From 1cbb64fd336459a0f798d8685dd2ee232191ef3d Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 14 Jan 2014 03:36:05 +0100 Subject: tinc_setup: remove all the legacy code --- retiolum/scripts/tinc_setup/build_arch.sh | 14 ---- retiolum/scripts/tinc_setup/build_debian.sh | 32 --------- retiolum/scripts/tinc_setup/build_debian_clean.sh | 31 --------- retiolum/scripts/tinc_setup/build_ec2.sh | 16 ----- retiolum/scripts/tinc_setup/build_no.de.sh | 1 - retiolum/scripts/tinc_setup/install.sh | 84 ----------------------- 6 files changed, 178 deletions(-) delete mode 100755 retiolum/scripts/tinc_setup/build_arch.sh delete mode 100755 retiolum/scripts/tinc_setup/build_debian.sh delete mode 100755 retiolum/scripts/tinc_setup/build_debian_clean.sh delete mode 100755 retiolum/scripts/tinc_setup/build_ec2.sh delete mode 100644 retiolum/scripts/tinc_setup/build_no.de.sh delete mode 100755 retiolum/scripts/tinc_setup/install.sh (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/build_arch.sh b/retiolum/scripts/tinc_setup/build_arch.sh deleted file mode 100755 index 5ef5d765..00000000 --- a/retiolum/scripts/tinc_setup/build_arch.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh -set -e -sudo pacman -S openssl gcc lzo -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install -cd .. - -echo "overwriting python to python2" -sed 's/\/usr\/bin\/python/\/usr\/bin\/python2/g' install.sh >install2.sh -mv install2.sh install.sh - diff --git a/retiolum/scripts/tinc_setup/build_debian.sh b/retiolum/scripts/tinc_setup/build_debian.sh deleted file mode 100755 index 52e61390..00000000 --- a/retiolum/scripts/tinc_setup/build_debian.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -set -x -if [ ! "$MYIP" ] -then - MYIP=10.0.7.7.55 -fi -if [ ! "$MYHOSTNAME" ] -then - MYHOSTNAME="penis" -fi - -if [ "$MYHOSTNAME" = "penis" ]; -then - read -n1 -p "name is penis, are u sure? [yN]" - if [[ "$REPLY" != [yY] ]] - then - echo "then better RTFC" - echo "bailing out" - exit 0 - fi -fi -apt-get install tinc git curl python - -./install.sh "$MYHOSTNAME" "$MYIP" - -# for autostart -sed -i '/retiolum/d' /etc/tinc/nets.boot -echo "retiolum" >> /etc/tinc/nets.boot -sed -i '/EXTRA/d' /etc/tinc/nets.boot -echo "EXTRA=\"\"" >> /etc/default/tinc - -/etc/init.d/tinc start diff --git a/retiolum/scripts/tinc_setup/build_debian_clean.sh b/retiolum/scripts/tinc_setup/build_debian_clean.sh deleted file mode 100755 index a7332f4e..00000000 --- a/retiolum/scripts/tinc_setup/build_debian_clean.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash -set -xe -MYIP=10.0.7.7.55 - -apt-get install tinc git curl gcc gcc-dev build-essential libssl-dev python - -git clone https://github.com/makefu/shack-retiolum.git - -mkdir build -cd build -curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar -xz -cd lzo-2.04 -./configure --prefix=/usr -make -sudo make install -cd .. -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install -cd ../.. - -cd shack-retiolum -./install.sh `hostname` $MYIP - -rm shack-retiolum -# for autostart -echo "retiolum" >> /etc/tinc/nets.boot -echo "EXTRA=\"--user=tincd --chroot\"" >> /etc/default/tinc diff --git a/retiolum/scripts/tinc_setup/build_ec2.sh b/retiolum/scripts/tinc_setup/build_ec2.sh deleted file mode 100755 index 79f2af28..00000000 --- a/retiolum/scripts/tinc_setup/build_ec2.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -set -e -sudo yum install -y gcc openssl-devel -mkdir build -cd build -curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz -cd lzo-2.04 -./configure --prefix=/usr -make -sudo make install -cd .. -curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz -cd tinc-1.0.13 -./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var -make -sudo make install diff --git a/retiolum/scripts/tinc_setup/build_no.de.sh b/retiolum/scripts/tinc_setup/build_no.de.sh deleted file mode 100644 index 2976d3a2..00000000 --- a/retiolum/scripts/tinc_setup/build_no.de.sh +++ /dev/null @@ -1 +0,0 @@ -pkgin in lzo gcc-tools gcc-compiler gcc34 diff --git a/retiolum/scripts/tinc_setup/install.sh b/retiolum/scripts/tinc_setup/install.sh deleted file mode 100755 index 9efe863c..00000000 --- a/retiolum/scripts/tinc_setup/install.sh +++ /dev/null @@ -1,84 +0,0 @@ -#! /bin/sh -# USE WITH GREAT CAUTION -set -eu - -if test "${nosudo-false}" != true -a `id -u` != 0; then - echo "we're going sudo..." >&2 - exec sudo "$0" "$@" - exit 23 # go to hell -fi - -#make -C ../../ update -set -e -DIRNAME=`dirname $0` -CURR=`readlink -f ${DIRNAME}` -MYBIN=${CURR}/../../bin -netname=retiolum -# create configuration directory for $netname -mkdir -p /etc/tinc/$netname/hosts -cd /etc/tinc/$netname - -echo "added known hosts:" -ls -1 hosts | LC_ALL=C sort -echo "delete the nodes you do not trust!" - -hostname="${HOSTNAME-`cat /etc/hostname`}" -myname="${1:-}" -if [ ! "$myname" ] -then - printf "select node name [$hostname]: " - read myname - if test -z "$myname"; then - myname="$hostname" - fi -fi -if [ ! -e "hosts/$myname" ] -then - - # TODO eloop until we found a free IPv4 - # myipv4=$(echo 42.$(for i in `seq 1 3`; do echo "ibase=16;`bin/fillxx xx|tr [a-f] [A-F]`" | bc; done)|tr \ .)/32 - - myipv4="${2:-}" - mynet4=10.243.0.0 - - if [ ! "$myipv4" ] - then - printf 'select v4 subnet ip (1-255): ' - read v4num - until $MYBIN/check-free-retiolum-v4 10.243.0.$v4num; do - echo "your're an idiot!" - printf 'select unused v4 subnet ip (1-255): ' - read v4num - done - myipv4="10.243.0.$v4num" - fi - echo "Subnet = $myipv4" > hosts/$myname - - myipv6=`$MYBIN/fillxx 42:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx`/128 - echo "Subnet = $myipv6" >> hosts/$myname -else - echo "own host file already exists! will not write again!" -fi - -cat>tinc.conf< Date: Tue, 14 Jan 2014 03:39:18 +0100 Subject: tinc_setup: update README according to what is currently working --- retiolum/scripts/tinc_setup/README | 18 ------------------ retiolum/scripts/tinc_setup/README.md | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 18 deletions(-) delete mode 100644 retiolum/scripts/tinc_setup/README create mode 100644 retiolum/scripts/tinc_setup/README.md (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/README b/retiolum/scripts/tinc_setup/README deleted file mode 100644 index 11d6f6e9..00000000 --- a/retiolum/scripts/tinc_setup/README +++ /dev/null @@ -1,18 +0,0 @@ -This directory contains the build and install scripts for shack-retiolum - -1. build_arch - arch linux build script -2. build_debian - debian build script -3. build_debian_clean - debian script which builds a clean tinc daemon -4. build_ec2 - Amazon ec2 base instance build script -5. install.sh - configures the tinc daemon - $1 is the nickname - $2 is the ip-address - also writes a python file inside the tinc/retiolum folder which posts - the public key into the IRC:freenode/#tincspasm -6. build_no.de - nonfunct no.de smartmachine build script diff --git a/retiolum/scripts/tinc_setup/README.md b/retiolum/scripts/tinc_setup/README.md new file mode 100644 index 00000000..11d6f6e9 --- /dev/null +++ b/retiolum/scripts/tinc_setup/README.md @@ -0,0 +1,18 @@ +This directory contains the build and install scripts for shack-retiolum + +1. build_arch + arch linux build script +2. build_debian + debian build script +3. build_debian_clean + debian script which builds a clean tinc daemon +4. build_ec2 + Amazon ec2 base instance build script +5. install.sh + configures the tinc daemon + $1 is the nickname + $2 is the ip-address + also writes a python file inside the tinc/retiolum folder which posts + the public key into the IRC:freenode/#tincspasm +6. build_no.de + nonfunct no.de smartmachine build script -- cgit v1.2.3 From 9e66fd62cf9038d38e1642790c74daa7fa292589 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 22 Jan 2014 15:58:12 +0100 Subject: tinc_setup: remove legacy documentation --- retiolum/scripts/tinc_setup/README.md | 26 +++++++++----------------- 1 file changed, 9 insertions(+), 17 deletions(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/README.md b/retiolum/scripts/tinc_setup/README.md index 11d6f6e9..c4892474 100644 --- a/retiolum/scripts/tinc_setup/README.md +++ b/retiolum/scripts/tinc_setup/README.md @@ -1,18 +1,10 @@ -This directory contains the build and install scripts for shack-retiolum +# Description +new_install.sh is the script fur bootstrapping tinc. +We use irc for the initial key exchange, specifically +irc.freenode.com#krebs_incoming . -1. build_arch - arch linux build script -2. build_debian - debian build script -3. build_debian_clean - debian script which builds a clean tinc daemon -4. build_ec2 - Amazon ec2 base instance build script -5. install.sh - configures the tinc daemon - $1 is the nickname - $2 is the ip-address - also writes a python file inside the tinc/retiolum folder which posts - the public key into the IRC:freenode/#tincspasm -6. build_no.de - nonfunct no.de smartmachine build script +# Usage + + curl tinc.krebsco.de | HOSTN=bobkhan sh + # or + HOSTN=wrryyyyy ./new_install.sh -- cgit v1.2.3 From fac7133f6dcc2aeb7083ad2971c1e7836b4a2453 Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 18 Feb 2014 23:01:21 +0100 Subject: fix py2 py3 issue in supernodes script --- retiolum/scripts/adv_graphgen/tinc_stats/Supernodes.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/adv_graphgen/tinc_stats/Supernodes.py b/retiolum/scripts/adv_graphgen/tinc_stats/Supernodes.py index 7bb79708..7e1f4dae 100755 --- a/retiolum/scripts/adv_graphgen/tinc_stats/Supernodes.py +++ b/retiolum/scripts/adv_graphgen/tinc_stats/Supernodes.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 def find_potential_super(path="/etc/tinc/retiolum/hosts"): import os @@ -56,4 +56,4 @@ if __name__ == "__main__": usage """ for host,addrs in check_all_the_super(): - print(host,addrs) + print("%s %s" %(host,str(addrs))) -- cgit v1.2.3 From bcc7aefa1c6fb999992c07327e1df9456814a283 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:41:11 +0100 Subject: retiolum github hosts sync: initial commit --- retiolum/scripts/github_hosts_sync/index | 62 ++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index new file mode 100755 index 00000000..31cbc763 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/index @@ -0,0 +1,62 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=1028 +local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" -- cgit v1.2.3 From 2ce39803bf71bd49503ee8a6d81d73091883b465 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:48:03 +0100 Subject: hosts sync: add systemd files --- retiolum/scripts/github_hosts_sync/index | 2 +- .../scripts/github_hosts_sync/systemd/hosts-sync.conf | 1 + .../scripts/github_hosts_sync/systemd/hosts-sync.service | 15 +++++++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 31cbc763..7b444ea4 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -2,7 +2,7 @@ # TODO do_work should retry until success set -euf -port=1028 +port=${port-1028} local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf new file mode 100644 index 00000000..606f17b4 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf @@ -0,0 +1 @@ +port=1028 diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service new file mode 100644 index 00000000..60d4799f --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -0,0 +1,15 @@ +[Unit] +Description=retiolum github hosts sync +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +KillMode=process +User=hosts-sync +Group=hosts-sync +Restart=yes + +[Install] +WantedBy=multi-user.target + -- cgit v1.2.3 From 69afd37b41d04b25a868da7d8fd2241b2a3aaa03 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:58:09 +0100 Subject: hosts sync: fix pasto --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 60d4799f..16235a6d 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -3,7 +3,7 @@ Description=retiolum github hosts sync After=network.target [Service] -EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +EnvironmentFile=/etc/conf.d/hosts-sync.conf ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync -- cgit v1.2.3 From fabc9fa4705f4d1ae08468957a5bf4a0ecae672a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:02:51 +0100 Subject: hosts sync: fix remote painload uri --- retiolum/scripts/github_hosts_sync/index | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 7b444ea4..e4da9305 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,7 +3,7 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" main() { -- cgit v1.2.3 From 023e449de9e0f5731d9a88f7a9eacc18e1f9af96 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:03:04 +0100 Subject: hosts sync: fix service parse error --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 1 - 1 file changed, 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 16235a6d..83609740 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -8,7 +8,6 @@ ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync Group=hosts-sync -Restart=yes [Install] WantedBy=multi-user.target -- cgit v1.2.3 From 93c56cedd11be673176f1519fd17d05f67844e34 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:08:47 +0100 Subject: hosts sync: fix local repo uris --- retiolum/scripts/github_hosts_sync/index | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index e4da9305..53c96efd 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,8 +3,10 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" -local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" main() { ensure_local_painload -- cgit v1.2.3 From a265ea9d0693a25fffa2ed0eaa9622b91758f51a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:10:56 +0100 Subject: hosts sync: rename index for nicer journal --- retiolum/scripts/github_hosts_sync/hosts-sync | 64 ++++++++++++++++++++++ retiolum/scripts/github_hosts_sync/index | 64 ---------------------- .../github_hosts_sync/systemd/hosts-sync.service | 2 +- 3 files changed, 65 insertions(+), 65 deletions(-) create mode 100755 retiolum/scripts/github_hosts_sync/hosts-sync delete mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/hosts-sync b/retiolum/scripts/github_hosts_sync/hosts-sync new file mode 100755 index 00000000..53c96efd --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/hosts-sync @@ -0,0 +1,64 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=${port-1028} +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index deleted file mode 100755 index 53c96efd..00000000 --- a/retiolum/scripts/github_hosts_sync/index +++ /dev/null @@ -1,64 +0,0 @@ -#! /bin/sh -# TODO do_work should retry until success -set -euf - -port=${port-1028} -local_painload=$HOME/painload -remote_painload="https://github.com/krebscode/painload" -local_hosts=$HOME/hosts -remote_hosts="git@github.com:krebscode/hosts.git" - -main() { - ensure_local_painload - ensure_local_hosts - is_worker && do_work || become_server -} - -ensure_local_painload() { - test -d "$local_painload" || git clone "$remote_painload" "$local_painload" -} - -ensure_local_hosts() { - test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" -} - -become_server() { - exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" -} - -is_worker() { - test "${SOCAT_SOCKPORT-}" = "$port" -} - -do_work() { - # read request - req_line="$(read line && echo "$line")" - req_hdrs="$(sed -n '/^\r$/q;p')" - - set -x - - cd "$local_hosts" - git pull >&2 - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null - - cd "$local_painload" - git pull >&2 - - find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git add \{\} \; >&2 - if git status --porcelain | grep -q .; then - git commit -m bump >&2 - git push >&2 - fi - - echo "HTTP/1.1 200 OK" - echo - echo "https://github.com/krebscode/hosts/archive/master.tar.gz" - echo "https://github.com/krebscode/hosts/archive/master.zip" -} - -main "$@" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 83609740..5fb9ed41 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -4,7 +4,7 @@ After=network.target [Service] EnvironmentFile=/etc/conf.d/hosts-sync.conf -ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/hosts-sync KillMode=process User=hosts-sync Group=hosts-sync -- cgit v1.2.3 From 1cd304b57bc2ad725fa074d4537c2bdefa821085 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:23:13 +0100 Subject: hosts-sync: add #?-doc --- retiolum/scripts/github_hosts_sync/README | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 retiolum/scripts/github_hosts_sync/README (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/github_hosts_sync/README b/retiolum/scripts/github_hosts_sync/README new file mode 100644 index 00000000..12aa8dfe --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/README @@ -0,0 +1,26 @@ +#? /bin/sh + +useradd -m hosts-sync +cp systemd/hosts-sync.service /etc/systemd/system/ +cp systemd/hosts-sync.conf /etc/conf.d/ + +sudo -u hosts-sync -i ssh-keygen +add /home/hosts-sync/.ssh/id_rsa.pub as github/krebscode/hosts deploy key +sudo -u hosts-sync -i git clone git@github.com:krebscode/hosts.git ~hosts-sync/hosts # to accept the remote key (and have an initial copy) + +sudo -u hosts-sync -i git config --global user.email hosts-sync@ire.retiolum +sudo -u hosts-sync -i git config --global user.name hosts-sync +sudo -u hosts-sync -i git config --global push.default simple + +systemctl start hosts-sync +systemctl enable hosts-sync + +TODO firewall setup + +#? /bin/sh (update service) +git pull +cp retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service /etc/systemd/system/ +systemctl daemon-reload +systemctl restart hosts-sync + + -- cgit v1.2.3 From 9d0d795cba510ce356b1eac1e529e03f6bc6cb12 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 21 Apr 2014 00:27:08 +0200 Subject: tinc_install: abort on - in hostname --- retiolum/scripts/tinc_setup/new_install.sh | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/new_install.sh b/retiolum/scripts/tinc_setup/new_install.sh index b48649ec..cd2fdde1 100755 --- a/retiolum/scripts/tinc_setup/new_install.sh +++ b/retiolum/scripts/tinc_setup/new_install.sh @@ -43,6 +43,11 @@ main(){ RAND4=1 RAND6=1 + if $(echo $HOSN | grep -q -); then + echo 'invalid hostname, - not allowed' + exit 1 + fi + if [ $IP4 -eq 0 ]; then RAND4=1 -- cgit v1.2.3 From 771b8cb9526255d54c8069b49503b427058a84b0 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 22 Apr 2014 15:46:44 +0200 Subject: fixed hosts in install script --- retiolum/scripts/tinc_setup/new_install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/new_install.sh b/retiolum/scripts/tinc_setup/new_install.sh index cd2fdde1..1f45a3cc 100755 --- a/retiolum/scripts/tinc_setup/new_install.sh +++ b/retiolum/scripts/tinc_setup/new_install.sh @@ -201,9 +201,9 @@ LocalDiscovery = yes AutoConnect = 3 #ConnectTos -ConnectTo = slowpoke +ConnectTo = fastpoke ConnectTo = pigstarter -ConnectTo = pico +ConnectTo = kheurop EOF host2subnet $MASK4 -- cgit v1.2.3 From 78ae6d7387069ba10d634eed9d214f821addc8e5 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 3 May 2014 12:28:19 +0200 Subject: tinc-install: fix typo --- retiolum/scripts/tinc_setup/new_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum/scripts') diff --git a/retiolum/scripts/tinc_setup/new_install.sh b/retiolum/scripts/tinc_setup/new_install.sh index 1f45a3cc..25e7f04d 100755 --- a/retiolum/scripts/tinc_setup/new_install.sh +++ b/retiolum/scripts/tinc_setup/new_install.sh @@ -43,7 +43,7 @@ main(){ RAND4=1 RAND6=1 - if $(echo $HOSN | grep -q -); then + if $(echo $HOSTN | grep -q -); then echo 'invalid hostname, - not allowed' exit 1 fi -- cgit v1.2.3