*.retry
.*.sw?
/.cache/
-/files/openwrt/
+/files/*/openwrt/
--- /dev/null
+#!/bin/sh
+# Copyright © 2018 nicoo <nicoo@realraum.at>
+# Distributed under the WTFPL v2
+#
+# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+# Version 2, December 2004
+#
+# Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
+#
+# Everyone is permitted to copy and distribute verbatim or modified
+# copies of this license document, and changing it is allowed as long
+# as the name is changed.
+#
+# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+# TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+#
+# 0. You just DO WHAT THE FUCK YOU WANT TO.
+
+# This script processes the tuergit repository located at KEYS_DIR
+# and outputs authorized_keys data for sshd.
+# It is meant to be used as an AuthorizedKeysCommand
+
+set -e
+
+KEYS_DIR=${KEYS_DIR:-'/home/tuergit/keys.git'}
+KEYS_OPTIONS='no-port-forwarding'
+
+cd "${KEYS_DIR}"
+if git config hooks.keys_branch 2>/dev/null; then
+ KEYS_BRANCH="$(git config hooks.keys_branch)"
+else
+ KEYS_BRANCH="master"
+fi
+
+git show "${KEYS_BRANCH}:ssh/" |
+ while read user; do
+ [ -n "$user" ] || continue
+ git show "${KEYS_BRANCH}:ssh/${user}" |
+ while read key; do
+ echo "command=\"${user}\",${KEYS_OPTIONS}" "${key}"
+ done
+ done
--- /dev/null
+#!/bin/sh
+## (c) Bernhard Tittelbach 2017-10-28, Tschunk-License
+## (c) nicoo 2018-05-20, Tschunk-License
+## this is the post-recieve hook installed in /home/tuergit/keys.git/hooks/
+
+set -eu
+
+keys_branch=$(git config hooks.keys_branch 2>/dev/null)
+keys_file=$(git config hooks.keys_file 2>/dev/null)
+keys_pipe_to=$(git config hooks.keys_pipe_to 2>/dev/null)
+
+keys_branch=${keys_branch:-master}
+keys_file=${keys_file:-keys}
+keys_pipe_to=${keys_pipe_to:-/usr/local/bin/update-keys-from-stdin.sh}
+
+changedcommits=$( grep "refs/heads/${keys_branch}" | sed 's/\([0-9a-f]\+\)\s\+\([0-9a-f]\+\)\s\+.*/\1..\2/;' )
+
+catgitkeyfile() {
+ git show "${keys_branch}:${keys_file}"
+}
+
+if git whatchanged --oneline $changedcommits | grep -qe "^:.*${keys_file}\$"; then
+ echo "./$keys_file changed in pushed commits. Updating keys in firmware!"
+ ## update door
+ catgitkeyfile | ${keys_pipe_to}
+else
+ echo "./$keys_file not changed, not updating keys in firmware"
+fi
--- /dev/null
+#!/bin/sh
+set -eu
+
+## this script takes keys on STDIN and programs teenstep eeprom
+
+MONIT_STOP="/etc/init.d/monit stop"
+MONIT_START="/etc/init.d/monit start"
+TUERDAEMON_STOP="/etc/init.d/tuer_core stop"
+TUERDAEMON_START="/etc/init.d/tuer_core start"
+UPDATE_KEYS_TOOL="/flash/tuer/update-keys /dev/door"
+
+## stop monit. it monit not installed or error. don't start monit again later
+${MONIT_STOP} || MONIT_START=""
+## stop door daemon.
+${TUERDAEMON_STOP}
+## give daemons time to stop
+sleep 1
+# pipe me keys to program plz
+${UPDATE_KEYS_TOOL}
+## start daemon again
+${TUERDAEMON_START}
+${MONIT_START}
+
+++ /dev/null
-#!/bin/sh
-# Copyright © 2018 nicoo <nicoo@realraum.at>
-# Distributed under the WTFPL v2
-#
-# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
-# Version 2, December 2004
-#
-# Copyright (C) 2004 Sam Hocevar <sam@hocevar.net>
-#
-# Everyone is permitted to copy and distribute verbatim or modified
-# copies of this license document, and changing it is allowed as long
-# as the name is changed.
-#
-# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
-# TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-#
-# 0. You just DO WHAT THE FUCK YOU WANT TO.
-
-# This script processes the tuergit repository located at KEYS_DIR
-# and outputs authorized_keys data for sshd.
-# It is meant to be used as an AuthorizedKeysCommand
-
-set -e
-
-KEYS_DIR=${KEYS_DIR:-'/home/tuergit/keys.git'}
-KEYS_OPTIONS='no-port-forwarding'
-
-cd "${KEYS_DIR}"
-if git config hooks.keys_branch 2>/dev/null; then
- KEYS_BRANCH="$(git config hooks.keys_branch)"
-else
- KEYS_BRANCH="master"
-fi
-
-git show "${KEYS_BRANCH}:ssh/" |
- while read user; do
- [ -n "$user" ] || continue
- git show "${KEYS_BRANCH}:ssh/${user}" |
- while read key; do
- echo "command=\"${user}\",${KEYS_OPTIONS}" "${key}"
- done
- done
+++ /dev/null
-#!/bin/sh
-## (c) Bernhard Tittelbach 2017-10-28, Tschunk-License
-## (c) nicoo 2018-05-20, Tschunk-License
-## this is the post-recieve hook installed in /home/tuergit/keys.git/hooks/
-
-set -eu
-
-keys_branch=$(git config hooks.keys_branch 2>/dev/null)
-keys_file=$(git config hooks.keys_file 2>/dev/null)
-keys_pipe_to=$(git config hooks.keys_pipe_to 2>/dev/null)
-
-keys_branch=${keys_branch:-master}
-keys_file=${keys_file:-keys}
-keys_pipe_to=${keys_pipe_to:-/usr/local/bin/update-keys-from-stdin.sh}
-
-changedcommits=$( grep "refs/heads/${keys_branch}" | sed 's/\([0-9a-f]\+\)\s\+\([0-9a-f]\+\)\s\+.*/\1..\2/;' )
-
-catgitkeyfile() {
- git show "${keys_branch}:${keys_file}"
-}
-
-if git whatchanged --oneline $changedcommits | grep -qe "^:.*${keys_file}\$"; then
- echo "./$keys_file changed in pushed commits. Updating keys in firmware!"
- ## update door
- catgitkeyfile | ${keys_pipe_to}
-else
- echo "./$keys_file not changed, not updating keys in firmware"
-fi
+++ /dev/null
-#!/bin/sh
-set -eu
-
-## this script takes keys on STDIN and programs teenstep eeprom
-
-MONIT_STOP="/etc/init.d/monit stop"
-MONIT_START="/etc/init.d/monit start"
-TUERDAEMON_STOP="/etc/init.d/tuer_core stop"
-TUERDAEMON_START="/etc/init.d/tuer_core start"
-UPDATE_KEYS_TOOL="/flash/tuer/update-keys /dev/door"
-
-## stop monit. it monit not installed or error. don't start monit again later
-${MONIT_STOP} || MONIT_START=""
-## stop door daemon.
-${TUERDAEMON_STOP}
-## give daemons time to stop
-sleep 1
-# pipe me keys to program plz
-${UPDATE_KEYS_TOOL}
-## start daemon again
-${TUERDAEMON_START}
-${MONIT_START}
-
---
+global_cache_dir: "{{ inventory_dir }}/.cache/"
+global_artifacts_dir: "{{ inventory_dir }}/files/"
+
user_groups:
noc:
- equinox
--- /dev/null
+---
+- hosts: torwaechter
+ connection: local
+ pre_tasks:
+ - name: Create go directories
+ file:
+ path: "{{ global_cache_dir }}/{{ inventory_hostname }}/{{ item }}"
+ state: directory
+ with_items: [ gopath, gocache ]
+
+ - name: Clone necessary git repositories
+ git:
+ repo: https://github.com/realraum/{{ item }}.git
+ dest: "{{ global_cache_dir }}/{{ inventory_hostname }}/{{ item }}"
+ update: True
+ with_items: [ door_and_sensors ]
+
+ - name: Download dependencies
+ command: go get -d ./...
+ args:
+ chdir: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/{{ item }}"
+ environment:
+ GOCACHE: "{{ global_cache_dir }}/{{ inventory_hostname }}/gocache"
+ GOPATH: "{{ global_cache_dir }}/{{ inventory_hostname }}/gopath"
+ with_items: [ door_client, door_daemon, update-keys ]
+
+ - name: Cross-compile Go binaries
+ command: go build -ldflags "-s"
+ args:
+ chdir: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/{{ item }}"
+ environment:
+ GOCACHE: "{{ global_cache_dir }}/{{ inventory_hostname }}/gocache"
+ GOPATH: "{{ global_cache_dir }}/{{ inventory_hostname }}/gopath"
+ GO386: 387
+ CGO_ENABLED: 0
+ GOOS: linux
+ GOARCH: 386
+ with_items: [ door_client, door_daemon, update-keys ]
+
+ roles:
+ - role: openwrt-image
+ delegate_to: localhost
# Go binaries
/usr/local/bin/door_client:
mode: '0755'
- file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_client/door_client"
+ file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_client/door_client"
/usr/local/bin/door_daemon:
mode: '0755'
- file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/door_daemon/door_daemon"
+ file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/door_daemon/door_daemon"
/usr/local/bin/update-keys:
mode: '0755'
- file: "{{ playbook_dir }}/.cache/openwrt/tuer/door_and_sensors/update-keys/update-keys"
+ file: "{{ global_cache_dir }}/{{ inventory_hostname }}/door_and_sensors/update-keys/update-keys"
/usr/local/bin/authorized_keys.sh:
mode: '0755'
- file: "{{ playbook_dir }}/files/tuer/authorized_keys.sh"
+ file: "{{ global_artifacts_dir }}/{{ inventory_hostname }}/authorized_keys.sh"
/usr/local/bin/update-keys-from-stdin.sh:
mode: '0755'
- file: "{{ playbook_dir }}/files/tuer/update-keys-from-stdin.sh"
+ file: "{{ global_artifacts_dir }}/{{ inventory_hostname }}/update-keys-from-stdin.sh"
/etc/ssh/sshd_config:
content: |
---
openwrt_variant: lede
openwrt_release: 17.01.4
-openwrt_download_dir: .cache/openwrt
+openwrt_download_dir: "{{ global_cache_dir }}/openwrt"
openwrt_tarball_basename: "{{ openwrt_variant }}-imagebuilder-{{ openwrt_release }}-{{ openwrt_arch }}{% if openwrt_target != 'generic' %}-{{ openwrt_target }}{% endif %}.Linux-x86_64"
openwrt_tarball_name: "{{ openwrt_tarball_basename }}.tar.xz"
openwrt_target: generic
-openwrt_output_dir: files/openwrt/{{ inventory_hostname }}
+openwrt_output_dir: "{{ global_artifacts_dir }}/{{ inventory_hostname }}/openwrt"
openwrt_output_image_name_base: "{{ openwrt_variant }}-{{ openwrt_release }}-{{ openwrt_arch }}{% if openwrt_target != 'generic' %}-{{ openwrt_target }}{% endif %}"
openwrt_output_image_suffixes:
- squashfs-sysupgrade.bin
- name: Symlink the cache repository
file:
state: link
- src: "{{ playbook_dir }}/{{ openwrt_download_dir }}/dl"
+ src: "{{ openwrt_download_dir }}/dl"
path: "{{ openwrt_imgbuilder_dir }}/{{ openwrt_tarball_basename }}/dl"
+++ /dev/null
----
-- hosts: torwaechter
- connection: local
- pre_tasks:
- - name: Create go directories
- file:
- path: .cache/openwrt/tuer/{{ item }}
- state: directory
- with_items: [ gopath, gocache ]
-
- - name: Clone necessary git repositories
- git:
- repo: https://github.com/realraum/{{ item }}.git
- dest: .cache/openwrt/tuer/{{ item }}
- update: True
- with_items: [ door_and_sensors ]
-
- - name: Download dependencies
- command: go get -d ./...
- args:
- chdir: .cache/openwrt/tuer/door_and_sensors/{{ item }}
- environment:
- GOCACHE: "{{ playbook_dir }}/.cache/openwrt/tuer/gocache"
- GOPATH: "{{ playbook_dir }}/.cache/openwrt/tuer/gopath"
- with_items: [ door_client, door_daemon, update-keys ]
-
- - name: Cross-compile Go binaries
- command: go build -ldflags "-s"
- args:
- chdir: .cache/openwrt/tuer/door_and_sensors/{{ item }}
- environment:
- GOCACHE: "{{ playbook_dir }}/.cache/openwrt/tuer/gocache"
- GOPATH: "{{ playbook_dir }}/.cache/openwrt/tuer/gopath"
- GO386: 387
- CGO_ENABLED: 0
- GOOS: linux
- GOARCH: 386
- with_items: [ door_client, door_daemon, update-keys ]
-
- roles:
- - role: openwrt-image
- delegate_to: localhost
projects / noc.git / commitdiff