diff options
| author | lassulus <lassulus@googlemail.com> | 2013-01-31 19:41:11 +0100 |
|---|---|---|
| committer | lassulus <lassulus@googlemail.com> | 2013-01-31 19:41:11 +0100 |
| commit | 5f8f9ea9e5f10abcef9c12d48345c098dca78199 (patch) | |
| tree | c4dd748d5c152445569d7dfd2d0877ef66a95daa /services | |
| parent | 7c050acc2559c622b831d9193e2336c15f42de6d (diff) | |
| parent | 9461f6ece9f674588327c6dc3199fc0d7618ac48 (diff) | |
Merge branch 'master' of github.com:krebscode/painload
Diffstat (limited to 'services')
| -rw-r--r-- | services/Makefile | 3 | ||||
| -rw-r--r-- | services/README.md | 25 | ||||
| -rwxr-xr-x | services/bin/services | 11 | ||||
| -rw-r--r-- | services/etc/conf.d/krebs-services-test-server | 3 | ||||
| -rw-r--r-- | services/etc/services/bootstrap | 9 | ||||
| -rw-r--r-- | services/etc/systemd/system/krebs-services-test-server.service | 14 | ||||
| -rw-r--r-- | services/services.txt | 9 | ||||
| -rwxr-xr-x[-rw-r--r--] | services/test-server.py (renamed from services/test.py) | 10 |
8 files changed, 76 insertions, 8 deletions
diff --git a/services/Makefile b/services/Makefile index 3ef670a3..37931f47 100644 --- a/services/Makefile +++ b/services/Makefile @@ -1,5 +1,6 @@ help:;@cat Makefile export authorized_keys_file := authorized_keys +export debug_log := true export services_file := services.txt export host_key_file := test.key export services_home := /opt/services @@ -32,7 +33,7 @@ test-client: ssh localhost -p 1337 2>/dev/null test-server: - python test.py + ./test-server.py $(host_key_file): ssh-keygen -t rsa -P '' -f $@ diff --git a/services/README.md b/services/README.md new file mode 100644 index 00000000..e0769bce --- /dev/null +++ b/services/README.md @@ -0,0 +1,25 @@ +# //services + +## install and run test-server.py as systemd service + +### install dependencies + + pacman -S python2-pyasn1 twisted + +### install systemd service and configuration + + cp /krebs/services/etc/systemd/system/krebs-services-test-server.service \ + /etc/systemd/system/ + cp /krebs/services/etc/conf.d/krebs-services-test-server \ + /etc/conf.d/ + +### create services user and populate it's home + + useradd -m -r -l -f -1 -d /opt/services -k /var/empty services + sudo -u services ssh-keygen -t rsa -P '' -f /opt/services/test.key + $EDITOR /opt/services/services.txt + +### run now and every reboot + + systemctl start krebs-services-test-server + systemctl enable krebs-services-test-server diff --git a/services/bin/services b/services/bin/services index c142a363..e854cbcb 100755 --- a/services/bin/services +++ b/services/bin/services @@ -8,6 +8,8 @@ user=services hostname=${1-localhost} port=1337 +options="${options+$options }-o ControlMaster=no" + if test -n "${services_identity_file-}"; then options="${options+$options }-i $services_identity_file" fi @@ -21,4 +23,11 @@ if echo $hostname | grep -q :; then hostname=`echo $hostname | cut -d: -f1` fi -ssh $options $user@$hostname -p $port +exec 3>&1 +{ + ssh $options $user@$hostname -p $port +} 2>&1 1>&3 | sed ' + /^Connection to '$hostname' closed/d + /^Shared connection to '$hostname' closed/d +' +exec 3>&- diff --git a/services/etc/conf.d/krebs-services-test-server b/services/etc/conf.d/krebs-services-test-server new file mode 100644 index 00000000..243054f4 --- /dev/null +++ b/services/etc/conf.d/krebs-services-test-server @@ -0,0 +1,3 @@ +authorized_keys_file=/krebs/services/authorized_keys +services_file=/opt/services/services.txt +host_key_file=/opt/services/test.key diff --git a/services/etc/services/bootstrap b/services/etc/services/bootstrap new file mode 100644 index 00000000..8c848146 --- /dev/null +++ b/services/etc/services/bootstrap @@ -0,0 +1,9 @@ +services://destroy +services://ire +services://darth_serious:22 +services://pigstarter:22 +services://incept:22 +services://rage:22 +services://devstar:22 +services://heidi:22 +services://geisha:22 diff --git a/services/etc/systemd/system/krebs-services-test-server.service b/services/etc/systemd/system/krebs-services-test-server.service new file mode 100644 index 00000000..99578cce --- /dev/null +++ b/services/etc/systemd/system/krebs-services-test-server.service @@ -0,0 +1,14 @@ +[Unit] +Description=services: provider +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/krebs-services-test-server +ExecStart=/krebs/services/test-server.py +KillMode=process +User=services +Group=services +Restart=no + +[Install] +WantedBy=multi-user.target diff --git a/services/services.txt b/services/services.txt index a2b97670..265e6d1c 100644 --- a/services/services.txt +++ b/services/services.txt @@ -1,2 +1,7 @@ -# this is a comment -TODO declare proper services format +owner: +type: +mail: +expires: +location: +services://{{hostname}}:22 +tinc://{{hostname}} diff --git a/services/test.py b/services/test-server.py index 06340a54..7838e0af 100644..100755 --- a/services/test.py +++ b/services/test-server.py @@ -1,8 +1,9 @@ -#! /usr/bin/env python +#! /usr/bin/env python2 from os import environ as env authorized_keys_file = env.get('authorized_keys_file', '/dev/null') +debug_log = env.get('debug_log', 'false') services_file = env.get('services_file', '/dev/null') host_key_file = env.get('host_key_file', '/dev/null') host_key_pub_file = host_key_file + '.pub' @@ -22,9 +23,10 @@ from twisted.internet.reactor import listenTCP, run from twisted.python.components import registerAdapter from zope.interface import implements -from twisted.python.log import startLogging -from sys import stderr -startLogging(stderr) +if debug_log == 'true': + from twisted.python.log import startLogging + from sys import stderr + startLogging(stderr) class MyRealm: |