emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
emdee 2024-01-04 14:53:42 +00:00
parent e1c072cf16
commit 346682eedb
31 changed files with 12094 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -18,8 +18,6 @@ dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/

1
Makefile
View File

@ -216,3 +216,4 @@ veryclean:: clean
clean::
find . -name \*~ -delete
rm roles/*/vars/*.txt
rm -rf roles/toxcore/overlay/Linux/usr/local/src/_Old

13
lib/plugins/libvirt_qemu.py
View File

@ -38,6 +38,11 @@ DOCUMENTATION = """
default: qemu:///system
vars:
- name: ansible_libvirt_uri
timeout:
description: timeout for libvirt to connect to access the virtual machine
required: false
type: int
default: 5
"""
import base64
@ -93,6 +98,7 @@ class Connection(ConnectionBase):
self.always_pipeline_modules = True
self.module_implementation_preferences = ('.ps1', '.exe', '')
self.allow_executable = False
self._timeout = self.get_option('timeout', 5)
def _connect(self):
''' connect to the virtual machine; nothing to do here '''
@ -130,11 +136,13 @@ class Connection(ConnectionBase):
display.vvv(u"ESTABLISH {0} CONNECTION".format(self.transport), host=self._host)
self._connected = True
def exec_command(self, cmd, in_data=None, sudoable=True):
def exec_command(self, cmd, in_data=None, sudoable=True, timeout=None):
""" execute a command on the virtual machine host """
super(Connection, self).exec_command(cmd, in_data=in_data, sudoable=sudoable)
self._display.vvv(u"EXEC {0}".format(cmd), host=self._host)
if timeout is None:
timeout = self._timeout
cmd_args_list = shlex.split(to_native(cmd, errors='surrogate_or_strict'))
@ -166,8 +174,9 @@ class Connection(ConnectionBase):
command_start = time.clock_gettime(time.CLOCK_MONOTONIC)
# TODO(odyssey4me):
# Add timeout parameter
flags = 0
try:
result_exec = json.loads(libvirt_qemu.qemuAgentCommand(self.domain, request_exec_json, 5, 0))
result_exec = json.loads(libvirt_qemu.qemuAgentCommand(self.domain, request_exec_json, timeout, flags))
except libvirt.libvirtError as err:
self._display.vv(u"ERROR: libvirtError EXEC TO {0}\n{1}".format(self._virt_uri, to_native(err)), host=self._host)
sys.stderr.write(u"ERROR: libvirtError EXEC TO {0}\n{1}\n".format(self._virt_uri, to_native(err)))

23
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_build_overlay_qcow.bash
View File

@ -13,7 +13,8 @@
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
BOX=gentoo
BOX=gentoo_overlay-2
OVERLAY_HOSTS_NAME=${BOX}
export BASE_SRC_ANSIBLE=/o/var/local/src/play_tox
yamllint -c $BASE_SRC_ANSIBLE/.yamllint.rc $BASE_SRC_ANSIBLE/hosts.yml|| {
@ -23,7 +24,7 @@ yamllint -c $BASE_SRC_ANSIBLE/.yamllint.rc $BASE_SRC_ANSIBLE/hosts.yml|| {
# put these values in $BASE_SRC_ANSIBLE/hosts.yml
[ -n "$BOX_NBD_OVERLAY_NAME" ] || \
BOX_NBD_OVERLAY_NAME=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NAME $BOX)
BOX_NBD_OVERLAY_NAME=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NAME ${OVERLAY_HOSTS_NAME})
if virsh list | grep "$BOX_NBD_OVERLAY_NAME" ; then
ERROR "$BOX_NBD_OVERLAY_NAME" is running - please virsh destroy "$BOX_NBD_OVERLAY_NAME"
@ -36,23 +37,23 @@ fi
[ -n "$BOX_NBD_BASE_PUBKEY" ] || \
BOX_NBD_BASE_PUBKEY=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_PUBKEY $BOX)
BOX_NBD_BASE_PUBKEY=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_PUBKEY ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_BASE" ] || \
BOX_NBD_OVERLAY_BASE=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BASE $BOX)
BOX_NBD_OVERLAY_BASE=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BASE ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_GB" ] || \
BOX_NBD_OVERLAY_GB=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_GB $BOX)
BOX_NBD_OVERLAY_GB=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_GB ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_CPUS" ] || \
BOX_NBD_OVERLAY_CPUS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_CPUS $BOX)
BOX_NBD_OVERLAY_CPUS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_CPUS ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_RAM" ] || \
BOX_NBD_OVERLAY_RAM=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_RAM $BOX)
BOX_NBD_OVERLAY_RAM=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_RAM ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_DIR" ] || \
BOX_NBD_OVERLAY_DIR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_DIR $BOX)
BOX_NBD_OVERLAY_DIR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_DIR ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_BR" ] || \
BOX_NBD_OVERLAY_BR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BR $BOX)
BOX_NBD_OVERLAY_BR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BR ${OVERLAY_HOSTS_NAME})
#[ -n "$BOX_NBD_OVERLAY_NETWORK" ] || \
# BOX_NBD_OVERLAY_NETWORK=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NETWORK $BOX)
# BOX_NBD_OVERLAY_NETWORK=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NETWORK ${OVERLAY_HOSTS_NAME})
[ -n "$BOX_NBD_OVERLAY_PASS" ] || \
BOX_NBD_OVERLAY_PASS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_PASS $BOX)
BOX_NBD_OVERLAY_PASS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_PASS ${OVERLAY_HOSTS_NAME})
[ ! -f "$BOX_NBD_OVERLAY_BASE" ] && \
ERROR BOX_NBD_OVERLAY_BASE=$BOX_NBD_OVERLAY_BASE must exist && exit 3

52
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_check_modules.bash
View File

@ -7,13 +7,9 @@ ROLE=toxcore
. /usr/local/bin/usr_local_tput.bash || exit 2
# FixMe - systemd
MYID=`id -u`
# or use sudo? or just diagnostics? $prog should be run as root $MYID
[ $MYID -eq 0 ] && sudo= || sudo="WARN as root - sudo"
[ $MYID -eq 0 ] && sudo= || sudo=sudo # "WARN as root - sudo"
grep -q iommu=pt /proc/cmdline || WARN 'iommu=pt not on command line'
grep -q intel_iommu=on /proc/cmdline || WARN 'intel_iommu=on not on command line'
@ -42,34 +38,9 @@ else
rmmod r8169
modprobe r8169 debug=6
}
true || [ -f /var/lib/libvirt/net.xml ] || cat > /var/lib/libvirt/net.xml << EOF
<network>
<name>network</name>
<uuid>3f1b2eb3-98da-4e6d-8ad8-30e0e05a21d4</uuid>
<forward mode="nat"/>
<bridge name="virbr0" stp="on" delay="0"/>
<mac address="52:54:00:14:17:cf"/>
<domain name="network"/>
<ip address="192.168.100.1" netmask="255.255.255.0">
<dhcp>
<range start="192.168.100.128" end="192.168.100.254"/>
</dhcp>
</ip>
</network>
EOF
ifconfig -a |grep ^eth && {
ifconfig -a |grep ^virbr || {
$sudo virsh net-create /var/lib/libvirt/net.xml
}
}
fi
#4?
MODS4=(
nf_conntrack_ipv4
nf_nat_ipv4
)
MODS=(
ip_tables
iptable_filter
@ -94,30 +65,35 @@ MODS=(
bridge
br_netfilter
)
# bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
# bridge: filtering via arp/ip/ip6tables is no longer available by default.
# Update your scripts to load br_netfilter if you need this.
lsmod | sort > /tmp/$$.lsmod
for mod in "${MODS[@]}" ; do
grep -q ^$mod /tmp/$$.lsmod || $sudo modprobe $mod
done
rm -f /tmp/$$.lsmod
# selectively activate runtime features
[ "$#" -eq 0 ] && exit 0
if [ "$1" = "libvirt" ] ; then
/etc/init.d/libvirtd status || $sudo /etc/init.d/libvirtd start
if [ ! -d /dev/virtio-ports ] ; then
# firewall - should depend on mode
for mod in "${MODS[@]}" ; do
grep -q ^$mod /tmp/$$.lsmod || $sudo modprobe $mod
done
rm -f /tmp/$$.lsmod
ifconfig -a | grep virbr0 || {
WARN virbr0 not present - modprobe "${MODS[@]}" ; }
else
lsmod | grep -q virtio_console || $sudo modprobe virtio_console
fi
fi
if [ "$1" = "qemu" ] ; then
if [ ! -d /dev/virtio-ports ] ; then
lsmod | grep -q kvm || $sudo modprobe kvm
fi
exit 0
fi
if [ "$1" = "docker" ] ; then
#? modules for docker?
/etc/init.d/docker status || $sudo /etc/init.d/docker start
exit 0
fi

51
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_create-vm.bash
View File

@ -13,11 +13,8 @@
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
if which genisoimage >/dev/null 2>/dev/null ; then
have_genisoimage=true
else
have_genisoimage=false
fi
export PATH=$PATH:$PREFIX/bin
have_genisoimage=true
# create-vm - Quickly create guest VMs using cloud image files and cloud-init.
@ -254,7 +251,6 @@ done
#grep gentoo /etc/shadow
EOF
if $have_genisoimage ; then
echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.iso"
(
cd "$BOX_NBD_OVERLAY_DIR/init/"
@ -266,7 +262,6 @@ echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cid
-input-charset utf-8 \
user-data meta-data
) || exit 5
fi
MACCMD=
if [[ -n $MAC ]]; then
@ -274,9 +269,7 @@ if [[ -n $MAC ]]; then
fi
[ -f ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img ] || exit 5
if $have_genisoimage ; then
[ -f $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img ] || exit 6
fi
[ -f $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img ] || exit 6
# libvirt.libvirtError: /usr/lib/qemu/qemu-bridge-helper --use-vnet --br=-c --fd=31: failed to communicate with bridge helper: stderr=failed to parse default acl file `/etc/qemu/bridge.conf'
if [ ! -f "/etc/qemu/bridge.conf" ] ; then
@ -295,12 +288,15 @@ fi
if [ "$network" != '' ] ; then
virsh net-list | grep -q $network || \
virsh net-start $network
else
network=default
fi
file=/etc/libvirt/qemu/networks/$network.xml
if [ ! -f $file ] ; then
WARN no network file $file
elif ! grep '<range ' $file ; then
WARN no 'DHCP <range> in network file' $file
fi
sudo ifconfig -a | grep $BRIDGE && \
NETWORK="--network bridge=${BRIDGE},model=virtio" || \
WARN bridge $BRIDGE not running. not adding a network
NETWORK="--network network=default,model=virtio"
NETWORK="--interface type=network,source.network=default,model.type=virtio"
declare -a LARGS
LARGS=(
@ -308,6 +304,7 @@ LARGS=(
--osinfo "$OSINFO" \
--import \
--disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
--ram="${RAM}" \
--vcpus="${VCPUS}" \
--autostart \
@ -317,23 +314,30 @@ LARGS=(
--check-cpu \
--force \
--watchdog=default \
--graphics spice,listen=socket \
--filesystem /,/mnt/linuxPen19 \
--channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel type=spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel type=unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
--rng /dev/urandom \
--os-variant detect=on,name=$OSINFO \
--noautoconsole \
)
# not type=qemu-vdagent
NETWORK="--network network=$network,model=virtio"
if [ -n "$NETWORK" ] ; then
LARGS+=(
$NETWORK \
)
if $have_genisoimage ; then
LARGS+=(
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
)
fi
LARGS+=(
# --graphics spice,listen=socket \
--boot init=/sbin/init
--console pty
--video vga
--memorybacking source.type=memfd,access.mode=shared
--filesystem /,/mnt/linuxPen19 \
)
INFO virt-install "${LARGS[@]}"
# squelch warnings
@ -374,7 +378,8 @@ cat > /tmp/sp.works <<EOF
EOF
# Show running VMs
virsh list | grep "${HOSTNAME}" && INFO "${HOSTNAME}" || { ERROR "${HOSTNAME}" ; exit 9$? ; }
virsh list | grep "${HOSTNAME}" && INFO "${HOSTNAME}" || {
ERROR "${HOSTNAME}" ; exit 9$? ; }
# use the following passwordless demonstration key for testing or
# replace with your own key pair

16
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/LICENSE Normal file
View File

@ -0,0 +1,16 @@
Copyright (c) year copyright holder. All Rights Reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1.
Redistribution of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2.
Redistribution in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
3.
Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
YOU ACKNOWLEDGE THAT THIS SOFTWARE IS NOT DESIGNED, LICENSED OR INTENDED FOR USE IN THE DESIGN, CONSTRUCTION, OPERATION OR MAINTENANCE OF ANY MILITARY FACILITY.

235
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/README.md Normal file
View File

@ -0,0 +1,235 @@
# tox_profile
Read and manipulate tox profile files. It started as a simple script from
<https://stackoverflow.com/questions/30901873/what-format-are-tox-files-stored-in>
```tox_profile.py``` reads a Tox profile and prints to stderr various
things that it finds. Then can write what it found in JSON/YAML/REPR/PPRINT
to a file. It can also test the nodes in a profile using ```nmap```.
( There are sometimes problems with the json info dump of bytes keys:
```TypeError: Object of type bytes is not JSON serializable```)
It can also download, select, or test nodes in a ```DHTnode.json``` file.
It can also decrypt a profile, saving the output to a file.
It can also edit a profile, changing a few select fields.
Later it can be extended to edit more crucial fields.
## Usage
Reads a tox profile and prints out information on what's in there to stderr.
Call it with one argument, the filename of the profile for the decrypt, edit
or info commands, or the filename of the nodes file for the nodes command.
4 commands are supported:
1. ```--command decrypt``` decrypts the profile and writes to the result
to stdout
2. ```--command info``` prints info about what's in the Tox profile to stderr
3. ```--command nodes``` assumes you are reading a json nodes file instead of
a profile
4. ```--command edit``` edits the profile and writes to the result
to a file.
```
usage: tox_profile.py [-h]
[--command info|decrypt|nodes|edit|onions]
[--info info|repr|yaml|json|pprint|nmap_dht|nmap_relay]
[--indent INDENT]
[--nodes select_tcp|select_udp|select_version|nmap_tcp|nmap_udp|download|check|clean]
[--download_nodes_url DOWNLOAD_NODES_URL]
[--edit help|section,num,key,val]
[--output OUTPUT]
profile
```
Positional arguments:
```
profile tox profile file - may be encrypted
```
Optional arguments:
```
-h, --help show this help message and exit
--command {info,decrypt,nodes,edit}
Action command - default: info
--output OUTPUT Destination for info/decrypt/nodes - can be the same as input
--info info|repr|yaml|json|pprint|nmap_dht|nmap_relay (may require nmap)
Format for info command
--indent INDENT Indent for yaml/json/pprint
--nodes select_tcp|select_udp|select_version|nmap_tcp|nmap_udp|download
Action for nodes command (requires jq and nmap)
--download_nodes_url DOWNLOAD_NODES_URL
--edit help|section,num,key,val
```
### --command info
```info``` will output the profile on stdout, or to a file with ```--output```
Choose one of ```{info,repr,yaml,json,pprint,save}```
for the format for info command.
Choose one of ```{nmap_dht,nmap_relay,nmap_path}```
to run tests using ```nmap``` for the ```DHT``` and ```TCP_RELAY```
sections of the profile. Reguires ```nmap``` and uses ```sudo```.
```
--info default='info',
choices=[info, save, repr, yaml,json, pprint]
with --info=info prints info about the profile to stderr
yaml,json, pprint, repr - output format
nmap_dht - test DHT nodes with nmap
nmap_relay - test TCP_RELAY nodes with nmap
nmap_path - test PATH_NODE nodes with nmap
--indent for pprint/yaml/json default=2
```
#### Saving a copy
The code now can generate a saved copy of the profile as it parses the profile.
Use the command ```--command info --info save``` with ```--output```
and a filename, to process the file with info to stderr, and it will
save an copy of the file to the ```--output``` (unencrypted).
It may be shorter than the original profile by up to 512 bytes, as the
original toxic profile is padded at the end with nulls (or maybe in the
decryption).
### --command nodes
Takes a DHTnodes.json file as an argument.
Choose one of ```{select_tcp,select_udp,select_version}```
for ```--nodes``` to select TCP nodes, UDP nodes,
or nodes with the latest version. Requires ```jq```.
Choose one of ```{nmap_tcp,nmap_udp}``` to run tests using ```nmap```
for the ```status_tcp==True``` and ```status_udp==True``` nodes.
Reguires ```nmap``` and uses ```sudo```.
Choose ```download``` to download the nodes from ```--download_nodes_url```
Choose ```check``` to check the downloaded nodes, and the error return
is the number of nodes with errors.
Choose ```clean``` to clean the downloaded nodes, and give
```--output``` for the file the nodes ckeaned of errors.
Check and clean will also try to ping the nodes on the relevant ports,
and clean will update the ```status_tcp``, ```status_udp```, and
```last_ping``` fields of the nodes.
--nodes
choices=[select_tcp, select_udp, nmap_tcp, select_version, nmap_udp, check, download]
select_udp - select udp nodes
select_tcp - select tcp nodes
nmap_udp - test UDP nodes with nmap
nmap_tcp - test TCP nodes with nmap
select_version - select nodes that are the latest version
download - download nodes from --download_nodes_url
check - check nodes from --download_nodes_url
clean - check nodes and save them as --output
--download_nodes_url https://nodes.tox.chat/json
```
### --command decrypt
Decrypt a profile, with ```--output``` to a filename.
### --command edit
The code now can generate an edited copy of the profile.
Use the command ```--command edit --edit section,num,key,val``` with
```--output``` and a filename, to process the file with info to stderr,
and it will save an copy of the edited file to the
```--output``` file (unencrypted). There's not much editing yet; give
```--command edit --edit help``` to get a list of what Available Sections,
and Supported Quads ```(section,num,key,type)``` that can be edited.
Currently it is:
```
NAME,.,Nick_name,str
STATUSMESSAGE,.,Status_message,str
STATUS,.,Online_status,int
NOSPAMKEYS,.,Nospam,hexstr
NOSPAMKEYS,.,Public_key,hexstr
NOSPAMKEYS,.,Private_key,hexstr
```
The ```num``` field is to accomodate sections that have lists:
* ```.``` is a placeholder for sections that don't have lists.
* ```<int>``` is for the nth element of the list, zero-based.
* ```*``` is for all elements of the list.
The ```--output``` can be the same as input as the input file is read
and closed before processing starts.
```
--edit
help - print a summary of what fields can be edited
section,num,key,val - edit the field section,num,key with val
```
You can use the ```---edit``` command to synchronize profiles, by
keeping the keypair and synchronize profiles between different clients:
e.g. your could keep your profile from toxic as master, and copy it over
your qtox/toxygen/TriFa profile while preserving their keypair and NOSPAM:
1. Use ```--command info --info info``` on the target profile to get the
```Nospam```, ```Public_key``` and ```Private_key``` of the target.
2. Backup the target and copy the source profile to the target.
3. Edit the target with the values from 1) with:
```
--command edit --edit NOSPAMKEYS,.,Nospam,hexstr --output target target
--command edit --edit NOSPAMKEYS,.,Public_key,hexstr --output target target
--command edit --edit NOSPAMKEYS,.,Private_key,hexstr --output target target
```
## Requirements
If you want to read encrypted profiles, you need to download
toxygen_wrapper to deal with encrypted tox files, from:
<https://git.plastiras.org/emdee/toxygen_wrapper>
Just put the toxygen/toxygen directory on your PYTHONPATH
You also need to link your libtoxcore.so and libtoxav.so
and libtoxencryptsave.so into ```wrapper/../libs/```
Link all 3 from libtoxcore.so files if you have only libtoxcore.so
If you want to read the GROUPS section, you need Python msgpack:
<https://pypi.org/project/msgpack/>
If you want to write in YAML, you need Python yaml:
<https://pypi.org/project/PyYAML/>
If you have coloredlogs installed it will make use of it:
<https://pypi.org/project/coloredlogs/>
For the ```select``` and ```nmap``` commands, the ```jq``` utility is
required. It's available in most distros, or <https://stedolan.github.io/jq/>
For the ```nmap``` commands, the ```nmap``` utility is
required. It's available in most distros, or <https://nmap.org/>
## Issues
https://git.plastiras.org/emdee/tox_profile/issues
## Future Directions
This has not been tested on Windwoes, but is should be simple to fix.
Because it's written in Python it is easy to extend to, for example,
supporting multidevices:
<https://git.plastiras.org/emdee/tox_profile/wiki/MultiDevice-Announcements-POC>
There are a couple of bash scripts to show usage:
* tox_profile_examples.bash - simple example usage
* tox_profile_test.bash - a real test runner that still needs documenting.
## Specification
There is a copy of the Tox [spec](https://toktok.ltd/spec.html)
in the repo - it is missing any description of the groups section.
Work on this project is suspended until the
[MultiDevice](https://git.plastiras.org/emdee/tox_profile/wiki/MultiDevice-Announcements-POC) problem is solved. Fork me!

31
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/setup.py Normal file
View File

@ -0,0 +1,31 @@
import sys
import os
from setuptools import setup
from setuptools.command.install import install
version = '1.0.0'
setup(name='tox_profile',
version=version,
description='Tox ctypes wrapping testing of Tox profiles',
long_description='Tox ctypes wrapping of Tox profiles',
url='https://git.plastiras.org/emdee/tox_profile/',
keywords='ctypes Tox messenger',
author='emdee',
maintainer='',
license='',
packages=[],
entry_points = {'console_scripts': [ 'tox_profile = tox_profile:iMain', ],},
install_requires=[],
include_package_data=False,
classifiers=[
"Environment :: Console",
"Topic :: Internet",
"Development Status :: 4 - Beta",
"Intended Audience :: Developers",
"Programming Language :: Python",
"Programming Language :: Python :: 3",
"License :: OSI Approved",
],
zip_safe=False
)

8947
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/toktok.ltd/spec.html Normal file
View File

File diff suppressed because it is too large Load Diff

1471
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/tox_profile.py Normal file
View File

File diff suppressed because it is too large Load Diff

24
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/tox_profile_examples.bash Normal file
View File

@ -0,0 +1,24 @@
#!/bin/sh -e
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# some examples of tox-profile usage
export PYTHONPATH=/mnt/o/var/local/src/toxygen_wrapper.git
TOX_HOME=$HOME/.config/tox
NMAP_CMD='sudo -u debian-tor nmap'
echo INFO: check the download json file
python3 tox_profile.py --command nodes --nodes check \
$TOX_HOME/DHTnodes.json.new \
2>&1 | tee /tmp/DHTnodes.json.log
echo INFO: get the tcp nodes/ports from the downloaded json file
python3 tox_profile.py --command nodes --nodes select_tcp \
--output /tmp/DHTnodes.json.tcp \
$TOX_HOME/DHTnodes.json.new
echo INFO: run ping/nmap on the tcp nodes/ports from the downloaded json file
python3 tox_profile.py --command nodes --nodes nmap_tcp \
--nmap_cmd $NMAP_CMD \
--output /tmp/DHTnodes.json.tcp.out \
/tmp/DHTnodes.json.tcp

337
roles/toxcore/overlay/Linux/usr/local/net/Git/git.plastiras.org/emdee/tox_profile/tox_profile_test.bash Executable file
View File

@ -0,0 +1,337 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# tox_profile.py has a lot of features so it needs test coverage
PREFIX=/mnt/o/var/local
ROLE=text
DEBUG=1
EXE=/var/local/bin/python3.bash
WRAPPER=$PREFIX/src/toxygen_wrapper.git
tox=$HOME/.config/tox/toxic_profile.tox
[ -s $tox ] || exit 2
target=$PREFIX/src/tox_profile/tox_profile.py
OUT=/tmp/toxic_profile
ps ax | grep -q tor && netstat -n4le | grep -q :9050
[ $? -eq 0 ] && HAVE_TOR=1 || HAVE_TOR=0
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
if [ -z "$TOXCORE_LIBS" ] && [ ! -d libs ] ; then
mkdir libs
cd libs
# /lib/x86_64-linux-gnu/libtoxcore.so.2
for pro in qtox toxic ; do
if which $pro 2> /dev/null ; then
DBUG linking to $pro libtoxcore
lib=$( ldd `which $pro` | grep libtoxcore|sed -e 's/.* => //' -e 's/ .*//')
[ -n "$lib" -a -f "$lib" ] || { WARN $Lib ; continue ; }
INFO linking to $lib
for elt in libtoxcore.so libtoxav.so libtoxencryptsave.so ; do
ln -s "$lib" "$elt"
done
export TOXCORE_LIBS=$PWD
break
fi
done
cd ..
elif [ -z "$TOXCORE_LIBS" ] && [ -d libs ] ; then
export TOXCORE_LIBS=$PWD/libs
fi
# set -- -e
[ -s $target ] || exit 1
[ -d $WRAPPER ] || {
ERROR wrapper is required https://git.plastiras.org/emdee/toxygen_wrapper
exit 3
}
export PYTHONPATH=$WRAPPER
json=$HOME/.config/tox/DHTnodes.json
[ -s $json ] || exit 4
which jq > /dev/null && HAVE_JQ=1 || HAVE_JQ=0
which nmap > /dev/null && HAVE_NMAP=1 || HAVE_NMAP=0
sudo rm -f $OUT.* /tmp/toxic_nodes.*
test_jq () {
[ $# -eq 3 ] || {
ERROR test_jq '#' "$@"
return 3
}
in=$1
out=$2
err=$3
[ -s $in ] || {
ERROR $i test_jq null $in
return 4
}
jq . < $in >$out 2>$err || {
ERROR $i test_jq $json
return 5
}
grep error: $err && {
ERROR $i test_jq $json
return 6
}
[ -s $out ] || {
ERROR $i null $out
return 7
}
[ -s $err ] || rm -f $err
return 0
}
i=0
[ "$HAVE_JQ" = 0 ] || \
test_jq $json /tmp/toxic_nodes.json /tmp/toxic_nodes.err || {
ERROR test_jq failed on $json
exit ${i}$?
}
[ -f /tmp/toxic_nodes.json ] || cp -p $json /tmp/toxic_nodes.json
json=/tmp/toxic_nodes.json
i=1
# required password
INFO $i decrypt $OUT.bin
$EXE $target --command decrypt --output $OUT.bin $tox || exit ${i}1
[ -s $OUT.bin ] || exit ${i}2
tox=$OUT.bin
INFO $i info $tox
$EXE $target --command info --info info $tox 2>$OUT.info || {
ERROR $i $EXE $target --command info --info info $tox
exit ${i}3
}
[ -s $OUT.info ] || exit ${i}4
INFO $i $EXE $target --command info --info save --output $OUT.save $tox
$EXE $target --command info --info save --output $OUT.save $tox 2>/dev/null || {
ERROR $?
exit ${i}5
}
[ -s $OUT.save ] || exit ${i}6
i=2
[ $# -ne 0 -a $1 -ne $i ] || \
! INFO $i Info and editing || \
for the_tox in $tox $OUT.save ; do
DBUG $i $the_tox
the_base=`echo $the_tox | sed -e 's/.save$//' -e 's/.tox$//'`
for elt in json yaml pprint repr ; do
if [ $elt = yaml -o $elt = json ] ; then
# ModuleNotFoundError
python3 -c "import $elt" 2>/dev/null || continue
fi
INFO $i $the_base.$elt
DBUG $EXE $target \
--command info --info $elt \
--output $the_base.$elt $the_tox '2>'$the_base.$elt.err
$EXE $target --command info --info $elt \
--output $the_base.$elt $the_tox 2>$the_base.$elt.err || {
tail $the_base.$elt.err
if [ $elt != yaml -a $elt != json ] ; then
exit ${i}0
else
WARN $elt
fi
}
[ -s $the_base.$elt ] || {
WARN no output $the_base.$elt
# exit ${i}1
}
done
DBUG $EXE $target --command edit --edit help $the_tox
$EXE $target --command edit --edit help $the_tox 2>/dev/null || exit ${i}2
# edit the status message
INFO $i $the_base.Status_message 'STATUSMESSAGE,.,Status_message,Toxxed on Toxic'
$EXE $target --command edit --edit 'STATUSMESSAGE,.,Status_message,Toxxed on Toxic' \
--output $the_base.Status_message.tox $the_tox 2>&1|grep EDIT || exit ${i}3
[ -s $the_base.Status_message.tox ] || exit ${i}3
$EXE $target --command info $the_base.Status_message.tox 2>&1|grep Toxxed || exit ${i}4
# edit the nick_name
INFO $i $the_base.Nick_name 'NAME,.,Nick_name,FooBar'
$EXE $target --command edit --edit 'NAME,.,Nick_name,FooBar' \
--output $the_base.Nick_name.tox $the_tox 2>&1|grep EDIT || exit ${i}5
[ -s $the_base.Nick_name.tox ] || exit ${i}5
$EXE $target --command info $the_base.Nick_name.tox 2>&1|grep FooBar || exit ${i}6
# set the DHTnodes to empty
INFO $i $the_base.noDHT 'DHT,.,DHTnode,'
$EXE $target --command edit --edit 'DHT,.,DHTnode,' \
--output $the_base.noDHT.tox $the_tox 2>&1|grep EDIT || exit ${i}7
[ -s $the_base.noDHT.tox ] || exit ${i}7
$EXE $target --command info $the_base.noDHT.tox 2>&1 | grep 'NO DHT' || exit ${i}8
done
i=3
[ "$#" -ne 0 -a "$1" != "$i" ] || \
[ "$HAVE_JQ" = 0 ] || \
! INFO $i Nodes || \
for the_json in $json ; do
DBUG $i $the_json
the_base=`echo $the_json | sed -e 's/.json$//' -e 's/.tox$//'`
for nmap in clean check select_tcp select_udp select_version; do
$EXE $target --command nodes --nodes $nmap \
--output $the_base.$nmap.json $the_json || {
WARN $i $the_json $nmap ${i}1
continue
}
[ -s $the_base.$nmap.json ] || {
WARN $i $the_json $nmap ${i}2
continue
}
[ $nmap = select_tcp ] && \
grep '"status_tcp": false' $the_base.$nmap.json && {
WARN $i $the_json $nmap ${i}3
continue
}
[ $nmap = select_udp ] && \
grep '"status_udp": false' $the_base.$nmap.json && {
WARN $i $the_json $nmap ${i}4
continue
}
test_jq $the_base.$nmap.json $the_base.$nmap.json.out /tmp/toxic_nodes.err || {
retval=$?
WARN $i $the_base.$nmap.json 3$?
}
INFO $i $the_base.$nmap
done
done
i=4
[ $# -ne 0 -a "$1" -ne $i ] || \
[ "$HAVE_TOR" = 0 ] || \
[ ! -f /etc/tor/torrc ] || \
! INFO $i Onions || \
for the_tox in /etc/tor/torrc ; do
DBUG $i $the_tox
the_base=`echo $OUT.save | sed -e 's/.save$//' -e 's/.tox$//'`
# exits
for slot in config test; do
if [ $slot = exits ] && ! netstat -nle4 | grep -q :9050 ; then
WARN Tor not running
continue
fi
INFO $target --command onions --onions $slot \
--output $the_base.$slot.out $the_tox
DBUG=1 $EXE $target --command onions --onions $slot \
--log_level 10 \
--output $the_base.$slot.out $the_tox|| {
WARN $i $?
continue
}
[ true -o -s $the_base.$slot.out ] || {
WARN $i empty $the_base.$slot.out
continue
}
done
done
# ls -l $OUT.* /tmp/toxic_nodes.*
# DEBUG=0 /usr/local/bin/proxy_ping_test.bash tor || exit 0
ip route | grep ^def || exit 0
i=5
the_tox=$tox
[ $# -ne 0 -a "$1" != "$i" ] || \
[ "$HAVE_JQ" = 0 ] || \
[ "$HAVE_NMAP" = 0 ] || \
! INFO $i Making dogfood || \
for the_tox in $tox $OUT.save ; do
DBUG $i $the_tox
the_base=`echo $the_tox | sed -e 's/.save$//' -e 's/.tox$//'`
for nmap in nmap_relay nmap_dht nmap_path ; do
# [ $nmap = select_tcp ] && continue
if [ $nmap = nmap_dht ] && [ $HAVE_TOR = 1 ] ; then
INFO skipping $nmap because HAVE_TOR
continue
fi
INFO $i $the_base.$nmap
DBUG $target --command info --info $nmap \
--output $the_base.$nmap.out $the_tox
$EXE $target --command info --info $nmap \
--output $the_base.$nmap.out $the_tox 2>$the_base.$nmap.err || {
# select_tcp may be empty and jq errors
# exit ${i}1
WARN $i $? $the_base.$nmap.err
tail $the_base.$nmap.err
continue
}
[ -s $the_base.$nmap.out ] || {
WARN $i empty $the_base.$nmap.out
continue
}
done
done
i=6
[ $# -ne 0 -a "$1" != "$i" ] || \
[ "$HAVE_JQ" = 0 ] || \
! INFO $i Eating dogfood || \
for the_json in $json ; do
DBUG $i $the_json
the_base=`echo $the_json | sed -e 's/.save$//' -e 's/.json$//'`
for nmap in nmap_tcp nmap_udp ; do
if [ $nmap = nmap_udp ] && [ $HAVE_TOR = 1 ] ; then
INFO skipping $nmap because HAVE_TOR
continue
fi
INFO $i $target --command nodes --nodes $nmap --output $the_base.$nmap
$EXE $target --command nodes --nodes $nmap \
--output $the_base.$nmap $the_json 2>$the_base.$nmap.err || {
WARN $i $the_json $nmap ${i}1
continue
}
[ -s $the_base.$nmap ] || {
ERROR $i $the_json $nmap ${i}2
exit ${i}2
}
done
done
i=7
DBUG $i
$EXE $target --command nodes --nodes download \
--output /tmp/toxic_nodes.new $json || {
ERROR $i $EXE $target --command nodes --nodes download $json
exit ${i}1
}
[ -s /tmp/toxic_nodes.new ] || exit ${i}4
INFO $i downloaded /tmp/toxic_nodes.new
json=/tmp/toxic_nodes.new
[ $# -ne 0 -a "$1" != "$i" ] || \
[ "$HAVE_JQ" = 0 ] || \
jq . < $json >/tmp/toxic_nodes.new.json 2>>/tmp/toxic_nodes.new.json.err || {
ERROR $i jq $json
exit ${i}2
}
INFO $i jq from /tmp/toxic_nodes.new.json
[ $# -ne 0 -a "$1" != "$i" ] || \
[ "$HAVE_JQ" = 0 ] || \
grep error: /tmp/toxic_nodes.new.json.err && {
ERROR $i jq $json
exit ${i}3
}
INFO $i no errors in /tmp/toxic_nodes.new.err
exit 0

173
roles/toxcore/overlay/Linux/usr/local/sbin/toxcore_libvirt_test_ga.bash Executable file
View File

@ -0,0 +1,173 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=hostvms
#[ $# -eq 0 ] && set - Whonix-Gateway /bin/cat /proc/cmdline
[ $# -eq 0 ] && set - Whonix-Gateway /bin/netstat -lnp4
[ $# -lt 2 ] && echo USAGE: $0 domain command arguments
# https://access.redhat.com/solutions%2F732773
HOST=$1
shift
if [ $# -eq 0 ] ; then
RCMD=guest-info
elif [[ $@ =~ guest- ]] ; then
RCMD=$1
shift
else
RCMD=guest-exec
CMD=$1
fi
shift
# FixMe
if [ $# -lt 1 ] ; then
ARGS=""
elif [ $# -gt 1 ] ; then
ARGS=`echo "$@" | sed -e 's/ /","/g'`
else
ARGS="$1"
fi
[ -z "$CMD" ] && CMD=/usr/sbin/qemu-ga && ARGS=-D
INFO $0 $HOST $CMD $ARGS
rc=0
if [ RCMD = guest-info ] ; then
DBUG virsh qemu-agent-command $HOST \
'{"execute":"'$RCMD'"}'
virsh qemu-agent-command $HOST \
'{"execute":"'$RCMD'"}' \
>/tmp/Q$$.out || exit 1$?
jq . < /tmp/Q$$.out # /tmp/R$$.out
elif [ $RCMD = guest-get-time ] || \
[ $RCMD = guest-get-cpustats ] || \
[ $RCMD = guest-get-diskstats ] || \
[ $RCMD = guest-get-devices ] || \
[ $RCMD = guest-get-fsinfo ] || \
[ $RCMD = guest-get-disks ] || \
[ $RCMD = guest-get-hostname ] || \
[ $RCMD = guest-get-timezone ] || \
[ $RCMD = guest-get-users ] || \
[ $RCMD = guest-get-vcpus ] || \
[ $RCMD = guest-network-get-interfaces ] || \
[ $RCMD = guest-ping ] || \
[ $RCMD = guest-sync ] \
; then
DBUG virsh qemu-agent-command $HOST \
'{"execute":"'$RCMD'"}'
virsh qemu-agent-command $HOST \
'{"execute":"'$RCMD'"}' \
>/tmp/Q$$.out || exit 1$?
jq .return < /tmp/Q$$.out # /tmp/R$$.out
elif [ $RCMD = guest-exec ] ; then
# timeout?
DBUG virsh qemu-agent-command $HOST \
'{"execute":"'$RCMD'", "arguments": {"capture-output": true,"path":"'$CMD'","arg":["'"$ARGS"'"]}}'
virsh qemu-agent-command $HOST \
'{"execute":"'"$RCMD"'", "arguments": {"capture-output": true,"path":"'$CMD'","arg":["'"$ARGS"'"]}}' \
>/tmp/Q$$.out || exit 1$?
grep -q return /tmp/Q$$.out || exit 2
# pid=`sed -e 's/.*://' -e 's/}.*//' /tmp/Q$$.out`
pid=`jq .return.pid < /tmp/Q$$.out`
[ $? -eq 0 -a -n "$pid" ] || exit 3
DBUG virsh qemu-agent-command $HOST "$CMD $pid"
# echo DEBUG: virsh qemu-agent-command $HOST \
# '{"execute":"guest-exec-status", "arguments": {"pid": '$pid'}}'
#virsh qemu-agent-command $HOST \
# '{"execute":"guest-exec-status", "arguments": {"pid": '$pid'}}' \
# >/tmp/R$$.out || exit 4$?
TRIES=10
i=0
while [ $i -lt $TRIES ] ; do
i=`expr $i + 1`
virsh qemu-agent-command $HOST \
'{"execute":"guest-exec-status", "arguments": {"pid": '"$pid"'}}' \
>/tmp/R$$.out || exit 4$i$?
grep -q '"exitcode":' /tmp/R$$.out && break
sleep 5
echo DEBUG: $i
done
[ $i -lt $TRIES ] || \
{ echo ERROR: $i no exitcode in /tmp/R$$.out; exit 5 ; }
rc=`jq '.return.exitcode' < /tmp/R$$.out`
#b64=`jq '.return.out_data' < /tmp/R$$.out`
DBUG rc=$rc /tmp/R$$.out
if grep -q err-data /tmp/R$$.out ; then
b64_err=`sed -e 's/{"return":{"exitcode":[0-9]*,"err-data":"//' -e 's/",".*//' /tmp/R$$.out`
errrc=$?
WARN `echo $b64_err | base64 -d -`
fi
if grep -q out-data /tmp/R$$.out ; then
b64_out=`sed -e 's/{"return":{"exitcode":[0-9]*,"out-data":"//' -e 's/",".*//' /tmp/R$$.out`
outrc=$?
INFO `echo $b64_out | base64 -d - `
fi
#b64=`jq '.return.out_data' < /tmp/R$$.out`
#[ $rrc -eq 0 ] || { ERROR b64 $b64 ; exit 7 ; }
fi
rm -f /tmp/{Q,R}$$.out
exit $rc
#
# guest-get-cpustats
# guest-get-diskstats
# guest-ssh-remove-authorized-keys
# guest-ssh-add-authorized-keys
# guest-ssh-get-authorized-keys
# guest-get-devices
# guest-get-osinfo
# guest-get-timezone
# guest-get-users
# guest-get-host-name
# guest-exec
# guest-exec-status
# guest-get-memory-block-info
# guest-set-memory-blocks
# guest-get-memory-blocks
# guest-set-user-password
# guest-get-fsinfo
# guest-get-disks
# guest-set-vcpus
# guest-get-vcpus
# guest-network-get-interfaces
# guest-suspend-hybrid
# guest-suspend-ram
# guest-suspend-disk
# guest-fstrim
# guest-fsfreeze-thaw
# guest-fsfreeze-freeze-list
# guest-fsfreeze-freeze
# guest-fsfreeze-status
# guest-file-flush
# guest-file-seek
# guest-file-write
# guest-file-read
# guest-file-close
# guest-file-open
# guest-shutdown
# guest-info
# guest-set-time
# guest-get-time
# guest-ping
# guest-sync
# guest-sync-delimited

89
roles/toxcore/overlay/Linux/usr/local/src/ansible.bash Executable file
View File

@ -0,0 +1,89 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
#? broken in ansible
PYVER=3
P="BASE_PYTHON${PYVER}_MINOR"
PYTHON_MINOR="$(eval echo \$$P)"
[ -z "$PYTHON_MINOR" ] || PYTHON_MINOR=3.9
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYVER.sh
PYTHON_EXE=$PYTHON_EXE_MSYS
DESC=""
PKG="ansible"
MOD="$PKG"
VER="2.9.22"
AVER="2.9.22"
DIR="${PKG}-$VER"
EXT="tar.gz"
URL="files.pythonhosted.org/packages/03/4f/cccab1ec2e0ecb05120184088e00404b38854809cf35aa76889406fbcbad/ansible-2.9.10.tar.gz"
TODIR=/o/data/TestForge/src/ansible
if [ -f /var/local/src/var_local_src.bash ] ; then
. /var/local/src/var_local_src.bash
else
ols_are_we_connected () { route | grep -q ^default ; return $? ; }
fi
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ ! -d "$DIR" ] ; then
if [ ! -f "$HTTP_DIR/$URL" ] ; then
ols_are_we_connected || { DEBUG not connected ; exit 0 ; }
wget -xc -P "$HTTP_DIR" "https://$URL" || exit 2
fi
if [ "$EXT" = "zip" ] ; then
unzip "$HTTP_DIR/$URL" || exit 3
else
tar xfvz "$HTTP_DIR/$URL" || exit 3
fi
fi
cd "$DIR" || exit 4
[ -f lib/ansible/parsing/utils/yaml.py.dst ] || \
bash /usr/local/sbin/base_patch_from_diff.bash $ROLE \
$TODIR/roles/$ROLE/overlay/Linux/$PREFIX/patches/$ROLE/$PWD || exit 6$?
[ -d $PREFIX/$LIB/python$PYTHON_MINOR/site-packages/$DIR-py$PYTHON_MINOR.egg ] || \
pip3.sh install . >> install.log 2>&1\
|| { echo "ERROR: code $?" ; tail install.log ; exit 5 ; }
"$PYTHON_EXE" -c "import $MOD" || exit 10
grep -l '_tput\|_src' *sh ../bin*sh | \
xargs grep -l 'echo \(INFO\|DEBUG\|ERROR\|DEBUG\):' | \
xargs sed -e 's@echo \(INFO\|DEBUG\|ERROR\|DEBUG\):@\1 @'
if [ -d $PREFIX/src/ansible-$AVER/docs/docsite ] ; then
cd $PREFIX/src/ansible-$AVER/docs/docsite
[ -f htmldocs.log ] || make -n -f Makefile htmldocs > htmldocs.log 2>&1 || exit 2$?
[ -f info.log ] || make -n -f Makefile.sphinx info > info.log 2>&1 || exit 3$?
exit 0
elif [ "$1" = 'check' ] ; then
"$PYTHON_EXE" -c "import $MOD" || exit 10
# ols_run_checks_requirements
elif [ $1 = 'test' ] ; then
cd $PREFIX/src/$DIR || exit 50
$PYTHON_EXE_MSYS -m tox >> test.log 2>&1 || \
{ echo "ERROR: $MOD code $?" ; cat test.log ; exit 51 ; }
elif [ "$1" = 'refresh' ] ; then
cd $PREFIX/src/$DIR || exit 60
env PWD=$PREFIX/src/$DIR \
/usr/local/sbin/base_diff_from_dst.bash $ROLE || exit 6$?
fi
exit 0

34
roles/toxcore/overlay/Linux/usr/local/src/c-toxcore.bash
View File

@ -8,7 +8,7 @@ PREFIX=/usr/local
ROLE=toxcore
DESC=""
. $PREFIX/src/usr_local_tput.bash || exit 1
. $PREFIX/bin/usr_local_tput.bash || exit 1
PKG=toxcore
DIR=c-$PKG
@ -23,10 +23,6 @@ WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ -d /etc/portage ] ; then
ols_funtoo_requires app-crypt/argon2 dev-vcs/git media-gfx/qrencode
fi
WD=$PWD
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" ] ; then
@ -49,52 +45,50 @@ if [ "$#" -eq 0 ] ; then
# ols_apply_testforge_patches
# # [ -f CMakeLists.txt.dst ] || patch -b -z.dst < toxcore.diff || exit 7
[ -f cmake.sh ] || cat > cmake.sh << \EOF
[ -f cmake.sh ] || cat > cmake.sh << EOF
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
PREFIX=$PREFIX
ROLE=toxcore
ROLE=$ROLE
CORE=$PREFIX/src/c-toxcore
DIR=_build
LIB=$CORE/$DIR
LIB=\$CORE/\$DIR
cd $CORE | exit 3
cd \$CORE | exit 3
mkdir _build
cd _build
cmake \
-DCMAKE_BUILD_TYPE="Debug" \
-DCMAKE_UNITY_BUILD=ON \
-DMIN_LOGGER_LEVEL=DEBUG \
-DMIN_LOGGER_LEVEL=TRACE \
-DMUST_BUILD_TOXAV=ON \
-DNON_HERMETIC_TESTS=ON \
-DSTRICT_ABI=ON \
-DTEST_TIMEOUT_SECONDS=1200 \
-DTEST_TIMEOUT_SECONDS=120 \
-DUSE_IPV6=OFF \
-DAUTOTEST=ON \
-DNON_HERMETIC_TESTS=ON \
-DPROXY_TEST=ON \
-DBUILD_MISC_TESTS=ON \
-DBUILD_FUN_UTILS=ON \
-DBOOTSTRAP_DAEMON=ON \
-DSOCKS_PORT_TEST=9050 \
-DSOCKS_HOST_TEST=localhost \
.. > cmake.log 2>&1
#sed -e 's/-DNDEBUG/-g/' -i CMakeCache.txt
make .. > make.log 2>&1
ls $LIB/*so* || { echo ERROR $LIB ; exit 2 ; }
ls \$LIB/*so* || { echo ERROR \$LIB ; exit 2 ; }
EOF
bash cmake.sh || {
retcval=$?
ERROR cmake $retcval
retval=$?
ERROR cmake $retval
exit 3$retval
}
cd _build
make >> make.log 2>&1 || {
retcval=$?
ERROR cmake $retcval
retval=$?
ERROR cmake $retval
exit 3$retval
}

5
roles/toxcore/overlay/Linux/usr/local/src/dracut-055.bash Normal file
View File

@ -0,0 +1,5 @@
#!/bin/sh
ROLE=toxcore
#https://mirrors.edge.kernel.org/pub/linux/utils/boot/dracut/dracut-055.tar.sign
#https://mirrors.edge.kernel.org/pub/linux/utils/boot/dracut/dracut-055.tar.gz

80
roles/toxcore/overlay/Linux/usr/local/src/gridfire.bash Executable file
View File

@ -0,0 +1,80 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
MOD=gridfire
DIR=$MOD
GIT_HUB=github.com
GIT_USER=reid-k
GIT_DIR=gridfire
DESC=""
[ -f /usr/local/src/var_local_src.bash ] && \
. /usr/local/src/usr_local_src.bash
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
cd $DIR || exit 3
if [ ! -e $MOD.py ] ; then
route|grep -q ^default || exit 0
ols_wget_c https://raw.githubusercontent.com/$GIT_USER/$GIT_DIR/master/$MOD.py
fi
#[ -f $MOD.sh ] || \
# cp -p $PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR/$MOD.sh .
for VER in 2 3 ; do
PYVER=$VER
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYVER.bash
PYTHON_EXE=$PYTHON_EXE_MSYS
if [ ! -e $PREFIX/bin/$MOD$VER.bash ] ; then
cat > $PREFIX/bin/$MOD$VER.bash << EOF
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
ROLE=proxy
# https://$GIT_HUB/$GIT_USER/$GIT_DIR/
exec $PYTHON_EXE_MSYS $PREFIX/src/$DIR/$MOD.py "\$@"
EOF
chmod 755 $PREFIX/bin/$MOD$VER.bash
fi
done
# default to python2
BINS=$MOD
msys_install_python_scripts $BINS
cd bin || exit 4
for file in *.bash *.py ; do
[ $file = gridfire_ansible-vault.bash ] && continue
[ -x $PREFIX/bin/$file ] && diff -q $file $PREFIX/bin/$file && continue
cp -p $file $PREFIX/bin
[ -x $PREFIX/bin/$file ] || chmod 775 $PREFIX/bin/$file
done
cd ..
#[ -d /usr/lib64/misc/ ] && [ ! -e /usr/lib64/misc/ssh-askpass ] \
# && sudo ln -s $PREFIX/bin/$MOD.bash /usr/lib64/misc/ssh-askpass
retval=0
[ -z "$BOX_OS_FLAVOR" ] && BOX_OS_FLAVOR="Linux"
make all-$BOX_OS_FLAVOR
OPREFIX=$PREFIX/share/genkernel/overlay
dist=dist-$BOX_OS_FLAVOR
[ -d $OPREFIX/bin ] || { sudo mkdir -p $OPREFIX/bin ; sudo chmod 1777 $OPREFIX/bin ; }
[ ! -x $dist/$MOD ] || \
[ -x $OPREFIX/bin/$MOD -a $OPREFIX/bin/$MOD -nt $dist/$MOD ] || \
cp -p $dist/$MOD $OPREFIX/bin/ || exit 9
# libc.so.1 libz.so.1 libdl.so.1
exit 0
elif [ "$1" = 'test' ] ; then
$PREFIX/bin/$MOD.bash --help >/dev/null || exit 10
make test >/dev/null || exit 11
fi

135
roles/toxcore/overlay/Linux/usr/local/src/keyrings.bash Executable file
View File

@ -0,0 +1,135 @@
#!/bin/bash
# -*- mode: sh; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/local/src/usr_local_src.bash || exit 2
# [ `id -u` -eq 0 ] && ERROR $prog should not be run as root && exit 2
export LOG_DIR=$PREFIX/var/log/$ROLE
DESC=""
cd /usr/local/src || exit 4
if [ "$#" -eq 0 ] ; then
# /usr/lib/python3.9/site-packages/owtf/scripts/ssl/verify_ssl_cipher_check.sh
[ -f /usr/local/bin/ssl-cipher-check.pl ] || \
wget -cP /usr/local/bin/ http://unspecific.com/ssl/ssl-cipher-check.pl
if [ $USER = root ] ; then
# https://unix.stackexchange.com/questions/271661/disable-gnome-keyring-daemon
command -v keepassxc.bash
EXE=`command -v keepassxc.bash`
[ -z "$EXE" ] && EXE=`command -v keepassxc`
if [ -z "$EXE" ] ; then
export PYTHON_KEYRING_BACKEND=keyring.backends.SecretService.Keyring
ELTS=`ps ax|grep gnome-keyring-daemon|grep -v grep|sed -e 's/^ *//' -e 's/ .*//'`
[ -n "$ELTS" ] && kill $ELTS
if [ -d /etc/pam.d ] ; then
cd /etc/pam.d
grep -l '^[^#].*pam_gnome_keyring.so' * | while read file ; do
[ -f .$file.dst ] || cp -p $file .$file.dst
sed -e 's/.*pam_gnome_keyring.so.*/#&/' -i $file
done
fi
file=/usr/local/share/dbus-1/services/org.freedesktop.secrets.service
if [ ! -f $file ] || ! grep -q $EXE $file ; then
cat > $file <<EOF
[D-BUS Service]
Name=org.freedesktop.secrets
Exec=$EXE
EOF
fi
fi
fi
if [ $USER != root ] ; then
# https://unix.stackexchange.com/questions/271661/disable-gnome-keyring-daemon
[ -d ~/.config/autostart ] || mkdir ~/.config/autostart
cd /etc/xdg/autostart/
for file in * ; do
[ -f ~/.config/autostart/$file ] || {
cat > ~/.config/autostart/$file <<EOF
[Desktop Entry]
Hidden=true
EOF
INFO created ~/.config/autostart/$file - cp /dev/null to reenable
}
done
# https://pypi.org/project/keyring/
A=`python3.bash -c "import keyring.util.platform_; print(keyring.util.platform_.config_root())"` || exit 1$?
[ -f "$A" ] || touch "$A"
# $HOME/.config/python_keyring
[ -s "$A" ] || cat > "$A" <<EOF
[backend]
default-keyring=keyring.backends.SecretService.Keyring
EOF
A=`python3 -c "import keyring.util.platform_; print(keyring.util.platform_.data_root())"`
[ -d "$A" ] || mkdir "$A"
if `which keepassxc` && ps ax | grep -v grep | grep -q keepassxc ; then
python3 -m keyring --list-backends | \
grep -q keyring.backends.SecretService.Keyring || \
WARN NO keyring.backends.SecretService.Keyring
# string "org.freedesktop.secrets"
dbus-send --session --dest=org.freedesktop.DBus \
--type=method_call --print-reply \
/org/freedesktop/DBus org.freedesktop.DBus.ListNames | \
grep -q 'org.freedesktop.secrets' || \
WARN NO org.freedesktop.DBus.ListNames
else
python3 -m keyring --list-backends || \
WARN NO keyring.backends
fi
if `which gajim` || [ -f $PREFIX/bin/gajim ] ; then
[ -f $HOME/.config/gajim/config ] || cat > $HOME/.config/gajim/config <<EOF
proxies.Tor.bosh_wait_for_restart_response = False
proxies.Tor.useauth = False
proxies.Tor.bosh_useproxy = True
proxies.Tor.bosh_http_pipelining = False
proxies.Tor.bosh_content = text/xml; charset=utf-8
proxies.Tor.bosh_uri =
proxies.Tor.bosh_wait = 30
proxies.Tor.host = 127.0.0.1
proxies.Tor.user =
proxies.Tor.pass =
proxies.Tor.bosh_hold = 2
proxies.Tor.type = socks5
proxies.Tor.port = 9050
EOF
fi
fi
exit 0
elif [ "$1" = check ] ; then
[ -f /var/local/src/var_local_src.bash ] || exit 0
. /var/local/src/var_local_src.bash || exit 10
ols_run_tests_exit $1 || exit 10$?
elif [ "$1" = 'lint' ] ; then
[ -f /var/local/src/var_local_src.bash ] || exit 0
. /var/local/src/var_local_src.bash
ols_run_tests_exit $1 || exit 20$?
ols_run_tests_shellcheck $ROLE || exit 21$?
ols_run_tests_pylint || exit 22$?
elif [ "$1" = 'test' ] ; then
[ -f /var/local/src/var_local_src.bash ] || exit 0
. /var/local/src/var_local_src.bash || exit 50
ols_run_tests_exit $1 || exit 51$?
ols_test_srcs test || exit 52$?
fi

2
roles/toxcore/overlay/Linux/usr/local/src/negotiator.bash
View File

@ -40,7 +40,7 @@ WD=$PWD
if [ "$#" -eq 0 ] ; then
WD=$PWD
if true || [ ! -d "$DIR" ] ; then
if [ ! -d "$DIR" ] ; then
route | grep -q ^def || { DBUG not connected ; exit 0 ; }
wget -xcP $PREFIX/net/Http/ https://pypi.org/project/negotiator-common/
for f in "${FILES[@]}" ; do

67
roles/toxcore/overlay/Linux/usr/local/src/pyassuan.bash Normal file
View File

@ -0,0 +1,67 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
#See /var/local/src/ZeroNet.bash
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
PYVER=3
P="BASE_PYTHON${PYVER}_MINOR"
[ -z "$PYTHON_MINOR" ] && PYTHON_MINOR="$(eval echo \$$P)"
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYTHON_MINOR.bash
PYTHON_EXE=$PYTHON_EXE_MSYS
MOD="pyassuan"
DIR="${MOD}"
BINS="get-info pinentry"
GIT_HUB=http-git.tremily.us
GIT_DIR=pyassuan
#ols_funtoo_requires
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_DIR" ] ; then
[ -d "$PREFIX/net/Git/$GIT_HUB" ] || \
mkdir "$PREFIX/net/Git/$GIT_HUB"
route|grep ^def || { DEBUG not connected ; exit 0 ; }
(cd "$PREFIX/net/Git/$GIT_HUB" && \
git clone --depth=1 "http://http-git.tremily.us/pyassuan.git" ) ||\
exit 2
fi
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_DIR" . || \
exit 3
fi
cd "$DIR" || exit 4
if [ "$#" -eq 0 ] ; then
# ols_setup_zip_unsafe 's@^ )@ zip_safe=False)@'
#? [ -e /var/local/src/var_local_local.bash ] && . /var/local/src/var_local_local.bash
[ -d $PREFIX/$LIB/python${PYTHON_MINOR}/site-packages/${DIR}-${VER}-py${PYTHON_MINOR}.egg ] || \
msys_python_setup_install 2>&1 || { ERROR "code $?" ; cat install$PYVER.log ; exit 6 ; }
# ols_install_python_scripts $BINS
"$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 10
exit 0
elif [ $1 = 'check' ] ; then # 1*
"$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 20
# ols_test_bins
exit $?
elif [ "$1" = 'test' ] ; then # 3*
cd $WD/$DIR
$PYTHON_EXE_MSYS -m unittest discover >>test.log || exit 31$?
fi

96
roles/toxcore/overlay/Linux/usr/local/src/sdwdate.bash Executable file
View File

@ -0,0 +1,96 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# 19 Nov 00:48:20 ntpdate[24018]: step time server 132.163.97.3 offset +4125.279643 sec
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash || exit 1
# python3.6 problems on gentoo with gevent not installing
# python3.7 -c 'import gevent'
PYVER=3
PYTHON_MINOR=3.11
PYTHON_EXE_MSYS=python$PYTHON_MINOR.sh
PYTHON_EXE=$PYTHON_EXE_MSYS
PKG=sdwdate
URL=github.com/Whonix/sdwdate
DIR=$PKG
cd $PREFIX/src || exit 2
WD=$PWD
cd $DIR || exit 3
site_packages=$PREFIX/$LIB/python$PYTHON_MINOR/site-packages
if ! [ -d $site_packages/$DIR/ ] ; then
rsync -vax usr/lib/python3/dist-packages/$DIR/ $site_packages/$DIR/
sed -e 's@/usr/lib@/usr/local/lib@' -i $site_packages/$DIR/*py
fi
[ -d $site_packages/$DIR/ ] || exit 4
[ -d $PREFIX/etc/sdwdate.d ] || mkdir $PREFIX/etc/sdwdate.d
[ -f $PREFIX/etc/sdwdate.d/30_default.conf ] || \
cp -p etc/sdwdate.d/30_default.conf $PREFIX/etc/sdwdate.d/30_default.conf
if [ ! -f $PREFIX/bin/${PKG}_.py ] ; then
cp -p usr/bin/${PKG} $PREFIX/bin/${PKG}_.py || exit 5
patch -b -z .dst $PREFIX/bin/${PKG}_.py < $PREFIX/src/${PKG}_.py,diff
fi
if ! [ -d /usr/local/lib/helper-scripts ] ; then
rsync -vax ../helper-scripts/ $PREFIX/lib/helper-scripts/
fi
# share/sdwdate/onion_tester
if ! [ -d /usr/local/share/sdwdate ] ; then
rsync -vax usr/share/$DIR/ $PREFIX/share/$DIR/
fi
if ! [ -d /usr/local/lib/sdwdate ] ; then
rsync -vax usr/lib/$DIR/ $PREFIX/lib/$DIR/
## Compatibility with anon-ws-disable-stacked-tor.
# addgroup debian-tor 2>/dev/null || true
# adduser --home /run/sdwdate --no-create-home --quiet --system --group sdwdate || true
## Add sdwdate to group debian-tor so it can read
## /run/tor/control.authcookie which is required to check if Tor has
## already successfully established a circuit before fetching time.
# addgroup sdwdate debian-tor
cd /usr/local/lib/$DIR
[ -x sclockadj ] || \
gcc sclockadj.c -o sclockadj -ldl -D_GNU_SOURCE -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -Wl,-z,now || exit 7
cd $WD
fi
if grep -q /usr/lib /usr/local/lib/sdwdate/* ; then
sed -e 's@/usr/lib@/usr/local/lib@' -i /usr/local/lib/sdwdate/*
fi
cd $WD
if [ ! -e $PREFIX/bin/${ROLE}_${PKG}.bash ] ; then
cat > $PREFIX/bin/${ROLE}_${PKG}.bash << EOF
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
if [ -x /usr/local/bin/proxy_ping_test.bash ] ; then
sh /usr/local/bin/proxy_ping_test.bash wifi || exit 1
sh /usr/local/bin/proxy_ping_test.bash 30 || exit 2
fi
export PYTHONPATH=$site_packages
exec $PYTHON_EXE_MSYS $PREFIX/bin/${PKG}_.py "\$@"
EOF
chmod 755 $PREFIX/bin/${ROLE}_${PKG}.bash
fi
exit 0

50
roles/toxcore/overlay/Linux/usr/local/src/tinfoilhat.shmoo.com.bash Executable file
View File

@ -0,0 +1,50 @@
#/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
[ -n "$PYDEV_VAR_LOCAL" ] && PREFIX=$PYDEV_VAR_LOCAL
DESC=""
. /var/local/src/var_local_src.bash || exit 1
HTTP_DIR=$PREFIX/net/Http
DIR=tinfoilhat.shmoo.com
URL=web.archive.org/web/20121116091222/http:/
cd $PREFIX/src || exit 2
WD=$PWD
if [ $# -eq 0 ] ; then
if [ ! -d $DIR ] ; then
route|grep -q ^default || exit 0
mkdir $DIR $DIR/source
wget -cP $DIR/source http://$URL/$DIR/source/bb-random.c \
http://$URL/$DIR/source/gpggrid-version-on-floppy.c \
http://$URL/$DIR/source/gpggrid.c || exit 3
fi
cd $PREFIX/src/$DIR/source || exit 4
[ -x gpggrid ] || \
cc -o gpggrid --static gpggrid.c || exit 5
[ -f staticgpggrid.c ] || \
sed -e 's/"gpg"/"staticgpg"/' gpggrid.c > staticgpggrid.c
[ -x staticgpggrid ] || \
cc -o staticgpggrid --static staticgpggrid.c || exit 6
[ -x $PREFIX/bin/gpggrid -a $PREFIX/bin/gpggrid -nt gpggrid ] || \
cp -p gpggrid $PREFIX/bin/ || exit 7
[ -x $PREFIX/bin/staticgpggrid -a $PREFIX/bin/staticgpggrid -nt gpggrid ] || \
cp -p staticgpggrid $PREFIX/bin/ || exit 8
OPREFIX=$PREFIX/share/genkernel/overlay
[ -d $OPREFIX/bin ] || mkdir $OPREFIX/bin
[ -x $OPREFIX/bin/staticgpggrid ] || \
ln $OPREFIX/bin/staticgpggrid $OPREFIX/bin/ || exit 9
fi
exit 0

18
roles/toxcore/overlay/Linux/usr/local/src/usr_local_toxcore.bash
View File

@ -3,9 +3,9 @@
prog=`basename $0 .bash`
ROLE=toxcore
PREFIX=/var/local
PREFIX=/usr/local
. /usr/local/bin/usr_local_tput.bash
# we install into /var/local/bin and it takes precedence
# export PATH=$PREFIX/bin:$PATH
#. /var/local/src/var_local_src.bash || exit 2
@ -15,10 +15,18 @@ if [ "$#" -eq 0 ] ; then
cd $PREFIX/src || exit 2
WD=$PWD
bash c-toxcore.bash || exit 3$?
bash tox_profile.bash || 4$?
bash c-toxcore.bash # || exit 3$?
bash tox_profile.bash # || 4$?
# sh mitogen.bash
# sh toxcore_docker.bash || exit 4$?
# which sdwdate >/dev/null 2>/dev/null || \
# [ -f $PREFIX/bin/sdwdate.bash ] || \
# sh sdwdate.bash
# sh toxcore_docker.bash || exit 4$?
sh gridfire.bash # || exit 6$?
sh pyassuan.bash #|| exit 7$?
sh tinfoilhat.shmoo.com.bash
# sh negotiator.bash
exit 0

40
roles/toxcore/tasks/Gentoo.yml
View File

@ -13,16 +13,16 @@
shell: |
role=toxcore
cd {{ BASE_ROOT_LOG_DIR }} || exit 2
/usr/local/bin/usr_local_base.bash box_gentoo_emerge {{item}} || exit $?
with_items:
- "{{ toxcore_pkgs_inst }}"
- "{{ toxcore_qemu_pkgs_inst if 'qemu' in TOXCORE_FEATURES }}"
- "{{ toxcore_qemu_pkgs_inst if 'libvirt' in TOXCORE_FEATURES }}"
- "{{ toxcore_libvirt_pkgs_inst if 'libvirt' in TOXCORE_FEATURES }}"
- "{{ toxcore_docker_pkgs_inst if 'DOCKER' in TOXCORE_FEATURES }}"
/usr/local/bin/usr_local_base.bash box_gentoo_emerge \
{{proxy_pkgs_bootstrap}} \
{{ toxcore_pkgs_inst }} \
{{ toxcore_qemu_pkgs_inst if 'qemu' in TOXCORE_FEATURES else '' }} \
{{ toxcore_qemu_pkgs_inst if 'libvirt' in TOXCORE_FEATURES else '' }} \
{{ toxcore_libvirt_pkgs_inst if 'libvirt' in TOXCORE_FEATURES else '' }} \
{{ toxcore_docker_pkgs_inst if 'docker' in TOXCORE_FEATURES else '' }} \
|| exit $?
ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}"
when:
- item != '' and item != []
- BASE_ARE_CONNECTED|default('') != ''
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
@ -30,14 +30,15 @@
environment: "{{ portage_proxy_env }}"
shell: |
cd {{ BASE_ROOT_LOG_DIR }} || exit 2
/usr/local/bin/usr_local_base.bash box_gentoo_emerge {{item}} || exit $?
with_items:
- "{{ toxcore_pkgs_inst_guest }}"
/usr/local/bin/usr_local_base.bash box_gentoo_emerge \
{{proxy_pkgs_bootstrap}} \
{{ toxcore_pkgs_inst_guest }} \
|| exit $?
[ -z "{{AGI_bootstrap_pips3}}" ] || pip3.sh install {{AGI_bootstrap_pips3}}
ignore_errors: "{{ BASE_PKG_IGNORE_ERRORS }}"
when:
- item != '' and item != []
- BASE_ARE_CONNECTED|default('') != ''
- "{{ ansible_virtualization_role|replace('NA', 'host') != 'host' }}"
- "ansible_virtualization_role|replace('NA', 'host') != 'host'"
- name: /etc/conf.d/consolefont
blockinfile:
@ -76,6 +77,19 @@
# safe ones
- block:
- name: app-admin/supervisor
shell: |
which supervisorctl 2>/dev/null || exit 0
cat >/etc/supervisor/conf.d/negotiator-host.conf >/dev/null << EOF
[program:negotiator-host]
command = /usr/local/bin/negotiator-host --daemon
autostart = True
stdout_logfile = /var/log/negotiator-host.log
stderr_logfile = /var/log/negotiator-host.log
EOF
supervisorctl update negotiator-host
when: false
- name: "/etc/portage/make.conf base Gentoo PORTAGE_ELOG"
blockinfile:
dest: /etc/portage/make.conf

2
roles/toxcore/tasks/hourly.yml
View File

@ -22,7 +22,7 @@
shell: |
UNIT=qemu-guest-agent
S=/etc/init.d/$UNIT
$S $UNIT status || {
$S status || {
retval=$?
echo WARN: $UNIT not running
exit 0 # $retval

45
roles/toxcore/tasks/main.yml
View File

@ -87,7 +87,8 @@
- name: modprobe VM modules toxcore_kmods_in_host
modprobe:
name: "{{ item }}"
state: "{{ 'absent' if ansible_virtualization_role|replace('NA', 'host') != 'host' else 'present'}}"
# "{{ 'absent' if ansible_virtualization_role|replace('NA', 'host') != 'host' else 'present'}}"
state: present
when:
- item != ''
with_items: "{{ toxcore_kmods_in_host }}"
@ -129,7 +130,8 @@
ignore_errors: true
with_nested:
- "{{ base_system_users }}"
- "{{ toxcore_standard_users_groups }}"
- "{{ toxcore_standard_users_groups_host if ansible_virtualization_role|replace('NA', 'host') == 'host' else [] }}"
- "{{ toxcore_standard_users_groups_guest if ansible_virtualization_role|replace('NA', 'host') != 'host' else [] }}"
- name: "make a directory for /data/Vms"
file:
@ -162,6 +164,18 @@
[ -f /usr/share/openpgp-keys/gentoo-release.asc ] && exit 0
gpg --import /usr/local/share/openpgp-keys/gentoo-release.asc
# FixMe: does this do SSH?
- name: /usr/local/bin/gitproxy.sh
blockinfile:
dest: "/usr/local/bin/gitproxy.bash"
create: yes
mode: 0775
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy"
block: |
exec corkscrew {{HTTP_PROXYHOST}} {{HTTP_PROXYPORT}} $1 $2
# $1 %h $2 %p
#? exec connect -4 -S {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}} $(tor-resolve $1 {{HTTP_PROXYHOST}}:{{HTTP_PROXYPORT}}) $2
# this should not run as root
# delegate_to: localhost? - no - per test
- name: "usr_local_toxcore.bash"
@ -309,6 +323,8 @@
-b {{BOX_NBD_OVERLAY_BR}} \
-p {{BOX_NBD_OVERLAY_PASS}} \
-o gentoo
args:
creates: "{{BOX_NBD_OVERLAY_DIR}}/{{BOX_NBD_OVERLAY_NAME}}.qcow2"
ignore_errors: true
when:
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
@ -353,3 +369,28 @@
# replace this ^A with a control-A to provoke an error in the error handler of yamlint
# yaml.reader.ReaderError: unacceptable character #x0001: special characters are not allowed
- block:
- name: ansible-keepassxc
ansible-keepassxc:
database: "{{ base_passwords_database }}"
entry: "HOSTVMS_LXD_TRUST_PASSWORD"
group: "/Ansible/hostvms"
password: "{{ base_passwords_password }}"
no_log: False
register: hostvms_lxd_trust_password
- debug:
verbosity: 1
var: hostvms_lxd_trust_password
check_mode: false
rescue:
- debug:
verbosity: 1
msg: "hostvms vms.yml WARN undefined or missing base_passwords_database "
- set_fact:
base_passwords_password: "{{HOSTVMS_LXD_TRUST_PASSWORD}}"
when: false

127
roles/toxcore/tasks/users.yml
View File

@ -7,6 +7,133 @@
verbosity: 1
msg: "toxcore users.yml LOOP_USER_F={{LOOP_USER_F[0]}}"
- block:
# https://stackoverflow.com/questions/13114268/passing-ciphers-to-libcurl-through-git
# https://git-scm.com/docs/git-config#git-config-httpsslCipherList
- name: ~/.gitconfig TEST_SSL_GIT_CIPHERLIST
ini_file:
path: "{{ item.dest }}"
create: yes
section: "http"
option: "sslCipherList"
value: "{{ TEST_SSL_GIT_CIPHERLIST|join(' ') }}"
when:
- TEST_SSL_GIT_CIPHERLIST|default([])|length > 0
with_items:
- {dest: "{{USER_HOME}}/.gitconfig", owner: "{{ LOOP_USER }}", group: "{{ BOX_ALSO_GROUP }}" }
# https://stackoverflow.com/questions/48938019/git-pull-push-unable-to-access-https-ssl-routines-seem-to-be-down
# git config http.sslVersion tlsv1.2
- name: ~/.gitconfig TEST_SSL_GIT_SSLVERSION
ini_file:
path: "{{ item.dest }}"
create: yes
section: "http"
option: "sslVersion"
value: "{{ TEST_SSL_GIT_SSLVERSION }}"
when:
- TEST_SSL_GIT_SSLVERSION|default('') != ''
with_items:
- { dest: "{{USER_HOME}}/.gitconfig", owner: "{{ LOOP_USER }}", group: "{{ BOX_ALSO_GROUP }}" }
# https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c
- name: ~/.gitconfig with proxy http
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTP_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy http"
block: |
[http]
# https sic
proxy = http://{{HTTPS_PROXYHOST}}:{{HTTPS_PROXYPORT}}
sslCAinfo = /usr/local/etc/ssl/cacert-testforge.pem
# http sic
sslverify = true
# sslversion = {{"tlsv1.3" if BOX_TLS_VERSION == "1.3" else "tlsv1.2"}}
when:
- HTTPS_PROXYHOST != '' and HTTPS_PROXYPORT != ''
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: git config --global http.sslverify "true"
shell: |
git config --global --list | grep -q http.sslverify.true || \
git config --global http.sslverify "true"
git config --global --list | grep -q https.sslverify.true || \
git config --global https.sslverify "true"
exit 0
- name: git config --global http.sslversion tlsv1.3
shell: |
# GIT_CURL_VERBOSE=1
git config --global --list | \
grep -q http.sslversion.tlsv1.{{BOX_TLS_VERSION}} || \
git config --global http.sslversion tlsv1.{{BOX_TLS_VERSION}}
exit 0
when:
- BOX_TLS_VERSION == "1.3"
- false
- name: ~/.gitconfig with proxy https
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTPS_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy https"
block: |
[https]
proxy = http://{{HTTPS_PROXYHOST}}:{{HTTPS_PROXYPORT}}
sslCAinfo = {{PLAY_CA_CERT}}
# http sic
sslverify = true
sslversion = {{"tlsv1.3" if BOX_TLS_VERSION == "1.3" else "tlsv1.2"}}
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: ~/.gitconfig with proxy core
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if HTTP_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy core"
block: |
[core]
gitproxy = /usr/local/bin/gitproxy.bash
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
- name: ~/.gitconfig with proxy socks
blockinfile:
dest: "{{ item.dest|expanduser }}"
owner: "{{ item.owner }}"
create: yes
state: "{{ 'present' if SOCKS_PROXY != '' else 'absent' }}"
marker: "# {mark} ANSIBLE MANAGED BLOCK proxy socks"
block: |
[socks]
proxy = {{SOCKS_PROXYTYPE}}://{{SOCKS_PROXYHOST}}:{{SOCKS_PROXYPORT}}
when:
- true
with_items:
- dest: "~{{LOOP_USER}}/.gitconfig"
owner: "{{ LOOP_USER }}"
when:
- "LOOP_USER != 'portage'"
- block:
- name: /etc/sysconfig/docker

16
roles/toxcore/tasks/vms.yml
View File

@ -137,6 +137,22 @@
- /var/lib/libvirt/dnsmasq/default.conf
ignore_errors: true
- name: foo
shell: |
# https://pypi.org/project/negotiator-common/#on-kvm-qemu-guests
GUEST_NAME="gentoo_vm-2" # or gentoo_overlay-2
cat > /dev/null << EOF
<channel type='unix'>
<source mode='bind' path='/var/lib/libvirt/qemu/channel/target/$GUEST_NAME.negotiator-host-to-guest.0' />
<target type='virtio' name='negotiator-host-to-guest.0' />
</channel>
<channel type='unix'>
<source mode='bind' path='/var/lib/libvirt/qemu/channel/target/$GUEST_NAME.negotiator-guest-to-host.0' />
<target type='virtio' name='negotiator-guest-to-host.0' />
</channel>
EOF
when:
- "'libvirt' in TOXCORE_FEATURES" # or 'lxd' in TOXCORE_FEATURES"
- ( ansible_virtualization_type is not defined or

13
roles/toxcore/vars/Gentoo2.yml
View File

@ -4,14 +4,16 @@
toxcore_system_users: "{{ base_system_users }}"
toxcore_also_users: "{{ base_also_users }}"
toxcore_standard_users_groups:
toxcore_standard_users_groups_guest:
- disk
toxcore_standard_users_groups_host:
- disk
- "{{ 'libvirt' if 'libvirt' in TOXCORE_FEATURES else '' }}"
- "{{ 'qemu' if ( 'qemu' in TOXCORE_FEATURES or 'libvirt' in TOXCORE_FEATURES ) else '' }}"
- "{{ 'kvm' if ( 'qemu' in TOXCORE_FEATURES or 'libvirt' in TOXCORE_FEATURES ) else '' }}"
- "{{ 'docker' if 'docker' in TOXCORE_FEATURES else '' }}"
toxcore_libvirt_services:
- libvirtd
# - qemu-guest-agent
@ -28,6 +30,11 @@ toxcore_pkgs_inst:
- net-misc/bridge-utils
- sys-apps/sdparm
- sys-apps/hdparm
# install
- app-misc/jq
- dev-vcs/git
- net-vpn/corkscrew
- net-analyzer/openbsd-netcat
### virt-manager
- media-libs/libvpx
- net-libs/libpsl
@ -97,4 +104,4 @@ toxcore_pips3_inst:
- pysha3
- pycryptodomex
- pyanalyze
- negotiator-host

21
src/ansible_gentooimgr/library/ansible_gentooimgr.py
View File

@ -11,6 +11,7 @@ import pathlib
import traceback
# in the library
mod_path = ''
if os.environ.get('PLAY_ANSIBLE_SRC',''):
# running from source
mod_path = os.environ.get('PLAY_ANSIBLE_SRC','')
@ -152,11 +153,18 @@ from ansible.module_utils.basic import AnsibleModule
def run_module():
# define available arguments/parameters a user can pass to the module
#? default config from __file__ ?
if mod_path and os.path.isdir(mod_path):
def_config = os.path.join(mod_path, 'configs', 'base.json')
else:
# WARN:
def_config = 'base.json'
module_args = dict(
action=dict(type='str', required=True),
loglevel=dict(type='int', required=False, default=logging.INFO),
threads=dict(type='int', required=False, default=1),
config=dict(type='str', default='cloud.json', required=False),
# Module error: required and default are mutually exclusive for config
config=dict(type='path', default=def_config),
profile=dict(type='str', required=False),
kernel_dir=dict(type='path', required=False),
portage=dict(type='path', required=False),
@ -204,17 +212,19 @@ def run_module():
try:
from gentooimgr.__main__ import main
retval = main(oargs)
# should be 0
# is stdout already in result? how can it be?
except Exception as e:
result['message'] = str(e)
e = traceback.print_exc()
if e: result['original_message'] += f"{e}"
module.fail_json(msg='Exception', **result)
result['original_message'] = f"{traceback.print_exc()}"
module.fail_json(msg=f'Exception {e.__class__}', **result)
else:
result['message'] = str(retval)
# use whatever logic you need to determine whether or not this module
# made any modifications to your target
if dArgs['action'] in ['status']:
# build run test chroot unchroot status clean kernel shrink
if oargs.action in ['status', '']:
result['changed'] = False
else:
result['changed'] = True
@ -227,7 +237,6 @@ def run_module():
def main():
run_module()
if __name__ == '__main__':
main()