diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..006e11d --- /dev/null +++ b/.dockerignore @@ -0,0 +1,6 @@ +Dockerfile +.git/ +.gitignore +.dockerignore +docs/img/ +*.md diff --git a/Dockerfile b/Dockerfile index a583c58..fe24dc2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,10 @@ -FROM benediktkr/poetry:3.9 +FROM python:3.10-alpine +RUN adduser --disabled-password --uid 1000 infra && \ + apk add --update --no-cache yamllint + -USER 0 -RUN python3 -m pip install yamllint -COPY . /infra WORKDIR /infra +USER infra +COPY --chown=infra:infra . /infra -CMD ["/infra/lint.sh", "/infra"] +ENTRYPOINT ["/infra/bin/lint.sh", "/infra"] diff --git a/ap.py b/bin/ap.py similarity index 100% rename from ap.py rename to bin/ap.py diff --git a/bootstrap-xubuntu.sh b/bin/bootstrap-xubuntu.sh similarity index 100% rename from bootstrap-xubuntu.sh rename to bin/bootstrap-xubuntu.sh diff --git a/bin/lint.sh b/bin/lint.sh new file mode 100755 index 0000000..8e71cd6 --- /dev/null +++ b/bin/lint.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +echo "output is currently redirected to /dev/null" + +yamllint $1 &>/dev/null + +returncode=$? +echo "yamllint returncode: $returncode" + +exit 0 diff --git a/newrole.sh b/bin/newrole.sh similarity index 100% rename from newrole.sh rename to bin/newrole.sh diff --git a/edgevlan.txt b/edgevlan.txt deleted file mode 100644 index f5c1d63..0000000 --- a/edgevlan.txt +++ /dev/null @@ -1,22 +0,0 @@ -set interfaces switch switch0 vif 10 address 192.168.2.1/24 - -set service dhcp-server shared-network-name vlan10 subnet 192.168.2.0/24 start 192.168.2.11 stop 192.168.2.200 -set service dhcp-server shared-network-name vlan10 subnet 192.168.2.0/24 default-router 192.168.2.1 -set service dhcp-server shared-network-name vlan10 subnet 192.168.2.0/24 dns-server 192.168.2.1 - -set interfaces switch switch0 switch-port vlan-aware enable -set interfaces switch switch0 switch-port interface eth1 vlan vid 10 - -# Don't mess with the untagged/physical part since we're not using a dedicated vlan for the rest -# set interfaces switch switch0 switch-port interface eth1 vlan pvid 1 - -set interfaces openvpn vtun0 config-file /config/wifi002.conf - -set firewall modify SOURCE_ROUTE rule 1 action modify -set firewall modify SOURCE_ROUTE rule 1 description "traffic from vlan goes to vpn" -set firewall modify SOURCE_ROUTE rule 1 modify table 1 -set firewall modify SOURCE_ROUTE rule 1 source address 192.168.2.0/24 - -set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface vtun0 - -set interfaces switch switch0 vif 10 firewall in modify SOURCE_ROUTE diff --git a/lint.sh b/lint.sh deleted file mode 100755 index c9c82c4..0000000 --- a/lint.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -yamllint $1 - -exit 0