From 3ed2d7d3701234325fef6b659feaa83ec2723b93 Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Tue, 24 Nov 2020 22:13:32 +0100
Subject: getty-for-esp: init

this module provides a serial port which is exposed via an esp8266 to the network via wifi.
it essentially creates a backdoor to the serial console when the network config is b0rked again
---
 krebs/1systems/puyak/config.nix     |  6 ++++--
 krebs/2configs/hw/getty-for-esp.nix | 17 +++++++++++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)
 create mode 100644 krebs/2configs/hw/getty-for-esp.nix

diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 2bfe061f..e41488cc 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -1,5 +1,4 @@
 { config, pkgs, ... }:
-
 {
   imports = [
     ./net.nix
@@ -8,6 +7,10 @@
     <stockholm/krebs/2configs/secret-passwords.nix>
     <stockholm/krebs/2configs/hw/x220.nix>
 
+    # see documentation in included getty-for-esp.nix:
+    # brain hosts/puyak/root
+    <stockholm/krebs/2configs/hw/getty-for-esp.nix>
+
 
     ## initrd unlocking
     # (brain hosts/puyak/luks-ssd;echo)  | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
@@ -119,7 +122,6 @@
 
   krebs.build.host = config.krebs.hosts.puyak;
   sound.enable = false;
-
   boot = {
     loader.systemd-boot.enable = true;
     loader.efi.canTouchEfiVariables = true;
diff --git a/krebs/2configs/hw/getty-for-esp.nix b/krebs/2configs/hw/getty-for-esp.nix
new file mode 100644
index 00000000..18c91235
--- /dev/null
+++ b/krebs/2configs/hw/getty-for-esp.nix
@@ -0,0 +1,17 @@
+{
+  # 1. Program an esp8266 devboard (esp8266+usb-ttl) with # https://github.com/jeelabs/esp-link 
+  #   tested vesion: esp-link v3.2.47-g9c6530d
+  #   Pin Preset: esp-bridge
+  #     tx-enable: false
+  #     uart-pins: normal
+  # 2. connect directly with usb-cable to device, check that vendorID and ProductID match 
+  # 3. nc <esp-link-ip> 23
+  # Info: for puyak the root pw is `brain hosts/puyak/root`
+  services.udev.extraRules = ''
+    SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="ilo", MODE="0660"
+  '';
+  systemd.services."serial-getty@ilo".enable = true;
+  systemd.services."serial-getty@ilo".wantedBy = [ "multi-user.target" ];
+  systemd.services."serial-getty@ilo".serviceConfig.Restart = "always";
+}
+
-- 
cgit v1.2.3