summaryrefslogtreecommitdiffstats
path: root/ship
diff options
context:
space:
mode:
Diffstat (limited to 'ship')
-rw-r--r--ship/.gitignore1
-rw-r--r--ship/Makefile56
-rw-r--r--ship/README.markdown54
-rw-r--r--ship/TODO2
-rwxr-xr-xship/build210
-rw-r--r--ship/lib/_punani_db57
-rw-r--r--ship/lib/color7
-rw-r--r--ship/lib/core80
-rw-r--r--ship/lib/filehooker117
-rw-r--r--ship/lib/iso7
-rw-r--r--ship/lib/krebs16
-rw-r--r--ship/lib/network110
-rw-r--r--ship/lib/punani99
-rw-r--r--ship/lib/retiolum109
-rw-r--r--ship/lib/tahoe34
-rw-r--r--ship/lib/tor20
-rw-r--r--ship/lib/vim40
-rwxr-xr-xship/src/arch_autoinstall164
-rwxr-xr-xship/src/bootstrap_env_makefu171
-rw-r--r--ship/src/deploy-ssh-keys15
-rw-r--r--ship/src/filehooker_configure_ncdc15
-rw-r--r--ship/src/filehooker_configure_netshare7
-rwxr-xr-xship/src/filehooker_install143
-rw-r--r--ship/src/find-supers-tinc6
-rwxr-xr-xship/src/fix_dircolors13
-rw-r--r--ship/src/get_repo22
-rw-r--r--ship/src/install_tor_announce5
-rwxr-xr-xship/src/punani4
-rw-r--r--ship/src/refresh-super-keys5
-rw-r--r--ship/src/refresh-supers35
-rwxr-xr-xship/src/remaster_arch_shack_installstick104
-rwxr-xr-xship/src/retiolum292
-rw-r--r--ship/src/tahoe_install15
-rwxr-xr-xship/src/tor_publish_ssh14
-rw-r--r--ship/src/vim_sane_defaults11
-rwxr-xr-xship/t/docker/docker_remote_punani.sh5
-rw-r--r--ship/t/docker/punani/remote_punani11
-rw-r--r--ship/tmp/.placeholder0
38 files changed, 2076 insertions, 0 deletions
diff --git a/ship/.gitignore b/ship/.gitignore
new file mode 100644
index 00000000..89f9ac04
--- /dev/null
+++ b/ship/.gitignore
@@ -0,0 +1 @@
+out/
diff --git a/ship/Makefile b/ship/Makefile
new file mode 100644
index 00000000..4805613d
--- /dev/null
+++ b/ship/Makefile
@@ -0,0 +1,56 @@
+exesrcdir := src
+libsrcdir := lib
+tmpoutdir := tmp
+finoutdir := ../bin
+
+exesrcs := $(notdir $(wildcard $(exesrcdir)/*))
+exetmpouts := $(addprefix $(tmpoutdir)/,$(exesrcs))
+exefinouts := $(addprefix $(finoutdir)/,$(exesrcs))
+
+build := BUILD_PATH=$(libsrcdir) ./build
+
+.PHONY: all install clean distclean
+
+all: $(exetmpouts)
+
+install: $(exefinouts)
+
+clean:
+ rm -f $(exetmpouts)
+
+distclean: clean
+ rm -f $(exefinouts)
+
+define buildrule
+$(tmpoutdir)/$(1): $(exesrcdir)/$(1) $(shell $(build) deps $(exesrcdir)/$(1))
+ $(build) compile $$< $$@
+endef
+
+$(foreach exe, $(exesrcs), $(eval $(call buildrule,$(exe))))
+
+$(finoutdir)/%: $(tmpoutdir)/%
+ cp $< $@
+
+test:
+ @export PATH="$(CURDIR)/bin:$(PATH)"; \
+ tests="`find t -type f -executable`"; \
+ i=1; \
+ pids="";\
+ n=`echo "$$tests" | wc -l`; \
+ echo $$i..$$n; \
+ for exe in $$tests; do \
+ { \
+ ./$$exe; \
+ ret=$$?; \
+ case $$ret in 0) result=ok;; *) result='not ok';; esac; \
+ echo $$result $$i - $$exe; \
+ exit $$ret;\
+ } & \
+ pids="$${pids} $$!" \
+ i=$$(( i+1 )); \
+ done; \
+ ret=0;\
+ for pid in $$pids; do \
+ wait $$pid || ret=23;\
+ done; \
+ exit $$ret;
diff --git a/ship/README.markdown b/ship/README.markdown
new file mode 100644
index 00000000..a84f542c
--- /dev/null
+++ b/ship/README.markdown
@@ -0,0 +1,54 @@
+# ship - shellscript installation processor
+
+ This utility is used to build modular shell scripts using recursive macro
+ expansion.
+
+## Quickstart Guide
+
+ BUILD_PATH=libs ./build compile INPUTFILE OUTPUTFILE
+
+ If this doesn't make science to you, then prepend `debug=true` to get all
+ the intermediate files printed to stdout.
+
+## Make Interface
+
+ Put libraries into `lib`.
+ Put executables into `src`.
+
+ Build all executables from `src` into `tmp` with
+
+ make [all]
+
+ Build all executables from `src` into `tmp` and `//bin` with
+
+ make install
+
+ Undo `make [all]` with
+
+ make clean
+
+ Undo `make install` with
+
+ make distclean
+
+## Macro Development
+
+ To define a new macro, you have to add a function like
+
+ ## usage: BRE -> FUNCTION_NAME \1 [\2 ...]
+
+ where `BRE` is a basic regular expression, that has to match a whole
+ line. `FUNCTION_NAME` should be the name of a function that outputs
+ a `sed` script. `\1` refers to the line number, where the macro is
+ used and `\2 ...` are the backreferences into `BRE`. E.g.
+
+ ## usage: #@date \([.*]\) -> build_datemacro \1 \2
+ build_datemacro() {
+ printf '%da\\\n%s\n' "$1" "$(date +"$2")"
+ }
+
+ Like in this example, the line number `\1`, which gets mapped to `$1`,
+ is usually used to only change the line, where the macro got called.
+ The second argument gets passed as format specifier to `date`.
+
+ Further examples can be found in `./build`.
diff --git a/ship/TODO b/ship/TODO
new file mode 100644
index 00000000..7c2fe73f
--- /dev/null
+++ b/ship/TODO
@@ -0,0 +1,2 @@
+- refresh-supers: somehow test if a real tinc connection is possible to new
+ given supernodes
diff --git a/ship/build b/ship/build
new file mode 100755
index 00000000..0e8e1013
--- /dev/null
+++ b/ship/build
@@ -0,0 +1,210 @@
+#! /bin/sh
+set -euf
+
+## SYNOPSIS
+# [debug=true] build compile SRCFILE DSTFILE
+# [debug=true] build deps SRCFILE...
+build() {
+
+ ## Load macro definitions.
+ defmacro_pattern='## usage: \(.*\) -> \([^ ]\+\) \(.*\)'
+ script='s/^'"$defmacro_pattern"'$/\2_macro='"'"'\1'"'"'/p' \
+ setf defmacros '$(sed -n "$script" "$%s")' 0
+ eval "$defmacros"
+
+ ## Dispatch.
+ case "$1" in
+ compile) build_compile "$2" "$3";;
+ deps) shift; build_deps "$@";;
+ *) echo "build: $1: bad command" >&2; return 23;;
+ esac
+}
+
+###
+### macros
+###
+
+## usage: #@include \([0-9A-Za-z_]\+\) -> build_include \1 \2
+build_include() {
+ if buildcache_has "#@include:$2"; then
+ printf '%da\\\n##include %s: already done\n' $1 $2
+ else
+ buildcache_add "#@include:$2"
+ cat<<EOF
+$1a\\
+# begin $2
+$1r$(build_resolve $2)
+$1a\\
+# end $2
+EOF
+ fi
+}
+
+## usage: #@strict -> build_strict_mode \1
+build_strict_mode() { cat<<EOF
+$1a\\
+set -euf\\
+(set -o posix 2>/dev/null) && set -o posix || :
+EOF
+}
+
+## usage: #@info -> build_info \1
+build_info() {
+ gitinfo=$(git describe --always --dirty --abbrev=0 2>/dev/null || :)
+cat<<EOF
+$1a\\
+# this file was generated by //ship/build\\
+# build date: $(date -u --rfc-3339=s)\\
+# git describe: ${gitinfo:-not under version control}
+EOF
+}
+
+## usage: #@mainifyme\( \([A-Za-z_][A-Za-z0-9_]*\)\)\? -> build_mainifyme \1 \3
+build_mainifyme() {
+ mainifyme_name="${2:-main}"
+ cat<<EOF
+ $1a\\
+$mainifyme_name(){
+ \$a\\
+}\\
+$mainifyme_name "\$@"
+EOF
+}
+
+###
+### main subroutines
+###
+
+## usage: build_compile SRCFILE DSTFILE
+build_compile() {
+
+ script='s/^'"$defmacro_pattern"'$/\2_macro/p' \
+ setf macro_names '$(sed -n "$script" "$%s")' 0
+
+ setf unexpanded_macros_pattern \
+ '$(make_unexpanded_macros_pattern $%s)' macro_names
+
+ script='
+ s/^'"$defmacro_pattern"'$/s:^ *\\([0-9]\\+\\) \1$:\2 \3:/p
+ $a\
+t;s:^ *\\([0-9]\\+\\) .*:echo \\1p:
+ ' \
+ setf input_parser '$(sed -n "$script" "$%s")' 0
+
+ SRCFILE="$1" setf src '$(cat "$%s")' SRCFILE
+
+ buildcache_initialize "$2"
+
+ while echo "$src" | grep -q "$unexpanded_macros_pattern"; do
+ setf sedgen '$(echo "$%s" | nl -b a -s \ | sed "$%s")' src input_parser
+ setf sedscript '$(eval "$%s")' sedgen
+ setf src '$(echo "$%s" | sed -n "$%s")' src sedscript
+ done
+
+ buildcache_finalize
+
+ echo "$src" > "$2"
+ chmod +x "$2"
+}
+
+## usage: build_deps SRCFILE...
+# Print all the dependencies of SRCFILE... to stdout. (alphabetic order)
+build_deps() {
+ while test $# -gt 0; do
+ deps="$(
+ for f; do
+ for d in $(sed -n 's:^'"$build_include_macro"'$:\1:p' "$f"); do
+ build_resolve $d
+ done
+ done
+ )"
+ set -- $deps
+ if test $# -gt 0; then
+ echo "$deps"
+ fi
+ done | sort | uniq
+}
+
+###
+### misc utilities
+###
+
+## usage: build_resolve LIBNAME
+build_resolve() {
+ echo "$BUILD_PATH" | tr : \\n |
+ xargs -I: printf '%s/%s\n' : "$1" |
+ xargs -I: ls -d : 2>/dev/null |
+ head -n 1 |
+ grep . ||
+ {
+ echo "build resolve: $1: library not found" >&2
+ return 23
+ }
+}
+
+## usage: make_unexpanded_macros_pattern BUILD_DIRECTIVES...
+make_unexpanded_macros_pattern() {
+ echo "^\\($(
+ for macro; do
+ eval echo \"\$$macro\"
+ done |
+ tr \\n \| |
+ sed 's/|/\\|/'
+ )\\)$"
+}
+
+## usage: setf NAME FMT [ARG...]
+setf() {
+ value_script="$(shift; printf "$@")"
+
+ eval "$1=$value_script"
+
+ if is_debug_mode; then
+ eval 'echo "$1=\"$value_script\""'
+ eval 'echo "'"\$$1"'"' | nl -b a
+ fi >&2
+}
+
+## usage: is_debug_mode
+is_debug_mode() {
+ test "${debug-false}" = true
+}
+
+###
+### buildcache utilities
+###
+
+## usage: buildcache_initialize DESTFILE
+buildcache_initialize() {
+ buildcache="$1.buildcache"
+ cat /dev/null > "$buildcache"
+}
+
+## usage: buildcache_finalize
+buildcache_finalize() {
+ if is_debug_mode; then
+ rm "$buildcache"
+ fi
+}
+
+## usage: buildcache_has BRE
+# Check if buildcache contains a line matching BRE.
+buildcache_has() {
+ grep -q "^$1\$" "$buildcache"
+}
+
+## usage: buildcache_add LINE
+# Add LINE to buildcache.
+buildcache_add() {
+ echo "$1" >> "$buildcache"
+}
+
+
+
+###
+### main invocation
+###
+
+if echo "$0" | grep -q '^\(.*/\)\?build$'; then
+ build "$@"
+fi
diff --git a/ship/lib/_punani_db b/ship/lib/_punani_db
new file mode 100644
index 00000000..6f89029f
--- /dev/null
+++ b/ship/lib/_punani_db
@@ -0,0 +1,57 @@
+_punanidb_pacman_=
+_punanidb_yum_=
+_punanidb_aptget_=
+
+_punanidb_pacman_git=git
+_punanidb_yum_git=git
+_punanidb_aptget_git=git-core
+
+_punanidb_pacman_python2=python2
+_punanidb_yum_python2=python
+_punanidb_aptget_python2=python
+
+_punanidb_pacman_python3=python
+_punanidb_aptget_python3=python3
+
+_punanidb_pacman_pip2=python2-pip
+_punanidb_aptget_pip2=python-pip
+
+_punanidb_pacman_virtualenv=python-virtualenv
+_punanidb_aptget_virtualenv=python-virtualenv
+
+_punanidb_pacman_gpp=gcc
+_punanidb_aptget_gpp=gcc
+
+_punanidb_pacman_python2_dev=python2
+_punanidb_aptget_python2_dev=python-dev
+
+_punanidb_pacman_hostname=inetutils
+_punanidb_aptget_hostname=hostname
+
+_punanidb_pacman_hostname=inetutils
+_punanidb_aptget_hostname=hostname
+
+_punanidb_pacman_make=make
+_punanidb_yum_make=make
+_punanidb_aptget_make=make
+
+_punanidb_pacman_tinc=tinc
+_punanidb_yum_tinc=tinc
+_punanidb_aptget_tinc=tinc
+
+_punanidb_pacman_zsh=zsh
+_punanidb_yum_zsh=zsh
+_punanidb_aptget_zsh=zsh
+
+_punanidb_pacman_tor=tor
+_punanidb_yum_tor=tor
+_punanidb_aptget_tor=tor
+
+_punanidb_pacman_nano=nano
+_punanidb_yum_nano=nano
+_punanidb_aptget_nano=nano
+
+_punanidb_pacman_vim=vim
+_punanidb_yum_vim=vim-enhanced
+_punanidb_aptget_vim=vim
+
diff --git a/ship/lib/color b/ship/lib/color
new file mode 100644
index 00000000..cec2044e
--- /dev/null
+++ b/ship/lib/color
@@ -0,0 +1,7 @@
+# superseed logging with color
+green='\e[0;32m'
+red='\e[0;31m'
+nc='\e[0m'
+msg() { printf "$*\n" >&2; }
+info() { msg "$green$*$nc"; }
+error() { msg "$green$*$nc"; }
diff --git a/ship/lib/core b/ship/lib/core
new file mode 100644
index 00000000..0c321525
--- /dev/null
+++ b/ship/lib/core
@@ -0,0 +1,80 @@
+# logging
+msg() { echo "$*" >&2; }
+info() { msg "** $*"; }
+error() { msg "!! $*"; }
+## usage: die [REASON...]
+die() {
+ test $# -gt 0 && error "$*"
+ error 'Bailing out.'
+ exit 1
+}
+exists(){
+ type "$1" >/dev/null 2>/dev/null;
+}
+
+is_root(){
+ test $(id -u) -eq 0
+}
+
+defer(){
+ #close enough
+ trapstr="$1;${trapstr:-exit}"
+ trap "$trapstr" INT TERM EXIT KILL
+}
+
+esudo(){
+ # weaksauce esudo (expect sudo)
+ if ! is_root; then
+ # for the record:
+ # exec sudo -E "$0" "$@"
+ error "You are not root enough for this script"
+ exit 23 # go to hell
+ fi
+}
+
+get_hostname(){
+ # finds the current hostname
+ # if ENV HOSTN is set echo $HOSTN
+ # We try the following:
+ # $HOSTN
+ # $HOSTNAME
+ # hostname
+ # uci system.hostname
+ # /etc/hostname
+ # if everything fails, it returns 1 and prints 'unknown'
+
+ if [ -n "${HOSTN:-}" ] ; then printf "${HOSTN:-}"
+ elif [ -n "${HOSTNAME:-}" ] ;then printf "$HOSTNAME"
+ elif exists hostname ; then printf "$(hostname)"
+ elif exists uci ; then printf "$(uci get system.@system[0].hostname)"
+ elif [ -e /etc/hostname ] ;then printf "$(cat /etc/hostname)"
+ else printf "unknown"; return 1
+ fi
+ return 0
+}
+
+line_to_dot(){
+ while read line; do printf .; done;
+}
+
+get_os(){
+ # TODO: find all the release files
+ #if grep -q 'Linux' /etc/*release 2>/dev/null || grep -qe 'Linux' /etc/issue 2>/dev/null; then
+ if grep -q 'Linux' /etc/lsb-release 2>/dev/null || grep -q 'Linux' /etc/issue 2>/dev/null; then
+ echo 'linux'
+ elif test -e /etc/preferred-apps/google.xml; then
+ echo 'android'
+ elif test -e /etc/openwrt_release; then
+ echo 'openwrt'
+ elif uname -s | grep -qi 'darwin'; then
+ echo 'osx'
+ else
+ warn "Cannot determine your operating system, falling back to Linux"
+ echo 'linux'
+ fi
+}
+
+# user management
+has_user(){
+ egrep "^$1:" /etc/passwd >/dev/null
+}
diff --git a/ship/lib/filehooker b/ship/lib/filehooker
new file mode 100644
index 00000000..72be751a
--- /dev/null
+++ b/ship/lib/filehooker
@@ -0,0 +1,117 @@
+#@include core
+#@include network
+ncdc_user=${ncdc_user:-hooker}
+ncdc_bin=${ncdc_bin:-/usr/bin/ncdc}
+
+ncdc_config(){
+ # maybe we want to use the running ncdc process and communicate via tmux send-keys ?
+ (sleep 1;cat;printf "/quit\n") | sudo -u $ncdc_user "$ncdc_bin"
+}
+
+ncdc_configure_netshare(){
+ : "${1?provide path to share}"
+ rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom`
+ rnd_name="${2:-share_$rnd}"
+ info "adding share"
+ (echo "/share $rnd_name $1") | ncdc_config
+}
+
+ncdc_configure_nick(){
+ nick=${1?nick must be provided}
+ info "configuring DC Nick: $nick"
+ echo "/nick $nick" | ncdc_config
+}
+ncdc_configure_hub(){
+ rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom`
+ hubname="hub_$rnd"
+ hub=${1?adcs://localhost:2781}
+ info "configuring DC Hub: $hub, activating autconnect"
+ info "setting active as true"
+ (echo "/open ${hubname} ${hub}" ;
+ echo "/hset autoconnect true") | ncdc_config
+}
+
+ncdc_download(){
+install_dir="$(dirname "${ncdc_bin}")"
+info "installing ncdc to $install_dir"
+curl http://dev.yorhel.nl/download/ncdc-linux-x86_64-1.19.tar.gz | tar xz -C "$install_dir"
+}
+ncdc_install(){
+useradd -m $ncdc_user ||:
+}
+
+ncdc_autostart(){
+# only systemd
+# punani install tmux
+cat > /etc/systemd/system/ncdc@.service <<EOF
+[Unit]
+Description=ncdc
+Requires=network.target local-fs.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+KillMode=none
+User=%I
+ExecStart=/usr/bin/tmux new-session -s dcpp -n ncdc -d ncdc
+ExecStop=/usr/bin/tmux send-keys -t dcpp:ncdc "/quit" C-m
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl enable ncdc@$ncdc_user
+}
+
+# 20gig in bytes
+min_netshare_size=${min_netshare_size:-20000000000}
+get_disksize(){
+fdisk -l ${1?provide disk} | grep '^Disk ' | cut -d\ -f 5
+}
+
+prepare_netshares(){
+ count=0
+ fdisk -l | grep '^Disk ' | egrep '(/dev/sd|/dev/hd)' | cut -d\ -f 2 | tr -d : | while read disk;do
+ size=$(get_disksize $disk)
+ if test "$size" -gt "$min_netshare_size";
+ then
+ info "using $disk with $size bytes"
+ dd if=/dev/zero of=$disk bs=1M count=1 >/dev/null
+ sleep 1
+ (printf "o\nn\np\n\n\n\nw\n\n") |fdisk $disk >/dev/null ||:
+ #partprobe $disk
+ mkfs.btrfs -f ${disk}1 >/dev/null
+ uuid="$(blkid ${disk}1 -o value | head -n 1)"
+ mountpoint="/media/vag${count}"
+ mkdir -p "$mountpoint"
+ echo "UUID=$uuid $mountpoint btrfs rw,relatime,space_cache 0 0" >> /etc/fstab
+ echo "$mountpoint"
+ : $((count++))
+ else
+ info "skipping $disk"
+ fi
+ done
+}
+install_tor_announce(){
+# systemd only
+info "writing tor_announce.service"
+cat > /etc/systemd/system/tor_announce.service<<EOF
+[Unit]
+Description=Announce Tor Hidden Address
+After=network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/tor_announce
+
+[Install]
+WantedBy=multi-user.target
+EOF
+info "writing tor_announce to /usr/bin/tor_announce"
+printf '#!/bin/sh\nsleep 20\n' > /usr/bin/tor_announce
+http_get conf.krebsco.de/tor_publish_ssh >> /usr/bin/tor_announce
+chmod +x /usr/bin/tor_announce
+info "enable tor_announce"
+systemctl enable tor_announce
+#systemctl start tor_announce
+}
diff --git a/ship/lib/iso b/ship/lib/iso
new file mode 100644
index 00000000..0776d796
--- /dev/null
+++ b/ship/lib/iso
@@ -0,0 +1,7 @@
+get_volid(){
+ #returns the volume id of the iso given
+ # is needed for remastering the archlinux iso
+
+ #punani install genisoimage
+ isoinfo -d -i "${1?path to iso must be given}" | grep "^Volume id:" | cut -d: -f 2 |xargs
+}
diff --git a/ship/lib/krebs b/ship/lib/krebs
new file mode 100644
index 00000000..e47031d6
--- /dev/null
+++ b/ship/lib/krebs
@@ -0,0 +1,16 @@
+#@include core
+krebs_pubkeys="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7YrLdnXDRU2XEdZDu1BmgiT0Vaxplf3bfvSm+5o3g4AcR2yCv7h2D633c9uA0gq52EJ3V5m8B1ZcxqA0zqDptKwx+ZTMUGDls7StH5xpJyk9j5gf8DzyDLQPQG2IYszCH+8esKjo3BOFxfey8NaX+k6gvQsG3lyV0PjLvvIy4gDuMn6dPZfVAlwNYFOUNgwpku3W3A0d+UFyVjt3/sgZxM+8C3y6QE1gwT5/NfBbHM5vaEqjHcVq1ui+7a4iOXFGKkZDcd7EX6cQZSbCzZL7sZ0OmB1WpAsDCvIXfzX1YfNA0sso7ldSF6ZUGNgwEk1LootnQlCK/dfbM+i62SZ+1 tv@iiso
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCv9TTt4FkzT3jlQ0VS2tX/GpQO9Ef0wIQ+g96foe4qSniBwR667T1gIhURrod/p7N9oQcWRrNohjgmSBZRYA0kW6ZyqYJkLvRv54nXv6j/8Xq2nG/KVfDqL0kp8if+JGeFlQElpWJiAbGifYkopFy69QiLYU2ndR7aPbx+5qm/dcwPJ7K+n6dyePynCZadtcabm3PuBFUxGLdT9ImDXMOPfXxPMlN/3eb78byuEuHnhCIvIGLMBGx+8QTXvu7kHpZObvkbsF1xjVs9fDpwVLjh7GWdwf3BZ/agFlI24ffyqCPFnuaxUVyfUZeqf4twRsIZkTTB47lHDhYiVkyGe8gd root@pigstarter.de
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7df1RfMGNHPJe0iF6rD9DBs/4VujN6nNr7RbRCFk7HF/JzLXSn9Vcwk+3JefP4/d/bUo0h03rhQaRohDhBScrJidj2YacF6gmZOuTf3AMWprdz9D/1dDkN/ytwzGhADhqbHEWeomIllsa8Up4PvEeDcIHJGzYvuc0BbGqRk0XgxwqIrLAhdpTfEKaTbt7IzmUqEofxThTZ/4k020PKn2WDBWKQYGZJ9Ba2WzlKUXWx842ncW29oxC2faRz4M3eMPy0JMpBLkK9U3dccE75dgT/89/4ofVjM7+J3FOP3dgXzrtk+A5aN5a/veJUViQ9xdGxXvoa++iCr5q/BVRv0Bb sammy@muhbaasu.de
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOIRWLC4ESCDxjyoJUqaUNC8ZDiE4UICZk3cbDptdtendTQvjSXz0RW6MWhJ+F6wWZntL1EibKn8djax1tzgcvNASCUEtGey/850IzBIrETs+WQDRjV2QqBKWxVaQPIFjw2V3vFSKKNxq01qznVBY510DIf4+0WR8b1ZPD/XbuyQLGYM3N7dP4JQSnnNAgtyutBKdomWfT18hW1lLjkP8h1IOiC03HxXTYX+nMUiLDff3D5GT5u3Ke2+VigXjz4Ue8rVsOg/zgqrwEAfx8o1q83uSB23oqUqWkqlxOC/4QY5kpdNqW/Iz89zHibp5ZceHd2ZSoGefv7UZM0lRIDHjJ retiolum@ire
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3+2vSwiJoIpHpnkw4SslPrlR6/z43nZ7s1tGXkkNnVDB2uzxMaISNRjSk0GgXpDx4hLEi6074hSvv5JWbUuMyKr9n6GVVeYNCjsiPcRkL3d7zDwFwqyndhVeWgmpuylYx4XKIbTvpBVyG3CRT1+D4apVUgiDa9lVfjBk7/ESxBzt0dXtlJEzQBBoCo0C8jeeIpvZKbq1zeM9wvLsgFaT7fsSxrg5BEb/tQl6pbkykWFXbzzd91liEQaSqai7Ux2355ZXGANQBCTglKhdTcir0RuHNtQGrZHBxL9qVfJjJJNZg1b6UAhDanqE/HyOI3sp6LGBvpW5afLKOdj9ppQQN retiolum@nomic
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== death@uriel"
+
+authorized_keys_file="${authorized_keys:-$HOME/.ssh/authorized_keys}"
+deploy_krebs_pubkeys(){
+info "deploying pubkeys in $authorized_keys_file"
+mkdir -p "$(dirname "$authorized_keys_file")"
+printf "$krebs_pubkeys\n" >> "$authorized_keys_file"
+
+}
diff --git a/ship/lib/network b/ship/lib/network
new file mode 100644
index 00000000..6c8970a0
--- /dev/null
+++ b/ship/lib/network
@@ -0,0 +1,110 @@
+#@include core
+
+# TODO refactor this
+which_get_loader(){
+ if ! exists curl ; then
+ if ! exists wget ; then
+ warn "Please install curl or wget"
+ return 1
+ else
+ echo "wget -q -O-"
+ fi
+ else
+ echo "curl -L -s"
+ fi
+ return 0
+}
+
+which_head_loader(){
+ if ! exists curl ; then
+ if ! exists wget ; then
+ warn "Please install curl or wget"
+ return 1
+ else
+ echo "wget -O- --spider -S -q"
+ fi
+ else
+ echo "curl -L -I -s"
+ fi
+ return 0
+}
+
+http_get(){
+ eval "$(which_get_loader)" "${1?please provide url}"
+}
+http_head(){
+ eval "$(which_head_loader)" "${1?please provide url}" 2>&1
+}
+
+internet(){
+ secret=$(http_get http://krebsco.de/secret 2>/dev/null)
+ if [ "$secret" = "1337" ]; then
+ return 0
+ else
+ echo "cannot load secret or secret incorrect" >&2
+ return 1
+ fi
+}
+
+which_telnet(){
+ # find Telnet or similar and executes it at the end
+ # requires exist
+ # if env TELNET is set, will be trying to run this
+ # Tries the following things:
+ # telnet
+ # nc
+ # netcat
+ # busybox telnet
+ if [ -e "${TELNET:-does_not_exist}" ]; then
+ info "Will be using $TELNET as Telnet Client"
+ echo $TELNET
+ elif exists telnet ;then
+ command -v telnet
+ elif exists nc ;then
+ command -v nc
+ elif exists netcat;then
+ command -v netcat
+ elif exists busybox;then
+ echo `command -v busybox` telnet
+ else
+ die 'Cannot find telnet binary, please install either telnet-client or busybox or netcat or provided TELNET environment.'
+ fi
+}
+
+run_telnet(){
+ host="$1"
+ port="$2"
+ $(which_telnet) "$host" "$port"
+}
+port_open(){
+ # $1 - host
+ # $2 - port
+ # nc -zw 2 $1 $2
+ echo | run_telnet "$1" "$2" & pid=$!
+ { sleep 5; kill $pid;} & wid=$!
+ wait $pid
+ RET=$?
+ kill $wid >/dev/null 2>&1
+ return $RET
+}
+
+send_irc(){
+ ## reads from stdin, writes to IRC
+ ##
+ ## requires func: exists() anytelnet()
+ if [ -z "${HOSTN:-}" ]; then
+ HOSTN="$(get_hostname)"
+ info "no HOSTN given, using $HOSTN instead"
+ fi
+ IRCCHANNEL=${IRCCHANNEL:-"#krebs_incoming"}
+ IRCSERVER=${IRCSERVER:-"irc.freenode.net"}
+ IRCPORT=${IRCPORT:-6667}
+ NICK="${HOSTN}_$(head /dev/urandom | tr -dc "0123456789" | head -c3)"
+ info "starting irc connect as $NICK"
+ ( echo "NICK $NICK";
+ echo "USER $NICK $IRCSERVER bla : $NICK";
+ echo "JOIN $IRCCHANNEL";
+ sleep 23;
+ while read line; do echo "PRIVMSG $IRCCHANNEL :$line";sleep 1;done
+ sleep 5; ) | run_telnet $IRCSERVER $IRCPORT 2>/dev/null
+}
diff --git a/ship/lib/punani b/ship/lib/punani
new file mode 100644
index 00000000..4338d19d
--- /dev/null
+++ b/ship/lib/punani
@@ -0,0 +1,99 @@
+#@include core
+#@include _punani_db
+
+## usage: punani_has PACKAGE
+punani_has() {
+ eval "_punani_${PACKER}_has \"\$1\""
+}
+
+## usage: punani_owner PACKAGE
+punani_owner() {
+ eval "_punani_${PACKER}_owner \"\$1\""
+}
+
+## usage: punani_install PACKAGE
+punani_install() {
+ eval "_punani_${PACKER}_install \"\$1\""
+}
+
+## usage: punani_remove PACKAGE
+punani_remove() {
+ eval "_punani_${PACKER}_remove \"\$1\""
+}
+
+## usage: _punani_resolve_package PKGNAME
+_punani_resolve_package(){
+ eval "set -u; echo \"\${_punanidb_${PACKER}_$1}\"" 2>/dev/null
+}
+
+## usage: _punani_select_packer
+_punani_select_packer() {
+ for p in ${_punani_known_packers:-null}; do
+ exists $p && info "using $p" && PACKER=`echo $p | tr -d -` && break
+ done
+}
+_punani_known_packers='pacman apt-get yum brew'
+_punani_pacman_install(){ pacman --noconfirm -S --needed "$@" ;}
+_punani_pacman_remove(){ pacman --noconfirm -Rcs "$@" ;}
+_punani_pacman_has(){ pacman -Q "$1" >/dev/null;}
+_punani_pacman_owner() { pacman -Qo "$1"; }
+_punani_aptget_install(){ apt-get -y install "$@" ;}
+_punani_aptget_remove(){ apt-get -y remove "$@" ;}
+_punani_aptget_has() { dpkg -s "$1" | grep -q "Status: install";}
+_punani_aptget_owner() { dpkg-query -S "$1" | cut -d: -f1;}
+_punani_yum_install(){ yum -y install "$@" ;}
+_punani_yum_remove(){ yum -y remove "$@" ;}
+_punani_yum_has() { rpm -qa --qf "%{NAME}\n"| egrep "^${1}\$" >/dev/null ;}