 |
Cleaning up ansible scripts for new server. - infra - Terraform IoC for my remo… |
 |
Log |
|
Files |
|
Refs |
|
README |
|
--- |
|
commit 635e9945ef2e0d2def7301381daec2115377891e |
|
parent 55d36aebb3497bf0333bcc8051ebd329cd607055 |
 |
Author: Jay Scott <[email protected]> |
|
Date: Sat, 10 Feb 2024 23:08:34 +0000 |
|
|
|
Cleaning up ansible scripts for new server. |
|
|
|
Diffstat: |
|
M README | 21 +++++++++++---------- |
|
A ansible/group_vars/all.yml | 4 ++++ |
|
A ansible/group_vars/git.yml | 4 ++++ |
|
A ansible/group_vars/gopher.yml | 12 ++++++++++++ |
|
A ansible/inventory.yml | 10 ++++++++++ |
|
A ansible/main.yml | 21 +++++++++++++++++++++ |
|
A ansible/roles/common/files/sshd_co… | 6 ++++++ |
|
A ansible/roles/common/handlers/main… | 4 ++++ |
|
A ansible/roles/common/tasks/main.yml | 47 +++++++++++++++++++++++++++++… |
|
A ansible/roles/common/tasks/setup-D… | 5 +++++ |
|
A ansible/roles/common/vars/Debian.y… | 5 +++++ |
|
A ansible/roles/finger/files/list | 16 ++++++++++++++++ |
|
A ansible/roles/finger/files/log | 1 + |
|
A ansible/roles/finger/files/logo.txt | 7 +++++++ |
|
A ansible/roles/finger/files/luser | 29 +++++++++++++++++++++++++++++ |
|
A ansible/roles/finger/files/mcrae.t… | 222 +++++++++++++++++++++++++++… |
|
A ansible/roles/finger/files/morris.… | 125 +++++++++++++++++++++++++++… |
|
A ansible/roles/finger/files/nouser | 19 +++++++++++++++++++ |
|
A ansible/roles/finger/tasks/main.yml | 36 +++++++++++++++++++++++++++++… |
|
A ansible/roles/finger/vars/Debian.y… | 3 +++ |
|
A ansible/roles/git/handlers/main.yml | 6 ++++++ |
|
A ansible/roles/git/tasks/main.yml | 31 +++++++++++++++++++++++++++++… |
|
A ansible/roles/git/templates/git-da… | 18 ++++++++++++++++++ |
|
A ansible/roles/git/vars/Debian.yml | 2 ++ |
|
A ansible/roles/gopher/handlers/main… | 12 ++++++++++++ |
|
A ansible/roles/gopher/tasks/main.yml | 58 ++++++++++++++++++++++++++++++ |
|
A ansible/roles/gopher/templates/geo… | 16 ++++++++++++++++ |
|
A ansible/roles/gopher/vars/Debian.y… | 4 ++++ |
|
A ansible/roles/gopher/vars/main.yml | 5 +++++ |
|
A ansible/roles/stagit/handlers/main… | 5 +++++ |
|
A ansible/roles/stagit/tasks/main.yml | 46 +++++++++++++++++++++++++++++… |
|
A ansible/roles/stagit/templates/sta… | 38 +++++++++++++++++++++++++++… |
|
A ansible/roles/stagit/vars/Debian.y… | 4 ++++ |
|
A ansible/roles/stagit/vars/main.yml | 5 +++++ |
|
D containers/docker-compose.yaml | 25 ------------------------- |
|
D containers/fingered/Dockerfile | 22 ---------------------- |
|
D containers/geomyidae/Dockerfile | 22 ---------------------- |
|
D containers/geomyidae/Makefile | 52 -----------------------------… |
|
|
|
38 files changed, 837 insertions(+), 131 deletions(-) |
|
--- |
|
diff --git a/README b/README |
|
@@ -7,7 +7,7 @@ Bootstrap Hetzner Cloud servers. |
|
Provision X servers with desired configuration |
|
Create custom firewall rules |
|
Add reverse dns entry |
|
- Userdata bootscript add a user and docker. |
|
+ Userdata bootscript adding an Ansible user account |
|
|
|
If you actually want to use this for yourself then you might need to do |
|
the following depending on your requirements. |
|
@@ -17,25 +17,26 @@ the following depending on your requirements. |
|
|
|
|
|
The user_data script is a standard cloud-init yaml config that creates |
|
-an user for deploying docker containers. |
|
+an Ansible user for further configuration the instances. |
|
|
|
|
|
terraform plan |
|
terraform apply |
|
|
|
|
|
-|> Containers |
|
+|> Ansible |
|
|
|
-Docker containers for the following services I run: |
|
+Playbook to install the following: |
|
|
|
gopher |
|
- fingered |
|
+ git and git daemon |
|
+ stagit-gopher |
|
+ efingerd |
|
|
|
+Apply all: |
|
|
|
-Create a remote context, one time thing: |
|
+ ansible-playbook -i inventory.yml main.yml |
|
|
|
- docker context create remote --docker "host=ssh://[email protected]" |
|
+Run tags |
|
|
|
-Build and run the containers: |
|
- |
|
- docker-compose --context remote up --build -d |
|
+ ansible-playbook -i inventory.yml main.yml --tags <git/gopher/common> |
|
diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml |
|
@@ -0,0 +1,4 @@ |
|
+default: |
|
+ username: jay |
|
+ comment: Jay Scott |
|
+ hostname: jay.scot |
|
diff --git a/ansible/group_vars/git.yml b/ansible/group_vars/git.yml |
|
@@ -0,0 +1,4 @@ |
|
+git: |
|
+ user: git |
|
+ group: users |
|
+ base_path: /srv/git |
|
diff --git a/ansible/group_vars/gopher.yml b/ansible/group_vars/gopher.yml |
|
@@ -0,0 +1,12 @@ |
|
+geomyidae: |
|
+ user: jay |
|
+ group: users |
|
+ root_path: /srv/gopher |
|
+ git_branch: v0.69 |
|
+ |
|
+stagit_gopher: |
|
+ git_branch: 1.2 |
|
+ cron_user: jay |
|
+ cron_group: users |
|
+ output_path: /srv/gopher |
|
+ repo_path: /srv/git |
|
diff --git a/ansible/inventory.yml b/ansible/inventory.yml |
|
@@ -0,0 +1,10 @@ |
|
+all: |
|
+ vars: |
|
+ ansible_user: jay |
|
+ children: |
|
+ git: |
|
+ hosts: |
|
+ jay.scot |
|
+ gopher: |
|
+ hosts: |
|
+ jay.scot |
|
diff --git a/ansible/main.yml b/ansible/main.yml |
|
@@ -0,0 +1,21 @@ |
|
+- hosts: all |
|
+ become: true |
|
+ roles: |
|
+ - role: common |
|
+ tags: |
|
+ - common |
|
+ |
|
+- hosts: git |
|
+ become: true |
|
+ roles: |
|
+ - role: git |
|
+ - role: stagit |
|
+ tags: |
|
+ - git |
|
+ |
|
+- hosts: gopher |
|
+ become: true |
|
+ roles: |
|
+ - role: gopher |
|
+ tags: |
|
+ - gopher |
|
diff --git a/ansible/roles/common/files/sshd_config b/ansible/roles/common/file… |
|
@@ -0,0 +1,6 @@ |
|
+PasswordAuthentication no |
|
+ChallengeResponseAuthentication no |
|
+UsePAM yes |
|
+X11Forwarding no |
|
+Subsystem sftp /usr/lib/openssh/sftp-server |
|
+PermitRootLogin no |
|
diff --git a/ansible/roles/common/handlers/main.yml b/ansible/roles/common/hand… |
|
@@ -0,0 +1,4 @@ |
|
+- name: Restart sshd |
|
+ ansible.builtin.service: |
|
+ name: sshd |
|
+ state: restarted |
|
diff --git a/ansible/roles/common/tasks/main.yml b/ansible/roles/common/tasks/m… |
|
@@ -0,0 +1,47 @@ |
|
+--- |
|
+ |
|
+- name: Include OS-specific variables |
|
+ ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Include OS-specfic tasks |
|
+ ansible.builtin.include_tasks: "setup-{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Install Common Packages |
|
+ ansible.builtin.package: |
|
+ name: "{{ common_packages }}" |
|
+ state: present |
|
+ |
|
+- name: Add hardened SSH config |
|
+ ansible.builtin.copy: |
|
+ dest: /etc/ssh/sshd_config |
|
+ src: sshd_config |
|
+ owner: root |
|
+ group: root |
|
+ mode: 0600 |
|
+ notify: Restart sshd |
|
+ |
|
+- name: Add default user |
|
+ ansible.builtin.user: |
|
+ name: "{{ default.username }}" |
|
+ comment: "{{ default.comment }}" |
|
+ shell: /bin/bash |
|
+ group: users |
|
+ |
|
+- name: Set authorized key |
|
+ ansible.posix.authorized_key: |
|
+ user: "{{ default.username }}" |
|
+ state: present |
|
+ key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}" |
|
+ |
|
+- name: Add default user to sudo |
|
+ community.general.sudoers: |
|
+ name: "local-{{ default.username }}" |
|
+ user: "{{ default.username }}" |
|
+ state: present |
|
+ nopassword: true |
|
+ commands: ALL |
|
+ |
|
+- name: Set the hostname |
|
+ ansible.builtin.hostname: |
|
+ name: "{{ default.hostname }}" |
|
+ use: systemd |
|
diff --git a/ansible/roles/common/tasks/setup-Debian.yml b/ansible/roles/common… |
|
@@ -0,0 +1,5 @@ |
|
+- name: Update apt cache. |
|
+ ansible.builtin.apt: |
|
+ update_cache: true |
|
+ upgrade: true |
|
+ cache_valid_time: 3600 |
|
diff --git a/ansible/roles/common/vars/Debian.yml b/ansible/roles/common/vars/D… |
|
@@ -0,0 +1,5 @@ |
|
+common_packages: |
|
+ - htop |
|
+ - vim |
|
+ - finger |
|
+ - lynx |
|
diff --git a/ansible/roles/finger/files/list b/ansible/roles/finger/files/list |
|
@@ -0,0 +1,16 @@ |
|
+#!/bin/sh |
|
+ |
|
+cat "/etc/efingerd/logo.txt" |
|
+ |
|
+printf "\n\n" |
|
+printf "Welcome to jay.scot!\n" |
|
+printf "Uptime : %s\n\n" "$(uptime)" |
|
+ |
|
+printf "Available Fingers:\n\n" |
|
+printf "\tusername ... get user info\n" |
|
+ |
|
+printf "\n\n" |
|
+printf "Current Users:\n\n" |
|
+printf "\tJay Scott\t\t%s\n" "$(last jay -n1 -R --time-format full | head -n1)" |
|
+printf "\tRobert Morris\t\tmorris\t pts/0\t Wed Nov 2 08:23:03 1988\t st… |
|
+printf "\tWilliam McRae\t\tmcrae \t pts/1\t Sun Apr 7 15:35:49 1985\t st… |
|
diff --git a/ansible/roles/finger/files/log b/ansible/roles/finger/files/log |
|
@@ -0,0 +1 @@ |
|
+# nope, no logs |
|
diff --git a/ansible/roles/finger/files/logo.txt b/ansible/roles/finger/files/l… |
|
@@ -0,0 +1,7 @@ |
|
+ ___ _______ __ __ _______ _______ _______ _______ |
|
+ | || _ || | | | | || || || | |
|
+ | || |_| || |_| | | _____|| || _ ||_ _| |
|
+ | || || | | |_____ | || | | | | | |
|
+ ___| || ||_ _| ___ |_____ || _|| |_| | | | |
|
+| || _ | | | | | _____| || |_ | | | | |
|
+|_______||__| |__| |___| |___| |_______||_______||_______| |___| |
|
diff --git a/ansible/roles/finger/files/luser b/ansible/roles/finger/files/luser |
|
@@ -0,0 +1,29 @@ |
|
+#!/bin/sh |
|
+ |
|
+if [ "$3" = "root" ]; then |
|
+ printf "Yeah, not going to happen." |
|
+elif [ "$3" = "git" ]; then |
|
+ printf "I am not a git, you are!" |
|
+else |
|
+ user_folder="/home/${3}" |
|
+ |
|
+ if [ -f "${user_folder}/.header" ]; then |
|
+ cat "${user_folder}/.header" |
|
+ printf "\n" |
|
+ fi |
|
+ |
|
+ if [ -f "${user_folder}/.plan" ]; then |
|
+ printf "Plan:\n" |
|
+ cat "${user_folder}/.plan" |
|
+ printf "\n" |
|
+ fi |
|
+ |
|
+ if [ -f "${user_folder}/.project" ]; then |
|
+ printf "Project:\n" |
|
+ cat "${user_folder}/.project" |
|
+ printf "\n" |
|
+ fi |
|
+ |
|
+fi |
|
+ |
|
+exit 0 |
|
diff --git a/ansible/roles/finger/files/mcrae.txt b/ansible/roles/finger/files/… |
|
@@ -0,0 +1,222 @@ |
|
+ |
|
+T H E M Y S T E R Y O F |
|
+ |
|
+ __ __ ___ |
|
+| | | | | | /\ |\/| |\/| / ` |__) /\ |__ |
|
+|/\| | |___ |___ | /~~\ | | | | \__, | \ /~~\ |___ |
|
+ |
|
+ |
|
+ |
|
+Willie McRae (18 May 1923 – 7 April 1985) was a Scottish lawyer, orator, |
|
+naval officer, politician and anti-nuclear campaigner. In the Second |
|
+World War he served in the British Army and then the Royal Indian Navy. |
|
+He supported the Indian independence movement and for much of his life |
|
+was active in the Scottish National Party (SNP). |
|
+ |
|
+McRae is remembered for his mysterious death, in which his car crashed |
|
+in a remote part of the Scottish Highlands and he was found shot in the |
|
+head with a revolver. The official verdict was undetermined. |
|
+ |
|
+ |
|
+|> Life |
|
+ |
|
+ |
|
+McRae was born in Carron, Falkirk, where his father was an electrician. |
|
+McRae edited a local newspaper in Grangemouth at the same time as |
|
+reading history at the University of Glasgow, from which he gained |
|
+a first-class degree. In the Second World War he was commissioned into |
|
+the Seaforth Highlanders but transferred to the Royal Indian Navy, in |
|
+which he became a lieutenant commander and aide-de-camp to Admiral Lord |
|
+Mountbatten. He supported the Indian independence movement. |
|
+ |
|
+After the war McRae returned to the University of Glasgow and graduated |
|
+again, this time in law.[1] He authored the maritime law of Israel and |
|
+was an emeritus professor of the University of Haifa. |
|
+After his death a forest of 3,000 trees was planted in Israel in his |
|
+memory. |
|
+ |
|
+McRae became a solicitor and an SNP activist. In both of the 1974 |
|
+General Elections and in the 1979 General Election he stood for |
|
+Parliament as the SNP candidate for Ross and Cromarty. In October 1974 |
|
+he only lost to the Conservative Hamish Gray by 633 votes, but in 1979 |
|
+Gray's majority increased to 4,735. In the latter year he also contested |
|
+the SNP leadership, coming third in a three-way contest with 52 votes to |
|
+Stephen Maxwell's 117 votes and winner Gordon Wilson's 530 votes. |
|
+ |
|
+McRae was a vocal critic of the British nuclear lobby. Early in the |
|
+1980s he was a key figure in a campaign against the United Kingdom |
|
+Atomic Energy Authority plans to dispose of nuclear waste in the |
|
+Mullwharchar area of the Galloway Hills. Representing the SNP in |
|
+a public inquiry, McRae asked difficult questions of the UKAEA and |
|
+famously declared at one meeting that "nuclear waste should be stored |
|
+where Guy Fawkes put his gunpowder." The authority's plans were |
|
+rejected, and McRae was credited with "single-handedly" preventing the |
|
+area from becoming a nuclear waste dump. |
|
+ |
|
+ |
|
+|> Death |
|
+ |
|
+ |
|
+On 5 April 1985 McRae left his Glasgow flat at 18:30 to spend the |
|
+weekend at his cottage at Ardelve near Dornie, Ross-shire. He was not |
|
+seen again until the next morning around 10:00, when two Australian |
|
+tourists saw his maroon Volvo saloon car on a moor a short distance from |
|
+the junction of the A887 and A87 roads Bun Loyne, Glenmoriston, |
|
+Inverness-shire. The car was straddling a burn about 90 feet (27 m) from |
|
+the road. The tourists flagged down the next car to pass, whose driver |
|
+turned out to be a doctor, Dorothy Messer, accompanied by her fiancé as |
|
+well as David Coutts, an SNP Dundee councillor who knew McRae. |
|
+ |
|
+It was discovered that McRae was in the car. His hands were "folded on |
|
+his lap", his head was "slumped on his right shoulder", and there was |
|
+a "considerable amount of blood on his temple". He was not wearing |
|
+a seat belt. |
|
+ |
|
+Another car was sent to call the emergency services. Dr Messer examined |
|
+McRae and found that he was still alive and breathing. She noted that |
|
+one of his pupils was dilated, indicating the possibility of brain |
|
+damage, and estimated that he had been in that state for 10 hours. |
|
+ |
|
+McRae was removed by ambulance to Raigmore Hospital, Inverness, |
|
+accompanied by Dr Messer. After admission it was decided to transfer him |
|
+to Aberdeen Royal Infirmary. At Aberdeen it was realised that the |
|
+incident was more than a road accident; six hours after he had been |
|
+found, a nurse washing his head discovered what appeared to be the entry |
|
+wound of a gunshot. An X-ray confirmed that McRae had been shot above |
|
+his right ear and a bullet was detected in his head. His brain was |
|
+severely damaged and his vital functions very weak. The next day, Sunday |
|
+7 April, after consultation with his next of kin, McRae's life-support |
|
+machine was switched off. |
|
+ |
|
+ |
|
+|>Investigation |
|
+ |
|
+ |
|
+The investigation was headed by Chief Superintendent Andrew Lister of |
|
+Northern Constabulary CID. Despite no weapon having yet been found, |
|
+McRae's car was moved at 12:00 on 7 April. It later transpired that the |
|
+police had kept no record of the precise location where the car had been |
|
+found, and the position stated by them was later found to be 1 mile (1.6 |
|
+km) in error, and was corrected by a witness who had been present at the |
|
+scene. |
|
+ |
|
+A weapon was found the next day, in the burn over which the car had been |
|
+discovered, 60 feet (18 m) from the vehicle. It was a Smith & Wesson .22 |
|
+calibre revolver containing two spent cartridges and five remaining |
|
+rounds. |
|
+ |
|
+ |
|
+|> Controversy |
|
+ |
|
+ |
|
+Although it was ruled at the time by authorities that McRae's death was |
|
+undetermined, aspects of the investigation remain disputed, some |
|
+claiming that the distance from McRae's car at which the gun was found |
|
+and the lack of fingerprints on it rendered a suicide not credible. |
|
+ |
|
+At the time of his death, McRae had been working to counter plans to |
|
+dump nuclear waste from the Dounreay Nuclear Power Development |
|
+Establishment into the sea. Due to his house being burgled on repeated |
|
+occasions prior to his death, he had taken to carrying a copy of the |
|
+documents relating to his Dounreay work with him at all times. They were |
|
+not found following his death, and the sole other copy which was kept in |
|
+his office was stolen when it was burgled, no other items being |
|
+taken. |
|
+ |
|
+Neither McRae's medical reports nor the post-mortem data have been |
|
+released to the public and there was no fatal accident inquiry. |
|
+ |
|
+ |
|
+|> Aftermath |
|
+ |
|
+ |
|
+Winnie Ewing – then President of the SNP and herself an accomplished |
|
+lawyer – was directed by the SNP's National Executive Committee (NEC) to |
|
+conduct an internal investigation for the party to come to a conclusion |
|
+as to whether Ewing "was satisfied or dissatisfied with the official |
|
+version that he committed suicide". Having been refused access to police |
|
+records of the investigation and rebuffed by both the Lord Advocate and |
|
+the Procurator Fiscal in her attempts to conduct private, confidential |
|
+meetings with them, Ewing, as she later wrote, came "up against a brick |
|
+wall".[10] Ewing reported to the SNP NEC that she was not satisfied with |
|
+the official account of suicide: "I do not know what happened, but |
|
+I think it is important that the truth emerges, despite the time that |
|
+has passed. Why the State refuses to let the truth be known is |
|
+a pertinent question." |
|
+ |
|
+In 1991 Channel 4 broadcast a "Scottish Eye" documentary investigating |
|
+the mysterious circumstances of McRae's death. It found evidence to |
|
+suggest that McRae had been under surveillance by UK intelligence |
|
+services and that his death had likely involved foul play. |
|
+ |
|
+In 2005 Winnie Ewing's son Fergus, by then an MSP, requested a meeting |
|
+with Elish Angiolini, Solicitor General for Scotland, to discuss |
|
+allegations that have persisted that McRae was under surveillance at the |
|
+time of his death. The request was rebuffed, with Angiolini claiming |
|
+that he had not been under surveillance and that she was satisfied that |
|
+a thorough investigation into the case had been carried out. |
|
+ |
|
+In July 2006 a retired police officer, Iain Fraser, who was working as |
|
+a private investigator at the time of McRae's death, claimed that he had |
|
+been anonymously employed to keep McRae under surveillance only weeks |
|
+before he died. In November 2006 an episode of the Scottish Television |
|
+show Unsolved examined the circumstances of McRae's death. |
|
+ |
|
+In November 2010 John Finnie, then SNP group leader on Highland Council |
|
+and a former police officer, wrote to the Lord Advocate urging her to |
|
+reinvestigate McRae's death and release any details so far withheld. |
|
+Finnie's request was prompted by the release the previous month of |
|
+further details concerning the death of David Kelly.[14] In January 2011 |
|
+the Crown Office requested the files on the case from Northern |
|
+Constabulary. |
|
+ |
|
+Also in November 2010 Donald Morrison, a former Strathclyde Police |
|
+officer, alleged that McRae had been "under surveillance" by both |
|
+Special Branch and MI5. Morrison had collaborated with former colleague |
|
+Iain Fraser to discover more about McRae's death. Morrison called for an |
|
+enquiry into McRae's death and promised that he would give it a sworn |
|
+affidavit that MI5 was involved. |
|
+ |
|
+In July 2014 two unconnected plays by George Gunn and Andy Paterson |
|
+about McRae's life and death, both coincidentally titled 3,000 Trees, |
|
+were staged at the Edinburgh Festival Fringe. One of the plays explored |
|
+his anti-nuclear campaigning, links with nationalist radicals and |
|
+allegations that Special Branch and MI5 were surveilling him. |
|
+ |
|
+In November 2014 a Scottish Sunday Express front-page article alleged |
|
+that McRae had uncovered evidence of the alleged paedophile ring in |
|
+Westminster during the 1980s. The article suggests he may have been |
|
+murdered and that the evidence he possessed was stolen at the time of |
|
+his death. |
|
+ |
|
+In April 2015 there was a campaign to have a Fatal Accident Inquiry |
|
+(FAI) on McRae's death. It attracted 6,500 signatures in 5 days. |
|
+ |
|
+The petition eventually collected over 13,000 signatures and was handed |
|
+in, in June 2015. The Crown Office rejected the proposal to hold a Fatal |
|
+Accident Inquiry. |
|
+ |
|
+On the Easter weekend of April 2015, the 30th anniversary of McRae's |
|
+death, Scotland on Sunday ran a story claiming that McRae's Volvo was |
|
+moved back to the crash site by Northern Constabulary in an attempt to |
|
+hide that the car had been moved before the bullet had been found |
|
+– accounting for the discrepancies relating to the gun's distance from |
|
+the car. |
|
+ |
|
+On the same day, one of the journalists involved started crowdfunding |
|
+for a book on the case titled '30 Years of Silence'. |
|
+ |
|
+Following the rejection of the petition for a Fatal Accident Inquiry by |
|
+the Crown Office, a "Justice For Willie" Campaign group was set up by |
|
+Mark MacNicol. The campaign decided to launch their own investigation |
|
+since no official inquiry was forthcoming. They hired two private |
|
+investigators to re-interview original witnesses from the time of Willie |
|
+McRae's death. The results were published in November 2016, and the |
|
+campaign were unable to find any new evidence to undermine the official |
|
+suicide verdict. |
|
+ |
|
+In October 2018, fresh doubt on the official verdict was raised again by |
|
+a nurse who claims to have treated Willie McRae at Foresterhill Hospital |
|
+in Aberdeen. Katharine Mcgonigal disputed that the bullet wound was to |
|
+the right temple, as the post-mortem claimed, and said it was instead to |
|
+the back of the neck. |
|
diff --git a/ansible/roles/finger/files/morris.txt b/ansible/roles/finger/files… |
|
@@ -0,0 +1,125 @@ |
|
+ |
|
+T H E |
|
+ ___ ___ ___ ____ ____ ____ _____ __ __ ___ ____ ___ ___ |
|
+ | | |/ \| \| \| / ___/ | |__| |/ \| \| | | |
|
+ | _ _ | | D ) D )| ( \_ | | | | | D ) _ _ | |
|
+ | \_/ | O | /| / | |\__ | | | | | O | /| \_/ | |
|
+ | | | | \| \ | |/ \ | | ` ' | | \| | | |
|
+ | | | | . \ . \| |\ | \ /| | . \ | | |
|
+ |___|___|\___/|__|\_|__|\_|____|\___| \_/\_/ \___/|__|\_|___|___| |
|
+ |
|
+ |
|
+ |
|
+The Morris worm or Internet worm of November 2, 1988, is one of the oldest |
|
+computer worms distributed via the Internet, and the first to gain significant |
|
+mainstream media attention. It resulted in the first felony conviction in the |
|
+US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate |
|
+student at Cornell University, Robert Tappan Morris, and launched on November |
|
+2, 1988, from the Massachusetts Institute of Technology network. |
|
+ |
|
+ |
|
+|> Architecture |
|
+ |
|
+ |
|
+The worm was created by Morris simply to see if it could be done, |
|
+and was released from the Massachusetts Institute of Technology (MIT) in the |
|
+hope of suggesting that its creator studied there, instead of Cornell. Morris |
|
+later became a tenured professor at MIT in 2006. The worm's creator Robert |
|
+Tappan Morris is the son of cryptographer Robert Morris, who worked at the NSA |
|
+at the time. |
|
+ |
|
+The worm exploited several vulnerabilities of targeted systems, including: |
|
+ |
|
+ A hole in the debug mode of the Unix sendmail program |
|
+ |
|
+ A buffer overflow or overrun hole in the finger network service |
|
+ |
|
+ The transitive trust enabled by people setting up network logins with no |
|
+ password requirements via remote execution (rexec) with Remote Shell (rsh), |
|
+ termed rexec/rsh |
|
+ |
|
+ The worm exploited weak passwords. Morris's exploits became generally |
|
+ obsolete due to decommissioning rsh (normally disabled on untrusted networks… |
|
+ fixes to sendmail and finger, widespread network filtering, and improved |
|
+ awareness of weak passwords. |
|
+ |
|
+Though Morris did not intend for the worm to be actively destructive, instead |
|
+seeking to merely highlight the weaknesses present in many networks of the |
|
+time, an unintentional consequence of Morris's coding resulted in the worm |
|
+being more damaging and spreadable than originally planned. It was initially |
|
+programmed to check each computer to determine if the infection was already |
|
+present, but Morris believed that some system administrators might counter this |
|
+by instructing the computer to report a false positive. Instead, he programmed |
|
+the worm to copy itself 14% of the time, regardless of the status of infection |
|
+on the computer. This resulted in a computer potentially being infected |
|
+multiple times, with each additional infection slowing the machine down to |
|
+unusability. This had the same effect as a fork bomb, and crashed the computer |
|
+several times. |
|
+ |
|
+The main body of the worm can only infect DEC VAX machines running 4BSD, |
|
+alongside Sun-3 systems. A portable C "grappling hook" component of the worm |
|
+was used to download the main body parts, and the grappling hook runs on other |
|
+systems, loading them down and making them peripheral victims. |
|
+ |
|
+ |
|
+|> Coding mistake |
|
+ |
|
+ |
|
+Morris's coding mistake, in instructing the worm to replicate itself regardless |
|
+of a computer's reported infection status, transformed the worm from a |
|
+potentially harmless intellectual and computing exercise into a viral |
|
+denial-of-service attack. Morris's inclusion of the rate of copy within the |
|
+worm was inspired by Michael Rabin's mantra of randomization. |
|
+ |
|
+The resulting level of replication proved excessive, with the worm spreading |
|
+rapidly, infecting some computers several times. Rabin would eventually comment |
|
+that Morris "should have tried it on a simulator first". |
|
+ |
|
+ |
|
+|> Effects |
|
+ |
|
+ |
|
+During the Morris appeal process, the US court of appeals estimated the cost of |
|
+removing the virus from each installation was in the range of $200–53,000. |
|
+Possibly based on these numbers, Clifford Stoll of Harvard estimated for the US |
|
+Government Accountability Office that the total economic impact was between |
|
+$100,000 and $10,000,000. Stoll, a systems administrator known for discovering |
|
+and subsequently tracking the hacker Markus Hess three years earlier, helped |
|
+fight the worm, writing in 1989 that "I surveyed the network, and found that |
|
+two thousand computers were infected within fifteen hours. These machines were |
|
+dead in the water—useless until disinfected. And removing the virus often to… |
|
+two days." Stoll commented that the worm showed the danger of monoculture, |
|
+because "If all the systems on the ARPANET ran Berkeley Unix, the virus would |
|
+have disabled all fifty thousand of them." |
|
+ |
|
+It is usually reported that around 6,000 major UNIX machines were infected by |
|
+the Morris worm. However, Morris's colleague Paul Graham claimed, "I was there |
|
+when this statistic was cooked up, and this was the recipe: someone guessed |
|
+that there were about 60,000 computers attached to the Internet, and that the |
|
+worm might have infected ten percent of them." Stoll estimated that "only a |
|
+couple thousand" computers were affected, writing that "Rumors have it that |
|
+[Morris] worked with a friend or two at Harvard's computing department (Harvard |
|
+student Paul Graham sent him mail asking for 'Any news on the brilliant |
|
+project')." |
|
+ |
|
+The Internet was partitioned for several days, as regional networks |
|
+disconnected from the NSFNet backbone and from each other to prevent |
|
+recontamination while cleaning their own networks. |
|
+ |
|
+The Morris worm prompted DARPA to fund the establishment of the CERT/CC at |
|
+Carnegie Mellon University, giving experts a central point for coordinating |
|
+responses to network emergencies. Gene Spafford also created the Phage mailing |
|
+list to coordinate a response to the emergency. |
|
+ |
|
+Morris was tried and convicted of violating United States Code Title 18 (18 |
|
+U.S.C. § 1030), the Computer Fraud and Abuse Act, in United States v. Morris. |
|
+After appeals, he was sentenced to three years' probation, 400 hours of |
|
+community service, and a fine of US$10,050 (equivalent to $20,000 in 2021) plus |
|
+the costs of his supervision. The total fine ran to $13,326, which included a |
|
+$10,000 fine, $50 special assessment, and $3,276 cost of probation oversight. |
|
+ |
|
+The Morris worm has sometimes been referred to as the "Great Worm", due to the |
|
+devastating effect it had on the Internet at that time, both in overall system |
|
+downtime and in psychological impact on the perception of security and |
|
+reliability of the Internet. The name was derived from the "Great Worms" of |
|
+Tolkien: Scatha and Glaurung. |
|
diff --git a/ansible/roles/finger/files/nouser b/ansible/roles/finger/files/nou… |
|
@@ -0,0 +1,19 @@ |
|
+#!/bin/sh |
|
+ |
|
+if [ "$3" = "morris" ]; then |
|
+ cat "/etc/efingerd/morris.txt" |
|
+elif [ "$3" = "mcrae" ]; then |
|
+ cat "/etc/efingerd/mcrae.txt" |
|
+else |
|
+ |
|
+ cat <<EOF |
|
+ |
|
+ You tried to finger non-existent user!!! |
|
+ Your attempt is logged and sent to Scotland Yard, MI5 and the DLVA.. |
|
+ |
|
+ Expect a visit soon. |
|
+ |
|
+ Just joking, it went to /dev/null |
|
+EOF |
|
+ |
|
+fi |
|
diff --git a/ansible/roles/finger/tasks/main.yml b/ansible/roles/finger/tasks/m… |
|
@@ -0,0 +1,36 @@ |
|
+--- |
|
+- name: Include OS-specific variables |
|
+ ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Install required packages |
|
+ ansible.builtin.package: |
|
+ name: "{{ common_packages }}" |
|
+ state: present |
|
+ |
|
+- name: Create efingerd config directory |
|
+ ansible.builtin.file: |
|
+ path: /etc/efingerd |
|
+ state: directory |
|
+ mode: '0755' |
|
+ |
|
+- name: Copy efingerd scripts |
|
+ ansible.builtin.copy: |
|
+ src: "{{ item }}" |
|
+ dest: "/etc/efingerd/{{ item }}" |
|
+ owner: root |
|
+ group: root |
|
+ mode: '0755' |
|
+ loop: |
|
+ - list |
|
+ - logo.txt |
|
+ - morris.txt |
|
+ - mcrae.txt |
|
+ - log |
|
+ - luser |
|
+ - nouser |
|
+ |
|
+- name: Enable inetd |
|
+ ansible.builtin.systemd: |
|
+ name: inetd |
|
+ state: started |
|
+ daemon_reload: true |
|
diff --git a/ansible/roles/finger/vars/Debian.yml b/ansible/roles/finger/vars/D… |
|
@@ -0,0 +1,3 @@ |
|
+common_packages: |
|
+ - openbsd-inetd |
|
+ - efingerd |
|
diff --git a/ansible/roles/git/handlers/main.yml b/ansible/roles/git/handlers/m… |
|
@@ -0,0 +1,6 @@ |
|
+--- |
|
+- name: Restart git-daemon |
|
+ ansible.builtin.systemd: |
|
+ name: git-daemon |
|
+ state: started |
|
+ daemon_reload: true |
|
diff --git a/ansible/roles/git/tasks/main.yml b/ansible/roles/git/tasks/main.yml |
|
@@ -0,0 +1,31 @@ |
|
+--- |
|
+- name: Include OS-specific variables |
|
+ ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Install required packages |
|
+ ansible.builtin.package: |
|
+ name: "{{ common_packages }}" |
|
+ state: present |
|
+ |
|
+- name: Added git service account |
|
+ ansible.builtin.user: |
|
+ name: "{{ git.user }}" |
|
+ comment: "Git Service Account" |
|
+ home: "{{ git.base_path }}" |
|
+ shell: /usr/bin/git-shell |
|
+ group: "{{ git.group }}" |
|
+ |
|
+- name: Set initial authorized key |
|
+ ansible.posix.authorized_key: |
|
+ user: git |
|
+ state: present |
|
+ key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}" |
|
+ |
|
+- name: Create systemd service file |
|
+ ansible.builtin.template: |
|
+ src: templates/git-daemon.service.j2 |
|
+ dest: /lib/systemd/system/git-daemon.service |
|
+ owner: root |
|
+ group: root |
|
+ mode: "0644" |
|
+ notify: Restart git-daemon |
|
diff --git a/ansible/roles/git/templates/git-daemon.service.j2 b/ansible/roles/… |
|
@@ -0,0 +1,18 @@ |
|
+[Unit] |
|
+Description=Start Git Daemon |
|
+ |
|
+[Service] |
|
+ExecStart=/usr/bin/git daemon --reuseaddr --base-path={{ git.base_path }} {{ g… |
|
+ |
|
+Restart=always |
|
+RestartSec=500ms |
|
+ |
|
+StandardOutput=syslog |
|
+StandardError=syslog |
|
+SyslogIdentifier=git-daemon |
|
+ |
|
+User={{ git.user }} |
|
+Group={{ git.group }} |
|
+ |
|
+[Install] |
|
+WantedBy=multi-user.target |
|
diff --git a/ansible/roles/git/vars/Debian.yml b/ansible/roles/git/vars/Debian.… |
|
@@ -0,0 +1,2 @@ |
|
+common_packages: |
|
+ - git |
|
diff --git a/ansible/roles/gopher/handlers/main.yml b/ansible/roles/gopher/hand… |
|
@@ -0,0 +1,12 @@ |
|
+--- |
|
+- name: Restart geomyidae |
|
+ ansible.builtin.systemd: |
|
+ name: geomyidae |
|
+ state: started |
|
+ enabled: true |
|
+ daemon_reload: true |
|
+ |
|
+- name: Install geomyidae |
|
+ community.general.system.make: |
|
+ chdir: "{{ build_path }}" |
|
+ target: install |
|
diff --git a/ansible/roles/gopher/tasks/main.yml b/ansible/roles/gopher/tasks/m… |
|
@@ -0,0 +1,58 @@ |
|
+--- |
|
+- name: Include OS-specific variables. |
|
+ ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Install required packages |
|
+ ansible.builtin.package: |
|
+ name: "{{ common_packages }}" |
|
+ state: present |
|
+ |
|
+- name: Git checkout |
|
+ ansible.builtin.git: |
|
+ repo: "{{ source_repo }}" |
|
+ dest: "{{ build_path }}" |
|
+ force: false |
|
+ version: "{{ geomyidae.git_branch }}" |
|
+ register: repo_clone |
|
+ failed_when: |
|
+ - repo_clone.failed |
|
+ - not 'Local modifications exist in the destination' in repo_clone.msg |
|
+ |
|
+- name: Disable TLS options |
|
+ ansible.builtin.replace: |
|
+ path: "{{ build_path }}/Makefile" |
|
+ regexp: '^TLS_CFLAGS = -DENABLE_TLS' |
|
+ replace: '#TLS_CFLAGS = -DENABLE_TLS' |
|
+ when: disable_tls |
|
+ |
|
+- name: Disable TLS flags |
|
+ ansible.builtin.replace: |
|
+ path: "{{ build_path }}/Makefile" |
|
+ regexp: '^TLS_LDFLAGS = -ltls' |
|
+ replace: '#TLS_LDFLAGS = -ltls' |
|
+ when: disable_tls |
|
+ |
|
+- name: Build geomyidae |
|
+ community.general.system.make: |
|
+ chdir: "{{ build_path }}" |
|
+ notify: Install geomyidae |
|
+ |
|
+- name: Flush handlers |
|
+ ansible.builtin.meta: flush_handlers |
|
+ |
|
+- name: Create root directory |
|
+ ansible.builtin.file: |
|
+ path: "{{ geomyidae.root_path }}" |
|
+ owner: "{{ geomyidae.user }}" |
|
+ group: "{{ geomyidae.group }}" |
|
+ mode: 0755 |
|
+ state: directory |
|
+ |
|
+- name: Create systemd service file |
|
+ ansible.builtin.template: |
|
+ src: templates/geomyidae.service.j2 |
|
+ dest: /lib/systemd/system/geomyidae.service |
|
+ owner: root |
|
+ group: root |
|
+ mode: '0644' |
|
+ notify: Restart geomyidae |
|
diff --git a/ansible/roles/gopher/templates/geomyidae.service.j2 b/ansible/role… |
|
@@ -0,0 +1,16 @@ |
|
+[Unit] |
|
+Description=Geomyidae Gopher Server |
|
+After=network.target |
|
+Wants=network.target |
|
+StartLimitBurst=5 |
|
+StartLimitIntervalSec=1 |
|
+ |
|
+[Service] |
|
+Type=forking |
|
+Restart=on-abnormal |
|
+RestartSec=1 |
|
+User=root |
|
+ExecStart=/usr/local/bin/geomyidae -v 0 -b {{ geomyidae.root_path }} -p 70 -n … |
|
+ |
|
+[Install] |
|
+WantedBy=multi-user.target |
|
diff --git a/ansible/roles/gopher/vars/Debian.yml b/ansible/roles/gopher/vars/D… |
|
@@ -0,0 +1,4 @@ |
|
+common_packages: |
|
+ - git |
|
+ - build-essential |
|
+ - libssl-dev |
|
diff --git a/ansible/roles/gopher/vars/main.yml b/ansible/roles/gopher/vars/mai… |
|
@@ -0,0 +1,5 @@ |
|
+--- |
|
+ |
|
+build_path: /tmp/src/geomyidae |
|
+source_repo: git://r-36.net/geomyidae |
|
+disable_tls: true |
|
diff --git a/ansible/roles/stagit/handlers/main.yml b/ansible/roles/stagit/hand… |
|
@@ -0,0 +1,5 @@ |
|
+--- |
|
+- name: Install stagit |
|
+ community.general.system.make: |
|
+ chdir: "{{ build_path }}" |
|
+ target: install |
|
diff --git a/ansible/roles/stagit/tasks/main.yml b/ansible/roles/stagit/tasks/m… |
|
@@ -0,0 +1,46 @@ |
|
+--- |
|
+- name: Include OS-specific variables. |
|
+ ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" |
|
+ |
|
+- name: Install required packages |
|
+ ansible.builtin.package: |
|
+ name: "{{ common_packages }}" |
|
+ state: present |
|
+ |
|
+- name: Git checkout |
|
+ ansible.builtin.git: |
|
+ repo: "{{ source_repo }}" |
|
+ dest: "{{ build_path }}" |
|
+ force: false |
|
+ version: "{{ stagit_gopher.git_branch }}" |
|
+ register: repo_clone |
|
+ failed_when: |
|
+ - repo_clone.failed |
|
+ - not 'Local modifications exist in the destination' in repo_clone.msg |
|
+ |
|
+- name: Enable old libgit2 workaround |
|
+ ansible.builtin.replace: |
|
+ path: "{{ build_path }}/Makefile" |
|
+ regexp: '^#STAGIT_CFLAGS' |
|
+ replace: 'STAGIT_CFLAGS' |
|
+ when: enable_old_libgit2 |
|
+ |
|
+- name: Build from source |
|
+ community.general.system.make: |
|
+ chdir: "{{ build_path }}" |
|
+ notify: Install stagit |
|
+ |
|
+- name: Create stagit run script |
|
+ ansible.builtin.template: |
|
+ src: templates/stagit_create.sh.j2 |
|
+ dest: "/home/{{ stagit_gopher.cron_user }}/stagit_create.sh" |
|
+ owner: "{{ stagit_gopher.cron_user }}" |
|
+ group: "{{ stagit_gopher.cron_group }}" |
|
+ mode: "755" |
|
+ |
|
+- name: Adding script to cron |
|
+ ansible.builtin.cron: |
|
+ name: "run stagit script" |
|
+ user: "{{ stagit_gopher.cron_user }}" |
|
+ minute: "*/5" |
|
+ job: "/home/{{ stagit_gopher.cron_user }}/stagit_create.sh" |
|
diff --git a/ansible/roles/stagit/templates/stagit_create.sh.j2 b/ansible/roles… |
|
@@ -0,0 +1,38 @@ |
|
+#!/bin/sh |
|
+ |
|
+reposdir="{{ stagit_gopher.repo_path }}" |
|
+gopherdir="{{ stagit_gopher.output_path }}" |
|
+stagitdir="/git" |
|
+destdir="${gopherdir}/${stagitdir}" |
|
+ |
|
+# remove /'s at the end. |
|
+stagitdir=$(printf "%s" "${stagitdir}" | sed 's@[/]*$@@g') |
|
+ |
|
+rm -rf "{{ stagit_gopher.output_path }}/git/*" |
|
+ |
|
+/usr/local/bin/stagit-gopher-index -b "${stagitdir}" "${reposdir}/"*.git/ >"${… |
|
+ |
|
+# make files per repo. |
|
+for dir in "${reposdir}/"*/; do |
|
+ # strip .git suffix. |
|
+ r=$(basename "${dir}") |
|
+ d=$(basename "${dir}" ".git") |
|
+ printf "%s... " "${d}" |
|
+ |
|
+ mkdir -p "${destdir}/${d}" |
|
+ cd "${destdir}/${d}" || continue |
|
+ |
|
+ if [ "$d" != "pass" ]; then |
|
+ /usr/local/bin/stagit-gopher -b "${stagitdir}/${d}" \ |
|
+ -u "gopher://jay.scot/1/git/$d/" "${reposdir}/${r}" |
|
+ |
|
+ # symlinks |
|
+ ln -sf log.gph index.gph |
|
+ |
|
+ echo "done" |
|
+ else |
|
+ echo "skipping" |
|
+ fi |
|
+done |
|
+ |
|
+ |
|
diff --git a/ansible/roles/stagit/vars/Debian.yml b/ansible/roles/stagit/vars/D… |
|
@@ -0,0 +1,4 @@ |
|
+common_packages: |
|
+ - git |
|
+ - build-essential |
|
+ - libgit2-dev |
|
diff --git a/ansible/roles/stagit/vars/main.yml b/ansible/roles/stagit/vars/mai… |
|
@@ -0,0 +1,5 @@ |
|
+--- |
|
+ |
|
+build_path: /tmp/src/stagit-gopher |
|
+source_repo: git://git.codemadness.org/stagit-gopher |
|
+enable_old_libgit2: false |
|
diff --git a/containers/docker-compose.yaml b/containers/docker-compose.yaml |
|
@@ -1,25 +0,0 @@ |
|
-services: |
|
- gopher: |
|
- image: geomyidae |
|
- build: |
|
- context: geomyidae |
|
- dockerfile: ../geomyidae/Dockerfile |
|
- args: |
|
- SERVER_ARGS: -p 70 -b /srv/gopher -h jay.scot -v 0 |
|
- ports: |
|
- - 70:70 |
|
- restart: always |
|
- volumes: |
|
- - /srv/gopher:/srv/gopher |
|
- fingered: |
|
- image: fingered |
|
- build: |
|
- context: fingered |
|
- dockerfile: ../fingered/Dockerfile |
|
- args: |
|
- SERVER_ARGS: -p 79 -d /srv/fingered |
|
- ports: |
|
- - 79:79 |
|
- restart: always |
|
- volumes: |
|
- - /srv/fingered:/srv/fingered |
|
diff --git a/containers/fingered/Dockerfile b/containers/fingered/Dockerfile |
|
@@ -1,22 +0,0 @@ |
|
-FROM alpine:latest AS builder |
|
- |
|
-WORKDIR /fingered |
|
- |
|
-RUN apk add go git make |
|
-RUN git clone https://git.sr.ht/~jayscott/fingered /fingered |
|
-RUN make install |
|
- |
|
- |
|
-FROM alpine:latest |
|
- |
|
-ARG SERVER_ARGS |
|
-ENV SERVER_ARGS=${SERVER_ARGS} |
|
- |
|
-EXPOSE 79/tcp |
|
-VOLUME /srv/fingered |
|
- |
|
-RUN mkdir -p /srv/fingered |
|
- |
|
-COPY --from=builder /usr/local/bin/fingered /usr/bin |
|
- |
|
-ENTRYPOINT /usr/bin/fingered $SERVER_ARGS |
|
diff --git a/containers/geomyidae/Dockerfile b/containers/geomyidae/Dockerfile |
|
@@ -1,22 +0,0 @@ |
|
-FROM alpine:latest AS builder |
|
- |
|
-WORKDIR /geomyidae |
|
- |
|
-RUN apk add build-base git |
|
-RUN git clone git://r-36.net/geomyidae /geomyidae |
|
-COPY Makefile . |
|
-RUN make |
|
- |
|
-FROM alpine:latest |
|
- |
|
-ARG SERVER_ARGS |
|
-ENV SERVER_ARGS=${SERVER_ARGS} |
|
- |
|
-EXPOSE 70/tcp |
|
-VOLUME /var/gopher |
|
- |
|
-RUN mkdir -p /var/gopher |
|
- |
|
-COPY --from=builder /geomyidae/geomyidae /usr/sbin |
|
- |
|
-ENTRYPOINT /usr/sbin/geomyidae -d $SERVER_ARGS |
|
diff --git a/containers/geomyidae/Makefile b/containers/geomyidae/Makefile |
|
@@ -1,52 +0,0 @@ |
|
-# geomyidae - a tiny, standalone gopherd written in C |
|
-# See LICENSE file for copyright and license details. |
|
-.POSIX: |
|
- |
|
-NAME = geomyidae |
|
-VERSION = 0.72 |
|
- |
|
-PREFIX = /usr/local |
|
-BINDIR = ${PREFIX}/bin |
|
-MANDIR = ${PREFIX}/share/man/man8 |
|
- |
|
-GEOM_CFLAGS = -D_DEFAULT_SOURCE -I. -I/usr/include ${TLS_CFLAGS} ${CFLAGS} |
|
-GEOM_LDFLAGS = -L/usr/lib -L. ${TLS_LDFLAGS} ${LDFLAGS} |
|
- |
|
-SRC = main.c ind.c handlr.c |
|
-OBJ = ${SRC:.c=.o} |
|
- |
|
-all: ${NAME} |
|
- |
|
-.c.o: |
|
- ${CC} ${GEOM_CFLAGS} -c $< |
|
- |
|
-${OBJ}: |
|
- |
|
-${NAME}: ${OBJ} |
|
- ${CC} -o $@ ${OBJ} ${GEOM_LDFLAGS} |
|
- |
|
-clean: |
|
- rm -f ${NAME} ${OBJ} ${NAME}-${VERSION}.tar.gz |
|
- |
|
-install: all |
|
- mkdir -p "${DESTDIR}${BINDIR}" |
|
- cp -f ${NAME} "${DESTDIR}${BINDIR}" |
|
- chmod 755 "${DESTDIR}${BINDIR}/${NAME}" |
|
- mkdir -p "${DESTDIR}${MANDIR}" |
|
- cp -f ${NAME}.8 "${DESTDIR}${MANDIR}" |
|
- chmod 644 "${DESTDIR}${MANDIR}/${NAME}.8" |
|
- |
|
-uninstall: |
|
- rm -f "${DESTDIR}${BINDIR}/${NAME}" |
|
- rm -f "${DESTDIR}${MANDIR}/${NAME}.8" |
|
- |
|
-dist: clean |
|
- mkdir -p ${NAME}-${VERSION} |
|
- cp -R rc.d CGI README LICENSE index.gph Makefile ${NAME}.8 \ |
|
- *.c *.h ${NAME}-${VERSION} |
|
- tar -cf ${NAME}-${VERSION}.tar ${NAME}-${VERSION} |
|
- gzip ${NAME}-${VERSION}.tar |
|
- mv ${NAME}-${VERSION}.tar.gz ${NAME}-${VERSION}.tgz |
|
- rm -rf "${NAME}-${VERSION}" |
|
- |
|
-.PHONY: all clean dist install uninstall |
