summaryrefslogtreecommitdiffstats
path: root/krebs
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2020-11-24 22:13:32 +0100
committermakefu <github@syntax-fehler.de>2020-11-24 22:13:32 +0100
commit3ed2d7d3701234325fef6b659feaa83ec2723b93 (patch)
tree306395f86f840d70688ddb2b65ea5fb5ec0a95b8 /krebs
parent41865fe25f356b46b8a56629ab60e2c3af125ae8 (diff)
getty-for-esp: init
this module provides a serial port which is exposed via an esp8266 to the network via wifi. it essentially creates a backdoor to the serial console when the network config is b0rked again
Diffstat (limited to 'krebs')
-rw-r--r--krebs/1systems/puyak/config.nix6
-rw-r--r--krebs/2configs/hw/getty-for-esp.nix17
2 files changed, 21 insertions, 2 deletions
diff --git a/krebs/1systems/puyak/config.nix b/krebs/1systems/puyak/config.nix
index 2bfe061f5..e41488cc3 100644
--- a/krebs/1systems/puyak/config.nix
+++ b/krebs/1systems/puyak/config.nix
@@ -1,5 +1,4 @@
{ config, pkgs, ... }:
-
{
imports = [
./net.nix
@@ -8,6 +7,10 @@
<stockholm/krebs/2configs/secret-passwords.nix>
<stockholm/krebs/2configs/hw/x220.nix>
+ # see documentation in included getty-for-esp.nix:
+ # brain hosts/puyak/root
+ <stockholm/krebs/2configs/hw/getty-for-esp.nix>
+
## initrd unlocking
# (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
@@ -119,7 +122,6 @@
krebs.build.host = config.krebs.hosts.puyak;
sound.enable = false;
-
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
diff --git a/krebs/2configs/hw/getty-for-esp.nix b/krebs/2configs/hw/getty-for-esp.nix
new file mode 100644
index 000000000..18c912353
--- /dev/null
+++ b/krebs/2configs/hw/getty-for-esp.nix
@@ -0,0 +1,17 @@
+{
+ # 1. Program an esp8266 devboard (esp8266+usb-ttl) with # https://github.com/jeelabs/esp-link
+ # tested vesion: esp-link v3.2.47-g9c6530d
+ # Pin Preset: esp-bridge
+ # tx-enable: false
+ # uart-pins: normal
+ # 2. connect directly with usb-cable to device, check that vendorID and ProductID match
+ # 3. nc <esp-link-ip> 23
+ # Info: for puyak the root pw is `brain hosts/puyak/root`
+ services.udev.extraRules = ''
+ SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="ilo", MODE="0660"
+ '';
+ systemd.services."serial-getty@ilo".enable = true;
+ systemd.services."serial-getty@ilo".wantedBy = [ "multi-user.target" ];
+ systemd.services."serial-getty@ilo".serviceConfig.Restart = "always";
+}
+