Skip to content

TKL v19: dual-stack networking, Redis/Ruby verticals, and misc fixes#339

Open
marcos-mendez wants to merge 7 commits intoturnkeylinux:19.x-devfrom
popsolutions:19.x-dev
Open

TKL v19: dual-stack networking, Redis/Ruby verticals, and misc fixes#339
marcos-mendez wants to merge 7 commits intoturnkeylinux:19.x-devfrom
popsolutions:19.x-dev

Conversation

@marcos-mendez
Copy link
Copy Markdown
Contributor

@marcos-mendez marcos-mendez commented Apr 2, 2026

Summary

  • Dual-stack IPv4/IPv6 network support (dhcpcd replacing udhcpc)
  • Fix DHCPv6: remove redundant inet6 dhcp from interfaces
  • Add Redis vertical: plan and conf for shared Redis infrastructure
  • Add Ruby vertical: extract Ruby build deps from Rails into standalone plan
  • Minor NGINX overlay SSL snippet fix
  • Apache SSL conf script fix, mawk/locales base plan fixes, fail2ban guard, PostgreSQL plan

Replaces #338 (was opened from the wrong fork popsolutions/tkl-common; now from popsolutions/common).

🤖 Generated with Claude Code

navigator and others added 7 commits March 20, 2026 15:58
WIP: idempotency fixes and postgresql plan for 19.x-dev
20014ed
feat: TurnKey Linux v19 Trixie migration fixes
4ad80fd 
- plans/turnkey/base: add libsocket6-perl + libio-socket-ssl-perl (IPv6 Webmin)
- plans/turnkey/base: uncomment tklbam (migrated to Python 3.13)
- conf/turnkey.d/webmin-conf: enable ipv6=1 by default
- overlays/turnkey.d/networking/etc/gai.conf: prefer IPv4 for external connections

Tested: Built turnkey-core v19 ISO (406MB), LXC container running with
Webmin on IPv4+IPv6, SSH, systemd, Python 3.13, kernel 6.12.
fix: guard fail2ban-fixes script when fail2ban not installed
4c6f5c9
fix: add locales to base plan (no longer pulled as dependency in Trixie)
02910e7
fix: add mawk to base plan (resolves virtual package awk for Trixie)
07d32fb
Replace udhcpc with dhcpcd for dual-stack DHCPv4/DHCPv6 support
abb5516 
- Switch from udhcpc (IPv4-only) to dhcpcd (dual-stack v4+v6)
- Add inet6 dhcp stanzas to interfaces overlay for eth0 and eth1
- Remove udhcpc-fix overlay (resolvconf integration handled natively by dhcpcd)
- Mask dhcpcd.service daemon to prevent conflict with ifupdown
  (ifupdown invokes dhcpcd on-demand via ifup/ifdown)

Tested: ifupdown 0.8.44 (Trixie) natively supports dhcpcd-base.
With daemon masked, ifup eth0 successfully obtains both DHCPv4 and
DHCPv6 (SLAAC) addresses using a single package.

This enables dual-stack IPv4+IPv6 out of the box for all TKL v19
appliances without breaking confconsole/ifupdown integration.
fix: enable apache-ssl conf script for all Apache appliances
e34762f 
The apache-ssl conf script (which configures TLS protocol hardening,
cipher suites, default certificate paths, OCSP stapling, HSTS, and
HTTP/2) existed in common/conf/ but was never invoked by any .mk file.

This caused all Apache+SSL appliances on Trixie to start with
SSLEngine on but no SSLCertificateFile, resulting in fatal mod_ssl
errors on boot.

Add apache-ssl to apache.mk COMMON_CONF so it runs automatically
for every appliance that includes Apache.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@marcos-mendez