From bcc7aefa1c6fb999992c07327e1df9456814a283 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:41:11 +0100 Subject: retiolum github hosts sync: initial commit --- retiolum/scripts/github_hosts_sync/index | 62 ++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index new file mode 100755 index 00000000..31cbc763 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/index @@ -0,0 +1,62 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=1028 +local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" -- cgit v1.2.3 From 2ce39803bf71bd49503ee8a6d81d73091883b465 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:48:03 +0100 Subject: hosts sync: add systemd files --- retiolum/scripts/github_hosts_sync/index | 2 +- .../scripts/github_hosts_sync/systemd/hosts-sync.conf | 1 + .../scripts/github_hosts_sync/systemd/hosts-sync.service | 15 +++++++++++++++ 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf create mode 100644 retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 31cbc763..7b444ea4 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -2,7 +2,7 @@ # TODO do_work should retry until success set -euf -port=1028 +port=${port-1028} local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf new file mode 100644 index 00000000..606f17b4 --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.conf @@ -0,0 +1 @@ +port=1028 diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service new file mode 100644 index 00000000..60d4799f --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -0,0 +1,15 @@ +[Unit] +Description=retiolum github hosts sync +After=network.target + +[Service] +EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +KillMode=process +User=hosts-sync +Group=hosts-sync +Restart=yes + +[Install] +WantedBy=multi-user.target + -- cgit v1.2.3 From 69afd37b41d04b25a868da7d8fd2241b2a3aaa03 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 13:58:09 +0100 Subject: hosts sync: fix pasto --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 60d4799f..16235a6d 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -3,7 +3,7 @@ Description=retiolum github hosts sync After=network.target [Service] -EnvironmentFile=/etc/conf.d/retiolum-github-hosts-sync.conf +EnvironmentFile=/etc/conf.d/hosts-sync.conf ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync -- cgit v1.2.3 From fabc9fa4705f4d1ae08468957a5bf4a0ecae672a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:02:51 +0100 Subject: hosts sync: fix remote painload uri --- retiolum/scripts/github_hosts_sync/index | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index 7b444ea4..e4da9305 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,7 +3,7 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="git@github.com:krebscode/painload.git" +local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" main() { -- cgit v1.2.3 From 023e449de9e0f5731d9a88f7a9eacc18e1f9af96 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:03:04 +0100 Subject: hosts sync: fix service parse error --- retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service | 1 - 1 file changed, 1 deletion(-) (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 16235a6d..83609740 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -8,7 +8,6 @@ ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index KillMode=process User=hosts-sync Group=hosts-sync -Restart=yes [Install] WantedBy=multi-user.target -- cgit v1.2.3 From 93c56cedd11be673176f1519fd17d05f67844e34 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:08:47 +0100 Subject: hosts sync: fix local repo uris --- retiolum/scripts/github_hosts_sync/index | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index index e4da9305..53c96efd 100755 --- a/retiolum/scripts/github_hosts_sync/index +++ b/retiolum/scripts/github_hosts_sync/index @@ -3,8 +3,10 @@ set -euf port=${port-1028} -local_painload=/krebs; remote_painload="https://github.com/krebscode/painload" -local_hosts=/tmp/hosts; remote_hosts="git@github.com:krebscode/hosts.git" +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" main() { ensure_local_painload -- cgit v1.2.3 From a265ea9d0693a25fffa2ed0eaa9622b91758f51a Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:10:56 +0100 Subject: hosts sync: rename index for nicer journal --- retiolum/scripts/github_hosts_sync/hosts-sync | 64 ++++++++++++++++++++++ retiolum/scripts/github_hosts_sync/index | 64 ---------------------- .../github_hosts_sync/systemd/hosts-sync.service | 2 +- 3 files changed, 65 insertions(+), 65 deletions(-) create mode 100755 retiolum/scripts/github_hosts_sync/hosts-sync delete mode 100755 retiolum/scripts/github_hosts_sync/index (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/hosts-sync b/retiolum/scripts/github_hosts_sync/hosts-sync new file mode 100755 index 00000000..53c96efd --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/hosts-sync @@ -0,0 +1,64 @@ +#! /bin/sh +# TODO do_work should retry until success +set -euf + +port=${port-1028} +local_painload=$HOME/painload +remote_painload="https://github.com/krebscode/painload" +local_hosts=$HOME/hosts +remote_hosts="git@github.com:krebscode/hosts.git" + +main() { + ensure_local_painload + ensure_local_hosts + is_worker && do_work || become_server +} + +ensure_local_painload() { + test -d "$local_painload" || git clone "$remote_painload" "$local_painload" +} + +ensure_local_hosts() { + test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" +} + +become_server() { + exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" +} + +is_worker() { + test "${SOCAT_SOCKPORT-}" = "$port" +} + +do_work() { + # read request + req_line="$(read line && echo "$line")" + req_hdrs="$(sed -n '/^\r$/q;p')" + + set -x + + cd "$local_hosts" + git pull >&2 + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null + + cd "$local_painload" + git pull >&2 + + find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; + + cd "$local_hosts" + find . -name .git -prune -o -type f -exec git add \{\} \; >&2 + if git status --porcelain | grep -q .; then + git commit -m bump >&2 + git push >&2 + fi + + echo "HTTP/1.1 200 OK" + echo + echo "https://github.com/krebscode/hosts/archive/master.tar.gz" + echo "https://github.com/krebscode/hosts/archive/master.zip" +} + +main "$@" diff --git a/retiolum/scripts/github_hosts_sync/index b/retiolum/scripts/github_hosts_sync/index deleted file mode 100755 index 53c96efd..00000000 --- a/retiolum/scripts/github_hosts_sync/index +++ /dev/null @@ -1,64 +0,0 @@ -#! /bin/sh -# TODO do_work should retry until success -set -euf - -port=${port-1028} -local_painload=$HOME/painload -remote_painload="https://github.com/krebscode/painload" -local_hosts=$HOME/hosts -remote_hosts="git@github.com:krebscode/hosts.git" - -main() { - ensure_local_painload - ensure_local_hosts - is_worker && do_work || become_server -} - -ensure_local_painload() { - test -d "$local_painload" || git clone "$remote_painload" "$local_painload" -} - -ensure_local_hosts() { - test -d "$local_hosts" || git clone "$remote_hosts" "$local_hosts" -} - -become_server() { - exec socat "TCP-LISTEN:$port,reuseaddr,fork" "EXEC:$0" -} - -is_worker() { - test "${SOCAT_SOCKPORT-}" = "$port" -} - -do_work() { - # read request - req_line="$(read line && echo "$line")" - req_hdrs="$(sed -n '/^\r$/q;p')" - - set -x - - cd "$local_hosts" - git pull >&2 - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git rm \{\} \; >/dev/null - - cd "$local_painload" - git pull >&2 - - find "$local_painload/retiolum/hosts" -type f -exec cp \{\} "$local_hosts" \; - - cd "$local_hosts" - find . -name .git -prune -o -type f -exec git add \{\} \; >&2 - if git status --porcelain | grep -q .; then - git commit -m bump >&2 - git push >&2 - fi - - echo "HTTP/1.1 200 OK" - echo - echo "https://github.com/krebscode/hosts/archive/master.tar.gz" - echo "https://github.com/krebscode/hosts/archive/master.zip" -} - -main "$@" diff --git a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service index 83609740..5fb9ed41 100644 --- a/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service +++ b/retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service @@ -4,7 +4,7 @@ After=network.target [Service] EnvironmentFile=/etc/conf.d/hosts-sync.conf -ExecStart=/krebs/retiolum/scripts/github_hosts_sync/index +ExecStart=/krebs/retiolum/scripts/github_hosts_sync/hosts-sync KillMode=process User=hosts-sync Group=hosts-sync -- cgit v1.2.3 From 180f3dd6c9cf6ea3a0d150c8a85d300dd09b177b Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:13:49 +0100 Subject: retiolum/hosts: rip UTART --- retiolum/hosts/UTART | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 retiolum/hosts/UTART (limited to 'retiolum') diff --git a/retiolum/hosts/UTART b/retiolum/hosts/UTART deleted file mode 100644 index 3c8628cf..00000000 --- a/retiolum/hosts/UTART +++ /dev/null @@ -1,9 +0,0 @@ -Subnet = 42.227.239.205/32 ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEA1tFgR6xxNZavtG44QEAEzKQixJqO9MuO5hUcklH87Sml+Mz+Ptz/ -r8Vhmvc1NhL0d8h1VJSrzjAyYuBR0LKSGRYxHby/M9AqBjUHUhDM83ogV/CbSifs -TlBcKuvPkGVALN6LYcPXjzKzBI7X1ictqts9K3CoCWgjRld63noczvNnwVdHNawX -ckQdjzxMAgwtJW0hWfDr1Uhq3sVEFnHLzFJuLsnc6gDzKvP/ETQ6KINv43B9UerS -HzFK3ntViohW4K/p6i4gBNxFfYnuNLqnY+O/hc0/fFdKE36eLD8ngPURo3/As6Le -KlPEMBwIIJQpS7GP4BIUK/qPE9J7McU6wQIDAQAB ------END RSA PUBLIC KEY----- -- cgit v1.2.3 From 1cd304b57bc2ad725fa074d4537c2bdefa821085 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 19 Feb 2014 14:23:13 +0100 Subject: hosts-sync: add #?-doc --- retiolum/scripts/github_hosts_sync/README | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 retiolum/scripts/github_hosts_sync/README (limited to 'retiolum') diff --git a/retiolum/scripts/github_hosts_sync/README b/retiolum/scripts/github_hosts_sync/README new file mode 100644 index 00000000..12aa8dfe --- /dev/null +++ b/retiolum/scripts/github_hosts_sync/README @@ -0,0 +1,26 @@ +#? /bin/sh + +useradd -m hosts-sync +cp systemd/hosts-sync.service /etc/systemd/system/ +cp systemd/hosts-sync.conf /etc/conf.d/ + +sudo -u hosts-sync -i ssh-keygen +add /home/hosts-sync/.ssh/id_rsa.pub as github/krebscode/hosts deploy key +sudo -u hosts-sync -i git clone git@github.com:krebscode/hosts.git ~hosts-sync/hosts # to accept the remote key (and have an initial copy) + +sudo -u hosts-sync -i git config --global user.email hosts-sync@ire.retiolum +sudo -u hosts-sync -i git config --global user.name hosts-sync +sudo -u hosts-sync -i git config --global push.default simple + +systemctl start hosts-sync +systemctl enable hosts-sync + +TODO firewall setup + +#? /bin/sh (update service) +git pull +cp retiolum/scripts/github_hosts_sync/systemd/hosts-sync.service /etc/systemd/system/ +systemctl daemon-reload +systemctl restart hosts-sync + + -- cgit v1.2.3 From 7c97efffbfe54dd4eee78e3ace2d4819a354ebe1 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Feb 2014 17:43:33 +0100 Subject: hosts: new host sokrates --- retiolum/hosts/sokrates | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 retiolum/hosts/sokrates (limited to 'retiolum') diff --git a/retiolum/hosts/sokrates b/retiolum/hosts/sokrates new file mode 100644 index 00000000..97cf1b47 --- /dev/null +++ b/retiolum/hosts/sokrates @@ -0,0 +1,11 @@ +Subnet = 10.243.97.126 +Subnet = 42:28be:6907:ab4b:5c79:99f5:a4a1:2a25 + +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA0emA0JAong4wHSAEUrLrkh21n8I/+pLtpS4uGTcMHn9ZrS8Tg101 +S2poRE0jZUZu868mDeOwwxZRLmCE+bL0q1OrAUDY7+ricQSAz3CNQAAQB0Sjp7ju +YXKqLZQEYyOV3M8IJOALS72q4g1VTv5jQrLhGzMsv9vzuRSZV0pEV8tZwb187wLi +n27rwB6SPZv7uhC3R060x8Ze/pLmfmVfrxb9DwZS3d8X1PwygTrTjSAUTeMaDa69 +NSOzvKLx25fhZ0Gm3BA3pUQDEOiGOze3oT/0l3QJMvZ48TbG1KlSBOVwtL3+f5yM +gJZLF/JoTsYL0aZM+zHL6NAUmciy9dNXEQIDAQAB +-----END RSA PUBLIC KEY----- -- cgit v1.2.3 From 3ed35ed3e1efa4f741c0913efc90c9c36eb32d01 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 19 Feb 2014 22:44:32 +0100 Subject: hosts cleanup, bye pico and slowpoke --- retiolum/hosts/pico | 11 ----------- retiolum/hosts/slowpoke | 14 -------------- 2 files changed, 25 deletions(-) delete mode 100644 retiolum/hosts/pico delete mode 100644 retiolum/hosts/slowpoke (limited to 'retiolum') diff --git a/retiolum/hosts/pico b/retiolum/hosts/pico deleted file mode 100644 index b08b450d..00000000 --- a/retiolum/hosts/pico +++ /dev/null @@ -1,11 +0,0 @@ -Address = 78.111.78.33 -Subnet = 10.243.0.102/32 -Subnet = 42:b103:275c:1723:edc8:b24d:452b:352a/128 ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEAsbe4wzTOHHLyuPO/AsfDqQHyV41qgs3dqt6uWcDcdiEsUvbCK9Ch -MQNkTktlrMRyvz6Qm/3DKptp80R648j0nWi/c3aLDkZq8weEnR9SFYfNaUp/GN4s -+Qhb+836d8Hu2+3jZWlr5Zb/p8hyhcx3NUH/skuH6Hu+piWczlN1NGksf5f7N/bp -ZBCXnCLLUYVM/0RIS8mcAIX44Zx8YFDXpByePUdyrzn+mRln6VFDnt5uGsmNw6G/ -Azn3grpidcyrW2cs3b7rysKsxOvyGBdu2zGXp+pquZq1l3f06IN+fzCtnyLTPL1K -UUEJlQa1Gsl2pVi5+HPcAj3U2yp42WJYNwIDAQAB ------END RSA PUBLIC KEY----- diff --git a/retiolum/hosts/slowpoke b/retiolum/hosts/slowpoke deleted file mode 100644 index 27b1e57c..00000000 --- a/retiolum/hosts/slowpoke +++ /dev/null @@ -1,14 +0,0 @@ -Address = 62.113.241.235 -Subnet = 10.243.232.121 -Subnet = 42:7d8f:9e3a:dcc7:9b22:d1ca:7e28:fe9c -Subnet = 172.22.0.0/15 - ------BEGIN RSA PUBLIC KEY----- -MIIBCgKCAQEA9EtaOHLa0CyOGpX3rzMLqi9HqrjzVe3XdSfcb9QPYwcbxpPYNLLk -/1+4vxOI/TEh1QCu0bzPLy8tAwKF2DwnCH72yae17I0jVMW29Ng3Fdjzb3SmWJbf -C87X7c+Nx5+Yc7OIdvTi/BGPNpDEp7nJugubH1whSFfulCDbsGU3rX5IsDUiw4ha -B+5wH1coQl+Yp+M1ws5+PoHgYQ/ApYPBKEn+H7JAdnOTLbo0eI3B1PuDUrsMakMq -s4f74d2Z405xUGHhRRcerF0h5VD58TADxx7RSRd7oR06KlXM/RaqOkw9vzvA2vBq -CC+LdtIV7wWxF3uRAnk6odeFvqZTHvR4WQIDAQAB ------END RSA PUBLIC KEY----- - -- cgit v1.2.3