Git-Mirrors/qusal
1
0
Fork 0
mirror of https://github.com/ben-grande/qusal.git synced 2025-03-29 02:18:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

feat: use native TCP socket with Qrexec

Browse Source
This commit is contained in:
Ben Grande 2024-06-25 01:28:53 +02:00
parent 95289ed19a
commit 4facf458b7
No known key found for this signature in database
GPG Key ID: 00C64E14F51F9E56
10 changed files with 63 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
salt/sys-net/files/server/rpc/qusal.ConnectTCP
View File

@ -34,4 +34,4 @@ if test "${#port}" -gt 5 || test "${port}" -gt 65535; then
exit 1 exit 1
fi fi
exec socat - "TCP:${host}:${port}" exec socat STDIO "TCP:${host}:${port}"

7
salt/sys-print/files/server/rpc/qusal.Print
View File

@ -1,7 +0,0 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2023 unman <unman@thirdeyesecurity.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
exec socat STDIO TCP:localhost:631

9
salt/sys-print/install-client.sls
View File

@ -5,6 +5,15 @@ SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
SPDX-License-Identifier: AGPL-3.0-or-later SPDX-License-Identifier: AGPL-3.0-or-later
#} #}
"{{ slsdotpath }}-installed-client":
pkg.installed:
- require:
- sls: utils.tools.common.update
- install_recommends: False
- skip_suggestions: True
- pkgs:
- socat
"{{ slsdotpath }}-client-systemd-print-forwarder": "{{ slsdotpath }}-client-systemd-print-forwarder":
file.managed: file.managed:
- name: /usr/lib/systemd/system/qusal-print-forwarder.service - name: /usr/lib/systemd/system/qusal-print-forwarder.service

15
salt/sys-print/install.sls
View File

@ -43,12 +43,21 @@ include:
- user - user
"{{ slsdotpath }}-rpc": "{{ slsdotpath }}-rpc":
file.managed: file.symlink:
- name: /etc/qubes-rpc/qusal.Print - name: /etc/qubes-rpc/qusal.Print
- source: salt://{{ slsdotpath }}/files/server/rpc/qusal.Print - target: /dev/tcp/127.0.0.1/631
- mode: '0755'
- user: root - user: root
- group: root - group: root
- force: True
- makedirs: True
"{{ slsdotpath }}-rpc-config":
file.symlink:
- name: /etc/qubes/rpc-config/qusal.Print
- target: /etc/qubes/rpc-config/qubes.ConnectTCP
- user: root
- group: root
- force: True
- makedirs: True - makedirs: True
"{{ slsdotpath }}-bind-dirs": "{{ slsdotpath }}-bind-dirs":

9
salt/sys-rsync/files/server/rpc/qusal.Rsync
View File

@ -1,9 +0,0 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2022 unman <unman@thirdeyesecurity.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
exec socat STDIO TCP:localhost:873

21
salt/sys-rsync/install.sls
View File

@ -18,7 +18,6 @@ include:
- skip_suggestions: True - skip_suggestions: True
- pkgs: - pkgs:
- rsync - rsync
- socat
- man-db - man-db
"{{ slsdotpath }}-stop-rsync": "{{ slsdotpath }}-stop-rsync":
@ -42,14 +41,22 @@ include:
- group: root - group: root
- makedirs: True - makedirs: True
"{{ slsdotpath }}-set-rpc-services": "{{ slsdotpath }}-rpc":
file.recurse: file.symlink:
- name: /etc/qubes-rpc/ - name: /etc/qubes-rpc/qusal.Rsync
- source: salt://{{ slsdotpath }}/files/server/rpc/ - target: /dev/tcp/127.0.0.1/873
- dir_mode: '0755'
- file_mode: '0755'
- user: root - user: root
- group: root - group: root
- force: True
- makedirs: True
"{{ slsdotpath }}-rpc-config":
file.symlink:
- name: /etc/qubes/rpc-config/qusal.Rsync
- target: /etc/qubes/rpc-config/qubes.ConnectTCP
- user: root
- group: root
- force: True
- makedirs: True - makedirs: True
{% endif -%} {% endif -%}

9
salt/sys-ssh/files/server/rpc/qusal.Ssh
View File

@ -1,9 +0,0 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2022 unman <unman@thirdeyesecurity.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
exec socat STDIO TCP:localhost:22

21
salt/sys-ssh/install.sls
View File

@ -18,7 +18,6 @@ include:
- skip_suggestions: True - skip_suggestions: True
- pkgs: - pkgs:
- openssh-server - openssh-server
- socat
- man-db - man-db
"{{ slsdotpath }}-stop-ssh": "{{ slsdotpath }}-stop-ssh":
@ -33,14 +32,22 @@ include:
service.masked: service.masked:
- name: ssh - name: ssh
"{{ slsdotpath }}-set-rpc-services": "{{ slsdotpath }}-rpc":
file.recurse: file.symlink:
- name: /etc/qubes-rpc/ - name: /etc/qubes-rpc/qusal.Ssh
- source: salt://{{ slsdotpath }}/files/server/rpc/ - target: /dev/tcp/127.0.0.1/22
- dir_mode: '0755'
- file_mode: '0755'
- user: root - user: root
- group: root - group: root
- force: True
- makedirs: True
"{{ slsdotpath }}-rpc-config":
file.symlink:
- name: /etc/qubes/rpc-config/qusal.Ssh
- target: /etc/qubes/rpc-config/qubes.ConnectTCP
- user: root
- group: root
- force: True
- makedirs: True - makedirs: True
"{{ slsdotpath }}-sshd-config": "{{ slsdotpath }}-sshd-config":

9
salt/sys-syncthing/files/server/rpc/qusal.Syncthing
View File

@ -1,9 +0,0 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2022 unman <unman@thirdeyesecurity.org>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
exec socat STDIO TCP:localhost:22000

18
salt/sys-syncthing/install.sls
View File

@ -26,18 +26,26 @@ include:
- qubes-core-agent-networking - qubes-core-agent-networking
- syncthing - syncthing
- jq - jq
- socat
- qubes-core-agent-thunar - qubes-core-agent-thunar
- thunar - thunar
- man-db - man-db
"{{ slsdotpath }}-rpc-service": "{{ slsdotpath }}-rpc":
file.managed: file.symlink:
- name: /etc/qubes-rpc/qusal.Syncthing - name: /etc/qubes-rpc/qusal.Syncthing
- source: salt://{{ slsdotpath }}/files/server/rpc/qusal.Syncthing - target: /dev/tcp/127.0.0.1/22000
- user: root - user: root
- group: root - group: root
- mode: '0755' - force: True
- makedirs: True
"{{ slsdotpath }}-rpc-config":
file.symlink:
- name: /etc/qubes/rpc-config/qusal.Syncthing
- target: /etc/qubes/rpc-config/qubes.ConnectTCP
- user: root
- group: root
- force: True
- makedirs: True - makedirs: True
"{{ slsdotpath }}-mask-syncthing": "{{ slsdotpath }}-mask-syncthing":