commit dc80dd9522e6b173e34084ba3cfaa44d0253a970 Author: Oliver Date: Fri Aug 8 16:34:03 2025 -0300 merge diff --git a/alpine.qcow2 b/alpine.qcow2 new file mode 100644 index 0000000..ba063c4 Binary files /dev/null and b/alpine.qcow2 differ diff --git a/alpine/.bashrc b/alpine/.bashrc new file mode 100644 index 0000000..f674dae --- /dev/null +++ b/alpine/.bashrc @@ -0,0 +1,9 @@ +# ~/.bashrc + +echo "command: mount_volume " +echo "alias: set_dev" + +set_dev() { + export HOSTS_FILE="dev" + echo "HOSTS_FILE set to: $HOSTS_FILE" +} diff --git a/alpine/Dockerfile b/alpine/Dockerfile new file mode 100644 index 0000000..30ee51e --- /dev/null +++ b/alpine/Dockerfile @@ -0,0 +1,44 @@ +FROM alpine:latest + +RUN apk add --no-cache \ + bash \ + git \ + neovim \ + python3 \ + py3-pip \ + py3-virtualenv \ + openssh \ + cryptsetup \ + util-linux \ + pssh \ + mc \ + e2fsprogs \ + screen \ + rsync + + +WORKDIR /root + +RUN ln -sf /usr/bin/nvim /usr/bin/vim + +COPY known_hosts /root/.ssh/ +COPY config /root/.ssh/ + +RUN ssh-keygen -t rsa -b 4096 -f /root/.ssh/id_rsa -N "" && \ + chmod 600 /root/.ssh/id_rsa && \ + chmod 600 /root/.ssh/config + +COPY ass /usr/bin/ +COPY template /usr/bin/ +COPY dpush /usr/bin/ +COPY create_volume /usr/bin/ +COPY mount_volume /usr/bin/ +COPY set_dev /usr/bin/ + +COPY .bashrc /root/.bashrc + +WORKDIR /data + +CMD ["bash"] + + diff --git a/alpine/ass b/alpine/ass new file mode 100755 index 0000000..2e9d116 --- /dev/null +++ b/alpine/ass @@ -0,0 +1,10 @@ +#!/bin/bash + +hosts_file="/mnt/encrypted_volume/${HOSTS_FILE:-hosts.txt}" + +cmd="$*" + +echo "Running on hosts: $cmd" + +pssh -h "$hosts_file" "$cmd" + diff --git a/alpine/config b/alpine/config new file mode 100644 index 0000000..fb36c60 --- /dev/null +++ b/alpine/config @@ -0,0 +1,25 @@ +Host dev + Hostname 192.168.111.209 + User oliver + Port 2222 + + +Host saopaulo + Hostname 192.168.9.11 + User ansible + IdentityFile /mnt/encrypted_volume/.ssh/saopaulo + +Host mumbai + Hostname 192.168.9.17 + User ansible + IdentityFile /mnt/encrypted_volume/.ssh/mumbai + +Host london + Hostname 192.168.9.15 + User ansible + IdentityFile /mnt/encrypted_volume/.ssh/london + +Host boston + Hostname 192.168.9.16 + User ansible + IdentityFile /mnt/encrypted_volume/.ssh/boston diff --git a/alpine/create_volume b/alpine/create_volume new file mode 100755 index 0000000..5dafe54 --- /dev/null +++ b/alpine/create_volume @@ -0,0 +1,22 @@ +#!/bin/bash + +set -e + +if [ -z "$1" ]; then + echo "Usage: $0 " + exit 1 +fi + +FILE="/data/$1" +MAPPER_NAME="encrypted_volume" +MOUNT_POINT="/mnt/${MAPPER_NAME}" +dd if=/dev/zero of="$FILE" bs=1M count=100 + +echo "Setting up LUKS on $FILE..." +cryptsetup luksFormat "$FILE" +cryptsetup close "$MAPPER_NAME" || true + +cryptsetup open "$FILE" "$MAPPER_NAME" + +mkfs.ext4 /dev/mapper/"$MAPPER_NAME" + diff --git a/alpine/dpush b/alpine/dpush new file mode 100644 index 0000000..144b489 --- /dev/null +++ b/alpine/dpush @@ -0,0 +1,28 @@ +#!/bin/bash + +set -euo pipefail + +if [ $# -ne 2 ]; then + echo "Usage: $0 " + exit 1 +fi + +LOCAL_FILE="$1" +REMOTE_PATH="$2" + +hosts_file="/mnt/encrypted_volume/${HOSTS_FILE:-hosts.txt}" + +if [ ! -f "$LOCAL_FILE" ]; then + echo "Error: Local file '$LOCAL_FILE' not found." + exit 1 +fi + +if [ ! -f "$hosts_file" ]; then + echo "Error: Hosts file '$hosts_file' not found." + exit 1 +fi + +# Push the file content using tee with doas +echo "Pushing $LOCAL_FILE to $REMOTE_PATH on all hosts in $hosts_file" +pssh -h "$hosts_file" -l "$USER" -i "doas tee \"$REMOTE_PATH\" > /dev/null" < "$LOCAL_FILE" + diff --git a/alpine/known_hosts b/alpine/known_hosts new file mode 100644 index 0000000..824678d --- /dev/null +++ b/alpine/known_hosts @@ -0,0 +1,13 @@ +192.168.9.15 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFs8k+3o351E6Plim8S3xjog13YOERnOkBjwIZPUf7Nr +192.168.9.15 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrRIMP8pjQPX+ez16gVA92ekCIJ0r7i698cHJfYr2ZWv7GHGjSUIhJ3v50g592cDKJxwmVhBcLhQmvsf1Z8J+dsTi6X2n+bljTEnyp9Vznk6GoBeia7eXV/MJHHLcQ9e7ewx+8JfsAJ6qkmnbZ3wjPKPO9Oxdh8hjGc4Zqq9vD9WwmpcqjJyigIo/C8dh20QLk0ZegtaqxTn5SRbKJH+5lPitTeF+d/rD/j6ifr7SJzUzRVCgLdEA+1wZsqZImxQzO+Xm7R6qLsQrN3Th2OvbcD9LINDor6Xl1CaEGC4QsV++j7Vwj6Ljw5EYoPztfhcpSthzGJ84X7YE/ewtrm+mOEtvyFpz5JwPl5bAvj1A29V4juzHntuXUXYAJSkORchHVFDY6cadBNhDAXtTMg+UeCC2umt72DJW1qJvig35D65ipkz22+HVavF8fo6w5M+YkSsFCwBMn/XghBJ346myT6WN9UfH93RkIocloeehF3JQ4m9IS/xqSsrIYjjjLTr8= +192.168.9.15 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN2wcMkqDNPkNR4YIKrbG1nVmRlVySBy1jZQBs78wTglW5Tw9+R3io4K24yaQ0/OVtA4aTw/mC1RJntF+ZEMhWU= +192.168.9.17 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE2xvM7EltHoRzAqqdHURdWxQeSC1kh4ZjxOmuJrx5B4 +192.168.9.17 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDcaJKryDNGyg3GE99pA2FmWrRbf8e7DELfkK/UnpMfoVInWbr8nEhsyxmzda7wiO9rwYgtlWLhckIs6RIrE2LStCuvXODqKNSx4I7n8QmDHgVLTKP4JEbf6V7g4BKFjH153KUTWfZ++wCXkDExXGdcMvT33pVWsoyIRc/3RQRECcByoMp8mddPAibrrwztuB/L/WxHhCgIo1F3YCZzDVKu/s71KVAK82aiyDsVn0GIVCw6locFBUena4nlJP+A4O/9YS+8PhSjkqwI9XbAB50EA9vlsG1xk77NzltgADIsLvh+hKhVGMMWXEXl2UennyJGUxiu9ASHM6nqLjEFp9F0cTNZ5+8zOuERj488qsXj0DTMFADd4fsPbWxixuJIb7PS0X09/0VmQerYEbd78R1s8LCZ5dm9MO5w439YIN8Uy0jChOAIcJ7GawRJTTfWCYzyxImHxoF8HjxHzljtRax5zWo4aqbL+yXiIMIeCfqliiV6QvINWE3maP++1I9zdtk= +192.168.9.17 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGyCXRdNzmq3Bu9HectNVM/Gn2E2/nC/y0EtIn+WIaW7At0eUbf+v8qjk4XqwhwR1/eUttXQS3841a7HixUAbsI= +192.168.9.11 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNB6+lwnOHdZ8tqkU6jWqCnA6SOK03CpDCJek+XVtsA +192.168.9.11 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+FmXjANsPJZPEySCTc9uOf2qPXCheeUcuAfL6+KXJ2WVuQFituDfqLC9BvOTprweu1SV4SLEMq37qSVUkMJhBRWSgA7/Sy1EHaWb0IWxTZamhjjjzhORTKhEL6n4gopoRP1ZzytjRnh7S4JNbDukQ5v0nrjMsgkp5yTNbHJOJ2IwQMdi3ajkYLyDgkqQRIQGiBf7hvQIjWnwiQ3TYor29SwAr3fCddk70aIETBoNI/YaaFGGi7eMy9WqwFsSUeqecuSBr21R5S9bfw7CFheQAOTsQ9XCQiPerGdxZtChiAXiGoAonSUeo8jJCcDjpUD1lkLRbov94Red131yFuZcdZroKifd8aByPVVA3RPSe7GmEhBXSc8QHjpXcUoAz7MqRXt9SBdaMcX3DBrVl3Y7PgVymGkuvhCy1Xh2iq54/y8OFQLMVBn9Euy5r4DlXV8xYX1Z3JYGpZV4WFcqU0eRR3e+njcL7UiK83ob35Bfgbu4MOUoz3qbdmEfSQJjSvXc= +192.168.9.11 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKd+ohYp93wWzXTcLcRVL5TQRZ3NJGZQAqrqRdL6wQ4bkEUE0JkOgf9YOuwvZeYIp9uGlCZWa8IZmMaBUFXQtbM= +192.168.9.16 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSV2fWgIzg8xOcb6qmmxfLMXpGFbT6j2w7GC6JwGCah +192.168.9.16 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCLzyfVrbCNJW9tNTkxMy8IDLGyQoqkxlGN+TirLoNyw5GD1XpJgvHIBy//6tDEIuAfL5ouqp0T+PM00nSj6gEjGeTQtjrzAeSXJ5D3Q3+Vl92j1uSPPhnChRnidI2mrjvNuaukaDxBMwIvr9sagTvtZwCupKbuYeW0kQqCwnSIjTS7OwcrCRm3RtzC8bOPpOIHYaLxV6OnyoRXKLv9Lu987nuNoTcZu61jyCHhFTzzN3Y3KRpioshUoHiukgJbJQVnRuVkxQRknWa5gS4ATLLUG70taTs0Ld4Canyrym4aVV9pw5rDwH0rkidvkz8OLX049mIeGhv/QPRH8x5bgtPezKkiOcPW22HG0+z+7zHgbkTKlcvGr1JdhkTN6jqL4HyYdhMj04v7miv8LnxjaBNb3iNFQiAs5aV5LmPevYP+/94TGBIlTVCh5oTyeDJ1OKmZKL9ZUUfu0Ozz+v3O3en4hNMOI8P+uujfIxfvn/Pasxh4r7pTGYQV9nseCmrsl0k= +192.168.9.16 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLtNCuNwiidC4IdZci3J0s/vbcTtFZod47BKd8GKyGrucOS402fuZ03F1elrEKjA0PcFNZQR7MbEvF6zDjEfoPY= + diff --git a/alpine/mount_volume b/alpine/mount_volume new file mode 100755 index 0000000..df18789 --- /dev/null +++ b/alpine/mount_volume @@ -0,0 +1,25 @@ +#!/bin/sh +set -e + +if [ -z "$1" ]; then + echo "Usage: $0 " + exit 1 +fi + +FILE="/data/$1" +MAPPER_NAME="encrypted_volume" +MOUNT_POINT="/mnt/${MAPPER_NAME}" + + +cryptsetup close "$MAPPER_NAME" || true +cryptsetup open "$FILE" "$MAPPER_NAME" + +mkdir -p "$MOUNT_POINT" + +if ! mountpoint -q "$MOUNT_POINT"; then + mount /dev/mapper/"$MAPPER_NAME" "$MOUNT_POINT" + echo "Mounted /dev/mapper/$MAPPER_NAME at $MOUNT_POINT" +else + echo "$MOUNT_POINT is already mounted." +fi + diff --git a/alpine/set_dev b/alpine/set_dev new file mode 100755 index 0000000..b15031e --- /dev/null +++ b/alpine/set_dev @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +export HOSTS_FILE="dev" diff --git a/alpine/template b/alpine/template new file mode 100755 index 0000000..e78e40e --- /dev/null +++ b/alpine/template @@ -0,0 +1,39 @@ +#!/bin/bash + +if [ "$#" -ne 3 ]; then + echo "Usage: $0 " + exit 1 +fi +hosts_file="/mnt/encrypted_volume/${HOSTS_FILE:-hosts.txt}" + +localfile="$1" +remotefile="$2" +host_vars_dir="$3" + +while read -r host; do + echo "Processing host: $host" + + host_env_file="$host_vars_dir/$host" + + if [ ! -f "$host_env_file" ]; then + echo "Warning: env file for host '$host' not found at $host_env_file. Skipping." + continue + fi + + declare -A vars=() + while IFS='=' read -r key value; do + [[ -z "$key" || -z "$value" ]] && continue + vars["$key"]="$value" + done < "$host_env_file" + + content=$(cat "$localfile") + + for key in "${!vars[@]}"; do + content=$(echo "$content" | sed "s|{$key}|${vars[$key]}|g") + done + + echo "Copying to $host:$remotefile" + echo "$content" | ssh "$host" "cat > $remotefile" + +done < "$hosts_file" + diff --git a/data/alpine.qcow2 b/data/alpine.qcow2 new file mode 100644 index 0000000..9e52b57 Binary files /dev/null and b/data/alpine.qcow2 differ diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..f3977c8 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,9 @@ +services: + alpine: + build: + context: ./alpine + volumes: + - ./od8n:/data/od8n + tty: true + privileged: true + diff --git a/od8n b/od8n new file mode 100644 index 0000000..c11d89c Binary files /dev/null and b/od8n differ diff --git a/start b/start new file mode 100755 index 0000000..6572039 --- /dev/null +++ b/start @@ -0,0 +1,2 @@ +#!/bin/bash +docker compose run alpine /bin/bash diff --git a/start_vm b/start_vm new file mode 100755 index 0000000..16b1635 --- /dev/null +++ b/start_vm @@ -0,0 +1,6 @@ +#/bin/bash + +cp alpine.qcow2 data/alpine.qcow2 + +qemu-system-x86_64 -m 1024M -hda data/alpine.qcow2 -boot d -netdev user,id=net0,hostfwd=tcp::2222-:22 -device e1000,netdev=net0 -enable-kvm -cpu host +