diff options
Diffstat (limited to 'filehooker/root-image')
-rw-r--r-- | filehooker/root-image/etc/collectd.conf | 84 | ||||
-rwxr-xr-x | filehooker/root-image/krebs/bin/add-reaktor-secret.sh | 17 | ||||
-rwxr-xr-x | filehooker/root-image/krebs/bin/reaktor-shell.sh | 4 | ||||
-rwxr-xr-x | filehooker/root-image/krebs/bin/start-ncdc.ship | 11 | ||||
-rw-r--r-- | filehooker/root-image/krebs/lib/filehooker | 5 | ||||
-rwxr-xr-x | filehooker/root-image/root/customize_root_image.sh | 16 |
6 files changed, 122 insertions, 15 deletions
diff --git a/filehooker/root-image/etc/collectd.conf b/filehooker/root-image/etc/collectd.conf new file mode 100644 index 00000000..5225a036 --- /dev/null +++ b/filehooker/root-image/etc/collectd.conf @@ -0,0 +1,84 @@ +#Hostname "filehooker<id>" +Interval 10 + +LoadPlugin syslog +<Plugin syslog> + LogLevel info +</Plugin> + +LoadPlugin md +LoadPlugin cpu +LoadPlugin df +LoadPlugin disk +#LoadPlugin ping +LoadPlugin hddtemp +LoadPlugin interface +LoadPlugin load +LoadPlugin memory +LoadPlugin network +LoadPlugin uptime +LoadPlugin users +LoadPlugin write_graphite + +<Plugin df> +# Device "/dev/sda1" +# Device "192.168.0.2:/mnt/nfs" + FSType "ext2" + FSType "ext3" + FSType "ext4" + FSType "btrfs" + FSType "ntfs" + FSType "ntfs-3g" + FSType "vfat" + + IgnoreSelected false +</Plugin> + +<Plugin disk> + Disk "/[vsh]d[abcdefg][12345678]/" + IgnoreSelected false +</Plugin> + +<Plugin hddtemp> + Host "127.0.0.1" + Port 7634 + #TranslateDevicename false +</Plugin> + +<Plugin interface> + Interface "lo" + IgnoreSelected true +</Plugin> + + +#<Plugin ping> + #Host "elchhub.krebsco.de" + #Host "elchstats.krebsco.de" + #Interval 1.0 + #Timeout 0.9 +# TTL 255 +# SourceAddress "1.2.3.4" +# Device "eth0" +# MaxMissed -1 +#</Plugin> + + +#<Plugin sensors> +# Sensor "it8712-isa-0290/temperature-temp1" +# Sensor "it8712-isa-0290/fanspeed-fan3" +# Sensor "it8712-isa-0290/voltage-in8" +# IgnoreSelected false +#</Plugin> + + +<Plugin "write_graphite"> + <Carbon> + Host "elchstats.nsupdate.info" + Port "2003" + Prefix "elch." + #Postfix "" + EscapeCharacter "_" + StoreRates false + AlwaysAppendDS false + </Carbon> +</Plugin> diff --git a/filehooker/root-image/krebs/bin/add-reaktor-secret.sh b/filehooker/root-image/krebs/bin/add-reaktor-secret.sh index 8a3a5c6b..92681449 100755 --- a/filehooker/root-image/krebs/bin/add-reaktor-secret.sh +++ b/filehooker/root-image/krebs/bin/add-reaktor-secret.sh @@ -5,13 +5,20 @@ red='\e[0;31m' nc='\e[0m' black='\e[0;30m' -printf "${green}Add a Reaktor Secret${nc}\n" +printf "${green}Add a Reaktor Secret ${nc}\n" +printf "${red}(no spaces in input plox)${nc}\n" -printf "provide Nick Name:\n" nick=${1:-} -test -z "${nick:-}" && read nick -printf "provide Secret:$black\n" +while test -z "${nick:-}" ;do + printf "provide Nick Name:\n" + read nick +done + secret=${2:-} -test -z "${secret:-}" && read secret +while test -z "${secret:-}" ;do + printf "provide Secret:$black\n" + read secret +done + echo "$nick $secret" >> /krebs/painload/Reaktor/admin.lst printf "${green}done${nc}" diff --git a/filehooker/root-image/krebs/bin/reaktor-shell.sh b/filehooker/root-image/krebs/bin/reaktor-shell.sh new file mode 100755 index 00000000..117c64f6 --- /dev/null +++ b/filehooker/root-image/krebs/bin/reaktor-shell.sh @@ -0,0 +1,4 @@ +#!/bin/sh +echo "IP Addresses:" +/krebs/painload/Reaktor/commands/ips || echo "no IPs!" +/krebs/bin/add-reaktor-secret.sh diff --git a/filehooker/root-image/krebs/bin/start-ncdc.ship b/filehooker/root-image/krebs/bin/start-ncdc.ship index 3251ef53..1d47bcfb 100755 --- a/filehooker/root-image/krebs/bin/start-ncdc.ship +++ b/filehooker/root-image/krebs/bin/start-ncdc.ship @@ -4,16 +4,19 @@ set -euf . /krebs/lib/filehooker #@include network ncdc_user="hooker" + useradd -m $ncdc_user ||: sudo -u $ncdc_user /usr/bin/tmux new-session -s dcpp -n ncdc -d ncdc 2>/dev/null || echo "ncdc is already running" - -dc_hub="adcs://elch.nsupdate.info:2781" +nick=$(cat /etc/hostname) +echo "using nick $nick" +ncdc_configure_nick "$nick" +sleep 1 +dc_hub="adcs://elchhub.nsupdate.info:2781" +echo "connecting to $dc_hub" ncdc_configure_hub "$dc_hub" "elch" -nick=$(get_hostname) -ncdc_configure_nick "$nick" share_all_partitions diff --git a/filehooker/root-image/krebs/lib/filehooker b/filehooker/root-image/krebs/lib/filehooker index c51be701..b3bef435 100644 --- a/filehooker/root-image/krebs/lib/filehooker +++ b/filehooker/root-image/krebs/lib/filehooker @@ -33,8 +33,9 @@ ncdc_configure_hub(){ rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom` hub=${1?adcs://localhost:2781} hubname="${2:-hub_$rnd}" - info "configuring DC Hub: $hub, activating autconnect" info "setting active as true" + (echo "/set active true") | ncdc_config + info "configuring DC Hub: $hub, activating autconnect" (echo "/open ${hubname} ${hub}" ; echo "/hset autoconnect true") | ncdc_config } @@ -129,7 +130,7 @@ is_mounted(){ share_all_partitions(){ count=0 # all /dev/sdX and all mapped devices - (find /dev -name '[shv]d[a-z][0-9]';find /dev/mapper ! -type d)| while read disk;do + (find /dev -name '[shv]d[a-z][0-9]';find /dev/mapper ! -type d ;find /dev -name 'md[0-9][0-9]*')| while read disk;do size=$(get_disksize $disk 2>/dev/null) if test "$size" -gt "$min_netshare_size" 2>/dev/null ; #&& ! is_mounted "$disk"; diff --git a/filehooker/root-image/root/customize_root_image.sh b/filehooker/root-image/root/customize_root_image.sh index ae1442a5..08a4e4a5 100755 --- a/filehooker/root-image/root/customize_root_image.sh +++ b/filehooker/root-image/root/customize_root_image.sh @@ -3,11 +3,12 @@ set -e -u -f -x reaktor_user=reaktor ncdc_user=hooker -rootpw=$(dd if=/dev/urandom count=1 bs=128 | base64 -w0) +rootpw=zahlen8ZaiFe sed -i 's/#\(en_US\.UTF-8\)/\1/' /etc/locale.gen locale-gen -ln -sf /usr/share/zoneinfo/UTC /etc/localtime +ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime +#timedatectl set-timezone Europe/Berlin usermod -s /usr/bin/zsh root cp -aT /etc/skel/ /root/ @@ -45,21 +46,25 @@ test ! -e /krebs/painload/Reaktor && \ tar xz -C "/krebs" && \ mv /krebs/painload-master /krebs/painload -useradd -m $reaktor_user -s /krebs/bin/add-reaktor-secret.sh || : +useradd -m $reaktor_user -s /krebs/bin/reaktor-shell.sh || : ## needed to see the hidden service hostname echo "$reaktor_user ALL=(tor) NOPASSWD: /krebs/bin/tor-get-hidden-service.sh" >> /etc/sudoers.d/reaktor echo "$reaktor_user ALL=(root) NOPASSWD: /krebs/bin/refresh-shares.ship" >> /etc/sudoers.d/reaktor echo "$reaktor_user ALL=($ncdc_user) NOPASSWD: ALL" >> /etc/sudoers.d/reaktor +echo "$reaktor_user ALL=(root) NOPASSWD: /usr/bin/reboot" >> /etc/sudoers.d/reaktor echo cp /krebs/painload/Reaktor/etc/systemd/system/Reaktor@.service \ /etc/systemd/system # add bonus features for filehooker cp -a /krebs/etc/Reaktor /krebs/painload +# emergency root passwd (printf "%s\n%s\n" "$rootpw" "$rootpw" ) | passwd +#sed -i \ +# 's#^root.*#root:$6$OrW0nWn4$w0DYuPz96VYLIEBgRtjjn01Y4lHu/FbbXuZeCqHo81YsYe/IMGxPmLLpPw10JlmA3amemet4VfV6/FSlOxpeK0:16161:15593::::::#' \ +# /etc/shadow cd /krebs/painload/Reaktor/ touch auth.lst admin.lst chown reaktor:reaktor auth.lst admin.lst - for i in multi-user.target \ pacman-init.service \ choose-mirror.service \ @@ -68,7 +73,10 @@ for i in multi-user.target \ filehooker-hostname.service \ start-ncdc@${ncdc_user}.service \ sshd.service \ + collectd.service \ + hddtemp.service \ vsftpd.service \ + ntpdate.service \ tor.service ;do systemctl enable "$i" done |