diff options
Diffstat (limited to 'ship')
| -rw-r--r-- | ship/TODO | 2 | ||||
| -rwxr-xr-x | ship/build | 2 | ||||
| -rw-r--r-- | ship/lib/_punani_db | 7 | ||||
| -rw-r--r-- | ship/lib/filehooker | 117 | ||||
| -rw-r--r-- | ship/lib/iso | 7 | ||||
| -rw-r--r-- | ship/lib/krebs | 16 | ||||
| -rw-r--r-- | ship/lib/network | 13 | ||||
| -rw-r--r-- | ship/lib/retiolum | 109 | ||||
| -rw-r--r-- | ship/lib/vim | 40 | ||||
| -rwxr-xr-x | ship/src/arch_autoinstall | 17 | ||||
| -rwxr-xr-x | ship/src/bootstrap_env_makefu | 99 | ||||
| -rw-r--r-- | ship/src/filehooker_configure_ncdc | 15 | ||||
| -rw-r--r-- | ship/src/filehooker_configure_netshare | 7 | ||||
| -rwxr-xr-x | ship/src/filehooker_install | 143 | ||||
| -rw-r--r-- | ship/src/find-supers-tinc | 6 | ||||
| -rwxr-xr-x | ship/src/fix_dircolors | 2 | ||||
| -rw-r--r-- | ship/src/install_tor_announce | 5 | ||||
| -rw-r--r-- | ship/src/refresh-super-keys | 5 | ||||
| -rw-r--r-- | ship/src/refresh-supers | 35 | ||||
| -rwxr-xr-x | ship/src/remaster_arch_shack_installstick (renamed from ship/src/remaster_arch_iso) | 25 | ||||
| -rw-r--r-- | ship/src/vim_sane_defaults | 11 |
21 files changed, 607 insertions, 76 deletions
@@ -0,0 +1,2 @@ +- refresh-supers: somehow test if a real tinc connection is possible to new + given supernodes @@ -44,7 +44,7 @@ EOF build_strict_mode() { cat<<EOF $1a\\ set -euf\\ -set -o posix || : +(set -o posix 2>/dev/null) && set -o posix || : EOF } diff --git a/ship/lib/_punani_db b/ship/lib/_punani_db index 721b5fa2..6f89029f 100644 --- a/ship/lib/_punani_db +++ b/ship/lib/_punani_db @@ -19,7 +19,7 @@ _punanidb_aptget_pip2=python-pip _punanidb_pacman_virtualenv=python-virtualenv _punanidb_aptget_virtualenv=python-virtualenv -_punanidb_pacman_gpp=g++ +_punanidb_pacman_gpp=gcc _punanidb_aptget_gpp=gcc _punanidb_pacman_python2_dev=python2 @@ -39,6 +39,10 @@ _punanidb_pacman_tinc=tinc _punanidb_yum_tinc=tinc _punanidb_aptget_tinc=tinc +_punanidb_pacman_zsh=zsh +_punanidb_yum_zsh=zsh +_punanidb_aptget_zsh=zsh + _punanidb_pacman_tor=tor _punanidb_yum_tor=tor _punanidb_aptget_tor=tor @@ -50,3 +54,4 @@ _punanidb_aptget_nano=nano _punanidb_pacman_vim=vim _punanidb_yum_vim=vim-enhanced _punanidb_aptget_vim=vim + diff --git a/ship/lib/filehooker b/ship/lib/filehooker new file mode 100644 index 00000000..72be751a --- /dev/null +++ b/ship/lib/filehooker @@ -0,0 +1,117 @@ +#@include core +#@include network +ncdc_user=${ncdc_user:-hooker} +ncdc_bin=${ncdc_bin:-/usr/bin/ncdc} + +ncdc_config(){ + # maybe we want to use the running ncdc process and communicate via tmux send-keys ? + (sleep 1;cat;printf "/quit\n") | sudo -u $ncdc_user "$ncdc_bin" +} + +ncdc_configure_netshare(){ + : "${1?provide path to share}" + rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom` + rnd_name="${2:-share_$rnd}" + info "adding share" + (echo "/share $rnd_name $1") | ncdc_config +} + +ncdc_configure_nick(){ + nick=${1?nick must be provided} + info "configuring DC Nick: $nick" + echo "/nick $nick" | ncdc_config +} +ncdc_configure_hub(){ + rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom` + hubname="hub_$rnd" + hub=${1?adcs://localhost:2781} + info "configuring DC Hub: $hub, activating autconnect" + info "setting active as true" + (echo "/open ${hubname} ${hub}" ; + echo "/hset autoconnect true") | ncdc_config +} + +ncdc_download(){ +install_dir="$(dirname "${ncdc_bin}")" +info "installing ncdc to $install_dir" +curl http://dev.yorhel.nl/download/ncdc-linux-x86_64-1.19.tar.gz | tar xz -C "$install_dir" +} +ncdc_install(){ +useradd -m $ncdc_user ||: +} + +ncdc_autostart(){ +# only systemd +# punani install tmux +cat > /etc/systemd/system/ncdc@.service <<EOF +[Unit] +Description=ncdc +Requires=network.target local-fs.target + +[Service] +Type=oneshot +RemainAfterExit=yes +KillMode=none +User=%I +ExecStart=/usr/bin/tmux new-session -s dcpp -n ncdc -d ncdc +ExecStop=/usr/bin/tmux send-keys -t dcpp:ncdc "/quit" C-m + +[Install] +WantedBy=multi-user.target +EOF +systemctl enable ncdc@$ncdc_user +} + +# 20gig in bytes +min_netshare_size=${min_netshare_size:-20000000000} +get_disksize(){ +fdisk -l ${1?provide disk} | grep '^Disk ' | cut -d\ -f 5 +} + +prepare_netshares(){ + count=0 + fdisk -l | grep '^Disk ' | egrep '(/dev/sd|/dev/hd)' | cut -d\ -f 2 | tr -d : | while read disk;do + size=$(get_disksize $disk) + if test "$size" -gt "$min_netshare_size"; + then + info "using $disk with $size bytes" + dd if=/dev/zero of=$disk bs=1M count=1 >/dev/null + sleep 1 + (printf "o\nn\np\n\n\n\nw\n\n") |fdisk $disk >/dev/null ||: + #partprobe $disk + mkfs.btrfs -f ${disk}1 >/dev/null + uuid="$(blkid ${disk}1 -o value | head -n 1)" + mountpoint="/media/vag${count}" + mkdir -p "$mountpoint" + echo "UUID=$uuid $mountpoint btrfs rw,relatime,space_cache 0 0" >> /etc/fstab + echo "$mountpoint" + : $((count++)) + else + info "skipping $disk" + fi + done +} +install_tor_announce(){ +# systemd only +info "writing tor_announce.service" +cat > /etc/systemd/system/tor_announce.service<<EOF +[Unit] +Description=Announce Tor Hidden Address +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/tor_announce + +[Install] +WantedBy=multi-user.target +EOF +info "writing tor_announce to /usr/bin/tor_announce" +printf '#!/bin/sh\nsleep 20\n' > /usr/bin/tor_announce +http_get conf.krebsco.de/tor_publish_ssh >> /usr/bin/tor_announce +chmod +x /usr/bin/tor_announce +info "enable tor_announce" +systemctl enable tor_announce +#systemctl start tor_announce +} diff --git a/ship/lib/iso b/ship/lib/iso new file mode 100644 index 00000000..0776d796 --- /dev/null +++ b/ship/lib/iso @@ -0,0 +1,7 @@ +get_volid(){ + #returns the volume id of the iso given + # is needed for remastering the archlinux iso + + #punani install genisoimage + isoinfo -d -i "${1?path to iso must be given}" | grep "^Volume id:" | cut -d: -f 2 |xargs +} diff --git a/ship/lib/krebs b/ship/lib/krebs new file mode 100644 index 00000000..e47031d6 --- /dev/null +++ b/ship/lib/krebs @@ -0,0 +1,16 @@ +#@include core +krebs_pubkeys="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7YrLdnXDRU2XEdZDu1BmgiT0Vaxplf3bfvSm+5o3g4AcR2yCv7h2D633c9uA0gq52EJ3V5m8B1ZcxqA0zqDptKwx+ZTMUGDls7StH5xpJyk9j5gf8DzyDLQPQG2IYszCH+8esKjo3BOFxfey8NaX+k6gvQsG3lyV0PjLvvIy4gDuMn6dPZfVAlwNYFOUNgwpku3W3A0d+UFyVjt3/sgZxM+8C3y6QE1gwT5/NfBbHM5vaEqjHcVq1ui+7a4iOXFGKkZDcd7EX6cQZSbCzZL7sZ0OmB1WpAsDCvIXfzX1YfNA0sso7ldSF6ZUGNgwEk1LootnQlCK/dfbM+i62SZ+1 tv@iiso +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCv9TTt4FkzT3jlQ0VS2tX/GpQO9Ef0wIQ+g96foe4qSniBwR667T1gIhURrod/p7N9oQcWRrNohjgmSBZRYA0kW6ZyqYJkLvRv54nXv6j/8Xq2nG/KVfDqL0kp8if+JGeFlQElpWJiAbGifYkopFy69QiLYU2ndR7aPbx+5qm/dcwPJ7K+n6dyePynCZadtcabm3PuBFUxGLdT9ImDXMOPfXxPMlN/3eb78byuEuHnhCIvIGLMBGx+8QTXvu7kHpZObvkbsF1xjVs9fDpwVLjh7GWdwf3BZ/agFlI24ffyqCPFnuaxUVyfUZeqf4twRsIZkTTB47lHDhYiVkyGe8gd root@pigstarter.de +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCl3RTOHd5DLiVeUbUr/GSiKoRWknXQnbkIf+uNiFO+XxiqZVojPlumQUVhasY8UzDzj9tSDruUKXpjut50FhIO5UFAgsBeMJyoZbgY/+R+QKU00Q19+IiUtxeFol/9dCO+F4o937MC0OpAC10LbOXN/9SYIXueYk3pJxIycXwUqhYmyEqtDdVh9Rx32LBVqlBoXRHpNGPLiswV2qNe0b5p919IGcslzf1XoUzfE3a3yjk/XbWh/59xnl4V7Oe7+iQheFxOT6rFA30WYwEygs5As//ZYtxvnn0gA02gOnXJsNjOW9irlxOUeP7IOU6Ye3WRKFRR0+7PS+w8IJLag2xb makefu@pornocauster +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7df1RfMGNHPJe0iF6rD9DBs/4VujN6nNr7RbRCFk7HF/JzLXSn9Vcwk+3JefP4/d/bUo0h03rhQaRohDhBScrJidj2YacF6gmZOuTf3AMWprdz9D/1dDkN/ytwzGhADhqbHEWeomIllsa8Up4PvEeDcIHJGzYvuc0BbGqRk0XgxwqIrLAhdpTfEKaTbt7IzmUqEofxThTZ/4k020PKn2WDBWKQYGZJ9Ba2WzlKUXWx842ncW29oxC2faRz4M3eMPy0JMpBLkK9U3dccE75dgT/89/4ofVjM7+J3FOP3dgXzrtk+A5aN5a/veJUViQ9xdGxXvoa++iCr5q/BVRv0Bb sammy@muhbaasu.de +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOIRWLC4ESCDxjyoJUqaUNC8ZDiE4UICZk3cbDptdtendTQvjSXz0RW6MWhJ+F6wWZntL1EibKn8djax1tzgcvNASCUEtGey/850IzBIrETs+WQDRjV2QqBKWxVaQPIFjw2V3vFSKKNxq01qznVBY510DIf4+0WR8b1ZPD/XbuyQLGYM3N7dP4JQSnnNAgtyutBKdomWfT18hW1lLjkP8h1IOiC03HxXTYX+nMUiLDff3D5GT5u3Ke2+VigXjz4Ue8rVsOg/zgqrwEAfx8o1q83uSB23oqUqWkqlxOC/4QY5kpdNqW/Iz89zHibp5ZceHd2ZSoGefv7UZM0lRIDHjJ retiolum@ire +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3+2vSwiJoIpHpnkw4SslPrlR6/z43nZ7s1tGXkkNnVDB2uzxMaISNRjSk0GgXpDx4hLEi6074hSvv5JWbUuMyKr9n6GVVeYNCjsiPcRkL3d7zDwFwqyndhVeWgmpuylYx4XKIbTvpBVyG3CRT1+D4apVUgiDa9lVfjBk7/ESxBzt0dXtlJEzQBBoCo0C8jeeIpvZKbq1zeM9wvLsgFaT7fsSxrg5BEb/tQl6pbkykWFXbzzd91liEQaSqai7Ux2355ZXGANQBCTglKhdTcir0RuHNtQGrZHBxL9qVfJjJJNZg1b6UAhDanqE/HyOI3sp6LGBvpW5afLKOdj9ppQQN retiolum@nomic +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAp83zynhIueJJsWlSEykVSBrrgBFKq38+vT8bRfa+csqyjZBl2SQFuCPo+Qbh49mwchpZRshBa9jQEIGqmXxv/PYdfBFQuOFgyUq9ZcTZUXqeynicg/SyOYFW86iiqYralIAkuGPfQ4howLPVyjTZtWeEeeEttom6p6LMY5Aumjz2em0FG0n9rRFY2fBzrdYAgk9C0N6ojCs/Gzknk9SGntA96MDqHJ1HXWFMfmwOLCnxtE5TY30MqSmkrJb7Fsejwjoqoe9Y/mCaR0LpG2cStC1+37GbHJNH0caCMaQCX8qdfgMVbWTVeFWtV6aWOaRgwLrPDYn4cHWQJqTfhtPrNQ== death@uriel" + +authorized_keys_file="${authorized_keys:-$HOME/.ssh/authorized_keys}" +deploy_krebs_pubkeys(){ +info "deploying pubkeys in $authorized_keys_file" +mkdir -p "$(dirname "$authorized_keys_file")" +printf "$krebs_pubkeys\n" >> "$authorized_keys_file" + +} diff --git a/ship/lib/network b/ship/lib/network index 974fb282..6c8970a0 100644 --- a/ship/lib/network +++ b/ship/lib/network @@ -76,6 +76,17 @@ run_telnet(){ port="$2" $(which_telnet) "$host" "$port" } +port_open(){ + # $1 - host + # $2 - port + # nc -zw 2 $1 $2 + echo | run_telnet "$1" "$2" & pid=$! + { sleep 5; kill $pid;} & wid=$! + wait $pid + RET=$? + kill $wid >/dev/null 2>&1 + return $RET +} send_irc(){ ## reads from stdin, writes to IRC @@ -95,5 +106,5 @@ send_irc(){ echo "JOIN $IRCCHANNEL"; sleep 23; while read line; do echo "PRIVMSG $IRCCHANNEL :$line";sleep 1;done - sleep 5; ) | run_telnet $IRCSERVER $IRCPORT 2>/dev/null | line_to_dot + sleep 5; ) | run_telnet $IRCSERVER $IRCPORT 2>/dev/null } diff --git a/ship/lib/retiolum b/ship/lib/retiolum new file mode 100644 index 00000000..eba2775e --- /dev/null +++ b/ship/lib/retiolum @@ -0,0 +1,109 @@ +#!/bin/sh +# retiolum host functions +#@include core +#@include network +tinc_path=${tinc_path:-/etc/tinc} +netname=${netname:-retiolum} +hosts_dir=${hosts_dir:-$tinc_path/$netname/hosts} +supernode_urls="http://euer.krebsco.de/retiolum/supernodes.tar.gz" +reload_tinc(){ + info "reloading tinc configuration" + pkill -HUP tincd || tinc -n $netname reload; +} + +refresh_supernode_keys(){ + for url in $supernode_urls;do + info "Trying $url to retrieve supernodes" + if http_get "$url" \ + | tar xvz -C $hosts_dir | xargs -n1 echo "refreshed:" ;then + info "refreshed supernode keys" + return 0 + else + error "$url unusable for retrieving supernode host files" + fi + done && return 1 +} +port_open(){ + # $1 - host + # $2 - port + # nc -zw 2 $1 $2 + echo | run_telnet "$1" "$2" & pid=$! + { sleep 5; kill $pid;} & wid=$! + wait $pid + RET=$? + kill $wid >/dev/null 2>&1 + return $RET +} +find_supernodes(){ + cd $hosts_dir + set +f + for name in ` + grep '^[ ]*Address[ ]*=' * | + cut -d: -f1 | sort | uniq + `; do + if eval "`sed -n ' + s/[ ]\+//g + s/^\(Address\|Port\)=\(.*\)/\1="\${\1+\$\1\n}\2"/p + ' $name`"; then + port=${Port-655} + for host in $Address; do + if port_open $host $port 2>/dev/null; then + echo "$name [('$host', $port)]" + fi & + done + wait + fi & + done + wait + cd - >/dev/null +} + +find_active_nodes(){ + # TODO this function currently only supports a single address for a host + cd $hosts_dir + # posix grep does not support [[:space:]] + set +f + for name in ` + grep '^[ ]*Address[ ]*=' * | + cut -d: -f1 | sort | uniq + `; do + if eval "`sed -n ' + s/[ ]\+//g + s/^\(Address\|Port\)=\(.*\)/\1="\${\1+\$\1\n}\2"/p + ' $name`"; then + port=${Port-655} + for host in $Address; do + if port_open $host $port 2>/dev/null; then + echo "$name [('$host', $port)]" + fi & + done + wait + fi & + done + wait + cd - >/dev/null +} + +check_free_v4(){ + myipv4=${1-10.243.0.-1} + v4num=${myipv4##*.} + printf "Retard check: " + if [ "$v4num" -gt 0 -a "$v4num" -lt "256" ]; + then + info "No retard detected\n" + cd $hosts_dir + info "Check if ip is still free: " + for i in `ls -1`; do + if grep -q -e $myipv4\$ $i ;then + error "Host IP already taken by $i! " + return 1 + fi + done + info "Passed\n" + return 0 + else + error "you are made of stupid. bailing out\n" + return 1 + fi + cd - >/dev/null +} diff --git a/ship/lib/vim b/ship/lib/vim new file mode 100644 index 00000000..f75f3d0e --- /dev/null +++ b/ship/lib/vim @@ -0,0 +1,40 @@ +# configure vim + +vimrc=$HOME/.vimrc + +vim_conf_sane_defaults(){ + # TODO - make stuff more modular? + cat >>$vimrc<<EOF +set nocompatible +filetype plugin indent on +syntax on +set vb +set foldenable +set foldmethod=syntax +set ignorecase +set incsearch +set showmatch +set matchtime=3 +set hlsearch +set backupdir=~/.vim/backup +set directory=~/.vim/backup +inoremap <F1> <ESC> +nnoremap <F1> <ESC> +vnoremap <F1> <ESC> +set wildignore=*.o,*.obj,*.bak,*.exe,*.os +cmap w!! w !sudo tee > /dev/null % +colorscheme darkblue +set background=dark +set number +set mouse= +set shiftwidth=2 +set tabstop=2 +set et +set sw=2 +set smarttab +set autoindent +set backspace=indent,eol,start +set nocp +EOF + mkdir -p $HOME/.vim/backup +} diff --git a/ship/src/arch_autoinstall b/ship/src/arch_autoinstall index baa9e2a0..c9b6c4d4 100755 --- a/ship/src/arch_autoinstall +++ b/ship/src/arch_autoinstall @@ -3,13 +3,12 @@ #@include core #@include color #@include network +#@include tor pass=shackit shack_printer_ip=10.42.0.135 extra_pkg="xorg vim xfce4 feh chromium zsh sudo git flashplugin alsa-oss alsa-lib alsa-utils grub-bios slim ntp tor network-manager-applet networkmanager openssh cups cups-filters" info "writing stdout to /tmp/install.log" -exec >> /tmp/install.log -tail -f /tmp/install.log& defer 'pkill tail' installer_disk(){ @@ -35,7 +34,7 @@ sleep 3 umount /mnt/boot ||: umount /mnt ||: info "starting partitioning" -(printf "o\nn\np\n\n\n+256M\n\a\nn\np\n\n\n\nw\n\n") |fdisk $rootdisk +(printf "o\nn\np\n\n\n+256M\n\a\nn\np\n\n\n\nw\n\n") |fdisk $rootdisk||: info "done partitioning" sleep 1 info "generating filesystem on /boot" @@ -84,7 +83,7 @@ info "generating configs" genfstab -U -p /mnt > /mnt/etc/fstab info "beginning chroot!" -arch-chroot /mnt | tee -a /tmp/install.log << EOF +arch-chroot /mnt << EOF msg() { printf "\$*\n" >&2; } info() { msg "$green\$*$nc"; } @@ -119,7 +118,7 @@ done ### CUPS mkdir -p /etc/cups -cat >>/etc/cups/printers.conf<<EOF +cat >>/etc/cups/printers.conf<<EOT <Printer HP_LaserJet_5000_Series> Info Shack Printer HP 5000 Location lounge @@ -137,7 +136,7 @@ KLimit 0 OpPolicy default ErrorPolicy stop-printer </Printer> -EOF +EOT info "installing grub" grub-install ${rootdisk} 2>/dev/null @@ -155,7 +154,11 @@ EOF info "configuring tor" torrc=/mnt/etc/tor/torrc hidden_service_dir=/var/lib/tor/hidden_service/ -#@include tor configure_hidden_service +#TODO publish tor address after reboot +#info "publishing hidden service address" +#cat $hidden_service_dir/hostname | send_irc + info "We're all done, simply reboot!" +reboot diff --git a/ship/src/bootstrap_env_makefu b/ship/src/bootstrap_env_makefu index 7ec59a79..e61f4e99 100755 --- a/ship/src/bootstrap_env_makefu +++ b/ship/src/bootstrap_env_makefu @@ -4,10 +4,24 @@ #@strict #@include core #@include punani +#@include vim + +# vim +python +_punanidb_pacman_vim_python=gvim +_punanidb_yum_vim_python=vim-enhanced +_punanidb_aptget_vim_python=vim + +# TODO pull out youcompleteme into a vim function +# cmake ,make,g++,python-dev for youcompleteme +_punanidb_pacman_cmake=cmake +_punanidb_yum_cmake=cmake +_punanidb_aptget_cmake=cmake +#@mainifyme + info "Configuring environment for $(id -un)" cd $(readlink -f $(dirname $0)) info "Using punani to install git vim and zsh" -punani install git vim zsh || error "cannot install some shit" +punani install git vim_python zsh gpp cmake make python2_dev || die "cannot install some shit" info "writing dotfiles" # deploying zshrc @@ -54,8 +68,13 @@ test -r ~/TODO && cat ~/TODO setopt menu_complete unsetopt correct_all +export PYTHONSTARTUP=~/.pythonrc +EOF +info 'deploying pythonrc' +cat > $HOME/.pythonrc <<EOF +import rlcompleter, readline +readline.parse_and_bind('tab:complete') EOF - info "deploying vim config" if [ -e $HOME/.vim ] ; then oldvim=$HOME/.vim.`date +%Y%M%d` @@ -68,43 +87,36 @@ mkdir -p $HOME/.vim # TODO modilarize vimconfig cat > $HOME/.vim/vimrc <<EOF -set nocompatible filetype off set rtp+=~/.vim/bundle/vundle call vundle#rc() - " TODO refactor this Bundle 'gmarik/vundle' Bundle 'SudoEdit.vim' Bundle 'snipMate' Bundle 'tpope/vim-fugitive' -Bundle 'vim-scripts-iptables' -Bundle 'pyflakes' +Bundle 'Valloric/YouCompleteMe' +Bundle 'scrooloose/syntastic' +Bundle 'sjl/gundo.vim' + +nnoremap <F5> :GundoToggle<CR> +set undodir=~/.vim/undo +set undofile +"maximum number of changes that can be undone +set undolevels=1000000 +"maximum number lines to save for undo on a buffer reload +set undoreload=10000000 + +set pastetoggle=<F2> +set showmode +filetype plugin indent on + filetype plugin indent on -syntax on -set vb let g:snips_author = 'Bob Ross <root@syntax-fehler.de>' let g:makefu_author = 'makefu' -set foldenable -set foldmethod=syntax -" shows matching braches etc -set showmatch -set matchtime=3 -" highlight search -set hlsearch - -" set noswapfile -" set nobackup -set backupdir=~/.vim/backup -set directory=~/.vim/backup - -" turn off F1 -inoremap <F1> <ESC> -nnoremap <F1> <ESC> -vnoremap <F1> <ESC> " pasting nnoremap <F2> :set invpaste paste?<CR> set pastetoggle=<F2> @@ -114,44 +126,31 @@ set showmode au FocusLost * :wa set spelllang=en -" use set spell to enable spelling - -" press ttt to rot16 the whole file -nmap ttt ggg?G -colorscheme darkblue -set background=dark - -set number -set mouse= set textwidth=9001 -set ignorecase -set incsearch -set wildignore=*.o,*.obj,*.bak,*.exe,*.os - -set shiftwidth=2 -set tabstop=2 -set et -set sw=2 -set smarttab -set autoindent -" end tabstop -set backspace=indent,eol,start -set nocp autocmd BufRead *.json set filetype=json EOF - +if [ -e $HOME/.vimrc ] ; then + oldvim=$HOME/.vimrc.`date +%Y%M%d` + info "Backing up old vimrc file to $oldvim" + mv -v $HOME/.vimrc $oldvim +fi +info "Symlinking .vimrc to .vim/vimrc" ln -vs $HOME/.vim/vimrc $HOME/.vimrc +vim_conf_sane_defaults #install all the vim stuff with the help of vundle cd $HOME/.vim -mkdir bundle -mkdir backup +mkdir -p bundle undo backup info "Fetching vim-vundle" git clone https://github.com/gmarik/vundle.git bundle/vundle > /dev/null && \ info "Vim Vundle deployed" info "Installing Vundle Bundles" vim "+:BundleInstall" "+:qall" + +info "building youcompleteme libs" +cd $HOME/.vim/bundle/YouCompleteMe +./install.sh cd - info "configuring zsh" diff --git a/ship/src/filehooker_configure_ncdc b/ship/src/filehooker_configure_ncdc new file mode 100644 index 00000000..c980ebf2 --- /dev/null +++ b/ship/src/filehooker_configure_ncdc @@ -0,0 +1,15 @@ +#!/bin/sh +#@info +#@strict +#@include filehooker + +dc_hub="adcs://elch.nsupdate.info:2781" +rnd=`hexdump -n 2 -e '/2 "%u"' /dev/urandom` +nick="filehooker_$rnd" + + +ncdc_install +ncdc_autostart + +ncdc_configure_nick "$nick" +ncdc_configure_hub "$dc_hub" diff --git a/ship/src/filehooker_configure_netshare b/ship/src/filehooker_configure_netshare new file mode 100644 index 00000000..438ac133 --- /dev/null +++ b/ship/src/filehooker_configure_netshare @@ -0,0 +1,7 @@ +#!/bin/sh +#@info +#@strict +#@include filehooker +for i in $(prepare_netshares) ;do + ncdc_configure_netshare "$i" "${i##*/}" +done diff --git a/ship/src/filehooker_install b/ship/src/filehooker_install new file mode 100755 index 00000000..eb2d5fd1 --- /dev/null +++ b/ship/src/filehooker_install @@ -0,0 +1,143 @@ +#/bin/sh +#@info +#@strict +#@include core +## colored logging +#@include color +#@include network + +## for tor hidden service +#@include tor + +## for ncdc +#@include filehooker +pass=lolwut.aidsballs +# 20gig +#min_netshare_size=20000000000 +admin=pimp +extra_pkg="vim sudo grub-bios ntp tor openssh btrfs-progs tmux" + +info "writing stdout to /tmp/install.log" + + +installer_disk(){ + find /dev/disk/by-label/ -name ARCH_\* 2>/dev/null | xargs readlink +} + +find_rootdisk(){ + for i in sd vd hd;do + for j in a b c;do + dsk="/dev/$i$j" + test ! -e "$dsk" && continue + test "$(installer_disk)" == "$dsk" && continue + test "$(get_disksize $dsk)" -gt "$min_netshare_size" && info "not using $dsk as it is too big" && continue + echo "$dsk" && return + done + done +} + +rootdisk=$(find_rootdisk) +test "$rootdisk" || die "cannot find your root disk" + +info "Your rootdisk is $rootdisk" +sleep 3 + +umount /mnt/boot ||: +umount /mnt ||: +info "overwriting partitioning" +dd if=/dev/zero of=$rootdisk bs=2k count=10 +info "starting partitioning" +(printf "o\nn\np\n\n\n+128M\n\a\nn\np\n\n\n\nw\n\n") |fdisk $rootdisk ||: +partprobe $rootdisk +info "done partitioning" +sleep 1 +info "generating filesystem on /boot" +mkfs.ext2 ${rootdisk}1 +info "Done" +sleep 3 +sync +vgchange -an +info "generating filesystems" +mkfs.btrfs -f ${rootdisk}2 +sleep 1 +info "finished generating filesystems" +sleep 1 +info "mounting" +mount ${rootdisk}2 /mnt +mkdir /mnt/boot +mount ${rootdisk}1 /mnt/boot + +info "finished mounting!" +sleep 1 +info "installing!" + +info "Setting http proxy" + +info "Installing the following packages: $extra_pkg" +if [ -n "${user_pkg:-}" ] ;then + info "User chooses additional packages: $user_pkg" +else + info "No additional packages set by user (\$user_pkg unset)" +fi +pacstrap /mnt base $extra_pkg ${user_pkg:-} +info "installation done" +sleep 1 +info "generating configs" +genfstab -U -p /mnt > /mnt/etc/fstab + +info "beginning chroot!" +########### BEGIN CHROOT ##### +arch-chroot /mnt << EOF +#@strict +msg() { printf "\$*\n" >&2; } +info() { msg "$green\$*$nc"; } +error() { msg "$green\$*$nc"; } + +info "generating locales" +ln -s /usr/share/zoneinfo/Europe/Berlin /etc/localtime +echo "LANG=en_US.UTF-8" >> /etc/locale.conf +echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen +locale-gen +echo "filehooker$RANDOM" > /etc/hostname +info "Done! " +mkinitcpio -p linux || +info "setting root password" +printf "${pass}\n${pass}\n" | (passwd ) +info "adding user" +useradd -m -G audio,video,wheel $admin +printf "${pass}\n${pass}\n" | (passwd $admin) + +info "editing sudoers" +printf "root ALL=(ALL) ALL\n%s ALL=(ALL)NOPASSWD: ALL\n" %wheel >> /etc/sudoers +for i in dhcpcd ntpd tor sshd ; do + info "enabling \$i" + systemctl enable \$i +done + +info "installing grub" +grub-install ${rootdisk} 2>/dev/null +#echo "GRUB_DISABLE_LINUX_UUID=true" >> /etc/default/grub +grub-mkconfig > /boot/grub/grub.cfg 2>/dev/null +# prepare ncdc +useradd -m hooker +exit +EOF +######## END CHROOT ########## +sync + +info "configuring tor" +torrc=/mnt/etc/tor/torrc +hidden_service_dir=/var/lib/tor/hidden_service/ +configure_hidden_service +#info "publishing hidden service address" +#cat $hidden_service_dir/hostname | send_irc +info "configure ncdc" +curl conf.krebsco.de/filehooker_configure_ncdc | arch-chroot /mnt +info "configuring netshares" +( curl conf.krebsco.de/filehooker_configure_netshare )| arch-chroot /mnt +info "configuring tor announce" +curl conf.krebsco.de/install_tor_announce | arch-chroot /mnt +info "We're all done, rebooting!" +sync +sleep 5 +reboot diff --git a/ship/src/find-supers-tinc b/ship/src/find-supers-tinc new file mode 100644 index 00000000..3ea53d35 --- /dev/null +++ b/ship/src/find-supers-tinc @@ -0,0 +1,6 @@ +#!/bin/sh +#@info +#@include core +#@include retiolum + +find_supernodes diff --git a/ship/src/fix_dircolors b/ship/src/fix_dircolors index b2e2ffdb..d427563f 100755 --- a/ship/src/fix_dircolors +++ b/ship/src/fix_dircolors @@ -6,7 +6,7 @@ exists dircolors || die "no dircolors in PATH, bailing out" info "fixing dircolors for $(id -un)" dircolors -p > $HOME/.dircolors -sed -i 's/\(DIR \).*/\101;35/' $HOME/.dircolors +sed -i 's/\(DIR \).*/\101;36/' $HOME/.dircolors ! grep -q 'dircolors' $HOME/.profile && \ info "adding dircolors line to $HOME/.profile" && \ echo 'eval `dircolors -b $HOME/.dircolors`' >> $HOME/.profile diff --git a/ship/src/install_tor_announce b/ship/src/install_tor_announce new file mode 100644 index 00000000..b7b3662e --- /dev/null +++ b/ship/src/install_tor_announce @@ -0,0 +1,5 @@ +#!/bin/sh +#@strict +#@include filehooker + +install_tor_announce diff --git a/ship/src/refresh-super-keys b/ship/src/refresh-super-keys new file mode 100644 index 00000000..dddbe846 --- /dev/null +++ b/ship/src/refresh-super-keys @@ -0,0 +1,5 @@ +#!/bin/sh +#@info +#@include retiolum +#@mainifyme +refresh_supernode_keys diff --git a/ship/src/refresh-supers b/ship/src/refresh-supers new file mode 100644 index 00000000..6dc6e8ab --- /dev/null +++ b/ship/src/refresh-supers @@ -0,0 +1,35 @@ +#!/bin/sh +#@info +# usage: [DEBUG=1] [tincconf=/not/tinc/retiolum/tinc.conf] $0 +# This is the implementation of the proposal how to update tinc supernode +# connections + +#@include core +#@include retiolum + # using find_supernodes + # tinc_path + # netname + +#@strict +#@mainifyme + +refresh_supernode_keys + +max_connect_to=${max_connect_to:-5} +tincconf=${tincconf:-$tinc_path/$netname/tinc.conf} +tmp_tincconf=$(mktemp) +defer "rm -f $tmp_tincconf" + +sed '/^[ ]*ConnectTo/d' "$tincconf" > "$tmp_tincconf" + + +# TODO find_supernodes requires netcat +find_supernodes | cut -d\ -f 1 | shuf \ + | head -n "${max_connect_to}" \ + | xargs -n1 printf "ConnectTo=%s\n" >> "$tmp_tincconf" + +info "replacing old tinc.conf with one" +test "${DEBUG:-}" && diff "$tincconf" "$tmp_tincconf" +mv "$tmp_tincconf" "$tincconf" + +reload_tinc diff --git a/ship/src/remaster_arch_iso b/ship/src/remaster_arch_shack_installstick index 94a750c1..3ad985af 100755 --- a/ship/src/remaster_arch_iso +++ b/ship/src/remaster_arch_shack_installstick @@ -1,5 +1,6 @@ #!/bin/sh #@include core +#@include iso #@mainifyme ## TODO: provide a parameter which defines what to be done in the new iso root @@ -12,14 +13,13 @@ isodir=$bdir/iso isomnt=$bdir/isomount rootdir=$bdir/root outdir=$bdir/out -auto_url=euer.krebsco.de/autoinstall +auto_url=${2:-conf.krebsco.de/arch_autoinstall} info "bdir is at $bdir" [ ! -e "$isofile" ] && die "$isofile does not exist." esudo "$@" - - -#punani install genisoimage - +arch_label="$(get_volid "$isofile")" +info "Arch iso label is ${arch_label}" +info "auto_url is $auto_url" info "cleanup root dir" rm -rf $bdir @@ -59,12 +59,11 @@ Just Wait until everything finished. - Make sure that RJ45 is connected - you can bail out of the progress at any time with CTRL-C -- if anything went wrong,you can run the installer again at: - /krebs/autoinstall - + /krebs/autoinstall (args) EOD /krebs/autoinstall EOL + mkdir /krebs cat > /krebs/autoinstall <<EOL internet() { ping -w 1 google.de >/dev/null 2>&1; } @@ -76,7 +75,7 @@ done echo "Grabbing current version of install-script from $auto_url" echo echo "AGENTS ARE GOOOOOOOOOOO!" -curl $auto_url 2>/dev/null | sh +curl "$auto_url" 2>/dev/null | sh -s "\\\$@" EOL chmod 755 /krebs/autoinstall EOF @@ -84,1 |