group home

groups/locations/home.py

@@ -0,0 +1 @@
+{}

libs/ssh.py

@@ -1,19 +1,23 @@
 from base64 import b64decode, b64encode
+from hashlib import sha3_256
+
 from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
-from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.serialization import Encoding, PrivateFormat, PublicFormat, NoEncryption
 
 
 def generate_ed25519_key_pair(secret):
     privkey_bytes = Ed25519PrivateKey.from_private_bytes(secret)
     
     nondeterministic_privatekey = privkey_bytes.private_bytes(
-        encoding=serialization.Encoding.PEM,
+        encoding=Encoding.PEM,
-        format=serialization.PrivateFormat.OpenSSH,
+        format=PrivateFormat.OpenSSH,
-        encryption_algorithm=serialization.NoEncryption()
+        encryption_algorithm=NoEncryption()
     ).decode()
-    nondeterministic_bytes = b64decode(''.join(nondeterministic_privatekey.split('\n')[1:-2]))
+
     # handle random 32bit number, occuring twice in a row
-    deterministic_bytes = nondeterministic_bytes[:98] + b'00000000' + nondeterministic_bytes[106:]
+    nondeterministic_bytes = b64decode(''.join(nondeterministic_privatekey.split('\n')[1:-2]))
+    random_bytes = sha3_256(secret).digest()[0:4]
+    deterministic_bytes = nondeterministic_bytes[:98] + random_bytes + random_bytes + nondeterministic_bytes[106:]
     deterministic_privatekey = '\n'.join([
         '-----BEGIN OPENSSH PRIVATE KEY-----',
         b64encode(deterministic_bytes).decode(),
@@ -21,8 +25,8 @@ def generate_ed25519_key_pair(secret):
     ])
 
     public_key = privkey_bytes.public_key().public_bytes(
-        encoding=serialization.Encoding.OpenSSH,
+        encoding=Encoding.OpenSSH,
-        format=serialization.PublicFormat.OpenSSH,
+        format=PublicFormat.OpenSSH,
     ).decode()
     
     return (deterministic_privatekey, public_key)

nodes/home.backups.py

@@ -1,10 +1,11 @@
 {
     'hostname': '10.0.0.5',
     'groups': [
-        'debian-11',
-        'backup-server',
-        'monitored',
         'autologin',
+        'backup-server',
+        'debian-11',
+        'home',
+        'monitored',
     ],
     'bundles': [
         'smartctl',

nodes/home.homematic.py

@@ -1,8 +1,9 @@
 {
     'hostname': '10.0.2.8',
     'groups': [
-        'raspberrymatic',
         'autologin',
+        'home',
+        'raspberrymatic',
     ],
     'bundles': [
         'hostname',

nodes/home.hue.py

@@ -1,5 +1,8 @@
 {
     'dummy': True,
+    'groups': [
+        'home',
+    ],
     'metadata': {
         'id': '',
         'network': {

nodes/home.openhab.py

@@ -1,12 +1,13 @@
 {
     'hostname': '10.0.0.17',
     'groups': [
+        'autologin',
         'backup',
         'debian-11',
+        'home',
         'monitored',
         'raspberry-pi',
         'webserver',
-        'autologin',
     ],
     'bundles': [
         'build-agent',

nodes/home.server.py

@@ -1,14 +1,15 @@
 {
     'hostname': '10.0.0.2',
     'groups': [
+        'autologin',
         'backup',
         'debian-11',
+        'home',
         'nextcloud',
         'monitored',
         'webserver',
         'hardware',
         'build-server',
-        'autologin',
     ],
     'bundles': [
         'apcupsd',

nodes/home.stromzaehler.py

@@ -1,10 +1,11 @@
 {
     'hostname': '10.0.0.15',
     'groups': [
+        'autologin',
         'debian-11',
+        'home',
         'raspberry-pi',
         'monitored',
-        'autologin',
     ],
     'bundles': [
        'stromzaehler',

nodes/home.unifi.py

@@ -1,5 +1,8 @@
 {
     'dummy': True,
+    'groups': [
+        'home',
+    ],
     'metadata': {
         'id': '',
         'network': {