SOI
/
soios
103
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add more text to contestops readme

This commit is contained in:
Jan Schär 2024-05-18 18:09:13 +02:00
parent 530d3b23ca
commit 474785f2d7
2 changed files with 49 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -2,4 +2,5 @@
/osbuild/ /osbuild/
/contestops/certs/ /contestops/certs/
/contestops/backups*
/contestops/local.known_hosts /contestops/local.known_hosts

57
contestops/readme.md
View File

@ -2,8 +2,8 @@
Here are instructions and various scripts and files for running contests. Here are instructions and various scripts and files for running contests.
The setup consists of a machine for each contestant, a machine running the grader, and an admin machine. The setup consists of a machine for each contestant, a machine running the grader, and an admin machine (e.g. your personal laptop).
All these should be connected through a network, preferably wired. All these should be connected through a network.
The grader can be a machine accessible over the internet or in the local network. The grader can be a machine accessible over the internet or in the local network.
## Grader setup ## Grader setup
@ -17,7 +17,7 @@ sudo apt install ntpsec
``` ```
Configure the grader to accept client certificates. Configure the grader to accept client certificates.
The CA certificate (`certs/ca.pem`) is generated as part of the admin setup. The CA certificate (`certs/ca.pem`) is generated as part of the admin setup below.
## Contestant machine setup ## Contestant machine setup
@ -36,15 +36,30 @@ The OS is loaded into RAM during boot, so you can remove the stick once the boot
## Network setup ## Network setup
If there is not already an existing network, you need to set it up yourself. If there is not already an existing network, you need to set it up yourself.
Connect all contestant machines and the admin machine to a network switch with LAN cables. You can use either WiFi or wired Ethernet.
If you use multiple switches, don't forget to also link the switches together. WiFi has the advantage that you don't need to bring and install all those Ethernet cables, and avoids the ugly cable mess.
If the grader must be accessed over the internet, you can connect the admin machine to WiFi or USB tethering with a phone. **Ethernet:**
You can then share the internet with the local network. Connect all contestant machines and the admin machine to a network switch with Ethernet cables.
If you use multiple switches, don't forget to also link the switches together, such that the entire network forms a tree.
If you have Gnome, go to Network settings, click on the gear on the Ethernet connection, go to IPv4 tab, and select "Shared to other computers". **WiFi:**
The contestant OS already has a WiFi pre-configured.
The SSID is `contest`, and the password is configured in the `contestant_wifi_password` variable in `os/config/config.toml`.
Configure the access point with this SSID and password, and the machines will connect automatically.
If you have docker installed, this doesn't work yet, because docker blocks routing. For larger contests (10 or more contestants) it's recommended to use a dedicated device as the Internet router.
SOI has a FRITZ!Box 4040 which can be used for this.
Here, you can easily get the list of IP addresses of contestant machines from the web interface.
It's best to connect the admin machine to the router box over LAN instead of WiFi, such that admin traffic only takes one wireless hop instead of two.
For smaller contests, you can also use the admin machine as a router.
For Ethernet, if you have Gnome, go to Network settings, click on the gear on the Ethernet connection, go to IPv4 tab, and select "Shared to other computers".
For WiFi, you can set up a WiFi hotspot in the WiFi settings.
However, with a hotspot enabled, Gnome does not let you connect to a WiFi network for Internet access at the same time, even though the hardware would in many cases support it.
Instead, you can connect a phone to WiFi and to your laptop with USB and enable USB tethering on the phone.
If you have Docker installed, this doesn't work yet, because docker blocks routing.
You can fix it by running the following commands. You can fix it by running the following commands.
```bash ```bash
@ -81,6 +96,8 @@ sudo apt install golang-cfssl
./create-certs.sh ./create-certs.sh
``` ```
## Before the contest
Edit `local.ssh_config` and create an entry with hostname and IP address for each contestant machine. Edit `local.ssh_config` and create an entry with hostname and IP address for each contestant machine.
You can get the IP address by running `ip addr` in a terminal on the contestant machine. You can get the IP address by running `ip addr` in a terminal on the contestant machine.
@ -118,7 +135,16 @@ Assign users to machines.
./assign-user.sh contestant02 binna1 ./assign-user.sh contestant02 binna1
``` ```
You may want to test on one machine that the certificate was properly installed and the grader is accessible.
This should only be done after the machines are configured and users assigned, but with a contest lock start time before the current time.
You can then set the start time and apply the contest lock config again.
```bash
parallel-scp -x "-F local.ssh_config" -h hostlist ./contest-lock.json /etc/contest-lock.json
```
Start periodic backup of contestant machines. Start periodic backup of contestant machines.
Backups are stored every 2 minutes in the folder `backups`.
```bash ```bash
./backup-create.sh timer ./backup-create.sh timer
@ -138,6 +164,19 @@ replacing `contestant03` in the commands below with the spare machine hostname.
rsync -e "ssh -F local.ssh_config" -av --chown contestant:contestant backups/contestantxx/xxxx/ contestant03:/home/contestant/ rsync -e "ssh -F local.ssh_config" -av --chown contestant:contestant backups/contestantxx/xxxx/ contestant03:/home/contestant/
``` ```
## After the contest
Stop the periodic backup command with Ctrl+C.
Rename the `backups` folder to e.g. `backups-day1`.
You can shut down all machines.
```
parallel-ssh -x "-F local.ssh_config" -h hostlist poweroff
```
Machines should be shut down and booted again from USB stick between contests (e.g. between practice and actual contest) to ensure all data is erased.
## Contest lock screen ## Contest lock screen
The contest lock screen is a gnome extension which can lock the screen and show a countdown until the contest starts. The contest lock screen is a gnome extension which can lock the screen and show a countdown until the contest starts.