dunkelstern

# for ISAKMP (handling of security associations)
iptables -A INPUT -p udp --dport 500 --j ACCEPT
# for NAT-T (handling of IPsec between natted devices)
iptables -A INPUT -p udp --dport 4500 --j ACCEPT
# for ESP payload (the encrypted data packets)
iptables -A INPUT -p esp -j ACCEPT
# for the routing of packets on the server
iptables -t nat -A POSTROUTING -j SNAT --to-source %IP% -o eth0
# internet access
iptables -t nat -A POSTROUTING -s 10.0.42.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT

dunkelstern

esphome:
  name: "nousa1t0"
  friendly_name: NousA1T0
  comment: "Wohnzimmer"
  project:
    name: "NOUS.Smart-Wifi-Socket_001"
    version: "A1T"  

#
# Original Tasmota Template:

dunkelstern

user  rtmp;
worker_processes  1;

events {
	worker_connections  1024;
}

http {
	include mime.types;
	default_type application/octet-stream;

dunkelstern

Assumptions

• Username is user
• User is in group user
• User's home is /home/user
• Python application is in /home/user/pythonapp
• Python script is named start.py
• Virtual environment is /home/user/.virtualenvs/pythonapp created with python -m venv /home/user/.virtualenvs/pythonapp

You can add multiple Environment lines if you need more env-variables

dunkelstern

#!/usr/bin/python3

from typing import Union, List, Any, Dict, Optional
import argparse
import os
import json
import ssl
from urllib.request import urlopen, Request

JSON = Union[List[Any], Dict[str, Any]]

dunkelstern

# ipsec.conf - strongSwan IPsec configuration file

config setup
    charondebug="ike 4, knl 4, cfg 4, net 4, esp 4, dmn 4,  mgr 4"

conn %default
    keyexchange=ike
    ike=aes128-sha1-modp1024,aes128-sha1-modp1536,aes128-sha1-modp2048,aes128-sha256-ecp256,aes128-sha256-modp1024,aes128-sha256-modp1536,aes128-sha256-modp2048,aes256-aes128-sha256-sha1-modp2048-modp4096-modp1024,aes256-sha1-modp1024,aes256-sha256-modp1024,aes256-sha256-modp1536,aes256-sha256-modp2048,aes256-sha256-modp4096,aes256-sha384-ecp384,aes256-sha384-modp1024,aes256-sha384-modp1536,aes256-sha384-modp2048,aes256-sha384-modp4096,aes256gcm16-aes256gcm12-aes128gcm16-aes128gcm12-sha256-sha1-modp2048-modp4096-modp1024,3des-sha1-modp1024!
    esp=aes128-aes256-sha1-sha256-modp2048-modp4096-modp1024,aes128-sha1,aes128-sha1-modp1024,aes128-sha1-modp1536,aes128-sha1-modp2048,aes128-sha256,aes128-sha256-ecp256,aes128-sha256-modp1024,aes128-sha256-modp1536,aes128-sha256-modp2048,aes128gcm12-aes128gcm16-aes256gcm12-aes256gcm16-modp2048-modp4096-modp

dunkelstern

# Set these to the correct values
$server_address = "vpn.example.com"
$connection_name = "VPN Connection"
$certificate_path = "certificate.p12"
$ca_cert_path = "strongswanCert.pem"
$password = ConvertTo-SecureString -String "P12 passphrase" -AsPlainText -Force

# Import machine cert
Import-PfxCertificate -FilePath $certificate_path -CertStoreLocation Cert:\LocalMachine\My\ -Password $password

dunkelstern

<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

<xsl:output method="html" omit-xml-declaration="yes" indent="yes"/>
<xsl:strip-space elements="*"/>

<xsl:template match="@*|node()">
	<xsl:copy>
		<xsl:apply-templates select="@*|node()"/>
	</xsl:copy>
</xsl:template>

dunkelstern

#!/usr/bin/python

from __future__ import print_function
import urllib
import json
import sys
import base64

search    = urllib.quote(sys.argv[1])
json_data = urllib.urlopen("http://api.giphy.com/v1/gifs/search?q={searchterm}&api_key=dc6zaTOxFJmzC&limit=1".format(searchterm=search)).read()

dunkelstern

#!/bin/bash

if [ "$1" = "-l" ] || [ "$1" = "--line" ] ; then
        line=$2
        file=$3
else
        line=1
        file=$1
fi