add tnoe, begin home node rewrite

autorun.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=Autorun service
+
+[Service]
+ExecStart=/autorun
+Restart=Always
+
+[Install]
+WantedBy=multi-user.target

pi-purple/README.md

@@ -0,0 +1,22 @@
+# pi-Purple
+
+This is the host for the following services:
+- forge (port 200:http and 222:ssh)
+- fedi (port 4000:http->44404)
+- matrix (port 6167)
+- pad (port 1942)
+
+## Iterations
+
+1. Pi 5 with Raspbian, SD card
+2. Pi 5 with Archlinuxarm, NVME drive (current)
+
+## Users
+
+- root -> no services
+- tudbut -> ssh login
+- git -> forgejo
+- git-run -> forgejo-runner
+- akkoma -> akkoma
+- conduit -> matrix-conduit
+- pad -> hedgedoc

pi-purple/autorun

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# revpfw3 thread
+(
+  while true; do revpfw3 client tudbut.de 222 localhost 22 _____ ; sleep 5 ; done & disown
+  while true; do revpfw3 client tudbut.de 200 localhost 8200 _____ ; sleep 5 ; done & disown
+  while true; do revpfw3 client tudbut.de 6167 localhost 6167 _____ ; sleep 5 ; done & disown
+  while true; do revpfw3 client tudbut.de 44404 localhost 4000 _____ ; sleep 5 ; done & disown
+) > /var/log/autorun.revpfw3.log 2>&1 & disown
+
+sudo chmod a+rw /var/run/docker.sock
+for dir in /home/git-run/*/ ; do
+  sudo -u git-run bash -c "cd $dir; while true ; do forgejo-runner daemon > log 2>&1 ; done" & disown
+done
+
+while true; do sleep 60; done

pi/README.md

@@ -0,0 +1,18 @@
+# TudbuT-Pi
+
+This is the host for the following services:
+- data.tudbut.de (port 80:http->81)
+- irc (port 6667:irc)
+- irc bot (no ports)
+
+## Iterations
+
+1. Pi 3 B+ with Raspbian (wifi.service) ??
+2. Pi 3 B with Raspbian (wifi.service)
+2. (PLANNED) Pi 3 B with Archlinuxarm (autorun.service)
+
+## Users
+
+- root -> ssh login, irc bot
+- www-data -> nginx for data.tudbut.de
+- ircd -> inspircd

pi/homemgmt.spl

@@ -0,0 +1,55 @@
+"#time.spl" import
+
+"home node management" =program-name
+
+def remote, revpfwkey
+
+"revpfw.spl" import
+"network.spl" import
+
+"tudbut.de" =remote
+"REVPFWKEY" env:get =revpfwkey
+
+func panic-handler { |
+	
+}
+
+func main { exitcode | with args ;
+	"management system starting up." println
+	"init revpfw subsystem" println
+	&revpfw-watcher fork
+	1000 time:sleep;
+	"init ircbot subsystem" println
+	&ircbot-watcher fork
+	1000 time:sleep;
+	"init network monitor subsystem" println
+	&network-monitor fork
+	1000 time:sleep;
+}
+
+func watcher { | with statevar update delay ;
+	while { statevar call =>? [ ^ok &pop ] } {
+		def sa time:unixms =sa
+		update call
+		delay (time:unixms sa -) - dup 0 lt if { pop 0 } time:sleep;
+	}
+	:sjson<0> panic
+}
+
+func revpfw-watcher { |
+	[ ^ok ^down ] =revpfw-state
+	&revpfw-state &revpfw-update watcher<1000>
+}
+
+func ircbot-watcher { |
+	"ircbot -> service disabled" println
+	1 stop
+
+	[ ^ok ^down ] =ircbot-state
+	&ircbot-state &ircbot-update watcher<1000>
+}
+
+func network-monitor { |
+	[ ^ok ^up ] =network-state
+	&network-state &network-update watcher<30000>
+}

pi/tbot.sh

@@ -0,0 +1,98 @@
+bgpids="$$"
+
+function msg() {
+    echo "PRIVMSG $@" >> /tmp/$pid.in
+}
+
+pid=$$
+rm /tmp/$pid.in /tmp/$pid.out
+touch /tmp/$pid.in /tmp/$pid.out
+tail -f /tmp/$pid.in | telnet $@ 6667 > /tmp/$pid.out &
+tnpid=$!
+bgpids="$bgpids $!"
+tail -f /tmp/$pid.out | (
+    # Receiver
+    while true; do
+        read -r line
+        line=$(tr -d "*" <<< "$line")
+        echo "$line"
+        IFS=' ' read -ra split <<< "$line"
+        msg=""
+        for ((i=3; i<${#split[@]}; i++)) ; do
+            msg="$msg ${split[$i]}"
+        done
+        msg="${msg:2}"
+        channel="${split[2]}"
+        echo GOT MSG "$msg" in "$channel"
+        read -ra cmd <<< "$msg"
+
+        for arg in ${cmd[@]} ; do
+            case "$arg" in http*)
+                url=$(curl -H 'Content-Type: application/json' -H 'Authorization: Bearer 801fae8344e9c65b112a2acef9bdeeec9335b297' -X POST -d "{\"long_url\":\"$arg\"}" https://api-ssl.bitly.com/v4/shorten)
+                url=$(sed -E "s/^.*\"link\":\"//" <<< $url | sed -E "s/\".*$//g")
+                msg $channel ":I shortened that URL for you: $url"
+            ;; esac
+        done
+
+        case "$msg" in
+            "Nickname is already in use.")
+	        if [ $channel = "URLBot" ] ; then
+                	echo "QUIT :Stopping." >> /tmp/$pid.in
+        	        sleep 1
+	                kill $(cat /tmp/$pid.pids) >& /dev/null &
+                	exit 0
+		fi
+                ;;
+            "-disconnect")
+                #echo "QUIT :Stopping." >> /tmp/$pid.in
+                #sleep 1
+                #kill $(cat /tmp/$pid.pids) >& /dev/null &
+                #exit 0
+                ;;
+            -join\ *)
+                msg $channel :Joining "${cmd[1]}"
+                echo "JOIN ${cmd[1]}" >> /tmp/$pid.in
+                msg "${cmd[1]}" ":This is a bot to shorten URLs on IRC so console users who can't copy/paste can easily access URLs. You can make it leave using -leave, and you can make it rejoin by going to ###urlbot and typing -join #channel."
+                ;;
+            "-test")
+                msg $channel 'OK!'
+                ;;
+            "-sandwich")
+                msg $channel 'Spaghetti'
+                ;;
+            "-leave")
+                if [ "$channel" = '###urlbot' ]; then
+                    msg $channel ':I will not leave the ###urlbot channel.'
+                else
+                    msg $channel ':Goodbye.'
+                    echo "PART $channel" >> /tmp/$pid.in
+                fi
+                ;;
+            "URLBot")
+                msg $channel ":URLBot commands - They also work in /msg, but the bot won't respond that way."
+                msg $channel ':-join <channel> : Makes the bot join a channel'
+                msg $channel ':-test : Makes the bot reply "OK!"'
+                msg $channel ':-leave : Makes the bot leave this channel'
+                ;;
+        esac
+    done
+) &
+bgpids="$bgpids $!"
+(
+    while kill -0 $pid $tnpid >& /dev/null; do
+        sleep 20
+        echo "PONG $@" >> /tmp/$pid.in
+    done
+    echo "QUIT Stopping." >> /tmp/$pid.in
+    sleep 1
+    kill $(cat /tmp/$pid.pids) >& /dev/null &
+    exit 0
+) &
+bgpids="$bgpids $!"
+echo "$bgpids" > /tmp/$pid.pids
+sleep 2
+echo "USER URLBot * * ." >> /tmp/$pid.in
+echo "NICK URLBot" >> /tmp/$pid.in
+sleep 2
+echo "JOIN ###urlbot" >> /tmp/$pid.in
+while true; do sleep 1; done

pi/wifi

@@ -0,0 +1,124 @@
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: wificonn
+# Required-Start:       wpa_supplicant dhclient
+# Required-Stop:        wpa_supplicant dhclient
+# Default-Start:        0 1 2 3 4 5 6
+# Default-Stop:
+# Short-Description:    Start wificonn
+# Description:          Start wificonn
+### END INIT INFO
+
+# -> /etc/init.d/wifi
+# to be replaced by architecture similar to pi-purple
+
+
+# wificonn STARTER
+
+case "$1" in
+    "start")
+        # Ensure junk from previous instances is gone!
+        sleep 10
+        killall revpfw3 ssh
+        kill -0 $(cat /etc/serverpid) && sleep 60 && exit 20
+        echo -n "$$" > /etc/serverpid
+
+        # Start a thread to make sure the internet connectivity is NEVER lost!
+        (
+            OFF=0
+            while true; do
+                # Wait 0.5 minutes
+                sleep 300
+                if killall -0 revpfw3 > /dev/null 2>&1 ; then
+                    OFF=0
+                else
+                    if [[ $OFF = 1 ]] ; then
+                        reboot
+                    fi
+                    #OFF=1
+                fi
+            done
+        ) &
+        echo -n " $!" >> /etc/serverpid
+        (
+            OFF=0
+            while true; do
+                # Wait 0.5 minutes
+                sleep 300
+                if ping -c 1 tudbut.de > /dev/null 2>&1 ; then
+                    OFF=0
+                else
+                    if [[ $OFF = 1 ]] ; then
+                        reboot
+                    fi
+                    OFF=1
+                fi
+            done
+        ) &
+        echo -n " $!" >> /etc/serverpid
+
+        # no dont do that
+        ## # Start wificonn service
+        ## /bin/wificonn
+        # start dhclient instead
+        #(cd $(cat /etc/server_dir); while true; do java -jar $(cat /etc/server_jar); done) &
+        # Wait 5 seconds
+        sleep 5
+        # Start a thread to make sure the important portfws are running
+        (
+            while true ; do
+                echo Starting remote revpfw
+                echo "echo STARTING; killall revpfw3 && echo KILLED; sleep 2" | ssh -o StrictHostKeyChecking=no root@tudbut.de
+                #echo "cd server ; revpfw3 server 25565 _____ & echo STARTED MCS" | ssh -o StrictHostKeyChecking=no root@tudbut.de &
+                echo "cd server ; revpfw3 server 23 _____ & echo STARTED SSH" | ssh -o StrictHostKeyChecking=no root@tudbut.de &
+                echo "cd server ; revpfw3 server 81 _____ & echo STARTED WEB" | ssh -o StrictHostKeyChecking=no root@tudbut.de &
+                echo "cd server ; revpfw3 server 6667 _____ & echo STARTED IRC" | ssh -o StrictHostKeyChecking=no root@tudbut.de &
+                echo Wait 5 seconds for the portfw servers to start up
+                sleep 5
+
+                echo Connect to portfw servers
+                #revpfw3 client tudbut.de 25565 localhost 25565 _____ &
+                #PID1="$!"
+                PID1=1
+                revpfw3 client tudbut.de 23 localhost 22 _____ &
+                PID2="$!"
+                revpfw3 client tudbut.de 81 localhost 80 _____ &
+                PID3="$!"
+                revpfw3 client tudbut.de 6667 localhost 6667 _____ &
+                PID4="$!"
+                echo Wait 3 seconds for the connections to form
+                sleep 3
+
+                echo Start the IRC bots
+                ircbots
+                echo Wait 0.5 seconds for the IRC bots to start up
+                sleep 0.5
+
+                # Ensure all services are running
+                while kill -0 $PID1 && kill -0 $PID2 && kill -0 $PID3 && kill -0 $PID4 ; do
+                    # Wait 1 second to not stress CPU too much
+                    sleep 1
+                done
+                # Wait 1 second
+                sleep 1
+                kill $PID2 $PID3 $PID4 # $PID1
+            done
+        ) &
+        echo -n " $!" >> /etc/serverpid
+        # bash -c 'cd ~www/cooking && python3 -m http.server 6003' &
+        # while true; do revpfw3 client 8b8t.xyz 6003 localhost 6003 _____ ; sleep 3 ; done &
+        #sleep 30
+	    #discordirc
+        while true; do sleep 10; done
+        ;;
+    "stop")
+        killall revpfw3
+        # Wait 2 seconds
+        sleep 1
+        kill $(cat /etc/serverpid)
+        sleep 5
+        killall -9 revpfw3
+        kill -9 $(cat /etc/serverpid)
+        killall /etc/init.d/wifi
+        ;;
+esac & disown

tnoe/tnoegatherer.spl

@@ -0,0 +1,21 @@
+"#httpserver/base.spl" import
+
+func main { exitcode | with args ;
+	def server
+	net:http:Server:new<"::0" 4000> =server
+	"Started listening on ::0:4000" println
+	"ip a:" println
+
+	[ "ip" "a" ] command-wait;
+	
+	while { 1 } {
+		server:accept
+			dup :read
+			dup :path println
+			dup :body _str println
+				:write-ok:write-str-body<"">:finish;
+		
+	}
+
+	0
+}

tnoe/tnoemgmt.spl

@@ -0,0 +1,194 @@
+
+"#stream.spl" import
+"#time.spl" import
+"#json.spl" import
+
+def state, network, connections
+
+[ ^bring-up ] =state
+"johlg" =network
+6 =connections
+
+include json:_StringyJSON in array
+
+func panic-handler { |
+	catch IO {
+		"status" StreamTypes:file:create<1>
+			dup :write-exact<[ ^dead [ ^panic ] ] :sjson<0> "\n" concat :to-bytes>
+				:close;
+	} { with e ;
+		"fuck.";
+	}
+}
+
+func main { exitcode | with args ;
+	start-timer =>? ^ok not if {
+		"error " print :sjson<0> print " in state: " state:sjson<0> concat println
+		"error in timers" panic
+	}
+	0
+}
+
+func start-timer { result |
+	def sa time:unixms =sa
+	1 while { } {
+		1000 time:unixms sa - - dup 0 lt if { pop 0 } time:sleep;
+		time:unixms =sa
+		
+		def v
+		timer-run 
+			dup :sjson<0>
+				dup println
+					=v
+					catch IO {
+						"status" StreamTypes:file:create<1>
+							dup :write-exact<v "\n" concat :to-bytes>
+								:close;
+					} {
+						[ ^err "no fs access" "status" ] 3 stop
+					}
+			dup => [ ^reboot &=v ] if {
+					"" println
+					"reboot requested because " v concat "." concat println
+					catch IO {
+						"deny-reboot" read-file "no" eq not if {
+							"reboot denied because deny-reboot is set. need manual help"
+							pop [ ^err "reboot denied" ] 3 stop
+						}
+					} { pop }
+					catch IO {
+						"deny-reboot" StreamTypes:file:create<1>
+							dup :write-exact<"yes" :to-bytes>
+								:close;
+					} {
+						[ ^err "no fs access" "deny-reboot" ] 3 stop
+					}
+					while { 1 } {
+						fork<|
+							"status" StreamTypes:file:create<1>
+								dup :write-exact<[ ^dead v ] :sjson<0> "\n" concat :to-bytes>
+									:close;
+							catch {
+								[ "sudo" "reboot" ] command-wait;
+							} { pop }
+						>
+						5000 time:sleep;
+					}
+				}
+				=>? [ ^ok &pop ]
+	} 
+}
+
+func timer-run { result |
+	def wait-time
+
+	device-present not if {
+		[ ^reboot "device not present" ]
+		2 stop
+	}
+
+	state => [ ^fix-device ] if {
+		fix-device
+		2 stop
+	}
+
+	state => [ ^bring-up ] if {
+		switch-networks =>? [ ^err "nmcli failed" ] if {
+			[ ^fix-device ] =state
+			[ ^ok state ] 3 stop
+		} dup => [ ^ok &pop ] if {
+			3 stop
+		}
+	}
+
+	is-network-up not if {
+		[ ^bring-up ] =state
+		[ ^ok state ] 2 stop
+	}
+
+	state => [ ^waiting &=wait-time ] if {
+		wait-time 0 eq if {
+			[ ^bring-up ] =state
+			[ ^ok state ] 3 stop
+		}
+		[ ^waiting wait-time 1 - ] =state
+		[ ^ok state ] 2 stop
+	}
+
+	state => [ ^connecting &=wait-time ] if {
+		is-network-up if {
+			[ ^waiting 60 20 * ] =state
+			catch IO {
+				"deny-reboot" StreamTypes:file:create<1>
+					dup :write-exact<"no" :to-bytes>
+						:close;
+			} {
+				[ ^err "no fs access" "deny-reboot" ] 4 stop
+			}
+			[ ^ok ^connected ] 3 stop
+		}
+		wait-time 0 eq if {
+			[ ^bring-up ] =state
+			[ ^ok state ] 3 stop
+		}
+		[ ^connecting wait-time -- ] =state
+		[ ^ok state ] 2 stop
+	}
+
+	[ ^err "unknown state" state ]
+}
+
+func switch-networks { result |
+	[ ^connecting 10 ] =state
+
+	def b
+	random-byte =>? [ ^ok &=b ] not if { 2 stop }
+
+	b connections % =b
+
+	def conn, hostname
+	network b _str concat =conn
+	conn "-hostname" concat read-file :replace<"\n" ""> =hostname
+
+	"connecting to " conn concat " with hostname " concat hostname concat println
+
+	[ "sudo" "hostnamectl" "set-hostname" hostname ] command-wait
+	[ "sudo" "nmcli" "c" "up" conn ] command-wait or
+	if {
+		[ ^err "nmcli failed" ] 2 stop
+	}
+	
+	[ ^ok ^connected ]
+}
+
+func device-present { bool |
+	[ "lsusb" ] StreamTypes:cmd:create
+		dup :read-to-end<1024>:to-str
+				dup :contains<"0bda:c811"> swap:contains<"0bda:1a2b"> or swap
+			:close
+}
+
+func fix-device { result |
+	[ ^bring-up ] =state
+	[ "sudo" "usb_modeswitch" "-v" "0bda" "-p" "1a2b" "-K" ] command-wait;
+	[ ^ok ^fixing-device ]
+}
+
+func is-network-up { |
+	def done 0 =done
+	fork<| 1000 time:sleep; done not if { "ping unsuccessful" println [ "killall" "ping" ] command-wait; } >
+	[ "ping" "-c" "1" "1.1.1.1" ] command-wait 0 _int eq
+	1 =done
+}
+
+func random-byte { [result,byte] |
+	catch IO {
+		def b
+		"/dev/urandom" StreamTypes:file:create<0>
+			dup :read-one =b
+				:close;
+		[ ^ok b ]
+	} { with err ;
+		[ ^err err ]
+	}
+}

tnoe/tnoescan-masscan.spl

@@ -0,0 +1,107 @@
+"#time.spl" import
+"#stream.spl" import
+"#json.spl" import
+
+include json:_StringyJSON in array
+include json:_StringyJSON in str
+
+func main { exitcode | with args ;
+	"scanning network " print args:2 println
+	def nmap
+	[ "sudo" "masscan" "--rate" "1000" "--ping" "--wait" "2" args:2 ] StreamTypes:cmd:create =nmap
+	nmap:read-to-end<1024> _str =nmap
+
+	nmap:split<"\n">:iter =nmap
+	def records, line
+	[ ] =records
+	while { nmap:next dup =line } {
+		line:readf1<"Discovered open port 0/icmp on {} {}"> => &=line if {
+			line awrap records swap aadd =records
+			2 stop
+		}
+	} pop
+
+	"IPs: " println
+	records:foreach<| ("IP: " print) :sjson println>
+
+	"waiting..." println
+	3000 time:sleep;
+
+	"grabbing MACs+Hostnames" println
+	def i 0 =i
+	def newrecords
+	[ ] =newrecords
+	def running [ 0 0 0 0 0 ] =running
+	while { i records:len lt } {
+		"task " print i println
+		while { running:contains<0> not } {
+			500 time:sleep;
+		}
+		running:find<0 awrap> i fork<| with id i ;
+
+			1 id running:set;
+
+			def done [ ] =done
+			def nmap, out, line, ip, hostname
+			[ "sudo" "nmap" "-T4" "-sn" records:get<i> ] StreamTypes:cmd:create =nmap
+			nmap:read-to-end<1024> _str =out
+			[ "sudo" "nmap" "-sn" "-Pn" records:get<i> ] StreamTypes:cmd:create =nmap
+			out nmap:read-to-end<1024> _str concat =nmap
+
+			func submit { | with mac ;
+				0 done:foreach<| ip eq if { pop 1 }> not if {
+					done ip awrap aadd =done
+					newrecords [ ip hostname mac ] awrap aadd =newrecords
+				}
+				null =ip
+			}
+
+			nmap:split<"\n">:iter =nmap
+			while { nmap:next dup =line } {
+				line:readf<"Nmap scan report for {} ({})"> => &=line if {
+					ip null eq not if {
+						"?" submit
+					}
+					line:0 =hostname
+					line:1 =ip
+					2 stop
+				}
+				line:readf1<"Nmap scan report for {}"> => &=ip if {
+					"?" =hostname
+					2 stop
+				}
+				line:readf1<"MAC Address: {} ({})"> => &=line if {
+					line submit
+					2 stop
+				}
+			} pop
+
+			ip null eq not hostname "?" eq not and if {
+				"?" submit
+			}
+
+			0 id running:set;
+
+		> pop pop
+
+		100 time:sleep;
+
+		i ++ =i
+	}
+	while { running:contains<1> } {
+		500 time:sleep;
+	}
+
+	newrecords:foreach<| ("Record: " print) :sjson println>
+
+	"Success rate: " print newrecords:len _float records:len _float / 100 _float * print "%" println
+	
+	0
+}
+
+func min { min(a,b) | with a b ;
+	a
+	a b gt if {
+		pop b
+	}
+}

tnoe/tnoescan.spl

@@ -0,0 +1,32 @@
+"#stream.spl" import
+"#json.spl" import
+
+include json:_StringyJSON in array
+
+func main { exitcode | with args ;
+	"scanning network " print args:2 println
+	def nmap
+	[ "sudo" "nmap" "-T5" "-sn" args:2 ] StreamTypes:cmd:create =nmap
+	nmap:read-to-end<1024> _str =nmap
+
+	nmap:split<"\n">:iter =nmap
+	def records, hostname, ip, line
+	[ ] =records
+	while { nmap:next dup =line } {
+		line:readf<"Nmap scan report for {} ({})"> => [ &=hostname &=ip ] if {
+			2 stop
+		} pop
+		line:readf1<"Nmap scan report for {}"> => &=ip if {
+			"?" =hostname
+			2 stop
+		} pop
+		line:readf1<"MAC Address: {} ({})"> => &=line if {
+			records [ ip hostname line ] awrap aadd =records
+			2 stop
+		} pop
+	} pop
+
+	records:foreach<| :sjson println>
+	
+	0
+}

tudbutde/README.md

@@ -0,0 +1,19 @@
+# tudbutde
+
+This is the host for the following services:
+- baseband-J
+- baseband-SPL (download.baseband.com.de)
+- baseband-website (baseband.com.de)
+- web-Tryumph (tudbut.de)
+- TudbuTAPIv3 (????)
+- qft helper
+- caddy
+
+## Iterations
+
+1. IONOS VPS S (10GB disk) with ubuntu
+2. IONOS VPS S+ (20GB disk) with ubuntu
+
+## Users
+
+- root -> all services