Pierre-Olivier Mercier
edb39c7b33
Some checks are pending
continuous-integration/drone/push Build is running
107 lines
3.2 KiB
YAML
107 lines
3.2 KiB
YAML
init:
|
|
- nemunaire/challenge:64dfdf00665351139e74647ab57b12008a7ac87b
|
|
- nemunaire/adlin-shadow-up:b368191dfd79645f3eca099a00bef8dfcdb7a2e9
|
|
|
|
files:
|
|
- path: etc/motd
|
|
contents: |
|
|
Welcome to AdLin course!
|
|
|
|
You'll find your instructions in the manual.
|
|
|
|
Good luck!
|
|
|
|
mode: "0644"
|
|
- path: etc/ssmtp/ssmtp.conf
|
|
contents: |
|
|
mailhub=172.23.200.4
|
|
mode: "0644"
|
|
- path: usr/share/man/man6/adlin.6.gz
|
|
source: subject/adlin.6.gz
|
|
mode: "0644"
|
|
- path: root/adlin-TP1-topologie.png
|
|
source: subject/adlin-TP1-topologie.png
|
|
mode: "0644"
|
|
|
|
- path: bin/adlin
|
|
source: pkg/challenge/adlin
|
|
mode: "0755"
|
|
- path: etc/issue
|
|
source: pkg/challenge/issue
|
|
mode: "0644"
|
|
- path: etc/passwd
|
|
contents: |
|
|
root:x:0:0:root:/root:/bin/ash
|
|
bin:x:1:1:bin:/bin:/bin/false
|
|
daemon:x:2:2:daemon:/sbin:/bin/false
|
|
adm:x:3:4:adm:/var/adm:/bin/false
|
|
lp:x:4:7:lp:/var/spool/lpd:/bin/false
|
|
sync:x:5:0:sync:/sbin:/bin/sync
|
|
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
|
|
halt:x:7:0:halt:/sbin:/sbin/halt
|
|
news:x:9:13:news:/var/spool/news:/bin/false
|
|
uucp:x:10:14:uucp:/var/spool/uucp:/bin/false
|
|
operator:x:11:0:operator:/root:/bin/ash
|
|
ntp:x:123:123:NTP:/var/empty:/sbin/nologin
|
|
mode: "0644"
|
|
- path: etc/shadow
|
|
contents: |
|
|
root:!:0::::::
|
|
bin:!:0::::::
|
|
daemon:!:0::::::
|
|
adm:!:0::::::
|
|
lp:!:0::::::
|
|
sync:!:0::::::
|
|
shutdown:!:0::::::
|
|
halt:!:0::::::
|
|
news:!:0::::::
|
|
uucp:!:0::::::
|
|
operator:!:0::::::
|
|
ntp:!:0::::::
|
|
mode: "0640"
|
|
- path: etc/ntpd.conf
|
|
contents: |
|
|
# $OpenBSD: ntpd.conf,v 1.14 2015/07/15 20:28:37 ajacoutot Exp $
|
|
#
|
|
# See ntpd.conf(5) and /etc/examples/ntpd.conf
|
|
|
|
# Pro tip: Change pool.ntp.org to a raw IP if you don't have access to a nameserver yet
|
|
servers pool.ntp.org
|
|
sensor *
|
|
mode: "0644"
|
|
- path: init
|
|
source: pkg/challenge/init
|
|
mode: "0755"
|
|
- path: sbin/fakelogin
|
|
contents: |
|
|
#!/bin/sh
|
|
|
|
grep -q '^root:!' /etc/shadow && {
|
|
[ "$2" = "root" ] &&
|
|
echo -e "\\e[01mTip: vous souvenez-vous du mot de passe root ?\\e[0m" ||
|
|
echo -e "\\e[01mTip: cette machine n'est pas reliée à l'authentification de l'école.\\e[0m"
|
|
}
|
|
|
|
exec login $@
|
|
mode: "0755"
|
|
- path: bin/wg-adlin
|
|
contents: |
|
|
#!/bin/sh
|
|
|
|
privatekey="$(wg genkey)"
|
|
grep PrivateKey /etc/wireguard/adlin.conf > /dev/null 2> /dev/null && {
|
|
privatekey="$(grep PrivateKey /etc/wireguard/adlin.conf | head -n 1 | sed -r 's/^.*=\s*(.+)\s*$/\1/')"
|
|
}
|
|
publickey="$(echo $privatekey | wg pubkey)"
|
|
|
|
umask 077
|
|
mkdir -p /etc/wireguard
|
|
cat > /etc/wireguard/adlin.conf <<EOF
|
|
[Interface]
|
|
PrivateKey = $privatekey
|
|
EOF
|
|
|
|
adlin "${publickey}" | curl -f -d @- http://wg.adlin.nemunai.re/register >> /etc/wireguard/adlin.conf &&
|
|
echo -e "[\\e[01;32m+\\e[0m] \\e[01;32mSuccess.\\e[0m Tunnel configuration written to \\e[01m/etc/wireguard/adlin.conf\\e[0m; you have to use the address: \\e[01m$(grep Address= /etc/wireguard/adlin.conf | sed -r 's/^.*=(.*)$/\1/')\\e[0m" || echo -e "[\\e[01;31m-\\e[0m] \\e[01;31mFailure\\e[0m"
|
|
mode: "0755"
|