├── .gitignore ├── hosts ├── localhost ├── roles ├── web │ ├── vars │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── sdr │ ├── vars │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── tor │ ├── vars │ │ └── main.yml │ ├── README.md │ └── tasks │ │ └── main.yml ├── rfid │ ├── vars │ │ └── main.yml │ ├── README.md │ └── tasks │ │ └── main.yml ├── multitor │ ├── vars │ │ └── main.yml │ ├── README.md │ └── tasks │ │ └── main.yml ├── wifi │ ├── tasks │ │ └── main.yml │ └── vars │ │ └── main.yml ├── docker │ ├── vars │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── standard │ ├── vars │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── display │ └── tasks │ │ └── main.yml ├── jackit │ └── tasks │ │ └── main.yml └── containers │ ├── README.md │ └── tasks │ └── main.yml ├── _config.yml ├── .github └── workflows │ └── main.yml ├── ansible.cfg ├── playbook.yml ├── scripts ├── check_multitor.py └── run_multitor.sh ├── LICENSE ├── install.sh └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | [RaspberryPi] 2 | localhost ansible_connection=local 3 | -------------------------------------------------------------------------------- /localhost: -------------------------------------------------------------------------------- 1 | [RaspberryPi] 2 | localhost ansible_connection=local -------------------------------------------------------------------------------- /roles/web/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - nginx 4 | - snapd 5 | -------------------------------------------------------------------------------- /roles/sdr/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - rtl-sdr 4 | - rtl-433 5 | -------------------------------------------------------------------------------- /roles/tor/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - tor 4 | - proxychains 5 | - python3-socks 6 | - netcat-openbsd 7 | -------------------------------------------------------------------------------- /roles/rfid/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - libnfc-bin 4 | - libnfc-examples 5 | - mfoc 6 | - mfcuk 7 | - xxd 8 | -------------------------------------------------------------------------------- /roles/multitor/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - python3-socks 4 | - npm 5 | - tor 6 | - privoxy 7 | - haproxy 8 | - netcat-openbsd 9 | -------------------------------------------------------------------------------- /roles/sdr/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | -------------------------------------------------------------------------------- /roles/wifi/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | -------------------------------------------------------------------------------- /roles/docker/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - ca-certificates 4 | - curl 5 | - gnupg 6 | 7 | old_packages: 8 | - docker.io 9 | - docker-doc 10 | - docker-compose 11 | - podman-docker 12 | - containerd 13 | - runc 14 | -------------------------------------------------------------------------------- /_config.yml: -------------------------------------------------------------------------------- 1 | name: raspberrypi-setup 2 | title: Raspberry Pi Setup 3 | plugins: 4 | - jekyll-relative-links 5 | relative_links: 6 | enabled: true 7 | collections: true 8 | include: 9 | - README.md 10 | - ISSUE_TEMPLATE.md 11 | - PULL_REQUEST_TEMPLATE.md 12 | -------------------------------------------------------------------------------- /roles/wifi/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - aircrack-ng 4 | - wifite 5 | # hcxdumptool dependencies 6 | - libcurl4-openssl-dev 7 | - libssl-dev 8 | - pkg-config 9 | - hcxtools 10 | - hcxdumptool 11 | - gpsd 12 | - gpsd-tools 13 | - gpsd-clients 14 | - python3-gps 15 | -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- 1 | name: YAML Lint 2 | 3 | on: [push, pull_request] 4 | 5 | jobs: 6 | lintAllTheThings: 7 | name: Lint 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/checkout@v2 11 | - name: yaml-lint 12 | uses: ibiqlik/action-yamllint@v3 13 | with: 14 | file_or_dir: . 15 | -------------------------------------------------------------------------------- /roles/standard/vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apt_packages: 3 | - screen 4 | - htop 5 | - vim 6 | - git 7 | - tree 8 | - locate 9 | - nmap 10 | - sqlmap 11 | - python3-lxml 12 | - python3-pip 13 | - python3-venv 14 | - unattended-upgrades 15 | - iptraf 16 | - mc 17 | - youtube-dl 18 | - dnsutils 19 | - traceroute 20 | - ansible-lint 21 | - fail2ban 22 | -------------------------------------------------------------------------------- /roles/tor/README.md: -------------------------------------------------------------------------------- 1 | I chose to remove [multitor](../multitor/tasks/main.yml) from the project. 2 | It's replaced by the "proxy" tag that will install Tor. 3 | 4 | An alternative way to change your ip quickly, run commands : 5 | 6 | ``` 7 | watch python check_tor.py 8 | watch -n 60 sudo service tor reload 9 | ``` 10 | 11 | You can also install [Rotating Tor HTTP proxy container](https://github.com/zhaow-de/rotating-tor-http-proxy) with tag **proxy**. -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | # See : https://raw.githubusercontent.com/ansible/ansible/devel/examples/ansible.cfg 2 | 3 | [defaults] 4 | 5 | # path to install and search for roles in : 6 | roles_path = ./ansible_galaxy_roles 7 | 8 | # location of inventory file, eliminates need to specify -i : 9 | inventory = ./hosts 10 | 11 | # ignore ssh authenticity 12 | host_key_checking = False 13 | 14 | [ssh_connection] 15 | # pipelining = True 16 | # control_path = /tmp/ansible-ssh-%%h-%%p-%%r 17 | -------------------------------------------------------------------------------- /roles/rfid/README.md: -------------------------------------------------------------------------------- 1 | ## Notes 2 | **Dump file format** 3 | - *.mfd, *.dmp, *.img → **nfc-mfclassic** 4 | - *.mct → **Mifare Classic Tool - MCT** 5 | - *.nfc → **Flipper Zero** 6 | - *.eml → **Proxmark3** 7 | 8 | **Tools** 9 | - [Classic Converter](https://github.com/equipter/ClassicConverter) 10 | - [Classic Converter Web](https://micsen.github.io/flipperNfcToBin/) 11 | - [MifareClassicTool - Tools](https://github.com/ikarus23/MifareClassicTool/tree/master/tools) -------------------------------------------------------------------------------- /roles/display/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Git clone LCD-show 3 | ansible.builtin.git: 4 | repo: https://github.com/goodtft/LCD-show.git 5 | dest: "{{ ansible_facts['env']['HOME'] }}/LCD-show" 6 | clone: true 7 | 8 | - name: Change rights on LCD-show 9 | ansible.builtin.command: chmod -R 755 LCD-show 10 | args: 11 | chdir: "{{ ansible_facts['env']['HOME'] }}" 12 | 13 | - name: Run script to configure screen 14 | ansible.builtin.command: sudo ./LCD7B-show 15 | args: 16 | chdir: "{{ ansible_facts['env']['HOME'] }}/LCD-show" 17 | -------------------------------------------------------------------------------- /roles/jackit/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Git clone jackit 3 | ansible.builtin.git: 4 | repo: https://github.com/insecurityofthings/jackit.git 5 | dest: "{{ ansible_facts['env']['HOME'] }}/jackit" 6 | clone: true 7 | 8 | - name: Install requirements 9 | become: true 10 | become_user: root 11 | ansible.builtin.pip: 12 | requirements: "{{ ansible_facts['env']['HOME'] }}/jackit/requirements.txt" 13 | 14 | - name: Install jackit 15 | ansible.builtin.command: python3 setup.py install 16 | args: 17 | chdir: "{{ ansible_facts['env']['HOME'] }}/jackit" 18 | -------------------------------------------------------------------------------- /playbook.yml: -------------------------------------------------------------------------------- 1 | - name: RaspberryPi-Setup 2 | hosts: RaspberryPi 3 | gather_facts: true 4 | become: true 5 | become_user: atao 6 | roles: 7 | - role: containers 8 | - role: display 9 | tags: ['display', 'never'] 10 | - role: docker 11 | tags: ['docker'] 12 | - role: jackit 13 | tags: ['jackit', 'never'] 14 | - role: tor 15 | tags: ['tor'] 16 | - role: rfid 17 | tags: ['rfid'] 18 | - role: sdr 19 | tags: ['sdr'] 20 | - role: standard 21 | tags: ['standard', 'std'] 22 | - role: web 23 | tags: ['web'] 24 | - role: wifi 25 | tags: ['wifi'] 26 | -------------------------------------------------------------------------------- /roles/tor/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | 9 | - name: Download script check_tor.py 10 | ansible.builtin.get_url: 11 | url: "https://gist.githubusercontent.com/atao/\ 12 | e5bdee72501b94d3aa9ddf9b5399792f/raw/\ 13 | d6beebe73b656ee8ef38f9f981225e67fe359173/check_tor.py" 14 | dest: "{{ ansible_facts['env']['HOME'] }}/check_tor.py" 15 | force: false 16 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 17 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 18 | mode: '0644' 19 | -------------------------------------------------------------------------------- /roles/web/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | autoremove: true 9 | 10 | - name: Check if certbot already installed 11 | ansible.builtin.stat: 12 | path: "/snap/bin/certbot" 13 | register: certbot 14 | 15 | - name: Install certbot 16 | become: true 17 | become_user: root 18 | community.general.snap: 19 | name: certbot 20 | classic: true 21 | when: not certbot.stat.exists 22 | 23 | - name: Link certbot 24 | become: true 25 | become_user: root 26 | ansible.builtin.file: 27 | src: /snap/bin/certbot 28 | dest: /usr/bin/certbot 29 | state: link 30 | force: true 31 | when: not certbot.stat.exists 32 | -------------------------------------------------------------------------------- /scripts/check_multitor.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | 4 | import requests 5 | from lxml import html 6 | 7 | proxies = {"http": "socks5://localhost:9000", "https": "socks5://localhost:9000"} 8 | 9 | r = requests.Session() 10 | r.proxies.update(proxies) 11 | try: 12 | response = r.get("https://check.torproject.org", proxies=proxies) 13 | except Exception as e: 14 | print(e) 15 | exit(2) 16 | 17 | if response.status_code == 200: 18 | tree = html.fromstring(response.text) 19 | data = tree.xpath('//div[@class="content"]') 20 | for p in data: 21 | print(p.xpath('.//h1/text()')[0].strip()) 22 | print(p.xpath('.//p/text()')[0],p.xpath('.//p/strong/text()')[0]) 23 | else: 24 | print("Request error") 25 | exit(2) 26 | 27 | -------------------------------------------------------------------------------- /roles/multitor/README.md: -------------------------------------------------------------------------------- 1 | **Documentation** 2 | [Multitor wiki](https://github.com/trimstray/multitor/wiki/Manual) 3 | 4 | **Issues with multitor** 5 | 6 | See issues on project : 7 | * [Multitor directory: ownership bug #3](https://github.com/trimstray/multitor/issues/3) 8 | * [bad multitor directory owner #19](https://github.com/trimstray/multitor/issues/19) 9 | 10 | `[!] bad multitor directory owner` 11 | 12 | Run this : 13 | 14 | `sudo chown debian-tor:debian-tor -R /var/lib/multitor` 15 | 16 | --- 17 | 18 | **Issues with script check_multitor.py** ([Python Requests](https://requests.readthedocs.io/en/latest/)) 19 | 20 | [urllib3.exceptions.LocationParseError: Failed to parse #5476](https://github.com/psf/requests/issues/5476) 21 | 22 | Fix with : 23 | 24 | `python -m pip install six==1.15.0` 25 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 ATAO 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /roles/containers/README.md: -------------------------------------------------------------------------------- 1 | **Configuration** 2 | 3 | Once the JDownloader container has been graphically launched for the first time and you've logged in to your [My-JDownloader](https://my.jdownloader.org/login.html) account. 4 | 5 | Find informations 6 | ```bash 7 | sudo docker ps -a 8 | ``` 9 | output : 10 | ```bash 11 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 12 | 9faa323f6f5f jlesage/jdownloader-2 "/init" 3 minutes ago Up 3 minutes 3129/tcp, 5900/tcp, 0.0.0.0:5800->5800/tcp jdownloader-2 13 | ``` 14 | 15 | Stop the container 16 | ```bash 17 | sudo docker stop 18 | ``` 19 | 20 | Change the [main.yml](container/tasks/main.yml) file as follows: 21 | 22 | ```YAML 23 | auto_remove: false 24 | "JDOWNLOADER_HEADLESS": "1" 25 | ``` 26 | 27 | Run the playbook again with the jd2 tag, to create the container once more. 28 | 29 | ```bash 30 | ansible-playbook playbook.yml -i hosts --tags jd2 31 | ``` 32 | 33 | Now you can start and stop it, but your My-JDownloader account will always be present at each launch. 34 | 35 | ```bash 36 | sudo docker start 37 | sudo docker stop 38 | ``` 39 | 40 | The container may take some time to appear in My-JDownloader's interface. 41 | -------------------------------------------------------------------------------- /roles/standard/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | autoremove: true 9 | 10 | - name: Check if .vimrc exists 11 | ansible.builtin.stat: 12 | path: "{{ ansible_facts['env']['HOME'] }}/.vimrc" 13 | register: vimrc 14 | 15 | - name: Configure .vimrc 16 | ansible.builtin.lineinfile: 17 | path: "{{ ansible_facts['env']['HOME'] }}/.vimrc" 18 | line: | 19 | syntax enable 20 | set mouse-=a 21 | set paste 22 | create: true 23 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 24 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 25 | mode: '0644' 26 | when: not vimrc.stat.exists 27 | 28 | - name: Enable ll alias in .bashrc 29 | ansible.builtin.lineinfile: 30 | path: "{{ ansible_facts['env']['HOME'] }}/.bashrc" 31 | regexp: '^#alias ll' 32 | line: alias ll='ls -l' 33 | 34 | - name: Add alias 35 | ansible.builtin.lineinfile: 36 | path: "{{ ansible_facts['env']['HOME'] }}/.bashrc" 37 | regexp: '^Listen ' 38 | insertafter: '^#alias l=' 39 | line: alias fuck='sudo $(history -p \!\!)' 40 | 41 | - name: Print a debug message 42 | ansible.builtin.debug: 43 | msg: "{{ ansible_facts['env']['HOME'] }}/.bashrc" 44 | -------------------------------------------------------------------------------- /roles/multitor/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Installation requirements 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | 9 | - name: Install hpts from npm 10 | become: true 11 | become_user: root 12 | community.general.npm: 13 | name: http-proxy-to-socks 14 | global: true 15 | 16 | - name: Git clone multitor 17 | ansible.builtin.git: 18 | repo: https://github.com/trimstray/multitor.git 19 | dest: "{{ ansible_facts['env']['HOME'] }}/multitor" 20 | clone: true 21 | 22 | - name: Setup multitor 23 | ansible.builtin.command: 24 | argv: 25 | - sudo 26 | - "{{ ansible_facts['env']['HOME'] }}/multitor/setup.sh" 27 | - install 28 | 29 | - name: Send file - check_multitor.py 30 | ansible.builtin.copy: 31 | src: scripts/check_multitor.py 32 | dest: "{{ ansible_facts['env']['HOME'] }}/check_multitor.py" 33 | mode: '755' 34 | force: true 35 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 36 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 37 | 38 | - name: Send file - run_multitor.sh 39 | ansible.builtin.copy: 40 | src: scripts/run_multitor.sh 41 | dest: "{{ ansible_facts['env']['HOME'] }}/run_multitor.sh" 42 | mode: '755' 43 | force: true 44 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 45 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 46 | -------------------------------------------------------------------------------- /roles/docker/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Verify if docker is installed 3 | ansible.builtin.stat: 4 | path: /usr/bin/docker 5 | register: docker_exist 6 | 7 | - name: Uninstall all conflicting packages with Docker 8 | ansible.builtin.apt: 9 | name: "{{ old_packages }}" 10 | state: absent 11 | when: not docker_exist.stat.exists 12 | 13 | - name: Install Docker packages 14 | become: true 15 | become_user: root 16 | ansible.builtin.apt: 17 | name: "{{ apt_packages }}" 18 | update_cache: true 19 | when: not docker_exist.stat.exists 20 | 21 | - name: Download docker install script 22 | ansible.builtin.get_url: 23 | url: https://get.docker.com 24 | dest: "{{ ansible_facts['env']['HOME'] }}/get-docker.sh" 25 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 26 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 27 | mode: '0644' 28 | when: not docker_exist.stat.exists 29 | 30 | - name: Run docker install script 31 | ansible.builtin.command: 32 | argv: 33 | - sh 34 | - "{{ ansible_facts['env']['HOME'] }}/get-docker.sh" 35 | when: not docker_exist.stat.exists 36 | 37 | - name: Verify docker installation 38 | command: docker -v 39 | register: docker_version 40 | 41 | - name: Docker version 42 | debug: 43 | var: docker_version.stdout_lines 44 | 45 | - name: Remove docker install script 46 | file: 47 | path: "{{ ansible_facts['env']['HOME'] }}/get-docker.sh" 48 | state: absent 49 | when: not docker_exist.stat.exists 50 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Typo 4 | bold=$(tput bold) 5 | underline=$(tput sgr 0 1) 6 | reset=$(tput sgr0) 7 | 8 | rouge=$( tput setaf 1) 9 | vert=$( tput setaf 2) 10 | jaune=$( tput setaf 3) 11 | bleu=$( tput setaf 4) 12 | violet=$( tput setaf 5) 13 | cyan=$( tput setaf 6) 14 | gris=$( tput setaf 7) 15 | 16 | # Fonctions 17 | shw_norm () { echo -en "${bold}$(tput setaf 9)${@}${reset}"; } 18 | shw_info () { echo -en "${bold}${cyan}${@}${reset}"; } 19 | shw_OK () { echo -en "${bold}${vert}OK!${@}${reset}"; } 20 | shw_warn () { echo -en "${bold}${violet}${@}${reset}"; } 21 | shw_err () { echo -en "${bold}${rouge}${@}${reset}"; } 22 | gris() { echo -en "${bold}${gris}${@}${reset}"; } 23 | header() { echo -e "${bold}${jaune}$*${reset}"; } 24 | headerU() { echo -e "${underline}${bold}${jaune}$*${reset}"; } 25 | 26 | clear && echo -e "\n\n" 27 | header "=======================================================" 28 | header "=== Setting up your Raspberry Pi ===" 29 | headerU "=======================================================\n" 30 | 31 | if [ $# -eq 0 ] 32 | then 33 | shw_warn "No arguments supplied, please choose the roles to install\n" 34 | shw_warn "exiting...\n" 35 | exit 1 36 | fi 37 | 38 | sudo apt update 39 | sudo apt install ansible git -y 40 | 41 | installdir="/tmp/pi-$RANDOM" 42 | mkdir $installdir 43 | 44 | git clone https://github.com/atao/raspberrypi-setup.git $installdir 45 | if [ ! -d $installdir ]; then 46 | shw_err "git cloned failed\n" 47 | shw_err "exiting...\n" 48 | exit 1 49 | else 50 | cd $installdir 51 | ansible-playbook playbook.yml -i localhost --tags $1 52 | fi 53 | 54 | shw_info "cleaning up...\n\n" 55 | rm -Rfv /tmp/$installdir 56 | 57 | shw_info "Upgrade packages...\n\n" 58 | sudo apt upgrade -y 59 | 60 | shw_OK " Enjoy!\n" 61 | exit 0 62 | -------------------------------------------------------------------------------- /roles/containers/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Container portainer/portainer-ce:latest 3 | block: 4 | - name: Create volume portainer_data 5 | become: true 6 | become_user: root 7 | community.docker.docker_volume: 8 | name: portainer_data 9 | - name: Create container portainer-ce 10 | become: true 11 | become_user: root 12 | community.docker.docker_container: 13 | name: portainer 14 | image: portainer/portainer-ce 15 | state: started 16 | recreate: false 17 | pull: true 18 | detach: true 19 | restart_policy: "always" 20 | ports: 21 | - "8000:8000" 22 | - "9443:9443" 23 | volumes: 24 | - /var/run/docker.sock:/var/run/docker.sock 25 | - portainer_data:/data 26 | tags: portainer 27 | 28 | - name: Container jlesage/jdownloader-2 29 | become: true 30 | become_user: root 31 | community.docker.docker_container: 32 | name: jdownloader-2 33 | image: jlesage/jdownloader-2 34 | state: started 35 | recreate: false 36 | pull: true 37 | detach: true 38 | auto_remove: true 39 | ports: 40 | - "5800:5800" 41 | volumes: 42 | - "{{ ansible_facts['env']['HOME'] }}/jdownloader:/config" 43 | - /mnt:/output 44 | env: 45 | "JDOWNLOADER_HEADLESS": "0" 46 | tags: jd2 47 | 48 | - name: Run rotating Tor HTTP proxy container 49 | become: true 50 | become_user: root 51 | community.docker.docker_container: 52 | name: rotating-tor-http-proxy 53 | image: zhaowde/rotating-tor-http-proxy 54 | state: started 55 | recreate: false 56 | detach: true 57 | restart_policy: "always" 58 | ports: 59 | - "3128:3128" 60 | - "4444:4444" 61 | env: 62 | TOR_INSTANCES: "5" 63 | TOR_REBUILD_INTERVAL: "3600" 64 | tags: proxy 65 | 66 | - name: Get list of containers 67 | become: true 68 | become_user: root 69 | command: docker ps -a 70 | register: docker_containers 71 | tags: always 72 | 73 | - name: Show state of Docker containers 74 | debug: 75 | var: docker_containers.stdout_lines 76 | tags: always 77 | -------------------------------------------------------------------------------- /scripts/run_multitor.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | ########################################### 3 | # Run Multitor 4 | ########################################### 5 | # auteur : atao 6 | VERSION="2020.03.17" 7 | # licence type : Creative Commons Attribution-NoDerivatives 4.0 (International) 8 | # licence info : http://creativecommons.org/licenses/by-nd/4.0/ 9 | ########################################### 10 | 11 | bold=$(tput bold) 12 | underline=$(tput sgr 0 1) 13 | reset=$(tput sgr0) 14 | 15 | rouge=$( tput setaf 1) 16 | vert=$( tput setaf 2) 17 | jaune=$( tput setaf 3) 18 | bleu=$( tput setaf 4) 19 | violet=$( tput setaf 5) 20 | cyan=$( tput setaf 6) 21 | gris=$( tput setaf 8) 22 | blanc=$( tput setaf 7) 23 | #base=$( tput reset) 24 | 25 | # Fonctions 26 | shw_norm () { echo -en "${bold}${@}${reset}"; } 27 | shw_info () { echo -en "${bold}${cyan}${@}${reset}"; } 28 | shw_OK () { echo -en "${bold}${vert}OK!${@}${reset}"; } 29 | shw_warn () { echo -en "${bold}${violet}${@}${reset}"; } 30 | shw_err () { echo -en "${bold}${rouge}${@}${reset}"; } 31 | gris() { echo -en "${bold}${gris}${@}${reset}"; } 32 | header() { echo -e "${bold}${jaune}$*${reset}"; } 33 | headerU() { echo -e "${underline}${bold}${jaune}$*${reset}"; } 34 | 35 | # debut du script 36 | clear && echo -e "\n\n" 37 | header "****************************************************************************" 38 | header "*** Run Multitor (v${VERSION}) ***" 39 | headerU "****************************************************************************" 40 | 41 | gris "\n\tProject : https://github.com/trimstray/multitor\n" 42 | 43 | # Vérification execution en tant que 'root' 44 | shw_norm "\n\t::: execution en tant que root... " 45 | if [[ $EUID -ne 0 ]]; then 46 | sudo "$0" "$@" || (shw_err "Ce script doit être executé avec les droits 'root'. Arrêt du script.\n" ; exit 1) 47 | else 48 | shw_OK 49 | fi 50 | 51 | # kill all multitor processes 52 | shw_norm "\n\nkill all multitor processes\n\n" 53 | sudo multitor -k 54 | 55 | # Start multitor processes 56 | shw_norm "\nStart multitor processes : \n" 57 | sudo multitor --init 8 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy 58 | 59 | shw_norm "Bye!\n" 60 | exit 0 61 | -------------------------------------------------------------------------------- /roles/rfid/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Packages installation 3 | become: true 4 | become_user: root 5 | ansible.builtin.apt: 6 | name: "{{ apt_packages }}" 7 | update_cache: true 8 | 9 | - name: Download std.keys from MifareClassicTool 10 | ansible.builtin.get_url: 11 | url: "https://raw.githubusercontent.com/ikarus23/MifareClassicTool/master/\ 12 | Mifare%20Classic%20Tool/app/src/main/assets/key-files/std.keys" 13 | dest: "{{ ansible_facts['env']['HOME'] }}/std.keys" 14 | force: true 15 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 16 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 17 | mode: '644' 18 | 19 | - name: Download extended-std.keys from MifareClassicTool 20 | ansible.builtin.get_url: 21 | url: "https://raw.githubusercontent.com/ikarus23/MifareClassicTool/master/\ 22 | Mifare%20Classic%20Tool/app/src/main/assets/key-files/extended-std.keys" 23 | dest: "{{ ansible_facts['env']['HOME'] }}/extended-std.keys" 24 | force: true 25 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 26 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 27 | mode: '644' 28 | 29 | - name: Download mct2dmp from bm-mifare-classic 30 | ansible.builtin.get_url: 31 | url: "https://github.com/blogmotion/bm-mifare-classic/raw/master/\ 32 | conversion/mct2dmp%20-%20bash%20version/mct2dmp.sh" 33 | dest: "{{ ansible_facts['env']['HOME'] }}/mct2dmp.sh" 34 | force: false 35 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 36 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 37 | mode: '644' 38 | 39 | - name: Download 4B_Converter from ClassicConverter 40 | ansible.builtin.get_url: 41 | url: "https://raw.githubusercontent.com/equipter/ClassicConverter/\ 42 | main/4B_Converter.py" 43 | dest: "{{ ansible_facts['env']['HOME'] }}/4B_Converter.py" 44 | force: false 45 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 46 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 47 | mode: '644' 48 | 49 | - name: Download 7B_Converter from ClassicConverter 50 | ansible.builtin.get_url: 51 | url: "https://raw.githubusercontent.com/equipter/ClassicConverter/\ 52 | main/7B_Converter.py" 53 | dest: "{{ ansible_facts['env']['HOME'] }}/7B_Converter.py" 54 | force: false 55 | owner: "{{ ansible_facts['env']['LOGNAME'] }}" 56 | group: "{{ ansible_facts['env']['LOGNAME'] }}" 57 | mode: '644' 58 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Raspberry Pi Setup 2 | 3 | [![YAML Lint](https://github.com/atao/raspberrypi-setup/actions/workflows/main.yml/badge.svg)](https://github.com/atao/raspberrypi-setup/actions/workflows/main.yml) 4 | 5 | This [Ansible](https://www.ansible.com/) playbook is designed to rapidly set up your Raspberry Pi. 6 | 7 | It's compatible with all models. It has been successfully tested on multiple models, including the Pi Zero W, Pi Zero 2W, and Pi 4B, among others. The playbook should work well on both Debian and Debian-based distributions. 8 | 9 | ## Roles 10 | 11 | You can choose what you want to install with tags : 12 | 13 | - **standard**, **std** : install [standard packages](roles/standard/vars/main.yml), configure .bashrc, .vimrc 14 | - **display** : configure my display with [LCD-show](https://github.com/goodtft/LCD-show) 15 | - **docker** : install Docker 16 | - **jackit** : install [jackit](https://github.com/insecurityofthings/jackit) for exploit code for Mousejack 17 | - ~~**multitor** : install a proxy with multiple TOR instances with load-balancing ([trimstray/multitor](https://github.com/trimstray/multitor)) → [Known issues](https://github.com/atao/raspberrypi-setup/blob/main/roles/multitor/README.md)~~ 18 | - **tor** : install Tor → [README](roles/tor/README.md) 19 | - **rfid** : install RFID tools ([libnfc](https://github.com/nfc-tools/libnfc), [mfoc](https://github.com/nfc-tools/mfoc), [mfcuk](https://github.com/nfc-tools/mfcuk)) and keys from [MifareClassicTool](https://github.com/ikarus23/MifareClassicTool/tree/master/Mifare%20Classic%20Tool/app/src/main/assets/key-files) → See [Notes](roles/rfid/README.md) 20 | - **sdr** : install SDR tools ([rtl_433](https://github.com/merbanan/rtl_433)) 21 | - **web** : install nginx and certbot 22 | - **wifi** : install Wifi and GPS tools for wardriving 23 | 24 | _You will need to modify [this file](roles/display/tasks/main.yml) to configure the correct display._ 25 | 26 | Containers : 27 | - **jd2** docker container for JDownloader 2 [jlesage/jdownloader-2](https://github.com/jlesage/docker-jdownloader-2) → See [Configuration tips'](roles/containers/README.md) 28 | - **portainer** Portainer CE - a lightweight service delivery platform for containerized applications [portainer/portainer-ce](https://hub.docker.com/r/portainer/portainer-ce) 29 | - **proxy** [Rotating Tor HTTP proxy container](https://github.com/zhaow-de/rotating-tor-http-proxy) 30 | 31 | ## Standalone 32 | 33 | To setup directly from the Pi, run the following command : 34 | Before run command you must setup your Pi with [Raspberry Pi Imager](https://www.raspberrypi.org/software/). 35 | 36 | Next run command : 37 | 38 | ``` 39 | curl -s https://raw.githubusercontent.com/atao/raspberrypi-setup/main/install.sh | bash -s -- all 40 | ``` 41 | 42 | ## Ansible 43 | 44 | To setup run the following command : 45 | 46 | ``` 47 | git clone https://github.com/atao/raspberrypi-setup.git 48 | cd raspberrypi-setup 49 | ansible-playbook playbook.yml -i hosts --tags all --ask-become-pass 50 | ``` 51 | 52 | List playbook tasks : 53 | ``` 54 | ansible-playbook playbook.yml -i hosts --list-tasks 55 | ``` 56 | 57 | ## Examples 58 | Install only some tags : 59 | ``` 60 | curl -s https://raw.githubusercontent.com/atao/raspberrypi-setup/main/install.sh | bash -s -- standard,proxy,rfid,docker,web,jd2 61 | ``` 62 | 63 | ## Debug 64 | ``` 65 | ansible-lint playbook.yml 66 | ``` 67 | Run with option : 68 | ``` 69 | --syntax-check 70 | ``` 71 | If you test it in WSL run this command before : 72 | ``` 73 | sudo rm /usr/lib/python3.11/EXTERNALLY-MANAGED 74 | sudo apt install curl 75 | ``` 76 | -- 77 | 78 | Inspired from [geerlingguy / mac-dev-playbook](https://github.com/geerlingguy/mac-dev-playbook) and [nico2che / mac-setup](https://github.com/nico2che/mac-setup) 79 | --------------------------------------------------------------------------------