scifijunkie/pwnagotchi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new builder system based on packer/ansible

Browse Source
This commit is contained in:
Cassiano Aquino 2019-10-02 17:26:29 +01:00
parent 9fc2c0aebc
commit e0ddd0de57
No known key found for this signature in database
GPG Key ID: 2480258091054B09
4 changed files with 348 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.travis.yml
View File

@ -1,23 +1,29 @@
dist: bionic
language: generic
language: go
go:
- 1.x
env:
global:
- LANG=C
- LC_ALL=C
before_cache:
- mountpoint -q $TRAVIS_BUILD_DIR/tmp/mnt && sudo umount -R $TRAVIS_BUILD_DIR/tmp/mnt
- sudo find $TRAVIS_BUILD_DIR/tmp/ -name '*.img' -delete
cache:
apt: true
directories:
- tmp/
before_script:
- sudo apt-get -y update
- sudo apt-get -y install qemu-user-static binfmt-support qemu bmap-tools
- sudo apt-get -y install qemu-user-static binfmt-support qemu kpartx
- sudo update-binfmts --display
- unset GOROOT
script:
- sudo ./scripts/create_sibling.sh -n pwnagotchi -o pwnagotchi.img
- zip -s 2g pwnagotchi.zip pwnagotchi.img
- sudo -E env "PATH=$PATH" make -e PWN_HOSTNAME="pwnagotchi" VERSION="$TRAVIS_TAG"
# TODO: deploy!

22
Makefile Normal file
View File

@ -0,0 +1,22 @@
PWN_HOSTNAME="pwnagotchi"
PWN_VERSION="master"
all: install image clean
install:
@curl https://releases.hashicorp.com/packer/1.3.5/packer_1.3.5_linux_amd64.zip -o /tmp/packer.zip
@unzip /tmp/packer.zip -d /tmp
@mv /tmp/packer /usr/bin/packer
@git clone https://github.com/solo-io/packer-builder-arm-image /tmp/packer-builder-arm-image
@cd /tmp/packer-builder-arm-image && go get -d ./... && go build
@cp /tmp/packer-builder-arm-image/packer-builder-arm-image /usr/bin
image:
@cd builder && sudo packer build pwnagotchi.json
@mv builder/output-pwnagotchi/image pwnagotchi-raspbian-lite-$(PWN_VERSION).img
@zip pwnagotchi-raspbian-lite-$(PWN_VERSION).zip pwnagotchi-raspbian-lite-$(PWN_VERSION).img
clean:
@rm -rf /tmp/packer-builder-arm-image
@rm -f pwnagotchi-raspbian-lite.img
@rm -rf builder/output-pwnagotchi builder/packer_cache

26
builder/pwnagotchi.json Normal file
View File

@ -0,0 +1,26 @@
{
"variables": {
"home": "{{env `HOME`}}"
},
"builders": [{
"name": "pwnagotchi",
"type": "arm-image",
"iso_url" : "https://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2019-07-12/2019-07-10-raspbian-buster-lite.zip",
"iso_checksum_type":"sha256",
"iso_checksum":"9e5cf24ce483bb96e7736ea75ca422e3560e7b455eee63dd28f66fa1825db70e",
"last_partition_extra_size" : 3221225472
}],
"provisioners": [
{
"type": "shell",
"inline": [
"apt-get -y update",
"apt-get install -y ansible"
]
},
{
"type":"ansible-local",
"playbook_file": "pwnagotchi.yml"
}
]
}

289
builder/pwnagotchi.yml Normal file
View File

@ -0,0 +1,289 @@
---
- hosts:
- 127.0.0.1
become: yes
vars:
pwn_hostname: "pwnagotchi"
pwn_version: "master"
tasks:
- name: selected hostname
debug:
msg: "{{ pwn_hostname }}"
- name: build version
debug:
msg: "{{ pwn_version }}"
- name: change hostname
hostname:
name: "{{pwn_hostname}}"
- name: add hostname to /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: '^127\.0\.0\.1[ \t]+localhost'
line: '127.0.0.1 localhost {{pwn_hostname}} {{pwn_hostname}}.local'
state: present
- name: Add re4son-kernel repo key
apt_key:
url: https://re4son-kernel.com/keys/http/archive-key.asc
state: present
- name: Add re4son-kernel repository
apt_repository:
repo: deb http://http.re4son-kernel.com/re4son/ kali-pi main
state: present
- name: update apt package cache
apt:
update_cache: yes
- name: upgrade apt distro
apt:
upgrade: dist
- name: install packages
apt:
name: "{{ packages }}"
state: present
vars:
packages:
- vim
- screen
- golang
- git
- build-essential
- python3-pip
- gawk
- libopenmpi-dev
- libatlas-base-dev
- libjasper-dev
- libqtgui4
- libqt4-test
- libopenjp2-7
- tcpdump
- lsof
- libilmbase23
- libopenexr23
- libgstreamer1.0-0
- libavcodec58
- libavformat58
- libswscale5
- libpcap-dev
- libusb-1.0-0-dev
- libnetfilter-queue-dev
- dphys-swapfile
- kalipi-kernel
- kalipi-bootloader
- kalipi-re4son-firmware
- kalipi-kernel-headers
- libraspberrypi0
- libraspberrypi-dev
- libraspberrypi-doc
- libraspberrypi-bin
- fonts-dejavu
- fonts-dejavu-core
- fonts-dejavu-extra
- name: configure dphys-swapfile
file:
path: /etc/dphys-swapfile
content: "CONF_SWAPSIZE=1024"
- name: disable unecessary services
systemd:
name: "{{services}}"
state: stopped
enabled: no
vars:
services:
- apt-daily.timer
- apt-daily.service
- apt-daily-upgrade.timer
- apt-daily-upgrade.service
- bluetooth.service
- triggerhappy.service
- name: enable dphys-swapfile service
systemd:
name: dphys-swapfile.service
state: started
enabled: yes
- name: build bettercap
command: go get -u github.com/bettercap/bettercap
environment:
GOPATH: /root/go
- name: install bettercap
copy:
src: /root/go/bin/bettercap
dest: /usr/bin/bettercap
mode: 0755
- name: clone bettercap caplets
git:
repo: https://github.com/bettercap/caplets.git
dest: /tmp/caplets
- name: install bettercap caplets
make:
chdir: /tmp/caplets
target: install
- name: clone pwnagotchi repository
git:
repo: https://github.com/evilsocket/pwnagotchi.git
dest: /tmp/pwnagotchi
- name: copy pwnagotchi files to final destination
copy:
src: /tmp/pwnagotchi/sdcard/rootfs/root/pwnagotchi/
dest: /root/pwnagotchi/
mode: preserve
- name: remove pwnagotchi files from temporary repository
file:
path: /tmp/pwnagotchi
state: absent
- name: install python modules
pip:
requirements: /root/pwnagotchi/scripts/requirements.txt
- name: create cpuusage script
copy:
dest: /usr/bin/cpuusage
mode: 0755
content: |
#!/usr/bin/env bash
while true
do
top -b -n1 | awk '/Cpu\(s\)/ { printf("%d %", $2 + $4 + 0.5) }'
sleep 3
done
- name: create memusage script
copy:
dest: /usr/bin/memusage
mode: 0755
content: |
#!/usr/bin/env
free -m | awk '/Mem/ { printf( "%d %", $3 / $2 * 100 + 0.5 ) }'
- name: create monstart script
copy:
dest: /usr/bin/monstart
mode: 0755
content: |
#!/usr/bin/env bash
iw phy phy0 interface add mon0 type monitor && ifconfig mon0 up
- name: create monstop script
copy:
dest: /usr/bin/monstop
mode: 0755
content: |
#!/usr/bin/env bash
ifconfig mon0 down && iw dev mon0 del
- name: configure rc.local
blockinfile:
path: /etc/rc.local
insertbefore: "exit 0"
block: |
if ! /opt/vc/bin/tvservice -s | grep HDMI; then
/opt/vc/bin/tvservice -o
fi
/root/pwnagotchi/scripts/startup.sh &
- name: configure usb interface
blockinfile:
path: /etc/network/interfaces.d/usb0.cfg
create: yes
block: |
allow-hotplug usb0
iface usb0 inet static
address 10.0.0.2
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
gateway 10.0.0.1
- name: configure eth0 interface (pi2/3/4)
blockinfile:
path: /etc/network/interfaces.d/eth0.cfg
create: yes
block: |
allow-hotplug eth0
iface eth0 inet dhcp
- name: enable ssh on boot
file:
path: /boot/ssh
state: touch
- name: adjust /boot/config.txt
lineinfile:
dest: /boot/config.txt
insertafter: EOF
line: '{{ item }}'
with_items:
- "dtoverlay=dwc2"
- "dtparam=spi=on"
- "dtoverlay=spi1-3cs"
- "dtoverlay=pi3-disable-bt"
- "dtparam=audio=off"
- name: change root partition
replace:
dest: /boot/cmdline.txt
backup: no
regexp: "root=PARTUUID=[a-zA-Z0-9\\-]+"
replace: "root=/dev/mmcblk0p2"
- name: configure /boot/cmdline.txt
lineinfile:
path: /boot/cmdline.txt
backrefs: True
state: present
backup: no
regexp: '(.*)$'
line: '\1 modules-load=dwc2,g_ether'
- name: configure ssh
lineinfile:
dest: /etc/ssh/sshd_config
backup: no
regexp: '#?PermitRootLogin (.*)$'
line: 'PermitRootLogin yes'
- name: configure motd
copy:
dest: /etc/motd
content: "(◕‿‿◕) {{pwn_hostname}} (pwnagotchi-{{pwn_version}})"
- name: clean apt cache
apt:
autoclean: yes
- name: remove dependencies that are no longer required
apt:
autoremove: yes
- name: remove ssh keys
file:
state: absent
path: "{{item}}"
with_items:
- /etc/ssh/ssh_host_rsa_key
- /etc/ssh/ssh_host_rsa_key.pub
- /etc/ssh/ssh_host_dsa_key
- /etc/ssh/ssh_host_dsa_key.pub
- /etc/ssh/ssh_host/ecdsa_key
- /etc/ssh/ssh_host/ecdsa_key.pub
- /etc/ssh/ssh_host_ed25519_key
- /etc/ssh/ssh_host_ed25519_key.pub