Fix string warning, script execution

Add command testing
Add printer scraping
2025-10-25 22:21:59 +02:00 · 2025-10-25 22:21:59 +02:00 · 2025-10-25 22:21:59 +02:00
7 changed files with 18 additions and 64 deletions
--- a/machines/fanny/configuration.nix
+++ b/machines/fanny/configuration.nix
@@ -1,7 +1,6 @@
 { inputs, config, ... }:
 let
  sshKeys = import ../ssh_keys.nix;
-  peers = import ../modules/malobeo/peers.nix;
 in
 {
  sops.defaultSopsFile = ./secrets.yaml;
@@ -88,35 +87,6 @@ in
    ethernetDrivers = ["r8169"];
  };

-  boot.initrd = {
-    availableKernelModules = [ "wireguard" ];
-    systemd = {
-      enable = true;
-      network = {
-        enable = true;
-        netdevs."30-wg-initrd" = {
-          netdevConfig = {
-            Kind = "wireguard";
-            Name = "wg-initrd";
-          };
-          wireguardConfig = { PrivateKeyFile = "/etc/secrets/30-wg-initrd.key"; };
-          wireguardPeers = [{
-            AllowedIPs = peers.fanny-initrd.allowedIPs;
-            PublicKey = peers.fanny-initrd.publicKey;
-            Endpoint = "${peers.vpn.publicIp}:${builtins.toString(peers.vpn.listenPort)}";
-            PersistentKeepalive = 25;
-          }];
-        };
-        networks."30-wg-initrd" = {
-          name = "wg-initrd";
-          addresses = [{ Address = peers.fanny-initrd.address; }];
-        };
-      };
-    };
-  };
-
-  boot.initrd.secrets."/etc/secrets/30-wg-initrd.key" = "/etc/wireguard/wg.private";
-
  services.malobeo.vpn = {
    enable = true;
    name = "fanny";
--- a/machines/modules/malobeo/initssh.nix
+++ b/machines/modules/malobeo/initssh.nix
@@ -56,11 +56,11 @@ in
          path = with pkgs; [ zfs ];
          serviceConfig.Type = "oneshot";
          script = ''
-            echo "zfs load-key -a; killall zfs; systemctl default" >> /var/empty/.profile
+            echo "systemctl default" >> /var/empty/.profile
          '';
        };
      };
      kernelParams = [ "ip=::::${hostName}-initrd::dhcp" ];
    };
  };
-}
+}
--- a/machines/modules/malobeo/peers.nix
+++ b/machines/modules/malobeo/peers.nix
@@ -44,14 +44,6 @@
    publicKey = "3U59F6T1s/1LaZBIa6wB0qsVuO6pRR9jfYZJIH2piAU=";
  };

-  "fanny-initrd" = {
-    role = "client";
-    address = "10.100.0.102";
-    allowedIPs = [ "10.100.0.102/32" ];
-    #TODO: UPDATE
-    publicKey = "h1A2yt7OQ5EJIilC8tQg203u27o6J6/c+Kd/pZ4UWAY=";
-  };
-
  "backup0" = {
    role = "client";
    address = "10.100.0.20";
--- a/machines/overwatch/pull_info.sh
+++ b/machines/overwatch/pull_info.sh
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-set -eo pipefail
+set -o pipefail
 for command in "jq" "xq" "grep" "curl" "sed"
 do
    if ! command -v $command >/dev/null 2>&1
@@ -13,7 +13,7 @@ get_cookie () {
    if [[ $1 == "-d" ]]; then
        cookie=$(cat request_example_1.txt)
    else
-        cookie=$(curl -s -D - -X GET http://192.168.1.42/wcd/index.html)
+        cookie=$(curl -D - -X GET http://192.168.1.42/wcd/index.html)
    fi

    exitCode="$?"
@@ -93,14 +93,15 @@ system_counter_ScanFaxCounter_keys=("DocumentReadTotal" "DocumentReadLarge" "Fax
 system_consumables_base_keys=("Toner (Yellow)" "Toner (Magenta)" "Toner (Cyan)" "Toner (Black)" "Drum Cartridge (Cyan)" "Developer Cartridge (Cyan)" "Drum Cartridge (Magenta)" "Developer Cartridge (Magenta)" "Drum Cartridge (Yellow)" "Developer Cartridge (Yellow)" "Drum Cartridge (Black)" "Developer Cartridge (Black)" "Fusing Unit" "Image Transfer Belt Unit" "Transfer Roller Unit")
 #End Variables-------------

-echo "Getting cookie"
+echo "Start getting cookie"
 get_cookie "$@"
+echo "Cookie got"

-echo "Start extracting info from system_counter"
+echo "Start extract from system_counter"
 if [[ $1 == "-d" ]]; then
    system_counter_data=$(cat system_counter.xml |xq)
 else
-    system_counter_data=$(curl -s -X GET http://192.168.1.42/wcd/system_counter.xml -H "Cookie: ID=$cookie" |xq)
+    system_counter_data=$(curl -X GET http://192.168.1.42/wcd/system_counter.xml -H "Cookie: ID=\"$cookie\"" |xq)
 fi

 get_values ".MFP.Count.UserCounterInfo.TotalCounterList.TotalCounter" system_counter_TotalCounter_keys TotalCounter
@@ -117,17 +118,19 @@ get_values ".MFP.Count.UserCounterInfo.ScanFaxCounterList.ScanFaxCounter" system

 get_values_DeviceStatus system_counter_DeviceStatus_keys DeviceStatus

-echo "Start extracting info from system_consumables"
+echo "Stop extract from system_counter"
+echo
+echo "Start extract from system_consumables"
 if [[ $1 == "-d" ]]; then
    system_consumables_data=$(cat system_consumables.xml |xq)
 else
-    system_consumables_data=$(curl -s -X GET http://192.168.1.42/wcd/system_consumable.xml -H "Cookie: ID=$cookie" |xq)
+    system_consumables_data=$(curl -X GET http://192.168.1.42/wcd/system_counter.xml -H "Cookie: ID=\"$cookie\"")
 fi

 get_values_consumables system_consumables_base_keys Consumables

-echo "Sending data to prometheus-pushgateway..."
+echo "Stop extract from system_consumables"

-echo "$valueStore" | curl -s --data-binary @- http://localhost:9091/metrics/job/printer
+echo "$valueStore" | curl --data-binary @- http://localhost:9091/metrics/job/printer
 echo "Success!"
-exit 0
+exit 0
--- a/scripts/add_new_host_keys.sh
+++ b/scripts/add_new_host_keys.sh
@@ -31,13 +31,10 @@ cd "$pwpath"
 # Generate SSH keys
 ssh-keygen -f $hostkey -t ed25519 -N "" -C "root@$host"
 ssh-keygen -f $initrdkey -t ed25519 -N "" -C "root@$host-initrd"
-wg genkey > wg.private
-publickey=$(cat wg.private | wg pubkey)

 #encrypt the private keys
 sops -e -i ./$hostkey
 sops -e -i ./$initrdkey
-sops -e -i ./wg.private

 #generate encryption key
 tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 20 > disk.key
@@ -48,9 +45,6 @@ echo
 echo "Hier ist der age public key für sops etc:"
 echo "$(ssh-to-age -i ./"$hostkey".pub)"
 echo
-echo "Hier ist der wireguard pubkey für das gerät"
-echo "$publickey"
-echo 
 echo "Hier ist eine reproduzierbare mac-addresse:"
 echo "$hostname"|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'

--- a/scripts/remote-install-encrypt.sh
+++ b/scripts/remote-install-encrypt.sh
@@ -40,9 +40,7 @@ trap cleanup EXIT

 # Create the directory where sshd expects to find the host keys
 install -d -m755 "$temp/etc/ssh/"
-install -d -m755 "$temp/etc/wireguard/"

-##TODO:: wg genkey + pubkey --> /etc/wireguard/wg.private
 diskKey=$(sops -d $pwpath/disk.key)
 echo "$diskKey" > /tmp/secret.key

@@ -50,7 +48,6 @@ sops -d "$pwpath/$hostkey" > "$temp/etc/ssh/$hostname"

 sops -d "$pwpath/$initrdkey" > "$temp/etc/ssh/initrd"

-sops -d "$pwpath/wg.private" > "$temp/etc/wireguard/wg.private"
 # # Set the correct permissions so sshd will accept the key
 chmod 600 "$temp/etc/ssh/$hostname"
 chmod 600 "$temp/etc/ssh/initrd"
--- a/scripts/unlock-boot.sh
+++ b/scripts/unlock-boot.sh
@@ -24,16 +24,14 @@ diskkey=$(sops -d machines/$hostname/secrets/disk.key)
 echo
 if [ $# = 1 ]
    then
-    ssh $sshoptions root@$hostname-initrd "zpool import -a"
-    echo "$diskkey" | ssh $sshoptions root@$hostname-initrd "zfs load-key storage/encrypted" #root
+    echo "$diskkey" | ssh $sshoptions root@$hostname-initrd "systemd-tty-ask-password-agent" #root
    echo "$diskkey" | ssh $sshoptions root@$hostname-initrd "systemd-tty-ask-password-agent" #data

 elif [ $# = 2 ]
    then
    ip=$2
-    ssh $sshoptions root@$ip "zpool import -a"
-    echo "$diskkey" | ssh $sshoptions root@$ip "zfs load-key storage/encrypted" 
-    echo "$diskkey" | ssh $sshoptions root@$ip "systemd-tty-ask-password-agent"
+    echo "$diskkey" | ssh $sshoptions root@$ip "systemd-tty-ask-password-agent" #root
+    echo "$diskkey" | ssh $sshoptions root@$ip "systemd-tty-ask-password-agent" #data
    
 else
    echo
Author	SHA1	Message	Date
ahtlon	6cabd45e1c	Fix string warning, script execution All checks were successful Check flake syntax / flake-check (push) Successful in 4m51s Details	2025-10-25 22:21:59 +02:00
ahtlon	8d5702d93a	Add command testing	2025-10-25 22:21:59 +02:00
ahtlon	b12c28e553	Add printer scraping	2025-10-25 22:21:59 +02:00