getty-for-esp: init
this module provides a serial port which is exposed via an esp8266 to the network via wifi. it essentially creates a backdoor to the serial console when the network config is b0rked again
This commit is contained in:
parent
41865fe25f
commit
3ed2d7d370
|
@ -1,5 +1,4 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./net.nix
|
||||
|
@ -8,6 +7,10 @@
|
|||
<stockholm/krebs/2configs/secret-passwords.nix>
|
||||
<stockholm/krebs/2configs/hw/x220.nix>
|
||||
|
||||
# see documentation in included getty-for-esp.nix:
|
||||
# brain hosts/puyak/root
|
||||
<stockholm/krebs/2configs/hw/getty-for-esp.nix>
|
||||
|
||||
|
||||
## initrd unlocking
|
||||
# (brain hosts/puyak/luks-ssd;echo) | ssh root@$(brain krebs-secrets/puyak/initrd/hostname) 'cat > /crypt-ramfs/passphrase'
|
||||
|
@ -119,7 +122,6 @@
|
|||
|
||||
krebs.build.host = config.krebs.hosts.puyak;
|
||||
sound.enable = false;
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot.enable = true;
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
|
|
17
krebs/2configs/hw/getty-for-esp.nix
Normal file
17
krebs/2configs/hw/getty-for-esp.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
# 1. Program an esp8266 devboard (esp8266+usb-ttl) with # https://github.com/jeelabs/esp-link
|
||||
# tested vesion: esp-link v3.2.47-g9c6530d
|
||||
# Pin Preset: esp-bridge
|
||||
# tx-enable: false
|
||||
# uart-pins: normal
|
||||
# 2. connect directly with usb-cable to device, check that vendorID and ProductID match
|
||||
# 3. nc <esp-link-ip> 23
|
||||
# Info: for puyak the root pw is `brain hosts/puyak/root`
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="tty", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="7523", SYMLINK+="ilo", MODE="0660"
|
||||
'';
|
||||
systemd.services."serial-getty@ilo".enable = true;
|
||||
systemd.services."serial-getty@ilo".wantedBy = [ "multi-user.target" ];
|
||||
systemd.services."serial-getty@ilo".serviceConfig.Restart = "always";
|
||||
}
|
||||
|
Loading…
Reference in a new issue