emdee/libvirt_cloud
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

added

Browse source
This commit is contained in:
emdee 2024-01-01 01:04:40 +00:00
parent eaf6ffdbef
commit c417a6f3f9
29 changed files with 16625 additions and 608 deletions
Download patch file Download diff file Expand all files Collapse all files

183
roles/ansible-gentoo_install/tasks/#local.yml#
View file

@ -1,183 +0,0 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "DEBUG: ansible-gentoo_install local"
debug:
verbosity: 0
msg: "DEBUG: ansible-gentoo_install local BOX_NBD_DEV={{BOX_NBD_DEV}}"
check_mode: no
- assert:
that:
- "'{{BOX_NBD_DEV}}' != ''"
when: ansible_connection in ['local', 'chroot']
- set_fact:
AGI_use_local_kernel: true
when:
- ansible_distribution == 'Gentoo' or BOX_GENTOO_FROM_MP not in ['/', '']
- set_fact:
AGI_PROXY_MODE: "{{PROXY_MODE|default('')}}"
when:
- PROXY_MODE|default('') != ''
check_mode: no
- set_fact:
AGI_PROXY_MODE: "{{BOX_PROXY_MODE|default('')}}"
when:
- AGI_PROXY_MODE == ''
check_mode: no
- block:
- name: check for mounted disk
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0
ps ax | grep -v grep | \
grep "qemu-nbd.*/dev/nbd.*{{BOX_NBD_BASE_QCOW}}" && \
echo WARN looks like theres an active nbd mount of \
"${BOX_NBD_BASE_QCOW}" && exit 1
exit 2
failed_when: false
changed_when: false
register: check_mounted_disk
check_mode: no
- name: partition if disk not mounted
fail:
msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}"
when:
- check_mounted_disk.rc == 1
check_mode: no
- name: partition if disk not mounted or active
include: disk.yml
when:
- check_mounted_disk.rc > 1
check_mode: no
- name: mount root partition
mount:
name: "{{AGI_NBD_MP}}"
src: "{{ AGI_install_disk }}p3"
fstype: ext4
state: mounted
check_mode: false
- name: create /boot mountpoint
file:
path: "{{AGI_NBD_MP}}/boot"
state: directory
check_mode: false
- name: mount boot partition
mount:
name: "{{AGI_NBD_MP}}/boot"
src: "{{ AGI_install_disk }}p1"
fstype: ext2
state: mounted
check_mode: false
- include: tarball.yml
- include: copy.yml
when: AGI_use_local_kernel
- name: mount distfiles
delegate_to: localhost
shell: |
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] || exit 1
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts && exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/ ] || exit 0
[ -d {{AGI_NBD_MP}}/usr/portage/distfiles ] || mkdir {{AGI_NBD_MP}}/usr/portage/distfiles
mount --bind {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} {{AGI_NBD_MP}}/usr/portage/distfiles
when:
- "MOUNT_GENTOO_DISTFILES_ARCHIVES != ''"
- "AGI_NBD_MP != ''"
- include: chroot.yml
delegate_to: localhost
when: ansible_connection in ['chroot', 'local'] # libvirt?
- block:
- name: check chroot wrapper installed
shell: |
[ -x /var/tmp/chroot_wrapper.sh ] || exit 1
df /mnt/gentoo || exit 2
/var/tmp/chroot_wrapper.sh /bin/df | grep /mnt/gentoo && exit 4
exit 0
register: chroot_out
check_mode: false
- name: enable chroot wrapper
set_fact:
ansible_shell_executable: /var/tmp/chroot_wrapper.sh
old_ansible_python_interpreter: "{{ansible_python_interpreter}}"
ansible_python_interpreter: "/usr/bin/python3"
check_mode: false
when: ansible_connection in ['local']
- block:
- include: portage.yml
- include: misc.yml
- include: network.yml
- include: kernel.yml
when: not AGI_use_local_kernel
- include: bootloader.yml
- include: daemons.yml
# - include: finish.yml
check_mode: false
when:
- "ansible_connection in ['chroot'] or (ansible_connection in ['local'] or and chroot_out.rc|default(1) == 0)"
rescue:
- debug:
msg: "ERROR: error during chroot execution"
- name: disable chroot wrapper
set_fact:
ansible_shell_executable: /bin/sh
ansible_python_interpreter: "{{old_ansible_python_interpreter}}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
check_mode: false
- name: unmount filesystems
mount:
name: "{{AGI_NBD_MP}}/{{ item }}"
state: unmounted
with_items:
- proc
- sys
- dev/pts
- dev/shm
- dev
- boot
- ''
loop_control:
label: "{{AGI_NBD_MP}}/{{ item }}"
when:
- "ansible_connection in ['local'] and chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing
- name: dismount any other mounts
shell: |
if [ -z "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
[ -d "{{MOUNT_GENTOO_DISTFILES_ARCHIVES}}" ] && \
grep {{MOUNT_GENTOO_DISTFILES_ARCHIVES}} /proc/mounts ; then
umount {{MOUNT_GENTOO_DISTFILES_ARCHIVES}}
fi
df -a | grep "{{AGI_NBD_MP}}" | sed -e 's/.* //' | tac | while read elt;do
umount $elt
done
base_chroot_unbind.bash "{{AGI_NBD_MP}}"
when:
- "ansible_connection in ['chroot'] or chroot_out.rc|default(1) == 0"
- false # leave it mounted for testing

8
roles/ansible-gentoo_install/tasks/copy.yml
View file

@ -39,12 +39,12 @@
- name: copy kernel sources
copy:
src: "{{AGI_GENTOO_FROM_MP}}/usr/src/{{kernel_out.stdout}}"
dest: "{{AGI_NBD_MP}}/usr/src"
dest: "{{AGI_NBD_MP}}/usr/src/{{kernel_out.stdout}}"
remote_src: no
creates: "{{AGI_NBD_MP}}/usr/src/{{kernel_out.stdout}}"
when:
- kernel_out.rc|default(1) == 0
- AGI_use_local_kernel
- false
- name: resolve kver
shell: |
@ -99,6 +99,8 @@
when:
- AGI_use_local_kernel
- ramfs_out.rc|default(1) == 0
- false
ignore_errors: true
- name: make directories
shell: |
@ -111,6 +113,6 @@
[ -f "{{AGI_NBD_MP}}/$file" ] && continue
cp -np "$file" "{{AGI_NBD_MP}}/$file"
done
ignore_errors: false
ignore_errors: true
# dracut

25
roles/ansible-gentoo_install/tasks/local.yml
View file

@ -32,12 +32,19 @@
- name: check for mounted disk
shell: |
grep '/dev/{{AGI_NBD_DEV}}' /proc/mounts && exit 0
ps ax | grep -v grep | \
grep "qemu-nbd.*/dev/nbd.*{{BOX_NBD_BASE_QCOW}}" && \
echo WARN looks like theres an active nbd mount of \
"${BOX_NBD_BASE_QCOW}" && exit 1
exit 2
grep '/dev/{{AGI_NBD_DEV}}p3' /proc/mounts && exit 0
if [ ! -f "{{BOX_NBD_BASE_QCOW}}" ] ; then
echo ERROR: not created BOX_NBD_DEV="{{BOX_NBD_DEV}}" - use
echo qemu-img create -f qcow2 "{{BOX_NBD_BASE_QCOW}}" 20G
exit 1
fi
if ! ps ax | grep -v grep | \
grep "qemu-nbd.*{{AGI_NBD_DEV}}.*{{BOX_NBD_BASE_QCOW}}" ; then
echo ERROR: not mounted BOX_NBD_DEV="{{BOX_NBD_DEV}}" - use
echo qemu-nbd -n -f qcow2 -c /dev/nbd1 {{BOX_NBD_BASE_QCOW}}
exit 2
fi
exit 3
failed_when: false
changed_when: false
register: check_mounted_disk
@ -45,15 +52,15 @@
- name: partition if disk not mounted
fail:
msg: "looks like theres an active nbd mount of {{BOX_NBD_BASE_QCOW}}"
msg: "make and nbd mount {{BOX_NBD_BASE_QCOW}}"
when:
- check_mounted_disk.rc == 1
- check_mounted_disk.rc in [2, 1]
check_mode: no
- name: partition if disk not mounted or active
include: disk.yml
when:
- check_mounted_disk.rc > 1
- check_mounted_disk.rc > 2
check_mode: no
- name: mount root partition

30
roles/ansible-gentoo_install/tasks/main.yml
View file

@ -52,6 +52,8 @@
fi
if ! grep -q "{{BOX_NBD_DEV}}" /proc/partitions ; then
echo ERROR: not mounted BOX_NBD_DEV="{{BOX_NBD_DEV}}" - use qemu-nbd
echo qemu-img create -f qcow2 /a/tmp/GentooImgr/gentoo.qcow2 20G
echo qemu-nbd -n -f qcow2 -c /dev/nbd1 /a/tmp/GentooImgr/gentoo.qcow
exit 2
fi
exit 0
@ -71,19 +73,27 @@
fi
fi
# should operate on json with jq
# "imgsize": "20G",
# "memory": 4096,
# "mountpoint": "/mnt/gentoo",
# "imagename": null,
# "initsys": "openrc",
# "iso": null,
# "portage": null,
# "stage3": null,
# "partition": 1
if [ -f "$tofile" ] ; then
# "imgsize": "20G",
sed -i -e 's@"imgsize": ".*"@"imgsize": "{{BOX_NBD_OVERLAY_GB}}"@' $tofile
# "memory": 4096,
sed -i -e 's@"memory": ".*"@"imgsize": "{{BOX_NBD_OVERLAY_RAM}}"@' $tofile
# "mountpoint": "/mnt/gentoo",
sed -i -e 's@"mountpoint": ".*"@"mountpoint": "{{BOX_NBD_MP}}"@' $tofile
# "imagename": null,
sed -i -e 's@"imagename": ".*"@"imagename": "{{BOX_NBD_OVERLAY_NAME}}"@' $tofile
# "initsys": "openrc",
sed -i -e 's@"initsys": ".*"@"initsys: "{{BOX_NBD_BASE_PROFILE}}"@' $tofile
# "iso": null,
# "portage": null,
sed -i -e 's@""portage": ".*"@""portage: "{{BOX_NBD_PORTAGE_FILE}}"@' $tofile
# "stage3": null,
sed -i -e 's@""stage3": ".*"@""stage3: "{{BOX_NBD_STAGE3_FILE}}"@' $tofile
# "partition": 1
sed -i -e 's@"partition": ".*"@"partition": 3@' $tofile
# but this is crucial
# "disk": "/dev/sda",
sed -i -e 's@"disk": ".*"@"disk": "'{{BOX_NBD_DEV}}'"@' $tofile
sed -i -e 's@"disk": ".*"@"disk": "{{BOX_NBD_DEV}}"@' $tofile
grep {{BOX_NBD_DEV}} $tofile || exit 4
fi

193
roles/toxcore/files/gentoo.xml Normal file
View file

@ -0,0 +1,193 @@
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit gentoo
or other application using the libvirt API.
-->
<domain type='kvm'>
<name>gentoo</name>
<uuid>1362f7fd-ea55-4f2f-91c5-3b61ec26c1a0</uuid>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://gentoo.org/gentoo/rolling"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>3121152</memory>
<currentMemory unit='KiB'>2097152</currentMemory>
<memoryBacking>
<source type='memfd'/>
<access mode='shared'/>
</memoryBacking>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-8.1'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/gentoo1.qcow2'/>
<target dev='vda' bus='virtio'/>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<target dev='sda' bus='sata'/>
<readonly/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:be:61:e1'/>
<source network='Whonix-External'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='unix'>
<target type='virtio' name='org.qemu.guest_agent.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='3'/>
</redirdev>
<watchdog model='itco' action='reset'/>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</memballoon>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</rng>
</devices>
</domain>

92
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_build_overlay_qcow.bash Executable file
View file

@ -0,0 +1,92 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# from https://github.com/earlruby/create-vm/
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
BOX=gentoo
export BASE_SRC_ANSIBLE=/o/var/local/src/play_tox
yamllint -c $BASE_SRC_ANSIBLE/.yamllint.rc $BASE_SRC_ANSIBLE/hosts.yml|| {
ERROR
exit 1
}
# put these values in $BASE_SRC_ANSIBLE/hosts.yml
[ -n "$BOX_NBD_OVERLAY_NAME" ] || \
BOX_NBD_OVERLAY_NAME=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NAME $BOX)
[ -n "$BOX_NBD_BASE_PUBKEY" ] || \
BOX_NBD_BASE_PUBKEY=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_PUBKEY $BOX)
[ -n "$BOX_NBD_BASE_QCOW" ] || \
BOX_NBD_BASE_QCOW=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_BASE_QCOW $BOX)
[ -n "$BOX_NBD_OVERLAY_GB" ] || \
BOX_NBD_OVERLAY_GB=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_GB $BOX)
[ -n "$BOX_NBD_OVERLAY_CPUS" ] || \
BOX_NBD_OVERLAY_CPUS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_CPUS $BOX)
[ -n "$BOX_NBD_OVERLAY_RAM" ] || \
BOX_NBD_OVERLAY_RAM=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_RAM $BOX)
[ -n "$BOX_NBD_OVERLAY_DIR" ] || \
BOX_NBD_OVERLAY_DIR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_DIR $BOX)
[ -n "$BOX_NBD_OVERLAY_BR" ] || \
BOX_NBD_OVERLAY_BR=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_BR $BOX)
#[ -n "$BOX_NBD_OVERLAY_NETWORK" ] || \
# BOX_NBD_OVERLAY_NETWORK=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_NETWORK $BOX)
[ -n "$BOX_NBD_OVERLAY_PASS" ] || \
BOX_NBD_OVERLAY_PASS=$( /usr/local/bin/ansible_get_inventory.bash BOX_NBD_OVERLAY_PASS $BOX)
[ ! -f "$BOX_NBD_BASE_QCOW" ] && \
ERROR BOX_NBD_BASE_QCOW=$BOX_NBD_BASE_QCOW must exist && exit 3
[ ! -d "$BOX_NBD_OVERLAY_DIR" ] && \
ERROR BOX_NBD_OVERLAY_DIR=$BOX_NBD_OVERLAY_DIR must exist && exit 5
[ -z "$BOX_NBD_OVERLAY_BR" ] && \
ERROR BOX_NBD_OVERLAY_BR=$BOX_NBD_OVERLAY_BR must not be null && exit 5
[ -n "$BOX_NBD_DEV" ] && grep "$BOX_NBD_DEV" /proc/mounts && WARN "$BOX_NBD_DEV" is mounted
export BOX_NBD_OVERLAY_DIR
# libvirt.libvirtError: Network not found: no network with matching name 'default'a
DBUG bash toxcore_create-vm.bash \
-n $BOX_NBD_OVERLAY_NAME \
-k $BOX_NBD_BASE_PUBKEY \
-i $BOX_NBD_BASE_QCOW \
-s $BOX_NBD_OVERLAY_GB \
-b $BOX_NBD_OVERLAY_BR \
-c $BOX_NBD_OVERLAY_CPUS \
-r $BOX_NBD_OVERLAY_RAM \
-d $BOX_NBD_OVERLAY_DIR \
-p $BOX_NBD_OVERLAY_PASS \
-o gentoo
bash toxcore_create-vm.bash \
-n $BOX_NBD_OVERLAY_NAME \
-k $BOX_NBD_BASE_PUBKEY \
-i $BOX_NBD_BASE_QCOW \
-s $BOX_NBD_OVERLAY_GB \
-b $BOX_NBD_OVERLAY_BR \
-c $BOX_NBD_OVERLAY_CPUS \
-r $BOX_NBD_OVERLAY_RAM \
-d $BOX_NBD_OVERLAY_DIR \
-p $BOX_NBD_OVERLAY_PASS \
-o gentoo < /dev/null
retval=$?
[ $retval -gt 0 ] && exit 1$retval
[ -f $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img ] && \
INFO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img || {
ERROR NO $BOX_NBD_OVERLAY_DIR/images/$BOX_NBD_OVERLAY_NAME.img ; exit 2$retval ; }
INFO virsh define $BOX_NBD_OVERLAY_NAME
virsh define $BOX_NBD_OVERLAY_DIR/$BOX_NBD_OVERLAY_NAME.img
sleep 5
INFO virsh net-dhcp-leases default
sudo virsh net-dhcp-leases default
sudo find /var/lib/libvirt/qemu/channel/target/*${BOX_NBD_OVERLAY_NAME}* \
-name org.qemu.guest_agent.0

125
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_check_modules.bash Executable file
View file

@ -0,0 +1,125 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/local/bin/usr_local_tput.bash || exit 2
# FixMe - systemd
MYID=`id -u`
# or use sudo? or just diagnostics? $prog should be run as root $MYID
[ $MYID -eq 0 ] && sudo= || sudo="WARN as root - sudo"
grep -q iommu=pt /proc/cmdline || WARN 'iommu=pt not on command line'
grep -q intel_iommu=on /proc/cmdline || WARN 'intel_iommu=on not on command line'
# https://wiki.archlinux.org/index.php/PCI_passthrough_via_OVMF#Setting_up_IOMMU
shopt -s nullglob
if [ $MYID -eq 0 ] ; then
[ -s "$TOXCORE_LOG_DIR"/iommu_groups.log ] || \
for g in /sys/kernel/iommu_groups/*; do
echo "IOMMU Group ${g##*/}:"
for d in $g/devices/*; do
echo -e "\t$(lspci -nns ${d##*/})"
done
done 2>&1|tee "$TOXCORE_LOG_DIR"/iommu_groups.log
b=`wc -l "$TOXCORE_LOG_DIR"/iommu_groups.log|sed -e 's/ .*//'`
[ $? -eq 0 -a -n "$b" -a "$b" -gt 0 ] || dmesg | grep -q 'DMAR: IOMMU enabled' || WARN 'IOMMU not active'
fi
if ifconfig -a | grep ^eth ; then
INFO eth present
else
WARN eth NOT present
lspci -v | grep '0[1-9]:00.0 Ethernet controller' || {
WARN Ethernet NOT present
rmmod r8169
modprobe r8169 debug=6
}
true || [ -f /var/lib/libvirt/net.xml ] || cat > /var/lib/libvirt/net.xml << EOF
<network>
<name>network</name>
<uuid>3f1b2eb3-98da-4e6d-8ad8-30e0e05a21d4</uuid>
<forward mode="nat"/>
<bridge name="virbr0" stp="on" delay="0"/>
<mac address="52:54:00:14:17:cf"/>
<domain name="network"/>
<ip address="192.168.100.1" netmask="255.255.255.0">
<dhcp>
<range start="192.168.100.128" end="192.168.100.254"/>
</dhcp>
</ip>
</network>
EOF
ifconfig -a |grep ^eth && {
ifconfig -a |grep ^virbr || {
$sudo virsh net-create /var/lib/libvirt/net.xml
}
}
fi
#4?
MODS4=(
nf_conntrack_ipv4
nf_nat_ipv4
)
MODS=(
ip_tables
iptable_filter
iptable_nat
iptable_mangle
ipt_REJECT
nf_conntrack
nf_defrag_ipv4
#5? nf_log_common
#5? nf_log_syslog
nf_log_ipv4
nf_nat
nf_reject_ipv4
nft_masq
xt_MASQUERADE
x_tables
bridge
br_netfilter
)
# bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
lsmod | sort > /tmp/$$.lsmod
for mod in "${MODS[@]}" ; do
grep -q ^$mod /tmp/$$.lsmod || $sudo modprobe $mod
done
rm -f /tmp/$$.lsmod
# selectively activate runtime features
[ "$#" -eq 0 ] && exit 0
if [ "$1" = "libvirt" ] ; then
/etc/init.d/libvirtd status || $sudo /etc/init.d/libvirtd start
ifconfig -a | grep virbr0 || {
WARN virbr0 not present - modprobe "${MODS[@]}" ; }
fi
if [ "$1" = "qemu" ] ; then
lsmod | grep -q kvm || $sudo modprobe kvm
exit 0
fi
if [ "$1" = "docker" ] ; then
#? modules for docker?
/etc/init.d/docker status || $sudo /etc/init.d/docker start
exit 0
fi
exit 0

14385
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_create-ga.sh Executable file
View file

File diff suppressed because it is too large Load diff

420
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_create-vm.bash Executable file
View file

@ -0,0 +1,420 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# from https://github.com/earlruby/create-vm/
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
# create-vm - Quickly create guest VMs using cloud image files and cloud-init.
# Copyright 2018-2023 Earl C. Ruby III
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# Set BOX_NBD_OVERLAY_DIR environment variable to override default storage location for VMs
HOSTNAME=
IMG_FQN=
AUTH_KEYS_FQN=
RAM=2048
VCPUS=1
STORAGE=20
BRIDGE=virbr1
MAC='52:54:00:1d:9c:6f'
VERBOSE=
PASS=
OSINFO=gentoo
password=ansible
OUTDIR=${BOX_NBD_OVERLAY_DIRs:-"${HOME}/vms/virsh"}
usage()
{
cat << EOF
usage: $0 options
Quickly create guest VMs using cloud image files and cloud-init.
OPTIONS:
-h Show this message
-n Host name (required)
-i Full path and name of the base .img file to use (required)
-k Full path and name of the ansible user's public key file (required)
-d Output directory for the overlay qcow2 and related files
-r RAM in MB (defaults to ${RAM})
-c Number of VCPUs (defaults to ${VCPUS})
-s Amount of storage to allocate in GB (defaults to ${STORAGE})
-b Bridge interface to use (defaults to ${BRIDGE})
-m MAC address to use (default is to use a randomly-generated MAC)
-o OSINFO name like win11, win10, fedora32, gentoo, ububtu20
-p ansible users plaintext password
-v Verbose
EOF
}
while getopts "h:n:i:k:r:c:s:b:m:o:p:d:v" option; do
case "${option}"
in
h)
usage
exit 0
;;
n) HOSTNAME=${OPTARG};;
i) IMG_FQN=${OPTARG};;
k) AUTH_KEYS_FQN=${OPTARG};;
r) RAM=${OPTARG};;
c) VCPUS=${OPTARG};;
s) STORAGE=${OPTARG};;
b) BRIDGE=${OPTARG};;
m) MAC=${OPTARG};;
p) PASS=${OPTARG};;
o) password=${OPTARG};;
d) OUTDIR=${OPTARG};
BOX_NBD_OVERLAY_DIR=${OUTDIR};;
v) VERBOSE=1;;
*)
ERROR unhandled option "${option}" ${OPTARG}
usage
exit 1
;;
esac
done
if [[ -z $HOSTNAME ]]; then
ERROR "Host name is required"
usage
exit 1
fi
if [[ -z $IMG_FQN ]]; then
ERROR "Base cloud image file name is required"
usage
exit 1
fi
if [[ -z $BOX_NBD_OVERLAY_DIR ]]; then
ERROR "Output image directory is required BOX_NBD_OVERLAY_DIR"
usage
exit 1
fi
if [[ -z $AUTH_KEYS_FQN ]]; then
ERROR "ansible public key file $AUTH_KEYS_FQN not found"
usage
exit 1
fi
if ! [[ -f $IMG_FQN ]]; then
ERROR "$IMG_FQN file not found"
usage
exit 1
fi
if [[ -n $VERBOSE ]]; then
INFO "Building ${HOSTNAME} in $BOX_NBD_OVERLAY_DIR"
set -xv
fi
mkdir -p "$BOX_NBD_OVERLAY_DIR"/{images,xml,init,base} || exit 2
echo "Creating a qcow2 image file ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img that uses the cloud image file ${IMG_FQN} as its base"
INFO qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 "${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G"
qemu-img create -b "${IMG_FQN}" -f qcow2 -F qcow2 "${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img" "${STORAGE}G" || exit 3
echo "Creating meta-data file $BOX_NBD_OVERLAY_DIR/init/meta-data"
cat > "$BOX_NBD_OVERLAY_DIR/init/meta-data" << EOF
instance-id: ${HOSTNAME}
local-hostname: ${HOSTNAME}
EOF
# echo "Creating meta-data file $BOX_NBD_OVERLAY_DIR/init/meta-data.json"
# cat > "$BOX_NBD_OVERLAY_DIR/init/meta-data.json" << EOF
cat > /dev/null << EOF
{
"admin_pass": "root",
"availability_zone": "nova",
"hostname": "test.novalocal",
"launch_index": 0,
"name": "gentoo6",
"meta": {
"role": "webservers",
"essential": "false"
},
"public_keys": {
"mykey": " ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRCJCQ1UD9QslWDSw5Pwsvba0Wsf1pO4how5BtNaZn0xLZpTq2nqFEJshUkd/zCWF7DWyhmNphQ8c+U+wcmdNVcg2pI1kPxq0VZzBfZ7cDwhjgeLsIvTXvU+HVRtsXh4c5FlUXpRjf/x+a3vqFRvNsRd1DE+5ZqQHbOVbnsStk3PZppaByMg+AZZMx56OUk2pZCgvpCwj6LIixqwuxNKPxmJf45RyOsPUXwCwkq9UD4me5jksTPPkt3oeUWw1ZSSF8F/141moWsGxSnd5NxCbPUWGoRfYcHc865E70nN4WrZkM7RFI/s5mvQtuj8dRL67JUEwvdvEDO0EBz21FV/iOracXd2omlTUSK+wYrWGtiwQwEgr4r5bimxDKy9L8UlaJZ+ONhLTP8ecTHYkaU1C75sLX9ZYd5YtqjiNGsNF+wdW6WrXrQiWeyrGK7ZwbA7lagSxIa7yeqnKDjdkcJvQXCYGLM9AMBKWeJaOpwqZ+dOunMDLd5VZrDCU2lpCSJ1M="
},
"uuid": "83679162-1378-4288-a2d4-70e13ec132aa"
}
EOF
# password=`openssl passwd -1 -stdin <<< $password`
echo "Creating user-data file $BOX_NBD_OVERLAY_DIR/init/user-data"
# https://techglimpse.com/nova-boot-instance-with-password/
cat > "$BOX_NBD_OVERLAY_DIR/init/user-data" << EOF
#cloud-config
# password: ansible
# chpasswd: { expire: False }
ssh_pwauth: true
runcmd:
- "rc-update add qemu-guest-agent"
- "chmod 755 /etc/init.d/qemu-guest-agent"
- "/etc/init.d/qemu-guest-agent start"
- "echo /etc/init.d/qemu-guest-agent start >> /etc/rc.local"
users:
- default
- name: ansible
sudo: ["ALL=(ALL) NOPASSWD:ALL"]
groups:
- wheel
- adm
shell: /bin/bash
plain_text_password: "$password"
chpasswd: { expire: False }
homedir: /home/ansible
ssh_pwauth: true
ssh_authorized_keys:
- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRCJCQ1UD9QslWDSw5Pwsvba0Wsf1pO4how5BtNaZn0xLZpTq2nqFEJshUkd/zCWF7DWyhmNphQ8c+U+wcmdNVcg2pI1kPxq0VZzBfZ7cDwhjgeLsIvTXvU+HVRtsXh4c5FlUXpRjf/x+a3vqFRvNsRd1DE+5ZqQHbOVbnsStk3PZppaByMg+AZZMx56OUk2pZCgvpCwj6LIixqwuxNKPxmJf45RyOsPUXwCwkq9UD4me5jksTPPkt3oeUWw1ZSSF8F/141moWsGxSnd5NxCbPUWGoRfYcHc865E70nN4WrZkM7RFI/s5mvQtuj8dRL67JUEwvdvEDO0EBz21FV/iOracXd2omlTUSK+wYrWGtiwQwEgr4r5bimxDKy9L8UlaJZ+ONhLTP8ecTHYkaU1C75sLX9ZYd5YtqjiNGsNF+wdW6WrXrQiWeyrGK7ZwbA7lagSxIa7yeqnKDjdkcJvQXCYGLM9AMBKWeJaOpwqZ+dOunMDLd5VZrDCU2lpCSJ1M="
EOF
echo "Adding keys from the public key file $AUTH_KEYS_FQN to the user-data file"
while IFS= read -r key; do
echo " - $key" >> "$BOX_NBD_OVERLAY_DIR/init/user-data"
done < <(grep -v '^ *#' < "$AUTH_KEYS_FQN")
VM_IMAGE_DIR="$BOX_NBD_OVERLAY_DIR"
#old . /usr/local/bin/toxcore_create-ga.sh || exit 4
cat > "$BOX_NBD_OVERLAY_DIR/init/user-data" << \EOF
#!/bin/bash
# typically only executes on first boot
echo "############# user_data executing ##############"
#grep gentoo /etc/shadow
sed -e 's/#-:ALL:ALL/+:gentoo:ALL/' -i /etc/security/access.conf
PW=`echo $PASS | openssl passwd -1 --stdin `
grep -q ^gentoo /etc/passwd || \
useradd --gid 4 --uid 1000 --home-dir /home/gentoo \
--comment Gentoo --password "$PW" \
-G adm,wheel --shell /bin/bash gentoo
usermod --password "$PW" -G adm,wheel gentoo
# root
usermod --password '$1$1Ho4y/W8$5VymfKWWAhLxwkkPZiWTZ1' root
# unlock account
passwd -u gentoo
passwd -u root
sed -e 's/# %wheel /%wheel /' -i /etc/sudoers
sed -e 's/PasswordAuthentication no/PasswordAuthentication yes/' -i /etc//ssh/sshd_config
sed -e 's/PermitRootLogin.*/PermitRootLogin yes/' -i /etc//ssh/sshd_config
grep net.ipv4.ip_forward=1 /etc/sysctl.conf || \
echo net.ipv4.ip_forward=1 >> /etc/sysctl.conf
cd /etc/init.d
[ -e net.eth0 ] || ln -s net.lo net.eth0
for elt in i o linuxPen19 ; do
grep -q $elt /etc/fstab && continue
echo "$elt /mnt/$elt virtiofs defaults 0 0" >> /etc/fstab
done
#grep gentoo /etc/shadow
EOF
echo "Generating the cidata ISO file $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.iso"
(
cd "$BOX_NBD_OVERLAY_DIR/init/"
genisoimage \
-output "$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img" \
-volid cidata \
-rational-rock \
-joliet \
-input-charset utf-8 \
user-data meta-data
) || exit 5
MACCMD=
if [[ -n $MAC ]]; then
MACCMD="--mac=${MAC}"
fi
[ -f ${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img ] || exit 5
[ -f $BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img ] || exit 6
# libvirt.libvirtError: /usr/lib/qemu/qemu-bridge-helper --use-vnet --br=-c --fd=31: failed to communicate with bridge helper: stderr=failed to parse default acl file `/etc/qemu/bridge.conf'
if [ ! -f "/etc/qemu/bridge.conf" ] ; then
echo allow $BRIDGE >> "/etc/qemu/bridge.conf"
elif ! grep $BRIDGE "/etc/qemu/bridge.conf" ; then
echo allow $BRIDGE >> "/etc/qemu/bridge.conf"
fi
if [ $BRIDGE = virbr0 ] ; then
network=default
# 192.168.122.248/24
elif [ $BRIDGE = virbr1 ] ; then
network=Whonix-External
else
WARN unrecognized $BRIDGE
fi
if [ "$network" != '' ] ; then
virsh net-list | grep -q $network || \
virsh net-start $network
fi
sudo ifconfig -a | grep $BRIDGE && \
NETWORK="--network bridge=${BRIDGE},model=virtio" || \
WARN bridge $BRIDGE not running. not adding a network
NETWORK="--network network=default,model=virtio"
INFO virt-install \
--name="${HOSTNAME}" \
--osinfo "$OSINFO" \
--import \
--name="${HOSTNAME}" \
--disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
--ram="${RAM}" \
--vcpus="${VCPUS}" \
--autostart \
--hvm \
--arch x86_64 \
--accelerate \
--check-cpu \
--force \
--watchdog=default \
--graphics spice,listen=socket \
--channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel type=unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
--network "bridge=${BRIDGE},model=virtio" \
--rng /dev/urandom \
--os-variant detect=on,name=$OSINFO \
--noautoconsole
# squelch warnings
python3.sh `which virt-install` \
--name="${HOSTNAME}" \
--osinfo "$OSINFO" \
--import \
--disk "path=${BOX_NBD_OVERLAY_DIR}/images/${HOSTNAME}.img,format=qcow2" \
--disk "path=$BOX_NBD_OVERLAY_DIR/images/${HOSTNAME}-cidata.img,device=cdrom" \
--ram="${RAM}" \
--vcpus="${VCPUS}" \
--autostart \
--hvm \
--arch x86_64 \
--accelerate \
--check-cpu \
--force \
--watchdog=default \
--graphics spice,listen=socket \
--filesystem /,/mnt/linuxPen19 \
--channel spicevmc,target.type=virtio,target.name=com.redhat.spice.0 \
--channel unix,target.type=virtio,target.name=org.qemu.guest_agent.0 \
$NETWORK \
--rng /dev/urandom \
--os-variant detect=on,name=$OSINFO \
--noautoconsole \
|| exit 7
# --debug
#? --shmem name=shmem_server,type="memfd",mode="shared"
# --shmem name=shmem0 ivshmem device is not supported with this QEMU binary
# was --graphics vnc,listen=0.0.0.0
# --osinfo "$OSINFO" \
# Make a backup of the VM's XML definition file
virsh dumpxml "${HOSTNAME}" > "${BOX_NBD_OVERLAY_DIR}/xml/${HOSTNAME}.xml" || exit 8
INFO wrote xml `ls -l ${BOX_NBD_OVERLAY_DIR}/xml/${HOSTNAME}.xml`
if [ -n "$VERBOSE" ]; then
set +xv
fi
# problems: type=qemu-vdagent unix unix=on
# problems: type="spicevmc
# ERROR Unknown --channel options: ['unix']
cp "${BOX_NBD_OVERLAY_DIR}/xml/${HOSTNAME}.xml" \
"${BOX_NBD_OVERLAY_DIR}/xml/${HOSTNAME}.xml".new
cat > /tmp/ga.works <<EOF
<channel type="unix">
<source mode="bind" path="/var/lib/libvirt/qemu/channel/target/domain-25-gentoo1/org.qemu.guest_agent.0"/>
<target type="virtio" name="org.qemu.guest_agent.0" state="connected"/>
<address type="virtio-serial" controller="0" bus="0" port="2"/>
</channel>
EOF
cat > /tmp/sp.works <<EOF
<channel type="spicevmc">
<target type="virtio" name="com.redhat.spice.0" state="disconnected"/>
<address type="virtio-serial" controller="0" bus="0" port="1"/>
</channel>
EOF
# Show running VMs
virsh list | grep "${HOSTNAME}" && INFO "${HOSTNAME}" || { ERROR "${HOSTNAME}" ; exit 9$? ; }
# use the following passwordless demonstration key for testing or
# replace with your own key pair
#
# -----BEGIN OPENSSH PRIVATE KEY-----
# b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn
# NhAAAAAwEAAQAAAYEA0QiQkNVA/ULJVg0sOT8LL22tFrH9aTuIaMOQbTWmZ9MS2aU6tp6h
# RCbIVJHf8wlhew1soZjaYUPHPlPsHJnTVXINqSNZD8atFWcwX2e3A8IY4Hi7CL0171Ph1U
# bbF4eHORZVF6UY3/8fmt76hUbzbEXdQxPuWakB2zlW57ErZNz2aaWgcjIPgGWTMeejlJNq
# WQoL6QsI+iyIsasLsTSj8ZiX+OUcjrD1F8AsJKvVA+JnuY5LEzz5Ld6HlFsNWUkhfBf9eN
# ZqFrBsUp3eTcQmz1FhqEX2HB3POuRO9JzeFq2ZDO0RSP7OZr0Lbo/HUS+uyVBML3bxAztB
# Ac9tRVf4jq2nF3dqJpU1EivsGK1hrYsEMBIK+K+W4psQysvS/FJWiWfjjYS0z/HnEx2JGl
# NQu+bC1/WWHeWLao4jRrDRfsHVulq160Ilnsqxiu2cGwO5WoEsSGu8nqpyg43ZHCb0FwmB
# izPQDASlniWjqcKmfnTrpzAy3eVWawwlNpaQkidTAAAFgGKSj8diko/HAAAAB3NzaC1yc2
# EAAAGBANEIkJDVQP1CyVYNLDk/Cy9trRax/Wk7iGjDkG01pmfTEtmlOraeoUQmyFSR3/MJ
# YXsNbKGY2mFDxz5T7ByZ01VyDakjWQ/GrRVnMF9ntwPCGOB4uwi9Ne9T4dVG2xeHhzkWVR
# elGN//H5re+oVG82xF3UMT7lmpAds5VuexK2Tc9mmloHIyD4BlkzHno5STalkKC+kLCPos
# iLGrC7E0o/GYl/jlHI6w9RfALCSr1QPiZ7mOSxM8+S3eh5RbDVlJIXwX/XjWahawbFKd3k
# 3EJs9RYahF9hwdzzrkTvSc3hatmQztEUj+zma9C26Px1EvrslQTC928QM7QQHPbUVX+I6t
# pxd3aiaVNRIr7BitYa2LBDASCvivluKbEMrL0vxSVoln442EtM/x5xMdiRpTULvmwtf1lh
# 3li2qOI0aw0X7B1bpatetCJZ7KsYrtnBsDuVqBLEhrvJ6qcoON2Rwm9BcJgYsz0AwEpZ4l
# o6nCpn5066cwMt3lVmsMJTaWkJInUwAAAAMBAAEAAAGAEuz77Hu9EEZyujLOdTnAW9afRv
# XDOZA6pS7yWEufjw5CSlMLwisR83yww09t1QWyvhRqEyYmvOBecsXgaSUtnYfftWz44apy
# /gQYvMVELGKaJAC/q7vjMpGyrxUPkyLMhckALU2KYgV+/rj/j6pBMeVlchmk3pikYrffUX
# JDY990WVO194Dm0buLRzJvfMKYF2BcfF4TvarjOXWAxSuR8www050oJ8HdKahW7Cm5S0po
# FRnNXFGMnLA62vN00vJW8V7j7vui9ukBbhjRWaJuY5rdG/UYmzAe4wvdIEnpk9xIn6JGCp
# FRYTRn7lTh5+/QlQ6FXRP8Ir1vXZFnhKzl0K8Vqh2sf4M79MsIUGAqGxg9xdhjIa5dmgp8
# N18IEDoNEVKUbKuKe/Z5yf8Z9tmexfH1YttjmXMOojBvUHIjRS5hdI9NxnPGRLY2kjAzcm
# gV9Rv3vtdF/+zalk3fAVLeK8hXK+di/7XTvYpfJ2EZBWiNrTeagfNNGiYydsQy3zjZAAAA
# wBNRak7UrqnIHMZn7pkCTgceb1MfByaFtlNzd+Obah54HYIQj5WdZTBAITReMZNt9S5NAR
# M8sQB8UoZPaVSC3ppILIOfLhs6KYj6RrGdiYwyIhMPJ5kRWF8xGCLUX5CjwH2EOq7XhIWt
# MwEFtd/gF2Du7HUNFPsZGnzJ3e7pDKDnE7w2khZ8CIpTFgD769uBYGAtk45QYTDo5JroVM
# ZPDq08Gb/RhIgJLmIpMwyreVpLLLe8SwoMJJ+rihmnJZxO8gAAAMEA0lhiKezeTshht4xu
# rWc0NxxD84a29gSGfTphDPOrlKSEYbkSXhjqCsAZHd8S8kMr3iF6poOk3IWSvFJ6mbd3ie
# qdRTgXH9Thwk4KgpjUhNsQuYRHBbI59Mo+BxSI1B1qzmJSGdmCBL54wwzZmFKDQPQKPxiL
# n0Mlc7GooiDMjT1tbuW/O1EL5EqTRqwgWPTKhBA6r4PnGF150hZRIMooZkD2zX6b1sGojk
# QpvKkEykTwnKCzF5TXO8+wJ3qbcEo9AAAAwQD+Z0r68c2YMNpsmyj3ZKtZNPSvJNcLmyD/
# lWoNJq3djJN4s2JbK8l5ARUdW3xSFEDI9yx/wpfsXoaqWnygP3PoFw2CM4i0EiJiyvrLFU
# r3JLfDUFRy3EJ24RsqbigmEsgQOzTl3xfzeFPfxFoOhokSvTG88PQji1AYHz5kA7p6Zfaz
# Ok11rJYIe7+e9B0lhku0AFwGyqlWQmS/MhIpnjHIk5tP4heHGSmzKQWJDbTskNWd6aq1G7
# 6HWfDpX4HgoM8AAAALaG9sbWFuYkBhcmM=
# -----END OPENSSH PRIVATE KEY-----
#

80
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_daily.bash Normal file
View file

@ -0,0 +1,80 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# The idea here is to run ansible_local.bash --tags daily
# and then use this to do the parsing and throwing errors based on the output.
# This way the ansible run can be free from erroring and this can be
# run repeatedly anytime outside of ansible to deal with the issues raised.
# It is also run at the end of ansible_local.bash --tags daily to raise the issues.
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/locaal/etc/testforge/testforge.bash
TOXCORE_LOG_DIR=$PREFIX/var/log
[ -d $TOXCORE_LOG_DIR ] || mkdir -p $TOXCORE_LOG_DIR
MYID=`id -u`
[ $MYID -eq 0 ] || WARN $prog should be run as root $MYID
which ansifilter >/dev/null 2>&1 && ansifilter=ansifilter || ansifilter=cat
ly=daily
i=0
errs=0
warns=0
WLOG="$TOXCORE_LOG_DIR"/$ly/W$prog$$.log
ELOG="$TOXCORE_LOG_DIR"/$ly/E$prog$$.log
#?ols_make_testforge_logs $TOXCORE_LOG_DIR
find "$TOXCORE_LOG_DIR"/$ly/ -type f -name W${prog}*.log -o -name E${prog}*.log -mtime +1 -delete
if virsh list | grep -q Whonix-Gateway ; then
/usr/local/bin/toxcore_libvirt_test_ga.bash
fi
# -%d
if ls /var/log/libvirt/qemu/*.log 2>/dev/null ; then
sudo grep ^`date +%Y-%m`.*warning /var/log/libvirt/qemu/*.log | tee -a $WLOG
fi
# FixMe missing
[ -x $PREFIX/bin/toxcore_libvirt_test_xml.bash ] && \
$PREFIX/bin/toxcore_libvirt_test_xml.bash 2>&1 | grep WARN: >> $WLOG
if which virt-host-validate 2>/dev/null ; then
[ -f $TOXCORE_LOG_DIR/daily/virt-host-validate.log ] || \
sudo virt-host-validate > $TOXCORE_LOG_DIR/daily/virt-host-validate.log 2>&1
b=`grep FAIL $TOXCORE_LOG_DIR/daily/virt-host-validate.log|wc -l|sed -e 's/ .*//'`
[ $? -eq 0 -a -n "$b" -a $b -gt 0 ]
b=`grep WARN $TOXCORE_LOG_DIR/daily/virt-host-validate.log|wc -l|sed -e 's/ .*//'`
[ $? -eq 0 -a -n "$b" -a $b -gt 0 ] && \
WARN $b WARN in $TOXCORE_LOG_DIR/$ly/virt-host-validate.log $warns | tee -a $WLOG
fi
if /etc/init.d/libvirtd status ; then
virsh list | grep '^ [0-9]' | while read id elt rest ; do
[ $rest = running ] || continue
virsh dumpxml $elt | grep org.qemu.guest_agent.0.*connected || \
WARN org.qemu.guest_agent not connected for $elt |tee -a $WLOG
# <target type='virtio' name='com.redhat.spice.0' state='connected'/>
# <target type='virtio' name='org.qemu.guest_agent.0' state='connected'/>
done
fi
warns=`grep -c WARN: "$WLOG"`
[ $warns -ne 0 ] && \
WARN "$prog $ly $warns warnings in $WLOG"
errs=`grep -c ERROR: "$ELOG"`
[ $errs -ne 0 ] && \
ERROR "$prog $ly $errs errors in $ELOG" && \
exit -$errs
[ $warns -eq 0 -a $errs -eq 0 ] && \
ols_clean_testforge_logs $TOXCORE_LOG_DIR && \
INFO "No $ly errors in $TOXCORE_LOG_DIR"
exit 0

61
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_delete-vm.bash Executable file
View file

@ -0,0 +1,61 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# from https://github.com/earlruby/create-vm/
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
# delete-vm - Delete a virtual machine created with create-vm
# Copyright 2018-2023 Earl C. Ruby III
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
VM=$1
# Set VM_IMAGE_DIR environment variable to override default storage location for VMs
VM_IMAGE_DIR=${VM_IMAGE_DIR:-"${HOME}/vms/virsh"}
VM_IMAGE="${VM_IMAGE_DIR}/images/$VM.img"
CI_IMAGE="${VM_IMAGE_DIR}/images/$VM-cidata.img"
usage()
{
cat << EOF
usage: $0 vmname
EOF
}
if [[ -z $VM ]]; then
usage
exit 1
fi
if [[ -e $VM_IMAGE ]]; then
# VM exists
virsh destroy "$VM"
virsh undefine "$VM"
rm -fv "$VM_IMAGE" "$CI_IMAGE"
else
echo "Cannot find an VM image file named '$VM_IMAGE'. Attempting undefine..."
virsh undefine "$VM"
fi

55
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_get-vm-ip.bash Executable file
View file

@ -0,0 +1,55 @@
#!/bin/bash
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# from https://github.com/earlruby/create-vm/
[ -f /usr/local/bin/usr_local_tput.bash ] && \
. /usr/local/bin/usr_local_tput.bash || {
DBUG() { echo DEBUG $* ; }
INFO() { echo INFO $* ; }
WARN() { echo WARN $* ; }
ERROR() { echo ERROR $* ; }
}
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/local/etc/testforge/testforge.bash
[ -n "$HOSTVMS_VAR_LOCAL" ] && PREFIX=$HOSTVMS_VAR_LOCAL
# get-node-ip - Get the IP address of a VM managed by virsh.
# Copyright 2018-2023 Earl C. Ruby III
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
usage()
{
cat << EOF
usage: $0 hostname
This script will take a virsh-managed VM hostname and return the IP address.
EOF
}
HOSTNAME=$1
if [[ -z $HOSTNAME ]]; then
echo "ERROR: Hostname is required"
usage
exit 1
fi
MAC=$(virsh domiflist $HOSTNAME | awk '{ print $5 }' | tail -2 | head -1)
arp -a | grep $MAC | awk '{ print $2 }' | sed 's/[()]//g'
INFO MAC=$MAC arp=$arp

56
roles/toxcore/overlay/Linux/usr/local/bin/toxcore_hourly.bash Normal file
View file

@ -0,0 +1,56 @@
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
# The idea here is to run ansible_local.bash --tags daily
# and then use this to do the parsing and throwing errors based on the output.
# This way the ansible run can be free from erroring and this can be
# run repeatedly anytime outside of ansible to deal with the issues raised.
# It is also run at the end of ansible_local.bash --tags daily to raise the issues.
prog=`basename $0 .bash`
PREFIX=/usr/local
ROLE=toxcore
. /usr/locaal/etc/testforge/testforge.bash
TOXCORE_LOG_DIR=$PREFIX/var/log
[ -d $TOXCORE_LOG_DIR ] || mkdir -p $TOXCORE_LOG_DIR
MYID=`id -u`
[ $MYID -eq 0 ] || WARN $prog should be run as root $MYID
which ansifilter >/dev/null 2>&1 && ansifilter=ansifilter || ansifilter=cat
ly=hourly
i=0
errs=0
warns=0
WLOG="$TOXCORE_LOG_DIR"/$ly/W$prog$$.log
ELOG="$TOXCORE_LOG_DIR"/$ly/E$prog$$.log
#?ols_make_testforge_logs $TOXCORE_LOG_DIR
find "$TOXCORE_LOG_DIR"/$ly/ -type f -name W${prog}*.log -o -name E${prog}*.log -mtime +1 -delete
if virsh list | grep -q Whonix-Gateway ; then
/usr/local/bin/toxcore_libvirt_test_ga.bash
fi
# -%d
if ls /var/log/libvirt/qemu/*.log 2>/dev/null ; then
sudo grep ^`date +%Y-%m`.*warning /var/log/libvirt/qemu/*.log | tee -a $WLOG
fi
warns=`grep -c WARN: "$WLOG"`
[ $warns -ne 0 ] && \
WARN "$prog $ly $warns warnings in $WLOG"
errs=`grep -c ERROR: "$ELOG"`
[ $errs -ne 0 ] && \
ERROR "$prog $ly $errs errors in $ELOG" && \
exit -$errs
[ $warns -eq 0 -a $errs -eq 0 ] && \
ols_clean_testforge_logs $TOXCORE_LOG_DIR && \
INFO "No $ly errors in $TOXCORE_LOG_DIR"
exit 0

372
roles/toxcore/overlay/Linux/usr/local/share/openpgp-keys/gentoo-release.asc Normal file
View file

@ -0,0 +1,372 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFsL/o0BEADHYSlmnvx5qLBWjXKQRfo564sj94AQMiDHr52vtPlcaeOal8a3
pKKh6Yi02g977sItvEOT5UIX1c10HGRN7EQd6Yq4J3OLGICm13yk1wBwrmrn1AFR
5PbclLB2IStGcO6kcthP7W36T46EIzKhu7ftzFvmjdCfQ+o2zpGFtKZwM1RZnFPf
MULaMBQSy/O8LpaJ1OofzklJKO8BLXN+tz0x/ZIrm/d7RQ4Ne41FxRDpTfc9kHjd
jaVAN3wgac+UQG87lPx9pInw1uE7T4y6oivTfUcl83wDAGSfJY7lAyzKwgELAeRb
CQ8g4laAz+xbt5N5z1OV1W6wtjDOUF1VrVW0ShW4OHsVyiEFh8XFuXC0Kg+wk1Oj
nH0PHSwAp9NFZmS9lj4anvNVPTDMM8hk6fIHSQC9SAyB0LBKqcHx66qxRXICVnej
sVE0XTEmVBLV+V1KIhJBsK/lV+8DOjx5mSEYDu8wLoO0ZOhbSARsWdKhY0FggQ/c
10OCgTBcCoj+vx4cGmAJM15Pu0i8loZap8GCBoPjJmvb+vQTZSqTV67o4GD8QkRA
UKgMq7qNJE70mvv2n0VIQrSRAS9dd5T0bVs71VakPHhYJ/aB5q09p17AZ0bSkuAP
7SEw5XydBNhiwlNfW9q8wQ1l4++W7LZQS2pkOs9qvOcuBMA0XkAuQ5j+OwARAQAB
tE9HZW50b28gcmVwb3NpdG9yeSBtaXJyb3JzIChhdXRvbWF0ZWQgZ2l0IHNpZ25p
bmcga2V5KSA8cmVwb21pcnJvcmNpQGdlbnRvby5vcmc+iQFfBBMBCgBJFiEEGPcD
1wKxuVkTcxSMVdMjjsBQOW4FAlyh+uArGmh0dHBzOi8vd3d3LmdlbnRvby5vcmcv
Z2xlcC9nbGVwLTAwNzkuaHRtbAAKCRBV0yOOwFA5bpeHCACZ96apz0WXGE5QnSax
JP2QCP6V7taJzkUZa4XZ8Q/nijl0dVM7GyILb9qAFk4B4hKv/Nt8qqcPbbRnELHN
K3ZBW8gmqkgXfk6lh3wh60I95IdJOFj8oZQCdTI7/ZeNsTY+0apB5MX+vL20dN96
7+6Yr59uAxn0JbIB2h0Xfq3Stdi9gZyG49buSU3VKEfL+DZv4+loA4E2z8NzY/Iv
wouRgje+3FbjtbFFDYERqyohGYAOFtzX1mRL6Ow5npYV7zObLqyAjmAeKL0lMWxy
Foi/SP+UQ9ZUHK3WZ1T1Czy0gu1BAxeerO/5AQKUveQbJK5x0eTmSBKyDozEZGHT
bSdziQJUBBMBCgA+BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAhsBFiEE75U4yejm
QxGlLN7foT0O8ZFOenIFAmKriQAFCQt2m7MACgkQoT0O8ZFOenKgQBAAwWN5q4LR
8GwTqZYs3BwIRxi6NGktkGPjVutfXyPGh2l4d4Wrog+/4sVel4VfuzeV6pruMUvb
CjcMFZQw8MfYfIN3X7HqlP+d+w//bg23sZ7YpQPqs1SmG02sTRJXbsSYz4M3bn3W
KhzFzZgJRqK/0m+NiCxzyuWa9OBqXZpgXPJarcInqymS6PyI0NS2Gvfl8H0NvboP
1M6lbVHQrw7A+/vdE9fNDeNAaoNKepXD+gVxTJKk7BlzawWEmbNXkyUbU+S6JtIw
So8NtKrRNpU97miwWMFqlu3ltlJeVO3K2tSk/HLMD+LDZPe19mNntianhluEl2mp
1Ox8O6K7Crf2xXrS1LPWg+bP7My8VukaUHsj+3eUKnIx6WuClYnwN3VvhLLdaY1P
0RMs72LNd0lC8wj/y8BWrVB4ekrnBbp5bkreFuLsIRr9PGakSyvGbWpoazTxaRVG
a/jRqw7z3JjW3bLrfUDmPlDRbkhByfVn4RtsoC5SGwLH7CkzYnMuBFkTJBieuKSi
ydbrad7lBg1g8Pih61hf2Fg8UqJxYcCWB3vL7Fi9WqqgvXSOmuzNwS8NP1rma2Yt
BoqwKR4UrZOLxfQodgauxjLJ1OmAR4NillSQMDG+WRu4Yc2UX9POhDEYXMXkzQ9I
g+v7+NyFzI2enE8YwOSwTrIm4hTpdcGIfkW5AQ0EWwv/BwEIALEnFt2oxkkjZB6+
C8Vy7e+EriMaKcu5l2sImll5aeM1IWE8Tw1axpdIF5Xp6BnxCV6r9Az2gEDRXCiD
rCtFtvoIJwygKiyQUwkk7n89ihKss+mLDVG2D656lMoVwyJYWEUb7OZ81sqJNrK6
ud7NBAdPbiC5gtlBQ5Cn8eas9ldJGvdQX2aj56zQhTkV7W89GT7d1irF1QBy20Pd
WrlQYZgBFU44/fLz2MFtrYDoa9b+dCOAS1wtbxTJAWafNUMmEcvhUjPlsbG/R0e+
MORsDzixbT1Gwj4h0yDjR6awXYD9E09Q2O26KdEdJxd4hU/wIqQOVjz6VejLUKBV
DAP8D9MAEQEAAYkDcgQYAQoAJgIbAhYhBO+VOMno5kMRpSze36E9DvGRTnpyBQJf
Z7xcBQkHsuK5AUDAdCAEGQEIAB0WIQT3SOmzxH45PMJMj698KsCc2Y8u3wUCWwv/
BwAKCRB8KsCc2Y8u3/PFB/9DMkwsbJ2IIniMCCYeqrdY+ZZ6qf9AAU+LWxOZYjrl
k1dCDKv2Z7U8d63gcp4xgFG4uotQvrYw+rjZG0WffGnXjNljHABxbqfC2nSut0Lb
jrZDApOy9789E/IzT4NKIiFMwhN+hqXUcAyg5NFXpdg9VIvH62OdlyaldGz+T/mB
BjklxYkgYcNzYHM4w6JkSTuynqKN2/zJgPFDApbXAxq557XELgSCP5gMRRSgn07j
KjOXfsqKqPGHEBLYCeQGfVXoV+N05CZojFiUOp+xCxiy3Yvg7s2JTh2GSfwvCwY0
VlYTNgLbGEHkEAUY4T1WkJ1v1si0wH+f0SOMOmckmuX8CRChPQ7xkU56cmoSEACM
4IabBCAzRpzVRk26K52LIKk6DaMuLOWE8+80UKa3Tj0v5KHfoRJYq5IlDyEMz4Et
4OuPKLwvl/efgketH0BpOwAzMqOl1t31j4fHaE6hOX3WO5etSq4GbLkc+dAwKfic
osM9o5gqcCkE5UDqMAX2E+KxiIYtU47eRnsif9Vqea2YmP2yYJRhYLVpI1BIBX5J
tqZaX8ifYjEEAhZDBt24+85FWQcES68rcYPSn6JGbREgCSwnk7tdqnWrc21ffjls
q/zijiD05ajJhLbLv7UmZH5NOYcgtruhdLyhv8nTu4lqcLFSqfYeENNhEqx+oKWe
cmwVYBCA3ArYFGqc0IY3cL2iOaXDzIwnJtwfnTppovKY+qKbICGRiD9xCBvmYQs8
AchOP7/iy+bfXyNkxARhNTuKicJXP7JQ89g1GUPOiI37rwCT6rwNedkRWZuuh+U+
+ef6yG1xgcVH96zs7MN767f/Lujb78Vao/G78zOy5bZKlXu/dpmiaiuETFBGjB9y
efgWtagAftMTUa4IGAiAT7l4sdMoKUHFaA1kfkrph0wmz3FIIOvsyF5yzXhkKT8u
VuyPWxVxATvxzfsyTaimmbB6n+u0ctYlvrkCviFLECngcbC/wNhW2aryutR1Xm0W
frBr0TpWl3uSY04hOafLxsgqsmd3qCX2LtrpxxqbjIkDcgQYAQoAJgIbAhYhBO+V
OMno5kMRpSze36E9DvGRTnpyBQJhpOa4BQkJlBY6AUDAdCAEGQEIAB0WIQT3SOmz
xH45PMJMj698KsCc2Y8u3wUCWwv/BwAKCRB8KsCc2Y8u3/PFB/9DMkwsbJ2IIniM
CCYeqrdY+ZZ6qf9AAU+LWxOZYjrlk1dCDKv2Z7U8d63gcp4xgFG4uotQvrYw+rjZ
G0WffGnXjNljHABxbqfC2nSut0LbjrZDApOy9789E/IzT4NKIiFMwhN+hqXUcAyg
5NFXpdg9VIvH62OdlyaldGz+T/mBBjklxYkgYcNzYHM4w6JkSTuynqKN2/zJgPFD
ApbXAxq557XELgSCP5gMRRSgn07jKjOXfsqKqPGHEBLYCeQGfVXoV+N05CZojFiU
Op+xCxiy3Yvg7s2JTh2GSfwvCwY0VlYTNgLbGEHkEAUY4T1WkJ1v1si0wH+f0SOM
OmckmuX8CRChPQ7xkU56cogyD/0RFZxSQk6xtUy8fQm/vneI4AjvFr9eJrGlCzEV
k4FNdH+xgCXQAx0tJKbeYCSC+0k/JrvNdSEcPEIdxpj3MC8j1YhU+KRoYxVY9jnn
x/yWkYdPqzOQhBdnrCCBWgkDkigLnF3BahoS3j81I1+yhsZ9uI0AkV18Fw6/1nEr
j3P5fNuiYbI/38aPlzfXigSiDy76cFXKv9FvdM1PuKqCXAfL4xGm1jrR+GkbP4De
HJUz4ET7nJbL5IsjZWFOIMEY/JQ5VJvoLQZ8eb2b/eGXxXtFGu5PZGMFq7NS38aK
+Wd6Ix5Tl5n51NvOtDRyK8DBP5PXq742CMlBP2aAMQ62KvbpyIIeUrJ3QtPrk4fp
UXeXu5NVDCNjT1NFy1idm6qCvIQSAU2NrTSptD1KfvKJ8DqlgyJ3ekieqxwOrVgS
aeJRxRf6EnIeJ1+edhXsTXSoFWiUuZORnBT3HcSczkeM/nu26VeDKXEq4cGMzRrP
ndqeqJuhV82pha9G5NHPrKiNDKhwuqQBSXfNAUYoXUFFcyJ5lcR4bOzveWs44Ms5
nRUOT83JEFRqniPLGZ9DwHm/ZfCUr/X/ZS7VUXp4VfN9Z7lmdjL0fktcGX8LJNwH
3yc69iQhXKePXiNK40qd2M7soSSJlYcvzJkHYv3N+kjwjrAPNOJUSx3kuxw8HUv+
RfTcU4kDcgQYAQoAJgIbAhYhBO+VOMno5kMRpSze36E9DvGRTnpyBQJiq4kKBQkL
dps7AUDAdCAEGQEIAB0WIQT3SOmzxH45PMJMj698KsCc2Y8u3wUCWwv/BwAKCRB8
KsCc2Y8u3/PFB/9DMkwsbJ2IIniMCCYeqrdY+ZZ6qf9AAU+LWxOZYjrlk1dCDKv2
Z7U8d63gcp4xgFG4uotQvrYw+rjZG0WffGnXjNljHABxbqfC2nSut0LbjrZDApOy
9789E/IzT4NKIiFMwhN+hqXUcAyg5NFXpdg9VIvH62OdlyaldGz+T/mBBjklxYkg
YcNzYHM4w6JkSTuynqKN2/zJgPFDApbXAxq557XELgSCP5gMRRSgn07jKjOXfsqK
qPGHEBLYCeQGfVXoV+N05CZojFiUOp+xCxiy3Yvg7s2JTh2GSfwvCwY0VlYTNgLb
GEHkEAUY4T1WkJ1v1si0wH+f0SOMOmckmuX8CRChPQ7xkU56cooZEACn9RoHXHPW
jLGQtMp18+2Q0mTj+21zNLXhlhUlYIKg7/3VQRXefKWOQdznIRRoXR8VIOVaVXSm
k4crGBmh7JqmmuzP+UurmCLQTTwnJIyFSPA2FHiKziF9RZr0tMn9LWn1Mj84fxAO
+Ri3cHayvMfnidQotDYuzJemkXaDzTQR/JwVDHq/pRPRK90Pg9Ir+SmQI55F5flN
b7pWN4Ce0QOA+YCzx5J714SDmqtp3YL0pLOQQJMzaO4VEiO+QKVhgZpu4i8hf9IF
KfM+aKpC41TyA6tMGUEQnUYQUACD+ihc5W4IiC4BHYS9g6CwL6qHzGz5hhXiD1+0
0CP1MP2FQPMQHmoI/RWhVleia6P8fXIz1yhaXK1WL6zZxPyaMql963k4VToDkFXe
K2n1mftyUUM3h0gZ+eK176oeIv9+XoBR85rKyZ2A5Pq9lYLAC7CUYdj3boJoWubv
E1xGQuB5OW+rItjIRjQEB0UMQIxUEDAJKrdXYUmitx4HaCW0OeJhlq1ZCehGvVak
9iYZyj5Xb5xgtWHW0aeRakSTIvCT2PCnWXfK+O4prNYHAHYGfAfXNkIuwP4pR+iw
7PYjaFhwiQUPquGTsBjiZkFunFLXbIHtVvcSyc1eX31BhM+aI+Ohxa80InE1S+L5
+biRoUI7kBmiJ4mYhAgeuhpKPYTj+z/zxJkCDQROzyEJARAAzIhE9Pr9fbvJcT/3
U0rG0eVamoLjNNEL9Ud3H4UiRdiyIC9oDaQUj+b7shd2gBe59l6jtUNmtfJ35Tcs
TDOFMebHDF4RwQ6w6Kpm5W1yfoN6bLgQnWpG2BvG1oiYcB01hAec7D/Iu+a6aWHy
Y9XQ4NegFax/eitRezQKHmjg1if24suT4NehgdbefjmLcfmDtw5N4po/ElcsHUio
ti6SQYdRBeSO+A0VkqZIz2E3pY6sI2ISdhc/8RdvM60uXOFeuFx1bDDo354J3d0Q
Fei0EuwJWjV2B3ONBpVNbQOIeLVBlhaKSgAjvLkpWfFgnEH/l3yvmXdbZpbsV+31
pqp8FACuSXwB0WeI7fRLq4X5M+hn5PCPEmdGQ+RMgAJS9ba8CQDyXDsv3ahbp+RH
G6YnbYx9Mp0dZH5Wr0MKT086zxnknWR9NoggsTzLcsya8O5HhEKuxUNiE4dhFJRl
c4Y9+daoXpygku175ubcRMNpLeUTUxZxbOlMjpsRVf6AiMJcw4SO5kLrcIP+Wwx1
pyJeg7bIFcKueg5OMvojoLVfBM1gsdT9WJ5PQ/f5Mf5p6xUcVcmTkcG7B4qTE8Jv
O8Ft6wq+yXvjoXDdSWuH0Rp3Cp7uhuaWymVrPT2K3npKvwW+NyD2YelxBwvhsw1/
Ht93S+S13jm+qMOJI0d0QcMUJ2cAEQEAAbQ7R2VudG9vIFBvcnRhZ2UgU25hcHNo
b3QgU2lnbmluZyBLZXkgKEF1dG9tYXRlZCBTaWduaW5nIEtleSmJAlQEEwEKAD4C
GwEGCwkIBwMCBhUIAgkKCwMWAgECHgECF4AWIQTc0Ftx6rlBmVJ/RKzba4wflti/
bQUCYquJfAUJF7N5OAAKCRDba4wflti/bdgOEAClUjDg1rURcaKNgpNKC4bdk21s
EyGbzYBF7Pldbfkplf3runOJhWPad5vC8aWgDDSVTukzmU7/4veqwwQqrSzpF5dc
UAD2hgZcUMKdYphi1dazEpIVa1/KNHF+DsGp0/mfU3sRnrtMGQg82b105EvoCcsx
h8rsPYNteqTgIudXCFDGsC0wCGhhTRWpX91XDvm1TXZHBmR1qOWSvsuABU2vNRAD
M2eRGJUEyQ+1ZVDBtVdxqY3sY2IzAeGiFcQOuausa+4JexnRUD5RX0jP0v+XssQ3
sj3fOzkPXWZCd7TZX4fUsHlCbaKexQl9JO+EyTvki/EW56WTJ5xXBVJjuXCumCsG
1yZFkNx2H8G9D468CMnqn01oq8a3ejxz5AkD7j9lZK2qORrkP6+MmLPFhfuwg7t/
OZZlbuptEES1RYiDmaXBskBpswGrGSXvXApMHUhHTKwv5buyYEJ0mxOguy6C7HJM
nHY+EbXWOWGuDuBPz1TY8Ty1JJDnHQto+OJFmw8p/VciDbPGkTtzFs/VpIRvWnda
R4iHmjb+12+Z+UFmGRZDBaiB62mAr1hCIi+Dn8pSvHaLaJuLrfwg3EN9elBQ3qUQ
8+L4vM5RhpjGmnAWhpmG9Dea+rn5jwYQTNUu+0wVfNYx0aII/wgNCSIQmBDIfAam
I3qszAXhxWeoi3v/brRYR2VudG9vIGVidWlsZCByZXBvc2l0b3J5IHNpZ25pbmcg
a2V5IChBdXRvbWF0ZWQgU2lnbmluZyBLZXkpIDxpbmZyYXN0cnVjdHVyZUBnZW50
b28ub3JnPokBXwQTAQoASRYhBBj3A9cCsblZE3MUjFXTI47AUDluBQJcofqEKxpo
dHRwczovL3d3dy5nZW50b28ub3JnL2dsZXAvZ2xlcC0wMDc5Lmh0bWwACgkQVdMj
jsBQOW4GgQf/YRJbSEWQr66zifC5Q09a9gYMoamGc5eJ7+xLIW9M3K00JLltXxr0
0eq4dtVmQPBjKe6B0rtJKT1u8YO44/prRZX8UlfhsbJ49xNhaFDGrUSQeS2Zh2d0
FhdPuLc0NmOOoUz37Lixskus7gi8xolEVcLdjJojiqO4Tae0nzZw1aixHDZtk1yb
jTXyUhpdSS8Jibmi1TJzx3IIUdwH0YTwoVvzAY6CuSTv7gbBtT8I01pCZp+b42b/
OZUMqr63iBicpRfUpGFuADfe6bXl/CbPcCEP8IutUhC6gaLKkdEEdlw8DtqwUdn0
vtLxbxD1CNH8BZo1fE3Ex9oa7z8bu4CwcYkCVAQTAQoAPgIbAQULCQgHAgYVCgkI
CwIEFgIDAQIeAQIXgBYhBNzQW3HquUGZUn9ErNtrjB+W2L9tBQJiq4l8BQkXs3k4
AAoJENtrjB+W2L9tc90P/R3do410Cz3ZZrb/g86UhT+sSavfA8mhCgKD25yMWPK/
fuMlIkIhD7YSzc+Wtu+9Au/NempXBDHsBX2Dx512aFWcSQy2EDOWnJ4tlFrJ2Xmd
0F1yZk395Ogka4cl6WbpuxN47C7YIqkOho1UUR7dRO0XgMAGS63qgp6w2ego9o4I
K27rchy5u7rTcpt0U8gYyILxAGa82f5W4j4P8JLPTvzQ0weND3hXTCwDWwTtDmzb
vr5ORmJE3DaZeSj98NHryOCoLf2oEGKofQxRmI4pIfhy41wDY4Q1ESLwSSAN3xp3
r964giC+lZNM78leXoS7u5izrXNEcvk+bKR8TmXrZ0NYni3ZhN8lfTYWFl9MNBPj
hmci5kgyEW9fYqytq+ljMWuVMKtj7sY2Wd6TDNhljwwDu0UOLnw56hUfa0oiJJtq
JkRctnhz8+/9cIiDAQqxET0YfD17KD/jJeROwbkHB8Gbohuz4nW6ois46Gqh8xaG
10QddlE6hkS+1FxcgHALvYeztU0PCt+AjP9r199wg1BRn7X6W3+N2rREIX18Joqs
ciVskRz+K9TtGy0JrQ3iXkJNcyBE28koc0SxhHE2WxwYS3PfbER91QGEsa78yuUA
Ip8tRNbjA7xq/9xcWL8g2FzOckspRH5MSu7QpzIZ/bZJdsl/5Qg+YMMQWdwsCZCa
uQINBE7PISoBEAC3yD2B7AOg1BHYkxdpLo01rZofqlAoHAuZAbr18w3ogfVEaZqB
beJ2wx5P2u8WgHTOLvBDWs8GxFP2g6GEblLrCt8Zaa0cinbW4yh4HPrNKwcZHgBj
R5k2+b3XVPnJxoRDgmjsJX2yqKLiKanpXit+dYKX281M6hEfSZFP+eqt1Wd3181A
23IqivU/L0hTbLJ5rcTxrR5txhq6KiX8SSgktuyajIDLOJoED2Qp0CeUwg5FAuEy
95rg44T0E7T0EyGQ/7+6yoOeVgKroJeS7Wq1IkDabeg2C46LEyVtLSTuumwqNU0F
KOi4gOBdkYbha5FsSUnEykc+ByXXIsLF7Pbzfq/eGJsUrbZ7yKwoHI2EYnhTXci9
uJpBJ/xjlDlvVWZkvxLrGadjn1DKDMW7fu98AyQo8mxYdXd6+Q/Fxr5ATPGTRtCz
Mhw6QuG9tshzpPW5XXWk9qzE6j+ERWTDxyhJWuShhCRKcVaqyZZ+mtpHxE9Wa6A8
Uznnt5HCKn5DP1oXQXbrnx4sWybEodDV0OrGQuTtI4loJWiIKL9sCbtMiRat+A+A
jy1h0kifvaws9nzXtHFXK5sskfyQlQVbSN4L0qsh6/ueLSWz0itbFMl8YD5Pbhdg
3Rsck920Y+ZNGJa1WiXRuymJW8F6mwE4EOlEVQuDqHe0qZUtTKtiaxZg/QARAQAB
iQRbBBgBCgAmAhsCFiEE3NBbceq5QZlSf0Ss22uMH5bYv20FAl9nvBUFCRPvwJcC
KcFdIAQZAQIABgUCTs8hKgAKCRDsWQ7qyRiSUO4TD/42ckqMlwwcvtsrCec3rLlY
6KCn04QeDDkKJGrgjKmtS5BLXHjd/Pr8Y5RogwPBE3A7kPROTvQZXIB/39PkDMB0
OQboilPyNFnNFutY00WInF3LvNZQV91VSQ7Wrev+2xLYEkGnk3bBz0V94ebqYKAg
4OG1IWwsQPU3dh49jO1eNMTa30BvjDIH9rDvGOEwKCnQZMBci7MRpt+YjVO4XElI
3rNjVrn88/UZIBq8JUXX1+JJCYhyqNFC0a7jw4naSWDSl+kuC21HSq++vBwoIH8E
rRtVWfbJZwUq0aX//7JJ7B+Uj8iumrLRipFFLQyLd8YaZSnbwPdWJp51iPucnsrY
q3e+l4EB8fFfCP168n0/kyFKzzTZuLCqmCi6R8nY6n5evxFWz2zBzCggaxHQQp2u
OMT+s9zzksHc3IOir7fI+lKjs5/CAJ1xiUZncRkYvHq1Oh4p5wUAMCpS8ZsUYSFx
7zL/1r9AVbZLUcfECnuKJS91ex5FlnV+AebmcVNlx5STD4O+fDelrcR0lVDID2Mf
zkI4zuf1fqCL1BjbmjPOuHW1n/D84WKTXbO16jItr9Po6eAC6UHyKnPF+g7CrFiv
UHz09TPc6pVpS9wPkSjLQmLB05dnLhbG7sNSDg/wWUAYs68TcUFbFxC66z/91U/E
MLMQjlBC5wWtuxiDgYhv7wkQ22uMH5bYv21/zQ//WNDyK717SByQoRPeQ9jBHzt7
HbM4SQWhiJMDJkZI/aRcwiXOz3Hy6Um0Y9F4JSEXpX36LLnsRhi/O8H08RXHPPOF
lFCXLndtLZQ0MtFg/efFPTAd1LKFfkV+egLr1sWFpuJF+k4sK8pb4+AR8oqr+KNi
LKPCKXjG6/J0H1tOAtbqCsstef2kw6BXEqLG3o+RIf3G3WIJN+rI0hdWVHK/GDr3
dKKu64mQTRXFtbBV5qWcwl2y5+HRs5GP/SljoPrDJfqSXpXdFtwyxtyb+VZw21N5
qmcVSK83vQmlzNkYTsqSej3SKwzWrwmH3zpp2rjAdaJkv21OMxE6dTQcE5xnGLl9
G1+s0nB+RCFAK7uKwo3QSvT1GWbWVvnKiyie81cd6Xy3TXSfrM3MV6EKsB8FWWVr
Y2t1CWKwhWqA05xDDv2oIiKquqe+pSG30VcXAe7GNHJs6lnsAN1fEvcbUa5h90L2
/FEqpd/yw1pGRfsRyCn3Sqq7wCmrDkHtULERjDLYAmaopi6WtfXvt7wx2bBGTPoj
F0EDcWvacNWBTz+z1lbQjcWKJNFFbsVr13sQ4pecXMbJ7xhY5HrS9RChpdcw0Q0y
lu4dPcwNc3b029m3srhQG/lAu3FO5cCSy/8uuEw6FbBZugp2IAVQ8mU1PKjN014j
+rZVXOkfzA1AP4tEHSaJBFsEGAEKACYCGwIWIQTc0Ftx6rlBmVJ/RKzba4wflti/
bQUCYaTm0wUJFdD0FwIpwV0gBBkBAgAGBQJOzyEqAAoJEOxZDurJGJJQ7hMP/jZy
SoyXDBy+2ysJ5zesuVjooKfThB4MOQokauCMqa1LkEtceN38+vxjlGiDA8ETcDuQ
9E5O9BlcgH/f0+QMwHQ5BuiKU/I0Wc0W61jTRYicXcu81lBX3VVJDtat6/7bEtgS
QaeTdsHPRX3h5upgoCDg4bUhbCxA9Td2Hj2M7V40xNrfQG+MMgf2sO8Y4TAoKdBk
wFyLsxGm35iNU7hcSUjes2NWufzz9RkgGrwlRdfX4kkJiHKo0ULRruPDidpJYNKX
6S4LbUdKr768HCggfwStG1VZ9slnBSrRpf//sknsH5SPyK6astGKkUUtDIt3xhpl
KdvA91YmnnWI+5yeytird76XgQHx8V8I/XryfT+TIUrPNNm4sKqYKLpHydjqfl6/
EVbPbMHMKCBrEdBCna44xP6z3POSwdzcg6Kvt8j6UqOzn8IAnXGJRmdxGRi8erU6
HinnBQAwKlLxmxRhIXHvMv/Wv0BVtktRx8QKe4olL3V7HkWWdX4B5uZxU2XHlJMP
g758N6WtxHSVUMgPYx/OQjjO5/V+oIvUGNuaM864dbWf8PzhYpNds7XqMi2v0+jp
4ALpQfIqc8X6DsKsWK9QfPT1M9zqlWlL3A+RKMtCYsHTl2cuFsbuw1IOD/BZQBiz
rxNxQVsXELrrP/3VT8QwsxCOUELnBa27GIOBiG/vCRDba4wflti/bSdBD/9PSfsl
zvodXTGSiMgMq91yNsv19oOmvp18xPyY6La6cPJ1vKMkZPVe1GMhWS9WEGmHOvn9
YGrRcCpb68V5Y6rjeLuVWFJ+07CwDTpoEbSCmhSegTICdC7X/51/fDjSrQCFawWy
VUG98C38KVt06U1cZ5160dCBqTGQXJzoGqT99V4DUOl1+w2XMHtCCxauLOklDaX8
1P/Hk7WniyXtDmzGW1zpy077VF5dDj5jLuPxydVvvozBjV0yiamPRSTeNtPqo/2d
H3oViAOY4AuhtCtJEu0Sa8DcFO/NHv8pXLr22yVXVgYqKiiKA5Kb2Xkk1EK7Hm+o
3EwfI+mAbrgsPm1SdzLv3OY0W0hqg9JAIi8jyhEDirWpK1Zc08qKfxxIKzYGCc22
4f2gDTTXSmcsJxdlOIel7cHyXdJadVQKFN8QL9dvwki3Sshs0julhNKx0NrdQ/Ea
x/1n/25NkrClNqR5xF+D6Qq7FXv2OxkvPYwxzPMmYLUSL7ZcOTx9rQlxXg1bKhqe
0LbAL2Qz1rm5BOgKLiaCDRF7HxvLkEvbtUh6TkCjrbVyxweX2WQYRtG06+PEiylu
KfBLw+T6oPhEj0BSz8hBfqNjnDp7KMgLb1R0MfkOwS+KiuDD8oyZ7cn2dT7X4E7R
yi0hmIZpr+35YnwCOYyDFbglibsJsSgVhPyzp4kEWwQYAQoAJgIbAhYhBNzQW3Hq
uUGZUn9ErNtrjB+W2L9tBQJiq4mHBQkXs3kXAinBXSAEGQECAAYFAk7PISoACgkQ
7FkO6skYklDuEw/+NnJKjJcMHL7bKwnnN6y5WOigp9OEHgw5CiRq4IyprUuQS1x4
3fz6/GOUaIMDwRNwO5D0Tk70GVyAf9/T5AzAdDkG6IpT8jRZzRbrWNNFiJxdy7zW
UFfdVUkO1q3r/tsS2BJBp5N2wc9FfeHm6mCgIODhtSFsLED1N3YePYztXjTE2t9A
b4wyB/aw7xjhMCgp0GTAXIuzEabfmI1TuFxJSN6zY1a5/PP1GSAavCVF19fiSQmI
cqjRQtGu48OJ2klg0pfpLgttR0qvvrwcKCB/BK0bVVn2yWcFKtGl//+ySewflI/I
rpqy0YqRRS0Mi3fGGmUp28D3ViaedYj7nJ7K2Kt3vpeBAfHxXwj9evJ9P5MhSs80
2biwqpgoukfJ2Op+Xr8RVs9swcwoIGsR0EKdrjjE/rPc85LB3NyDoq+3yPpSo7Of
wgCdcYlGZ3EZGLx6tToeKecFADAqUvGbFGEhce8y/9a/QFW2S1HHxAp7iiUvdXse
RZZ1fgHm5nFTZceUkw+Dvnw3pa3EdJVQyA9jH85COM7n9X6gi9QY25ozzrh1tZ/w
/OFik12zteoyLa/T6OngAulB8ipzxfoOwqxYr1B89PUz3OqVaUvcD5Eoy0JiwdOX
Zy4Wxu7DUg4P8FlAGLOvE3FBWxcQuus//dVPxDCzEI5QQucFrbsYg4GIb+8JENtr
jB+W2L9tHIYP/RGt9TNqiozvx72ULStefscaAoiHZebvarz9qQiLTOOhC2nm1tgT
gTTc1sf9s9r66bfIW2jZpEec1g2RU81i5SVXoHdCEwPNW6VIce0StFFEj3jO1qKI
HlU6LAf39vRn1lL+N4Z8kiGr6+ieFlc1ex8+EtztUeY3xnqbYfJ0hit+OaofcpRf
hJPave542dKGjtRP+hkCwAm1/F0r/mP+OfWGLxTnOwLG7MDm0sk3aJr4qx+9IaYy
wvXlAfJgLmfX1VdOPbhmtbPGB++vrwCZg7hNYmJyVgHAujFE7NCrAWO7NQe5hvO/
nXKQoywvKodMMRZLlVdvej739MwbGNxUWlDrHTUba6WK8mmkmDs+iUZOcIH4IsL7
JAl+HuzMXHgdoBugZt0gIbDLjGeSaWRFtBiL2RYfCdu/o5wriLa+oTe/QwEFPRAo
KegiIdf4PU9oCEQG74QjP2NY34zagATUy+uVylsF8lYhMNVBxM+t3LgTtV/jBuDu
hx+KzpuwuCiesS67dwv9bsjV7oHbsJ5NOheDXht8l8xzyiZPSFek051WtIrQ7HQf
dWdAPwKLhNGE2ndo8WoyzoDdEeBBAEFQamUmH7lGOQWxApF5mQ/7sQyWK4WW8i/l
xfX5FCZnibsgHisNhjKYbY25yb6ScrVKHB+2aURepR6hyhbHrS2szBqYmQGiBED8
eAURBACYoKhuBXU1mvQfL3A96dShH4JNqNpzI54rsV+0Exic3isQ5oA05hlpQXnf
Rw+s4QcjmFQUgsNCZ8eOYYwpMKlJdTxx0pWYs2QNh5eZA5SJwGNq/UBx/6HiuhhP
2CdAySL105d90lBvxbcVQrgTTN0OLFheRk4dksFf6fKMa3p+WwCgvzCQVm8IKZUW
/Yc1qouv35BFTU8D+wWNbtqpl35uUSbxki1qR8SHSfKULvLSIlUZOoRgrpphF+8B
wVk0vw2Yl+V9dWZnNU8W2aXJjaDkkZZNn4mqs+v1HV4DVOXDH43OpXvRGoMKIjok
kjlxE2Zy6JrL/REwOFj7d0y8uk6YHK2U8KY5bM+tLPridABt8JhBw+2jJkE4A/9L
0nbHHxr93s7GBRna9zx3xWSxtB6RV2agsCBA7V/s0UA1fUk4LaxKzLGrnqFSc67T
V5lQ0qC89taxVm9o1uihkuUqnXpMQfeOlFUwox9uRqtp5r0vBEvzYGK+3cRhiZfh
2+J1YRTrQZ/Oa3LftwcGWBMP0sRnQTq4tgBHFi7CO7RXR2VudG9vIExpbnV4IFJl
bGVhc2UgRW5naW5lZXJpbmcgKEdlbnRvbyBMaW51eCBSZWxlYXNlIFNpZ25pbmcg
S2V5KSA8cmVsZW5nQGdlbnRvby5vcmc+iQIcBBABAgAGBQJE5/MeAAoJEEFjO5/o
N/WB3t8P/jnGS8GoU2JrhcaC5VWFDZZpTHrxDMpcP+9FLRV+1JxBE+Z7+JZT/gNn
XAp6tEX+tb8ga36yX00/WyHBsDN/0Y3HDcsxNDt3jXuz2gNJ9i6zDiARCL8Qa2T/
XkZaWQbgsBn62Rjflg2lamFy9KsAt62VQDiTDR3enePmSOo6vdRihNBhp07PtyRo
8MaeZc4PHO0XwmVdID/yRFU8b3UPg91+rndGkOcrWcw82rrvQCzR7oeAsrjV2MWy
+VQhQDZEPgaODK4cjtRt7kBEPNvW4EqhFYd/7PTHno4AxPS8JxVu9Sdkt0XqXE8W
OlUvY+CljW9gToPWhi9ut/cJbH5uto04NV4tQGXPtFWqw7v1Zd3s/4aQap0eZYCp
W9/nXK4QD70v9psivBy3CXUiVS4kCJqLyYJ80cgiZE4iGKJyYea1lTxyW5AHNEN3
fQXxsPKJz4P/F3SdTFSaIdYrCNa42+PoVECCmaVDQIu2sUTPjP+wnyzw/TaOpG05
yzHfsX8hYjvpVhOs3kwPfD3Z7Y+yNaucmf70qK6EcsL0/sF8MvsxprNzHOP4X0Oo
g/B/ddPKdxdo6kHEKFPTSo/6TavqXw/BL1kmRC8cljKG0PIerG+8pZcM1XvtKdt/
E6uPnYrbY0YDZzwtA+oZBZYHuvOnwdF6SQUOJDsCVKCoQAF9H9PqiQFfBBMBCgBJ
FiEEGPcD1wKxuVkTcxSMVdMjjsBQOW4FAlyh+xcrGmh0dHBzOi8vd3d3LmdlbnRv
by5vcmcvZ2xlcC9nbGVwLTAwNzkuaHRtbAAKCRBV0yOOwFA5brkYB/sFUALKKqwO
uJ57GwOg2/g/bqAFPvwhVxzep72F7XxI/ErZkncNqrnfNQ9vSBjXiRAJamIlqFTh
WVbT+DL5Y00snF+DjUuVjyLDneels31nVHcMBs9gGS8LcXo0+tlQdhaO9DvvYMHL
TasZR9OJEAkPnXVM2sJQjjYH4e/20olFpner0MRuoclqOb+sP8+iR/FsUNTv1Wbl
X+uHAlrXe+xqXNRorAekl+DRMPCBXeKlusr/NifBi4wxdeYWs8cyWaQoaEmvitf4
OoUaucGgr8vNHrTkY0XmrWpe4Swv8OTKV5Oi1JL4VTCbLHEkBBJJ+nsMKTu9KozE
0gCtUeIO8kuYiHsEExECADsCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AWIQTZnqxz
eahQvOR9pfKeZDjIFwcgWAUCYb7QQAUJJJYxPQAKCRCeZDjIFwcgWItHAKCC5O9s
KPmvJaKRKVNAhaVxj/qSQgCgrVUDRRHwfWdBBI5k42lP7UizP7e5Ag0EQPx4EBAI
AILPfFcfkOWkW4gq+f5s9aVmsbxenbnN9OmXEVO2WEuxzpksSY74yr6z6zMZEqIA
IIJuRD4k8dji/xy1pj10bghpLJgFhRINwf5WHT3pZiZ64fufcd4DWPgblrdYPfSn
NSZWo3JW2CBs0IWGtdznNbmJqmt1OM25UIcENoJpgjC3Dz20Vc14TBMGZfoTod1Y
XPZDrcDHmDrwjAMVN0RbXu2IqBPT5sAgFdXsVEY9iQd3zykRfHkCktv4Xca34RcP
bIdAjjAGVeFnPrinkLQFuBnAKF6fdZ9y1XruZB4bl2E40EF7tdgZ/mcno3gruiYv
f6IMUO1sLe60xTDHnugvHX8AAwUH/i32SmD5W8mZ2cfTzGrayYH62B9Nr4KQG0BO
smxAyX9xHqKgl1scx1BAHDAHbOW7kqMQx1bZ6g5QKjJPCPmFjpSsxbbdCwfqiXrv
2uvIyi18wL7GW4ktVZQKYJSPxcPxcWio4pSC9LKvvCkIDV7epki0mnHpLBbPjeHw
lTkct50cDkCVkhc3QSD4Iit6EnCX662zyus0IjDbEiIZMsoT8hQ+bKYFZdjfkEGU
E6wRl9nGjVpW5+yepGAJYaMfVav/VoVaKlTbu8FvS5rFMXv6uGkG7XJvZ9E/y7lU
8f2CRu9+Iw9gNMZWoaj5u34lugHK7f+ihT4l7cOu6kA7m8ehRfWIZgQYEQIAJgIb
DBYhBNmerHN5qFC85H2l8p5kOMgXByBYBQJe3WjWBQkg08oyAAoJEJ5kOMgXByBY
bUoAoKcj0XW1L+0FLkj9rUUFh2YyM1wOAJ9D56ydtczSOehZGBw2cvH6LJo9UIhm
BBgRAgAmAhsMFiEE2Z6sc3moULzkfaXynmQ4yBcHIFgFAmG+0EkFCSSWMTEACgkQ
nmQ4yBcHIFg9gQCgoDtS/5VxuEk4KeO0WO+xqeic/O0An1SqPWNFuVamxsRSznXU
c5SqNJU9mQINBEqUWzgBEACXftaG+HVuSQBEqdpBIg2SOVgWW/KbCihO5wPOsdbM
93e+psmbwvw+OtNHADQvxocKMuZX8Q/j5i3nQ/ikQFW5Oj6UXvl1qyxZhR2P7GZS
NQxn0eMIzAX08o691ws2/dFGXKmNT6btYJ0FxuTtTVSK6zi68WF+ILGK/O2TZXK9
EKfZKPDHKHcGrUq4c03vcGANz/8ksJj2ZYEGxMr1h7Wfe9PVcm0gCB1MhYHNR755
M47V5Pchfyxbs6vaKz82PgrNjjjbT0PISvnKReUOdA2PFUWry6UKQkiVrLVDRkd8
fryLL8ey5JxgVoJZ4echoVWQ0JYJ5lJTWmcZyxQYSAbz2w9dLB+dPyyGpyPp1KX1
ADukbROp9S11I9+oVnyGdUBm+AUme0ecekWvt4qiCw3azghLSwEyGZc4a8nNcwSq
FmH7Rqdd1+gHc+4tu4WHmguhMviifGXKyWiRERULp0obV33JEo/c4uwyAZHBTJtK
tVaLb92zaRdh1yox2I85iumyt62lq9dfOuet4NNVDnUkqMYCQD23JB8IM+qnVaDw
J6oCSIKinY3uyoqbVE6Lkm+Hk5q5pbvg1cpEH6HWWAl20EMCzMOoMcH0tPyQLDlD
2Mml7veGkwdy3S6RkjCympbNzqWec2+hkU2c93Bgpfh7QP0GDN0qrzcNNFmrD579
5QARAQABtFNHZW50b28gTGludXggUmVsZWFzZSBFbmdpbmVlcmluZyAoQXV0b21h
dGVkIFdlZWtseSBSZWxlYXNlIEtleSkgPHJlbGVuZ0BnZW50b28ub3JnPokBXwQT
AQoASRYhBBj3A9cCsblZE3MUjFXTI47AUDluBQJcofrRKxpodHRwczovL3d3dy5n
ZW50b28ub3JnL2dsZXAvZ2xlcC0wMDc5Lmh0bWwACgkQVdMjjsBQOW6RNggAkpDb
nZu+LLDLnfQTl5UCB6wKlKpRgLkOcazFgRlY4me3Xf2gIR++tWfiXXCPhTUhVdjx
PGAGwSeBddLvf79cD/FkDWzJw1TKR9pgh5SWgGNxaWVQqK4RuGv/1UWRjGxFO3KB
5ObyqzCZQRJAji+GeWIumSymEQVgDFPaSIp2my+WCrGg3Lfhem+Oxl4mH4YvP9/X
zPwPgFqtOI92urxnvia70G9qnHY+2IaKk10/DpfDo+0+PNJiYsO8TxjTPb6hnenM
+IVlYvdq1qgU5hQPqnqRvPS1+VYZ98o4HDkrGF+e9XXjw1xMkONjXV1xaHX71UuU
DRzJ9/GAbJeOQjdPaokCUgQTAQoAPAYLCQgHAwIEFQIIAwMWAgECHgECF4ACGwMW
IQQT672+3noSd139sbq7Vy4OLRgpEAUCYquKBwUJG+4/CgAKCRC7Vy4OLRgpEFaE
EACIJnwBL5jxXQErItKdu3cSJMjJjuCfjF3wBOhAHKmgCkbBfoKvO99B9hpMmzAf
eylUR6aX6gannMfpEAwuXpveESw59nEwHr8TgPCudQmm2v7TxpuHGTOm4Hsad5Ud
lw7gXka56+hqws7Z0tTMR86AhBNQNlULD5+/ilj2D7tbbCVsV1hmldSMltc5aIz9
KfUCM6rRdr3Kjl0ieJHHjzMidEajTJkrECHw3ECw3giaj4+mmh0iRX3CravIIcC+
xWLy+P5Fx9Une2uZr+j2kRCGqblecOB+8crp9RD53TeG9bdjh/w1MF0+CJxNMs8p
uf1UG3HNMSt7c0ivCSCeVfNCLC0dF7WnhF39bC2OZtNHuEp8iklK6isAu3kj9AfQ
AweoKvn4XdiL5ZUBmtRMbW2ZXG9GglL2BlmSCAhC9dBS148SVOEAsVq8RGXjqpiH
s+81y18eI81Wi/RumwgS2EUleBTvaxrPzxvtAg0kMu8fR/BKn5yLnUpdc2YuiUoJ
QwKKvoVn9kDeK0f9cchsxJLm116d9dtGKYGuevG6hAYM8n2H3peZlxfxEqXd42hP
qSLojg1i06b5HIutN/D5sYT2GtWc2+4bsA0eEHeyr07MKjQvfjO9t1vwMdA5Oc4d
z1CHolb+rSfivtEQ7/S//HEa7gntW4p8W78D5H70OiZaJLkBDQRccTVSAQgAq68f
EA7ThKy644fFN93foZ/3c0x4Ztjvozgc/8U/xUIeDJLvd5FmeYC6b+Jx5DX1SAq4
ZQHRI3A7NR5FSZU5x44+ai9VcOklegDCCm4QQeRWvhfE+OAB6rThOOKIEd01ICA4
jBhxkPotC48kTPh2dP9eu7jRImDoODh7DOPWDfOnfI5iSrAywFOGbYEe9h13LGyz
WFBOCYNSyzG4z2yEazZNxsoDAILO22E+CxDOf0j+iAKgxeb9CePDD7XwYNfuFpxh
OU+oueH7LJ66OYAkmNXPpZrsPjgDZjQioigXeXCOGjg4lC1ER0HOrsxfwQNqqKxI
+HqxBM2zCiDJUkH7FwARAQABiQPSBBgBCgAmAhsCFiEEE+u9vt56Endd/bG6u1cu
Di0YKRAFAl9nvEQFCQZNrG8BoMDUIAQZAQoAfRYhBFNOQgmrSe7hwZ2WFixEaV25
9gQ9BQJccTVSXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3Au
ZmlmdGhob3JzZW1hbi5uZXQ1MzRFNDIwOUFCNDlFRUUxQzE5RDk2MTYyQzQ0Njk1
REI5RjYwNDNEAAoJECxEaV259gQ9Lj8H/36nBkey3W18e9LpOp8NSOtw+LHNuHlr
mT0ThpmaZIjmn1G0VGLKzUljmrg/XLwhE28ZHuYSwXIlBGMdTk1IfxWa9agnEtiV
La6cDiQqs3jFa6Qiobq/olkIzN8sP5kA3NAYCUcmB/7dcw0s/FWUsyOSKseUWUEH
QwffxZeI9trsuMTt50hm0xh8yy60jWPdIzuY5V+C3M8YdP7oYS1l/9Oa0qf6nbmv
+pKIq4D9zQuTUaCgL63Nyc7c2QrtY1cIuNTxbGYMBrf/MOPnzxhh00cQh7SsrV2a
UuMp+SV88H/onYw/iYiVEXDRgaLW8aZY7qTAW3pS0sQ+nY5YDyo2gkIJELtXLg4t
GCkQM+wP/0+W/zDtaUQScdSBakfa6FUVz7BJqduIsGhllVKFnKKEUdELSvwi+3NV
LXL67C4GjGhIKW+Cj5XRlOQh0p3bABRGWAVBW2zwbtfnH7ls1UUdixp1R5nLD/du
z31lMGcIxmAPovXOTRxLvClS7pZ5ig6UrGuWtnQUegtZ0aLY2nLuR31rIhusPOdL
O/5R45c1aAzzCTG3REdzcEQve0d8RR6/AywldvJpGF/67CUzy1Yyis9Ak779C9W2
9fB2eQY/46+DroWYcx6Bw9yUumWhFAQtjkV+T2TjImi2jr9TW8bruNuMZn2S/PA+
hE9c+DmyEA58x47AmIE4n0tG3khRYGyfctgACex8UbXOS6jzahjyQnNrz1dG8etD
QusMSUZMn3A9Nx2EgiTL8Tr4YZMcOExvuES4PAggA6dOHPqB5KQ9HDAeBKdX9Wxo
g1/O9Pa3yawMutHr/2j/4Po6JirSyvTiq77wBANZ8VqTqhiGh14+hi5npsnrWs9q
6cykp6VTCn94ZpU5VkNGVE2/VBDxyGV9lWeT8roW07C2S8FVZ4JEQn1CLYdLRJ8t
1IPiER+xCRSsGWBe90SWwyDmN35oYYlTXSBt0aKHQScfg8drStKxD3IlkHzcnXCk
0YPuwR1dI7/Vr4o799mcg3jDHZ5awi27x6lKbGyOiS/R8y76Y5EWiQPSBBgBCgAm
AhsCFiEEE+u9vt56Endd/bG6u1cuDi0YKRAFAmGk510FCQgu3+8BoMDUIAQZAQoA
fRYhBFNOQgmrSe7hwZ2WFixEaV259gQ9BQJccTVSXxSAAAAAAC4AKGlzc3Vlci1m
cHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ1MzRFNDIwOUFC
NDlFRUUxQzE5RDk2MTYyQzQ0Njk1REI5RjYwNDNEAAoJECxEaV259gQ9Lj8H/36n
Bkey3W18e9LpOp8NSOtw+LHNuHlrmT0ThpmaZIjmn1G0VGLKzUljmrg/XLwhE28Z
HuYSwXIlBGMdTk1IfxWa9agnEtiVLa6cDiQqs3jFa6Qiobq/olkIzN8sP5kA3NAY
CUcmB/7dcw0s/FWUsyOSKseUWUEHQwffxZeI9trsuMTt50hm0xh8yy60jWPdIzuY
5V+C3M8YdP7oYS1l/9Oa0qf6nbmv+pKIq4D9zQuTUaCgL63Nyc7c2QrtY1cIuNTx
bGYMBrf/MOPnzxhh00cQh7SsrV2aUuMp+SV88H/onYw/iYiVEXDRgaLW8aZY7qTA
W3pS0sQ+nY5YDyo2gkIJELtXLg4tGCkQahkP/jTKCs460FSXUQ3f+IT9U+jKfzIh
pGQn5i9z9cWrilr1n85HwFmOuJ8uTdJEqLfymiQqnTWqMDrZf7vUOmHX254dpQn6
WnQHLMkNygc1EhTSIomkIMviOJzSfKQy7Zil1Xq0UHQXce89015FJYcruEWuq6eN
+XBTPhGsNad98lTMXONP6y3EyclTmTuZqAAw2bD1H+RpzJYZPTLeph4ADVMxweHW
Fi2kcoocYSQ2qJ4X7uxAb8Gf8nuBmWy3ML1QETGKfTgAl1TbxLghzQTZdJxazp1N
ZxYY2zGGHw8cMOFvXFT217oVzCnYyLPSPcPIxTj6xOhvkuBQAc3Oavzss0MoGnml
cVuhvEX2ZwrRL5yCU/GGcNyLsp+A2erjRg+ag9Zd9u5SsKWdk3dT9c3Put+K7W5O
7LwahB6xw0raImoX6tDzEjjdhfTY0dRsVmwW5Y8pQrX3DsMY4BLj26MvNLINjnzj
r2e3FX3+6qm8RHULTGre1/VmRs/BMmvydFRCGqiFAOiNOGsE6D1jffB6jQB8ur7t
i1KE/QhxHcwBtbDm8iCid6BJ1kDE+noYAVsxNFKC3pBZj9uREuYpvY3dBjmAxpcF
rbjnn8b2lmNhlmw9OkgsEfNTHGEYAnT0gfWGd6v9ktfK3tFBu84koDSUJIYC910D
W3Yasa//sYmdHvAtiQPSBBgBCgAmAhsCFiEEE+u9vt56Endd/bG6u1cuDi0YKRAF
AmKrigwFCQoRZO4BoMDUIAQZAQoAfRYhBFNOQgmrSe7hwZ2WFixEaV259gQ9BQJc
cTVSXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGho
b3JzZW1hbi5uZXQ1MzRFNDIwOUFCNDlFRUUxQzE5RDk2MTYyQzQ0Njk1REI5RjYw
NDNEAAoJECxEaV259gQ9Lj8H/36nBkey3W18e9LpOp8NSOtw+LHNuHlrmT0Thpma
ZIjmn1G0VGLKzUljmrg/XLwhE28ZHuYSwXIlBGMdTk1IfxWa9agnEtiVLa6cDiQq
s3jFa6Qiobq/olkIzN8sP5kA3NAYCUcmB/7dcw0s/FWUsyOSKseUWUEHQwffxZeI
9trsuMTt50hm0xh8yy60jWPdIzuY5V+C3M8YdP7oYS1l/9Oa0qf6nbmv+pKIq4D9
zQuTUaCgL63Nyc7c2QrtY1cIuNTxbGYMBrf/MOPnzxhh00cQh7SsrV2aUuMp+SV8
8H/onYw/iYiVEXDRgaLW8aZY7qTAW3pS0sQ+nY5YDyo2gkIJELtXLg4tGCkQ7ckP
/idd/0O/e9y/A1HcbVPusMClyebOv9Af1CpMFXbxLTkvE+SdaXi9QxWfLupR+2YD
3ABSmbSlAOatB7S44wApu+mZNt/pVDia0caS0gOvezKpVeHpGxP8ZRrj8axld5WA
D8xGyO07vxhnuztYkXF7BDEgatYMy31w+t9RKwb90lbyIDLs8GrBjeQGlY9UN/O1
FmMLw+SOX/E1uu5A60AS/iBlEM2KfWFGSuu1JW1rFbbe3iPS5+IXHvsx4eCSqtgb
rl6FfIj0HenzDaBJ2TiEBANrnhedDSwDOKFJVw7XXPiIvsaw5Ynq3AOMatoqpAW0
U95Kh8ajyTFm2ZBbUWYoyUIsllsZFWdfMc+doHQau3yyNYJudM2ni17VdFcKfV/c
cI9mjJPnGpj2l9n4OdkQ5FjW9qnyg4KWTLkKMI7TeY27+GjFFh9JCCWsLA9ehydm
6OdmCYFAAdNMLXWbkKyQg/5qKqCe+08GPAQFAvp0a10qBsYbwY5uFrhX/edTCik2
rxosMBb769369i3fVNaiNVj1T+4k2GBSNJFtxcFYExIIPQjWoDqqkbWKehjoTJ2e
A/98dEJFOru14ftBqsSU7tWVV5iLIe5Tyuus8b2UTCi9c+dn0Z64WUzF0vO1hfbt
CctNSJ7KE8xhkvYlMJiuY4+zfwkQlzoMBvj4Pvmx6Lbc
=T4NL
-----END PGP PUBLIC KEY BLOCK-----

127
roles/toxcore/overlay/Linux/usr/local/src/c-toxcore.bash Executable file
View file

@ -0,0 +1,127 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
DESC=""
. $PREFIX/src/usr_local_tput.bash || exit 1
PKG=toxcore
DIR=c-$PKG
GIT_HUB=github.com
GIT_USER=TokTok
GIT_DIR=$DIR
GIT_BRAN=master
VERS=2.18.0
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ -d /etc/portage ] ; then
ols_funtoo_requires app-crypt/argon2 dev-vcs/git media-gfx/qrencode
fi
WD=$PWD
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" ] ; then
[ -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" ] || \
mkdir "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
ols_are_we_connected || { DEBUG not connected ; exit 0 ; }
cd "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
git clone -b $GIT_BRAN --depth=1 https://$GIT_HUB/$GIT_USER/$GIT_DIR || exit 4
git clone --depth=1 https://$GIT_HUB/$GIT_USER/dockerfiles
cd $WD
# wget -xcP ../net/Http/ https://github.com/TokTok/c-toxcore/releases/download/v0.2.18/c-toxcore-0.2.18.tar.gz
fi
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"/$GIT_DIR $DIR
fi
cd "$DIR" || exit 5
[ -f third_party/cmp/Makefile ] || git submodule update --init || exit 6
# ols_apply_testforge_patches
# # [ -f CMakeLists.txt.dst ] || patch -b -z.dst < toxcore.diff || exit 7
[ -f cmake.sh ] || cat > cmake.sh << \EOF
#!/bin/sh
# -*- mode: sh; fill-column: 75; tab-width: 8; coding: utf-8-unix -*-
PREFIX=$PREFIX
ROLE=toxcore
CORE=$PREFIX/src/c-toxcore
DIR=_build
LIB=$CORE/$DIR
cd $CORE | exit 3
mkdir _build
cd _build
cmake \
-DCMAKE_BUILD_TYPE="Debug" \
-DCMAKE_UNITY_BUILD=ON \
-DMIN_LOGGER_LEVEL=DEBUG \
-DMUST_BUILD_TOXAV=ON \
-DSTRICT_ABI=ON \
-DTEST_TIMEOUT_SECONDS=1200 \
-DUSE_IPV6=OFF \
-DAUTOTEST=ON \
-DNON_HERMETIC_TESTS=ON \
-DPROXY_TEST=ON \
-DBUILD_MISC_TESTS=ON \
-DBUILD_FUN_UTILS=ON \
-DBOOTSTRAP_DAEMON=ON \
-DSOCKS_PORT_TEST=9050 \
-DSOCKS_HOST_TEST=localhost \
.. > cmake.log 2>&1
#sed -e 's/-DNDEBUG/-g/' -i CMakeCache.txt
make .. > make.log 2>&1
ls $LIB/*so* || { echo ERROR $LIB ; exit 2 ; }
EOF
bash cmake.sh || {
retcval=$?
ERROR cmake $retcval
exit 3$retval
}
cd _build
make >> make.log 2>&1 || {
retcval=$?
ERROR cmake $retcval
exit 3$retval
}
cp -p other/bootstrap_daemon/tox-bootstrapd $PREFIX/bin
cp -p other/bootstrap_daemon/tox-bootstrapd.sh $PREFIX/etc/init.d/tox-bootstrapd
# ln -s $PREFIX/etc/init.d/tox-bootstrapd /etc/init.d
exit 0
elif [ $1 = 'check' ] ; then # 1*
# ols_test_bins && exit 0 || exit $?
[ ! -d $DIR/_build ] && WARN not built yet $DIR && exit 11
[ -f $DIR/_build/libtoxcore.so.${VERS} ] && WARN not compiled yet $DIR && exit 12
ldd $DIR/_build/libtoxcore.so.${VERS} | grep found && ERROR ldd fails $DIR && exit 13
exit 0
elif [ "$1" = 'test' ] ; then # 3*
cd $PREFIX/src/$DIR/_build || exit 30
ctest || exit 31
elif [ "$1" = 'refresh' ] ; then # 6*
cd $PREFIX/src/$DIR || exit 60
/usr/local/sbin/base_diff_from_dst.bash $ROLE || exit 6$?
elif [ "$1" = 'update' ] ; then # 7*
ols_are_we_connected || exit 0
cd $PREFIX/src/$DIR || exit 70
git pull || exit 7$?
fi

86
roles/toxcore/overlay/Linux/usr/local/src/negotiator.bash Normal file
View file

@ -0,0 +1,86 @@
#!/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
prog=`basename $0 .bash`
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
DESC=""
. $PREFIX/bin/usr_local_tput.bash || exit 1
PKG=negotiator
DIR=negatiator
declare -a FILES
FILES=(
1a/dd/3fcb75aebaa0a28f4f4e4a5773833d5cc7fecd47f2b535fc7e445f289539/negotiator-common-0.12.2.tar.gz
65/e5/bddc148f12aa8e81cfb0fbe504541436d0d38c6cb1546fa4fb5fbefcb5ce/negotiator-host-0.12.2.tar.gz
fe/a1/3d77020b8c5034f7ef65434d0510d1262840550155ce5f433c8189499326/negotiator-guest-0.12.2.tar.gz
)
declare -a GUESTS
GUESTS=(
coloredlogs-15.0.1-py2.py3-none-any.whl
executor-23.2-py2.py3-none-any.whl
fasteners-0.19-py3-none-any.whl
humanfriendly-10.0-py2.py3-none-any.whl
negotiator_common-0.12.2-py3-none-any.whl
negotiator_guest-0.12.2-py3-none-any.whl
property_manager-3.0-py2.py3-none-any.whl
setuptools-69.0.2-py3-none-any.whl
six-1.16.0-py2.py3-none-any.whl
supervisor-4.2.5-py2.py3-none-any.whl
verboselogs-1.7-py2.py3-none-any.whl
)
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
WD=$PWD
if true || [ ! -d "$DIR" ] ; then
route | grep -q ^def || { DBUG not connected ; exit 0 ; }
wget -xcP $PREFIX/net/Http/ https://pypi.org/project/negotiator-common/
for f in "${FILES[@]}" ; do
wget -xcP $PREFIX/net/Http/ https://files.pythonhosted.org/packages/$f
done
if [ ! -d "$WD/$DIR" ] ; then
[ -d $WD/$DIR ] || mkdir $WD/$DIR
pip3.sh download -d $WD/$DIR \
negotiator-guest supervisor humanfriendly
cd $WD
fi
for f in "${FILES[@]}" ; do
tar xvfkz $PREFIX/net/Http/$f 2>/dev/null
done
fi
for f in "${FILES[@]}" ; do
base=`basename $f .tar.gz`
[ -d base ] && continue
tar xvfkz $PREFIX/net/Http/$f 2>/dev/null
cd $base
pip3.sh install --prefix=/usr/local . >> install.log 2>&1 || \
WARN problems installing $base retval=$retval
cd ..
done
exit 0
elif [ "$1" = 'test' ] ; then # 3*
cd $PREFIX/src/$DIR/_build || exit 30
ctest || exit 31
elif [ "$1" = 'refresh' ] ; then # 6*
cd $PREFIX/src/$DIR || exit 60
/usr/local/sbin/base_diff_from_dst.bash $ROLE || exit 6$?
elif [ "$1" = 'update' ] ; then # 7*
ols_are_we_connected || exit 0
cd $PREFIX/src/$DIR || exit 70
git pull || exit 7$?
fi

75
roles/toxcore/overlay/Linux/usr/local/src/tox_profile.bash Executable file
View file

@ -0,0 +1,75 @@
#/bin/sh
# -*- mode: sh; tab-width: 8; encoding: utf-8-unix -*-
PREFIX=/usr/local
[ -f /usr/local/etc/testforge/testforge.bash ] && \
. /usr/local/etc/testforge/testforge.bash
ROLE=toxcore
PYVER=3
P="BASE_PYTHON${PYVER}_MINOR"
[ -z "$PYTHON_MINOR" ] && PYTHON_MINOR="$(eval echo \$$P)"
PYTHON_EXE_MSYS=$PREFIX/bin/python$PYVER.bash
PYTHON_EXE=$PYTHON_EXE_MSYS
DESC=""
. /var/local/src/var_local_src.bash || exit 1
SITE_PACKAGES_MSYS=$PREFIX/$LIB/python$PYTHON_MINOR/site-packages
HTTP_DIR=$PREFIX/net/Http
DIR=tox_profile
MOD=$DIR
GIT_HUB=git.plastiras.org
GIT_USER=emdee
GIT_DIR=$DIR
# tox_profile
cd $PREFIX/src || exit 2
WD=$PWD
if [ "$#" -eq 0 ] ; then
if [ ! -d "$DIR" ] ; then
if [ ! -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" ] ; then
ols_are_we_connected || exit 0
[ -d "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" ] || \
mkdir "$PREFIX/net/Git/$GIT_HUB/$GIT_USER"
( cd "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" && \
git clone "https://$GIT_HUB/$GIT_USER/$GIT_DIR" ) ||\
exit 2
( cd "$PREFIX/net/Git/$GIT_HUB/$GIT_USER" && \
git config user emdee && \
git config email emdee@ )
fi
cp -rip "$PREFIX/net/Git/$GIT_HUB/$GIT_USER/$GIT_DIR" . || exit 3
fi
python$PYVER.bash -c 'import namedlist' || \
pip$PYVER.bash install namedlist
cd $DIR || exit 4
[ -f __init__.py ] || touch __init__.py
# "$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 10
exit 0
elif [ $1 = 'check' ] ; then # 1*
# "$PYTHON_EXE_MSYS" -c "import $MOD" 2>/dev/null || exit 10
:
elif [ "$1" = 'lint' ] ; then # 2*
[ -n "$PYVER" ] || return 20
pylint -E --recursive y || exit 2$?
elif [ "$1" = 'test' ] ; then # 3*
cd $PREFIX/src/$DIR/$DIR || exit 32
$PYTHON_EXE_MSYS tox_savefile_test.bash \
>> $WD/$DIR/test.log 2>&1 || \
{ ERROR "$MOD code $?" ; cat $WD/$DIR/test.log ; exit 35 ; }
elif [ "$1" = 'refresh' ] ; then # 6*
cd $PREFIX/src/$DIR || exit 60
fi

43
roles/toxcore/overlay/Linux/usr/local/src/usr_local_toxcore.bash Normal file
View file

@ -0,0 +1,43 @@
#!/bin/bash
# -*- mode: sh; tab-width: 8; coding: utf-8-unix -*-
prog=`basename $0 .bash`
ROLE=toxcore
PREFIX=/var/local
# we install into /var/local/bin and it takes precedence
# export PATH=$PREFIX/bin:$PATH
#. /var/local/src/var_local_src.bash || exit 2
[ `id -u` -eq 0 ] && ERROR $prog should not be run as root && exit 3
if [ "$#" -eq 0 ] ; then
cd $PREFIX/src || exit 2
WD=$PWD
bash c-toxcore.bash || exit 3$?
bash tox_profile.bash || 4$?
# sh toxcore_docker.bash || exit 4$?
exit 0
elif [ "$1" = 'check' ] ; then
exit 0
ols_run_checks_pip3
ols_run_tests_exit check || exit 10$?
exit $?
elif [ "$1" = 'lint' ] ; then
exit 0
ols_run_tests_shellcheck $ROLE || exit 2$?
ols_run_tests_exit $1 || exit 21$?
ols_run_tests_pylint || exit 22$?
elif [ "$1" = 'test' ] ; then
exit 0
ols_run_tests_exit $1 || exit 30$?
ols_gentoo_test_imports || exit 32$?
#hangs /usr/bin/expect gpgkey_test_gpg.exp foobar || exit 31$?
fi

12
roles/toxcore/tasks/Gentoo.yml
View file

@ -24,7 +24,7 @@
when:
- item != '' and item != []
- BASE_ARE_CONNECTED|default('') != ''
- "{{ ansible_virtualization_role|replace('NA', 'host') == 'host' }}"
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
- name: install toxcore packages GUEST
environment: "{{ portage_proxy_env }}"
@ -58,19 +58,20 @@
[ -f "/etc/local.d/rc.local.start" ] && exit 0
echo /etc/rc.local > /etc/local.d/rc.local.start
chmod 755 /etc/local.d/rc.local.start
if ! grep consolefont /etc/rc.local ; then
cat >> /etc/rc.local << EOF
/etc/init.d/consolefont stop; /etc/init.d/consolefont start
stty -F /dev/tty1 cols 80 rows 24
grep vda /proc/partitions && \
e2label /dev/vda3 root && \
e2label /dev/vda1 boot
sed -e 's/^#L/L/' -i /etc/fstab
EOF
fi
chmod 755 /etc/rc.local
bash /etc/rc.local
exit 0
when:
- not ansible_check_mode
- BOX_SERVICE_MGR != 'systemd' # maybe
- "ansible_virtualization_role|replace('NA', 'host') != 'host'"
# safe ones
- block:
@ -167,5 +168,6 @@
FCFLAGS="${CFLAGS}"
FFLAGS="${CFLAGS}"
when: true
when:
- "{{ ansible_virtualization_role|replace('NA', 'host') != 'host' }}"

275
roles/toxcore/tasks/libvirt_whonix.yml Normal file
View file

@ -0,0 +1,275 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "proxy libvirt_whonix.yml"
debug:
verbosity: 1
msg: "proxy libvirt_whonix.yml PROXY_FEATURES={{PROXY_FEATURES}}"
- name: "hulahoop .asc"
environment: "{{ shell_proxy_env }}"
shell: |
base="hulahoop"
URL="www.whonix.org/$base"
dir="{{HARDEN_VAR_LOCAL}}/net/Http/"
[ -d $dir ] || mkdir $dir
[ -f $dir/$URL.asc ] || wget {{BASE_WGET_ARGS}} -xc -P $dir https://$URL.asc || exit 3
# FixMe:
gpg --import $dir/$URL.asc > /tmp/V$$.out 2>&1
[ $? -eq 0 ] || exit 1$?
grep 'imported: 1' /tmp/V$$.out
exit 0
args:
creates: "{{HARDEN_VAR_LOCAL}}/net/Http/www.whonix.org/hulahoop.asc"
when:
- not ansible_check_mode
- BASE_ARE_CONNECTED|default('') != ''
ignore_errors: true
- block:
- name: "/etc/libvirt/virtlogd.conf"
lineinfile:
path: /etc/libvirt/virtlogd.conf
create: yes
mode: 0755
insertafter: BOF
line: '{{item.key}}="{{item.val}}"'
regexp: "^#{{item.key}}.*"
with_items:
- key: log_filters
val: "1:logging 4:object 4:json 4:event 1:util"
- key: log_outputs
val: "3:file:/var/log/libvirt/virtlogd.log"
when:
- "'libvirt' in BOX_HOSTVMS_FEATURES or BOX_WHONIX_PROXY_HOST != ''"
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
- name: /etc/sysctl.d/70_testforge_libvirt.conf
blockinfile:
dest: /etc/sysctl.d/70_testforge_libvirt.conf
create: yes
marker: "# {mark} ANSIBLE MANAGED BLOCK ip_forward"
block: |
# enisables packet forwarding - required on the host for libvirt
net.ipv4.ip_forward = 1
# Disables IP dynaddr
#net.ipv4.ip_dynaddr = 0
# Disable ECN
#net.ipv4.tcp_ecn = 0
when:
- false # use lineinfile on the file it is already in
- "'hostvms' in ROLES|default([]) or 'toxcore' in ROLES|default([]) or 'privacy' in ROLES|default([])"
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
# FixMe: WTF?
# The destination directory (/etc/sysctl.d) is not writable by the current user.
ignore_errors: true
- block:
# https://www.whonix.org/wiki/KVM/Whonix_Signing_Key
- name: verify an image download.whonix.org/libvirt
shell: |
HTTP_DIR=/g/Privacy/net/Http/
URL=download.whonix.org/libvirt/{{PRIV_WHONIX_VERSION}}/Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.libvirt.xz
[ -f $HTTP_DIR/$URL ] || \
wget -c {{ BASE_WGET_ARGS }} -P $HTTP_DIR https://$URL https://$URL.asc || exit 3
gpg --verify $HTTP_DIR/$URL.asc $HTTP_DIR/$URL >/tmp/V$$.out
[ $? -ne 0 ] && exit $?
grep 'Good signature from' /tmp/V$$.out || exit 11
grep ' key fingerprint: 04EF 2F66 6D36 C354 058B 9DD4 50C7 8B6F 9FF2 EC85' /tmp/V$$.out || exit 12
# FixMe:
ignore_errors: true
when:
- BASE_ARE_CONNECTED|default('') != ''
- name: untar
shell: |
HTTP_DIR=/g/Privacy/net/Http/
URL=download.whonix.org/libvirt/{{PRIV_WHONIX_VERSION}}/Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.libvirt.xz
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
[ -d $CDIR ] || mkdir -p $CDIR
cd $CDIR || exit
[ -f WHONIX_DISCLAIMER ] || tar xvfJ $HTTP_DIR/$URL
args:
creates: "{{PROXY_GATEWAY_QEMU_DIR}}/Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums.asc"
- name: sha256sum -c Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums.asc
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
[ -d $CDIR ] || exit 1
gpg --verify Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums.asc Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums >/tmp/V$$.out
[ $? -ne 0 ] && exit $?
grep 'OK' /tmp/V$$.out || exit 11
- name: sha256sum -c Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
[ -d $CDIR ] || exit 1
sha256sum -c Whonix-XFCE-{{PRIV_WHONIX_VERSION}}.sha256sums
- name: touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
cd $CDIR || exit 1
[ -f WHONIX_BINARY_LICENSE_AGREEMENT_accepted ] || \
touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
- name: net-define $DIR/Whonix_external*.xml
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
virsh net-list --all | grep Whonix-External && exit 0
cd $CDIR || exit 1
virsh -c qemu:///system net-define $DIR/Whonix_external*.xml
- name: virsh net-info Whonix-Internal
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
virsh net-list --all | grep Whonix-Internal && exit 0
cd $CDIR || exit 1
virsh -c qemu:///system net-define $DIR/Whonix_internal*.xml
- name: virsh define Whonix-Gateway
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
virsh list --all | grep Whonix-Gateway && exit 0
cd $CDIR || exit 1
grep -q "{{PRIV_WHONIX_GATE_MEM}}" Whonix-Gateway-XFCE-{{PRIV_WHONIX_VERSION}}.xml || \
sed -e "s@<currentMemory unit='KiB'>524288</currentMemory>@<currentMemory unit='KiB'>{{PRIV_WHONIX_GATE_MEM}}</currentMemory>@" -i \
Whonix-Gateway-XFCE-{{PRIV_WHONIX_VERSION}}.xml
virsh define Whonix-Gateway-XFCE-{{PRIV_WHONIX_VERSION}}.xml --validate
args:
creates: /etc/libvirt/qemu/Whonix-Gateway.xml
- name: virsh define Whonix-Workstation
shell: |
CDIR={{PROXY_GATEWAY_QEMU_DIR}}
virsh list --all | grep Whonix-Workstation && exit 0
cd $CDIR || exit 1
virsh define Whonix-Workstation-XFCE-{{PRIV_WHONIX_VERSION}}.xml --validate
args:
creates: /etc/libvirt/qemu/Whonix-Workstation.xml
when:
- false
# FixMe should only edit if not running
- name: /etc/libvirt/qemu/*xml
blockinfile:
dest: "{{item}}"
marker: "<!-- {mark} ANSIBLE MANAGED BLOCK proxy whonix -->"
mode: 0660
owner: "{{BOX_ROOT_USER}}"
group: "{{BOX_ROOT_GROUP}}"
create: no
block: |
<channel type='unix'>
<source mode='bind'/>
<target type='virtio' name='org.qemu.guest_agent.0'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
with_fileglob: /etc/libvirt/qemu/Whonix*.xml
when:
- false # use xml instead
- "ansible_virtualization_role|replace('NA', 'host') == 'host'"
# console=tty0 console=ttyS0,115200n8 spectre_v2=on spec_store_bypass_disable=on tsx=off tsx_async_abort=full,nosmt mds=full,nosmt l1tf=full,force nosmt=force kvm.nx_huge_pages=force random.trust_cpu=off intel_iommu=on efi=disable_early_pci_dma slab_nomerge slub_debug=FZP page_poison=1 mce=0 pti=on vsyscall=none extra_latent_entropy
# from Gateway
- block:
# /usr/portage/app-emulation/libvirt/files/libvirtd.init-r19 after livirt-7.2.0a
- name: /usr/local/sbin/proxy_whonix-libvirt-install.bash
shell: |
cp -p /usr/local/etc/init.d/libvirtd.openrc /etc/init.d/livirtd
chmod 755 /etc/init.d/libvirtd
args:
creates: /etc/init.d/libvirtd
- name: "/etc/libvirt/qemu.conf"
blockinfile:
dest: "/etc/libvirt/qemu.conf"
create: false
marker: "# {mark} ANSIBLE MANAGED BLOCK hostvms vms {{item.name}}"
insertafter: '^#* *{{item.name}}.*'
block: |
{{ item.name }} = {{ item.val }}
with_items:
- { name: 'migration_address', val: '"0.0.0.0"' }
- { name: 'user', val: '"root"' }
#? why qemu - serverfault sez must be root for passthrough
# root is not enough for passthorugh mounting rw
- { name: 'group', val: '"root"' }
#? why
- { name: 'dynamic_ownership', val: '1' }
#?? why
# error : virGetUserID:1041 : invalid argument: Failed to parse user 'tss'
# - { name: 'swtpm_user', val: '"tss"' }
#?? why
# error : virGetGroupID:1124 : invalid argument: Failed to parse group 'tss'
# - { name: 'swtpm_group', val: '"tss"' }
# - { name: '', val: '' }
ignore_errors: true
# required
when: not ansible_check_mode
- name: "/etc/libvirt/libvirtd.conf"
blockinfile:
dest: /etc/libvirt/libvirtd.conf
create: yes
marker: "# {mark} ANSIBLE MANAGED BLOCK hostvms vms {{item.name}}"
insertafter: '^#* *{{item.name}}.*'
block: |
{{ item.name }} = "{{ item.val }}"
with_items:
#listen_addr = "192.168.0.1"
- { name: "listen_addr", val: "127.0.0.1" }
#_sock_group = "libvirt"
- { name: "unix_sock_group", val: "libvirt" }
- { name: "unix_sock_ro_perms", val: "0750" }
- { name: "unix_sock_rw_perms", val: "0770" }
#ca_file = "/etc/pki/CA/cacert.pem"
- { name: "ca_file", val: "{{ PLAY_CA_CERT }}" }
- { name: "auth_unix_ro", val: "none" }
- { name: "auth_unix_rw", val: "none" }
- { name: "log_filters", val: "1:qemu 1:libvirt 4:object 4:json 4:event 1:util" }
- { name: "log_outputs", val: "3:file:/var/log/libvirtd.log" }
#
# - { name: "", val: "" }
ignore_errors: true
# required
when: not ansible_check_mode
notify: restart libvirtd
- name: /etc/modprobe.d/nbd.conf"
shell: |
file="/etc/modprobe.d/nbd.conf"
[ -f $file ] || echo >$file options nbd max_part=16
args:
creates: /etc/modprobe.d/nbd.conf
- name: "/etc/default/libvirt-guests"
lineinfile:
path: /etc/default/libvirt-guests
create: yes
mode: 0755
insertafter: BOF
line: '{{item.key}}="{{item.val}}"'
regexp: "^#{{item.key}}.*"
with_items:
- key: ON_BOOT
val: ignore
when:
- "ansible_distribution == 'Debian'"
- name: /usr/local/sbin/proxy_whonix-libvirt-install.bash
shell: |
/usr/local/sbin/proxy_whonix-libvirt-install.bash
args:
creates: /etc/libvirt/qemu/Whonix-Gateway.xml
when:
- ansible_virtualization_role|replace('NA', 'host') == 'host'

1
roles/toxcore/tasks/main.yml
View file

@ -187,6 +187,7 @@
- LOOP_ITEM != '' and LOOP_ITEM != []
with_items:
- "vms"
- "{{ 'libvirt_whonix' if (BOX_WHONIX_PROXY_HOST != '' or 'libvirt' in BOX_HOSTVMS_FEATURES or 'whonix' in BOX_TOXCORE_FEATURES) else [] }}"
loop_control:
loop_var: LOOP_ITEM