TKL v19: dual-stack networking, Redis/Ruby verticals, and misc fixes#339
TKL v19: dual-stack networking, Redis/Ruby verticals, and misc fixes#339marcos-mendez wants to merge 7 commits intoturnkeylinux:19.x-devfrom
Conversation
- plans/turnkey/base: add libsocket6-perl + libio-socket-ssl-perl (IPv6 Webmin) - plans/turnkey/base: uncomment tklbam (migrated to Python 3.13) - conf/turnkey.d/webmin-conf: enable ipv6=1 by default - overlays/turnkey.d/networking/etc/gai.conf: prefer IPv4 for external connections Tested: Built turnkey-core v19 ISO (406MB), LXC container running with Webmin on IPv4+IPv6, SSH, systemd, Python 3.13, kernel 6.12.
- Switch from udhcpc (IPv4-only) to dhcpcd (dual-stack v4+v6) - Add inet6 dhcp stanzas to interfaces overlay for eth0 and eth1 - Remove udhcpc-fix overlay (resolvconf integration handled natively by dhcpcd) - Mask dhcpcd.service daemon to prevent conflict with ifupdown (ifupdown invokes dhcpcd on-demand via ifup/ifdown) Tested: ifupdown 0.8.44 (Trixie) natively supports dhcpcd-base. With daemon masked, ifup eth0 successfully obtains both DHCPv4 and DHCPv6 (SLAAC) addresses using a single package. This enables dual-stack IPv4+IPv6 out of the box for all TKL v19 appliances without breaking confconsole/ifupdown integration.
The apache-ssl conf script (which configures TLS protocol hardening, cipher suites, default certificate paths, OCSP stapling, HSTS, and HTTP/2) existed in common/conf/ but was never invoked by any .mk file. This caused all Apache+SSL appliances on Trixie to start with SSLEngine on but no SSLCertificateFile, resulting in fatal mod_ssl errors on boot. Add apache-ssl to apache.mk COMMON_CONF so it runs automatically for every appliance that includes Apache.
|
After a bit of testing, I'm going to close this PR. I've opened #343 as a partial replacement that includes your idempotency improvements - but NOT the DHCPv6 stuff. (It also doesn't include e34762f - updates to I'm on board with improving DHCPv6 support but testing your changes I found IPv4 DHCP unreliable and setting static IPv4 IPs via Confconsole nonfunctional. After a bit of research I made a few discoveries that I think may explain my experience - primarily that Because implementation of IPv6 requires a bit more consideration it's likely we may not be able to implement full IPv6 DHCP support in v19.0. Because v19.0 is so overdue already, I'd rather release something that is sub-optimal - but with the same functionality as v18.x - than something that includes new features which potentially cause new issues. |
|
Oops, hit the wrong button... |
2 participants
Summary
Replaces #338 (was opened from the wrong fork
popsolutions/tkl-common; now frompopsolutions/common).🤖 Generated with Claude Code