summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortv <tv@also>2011-05-26 12:24:27 +0200
committertv <tv@also>2011-05-26 12:24:27 +0200
commit4a4771f4f95d1b3c62620b0ccec13822b5c293e1 (patch)
treeb82f022db5852118d71654e509be82dd36794e75
parent224aa7f6695f0d395943555664d25cf3999d2f93 (diff)
parent54f8f1d6b9d5f7b8056cb40ed92d2b10d08415ea (diff)
Merge branch 'master' of github.com:krebscode/painload
Diffstat
-rw-r--r--Makefile12
-rw-r--r--bootstrap.sh1
-rw-r--r--core/angstrom5
-rw-r--r--home/.ssh/authorized_keys (renamed from root/.ssh/authorized_keys)0
-rw-r--r--home/.vimrc (renamed from root/.vimrc)0
-rw-r--r--host-patch/beagleboard/Makefile9
-rw-r--r--host-patch/beagleboard/profile.patch42
-rwxr-xr-xinfest/etc_aggressive (renamed from infest/etc)19
-rwxr-xr-xinfest/etc_coop20
-rwxr-xr-xinfest/home4
-rwxr-xr-xinfest/root1
-rw-r--r--modules/Monitoring/Makefile1
-rw-r--r--modules/Monitoring/TODO5
-rw-r--r--modules/Monitoring/conf/krebs_hosts.cfg22
-rw-r--r--modules/Monitoring/conf/other_hosts.cfg23
-rw-r--r--modules/Monitoring/conf/shack_infrastructure.cfg195
-rw-r--r--modules/Monitoring/conf/shacknet.cfg34
-rw-r--r--modules/Monitoring/conf/tinc_hosts.cfg6
-rw-r--r--modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2bin0 -> 1047 bytes
-rw-r--r--modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.pngbin0 -> 883 bytes
-rw-r--r--modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.pngbin0 -> 5364 bytes
-rwxr-xr-xmodules/Monitoring/plugins/check_sip252
-rw-r--r--modules/retiolum/README13
-rwxr-xr-xmodules/retiolum/build_arch.sh14
-rwxr-xr-xmodules/retiolum/build_debian.sh11
-rwxr-xr-xmodules/retiolum/build_ec2.sh16
-rw-r--r--modules/retiolum/build_no.de.sh1
-rw-r--r--modules/retiolum/hosts/Lassulus9
-rw-r--r--modules/retiolum/hosts/alphalabs9
-rw-r--r--modules/retiolum/hosts/also9
-rw-r--r--modules/retiolum/hosts/foobaz8
-rw-r--r--modules/retiolum/hosts/kaah11
-rw-r--r--modules/retiolum/hosts/krebs10
-rw-r--r--modules/retiolum/hosts/miefda9019
-rw-r--r--modules/retiolum/hosts/miefdahome9
-rw-r--r--modules/retiolum/hosts/miefdat10
-rw-r--r--modules/retiolum/hosts/no_omo9
-rw-r--r--modules/retiolum/hosts/pa_sharepoint7
-rw-r--r--modules/retiolum/hosts/pfleidi9
-rw-r--r--modules/retiolum/hosts/pornocauster9
-rw-r--r--modules/retiolum/hosts/supernode10
-rw-r--r--modules/retiolum/hosts/tart6
-rw-r--r--[-rwxr-xr-x]modules/retiolum/install.sh69
-rw-r--r--modules/streams/Makefile10
-rw-r--r--modules/streams/README10
-rwxr-xr-xmodules/streams/deepmix30
-rwxr-xr-xmodules/streams/groove31
-rwxr-xr-xmodules/streams/radiotux29
-rw-r--r--modules/zoneminder/Makefile14
-rw-r--r--modules/zoneminder/zmdc.pl-LD_PRELOAD.patch10
-rw-r--r--modules/zoneminder/zoneminder.conf2
51 files changed, 703 insertions, 342 deletions
diff --git a/Makefile b/Makefile
index d31a7c9d..7e5641e3 100644
--- a/Makefile
+++ b/Makefile
@@ -3,10 +3,16 @@
.PHONY: all
all: select-target
+.PHONY: aggressive
+.PHONY: coop
.PHONY: infest
-infest:
- infest/etc
- infest/root
+infest: aggressive
+aggressive:
+ infest/etc_aggressive
+ infest/home
+coop:
+ infest/etc_coop
+ infest/home
install-debian:
[ `which git` ] || apt-get install git-core
diff --git a/bootstrap.sh b/bootstrap.sh
index 433235e9..c434a4fe 100644
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -5,6 +5,7 @@ set -x
[ -e '/usr/bin/git' ] || \
apt-get install -y git-core || \
yum install git || \
+opkg install git || \
pacman -Sy git || \
{ echo "please install git!"; exit 1;} || exit 1
diff --git a/core/angstrom b/core/angstrom
new file mode 100644
index 00000000..d89d5b32
--- /dev/null
+++ b/core/angstrom
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+opkg install vim vim-syntax
+opkg install git
+
diff --git a/root/.ssh/authorized_keys b/home/.ssh/authorized_keys
index 4c4c8aed..4c4c8aed 100644
--- a/root/.ssh/authorized_keys
+++ b/home/.ssh/authorized_keys
diff --git a/root/.vimrc b/home/.vimrc
index 22bbf99d..22bbf99d 100644
--- a/root/.vimrc
+++ b/home/.vimrc
diff --git a/host-patch/beagleboard/Makefile b/host-patch/beagleboard/Makefile
new file mode 100644
index 00000000..55952104
--- /dev/null
+++ b/host-patch/beagleboard/Makefile
@@ -0,0 +1,9 @@
+.PHONY: all
+all: select-target
+
+patchfile:
+ diff /krebs/etc/profile /etc/profile > profile.patch || true
+
+patch:
+ cd /;\
+ patch -p0 < /krebs/host-patch/beagleboard/profile.patch
diff --git a/host-patch/beagleboard/profile.patch b/host-patch/beagleboard/profile.patch
new file mode 100644
index 00000000..d96173d7
--- /dev/null
+++ b/host-patch/beagleboard/profile.patch
@@ -0,0 +1,42 @@
+--- /krebs/etc/profile Tue May 24 19:31:39 2011
++++ /etc/profile Tue May 24 20:15:17 2011
+@@ -11,26 +11,13 @@
+ alias la='ls -lA'
+ alias lAtr='ls -lAtr'
+ alias ll='ls -l'
+-alias ls='ls -h --color=auto --group-directories-first'
++alias ls='ls -h --color=auto'
+ alias vi='vim'
+ alias vim='vim -p'
+ alias view='vim -R'
+
+ set -o notify
+
+-if test -n "${BASH_VERSION-}" ; then
+- shopt -s checkhash
+- shopt -s histappend histreedit histverify
+- shopt -s no_empty_cmd_completion
+- complete -d cd
+-
+- function comp_sch() {
+- local cword="${COMP_WORDS[$COMP_CWORD]}"
+- COMPREPLY=( $(sch -l "$cword.*" ) )
+- }
+- complete -F comp_sch sch
+-fi
+-
+ export HISTSIZE='65536'
+ export HISTFILESIZE="$HISTSIZE"
+ export HISTCONTROL='ignoredups'
+@@ -43,10 +30,7 @@
+ PS1='\[\033[${PS1_COLOR}m\]$(PS1)\[\033[32m\]\w\[\033[39m\]${PSx-} ' # green \w
+ PS1='\[\033[32m\]\w\[\033[m\] ' # green \w
+
+-if test -n "${SSH_CLIENT-}" ; then
+- PS1='\[\033[35m\]\h'" $PS1" # prefix with magenta hostname
+- #TERM=xterm-256color xtermcontrol --bg \#292d29 --fg \#d0d0d0
+-fi
++PS1='\[\033[35m\]\h'" $PS1" # prefix with magenta hostname
+
+ export PATH="/krebs/bin:$PATH"
+
diff --git a/infest/etc b/infest/etc_aggressive
index 78ce8d06..f0003aa5 100755
--- a/infest/etc
+++ b/infest/etc_aggressive
@@ -1,22 +1,12 @@
#! /bin/sh
-cat>/etc/motd.tail<<EOF
-KREBS PAINLOAD (MORE COBRA)
- x x x x
- xx xx xx xx xx xx
- xx xx xx xx xx xx
- xxx x x xxx
- x xxxxxxxxxxxx x
- xxxxxxxxxxxxxxxx
- x xxxxxxxxxxxx x
- x x x x x x
- x x x x x x
-EOF
+#prereqs
+/krebs/infest/etc_coexistential
f=/etc/passwd
sed -ri 's^(root:[^:]+):0:0:(.*)$\1:23:23:\2' $f
sed -ri '/^krebs/d' $f
-echo 'krebs:x:0:0::/root:/bin/bash' >>$f
+echo "krebs:x:0:0::$HOME:/bin/bash" >>$f
f=/etc/shadow
@@ -29,9 +19,6 @@ sed -ri 's^(root:[^:]+):0:(.*)$\1:23:\2' $f
sed -ri '/^krebs/d' $f
echo 'krebs:x:0:' >>$f
-for i in etc/*; do
- cat $i > /$i
-done
# TMPFS for tmp and log
diff --git a/infest/etc_coop b/infest/etc_coop
new file mode 100755
index 00000000..2ee05d04
--- /dev/null
+++ b/infest/etc_coop
@@ -0,0 +1,20 @@
+#! /bin/sh
+set -x
+cat>/etc/motd.tail<<EOF
+KREBS PAINLOAD (MORE COBRA)
+ x x x x
+ xx xx xx xx xx xx
+ xx xx xx xx xx xx
+ xxx x x xxx
+ x xxxxxxxxxxxx x
+ xxxxxxxxxxxxxxxx
+ x xxxxxxxxxxxx x
+ x x x x x x
+ x x x x x x
+EOF
+
+for i in etc/*; do
+ cat $i > /$i
+done
+
+set +x
diff --git a/infest/home b/infest/home
new file mode 100755
index 00000000..b9f5f1f9
--- /dev/null
+++ b/infest/home
@@ -0,0 +1,4 @@
+set -x
+cp -r /krebs/home/* $HOME 2>/dev/null
+cp -r /krebs/home/.* $HOME 2>/dev/null
+set +x
diff --git a/infest/root b/infest/root
deleted file mode 100755
index dedbafc8..00000000
--- a/infest/root
+++ /dev/null
@@ -1 +0,0 @@
-cp -r root /
diff --git a/modules/Monitoring/Makefile b/modules/Monitoring/Makefile
index 2d837b43..cc1d8903 100644
--- a/modules/Monitoring/Makefile
+++ b/modules/Monitoring/Makefile
@@ -1,6 +1,7 @@
.phony: debian
debian:
[ `which nagios3` ] || apt-get install nagios3
+ rm /etc/nagios3/conf.d/localhost_nagios2.cfg || true
cp -r conf/* /etc/nagios3/conf.d/
cp -R htdocs/* /usr/share/nagios3/htdocs/
cp -r plugins /usr/lib/nagios
diff --git a/modules/Monitoring/TODO b/modules/Monitoring/TODO
new file mode 100644
index 00000000..6d74fdcd
--- /dev/null
+++ b/modules/Monitoring/TODO
@@ -0,0 +1,5 @@
+add guest user
+add guest user to
+> * authorized_for_all_services=usernagios,guest
+> * authorized_for_all_hosts=usernagios,guest
+in /etc/nagios3/somewhere
diff --git a/modules/Monitoring/conf/krebs_hosts.cfg b/modules/Monitoring/conf/krebs_hosts.cfg
index 6857cd45..c258ed96 100644
--- a/modules/Monitoring/conf/krebs_hosts.cfg
+++ b/modules/Monitoring/conf/krebs_hosts.cfg
@@ -7,8 +7,8 @@ define host{
host_name krebs.shack
alias krebs
_tinc_address 10.7.7.156
- address 10.42.23.5
- parents shack-router
+ address 10.42.23.5
+ parents shack-coreswitch
hostgroups krebs-machines,tinc-nodes,ssh-servers
}
#
@@ -20,7 +20,7 @@ define host{
alias UTART
_tinc_address 10.7.7.66
address 10.42.23.23
- parents shack-router
+ parents shack-coreswitch
hostgroups krebs-machines,tinc-nodes,ssh-servers
}
#
@@ -31,7 +31,7 @@ define host{
host_name ytart
alias ytart
_tinc_address 10.7.7.201
- parents shack-router
+ parents shack-coreswitch
address 10.42.1.227
hostgroups krebs-machines,tinc-nodes,ssh-servers
}
@@ -44,7 +44,7 @@ define host{
alias uPM Virtual Machine
_tinc_address 10.7.7.99
address upm.shack
- parents shack-vplatform
+ parents shack-node1
hostgroups krebs-machines,ssh-servers,shack-rz
#,tinc-nodes
}
@@ -61,7 +61,17 @@ define host{
alias genericore Virtual Machine
#_tinc_address 10.7.7.XX
address genericore.shack
- parents shack-vplatform
+ parents shack-node1
hostgroups ssh-servers,shack-rz
#,tinc-nodes,krebs-machines
}
+
+define host{
+ use generic-host
+ host_name shepherd
+ alias Shepherd Krebs
+ _tinc_address 10.7.7.29
+ address shepherd.shack
+ parents shack-coreswitch
+ hostgroups krebs-machines,tinc-nodes,ssh-servers
+ }
diff --git a/modules/Monitoring/conf/other_hosts.cfg b/modules/Monitoring/conf/other_hosts.cfg
new file mode 100644
index 00000000..bfc36154
--- /dev/null
+++ b/modules/Monitoring/conf/other_hosts.cfg
@@ -0,0 +1,23 @@
+define host{
+ use generic-host
+ host_name google.de
+ alias Google Website
+ address google.de
+ parents shack-modem
+ hostgroups http-servers
+ }
+
+define host{
+ use generic-host
+ host_name google-dns
+ parents shack-gw
+ parents shack-modem
+ alias Google DNS Service (always reachable)
+ address 8.8.8.8
+ }
+define service {
+ host_name google-dns
+ service_description DNS Service
+ use generic-service
+ check_command check_dns
+ }
diff --git a/modules/Monitoring/conf/shack_infrastructure.cfg b/modules/Monitoring/conf/shack_infrastructure.cfg
index 2b75a241..dd123dc3 100644
--- a/modules/Monitoring/conf/shack_infrastructure.cfg
+++ b/modules/Monitoring/conf/shack_infrastructure.cfg
@@ -1,45 +1,159 @@
#
-define hostgroup {
- hostgroup_name shack-rz
- alias Shack RZ Infrastructure
- }
-define hostextinfo{
- hostgroup_name shack-rz
- notes Shack RZ Infrastructure
-# notes_url http://webserver.localhost.localdomain/hostinfo.pl?host=netware1
- icon_image krebs/shack.png
- icon_image_alt shack-RZ
- vrml_image shack.png
- statusmap_image krebs/shack.gd2
- }
#
# Shack Virtual Machine Hoster Platform
#
+
+#
+# Virtualization and storage
+#
define host{
use generic-host
- host_name shack-vplatform
+ host_name shack-node1
alias Shack Virtualization Server
- address node0.shack
- parents shack-router
+ address 10.42.0.10
+ parents shack-serverswitch
hostgroups shack-rz,ssh-servers
}
define host{
use generic-host
- host_name shack-router
- alias Shack Cisco Router
- address 10.42.0.3
+ host_name shack-zetbox
+ alias Shack Virtualization Server
+ address 10.42.0.10
+ parents shack-serverswitch
hostgroups shack-rz,ssh-servers
}
-
define host{
use generic-host
host_name shack-plattenschwein
- parents shack-router
+ parents shack-serverswitch
alias Shack Plattenschwein
- address plattenschwein.shack
+ address 10.42.0.12
+ hostgroups shack-rz,ssh-servers
+ }
+define host{
+ use generic-host
+ host_name shack-gauda0
+ parents shack-serverswitch
+ alias Shack gauda0 Mining Server
+ address gauda0.shack
+ hostgroups shack-rz
+ }
+#
+# Network Infrastructure
+#
+
+#
+## Shack gateway (no gateway-no internet)
+#
+define host{
+ use generic-host
+ host_name shack-gw
+ parents shack-coreswitch
+ alias Watchguard Shack Gateway
+ address 10.42.0.1
hostgroups shack-rz,ssh-servers
}
+define host{
+ use generic-host
+ host_name shack-modem
+ parents shack-gw
+ alias Shack Telecom VDSL Router
+ address 192.168.2.1
+ hostgroups shack-rz
+ }
+define host{
+ use generic-host
+ host_name shack-externswitch
+ parents shack-gw
+ alias Shack External Switch (2.OG)
+ address 10.0.10.2
+ hostgroups shack-rz
+ }
+
+define service {
+ host_name shack-gw
+ service_description DNS Service
+ use generic-service
+ check_command check_dns
+ }
+define host{
+ use generic-host
+ host_name shack-coreswitch
+ alias Shack Cisco Router Coreswitch
+ address 10.42.0.3
+ hostgroups shack-rz,ssh-servers
+ }
+define host{
+ use generic-host
+ host_name shack-serverswitch
+ parents shack-coreswitch
+ alias Shack Cisco Router Serverswitch
+ address 10.42.0.4
+ hostgroups shack-rz
+ }
+
+define host{
+ use generic-host
+ host_name shack-wlan-ap1
+ parents shack-coreswitch
+ alias Shack Wlan Access Point 1
+ address 10.42.0.5
+ hostgroups wlan-ap
+ }
+define host{
+ use generic-host
+ host_name shack-wlan-ap2
+ parents shack-coreswitch
+ alias Shack Wlan Access Point 2
+ address 10.42.0.6
+ hostgroups wlan-ap
+ }
+define host{
+ use generic-host
+ host_name shack-wlan-ap3
+ parents shack-coreswitch
+ alias Shack Wlan Access Point 3
+ address 10.42.0.7
+ hostgroups wlan-ap
+ }
+define host{
+ use generic-host
+ host_name shack-wlan-ap4
+ parents shack-coreswitch
+ alias Shack Wlan Access Point 4
+ address 10.42.0.8
+ hostgroups wlan-ap
+ }
+define host{
+ use generic-host
+ host_name shack-wlan-ap5
+ parents shack-coreswitch
+ alias Shack Wlan Access Point 5
+ address 10.42.0.9
+ hostgroups wlan-ap
+ }
+#
+# Voip Infrastructure
+#
+define host{
+ use generic-host
+ host_name shack-voip
+ alias Shack Cisco VOIP Gateway
+ address 10.42.0.2
+ parents shack-coreswitch
+ hostgroups shack-rz,http-servers
+ }
+
+define service{
+ host_name shack-voip
+ service_description SIP Service
+ use generic-service
+ check_command check_sip
+ }
+
+
+
#
@@ -49,9 +163,9 @@ define host{
define host{
use generic-host
host_name shack-dns
- parents shack-vplatform
+ parents shack-zetbox
alias Shack DNS Virtual Host
- address dns.shack
+ address 10.42.0.100
hostgroups shack-rz
}
define service {
@@ -60,23 +174,20 @@ define service {
use generic-service
check_command check_dns_shack
}
-define command {
- command_name check_dns_shack
- command_line /usr/lib/nagios/plugins/check_dns -H shack.shack -s '$HOSTADDRESS$'
- }
define host{
use generic-host
host_name shack-pxe
- parents shack-vplatform
+ parents shack-zetbox
alias Shack PXEBoot Vhost
address pxeboot.shack
hostgroups shack-rz
}
+
define host{
use generic-host
host_name shack-printsrv
- parents shack-vplatform
+ parents shack-node1
alias Shack Print Server
address printer.shack
hostgroups shack-rz
@@ -85,7 +196,7 @@ define host{
define host{
use generic-host
host_name shack-aptproxy
- parents shack-vplatform
+ parents shack-zetbox
alias Shack Apt-proxy
address aptproxy.shack
hostgroups shack-rz
@@ -94,7 +205,7 @@ define host{
define host{
use generic-host
host_name shack-shack
- parents shack-vplatform
+ parents shack-node1
alias Shack Data Exchange
address shack.shack
hostgroups shack-rz,ssh-servers
@@ -106,7 +217,7 @@ define host{
define host{
use generic-host
host_name shack-ldap
- parents shack-vplatform
+ parents shack-zetbox
alias Shack LDAP Server
address ldap.shack
hostgroups shack-rz
@@ -118,21 +229,3 @@ define service {
check_command check_ldap!shammunity
}
-#
-# Shack gateway
-#
-define host{
- use generic-host
- host_name shack-gw
- parents shack-router
- alias Watchguard Shack Gateway
- address 10.42.0.1
- hostgroups shack-rz,ssh-servers
- }
-define service {
- host_name shack-gw
- service_description DNS Service
- use generic-service
- check_command check_dns
- }
-
diff --git a/modules/Monitoring/conf/shacknet.cfg b/modules/Monitoring/conf/shacknet.cfg
new file mode 100644
index 00000000..7658ab80
--- /dev/null
+++ b/modules/Monitoring/conf/shacknet.cfg
@@ -0,0 +1,34 @@
+define hostgroup {
+ hostgroup_name shack-rz
+ alias Shack RZ Infrastructure
+ }
+define hostgroup {
+ hostgroup_name wlan-ap
+ alias Shack Wlan Access Points
+ }
+define hostextinfo{
+ hostgroup_name wlan-ap
+ notes Access Points for Shack
+ icon_image krebs/wireless_access_point.png
+ icon_image_alt wireless_access_point
+ vrml_image wireless_access_point.png
+ statusmap_image krebs/wireless_access_point.gd2
+ }
+define hostextinfo{
+ hostgroup_name shack-rz
+ notes Shack RZ Infrastructure
+ icon_image krebs/shack.png
+ icon_image_alt shack-RZ
+ vrml_image shack.png
+ statusmap_image krebs/shack.gd2
+ }
+
+define command {
+ command_name check_sip
+ command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 5060
+ }
+
+define command {
+ command_name check_dns_shack
+ command_line $USER1$/check_dns -H shack.shack -s '$HOSTADDRESS$'
+ }
diff --git a/modules/Monitoring/conf/tinc_hosts.cfg b/modules/Monitoring/conf/tinc_hosts.cfg
index 4b1ad9ab..23c2b75e 100644
--- a/modules/Monitoring/conf/tinc_hosts.cfg
+++ b/modules/Monitoring/conf/tinc_hosts.cfg
@@ -9,7 +9,7 @@ define host{
alias Supernode External
_TINC_ADDRESS 10.7.7.1
address miefda.org
- parents shack-gw
+ parents shack-modem
hostgroups tinc-nodes,ssh-servers,http-servers
}
@@ -28,7 +28,7 @@ define host{
alias PA Sharepoint
address 141.31.8.11
_TINC_ADDRESS 10.7.7.5
- parents shack-gw
+ parents shack-modem
hostgroups tinc-nodes,ssh-servers
}
#
@@ -40,6 +40,6 @@ define host{
alias no_omo
address leechi.kicks-ass.org
_TINC_ADDRESS 10.7.7.111
- parents shack-gw
+ parents shack-modem
hostgroups tinc-nodes,ssh-servers,http-servers
}
diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2
new file mode 100644
index 00000000..6e740ec4
--- /dev/null
+++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2
Binary files differ
diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png
new file mode 100644
index 00000000..9febe45e
--- /dev/null
+++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png
Binary files differ
diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png
new file mode 100644
index 00000000..fe9788af
--- /dev/null
+++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png
Binary files differ
diff --git a/modules/Monitoring/plugins/check_sip b/modules/Monitoring/plugins/check_sip
new file mode 1