This commit is contained in:
parent
ee5dae26a9
commit
edb39c7b33
60
Makefile
60
Makefile
@ -3,100 +3,100 @@ LINUXKIT ?= $(GOPATH)/bin/linuxkit
|
||||
tuto1: login-initrd.img challenge token-validator/token-validator server.iso
|
||||
|
||||
pkg/login-app: pkg/login-app/cmd/login.go pkg/login-app/cmd/dialog-checklogin.go pkg/login-app/cmd/dialog-login.go pkg/login-app/cmd/login-app pkg/login-app/cmd/dialog-errmsg.go pkg/login-app/cmd/main.go pkg/login-app/cmd/stream.go pkg/login-app/cmd/cinematic.go pkg/login-app/build.yml pkg/login-app/Dockerfile
|
||||
$(LINUXKIT) pkg build -platforms linux/amd64 -org nemunaire pkg/login-app/
|
||||
#$(LINUXKIT) pkg push -org nemunaire --sign=false pkg/login-app/
|
||||
$(LINUXKIT) pkg build pkg/login-app/
|
||||
#$(LINUXKIT) pkg push --sign=false pkg/login-app/
|
||||
touch pkg/login-app
|
||||
|
||||
login-initrd.img: login.yml pkg/login-app
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
|
||||
token-validator/token-validator: token-validator/*.go
|
||||
go generate ./token-validator
|
||||
GOOS=linux GOARM=5 GOARCH=arm go build -tags netgo -ldflags '-w -extldflags "-static"' -o $@ ./token-validator
|
||||
|
||||
pkg/challenge: pkg/challenge/adlin pkg/challenge/issue pkg/challenge/init
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/challenge/
|
||||
$(LINUXKIT) pkg build pkg/challenge/
|
||||
|
||||
challenge-initrd.img: challenge.yml subject/adlin.6.gz subject/adlin-TP1-topologie.png pkg/challenge pkg/challenge/init pkg/shadow-up
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
|
||||
|
||||
pkg/arp-spoofer: pkg/arp-spoofer/cmd/main.go pkg/arp-spoofer/cmd/arp.go pkg/arp-spoofer/build.yml pkg/arp-spoofer/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire $@
|
||||
$(LINUXKIT) pkg build $@
|
||||
touch $@
|
||||
|
||||
pkg/chrony: pkg/chrony/build.yml pkg/chrony/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/chrony/
|
||||
$(LINUXKIT) pkg build pkg/chrony/
|
||||
touch pkg/chrony
|
||||
|
||||
pkg/shadow-up: pkg/shadow-up/build.yml pkg/shadow-up/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/shadow-up/
|
||||
$(LINUXKIT) pkg build pkg/shadow-up/
|
||||
touch pkg/shadow-up
|
||||
|
||||
pkg/login-validator: pkg/login-validator/cmd/login.go pkg/login-validator/cmd/main.go pkg/login-validator/cmd/pxetpl.go pkg/login-validator/cmd/logout.go pkg/login-validator/cmd/auth.go pkg/login-validator/cmd/arp.go pkg/login-validator/cmd/auth_krb5.go pkg/login-validator/cmd/auth_ldap.go pkg/login-validator/cmd/students.go pkg/login-validator/cmd/auth_fwd.go pkg/login-validator/cmd/ssh.go pkg/login-validator/build.yml pkg/login-validator/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/login-validator/
|
||||
$(LINUXKIT) pkg build pkg/login-validator/
|
||||
touch pkg/login-validator
|
||||
|
||||
pkg/minichecker: pkg/minichecker/build.yml pkg/minichecker/cmd/main.go pkg/minichecker/cmd/adlin.token pkg/minichecker/cmd/adlin.conf pkg/minichecker/cmd/checker.go pkg/minichecker/cmd/encode.go pkg/minichecker/cmd/wg.go pkg/minichecker/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/minichecker/
|
||||
$(LINUXKIT) pkg build pkg/minichecker/
|
||||
touch pkg/minichecker
|
||||
|
||||
pkg/resolver: pkg/resolver/build.yml pkg/resolver/docker-entrypoint.sh pkg/resolver/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/resolver/
|
||||
$(LINUXKIT) pkg build pkg/resolver/
|
||||
touch pkg/resolver
|
||||
|
||||
pkg/monit: pkg/monit/build.yml pkg/monit/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/monit/
|
||||
$(LINUXKIT) pkg build pkg/monit/
|
||||
touch pkg/monit
|
||||
|
||||
pkg/postfix: pkg/postfix/build.yml pkg/postfix/docker-entrypoint.sh pkg/postfix/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/postfix/
|
||||
$(LINUXKIT) pkg build pkg/postfix/
|
||||
touch pkg/postfix
|
||||
|
||||
pkg/tftpd: pkg/tftpd/build.yml pkg/tftpd/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/tftpd/
|
||||
$(LINUXKIT) pkg build pkg/tftpd/
|
||||
touch pkg/tftpd
|
||||
|
||||
pkg/unbound: pkg/unbound/build.yml pkg/unbound/docker-entrypoint.sh pkg/unbound/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/unbound/
|
||||
$(LINUXKIT) pkg build pkg/unbound/
|
||||
touch pkg/unbound
|
||||
|
||||
pkg/wg-manager: pkg/wg-manager/cmd/register.go pkg/wg-manager/cmd/main.go pkg/wg-manager/build.yml pkg/wg-manager/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/wg-manager/
|
||||
$(LINUXKIT) pkg build pkg/wg-manager/
|
||||
touch pkg/wg-manager
|
||||
|
||||
server.iso: server.yml students.csv solver.sh ssl/fullchain.pem ssl/privkey.pem challenge-initrd.img pkg/arp-spoofer pkg/chrony pkg/login-validator pkg/monit pkg/postfix pkg/tftpd pkg/unbound pkg/wg-manager challenge-kernel login-initrd.img
|
||||
$(LINUXKIT) build -docker -format iso-bios $<
|
||||
$(LINUXKIT) build -format iso-bios $<
|
||||
|
||||
pkg/debian-tuto2: pkg/debian-tuto2/sshd_config pkg/debian-tuto2/gai.conf pkg/debian-tuto2/isolinux.cfg pkg/debian-tuto2/build.yml pkg/debian-tuto2/default.script pkg/debian-tuto2/issue pkg/debian-tuto2/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/debian-tuto2/
|
||||
$(LINUXKIT) pkg build pkg/debian-tuto2/
|
||||
touch pkg/debian-tuto2
|
||||
|
||||
pkg/debian-tuto3: pkg/debian-tuto3/sshd_config pkg/debian-tuto3/build.yml pkg/debian-tuto3/issue pkg/debian-tuto3/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/debian-tuto3/
|
||||
$(LINUXKIT) pkg build pkg/debian-tuto3/
|
||||
touch pkg/debian-tuto3
|
||||
|
||||
pkg/router-tuto3: pkg/router-tuto3/build.yml pkg/router-tuto3/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/router-tuto3/
|
||||
$(LINUXKIT) pkg build pkg/router-tuto3/
|
||||
touch pkg/router-tuto3
|
||||
|
||||
pkg/tinydeb: pkg/tinydeb/sshd_config pkg/tinydeb/gai.conf pkg/tinydeb/build.yml pkg/tinydeb/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/tinydeb/
|
||||
$(LINUXKIT) pkg build pkg/tinydeb/
|
||||
touch pkg/tinydeb
|
||||
|
||||
pkg/nsd: pkg/nsd/sshd_config pkg/nsd/build.yml pkg/nsd/init pkg/nsd/Dockerfile
|
||||
$(LINUXKIT) pkg build --platforms linux/amd64 -org nemunaire pkg/nsd/
|
||||
$(LINUXKIT) pkg build pkg/nsd/
|
||||
touch pkg/nsd
|
||||
|
||||
tuto2-kernel: tuto2.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
tuto2-initrd.img: tuto2.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
tuto2-cmdline: tuto2.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
|
||||
tuto2.iso: tuto2.yml pkg/debian-tuto2 tuto2-kernel tuto2-initrd.img tuto2-cmdline
|
||||
$(LINUXKIT) build -docker -format iso-bios $<
|
||||
$(LINUXKIT) build -format iso-bios $<
|
||||
|
||||
tuto2-srs.iso: tuto2.iso pkg/debian-tuto2/isolinux.cfg
|
||||
$(eval TDIR := $(shell mktemp -d))
|
||||
@ -111,14 +111,14 @@ tuto2-srs.iso: tuto2.iso pkg/debian-tuto2/isolinux.cfg
|
||||
|
||||
|
||||
tuto3-kernel: tuto3.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
tuto3-initrd.img: tuto3.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
tuto3-cmdline: tuto3.yml
|
||||
$(LINUXKIT) build -docker $<
|
||||
$(LINUXKIT) build $<
|
||||
|
||||
tuto3.iso: tuto3.yml pkg/debian-tuto3 pkg/router-tuto3 pkg/minichecker pkg/tinydeb pkg/resolver pkg/nsd
|
||||
$(LINUXKIT) build -docker -format iso-bios $<
|
||||
$(LINUXKIT) build -format iso-bios $<
|
||||
|
||||
|
||||
%.gz: %
|
||||
|
@ -1,6 +1,6 @@
|
||||
init:
|
||||
- nemunaire/challenge:1eb99bdaa1004954b4ec54b80b0880553c5bbc42
|
||||
- nemunaire/adlin-shadow-up:fc15bed2d2d8886b968a4b7ac3d5e4a46bc1f3e4
|
||||
- nemunaire/challenge:64dfdf00665351139e74647ab57b12008a7ac87b
|
||||
- nemunaire/adlin-shadow-up:b368191dfd79645f3eca099a00bef8dfcdb7a2e9
|
||||
|
||||
files:
|
||||
- path: etc/motd
|
||||
|
@ -1,6 +1,6 @@
|
||||
init:
|
||||
- busybox
|
||||
- nemunaire/adlin-login-app:9a44e761e0c038bdb2e4df1f2c0aa7b8f092fc4a
|
||||
- nemunaire/adlin-login-app:4862e66e6cbd283342632117f6be0bcf88db3d17
|
||||
|
||||
files:
|
||||
- path: /etc/ssl/certs/DST_Root_CA_X3.pem
|
||||
|
14
server.yml
14
server.yml
@ -136,7 +136,7 @@ services:
|
||||
- /var/lib/adlin/dhcp
|
||||
|
||||
- name: tftpd
|
||||
image: nemunaire/tftpd:de6fcc89d7cbaa46aa5e37821aeac24136f84761
|
||||
image: nemunaire/tftpd:4fe95ed57b7eea7e5d6156ce069415b2e5f7f307
|
||||
capabilities:
|
||||
- all
|
||||
binds:
|
||||
@ -146,11 +146,11 @@ services:
|
||||
- /var/lib/adlin/shadows:/srv/tftp/s
|
||||
|
||||
- name: arp-spoofer
|
||||
image: nemunaire/adlin-arp-spoofer:9cfd4b106e4a70281fad33fb36df1a189f846cb6
|
||||
image: nemunaire/adlin-arp-spoofer:79166bd1651bdf70d9f14d229fbe4c64af8c0e16
|
||||
command: ["/bin/arp-spoofer", "-iface=br-ext", "-ip-spoof=172.17.0.15"]
|
||||
|
||||
- name: login-validator
|
||||
image: nemunaire/adlin-login-validator:c2219509080d43b20a3e627bae3e15db2984fba4
|
||||
image: nemunaire/adlin-login-validator:a74d2aa0973c54ee79fb71211327f67e60537192
|
||||
# command: ["/bin/login-validator", "-bind=:8081", "-auth=ldap", "-ldaphost=auth.cri.epita.net", "-ldapport=636", "-ldaptls", "-ldapbase=dc=epita,dc=net"]
|
||||
command: ["/bin/login-validator", "-bind=:8081", "-auth=krb5", "-krb5realm=CRI.EPITA.FR"]
|
||||
# command: ["/bin/login-validator", "-bind=:8081", "-auth=fwd", "-fwduri=https://adlin.nemunai.re/auth"]
|
||||
@ -211,7 +211,7 @@ services:
|
||||
- /usr/share/ca-certificates:/usr/share/ca-certificates:ro
|
||||
|
||||
- name: wg
|
||||
image: nemunaire/wg-manager:5f60162cc1d934a209bbac8d963a2d9f6ba10c04
|
||||
image: nemunaire/wg-manager:13779ec800f6d19dbaf7f6df8547c0b13f17a2e3
|
||||
command: ["/bin/wg-manager", "-bind=:80" ]
|
||||
capabilities:
|
||||
- all
|
||||
@ -220,7 +220,7 @@ services:
|
||||
- /etc/resolv.conf:/etc/resolv.conf:ro
|
||||
|
||||
- name: ns
|
||||
image: nemunaire/unbound:f0cf18323a1a39a11d3c0d13a7ac44d5f0c93769
|
||||
image: nemunaire/unbound:22c723d1573625a77fe28eeb067ca0d1491f6742
|
||||
net: /run/netns/dmz-ns
|
||||
capabilities:
|
||||
- all
|
||||
@ -228,7 +228,7 @@ services:
|
||||
- /etc/unbound:/etc/unbound:ro
|
||||
|
||||
- name: time
|
||||
image: nemunaire/chrony:83fc8904f9c75f83f762685fd85c1dda877a5ad7
|
||||
image: nemunaire/chrony:cdcbb129ae520331e84a99c03850680fe0e4ea3
|
||||
command: ["/usr/sbin/chronyd", "-d"]
|
||||
net: /run/netns/dmz-time
|
||||
capabilities:
|
||||
@ -243,7 +243,7 @@ services:
|
||||
- /etc/chrony/chrony.conf:/etc/chrony/chrony.conf:ro
|
||||
|
||||
- name: postfix
|
||||
image: nemunaire/postfix:6c556b4517ddb596ae0d084ec9783de9eba6534d
|
||||
image: nemunaire/postfix:e124ee4a989579997e4d73ac2346a132ff07be3c
|
||||
net: /run/netns/dmz-mail
|
||||
capabilities:
|
||||
- CAP_CHOWN
|
||||
|
Reference in New Issue
Block a user