Quick Bare-Bones Pastebin for Home Labs
As I have spun up and used hundreds of containers in my home cluster, I have run into a very annoying problem. Frequently I need to quickly copy initialization URLs, temporary authentication keys, or configuration files from machine to machine. My machines are configured for key-based authentication through SSH, so SCP is usually a no-go since I don’t want random containers with access to other containers. Uploading to Dropbox requires extra tools as well as introducing security risks. My Samba shares also have the same problem.
Eventually, I found Fiche. It’s a completely bare-bones pastebin with ZERO pre-requisites on the client machines. You only need netcat, which is installed by default on all Linux distributions, and equivilents are found in Windows and Mac OS X.
If you just want a quick Ansible or Bash script, scroll to the end.
Pre-Requisites
- A Linux server to host Fiche (I will be using Debian 9 on top of LXC).
- A static IP address for your Fiche server.
Download Packages
First, run this command to download all the needed packages. LXC users will need to remove sudo at the beginning of any command in this tutorial.
1
sudo apt-get install git nginx build-essential automake autoconf autotools-dev curl
Now, we’ll move to a temporary folder to download and compile Fiche.
1
2
3
4
5
cd /usr/src
git clone https://github.com/solusipse/fiche.git
cd fiche
make
make install
Security Stuff
Now move to the folder that make just created. We need to create a folder for the uploaded data. Additionally, we’ll create a fiche user so that we don’t need to use root for a public-facing service.
1
2
3
4
5
cd /usr/local/bin/fiche
mkdir fiche-data
adduser fiche
chown -R fiche /usr/local/bin/fiche
chmod o+r /usr/local/bin/fiche/fiche-data
Configure Services
First we will create a service for Fiche so that it will start automatically after a reboot. Next, we will configure Nginx to point to the fiche-data directory. In both of these files, replace fiche.firecore.lan with the DNS-resolvable hostname of your server.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
cat << EOF > /etc/systemd/system/fiche.service
[Unit]
Description=FICHE-SERVER
[Service]
ExecStart=/usr/local/bin/fiche -d fiche.firecore.lan -o /usr/local/bin/fiche-data/ -u fiche
[Install]
WantedBy=multi-user.target
EOF
rm /etc/nginx/sites-enabled/default
cat << EOF > /etc/nginx/sites-enabled/fiche
server {
listen 80;
server_name fiche.firecore.lan;
charset utf-8;
location / {
root /usr/local/bin/fiche-data;
index index.txt index.html;
}
}
EOF
systemctl enable fiche
systemctl start fiche
Testing
That’s it! Now to test it. From any computer connected to the same network as your Fiche server, execute the following command (replacing fiche.firecore.lan with your server’s DNS name or IP address).
1
echo "test" | nc fiche.firecore.lan 9999
You should see the above code spit out a URL. Now to pull it up on another computer, execute the following from another computer (or the same terminal if you don’t have another one). Replace the URL with the one you recieved in the above command.
1
curl -L http://niche.firecore.lan/xxxxxxx
You should see test. That’s it. A bare-bones pastebin for moving those long URLs and tokens around your network. One word of advice, keep your Fiche server behind a firewall. The trade-off for this simplicity is no security. Anyone with HTTP access to your system can read or write to the pastebins on your system.
For the record, I am not the creator of Fiche. The original GitHub repo can be found on solusipse’s profile.
Ansible + Bash Scripts
For those of you that are looking for it, here’s the command to execute an all-in-one Bash script and also an Ansible playbook.
Bash
1
wget -O https://gist.githubusercontent.com/ARMmaster17/94dcbaddd06de8df11fd294d5014d18e/raw/52f1289efccf0427048f6e72f5257c7eca9ce6c0/install-fiche.sh | bash
Ansible Playbook
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# Execute with ansible fiche.yml --limit hostname.example.org
---
- hosts: all
tasks:
- name: install pre-req software
package:
name:
- git
- nginx
- build-essential
- automake
- autoconf
- autotools-dev
- curl
state: present
- name: checkout fiche
git:
repo: 'https://github.com/solusipse/fiche.git'
dest: /usr/src/fiche
- name: compile fiche
make:
chdir: /usr/src/fiche
- name: install fiche
make:
chdir: /usr/src/fiche
target: install
- name: create fiche user
user:
name: fiche
- name: set directory permissions
file:
path: /usr/local/bin/fiche
owner: fiche
state: directory
mode: o=rwx
- name: create fiche-data directory
file:
path: /usr/local/bin/fiche/fiche-data
state: directory
owner: fiche
mode: o=rw
- name: create fiche service
blockinfile:
path: /etc/systemd/system/fiche.service
block: |
[Unit]
Description=FICHE-SERVER
[Service]
ExecStart=/usr/local/bin/fiche -d fiche.firecore.lan -o /usr/local/bin/fiche-data/ -u fiche
[Install]
WantedBy=multi-user.target
- name: create nginx site for fiche
blockinfile:
path: /etc/nginx/sites-enabled/fiche
block: |
server {
listen 80;
charset utf-8;
location / {
root /usr/local/bin/fiche-data;
index index.txt index.html;
}
}
- name: remove default nginx site
file:
path: /etc/nginx/sites-enabled/default
state: absent
- name: start fiche service
service:
name: fiche
enabled: yes
state: started
- name: restart nginx
service:
name: nginx
state: restarted