Install NetBSD/i386 10.0 by USB memory. Use Rufus & NetBSD-10.0-i386-install.img.gz. Kernel (GENERIC) YES Kernel module YES Base YES Configuration files (/etc) YES Compiler tools YES Games NO Graphics driver firmware YES Manual pages YES Miscellaneous YES Recovery tools YES Test programs NO Text processing tools YES X11 sets SOME X11 base and clients YES X11 programming YES X11 configuration NO X11 fonts NO X11 servers NO Source and debug sets None Enable installation of binary packages DONE Fetch and unpack pkgsrc Abandoned Enable sshd YES Run ntpdate at boot YES Enable cgd NO Enable raidframe NO rm -rf /usr/share/man/cat?/* cd /etc cp -p group group.org cp -p hosts hosts.org cp -p shells shells.org cp -p printcap printcap.org cp -p rc.conf rc.conf.org cp -p inetd.conf inetd.conf.org cp -p sysctl.conf sysctl.conf.org mv skel skel.org mkdir skel cd skel mkdir -p Maildir/{new,cur,tmp,.Drafts,.Junk,.Sent,.Trash} chmod -R go-rwx Maildir cat<.cshrc set path=(/{usr/pkg/,,usr/}{,s}bin /usr/games) set filec set prompt='%m{!} %~ %# ' setenv CFLAGS '-O2 -pipe' setenv PAGER less EOF mkdir /usr/home ln -s /usr/home /home useradd -m -G wheel -s /bin/csh -d /home/USERNAME -c USERNAME USERNAME #Add USERNAME as wheel in /etc/group. passwd root passwd USERNAME cat</etc/ipf.conf block in log quick from any to any with ipopts block in log quick proto tcp from any to any with short #block in log quick from xxx.xxx.xxx.xxx/32 to any pass out all keep state block in log all pass in from 192.168.xxx.0/24 to any keep state pass in proto tcp from any to any port=ssh keep state pass in proto tcp from any to any port=http keep state pass in proto tcp from any to any port=https keep state pass in proto tcp from any to any port=smtp keep state pass in proto tcp from any to any port=submissions keep state pass in proto tcp from any to any port=submission keep state pass in proto tcp from any to any port=pop3 keep state pass in proto tcp from any to any port=pop3s keep state pass in proto tcp from any to any port=imap keep state pass in proto tcp from any to any port=imaps keep state EOF cat</etc/exports /usr -alldirs -network 192.168.xxx.0/24 EOF cat<>/etc/hosts 192.168.xxx.254 HOSTNAME.DOMAINNAME HOSTNAME EOF cat</etc/resolv.conf nameserver 220.220.248.1 EOF cat<>/etc/rc.conf hostname=HOSTNAME.DOMAINNAME defaultroute=192.168.xxx.xxx rpcbind=YES mountd=YES nfs_server=YES ipfilter=YES ipmon=YES EOF cat</etc/ntpdate #!/bin/sh host=`hostname` echo "To: ${MAILTO:-root}" echo "Subject: $host ntpdate" echo "" echo "/usr/sbin/ntpdate ntp1.plala.or.jp" echo "" /usr/sbin/ntpdate ntp1.plala.or.jp EOF crontab -e 45 3 * * 1 /bin/sh /etc/ntpdate 2>&1 | tee /var/log/ntpdate.out | sendmail -t shutdown -r now #ipf -D #ipf -E #ipf -Fa #ipf -f /etc/ipf.conf #ipfstat -io #ipmon #ipmon -n #cd /usr #cat pkgsrc-2024Q1.tar.bz2|gzip -d|tar -xf- #cat</etc/mk.conf #PKG_DEFAULT_OPTIONS+=-inet6 #EOF #cd /usr/pkgsrc/shells/tcsh #make install|&tee mk01.log pkgin list pkgin search tcsh pkgin install tcsh|&tee 01tcsh.log pkgin install php82-roundcube|&tee 02php82-roundcube.log pkgin install postgresql14|&tee 03postgresql14.log pkgin install php82-pdo_pgsql|&tee 04php82-pdo_pgsql.log pkgin install ap24-php82|&tee 05ap24-php82.log pkgin install ap24-perl|&tee 06ap24-perl.log pkgin install p5-CGI|&tee 07p5-CGI.log pkgin install p5-Socket6|&tee 08p5-Socket6.log pkgin install dovecot-2.3.21nb1|&tee 09dovecot-2.3.21nb1.log pkgin install samba|&tee 10samba.log cp -p /usr/pkg/share/examples/rc.d/* /etc/rc.d cat<>/etc/rc.conf apache=YES pgsql=YES dovecot=YES dbus=YES avahidaemon=YES winbindd=YES smbd=YES samba=YES nmbd=YES EOF cd /etc/postfix cat<>main.cf mynetworks = 127.0.0.0/8, 192.168.xxx.0/24, [::1]/128, xxx.xxx.xxx.xxx/16 relayhost = mmr.plala.or.jp home_mailbox = Maildir/ smtpd_banner = $myhostname ESMTP smtpd_use_tls = yes smtpd_tls_cert_file = /etc/ssl/certs/dovecot.pem smtpd_tls_key_file = /etc/ssl/private/dovecot.pem smtpd_client_restrictions = permit_mynetworks reject_unknown_client_hostname check_client_access hash:/etc/postfix/reject_client EOF cat<reject_client example.com REJECT EOF /usr/sbin/postmap /etc/postfix/reject_client #cat<reject_sender #penguin@example.com REJECT #duck@example.com DISCARD #example.net REJECT #example.jp DISCARD #EOF #/usr/sbin/postmap /etc/postfix/reject_sender cat<>master.cf smtp inet n - n - - smtpd submission inet n - n - - smtpd submissions inet n - n - - smtpd EOF postfix check postfix reload cat<>/etc/mail/aliases root:USERNAME EOF newaliases cat<>/usr/pkg/etc/httpd/httpd.conf #LoadModule mpm_event_module lib/httpd/mod_mpm_event.so LoadModule mpm_prefork_module lib/httpd/mod_mpm_prefork.so LoadModule socache_shmcb_module lib/httpd/mod_socache_shmcb.so LoadModule proxy_module lib/httpd/mod_proxy.so LoadModule ssl_module lib/httpd/mod_ssl.so LoadModule cgid_module lib/httpd/mod_cgid.so LoadModule userdir_module lib/httpd/mod_userdir.so LoadModule php_module lib/httpd/mod_php8.so LoadModule perl_module lib/httpd/mod_perl.so PerlModule Apache2::compat ServerAdmin you@example.com ServerName www.example.com:80 SetHandler application/x-httpd-php Include etc/httpd/httpd-userdir.conf Include etc/httpd/httpd-ssl.conf EOF cat<>/usr/pkg/etc/httpd/httpd-userdir.conf Options ExecCGI SetHandler cgi-script EOF cat<>/usr/pkg/etc/httpd/httpd-ssl.conf ServerAdmin you@example.com ServerName www.example.com:443 SSLCertificateFile "/etc/ssl/certs/dovecot.pem" SSLCertificateKeyFile "/etc/ssl/private/dovecot.pem" EOF cp -p /usr/pkg/share/examples/httpd/extra/proxy-html.conf /usr/pkg/etc/httpd #touch /etc/openssl/openssl.cnf #cd /usr/pkg/etc/httpd #openssl genrsa -out server.key 3072 #openssl ecparam -list_curves #openssl ecparam -genkey -name prime256v1 -out server.key #openssl req -new -key server.key -out server.csr -subj='/C=JP/ST=Tokyo/L=Shinjuku/O=Unknown/OU=Unknown/CN=mune.plala.jp/emailAddress=webmaster@mune.plala.jp' #openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 #openssl ec -text -in server.key #openssl req -text -in server.csr #openssl x509 -text -in server.crt apachectl configtest vi /usr/pkg/etc/php.ini #Add "date.timezone = Asia/Tokyo". #Maybe no need "extension=pgsql.so". #For roundcube, add "upload_max_filesize=8M" and "post_max_size=8M". #php --ini #php -i cd /usr/pkg/etc/roundcube cat<>config.inc.php $config['enable_installer'] = true; $config['db_dsnw'] = 'pgsql://roundcube:pass@localhost/roundcubemail'; $config['default_host'] = 'ssl://mune.plala.jp'; $config['imap_host'] = 'mune.plala.jp:143'; $config['smtp_host'] = 'mune.plala.jp:587'; $config['smtp_user'] = ''; $config['smtp_pass'] = ''; EOF cat<>/usr/pkg/etc/httpd/httpd.conf Alias /roundcube "/usr/pkg/share/roundcube" AllowOverride All DirectoryIndex index.php Require all granted Alias /installer "/usr/pkg/share/roundcube/installer" Require all granted EOF cd /usr/pkg/etc/dovecot cat<>dovecot.conf protocols = imap pop3 EOF cat<>conf.d/10-ssl.conf ssl = YES ssl_dh = >/etc/inetd.conf #swat stream tcp nowait.400 root /usr/pkg/sbin/swat swat #EOF pdbedit -L pdbedit -a USERNAME #pdbedit -x USERNAME #cat</usr/pkg/etc/samba/smb.conf #[homes] # read only = No #EOF cat<cgi-bin/phpinfo.php EOF