teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

Compare commits

base: teach:ef1acd369a8e25e945cc0f9d9522428b20abafde
Branches Tags
teach:master
teach:renovate/github.com-gdamore-tcell-v2-2.x
teach:renovate/linuxkit-kernel-6.x
teach:renovate/golang-1.x
teach:renovate/postgres-16.x
teach:srs2024-tutorial2-v2
teach:srs2024-tutorial2-v1
teach:srs2023-tutorial3-1
teach:srs2023-tutorial3-0
teach:srs2023-tutorial2-0
teach:challenge-srs2023
teach:srs2023-tutorial2-test
..
compare: teach:d23dc76713a581d47580edf4d0309631e993097e
Branches Tags
teach:renovate/github.com-gdamore-tcell-v2-2.x
teach:master
teach:renovate/linuxkit-kernel-6.x
teach:renovate/golang-1.x
teach:renovate/postgres-16.x
teach:srs2024-tutorial2-v2
teach:srs2024-tutorial2-v1
teach:srs2023-tutorial3-1
teach:srs2023-tutorial3-0
teach:srs2023-tutorial2-0
teach:challenge-srs2023
teach:srs2023-tutorial2-test

No commits in common. "ef1acd369a8e25e945cc0f9d9522428b20abafde" and "d23dc76713a581d47580edf4d0309631e993097e" have entirely different histories.
ef1acd369a ... d23dc76713

4 changed files with 29 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

53
tuto3.yml
View file

@ -1,5 +1,5 @@
kernel:
image: linuxkit/kernel:5.15.27
image: linuxkit/kernel:5.10.92
# cmdline: "console=ttyS0 root=/dev/sda1 root=/dev/sr0 adlin.token=LqCdJDfniA"
cmdline: "console=tty0"
@ -130,7 +130,8 @@ services:
- /var/lib/adlin/wks-rh1resolv.conf:/etc/resolv.conf
- name: mainrouter
image: nemunaire/router-tuto3:ad91a16906567e1dcf90b39519691bea16954053
#image: nemunaire/adlin-tuto3:485bb9556ca3bc33e7fee16edd93c05f35eb1455
image: nemunaire/router-tuto3:c07718ca23c03ff5033c4042f0cbeca6c26d4e6f
net: /run/netns/router
pid: new
ipc: new
@ -153,7 +154,7 @@ services:
- /lib/preinit/30_failsafe_wait:/lib/preinit/30_failsafe_wait
- /lib/preinit/99_10_failsafe_login:/lib/preinit/99_10_failsafe_login
- name: matrix
image: nemunaire/tinydeb:642bb2fd0ed04a0f72ff21096c7aa656cce5d34f
image: nemunaire/tinydeb:2ec3c0260da7242df267799dfe08fe2eb0d014b1
net: /run/netns/chat
pid: new
ipc: new
@ -169,7 +170,7 @@ services:
- /etc/hosts:/etc/hosts:ro
- /etc/dresolv.conf:/etc/resolv.conf
- name: ns-resolv
image: nemunaire/resolver:37943d61abe99963ca57666576af76461add2948
image: nemunaire/resolver:4988e30d81f3b1782e7bc520d2d24123930d72a6
net: /run/netns/ns
pid: new
ipc: new
@ -185,7 +186,7 @@ services:
- /etc/unbound:/etc/unbound:ro
- /etc/services:/etc/services:ro
- name: ns-auth
image: docker.io/nemunaire/nsd:37be535f826c14608bff17e2ab0688df526282c0
image: nemunaire/nsd:b96e6b002e08afd42e4c77ee71766264c42cac57
net: /run/netns/ns-auth
pid: new
ipc: new
@ -208,7 +209,7 @@ services:
- /var/lib/adlin/nsd
- /var/lib/adlin/nsd-db
- name: db
image: postgres:10-alpine
image: postgres:alpine
net: /run/netns/db
pid: new
ipc: new
@ -220,7 +221,7 @@ services:
- LANG=en_US.utf8
- PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/"
- PGDATA=/var/lib/postgresql/data
- POSTGRES_PASSWORD=adlin2023
- POSTGRES_PASSWORD=adlin2022
binds:
- /etc/services:/etc/services:ro
- /initdb/:/docker-entrypoint-initdb.d/:ro
@ -237,7 +238,7 @@ services:
# env:
# - MM_USERNAME=mattermost
# - MM_DBNAME=mattermost
# - MM_PASSWORD=adlin2023
# - MM_PASSWORD=adlin2022
# binds:
# - /etc/services:/etc/services:ro
# - /etc/hosts:/etc/hosts:ro
@ -252,18 +253,18 @@ services:
- all
command: ["/bin/sh", "-c", "sleep 10; /usr/bin/miniflux"]
env:
- DATABASE_URL=postgres://miniflux:adlin2023@db/miniflux?sslmode=disable
- DATABASE_URL=postgres://miniflux:adlin2022@db/miniflux?sslmode=disable
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
- ADMIN_USERNAME=adeline
- ADMIN_PASSWORD=adlin2023
- ADMIN_PASSWORD=adlin2022
- LISTEN_ADDR=0.0.0.0:8080
binds:
- /etc/hosts:/etc/hosts:ro
- /etc/dresolv.conf:/etc/resolv.conf
- /etc/services:/etc/services:ro
- name: web
image: nemunaire/tinydeb:642bb2fd0ed04a0f72ff21096c7aa656cce5d34f
image: nemunaire/tinydeb:2ec3c0260da7242df267799dfe08fe2eb0d014b1
net: /run/netns/web
pid: new
ipc: new
@ -280,7 +281,7 @@ services:
# Workstation testers
- name: minichecker-wks-rh2
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
net: /run/netns/wks-rh2
pid: new
ipc: new
@ -290,7 +291,7 @@ services:
- /var/lib/adlin/wks-rh2resolv.conf:/etc/resolv.conf
- /var/lib/adlin/wireguard/:/etc/wireguard/:ro
- name: minichecker-wks-dg1
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
net: /run/netns/wks-dg1
pid: new
ipc: new
@ -301,7 +302,7 @@ services:
- /var/lib/adlin/wks-dg1resolv.conf:/etc/resolv.conf
- /var/lib/adlin/wireguard/:/etc/wireguard/:ro
- name: minichecker-wks-cm1
image: nemunaire/minichecker:58a22accfab97d6c9bcabfc03c66904ebc6e5cf6
image: nemunaire/minichecker:a5d37bb2ebed6df0e586184582763eb0cf727b51
net: /run/netns/wks-cm1
pid: new
ipc: new
@ -376,7 +377,7 @@ files:
#!/bin/sh
set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
CREATE USER miniflux WITH PASSWORD 'adlin2023';
CREATE USER miniflux WITH PASSWORD 'adlin2022';
CREATE DATABASE miniflux;
GRANT ALL PRIVILEGES ON DATABASE miniflux TO miniflux;
EOSQL
@ -387,14 +388,14 @@ files:
- path: /initdb/init-matrix.sql
contents: |
CREATE USER matrix WITH PASSWORD 'adlin2023';
CREATE USER matrix WITH PASSWORD 'adlin2022';
CREATE DATABASE matrix ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0 OWNER matrix;
GRANT ALL PRIVILEGES ON DATABASE matrix TO matrix;
mode: "0444"
- path: /initdb/init-website.sql
contents: |
CREATE USER website WITH PASSWORD 'adlin2023';
CREATE USER website WITH PASSWORD 'adlin2022';
CREATE DATABASE website ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' TEMPLATE template0 OWNER website;
GRANT ALL PRIVILEGES ON DATABASE website TO website;
mode: "0444"
@ -571,13 +572,13 @@ files:
[ -f /var/lib/adlin/wrt-etc/config/network ] || cat > /var/lib/adlin/wrt-etc/config/network <<EOF
config interface 'loopback'
option device 'lo'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'wan'
option device 'eth0'
option ifname 'eth0'
option proto 'dhcp'
EOF
@ -627,7 +628,7 @@ files:
option endpoint_port '42912'
config interface 'srv'
option device 'ethsrv'
option ifname 'ethsrv'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '172.23.42.1'
@ -684,7 +685,7 @@ files:
- path: /etc/init.d/800-rw-passwd.sh
contents: |
#!/bin/sh
sed -ri '/^root/s@^root::.*$@root:$1$XMaL.0yJ$Z9imHkT2P9ddci.FeYhVK0:18706:0:99999:7:::@' /var/lib/adlin/wrt-etc/shadow
sed -ri '/^root/s@^root::.*$@root:$1$ChIJgCib$1IYTTG.wKCXqbo1RMEQCc0:18706:0:99999:7:::@' /var/lib/adlin/wrt-etc/shadow
mkdir -p /var/lib/adlin/wrt-etc/dropbear/
[ -f /var/lib/adlin/authorized_keys ] && ! [ -f /var/lib/adlin/wrt-etc/dropbear/authorized_keys ] && cp /var/lib/adlin/authorized_keys /var/lib/adlin/wrt-etc/dropbear/authorized_keys
@ -696,11 +697,11 @@ files:
for svc in matrix ns-auth ns-resolv web
do
sed -ri '/^root/s@^.*$@root:$6$R0XGKnrwzA4kTcET$6JsBy0Ib7xzy3OUZLq81/Cu4XswmOzv4VmCBJ76jAq/lJ049rxrHsyzGhUY8TONLdlbKfm0.EhCKB4NLivdck/:18707:0:99999:7:::@' /containers/services/${svc}/rootfs/etc/shadow
sed -ri '/^root/s@^.*$@root:$6$4/xWhDY0JERkg6eg$ZKglx2TQT2ITM525di2aOhda9r9L.kUjYArPTF5pVTzi3/SRe.My4Z5Cg9vabK0ax2kZ.lLPFHA8v7jw.0N/8.:18707:0:99999:7:::@' /containers/services/${svc}/rootfs/etc/shadow
cp /etc/services /containers/services/${svc}/rootfs/etc/services
mkdir -p /containers/services/${svc}/rootfs/root/.ssh
[ -f /var/lib/adlin/authorized_keys ] && cp /var/lib/adlin/authorized_keys /containers/services/${svc}/rootfs/root/.ssh/authorized_keys
nsenter -t $(ctr -n services.linuxkit t ls | grep ${svc} | awk '{ print $2 }') -a -- sh -c 'ssh-keygen -A; service sshd restart;'
nsenter -t $(ctr -n services.linuxkit t ls | grep ${svc} | awk '{ print $2 }') -a -- ssh-keygen -A
done
exit 0
@ -717,7 +718,7 @@ files:
contents: |
#!/bin/sh
sleep 20
nsenter -t $(pgrep procd | head -1) -a -- curl -s -u adeline:adlin2023 -d @- http://172.23.42.6:8080/v1/import < /root/feeds.opml 2> /dev/null > /dev/null
nsenter -t $(pgrep procd | head -1) -a -- curl -s -u adeline:adlin2022 -d @- http://172.23.42.6:8080/v1/import < /root/feeds.opml 2> /dev/null > /dev/null
exit 0
mode: "0555"
@ -906,7 +907,7 @@ files:
- path: etc/rshadow
contents: |
root:$1$XMaL.0yJ$Z9imHkT2P9ddci.FeYhVK0:18706:0:99999:7:::
root:$1$ChIJgCib$1IYTTG.wKCXqbo1RMEQCc0:18706:0:99999:7:::
daemon:*:0:0:99999:7:::
ftp:*:0:0:99999:7:::
network:*:0:0:99999:7:::
@ -944,7 +945,7 @@ files:
- path: etc/wshadow
contents: |
root:$6$R0XGKnrwzA4kTcET$6JsBy0Ib7xzy3OUZLq81/Cu4XswmOzv4VmCBJ76jAq/lJ049rxrHsyzGhUY8TONLdlbKfm0.EhCKB4NLivdck/:18707:0:99999:7:::
root:$6$4/xWhDY0JERkg6eg$ZKglx2TQT2ITM525di2aOhda9r9L.kUjYArPTF5pVTzi3/SRe.My4Z5Cg9vabK0ax2kZ.lLPFHA8v7jw.0N/8.:18707:0:99999:7:::
daemon:*:17575:0:99999:7:::
bin:*:17575:0:99999:7:::
sys:*:17575:0:99999:7:::

1
tutorial/header.tex
View file

@ -18,7 +18,6 @@
\renewcommand{\maketitlehooka}{\sffamily}
% Use monospaced font for URLs
\usepackage{hyperref}
\urlstyle{tt}
% In french, list item starts with dash, not bullet

3
tutorial/nat/netfilter.md
View file

@ -98,9 +98,8 @@ Depuis le routeur, vous pouvez vous SSH en utilisant le nom d'hôte attribué au
machines :
<div lang="en-US">
- `ssh root@news`
- `ssh root@matrix`
- `ssh root@ns`
- `ssh root@ns-auth`
- `ssh root@web`
</div>

2
tutorial/nat/what.md
View file

@ -86,7 +86,7 @@ pris en compte.
### Connexions SSH
Vous pouvez vous connecter en utilisant le compte `root` et le mot de passe
`adlin2023`. Comme au précédent TP, si vous disposez d'une ou plusieurs [clefs
`adlin2022`. Comme au précédent TP, si vous disposez d'une ou plusieurs [clefs
SSH enregistrées au CRI](https://cri.epita.fr/users/nemunaire/ssh-keys/),
celles-ci sont automatiquement ajoutées aux différents serveurs. Cependant,
seuls les clefs RSA et DSA sont utilisables pour se connecter sur le routeur,