From 1d725c62d2fcf3dc3b45c99025dae2c2e6fbf627 Mon Sep 17 00:00:00 2001 From: Aaron Bieber Date: Wed, 1 Feb 2023 06:12:47 -0700 Subject: [PATCH] Add various support bits for running openbsd.app --- support/cron | 4 ++++ support/pf.conf | 21 +++++++++++++++++++++ support/rc.d/domain | 13 +++++++++++++ support/rc.d/openbsd_app | 15 +++++++++++++++ upgrade.sh | 6 +++--- 5 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 support/cron create mode 100644 support/pf.conf create mode 100755 support/rc.d/domain create mode 100755 support/rc.d/openbsd_app diff --git a/support/cron b/support/cron new file mode 100644 index 0000000..0c6a4db --- /dev/null +++ b/support/cron @@ -0,0 +1,4 @@ +SHELL=/bin/sh +PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/sbin:/usr/local/bin + +0 0 * * * app -n /home/app/openbsd.app/upgrade.sh && /etc/rc.d/openbsd_app restart diff --git a/support/pf.conf b/support/pf.conf new file mode 100644 index 0000000..1192193 --- /dev/null +++ b/support/pf.conf @@ -0,0 +1,21 @@ +# $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $ +# +# See pf.conf(5) and /etc/examples/pf.conf + +set skip on lo + +block return # block stateless traffic +pass # establish keep-state + +# By default, do not permit remote connections to X11 +block return in on ! lo0 proto tcp to port 6000:6010 + +# Port build user does not need network +block return out log proto {tcp udp} user _pbuild + +block return in on ! lo0 proto tcp to port { 3000, 8080, 4343 } + +pass in on egress inet proto tcp from any to (egress) port 80 rdr-to 127.0.0.1 port 8080 +pass in on egress inet proto tcp from any to (egress) port 443 rdr-to 127.0.0.1 port 4343 +pass in on egress inet6 proto tcp from any to (egress) port 80 rdr-to ::1 port 8080 +pass in on egress inet6 proto tcp from any to (egress) port 443 rdr-to ::1 port 4343 diff --git a/support/rc.d/domain b/support/rc.d/domain new file mode 100755 index 0000000..0ab229b --- /dev/null +++ b/support/rc.d/domain @@ -0,0 +1,13 @@ +#!/bin/ksh + +# /home/app/go/bin/domain openbsd.app -acme :8080 -tlsproxy 127.0.0.1:4343=127.0.0.1:3000 + +daemon="/home/app/go/bin/domain" +daemon_flags="openbsd.app -acme :8080 -tlsproxy 127.0.0.1:4343=:3000,[::1]:4343=[::1]:3000 -cache /home/app/.cache" +daemon_execdir="/home/app/" +daemon_user="app" + +. /etc/rc.d/rc.subr + +rc_bg=YES +rc_cmd $1 diff --git a/support/rc.d/openbsd_app b/support/rc.d/openbsd_app new file mode 100755 index 0000000..d609040 --- /dev/null +++ b/support/rc.d/openbsd_app @@ -0,0 +1,15 @@ +#!/bin/ksh + +daemon="/usr/local/bin/morbo" +daemon_flags="-m production -l http://[::1]:3000 -l http://127.0.0.1:3000 openbsd.app.pl" +#daemon="/home/app/openbsd.app/openbsd.app.pl" +#daemon_flags="daemon" +daemon_execdir="/home/app/openbsd.app" +daemon_user="app" + +. /etc/rc.d/rc.subr + +pexp="perl: openbsd.app.pl" + +rc_bg=YES +rc_cmd $1 diff --git a/upgrade.sh b/upgrade.sh index 73a2df2..6d6a72a 100755 --- a/upgrade.sh +++ b/upgrade.sh @@ -50,10 +50,10 @@ SQL=$(cat <