diff options
-rw-r--r-- | docs/todo.md | 1 | ||||
-rw-r--r-- | kvmxfile | 246 | ||||
-rw-r--r-- | mkdocs.yml | 2 | ||||
-rwxr-xr-x | scripts/provision | 66 | ||||
-rwxr-xr-x | scripts/watch | 19 |
5 files changed, 332 insertions, 2 deletions
diff --git a/docs/todo.md b/docs/todo.md index 71a5f2f..0ecaaea 100644 --- a/docs/todo.md +++ b/docs/todo.md @@ -4,7 +4,6 @@ Lista de tarefas deste projeto. ## MkDocs -* Setup [mkdocs-material](https://squidfunk.github.io/mkdocs-material/). * Setup [mkdocs-i18n](https://pypi.org/project/mkdocs-i18n/). ## Protocol Suite diff --git a/kvmxfile b/kvmxfile new file mode 100644 index 0000000..4903f8c --- /dev/null +++ b/kvmxfile @@ -0,0 +1,246 @@ +# +# Sample kvmx file - https://kvmx.fluxo.info +# + +# Hostname +hostname="protocolos" + +# Which base box you should use. Leave unconfigured to use kvmx-create instead. +basebox="dev" + +# First user name +user="user" + +# First user password +password="`head -c 40 /dev/urandom | base64`" + +# Networking +#net="tap" +net="user" + +# DNS config +#net_dns="192.168.1.1" +#net_dns="host" # copy /etc/resolv.conf from host when creating the box + +# Networking: tap config only +# This setting is used during virtual machine bootstrapping by kvmx-create. +#net_ip="10.1.1.2" +#net_mask="255.255.255.0" +#net_gateway="10.1.1.1" + +# Set this is you want to be able to share a single folder between host and guest. +# Needs ssh_support set to "y" and a workable SSH connection to the guest. +#shared_folder="." +#shared_folder_mountpoint="/home/$user/code/$VM" +#shared_folder="$HOME/temp/shared/$VM" +#shared_folder_mountpoint="/home/$user/temp/shared/$VM" +#shared_folder_mountpoint="/srv/shared" +#shared_folder_mountpoint="/srv/kvmx" +#shared_folder_mountpoint="/vagrant" + +# Set this is you want to be able to share multiple folders between host and guest using 9p. +# Needs ssh_support set to "y" and a workable SSH connection to the guest. +# Format: <id1>:<host-folder1>:<guest-mountpoint1>,<id2>:<host-folder2>:<guest-mountpoint2>[,...] +#shared_folders="shared1:.:/home/$user/code/$VM,shared2:$HOME/.local/share/app:/home/$user/.local/share/app" +shared_folders="shared:.:/srv/shared" + +# Maximum packet size including any headers for shared folders using 9p +# See https://forums.lime-technology.com/topic/34691-9p-sharing-speed-not-what-i-expected/ +# https://github.com/clearcontainers/hyperstart/pull/25 +#shared_folders_msize="524288" + +# Shared folders caching +# See https://www.kernel.org/doc/Documentation/filesystems/9p.txt +#shared_folders_cache="none" + +# Set this is you want to be able to share multiple folders between host and guest using SSHFS. +# Needs ssh_support set to "y" and a workable SSH connection to the guest. +# Format: <id1>:<guest-folder1>:<host-mountpoint1>,<id2>:<guest-folder2>:<host-mountpoint2>[,...] +#shared_folders_sshfs="shared1:/home/$user/code/$VM:.,shared2:/home/$user/.local/share/app:$HOME/.local/share/app" + +# Folder to sync during provisioning in the format "/host/folder1 /guest/folder1,/host/folder2 /guest/folder2[,...]". +# Needs ssh_support set to "y" and a workable SSH connection to the guest. +#provision_rsync="$KVMX_BASE/share/provision/ /usr/local/share/kvmx/provision/" +#provision_rsync="puppet/ /etc/puppet/" + +# Options for provision_rsync +#provision_rsync_opts="--exclude=somefolder" + +# Absolute path for a provision script located inside the guest. +# Needs ssh_support set to "y" and a workable SSH connection to the guest. +#provision_command="sudo apt-get update && sudo apt-get dist-upgrade -y && sudo apt-get autoremove -y && sudo apt-get clean" +#provision_command="/usr/local/share/kvmx/provision/debian/development && /etc/puppet/bin/provision && /etc/puppet/bin/deploy" +#provision_command="/usr/local/share/kvmx/provision/debian/development && /etc/puppet/bin/deploy" +#provision_command="/usr/local/share/kvmx/provision/debian/development && /home/$user/code/$VM/bin/custom-provisioner" +#provision_command="/usr/local/share/kvmx/provision/debian/development" +#provision_command="/usr/local/share/kvmx/provision/debian/trashman" +#provision_command="/usr/local/share/kvmx/provision/debian/desktop-basic" +provision_command="/usr/local/share/kvmx/provision/debian/development && /srv/shared/scripts/provision" + +# Startup command +#startup_command="/path/to/custom/command" +startup_command="hydractl aperiodic-upgrade" +# Make serve might running from the outside, so this is left commented +#startup_command="make -C /srv/shared serve" + +# Pre-poweroff command +#poweroff_pre_command="/path/to/custom/command" + +# Rsync commands to be run on startup or poweroff, useful to keep files synced between host and guest +#startup_rsync_to_guest="data:data:/var/data,code:$HOME/code:/home/user/code" +#poweroff_rsync_from_guest="data:/var/data:data,code:/home/user/code:$HOME/code" + +# Graphics +# See https://wiki.archlinux.org/index.php/QEMU#Graphics +#graphics="-vga std -nographic -vnc :$GUEST_DISPLAY" +graphics="-vga qxl" + +# VNC Client +#vnc_client="xtightvncviewer" +#vnc_client="xvnc4viewer" +#vnc_client="xvncviewer" +#vnc_client="vncviewer" +vnc_client="virt-viewer" + +# SPICE support +spice="1" + +# Set this if you want to attach an spice client when the machine boots. +run_spice_client="0" + +# SPICE client +#spice_client="spicec" +#spice_client="virt-viewer" +spice_client="spicy" + +# Set this if you want to start an xpra session when the machine boots. +run_xpra="0" + +# Set this if you want to start an xephyr session when the machine boots. +run_xephyr="0" + +# Set this if you want kvmx to redimension the guest screen according to host's screen dimension +# Requires ssh_support and xrandr installed on both host and guest +xrandr="0" + +# Xrandr device +#xrandr_device="qxl-0" +#xrandr_device="Virtual-0" + +# Set screen resolution +#resolution="1280x785" + +# Sound +#sound="0" +#sound="ac97" + +# Set additional hostfwd mappings +#port_mapping="hostfwd=tcp:127.0.0.1:8080-:80,hostfwd=tcp:127.0.0.1:8443-:443" +port_mapping="hostfwd=tcp:127.0.0.1:8040-:80" + +# Where the guest image is stored +#image="$HOME/.local/share/kvmx/$VM/box.img" + +# Use basebox image as a backing file for overlay images +# See https://wiki.archlinux.org/index.php/QEMU#Overlay_storage_images +backing_file="1" + +# Where datafiles are stored: just set this if you know what you're doing +#datadir="$HOME/.local/share/kvmx/$VM" + +# Drive type: use this if you want to run a Live CD/DVD/USB +#image_drive="cdrom" + +# Image type: file or device (kvmx-create only) +image_type="file" + +# Image size +size="10G" + +# Image format: raw or qcow2 +format="qcow2" + +# Image compression (qcow2 only) +qcow2_compression="1" + +# Bootstrap method: custom or vmdeboostrap +method="custom" + +# Domain +domain="example.org" + +# System arch +arch="amd64" + +# Box distribution when bootstraping a new image +version="bullseye" + +# Debian mirror +mirror="https://deb.debian.org/debian/" + +# Memory +memory="512" + +# Enables remote administration using SSH. With this configuration enabled, +# kvmx will be able to administer a running virtual machine using SSH access +# inside the virtual machine. +ssh_support="y" + +# Use a custom, per-virtual-machine generated SSH keypair. If you disable this +# configuration but still want guest administration using SSH, the default +# insecure keypair will be used. +# +# Please note that this setting won't take effect if you're using a basebox. +# In that case the basebox keypair will be used if it exists, otherwise kvmx +# fallsback to the default insecure keypair. +# +# This setting is used during virtual machine bootstrapping by kvmx-create. +ssh_custom="y" + +# Use this config if you want kvmx-create to include a specif SSH pubkey +# It might be a path for an existing pubkey file or the public key itself. +# +# Make sure to have this key available when trying to SSH into the guest using kvmx +#ssh_custom_pubkey="/home/myhostuser/.ssh/id_rsa.pub" +#ssh_custom_pubkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVFmJ2UDn2dK3nHHAkHzt8F4AfrXTFiGa+guem92S/pztMGAUDjEZBYEW3mZ8ATyo4GoPZ92tkjmra0Fgv6ETIox+SPWbzzjhzbv2CQUTWvF6PEVwJbT1PTzaIVRiDYf+yX7e3Y8HcmkAi60Cxs5Xr3HLkqdi2jYKFofCm58R+HGnRv1WSurPnf7C7KQBSW7E1S2CafW9VFHhGCzezyThjN+n3bJjgYFzPxdTlWyfW1T7Yv61/fqfuara0kpZx1l5pblpgbCTT7WKRIhwj1x0QTo/qDQ6k52tffiCVyMGJKvires9yp5qT5Y+ldssBKDa8muRF/dh7/UCyxvcm3HTDjWG24Sr4r9JWbhkqF89UePlOw5j73qw4gzT7YQ38tzz2XI5weAL1OXM6qhCbOwfPXwYbB5xM4g62WZugtcCLan6Iy8hvoiRIJ1MU2ar73wunghQQ84oNIrEVezJsuZxwxVbe45ulnM7x4Hqeu6jmOutWFkdkAHsqd1E3zTOS1RURwi0TpnD+iWwD7FOA9c8B6AWP4i9XVW6BLi1waARrS3bVnOh3djc20fVsClfEDDXFg2KiTeQaAWfjLguyUmxysSiUC2pnibd1bEDtdfPlkA2jaE2nAn6Tw7Vp5zd8P1d1trLMx3YkRq5uQSPqnfQDKoYH5FPMlNTbMINLC56ijw== user@kvmx" + +# Bootloader (used only during bootstrapping by kvmx-create). +bootloader="grub" + +# Drive interface +#drive_interface="ide" # Needed by some systems like NetBSD and FreeBSD +#drive_interface="virtio,cache=none,index=0,format=raw" # For raw devices + +# See http://www.reactos.org/wiki/QEMU#Setting_up_network +#nic_model="ne2k_pci" + +# USB support +# +# Allowed values: +# +# 0 - No USB support +# 1 - Support for USB 1.0 +# 2 - Support for USB 1.0 and 2.0 +# 3 - Support for USB 1.0, 2.0 and 3.0 +# +#usb="0" + +# Additional qemu opts +# Example: http://www.linux-kvm.org/page/USB_Host_Device_Assigned_to_Guest +# See also: https://qemu.readthedocs.io/en/latest/system/usb.html +# https://wiki.gentoo.org/wiki/QEMU/Windows_guest +#qemu_opts="-device usb-host,hostbus=2,hostaddr=3" # Automatically attach an specific USB device +#qemu_opts="" + +# Number of CPUs +#smp="4" + +# Enviroment passed to SSH commands +#ssh_env="TERM=xterm" + +# Whether to be managed by kvmx-supervise +#supervise_manage="1" + +# VirtIO RNG parameters +# See https://wiki.qemu.org/Features/VirtIORNG +#virtio_rng="max-bytes=128,period=1000" @@ -11,7 +11,7 @@ site_dir : site dev_addr : '0.0.0.0:8040' theme: - name : readthedocs + name : material collapse_navigation: true titles_only : false diff --git a/scripts/provision b/scripts/provision new file mode 100755 index 0000000..cf7b5d7 --- /dev/null +++ b/scripts/provision @@ -0,0 +1,66 @@ +#!/bin/bash +# +# Provisioner +# + +# Parameters +DIRNAME="`dirname $0`" + +# Basic dependencies +DEPENDENCIES="mkdocs apache2 python3-pip pandoc pandoc-citeproc" + +# Dependenicies for genesis-get +DEPENDENCIES="$DEPENDENCIES tor python3-requests python3-bs4 python3-socks python3-pybtex python3-tqdm" + +# PyPI dependencies +DEPENDENCIES_PIP="mkdocs-bibtex mkdocs-material" + +# Ensure an up-to-date system +sudo apt-get update && sudo apt-get dist-upgrade -y && sudo apt-get autoremove -y && sudo apt-get clean + +# Install dependencies +sudo apt install -y $DEPENDENCIES + +# Install python dependencies +pip3 install $DEPENDENCIES_PIP + +# Configure an onion service +trashman install tor-onion-service + +# Configure virtual host for the Onion Service +cat <<-EOF | sudo tee /etc/apache2/sites-available/onion.conf > /dev/null +<VirtualHost *:80> + ServerName localhost + ServerAlias *.onion + DocumentRoot "/srv/shared/site" + + <Directory /srv/shared/site> + AuthType Basic + AuthName "Protected" + AuthUserFile /srv/shared/.htpasswd + Require valid-user + </Directory> +</VirtualHost> +EOF + +# Configure virtual host for the local service +cat <<-EOF | sudo tee /etc/apache2/sites-available/local.conf > /dev/null +<VirtualHost *:80> + ServerName protocolos.local + DocumentRoot "/srv/shared/site" + + <Directory /srv/shared/site> + Options Indexes FollowSymLinks + AllowOverride All + Require all granted + </Directory> +</VirtualHost> +EOF + +# Enable virtual host +sudo a2ensite onion local +sudo systemctl reload apache2 + +# Configure PATH +mkdir -p ~/.custom +echo 'export PATH=$PATH:/srv/shared/scripts' > ~/.custom/profile diff --git a/scripts/watch b/scripts/watch new file mode 100755 index 0000000..cb7f290 --- /dev/null +++ b/scripts/watch @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +# +# Inotify builder +# + +# Parameters +BASENAME="`basename $0`" +DIRNAME="$(cd `dirname $0` &> /dev/null && pwd)" +BASEDIR="$DIRNAME/.." +WATCHED="branches" + +# Got to the base folder +cd $BASEDIR + +# Dispatch +while inotifywait -r $WATCHED; do + #mkdocs build + kvmx ssh make -C /srv/shared compile +done |