diff options
| author | makefu <github@syntax-fehler.de> | 2014-02-20 18:50:45 +0100 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2014-02-20 18:50:45 +0100 |
| commit | 3843ad66568d099e2b0bb2f7158753066b69c965 (patch) | |
| tree | 299f7e38776ea8b3f8114979170e1f88fbf09fce /retiolum | |
| parent | f46851de1af7c044471523c40e0fe88579b8a997 (diff) | |
| parent | 3ed35ed3e1efa4f741c0913efc90c9c36eb32d01 (diff) | |
Merge branch 'master' of ssh://github.com/krebscode/painload
Diffstat (limited to 'retiolum')
| -rw-r--r-- | retiolum/hosts/UTART | 9 | ||||
| -rw-r--r-- | retiolum/hosts/irvis | 11 | ||||
| -rw-r--r-- | retiolum/hosts/pico | 11 | ||||
| -rw-r--r-- | retiolum/hosts/slowpoke | 14 | ||||
| -rw-r--r-- | retiolum/hosts/sokrates | 11 | ||||
| -rw-r--r-- | retiolum/scripts/github_hosts_sync/README | 26 | ||||
| -rwxr-xr-x | retiolum/scripts/github_hosts_sync/hosts-sync | 64 | ||||
| -rw-r--r-- | retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf | 1 | ||||
| -rw-r--r-- | retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 14 |
9 files changed, 127 insertions, 34 deletions
diff --git a/retiolum/hosts/UTART b/retiolum/hosts/UTART deleted file mode 100644 index 3c8628cf..00000000 --- a/retiolum/hosts/UTART +++ /dev/null @@ -1,9 +0,0 @@ -Subnet = 42.227.239.205/32 ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEA1tFgR6xxNZavtG44QEAEzKQixJqO9MuO5hUcklH87Sml+Mz+Ptz/ -r8Vhmvc1NhL0d8h1VJSrzjAyYuBR0LKSGRYxHby/M9AqBjUHUhDM83ogV/CbSifs -TlBcKuvPkGVALN6LYcPXjzKzBI7X1ictqts9K3CoCWgjRld63noczvNnwVdHNawX -ckQdjzxMAgwtJW0hWfDr1Uhq3sVEFnHLzFJuLsnc6gDzKvP/ETQ6KINv43B9UerS -HzFK3ntViohW4K/p6i4gBNxFfYnuNLqnY+O/hc0/fFdKE36eLD8ngPURo3/As6Le -KlPEMBwIIJQpS7GP4BIUK/qPE9J7McU6wQIDAQAB ------END RSA PUBLIC KEY----- diff --git a/retiolum/hosts/irvis b/retiolum/hosts/irvis new file mode 100644 index 00000000..923a0dd7 --- /dev/null +++ b/retiolum/hosts/irvis @@ -0,0 +1,11 @@ +Subnet = 10.243.159.20 +Subnet = 42:db9b:ea89:dca4:fc6e:309b:23f0:ec09 + +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAr9EwWsVkeNqkFIvMYt/QalEGhKYTpM1MxR4DCG7hhZJcXOpigSC0 +fsB61FM/LkvG32/OTt7vPXSRfPW8RnRL0lxedNbMnax3pjgzP4yl4BAvEQW7AW/A +silSYFAr+4Br9ng99kQniXg+RJ9QHLq4Rg0V1/aOZWNWmSk4PmAzQfzINpTXZC3G +dUidZRIWJPTE1lJQfEpML1OI0UfiaYIAOE7Jhx+3vpzsePLF9s6iiw66ANg8mfFC +fb8OHP4zPrnoR/NSNLGjrhyXxiq2EMUmcG38xn769cMEvElzPd0pHYuEzTeYxlk5 +0YEqAsjMYIdaxVDMczRmP+BFH/+sdUcjAwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/retiolum/hosts/pico b/retiolum/hosts/pico deleted file mode 100644 index b08b450d..00000000 --- a/retiolum/hosts/pico +++ /dev/null @@ -1,11 +0,0 @@ -Address = 78.111.78.33 -Subnet = 10.243.0.102/32 -Subnet = 42:b103:275c:1723:edc8:b24d:452b:352a/128 ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEAsbe4wzTOHHLyuPO/AsfDqQHyV41qgs3dqt6uWcDcdiEsUvbCK9Ch -MQNkTktlrMRyvz6Qm/3DKptp80R648j0nWi/c3aLDkZq8weEnR9SFYfNaUp/GN4s -+Qhb+836d8Hu2+3jZWlr5Zb/p8hyhcx3NUH/skuH6Hu+piWczlN1NGksf5f7N/bp -ZBCXnCLLUYVM/0RIS8mcAIX44Zx8YFDXpByePUdyrzn+mRln6VFDnt5uGsmNw6G/ -Azn3grpidcyrW2cs3b7rysKsxOvyGBdu2zGXp+pquZq1l3f06IN+fzCtnyLTPL1K -UUEJlQa1Gsl2pVi5+HPcAj3U2yp42WJYNwIDAQAB ------END RSA PUBLIC KEY----- diff --git a/retiolum/hosts/slowpoke b/retiolum/hosts/slowpoke deleted file mode 100644 index 27b1e57c..00000000 --- a/retiolum/hosts/slowpoke +++ /dev/null @@ -1,14 +0,0 @@ -Address = 62.113.241.235 -Subnet = 10.243.232.121 -Subnet = 42:7d8f:9e3a:dcc7:9b22:d1ca:7e28:fe9c -Subnet = 172.22.0.0/15 - ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEA9EtaOHLa0CyOGpX3rzMLqi9HqrjzVe3XdSfcb9QPYwcbxpPYNLLk -/1+4vxOI/TEh1QCu0bzPLy8tAwKF2DwnCH72yae17I0jVMW29Ng3Fdjzb3SmWJbf -C87X7c+Nx5+Yc7OIdvTi/BGPNpDEp7nJugubH1whSFfulCDbsGU3rX5IsDUiw4ha -B+5wH1coQl+Yp+M1ws5+PoHgYQ/ApYPBKEn+H7JAdnOTLbo0eI3B1PuDUrsMakMq -s4f74d2Z405xUGHhRRcerF0h5VD58TADxx7RSRd7oR06KlXM/RaqOkw9vzvA2vBq -CC+LdtIV7wWxF3uRAnk6odeFvqZTHvR4WQIDAQAB ------END RSA PUBLIC KEY----- - diff --git a/retiolum/hosts/sokrates b/retiolum/hosts/sokrates new file mode 100644 index 00000000..97cf1b47 --- /dev/null +++ b/retiolum/hosts/sokrates @@ -0,0 +1,11 @@ +Subnet = 10.243.97.126 +Subnet = 42:28be:6907:ab4b:5c79:99f5:a4a1:2a25 + +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA0emA0JAong4wHSAEUrLrkh21n8I/+pLtpS4uGTcMHn9ZrS8Tg101 +S2poRE0jZUZu868mDeOwwxZRLmCE+bL0q1OrAUDY7+ricQSAz3CNQAAQB0Sjp7ju +YXKqLZQEYyOV3M8IJOALS72q4g1VTv5jQrLhGzMsv9vzuRSZV0pEV8tZwb187wLi +n27rwB6SPZv7uhC3R060x8Ze/pLmfmVfrxb9DwZS3d8X1PwygTrTjSAUTeMaDa69 +NSOzvKLx25fhZ0Gm3BA3pUQDEOiGOze3oT/0l3QJMvZ48TbG1KlSBOVwtL3+f5yM +gJZLF/JoTsYL0aZM+zHL6NAUmciy9dNXEQIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/retiolum/scripts/github_hosts_sync/README b/retiolum/scripts/github_hosts_sync/README new file mode 100644 index 00000000..12aa8dfe --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/README @@ -0,0 +1,26 @@ +#? /bin/sh + +useradd -m hosts-sync +cp systemd/hosts-sync.service /etc/systemd/system/ +cp systemd/hosts-sync.conf /etc/conf.d/ + +sudo -u hosts-sync -i ssh-keygen +add /home/hosts-sync/.ssh/id_rsa.pub as github/krebscode/hosts deploy key +sudo -u hosts-sync -i git clone git@github.com:krebscode/hosts.git ~hosts-sync/hosts # to accept the remote key (and have an initial copy) + +sudo -u hosts-sync -i git config --global user.email hosts-sync@ire.retiolum +sudo -u hosts-sync -i git config --global user.name hosts-sync +sudo -u hosts-sync -i git config --global push.default simple + +systemctl start hosts-sync +systemctl enable hosts-sync + +TODO firewall setup + +#? /bin/sh (update service) +git pull +cp retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service /etc/systemd/system/ +systemctl daemon-reload +systemctl restart hosts-sync + + diff --git a/retiolum/scripts/github_hosts_sync/hosts-sync b/retiolum/scripts/github_hosts_sync/hosts-sync new file mode 100755 index 00000000..53c96efd --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/hosts-sync @@ -0,0 +1,64 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=${port-1028} +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf new file mode 100644 index 00000000..606f17b4 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf @@ -0,0 +1 @@ +port=1028 diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service new file mode 100644 index 00000000..5fb9ed41 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -0,0 +1,14 @@ +[Unit] +Description=retiolum github hosts sync +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/hosts-sync.conf +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/hosts-sync +KillMode=process +User=hosts-sync +Group=hosts-sync + +[Install] +WantedBy=multi-user.target + |