anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
99be4e64ad5d4715ab67483475299f34f5953f0b
DECNET/test-full.ini
anti 086643ef5a Expose nmap_os in INI loader and update test-full.ini 
- ini_loader.py: DeckySpec gains nmap_os field; load_ini parses nmap_os=
  (also accepts nmap-os= hyphen alias) and propagates it to amount-expanded deckies
- cli.py: _build_deckies_from_ini resolves nmap_os with priority:
  explicit INI key > archetype default > "linux"
- test-full.ini: every decky now carries nmap_os=; [windows-workstation]
  gains archetype= so its OS family is set correctly; decky-winbox/fileserv/
  ldapdc → windows, decky-iot → embedded, decky-legacy → bsd, rest → linux
- tests/test_ini_loader.py: 7 new tests covering nmap_os parsing, defaults,
  hyphen alias, and amount= expansion propagation

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-04 13:23:45 -03:00

193 lines
5.7 KiB
INI
Raw Blame History

# DECNET Full Test Config
# Covers all 25 registered services across 10 role-themed deckies + archetype pool.
# Distros are auto-cycled for heterogeneity (9 profiles, round-robin).
#
# nmap_os controls the TCP/IP stack sysctls injected into each decky's base
# container so nmap OS detection returns the expected OS family:
# linux → TTL 64, syn_retries 6
# windows → TTL 128, syn_retries 2, large recv buffer
# embedded → TTL 255, syn_retries 3
# bsd → TTL 64, syn_retries 6
# cisco → TTL 255, syn_retries 2
#
# Usage:
# decnet deploy --config test-full.ini --dry-run
# sudo decnet deploy --config test-full.ini --log-target 192.168.1.200:5140 \
# --log-file /var/log/decnet/decnet.log
[general]
net = 192.168.1.0/24
gw = 192.168.1.1
interface = wlp6s0
#log_target = 192.168.1.200:5140
# ── Archetype pool: 10 Windows workstations ───────────────────────────────────
# archetype=windows-workstation already sets nmap_os=windows automatically.
[windows-workstation]
archetype = windows-workstation
amount = 10
# ── Web / Mail stack ──────────────────────────────────────────────────────────
# Looks like an internet-facing Linux mail + web host
[decky-webmail]
ip = 192.168.1.110
services = http, smtp, imap, pop3
nmap_os = linux
[decky-webmail.http]
server_header = Apache/2.4.54 (Debian)
response_code = 200
fake_app = wordpress
[decky-webmail.smtp]
smtp_banner = 220 mail.corp.local ESMTP Postfix (Debian/GNU)
smtp_mta = mail.corp.local
# ── File / Transfer services ──────────────────────────────────────────────────
# Presents as a Windows/Samba file server — TTL 128 seals the illusion.
[decky-fileserv]
ip = 192.168.1.111
services = smb, ftp, tftp
nmap_os = windows
[decky-fileserv.smb]
workgroup = CORP
server_name = FILESERV01
os_version = Windows Server 2019
# ── LAMP-style database host ──────────────────────────────────────────────────
[decky-dbsrv01]
ip = 192.168.1.112
services = mysql, redis
nmap_os = linux
[decky-dbsrv01.mysql]
mysql_version = 5.7.38-log
mysql_banner = MySQL Community Server
[decky-dbsrv01.redis]
redis_version = 6.2.7
# ── Modern stack databases ────────────────────────────────────────────────────
[decky-dbsrv02]
ip = 192.168.1.113
services = postgres, mongodb, elasticsearch
nmap_os = linux
[decky-dbsrv02.postgres]
pg_version = 14.5
[decky-dbsrv02.mongodb]
mongo_version = 5.0.9
[decky-dbsrv02.elasticsearch]
es_version = 8.4.3
cluster_name = prod-search
# ── Windows workstation / server ──────────────────────────────────────────────
# RDP + SMB + MSSQL — nmap_os=windows gives TTL 128 to complete the fingerprint.
[decky-winbox]
ip = 192.168.1.114
services = rdp, smb, mssql
nmap_os = windows
[decky-winbox.rdp]
os_version = Windows Server 2016
build = 14393
[decky-winbox.smb]
workgroup = CORP
server_name = WINSRV-DC01
os_version = Windows Server 2016
[decky-winbox.mssql]
mssql_version = Microsoft SQL Server 2019
# ── DevOps / Container infra ──────────────────────────────────────────────────
[decky-devops]
ip = 192.168.1.115
services = k8s, docker_api
nmap_os = linux
[decky-devops.k8s]
k8s_version = v1.26.3
[decky-devops.docker_api]
docker_version = 24.0.2
# ── Directory / Auth services ─────────────────────────────────────────────────
# Active Directory DC persona — Windows TCP stack matches the LDAP/SMB services.
[decky-ldapdc]
ip = 192.168.1.116
services = ldap, ssh
nmap_os = windows
[decky-ldapdc.ldap]
base_dn = dc=corp,dc=local
domain = corp.local
[decky-ldapdc.ssh]
ssh_version = OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
kernel_version = 5.15.0-91-generic
users = root:toor,admin:admin123,svc_backup:backup2024
# ── IoT / Industrial / Network management ─────────────────────────────────────
# TTL 255 is the embedded/network-device giveaway nmap looks for.
[decky-iot]
ip = 192.168.1.117
services = mqtt, snmp, conpot
nmap_os = embedded
[decky-iot.mqtt]
mqtt_version = Mosquitto 2.0.15
[decky-iot.snmp]
snmp_community = public
sys_descr = Linux router 5.4.0 #1 SMP x86_64
# ── VoIP / Local network services ────────────────────────────────────────────
[decky-voip]
ip = 192.168.1.118
services = sip, llmnr
nmap_os = linux
[decky-voip.sip]
sip_server = Asterisk PBX 18.12.0
sip_domain = pbx.corp.local
# ── Legacy admin / remote access ─────────────────────────────────────────────
# Old-school unpatched box — BSD stack for variety.
[decky-legacy]
ip = 192.168.1.119
services = telnet, vnc, ssh
nmap_os = bsd
[decky-legacy.ssh]
ssh_version = OpenSSH_7.4p1 Debian-10+deb9u7
kernel_version = 4.9.0-19-amd64
users = root:root,admin:password,pi:raspberry
[decky-legacy.vnc]
vnc_version = RealVNC 6.7.2
Reference in New Issue View Git Blame Copy Permalink