the usage subroutine or run the script with no -# command line arguments. -# -# $HeadURL: http://svn.collab.net/repos/svn/http://svn.collab.net/repos/svn/branches/release-0.19.1/tools/hook-scripts/commit-email.pl.in $ -# $LastChangedDate: 2003-02-08 12:26:25 -0500 (Sat, 08 Feb 2003) $ -# $LastChangedBy: dwhedon $ -# $LastChangedRevision: 4797 $ -# -# ==================================================================== -# Copyright (c) 2000-2003 CollabNet. All rights reserved. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at http://subversion.tigris.org/license-1.html. -# If newer versions of this license are posted there, you may use a -# newer version instead, at your option. -# -# This software consists of voluntary contributions made by many -# individuals. For exact contribution history, see the revision -# history and logs, available at http://subversion.tigris.org/. -# ==================================================================== - -use strict; -use Carp; - -###################################################################### -# Configuration section. - -# Sendmail path. -my $sendmail = "/usr/sbin/sendmail"; - -# Svnlook path. -my $svnlook = "/usr/bin/svnlook"; - -# By default, when a file is deleted from the repository, svnlook diff -# prints the entire contents of the file. If you want to save space -# in the log and email messages by not printing the file, then set -# $no_diff_deleted to 1. -my $no_diff_deleted = 0; - -# Since the path to svnlook depends upon the local installation -# preferences, check that the required programs exist to insure that -# the administrator has set up the script properly. -{ - my $ok = 1; - foreach my $program ($sendmail, $svnlook) - { - if (-e $program) - { - unless (-x $program) - { - warn "$0: required program `$program' is not executable, ", - "edit $0.\n"; - $ok = 0; - } - } - else - { - warn "$0: required program `$program' does not exist, edit $0.\n"; - $ok = 0; - } - } - exit 1 unless $ok; -} - - -###################################################################### -# Initial setup/command-line handling. - -# Each value in this array holds a hash reference which contains the -# associated email information for one project. Start with an -# implicit rule that matches all paths. -my @project_settings_list = (&new_project); - -# Process the command line arguments till there are none left. The -# first two arguments that are not used by a command line option are -# the repository path and the revision number. -my $repos; -my $rev; - -# Use the reference to the first project to populate. -my $current_project = $project_settings_list[0]; - -# This hash matches the command line option to the hash key in the -# project. If a key exists but has a false value (''), then the -# command line option is allowed but requires special handling. -my %opt_to_hash_key = ('--from' => 'from_address', - '-h' => 'hostname', - '-l' => 'log_file', - '-m' => '', - '-r' => 'reply_to', - '-s' => 'subject_prefix'); - -while (@ARGV) - { - my $arg = shift @ARGV; - if ($arg =~ /^-/) - { - my $hash_key = $opt_to_hash_key{$arg}; - unless (defined $hash_key) - { - die "$0: command line option `$arg' is not recognized.\n"; - } - - unless (@ARGV) - { - die "$0: command line option `$arg' is missing a value.\n"; - } - my $value = shift @ARGV; - - if ($hash_key) - { - $current_project->{$hash_key} = $value; - } - else - { - # Here handle -m. - unless ($arg eq '-m') - { - die "$0: internal error: should only handle -m here.\n"; - } - $current_project = &new_project; - $current_project->{match_regex} = $value; - push(@project_settings_list, $current_project); - } - } - elsif ($arg =~ /^-/) - { - die "$0: command line option `$arg' is not recognized.\n"; - } - else - { - if (! defined $repos) - { - $repos = $arg; - } - elsif (! defined $rev) - { - $rev = $arg; - } - else - { - push(@{$current_project->{email_addresses}}, $arg); - } - } - } - -# If the revision number is undefined, then there were not enough -# command line arguments. -&usage("$0: too few arguments.") unless defined $rev; - -# Check the validity of the command line arguments. Check that the -# revision is an integer greater than 0 and that the repository -# directory exists. -unless ($rev =~ /^\d+/ and $rev > 0) - { - &usage("$0: revision number `$rev' must be an integer > 0."); - } -unless (-e $repos) - { - &usage("$0: repos directory `$repos' does not exist."); - } -unless (-d _) - { - &usage("$0: repos directory `$repos' is not a directory."); - } - -# Check that all of the regular expressions can be compiled and -# compile them. -{ - my $ok = 1; - for (my $i=0; $i<@project_settings_list; ++$i) - { - my $match_regex = $project_settings_list[$i]->{match_regex}; - - # To help users that automatically write regular expressions - # that match the root directory using ^/, remove the / character - # because subversion paths, while they start at the root level, - # do not begin with a /. - $match_regex =~ s#^\^/#^#; - - my $match_re; - eval { $match_re = qr/$match_regex/ }; - if ($@) - { - warn "$0: -m regex #$i `$match_regex' does not compile:\n$@\n"; - $ok = 0; - next; - } - $project_settings_list[$i]->{match_re} = $match_re; - } - exit 1 unless $ok; -} - -###################################################################### -# Harvest data using svnlook. - -# Change into /tmp so that svnlook diff can create its .svnlook -# directory. -my $tmp_dir = '/tmp'; -chdir($tmp_dir) - or die "$0: cannot chdir `$tmp_dir': $!\n"; - -# Get the author, date, and log from svnlook. -my @svnlooklines = &read_from_process($svnlook, 'info', $repos, '-r', $rev); -my $author = shift @svnlooklines; -my $date = shift @svnlooklines; -shift @svnlooklines; -my @log = map { "$_\n" } @svnlooklines; - -# Figure out what directories have changed using svnlook. -my @dirschanged = &read_from_process($svnlook, 'dirs-changed', $repos, - '-r', $rev); - -# Lose the trailing slash in the directory names if one exists, except -# in the case of '/'. -my $rootchanged = 0; -for (my $i=0; $i<@dirschanged; ++$i) - { - if ($dirschanged[$i] eq '/') - { - $rootchanged = 1; - } - else - { - $dirschanged[$i] =~ s#^(.+)[/\\]$#$1#; - } - } - -# Figure out what files have changed using svnlook. -@svnlooklines = &read_from_process($svnlook, 'changed', $repos, '-r', $rev); - -# Parse the changed nodes. -my @adds; -my @dels; -my @mods; -foreach my $line (@svnlooklines) - { - my $path = ''; - my $code = ''; - - # Split the line up into the modification code and path, ignoring - # property modifications. - if ($line =~ /^(.). (.*)$/) - { - $code = $1; - $path = $2; - } - - if ($code eq 'A') - { - push(@adds, $path); - } - elsif ($code eq 'D') - { - push(@dels, $path); - } - else - { - push(@mods, $path); - } - } - -# Get the diff from svnlook. -my @no_diff_deleted = $no_diff_deleted ? ('--no-diff-deleted') : (); -my @difflines = &read_from_process($svnlook, 'diff', $repos, - '-r', $rev, @no_diff_deleted); - -###################################################################### -# Modified directory name collapsing. - -# Collapse the list of changed directories only if the root directory -# was not modified, because otherwise everything is under root and -# there's no point in collapsing the directories, and only if more -# than one directory was modified. -my $commondir = ''; -if (!$rootchanged and @dirschanged > 1) - { - my $firstline = shift @dirschanged; - my @commonpieces = split('/', $firstline); - foreach my $line (@dirschanged) - { - my @pieces = split('/', $line); - my $i = 0; - while ($i < @pieces and $i < @commonpieces) - { - if ($pieces[$i] ne $commonpieces[$i]) - { - splice(@commonpieces, $i, @commonpieces - $i); - last; - } - $i++; - } - } - unshift(@dirschanged, $firstline); - - if (@commonpieces) - { - $commondir = join('/', @commonpieces); - my @new_dirschanged; - foreach my $dir (@dirschanged) - { - if ($dir eq $commondir) - { - $dir = '.'; - } - else - { - $dir =~ s#^$commondir/##; - } - push(@new_dirschanged, $dir); - } - @dirschanged = @new_dirschanged; - } - } -my $dirlist = join(' ', @dirschanged); - -###################################################################### -# Assembly of log message. - -# Put together the body of the log message. -my @body; -push(@body, "Author: $author\n"); -push(@body, "Date: $date\n"); -push(@body, "New Revision: $rev\n"); -push(@body, "\n"); -if (@adds) - { - @adds = sort @adds; - push(@body, "Added:\n"); - push(@body, map { " $_\n" } @adds); - } -if (@dels) - { - @dels = sort @dels; - push(@body, "Removed:\n"); - push(@body, map { " $_\n" } @dels); - } -if (@mods) - { - @mods = sort @mods; - push(@body, "Modified:\n"); - push(@body, map { " $_\n" } @mods); - } -push(@body, "Log:\n"); -push(@body, @log); -push(@body, "\n"); -push(@body, map { /[\r\n]+$/ ? $_ : "$_\n" } @difflines); - -# Go through each project and see if there are any matches for this -# project. If so, send the log out. -foreach my $project (@project_settings_list) - { - my $match_re = $project->{match_re}; - my $match = 0; - foreach my $path (@dirschanged, @adds, @dels, @mods) - { - if ($path =~ $match_re) - { - $match = 1; - last; - } - } - - next unless $match; - - my @email_addresses = @{$project->{email_addresses}}; - my $userlist = join(' ', @email_addresses); - my $from_address = $project->{from_address}; - my $hostname = $project->{hostname}; - my $log_file = $project->{log_file}; - my $reply_to = $project->{reply_to}; - my $subject_prefix = $project->{subject_prefix}; - my $subject; - - if ($commondir ne '') - { - $subject = "rev $rev - in $commondir: $dirlist"; - } - else - { - $subject = "rev $rev - $dirlist"; - } - if ($subject_prefix =~ /\w/) - { - $subject = "$subject_prefix $subject"; - } - my $mail_from = $author; - - if ($from_address =~ /\w/) - { - $mail_from = $from_address; - } - elsif ($hostname =~ /\w/) - { - $mail_from = "$mail_from\@$hostname"; - } - - my @head; - push(@head, "To: $userlist\n"); - push(@head, "From: $mail_from\n"); - push(@head, "Subject: $subject\n"); - push(@head, "Reply-to: $reply_to\n") if $reply_to; - - ### Below, we set the content-type etc, but see these comments - ### from Greg Stein on why this is not a full solution. - # - # From: Greg Stein - # Subject: Re: svn commit: rev 2599 - trunk/tools/cgi - # To: dev@subversion.tigris.org - # Date: Fri, 19 Jul 2002 23:42:32 -0700 - # - # Well... that isn't strictly true. The contents of the files - # might not be UTF-8, so the "diff" portion will be hosed. - # - # If you want a truly "proper" commit message, then you'd use - # multipart MIME messages, with each file going into its own part, - # and labeled with an appropriate MIME type and charset. Of - # course, we haven't defined a charset property yet, but no biggy. - # - # Going with multipart will surely throw out the notion of "cut - # out the patch from the email and apply." But then again: the - # commit emailer could see that all portions are in the same - # charset and skip the multipart thang. - # - # etc etc - # - # Basically: adding/tweaking the content-type is nice, but don't - # think that is the proper solution. - push(@head, "Content-Type: text/plain; charset=UTF-8\n"); - push(@head, "Content-Transfer-Encoding: 8bit\n"); - - push(@head, "\n"); - - if ($sendmail =~ /\w/ and @email_addresses) - { - # Open a pipe to sendmail. - my $command = "$sendmail $userlist"; - if (open(SENDMAIL, "| $command")) - { - print SENDMAIL @head, @body; - close SENDMAIL - or warn "$0: error in closing `$command' for writing: $!\n"; - } - else - { - warn "$0: cannot open `| $command' for writing: $!\n"; - } - } - - # Dump the output to logfile (if its name is not empty). - if ($log_file =~ /\w/) - { - if (open(LOGFILE, ">> $log_file")) - { - print LOGFILE @head, @body; - close LOGFILE - or warn "$0: error in closing `$log_file' for appending: $!\n"; - } - else - { - warn "$0: cannot open `$log_file' for appending: $!\n"; - } - } - } - -exit 0; - -sub usage -{ - warn "@_\n" if @_; - die "usage: $0 REPOS REVNUM [[-m regex] [options] [email_addr ...]] ...\n", - "options are\n", - " --from email_address Email address for 'From:' (overrides -h)\n", - " -h hostname Hostname to append to author for 'From:'\n", - " -l logfile Append mail contents to this log file\n", - " -m regex Regular expression to match committed path\n", - " -r email_address Email address for 'Reply-To:'\n", - " -s subject_prefix Subject line prefix\n", - "\n", - "This script supports a single repository with multiple projects,\n", - "where each project receives email only for commits that modify that\n", - "project. A project is identified by using the -m command line\n", - "with a regular expression argument. If a commit has a path that\n", - "matches the regular expression, then the entire commit matches.\n", - "Any of the following -h, -l, -r and -s command line options and\n", - "following email addresses are associated with this project. The\n", - "next -m resets the -h, -l, -r and -s command line options and the\n", - "list of email addresses.\n", - "\n", - "To support a single project conveniently, the script initializes\n", - "itself with an implicit -m . rule that matches any modifications\n", - "to the repository. Therefore, to use the script for a single\n", - "project repository, just use the other comand line options and\n", - "a list of email addresses on the command line. If you do not want\n", - "a project that matches the entire repository, then use a -m with a\n", - "regular expression before any other command line options or email\n", - "addresses.\n"; -} - -# Return a new hash data structure for a new empty project that -# matches any modifications to the repository. -sub new_project -{ - return {email_addresses => [], - from_address => '', - hostname => '', - log_file => '', - match_regex => '.', - reply_to => '', - subject_prefix => ''}; -} - -# Start a child process safely without using /bin/sh. -sub safe_read_from_pipe -{ - unless (@_) - { - croak "$0: safe_read_from_pipe passed no arguments.\n"; - } - - my $pid = open(SAFE_READ, '-|'); - unless (defined $pid) - { - die "$0: cannot fork: $!\n"; - } - unless ($pid) - { - open(STDERR, ">&STDOUT") - or die "$0: cannot dup STDOUT: $!\n"; - exec(@_) - or die "$0: cannot exec `@_': $!\n"; - } - my @output; - while () - { - s/[\r\n]+$//; - push(@output, $_); - } - close(SAFE_READ); - my $result = $?; - my $exit = $result >> 8; - my $signal = $result & 127; - my $cd = $result & 128 ? "with core dump" : ""; - if ($signal or $cd) - { - warn "$0: pipe from `@_' failed $cd: exit=$exit signal=$signal\n"; - } - if (wantarray) - { - return ($result, @output); - } - else - { - return $result; - } -} - -# Use safe_read_from_pipe to start a child process safely and return -# the output if it succeeded or an error message followed by the output -# if it failed. -sub read_from_process -{ - unless (@_) - { - croak "$0: read_from_process passed no arguments.\n"; - } - my ($status, @output) = &safe_read_from_pipe(@_); - if ($status) - { - return ("$0: `@_' failed with this output:", @output); - } - else - { - return @output; - } -} diff --git a/svn/pause/hooks/post-commit b/svn/pause/hooks/post-commit deleted file mode 100755 index 06a2cc7b2..000000000 --- a/svn/pause/hooks/post-commit +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/sh - -# POST-COMMIT HOOK -# -# The post-commit hook is invoked after a commit. Subversion runs -# this hook by invoking a program (script, executable, binary, -# etc.) named `post-commit' (for which -# this file is a template) with the following ordered arguments: -# -# [1] REPOS-PATH (the path to this repository) -# [2] REV (the number of the revision just committed) -# -# Because the commit has already completed and cannot be undone, -# the exit code of the hook program is ignored. The hook program -# can use the `svnlook' utility to help it examine the -# newly-committed tree. -# -# On a Unix system, the normal procedure is to have `post-commit' -# invoke other programs to do the real work, though it may do the -# work itself too. -# -# Note that `post-commit' must be executable by the user(s) who will -# invoke it (typically the user httpd runs as), and that user must -# have filesystem-level permission to access the repository. -# -# On a Windows system, you should name the hook program -# `post-commit.bat' or `post-commit.exe', -# but the basic idea is the same. -# -# Here is an example hook script, for a Unix /bin/sh interpreter: - -REPOS="$1" -REV="$2" - -/home/SVN/repos/pause/hooks/commit-email.pl "$REPOS" "$REV" pause-code-commits -# log-commit.py --repository "$REPOS" --revision "$REV" - -# -commit-email.pl "$REPOS" "$REV" commit-watchers@example.org -# -log-commit.py --repository "$REPOS" --revision "$REV" -# +/usr/local/public-svn/Perl-Repository-APC/hooks/commit-email.pl "$REPOS" "$REV" - # k@k242.linux.bogus -# +# log-commit.py --repository "$REPOS" --revision "$REV" - From 48c34e9670d8dc820b30acc23d42da0fec63106b Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:00:44 +0100 Subject: [PATCH 02/19] ftpd: remove this directory as cruft --- ftpd/messages/incoming.txt | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 ftpd/messages/incoming.txt diff --git a/ftpd/messages/incoming.txt b/ftpd/messages/incoming.txt deleted file mode 100644 index 648269f87..000000000 --- a/ftpd/messages/incoming.txt +++ /dev/null @@ -1,13 +0,0 @@ -Upload into this directory -========================== - -is only allowed to registered CPAN developers for files that are -to be uploaded into the CPAN. - -If you have any questions regarding this policy, please contact -modules@perl.org. - -Thank you, -andreas koenig -2003-01-11 - From eb9e1768b3121ab35db7a80c11da4127fb8b7701 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:01:05 +0100 Subject: [PATCH 03/19] mirror: remove this directory as cruft --- mirror/.cvsignore | 1 - mirror/mirror.defaults | 34 --- mirror/mirror.defaults-pause-us | 34 --- mirror/mymirror.config | 355 -------------------------------- 4 files changed, 424 deletions(-) delete mode 100644 mirror/.cvsignore delete mode 100644 mirror/mirror.defaults delete mode 100644 mirror/mirror.defaults-pause-us delete mode 100644 mirror/mymirror.config diff --git a/mirror/.cvsignore b/mirror/.cvsignore deleted file mode 100644 index a9fbf991f..000000000 --- a/mirror/.cvsignore +++ /dev/null @@ -1 +0,0 @@ -mymirror.config diff --git a/mirror/mirror.defaults b/mirror/mirror.defaults deleted file mode 100644 index d533cce77..000000000 --- a/mirror/mirror.defaults +++ /dev/null @@ -1,34 +0,0 @@ - -package=defaults - compress_excl+|\.sig|\.html$|^\.notar$|-z|\.tgz$|\.taz$|\.tar.Z|\.arc$|\.zip$|\.lzh$|\.zoo$|\.exe$|\.lha$|\.zom$|\.gif$|\.jpeg$|\.jpg$|\.mpeg$|\.au$|read.*me|index|\.message|info|faq|gzip|compress|\.png$|(^|/)\.\.?$ - compress_patt=. - compress_prog=gzip - delete_excl=((^|/)\.(mirror|notar)|\.meta)$ - mode_copy=false - dir_mode=0755 - do_deletes=true - exclude_patt=(^|/)(\.mirror|core$|\.cap|\.in\..*\.$|MIRROR.LOG|#.*#|\.FSP|\.cache|\.zipped|\.notar|\.message|lost+found/|.*[~ ]) - file_mode=0644 -# follow_local_symlinks=. -# from jost krieger: - get_newer=yes -# from jost krieger: - get_size_change=yes - group=0 - hostname=pause.perl.org - local_dir=/home/ftp/pub/PAUSE/ - local_ignore=.*(readme|CHECKSUMS)$ - mail_prog=/home/k/PAUSE/bin/mirrormail.pl - mail_to=k - max_days=60 - max_delete_files=50% - max_delete_dirs=50% - name_mappings=s:\.\./:__/:g - remote_password=k@pause.perl.org - update_log= - user=0 -# passive_ftp=true -# trying with squid...NOPE -# proxy=true -# proxy_ftp_port=3128 -# proxy_gateway=localhost diff --git a/mirror/mirror.defaults-pause-us b/mirror/mirror.defaults-pause-us deleted file mode 100644 index c8b14ce48..000000000 --- a/mirror/mirror.defaults-pause-us +++ /dev/null @@ -1,34 +0,0 @@ - -package=defaults - compress_excl+|\.sig|\.html$|^\.notar$|-z|\.tgz$|\.taz$|\.tar.Z|\.arc$|\.zip$|\.lzh$|\.zoo$|\.exe$|\.lha$|\.zom$|\.gif$|\.jpeg$|\.jpg$|\.mpeg$|\.au$|read.*me|index|\.message|info|faq|gzip|compress|\.png$|(^|/)\.\.?$ - compress_patt=. - compress_prog=gzip - delete_excl=((^|/)\.(mirror|notar)|\.meta)$ - mode_copy=false - dir_mode=0755 - do_deletes=true - exclude_patt=(^|/)(\.mirror|core$|\.cap|\.in\..*\.$|MIRROR.LOG|#.*#|\.FSP|\.cache|\.zipped|\.notar|\.message|lost+found/|.*[~ ]) - file_mode=0644 -# follow_local_symlinks=. -# from jost krieger: - get_newer=yes -# from jost krieger: - get_size_change=yes - group=0 - hostname=pause.perl.org - local_dir=/home/ftp/pub/PAUSE/ - local_ignore=.*(readme|CHECKSUMS)$ - mail_prog=/home/puppet/pause/bin/mirrormail.pl - mail_to=k - max_days=60 - max_delete_files=50% - max_delete_dirs=50% - name_mappings=s:\.\./:__/:g - remote_password=k@pause.perl.org - update_log= - user=0 -# passive_ftp=true -# trying with squid...NOPE -# proxy=true -# proxy_ftp_port=3128 -# proxy_gateway=localhost diff --git a/mirror/mymirror.config b/mirror/mymirror.config deleted file mode 100644 index 424de9135..000000000 --- a/mirror/mymirror.config +++ /dev/null @@ -1,355 +0,0 @@ -# $Id: mymirror.config,v 1.13 2000/12/31 12:01:57 k Exp k $ - -package =msql - site =bond.edu.au - remote_dir =/pub/Minerva/msql - local_dir +pub/etc/msql - get_patt =^[fm] - recursive =false - max_days =22 - skip =moved to hughes - -package =cpantxt - site =ftp.funet.fi - remote_dir =/pub/languages/perl/CPAN/ - local_dir =/home/ftp/pub/from.CPAN/ - # CPAN.html links into authors/ and that's not there, - # but I prefer to see the symlink as a reminder - make_bad_symlinks=true - compress_patt= - do_deletes =true - local_ignore=src|ports - get_patt =. - recursive =false - max_days =9999 - mail_prog =/bin/true - skip = - -package =cpanports - site =ftp.funet.fi - remote_dir =/pub/languages/perl/CPAN/ports/ - local_dir =/home/ftp/pub/from.CPAN/ports/ - compress_patt= - #local_ignore= - #exclude_patt+\.mirror\.log - do_deletes=true - max_delete_files=25% - get_patt =. - recursive =true - max_days =9999 - skip =no yet ready, timestamp problems - -package =cpansrc - site =ftp.funet.fi - remote_dir =/pub/languages/perl/CPAN/src/ - local_dir =/home/ftp/pub/from.CPAN/src/ - get_patt =. - # exclude_patt=FTP_LS_ - max_days =30 - recursive =true - skip =mirroring not yet ready - -package =AMOSS - site =ftp.huji.ac.il - remote_dir =/users/amoss/ - local_dir +authors/id/A/AM/AMOSS - get_patt =^SGI - recursive =false - max_days =22 - skip = - -package =FMC - site =ftp.pasteur.fr - remote_dir =/pub/Perl/ - local_dir +authors/id/F/FM/FMC - get_patt =^Sx[-D] - recursive =false - max_days =22 - skip = - -package =MICB - site =ftp.ox.ac.uk - remote_dir =/pub/perl/for-CPAN - local_dir +authors/id/M/MI/MICB - get_patt =\.(gz|pm)$ - max_days =22 - recursive =false - flags_nonrecursive+L - skip = - -# Ilya's ftp directories are a constant cause for grief for the mirror -# program and its relation to symlinks. I get by far to many emails -# about a symlink being created, but I see no clear pattern... - -package =ILYAZ - site =ftp.math.ohio-state.edu - remote_dir =/pub/users/ilya/perl - local_dir +authors/id/I/IL/ILYAZ - get_patt =. - compress_patt= - do_deletes =false -# do_deletes must be false for ilya, because of the many old files there - follow_local_symlinks=. - max_days =222 - recursive =true - # make_bad_symlinks=true - skip = - -package =emacs - site =ftp.math.ohio-state.edu - remote_dir =/pub/users/ilya/emacs - local_dir +etc/emacs/ilyaz - get_patt =. - max_days =22 - recursive =true - flags_recursive+L - skip =no space on emergency disk - - -package =DMEGG - site =aix1.uottawa.ca - remote_dir =/pub/dmeggins/ - local_dir +authors/id/D/DM/DMEGG - get_patt =^SGMLSpm- - max_days =22 - recursive =false - skip = - -package =MEWP - site =ftp.demon.co.uk - remote_dir =/pub/perl/db/mod/Sybase/ - local_dir +authors/id/M/ME/MEWP - get_patt =^syb - max_days =22 - recursive =false - skip =now uses CPAN directly - -package =GSM - site =ftp.wellfleet.com - remote_dir =/netman/snmp/perl5/ - local_dir +authors/id/G/GS/GSM - get_patt =. - do_deletes =true - max_days =3222 - recursive =false - skip = - -package =ADESC - site =ftp.mcqueen.com - remote_dir =/pub/hermetica/descarte/perl/modules/ - local_dir +authors/id/A/AD/ADESC - get_patt =. - max_days =22 - recursive =false - flags_nonrecursive+L - skip =Al has moved - -package =LDS - site =ftp-genome.wi.mit.edu - remote_dir =/pub/software/WWW/ - local_dir +authors/id/L/LD/LDS - get_patt =^(CGI|GD)[\.\-](modules-|pm-)?\d+\.[\d\w]+\.tar\.gz$ - do_deletes =false - max_days =22 - max_delete_files =3 - recursive =false - flags_nonrecursive+L - skip = - -package =AKSTE - site =hub.ucsb.edu - remote_dir =/pub/prog/perl/ - local_dir +authors/id/A/AK/AKSTE - get_patt =^(PrintArray-|Term-Query-)\d.*\.tar.gz$ - max_days =22 - recursive =false - skip =too many error messages recently - -package =TIMB - site =ftp.demon.co.uk - remote_dir =/pub/perl/db - local_dir +authors/id/T/TI/TIMB - get_patt =^(D|perl5) - do_deletes =false - max_days =22 - recursive =true - flags_recursive+L - skip =Tim said "you can stop mirroring demon all together" - -package =YVESP - site =ftp.demon.co.uk - remote_dir =/pub/perl/db/mod/Pg95 - local_dir +authors/id/Y/YV/YVESP - get_patt =. - max_days =22 - recursive =false - skip =disabled since 1996-02-19. Dead directroy? - -package =MERGL - site =ftp.demon.co.uk - remote_dir =/pub/perl/db/mod/Pg95 - local_dir +authors/id/M/ME/MERGL - get_patt =. - max_days =22 - recursive =false - skip =edmund now loads up directly to pause - - -package =GUYDX - site =moulon.inra.fr - remote_dir =/pub/pTk/ - local_dir +authors/id/G/GU/GUYDX - follow_local_symlinks=. - get_patt =. - make_bad_symlinks=true - max_days =22 - recursive =false - skip = - -package =TOMC_scripts - site =perl.com - remote_dir =/perl/scripts/ - local_dir +authors/id/T/TO/TOMC/scripts - get_patt =. - exclude_patt =ghindex\.html - max_days =90 - recursive =true - skip = - -package =TOMC_modules - site =ftp.perl.com - remote_dir =/pub/perl/tchrist/modules/ - local_dir +authors/id/T/TO/TOMC/modules - get_patt =. - exclude_patt =ghindex\.html - max_days =90 - recursive =true - skip = - -package =ULPFR - site =ls6-www.informatik.uni-dortmund.de - remote_dir =/pub/perl/perl5/modules/ - local_dir +authors/id/U/UL/ULPFR - do_deletes =true - get_patt =. - delete_patt =. - max_delete_files=10% - max_days =22 - recursive =false - skip =Cancelled because unreliable - -# memo 2003-02-20: I just got rid of accumulated old files with -# perl /usr/local/mirror/mirror.pl -p MUIR -kmax_days=0 \ -# -kmax_delete_files=60 /usr/local/mirror/mymirror.config -# but after that I still had to delete manually dozens of README files -package =MUIR - site =ftp.idiom.com - remote_dir =/users/muir/CPAN/ - local_dir +authors/id/M/MU/MUIR - do_deletes =true - get_patt =. - max_days =42 - recursive =true - skip = - -package =GREGG - site =fruitfly.berkeley.edu - remote_dir =/pub/bioTk/ - local_dir +authors/id/G/GR/GREGG - get_patt =. - max_days =22 - recursive =false - skip =not yet verified - -package =KGB - site =ftp.ast.cam.ac.uk - remote_dir =/pgperl/perl5/ - local_dir +authors/id/K/KG/KGB - get_patt =PGPLOT.*_src.* - max_days =22 - recursive =false - skip = - -package =STANM - site =skyler.arc.ab.ca - remote_dir =/pub/perl/ - local_dir +authors/id/S/ST/STANM - get_patt =. - max_days =22 - recursive =false - skip = - -package =NEILB - site =ftp.khoral.com - remote_dir =/pub/weblint/ - local_dir +authors/id/N/NE/NEILB - get_patt =weblint.*(\.tar\.gz|\.ps) - max_days =22 - recursive =false - skip =because Neil has moved away from khoros - -package =FSG - site =coriolan.amicus.com - remote_dir =/pub/ - local_dir +authors/id/F/FS/FSG - get_patt =^Penguin- - max_days =22 - recursive =false - skip =seems to be dead - -package =SHUTTON - site =habanero.ucs.indiana.edu - remote_dir =/pub/perl/SHUTTON/ - local_dir +authors/id/S/SH/SHUTTON - get_patt =. - max_days =22 - recursive =false - skip =he recently uploaded something, have to clarify status - -package =SPIDB - site =ftp.ma.ultranet.com - remote_dir =~spiderb/public_html/perl/ext/ - local_dir +authors/id/S/SP/SPIDB - get_patt =. - max_days =22 - recursive =false - skip = - -package =DSTALDER - site =ftp.daft.com - remote_dir =/pub/Perl5/pause/debian/ - local_dir +authors/id/D/DS/DSTALDER - get_patt =. - max_days =22 - recursive =false - skip =not yet verified - -package =PHENSON - site =www.intranet.csupomona.edu - remote_dir =/~henson/www/projects/File-LockFile-Lock-0.15.tar.gzf/dist/ - local_dir +authors/id/P/PH/PHENSON - get_patt =. - max_days =22 - recursive =false - skip =not yet verified - -package =FTASSIN - site =ftp.oleane.net - remote_dir =/private/fta/perl/cpan/ - local_dir +authors/id/F/FT/FTASSIN - get_patt =. - max_days =22 - recursive =false - skip = - -package =HAKANARDO - site =hobbe.ub2.lu.se - remote_dir =/pub/CPAN/ - local_dir +authors/id/H/HA/HAKANARDO - follow_local_symlinks=. - do_deletes =true - get_patt =. - max_days =44 - recursive =false - skip = - From 12f6cb7b0a434655b79d8af5f2b9bf06b501df4a Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:01:46 +0100 Subject: [PATCH 04/19] crontab: remove unpause/bootstrap-related comments also, email andreas again --- cron/CRONTAB.ROOT | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/cron/CRONTAB.ROOT b/cron/CRONTAB.ROOT index 4b4d68748..6c5d0efd9 100644 --- a/cron/CRONTAB.ROOT +++ b/cron/CRONTAB.ROOT @@ -1,18 +1,9 @@ -# MAILTO=andreas.koenig.5c1c1wmb@franz.ak.mind.de +MAILTO=andreas.koenig.5c1c1wmb@franz.ak.mind.de PATH=/home/pause/.plenv/shims:/usr/bin:/home/pause/pause/cron PAUSE_REPO=/home/pause/pause PAUSE_ROOT=/data/pause/pub/PAUSE -## STUFF RJBS DID TO PUT THIS INTO UNPAUSE: -## * replace a bunch of paths: -## * /opt/perl/current/bin with /usr/bin/perl -## * put "perl" in front of things to use plenv perl instead of system perl -## * put the pause repo's cron directory in path *and use it* -## -## …and we will write this to /etc/cron.d/SOMETHING - -# ??? * * * * * pause $PAUSE_REPO/cron/recentfile-aggregate # some kind of PAUSE heartbeat/health check system? From cdad3cb3c5ed73a4756b1a28e2768cebcfcec805 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:03:28 +0100 Subject: [PATCH 05/19] run_mirrors: remove this as cruft While this was running, before, it was used by very few people, if anyone at all. Rather than maintain it -- especially since it used /usr/bin/mirror, which no longer runs on v5.30+ perl -- we remove it. --- cron/CRONTAB.ROOT | 1 - cron/run_mirrors.sh | 14 -------------- 2 files changed, 15 deletions(-) delete mode 100755 cron/run_mirrors.sh diff --git a/cron/CRONTAB.ROOT b/cron/CRONTAB.ROOT index 6c5d0efd9..48cbc6a82 100644 --- a/cron/CRONTAB.ROOT +++ b/cron/CRONTAB.ROOT @@ -21,7 +21,6 @@ PAUSE_ROOT=/data/pause/pub/PAUSE 37 05 * * * pause $PAUSE_REPO/cron/gmls-lR.pl 47 07,13,19,01 * * * pause $PAUSE_REPO/cron/mysql-dump.pl 21 */6 * * * pause $PAUSE_REPO/cron/rm_stale_links -23 07,13,19,01 * * * pause $PAUSE_REPO/cron/run_mirrors.sh 22 * * * * pause $PAUSE_REPO/cron/sync-04pause.pl 10 09,15,21,03 * * * pause cd $PAUSE_ROOT/PAUSE-git && (git gc && git push -u origin master) >> /home/pause/log/git-gc-push.out 18 * * * * pause $PAUSE_REPO/cron/cron-p6daily.pl diff --git a/cron/run_mirrors.sh b/cron/run_mirrors.sh deleted file mode 100755 index b498f6ded..000000000 --- a/cron/run_mirrors.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -if [ -d /home/puppet/pause/mirror ] ; then - MIRRDIR=/home/puppet/pause/mirror - MIRRCNF=mirror.defaults-pause-us -elif [ -d /home/k/PAUSE/mirror ] ; then - MIRRDIR=/home/k/PAUSE/mirror - MIRRCNF=mirror.defaults -else - echo could not find MIRRDIR - exit 1 -fi - -/home/pause/.plenv/shims/perl /usr/bin/mirror -C$MIRRDIR/$MIRRCNF $MIRRDIR/mymirror.config From a7685da1c33d33603a7e367e0f7250fc9092f916 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:04:23 +0100 Subject: [PATCH 06/19] apache-X directories: remove these as cruft --- apache-conf/Makefile | 23 - apache-conf/Makefile.crt | 28 -- apache-conf/httpd.conf.pause-us-80 | 321 ------------ apache-conf/httpd.conf.pause.athome | 251 ---------- apache-conf/httpd.conf.pause.atk75 | 197 -------- apache-conf/httpd.conf.pause.atk81 | 232 --------- apache-conf/httpsd.conf.pause | 397 --------------- apache-conf/mime.types | 100 ---- apache-conf/pause.sslcnf | 47 -- apache-conf/ssl.cnf/pause.perl.org.cnf | 50 -- .../ssl.cnf/rapidssl.pause.perl.org.cnf | 52 -- apache-conf/ssl.crt/Makefile | 4 - apache-conf/ssl.crt/cacert-class3.crt | 35 -- apache-conf/ssl.crt/cacert-root.crt | 41 -- apache-conf/ssl.crt/pause.perl.org.crt | 28 -- apache-conf/ssl.crt/rapidssl-intermediate.crt | 23 - .../ssl.crt/rapidssl.pause.perl.org.crt | 28 -- .../ssl.crt/rapidssl.pause.perl.org.crt+chain | 51 -- apache-conf/ssl.csr/pause.perl.org.csr | 20 - .../ssl.csr/rapidssl.pause.perl.org.csr | 19 - apache-perl/user/tail_log | 25 - apache-perl/who_is | 17 - apache-svn-conf/default-site.conf | 98 ---- apache-svn-conf/httpd.conf | 396 --------------- apache-svn-conf/mime.types | 471 ------------------ apache-svn-conf/ports.conf | 1 - apache-svn-conf/ssl.conf | 62 --- 27 files changed, 3017 deletions(-) delete mode 100644 apache-conf/Makefile delete mode 100644 apache-conf/Makefile.crt delete mode 100644 apache-conf/httpd.conf.pause-us-80 delete mode 100644 apache-conf/httpd.conf.pause.athome delete mode 100644 apache-conf/httpd.conf.pause.atk75 delete mode 100644 apache-conf/httpd.conf.pause.atk81 delete mode 100644 apache-conf/httpsd.conf.pause delete mode 100644 apache-conf/mime.types delete mode 100644 apache-conf/pause.sslcnf delete mode 100644 apache-conf/ssl.cnf/pause.perl.org.cnf delete mode 100644 apache-conf/ssl.cnf/rapidssl.pause.perl.org.cnf delete mode 100644 apache-conf/ssl.crt/Makefile delete mode 100644 apache-conf/ssl.crt/cacert-class3.crt delete mode 100644 apache-conf/ssl.crt/cacert-root.crt delete mode 100644 apache-conf/ssl.crt/pause.perl.org.crt delete mode 100644 apache-conf/ssl.crt/rapidssl-intermediate.crt delete mode 100644 apache-conf/ssl.crt/rapidssl.pause.perl.org.crt delete mode 100644 apache-conf/ssl.crt/rapidssl.pause.perl.org.crt+chain delete mode 100644 apache-conf/ssl.csr/pause.perl.org.csr delete mode 100644 apache-conf/ssl.csr/rapidssl.pause.perl.org.csr delete mode 100755 apache-perl/user/tail_log delete mode 100755 apache-perl/who_is delete mode 100644 apache-svn-conf/default-site.conf delete mode 100644 apache-svn-conf/httpd.conf delete mode 100644 apache-svn-conf/mime.types delete mode 100644 apache-svn-conf/ports.conf delete mode 100644 apache-svn-conf/ssl.conf diff --git a/apache-conf/Makefile b/apache-conf/Makefile deleted file mode 100644 index 81720fb1a..000000000 --- a/apache-conf/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -# superceded by ~/SVN/bin/Makefile.crt which can produce csr - -default: - @echo nothing done - -SSLEAY = /usr/local/ssl/bin/openssl - -.SUFFIXES: .pkey .pem3 .pem .sslcnf - -.sslcnf.pem3: - [ -f "$*.pkey" ] || ${SSLEAY} genrsa -out $*.pkey 1024 - ${SSLEAY} req -config $*.sslcnf -new -key $*.pkey -x509 -nodes -days 2060 -out $@ - -.pem3.pem: - cat $*.pkey $< >| $@ - ln -s -f $@ `${SSLEAY} x509 -noout -hash < $@`.0 - ${SSLEAY} x509 -noout -text -in $@ - @echo Please take note of the fingerprint and put it into 04pause.html - ${SSLEAY} x509 -noout -fingerprint -in $@ - - -# memo: Fingerprint fuer pause.kbx.de bis 16.May 2009 war -# B4:96:CD:65:5C:B4:2F:2A:EC:D6:5E:5F:FC:D0:8E:0B diff --git a/apache-conf/Makefile.crt b/apache-conf/Makefile.crt deleted file mode 100644 index d65abc8e7..000000000 --- a/apache-conf/Makefile.crt +++ /dev/null @@ -1,28 +0,0 @@ -default: - @echo nothing done - @echo for very quick solution run the script apache2-ssl-certificate - -OPENSSL = /usr/bin/openssl -BITS = 2048 -DAYS = 730 - -ssl.csr/%.csr ssl.key/%.key: ssl.cnf/%.cnf - [ -f "ssl.key/$*.key" ] || ${OPENSSL} genrsa -out ssl.key/$*.key $(BITS) - ${OPENSSL} req -config $< -new -key ssl.key/$*.key -out ssl.csr/$*.csr - -ssl.csr/%.csr.asc: ssl.csr/%.csr - gpg -s -a $< - -# -x509 -nodes -days $(DAYS) -# alles falsch, hier irgendwas mit "ca" -ssl.crt/%.crt: ssl.csr/%.csr - cat ssl.key/$*.key $< > $@ - echo ln -s -f $@ `${OPENSSL} x509 -noout -hash < $@`.0 - cd ssl.crt && $(MAKE) -f Makefile.crtdir - ${OPENSSL} x509 -noout -text -in $@ - @echo Please take note of the fingerprint: - ${OPENSSL} x509 -noout -fingerprint -in $@ - -# Local Variables: -# mode: Makefile -# End: diff --git a/apache-conf/httpd.conf.pause-us-80 b/apache-conf/httpd.conf.pause-us-80 deleted file mode 100644 index 66d8c14ef..000000000 --- a/apache-conf/httpd.conf.pause-us-80 +++ /dev/null @@ -1,321 +0,0 @@ -# -*- Mode: Cperl; -*- - -CoreDumpDirectory /opt/apache/cores - -ServerTokens ProductOnly - - - - -=pod - -CPerl-mode now sees POD sections till the first =cut. - - - -# $Id: httpsd.conf.pause,v 1.40 2002/07/18 21:42:39 k Exp k $ - -ServerName pause.perl.org -HostnameLookups Off -User apache -Group apache -BrowserMatch Mozilla/2 nokeepalive - -#ErrorLog logs/error_log -#TransferLog logs/access_log -# LogFormat "%h %l %u %t \"%r\" %s %b %P %T" -LogFormat "%h %l %u %t \"%r\" %s %b %P %p %T \"%{Referer}i\" \"%{User-Agent}i\" %{Host}i" - -#PidFile logs/httpd.pid -#ScoreBoardFile logs/apache_status -Timeout 240 -KeepAlive On -MaxKeepAliveRequests 100 -KeepAliveTimeout 2 - -AddType httpd/send-as-is asis -AddType text/html .shtml -AddHandler server-parsed .shtml - -UserDir disabled - -# access.conf -AccessConfig /dev/null - -# srm.conf -ResourceConfig /dev/null - -DefaultType text/plain - -ExtendedStatus On - -############################################## -# For all Apache::Registry stuff a common root -############################################## -Alias /incoming /home/ftp/incoming -Alias /pub/PAUSE /home/ftp/pub/PAUSE -############################################## - -############################################## -# For bugzilla -############################################## -#AddHandler cgi-script .cgi -#Alias /bugzilla/ /home/ldachary/webspace/ -# -# DirectoryIndex index.html -# Options Indexes Includes ExecCGI -# -# ScriptAlias /loicdemo/ /home/ldachary/webspace/ -# -# Options +ExecCGI -# -############################################## - - -############################################## -# For munin -############################################## -#Alias /munin /var/cache/munin/www -# -# Options None -# -# ExpiresActive On -# ExpiresDefault M310 -# -# -############################################## - - - - - - # I believe, this is only for the hardly needed Apache::AuthzDBI in /perl/admin - PerlSetVar Auth_DBI_data_source dbi:mysql:authen_pause - PerlSetVar Auth_DBI_username root - # PerlSetVar Auth_DBI_password - PerlSetVar Auth_DBI_pwd_table usertable - PerlSetVar Auth_DBI_grp_table grouptable - PerlSetVar Auth_DBI_uid_field user - PerlSetVar Auth_DBI_grp_field ugroup - PerlSetVar Auth_DBI_pwd_field password - - PerlSetupEnv Off - - PerlSetVar ReloadAll Off - PerlSetVar ReloadDebug Off - PerlSetVar ReloadModules "pause_1999::config \ - pause_1999::authen_user \ - pause_1999::edit \ - pause_1999::layout \ - pause_1999::main \ - pause_1999::message \ - pause_1999::speedlinkgif \ - pause_1999::startform \ - pause_1999::userstatus \ - PAUSE \ -" - - - - -=head2 SEE ME - -A lone cut _starts_ pod - -CPerl-mode sees perl code after this =cut. - -I don't understand those indents, but they do no harm anyway... - -=cut - - - -#!perl - - BEGIN { - push @INC, "/home/puppet/pause-private/lib", "/home/puppet/pause/lib"; - } - -# $debugging -my $debugging; -if (Apache->define("PERL_DEBUG")) { - $debugging = 1; - require Apache::DB; - require 'Apache/perl5db.pl'; # this seems to be needed with - # 5.7.2@@14159, otherwise we get "No - # DB::DB routine defined at - # /usr/local/apache/lib/map_box/registry.pm - # line 3." - Apache::DB->init; -} - - -use strict; -use vars qw( - $AccessConfig - $BindAddress - $DefaultType - $DocumentRoot - $ErrorLog - $KeepAlive - $LanguagePriority - $Listen - $MaxClients - $MaxRequestsPerChild - $MaxSpareServers - $MinSpareServers - $PassEnv - $PerlChildInitHandler - $PerlPostReadRequestHandler - $PerlSetEnv - $PerlWarn - $PidFile - $Port - $ResourceConfig - $ScoreBoardFile - $ServerAdmin - $ServerRoot - $ServerType - $StartServers - $TransferLog - %Directory - %Location - @Alias - @ScriptAlias - @PerlSetEnv -); - -# $Location{"/"}{PerlSetupEnv} = "On"; - -$ServerRoot = "/opt/apache/current"; -$DocumentRoot = "/home/puppet/pause/htdocs"; -$ServerType = "standalone"; -$PerlWarn = "On"; - -my $SWITCH8000 = Apache->define("SWITCH8000"); - -my $ext = $SWITCH8000 ? ".8000" : ""; -$ErrorLog = "logs/error_log$ext"; -$TransferLog = "logs/access_log$ext"; -$PidFile = "logs/httpd.pid$ext"; -$ScoreBoardFile = "logs/apache_status$ext"; - -my $ord_port = $SWITCH8000 ? 8000 : 81; # 80/81!!! -$Port = $ord_port; -$Listen = $ord_port; -$BindAddress = undef; - -# require CGI; - -use BSD::Resource (); -Apache->push_handlers(PerlChildInitHandler => sub { - #BSD::Resource::setrlimit(BSD::Resource::RLIMIT_CPU(), - # 60*10, 60*10); - #BSD::Resource::setrlimit(BSD::Resource::RLIMIT_DATA(), - # 40*1024*1024, 40*1024*1024); - BSD::Resource::setrlimit(BSD::Resource::RLIMIT_CORE(), - 40*1024*1024, 40*1024*1024); - }); - -for my $loc (qw( /status )){ - $Location{$loc}{SetHandler} = "server-status"; -} -for my $loc (qw( /server-info )){ - $Location{$loc}{SetHandler} = "server-info"; -} - -my $pause = "/pause"; -if (1) { # /pause/ directory - require pause_1999::main; - - if (-f "/etc/PAUSE.CLOSED") { - my $loc = "/"; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - for my $loc ($pause){ - require pause_1999::fixup; - $Location{$loc}{PerlFixupHandler} = "pause_1999::fixup"; - } - $Location{"/"}{PerlFixupHandler} = "pause_1999::index"; - for my $loc ("$pause/query", "$pause/authenquery", "$pause/mimequery"){ - # note: mimequery is experimental and will go away again - if ($debugging) { - $Location{$loc}{PerlFixupHandler} = "Apache::DB"; - } - require pause_1999::config; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "pause_1999::config"; - } - for my $loc ( - "$pause/authenquery", - "$pause/mimequery", - #"/perl/user", - #"/perl/admin", - "/pub", - "/status", - "/server-info", - #"/munin", - ){ - $Location{$loc}{PerlAuthenHandler} = "pause_1999::authen_user"; - $Location{$loc}{AuthName} = "PAUSE"; - $Location{$loc}{AuthType} = "Basic"; - $Location{$loc}{require} = "valid-user"; - } - $Location{"/perl/admin"}{PerlAuthzHandler} = "Apache::AuthzDBI"; - $Location{"/perl/admin"}{require} = ["group", "admin"]; - } -} - -#for my $loc ( "/perl" ){ -# $Location{$loc}{SetHandler} = "perl-script"; -# $Location{$loc}{Options} = "ExecCGI"; -# if (-f "/etc/PAUSE.CLOSED") { -# $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; -# } else { -# $Location{$loc}{PerlHandler} = "Apache::Registry"; -# } -#} - -for my $loc (qw(/pub /incoming)){ - $Location{$loc}{IndexOptions} = "FancyIndexing NameWidth=* SuppressDescription"; -} -$MinSpareServers = 4; -$MaxSpareServers = 12; -$StartServers = 4; -$MaxClients = 12; -if (Apache->define("ONE_PROCESS")) { - $MaxRequestsPerChild = 1; # 1: I want to see the SEGV -} else { - $MaxRequestsPerChild = 100; # set to 0 as long as it turns off the SEGV -} -if ($SWITCH8000) { - $MinSpareServers = - $MaxSpareServers = - $StartServers = - $MaxClients = 2; - $KeepAlive = "Off"; - $MaxRequestsPerChild = 0; -} -$ServerAdmin = 'andk@cpan.org'; - -if (1){ - for my $loc (qw( /pause )){ - $Location{$loc}{PerlInitHandler} = "Apache::Reload"; - } -} - - -__END__ - - - - - - - -=cut - - - diff --git a/apache-conf/httpd.conf.pause.athome b/apache-conf/httpd.conf.pause.athome deleted file mode 100644 index e8a92f0ef..000000000 --- a/apache-conf/httpd.conf.pause.athome +++ /dev/null @@ -1,251 +0,0 @@ -# -*- mode: cperl -*- - -# 1. symlink httpsd.conf -> httpd.conf.pause.athome; starten geht, -# restarten geht nicht, braucht killall - -# 2. SSLCacheServerPort etc. - -# 3. Servername, User, Group - -# 4. Because we do unison between k76b and k75 we need to have the -# same username and password on both machines or we write a special -# rule for them in PrivatePAUSE which is also OK. - -# (0) k76 currently uses /usr/local/perl-5.8.7/bin/cpan - -ServerName k76b.linux.bogus -HostnameLookups Off -User www-data -Group www-data - - - - - Port 8443 - Listen 8443 - SSLCacheServerPort 8112 - - - Port 443 - Listen 443 - SSLCacheServerPort 8111 - - - # next two lines may point to nonexisting files, it seems, but must be there - # SSLCACertificatePath /usr/local/ssl/demoCA/ - # SSLCACertificateFile /usr/local/ssl/demoCA/ttt.pem - - SSLCertificateFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem - SSLCertificateKeyFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem - - SSLVerifyClient 0 - SSLVerifyDepth 10 - SSLFakeBasicAuth - # SSLLogFile /tmp/ssl.log - CustomLog logs/ssl_log "%t %{version}c %{cipher}c %{clientcert}c" - - SSLCacheServerPath /usr/local/apache/bin/gcache - - SSLCacheServerPort 8112 - - SSLDisable - - - - SSLCacheServerPort 8111 - - SSLDisable - - deny from all - - - - SSLSessionCacheTimeout 360 - - - - - SSLEnable - - - - - SSLEnable - - - - - - - - - # I believe, this is only for the hardly needed Apache::AuthzDBI in /perl/admin - PerlSetVar Auth_DBI_data_source dbi:mysql:authen_pause - PerlSetVar Auth_DBI_username root - # PerlSetVar Auth_DBI_password - PerlSetVar Auth_DBI_pwd_table usertable - PerlSetVar Auth_DBI_grp_table grouptable - PerlSetVar Auth_DBI_uid_field user - PerlSetVar Auth_DBI_grp_field ugroup - PerlSetVar Auth_DBI_pwd_field password - - PerlSetupEnv Off - - PerlSetVar ReloadAll Off - PerlSetVar ReloadDebug On - PerlSetVar ReloadModules "pause_1999::config \ - pause_1999::main \ - pause_1999::edit \ - pause_1999::startform \ - pause_1999::authen_user \ - PAUSE \ - -" - - - - - -=head2 SEE ME - -A lone cut _starts_ pod - -CPerl-mode sees perl code after this =cut. - -I don't understand those indents, but they do no harm anyway... - -=cut - - - -#!perl - - BEGIN { - push @INC, "/home/k/PAUSE/lib"; - unshift @INC, "/home/k/dproj/PAUSE/SVN/lib", - "/home/k/dproj/PAUSE/SVN/privatelib"; # never use lib weil use - # lib immer ausserhalb der - # if/else wirkt - } - -# $debugging -my $debugging; -if (0 && Apache->define("PERL_DEBUG")) { - $debugging = 1; - require Apache::DB; - require 'Apache/perl5db.pl'; # this seems to be needed with - # 5.7.2@@14159, otherwise we get "No - # DB::DB routine defined at - # /usr/local/apache/lib/map_box/registry.pm - # line 3." - Apache::DB->init; -} - - -use Apache::Status; -# use Apache::DBI; -use strict; -our %Location; - -# $Location{"/"}{PerlSetupEnv} = "On"; - -# require CGI; - - -for my $loc (qw( /status )){ - $Location{$loc}{SetHandler} = "server-status"; -} -for my $loc (qw( /server-info )){ - $Location{$loc}{SetHandler} = "server-info"; -} -for my $loc (qw( /perl-status )){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "Apache::Status"; -} - -# if ($debugging) { -# $Location{$loc}{PerlFixupHandler} = "Apache::DB"; -# } - -my $pause = "/pause"; -if (1) { # /pause/ directory - require pause_1999::main; - - if (-f "/etc/PAUSE.CLOSED") { - my $loc = "/"; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - for my $loc ($pause){ - require pause_1999::fixup; - $Location{$loc}{PerlFixupHandler} = "pause_1999::fixup"; - } - $Location{"/"}{PerlFixupHandler} = "pause_1999::index"; - for my $loc ("$pause/query", "$pause/authenquery", "$pause/mimequery"){ - # note: mimequery is experimental and will go away again - if ($debugging) { - $Location{$loc}{PerlFixupHandler} = "Apache::DB"; - } - require pause_1999::config; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "pause_1999::config"; - } - for my $loc ( - "$pause/authenquery", - "$pause/mimequery", - "/perl/user", - "/perl/admin", - "/pub", - "/status", - "/server-info", - "/perl-status" - ){ - $Location{$loc}{PerlAuthenHandler} = "pause_1999::authen_user"; - $Location{$loc}{AuthName} = "PAUSE"; - $Location{$loc}{AuthType} = "Basic"; - $Location{$loc}{require} = "valid-user"; - } - $Location{"/perl/admin"}{PerlAuthzHandler} = "Apache::AuthzDBI"; - $Location{"/perl/admin"}{require} = ["group", "admin"]; - } -} - -for my $loc ( "/perl" ){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - if (-f "/etc/PAUSE.CLOSED") { - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - $Location{$loc}{PerlHandler} = "Apache::Registry"; - } -} - -for my $loc (qw(/pub /incoming)){ - $Location{$loc}{IndexOptions} = "FancyIndexing NameWidth=* SuppressDescription"; -} -our $MinSpareServers = 2; -our $MaxSpareServers = 2; -our $StartServers = 2; -our $MaxClients = 3; -our $MaxRequestsPerChild; -$MaxRequestsPerChild = 6; # set to 0 as long as it turns off the SEGV - -if (1){ - for my $loc (qw( / )){ - $Location{$loc}{PerlInitHandler} = "Apache::Reload"; - } -} - -__END__ - - - - - - - -=cut - - - diff --git a/apache-conf/httpd.conf.pause.atk75 b/apache-conf/httpd.conf.pause.atk75 deleted file mode 100644 index ac9e1bb7e..000000000 --- a/apache-conf/httpd.conf.pause.atk75 +++ /dev/null @@ -1,197 +0,0 @@ -# -*- mode: cperl -*- - -# 1. symlink httpsd.conf -> httpd.conf.pause.athome; starten geht, -# restarten geht nicht, braucht killall - -# 2. SSLCacheServerPort etc. - -# 3. Servername, User, Group - -# 4. Because we do unison between k76b and k75 we need to have the -# same username and password on both machines or we write a special -# rule for them in PrivatePAUSE which is also OK. - -# (0) k76 currently uses /usr/local/perl-5.8.7/bin/cpan - -ServerName k75.linux.bogus -HostnameLookups Off -User www-data -Group www-data -# DocumentRoot /home/src/www/apache/apachebin/1.3.37/htdocs/ -DocumentRoot /home/k/dproj/PAUSE/GIT-II/htdocs -Port 8406 - - - - # I believe, this is only for the hardly needed Apache::AuthzDBI in /perl/admin - PerlSetVar Auth_DBI_data_source dbi:mysql:authen_pause - PerlSetVar Auth_DBI_username root - # PerlSetVar Auth_DBI_password - PerlSetVar Auth_DBI_pwd_table usertable - PerlSetVar Auth_DBI_grp_table grouptable - PerlSetVar Auth_DBI_uid_field user - PerlSetVar Auth_DBI_grp_field ugroup - PerlSetVar Auth_DBI_pwd_field password - - PerlSetupEnv Off - - PerlSetVar ReloadAll Off - PerlSetVar ReloadDebug On - PerlSetVar ReloadModules "\ - PAUSE \ - pause_1999::authen_user \ - pause_1999::config \ - pause_1999::edit \ - pause_1999::layout \ - pause_1999::main \ - pause_1999::startform \ - -" - - - - - -=head2 SEE ME - -A lone cut _starts_ pod - -CPerl-mode sees perl code after this =cut. - -I don't understand those indents, but they do no harm anyway... - -=cut - - - -#!perl - - BEGIN { - push @INC, "/home/k/PAUSE/lib"; - unshift @INC, "/home/k/dproj/PAUSE/GIT-II/lib", - "/home/k/dproj/PAUSE/GIT-II/privatelib"; # never use lib weil use - # lib immer ausserhalb der - # if/else wirkt - } - -# $debugging -my $debugging; -if (0 && Apache->define("PERL_DEBUG")) { - $debugging = 1; - require Apache::DB; - require 'Apache/perl5db.pl'; # this seems to be needed with - # 5.7.2@@14159, otherwise we get "No - # DB::DB routine defined at - # /usr/local/apache/lib/map_box/registry.pm - # line 3." - Apache::DB->init; -} - - -use Apache::Status; -# use Apache::DBI; -use strict; -our %Location; - -# $Location{"/"}{PerlSetupEnv} = "On"; - -# require CGI; - - -for my $loc (qw( /status )){ - $Location{$loc}{SetHandler} = "server-status"; -} -for my $loc (qw( /server-info )){ - $Location{$loc}{SetHandler} = "server-info"; -} -for my $loc (qw( /perl-status )){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "Apache::Status"; -} - -# if ($debugging) { -# $Location{$loc}{PerlFixupHandler} = "Apache::DB"; -# } - -my $pause = "/pause"; -if (1) { # /pause/ directory - require pause_1999::main; - - if (-f "/etc/PAUSE.CLOSED") { - my $loc = "/"; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - for my $loc ($pause){ - require pause_1999::fixup; - $Location{$loc}{PerlFixupHandler} = "pause_1999::fixup"; - } - $Location{"/"}{PerlFixupHandler} = "pause_1999::index"; - for my $loc ("$pause/query", "$pause/authenquery", "$pause/mimequery"){ - # note: mimequery is experimental and will go away again - if ($debugging) { - $Location{$loc}{PerlFixupHandler} = "Apache::DB"; - } - require pause_1999::config; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "pause_1999::config"; - } - for my $loc ( - "$pause/authenquery", - "$pause/mimequery", - "/perl/user", - "/perl/admin", - "/pub", - "/status", - "/server-info", - "/perl-status" - ){ - $Location{$loc}{PerlAuthenHandler} = "pause_1999::authen_user"; - $Location{$loc}{AuthName} = "PAUSE"; - $Location{$loc}{AuthType} = "Basic"; - $Location{$loc}{require} = "valid-user"; - } - $Location{"/perl/admin"}{PerlAuthzHandler} = "Apache::AuthzDBI"; - $Location{"/perl/admin"}{require} = ["group", "admin"]; - } -} - -for my $loc ( "/perl" ){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - if (-f "/etc/PAUSE.CLOSED") { - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - $Location{$loc}{PerlHandler} = "Apache::Registry"; - } -} - -for my $loc (qw(/pub /incoming)){ - $Location{$loc}{IndexOptions} = "FancyIndexing NameWidth=* SuppressDescription"; -} -our $MinSpareServers = 2; -our $MaxSpareServers = 2; -our $StartServers = 2; -our $MaxClients = 3; -our $MaxRequestsPerChild; -$MaxRequestsPerChild = 6; # set to 0 as long as it turns off the SEGV - -if (1){ - for my $loc (qw( / )){ - $Location{$loc}{PerlInitHandler} = "Apache::Reload"; - } -} - -__END__ - - - - - - - -=cut - - - diff --git a/apache-conf/httpd.conf.pause.atk81 b/apache-conf/httpd.conf.pause.atk81 deleted file mode 100644 index 8fa90fc6c..000000000 --- a/apache-conf/httpd.conf.pause.atk81 +++ /dev/null @@ -1,232 +0,0 @@ -# -*- mode: cperl -*- - -# 1. Start the server with - -# /home/src/apache/apachebin/1.3.41/bin/httpd -f /home/k/dproj/PAUSE/GIT-ghub/apache-conf/httpd.conf.pause.atk81 - -# 2. SSLCacheServerPort etc. not needed for@home - -# 3. Servername, User, Group set them below - -# 4. mysql username and password: set them in PrivatePAUSE.pm - -ServerName k81.linux.bogus -HostnameLookups Off -User www-data -Group www-data -# DocumentRoot /home/src/www/apache/apachebin/1.3.37/htdocs/ -DocumentRoot /home/k/dproj/PAUSE/GIT-ghub/htdocs -Port 8406 - -Alias /munin /var/cache/munin/www - - Order allow,deny - Allow from localhost 127.0.0.0/8 ::1 - Options None - - # This file can be used as a .htaccess file, or a part of your apache - # config file. - # - # For the .htaccess file option to work the munin www directory - # (/var/cache/munin/www) must have "AllowOverride all" or something - # close to that set. - # - - # AuthUserFile /etc/munin/munin-htpasswd - # AuthName "Munin" - # AuthType Basic - # require valid-user - - # This next part requires mod_expires to be enabled. - # - - # Set the default expiration time for files to 5 minutes 10 seconds from - # their creation (modification) time. There are probably new files by - # that time. - # - - - ExpiresActive On - ExpiresDefault M310 - - - - - - - - # I believe, this is only for the hardly needed Apache::AuthzDBI in /perl/admin - PerlSetVar Auth_DBI_data_source dbi:mysql:authen_pause - PerlSetVar Auth_DBI_username root - # PerlSetVar Auth_DBI_password - PerlSetVar Auth_DBI_pwd_table usertable - PerlSetVar Auth_DBI_grp_table grouptable - PerlSetVar Auth_DBI_uid_field user - PerlSetVar Auth_DBI_grp_field ugroup - PerlSetVar Auth_DBI_pwd_field password - - PerlSetupEnv Off - - PerlSetVar ReloadAll Off - PerlSetVar ReloadDebug On - PerlSetVar ReloadModules "\ - PAUSE \ - PrivatePAUSE \ - pause_1999::authen_user \ - pause_1999::config \ - pause_1999::edit \ - pause_1999::fixup \ - pause_1999::layout \ - pause_1999::main \ - pause_1999::startform \ - pause_1999::usermenu \ - -" - - - - - -=head2 SEE ME - -A lone cut _starts_ pod - -CPerl-mode sees perl code after this =cut. - -I don't understand those indents, but they do no harm anyway... - -=cut - - - -#!perl - - BEGIN { - push @INC, "/home/k/PAUSE/lib"; - unshift @INC, "/home/k/dproj/PAUSE/GIT-ghub/lib", - "/home/k/dproj/PAUSE/GIT-ghub/privatelib"; # never use lib weil use - # lib immer ausserhalb der - # if/else wirkt - } - -# $debugging -my $debugging; -if (0 && Apache->define("PERL_DEBUG")) { - $debugging = 1; - require Apache::DB; - require 'Apache/perl5db.pl'; # this seems to be needed with - # 5.7.2@@14159, otherwise we get "No - # DB::DB routine defined at - # /usr/local/apache/lib/map_box/registry.pm - # line 3." - Apache::DB->init; -} - - -use Apache::Status; -# use Apache::DBI; -use strict; -our %Location; - -# $Location{"/"}{PerlSetupEnv} = "On"; - -# require CGI; - - -for my $loc (qw( /status )){ - $Location{$loc}{SetHandler} = "server-status"; -} -for my $loc (qw( /server-info )){ - $Location{$loc}{SetHandler} = "server-info"; -} -for my $loc (qw( /perl-status )){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "Apache::Status"; -} - -# if ($debugging) { -# $Location{$loc}{PerlFixupHandler} = "Apache::DB"; -# } - -my $pause = "/pause"; -if (1) { # /pause/ directory - require pause_1999::main; - - if (-f "/etc/PAUSE.CLOSED") { - my $loc = "/"; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - for my $loc ($pause){ - require pause_1999::fixup; - $Location{$loc}{PerlFixupHandler} = "pause_1999::fixup"; - } - $Location{"/"}{PerlFixupHandler} = "pause_1999::index"; - for my $loc ("$pause/query", "$pause/authenquery", "$pause/mimequery"){ - # note: mimequery is experimental and will go away again - if ($debugging) { - $Location{$loc}{PerlFixupHandler} = "Apache::DB"; - } - require pause_1999::config; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "pause_1999::config"; - } - for my $loc ( - "$pause/authenquery", - "$pause/mimequery", - "/perl/user", - "/perl/admin", - "/pub", - "/status", - "/server-info", - "/perl-status" - ){ - $Location{$loc}{PerlAuthenHandler} = "pause_1999::authen_user"; - $Location{$loc}{AuthName} = "PAUSE"; - $Location{$loc}{AuthType} = "Basic"; - $Location{$loc}{require} = "valid-user"; - } - $Location{"/perl/admin"}{PerlAuthzHandler} = "Apache::AuthzDBI"; - $Location{"/perl/admin"}{require} = ["group", "admin"]; - } -} - -for my $loc ( "/perl" ){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - if (-f "/etc/PAUSE.CLOSED") { - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - $Location{$loc}{PerlHandler} = "Apache::Registry"; - } -} - -for my $loc (qw(/pub /incoming)){ - $Location{$loc}{IndexOptions} = "FancyIndexing NameWidth=* SuppressDescription"; -} -our $MinSpareServers = 2; -our $MaxSpareServers = 2; -our $StartServers = 2; -our $MaxClients = 3; -our $MaxRequestsPerChild; -$MaxRequestsPerChild = 6; # set to 0 as long as it turns off the SEGV - -if (1){ - for my $loc (qw( / )){ - $Location{$loc}{PerlInitHandler} = "Apache::Reload"; - } -} - -__END__ - - - - - - - -=cut - - - diff --git a/apache-conf/httpsd.conf.pause b/apache-conf/httpsd.conf.pause deleted file mode 100644 index 02fd07820..000000000 --- a/apache-conf/httpsd.conf.pause +++ /dev/null @@ -1,397 +0,0 @@ -# -*- Mode: Cperl; -*- - -CoreDumpDirectory /usr/local/apache/cores - -ServerTokens ProductOnly - - - - -=pod - -CPerl-mode now sees POD sections till the first =cut. - - - -# $Id: httpsd.conf.pause,v 1.40 2002/07/18 21:42:39 k Exp k $ - -ServerName pause.perl.org -HostnameLookups Off -User nobody -Group www-data -BrowserMatch Mozilla/2 nokeepalive - -#ErrorLog logs/error_log -#TransferLog logs/access_log -# LogFormat "%h %l %u %t \"%r\" %s %b %P %T" -LogFormat "%h %l %u %t \"%r\" %s %b %P %p %T \"%{Referer}i\" \"%{User-Agent}i\" %{Host}i" - -#PidFile logs/httpd.pid -#ScoreBoardFile logs/apache_status -Timeout 240 -KeepAlive On -MaxKeepAliveRequests 100 -KeepAliveTimeout 2 - -AddType httpd/send-as-is asis -AddType text/html .shtml -AddHandler server-parsed .shtml - -UserDir disabled -UserDir enabled jwied - - - - - Port 8443 - Listen 8443 - SSLCacheServerPort 8112 - - - #Port 443 - #Listen 443 - SSLCacheServerPort 8111 - - - #### solution before cacert: #### - # next two lines may point to nonexisting files, it seems, but must be there - # SSLCACertificatePath /usr/local/ssl/demoCA/ - # SSLCACertificateFile /usr/local/ssl/demoCA/ttt.pem -# SSLCertificateFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem -# SSLCertificateKeyFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem - - #### solution after cacert: #### - # key (two hops) to /home/k/PAUSE/111_sensitive/apache-conf/pause.perl.org-xxx.key - # crt (two hops) to /home/k/PAUSE/111_sensitive/apache-conf/pause.perl.org-xxx.crt - # Then on pause: - # cd /home/k/PAUSE/111_sensitive/apache-conf/ - # ln -s -f cacert-class3.crt `openssl x509 -noout -hash < cacert-class3.crt`.0 - # ln -s -f cacert-root.crt `openssl x509 -noout -hash < cacert-root.crt`.0 - # ln -s -f pause.perl.org-xxx.crt `openssl x509 -noout -hash < pause.perl.org-xxx.crt`.0 - SSLCACertificatePath /home/k/pause/apache-conf/ - SSLCACertificateFile /home/k/pause/apache-conf/ssl.crt/rapidssl-intermediate.crt - SSLCertificateFile /home/k/pause/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt - SSLCertificateKeyFile /home/k/PAUSE/111_sensitive/apache-conf/pause.perl.org-20080519.key - - SSLVerifyClient 0 - SSLVerifyDepth 10 - SSLFakeBasicAuth - # SSLLogFile /tmp/ssl.log - CustomLog logs/ssl_log "%t %{version}c %{cipher}c %{clientcert}c" - - SSLCacheServerPath /usr/local/apache/bin/gcache - - SSLCacheServerPort 8112 - - SSLDisable - - - - SSLCacheServerPort 8111 - - SSLDisable - - deny from all - - - - SSLSessionCacheTimeout 360 - - - - - SSLEnable - - - - - SSLEnable - - - - - -#/dev/null !!! - -# access.conf -AccessConfig /dev/null - -# srm.conf -ResourceConfig /dev/null - -DefaultType text/plain - -ExtendedStatus On - -############################################## -# For all Apache::Registry stuff a common root -############################################## -Alias /perl/ /usr/local/apache/perl/ -Alias /incoming /home/ftp/incoming -Alias /pub/PAUSE /home/ftp/pub/PAUSE -############################################## - -############################################## -# For bugzilla -############################################## -AddHandler cgi-script .cgi -Alias /bugzilla/ /home/ldachary/webspace/ - - DirectoryIndex index.html - Options Indexes Includes ExecCGI - -# ScriptAlias /loicdemo/ /home/ldachary/webspace/ -# -# Options +ExecCGI -# -############################################## - - -############################################## -# For munin -############################################## -Alias /munin /var/cache/munin/www - - Options None - - ExpiresActive On - ExpiresDefault M310 - - -############################################## - - - - - - # I believe, this is only for the hardly needed Apache::AuthzDBI in /perl/admin - PerlSetVar Auth_DBI_data_source dbi:mysql:authen_pause - PerlSetVar Auth_DBI_username root - # PerlSetVar Auth_DBI_password - PerlSetVar Auth_DBI_pwd_table usertable - PerlSetVar Auth_DBI_grp_table grouptable - PerlSetVar Auth_DBI_uid_field user - PerlSetVar Auth_DBI_grp_field ugroup - PerlSetVar Auth_DBI_pwd_field password - - PerlSetupEnv Off - - PerlSetVar ReloadAll Off - PerlSetVar ReloadDebug Off - PerlSetVar ReloadModules "pause_1999::config \ - pause_1999::authen_user \ - pause_1999::edit \ - pause_1999::layout \ - pause_1999::main \ - pause_1999::message \ - pause_1999::speedlinkgif \ - pause_1999::startform \ - pause_1999::userstatus \ - PAUSE \ - PrivatePAUSE \ -" - - - - -=head2 SEE ME - -A lone cut _starts_ pod - -CPerl-mode sees perl code after this =cut. - -I don't understand those indents, but they do no harm anyway... - -=cut - - - -#!perl - - BEGIN { - push @INC, "/home/k/PAUSE/lib"; - } - -# $debugging -my $debugging; -if (Apache->define("PERL_DEBUG")) { - $debugging = 1; - require Apache::DB; - require 'Apache/perl5db.pl'; # this seems to be needed with - # 5.7.2@@14159, otherwise we get "No - # DB::DB routine defined at - # /usr/local/apache/lib/map_box/registry.pm - # line 3." - Apache::DB->init; -} - - -use strict; -use vars qw( - $AccessConfig - $BindAddress - $DefaultType - $DocumentRoot - $ErrorLog - $KeepAlive - $LanguagePriority - $Listen - $MaxClients - $MaxRequestsPerChild - $MaxSpareServers - $MinSpareServers - $PassEnv - $PerlChildInitHandler - $PerlPostReadRequestHandler - $PerlSetEnv - $PerlWarn - $PidFile - $Port - $ResourceConfig - $ScoreBoardFile - $ServerAdmin - $ServerRoot - $ServerType - $StartServers - $TransferLog - %Directory - %Location - @Alias - @ScriptAlias - @PerlSetEnv -); - -# $Location{"/"}{PerlSetupEnv} = "On"; - -$ServerRoot = "/usr/local/apache"; -$DocumentRoot = "/usr/local/apache/htdocs"; -$ServerType = "standalone"; -$PerlWarn = "On"; - -my $SWITCH8000 = Apache->define("SWITCH8000"); - -my $ext = $SWITCH8000 ? ".8000" : ""; -$ErrorLog = "logs/error_log$ext"; -$TransferLog = "logs/access_log$ext"; -$PidFile = "logs/httpd.pid$ext"; -$ScoreBoardFile = "logs/apache_status$ext"; - -my $ord_port = $SWITCH8000 ? 8000 : 81; # must change also: _default_:81 above -$Port = $ord_port; -$Listen = $ord_port; -$BindAddress = undef; - -# require CGI; - -use BSD::Resource (); -Apache->push_handlers(PerlChildInitHandler => sub { - #BSD::Resource::setrlimit(BSD::Resource::RLIMIT_CPU(), - # 60*10, 60*10); - #BSD::Resource::setrlimit(BSD::Resource::RLIMIT_DATA(), - # 40*1024*1024, 40*1024*1024); - BSD::Resource::setrlimit(BSD::Resource::RLIMIT_CORE(), - 40*1024*1024, 40*1024*1024); - }); - -for my $loc (qw( /status )){ - $Location{$loc}{SetHandler} = "server-status"; -} -for my $loc (qw( /server-info )){ - $Location{$loc}{SetHandler} = "server-info"; -} - -my $pause = "/pause"; -if (1) { # /pause/ directory - require pause_1999::main; - - if (-f "/etc/PAUSE.CLOSED") { - my $loc = "/"; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - for my $loc ($pause){ - require pause_1999::fixup; - $Location{$loc}{PerlFixupHandler} = "pause_1999::fixup"; - } - $Location{"/"}{PerlFixupHandler} = "pause_1999::index"; - for my $loc ("$pause/query", "$pause/authenquery", "$pause/mimequery"){ - # note: mimequery is experimental and will go away again - if ($debugging) { - $Location{$loc}{PerlFixupHandler} = "Apache::DB"; - } - require pause_1999::config; - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{PerlHandler} = "pause_1999::config"; - } - for my $loc ( - "$pause/authenquery", - "$pause/mimequery", - "/perl/user", - "/perl/admin", - "/pub", - "/status", - "/server-info", - "/munin", - ){ - $Location{$loc}{PerlAuthenHandler} = "pause_1999::authen_user"; - $Location{$loc}{AuthName} = "PAUSE"; - $Location{$loc}{AuthType} = "Basic"; - $Location{$loc}{require} = "valid-user"; - } - $Location{"/perl/admin"}{PerlAuthzHandler} = "Apache::AuthzDBI"; - $Location{"/perl/admin"}{require} = ["group", "admin"]; - } -} - -for my $loc ( "/perl" ){ - $Location{$loc}{SetHandler} = "perl-script"; - $Location{$loc}{Options} = "ExecCGI"; - if (-f "/etc/PAUSE.CLOSED") { - $Location{$loc}{PerlHandler} = "perl_pause::disabled2"; - } else { - $Location{$loc}{PerlHandler} = "Apache::Registry"; - } -} - -for my $loc (qw(/pub /incoming)){ - $Location{$loc}{IndexOptions} = "FancyIndexing NameWidth=* SuppressDescription"; -} -$MinSpareServers = 4; -$MaxSpareServers = 12; -$StartServers = 4; -$MaxClients = 12; -if (Apache->define("ONE_PROCESS")) { - $MaxRequestsPerChild = 1; # 1: I want to see the SEGV -} else { - $MaxRequestsPerChild = 100; # set to 0 as long as it turns off the SEGV -} -if ($SWITCH8000) { - $MinSpareServers = - $MaxSpareServers = - $StartServers = - $MaxClients = 2; - $KeepAlive = "Off"; - $MaxRequestsPerChild = 0; -} -$ServerAdmin = 'andk@cpan.org'; - -if (1){ - for my $loc (qw( /pause )){ - $Location{$loc}{PerlInitHandler} = "Apache::Reload"; - } -} - - -__END__ - - - - - - - -=cut - - - diff --git a/apache-conf/mime.types b/apache-conf/mime.types deleted file mode 100644 index 1cc8de69e..000000000 --- a/apache-conf/mime.types +++ /dev/null @@ -1,100 +0,0 @@ -# This is a comment. I love comments. - -application/activemessage -application/andrew-inset -application/applefile -application/atomicmail -application/dca-rft -application/dec-dx -application/mac-binhex40 hqx -application/mac-compactpro cpt -application/macwriteii -application/msword doc -application/news-message-id -application/news-transmission -application/octet-stream bin dms lha lzh exe class -application/oda oda -application/pdf pdf -application/postscript ai eps ps -application/powerpoint ppt -application/remote-printing -application/rtf rtf -application/slate -application/wita -application/wordperfect5.1 -application/x-bcpio bcpio -application/x-cdlink vcd -application/x-compress -application/x-cpio cpio -application/x-csh csh -application/x-director dcr dir dxr -application/x-dvi dvi -application/x-gtar gtar -application/x-gzip -application/x-hdf hdf -application/x-javascript js -application/x-koan skp skd skt skm -application/x-latex latex -application/x-mif mif -application/x-netcdf nc cdf -application/x-sh sh -application/x-shar shar -application/x-stuffit sit -application/x-sv4cpio sv4cpio -application/x-sv4crc sv4crc -application/x-tar tar -application/x-tcl tcl -application/x-tex tex -application/x-texinfo texinfo texi -application/x-troff t tr roff -application/x-troff-man man -application/x-troff-me me -application/x-troff-ms ms -application/x-ustar ustar -application/x-wais-source src -application/zip zip -audio/basic au snd -audio/midi mid midi kar -audio/mpeg mpga mp2 -audio/x-aiff aif aiff aifc -audio/x-pn-realaudio ram -audio/x-pn-realaudio-plugin rpm -audio/x-realaudio ra -audio/x-wav wav -chemical/x-pdb pdb xyz -image/gif gif -image/ief ief -image/jpeg jpeg jpg jpe -image/png png -image/tiff tiff tif -image/x-cmu-raster ras -image/x-portable-anymap pnm -image/x-portable-bitmap pbm -image/x-portable-graymap pgm -image/x-portable-pixmap ppm -image/x-rgb rgb -image/x-xbitmap xbm -image/x-xpixmap xpm -image/x-xwindowdump xwd -message/external-body -message/news -message/partial -message/rfc822 -multipart/alternative -multipart/appledouble -multipart/digest -multipart/mixed -multipart/parallel -text/css css -text/html html htm -text/plain txt -text/richtext rtx -text/tab-separated-values tsv -text/x-setext etx -text/x-sgml sgml sgm -video/mpeg mpeg mpg mpe -video/quicktime qt mov -video/x-msvideo avi -video/x-sgi-movie movie -x-conference/x-cooltalk ice -x-world/x-vrml wrl vrml diff --git a/apache-conf/pause.sslcnf b/apache-conf/pause.sslcnf deleted file mode 100644 index ed6946d0e..000000000 --- a/apache-conf/pause.sslcnf +++ /dev/null @@ -1,47 +0,0 @@ -[ req ] -default_bits = 1024 -# default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = de -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Berlin - -localityName = Locality Name (eg, city) -localityName_default = Berlin - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = Perl Authors Upload Server - -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = Webserver 2003-2008 - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 -commonName_default = pause.perl.org - -emailAddress = Email Address -emailAddress_max = 64 -emailAddress_default = andreas.koenig@anima.de - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ x509v3_extensions ] - -nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem -nsComment = "This is a comment" - -# under ASN.1, the 0 bit would be encoded as 80 -nsCertType = 0x40 - diff --git a/apache-conf/ssl.cnf/pause.perl.org.cnf b/apache-conf/ssl.cnf/pause.perl.org.cnf deleted file mode 100644 index 4eeaa28db..000000000 --- a/apache-conf/ssl.cnf/pause.perl.org.cnf +++ /dev/null @@ -1,50 +0,0 @@ -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -attributes = req_attributes -req_extensions = v3_req - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = de -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Berlin - -localityName = Locality Name (eg, city) -localityName_default = Berlin - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = cacert ignores this--ak - -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = cacert ignores this--ak - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 -commonName_default = pause.perl.org - -emailAddress = Email Address -emailAddress_max = 64 -emailAddress_default = andreas.koenig.7os6VVqR@franz.ak.mind.de - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ v3_req ] -# 2010 Robert sent them the old CSR again (intentionally), not this one -subjectAltName = DNS:pause.perl.org, DNS:pause.cpan.org - -[ x509v3_extensions ] - -nsCaRevocationUrl = http://hmmm.hmmm/ -nsComment = "This is a comment" - -# under ASN.1, the 0 bit would be encoded as 80 -nsCertType = 0x40 diff --git a/apache-conf/ssl.cnf/rapidssl.pause.perl.org.cnf b/apache-conf/ssl.cnf/rapidssl.pause.perl.org.cnf deleted file mode 100644 index 14b65f805..000000000 --- a/apache-conf/ssl.cnf/rapidssl.pause.perl.org.cnf +++ /dev/null @@ -1,52 +0,0 @@ -[ req ] -default_bits = 2048 -distinguished_name = req_distinguished_name -attributes = req_attributes -req_extensions = v3_req - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = DE -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Berlin - -localityName = Locality Name (eg, city) -localityName_default = Berlin - -0.organizationName = Organization Name (eg, company) -# cacert ignores this--ak -0.organizationName_default = - -organizationalUnitName = Organizational Unit Name (eg, section) -# cacert ignores this--ak -organizationalUnitName_default = - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 -commonName_default = pause.perl.org - -emailAddress = Email Address -emailAddress_max = 64 -emailAddress_default = andreas.koenig.7os6VVqR@franz.ak.mind.de - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ v3_req ] -# 2010 Robert sent them the old CSR again (intentionally), not this one -subjectAltName = DNS:pause.perl.org, DNS:pause.cpan.org - -[ x509v3_extensions ] - -nsCaRevocationUrl = http://hmmm.hmmm/ -nsComment = "This is a comment" - -# under ASN.1, the 0 bit would be encoded as 80 -nsCertType = 0x40 diff --git a/apache-conf/ssl.crt/Makefile b/apache-conf/ssl.crt/Makefile deleted file mode 100644 index e9c1c649c..000000000 --- a/apache-conf/ssl.crt/Makefile +++ /dev/null @@ -1,4 +0,0 @@ -rapidssl: rapidssl.pause.perl.org.crt+chain - -rapidssl.pause.perl.org.crt+chain: rapidssl.pause.perl.org.crt rapidssl-intermediate.crt - cat rapidssl.pause.perl.org.crt rapidssl-intermediate.crt > $@ diff --git a/apache-conf/ssl.crt/cacert-class3.crt b/apache-conf/ssl.crt/cacert-class3.crt deleted file mode 100644 index 35e2689d9..000000000 --- a/apache-conf/ssl.crt/cacert-class3.crt +++ /dev/null @@ -1,35 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS -BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v -cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9 -4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB -Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J -0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ -FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx -bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q -SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb -6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV -m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g -eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG -kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7 -6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG -CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc -aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB -gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w -aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6 -tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0 -nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M -77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV -Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L -ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM -zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU -rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF -YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT -oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu -FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB -0m6lG5kngOcLqagA ------END CERTIFICATE----- diff --git a/apache-conf/ssl.crt/cacert-root.crt b/apache-conf/ssl.crt/cacert-root.crt deleted file mode 100644 index e7dfc8294..000000000 --- a/apache-conf/ssl.crt/cacert-root.crt +++ /dev/null @@ -1,41 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD ------END CERTIFICATE----- diff --git a/apache-conf/ssl.crt/pause.perl.org.crt b/apache-conf/ssl.crt/pause.perl.org.crt deleted file mode 100644 index 58ad1d3be..000000000 --- a/apache-conf/ssl.crt/pause.perl.org.crt +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE2zCCAsOgAwIBAgIDAKlxMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB -Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV -BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTAwNTExMjIxODM2WhcNMTIwNTEw -MjIxODM2WjAZMRcwFQYDVQQDEw5wYXVzZS5wZXJsLm9yZzCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAMqVVxn4n6IX73X/AHMnyWXDjHh7DODfW7cI7jg4 -9JAzVR9Qk1qLy9ehkKT88ZZ5i1zA/oQM6keX3U2pyp/ObWD1tMzDuasAKKULS7b/ -+bHKcWa45JHgOEJLWXx1WtkkNFziHtBrQsIaRr/VRuRko8qtUASgl+McUtqTxhYt -UA/h7OJzbamBGhBzltzp3dL6zuvVPeQbk5L/f0gMwd8qVtyjEGmC7X5IQIyKtYOX -pFUWj5JlbeLE6NvuTwEzBs/Vk7axJ4PAEBKpHWcfEysOZcqfdFprkh3PVagnbUeD -6JYOSPTD6/3lkGh8oaYPMBS611/+NCTyOM7Wkaoxv3KWXlUCAwEAAaOB8DCB7TAM -BgNVHRMBAf8EAjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEFBQcDAQYJYIZI -AYb4QgQBBgorBgEEAYI3CgMDMAsGA1UdDwQEAwIFoDAzBggrBgEFBQcBAQQnMCUw -IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMGUGA1UdEQReMFyC -DnBhdXNlLnBlcmwub3JnoBwGCCsGAQUFBwgFoBAMDnBhdXNlLnBlcmwub3Jngg5w -YXVzZS5jcGFuLm9yZ6AcBggrBgEFBQcIBaAQDA5wYXVzZS5jcGFuLm9yZzANBgkq -hkiG9w0BAQUFAAOCAgEAibodOH+hkFsnemLGcen8vHa6UGKCPr6gMgkKQ1KAZNrL -1pL0gFEFk7kVuhiXVPUy5YyS0gEJbZIVA2Xmj9MtO+rwJnDFzH4wkKuOda4fRUbQ -nX5pjlGYkNkb0gI007JvBhXuBHYfxUNBf/dgWlYvH+Alf6QwYmgTJPgAL+XMm8+7 -omS7LJwycRvMuiGK6JnxnoMeZogD4KpuqS8ZF/zMLmAcD9j148kAgNfIjGG0Us5U -RyObeF2vo7fKwifrq59OEh1O3aLNaMuk/mV+twfWjAq5xxadyw0A2/w0AMBTOW7p -+ZqSoPooF9kT2coCXIJNEb+WDM55LO5KHwZfA78pDhbZnDFoWX4985v2mA++tyV6 -CN0RCcYJaD9fDKrllHmD1nm6tiUUN3qBaYIErWRjyctBLde+7ditVW+tfQ9o5nGY -wTC7Igdboh7xs2qHnQ8g6ZZzPFt2AAAS+d8+EPph0/kWoG+uFQ2yoO3E3kUK9M3+ -KbotpyGSz6Rw/ClA623T27yiiSAK/vAVAb8qrEAXI+L4AYOFmBg7MXDzK+G0C/a6 -iBrPU3Jcj8/7k4dWIqTm82FWEd1JP20FOTLYVVSv1VP52ogv20cXXxSanlM4+kF5 -IgfCOQgHImLJwZ+2liNA4H7WIJQpKMa5B6765w7356jU2Lg3NevRQgqpwc5ntHs= ------END CERTIFICATE----- diff --git a/apache-conf/ssl.crt/rapidssl-intermediate.crt b/apache-conf/ssl.crt/rapidssl-intermediate.crt deleted file mode 100644 index 71af595ee..000000000 --- a/apache-conf/ssl.crt/rapidssl-intermediate.crt +++ /dev/null @@ -1,23 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID1TCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG -EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM -IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0 -l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e -6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb -ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8 -N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5 -HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd -gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC -St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w -EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js -Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw -JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B -AQUFAAOCAQEAq7y8Cl0YlOPBscOoTFXWvrSY8e48HM3P8yQkXJYDJ1j8Nq6iL4/x -/torAsMzvcjdSCIrYA+lAxD9d/jQ7ZZnT/3qRyBwVNypDFV+4ZYlitm12ldKvo2O -SUNjpWxOJ4cl61tt/qJ/OCjgNqutOaWlYsS3XFgsql0BYKZiZ6PAx2Ij9OdsRu61 -04BqIhPSLT90T+qvjF+0OJzbrs6vhB6m9jRRWXnT43XcvNfzc9+S7NIgWW+c+5X4 -knYYCnwPLKbK3opie9jzzl9ovY8+wXS7FXI6FoOpC+ZNmZzYV+yoAVHHb1c0XqtK -LEL2TxyJeN4mTvVvk0wVaydWTQBUbHq3tw== ------END CERTIFICATE----- diff --git a/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt b/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt deleted file mode 100644 index 0e1379b95..000000000 --- a/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEyzCCA7OgAwIBAgIDBIIiMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew -HhcNMTExMjIxMTczMTEwWhcNMTYxMjIzMTA0NzEzWjCB4zEpMCcGA1UEBRMgSzZS -MkdQNG5oMzdncmxsSm05UFpsUW0wU1Mtb1NOWjQxCzAJBgNVBAYTAkRFMRcwFQYD -VQQKEw5wYXVzZS5wZXJsLm9yZzETMBEGA1UECxMKR1QzODYxMTQ5NTExMC8GA1UE -CxMoU2VlIHd3dy5yYXBpZHNzbC5jb20vcmVzb3VyY2VzL2NwcyAoYykxMTEvMC0G -A1UECxMmRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUmFwaWRTU0woUikxFzAV -BgNVBAMTDnBhdXNlLnBlcmwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAypVXGfifohfvdf8AcyfJZcOMeHsM4N9btwjuODj0kDNVH1CTWovL16GQ -pPzxlnmLXMD+hAzqR5fdTanKn85tYPW0zMO5qwAopQtLtv/5scpxZrjkkeA4QktZ -fHVa2SQ0XOIe0GtCwhpGv9VG5GSjyq1QBKCX4xxS2pPGFi1QD+Hs4nNtqYEaEHOW -3Ond0vrO69U95BuTkv9/SAzB3ypW3KMQaYLtfkhAjIq1g5ekVRaPkmVt4sTo2+5P -ATMGz9WTtrEng8AQEqkdZx8TKw5lyp90WmuSHc9VqCdtR4Polg5I9MPr/eWQaHyh -pg8wFLrXX/40JPI4ztaRqjG/cpZeVQIDAQABo4IBLDCCASgwHwYDVR0jBBgwFoAU -a2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG -CCsGAQUFBwMBBggrBgEFBQcDAjAZBgNVHREEEjAQgg5wYXVzZS5wZXJsLm9yZzBD -BgNVHR8EPDA6MDigNqA0hjJodHRwOi8vcmFwaWRzc2wtY3JsLmdlb3RydXN0LmNv -bS9jcmxzL3JhcGlkc3NsLmNybDAdBgNVHQ4EFgQUeP6zi6G2Gg5maEmPIsUPKLlc -6VAwDAYDVR0TAQH/BAIwADBJBggrBgEFBQcBAQQ9MDswOQYIKwYBBQUHMAKGLWh0 -dHA6Ly9yYXBpZHNzbC1haWEuZ2VvdHJ1c3QuY29tL3JhcGlkc3NsLmNydDANBgkq -hkiG9w0BAQUFAAOCAQEApaxoWe+u/eeNqMcqSRbrBT7hF7qHgWOjOw4Uz6D9pXyQ -95Ug/7Omp4Rv7R0QC6zzOrXu0E++nrkoLXB3G8WcocYQeXY6OTm05Awbp7+YmDl0 -Y6va6OWadAv87OXrcMjT7dARjwDjDQk7sRnNgMavHgbgF8/wuEvth3ajaOFOq/0Q -MsTha80CGHXiU/7hPXPv2wR3L8aP/PQFCR8V1dI0iLhDIrwC5YRpEi4cpgpSlkMB -2y7/lLcyuRI+iF2VtJsdigyDxKDzLMuUdfg2hDcItgWYPDFhiPnusKoIjbNBAcXh -GUdX+10alYxWUygs9BAcBOP4lyC4wkW38SNSCXcVrw== ------END CERTIFICATE----- diff --git a/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt+chain b/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt+chain deleted file mode 100644 index 6057002c3..000000000 --- a/apache-conf/ssl.crt/rapidssl.pause.perl.org.crt+chain +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEyzCCA7OgAwIBAgIDBIIiMA0GCSqGSIb3DQEBBQUAMDwxCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5HZW9UcnVzdCwgSW5jLjEUMBIGA1UEAxMLUmFwaWRTU0wgQ0Ew -HhcNMTExMjIxMTczMTEwWhcNMTYxMjIzMTA0NzEzWjCB4zEpMCcGA1UEBRMgSzZS -MkdQNG5oMzdncmxsSm05UFpsUW0wU1Mtb1NOWjQxCzAJBgNVBAYTAkRFMRcwFQYD -VQQKEw5wYXVzZS5wZXJsLm9yZzETMBEGA1UECxMKR1QzODYxMTQ5NTExMC8GA1UE -CxMoU2VlIHd3dy5yYXBpZHNzbC5jb20vcmVzb3VyY2VzL2NwcyAoYykxMTEvMC0G -A1UECxMmRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUmFwaWRTU0woUikxFzAV -BgNVBAMTDnBhdXNlLnBlcmwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEAypVXGfifohfvdf8AcyfJZcOMeHsM4N9btwjuODj0kDNVH1CTWovL16GQ -pPzxlnmLXMD+hAzqR5fdTanKn85tYPW0zMO5qwAopQtLtv/5scpxZrjkkeA4QktZ -fHVa2SQ0XOIe0GtCwhpGv9VG5GSjyq1QBKCX4xxS2pPGFi1QD+Hs4nNtqYEaEHOW -3Ond0vrO69U95BuTkv9/SAzB3ypW3KMQaYLtfkhAjIq1g5ekVRaPkmVt4sTo2+5P -ATMGz9WTtrEng8AQEqkdZx8TKw5lyp90WmuSHc9VqCdtR4Polg5I9MPr/eWQaHyh -pg8wFLrXX/40JPI4ztaRqjG/cpZeVQIDAQABo4IBLDCCASgwHwYDVR0jBBgwFoAU -a2k9ahhCSt2PAmU5/TUkhniRFjAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG -CCsGAQUFBwMBBggrBgEFBQcDAjAZBgNVHREEEjAQgg5wYXVzZS5wZXJsLm9yZzBD -BgNVHR8EPDA6MDigNqA0hjJodHRwOi8vcmFwaWRzc2wtY3JsLmdlb3RydXN0LmNv -bS9jcmxzL3JhcGlkc3NsLmNybDAdBgNVHQ4EFgQUeP6zi6G2Gg5maEmPIsUPKLlc -6VAwDAYDVR0TAQH/BAIwADBJBggrBgEFBQcBAQQ9MDswOQYIKwYBBQUHMAKGLWh0 -dHA6Ly9yYXBpZHNzbC1haWEuZ2VvdHJ1c3QuY29tL3JhcGlkc3NsLmNydDANBgkq -hkiG9w0BAQUFAAOCAQEApaxoWe+u/eeNqMcqSRbrBT7hF7qHgWOjOw4Uz6D9pXyQ -95Ug/7Omp4Rv7R0QC6zzOrXu0E++nrkoLXB3G8WcocYQeXY6OTm05Awbp7+YmDl0 -Y6va6OWadAv87OXrcMjT7dARjwDjDQk7sRnNgMavHgbgF8/wuEvth3ajaOFOq/0Q -MsTha80CGHXiU/7hPXPv2wR3L8aP/PQFCR8V1dI0iLhDIrwC5YRpEi4cpgpSlkMB -2y7/lLcyuRI+iF2VtJsdigyDxKDzLMuUdfg2hDcItgWYPDFhiPnusKoIjbNBAcXh -GUdX+10alYxWUygs9BAcBOP4lyC4wkW38SNSCXcVrw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIID1TCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG -EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM -IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0 -l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e -6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb -ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8 -N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5 -HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd -gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC -St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w -EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js -Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw -JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTANBgkqhkiG9w0B -AQUFAAOCAQEAq7y8Cl0YlOPBscOoTFXWvrSY8e48HM3P8yQkXJYDJ1j8Nq6iL4/x -/torAsMzvcjdSCIrYA+lAxD9d/jQ7ZZnT/3qRyBwVNypDFV+4ZYlitm12ldKvo2O -SUNjpWxOJ4cl61tt/qJ/OCjgNqutOaWlYsS3XFgsql0BYKZiZ6PAx2Ij9OdsRu61 -04BqIhPSLT90T+qvjF+0OJzbrs6vhB6m9jRRWXnT43XcvNfzc9+S7NIgWW+c+5X4 -knYYCnwPLKbK3opie9jzzl9ovY8+wXS7FXI6FoOpC+ZNmZzYV+yoAVHHb1c0XqtK -LEL2TxyJeN4mTvVvk0wVaydWTQBUbHq3tw== ------END CERTIFICATE----- diff --git a/apache-conf/ssl.csr/pause.perl.org.csr b/apache-conf/ssl.csr/pause.perl.org.csr deleted file mode 100644 index 880474347..000000000 --- a/apache-conf/ssl.csr/pause.perl.org.csr +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIDQTCCAikCAQAwgb8xCzAJBgNVBAYTAmRlMQ8wDQYDVQQIEwZCZXJsaW4xDzAN -BgNVBAcTBkJlcmxpbjEjMCEGA1UEChMaUGVybCBBdXRob3JzIFVwbG9hZCBTZXJ2 -ZXIxFzAVBgNVBAsTDldlYnNlcnZlciAyMDEwMRcwFQYDVQQDEw5wYXVzZS5wZXJs -Lm9yZzE3MDUGCSqGSIb3DQEJARYoYW5kcmVhcy5rb2VuaWcuN29zNlZWcVJAZnJh -bnouYWsubWluZC5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMqV -Vxn4n6IX73X/AHMnyWXDjHh7DODfW7cI7jg49JAzVR9Qk1qLy9ehkKT88ZZ5i1zA -/oQM6keX3U2pyp/ObWD1tMzDuasAKKULS7b/+bHKcWa45JHgOEJLWXx1WtkkNFzi -HtBrQsIaRr/VRuRko8qtUASgl+McUtqTxhYtUA/h7OJzbamBGhBzltzp3dL6zuvV -PeQbk5L/f0gMwd8qVtyjEGmC7X5IQIyKtYOXpFUWj5JlbeLE6NvuTwEzBs/Vk7ax -J4PAEBKpHWcfEysOZcqfdFprkh3PVagnbUeD6JYOSPTD6/3lkGh8oaYPMBS611/+ -NCTyOM7Wkaoxv3KWXlUCAwEAAaA8MDoGCSqGSIb3DQEJDjEtMCswKQYDVR0RBCIw -IIIOcGF1c2UucGVybC5vcmeCDnBhdXNlLmNwYW4ub3JnMA0GCSqGSIb3DQEBBQUA -A4IBAQAeoFd3tGZ9qRavQhtu91NNOdjg58ITScHKOMwzlqa3s10pHOclZ/gvBEMz -6WQjPy4Y1H1VXTTvB1+orpoSddv8rtubzu6Xl+xZlC7LJ/tQF4C/kHtkvrbSPADX -wDEz2jrXD2OzQGh81nQdKrgavgl/bEgvHbX/K2C/GurrMxcyzPcIjpr9nBstcFj3 -8xwRloy2g1PiSEKNi2HC83IVR5cAkTQpk0hpXopT3TDgMRGaJiDeTUhcLcqnZhYR -UdT/0Aau9uo6/05GvfhdZcY4yLGGBlGlh9kLwb9S3v2TSSE+3eSZXf7k+/A6iseb -rBCAZZeqH2f5aZal+nTDBDtwvaUx ------END CERTIFICATE REQUEST----- diff --git a/apache-conf/ssl.csr/rapidssl.pause.perl.org.csr b/apache-conf/ssl.csr/rapidssl.pause.perl.org.csr deleted file mode 100644 index d7baafed5..000000000 --- a/apache-conf/ssl.csr/rapidssl.pause.perl.org.csr +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIDAzCCAesCAQAwgYExCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzAN -BgNVBAcTBkJlcmxpbjEXMBUGA1UEAxMOcGF1c2UucGVybC5vcmcxNzA1BgkqhkiG -9w0BCQEWKGFuZHJlYXMua29lbmlnLjdvczZWVnFSQGZyYW56LmFrLm1pbmQuZGUw -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKlVcZ+J+iF+91/wBzJ8ll -w4x4ewzg31u3CO44OPSQM1UfUJNai8vXoZCk/PGWeYtcwP6EDOpHl91Nqcqfzm1g -9bTMw7mrACilC0u2//mxynFmuOSR4DhCS1l8dVrZJDRc4h7Qa0LCGka/1UbkZKPK -rVAEoJfjHFLak8YWLVAP4ezic22pgRoQc5bc6d3S+s7r1T3kG5OS/39IDMHfKlbc -oxBpgu1+SECMirWDl6RVFo+SZW3ixOjb7k8BMwbP1ZO2sSeDwBASqR1nHxMrDmXK -n3Raa5Idz1WoJ21Hg+iWDkj0w+v95ZBofKGmDzAUutdf/jQk8jjO1pGqMb9yll5V -AgMBAAGgPDA6BgkqhkiG9w0BCQ4xLTArMCkGA1UdEQQiMCCCDnBhdXNlLnBlcmwu -b3Jngg5wYXVzZS5jcGFuLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAra1BOenAAx0i -jwHEvbMVyVLAOwEnYBLGhEb4uUXrqyAUSTPnoiC5MSa95GvK6nC6GRPslOqy/fj4 -M8jG1cR/yf4Etbz01DEV5qsHhhV0y3EMaDFC0+a04mGQrTeIj3Q5qcphE4S9R0iN -yMd+iYY17GVgc07+u4/9wHGZbCSwZSr8xoEQA8iJLPxQcRjO9T7UIO6iVJ/J8uID -S+jqSe9TaGIJjGskgHnsEs6jYWu9VEnMmirpFQ1GOo6Tyftp/yD1E8oKGBoXElCZ -BlRVY/W/ioVVP0+zIy/RXp/bEb+vJqZiRtTfareaC4G8HMwdATnnP17Frxn4nWn0 -w0ls60YVDw== ------END CERTIFICATE REQUEST----- diff --git a/apache-perl/user/tail_log b/apache-perl/user/tail_log deleted file mode 100755 index fb7188314..000000000 --- a/apache-perl/user/tail_log +++ /dev/null @@ -1,25 +0,0 @@ -# -*- mode: cperl -*- - -use strict; -use lib "/home/k/PAUSE/lib"; - -use IO::File (); -use PAUSE (); - -my $r; -$r = Apache->request; -$r->content_type("text/plain"); -$r->send_http_header; - -my($offset) = $r->path_info =~ /(\d+)/; -$offset ||= 2000; - -my $fh = IO::File->new; -my($file) = $PAUSE::Config->{PAUSE_LOG}; -$fh->open($file) or die $!; -$fh->seek(- $offset,2); -local($/); -$/ = "\n"; -<$fh>; -$/ = undef; -$r->print(<$fh>); diff --git a/apache-perl/who_is b/apache-perl/who_is deleted file mode 100755 index 278842126..000000000 --- a/apache-perl/who_is +++ /dev/null @@ -1,17 +0,0 @@ -# -*- mode: cperl -*- - -use strict; -use warnings; - -use Apache::Constants (); -use Apache::Request; - -my $r = shift; -my $req = Apache::Request->new($r); -my $proto = $r->server->port == 443 ? "https" : "http"; -my @query = "ACTION=who_is"; -local $" = ";"; -$r->header_out("Location","$proto://pause.kbx.de/pause/query?@query");; -$r->status(Apache::Constants::MOVED()); -$r->send_http_header; -return Apache::Constants::MOVED(); diff --git a/apache-svn-conf/default-site.conf b/apache-svn-conf/default-site.conf deleted file mode 100644 index cf739519b..000000000 --- a/apache-svn-conf/default-site.conf +++ /dev/null @@ -1,98 +0,0 @@ -NameVirtualHost *:5459 - - - SSLEngine off - ServerAdmin webmaster@localhost - DocumentRoot "/home/SVN/htdocs" - - Options FollowSymLinks - AllowOverride None - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - # This directive allows us to have apache2's default start page - # in /apache2-default/, but still have / go to the right place - RedirectMatch ^/$ /apache2-default/ - - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access.log combined - ServerSignature On - - - DAV svn - SVNPath /home/SVN/repos/pause - AuthType Basic - AuthName "Subversion repository" - AuthUserFile /home/k/PAUSE/111_sensitive/apache-svn-conf/passwd.pause - - Order deny,allow - Deny from all - Allow from 127.0.0.1 - Require valid-user - - - - DAV svn - SVNPath /home/SVN/repos/cpanpm - AuthType Basic - AuthName "CPAN.pm repository closed! About to move to github." - AuthUserFile /home/k/PAUSE/111_sensitive/apache-svn-conf/passwd.cpanpm - - Order deny,allow - Deny from all - Allow from 127.0.0.1 - Require valid-user - - - - ServerAdmin webmaster@localhost - - DocumentRoot /var/www/ - - Options FollowSymLinks - AllowOverride None - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - # This directive allows us to have apache2's default start page - # in /apache2-default/, but still have / go to the right place - RedirectMatch ^/$ /apache2-default/ - - - ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ - - AllowOverride None - Options ExecCGI -MultiViews +SymLinksIfOwnerMatch - Order allow,deny - Allow from all - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access.log combined - ServerSignature On - - Alias /doc/ "/usr/share/doc/" - - Options Indexes MultiViews FollowSymLinks - AllowOverride None - Order deny,allow - Deny from all - Allow from 127.0.0.0/255.0.0.0 ::1/128 - - - diff --git a/apache-svn-conf/httpd.conf b/apache-svn-conf/httpd.conf deleted file mode 100644 index 1e6a9eda2..000000000 --- a/apache-svn-conf/httpd.conf +++ /dev/null @@ -1,396 +0,0 @@ -# Based upon the NCSA server configuration files originally by Rob McCool. -# Changed extensively for the Debian package by Daniel Stone -# and also by Thom May . - -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# NOTE! If you intend to place this on an NFS (or otherwise network) -# mounted filesystem then please read the LockFile documentation -# (available at ); -# you will save yourself a lot of trouble. -# -# Do NOT add a slash at the end of the directory path. -# -ServerRoot "/home/SVN/local/subversion" - -# The LockFile directive sets the path to the lockfile used when Apache -# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or -# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at -# its default value. The main reason for changing it is if the logs -# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL -# DISK. The PID of the main server process is automatically appended to -# the filename. - -LockFile /var/lock/apache2/accept.lock - -# PidFile: The file in which the server should record its process -# identification number when it starts. - -PidFile /var/run/apache2.pid - -# Timeout: The number of seconds before receives and sends time out. - -Timeout 300 - -# KeepAlive: Whether or not to allow persistent connections (more than -# one request per connection). Set to "Off" to deactivate. - -KeepAlive On - -# MaxKeepAliveRequests: The maximum number of requests to allow -# during a persistent connection. Set to 0 to allow an unlimited amount. -# We recommend you leave this number high, for maximum performance. - -MaxKeepAliveRequests 100 - -# KeepAliveTimeout: Number of seconds to wait for the next request from the -# same client on the same connection. - -KeepAliveTimeout 1 - -## -## Server-Pool Size Regulation (MPM specific) -## - -# prefork MPM -# StartServers ......... number of server processes to start -# MinSpareServers ...... minimum number of server processes which are kept spare -# MaxSpareServers ...... maximum number of server processes which are kept spare -# MaxClients ........... maximum number of server processes allowed to start -# MaxRequestsPerChild .. maximum number of requests a server process serves - -StartServers 1 -MinSpareServers 1 -MaxSpareServers 2 -MaxClients 2 -MaxRequestsPerChild 10 - - -# pthread MPM -# StartServers ......... initial number of server processes to start -# MaxClients ........... maximum number of server processes allowed to start -# MinSpareThreads ...... minimum number of worker threads which are kept spare -# MaxSpareThreads ...... maximum number of worker threads which are kept spare -# ThreadsPerChild ...... constant number of worker threads in each server process -# MaxRequestsPerChild .. maximum number of requests a server process serves - -StartServers 2 -MaxClients 150 -MinSpareThreads 25 -MaxSpareThreads 75 -ThreadsPerChild 25 -MaxRequestsPerChild 0 - - -# perchild MPM -# NumServers ........... constant number of server processes -# StartThreads ......... initial number of worker threads in each server process -# MinSpareThreads ...... minimum number of worker threads which are kept spare -# MaxSpareThreads ...... maximum number of worker threads which are kept spare -# MaxThreadsPerChild ... maximum number of worker threads in each server process -# MaxRequestsPerChild .. maximum number of connections per server process (then it dies) - -NumServers 5 -StartThreads 5 -MinSpareThreads 5 -MaxSpareThreads 10 -MaxThreadsPerChild 20 -MaxRequestsPerChild 0 -AcceptMutex fcntl - - -User SVN -Group www-data - -# The following directives define some format nicknames for use with -# a CustomLog directive (see below). -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -LogFormat "%h %l %u %t \"%r\" %>s %b" common -LogFormat "%{Referer}i -> %U" referer -LogFormat "%{User-agent}i" agent - -# Global error log. -ErrorLog /var/log/apache2/error.log - -# Include module configuration: -Include /etc/apache2/mods-enabled/*.load -Include /etc/apache2/mods-enabled/*.conf - -# Include all the user configurations: -Include /etc/apache2/httpd.conf - -# Include ports listing -Include /etc/apache2/ports.conf - -# Include generic snippets of statements -Include /etc/apache2/conf.d - -#Let's have some Icons, shall we? -Alias /icons/ "/usr/share/apache2/icons/" - - Options Indexes MultiViews - AllowOverride None - Order allow,deny - Allow from all - - -# Set up the default error docs. -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# Putting this all together, we can Internationalize error responses. -# -# We use Alias to redirect any /error/HTTP_.html.var response to -# our collection of by-error message multi-language collections. We use -# includes to substitute the appropriate text. - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - -# -# You can modify the messages' appearance without changing any of the -# default HTTP_.html.var files by adding the line; -# -# Alias /error/include/ "/your/include/path/" -# -# which allows you to create your own set of files by starting with the -# /usr/local/apache2/error/include/ files and -# copying them to /your/include/path/, even on a per-VirtualHost basis. -# - - - - Alias /error/ "/usr/share/apache2/error/" - - - AllowOverride None - Options IncludesNoExec - AddOutputFilter Includes html - AddHandler type-map var - Order allow,deny - Allow from all - LanguagePriority en es de fr - ForceLanguagePriority Prefer Fallback - - - ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var - ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var - ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var - ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var - ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var - ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var - ErrorDocument 410 /error/HTTP_GONE.html.var - ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var - ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var - ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var - ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var - ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var - ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var - ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var - ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var - ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var - ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var - - - - -DirectoryIndex index.html index.cgi index.pl index.php index.xhtml - -UserDir public_html - -# -# AllowOverride FileInfo AuthConfig Limit -# Options Indexes SymLinksIfOwnerMatch IncludesNoExec -# - -AccessFileName .htaccess - - - Order allow,deny - Deny from all - - -UseCanonicalName Off - -TypesConfig /etc/mime.types -DefaultType text/plain - -HostnameLookups Off - -IndexOptions FancyIndexing VersionSort - -AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip - -AddIconByType (TXT,/icons/text.gif) text/* -AddIconByType (IMG,/icons/image2.gif) image/* -AddIconByType (SND,/icons/sound2.gif) audio/* -AddIconByType (VID,/icons/movie.gif) video/* - -# This really should be .jpg. - -AddIcon /icons/binary.gif .bin .exe -AddIcon /icons/binhex.gif .hqx -AddIcon /icons/tar.gif .tar -AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv -AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip -AddIcon /icons/a.gif .ps .ai .eps -AddIcon /icons/layout.gif .html .shtml .htm .pdf -AddIcon /icons/text.gif .txt -AddIcon /icons/c.gif .c -AddIcon /icons/p.gif .pl .py -AddIcon /icons/f.gif .for -AddIcon /icons/dvi.gif .dvi -AddIcon /icons/uuencoded.gif .uu -AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl -AddIcon /icons/tex.gif .tex -AddIcon /icons/bomb.gif core - -AddIcon /icons/back.gif .. -AddIcon /icons/hand.right.gif README -AddIcon /icons/folder.gif ^^DIRECTORY^^ -AddIcon /icons/blank.gif ^^BLANKICON^^ - - -# This is from Matty J's patch. Anyone want to make the icons? -#AddIcon /icons/dirsymlink.jpg ^^SYMDIR^^ -#AddIcon /icons/symlink.jpg ^^SYMLINK^^ - -DefaultIcon /icons/unknown.gif - -ReadmeName README.html -HeaderName HEADER.html - -IndexIgnore .??* *~ *# HEADER* RCS CVS *,t - -AddEncoding x-compress Z -AddEncoding x-gzip gz tgz - -AddLanguage da .dk -AddLanguage nl .nl -AddLanguage en .en -AddLanguage et .et -AddLanguage fr .fr -AddLanguage de .de -AddLanguage el .el -AddLanguage it .it -AddLanguage ja .ja -AddLanguage pl .po -AddLanguage ko .ko -AddLanguage pt .pt -AddLanguage no .no -AddLanguage pt-br .pt-br -AddLanguage ltz .ltz -AddLanguage ca .ca -AddLanguage es .es -AddLanguage sv .se -AddLanguage cz .cz -AddLanguage ru .ru -AddLanguage tw .tw -AddLanguage zh-tw .tw - -LanguagePriority en da nl et fr de el it ja ko no pl pt pt-br ltz ca es sv tw - - -AddDefaultCharset ISO-8859-1 - -AddCharset ISO-8859-1 .iso8859-1 .latin1 -AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen -AddCharset ISO-8859-3 .iso8859-3 .latin3 -AddCharset ISO-8859-4 .iso8859-4 .latin4 -AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru -AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb -AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk -AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb -AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk -AddCharset ISO-2022-JP .iso2022-jp .jis -AddCharset ISO-2022-KR .iso2022-kr .kis -AddCharset ISO-2022-CN .iso2022-cn .cis -AddCharset Big5 .Big5 .big5 -# For russian, more than one charset is used (depends on client, mostly): -AddCharset WINDOWS-1251 .cp-1251 .win-1251 -AddCharset CP866 .cp866 -AddCharset KOI8-r .koi8-r .koi8-ru -AddCharset KOI8-ru .koi8-uk .ua -AddCharset ISO-10646-UCS-2 .ucs2 -AddCharset ISO-10646-UCS-4 .ucs4 -AddCharset UTF-8 .utf8 - -AddCharset GB2312 .gb2312 .gb -AddCharset utf-7 .utf7 -AddCharset utf-8 .utf8 -AddCharset big5 .big5 .b5 -AddCharset EUC-TW .euc-tw -AddCharset EUC-JP .euc-jp -AddCharset EUC-KR .euc-kr -AddCharset shift_jis .sjis - -#AddType application/x-httpd-php .php -#AddType application/x-httpd-php-source .phps - -AddType application/x-tar .tgz - -# To use CGI scripts outside /cgi-bin/: -# -#AddHandler cgi-script .cgi - -# To use server-parsed HTML files -# - - SetOutputFilter INCLUDES - - -# If you wish to use server-parsed imagemap files, use -# -#AddHandler imap-file map - -BrowserMatch "Mozilla/2" nokeepalive -BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 -BrowserMatch "RealPlayer 4\.0" force-response-1.0 -BrowserMatch "Java/1\.0" force-response-1.0 -BrowserMatch "JDK/1\.0" force-response-1.0 - -# -# The following directive disables redirects on non-GET requests for -# a directory that does not include the trailing slash. This fixes a -# problem with Microsoft WebFolders which does not appropriately handle -# redirects for folders with DAV methods. -# - -BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully -BrowserMatch "^WebDrive" redirect-carefully -BrowserMatch "^gnome-vfs" redirect-carefully -BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully - -# Allow server status reports, with the URL of http://servername/server-status -# Change the ".your_domain.com" to match your domain to enable. -# - - SetHandler server-status - - -# Allow remote server configuration reports, with the URL of -# http://servername/server-info (requires that mod_info.c be loaded). -# Change the ".your_domain.com" to match your domain to enable. -# - - SetHandler server-info - - -# Include the virtual host configurations: -Include /etc/apache2/sites-enabled - - diff --git a/apache-svn-conf/mime.types b/apache-svn-conf/mime.types deleted file mode 100644 index 195474f4d..000000000 --- a/apache-svn-conf/mime.types +++ /dev/null @@ -1,471 +0,0 @@ -# This is a comment. I love comments. - -# This file controls what Internet media types are sent to the client for -# given file extension(s). Sending the correct media type to the client -# is important so they know how to handle the content of the file. -# Extra types can either be added here or by using an AddType directive -# in your config files. For more information about Internet media types, -# please read RFC 2045, 2046, 2047, 2048, and 2077. The Internet media type -# registry is at . - -# MIME type Extension -application/EDI-Consent -application/EDI-X12 -application/EDIFACT -application/activemessage -application/andrew-inset ez -application/applefile -application/atomicmail -application/batch-SMTP -application/beep+xml -application/cals-1840 -application/commonground -application/cybercash -application/dca-rft -application/dec-dx -application/dvcs -application/eshop -application/http -application/hyperstudio -application/iges -application/index -application/index.cmd -application/index.obj -application/index.response -application/index.vnd -application/iotp -application/ipp -application/isup -application/font-tdpfr -application/mac-binhex40 hqx -application/mac-compactpro cpt -application/macwriteii -application/marc -application/mathematica -application/mathematica-old -application/msword doc -application/news-message-id -application/news-transmission -application/ocsp-request -application/ocsp-response -application/octet-stream bin dms lha lzh exe class so dll -application/oda oda -application/parityfec -application/pdf pdf -application/pgp-encrypted -application/pgp-keys -application/pgp-signature -application/pkcs10 -application/pkcs7-mime -application/pkcs7-signature -application/pkix-cert -application/pkix-crl -application/pkixcmp -application/postscript ai eps ps -application/prs.alvestrand.titrax-sheet -application/prs.cww -application/prs.nprend -application/qsig -application/remote-printing -application/riscos -application/rtf -application/sdp -application/set-payment -application/set-payment-initiation -application/set-registration -application/set-registration-initiation -application/sgml -application/sgml-open-catalog -application/sieve -application/slate -application/smil smi smil -application/timestamp-query -application/timestamp-reply -application/vemmi -application/vnd.3M.Post-it-Notes -application/vnd.FloGraphIt -application/vnd.accpac.simply.aso -application/vnd.accpac.simply.imp -application/vnd.acucobol -application/vnd.aether.imp -application/vnd.anser-web-certificate-issue-initiation -application/vnd.anser-web-funds-transfer-initiation -application/vnd.audiograph -application/vnd.businessobjects -application/vnd.bmi -application/vnd.canon-cpdl -application/vnd.canon-lips -application/vnd.claymore -application/vnd.commerce-battelle -application/vnd.commonspace -application/vnd.comsocaller -application/vnd.contact.cmsg -application/vnd.cosmocaller -application/vnd.cups-postscript -application/vnd.cups-raster -application/vnd.cups-raw -application/vnd.ctc-posml -application/vnd.cybank -application/vnd.dna -application/vnd.dpgraph -application/vnd.dxr -application/vnd.ecdis-update -application/vnd.ecowin.chart -application/vnd.ecowin.filerequest -application/vnd.ecowin.fileupdate -application/vnd.ecowin.series -application/vnd.ecowin.seriesrequest -application/vnd.ecowin.seriesupdate -application/vnd.enliven -application/vnd.epson.esf -application/vnd.epson.msf -application/vnd.epson.quickanime -application/vnd.epson.salt -application/vnd.epson.ssf -application/vnd.ericsson.quickcall -application/vnd.eudora.data -application/vnd.fdf -application/vnd.ffsns -application/vnd.framemaker -application/vnd.fsc.weblaunch -application/vnd.fujitsu.oasys -application/vnd.fujitsu.oasys2 -application/vnd.fujitsu.oasys3 -application/vnd.fujitsu.oasysgp -application/vnd.fujitsu.oasysprs -application/vnd.fujixerox.ddd -application/vnd.fujixerox.docuworks -application/vnd.fujixerox.docuworks.binder -application/vnd.fut-misnet -application/vnd.grafeq -application/vnd.groove-account -application/vnd.groove-identity-message -application/vnd.groove-injector -application/vnd.groove-tool-message -application/vnd.groove-tool-template -application/vnd.groove-vcard -application/vnd.hhe.lesson-player -application/vnd.hp-HPGL -application/vnd.hp-PCL -application/vnd.hp-PCLXL -application/vnd.hp-hpid -application/vnd.hp-hps -application/vnd.httphone -application/vnd.hzn-3d-crossword -application/vnd.ibm.afplinedata -application/vnd.ibm.MiniPay -application/vnd.ibm.modcap -application/vnd.informix-visionary -application/vnd.intercon.formnet -application/vnd.intertrust.digibox -application/vnd.intertrust.nncp -application/vnd.intu.qbo -application/vnd.intu.qfx -application/vnd.irepository.package+xml -application/vnd.is-xpr -application/vnd.japannet-directory-service -application/vnd.japannet-jpnstore-wakeup -application/vnd.japannet-payment-wakeup -application/vnd.japannet-registration -application/vnd.japannet-registration-wakeup -application/vnd.japannet-setstore-wakeup -application/vnd.japannet-verification -application/vnd.japannet-verification-wakeup -application/vnd.koan -application/vnd.lotus-1-2-3 -application/vnd.lotus-approach -application/vnd.lotus-freelance -application/vnd.lotus-notes -application/vnd.lotus-organizer -application/vnd.lotus-screencam -application/vnd.lotus-wordpro -application/vnd.mcd -application/vnd.mediastation.cdkey -application/vnd.meridian-slingshot -application/vnd.mif mif -application/vnd.minisoft-hp3000-save -application/vnd.mitsubishi.misty-guard.trustweb -application/vnd.mobius.daf -application/vnd.mobius.dis -application/vnd.mobius.msl -application/vnd.mobius.plc -application/vnd.mobius.txf -application/vnd.motorola.flexsuite -application/vnd.motorola.flexsuite.adsi -application/vnd.motorola.flexsuite.fis -application/vnd.motorola.flexsuite.gotap -application/vnd.motorola.flexsuite.kmr -application/vnd.motorola.flexsuite.ttc -application/vnd.motorola.flexsuite.wem -application/vnd.mozilla.xul+xml -application/vnd.ms-artgalry -application/vnd.ms-asf -application/vnd.ms-excel xls -application/vnd.ms-lrm -application/vnd.ms-powerpoint ppt -application/vnd.ms-project -application/vnd.ms-tnef -application/vnd.ms-works -application/vnd.mseq -application/vnd.msign -application/vnd.music-niff -application/vnd.musician -application/vnd.netfpx -application/vnd.noblenet-directory -application/vnd.noblenet-sealer -application/vnd.noblenet-web -application/vnd.novadigm.EDM -application/vnd.novadigm.EDX -application/vnd.novadigm.EXT -application/vnd.osa.netdeploy -application/vnd.palm -application/vnd.pg.format -application/vnd.pg.osasli -application/vnd.powerbuilder6 -application/vnd.powerbuilder6-s -application/vnd.powerbuilder7 -application/vnd.powerbuilder7-s -application/vnd.powerbuilder75 -application/vnd.powerbuilder75-s -application/vnd.previewsystems.box -application/vnd.publishare-delta-tree -application/vnd.pvi.ptid1 -application/vnd.pwg-xhtml-print+xml -application/vnd.rapid -application/vnd.s3sms -application/vnd.seemail -application/vnd.shana.informed.formdata -application/vnd.shana.informed.formtemplate -application/vnd.shana.informed.interchange -application/vnd.shana.informed.package -application/vnd.sss-cod -application/vnd.sss-dtf -application/vnd.sss-ntf -application/vnd.street-stream -application/vnd.svd -application/vnd.swiftview-ics -application/vnd.triscape.mxs -application/vnd.trueapp -application/vnd.truedoc -application/vnd.tve-trigger -application/vnd.ufdl -application/vnd.uplanet.alert -application/vnd.uplanet.alert-wbxml -application/vnd.uplanet.bearer-choice-wbxml -application/vnd.uplanet.bearer-choice -application/vnd.uplanet.cacheop -application/vnd.uplanet.cacheop-wbxml -application/vnd.uplanet.channel -application/vnd.uplanet.channel-wbxml -application/vnd.uplanet.list -application/vnd.uplanet.list-wbxml -application/vnd.uplanet.listcmd -application/vnd.uplanet.listcmd-wbxml -application/vnd.uplanet.signal -application/vnd.vcx -application/vnd.vectorworks -application/vnd.vidsoft.vidconference -application/vnd.visio -application/vnd.vividence.scriptfile -application/vnd.wap.sic -application/vnd.wap.slc -application/vnd.wap.wbxml wbxml -application/vnd.wap.wmlc wmlc -application/vnd.wap.wmlscriptc wmlsc -application/vnd.webturbo -application/vnd.wrq-hp3000-labelled -application/vnd.wt.stf -application/vnd.xara -application/vnd.xfdl -application/vnd.yellowriver-custom-menu -application/whoispp-query -application/whoispp-response -application/wita -application/wordperfect5.1 -application/x-bcpio bcpio -application/x-cdlink vcd -application/x-chess-pgn pgn -application/x-compress -application/x-cpio cpio -application/x-csh csh -application/x-director dcr dir dxr -application/x-dvi dvi -application/x-futuresplash spl -application/x-gtar gtar -application/x-gzip -application/x-hdf hdf -application/x-javascript js -application/x-koan skp skd skt skm -application/x-latex latex -application/x-netcdf nc cdf -application/x-sh sh -application/x-shar shar -application/x-shockwave-flash swf -application/x-stuffit sit -application/x-sv4cpio sv4cpio -application/x-sv4crc sv4crc -application/x-tar tar -application/x-tcl tcl -application/x-tex tex -application/x-texinfo texinfo texi -application/x-troff t tr roff -application/x-troff-man man -application/x-troff-me me -application/x-troff-ms ms -application/x-ustar ustar -application/x-wais-source src -application/x400-bp -application/xhtml+xml xhtml xht -application/xml -application/xml-dtd -application/xml-external-parsed-entity -application/zip zip -audio/32kadpcm -audio/basic au snd -audio/g.722.1 -audio/l16 -audio/midi mid midi kar -audio/mp4a-latm -audio/mpa-robust -audio/mpeg mpga mp2 mp3 -audio/parityfec -audio/prs.sid -audio/telephone-event -audio/tone -audio/vnd.cisco.nse -audio/vnd.cns.anp1 -audio/vnd.cns.inf1 -audio/vnd.digital-winds -audio/vnd.everad.plj -audio/vnd.lucent.voice -audio/vnd.nortel.vbk -audio/vnd.nuera.ecelp4800 -audio/vnd.nuera.ecelp7470 -audio/vnd.nuera.ecelp9600 -audio/vnd.octel.sbc -audio/vnd.qcelp -audio/vnd.rhetorex.32kadpcm -audio/vnd.vmx.cvsd -audio/x-aiff aif aiff aifc -audio/x-mpegurl m3u -audio/x-pn-realaudio ram rm -audio/x-pn-realaudio-plugin rpm -audio/x-realaudio ra -audio/x-wav wav -chemical/x-pdb pdb -chemical/x-xyz xyz -image/bmp bmp -image/cgm -image/g3fax -image/gif gif -image/ief ief -image/jpeg jpeg jpg jpe -image/naplps -image/png png -image/prs.btif -image/prs.pti -image/tiff tiff tif -image/vnd.cns.inf2 -image/vnd.djvu djvu djv -image/vnd.dwg -image/vnd.dxf -image/vnd.fastbidsheet -image/vnd.fpx -image/vnd.fst -image/vnd.fujixerox.edmics-mmr -image/vnd.fujixerox.edmics-rlc -image/vnd.mix -image/vnd.net-fpx -image/vnd.svf -image/vnd.wap.wbmp wbmp -image/vnd.xiff -image/x-cmu-raster ras -image/x-portable-anymap pnm -image/x-portable-bitmap pbm -image/x-portable-graymap pgm -image/x-portable-pixmap ppm -image/x-rgb rgb -image/x-xbitmap xbm -image/x-xpixmap xpm -image/x-xwindowdump xwd -message/delivery-status -message/disposition-notification -message/external-body -message/http -message/news -message/partial -message/rfc822 -message/s-http -model/iges igs iges -model/mesh msh mesh silo -model/vnd.dwf -model/vnd.flatland.3dml -model/vnd.gdl -model/vnd.gs-gdl -model/vnd.gtw -model/vnd.mts -model/vnd.vtu -model/vrml wrl vrml -multipart/alternative -multipart/appledouble -multipart/byteranges -multipart/digest -multipart/encrypted -multipart/form-data -multipart/header-set -multipart/mixed -multipart/parallel -multipart/related -multipart/report -multipart/signed -multipart/voice-message -text/calendar -text/css css -text/directory -text/enriched -text/html html htm -text/parityfec -text/plain asc txt -text/prs.lines.tag -text/rfc822-headers -text/richtext rtx -text/rtf rtf -text/sgml sgml sgm -text/tab-separated-values tsv -text/t140 -text/uri-list -text/vnd.DMClientScript -text/vnd.IPTC.NITF -text/vnd.IPTC.NewsML -text/vnd.abc -text/vnd.curl -text/vnd.flatland.3dml -text/vnd.fly -text/vnd.fmi.flexstor -text/vnd.in3d.3dml -text/vnd.in3d.spot -text/vnd.latex-z -text/vnd.motorola.reflex -text/vnd.ms-mediapackage -text/vnd.wap.si -text/vnd.wap.sl -text/vnd.wap.wml wml -text/vnd.wap.wmlscript wmls -text/x-setext etx -text/xml xml xsl -text/xml-external-parsed-entity -video/mp4v-es -video/mpeg mpeg mpg mpe -video/parityfec -video/pointer -video/quicktime qt mov -video/vnd.fvt -video/vnd.motorola.video -video/vnd.motorola.videop -video/vnd.mpegurl mxu -video/vnd.mts -video/vnd.nokia.interleaved-multimedia -video/vnd.vivo -video/x-msvideo avi -video/x-sgi-movie movie -x-conference/x-cooltalk ice diff --git a/apache-svn-conf/ports.conf b/apache-svn-conf/ports.conf deleted file mode 100644 index d57d06890..000000000 --- a/apache-svn-conf/ports.conf +++ /dev/null @@ -1 +0,0 @@ -Listen 5459 diff --git a/apache-svn-conf/ssl.conf b/apache-svn-conf/ssl.conf deleted file mode 100644 index 212aa309c..000000000 --- a/apache-svn-conf/ssl.conf +++ /dev/null @@ -1,62 +0,0 @@ - # SSLSessionCache shm:/var/log/apache2/ssl_scache(128000) - # SSLMutex file:/var/log/apache2/ssl_mutex - # SSLRandomSeed startup file:/dev/urandom 512 - # SSLRandomSeed connect file:/dev/urandom 512 - # #ErrorLog /var/log/apache2/ssl.log - # LogLevel info - -Listen 5460 -AddType application/x-x509-ca-cert .crt -AddType application/x-pkcs7-crl .crl -SSLPassPhraseDialog builtin -SSLSessionCache dbm:logs/ssl_scache -SSLSessionCacheTimeout 300 -SSLMutex file:logs/ssl_mutex -SSLRandomSeed startup builtin -SSLRandomSeed connect builtin -NameVirtualHost *:5460 - - ServerAdmin webmaster@localhost - DocumentRoot "/home/SVN/htdocs" - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv2:+eNULL - SSLCertificateFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem - SSLCertificateKeyFile /home/k/PAUSE/111_sensitive/apache-conf/pause.pem - - SSLOptions +StdEnvVars - - - SSLOptions +StdEnvVars - - - SetEnvIf User-Agent ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - - CustomLog logs/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - DAV svn - SVNPath /home/SVN/repos/pause - AuthType Basic - AuthName "Subversion repository" - AuthUserFile /home/k/PAUSE/111_sensitive/apache-svn-conf/passwd.pause - - Require valid-user - - - - DAV svn - SVNPath /home/SVN/repos/cpanpm - AuthType Basic - AuthName "CPAN.pm secure repository closed! About to move to github." - AuthUserFile /home/k/PAUSE/111_sensitive/apache-svn-conf/passwd.cpanpm - - Require valid-user - - - - - - From 810023c0ed426cb7514186eaf4c30943678745b7 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:04:42 +0100 Subject: [PATCH 07/19] etc/cfengine: remove this directory as cruft --- etc/cfengine/cf.actionsequence | 15 ------ etc/cfengine/cf.main | 84 ---------------------------------- etc/cfengine/cfagent.conf | 4 -- etc/cfengine/update.conf | 12 ----- 4 files changed, 115 deletions(-) delete mode 100644 etc/cfengine/cf.actionsequence delete mode 100644 etc/cfengine/cf.main delete mode 100644 etc/cfengine/cfagent.conf delete mode 100644 etc/cfengine/update.conf diff --git a/etc/cfengine/cf.actionsequence b/etc/cfengine/cf.actionsequence deleted file mode 100644 index b424e8ec9..000000000 --- a/etc/cfengine/cf.actionsequence +++ /dev/null @@ -1,15 +0,0 @@ -control: - - actionsequence = ( - packages - files - directories - shellcommands.svnclients - links - copy - editfiles - shellcommands - tidy - processes - ) - diff --git a/etc/cfengine/cf.main b/etc/cfengine/cf.main deleted file mode 100644 index 7eddb1e21..000000000 --- a/etc/cfengine/cf.main +++ /dev/null @@ -1,84 +0,0 @@ -# 2006-03-29 akoenig : no dependencies! When a sendmail.mc is being changed, -# we do no rerun make in the /etc/mail directory ==> TODO - -files: - any:: - /var/log/PAUSE-httpd/. mode=0775 owner=root group=www-data action=touch - /var/run/httpd/deadmeat/. mode=0755 owner=www-data group=www-data action=touch - /home/k/PAUSE/privatelib/. mode=0750 owner=k group=k action=touch - /etc/perlbal/. mode=0755 owner=root group=www-data action=touch - -links: - any:: - /etc/csync2.cfg ->! ../home/k/PAUSE/etc/csync2.cfg - /etc/ntp.conf ->! ../home/k/PAUSE/etc/ntp.conf - /etc/proftpd/proftpd.conf ->! ../home/k/PAUSE/etc/proftpd/proftpd.conf - /etc/rsyncd.conf ->! ../home/k/PAUSE/etc/rsyncd.conf - /etc/rsyncd2.conf ->! ../home/k/PAUSE/etc/rsyncd2.conf - - /etc/apache2/apache2.conf ->! ../../home/k/PAUSE/apache-svn-conf/httpd.conf - /etc/apache2/ports.conf ->! ../../home/k/PAUSE/apache-svn-conf/ports.conf - /etc/apt/sources.list ->! ../../home/k/PAUSE/etc/apt/sources.list - /etc/cron.jobs/indexscripts.pl ->! ../../home/kstar/cron/indexscripts.pl - /etc/init.d/PAUSE-httpd ->! ../../home/k/PAUSE/etc/init.d/PAUSE-httpd - /etc/init.d/PAUSE-paused ->! ../../home/k/PAUSE/etc/init.d/PAUSE-paused - /etc/init.d/PAUSE-perlbal ->! ../../home/k/PAUSE/etc/init.d/PAUSE-perlbal - /etc/init.d/PAUSE-rsyncd ->! ../../home/k/PAUSE/etc/init.d/PAUSE-rsyncd - /etc/init.d/PAUSE-rsyncd2 ->! ../../home/k/PAUSE/etc/init.d/PAUSE-rsyncd2 - /etc/logrotate.d/csync2 ->! ../../home/k/PAUSE/etc/logrotate.d/csync2 - /etc/logrotate.d/mldistwatch ->! ../../home/k/PAUSE/etc/logrotate.d/mldistwatch - /etc/logrotate.d/rsyncd ->! ../../home/k/PAUSE/etc/logrotate.d/rsyncd - /etc/mail/local-host-names ->! ../../home/k/PAUSE/etc/mail/local-host-names - /etc/mail/sendmail.mc ->! ../../home/k/PAUSE/etc/mail/sendmail.mc - /etc/mon/mon.cf ->! ../../home/k/PAUSE/etc/mon/mon.cf - /etc/mysql/my.cnf ->! ../../home/k/PAUSE/etc/my.cnf.pause2 - /etc/network/interfaces ->! ../../home/k/PAUSE/etc/network/interfaces - /etc/perlbal/perlbal.conf ->! ../../home/k/PAUSE/etc/perlbal/perlbal.conf - /etc/security/limits.conf ->! ../../home/k/PAUSE/etc/security/limits.conf - - /etc/apache2/mods-enabled/ssl.conf ->! ../../../home/k/PAUSE/apache-svn-conf/ssl.conf - /etc/apache2/sites-enabled/000-default ->! ../../../home/k/PAUSE/apache-svn-conf/default-site.conf - - /usr/local/apache/conf ->! ../../../home/k/PAUSE/apache-conf - /usr/local/apache/htdocs ->! ../../../home/k/PAUSE/htdocs/ - /usr/local/apache/perl ->! ../../../home/k/PAUSE/apache-perl - /usr/local/apache/logs ->! /var/log/PAUSE-httpd - - /usr/lib/mon/mon.d/paused.monitor ->! ../../../../home/k/PAUSE/etc/mon/mon.d/paused.monitor - /usr/lib/mon/mon.d/rsyncd.monitor ->! ../../../../home/k/PAUSE/etc/mon/mon.d/rsyncd.monitor - /usr/lib/mon/mon.d/rsyncd2.monitor ->! ../../../../home/k/PAUSE/etc/mon/mon.d/rsyncd2.monitor - /usr/lib/mon/mon.d/3ware_cli.monitor ->! ../../../../home/k/PAUSE/etc/mon/mon.d/3ware_cli.monitor - /usr/lib/mon/mon.d/rersyncrecent.monitor ->! ../../../../home/k/PAUSE/etc/mon/mon.d/rersyncrecent.monitor - -copy: - any:: - # the SVN repository is not necessarily on PAUSE itself, of course - /home/k/PAUSE/svn/pause/hooks/post-commit - dest=/home/SVN/repos/pause/hooks/post-commit - owner=SVN group=www-data mode=0755 - - /home/k/PAUSE/svn/pause/hooks/commit-email.pl - dest=/home/SVN/repos/pause/hooks/commit-email.pl - owner=SVN group=www-data mode=0755 - - # XXX foreigner, not PAUSE related - /home/k/PAUSE/svn/cpanpm/hooks/post-commit - dest=/home/SVN/repos/cpanpm/hooks/post-commit - owner=SVN group=www-data mode=0755 - - # sendmail - /home/k/PAUSE/etc/aliases dest=/etc/aliases - owner=root group=root mode=0644 define=reload_aliases - -editfiles: - # warn: XXX nonsense to hardcode 1000 here but does cfengine help me do better? - any:: - { /etc/group - AutoCreate - DeleteLinesContaining "k:x:1000:" - AppendIfNoSuchLine "k:x:1000:k,kstar,abh,SVN,ftp,nobody" - } - -shellcommands: - reload_aliases:: - "/usr/sbin/newaliases" diff --git a/etc/cfengine/cfagent.conf b/etc/cfengine/cfagent.conf deleted file mode 100644 index a7d118b70..000000000 --- a/etc/cfengine/cfagent.conf +++ /dev/null @@ -1,4 +0,0 @@ -import: - any:: - cf.actionsequence - cf.main diff --git a/etc/cfengine/update.conf b/etc/cfengine/update.conf deleted file mode 100644 index 40f1bcf8e..000000000 --- a/etc/cfengine/update.conf +++ /dev/null @@ -1,12 +0,0 @@ -control: - actionsequence = ( shellcommands ) - -classes: - svnini = ( FileExists(/etc/cfengine/.svn/entries) ) - -shellcommands: - !svnini:: - "/bin/sh -c \"cd /etc/cfengine && /usr/bin/svn --username k co https://pause.perl.org:5460/svn/pause/trunk/etc/cfengine ./\"" - - any:: - "/bin/sh -c 'cd /etc/cfengine && /usr/bin/svn up > /dev/null'" From 1b179ff317ad5cd1f4ee5c77873239c6beac6c8a Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:05:35 +0100 Subject: [PATCH 08/19] etc/perlbal: remove this directory as cruft --- etc/perlbal/perlbal.conf | 38 ------- etc/perlbal/perlbal.conf-redir-to-pause-us | 66 ----------- etc/perlbal/perlbal.conf.pause-us | 126 --------------------- etc/perlbal/restarter.sh | 11 -- 4 files changed, 241 deletions(-) delete mode 100644 etc/perlbal/perlbal.conf delete mode 100644 etc/perlbal/perlbal.conf-redir-to-pause-us delete mode 100644 etc/perlbal/perlbal.conf.pause-us delete mode 100755 etc/perlbal/restarter.sh diff --git a/etc/perlbal/perlbal.conf b/etc/perlbal/perlbal.conf deleted file mode 100644 index 5e0afcc62..000000000 --- a/etc/perlbal/perlbal.conf +++ /dev/null @@ -1,38 +0,0 @@ -LOAD vhosts - -CREATE POOL pause80 - POOL pause80 ADD 127.0.0.1:81 - -CREATE POOL catalyst - POOL catalyst ADD 217.199.168.174:3000 - -CREATE SERVICE pause - SET role = reverse_proxy - SET pool = pause80 - SET trusted_upstream_proxies = 0.0.0.0/0 - SET enable_reproxy = on -ENABLE pause - -CREATE SERVICE analytics - SET role = reverse_proxy - SET pool = catalyst - SET trusted_upstream_proxies = 0.0.0.0/0 - SET persist_client_timeout = 300 - SET enable_reproxy = on -ENABLE analytics - -CREATE SERVICE vhosts - SET listen = 0.0.0.0:80 - SET role = selector - SET plugins = vhosts - SET persist_client = on - - VHOST analysis.cpantesters.org = analytics - VHOST * = pause -ENABLE vhosts - -# always good to keep an internal management port open: -CREATE SERVICE mgmt - SET role = management - SET listen = 127.0.0.1:16000 -ENABLE mgmt diff --git a/etc/perlbal/perlbal.conf-redir-to-pause-us b/etc/perlbal/perlbal.conf-redir-to-pause-us deleted file mode 100644 index f1781642a..000000000 --- a/etc/perlbal/perlbal.conf-redir-to-pause-us +++ /dev/null @@ -1,66 +0,0 @@ -# XS enable headers -LOAD TrustHeader -LOAD vhosts - -CREATE POOL pause81 - POOL pause81 ADD 127.0.0.1:12081 - -CREATE POOL catalyst - POOL catalyst ADD 217.199.168.174:3000 - -CREATE SERVICE pause - SET role = reverse_proxy - SET plugins = trustheader - SET pool = pause81 - SET persist_client = on - SET persist_client_idle_timeout = 30 - SET idle_timeout = 180 - SET persist_backend = on - SET max_backend_uses = 0 - SET backend_persist_cache = 2 - SET verify_backend = on - SET enable_reproxy = off - # SET trusted_upstream_proxies = 0.0.0.0/0 - SET connect_ahead = 2 - SET buffer_size = 2048k -ENABLE pause - -CREATE SERVICE analysis - SET role = reverse_proxy - SET pool = catalyst - SET trusted_upstream_proxies = 0.0.0.0/0 - SET persist_client_timeout = 300 - SET enable_reproxy = off -ENABLE analysis - -CREATE SERVICE vhosts - SET listen = 0.0.0.0:80 - SET role = selector - SET enable_ssl = off - SET plugins = vhosts - VHOST analysis.cpantesters.org = analysis - VHOST * = pause - HEADER vhosts remove X-pause-is-SSL - HEADER vhosts insert X-pause-is-SSL: 0 -ENABLE vhosts - -CREATE SERVICE vhosts_ssl - SET listen = 0.0.0.0:443 - SET role = selector - SET enable_ssl = on - SET plugins = vhosts - # requires repository version (maybe later) - #SET ssl_honor_cipher_order = 1 - #SET ssl_cipher_list = ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH - SET ssl_key_file = /etc/perlbal/servercerts/pause.perl.org-20080519.key - SET ssl_cert_file = /etc/perlbal/servercerts/rapidssl.pause.perl.org.crt+chain - VHOST * = pause - HEADER vhosts_ssl remove X-pause-is-SSL - HEADER vhosts_ssl insert X-pause-is-SSL: 1 -ENABLE vhosts_ssl - -# always good to keep an internal management port open: -CREATE SERVICE mgmt - SET role = management - SET listen = 127.0.0.1:16000 -ENABLE mgmt diff --git a/etc/perlbal/perlbal.conf.pause-us b/etc/perlbal/perlbal.conf.pause-us deleted file mode 100644 index d95c724f8..000000000 --- a/etc/perlbal/perlbal.conf.pause-us +++ /dev/null @@ -1,126 +0,0 @@ -XS enable headers -LOAD TrustHeader -LOAD vhosts - -CREATE POOL pause81 - POOL pause81 ADD 127.0.0.1:81 - -# dated: analysis -# CREATE POOL catalyst -# POOL catalyst ADD 217.199.168.174:3000 - -# CREATE POOL qah2015_pool -# POOL qah2015_pool ADD 127.0.0.1:5000 - -CREATE POOL pts2018_pool - POOL pts2018_pool ADD 127.0.0.1:5000 - -CREATE POOL munin_pool - POOL munin_pool ADD 127.0.0.1:8000 - -CREATE SERVICE pause - SET role = reverse_proxy - SET plugins = trustheader - SET pool = pause81 - SET persist_client = on - SET persist_client_idle_timeout = 30 - SET idle_timeout = 180 - SET persist_backend = off - SET max_backend_uses = 0 - SET backend_persist_cache = 2 - SET verify_backend = off - SET enable_reproxy = off - # SET trusted_upstream_proxies = 0.0.0.0/0 - SET connect_ahead = 2 - SET buffer_size = 2048k -ENABLE pause - -CREATE SERVICE alternatepause - SET role = reverse_proxy - SET plugins = trustheader - SET pool = pts2018_pool - SET trusted_upstream_proxies = 0.0.0.0/0 - SET persist_client = on - SET persist_client_idle_timeout = 30 - SET idle_timeout = 180 - SET persist_backend = on - SET max_backend_uses = 0 - SET backend_persist_cache = 2 - SET verify_backend = on - SET enable_reproxy = off - # SET trusted_upstream_proxies = 0.0.0.0/0 - SET connect_ahead = 2 - SET buffer_size = 2048k -ENABLE alternatepause - -# CREATE SERVICE munin -# SET role = reverse_proxy -# SET plugins = trustheader -# SET pool = munin_pool -# SET trusted_upstream_proxies = 0.0.0.0/0 -# SET persist_client = on -# SET persist_client_idle_timeout = 30 -# SET idle_timeout = 180 -# SET persist_backend = on -# SET max_backend_uses = 0 -# SET backend_persist_cache = 2 -# SET verify_backend = on -# SET enable_reproxy = off -# # SET trusted_upstream_proxies = 0.0.0.0/0 -# SET connect_ahead = 2 -# SET buffer_size = 2048k -# ENABLE munin - -# dated: -# CREATE SERVICE analysis -# SET role = reverse_proxy -# SET pool = catalyst -# SET trusted_upstream_proxies = 0.0.0.0/0 -# SET persist_client_timeout = 300 -# SET enable_reproxy = off -# ENABLE analysis - -# https://groups.google.com/forum/#!msg/perlbal/7VW-7QwQcB8/QEEOyp2VIwgJ;context-place=searchin/perlbal/redirect$20to$20https%7Csort:date -# would like to provide a forced redirect, but not now -CREATE SERVICE vhosts - SET listen = 0.0.0.0:80 - SET role = selector - SET enable_ssl = off - SET plugins = vhosts - VHOST analysis.cpantesters.org = analysis - VHOST pause2.develooper.com = alternatepause - VHOST * = pause - HEADER vhosts remove X-pause-is-SSL - HEADER vhosts insert X-pause-is-SSL: 0 -ENABLE vhosts - -CREATE SERVICE vhosts_ssl - SET listen = 0.0.0.0:443 - SET role = selector - SET enable_ssl = on - SET plugins = vhosts - # not supported in Perlbal 1.80, requires SULLR/IO-Socket-SSL-1.76 and patched Perlbal https://github.com/andk/Perlbal/commit/545eee43c9084de47bfba6130fd2274ef0a99cf5 : - # SET ssl_honor_cipher_order = 1 - # recommended by https://wiki.mozilla.org/Security/Server_Side_TLS: - # SET ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SSLv2 - - # This is the mozilla list plus it removes all SSL3 CBC modes to - # mitigate POODLE, until such a time that ssl_version_list works in - # perlbal. - # openssl ciphers "SSLv3" | perl -ne 'print join("\n",split /:/,$_)' | grep CBC | xargs | perl -pe 's/ /:!/g' - SET ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SSLv2:!PSK-AES256-CBC-SHA:!ECDHE-RSA-DES-CBC3-SHA:!ECDHE-ECDSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!EDH-DSS-DES-CBC3-SHA:!AECDH-DES-CBC3-SHA:!ADH-DES-CBC3-SHA:!ECDH-RSA-DES-CBC3-SHA:!ECDH-ECDSA-DES-CBC3-SHA:!DES-CBC3-SHA:!PSK-3DES-EDE-CBC-SHA:!KRB5-DES-CBC3-SHA:!KRB5-DES-CBC3-MD5:!IDEA-CBC-SHA:!PSK-AES128-CBC-SHA:!KRB5-IDEA-CBC-SHA:!KRB5-IDEA-CBC-MD5:!EDH-RSA-DES-CBC-SHA:!EDH-DSS-DES-CBC-SHA:!ADH-DES-CBC-SHA:!DES-CBC-SHA:!KRB5-DES-CBC-SHA:!KRB5-DES-CBC-MD5:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-EDH-DSS-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5:!EXP-KRB5-RC2-CBC-SHA:!EXP-KRB5-DES-CBC-SHA:!EXP-KRB5-RC2-CBC-MD5:!EXP-KRB5-DES-CBC-MD5 - - - SET ssl_key_file = /etc/letsencrypt/live/pause.perl.org/privkey.pem - SET ssl_cert_file = /etc/letsencrypt/live/pause.perl.org/fullchain.pem - VHOST pause2.develooper.com = alternatepause - VHOST * = pause - HEADER vhosts_ssl remove X-pause-is-SSL - HEADER vhosts_ssl insert X-pause-is-SSL: 1 -ENABLE vhosts_ssl - -# always good to keep an internal management port open: -CREATE SERVICE mgmt - SET role = management - SET listen = 127.0.0.1:16000 -ENABLE mgmt diff --git a/etc/perlbal/restarter.sh b/etc/perlbal/restarter.sh deleted file mode 100755 index 3ee2190ff..000000000 --- a/etc/perlbal/restarter.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -e - -for domain in $RENEWED_DOMAINS; do - case $domain in - pause.perl.org) - /etc/init.d/PAUSE-perlbal restart - ;; - esac -done From 862e8a3fcf0b8ced445e79e55f49acdc67711273 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:05:52 +0100 Subject: [PATCH 09/19] etc/proftpd: remove this directory as cruft --- etc/proftpd/proftpd.conf | 141 --------------------------------------- 1 file changed, 141 deletions(-) delete mode 100644 etc/proftpd/proftpd.conf diff --git a/etc/proftpd/proftpd.conf b/etc/proftpd/proftpd.conf deleted file mode 100644 index f85f4ac66..000000000 --- a/etc/proftpd/proftpd.conf +++ /dev/null @@ -1,141 +0,0 @@ -# -# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. -# To really apply changes reload proftpd after modifications. -# - -# Includes DSO modules -Include /etc/proftpd/modules.conf - -# Set off to disable IPv6 support which is annoying on IPv4 only boxes. -UseIPv6 on - -ServerName "Debian" -ServerType inetd -DeferWelcome off - -MultilineRFC2228 on -DefaultServer on -ShowSymlinks on - -TimeoutNoTransfer 600 -TimeoutStalled 600 -TimeoutIdle 1200 - -DisplayLogin welcome.msg -DisplayChdir .message -ListOptions "-l" - -DenyFilter \*.*/ - -# Port 21 is the standard FTP port. -Port 21 - -# In some cases you have to specify passive ports range to by-pass -# firewall limitations. Ephemeral ports can be used for that, but -# feel free to use a more narrow range. -# PassivePorts 49152 65534 - -# To prevent DoS attacks, set the maximum number of child processes -# to 30. If you need to allow more than 30 concurrent connections -# at once, simply increase this value. Note that this ONLY works -# in standalone mode, in inetd mode you should use an inetd server -# that allows you to limit maximum number of processes per service -# (such as xinetd) -MaxInstances 5 - -# Set the user and group that the server normally runs at. -User proftpd -Group nogroup - -# Umask 022 is a good standard umask to prevent new files and dirs -# (second parm) from being group and world writable. -Umask 022 022 -# Normally, we want files to be overwriteable. -AllowOverwrite on - -# Uncomment this if you are using NIS or LDAP to retrieve passwords: -# PersistentPasswd off - -# Be warned: use of this directive impacts CPU average load! -# -# Uncomment this if you like to see progress and transfer rate with ftpwho -# in downloads. That is not needed for uploads rates. -# UseSendFile off - -TransferLog /var/log/proftpd/xferlog -SystemLog /var/log/proftpd/proftpd.log - - -TLSEngine off - - - -QuotaEngine on - - - -Ratios on - - - -# Delay engine reduces impact of the so-called Timing Attack described in -# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02 -# It is on by default. - -DelayEngine on - - - -ControlsEngine on -ControlsMaxClients 2 -ControlsLog /var/log/proftpd/controls.log -ControlsInterval 5 -ControlsSocket /var/run/proftpd/proftpd.sock - - - -AdminControlsEngine on - - -# A basic anonymous configuration, no upload directories. - - - User ftp - Group nogroup - # We want clients to be able to login with "anonymous" as well as "ftp" - UserAlias anonymous ftp - # Cosmetic changes, all files belongs to ftp user - DirFakeUser on ftp - DirFakeGroup on ftp - - RequireValidShell off - - # Limit the maximum number of anonymous logins - MaxClients 30 - - # We want 'welcome.msg' displayed at login, and '.message' displayed - # in each newly chdired directory. - DisplayLogin welcome.msg - DisplayChdir .message - - # Limit WRITE everywhere in the anonymous chroot - - - DenyAll - - - - # Uncomment this if you're brave. - - # Umask 022 is a good standard umask to prevent new files and dirs - # (second parm) from being group and world writable. - Umask 022 022 - - DenyAll - - - AllowAll - - - - From 284f02e7c7baf89d65642fb84aa21f2c6200729a Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:40:30 +0100 Subject: [PATCH 10/19] etc/my.cnf: remove redundant copies The remaining one, my.cnf, is *also* wrong and out of date, but we will replace it with an up-to-date one. --- etc/my.cnf.centos6-2012 | 59 ------------------- etc/my.cnf.debian | 115 ------------------------------------- etc/my.cnf.pause2 | 123 ---------------------------------------- 3 files changed, 297 deletions(-) delete mode 100644 etc/my.cnf.centos6-2012 delete mode 100644 etc/my.cnf.debian delete mode 100644 etc/my.cnf.pause2 diff --git a/etc/my.cnf.centos6-2012 b/etc/my.cnf.centos6-2012 deleted file mode 100644 index efd275d7a..000000000 --- a/etc/my.cnf.centos6-2012 +++ /dev/null @@ -1,59 +0,0 @@ -[client] -port = 3306 -socket = /var/lib/mysql/mysql.sock - -[mysqld_safe] -err-log = /var/log/mysqld.log -socket = /var/lib/mysql/mysql.sock -nice = 0 - -[mysqld] -# symbolic-links=0 -user = mysql -pid-file = /var/run/mysqld/mysqld.pid -socket = /var/lib/mysql/mysql.sock -port = 3306 -general_log_file= /var/log/mysqld.log -basedir = /usr -datadir = /var/lib/mysql -tmpdir = /tmp -language = /usr/share/mysql/english -max-connections = 1000 -skip-external-locking -bind-address = 10.0.100.191 -key_buffer = 16M -max_allowed_packet = 16M -thread_stack = 128K -query_cache_limit = 1048576 -query_cache_size = 16777216 -query_cache_type = 1 -tmp_table_size = 32M -max_heap_table_size = 32M -thread_cache_size = 4 -innodb_buffer_pool_size = 250M -table_cache = 64 -log_slow_queries = ON -slow_query_log_file = /var/log/mysql/slow-query-log -long_query_time = 1 - -server-id = 2 -log-bin = /var/log/mysql/mysql-bin.log -expire-logs-days = 5 -max_binlog_size = 104857600 -binlog-do-db = mod -log-warnings = 2 -log-slave-updates -slave_compressed_protocol -relay-log=relay-bin - -sql-mode="NO_ENGINE_SUBSTITUTION" - -[mysqldump] -quick -quote-names -max_allowed_packet = 16M - -[mysql] - -[isamchk] -key_buffer = 16M diff --git a/etc/my.cnf.debian b/etc/my.cnf.debian deleted file mode 100644 index 7010eff2f..000000000 --- a/etc/my.cnf.debian +++ /dev/null @@ -1,115 +0,0 @@ -# -# The MySQL database server configuration file. -# -# You can copy this to one of: -# - "/etc/mysql/my.cnf" to set global options, -# - "/var/lib/mysql/my.cnf" to set server-specific options or -# - "~/.my.cnf" to set user-specific options. -# -# One can use all long options that the program supports. -# Run program with --help to get a list of available options and with -# --print-defaults to see which it would actually understand and use. -# -# For explanations see -# http://dev.mysql.com/doc/mysql/en/server-system-variables.html - -# This will be passed to all mysql clients -# It has been reported that passwords should be enclosed with ticks/quotes -# escpecially if they contain "#" chars... -# Remember to edit /etc/mysql/debian.cnf when changing the socket location. -[client] -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -# Here is entries for some specific programs -# The following values assume you have at least 32M ram - -# This was formally known as [safe_mysqld]. Both versions are currently parsed. -[mysqld_safe] -socket = /var/run/mysqld/mysqld.sock -nice = 0 - -[mysqld] -# -# * Basic Settings -# -user = mysql -pid-file = /var/run/mysqld/mysqld.pid -socket = /var/run/mysqld/mysqld.sock -port = 3306 -basedir = /usr -datadir = /var/lib/mysql -tmpdir = /tmp -language = /usr/share/mysql/english -skip-external-locking -# -# Instead of skip-networking the default is now to listen only on -# localhost which is more compatible and is not less secure. -bind-address = 127.0.0.1 -# -# * Fine Tuning -# -key_buffer = 16M -max_allowed_packet = 16M -thread_stack = 128K -# -# * Query Cache Configuration -# -query_cache_limit = 1048576 -query_cache_size = 16777216 -query_cache_type = 1 -# -# * Logging and Replication -# -# Both location gets rotated by the cronjob. -# Be aware that this log type is a performance killer. -#log = /var/log/mysql.log -#log = /var/log/mysql/mysql.log -# -# Error logging goes to syslog. This is a Debian improvement :) -# -# Here you can see queries with especially long duration -#log-slow-queries = /var/log/mysql/mysql-slow.log -# -# The following can be used as easy to replay backup logs or for replication. -#server-id = 1 -log-bin = /var/log/mysql/mysql-bin.log -# See /etc/mysql/debian-log-rotate.conf for the number of files kept. -max_binlog_size = 104857600 -#binlog-do-db = include_database_name -#binlog-ignore-db = include_database_name -# -# * BerkeleyDB -# -# The use of BerkeleyDB is now discouraged and support for it will probably -# cease in the next versions. -skip-bdb -# -# * InnoDB -# -# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. -# Read the manual for more InnoDB related options. There are many! -# -# * Security Feature -# -# Read the manual, too, if you want chroot! -# chroot = /var/lib/mysql/ -# -# If you want to enable SSL support (recommended) read the manual or my -# HOWTO in /usr/share/doc/mysql-server/SSL-MINI-HOWTO.txt.gz -# ssl-ca=/etc/mysql/cacert.pem -# ssl-cert=/etc/mysql/server-cert.pem -# ssl-key=/etc/mysql/server-key.pem - - - -[mysqldump] -quick -quote-names -max_allowed_packet = 16M - -[mysql] -#no-auto-rehash # faster start of mysql but no tab completition - -[isamchk] -key_buffer = 16M diff --git a/etc/my.cnf.pause2 b/etc/my.cnf.pause2 deleted file mode 100644 index cf53f4a3a..000000000 --- a/etc/my.cnf.pause2 +++ /dev/null @@ -1,123 +0,0 @@ -# -# The MySQL database server configuration file. -# -# You can copy this to one of: -# - "/etc/mysql/my.cnf" to set global options, -# - "/var/lib/mysql/my.cnf" to set server-specific options or -# - "~/.my.cnf" to set user-specific options. -# -# One can use all long options that the program supports. -# Run program with --help to get a list of available options and with -# --print-defaults to see which it would actually understand and use. -# -# For explanations see -# http://dev.mysql.com/doc/mysql/en/server-system-variables.html - -# This will be passed to all mysql clients -# It has been reported that passwords should be enclosed with ticks/quotes -# escpecially if they contain "#" chars... -# Remember to edit /etc/mysql/debian.cnf when changing the socket location. -[client] -#password = my_password -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -# Here is entries for some specific programs -# The following values assume you have at least 32M ram - -# This was formally known as [safe_mysqld]. Both versions are currently parsed. -[mysqld_safe] -err-log = /var/log/mysql/mysql.err -socket = /var/run/mysqld/mysqld.sock -nice = 0 - -[mysqld] -# -# * Basic Settings -# -user = mysql -pid-file = /var/run/mysqld/mysqld.pid -socket = /var/run/mysqld/mysqld.sock -port = 3306 -# -# You can also put it into /var/log/mysql/mysql.log but I leave it in /var/log -# for backward compatibility. Both location gets rotated by the cronjob. -#log = /var/log/mysql/mysql.log -log = /var/log/mysql.log -basedir = /usr -datadir = /var/lib/mysql -tmpdir = /tmp -language = /usr/share/mysql/english -skip-external-locking -# -# Instead of skip-networking the default is now to listen only on -# localhost which is more compatible and is not less secure. -bind-address = 195.37.231.65 -# -# * Fine Tuning -# -key_buffer = 16M -max_allowed_packet = 16M -thread_stack = 128K -# -# * Query Cache Configuration -# -query_cache_limit = 1048576 -query_cache_size = 16777216 -query_cache_type = 1 -# -# * Logging and Replication -# -# Both location gets rotated by the cronjob. -# Be aware that this log type is a performance killer. -#log = /var/log/mysql.log -#log = /var/log/mysql/mysql.log -# -# Error logging goes to syslog. This is a Debian improvement :) -# -# Here you can see queries with especially long duration -#log-slow-queries = /var/log/mysql/mysql-slow.log -# -# The following can be used as easy to replay backup logs or for replication. -server-id = 1 -log-bin = /var/log/mysql/mysql-bin.log -# See /etc/mysql/debian-log-rotate.conf for the number of files kept. -max_binlog_size = 104857600 -binlog-do-db = mod -#binlog-ignore-db = include_database_name -log-warnings = 2 -# -# * BerkeleyDB -# -# The use of BerkeleyDB is now discouraged and support for it will probably -# cease in the next versions. -skip-bdb -# -# * InnoDB -# -# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. -# Read the manual for more InnoDB related options. There are many! -# -# * Security Feature -# -# Read the manual, too, if you want chroot! -# chroot = /var/lib/mysql/ -# -# If you want to enable SSL support (recommended) read the manual or my -# HOWTO in /usr/share/doc/mysql-server/SSL-MINI-HOWTO.txt.gz -# ssl-ca=/etc/mysql/cacert.pem -# ssl-cert=/etc/mysql/server-cert.pem -# ssl-key=/etc/mysql/server-key.pem -innodb_lock_wait_timeout= 150 - - -[mysqldump] -quick -quote-names -max_allowed_packet = 16M - -[mysql] -#no-auto-rehash # faster start of mysql but no tab completition - -[isamchk] -key_buffer = 16M From 4ef7d66c47ec09770ecc0b6c3638b63d6e012fcb Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:41:58 +0100 Subject: [PATCH 11/19] etc/csync2cfg_for_pause.pl: remove dead program --- etc/csync2cfg_for_pause.pl | 209 ------------------------------------- 1 file changed, 209 deletions(-) delete mode 100755 etc/csync2cfg_for_pause.pl diff --git a/etc/csync2cfg_for_pause.pl b/etc/csync2cfg_for_pause.pl deleted file mode 100755 index 49630ceb0..000000000 --- a/etc/csync2cfg_for_pause.pl +++ /dev/null @@ -1,209 +0,0 @@ -#!/usr/bin/perl - -# $HeadURL$ -# $Id$ - -use strict; -use warnings; -use Getopt::Long; -use DBI; -use File::Basename qw(dirname); -use File::Path qw(mkpath); -use File::Which qw(which); -use Sys::Hostname; - -my $sys_hostname = Sys::Hostname::hostname(); -our %Opt = (makepem => 1, - hostname => $sys_hostname, - pause_key_file => "/etc/csync2/pause_perl_org.key", - check_inetd => 1, - ); -GetOptions(\%Opt, - "hostname=s", - "makepem!", - "check_inetd!", - ); -warn "Configuring csync2 to act as a slave of pause.perl.org: - -hostname: $Opt{hostname} -makepem: $Opt{makepem} -check_inetd: $Opt{check_inetd} -"; - -if ($Opt{makepem}) { - my $pemfile = "/etc/csync2_ssl_cert.pem"; - if (-f $pemfile) { - die "pemfile[$pemfile] exists, won't overwrite. If this is ok, call me with --nomakepem"; - } else { - my $keyfile = "/etc/csync2_ssl_key.pem"; - my $csrfile = "/etc/csync2_ssl_cert.csr"; - unless (-f $keyfile) { - 0==system "openssl genrsa -out $keyfile 2048" or die; - } - unless (-f $csrfile) { - 0==system "yes ''|openssl req -new -key $keyfile -out $csrfile" or die; - } - my $days = int((2**31-1-time)/86400); - 0==system "openssl x509 -req -days $days -in $csrfile -signkey $keyfile -out $pemfile" or die; - } -} - -unless (-f $Opt{pause_key_file}) { - mkpath dirname $Opt{pause_key_file}; - open my $fh, ">", $Opt{pause_key_file} or die; - print $fh "perl" x 8, "\n"; -} - -### If PAUSE would run a csync2 process, this would do: -# % csync2 -v -T /home/ftp/pub/PAUSE/authors/02STAMP -N $HOSTNAME - - -my $db = "/var/lib/csync2/$Opt{hostname}.db"; -unless (-f $db) { - die "Missing file '$db', cannot continue"; -} - -my $dbh = DBI->connect("dbi:SQLite2:dbname=$db","","") or die; -$dbh->do(q{delete from x509_cert where peername="pause.perl.org"}) - or die "Could not alter the database '$db': $DBI::errstr"; -my $certdata = "30820306308201EE020900B5184B1CECD288E3300D06092A864886". -"F70D01010405003045310B3009060355040613024155311330110603550408130A536". -"F6D652D53746174653121301F060355040A1318496E7465726E657420576964676974". -"7320507479204C7464301E170D3036303432303033343633385A170D3338303131383". -"033343633385A3045310B3009060355040613024155311330110603550408130A536F". -"6D652D53746174653121301F060355040A1318496E7465726E6574205769646769747". -"320507479204C746430820122300D06092A864886F70D01010105000382010F003082". -"010A0282010100CA202ABA0F2E7091F9A22439551E7DA910BF085B8F8055C2761768E". -"00445E0A582A2CBDFD130F6F1BCF69AC914063CC0B263E47644C7BCBF1E4644F9C2E4". -"8DABDB5A18A6777561C126FD5B4358383B71492C39BE87EE3E87E8889C9ECFA61DA23". -"A12984C9984EBA63F6BC1A5F222CCE833A8201F6C12FD918A4DEA77D47D3FB2626B97". -"0909D7C4188974B3F03B505F52314DA88FC79FDC39C449BA7ADC7AA86B8ECA64801A2". -"6B0E750949D9A241DA3DB410E62E0B268A78BA27642F3CCB8C0C9392E66D722D1CBB4". -"C835433A5D83B7095397CE05486ED6FB84726F755FDC9D90FB7E242AD3D461A3F439E". -"0CBEC6DE209A70771BB3F539396F0B4011B4CF876690203010001300D06092A864886". -"F70D010104050003820101005184C3C1FEE523418EB1750F8B114746F3D5511C47ADB". -"4A9C765EBA9A615719C1BC681242419660C7CD02769E79F9FE932B48B03217055C4A0". -"B93BD2EE3B80D5ABB597F70A9110A3C564F88A3798FFABA53B94450BE0C7A2D07B421". -"F693C6A056CB0C1FA8E6498C9643A3CEF86349E921F711B2CF0E22E646DAD0010D1CA". -"429CC217350C71F5CCF82CAE20E44114B359620A5577AA05FCD444A1426162E052CB9". -"031E70177658748967D81F31821DA5CD27E53A214CC1B87F74628B95C632D209C2B44". -"446FA52294DCD8F886D999AD00B5D1321437E12061E2F6B23F94155E5797D7A64368A". -"ECCADB1D217B5F06AC418671651F0FB5F248C6823DAA2DE8B6E11"; - -$dbh-> - do(qq{insert into x509_cert (peername, certdata) values ("pause.perl.org","$certdata")}) - or die "Could not alter the database '$db': $DBI::errstr"; - - -if ($Opt{check_inetd}) { - open my $fh, "/etc/inetd.conf" or die; - local $/ = "\n"; - my $failmess = "Please correct or if this is indeed correct, rerun me with --nocheck_inetd"; - my $csync2_line_found; - while (<$fh>) { - chomp; - next unless /^csync2/; - $csync2_line_found++; - my(@inet_args) = split " ", $_; - die "csync2 line in inetd.conf too short" unless $#inet_args>6; - my $minus_N_arg; - for my $i (6..$#inet_args) { - if ($inet_args[$i] eq "-N") { - $minus_N_arg = $inet_args[$i+1]; - } - } - if ($Opt{hostname} eq $sys_hostname) { - # check below - } else { - if ($minus_N_arg) { - # check below - } else { - die "Your csync2 line in inetd.conf needs a '-N $Opt{hostname}' argument. Please fix"; - } - } - if ($minus_N_arg) { - if ($minus_N_arg eq $Opt{hostname}) { - # ok - } else { - die "Your csync2 line in inetd.conf contains '-N $minus_N_arg' but your hostname is '$Opt{hostname}': $failmess"; - } - } - } - unless ($csync2_line_found) { - die "Missing csync2 line in your inetd.conf\n$failmess"; - } -} - -{ - my $groupname = "pause_perl_org___$Opt{hostname}"; - $groupname =~ s/\W/_/g; - my $pause_stanza = qq{ -group $groupname { - host pause.perl.org; - host ($Opt{hostname}); - key $Opt{pause_key_file}; - include /home/ftp/pub/PAUSE/authors; - include /home/ftp/pub/PAUSE/modules; - #include /home/ftp/pub/PAUSE/scripts; # danger: CPAN has more than PAUSE - auto left; -} -}; - my $write; - my $outfh; - my $csync2file = "/etc/csync2.cfg"; - if (open my $fh, $csync2file) { - my $csync2 = do { local $/; <$fh> }; - if ($csync2 =~ m| - \bgroup\b\s* # group - \w+\s* # groupname - \{\s* - host\s*pause\.perl\.org\s*;\s* # pause.perl.org - host\s*\(\Q$Opt{hostname}\E\);\s* # own host - key\s+\Q$Opt{pause_key_file}\E;\s* # keyfile - include \s+ /home/ftp/pub/PAUSE/authors;\s* # - include \s+ /home/ftp/pub/PAUSE/modules;\s* # - \#include \s+ /home/ftp/pub/PAUSE/scripts;.* # - auto \s+ left;\s* # - \} - |sx) { - warn "$csync2file looks good"; - } else { - open $outfh, ">>", $csync2file or die; - warn "Appending the pause stanza to $csync2file"; - $write++; - } - } else { - open $outfh, ">", $csync2file or die; - warn "Writing the pause stanza to $csync2file"; - $write++; - } - if ($write) { - print $outfh $pause_stanza; - } -} - -{ - my $pause_dir = '/home/ftp/pub/PAUSE/'; - mkpath $pause_dir; - for my $d (qw(authors modules scripts)) { # XXX wait that scripts issues get resolved - mkpath "$pause_dir/$d"; - } -} - -{ - my $csync2 = which "csync2"; - unless ($csync2) { - die "Found no csync2 binary in path. You need to install the csync2 program."; - } -} - -warn "Your csync2 slave is ready to go now. Please tell the PAUSE admin to add your host '$Opt{hostname}' to the csync2 config"; - -### How to call csync2 on the master (PAUSE does that itself): -# ONCE: -# % ~k/PAUSE/cron/csync-wrapper.pl -tuxi $Opt{hostname} & -# REGULARLY: -# % csync2 -x -v -G pause_perl_org -N pause.perl.org - -__END__ - From ff9b3ffa02864dafca53cf5e808e8cc243700836 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:45:35 +0100 Subject: [PATCH 12/19] etc/puppet: remove almost everything as cruft puppet no longer manages PAUSE. This leaves one file, etc/puppet/modules/pause/files/etc/postfix/main.cf-pause-us which is used by bootstrap/selfconfig. --- etc/puppet/manifests/site.pp | 576 ------------------ .../modules/mysql-conf/manifests/init.pp | 17 - .../modules/mysql-conf/templates/my.cnf.erb | 62 -- .../modules/pause/files/etc/aliases-pause-us | 106 ---- .../modules/pause/files/etc/cron.d/pause2016 | 26 - .../files/etc/init.d/PAUSE-httpd-pause-us | 80 --- .../modules/pause/files/etc/init.d/PAUSE-mojo | 86 --- .../files/etc/init.d/PAUSE-paused-pause-us | 74 --- .../files/etc/init.d/PAUSE-perlbal-pause-us | 87 --- .../pause/files/etc/init.d/PAUSE-plack | 87 --- .../files/etc/init.d/PAUSE-rsyncd-pause-us | 86 --- .../files/etc/init.d/PAUSE-rsyncd2-pause-us | 86 --- .../pause/files/etc/init.d/munin_httpd_8000 | 82 --- etc/puppet/modules/pause/files/etc/mon/mon.cf | 77 --- .../files/etc/munin/httpd_8000.conf/pause2 | 53 -- .../pause/files/etc/proftpd.conf-pause-us | 276 --------- .../pause/files/etc/rsyncd.conf-pause-us | 29 - .../pause/files/etc/rsyncd2.conf-pause-us | 17 - .../files/etc/security/limits.conf-pause-us | 61 -- .../etc/sysconfig/iptables-config-pause-us | 48 -- .../files/etc/sysconfig/iptables-pause-us | 23 - .../files/etc/sysconfig/proftpd-pause-us | 11 - .../usr/lib64/mon/mon.d/freespace.monitor | 75 --- .../files/usr/lib64/mon/mon.d/paused.monitor | 20 - .../usr/lib64/mon/mon.d/rersyncrecent.monitor | 28 - .../files/usr/lib64/mon/mon.d/rsyncd.monitor | 14 - .../files/usr/lib64/mon/mon.d/rsyncd2.monitor | 20 - 27 files changed, 2207 deletions(-) delete mode 100644 etc/puppet/manifests/site.pp delete mode 100644 etc/puppet/modules/mysql-conf/manifests/init.pp delete mode 100644 etc/puppet/modules/mysql-conf/templates/my.cnf.erb delete mode 100644 etc/puppet/modules/pause/files/etc/aliases-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/cron.d/pause2016 delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-httpd-pause-us delete mode 100755 etc/puppet/modules/pause/files/etc/init.d/PAUSE-mojo delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-paused-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-perlbal-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-plack delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd2-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/init.d/munin_httpd_8000 delete mode 100644 etc/puppet/modules/pause/files/etc/mon/mon.cf delete mode 100644 etc/puppet/modules/pause/files/etc/munin/httpd_8000.conf/pause2 delete mode 100644 etc/puppet/modules/pause/files/etc/proftpd.conf-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/rsyncd.conf-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/rsyncd2.conf-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/security/limits.conf-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/sysconfig/iptables-config-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/sysconfig/iptables-pause-us delete mode 100644 etc/puppet/modules/pause/files/etc/sysconfig/proftpd-pause-us delete mode 100755 etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/freespace.monitor delete mode 100755 etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/paused.monitor delete mode 100755 etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rersyncrecent.monitor delete mode 100755 etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd.monitor delete mode 100755 etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd2.monitor diff --git a/etc/puppet/manifests/site.pp b/etc/puppet/manifests/site.pp deleted file mode 100644 index 8bbaaa6e5..000000000 --- a/etc/puppet/manifests/site.pp +++ /dev/null @@ -1,576 +0,0 @@ -class pause-pkg { - package { munin : ensure => installed } - package { zsh : ensure => installed } - package { gnupg2 : ensure => installed } - package { proftpd : ensure => installed } - package { chkrootkit : ensure => installed } - package { rkhunter : ensure => installed } - package { mon : ensure => installed } - package { mysql-server : ensure => installed } - # we will compile our own dbd-mysql: - package { mysql-devel : ensure => installed } - package { unzip : ensure => installed } - package { git : ensure => installed } - package { "gcc-c++" : ensure => installed } -} - -class pause-mysqld { - service { mysqld: - ensure => running, - enable => true, - require => File["mysql_my_cnf"], - } - file { "/var/log/mysql": - owner => "mysql", - group => "mysql", - mode => 700, - ensure => directory, - } - include mysql-conf -} - -class pause-munin-node { - package { "munin-node" : ensure => installed } - service { "munin-node": - ensure => running, - enable => true, - hasstatus => true, - } - file { "/etc/logrotate.d/munin_httpd_8000": - owner => root, - group => root, - mode => 644, - content => "/var/log/munin_httpd/*_8000.log { - weekly - rotate 150 - compress - delaycompress - notifempty - missingok - sharedscripts - dateext - postrotate - /etc/init.d/munin_httpd_8000 reload; - endscript -} -", - } -} -class pause-munin { - package { httpd : ensure => installed } - file { "/var/log/munin_httpd": - owner => "root", - group => "root", - mode => 755, - ensure => directory, - } - file { "/etc/munin/httpd_8000.conf": - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/pause/etc/munin/httpd_8000.conf/pause2", - notify => Service["munin_httpd_8000"], - } - service { "munin_httpd_8000": - ensure => running, - enable => true, - require => [ - Package["munin"], - File["/etc/init.d/munin_httpd_8000"], - File["/etc/munin/httpd_8000.conf"], - File["/var/log/munin_httpd"], - ], - hasstatus => true, - } - file { "/etc/init.d/munin_httpd_8000": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/munin_httpd_8000", - # require => File["/etc/puppet/files"], - require => [ - Package["httpd"], - Package["munin"], - ], - } -} - -class pause-apache { - file { "/var/log/PAUSE-httpd": - ensure => "/opt/apache/current/logs", - } - file { "/var/run/httpd/deadmeat": - # abuse of the httpd directory, it rather belongs to - # the apache we built ourselves - owner => apache, - group => apache, - mode => 755, - ensure => directory, - } - file { "/usr/local/apache/rundata/pause_1999": - # abuse of an arbitrary /usr/local place, it rather - # belonges in something like /var/lib/pause/ - owner => apache, - group => apache, - mode => 755, - ensure => directory, - } - file { "/usr/local/apache/rundata": - owner => apache, - group => apache, - mode => 755, - ensure => directory, - } - file { "/usr/local/apache": - owner => apache, - group => apache, - mode => 755, - ensure => directory, - } - file { "/usr/local": - owner => root, - group => root, - mode => 755, - ensure => directory, - } - file { "/etc/init.d/PAUSE-httpd": - path => "/etc/init.d/PAUSE-httpd", - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-httpd-pause-us", - } - file { "/etc/init.d/PAUSE-plack": - path => "/etc/init.d/PAUSE-plack", - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-plack", - } - file { "/opt/apache/current/conf/httpd.conf": - path => "/opt/apache/current/conf/httpd.conf", - ensure => "/home/puppet/pause/apache-conf/httpd.conf.pause-us-80", - } - # 2016-04-23 10:48 mkdir /var/log/PAUSE-plack - # 2016-04-23 10:55 chown apache:apache /var/log/PAUSE-plack - file { "/var/log/PAUSE-plack": - owner => apache, - group => apache, - mode => 755, - ensure => directory, - } - # apache was replaced by starman 2016-04 - service { "PAUSE-httpd": - ensure => stopped, - enable => false, - require => [ - File["/etc/init.d/PAUSE-httpd"], - File["/opt/apache/current/conf/httpd.conf"], - ], - hasstatus => true, - } - service { "PAUSE-plack": - ensure => running, - enable => true, - require => [ - File["/etc/init.d/PAUSE-plack"], - ], - hasstatus => true, - } - file { "/etc/logrotate.d/PAUSE-httpd": - owner => root, - group => root, - mode => 644, - content => "/var/log/PAUSE-httpd/*log { - daily - rotate 150 - compress - delaycompress - notifempty - missingok - sharedscripts - dateext - postrotate - /etc/init.d/PAUSE-httpd reload; - endscript -}\n", - } - file { "/etc/logrotate.d/PAUSE-plack": - owner => root, - group => root, - mode => 644, - content => "/var/log/PAUSE-plack/*log { - daily - rotate 150 - compress - delaycompress - notifempty - missingok - sharedscripts - dateext - postrotate - /etc/init.d/PAUSE-plack reload; - endscript -}\n", - } -} - -class pause-perlbal { - file { "/home/puppet/pause-private": - owner => root, - group => root, - mode => 700, - ensure => directory, - } - # file { "/home/puppet/pause-private/lib": - # owner => puppet, - # group => puppet, - # mode => 755, - # ensure => directory, - # } - file { "/etc/perlbal": - owner => root, - group => root, - mode => 755, - ensure => directory, - } - file { "/etc/perlbal/servercerts": - owner => root, - group => root, - mode => 700, - ensure => directory, - } - file { "/etc/perlbal/perlbal.conf": - path => "/etc/perlbal/perlbal.conf", - ensure => "/home/puppet/pause/etc/perlbal/perlbal.conf.pause-us", - } - file { "/etc/perlbal/restarter.sh": - path => "/etc/perlbal/restarter.sh", - ensure => "/home/puppet/pause/etc/perlbal/restarter.sh", - mode => 755, - } - file { "/etc/init.d/PAUSE-perlbal": - path => "/etc/init.d/PAUSE-perlbal", - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-perlbal-pause-us", - } - service { "PAUSE-perlbal": - ensure => running, - enable => true, - require => [ - File["/etc/init.d/PAUSE-perlbal"], - File["/etc/perlbal/perlbal.conf"], - ], - hasstatus => true, - } -} - -class pause-rsyncd { - include pause-rsyncd-873 - include pause-rsyncd-8732 -} -class pause-rsyncd-873 { - file { "/etc/rsyncd.conf": - path => "/etc/rsyncd.conf", - owner => root, - group => root, - mode => 644, - source => "puppet:///modules/pause/etc/rsyncd.conf-pause-us", - } - file { "/etc/init.d/PAUSE-rsyncd": - path => "/etc/init.d/PAUSE-rsyncd", - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-rsyncd-pause-us", - } - service { "PAUSE-rsyncd": - ensure => running, - enable => true, - require => [ - File["/etc/init.d/PAUSE-rsyncd"], - File["/etc/rsyncd.conf"], - ], - hasstatus => true, - } - include pause-rsyncd-logrotate -} -class pause-rsyncd-8732 { - file { "/etc/rsyncd2.conf": - path => "/etc/rsyncd2.conf", - owner => root, - group => root, - mode => 644, - source => "puppet:///modules/pause/etc/rsyncd2.conf-pause-us", - } - file { "/etc/init.d/PAUSE-rsyncd2": - path => "/etc/init.d/PAUSE-rsyncd2", - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-rsyncd2-pause-us", - } - service { "PAUSE-rsyncd2": - ensure => running, - enable => true, - require => [ - File["/etc/init.d/PAUSE-rsyncd2"], - File["/etc/rsyncd2.conf"], - ], - hasstatus => true, - } - include pause-rsyncd-logrotate -} -class pause-rsyncd-logrotate { - file { "/etc/logrotate.d/PAUSE-rsyncd": - owner => root, - group => root, - mode => 644, - content => "/var/log/rsyncd /var/log/rsyncd2 { - daily - rotate 150 - compress - delaycompress - notifempty - missingok - dateext -}\n", - } -} -class pause-proftpd { - # what we did manually: we made /var/ftp a symlink to - # /home/ftp . Since centos6 makes /var/ftp the home directory - # of the user ftp and we did not want to question this but we - # did not have a tradition of putting the whole CPAN into the - # var partition, this seemed like the lowest impact manual - # tweak. --akoenig 2012-12-30 - file { "/home/ftp/incoming": - owner => "ftp", - group => "ftp", - mode => 1777, # both ftp and apache write here - ensure => directory, - } - file { "/home/ftp/pub": - owner => "root", - group => "root", - mode => 755, - ensure => directory, - } - file { "/home/ftp/run": - owner => "ftp", - group => "ftp", - mode => 755, - ensure => directory, - } - file { "/home/ftp/tmp": - owner => "ftp", - group => "ftp", - mode => 755, - ensure => directory, - } - file { "/home/ftp": - owner => "root", - group => "root", - mode => 755, - ensure => directory, - } - file { "/etc/proftpd.conf": - path => "/etc/proftpd.conf", - owner => root, - group => root, - mode => 640, - source => "puppet:///modules/pause/etc/proftpd.conf-pause-us", - } - file { "/etc/sysconfig/proftpd": - owner => root, - group => root, - mode => 644, - source => "puppet:///modules/pause/etc/sysconfig/proftpd-pause-us", - } - service { "proftpd": - ensure => running, - enable => true, - require => [ - File["/etc/sysconfig/proftpd"], - File["/etc/proftpd.conf"], - ], - hasstatus => true, - } -} -class pause-postfix { - file { "/etc/aliases": - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/pause/etc/aliases-pause-us", - } - file { "/etc/postfix/main.cf": - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/pause/etc/postfix/main.cf-pause-us", - } - exec { subscribe-aliases: - command => "/usr/bin/newaliases", - logoutput => true, - refreshonly => true, - subscribe => File["/etc/aliases"] - } - exec { subscribe-postfix: - command => "/etc/init.d/postfix reload", - logoutput => true, - refreshonly => true, - subscribe => File["/etc/postfix/main.cf"] - } - service { "postfix": - ensure => running, - enable => true, - hasstatus => true, - } -} -class pause-paused { - file { "/etc/init.d/PAUSE-paused": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/etc/init.d/PAUSE-paused-pause-us", - } - file { "/etc/logrotate.d/mldistwatch": - owner => root, - group => root, - mode => 644, - content => "/var/log/mldistwatch*log { - daily - rotate 150 - compress - delaycompress - notifempty - missingok - sharedscripts - dateext -}\n", - } - service { "crond": - ensure => running, - enable => true, - hasstatus => true, - } -} -class pause-limits { - file { "/etc/security/limits.conf": - owner => root, - group => root, - mode => 644, - source => "puppet:///modules/pause/etc/security/limits.conf-pause-us", - } -} -# class pause-iptables { -# file { "/etc/sysconfig/iptables-config": -# owner => root, -# group => root, -# mode => 644, -# source => "puppet:///modules/pause/etc/sysconfig/iptables-config-pause-us", -# } -# file { "/etc/sysconfig/iptables": -# owner => root, -# group => root, -# mode => 644, -# source => "puppet:///modules/pause/etc/sysconfig/iptables-pause-us", -# } -# } -class pause-mon { - file { "/usr/lib64/mon/mon.d/freespace.monitor": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/usr/lib64/mon/mon.d/freespace.monitor", - } - file { "/usr/lib64/mon/mon.d/paused.monitor": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/usr/lib64/mon/mon.d/paused.monitor", - } - file { "/usr/lib64/mon/mon.d/rsyncd.monitor": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/usr/lib64/mon/mon.d/rsyncd.monitor", - } - file { "/usr/lib64/mon/mon.d/rsyncd2.monitor": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/usr/lib64/mon/mon.d/rsyncd2.monitor", - } - file { "/usr/lib64/mon/mon.d/rersyncrecent.monitor": - owner => root, - group => root, - mode => 755, - source => "puppet:///modules/pause/usr/lib64/mon/mon.d/rersyncrecent.monitor", - } - file { "/etc/mon/mon.cf": - owner => root, - group => root, - mode => 644, - source => "puppet:///modules/pause/etc/mon/mon.cf", - } - service { "mon": - ensure => running, - enable => true, - require => [ - File["/etc/mon/mon.cf"], - ], - hasstatus => true, - } -} -class pause-cron { - file { "/etc/cron.d/pause2016": - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/pause/etc/cron.d/pause2016", - } -} -class pause { - # file { "/etc/puppet/files": - # path => "/etc/puppet/files", - # ensure => "/home/puppet/pause/etc/puppet/files", - # } - include pause-pkg - include pause-mysqld - include pause-munin - include pause-munin-node - include pause-apache - include pause-perlbal - include pause-rsyncd - include pause-proftpd - include pause-postfix - include pause-paused - include pause-limits - include pause-mon - include pause-cron -} - -node pause2 { - $mysql_listen_address = "10.0.100.191" - $mysql_innodb_buffer_pool_size = "4G" - include pause -} - -node pause-pps { - $mysql_listen_address = "127.0.0.1" - $mysql_innodb_buffer_pool_size = "250M" - include pause -} - -# Local Variables: -# mode: puppet -# coding: utf-8 -# indent-tabs-mode: t -# tab-width: 8 -# indent-level: 8 -# puppet-indent-level: 8 -# End: diff --git a/etc/puppet/modules/mysql-conf/manifests/init.pp b/etc/puppet/modules/mysql-conf/manifests/init.pp deleted file mode 100644 index 3e9a015de..000000000 --- a/etc/puppet/modules/mysql-conf/manifests/init.pp +++ /dev/null @@ -1,17 +0,0 @@ - -class mysql-conf { - file { "mysql_my_cnf": - path => "/etc/my.cnf", - owner => root, - group => root, - mode => 644, - content => template("mysql-conf/my.cnf.erb"), - } -} - -# Local Variables: -# puppet-indent-level: 8 -# indent-tabs-mode: t -# End: - -# vim:sw=8 diff --git a/etc/puppet/modules/mysql-conf/templates/my.cnf.erb b/etc/puppet/modules/mysql-conf/templates/my.cnf.erb deleted file mode 100644 index 252bdf79b..000000000 --- a/etc/puppet/modules/mysql-conf/templates/my.cnf.erb +++ /dev/null @@ -1,62 +0,0 @@ -[client] -port = 3306 -socket = /var/lib/mysql/mysql.sock - -[mysqld_safe] -err-log = /var/log/mysqld.log -socket = /var/lib/mysql/mysql.sock -nice = 0 - -[mysqld] -# symbolic-links=0 -user = mysql -pid-file = /var/run/mysqld/mysqld.pid -socket = /var/lib/mysql/mysql.sock -port = 3306 -general_log_file= /var/log/mysqld.log -basedir = /usr -datadir = /var/lib/mysql -tmpdir = /tmp -language = /usr/share/mysql/english -max-connections = 1000 -skip-external-locking -bind-address = <%= @mysql_listen_address %> -key_buffer = 16M -max_allowed_packet = 16M -thread_stack = 128K -query_cache_limit = 1048576 -query_cache_size = 16777216 -query_cache_type = 1 -tmp_table_size = 32M -max_heap_table_size = 32M -thread_cache_size = 4 -innodb_file_per_table -innodb_flush_log_at_trx_commit -innodb_buffer_pool_size = <%= @mysql_innodb_buffer_pool_size %> -innodb_lock_wait_timeout= 300 -table_cache = 64 -log_slow_queries = ON -slow_query_log_file = /var/log/mysql/slow-query-log -long_query_time = 1 - -server-id = 2 -log-bin = /var/log/mysql/mysql-bin.log -expire-logs-days = 5 -max_binlog_size = 104857600 -binlog-do-db = mod -log-warnings = 2 -log-slave-updates -slave_compressed_protocol -relay-log=relay-bin - -sql-mode="NO_ENGINE_SUBSTITUTION" - -[mysqldump] -quick -quote-names -max_allowed_packet = 16M - -[mysql] - -[isamchk] -key_buffer = 16M diff --git a/etc/puppet/modules/pause/files/etc/aliases-pause-us b/etc/puppet/modules/pause/files/etc/aliases-pause-us deleted file mode 100644 index 01ffdce65..000000000 --- a/etc/puppet/modules/pause/files/etc/aliases-pause-us +++ /dev/null @@ -1,106 +0,0 @@ -# -# Aliases in this file will NOT be expanded in the header from -# Mail, but WILL be visible over networks or from /bin/mail. -# -# >>>>>>>>>> The program "newaliases" must be run after -# >> NOTE >> this file is updated for any changes to -# >>>>>>>>>> show through to sendmail. -# - -# Basic system aliases -- these MUST be present. -mailer-daemon: postmaster -postmaster: root - -# General redirections for pseudo accounts. -bin: root -daemon: root -adm: root -lp: root -sync: root -shutdown: root -halt: root -mail: root -news: root -uucp: root -operator: root -games: root -gopher: root -ftp: root -nobody: root -radiusd: root -nut: root -dbus: root -vcsa: root -canna: root -wnn: root -rpm: root -nscd: root -pcap: root -apache: root -webalizer: root -dovecot: root -fax: root -quagga: root -radvd: root -pvm: root -amanda: root -privoxy: root -ident: root -named: root -xfs: root -gdm: root -mailnull: root -postgres: root -sshd: root -smmsp: root -postfix: root -netdump: root -ldap: root -squid: root -ntp: root -mysql: root -desktop: root -rpcuser: root -rpc: root -nfsnobody: root - -ingres: root -system: root -toor: root -manager: root -dumper: root -abuse: root - -newsadm: news -newsadmin: news -usenet: news -ftpadm: ftp -ftpadmin: ftp -ftp-adm: ftp -ftp-admin: ftp -www: webmaster -webmaster: root -noc: root -security: root -hostmaster: root -info: postmaster -marketing: postmaster -sales: postmaster -support: postmaster - - -# trap decode to catch security attacks -decode: root - -# Person who should get root's mail -root: andreas.koenig.5c1c1wmb@franz.ak.mind.de -upload: andreas.koenig.5c1c1wmb@franz.ak.mind.de -koenig: andreas.koenig.5c1c1wmb@franz.ak.mind.de -a.koenig: andreas.koenig.5c1c1wmb@franz.ak.mind.de -andreas.koenig: andreas.koenig.5c1c1wmb@franz.ak.mind.de -andreas: andreas.koenig.5c1c1wmb@franz.ak.mind.de -pause: andreas.koenig.5c1c1wmb@franz.ak.mind.de -logcheck: andreas.koenig.5c1c1wmb@franz.ak.mind.de - -# Mailinglists -security: andk@cpan.org, kstar@cpan.org, bdfoy@cpan.org, jv@cpan.org, gbarr@cpan.org, smueller@cpan.org, adamk@cpan.org, dagolden@cpan.org, abh@cpan.org diff --git a/etc/puppet/modules/pause/files/etc/cron.d/pause2016 b/etc/puppet/modules/pause/files/etc/cron.d/pause2016 deleted file mode 100644 index 195a3b87c..000000000 --- a/etc/puppet/modules/pause/files/etc/cron.d/pause2016 +++ /dev/null @@ -1,26 +0,0 @@ -MAILTO=andreas.koenig.5c1c1wmb@franz.ak.mind.de -PATH=/opt/perl/current/bin:/usr/bin:/bin:/home/puppet/pause/cron:/usr/sbin - -* * * * * root recentfile-aggregate.sh -* * * * * root date -u +"\%s \%a \%b \%e \%T \%Z \%Y" > /home/ftp/tmp/02STAMP && mv /home/ftp/tmp/02STAMP /home/ftp/pub/PAUSE/authors/02STAMP && /opt/perl/current/bin/perl -I /home/puppet/pause/lib -e 'use PAUSE; PAUSE::newfile_hook(shift)' /home/ftp/pub/PAUSE/authors/02STAMP -08 * * * * root date -u +"\%s \%FT\%TZ" > /home/ftp/tmp/02STAMPm && mv /home/ftp/tmp/02STAMPm /home/ftp/pub/PAUSE/modules/02STAMP && /opt/perl/current/bin/perl -I /home/puppet/pause/lib -e 'use PAUSE; PAUSE::newfile_hook(shift)' /home/ftp/pub/PAUSE/modules/02STAMP -52 * * * * root perl /home/puppet/pause/cron/mldistwatch --logfile /var/log/mldistwatch.cron.log -04 7 * * 6 root perl /home/puppet/pause/cron/mldistwatch --logfile /var/log/mldistwatch.cron.log --symlinkinventory -17,29,41,53 * * * * root perl /home/puppet/pause/cron/mldistwatch --logfile /var/log/mldistwatch.cron.log --fail-silently-on-concurrency-protection --rewrite -12 06,14,22 * * * root perl /home/puppet/pause/cron/update-checksums.pl -29 * * * * root perl /home/puppet/pause/cron/cleanup-incoming.pl -*/3 * * * * root perl /home/puppet/pause/cron/cleanup-apachecores.pl -59 * * * * root perl /home/puppet/pause/cron/cron-daily.pl -37 05 * * * root perl /home/puppet/pause/cron/gmls-lR.pl -47 07,13,19,01 * * * root perl /home/puppet/pause/cron/mysql-dump.pl -19 * * * * root perl /home/puppet/pause/cron/make-mirror-yaml.pl -#### 26,56 * * * * root perl /home/puppet/pause/cron/publish-crontab.pl -21 */6 * * * root perl /home/puppet/pause/cron/rm_stale_links -23 07,13,19,01 * * * root run_mirrors.sh -22 * * * * root perl /home/puppet/pause/cron/sync-04pause.pl -03 07,13,18,01 * * * root cd /home/ftp/pub/PAUSE/PAUSE-git && (git gc && git push -u origin master) >> /var/log/git-gc-push.out -18 * * * * root perl /home/puppet/pause/cron/cron-p6daily.pl -46 0,6,12,18 * * * root perl -I/home/puppet/pause/lib /home/puppet/pause/bin/indexscripts.pl >/home/puppet/pause/bin/indexscripts.pl.out 2>&1 -7 2 * * 0 root perl -I/home/puppet/pause/lib /home/puppet/pause/bin/indexscripts.pl -f -4,11,19,26,34,42,49,56 * * * * root zsh /home/puppet/pause/cron/assert-paused-running.zsh -29 21 13,28 * * root cd /home/andreas/src/certbot/ && ./certbot-auto renew --renew-hook /etc/perlbal/restarter.sh diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-httpd-pause-us b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-httpd-pause-us deleted file mode 100644 index 873371201..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-httpd-pause-us +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# -# Startup script for the Apache Web Server -# -# chkconfig: 345 85 15 -# description: pause httpd on port 81 -# processname: httpd -# pidfile: /opt/apache/current/logs/httpd.pid -# config: /opt/apache/current/conf/httpd.conf - -# Source function library. -. /etc/rc.d/init.d/functions - -INITLOG_ARGS="" -apachectl=/opt/apache/current/bin/apachectl -httpd=/opt/apache/current/bin/httpd -prog=PAUSE-httpd -pidfile=/opt/apache/current/logs/httpd.pid -lockfile=/var/lock/subsys/PAUSE-httpd -configfile=/opt/apache/current/conf/httpd.conf -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - $httpd -f ${configfile} - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - [ $RETVAL = 0 ] && touch ${lockfile} - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - echo "Waiting 5 seconds to let ${prog} free all resources." - sleep 5s - fi -} -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} PAUSE-httpd - RETVAL=$? - ;; - restart) - stop - start - ;; - condrestart) - if [ -f ${pidfile} ] ; then - stop - start - fi - ;; - *) - echo $"Usage: $prog {start|stop|restart|condrestart|help}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-mojo b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-mojo deleted file mode 100755 index 5ea22a77b..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-mojo +++ /dev/null @@ -1,86 +0,0 @@ -#!/opt/perl/current/bin/perl - -# INIT Info Generated at Sat Apr 23 13:17:44 2016 with Daemon::Control DEV - -### BEGIN INIT INFO -# Provides: PAUSE-mojo -# Required-Start: $syslog $remote_fs -# Required-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: PAUSE-Mojo -# Description: PAUSE-Mojo web program -### END INIT INFO` - -use strict; -# use FindBin; -use Daemon::Control; - -my $name = 'PAUSE-mojo'; -# note: hist*rical raisins; keep the directory, change the filenames -my $logdirbasename = "PAUSE-plack"; -my $psgi = "/home/puppet/pause-charsbar/app_2017.psgi"; -(my $starman = $^X) =~ s{/perl[^/]*$}{/starman}; - -exit My::Daemon::Control->new({ - name => $name, - lsb_start => '$syslog $remote_fs', - lsb_stop => '$syslog', - lsb_sdesc => 'PAUSE-Mojo', - lsb_desc => 'PAUSE-Mojo web program', - - program => $starman, - program_args => [ - $psgi, - '--workers', 5, - '--listen', ":81", - '--user', 'apache', - '--group', 'apache', - '--preload-app', - '--env', 'production', - '--access-log', "/var/log/$logdirbasename/access_log_mojo", - ], - - pid_file => "/var/run/$name.pid", - stderr_file => "/var/log/$logdirbasename/error_log_mojo_stdx", - stdout_file => "/var/log/$logdirbasename/error_log_mojo_stdx", - - fork => 2, - -})->run; - -{ - package My::Daemon::Control; - use base 'Daemon::Control'; - # See https://github.com/miyagawa/Starman/issues/94 - # and https://github.com/miyagawa/Starman/issues/106 - # why checking for a working psgi is a good idea. - sub do_reload { - my $self = shift; - my $psgi_file = $self->program_args->[0]; - my $child_pid = fork; - die if !defined $child_pid; - if ($child_pid == 0) { - require Plack::Util; - Plack::Util::load_psgi($psgi_file); - exit 0; - } - waitpid $child_pid, 0; - if ($? != 0) { - die "load_psgi of $psgi_file failed"; - } - $self->SUPER::do_reload(); - } -} - -__END__ - -=head1 INSTALLATION - -As root / into puppet: - - chmod 755 /etc/init.d/PAUSE-mojo - update-rc.d PAUSE-mojo defaults # Debian - chkconfig --add PAUSE-mojo # RedHat - -=cut diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-paused-pause-us b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-paused-pause-us deleted file mode 100644 index 96e2db335..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-paused-pause-us +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/zsh -# -# Startup script for the PAUSE daemon paused -# -# chkconfig: 345 85 15 -# description: runs the Perl Authors Upload Server -# processname: PAUSE-paused -# pidfile: /var/run/paused.pid - -# Source function library. -. /etc/rc.d/init.d/functions - -prog=PAUSE-paused -pidfile=/var/run/PAUSE-paused.pid -lockfile=/var/lock/subsys/PAUSE-paused -daemon=(/opt/perl/current/bin/perl /home/puppet/pause/bin/paused --pidfile=${pidfile}) -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - ${daemon} & - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - [ $RETVAL = 0 ] && touch ${lockfile} - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - fi -} -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} PAUSE-paused - RETVAL=$? - ;; - restart) - stop - start - ;; - condrestart) - if [ -f ${pidfile} ] ; then - stop - start - fi - ;; - *) - echo $"Usage: $prog {start|stop|restart|condrestart|help}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-perlbal-pause-us b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-perlbal-pause-us deleted file mode 100644 index 77bc28064..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-perlbal-pause-us +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin/bash -# -# Startup script for PAUSE-perlbal -# -# chkconfig: 345 85 15 -# description: loadbalancer -# processname: perlbal -# pidfile: /var/run/PAUSE-perlbal.pid -# config: /etc/perlbal/perlbal.conf - -# Source function library. -. /etc/rc.d/init.d/functions - -daemon=/opt/perl/current/bin/perlbal -prog=perlbal -pidfile=/var/run/PAUSE-perlbal.pid -lockfile=/var/lock/subsys/PAUSE-perlbal -configfile=/etc/perlbal/perlbal.conf -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - if [ -e $pidfile ] - then - - if [ -d /proc/`cat $pidfile`/ ] - then - - echo "$daemon already running." - exit 0; - else - rm -f $pidfile - fi - fi - - $daemon --config $configfile --daemon - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - if [ $RETVAL = 0 ] ; then - touch ${lockfile} - pidof -x $daemon > ${pidfile} - fi - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - fi -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} perlbal - RETVAL=$? - ;; - restart|force_reload) - stop - start - ;; - *) - echo "Usage: $0 {start|stop|restart|force_reload|status}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-plack b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-plack deleted file mode 100644 index 3fb6443d3..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-plack +++ /dev/null @@ -1,87 +0,0 @@ -#!/opt/perl/current/bin/perl - -# INIT Info Generated at Sat Apr 23 13:17:44 2016 with Daemon::Control DEV - -### BEGIN INIT INFO -# Provides: PAUSE-plack -# Required-Start: $syslog $remote_fs -# Required-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: PAUSE-Plack -# Description: PAUSE-Plack web program -### END INIT INFO` - -use strict; -# use FindBin; -use Daemon::Control; - -# for the record, on 20160421 we started plackperl/charsbar for live from /home/puppet/pause manually with -# 2016-04-22 16:31 /opt/perl/v5.16.2/165a/bin/plackup -I ../pause-private/lib -E production -s Starman -r -p 81 & - -my $name = 'PAUSE-plack'; -my $psgi = "/home/puppet/pause/app_1999.psgi"; -(my $starman = $^X) =~ s{/perl[^/]*$}{/starman}; - -exit My::Daemon::Control->new({ - name => $name, - lsb_start => '$syslog $remote_fs', - lsb_stop => '$syslog', - lsb_sdesc => 'PAUSE-Plack', - lsb_desc => 'PAUSE-Plack web program', - - program => $starman, - program_args => [ - $psgi, - '--workers', 15, - '--listen', ":81", - '--user', 'apache', - '--group', 'apache', - '--preload-app', - '--env', 'production', - '--access-log', "/var/log/$name/access_log", - ], - - pid_file => "/var/run/$name.pid", - stderr_file => "/var/log/$name/error_log", - stdout_file => "/var/log/$name/error_log", - - fork => 2, - -})->run; - -{ - package My::Daemon::Control; - use base 'Daemon::Control'; - # See https://github.com/miyagawa/Starman/issues/94 - # and https://github.com/miyagawa/Starman/issues/106 - # why checking for a working psgi is a good idea. - sub do_reload { - my $self = shift; - my $psgi_file = $self->program_args->[0]; - my $child_pid = fork; - die if !defined $child_pid; - if ($child_pid == 0) { - require Plack::Util; - Plack::Util::load_psgi($psgi_file); - exit 0; - } - waitpid $child_pid, 0; - if ($? != 0) { - die "load_psgi of $psgi_file failed"; - } - $self->SUPER::do_reload(); - } -} - -__END__ - -=head1 INSTALLATION - -As root: - - ./PAUSE-plack.psgi-init get_init_file > /etc/init.d/PAUSE-plack # optional - chmod 755 /etc/init.d/PAUSE-plack - update-rc.d PAUSE-plack defaults - -=cut diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd-pause-us b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd-pause-us deleted file mode 100644 index af1f8e715..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd-pause-us +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -# -# Startup script for PAUSE-perlbal -# -# chkconfig: 345 85 15 -# description: loadbalancer -# processname: perlbal -# pidfile: /var/run/PAUSE-perlbal.pid -# config: /etc/perlbal/perlbal.conf - -# Source function library. -. /etc/rc.d/init.d/functions - -daemon=/usr/bin/rsync -prog=rsync -pidfile=/var/run/PAUSE-rsyncd.pid -lockfile=/var/lock/subsys/PAUSE-rsyncd -configfile=/etc/rsyncd.conf -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - if [ -e $pidfile ] - then - - if [ -d /proc/`cat $pidfile`/ ] - then - - echo "$daemon already running." - exit 0; - else - rm -f $pidfile - fi - fi - - $daemon --daemon - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - if [ $RETVAL = 0 ] ; then - touch ${lockfile} - fi - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - fi -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} PAUSE-rsyncd - RETVAL=$? - ;; - restart|force_reload) - stop - start - ;; - *) - echo "Usage: $0 {start|stop|restart|force_reload|status}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd2-pause-us b/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd2-pause-us deleted file mode 100644 index 3c607ba42..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/PAUSE-rsyncd2-pause-us +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -# -# Startup script for PAUSE-perlbal -# -# chkconfig: 345 85 15 -# description: loadbalancer -# processname: perlbal -# pidfile: /var/run/PAUSE-perlbal.pid -# config: /etc/perlbal/perlbal.conf - -# Source function library. -. /etc/rc.d/init.d/functions - -daemon=/usr/bin/rsync -prog=rsync -pidfile=/var/run/PAUSE-rsyncd2.pid -lockfile=/var/lock/subsys/PAUSE-rsyncd2 -configfile=/etc/rsyncd2.conf -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - if [ -e $pidfile ] - then - - if [ -d /proc/`cat $pidfile`/ ] - then - - echo "$daemon already running." - exit 0; - else - rm -f $pidfile - fi - fi - - $daemon --daemon --config=${configfile} - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - if [ $RETVAL = 0 ] ; then - touch ${lockfile} - fi - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - fi -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} PAUSE-rsyncd2 - RETVAL=$? - ;; - restart|force_reload) - stop - start - ;; - *) - echo "Usage: $0 {start|stop|restart|force_reload|status}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/init.d/munin_httpd_8000 b/etc/puppet/modules/pause/files/etc/init.d/munin_httpd_8000 deleted file mode 100644 index c5245c44a..000000000 --- a/etc/puppet/modules/pause/files/etc/init.d/munin_httpd_8000 +++ /dev/null @@ -1,82 +0,0 @@ -#!/bin/bash -# -# Startup script for the Apache Web Server for munin master. -# -# chkconfig: 2345 85 15 -# description: httpd on port 8000 dedicated to munin server -# processname: httpd -# pidfile: /var/run/munin_httpd_8000.pid -# config: /etc/munin/httpd_8000.conf - -# Source function library. -. /etc/rc.d/init.d/functions - -#[ -r /etc/sysconfig/httpd13 ] && . /etc/sysconfig/httpd13 - -INITLOG_ARGS="" -apachectl=/usr/sbin/apachectl -httpd=/usr/sbin/httpd -prog=munin_httpd_8000 -pidfile=/var/run/munin_httpd_8000.pid -lockfile=/var/lock/subsys/munin_httpd_8000 -configfile=/etc/munin/httpd_8000.conf -RETVAL=0 - -start() { - echo -n $"Starting $prog: " - $httpd -f ${configfile} - RETVAL=$? - [ $[$RETVAL] -eq 0 ] && echo "[OK]" || echo "[FAILED]" - [ $RETVAL = 0 ] && touch ${lockfile} - return $RETVAL -} -stop() { - echo -n $"Stopping $prog: " - if [ -f "${pidfile}" ]; then - ps $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') >& /dev/null - if [ $[$?] -eq 0 ]; then - kill -TERM $(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g') - RETVAL=$? - else - RETVAL=1; - echo "No process with pid "$(cat "${pidfile}" | head -n 1 | sed -r -e 's/^([\d]+)/\1/g')" was found. " - fi - else - RETVAL=1; - echo -n "No pid file '${pidfile}' was found. " - fi - if [ $[$RETVAL] -eq 0 ]; then - echo "[OK]" || echo "[FAILED]" - rm -f ${lockfile} ${pidfile} - echo "Waiting 5 seconds to let apache2 free all resources." - sleep 5s - fi -} -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status -p ${pidfile} munin_httpd_8000 - RETVAL=$? - ;; - restart) - stop - start - ;; - condrestart) - if [ -f ${pidfile} ] ; then - stop - start - fi - ;; - *) - echo $"Usage: $prog {start|stop|restart|condrestart|help}" - exit 1 -esac - -exit $RETVAL diff --git a/etc/puppet/modules/pause/files/etc/mon/mon.cf b/etc/puppet/modules/pause/files/etc/mon/mon.cf deleted file mode 100644 index 65c833081..000000000 --- a/etc/puppet/modules/pause/files/etc/mon/mon.cf +++ /dev/null @@ -1,77 +0,0 @@ -# $Id: mon.cf,v 1.3 1999/09/29 16:08:16 roderick Exp $ -# -# /etc/mon/mon.cf, configuration file for mon -# -# Run `/etc/init.d/mon reload' after editing this file in order for your -# changes to take effect. - -# There is no default configuration for mon. The docs most useful -# for setting up your /etc/mon/mon.cf file are the mon(1) man page, -# /usr/share/doc/mon/README.hints, /usr/share/doc/mon/README.monitors -# and /usr/share/doc/mon/examples/mon.cf. - -cfbasedir = /etc/mon -pidfile = /var/run/mon.pid -statedir = /var/lib/mon/state.d -logdir = /var/lib/mon/log.d -dtlogfile = /var/lib/mon/log.d/downtime.log -alertdir = /usr/lib64/mon/alert.d -mondir = /usr/lib64/mon/mon.d -maxprocs = 20 -histlength = 100 -randstart = 60s -authtype = pam -userfile = /etc/mon/userfile - -hostgroup pausepartitions / /home /tmp /var - -hostgroup paused localhost - -hostgroup rsyncd localhost - -hostgroup rsyncd2 localhost - -hostgroup rersyncrecent authors modules - -watch pausepartitions - service freespace - interval 1m - monitor freespace.monitor /:1000000 /home:2000000 /tmp:250000 /var:1000000 - period wd {Sun-Sat} - alert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - alertevery 3h strict - upalert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - -watch paused - service paused - interval 1h - monitor paused.monitor - period wd {Sun-Sat} - alert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - alertevery 3h - -watch rsyncd - service basic - interval 1h - monitor rsyncd.monitor - period wd {Sun-Sat} - alert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - alertevery 3h - -watch rsyncd2 - service basic - interval 1h - monitor rsyncd2.monitor - period wd {Sun-Sat} - alert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - alertevery 2h - -watch rersyncrecent - service basic - description missings on disk or index - interval 1h - monitor rersyncrecent.monitor - period wd {Su-Sa} - alert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - upalert mail.alert andreas.koenig.7os6VVqR@franz.ak.mind.de - alertevery 12h diff --git a/etc/puppet/modules/pause/files/etc/munin/httpd_8000.conf/pause2 b/etc/puppet/modules/pause/files/etc/munin/httpd_8000.conf/pause2 deleted file mode 100644 index aad78d826..000000000 --- a/etc/puppet/modules/pause/files/etc/munin/httpd_8000.conf/pause2 +++ /dev/null @@ -1,53 +0,0 @@ -ServerRoot "/etc/httpd" -DocumentRoot "/var/www/html/munin" -User apache -Group apache - -Listen 8000 - -StartServers 1 -MinSpareServers 1 -MaxSpareServers 4 -MaxClients 4 - -LoadModule mime_module modules/mod_mime.so -LoadModule dir_module modules/mod_dir.so -LoadModule alias_module modules/mod_alias.so -LoadModule auth_basic_module modules/mod_auth_basic.so -LoadModule auth_digest_module modules/mod_auth_digest.so -LoadModule authn_file_module modules/mod_authn_file.so -LoadModule authn_alias_module modules/mod_authn_alias.so -LoadModule authn_anon_module modules/mod_authn_anon.so -LoadModule authn_dbm_module modules/mod_authn_dbm.so -LoadModule authn_default_module modules/mod_authn_default.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_user_module modules/mod_authz_user.so -LoadModule authz_owner_module modules/mod_authz_owner.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_dbm_module modules/mod_authz_dbm.so -LoadModule authz_default_module modules/mod_authz_default.so -LoadModule log_config_module modules/mod_log_config.so -LoadModule rewrite_module modules/mod_rewrite.so -LoadModule status_module modules/mod_status.so - -TraceEnable off - -TypesConfig /etc/mime.types - -DirectoryIndex index.html - -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined -CustomLog /var/log/munin_httpd/access_8000.log combined -ErrorLog /var/log/munin_httpd/error_8000.log -PidFile /var/run/munin_httpd_8000.pid - - - - ExtendedStatus On - - - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - diff --git a/etc/puppet/modules/pause/files/etc/proftpd.conf-pause-us b/etc/puppet/modules/pause/files/etc/proftpd.conf-pause-us deleted file mode 100644 index 1c21db6f4..000000000 --- a/etc/puppet/modules/pause/files/etc/proftpd.conf-pause-us +++ /dev/null @@ -1,276 +0,0 @@ -# This is the ProFTPD configuration file -# -# See: http://www.proftpd.org/docs/directives/linked/by-name.html - -# Server Config - config used for anything outside a or context -# See: http://www.proftpd.org/docs/howto/Vhost.html - -ServerName "ProFTPD server" -ServerIdent on "FTP Server ready." -ServerAdmin root@localhost -DefaultServer on - -# Cause every FTP user except adm to be chrooted into their home directory -# Aliasing /etc/security/pam_env.conf into the chroot allows pam_env to -# work at session-end time (http://bugzilla.redhat.com/477120) -VRootEngine on -DefaultRoot ~ !adm -VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf - -# Use pam to authenticate (default) and be authoritative -AuthPAMConfig proftpd -AuthOrder mod_auth_pam.c* mod_auth_unix.c -# If you use NIS/YP/LDAP you may need to disable PersistentPasswd -#PersistentPasswd off - -# Don't do reverse DNS lookups (hangs on DNS problems) -UseReverseDNS off - -# Set the user and group that the server runs as -User nobody -Group nobody - -# To prevent DoS attacks, set the maximum number of child processes -# to 20. If you need to allow more than 20 concurrent connections -# at once, simply increase this value. Note that this ONLY works -# in standalone mode; in inetd mode you should use an inetd server -# that allows you to limit maximum number of processes per service -# (such as xinetd) -MaxInstances 5 - -# Disable sendfile by default since it breaks displaying the download speeds in -# ftptop and ftpwho -UseSendfile off - -# Define the log formats -LogFormat default "%h %l %u %t \"%r\" %s %b" -LogFormat auth "%v [%P] %h %t \"%r\" %s" - -# Dynamic Shared Object (DSO) loading -# See README.DSO and howto/DSO.html for more details -# -# General database support (http://www.proftpd.org/docs/contrib/mod_sql.html) -# LoadModule mod_sql.c -# -# Support for base-64 or hex encoded MD5 and SHA1 passwords from SQL tables -# (contrib/mod_sql_passwd.html) -# LoadModule mod_sql_passwd.c -# -# Mysql support (requires proftpd-mysql package) -# (http://www.proftpd.org/docs/contrib/mod_sql.html) -# LoadModule mod_sql_mysql.c -# -# Postgresql support (requires proftpd-postgresql package) -# (http://www.proftpd.org/docs/contrib/mod_sql.html) -# LoadModule mod_sql_postgres.c -# -# Quota support (http://www.proftpd.org/docs/contrib/mod_quotatab.html) -# LoadModule mod_quotatab.c -# -# File-specific "driver" for storing quota table information in files -# (http://www.proftpd.org/docs/contrib/mod_quotatab_file.html) -# LoadModule mod_quotatab_file.c -# -# SQL database "driver" for storing quota table information in SQL tables -# (http://www.proftpd.org/docs/contrib/mod_quotatab_sql.html) -# LoadModule mod_quotatab_sql.c -# -# LDAP support (requires proftpd-ldap package) -# (http://www.proftpd.org/docs/directives/linked/config_ref_mod_ldap.html) -# LoadModule mod_ldap.c -# -# LDAP quota support (requires proftpd-ldap package) -# (http://www.proftpd.org/docs/contrib/mod_quotatab_ldap.html) -# LoadModule mod_quotatab_ldap.c -# -# Support for authenticating users using the RADIUS protocol -# (http://www.proftpd.org/docs/contrib/mod_radius.html) -# LoadModule mod_radius.c -# -# Retrieve quota limit table information from a RADIUS server -# (http://www.proftpd.org/docs/contrib/mod_quotatab_radius.html) -# LoadModule mod_quotatab_radius.c -# -# Administrative control actions for the ftpdctl program -# (http://www.proftpd.org/docs/contrib/mod_ctrls_admin.html) -# LoadModule mod_ctrls_admin.c -# -# Execute external programs or scripts at various points in the process -# of handling FTP commands -# (http://www.castaglia.org/proftpd/modules/mod_exec.html) -# LoadModule mod_exec.c -# -# Support for POSIX ACLs -# (http://www.proftpd.org/docs/modules/mod_facl.html) -# LoadModule mod_facl.c -# -# Support for using the GeoIP library to look up geographical information on -# the connecting client and using that to set access controls for the server -# (http://www.castaglia.org/proftpd/modules/mod_geoip.html) -# LoadModule mod_geoip.c -# -# Configure server availability based on system load -# (http://www.proftpd.org/docs/contrib/mod_load.html) -# LoadModule mod_load.c -# -# Limit downloads to a multiple of upload volume (see README.ratio) -# LoadModule mod_ratio.c -# -# Rewrite FTP commands sent by clients on-the-fly, -# using regular expression matching and substitution -# (http://www.proftpd.org/docs/contrib/mod_rewrite.html) -# LoadModule mod_rewrite.c -# -# Support for the SSH2, SFTP, and SCP protocols, for secure file transfer over -# an SSH2 connection (http://www.castaglia.org/proftpd/modules/mod_sftp.html) -# LoadModule mod_sftp.c -# -# Use PAM to provide a 'keyboard-interactive' SSH2 authentication method for -# mod_sftp (http://www.castaglia.org/proftpd/modules/mod_sftp_pam.html) -# LoadModule mod_sftp_pam.c -# -# Use SQL (via mod_sql) for looking up authorized SSH2 public keys for user -# and host based authentication -# (http://www.castaglia.org/proftpd/modules/mod_sftp_sql.html) -# LoadModule mod_sftp_sql.c -# -# Provide data transfer rate "shaping" across the entire server -# (http://www.castaglia.org/proftpd/modules/mod_shaper.html) -# LoadModule mod_shaper.c -# -# Support for miscellaneous SITE commands such as SITE MKDIR, SITE SYMLINK, -# and SITE UTIME (http://www.proftpd.org/docs/contrib/mod_site_misc.html) -# LoadModule mod_site_misc.c -# -# Provide an external SSL session cache using shared memory -# (contrib/mod_tls_shmcache.html) -# LoadModule mod_tls_shmcache.c -# -# Use the /etc/hosts.allow and /etc/hosts.deny files, or other allow/deny -# files, for IP-based access control -# (http://www.proftpd.org/docs/contrib/mod_wrap.html) -# LoadModule mod_wrap.c -# -# Use the /etc/hosts.allow and /etc/hosts.deny files, or other allow/deny -# files, as well as SQL-based access rules, for IP-based access control -# (http://www.proftpd.org/docs/contrib/mod_wrap2.html) -# LoadModule mod_wrap2.c -# -# Support module for mod_wrap2 that handles access rules stored in specially -# formatted files on disk -# (http://www.proftpd.org/docs/contrib/mod_wrap2_file.html) -# LoadModule mod_wrap2_file.c -# -# Support module for mod_wrap2 that handles access rules stored in SQL -# database tables (http://www.proftpd.org/docs/contrib/mod_wrap2_sql.html) -# LoadModule mod_wrap2_sql.c -# -# Provide a flexible way of specifying that certain configuration directives -# only apply to certain sessions, based on credentials such as connection -# class, user, or group membership -# (http://www.proftpd.org/docs/contrib/mod_ifsession.html) -# LoadModule mod_ifsession.c - -# TLS (http://www.castaglia.org/proftpd/modules/mod_tls.html) - - TLSEngine on - TLSRequired on - TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem - TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem - TLSCipherSuite ALL:!ADH:!DES - TLSOptions NoCertRequest - TLSVerifyClient off - #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 - TLSLog /var/log/proftpd/tls.log - - TLSSessionCache shm:/file=/var/run/proftpd/sesscache - - - -# Dynamic ban lists (http://www.proftpd.org/docs/contrib/mod_ban.html) -# Enable this with PROFTPD_OPTIONS=-DDYNAMIC_BAN_LISTS in /etc/sysconfig/proftpd - - LoadModule mod_ban.c - BanEngine on - BanLog /var/log/proftpd/ban.log - BanTable /var/run/proftpd/ban.tab - - # If the same client reaches the MaxLoginAttempts limit 2 times - # within 10 minutes, automatically add a ban for that client that - # will expire after one hour. - BanOnEvent MaxLoginAttempts 2/00:10:00 01:00:00 - - # Allow the FTP admin to manually add/remove bans - BanControlsACLs all allow user ftpadm - - -# Global Config - config common to Server Config and all virtual hosts -# See: http://www.proftpd.org/docs/howto/Vhost.html - - - # Umask 022 is a good standard umask to prevent new dirs and files - # from being group and world writable - Umask 022 - - # Allow users to overwrite files and change permissions - AllowOverwrite yes - - AllowAll - - - - -# A basic anonymous configuration, with an upload directory -# Enable this with PROFTPD_OPTIONS=-DANONYMOUS_FTP in /etc/sysconfig/proftpd - - - User ftp - Group ftp - AccessGrantMsg "Anonymous login ok, restrictions apply." - - # We want clients to be able to login with "anonymous" as well as "ftp" - UserAlias anonymous ftp - - # Limit the maximum number of anonymous logins - MaxClients 5 "Sorry, max %m users -- try again later" - - # Put the user into /pub right after login - #DefaultChdir /pub - - # We want 'welcome.msg' displayed at login, '.message' displayed in - # each newly chdired directory and tell users to read README* files. - DisplayLogin /welcome.msg - DisplayChdir .message - DisplayReadme README* - - # Cosmetic option to make all files appear to be owned by user "ftp" - DirFakeUser on ftp - DirFakeGroup on ftp - - # Limit WRITE everywhere in the anonymous chroot - - DenyAll - - - # An upload directory that allows storing and retrieving files but - # not creating directories: - - AllowOverwrite no - - DenyAll - - - AllowAll - - - - # Don't write anonymous accesses to the system wtmp file (good idea!) - WtmpLog off - - # Logging for the anonymous transfers - ExtendedLog /var/log/proftpd/access.log WRITE,READ default - ExtendedLog /var/log/proftpd/auth.log AUTH auth - - - - diff --git a/etc/puppet/modules/pause/files/etc/rsyncd.conf-pause-us b/etc/puppet/modules/pause/files/etc/rsyncd.conf-pause-us deleted file mode 100644 index 830c78334..000000000 --- a/etc/puppet/modules/pause/files/etc/rsyncd.conf-pause-us +++ /dev/null @@ -1,29 +0,0 @@ -max connections = 12 -log file = /var/log/rsyncd -pid file = /var/run/PAUSE-rsyncd.pid -transfer logging = true -use chroot = true -timeout = 600 - -[PAUSE] - path = /home/ftp/pub/PAUSE - -# 2005-09-03: PAUSE cannot support backpan anymore because of disk shortage. -#[backpan] -# path = /home/ftp/pub/backpan - -# the rest of the gang is a bit silly, because the physical path is -# tweaked. In one word: legacy - -[authors] - path = /home/ftp/pub/PAUSE/authors -[modules] - path = /home/ftp/pub/PAUSE/modules -[scripts] - path = /home/ftp/pub/PAUSE/scripts/new -[pausedata] - path = /home/ftp/pub/PAUSE/PAUSE-data -[pausecode] - path = /home/ftp/pub/PAUSE/PAUSE-code -[pausegit] - path = /home/ftp/pub/PAUSE/PAUSE-git diff --git a/etc/puppet/modules/pause/files/etc/rsyncd2.conf-pause-us b/etc/puppet/modules/pause/files/etc/rsyncd2.conf-pause-us deleted file mode 100644 index b471754c7..000000000 --- a/etc/puppet/modules/pause/files/etc/rsyncd2.conf-pause-us +++ /dev/null @@ -1,17 +0,0 @@ -max connections = 8 -log file = /var/log/rsyncd2 -pid file = /var/run/PAUSE-rsyncd2.pid -transfer logging = true -use chroot = true -port = 8732 -timeout = 1200 - -[PAUSE] - path = /home/ftp/pub/PAUSE - auth users = * - secrets file = /etc/rsyncd.passwd - -[opt] - path = /opt - auth users = andk - secrets file = /etc/rsyncd.passwd diff --git a/etc/puppet/modules/pause/files/etc/security/limits.conf-pause-us b/etc/puppet/modules/pause/files/etc/security/limits.conf-pause-us deleted file mode 100644 index 3da6dd58a..000000000 --- a/etc/puppet/modules/pause/files/etc/security/limits.conf-pause-us +++ /dev/null @@ -1,61 +0,0 @@ -# /etc/security/limits.conf - -# -#Each line describes a limit for a user in the form: -# -# -# -#Where: -# can be: -# - an user name -# - a group name, with @group syntax -# - the wildcard *, for default entry -# - the wildcard %, can be also used with %group syntax, -# for maxlogin limit -# -# can have the two values: -# - "soft" for enforcing the soft limits -# - "hard" for enforcing hard limits -# -# can be one of the following: -# - core - limits the core file size (KB) -# - data - max data size (KB) -# - fsize - maximum filesize (KB) -# - memlock - max locked-in-memory address space (KB) -# - nofile - max number of open files -# - rss - max resident set size (KB) -# - stack - max stack size (KB) -# - cpu - max CPU time (MIN) -# - nproc - max number of processes -# - as - address space limit (KB) -# - maxlogins - max number of logins for this user -# - priority - the priority to run user process with -# - locks - max number of file locks the user can hold -# - sigpending - max number of pending signals -# - msgqueue - max memory used by POSIX message queues (bytes) -# - nice - max nice priority allowed to raise to values: [-20, 19] -# - rtprio - max realtime priority -# -# -# - -* hard core 40000 -* soft core 20000 -#* hard rss 10000 -#@student hard nproc 20 -#@faculty soft nproc 20 -#@faculty hard nproc 50 -ftp hard nproc 0 -ftp hard cpu 60 -ftp soft cpu 10 -pause-unsafe hard cpu 60 -pause-unsafe soft cpu 10 -pause-unsafe hard data 300000 -pause-unsafe soft data 200000 -pause-unsafe hard as 300000 -pause-unsafe soft as 200000 -pause-unsafe hard rss 300000 -pause-unsafe soft rss 200000 -@student - maxlogins 4 - -# End of file diff --git a/etc/puppet/modules/pause/files/etc/sysconfig/iptables-config-pause-us b/etc/puppet/modules/pause/files/etc/sysconfig/iptables-config-pause-us deleted file mode 100644 index ab900b07b..000000000 --- a/etc/puppet/modules/pause/files/etc/sysconfig/iptables-config-pause-us +++ /dev/null @@ -1,48 +0,0 @@ -# Load additional iptables modules (nat helpers) -# Default: -none- -# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which -# are loaded after the firewall rules are applied. Options for the helpers are -# stored in /etc/modprobe.conf. -IPTABLES_MODULES="ip_conntrack ip_conntrack_ftp" - -# Unload modules on restart and stop -# Value: yes|no, default: yes -# This option has to be 'yes' to get to a sane state for a firewall -# restart or stop. Only set to 'no' if there are problems unloading netfilter -# modules. -IPTABLES_MODULES_UNLOAD="yes" - -# Save current firewall rules on stop. -# Value: yes|no, default: no -# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped -# (e.g. on system shutdown). -IPTABLES_SAVE_ON_STOP="no" - -# Save current firewall rules on restart. -# Value: yes|no, default: no -# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets -# restarted. -IPTABLES_SAVE_ON_RESTART="no" - -# Save (and restore) rule and chain counter. -# Value: yes|no, default: no -# Save counters for rules and chains to /etc/sysconfig/iptables if -# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or -# SAVE_ON_RESTART is enabled. -IPTABLES_SAVE_COUNTER="no" - -# Numeric status output -# Value: yes|no, default: yes -# Print IP addresses and port numbers in numeric format in the status output. -IPTABLES_STATUS_NUMERIC="yes" - -# Verbose status output -# Value: yes|no, default: yes -# Print info about the number of packets and bytes plus the "input-" and -# "outputdevice" in the status output. -IPTABLES_STATUS_VERBOSE="no" - -# Status output with numbered lines -# Value: yes|no, default: yes -# Print a counter/number for every rule in the status output. -IPTABLES_STATUS_LINENUMBERS="yes" diff --git a/etc/puppet/modules/pause/files/etc/sysconfig/iptables-pause-us b/etc/puppet/modules/pause/files/etc/sysconfig/iptables-pause-us deleted file mode 100644 index 6a22122a0..000000000 --- a/etc/puppet/modules/pause/files/etc/sysconfig/iptables-pause-us +++ /dev/null @@ -1,23 +0,0 @@ -# Firewall configuration written by system-config-firewall -# Manual customization of this file is not recommended. -*filter -:INPUT ACCEPT [0:0] -:FORWARD ACCEPT [0:0] -:OUTPUT ACCEPT [0:0] --A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT --A INPUT -p icmp -j ACCEPT --A INPUT -i lo -j ACCEPT --A INPUT -i eth0 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT --A INPUT -m state --state NEW -m tcp -p tcp --dport 8732 -j ACCEPT --A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT --A FORWARD -p icmp -j ACCEPT --A FORWARD -i lo -j ACCEPT --A FORWARD -i eth0 -j ACCEPT --A INPUT -j REJECT --reject-with icmp-host-prohibited --A FORWARD -j REJECT --reject-with icmp-host-prohibited -COMMIT diff --git a/etc/puppet/modules/pause/files/etc/sysconfig/proftpd-pause-us b/etc/puppet/modules/pause/files/etc/sysconfig/proftpd-pause-us deleted file mode 100644 index b7f34b3d2..000000000 --- a/etc/puppet/modules/pause/files/etc/sysconfig/proftpd-pause-us +++ /dev/null @@ -1,11 +0,0 @@ -# Set PROFTPD_OPTIONS to add command-line options for proftpd. -# See proftpd(8) for a comprehensive list of what can be used. -# -# The following "Defines" can be used with the default configuration file: -# -DANONYMOUS_FTP : Enable anonymous FTP -# -DDYNAMIC_BAN_LISTS : Enable dynamic ban lists (mod_ban) -# -DTLS : Enable TLS (mod_tls) -# -# For example, for anonymous FTP and dynamic ban list support: -# PROFTPD_OPTIONS="-DANONYMOUS_FTP -DDYNAMIC_BAN_LISTS" -PROFTPD_OPTIONS="-DANONYMOUS_FTP -DDYNAMIC_BAN_LISTS" diff --git a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/freespace.monitor b/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/freespace.monitor deleted file mode 100755 index bd296f682..000000000 --- a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/freespace.monitor +++ /dev/null @@ -1,75 +0,0 @@ -#!/opt/perl/current/bin/perl -# -# Monitor disk space usage -# -# Arguments are: -# -# path:kBfree [path:kBfree...] -# or -# path:free% [path:free%...] -# -# This script will exit with value 1 if "path" has less than -# "kBfree" kilobytes, or less than "free" percent available. -# -# The first output line is a list of the paths which failed, and -# how much space is free, in megabytes. -# -# If you are testing NFS-mounted directories, should probably -# mount them with the ro,intr,soft options, so that operations -# on those mount points don't block forever if the server is -# down, and I may eventually change this code to use an alarm(2) -# to interrupt the stat and statfs system calls. -# -# This requires Fabien Tassin's Filesys::DiskSpace module, available from -# your friendly neighborhood CPAN mirror. See http://www.perl.com/perl/ -# -# Jim Trocki, trockij@transmeta.com -# -# $Id: freespace.monitor 1.2 Tue, 26 Dec 2000 04:45:04 -0500 trockij $ -# -# Copyright (C) 1998, Jim Trocki -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -use Filesys::Df; -use strict; -my(@failures); -foreach (@ARGV) { - my($path, $minavail) = split (/:/, $_, 2); - - # ($fs_type, $fs_desc, $used, $avail, $fused, $favail) - my($ref) = df ($path); - - if (!defined ($ref->{used})) { - push (@failures, "statfs error for $path: $!"); - next; - } - - if ($minavail =~ /(\d+(\.\d+)?)%/o) { - $minavail = int(($ref->{used} + $ref->{bavail}) * $1 / 100); - } - - if ($ref->{bavail} < $minavail) { - push (@failures, sprintf ("%5.3fGB free on %s", $ref->{bavail} / 1024 / 1024, - $path)); - } -} - -if (@failures) { - print join (", ", @failures), "\n"; - exit 1; -} - -exit 0; diff --git a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/paused.monitor b/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/paused.monitor deleted file mode 100755 index d0c00a786..000000000 --- a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/paused.monitor +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/perl -# -use strict; -open P, "ps auxww |"; -my $running; -while (

){ - next unless m{ ^ root .* - ( - perl .* /bin/paused \s # before we set arg0 - | - paused: - ) - }x; - $running++; -} -close P or die "Could not close P"; -unless ($running){ - print "Process paused not found\n"; - exit 1; -} diff --git a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rersyncrecent.monitor b/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rersyncrecent.monitor deleted file mode 100755 index 73d00796c..000000000 --- a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rersyncrecent.monitor +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/perl - -use strict; -use warnings; - -my $aumu = shift or die "Usage: ... "; - -open my $fh, "/opt/perl/current/bin/perl /opt/perl/current/bin/rrr-fsck -n --verbose /home/ftp/pub/PAUSE/$aumu/RECENT.recent 2>&1 |" or die "could not fork: $!"; - -my $ret = 0; -while (<$fh>) { - if ($ret){ - print; - next; - } - next unless my($what,$n) = /^(not\s.+?):\s+(\d+)/; - next if $n == 0; - $ret = 1; - print; -} -exit $ret; - -__END__ - -# Local Variables: -# mode: cperl -# cperl-indent-level: 4 -# End: diff --git a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd.monitor b/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd.monitor deleted file mode 100755 index dfa2e010c..000000000 --- a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd.monitor +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/perl -# -use strict; -open P, "rsync localhost:: |"; -my $running; -while (

){ - next unless m{ ^ PAUSE | authors | modules | scripts }x; - $running++; -} -close P or die "Could not close P"; -unless ($running >= 4){ - print "Some rsync target missing\n"; - exit 1; -} diff --git a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd2.monitor b/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd2.monitor deleted file mode 100755 index 0b18191f5..000000000 --- a/etc/puppet/modules/pause/files/usr/lib64/mon/mon.d/rsyncd2.monitor +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/perl -# -use strict; -$ENV{USER} = "andk"; -$ENV{RSYNC_PASSWD} = "not_the_password"; - -open my $P, "rsync --port=8732 localhost::PAUSE 2>&1 |" or die "Could not fork: $!"; -my $running; -my @got; -while (<$P>){ - push @got, $_; - next unless m{ ERROR }ix; - $running++; -} -close $P; # must fail, rsync asks for password and refuses to run! # or die "Could not close: $!"; -unless ($running >= 1){ - local $"=""; - print "error message missing, got[@got]\n"; - exit 1; -} From b8cf65edb01805584607a0416bb0b66c757533b9 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:47:23 +0100 Subject: [PATCH 13/19] etc/network/interfaces: remove this file, it is cruft --- etc/network/interfaces | 26 -------------------------- 1 file changed, 26 deletions(-) delete mode 100644 etc/network/interfaces diff --git a/etc/network/interfaces b/etc/network/interfaces deleted file mode 100644 index 656198c92..000000000 --- a/etc/network/interfaces +++ /dev/null @@ -1,26 +0,0 @@ -# This file describes the network interfaces available on your system -# and how to activate them. For more information, see interfaces(5). - -# The loopback network interface -auto lo -iface lo inet loopback - -####IP-Adresse: 195.37.231.65 -####Netmask: 255.255.255.128 -####Gateway: 195.37.231.1 -####DNS: 195.37.231.8 / 195.37.231.9 (sind noch offline) - -#2010-02-25 akoenig : Momentan kann ich Dir nur unsere externen DNS-Server anbieten: -#boo.fiz-chemie.de 85.214.94.114 -#lua.fiz-chemie.de 85.214.98.176 - -# The primary network interface -auto eth0 -iface eth0 inet static - address 195.37.231.65 - netmask 255.255.255.128 - gateway 195.37.231.1 - dns-nameservers 85.214.94.114 85.214.98.176 212.42.235.66 - dns-search fiz-chemie.de - up /sbin/iptables -N BLACKLIST - up /sbin/iptables -A INPUT -p tcp -m tcp --dport 22 --syn -j BLACKLIST From 3ed1f8580ca01f6250c5988d84d43c6829fbb8c1 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:47:43 +0100 Subject: [PATCH 14/19] etc/apt: remove this directory as cruft --- etc/apt/sources.list | 15 --------------- 1 file changed, 15 deletions(-) delete mode 100644 etc/apt/sources.list diff --git a/etc/apt/sources.list b/etc/apt/sources.list deleted file mode 100644 index 05e2398f9..000000000 --- a/etc/apt/sources.list +++ /dev/null @@ -1,15 +0,0 @@ -# the main Debian packages. Uncomment the deb-src line if you -# want 'apt-get source' to work with most packages. -deb http://ftp.de.debian.org/pub/debian/ stable main contrib non-free - -# Security -deb http://security.debian.org stable/updates main contrib non-free - -# Testing -deb http://ftp.de.debian.org/pub/debian testing main contrib non-free -# deb http://ftp.de.debian.org/debian-secure-testing squeeze/security-updates main contrib non-free - -# Unstable: 2012-04-06 have not enough memory for sid anymore -# deb http://ftp.de.debian.org/pub/debian unstable main contrib non-free - - From e0ae7fb3a77004c238afd260d0ccf137a99db565 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:48:11 +0100 Subject: [PATCH 15/19] etc/default: remove this file as cruft --- etc/default/apache2 | 1 - etc/default/ntp-servers | 1 - etc/default/proftpd | 9 --------- 3 files changed, 11 deletions(-) delete mode 100644 etc/default/apache2 delete mode 100644 etc/default/ntp-servers delete mode 100644 etc/default/proftpd diff --git a/etc/default/apache2 b/etc/default/apache2 deleted file mode 100644 index 74af3136f..000000000 --- a/etc/default/apache2 +++ /dev/null @@ -1 +0,0 @@ -NO_START=0 diff --git a/etc/default/ntp-servers b/etc/default/ntp-servers deleted file mode 100644 index 54e83ea2d..000000000 --- a/etc/default/ntp-servers +++ /dev/null @@ -1 +0,0 @@ -NTPSERVERS="ntp2.fau.de clock.netcetera.dk" diff --git a/etc/default/proftpd b/etc/default/proftpd deleted file mode 100644 index b31f36ce2..000000000 --- a/etc/default/proftpd +++ /dev/null @@ -1,9 +0,0 @@ -# Defaults for proftpd initscript - -# Master system-wide proftpd switch. The initscript -# will not run if it is not set to yes. -RUN="yes" - -# Default options. -# For more exhaustive logging, try "-d 3". -OPTIONS="" From 682d27d6ec31276c80e975357b8faec5a329c480 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:49:09 +0100 Subject: [PATCH 16/19] etc/mail: remove this as cruft --- etc/mail/local-host-names | 9 --- etc/mail/sendmail.mc | 115 -------------------------------------- 2 files changed, 124 deletions(-) delete mode 100644 etc/mail/local-host-names delete mode 100644 etc/mail/sendmail.mc diff --git a/etc/mail/local-host-names b/etc/mail/local-host-names deleted file mode 100644 index 0384e0147..000000000 --- a/etc/mail/local-host-names +++ /dev/null @@ -1,9 +0,0 @@ -p11.speed-link.de -p11.speedlink.de -pause.kbx.de -dubravka.kbx.de -pause.perl.org -pause.cpan.org -pause.x.perl.org -pause.fiz-chemie.de -localhost.localdomain diff --git a/etc/mail/sendmail.mc b/etc/mail/sendmail.mc deleted file mode 100644 index 105030a2b..000000000 --- a/etc/mail/sendmail.mc +++ /dev/null @@ -1,115 +0,0 @@ -divert(-1)dnl -#----------------------------------------------------------------------------- -# $Sendmail: debproto.mc,v 8.13.4 2006-03-22 22:41:17 cowboy Exp $ -# -# Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved. -# -# cf/debian/sendmail.mc. Generated from sendmail.mc.in by configure. -# -# sendmail.mc prototype config file for building Sendmail 8.13.4 -# -# Note: the .in file supports 8.7.6 - 9.0.0, but the generated -# file is customized to the version noted above. -# -# This file is used to configure Sendmail for use with Debian systems. -# -# If you modify this file, you will have to regenerate /etc/mail/sendmail.cf -# by running this file through the m4 preprocessor via one of the following: -# * `sendmailconfig` -# * `make` -# * `m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf` -# The first two options are preferred as they will also update other files -# that depend upon the contents of this file. -# -# The best documentation for this .mc file is: -# /usr/share/doc/sendmail-doc/cf.README.gz -# -#----------------------------------------------------------------------------- -divert(0)dnl -# -# Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved. -# -# This file is used to configure Sendmail for use with Debian systems. -# -define(`_USE_ETC_MAIL_')dnl -include(`/usr/share/sendmail/cf/m4/cf.m4')dnl -VERSIONID(`$Id: sendmail.mc, v 8.13.4-3sarge1 2006-03-22 22:41:17 cowboy Exp $') -OSTYPE(`debian')dnl -DOMAIN(`debian-mta')dnl -dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE -undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= -dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE -dnl # -dnl # General defines -dnl # -dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot() -dnl # into this directory before writing files. -dnl # If *all* your user accounts are under /home then use that -dnl # instead - it will prevent any writes outside of /home ! -dnl # define(`confSAFE_FILE_ENV', `')dnl -LOCAL_CONFIG -FEATURE(`masquerade_envelope')dnl -FEATURE(`always_add_domain')dnl -LOCAL_CONFIG -Cwpause.perl.org -FEATURE(`use_cw_file')dnl -FEATURE(`use_ct_file')dnl -FEATURE(`smrsh')dnl -define(`confME_TOO', True)dnl -dnl # -dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!! -dnl # Remove `, Addr=' clauses to receive from any interface -dnl # If you want to support IPv6, switch the commented/uncommentd lines -FEATURE(`no_default_msa')dnl -dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl -DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl -dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, Addr=::1')dnl -DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission')dnl -dnl # -dnl # Be somewhat anal in what we allow -define(`confPRIVACY_FLAGS',dnl -`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl -dnl # -dnl # Define connection throttling and window length -define(`confCONNECTION_RATE_THROTTLE', `15')dnl -define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl -dnl # -dnl # Features -dnl # -dnl # The access db is the basis for most of sendmail's checking -FEATURE(`access_db', , `skip')dnl -dnl # -dnl # The greet_pause feature stops some automail bots - but check the -dnl # provided access db for details on excluding localhosts... -FEATURE(`greet_pause', `1000')dnl 1 seconds -dnl # -dnl # Delay_checks allows sender<->recipient checking -FEATURE(`delay_checks', `friend', `n')dnl -dnl # -dnl # If we get too many bad recipients, slow things down... -define(`confBAD_RCPT_THROTTLE',`3')dnl -dnl # -dnl # Stop connections that overflow our concurrent and time connection rates -FEATURE(`conncontrol', `nodelay', `terminate')dnl -FEATURE(`ratecontrol', `nodelay', `terminate')dnl -dnl # -dnl # If you're on a dialup link, you should enable this - so sendmail -dnl # will not bring up the link (it will queue mail for later) -dnl define(`confCON_EXPENSIVE',`True')dnl -dnl # - -dnl # Masquerading options -FEATURE(`always_add_domain')dnl -MASQUERADE_AS(`pause.perl.org')dnl -FEATURE(`allmasquerade')dnl -FEATURE(`masquerade_envelope')dnl - -define(`confHOST_STATUS_DIRECTORY',`host_status')dnl -define(`confSINGLE_THREAD_DELIVERY', True)dnl -define(`SMTP_MAILER_MAXMSGS', 1)dnl -define(`RELAY_MAILER_MAXMSGS', 1)dnl - -dnl # Default Mailer setup -MAILER_DEFINITIONS -MAILER(`local')dnl -MAILER(`smtp')dnl From 3e8a300d970fb177356c8f9f2ab7505a551a4c44 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 13:49:54 +0100 Subject: [PATCH 17/19] etc/rsyncd2.conf: remove this crufty file We still have rsync config, but this is a second rsync server that no longer runs. --- etc/rsyncd2.conf | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 etc/rsyncd2.conf diff --git a/etc/rsyncd2.conf b/etc/rsyncd2.conf deleted file mode 100644 index b57dbe3a1..000000000 --- a/etc/rsyncd2.conf +++ /dev/null @@ -1,10 +0,0 @@ -max connections = 16 -log file = /var/log/rsyncd2 -transfer logging = true -use chroot = true -port = 8732 - -[PAUSE] - path = /home/ftp/pub/PAUSE - auth users = * - secrets file = /etc/rsyncd.passwd From 30a65c3da456f40739c77c1be76c32084f27c2b5 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 14:27:07 +0100 Subject: [PATCH 18/19] MANIFEST: delete it, it was wildly out of date --- MANIFEST | 99 -------------------------------------------------------- 1 file changed, 99 deletions(-) delete mode 100644 MANIFEST diff --git a/MANIFEST b/MANIFEST deleted file mode 100644 index 76ca5f9ec..000000000 --- a/MANIFEST +++ /dev/null @@ -1,99 +0,0 @@ -apache-conf/httpsd.conf.pause -apache-conf/mime.types -apache-conf/pause.sslcnf -apache-perl/user/tail_log -apache-perl/who_is -apache-svn-conf/httpd.conf -apache-svn-conf/mime.types -apache-svn-conf/ssl.conf -bin/delete_retired_accounts.pl -bin/emailaddrs_for_cpan_org.pl -bin/make_user_account.pl -bin/mirrormail.pl -bin/paused -bin/stats_for_neilb.pl -cron/cleanup-incoming.pl -cron/cron-daily.pl -cron/CRONTAB.ROOT -cron/gmls-lR.pl -cron/mldistwatch -cron/mysql-dump.pl -cron/publish-crontab.pl -cron/restart-httpd -cron/rm_stale_links -cron/run_mirrors.sh -cron/sync-04pause.pl -cron/update-checksums.pl -doc/authen_pause.schema.txt -doc/franz_to_kbx.plan -doc/memo.schema.txt -doc/memo.wipe-out-working-copy.txt -doc/mod.schema.txt -doc/pause-structure.txt -doc/README -doc/TODO -etc/default/apache2 -etc/default/ntp-servers -etc/default/proftpd -etc/init.d/PAUSE-httpd -etc/init.d/PAUSE-paused -etc/init.d/PAUSE-rsyncd -etc/mon/mon.cf -etc/mon/mon.d/paused.monitor -etc/mon/mon.d/README -etc/my.cnf -etc/rsyncd.conf -etc/security/limits.conf -ftpd/messages/incoming.txt -htdocs/04pause.html -htdocs/admin.html -htdocs/history.html -htdocs/imprint.html -htdocs/index.html -htdocs/logout.html -htdocs/password.html -htdocs/pause/logo9-sm.gif -htdocs/pause/logo9-sm.png -htdocs/pause/logo9a-sm.jpg -htdocs/pause/logo9a-sm.png -htdocs/pause/logol1.gif -htdocs/pause/logol1.png -htdocs/pause/pause.css -htdocs/pause/pause2.jpg -htdocs/pause/pause2.png -htdocs/pause/pause_favicon.jpg -htdocs/pause/valid-xhtml10.gif -htdocs/pause/valid-xhtml10.png -htdocs/pause/vcss.gif -htdocs/pause/vcss.png -htdocs/robots.txt -htdocs/ssl-only/hello.txt -lib/Bundle/Pause.pm -lib/PAUSE.pm -lib/PAUSE.pod -lib/PAUSE/MailAddress.pm -lib/pause_1999/authen_user.pm -lib/pause_1999/config.pm -lib/pause_1999/edit.pm -lib/pause_1999/fixup.pm -lib/pause_1999/index.pm -lib/pause_1999/layout.pm -lib/pause_1999/main.pm -lib/pause_1999/message.pm -lib/pause_1999/pausegif.pm -lib/pause_1999/saxfilter01.pm -lib/pause_1999/speedlinkgif.pm -lib/pause_1999/startform.pm -lib/pause_1999/Todo -lib/pause_1999/usermenu.pm -lib/pause_1999/userstatus.pm -lib/perl_pause/disabled.pm -lib/perl_pause/disabled2.pm -Makefile.PL -MANIFEST This list of files -mirror/.cvsignore -mirror/mirror.defaults -mirror/mymirror.config -one-off-utils/fill_users_with_ustatus.pl -one-off-utils/README -t/0-signature.t From ea7fb9056c518e383406acdea50beae3b2948d24 Mon Sep 17 00:00:00 2001 From: Ricardo Signes Date: Sat, 27 Apr 2024 16:09:56 +0100 Subject: [PATCH 19/19] etc/ntp.conf: this config file is cruft If we need time sync, we have systemd-timesyncd.service. --- etc/ntp.conf | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 etc/ntp.conf diff --git a/etc/ntp.conf b/etc/ntp.conf deleted file mode 100644 index 6a24f2ae1..000000000 --- a/etc/ntp.conf +++ /dev/null @@ -1,29 +0,0 @@ -# /etc/ntp.conf, configuration for ntpd - -# ntpd will use syslog() if logfile is not defined -#logfile /var/log/ntpd - -driftfile /var/lib/ntp/ntp.drift -statsdir /var/log/ntpstats/ - -statistics loopstats peerstats clockstats -filegen loopstats file loopstats type day enable -filegen peerstats file peerstats type day enable -filegen clockstats file clockstats type day enable - -### lines starting 'server' are auto generated, -### use dpkg-reconfigure to modify those lines. - -# server ntp2.fau.de -# server clock.netcetera.dk -server times.zrz.tu-berlin.de -server 127.127.1.0 -fudge 127.127.1.0 stratum 13 - -# By default, exchange time with everybody, but don't allow configuration. -# See /usr/share/doc/ntp-doc/html/accopt.html for details. -restrict default kod notrap nomodify nopeer noquery - -# Local users may interrogate the ntp server more closely. -restrict 127.0.0.1 nomodify -