alpine-overlay/kubezero/zdt-base/zdt-base.post-install

#!/bin/sh

# Enable SSH keepalive
sed -i -e 's/^[\s#]*TCPKeepAlive\s.*/TCPKeepAlive yes/' -e 's/^[\s#]*ClientAliveInterval\s.*/ClientAliveInterval 60/' /etc/ssh/sshd_config
echo 'enabled SSH keep alives'

# openRC
sed -i -e 's/^[\s#]*rc_cgroup_mode=.*/rc_cgroup_mode="unified"/' /etc/rc.conf
sed -i -e 's/^[\s#]*rc_logger=.*/rc_logger="YES"/' /etc/rc.conf
echo 'enabled cgroupv2, openRC logging'

# OpenRC parallel - causes too much chaos
#sed -i -e 's/^[\s#]*rc_parallel=.*/rc_parallel="YES"/' /etc/rc.conf
#echo 'enable parallel openRC'

# load falco kernel module at boot
grep -q falco /etc/modules || echo falco >> /etc/modules

# Setup syslog-ng json logging and apparmor tweaks
cp /lib/zdt/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
cp /lib/zdt/syslog-ng.logrotate.conf /etc/logrotate.d/syslog-ng
cp /lib/zdt/syslog-ng.apparmor /etc/apparmor.d/local/sbin.syslog-ng

[ -f /etc/periodic/daily/logrotate ] && mv /etc/periodic/daily/logrotate /etc/periodic/hourly/
echo 'syslog-ng: all to /var/log/messages as json, rotate hourly'

# use init to spawn monit
echo ":2345:respawn:/usr/bin/monit -Ic /etc/monitrc.zdt" >> /etc/inittab
echo 'Enable monit via inittab'

# QoL
[ -f /etc/profile.d/color_prompt.sh.disabled ] && mv /etc/profile.d/color_prompt.sh.disabled /etc/profile.d/color_prompt.sh || true
echo 'alias rs="doas bash"' > /etc/profile.d/alias.sh
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00			`#!/bin/sh`

			`# Enable SSH keepalive`
			`sed -i -e 's/^[\s#]TCPKeepAlive\s./TCPKeepAlive yes/' -e 's/^[\s#]ClientAliveInterval\s./ClientAliveInterval 60/' /etc/ssh/sshd_config`
			`echo 'enabled SSH keep alives'`

Another round of moving core cloudbender user-data feature into the base image 2022-12-03 17:04:13 +00:00			`# openRC`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00			`sed -i -e 's/^[\s#]rc_cgroup_mode=./rc_cgroup_mode="unified"/' /etc/rc.conf`
Another round of moving core cloudbender user-data feature into the base image 2022-12-03 17:04:13 +00:00			`sed -i -e 's/^[\s#]rc_logger=./rc_logger="YES"/' /etc/rc.conf`
			`echo 'enabled cgroupv2, openRC logging'`

			`# OpenRC parallel - causes too much chaos`
			`#sed -i -e 's/^[\s#]rc_parallel=./rc_parallel="YES"/' /etc/rc.conf`
			`#echo 'enable parallel openRC'`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00
Kubezero 1.26.7-rc1 2023-08-18 15:17:00 +00:00			`# load falco kernel module at boot`
			`grep -q falco /etc/modules \|\| echo falco >> /etc/modules`

Alpine 3.17 rollout, KubeZero 1.25 upgrades 2023-04-26 17:22:52 +00:00			`# Setup syslog-ng json logging and apparmor tweaks`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00			`cp /lib/zdt/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf`
			`cp /lib/zdt/syslog-ng.logrotate.conf /etc/logrotate.d/syslog-ng`
Alpine 3.17 rollout, KubeZero 1.25 upgrades 2023-04-26 17:22:52 +00:00			`cp /lib/zdt/syslog-ng.apparmor /etc/apparmor.d/local/sbin.syslog-ng`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00
Kubezero 1.26.7-rc1 2023-08-18 15:17:00 +00:00			`[ -f /etc/periodic/daily/logrotate ] && mv /etc/periodic/daily/logrotate /etc/periodic/hourly/`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00			`echo 'syslog-ng: all to /var/log/messages as json, rotate hourly'`

			`# use init to spawn monit`
			`echo ":2345:respawn:/usr/bin/monit -Ic /etc/monitrc.zdt" >> /etc/inittab`
			`echo 'Enable monit via inittab'`

			`# QoL`
Kubezero 1.26.7-rc1 2023-08-18 15:17:00 +00:00			`[ -f /etc/profile.d/color_prompt.sh.disabled ] && mv /etc/profile.d/color_prompt.sh.disabled /etc/profile.d/color_prompt.sh \|\| true`
feat: move all ZDT custom config into an APK 2022-11-24 19:01:40 +00:00			`echo 'alias rs="doas bash"' > /etc/profile.d/alias.sh`