Multiple autossh destinations in /etc/rc.d/autossh

2022-04-20 Thread readme 
I was having some issues starting up autossh to multiple destinations using
a rc.d script. The following configuration works connecting an OpenBSD
machine to two remote endpoints for remote forwarding back to sshd on the
local machine.

There's likely a better way to do this, but this has been tested to work
with both `rcctl start' and `rcctl stop' commands. Don't forget to enable
the daemon with `rcctl enable autossh'.

Hope it helps.

### ~autossh-user/.ssh/config

Host REMOTE_GW_1
 HostName remote-gw-1.example.org
 IdentityFile /home/autossh-user/.ssh/id_rsa
 RemoteForward  localhost:22
 ServerAliveInterval 15
 ServerAliveCountMax 3
 ExitOnForwardFailure yes

Host REMOTE_GW_2
 HostName remote-gw-2.example.org
 IdentityFile /home/autossh-user/.ssh/id_rsa
 RemoteForward  localhost:22
 ServerAliveInterval 15
 ServerAliveCountMax 3
 ExitOnForwardFailure yes


### /etc/rc.d/autossh

#!/bin/sh
# start autossh tunnel
# requires $daemon_user with $HOME/.ssh/config and keys

daemon="/usr/local/bin/autossh"
daemon_flags_1="-M 0 -f -N REMOTE_GW_1"
daemon_flags_2="-M 0 -f -N REMOTE_GW_2"
daemon_user="autossh-user"

. /etc/rc.d/rc.subr

rc_reload=NO

pexp="autossh:.*"

rc_start() {
 ${rcexec} "${daemon} ${daemon_flags_1}" && \
 ${rcexec} "${daemon} ${daemon_flags_2}"
}

rc_cmd $1

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-20 Thread Stuart Henderson 
On 2022-04-20, Florian Obser  wrote:
> You will need a carefully curated /etc/sysclean.ignore file.
>
> You decided to put maildirs somewhere on the system, sysclean is not 
> omniscient, you need to tell it to leave them alone. Same with .git 
> directories.
> I don't recall needing to tell it about package config files though, that's a 
> bit weird.

e.g. files which are added to /etc that aren't distributed in the package but
you create yourself

> It's a bit daunting on first run if a lot of cruft has accumulated over the 
> years, but it gets better. I'm using it for years, and I can't recall the 
> last time I had to add anything to the ignore file.
>
> I run it from daily and also by hand after every upgrade to a snapshot.
>
> If it outputs a really long list I cleanup incrementally, for example:
> sysclean | fgrep /usr

For a first run I would review "| fgrep /usr/local" as that's the most likely
place where files might exist that should not be cleaned, and it's easier to
check for those if you don't have to wade through maybe thousands of lines of
old headers, fonts, manpages, obsolete perl components and timezone files.
If that is clear then I'm usually pretty happy to just remove anything else
under /usr.

If you want to be on the safe side then tar up the files before rm'ing.
I don't do that though.

> There really shouldn't be a false positive there, so after review I run
> sysclean | fgrep /usr | xargs rm -r
> next up is /etc.
> If there is more output afterwards something is either very weird or an 
> intentional decision by me to store something in that location so it goes 
> into the ignore file.

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-20 Thread Florian Obser 
You will need a carefully curated /etc/sysclean.ignore file.

You decided to put maildirs somewhere on the system, sysclean is not 
omniscient, you need to tell it to leave them alone. Same with .git directories.
I don't recall needing to tell it about package config files though, that's a 
bit weird.

It's a bit daunting on first run if a lot of cruft has accumulated over the 
years, but it gets better. I'm using it for years, and I can't recall the last 
time I had to add anything to the ignore file.

I run it from daily and also by hand after every upgrade to a snapshot.

If it outputs a really long list I cleanup incrementally, for example:
sysclean | fgrep /usr
There really shouldn't be a false positive there, so after review I run
sysclean | fgrep /usr | xargs rm -r
next up is /etc.
If there is more output afterwards something is either very weird or an 
intentional decision by me to store something in that location so it goes into 
the ignore file.


On 20 April 2022 20:39:09 CEST, Harald Dunkel  wrote:
>Hi folks,
>
>the upgrade guide claims
>
>   A detailed cleanup can be done with the aid of the sysclean package.
>
>sysclean lists 4180 files and directories on my home server, including mail
>directories, config files of various external packages, generated files, .git
>directories, etc. A lot of stuff I wouldn't like to lose. Apparently it also
>lists a lot of old crap, but since it lists *so many* important files I don't
>trust it at all.
>
>Could you please elaborate how sysclean is going to help me to keep my openbsd
>hosts clean? How is the usage model of this tool?
>
>
>Thank you very much in advance
>Harri
>

-- 
Sent from a mobile device. Please excuse poor formatting.

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-20 Thread Ian Darwin 
On Wed, Apr 20, 2022 at 08:39:09PM +0200, Harald Dunkel wrote:
> Hi folks,
> 
> the upgrade guide claims
> 
>   A detailed cleanup can be done with the aid of the sysclean package.
> 
> sysclean lists 4180 files and directories on my home server, including mail
> directories, config files of various external packages, generated files, .git
> directories, etc. A lot of stuff I wouldn't like to lose. Apparently it also
> lists a lot of old crap, but since it lists *so many* important files I don't
> trust it at all.
> 
> Could you please elaborate how sysclean is going to help me to keep my openbsd
> hosts clean? How is the usage model of this tool?

Like any base tool, start with its man page:

man sysclean

Add any directories you want to keep into /etc/sysclean.ignore
(start with the sample provided to ensure you keep the include at the end).

Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-20 Thread Harald Dunkel 

Hi folks,

the upgrade guide claims

A detailed cleanup can be done with the aid of the sysclean package.

sysclean lists 4180 files and directories on my home server, including mail
directories, config files of various external packages, generated files, .git
directories, etc. A lot of stuff I wouldn't like to lose. Apparently it also
lists a lot of old crap, but since it lists *so many* important files I don't
trust it at all.

Could you please elaborate how sysclean is going to help me to keep my openbsd
hosts clean? How is the usage model of this tool?


Thank you very much in advance
Harri