From 5552b2bfac0c4c8b46754f9a363d463a2fad499b Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 13 Jan 2022 13:32:27 +0200 Subject: drop: Subplot codegen and running of scenarios This is useless for now. Sponsored-by: author --- check | 2 -- 1 file changed, 2 deletions(-) diff --git a/check b/check index 254c08a..fee87c4 100755 --- a/check +++ b/check @@ -7,5 +7,3 @@ set -euo pipefail subplot docgen puomi.md -o puomi.pdf subplot docgen puomi.md -o puomi.html -subplot codegen puomi.md -o test.py -python3 test.py --log test.log -- cgit v1.2.1 From 808287b6d45e52893b3c09cc5d16c7cf74c6670b Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 13 Jan 2022 13:33:44 +0200 Subject: drop: old test-env files, it never really worked Sponsored-by: author --- env/env.yaml | 10 --- env/files/ca | 7 -- env/files/ca.pub | 1 - env/files/getip.py | 13 --- env/files/inner-hosts | 4 - env/files/inner.yml | 12 --- env/files/puomi.yaml | 10 --- env/files/vmadm.yaml | 10 --- env/hosts | 1 - env/playbook.yml | 233 -------------------------------------------------- env/setup-inner.sh | 17 ---- env/setup.sh | 30 ------- env/ssh/config | 12 --- env/ssh/ed25519 | 7 -- env/ssh/ed25519.pub | 1 - 15 files changed, 368 deletions(-) delete mode 100644 env/env.yaml delete mode 100644 env/files/ca delete mode 100644 env/files/ca.pub delete mode 100755 env/files/getip.py delete mode 100644 env/files/inner-hosts delete mode 100644 env/files/inner.yml delete mode 100644 env/files/puomi.yaml delete mode 100644 env/files/vmadm.yaml delete mode 100644 env/hosts delete mode 100644 env/playbook.yml delete mode 100755 env/setup-inner.sh delete mode 100755 env/setup.sh delete mode 100644 env/ssh/config delete mode 100644 env/ssh/ed25519 delete mode 100644 env/ssh/ed25519.pub diff --git a/env/env.yaml b/env/env.yaml deleted file mode 100644 index 677d7e5..0000000 --- a/env/env.yaml +++ /dev/null @@ -1,10 +0,0 @@ -# This is a vmadm spec file for a VM in which to test Puomi. - -puomi-dev: - cpus: 4 - memory_mib: 8192 - image_size_gib: 20 - ssh_key_files: - - ssh/ed25519.pub - - ~/.ssh/liw-openpgp.pub - diff --git a/env/files/ca b/env/files/ca deleted file mode 100644 index 560a62e..0000000 --- a/env/files/ca +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACBA4oQIXgis2NkrOTg/5LdccAd0iOM5H98hrjXFGGAuFgAAAJDqtZP16rWT -9QAAAAtzc2gtZWQyNTUxOQAAACBA4oQIXgis2NkrOTg/5LdccAd0iOM5H98hrjXFGGAuFg -AAAEDIagIVUs7Y4qitDfqu5LsebGP9GcbxzFbCwfBUTp6L5UDihAheCKzY2Ss5OD/kt1xw -B3SI4zkf3yGuNcUYYC4WAAAADGxpd0BleG9sb2JlMQE= ------END OPENSSH PRIVATE KEY----- diff --git a/env/files/ca.pub b/env/files/ca.pub deleted file mode 100644 index 8cd9f64..0000000 --- a/env/files/ca.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDihAheCKzY2Ss5OD/kt1xwB3SI4zkf3yGuNcUYYC4W liw@exolobe1 diff --git a/env/files/getip.py b/env/files/getip.py deleted file mode 100755 index a8b326d..0000000 --- a/env/files/getip.py +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/python3 - -import json -import sys - - -leases = sys.argv[1] -hostname = sys.argv[2] -o = json.load(open(leases)) - -for h in o: - if h["hostname"] == hostname: - print(h["ip-address"]) diff --git a/env/files/inner-hosts b/env/files/inner-hosts deleted file mode 100644 index aa8d8c8..0000000 --- a/env/files/inner-hosts +++ /dev/null @@ -1,4 +0,0 @@ -[inner] -puomi -webby -lappy \ No newline at end of file diff --git a/env/files/inner.yml b/env/files/inner.yml deleted file mode 100644 index 4841c78..0000000 --- a/env/files/inner.yml +++ /dev/null @@ -1,12 +0,0 @@ -- hosts: inner - remote_user: debian - become: yes - tasks: - - apt: - update_cache: yes - upgrade: dist - - apt: - name: - - traceroute - vars: - foo: bar diff --git a/env/files/puomi.yaml b/env/files/puomi.yaml deleted file mode 100644 index cceda0d..0000000 --- a/env/files/puomi.yaml +++ /dev/null @@ -1,10 +0,0 @@ -puomi: - networks: - - network=lan - - network=wan -webby: - networks: - - network=wan -lappy: - networks: - - network=lan diff --git a/env/files/vmadm.yaml b/env/files/vmadm.yaml deleted file mode 100644 index 73f83a1..0000000 --- a/env/files/vmadm.yaml +++ /dev/null @@ -1,10 +0,0 @@ -image_directory: "~" -default_base_image: ~/debian-10-openstack-amd64.qcow2 -default_image_gib: 5 -default_memory_mib: 2048 -default_cpus: 1 -authorized_keys: - - ~/.ssh/id_ed25519.pub -default_generate_host_certificate: true -ca_key: ~/.ssh/ca -default_networks: [] diff --git a/env/hosts b/env/hosts deleted file mode 100644 index 05ac2bb..0000000 --- a/env/hosts +++ /dev/null @@ -1 +0,0 @@ -puomi-dev diff --git a/env/playbook.yml b/env/playbook.yml deleted file mode 100644 index 3dd7f7f..0000000 --- a/env/playbook.yml +++ /dev/null @@ -1,233 +0,0 @@ -- hosts: puomi-dev - remote_user: debian - become: yes - roles: - - sane_debian_system - - unix_users - tasks: - - name: "Install software" - apt: - name: - - qemu-system-x86 - - virtinst - - virt-manager - - libvirt-daemon-system - - libvirt-clients - - libnss-libvirt - - python3-lxml - - vmadm - - jq - - libnss-libvirt - - ansible - - traceroute - - moreutils - - name: "configure nss to find VM names" - shell: | - if awk '$1 == "hosts:" && !/libvirt_guest/' /etc/nsswitch.conf | grep . - then - sed -i '/hosts:/s/files /files libvirt libvirt_guest /' /etc/nsswitch.conf - fi - - name: "put puomi into libvirt group" - user: - name: puomi - groups: - - libvirt - - name: "define libvirt network lan" - virt_net: - command: define - autostart: yes - name: lan - xml: | - - lan - - - - - - - - - - name: "autostart libvirt network lan" - virt_net: - autostart: yes - name: lan - - name: "start libvirt network lan" - virt_net: - command: start - name: lan - - name: "define libvirt network wan" - virt_net: - command: define - autostart: yes - name: wan - xml: | - - wan - - - - - - - - - - name: "autostart libvirt network wan" - virt_net: - autostart: yes - name: wan - - name: "start libvirt network wan" - virt_net: - command: start - name: wan - - name: "remove libvirt network default" - virt_net: - command: undefine - name: default - - name: "copy Debian 10 OpenStack image" - copy: - src: debian-10-openstack-amd64.qcow2 - dest: /home/puomi/debian-10-openstack-amd64.qcow2 - - name: "create ~puomi/.config/vmadm" - file: - state: directory - path: /home/puomi/.config/vmadm - owner: puomi - group: puomi - mode: 0755 - - name: "configure vmadm" - copy: - src: vmadm.yaml - dest: /home/puomi/.config/vmadm/config.yaml - - name: "copy vmadm spec for VMs" - copy: - src: puomi.yaml - dest: /home/puomi/puomi.yaml - - name: "create ~puomi/.ssh" - file: - state: directory - path: /home/puomi/.ssh - owner: puomi - group: puomi - mode: 0700 - - name: "copy user SSH private key" - copy: - content: "{{ user_ssh_private_key }}" - dest: /home/puomi/.ssh/id_ed25519 - owner: puomi - group: puomi - mode: 0600 - - name: "copy user SSH public key" - copy: - content: "{{ user_ssh_public_key }}" - dest: /home/puomi/.ssh/id_ed25519.pub - owner: puomi - group: puomi - mode: 0600 - - name: "copy SSH CA private key" - copy: - src: ca - dest: /home/puomi/.ssh/ca - owner: puomi - group: puomi - mode: 0600 - - name: "copy SSH CA public key" - copy: - src: ca.pub - dest: /home/puomi/.ssh/ca.pub - owner: puomi - group: puomi - - name: "configure SSH client to trust SSH CA host certificates" - shell: | - echo "@cert-authority * $(cat /home/puomi/.ssh/ca.pub)" | tee /home/puomi/.ssh/known_hosts - chown puomi:puomi /home/puomi/.ssh/known_hosts - - name: "copy files" - copy: - src: "{{ item }}" - dest: "/home/puomi/{{ item }}" - owner: puomi - group: puomi - mode: 0755 - loop: - - inner.yml - - inner-hosts - - name: "copy scripts" - copy: - src: "{{ item }}" - dest: "/home/puomi/{{ item }}" - owner: puomi - group: puomi - mode: 0755 - loop: - - getip.py - - setup-inner.sh - vars: - sane_debian_system_version: 2 - unix_users_version: 2 - - sane_debian_system_hostname: puomi-dev - sane_debian_system_codename: buster - sane_debian_system_mirror: deb.debian.org - - ansible_python_interpreter: /usr/bin/python3 - - unix_users: - - username: puomi - comment: Puomi for testing - authorized_keys: | - {{ ssh_pub }} - - sane_debian_system_sources_lists: - - repo: deb http://ci-prod-controller.vm.liw.fi/debian unstable-ci main - signing_key: "{{ ci_prod_signing_key }}" - - ssh_pub: | - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4hKoygOkXNujMW40d2F93lIMbyu0ZwXSBQ2S17R6a8 liw@exolobe1 - - ci_prod_signing_key: | - -----BEGIN PGP PUBLIC KEY BLOCK----- - - mQINBFrLO7kBEADdz6mHstYmKU5Dp6OSjxWtWaqTDOX1sJdmmaIK/9EKVIH0Maxp - 5kvVO5G6mULLAjv/kLG0MxasHPrq8I2A/y8AqKAGVL8QelwLjQMIFZ30/VbGQPHS - +T5TZXEnoQtNce1GUhFwJ38ZyjjwHBFV9tSec7rZ2Q3YeM3nNnGPf6DacXGfEOPO - HIN4sXAN2hzNXNjKRzTIvxQseb6nr7afUh/SlZ3yhQOCrIzmYlD7tP9WJe7ofL0p - JY4pDQYw8rT6nC2BE/ioemh84kERCT1vCe+OVFlSRuMlqfEv+ZpKQ+itOmPDQ/lM - jpUm1K2hrW/lWpxT/ZxHKo/w1K36J5WshgMZxfUu5BMCL9LMqMcrXNhNjDMfxDMM - 3yBPOvQ4ls6fecOZ/bsFo1p8VzMk/w/eG8vPs5yuNa5XxN95yFMXoOHGb5Xbu8D4 - 6yiW+Af70LbiSNpGdmNdneiGB2fY38NxBukPw5u3S5qG8HedSmMr1RvSr5kHoAAe - UbOY+BYaaKsTAT7+1skUW1o3FJSqoRKCHAzTsMWC6zzhR8hRn7jVrrguH1hGbqq5 - TZSCFQZExuTJ7uXrTLG0WoBXIjB5wWNcSeXn8myUWYB51nJNF4tJBouZOz9JwWGl - kiAQkrHnBttLQWdW9FyjbIoTZMtpvVx+m6ObGTGdGL1cNlLAvWprMXGc+QARAQAB - tDJJY2sgQVBUIHJlcG9zaXRvcnkgc2lnbmluZyBrZXkgKDIwMTgpIDxsaXdAbGl3 - LmZpPokCTgQTAQgAOBYhBKL1uyDoXyxUH3O717Wr+TZVS6PGBQJayzu5AhsDBQsJ - CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJELWr+TZVS6PGB5QQANTcikhRUHwt9N4h - dGc/Hp6CbqdshMoWlwpFskttoVDxQG5OAobuZl5XyzGcmja1lT85RGkZFfbca0IZ - LnXOLLSAu51QBkXNaj4OhjK/0uQ+ITrvL6RQSXNgHiUTR/W2XD1GIUq6nBqe2GSN - 31S1baYKKVj5QIMsi7Dq8ls3BBXuPCE+xTSaNmGWjes2t9pPidcRvxsksCLY1qgw - P1GFXBeMkBQ29kBP87SUL15SIk7OiQLlEURCy5iRls5rt/YEsdEpRWIb0Tm5Nrjv - 2M3VM+iBhfNXTwj0rJ34mlycF1qQmA7YcTEobT7z587GPY0VWzBpQUnEQj7rQWPM - cDYY0b+I6kQ8VKOaL4wVAtE98d7HzFIrIrwhTKufnrWrVDPYsmLZ+LPC1jiF7JBD - SR6Vftb+SdDR9xoE1yRuXbC6IfoW+5/qQNrdQ2mm9BFw5jOonBqchs18HTTf3441 - 6SWwP9fY3Vi+IZphPPi0Gf85oMStgnv/Wnw6LacEL32ek39Desero/D8iGLZernK - Q2mC9mua5A/bYGVhsNWyURNFkKdbFa+/wW3NfdKYyZnsSfo+jJ2luNewrhAY7Kod - GWXTer9RxzTGA3EXFGvNr+BBOOxSj0SfWTl0Olo7J5dnxof+jLAUS1VHpceHGHps - GSJSdir7NkZidgwoCPA7BTqsb5LN - =dXB0 - -----END PGP PUBLIC KEY BLOCK----- - - # Note that this private key MUST be the same as env/ssh/ed25519 - # in the source tree. - user_ssh_private_key: | - -----BEGIN OPENSSH PRIVATE KEY----- - b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW - QyNTUxOQAAACAOISqMoDpFzbozFuNHdhfd5SDG8rtGcF0gUNkte0emvAAAAJAf032rH9N9 - qwAAAAtzc2gtZWQyNTUxOQAAACAOISqMoDpFzbozFuNHdhfd5SDG8rtGcF0gUNkte0emvA - AAAECYIVFEDbQDeAv6UVxwrbW5D55Z6OFI2YxjXho4SvOdiA4hKoygOkXNujMW40d2F93l - IMbyu0ZwXSBQ2S17R6a8AAAADGxpd0BleG9sb2JlMQE= - -----END OPENSSH PRIVATE KEY----- - - - # This public key MUST correspond to the one that is in - # user_ssh_private_key. - user_ssh_public_key: | - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4hKoygOkXNujMW40d2F93lIMbyu0ZwXSBQ2S17R6a8 diff --git a/env/setup-inner.sh b/env/setup-inner.sh deleted file mode 100755 index 1d01c0b..0000000 --- a/env/setup-inner.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -msg() -{ - printf ' %s\n' "$@" -} - -msg "Delete any existing inner VMs" -vmadm delete puomi.yaml - -msg "Create new inner VMs" -vmadm new puomi.yaml - -msg "Provision inner VMs" -chronic ansible-playbook -i inner-hosts inner.yml diff --git a/env/setup.sh b/env/setup.sh deleted file mode 100755 index 6ac8197..0000000 --- a/env/setup.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -set -eu -o pipefail - -# Get the Debian 10 (buster) OpenStack cloud image. We use it as a -# base image for creating the VMs we need. - -url="https://cloud.debian.org/images/cloud/OpenStack/current-10/debian-10-openstack-amd64.qcow2" -image=debian-10-openstack-amd64.qcow2 -if [ ! -e "files/$image" ]; then - echo "Download Debian cloud image (only happens on first run)" - wget -q -c -O "files/$image" "$url" -fi - -# git does not preserve file modes properly, so set the permissions of -# the SSH keys we're using so the the SSH client is happy. -chmod 600 ssh/ed25519* - -echo "Provision outer VM" -chronic ansible-playbook -i hosts playbook.yml - -echo "Create and provision the inner VMs" -ssh -F ssh/config puomi@puomi-dev ./setup-inner.sh - -# Disable network forwarding in outer VM. This can't be done until the -# inner VMs are provisioned, or they can't install anything. Hide the -# standard output, as it's useless. -ssh debian@puomi-dev sudo sysctl -w net.ipv4.ip_forward=0 >/dev/null - -echo "Finished; the router test environment is ready for use" diff --git a/env/ssh/config b/env/ssh/config deleted file mode 100644 index 24884f8..0000000 --- a/env/ssh/config +++ /dev/null @@ -1,12 +0,0 @@ -Host puomi webby lappy - ProxyJump puomi@puomi-dev - User debian - -Host * - ForwardAgent no - ControlMaster no - IdentitiesOnly yes - ServerAliveInterval 60 - PasswordAuthentication no - KbdInteractiveAuthentication no - IdentityFile ssh/ed25519 diff --git a/env/ssh/ed25519 b/env/ssh/ed25519 deleted file mode 100644 index 8a59f0c..0000000 --- a/env/ssh/ed25519 +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN OPENSSH PRIVATE KEY----- -b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW -QyNTUxOQAAACAOISqMoDpFzbozFuNHdhfd5SDG8rtGcF0gUNkte0emvAAAAJAf032rH9N9 -qwAAAAtzc2gtZWQyNTUxOQAAACAOISqMoDpFzbozFuNHdhfd5SDG8rtGcF0gUNkte0emvA -AAAECYIVFEDbQDeAv6UVxwrbW5D55Z6OFI2YxjXho4SvOdiA4hKoygOkXNujMW40d2F93l -IMbyu0ZwXSBQ2S17R6a8AAAADGxpd0BleG9sb2JlMQE= ------END OPENSSH PRIVATE KEY----- diff --git a/env/ssh/ed25519.pub b/env/ssh/ed25519.pub deleted file mode 100644 index 2f70c68..0000000 --- a/env/ssh/ed25519.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4hKoygOkXNujMW40d2F93lIMbyu0ZwXSBQ2S17R6a8 liw@exolobe1 -- cgit v1.2.1 From 63a12998f097a7c38e441cc46b0c66cfe7f9df1b Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 13 Jan 2022 13:34:27 +0200 Subject: drop: more test env stuff Sponsored-by: author --- puomi.py | 25 ------------------------- puomi.yaml | 4 ---- 2 files changed, 29 deletions(-) delete mode 100644 puomi.py delete mode 100644 puomi.yaml diff --git a/puomi.py b/puomi.py deleted file mode 100644 index 9760bb0..0000000 --- a/puomi.py +++ /dev/null @@ -1,25 +0,0 @@ -import logging -import os -import shutil - - -def env_setup(ctx): - logging.info("setting up test directory for router testing") - - srcdir = globals()["srcdir"] - - # Copy env/ssh/ from source dir, which has SSH config and keys. - ssh = os.path.join(srcdir, "env", "ssh") - dst = os.path.join(os.getcwd(), ".ssh") - logging.debug(f"copy {ssh} to {dst}") - shutil.copytree(ssh, dst) - - # The config refers to ssh/ed25519 as the key to use. However, the - # directory is actually .ssh here so that the SSH client finds it - # automatically. Create a symlink so both forms work. - os.symlink(".ssh", "ssh") - - # Set permissions on the key files, so that the SSH client isn't upset if - # they're lax. Git doesn't preserve the permissions correctly. - os.chmod(".ssh/ed25519", 0o600) - os.chmod(".ssh/ed25519.pub", 0o600) diff --git a/puomi.yaml b/puomi.yaml deleted file mode 100644 index a3d2c2d..0000000 --- a/puomi.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- given: "a router testing environment" - impl: - python: - function: env_setup -- cgit v1.2.1 From dfc7cc161da18ae4a61815e82c8a72eb009c2c7a Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 13 Jan 2022 14:31:07 +0200 Subject: add v-i files for installing on an x220 laptop Sponsored-by: author --- puomi-installer-playbook.yml | 33 +++++++++++++++++++++++++++++++++ puomi-x220.yaml | 10 ++++++++++ 2 files changed, 43 insertions(+) create mode 100644 puomi-installer-playbook.yml create mode 100644 puomi-x220.yaml diff --git a/puomi-installer-playbook.yml b/puomi-installer-playbook.yml new file mode 100644 index 0000000..0c0863c --- /dev/null +++ b/puomi-installer-playbook.yml @@ -0,0 +1,33 @@ +# Ansible playbook for installing a router. + +- hosts: image + pre_tasks: + - name: "configure networking for LAN adapter" + copy: + content: | + [Match] + Name=eth[^0]* + + [Network] + Address=10.1.1.1/24 + DHCPServer=true + IPMasquerade=true + ConfigureWithoutCarrier=true + + [DHCPServer] + PoolOffset=100 + PoolSize=50 + EmitDNS=yes + dest: /etc/systemd/network/lan0.network + + vars: + ansible_python_interpreter: /usr/bin/python3 + + sane_debian_system_version: 2 + sane_debian_system_codename: bullseye + sane_debian_system_timezone: Europe/Helsinki + sane_debian_system_sources_lists: + - repo: | + deb http://deb.debian.org/debian bullseye contrib non-free + + unix_users_version: 2 diff --git a/puomi-x220.yaml b/puomi-x220.yaml new file mode 100644 index 0000000..d770e21 --- /dev/null +++ b/puomi-x220.yaml @@ -0,0 +1,10 @@ +# A target specification file for v-i for Puomi on a Lenovo Thinkpad +# X220 laptop. + +drive: /dev/sda +hostname: puomi +extra_playbooks: + - puomi-installer-playbook.yml +ansible_vars: + user_pub: | + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQe6lsTapAxiwhhEeE/ixuK+5N8esCsMWoekQqjtxjP liw personal systems -- cgit v1.2.1 From f7fd33c5bd63fa90a7e8be541d9a10a9369e714f Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 13 Jan 2022 14:53:13 +0200 Subject: docs: rewrite README Sponsored-by: author --- README.md | 73 +++++++++++++++------------------------------------------------ 1 file changed, 17 insertions(+), 56 deletions(-) diff --git a/README.md b/README.md index b734faa..1890c12 100644 --- a/README.md +++ b/README.md @@ -1,67 +1,28 @@ -# README for Puomi +# Puomi, a Debian based home or small office Internet router -Puomi will be software for a simple Internet router and access point -for home and small office use. A device running Puomi connects one or -more machines via Ethernet and wifi to the Internet, while providing a -firewall against outside intrusions. +Puomi is a way to install Debian on a computer and configure it to be +an Internet router for home or small office use. A Puomi router +provides: -Puomi will be based on the Debian GNU/Linux operating system. It needs -to be run on a small PC or other suitable hardware. Puomi will have no -interactive user interface, and will be managed entirely via Ansible. +* routing between an internal and external network +* IPv4 NAT +* DNS to the local network +* DHCP to the local network, with hosts added to local DNS -## To build and test +Puomi is a very basic Debian system, without any user interface. It is +installed onto a PC using the [v-i][] installer for Debian, and +post-installation configuration and administration is expected to be +done using SSH and Ansible. -Create a VM, accessible with the name `puomi-dev`, then run this to -provision and verify it works: +## Installation -~~~sh -(cd env && ./setup.sh) -./check -~~~ - -You need [Subplot](https://subplot.liw.fi/) installed for `./check`. - -If you use [vmadm](https://vmadm.liw.fi/ to create the outer VM: - -~~~sh -(cd env && vmadm delete env.yaml && vmadm new env.yaml && ./setup.sh) && ./check -~~~ - -This will all take a while. On my laptop, it takes order of 10 to 15 -minutes. Changes making this faster would be welcome. - -## Walk through - -Some of the more important files in the source tree: - -* `env/` --- directory with Ansible, vmadm, and other files to set up - a virtual testing environment. - * `env/env.yaml` --- vmadm specification file for creating the outer - VM - * `env/playbook.yml` --- Ansible playbook for provisioning the outer - VM - * `env/setup.sh` --- shell script to provision the outer VM and - creating and provisioning the inner VMs - * `env/ssh` --- SSH keys and configuration for accessing the outer - VM, used by the acceptance test suite -* `check` --- script that runs the acceptance tests -* `puomi.md` --- Markdown file that describes Puomi, the test - environment, and how the environment is verified as working -* `puomi.yaml` and `puomi.py` --- implementations of the scenario - steps used in the acceptance test in `puomi.md` -* `test.log` --- log file from test program; created by `check`; - looking at the log may help debug any issues +This is not yet documented. ## Hardware -We will be aiming Puomi at hardware like the following: - -- - A small headless PC with multiple Ethernet ports. - -- - A headless Arm64 box with many networking options. - +Puomi currently targets a Lenovo Thinkpad X220 laptop with a USB +Ethernet adapter installed. We expect that any reasonably standard PC +will work. ## Related links -- cgit v1.2.1