diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2022-01-02 17:25:16 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2022-01-02 17:25:16 -0300 |
| commit | 5f1dc34fb0cb9fc219eddee315d89260f591ef57 (patch) | |
| tree | ff741a4530bf459edb5dc2f0631ce59600873f59 | |
| parent | 85ec371c4a4d0556b4cfd992e4eaa6aa699c406b (diff) | |
| download | puppet-nodo-5f1dc34fb0cb9fc219eddee315d89260f591ef57.tar.gz puppet-nodo-5f1dc34fb0cb9fc219eddee315d89260f591ef57.tar.bz2 | |
Some TPC changes
| -rw-r--r-- | files/etc/NetworkManager/conf.d/00-macchanger.conf | 6 | ||||
| -rw-r--r-- | manifests/base/personal.pp | 3 | ||||
| -rw-r--r-- | manifests/role/tpc.pp | 12 | ||||
| -rw-r--r-- | manifests/subsystem/network/macchanger.pp (renamed from manifests/subsystem/macchanger.pp) | 0 | ||||
| -rw-r--r-- | manifests/subsystem/network/manager.pp | 15 | ||||
| -rw-r--r-- | manifests/subsystem/network/manager/macchanger.pp | 18 | ||||
| -rw-r--r-- | manifests/subsystem/network/wicd.pp (renamed from manifests/utils/network/wicd.pp) | 2 | ||||
| -rw-r--r-- | manifests/subsystem/network/wicd/macchanger.pp (renamed from manifests/subsystem/macchanger/wicd.pp) | 6 | ||||
| -rw-r--r-- | manifests/utils/development/virtual.pp | 2 | ||||
| -rw-r--r-- | manifests/utils/laptop.pp | 2 | ||||
| -rw-r--r-- | manifests/utils/laptop/debian.pp | 4 | ||||
| -rw-r--r-- | manifests/utils/personal.pp | 2 |
12 files changed, 59 insertions, 13 deletions
diff --git a/files/etc/NetworkManager/conf.d/00-macchanger.conf b/files/etc/NetworkManager/conf.d/00-macchanger.conf new file mode 100644 index 0000000..17f6bbb --- /dev/null +++ b/files/etc/NetworkManager/conf.d/00-macchanger.conf @@ -0,0 +1,6 @@ +[device] +wifi.scan-rand-mac-address=yes + +[connection] +ethernet.cloned-mac-address=random +wifi.cloned-mac-address=random diff --git a/manifests/base/personal.pp b/manifests/base/personal.pp index f4fe3d9..852d023 100644 --- a/manifests/base/personal.pp +++ b/manifests/base/personal.pp @@ -23,7 +23,8 @@ class nodo::base::personal { #} # Development - file { [ "/var/cache/vagrant", "/var/cache/virtualbox", "/var/cache/qemu" ]: + #file { [ "/var/cache/vagrant", "/var/cache/virtualbox", "/var/cache/qemu" ]: + file { [ "/var/cache/qemu" ]: ensure => directory, mode => '0755', } diff --git a/manifests/role/tpc.pp b/manifests/role/tpc.pp index cdc46fe..aa37f53 100644 --- a/manifests/role/tpc.pp +++ b/manifests/role/tpc.pp @@ -1,8 +1,12 @@ # Trusted Personal Computer -class nodo::role::tpc inherits nodo::base::laptop { +class nodo::role::tpc( + $version = '1', +) { + include nodo::base::laptop #include nodo::utils::web::hardened #include nodo::subsystem::udev::network - include nodo::utils::network::wicd - include nodo::subsystem::macchanger::wicd - include onion::full + #include nodo::subsystem::network::wicd::macchanger + #include onion::full + include nodo::subsystem::network::manager::macchanger + include onion } diff --git a/manifests/subsystem/macchanger.pp b/manifests/subsystem/network/macchanger.pp index f5e5438..f5e5438 100644 --- a/manifests/subsystem/macchanger.pp +++ b/manifests/subsystem/network/macchanger.pp diff --git a/manifests/subsystem/network/manager.pp b/manifests/subsystem/network/manager.pp new file mode 100644 index 0000000..3b7a7cf --- /dev/null +++ b/manifests/subsystem/network/manager.pp @@ -0,0 +1,15 @@ +class nodo::subsystem::network::manager ( + $ensure = 'installed', +) { + package { [ + 'network-manager', + 'nm-tray', + ]: + ensure => $ensure, + } + + service { 'network-manager': + ensure => running, + require => Package['network-manager'], + } +} diff --git a/manifests/subsystem/network/manager/macchanger.pp b/manifests/subsystem/network/manager/macchanger.pp new file mode 100644 index 0000000..248ac7f --- /dev/null +++ b/manifests/subsystem/network/manager/macchanger.pp @@ -0,0 +1,18 @@ +# See https://networkmanager.dev/docs/api/latest/NetworkManager.conf.html +# https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ +# https://fedoramagazine.org/randomize-mac-address-nm/ +# https://ofstack.com/Linux/29692/linux-uses-networkmanager-to-randomly-generate-your-mac-address.html +# https://re00.home.blog/2019/10/10/random-mac-nm/ +# https://forums.kali.org/showthread.php?34221-Turning-off-Mac-address-randomization-in-Network-Manager-one-method +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879484 +class nodo::subsystem::network::manager::macchanger inherits nodo::subsystem::network::manager { + file { '/etc/NetworkManager/conf.d/00-macchanger.conf': + ensure => present, + owner => root, + group => root, + mode => '0644', + source => 'puppet:///modules/nodo/etc/NetworkManager/conf.d/00-macchanger.conf', + require => Package['network-manager'], + notify => Service['network-manager'], + } +} diff --git a/manifests/utils/network/wicd.pp b/manifests/subsystem/network/wicd.pp index 86af12a..7f221f6 100644 --- a/manifests/utils/network/wicd.pp +++ b/manifests/subsystem/network/wicd.pp @@ -1,4 +1,4 @@ -class nodo::utils::network::wicd ( +class nodo::subsystem::network::wicd ( $ensure = 'installed', ) { package { [ diff --git a/manifests/subsystem/macchanger/wicd.pp b/manifests/subsystem/network/wicd/macchanger.pp index 414cb78..c5dafc3 100644 --- a/manifests/subsystem/macchanger/wicd.pp +++ b/manifests/subsystem/network/wicd/macchanger.pp @@ -1,4 +1,6 @@ -class nodo::subsystem::macchanger::wicd inherits nodo::subsystem::macchanger { +class nodo::subsystem::network::wicd::macchanger inherits nodo:subsystem::network::wicd { + include nodo::subsystem::macchanger + file { '/etc/wicd/scripts/preconnect/macchanger': ensure => present, owner => root, @@ -6,4 +8,4 @@ class nodo::subsystem::macchanger::wicd inherits nodo::subsystem::macchanger { mode => '0755', source => 'puppet:///modules/nodo/etc/wicd/macchanger', } -} +} diff --git a/manifests/utils/development/virtual.pp b/manifests/utils/development/virtual.pp index dae3525..59f3984 100644 --- a/manifests/utils/development/virtual.pp +++ b/manifests/utils/development/virtual.pp @@ -1,7 +1,6 @@ class nodo::utils::development::virtual inherits nodo::utils::virtual { package { [ # For development with virtual machines and containers - 'vagrant', #'vagrant-libvirt', #'docker.io', #'packer', @@ -22,6 +21,7 @@ class nodo::utils::development::virtual inherits nodo::utils::virtual { # Discontinued # https://lists.debian.org/msgid-search/aeb59515ee63c658e40927a401fd1b200747a168.camel@liw.fi package { [ + 'vagrant', 'vmdebootstrap', ]: ensure => absent, diff --git a/manifests/utils/laptop.pp b/manifests/utils/laptop.pp index 9a27368..3969d89 100644 --- a/manifests/utils/laptop.pp +++ b/manifests/utils/laptop.pp @@ -1,7 +1,7 @@ # Common utilities for laptop class nodo::utils::laptop { case $::operatingsystem { - debian: { + debian: { include nodo::utils::laptop::debian } default: { } diff --git a/manifests/utils/laptop/debian.pp b/manifests/utils/laptop/debian.pp index 6688542..bf180c3 100644 --- a/manifests/utils/laptop/debian.pp +++ b/manifests/utils/laptop/debian.pp @@ -39,12 +39,12 @@ class nodo::utils::laptop::debian { # Misc #package { [ - # 'module-assistant', + # 'module-assistant', # 'ekiga', # 'mumble', # 'usb-modeswitch', # 'gnokii', - # 'sharutils', + # 'sharutils', #]: # ensure => installed, #} diff --git a/manifests/utils/personal.pp b/manifests/utils/personal.pp index 83fa7bc..a7de82c 100644 --- a/manifests/utils/personal.pp +++ b/manifests/utils/personal.pp @@ -1,7 +1,7 @@ # Common utilities for personal computers class nodo::utils::personal { case $::operatingsystem { - debian: { + debian: { include nodo::utils::bundle::debian } default: { } |