You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
74 lines
2.4 KiB
74 lines
2.4 KiB
# Order: init => packages => withPackages => services => withServices => firewall => iptables
|
|
# Syntax: [condition:]subject[modifier]
|
|
# Package modifiers: o[ptional], n[oquery], u[pgrade-only], i[nstall-only]
|
|
# Service modifiers: o[ptional], r[estart]
|
|
|
|
shell: /bin/sh # Default shell
|
|
|
|
# packages:
|
|
# - docker # OpenRC scripts will be installed automatically
|
|
# - pacman-contrib # Not resolved, trying to install if distro has it
|
|
# - pacman-contrib:n # Try to install without checking DB
|
|
# - pacman:pacman-contrib # Only install with Pacman
|
|
# - artix:artix-keyring:u # Only upgrade + only if on Artix
|
|
# - podman:o # Optional package, do not fail if can't install
|
|
|
|
packages:
|
|
- xorg-xeyes
|
|
|
|
systemd:
|
|
startup: # Enable and start services
|
|
- docker # Start docker.service, fail if doesn't exist
|
|
- ubuntu:netfilter-persistent # Ubuntu only
|
|
- auditd:o # Do not fail if doesn't exist
|
|
enable: # Do not start services, only enable
|
|
- noidea.service
|
|
start: # Do not enable services, just start
|
|
- probably-a-cool.service:r
|
|
disable: # Disable
|
|
- disable-this.service
|
|
disableAndStop: # Disable and stop
|
|
- something
|
|
stop:
|
|
- not-so-cool.service
|
|
|
|
openrc:
|
|
startup: # Enable and start services
|
|
- docker # Start docker.service, fail if doesn't exist
|
|
- auditd:o # Do not fail if doesn't exist
|
|
- pacman:something # Any conditions work here too
|
|
enable: # Do not start services, only enable
|
|
- /etc/init.d/iranoutofideas
|
|
start: # Do not enable services, just start
|
|
- some-random-service:o
|
|
- another-service:r # Restart if already started
|
|
disable: # Disable
|
|
- /etc/init.d/not-cool
|
|
disableAndStop: # Disable and stop
|
|
- something
|
|
stop:
|
|
- /etc/init.d/whats-that
|
|
|
|
firewall:
|
|
- deny all
|
|
- allow 443
|
|
- allow 22/tcp
|
|
- allow 80/tcp
|
|
- allow 25565/tcp
|
|
|
|
iptables:
|
|
- "-t nat -A PREROUTING -p tcp --dport 1 -j REDIRECT --to-port 25565" # Why not?
|
|
|
|
runlevels:
|
|
init:
|
|
- echo "Commands in 'init' are executed at the very start"
|
|
- echo This example writes to stderr using redirections &>/dev/stderr
|
|
- echo This writes to stderr &>/dev/stderr |
|
|
echo This writes to stdout
|
|
withPackages:
|
|
- echo This is executed right after packages are installed
|
|
withServices:
|
|
- echo This is executed after service operations are executed
|
|
final:
|
|
- echo "Commands in 'final' are executed when all other steps are completed"
|