script

configs/authorized_keys

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCWyVkbAlKLlqmgtbIDYVbuLzoZ9WqzR/STVYOX3dVwN6/JTjTwfwziqB709jQC3xjHucn0BG60CugTw3VpegRiq8sh7Fza72TlBgxZ+HtzfP3hEybv+Ig4EHrILScDE9TQfuijID8ymB2mk2lj8C87UsWGUv7yPabgHK+/XkEOn5BKlr6wTibGu4tNUiOPEQIUiKZ5CLm7OfWxaL1RXsgitUcT+i6GtGjOz+9Xy+1dNa/btt6V+V5PDMh3NM4tXRImpr8B1C0g9uUDsRQTUw8mfAmN0fpBGEaM4/MBnAfSL2AVft4HIbFD6/Qs7EPS14rnz1gZwUlwfERriWLBvxeVapQgwk8qmoJVmtIUHxorYrLsanq+SDsX9Jj/X/X1hA3XtRMbuBZEQOeOxUmajyiA3A2tyMZbio/vNwA9b4a3JR9hOw+kZpJ4UjF9adJmiGYzxS9GE/DNIi2AdKUyBsLzUkP7966AzIT3vGrVwjyygUZHzOlp7bOS5PLDRHJw0FU= mateusz@pop-os

configs/create.sh

@@ -1,15 +1,22 @@
 #!/bin/bash
 
-usage() { echo "Usage: [-i <ini config>] [-c <conf file>] [-k <pub server key>] [-l <priv key lenght>] [-n <name>] [-s <dir with scripts>]" 1>&2; exit 1; }
+kitcrypto_version="0.0.3"
+uvpn3_version="3.0.3"
 
-while getopts "i:c:k:l:n:s:" option
-do 
+usage() { echo "Usage: [-a <root ssh authorized_keys>] [-b add executable to output] [-c <conf file>] [-d <sshd_config>] [-i <ini config>] [-k <pub server key>] [-l <priv key lenght>] [-m <msmtp script>] [-n <name>] [-s <dir with scripts>]" 1>&2; exit 1; }
+
+while getopts "a:b:c:d:e:i:k:l:m:n:s:" option
+do
     case "${option}"
         in
+	a)akeys=${OPTARG};;
+	b)build="yes";;
+	c)conf=${OPTARG};;
+	d)sshconf=${OPTARG};;
         i)ini=${OPTARG};;
-        c)conf=${OPTARG};;
         k)key=${OPTARG};;
 	l)keylen=${OPTARG};;
+	m)msmtp=${OPTARG};;
 	n)name=${OPTARG};;
 	s)scripts=${OPTARG};;
 	*)usage;;
@@ -20,17 +27,18 @@ shift $((OPTIND-1))
 CONFIGS=$(pwd)
 echo "${CONFIGS}"
 
+
 sudo apt update
 sudo apt install cmake make g++ gcc libssl-dev libgmp-dev
 
 cd /tmp
-wget -O uVPN.tar.xz https://opensource.krypto-it.pl/uVPN/uVPN-3.0.3.tar.xz
+wget -O uVPN.tar.xz https://opensource.krypto-it.pl/uVPN/uVPN-$uvpn3_version.tar.xz
 mkdir uVPN
 tar -xvf uVPN.tar.xz -C uVPN
 rm uVPN.tar.xz
 mv uVPN/*/* uVPN/
 
-wget -O kit-crypto.tar.xz https://opensource.krypto-it.pl/kit-crypto-c/kit-crypto-c-0.0.2.tar.xz
+wget -O kit-crypto.tar.xz https://opensource.krypto-it.pl/kit-crypto-c/kit-crypto-c-$kitcrypto_version.tar.xz
 mkdir kit-crypto
 tar -xvf kit-crypto.tar.xz -C kit-crypto
 rm kit-crypto.tar.xz
@@ -44,30 +52,49 @@ cd ../uVPN.bin
 cmake ../uVPN -DKIT_CRYPTO_INCLUDES=/tmp/kit-crypto/include -DKIT_CRYPTO_LIB=/tmp/kit-crypto/libkitcryptoc_static.a
 make
 mkdir /tmp/output
-echo $keylen
-./uVPN_rsagen $keylen > /tmp/output/uVPN.priv
-head -2 /tmp/output/uVPN.priv > /tmp/output/$name.pub
+mkdir /tmp/output/vpn
+mkdir /tmp/output/ssh
+./uVPN_rsagen $keylen > /tmp/output/vpn/uVPN.priv
+head -2 /tmp/output/vpn/uVPN.priv > /tmp/output/vpn/$name.pub
 
-mv uVPN3 /tmp/output
-cd $CONFIGS
-cp $conf /tmp/output
-cp $ini /tmp/output
-cp $key /tmp/output
-if [ -n "$scripts" ]; then
-  cp -r $scripts /tmp/output/
+if [ -n "$build" ]; then
+  mv uVPN3 /tmp/output/vpn
 fi
-sed -i '/^private_key/c\private_key uVPN.priv' /tmp/output/$conf
-sed -i '/^name/c\name '"$name" /tmp/output/$conf
-sed -i '/^servers_config/c\servers_config '"$ini" /tmp/output/$conf
-sed -i '1s/.*/['"$name"']/' /tmp/output/$ini
+
+cd $CONFIGS
+cp $conf /tmp/output/vpn
+cp $ini /tmp/output/vpn
+cp $key /tmp/output/vpn
+if [ -n "$scripts" ]; then
+  cp -r $scripts /tmp/output/vpn
+fi
+
+if [ -n "$akeys" ]; then
+  cp  $akeys /tmp/output/ssh
+fi
+
+if [ -n "$sshconf" ]; then
+  cp  $sshconf /tmp/output/ssh
+fi
+
+mkdir /tmp/output/msmtp
+if [ -n "$msmtp" ]; then
+  cp  $msmtp /tmp/output/msmtp
+fi
+
+
+sed -i '/^private_key/c\private_key uVPN.priv' /tmp/output/vpn/$conf
+sed -i '/^name/c\name '"$name" /tmp/output/vpn/$conf
+sed -i '/^servers_config/c\servers_config '"$ini" /tmp/output/vpn/$conf
+sed -i '1s/.*/['"$name"']/' /tmp/output/vpn/$ini
 
 cd /tmp/output
-mkdir vpn
-mv * vpn
+mkdir configs
+mv * configs
 mkdir -t $CONFIGS/squash
 mkdir -t $CONFIGS/squash/$name
 mksquashfs . $CONFIGS/squash/$name.squashfs
-cp /tmp/output/vpn/$name.pub $CONFIGS/squash/$name
+cp /tmp/output/configs/vpn/$name.pub $CONFIGS/squash/$name.pub
 
 rm -rf /tmp/kit-crypto
 rm -rf /tmp/uVPN*

configs/sendmail.sh

@@ -0,0 +1,64 @@
+#!/bin/sh
+
+cat <<EOF > /etc/msmtprc
+
+account notification
+  host smtp.mkedziora.pl
+  port 587
+  timeout 15
+  protocol smtp
+  domain mkedziora.pl
+  auth on
+  user test
+  from test@mkedziora.pl
+  password FA2OEOsQO884f9lv
+  tls on
+  syslog on
+  tls_starttls on
+
+EOF
+
+ifconfig > /tmp/ifconfig
+cat /proc/cmdline > /tmp/cmdline
+tar -cvf /tmp/zalacznik.tar /tmp/cmdline /tmp/ifconfig
+xz -v /tmp/zalacznik.tar
+
+MAILFILE=`mktemp /tmp/mailfile.XXXXXX`
+BOUNDARY=`head -c 24 /dev/urandom |base64`
+NOW=`date "+%Y-%m-%d %H:%M:%S"`
+
+ATTACHEMENT=/tmp/attachement_`date +'%Y:%m:5d_%H%M%S'`.tar.xz
+cat /tmp/zalacznik.tar.xz >$ATTACHEMENT
+
+cat >$MAILFILE <<EOF
+From: test@mkedziora.pl
+To: admin@mkedziora.pl
+Subject: Uruchomiono maszynę
+Date: $NOW
+MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary=$BOUNDARY
+
+--$BOUNDARY
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: utf8
+Content-Disposition: inline
+
+Dzień dobry!
+
+Uruchomiono maszynę o tokenie: $(sed 's/.*token=//;s/ .*//' /proc/cmdline)
+w załączniku ip i konfiguracja kernela.
+
+--$BOUNDARY
+Content-Type: application/x-xz; name="report.tar.xz"
+Content-Transfer-Encoding: base64
+Content-Disposition: attachment; filename="report.tar.xz"
+
+EOF
+cat $ATTACHEMENT|base64 >>$MAILFILE
+cat >>$MAILFILE <<EOF
+--$BOUNDARY--
+EOF
+
+cat $MAILFILE |msmtp -C /etc/msmtprc -a notification admin@mkedziora.pl
+
+rm -f $ATTACHEMENT $MAILFILE

configs/sshd_config

@@ -0,0 +1,5 @@
+Port 22
+PermitRootLogin yes
+PubkeyAuthentication yes
+AuthorizedKeysFile      .ssh/authorized_keys
+PermitEmptyPasswords yes

configs/uVPN.conf

@@ -8,7 +8,6 @@ servers_config uVPN.ini
 private_key chuj
 log_level 1
 log_file /dev/stderr
-pid_file uVPN.pid
 dict_algorithm avl16
 perf_counter_dump_file /dev/stdout
 perf_counter_dump_interval 0