getty-for-esp: init
this module provides a serial port which is exposed via an esp8266 to the network via wifi. it essentially creates a backdoor to the serial console when the network config is b0rked again
This commit is contained in:
parent
41865fe25f
commit
3ed2d7d370
@ -1,5 +1,4 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./net.nix
|
./net.nix
|
||||||
@ -8,6 +7,10 @@
|
|||||||
<stockholm/krebs/2configs/secret-passwords.nix>
|
<stockholm/krebs/2configs/secret-passwords.nix>
|
||||||
<stockholm/krebs/2configs/hw/x220.nix>
|
<stockholm/krebs/2configs/hw/x220.nix>
|
||||||
|
|
||||||
|
# see documentation in included getty-for-esp.nix:
|
||||||
|
# brain hosts/puyak/root
|
||||||
|
<stockholm/krebs/2configs/hw/getty-for-esp.nix>
|
||||||
|
|
||||||
|
|
||||||
## initrd unlocking
|
## initrd unlocking
|
||||||
# (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
|
# (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
|
||||||
@ -119,7 +122,6 @@
|
|||||||
|
|
||||||
krebs.build.host = config.krebs.hosts.puyak;
|
krebs.build.host = config.krebs.hosts.puyak;
|
||||||
sound.enable = false;
|
sound.enable = false;
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
loader.systemd-boot.enable = true;
|
loader.systemd-boot.enable = true;
|
||||||
loader.efi.canTouchEfiVariables = true;
|
loader.efi.canTouchEfiVariables = true;
|
||||||
|
17
krebs/2configs/hw/getty-for-esp.nix
Normal file
17
krebs/2configs/hw/getty-for-esp.nix
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
{
|
||||||
|
# 1. Program an esp8266 devboard (esp8266+usb-ttl) with # https://github.com/jeelabs/esp-link
|
||||||
|
# tested vesion: esp-link v3.2.47-g9c6530d
|
||||||
|
# Pin Preset: esp-bridge
|
||||||
|
# tx-enable: false
|
||||||
|
# uart-pins: normal
|
||||||
|
# 2. connect directly with usb-cable to device, check that vendorID and ProductID match
|
||||||
|
# 3. nc <esp-link-ip> 23
|
||||||
|
# Info: for puyak the root pw is `brain hosts/puyak/root`
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="ilo", MODE="0660"
|
||||||
|
'';
|
||||||
|
systemd.services."serial-getty@ilo".enable = true;
|
||||||
|
systemd.services."serial-getty@ilo".wantedBy = [ "multi-user.target" ];
|
||||||
|
systemd.services."serial-getty@ilo".serviceConfig.Restart = "always";
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user