diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..a6482b2 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +./data/students/ + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..b8fc39b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,32 @@ +# Built with arch: amd64 flavor: lxde image: ubuntu:20.04 +# +################################################################################ +# base system +################################################################################ + +FROM debian +RUN apt update +RUN apt install openssh-server vim net-tools sudo openssl -y +RUN apt install expect openssl perl python2 psutils net-tools -y + +RUN groupadd isen -g 1000 + +RUN useradd -rm -d /home/isen -s /bin/bash -g 1000 -G sudo -u 1000 -p "$(/usr/bin/openssl passwd -1 isen)" isen +RUN echo "root:root" | chpasswd +RUN echo "isen:isen" | chpasswd + +#RUN echo '%sudo ALL=(ALL:ALL) ALL' >> /etc/sudoers +RUN sed -i "/%sudo/s/ALL$/NOPASSWD: ALL/" /etc/sudoers + +RUN apt install manpages-dev man-db shc gcc build-essential -y +COPY ./data/bin/firstconnect /usr/bin/firstconnect +RUN chmod 755 /usr/bin/firstconnect +RUN chown root:root /usr/bin/firstconnect +RUN touch /etc/first +RUN touch /etc/new + + +RUN service ssh start +EXPOSE 22 +CMD ["/usr/sbin/sshd","-D"] + diff --git a/README.md b/README.md index 8344822..f7816a0 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,53 @@ -# isen-docker-farm +# What the F*** + +It s a studies environment for classroom with web client ssh access + + +## User liste + +add list of users in ./data/liste with the format : + +``` +NAME Surname +NAME2 Surname2 +``` + +## Build Docker image + +``` +docker build . -t isensshbase +``` + +## environement generation + +launch script + +``` +./generate.sh +``` + +it create + - docker-compose.yml + - create fake file partition on the hosts system access in ./data/students/part/. + +## start docker stack + +``` +docker-compose up -d +``` + +## regen a specific instance + +``` +regen_inst.sh +``` + +## Delete all + +``` +docker-compose down +./generate.sh del +rm docker-compose.yml +``` + -It s a studies environment for classroom with web client ssh access - - diff --git a/conf/config.yaml b/conf/config.yaml new file mode 100644 index 0000000..156571f --- /dev/null +++ b/conf/config.yaml @@ -0,0 +1,29 @@ +site: + appname: ssh-web-console + listen_addr: :2222 + runmode: prod + deploy_host: console.hpc.gensh.me + +prod: + # http path of static files and views + static_prefix: / + +dev: # config used in debug mode. + # https prefix of static files only + static_prefix: /static/ + # redirect static files requests to this address, redirect "static_prefix" to "static_redirect" + # for example, static_prefix is "/static", static_redirect is "localhost:8080/dist", + # this will redirect all requests having prefix "/static" to "localhost:8080/dist" + static_redirect: "localhost:8080" + static_dir: ./dist/ # if static_redirect is empty, http server will read static file from this dir. + views_prefix: / # + views_dir: views/ # views(html) directory. + +ssh: + # io_mode: 1 # the mode reading data from ssh server: channel mode (0) OR session mode (1) + buffer_checker_cycle_time: 60 # check buffer every { buffer_checker_cycle_time } ms. if buffer is not empty , then send buffered data back to client(browser/webSocket) +jwt: + jwt_secret: secret.console.hpc.gensh.me + token_lifetime: 7200 + issuer: issuer.ssh.gensh.me + query_token_key: _t \ No newline at end of file diff --git a/data/bin/firstconnect b/data/bin/firstconnect new file mode 100644 index 0000000..8457939 --- /dev/null +++ b/data/bin/firstconnect @@ -0,0 +1,41 @@ +#!/bin/bash + +if [[ -f /etc/first ]] + then + [[ -f /home/isen/.gen/hostname ]] && cat /home/isen/.gen/hostname | sudo tee -a /etc/hosts &> /dev/null + [[ -f /home/isen/.gen/backup.sh ]] && /usr/bin/shc -f /home/isen/.gen/backup.sh -o /home/isen/backup_isen && sudo rm -f /home/isen/backup.sh.x.c + [[ -f /home/isen/.gen/motd ]] && sudo cp /home/isen/.gen/motd /etc/motd + [[ -d /home/isen/.ssh ]] && mv /home/isen/.ssh /home/isen/.ssh.orig + [[ -d /home/isen/.gen/.ssh ]] && cp -rp /home/isen/.gen/.ssh /home/isen/.ssh + + clear + echo "######################################" + echo "CHANGEMENT DE MOT DE PASSE OBLIGATOIRE" + echo "######################################" + echo "" + while [[ "$ValPassOne" != "$ValPassTwo" ]] || [[ -z $ValPassOne ]] + do + echo "Attention les mots de passes en serons pas affichés" + read -p "indiquez votre nouveau mot de passe : " -s ValPassOne + echo "" + read -p "verification du nouveau mot de passe : " -s ValPassTwo + echo "" + [[ "$ValPassOne" != "$ValPassTwo" ]] && echo -e "\n les mots de passe ne sont pas les mêmes" + echo "" + done + [[ "$ValPassOne" == "$ValPassTwo" ]] && echo "isen:${ValPassOne}" | sudo /usr/sbin/chpasswd + if [[ $? -eq 0 ]] + then + echo "NOUVEAU MOT DE PASSE OK" + echo "Vous allez être deconnecté" + while [[ $tempo -lt 5 ]] + do + sleep 1 + ((tempo++)) + echo -n "." + done + sudo rm /etc/first + killall -9 bash + fi + +fi diff --git a/data/liste b/data/liste new file mode 100644 index 0000000..3be81b4 --- /dev/null +++ b/data/liste @@ -0,0 +1,6 @@ +ASTIER Guillaume +LEFEBVRE Loic +CATANESE Yann +ANTUNES Rémi +ATTIA Yanis +VOLTO Christophe diff --git a/data/liste.big b/data/liste.big new file mode 100644 index 0000000..f65c041 --- /dev/null +++ b/data/liste.big @@ -0,0 +1,113 @@ +ASTIER Guillaume +LEFEBVRE Loic +CATANESE Yann +ANTUNES Rémi +ATTIA Yanis +AUROUX Axel +BARROT Grégory +BEJAOUI Gofrane +BENHALIMA Yanis +BEN HASSINE Adam +BEN SLAMA Inès +BERGER Alexia +BERNARD Guillaume +BERNOUSSI Yasser +BLONNA Antoine +BOILLOT Mathias +BONFILS Laura +BONNARIC Nicolas +BONNEFOI Jérémy +BOSSER Agnès +BOUCHAND Maël +BOUTELLIS Younes +BRADU - OLIVARI Gauthier +BRU Valentin +BUJNA Dominik +CALABUIG Nicolas +CAMMAS Manon +CARLE Dorian +CHARAIX Alexandre +CHERMETTE Luc +CHEVALIER Gwendal +COLLET Killyan +CONSTANT Eugène +DARMIGNY Benoît +DECOURRIERE Maxence +DELESSE Alexandre +DELUC Alexandre +DESOOMER Pierre +DI DONNA Rémi +DIVERD Antoine +DOURVILLE GaÏan +DUCLAUX Victor +DUFOUR Jérémie +EL HMOUDI Sarah +EL-KARMOUCHI Brahim +ESCOUSSE Lucien +FERMON Nathan +FILI Thérèse +GALANO Raphaël +GANZIN Corentin +GAUTHIER Maxime +GRAOUDI Kenza +GUNIA Benjamin +HACHE Cloé +HAIOUM David +HERBAULT Quentin +JOUVE Guillaume +KLEIN Marion +LANDRI Arnaud +LAURY Hubert +LEBON Jérémy +LEBON Nicolas +LECCA Mathieu +LECLERE Aurélien +LHOUMEAU Yann +LIAUTAUD Canelle +LIEUTAUD Julien +LOMBARDO Romain +LOUBET Maxime +MAHDI Abderraouf +MAMFOUMBI DOUKAGA Sheridan +MANZONI Lucile +MARELLO Antoine +MARIE Kyllian +MARQUANT Jenny +MARTINEZ Loris +MARTINEZ-CASTELBON Manon +MARZUK Moustafa +MEKETYN Dorian +MELONI Axel +MENDEZ RINCON Maria Alejandra +MEULIEN Guillaume +MIGEON Zoé +MIGNEROT Adrien +MINHONNAC Antoine +MORENO Teeri +MOURIER Paul +MOUTOU Carla +NDONG EYI Christ +NGUYEN-MULLER Léandre +OUNES Ilhem +PETIOT Thierry +PEZON Jean-Baptiste +PREZUT Matthieu +QUIGNON Dorian +RAFE Alexis +RAMONE Enzo +ROZIERE Antoine +SAUMIER Sophie +SCHMID Thomas +SERVAT Brunelle +SILVANO Sébastien +SIMON Thibaud +SMANIOTTO Gabriel +STOELTZLEN Alexis +TERRASSON Frédéric +TIVOLLIER Jean +VACCARO Jérémy +VAISSEAU Thibaud +VALENZA Emma +VIEIRA Claire +VOLPELLIERE Valentin +VOLTO Christophe diff --git a/data/liste.short b/data/liste.short new file mode 100644 index 0000000..3be81b4 --- /dev/null +++ b/data/liste.short @@ -0,0 +1,6 @@ +ASTIER Guillaume +LEFEBVRE Loic +CATANESE Yann +ANTUNES Rémi +ATTIA Yanis +VOLTO Christophe diff --git a/data/skel/.bashrc b/data/skel/.bashrc new file mode 100644 index 0000000..67abd49 --- /dev/null +++ b/data/skel/.bashrc @@ -0,0 +1,144 @@ +# ~/.bashrc: executed by bash(1) for non-login shells. +# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) +# for examples + +# If not running interactively, don't do anything +case $- in + *i*) ;; + *) return;; +esac + +# don't put duplicate lines or lines starting with space in the history. +# See bash(1) for more options +HISTCONTROL=ignoreboth + +# append to the history file, don't overwrite it +shopt -s histappend + +# for setting history length see HISTSIZE and HISTFILESIZE in bash(1) +HISTSIZE=1000 +HISTFILESIZE=2000 + +# check the window size after each command and, if necessary, +# update the values of LINES and COLUMNS. +shopt -s checkwinsize + +# If set, the pattern "**" used in a pathname expansion context will +# match all files and zero or more directories and subdirectories. +#shopt -s globstar + +# make less more friendly for non-text input files, see lesspipe(1) +#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, unless we know we "want" color) +case "$TERM" in + xterm-color|*-256color) color_prompt=yes;; +esac + +# uncomment for a colored prompt, if the terminal has the capability; turned +# off by default to not distract the user: the focus in a terminal window +# should be on the output of commands, not on the prompt +#force_color_prompt=yes + +if [ -n "$force_color_prompt" ]; then + if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then + # We have color support; assume it's compliant with Ecma-48 + # (ISO/IEC-6429). (Lack of such support is extremely rare, and such + # a case would tend to support setf rather than setaf.) + color_prompt=yes + else + color_prompt= + fi +fi + +if [ "$color_prompt" = yes ]; then + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +else + PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' +fi +unset color_prompt force_color_prompt + +# If this is an xterm set the title to user@host:dir +case "$TERM" in +xterm*|rxvt*) + PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" + ;; +*) + ;; +esac + +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" + alias ls='ls --color=auto' + #alias dir='dir --color=auto' + #alias vdir='vdir --color=auto' + + alias grep='grep --color=auto' + alias fgrep='fgrep --color=auto' + alias egrep='egrep --color=auto' +fi + +# colored GCC warnings and errors +#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' + +# some more ls aliases +alias ll='ls -l' +alias la='ls -A' +alias l='ls -CF' + +# Alias definitions. +# You may want to put all your additions into a separate file like +# ~/.bash_aliases, instead of adding them here directly. +# See /usr/share/doc/bash-doc/examples in the bash-doc package. + +if [ -f ~/.bash_aliases ]; then + . ~/.bash_aliases +fi + +# enable programmable completion features (you don't need to enable +# this, if it's already enabled in /etc/bash.bashrc and /etc/profile +# sources /etc/bash.bashrc). +if ! shopt -oq posix; then + if [ -f /usr/share/bash-completion/bash_completion ]; then + . /usr/share/bash-completion/bash_completion + elif [ -f /etc/bash_completion ]; then + . /etc/bash_completion + fi +fi + +# Color + +COLOR=0 + +if [ $COLOR -eq 0 ] ; then + RESET="\[\033[0m\]" + GREEN="\[\033[1;32m\]" + BLUE="\[\033[1;34m\]" + RED="\[\033[1;31m\]" + alias grep="grep --color" +else + RESET="" + GREEN="" + BLUE="" + RED="" +fi + +function get_rc () { + rc=$? + if [ $rc -ne 0 ] ; then + echo "$rc " + fi +} + + +/usr/bin/firstconnect + +export PS1="${RED}\$(get_rc)${RESET}${GREEN}\u@\h${RESET}${BLUE} \w${RESET} $ " +PATH=${PATH}:/sbin/ +cd diff --git a/data/skel/.first b/data/skel/.first new file mode 100644 index 0000000..e69de29 diff --git a/data/skel/.profile b/data/skel/.profile new file mode 100644 index 0000000..d89ea5a --- /dev/null +++ b/data/skel/.profile @@ -0,0 +1,27 @@ +# ~/.profile: executed by the command interpreter for login shells. +# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login +# exists. +# see /usr/share/doc/bash/examples/startup-files for examples. +# the files are located in the bash-doc package. + +# the default umask is set in /etc/profile; for setting the umask +# for ssh logins, install and configure the libpam-umask package. +#umask 022 + +# if running bash +if [ -n "$BASH_VERSION" ]; then + # include .bashrc if it exists + if [ -f "$HOME/.bashrc" ]; then + . "$HOME/.bashrc" + fi +fi + +# set PATH so it includes user's private bin if it exists +if [ -d "$HOME/bin" ] ; then + PATH="$HOME/bin:$PATH" +fi + +# set PATH so it includes user's private bin if it exists +if [ -d "$HOME/.local/bin" ] ; then + PATH="$HOME/.local/bin:$PATH" +fi diff --git a/data/skel/backup.sh b/data/skel/backup.sh new file mode 100644 index 0000000..4da4307 --- /dev/null +++ b/data/skel/backup.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +Backup=$(date +%s)_$(hostname)_isen.tar.bz2 + +echo "BACKUP : /home/isen/${Backup}" + +echo -n "ARCHIVE : " +sudo tar -jcvf /tmp/${Backup} /home/isen /root/ /etc/&> /dev/null +[[ $? -eq 0 ]] && echo OK || echo FAILED + +echo -n "COPY : " +mv /tmp/${Backup} /home/isen/ &> /dev/null + +[[ $? -eq 0 ]] && echo OK || echo FAILED +echo "" + diff --git a/data/ssh/authorized_keys b/data/ssh/authorized_keys new file mode 100644 index 0000000..ec4cf0f --- /dev/null +++ b/data/ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQChw6fXMZTAoV2Derj15FINjGnPbe3AybC6KmIoJue/jvGLVZChBoafEGUhnFDzIA7c/7UDVjC7W4fmTaq4uk1E2bNpm2MtDSyNZFBtmtb1VuQ76hchdmy5LG3uMgKHHO6fgPLQYlpxCKxSWLXUk0DAHj5Y6/ar2QL76w6Q+15zD63CSIITqMXhSRfdKnnGIspqWqjk3e9a/7jmsjaZpaH03gWvOJH/LLWVWuC36wH8MK9+f7HCpl05Rlej3Y9wefoQfga+olxNvSzrfuV3SO1quQtsqjfCX4S8hGmYjZzJAMwf9etgLPa+knPGu8t/eCNGrTOaYxqU7pqD6lw45B8HqpiRx3975k8WJNzqIVX6zWAyoSYN8zwpxnKu06JNIiXH445VkshNoC1o/1MmQj/EKxCc9X6qetrCQCfNua8h+7IFGqpMy7Q6FWj5+q3BBujrX/XDSlx7fTfECVxZamLNHACDeY1YD3shzbDKohQSeKfuRXj3wP/kI8Eu7G9vmvM= root@virgile diff --git a/data/ssh/id_rsa b/data/ssh/id_rsa new file mode 100644 index 0000000..d78c444 --- /dev/null +++ b/data/ssh/id_rsa @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEAocOn1zGUwKFdg3q49eRSDYxpz23twMmwuipiKCbnv47xi1WQoQaG +nxBlIZxQ8yAO3P+1A1Ywu1uH5k2quLpNRNmzaZtjLQ0sjWRQbZrW9VbkO+oXIXZsuSxt7j +IChxzun4Dy0GJacQisUli11JNAwB4+WOv2q9kC++sOkPtecw+twkiCE6jF4UkX3Sp5xiLK +alqo5N3vWv+45rI2maWh9N4FrziR/yy1lVrgt+sB/DCvfn+xwqZdOUZXo92PcHn6EH4Gvq +JcTb0s637ld0jtarkLbKo3wl+EvIRpmI2cyQDMH/XrYCz2vpJzxrvLf3gjRq0zmmMalO6a +g+pcOOQfB6qYkcd/e+ZPFiTc6iFV+s1gMqEmDfM8KcZyrtOiTSIlx+OOVZLITaAtaP9TJk +I/xCsQnPV+qnrawkAnzbmvIfuyBRqqTMu0OhVo+fqtwQbo61/1w0pce303xAlcWWpizRwA +g3mNWA97Ic2wyqIUEnin7kV498D/5CPBLuxvb5rzAAAFiOCeFy7gnhcuAAAAB3NzaC1yc2 +EAAAGBAKHDp9cxlMChXYN6uPXkUg2Mac9t7cDJsLoqYigm57+O8YtVkKEGhp8QZSGcUPMg +Dtz/tQNWMLtbh+ZNqri6TUTZs2mbYy0NLI1kUG2a1vVW5DvqFyF2bLksbe4yAocc7p+A8t +BiWnEIrFJYtdSTQMAePljr9qvZAvvrDpD7XnMPrcJIghOoxeFJF90qecYiympaqOTd71r/ +uOayNpmlofTeBa84kf8stZVa4LfrAfwwr35/scKmXTlGV6Pdj3B5+hB+Br6iXE29LOt+5X +dI7Wq5C2yqN8JfhLyEaZiNnMkAzB/162As9r6Sc8a7y394I0atM5pjGpTumoPqXDjkHweq +mJHHf3vmTxYk3OohVfrNYDKhJg3zPCnGcq7Tok0iJcfjjlWSyE2gLWj/UyZCP8QrEJz1fq +p62sJAJ825ryH7sgUaqkzLtDoVaPn6rcEG6Otf9cNKXHt9N8QJXFlqYs0cAIN5jVgPeyHN +sMqiFBJ4p+5FePfA/+QjwS7sb2+a8wAAAAMBAAEAAAGAIKaJPho32Bm58kvXAWqwVSO+R6 +v8jSkojqr3XPtdU4DaqDEBHD9g9MIuZ3ZRsIEL/vdt5dqDw41aBNYwW1DfP8JhQDOo9PLv +xyo0Qas7MBH1x1IckRiCIW4iUi2t7O+eCnvQhtcTQjVp8sUNDncaXqy8EN6vz0fiHk73hb +P3AGptvAU+nBE4v5wtQOrN4XwsNwNNi8RwB4IOJCJceu6/ndkidJeKgGLZ0+ef6/93SxvY +kEPd8Vf7ARB9qAmUZjN4P6sJzRh5faJl5ZsvjCEFwvcJVO/H7T+25ODBHPUsPIFjJIG2BO +ssnSxRUq3WUqiN8ZUzFsYNfC+GocH5ROw6WiXZ6LLLc4ok3/nmLQWJmuDPDqRmtHS5G81H +99HX6ygQPTZ4w2POWW/MbM0RbTWFFYxUqGG+7gV4k4c6zeHDafFyxp7hTW5J1LJAeqtmA4 +mx7cWowUGjhBDWa6KJA+caCsgUjoFh02VhZZFNQFrFGR4lPvx8Nmi3IYvmY8Ii9moBAAAA +wQC2vxilEbcpkwAR/D9Uaf5L66LurRoUZsrRyPvc9ER1pufvIHzxs6be1/rxpHmPBEp4Kg +5sYJH+q76o1/d/xKDfGBFETNk1kSpOhas11SQaoipj+R+LtwYrJdHezYtYJgN6S1sH5kke +TP7eHvrNO6jhR0MAYHYNcEVWEJRuAQpozDUjdjgeqRilCsz08yBMzC7hcSP5EXh9tY8Rsv +4+m0Ip77KWJHaMpx1oTk+4Xf8GB6sr21WtYxITyloUMHrqUpkAAADBAM65A4HQw+ATga6U +nk674vE+y00NupyqK6EoC37xEc4CILV9uN3nxHtiBCdpiyFDN3nbK+M3p+ql37wzKPrBiI +JsiBf8jtpXkgou6h+VUo8WGsw+TJ858DAoIPVjNSUvSIr+g4Z0HK+sWjmCsRtqBF8E08Ph +t7ntrNQm7LjfJWoGoOfzh2POyhVGZ4qDsq9rOxZzh+MXTzVDlvN25h8DphpkYSPl3sJUot +LTkEfOCsBCyL5KjDRR56xpTAVFy//NswAAAMEAyFMcoD+f5X99Gb/ViBDWETBRE77rl/mL +fYaEsf2YB9BOkBM0KTlSnR+W47Eje+CH5ddH97V3uyPnk5seXOp6h2fxYmacmCjvKxqZjn +sqCoSHcU/HsE1upTGPejx9AY2LT87dQUpzn9ieEc8wIDsKzHdmU6aQDzLeBaKrJuErl4FS +mkuZRC/Jzi75InFRBCTmvVItLkLoAaGy16zsiw/X/Onz7yNGJEKINTllJJ41D5Lf8IvupI +dfPNs0OJTH9t3BAAAADHJvb3RAdmlyZ2lsZQECAwQFBg== +-----END OPENSSH PRIVATE KEY----- diff --git a/data/ssh/id_rsa.pub b/data/ssh/id_rsa.pub new file mode 100644 index 0000000..ec4cf0f --- /dev/null +++ b/data/ssh/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQChw6fXMZTAoV2Derj15FINjGnPbe3AybC6KmIoJue/jvGLVZChBoafEGUhnFDzIA7c/7UDVjC7W4fmTaq4uk1E2bNpm2MtDSyNZFBtmtb1VuQ76hchdmy5LG3uMgKHHO6fgPLQYlpxCKxSWLXUk0DAHj5Y6/ar2QL76w6Q+15zD63CSIITqMXhSRfdKnnGIspqWqjk3e9a/7jmsjaZpaH03gWvOJH/LLWVWuC36wH8MK9+f7HCpl05Rlej3Y9wefoQfga+olxNvSzrfuV3SO1quQtsqjfCX4S8hGmYjZzJAMwf9etgLPa+knPGu8t/eCNGrTOaYxqU7pqD6lw45B8HqpiRx3975k8WJNzqIVX6zWAyoSYN8zwpxnKu06JNIiXH445VkshNoC1o/1MmQj/EKxCc9X6qetrCQCfNua8h+7IFGqpMy7Q6FWj5+q3BBujrX/XDSlx7fTfECVxZamLNHACDeY1YD3shzbDKohQSeKfuRXj3wP/kI8Eu7G9vmvM= root@virgile diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..d100ec4 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,22 @@ +version: '2' + +services: + sshweb: + image: genshen/ssh-web-console + ports: + - "8002:2222" + volumes: + - ./conf:/home/web/conf + networks: + vpcbr: + ipv4_address: 10.10.10.2 + + +networks: + vpcbr: + driver: bridge + ipam: + config: + - subnet: 10.10.10.0/16 + gateway: 10.10.10.1 + diff --git a/docker-compose.yml.orig b/docker-compose.yml.orig new file mode 100644 index 0000000..d3552e2 --- /dev/null +++ b/docker-compose.yml.orig @@ -0,0 +1,25 @@ +version: '2' + +services: + sshweb: + image: genshen/ssh-web-console + ports: + - "8002:2222" + volumes: + - ./conf:/home/web/conf + networks: + - isenssh +#START# + + + machine1: + image: isensshbase + ports: + - "2000:22" + networks: + - isenssh + +#END# +networks: + isenssh: + driver: bridge diff --git a/docker-compose.yml.template.footer b/docker-compose.yml.template.footer new file mode 100644 index 0000000..82277b7 --- /dev/null +++ b/docker-compose.yml.template.footer @@ -0,0 +1,9 @@ + +networks: + vpcbr: + driver: bridge + ipam: + config: + - subnet: 10.10.10.0/16 + gateway: 10.10.10.1 + diff --git a/docker-compose.yml.template.head b/docker-compose.yml.template.head new file mode 100644 index 0000000..ca33a6a --- /dev/null +++ b/docker-compose.yml.template.head @@ -0,0 +1,13 @@ +version: '2' + +services: + sshweb: + image: genshen/ssh-web-console + ports: + - "8002:2222" + volumes: + - ./conf:/home/web/conf + networks: + vpcbr: + ipv4_address: 10.10.10.2 + diff --git a/generate.sh b/generate.sh new file mode 100755 index 0000000..bc1cf5c --- /dev/null +++ b/generate.sh @@ -0,0 +1,65 @@ +#!/bin/bash + +Liste=./data/liste +ID=2000 +tID=2 + + +cp docker-compose.yml.template.head /tmp/docker-compose.yml +rm /tmp/hostname + + +for User in $(cat ${Liste} | grep ^[A-Z][A-Z].*\ [A-Z][a-z] | sed "s#[a-z]#|#g" | cut -d"|" -f1 | sed "s#-# #g"| sed "s# \+#-#g") + do + tID=$(($tID+1)) + + #if [[ ! -z $(mount | grep ${User}) ]] && [[ "$1" == "del" ]] + if [[ "$1" == "del" ]] + then + umount ./data/students/part/${User}_part + rmdir ./data/students/part/${User}_part + rm ./data/students/part/${User} + else + if [[ ! -f ./data/students/part/${User} ]] + then + echo "Generate $User" + touch ./data/students/part/${User} + mkdir ./data/students/part/${User}_part + truncate -s 200M ./data/students/part/${User} &> /dev/null + mke2fs -t ext4 -F ./data/students/part/${User} &> /dev/null + mount ./data/students/part/${User} ./data/students/part/${User}_part + cp -Rf ./data/skel/. ./data/students/part/${User}_part/ + mkdir ./data/students/part/${User}_part/.gen/ + mv ./data/students/part/${User}_part/backup.sh ./data/students/part/${User}_part/.gen/ + echo "host : ${User^^}" | figlet > /tmp/motd + echo "---------" | figlet >> /tmp/motd + echo "Isen 2021 - M 1"| figlet >> /tmp/motd + cp -rfp ./data/ssh/ ./data/students/part/${User}_part/.gen/.ssh + cp -rfp ./data/ssh/ ./data/students/part/${User}_part/.ssh + cp /tmp/motd ./data/students/part/${User}_part/.gen/ + [[ -z $(echo $User | grep -iE "astier|lefebvre|catanese") ]] && rm -f ./data/students/part/${User}_part/.gen/.ssh/id* ./data/students/part/${User}_part/.ssh/id* + chown -Rf 1000:1000 ./data/students/part/${User}_part/ + echo "10.10.10.${tID} ${User,,}" >> /tmp/hostname + echo " + ${User}: + image: isensshbase + hostname: ${User,,} + volumes: + - "./data/students/part/${User}_part:/home/isen" + networks: + vpcbr: + ipv4_address: 10.10.10.${tID} +" >> /tmp/docker-compose.yml + fi + fi + +done + +cat docker-compose.yml.template.footer >> /tmp/docker-compose.yml +cp /tmp/docker-compose.yml . +for Dir in $( ls -1 ./data/students/part/ | grep _part) + do + cp /tmp/hostname ./data/students/part/${Dir}/.gen + done + + diff --git a/regen_inst.sh b/regen_inst.sh new file mode 100755 index 0000000..a38b50d --- /dev/null +++ b/regen_inst.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +for var in $(cat docker-compose.yml | grep [A-Z].*-[A-Z]: | sed "s#:##g" | sed "s# .##g") + do + echo $var + done + + read -p "Which docker instances do you want to restart ? " ans + + if [[ ! -z $(cat docker-compose.yml | grep [A-Z].*-[A-Z]: | sed "s#:##g" | sed "s# .##g" | grep $ans) ]] + then + docker-compose up -d --no-deps $ans + else + echo "$ans don't exist" + fi