update server files

iso_configs/hooks/normal/debsrv_64/0520-removeapps.hook.chroot

@@ -8,5 +8,5 @@
 ### Missing files no longer cause builds to fail.
 
 # Remove software
-#apt --purge --yes autoremove nvidia* 
+apt --purge --yes autoremove nvidia* 
 

iso_configs/hooks/normal/debsrv_64/0620-installapps.hook.chroot

@@ -5,5 +5,4 @@
 # SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me)
 
 ### install cockpit server manager
-    apt -y install cockpit* 
+    apt -y install cockpit cockpit-machines cockpit-podman 
-

iso_configs/hooks/normal/debsrv_64/0660-selinux_hook.chroot

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me)
+
+set -e
+
+# Install required SELinux packages
+chroot $1 apt-get update
+chroot $1 apt-get -y install selinux-basics selinux-policy-default auditd
+
+# Initialize SELinux
+chroot $1 selinux-activate
+
+# Restart auditd service
+chroot $1 systemctl restart auditd
+
+# Enable SELinux policy activation on boot
+chroot $1 systemctl enable selinux-policy-activate
+
+# Disable AppArmor
+chroot $1 systemctl disable apparmor
+chroot $1 systemctl stop apparmor
+chroot $1 apt-get -y purge apparmor
+
+# Additional configuration (optional)
+# Here you can add commands to adjust policies or configure additional rules
+
+# Set SELinux to enforcing mode
+chroot $1 /usr/sbin/setenforce 1
+
+# Configure file contexts (example)
+chroot $1 /sbin/restorecon -Rv /etc/
+
+# Allow HTTPD scripts and modules to connect to the network (example)
+chroot $1 /usr/sbin/setsebool -P httpd_can_network_connect 1
+
+exit 0
+
+

iso_configs/hooks/normal/devsrv_64/0520-removeapps.hook.chroot

@@ -8,5 +8,5 @@
 ### Missing files no longer cause builds to fail.
 
 # Remove software
-#apt --purge --yes autoremove nvidia* 
+apt --purge --yes autoremove nvidia* 
 

iso_configs/hooks/normal/devsrv_64/0660-selinux_hook.chroot

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me)
+
+set -e
+
+# Install required SELinux packages
+chroot $1 apt-get update
+chroot $1 apt-get -y install selinux-basics selinux-policy-default auditd
+
+# Initialize SELinux
+chroot $1 selinux-activate
+
+# Restart auditd service
+chroot $1 systemctl restart auditd
+
+# Enable SELinux policy activation on boot
+chroot $1 systemctl enable selinux-policy-activate
+
+# Disable AppArmor
+chroot $1 systemctl disable apparmor
+chroot $1 systemctl stop apparmor
+chroot $1 apt-get -y purge apparmor
+
+# Additional configuration (optional)
+# Here you can add commands to adjust policies or configure additional rules
+
+# Set SELinux to enforcing mode
+chroot $1 /usr/sbin/setenforce 1
+
+# Configure file contexts (example)
+chroot $1 /sbin/restorecon -Rv /etc/
+
+# Allow HTTPD scripts and modules to connect to the network (example)
+chroot $1 /usr/sbin/setsebool -P httpd_can_network_connect 1
+
+exit 0
+
+

iso_configs/installer/preseed/debsrv_64/preseed.cfg

@@ -29,5 +29,5 @@ popularity-contest popularity-contest/participate boolean false
 ### Account setup
 # Skip creation of a root account (normal user account will be able to
 # use sudo).
-d-i passwd/root-login boolean false
+#d-i passwd/root-login boolean false
 

iso_configs/installer/preseed/devsrv_64/preseed.cfg

@@ -29,5 +29,5 @@ popularity-contest popularity-contest/participate boolean false
 ### Account setup
 # Skip creation of a root account (normal user account will be able to
 # use sudo).
-d-i passwd/root-login boolean false
+#d-i passwd/root-login boolean false
 

iso_configs/installer/scripts/debsrv_64/06copy-files-to-cdrom

@@ -7,12 +7,12 @@
 # This script copies a file to the chroot and runs commands during the Debian installation process.
 
 # Copy files to the chroot directory
-#echo "Copying files to chroot..."
+echo "Copying files to chroot..."
-#cp /preseed/grub/grub /cdrom/etc/default
+cp /preseed/grub/grub /cdrom/etc/default
 
 # update grub and initramfs
-#chroot /cdrom update-initramfs -u
+chroot /cdrom update-initramfs -u
-#chroot /cdrom update-grub
+chroot /cdrom update-grub
 
-#exit 0
+exit 0
 

iso_configs/installer/scripts/devsrv_64/06copy-files-to-cdrom

@@ -7,12 +7,12 @@
 # This script copies a file to the chroot and runs commands during the Debian installation process.
 
 # Copy files to the chroot directory
-#echo "Copying files to chroot..."
+echo "Copying files to chroot..."
-#cp /preseed/grub/grub /cdrom/etc/default
+cp /preseed/grub/grub /cdrom/etc/default
 
 # update grub and initramfs
-#chroot /cdrom update-initramfs -u
+chroot /cdrom update-initramfs -u
-#chroot /cdrom update-grub
+chroot /cdrom update-grub
 
-#exit 0
+exit 0
 

iso_configs/server/hooks/normal/0520-removeapps.hook.chroot

@@ -1,12 +0,0 @@
-#!/bin/bash
-
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me)
-
-### Error checking added to "lint-trap" section.
-### Missing files no longer cause builds to fail.
-
-# Remove software
-#apt --purge --yes autoremove nvidia* 
-

iso_configs/server/hooks/normal/0620-installapps.hook.chroot

@@ -1,17 +0,0 @@
-#!/bin/bash
-
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# SPDX-FileCopyrightText:  2023 PeppemrintOS Team  (peppermintosteam@proton.me)
-
-# Check if it's Debian (based on ID field)
-if grep -q '^PRETTY_NAME="PeppermintOS Debian"' /etc/os-release && grep -q 'VERSION_CODENAME=bookworm' /etc/os-release; then
-    # Install software only if it's Debian and codename is bookworm
-    apt --yes install cockpit* || true
-# Check if it's Devuan (based on ID field)
-elif grep -q '^PRETTY_NAME="PeppermintOS Devuan' /etc/os-release && grep -q 'VERSION_CODENAME=daedalus' /etc/os-release; then
-    echo "This is Devuan distribution, and the codename is daedalus. Packages will not be installed."
-else
-    echo "This distribution is not supported. Packages will not be installed."
-fi
-

python_modules/conf.py

@@ -306,7 +306,7 @@ SERVER_LIST = ('zonefstoolspep\n'
                'libzbdpep1\n'
                'sudo\n'
                'task-ssh-server\n'
-               'task-web-server\n'
+               #'task-web-server\n'
                'sshguard\n'
                'btop\n'
                'whois\n'
@@ -315,11 +315,11 @@ SERVER_LIST = ('zonefstoolspep\n'
                'net-tools\n'
                'nfs-common\n'
                'firewalld\n'
-               'samba\n'
+               'openssl\n'
                'cups\n'
-               'gvfs-backends\n'
                'git\n'
                'wget\n'
+               'vim\n'
                )
 
 MINI_LIST = ('nano\n'
@@ -608,12 +608,15 @@ LBSET_SHARED_INSTALLER_DEV = (' --debian-installer-distribution "daedalus"'
                               )
 LBSET_SHARED_INSTALLER_MINI = (' --debootstrap-options --include=zstd,locales,dialog,krb5-locales'
                                ' --debian-installer cdrom'
+                               ' --debian-installer-preseedfile preseed.cfg'
                                )
 LBSET_PRIVATE_SERVER_DEB64 = (' --image-name "PeppermintOS-server-Debian-64"'
                               ' --debian-installer live'
+                              ' --debian-installer-preseedfile preseed.cfg'
                               )
 LBSET_PRIVATE_SERVER_DEV64 = (' --image-name "PeppermintOS-server-Devuan-64"'
                               ' --debian-installer live'
+                              ' --debian-installer-preseedfile preseed.cfg'
                               )
 LBSET_PRIVATE_MINI_DEB64 = (' --image-name "PeppermintOS-mini-Debian-64"')
 LBSET_PRIVATE_MINI_DEV64 = (' --image-name "PeppermintOS-mini-Devuan-64"')