diyIT/FreeBSD
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

May 1, 2025 update

Browse Source
This commit is contained in:
Sharad Ahlawat
2025-05-01 21:19:17 -07:00
parent a2cdf26594
commit b33d54d723
261 changed files with 2451 additions and 12859 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
jails/config/common/12.3-RELEASE.bzip2
View File

Binary file not shown.

26
jails/config/common/httpd.conf
View File

@ -552,6 +552,14 @@ SSLRandomSeed connect builtin
Include etc/apache24/Includes/*.conf
# https://ssl-config.mozilla.org/#server=apache&version=2.4.60&config=intermediate&openssl=3.1.0&guideline=5.7
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA,L]
</VirtualHost>
<VirtualHost *:443>
ServerName www.ahlawat.com
ServerAlias *.ahlawat.com
@ -561,16 +569,20 @@ Include etc/apache24/Includes/*.conf
DocumentRoot "/usr/local/www/apache24/data/"
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
SSLEngine on
SSLCertificateFile "/mnt/certs/fullchain.pem"
SSLCertificateKeyFile "/mnt/certs/privkey.pem"
#SSLCertificateChainFile "/mnt/certs/fullchain.pem"
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLOptions +StrictRequire
# SSLCompression off
# SSLCertificateChainFile "/mnt/certs/fullchain.pem"
SSLCACertificateFile "/mnt/certs/cacert.pem"
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLOpenSSLConfCmd Curves X25519:prime256v1:secp384r1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
SSLHonorCipherOrder off
SSLSessionTickets off
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)

2
jails/config/common/pkgp.conf
View File

@ -5,14 +5,12 @@ FreeBSD: {
pkgp-freebsd-pkg: {
url: "http://pkgp-freebsd-pkg.ahlawat.com/${ABI}/latest",
mirror_type: "http",
enabled: yes,
priority: 10
}
pkgp123: {
url: "http://pkgp.ahlawat.com/packages/pj123-default",
mirror_type: "http",
signature_type: "pubkey",
pubkey: "/mnt/certs/poudriere.cert",
enabled: no,