mbess/monakhos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity

initial commit

Browse source
This commit is contained in:
Matthieu Bessat 2024-05-22 17:35:11 +02:00
commit e61fe7e3f7
16 changed files with 740 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
sandbox_vms

3
ansible/README.md Normal file
View file

@ -0,0 +1,3 @@
https://runebook.dev/fr/docs/ansible/collections/community/general/pacman_module
https://docs.ansible.com/ansible/2.8/modules/pacman_module.html
https://docs.ansible.com/ansible/latest/collections/community/general/pacman_module.html

16
ansible/ansible.cfg Normal file
View file

@ -0,0 +1,16 @@
[defaults]
remote_user = root
#nocows = True
gathering = smart
fact_caching = jsonfile
interpreter_python = /usr/bin/python3
strategy = free
forks = 2
# two hours timeout
fact_caching_timeout = 7200
fact_caching_uri = ./.fact_cache.json
[ssh_connection]
# when developing on local machine
pipelining = True

1
ansible/arch_packages.json Normal file
View file

@ -0,0 +1 @@
["util-linux", "less", "git", "moreutils", "tmux", "openssh", "base-devel", "moreutils", "fzf", "lf", "ripgrep", "fd", "bat", "pv", "at", "jo", "jq", "fx", "yq", "xsv", "unzip", "unoconv", "pandoc", "libqalculate", "wget", "nmap", "wireguard-tools", "tcpdump", "socat", "rsync", "rclone", "lsof", "w3m", "acpi", "smartmontools", "lshw", "ffmpeg", "imagemagick", "mpv", "yt-dlp", "tesseract", "tesseract-data-fra", "tesseract-data-eng", "gopass", "vim", "helix", "gcc", "make", "jwt-cli", "fish", "dash", "pavucontrol", "wev", "wtype", "wl-clipboard", "wofi", "sway", "swaylock", "swayidle", "cliphist", "firefox-developer-edition", "torbrowser-launcher", "alacritty", "thunderbird", "zathura", "krita", "inkscape", "libreoffice-still", "ttf-font-awesome", "ttf-fira-code"]

133
ansible/arch_packages.yaml Normal file
View file

@ -0,0 +1,133 @@
categories:
base:
- util-linux
- less
- git
- moreutils
- tmux
- openssh
- base-devel
utils:
_:
- moreutils
- fzf
- lf
- ripgrep
- fd
- bat
- name: pv
desc: pipe viewer
- name: at
desc: scheduler
text_processing:
json:
- jo
- jq
- fx
yaml:
- yq
csv:
- xsv # rust CSV toolkit
archives:
- unzip
bureautique:
- unoconv # can be used to export ODT to pdf
- pandoc # general purpose document converter
math:
- libqalculate # qalc
network:
- wget
- nmap
- wireguard-tools
- tcpdump
- socat # TCP proxy or relay
- rsync
- rclone
fs:
- lsof
tui:
browser:
- w3m
hardware:
- acpi
- smartmontools # monitor drive (SSD) health
- lshw
multimedia:
- ffmpeg
- imagemagick
- mpv
- yt-dlp
- tesseract
- tesseract-data-fra
- tesseract-data-eng
security:
- gopass
dev:
editor:
- vim
- helix
c:
- gcc
- make
http_utils:
- jwt-cli
shell:
- fish
- aur/fish-fzf
- name: dash
desc: Simple POSIX compliant shell
- name: aur/shellcheck-bin
desc: Static analyzer for shell script
sound:
control:
- pavucontrol
desktop:
wayland:
- wev
- wtype
- wl-clipboard
- name: wofi
desc: remplacement for rofi
- sway
- swaylock
- swayidle
desktop_utils:
- cliphist
GUI:
browser:
- firefox-developer-edition
- torbrowser-launcher
terminal_emulator:
- alacritty
mail:
- thunderbird
viewer:
- zathura
images:
art:
- krita
svg:
- inkscape
bureautique:
- libreoffice-still
geo:
- aur/mepo
_:
- name: aur/screen-message
description: Utility to write in big on the screen
fonts:
- ttf-font-awesome
- ttf-fira-code

5
ansible/inventory.yaml Normal file
View file

@ -0,0 +1,5 @@
---
workstation:
hosts:
127.0.0.1: {}
# 192.168.11.229: {}

35
ansible/parse_arch_packages.py Normal file
View file

@ -0,0 +1,35 @@
import json
import yaml
packages_tree = None
with open("arch_packages.yaml", 'r') as config_f:
packages_tree = yaml.safe_load(config_f)
assert packages_tree is not None, "Must have load valid package tree"
def flatten_packages(item):
packages = []
if isinstance(item, str):
return {'name': item}
if isinstance(item, dict) and 'name' in item:
return item
if isinstance(item, list):
return [flatten_packages(p) for p in item]
if isinstance(item, dict):
packages = []
for k, v in item.items():
packages += flatten_packages(v)
return packages
return []
flat_packages = flatten_packages(packages_tree)
names = []
for p in flat_packages:
assert isinstance(p, dict)
if p['name'].startswith('aur/'):
continue
names.append(p['name'])
print(json.dumps(names))
# print(' '.join(names))

8
ansible/roles/popequer_notebook/tasks/main.yaml Normal file
View file

@ -0,0 +1,8 @@
- name: Create dir
file:
path: /home/mbess/notebooks
state: directory
- name: Clone personal notebook
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/main-popequer-notebook.git"
dest: /home/mbess/notebooks/personal

18
ansible/run_ansible_playbook.sh Executable file
View file

@ -0,0 +1,18 @@
#!/usr/bin/sh
workdir="$(pwd)"
base="$(realpath $(dirname "$0"))"
export ANSIBLE_CACHE_PLUGIN=jsonfile
export ANSIBLE_CONFIG=$base/ansible.cfg
cd $base
python3 parse_arch_packages.py > arch_packages.json
cd $workdir
ansible-playbook $base/workstation.yaml \
--ask-become-pass \
-u "mbess" \
-i "$base/inventory.yaml" \
--ssh-extra-args "-o ControlMaster=auto -o ControlPersist=60s -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 2222 -i ./sshkey" \
--extra-vars "@$base/vars.yaml"

0
ansible/vars.example.yaml Normal file
View file

4
ansible/vars.yaml Normal file
View file

@ -0,0 +1,4 @@
user: mbess
foo: barladladsl
device_name: grayblower

65
ansible/workstation.yaml Normal file
View file

@ -0,0 +1,65 @@
- hosts: workstation
gather_facts: False
vars:
config_files:
- dir: tmux
name: tmux.conf
- dir: alacritty
name: alacritty.toml
- dir: wofi
name: style.css
tasks:
- name: Init arch
block:
- file:
path: /home/mbess/.workstation_setup_state
state: touch
- copy: content="2024-05-20T11:28:07.552Z c385e8f1-9f34-47d3-9155-0cc1f04c4550" dest=/home/mbess/.workstation_setup_state
- name: Install some packages
become: true
community.general.pacman:
name:
- jq
- fx
- jo
- yq
- name: Install packages from YAML files (excluding AUR)
become: true
community.general.pacman:
name: "{{ lookup('file', 'arch_packages.json') | from_json }}" # the python script will return a list of packages
# - name: Install yay, an AUR helper
- name: Clone books sources
ansible.builtin.git:
repo: "git@forge.lefuturiste.fr:mbess/books-sources.git"
dest: /home/mbess/workspace/books_sources
- name: Setup config directories
file:
path: "/home/mbess/.config/{{ item.dir }}"
state: directory
recurse: true
loop: "{{ config_files }}"
- name: Setup symbolic links to config files
file:
src: "/home/mbess/.dots/config/{{ item.dir }}/{{ item.name }}"
dest: "/home/mbess/.config/{{ item.dir }}/{{ item.name }}"
state: link
loop: "{{ config_files }}"
- name: Setup main popequer notebook
include_role:
name: popequer_notebook
- name: Setup quick notes folder
file:
path: "/home/mbess/.hidden/quick_notes/"
state: directory
recurse: true
- name: Setup temporary secrets folder (cookies jar)
file:
path: "/home/mbess/.cache/secrets/"
state: directory
recurse: true

146
vm_tools/README.md Normal file
View file

@ -0,0 +1,146 @@
# MonakhOS: My general workstation environment
Code name given on 2024-05-16 : "MonakhOS"
Architecture:
- Sway
- A single `venv` in dots containing all utilities and libs
## Ansible
https://github.com/id101010/ansible-archlinux
## Steps to install
- find a new name for the device eg. blackjack
- connect to wifi
- enable ssh server to access it from the exterior
- generate ssh key
- add sshkey to forge.lefuturiste.fr
### Generate a unprotected default ssh key
```
ssh-keygen -t ed25519 -C "mbess@blackjack"
```
no passphrase
> ECDSA-SK, Ed25519 and Ed25519-SK keys have a fixed length and the -b flag will be ignored.
### Configure ~/.ssh/config
```
# set as default
IdentityFile ~/.ssh/unprotected_ed25519
Host *
ServerAliveInterval 40
Host forge.lefuturiste.fr
user git
IdentitiesOnly yes
IdentityFile ~/.ssh/unprotected_ed25519
Host aur.archlinux.org
IdentityFile ~/.ssh/id_aur
User aur
```
### Clone dots
```
cd ~
git clone git@forge.lefuturiste.fr:mbess/dots .dots
```
```
cd ~/.dots
python3 -m venv venv
pip install -r requirements.txt
# create symbolic link to access dots
ln -s ~/.dots ~/dots
```
### install yay
```
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si
```
### configure Zsh
https://wiki.archlinux.org/title/Zsh
### configure xremap
sudo systemctl daemon-reload
sudo systemctl enable --now xremap
### Import and configure GPG keys
### Configure unix password manager
using `extra/gopass`
### Setup symbolic links to configs files
run the script `setup_dot.sh`
## Shell
### Fish
#### install fisher
https://github.com/jorgebucaran/fisher
use `fisher package`
#### fzf fish
https://github.com/PatrickF1/fzf.fish
require fd and bat
#### lfcd
https://github.com/gokcehan/lf/blob/master/etc/lfcd.fish
### Zsh
https://yewtu.be/watch?v=ud7YxC33Z3w
https://github.com/jeffreytse/zsh-vi-mode
How to handle different profiles
## Pacman packages
defined in dots file
arch_packages.yaml
## Sway
### swayidle
https://stackoverflow.com/questions/68694093/how-to-prevent-swayidle-from-execution-while-watching-a-film
## How to sandbox monakos on a virtual machine
### Connect with remmina
remmina -c spice://127.0.0.1:4354
### Connect to SSH
ssh -p 2222 localhost -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no

271
vm_tools/archinstall-configs/user_configuration.json Normal file
View file

@ -0,0 +1,271 @@
{
"additional-repositories": [
"multilib"
],
"archinstall-language": "English",
"audio_config": {
"audio": "pipewire"
},
"bootloader": "Grub",
"config_version": "2.8.0",
"debug": false,
"disk_config": {
"config_type": "default_layout",
"device_modifications": [
{
"device": "/dev/sda",
"partitions": [
{
"btrfs": [],
"dev_path": null,
"flags": [
"Boot"
],
"fs_type": "fat32",
"mount_options": [],
"mountpoint": "/boot",
"obj_id": "b2d597c1-f6ad-4314-8b08-2c27bbf43fc1",
"size": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "MiB",
"value": 203
},
"start": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "MiB",
"value": 3
},
"status": "create",
"type": "primary"
},
{
"btrfs": [],
"dev_path": null,
"flags": [],
"fs_type": "ext4",
"mount_options": [],
"mountpoint": "/",
"obj_id": "04f15d18-170d-403b-92cf-62a6c67f2199",
"size": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "B",
"value": 10521411584
},
"start": {
"sector_size": {
"unit": "B",
"value": 512
},
"unit": "B",
"value": 216006656
},
"status": "create",
"type": "primary"
}
],
"wipe": true
}
]
},
"disk_encryption": null,
"hostname": "archlinux",
"kernels": [
"linux"
],
"locale_config": {
"kb_layout": "us",
"sys_enc": "UTF-8",
"sys_lang": "en_US"
},
"mirror_config": {
"custom_mirrors": [],
"mirror_regions": {
"Belgium": [
"http://mirror.tiguinet.net/arch/$repo/os/$arch",
"http://archlinux.mirror.kangaroot.net/$repo/os/$arch",
"http://archlinux.cu.be/$repo/os/$arch"
],
"France": [
"https://mirrors.jtremesay.org/archlinux/$repo/os/$arch",
"https://mirrors.gandi.net/archlinux/$repo/os/$arch",
"https://mirrors.eric.ovh/arch/$repo/os/$arch",
"https://mirrors.celianvdb.fr/archlinux/$repo/os/$arch",
"https://mirror.wormhole.eu/archlinux/$repo/os/$arch",
"https://mirror.theo546.fr/archlinux/$repo/os/$arch",
"https://mirror.thekinrar.fr/archlinux/$repo/os/$arch",
"https://mirror.oldsql.cc/archlinux/$repo/os/$arch",
"https://mirror.its-tps.fr/archlinux/$repo/os/$arch",
"https://mirror.ibakerserver.pt/Arch/$repo/os/$arch",
"https://mirror.cyberbits.eu/archlinux/$repo/os/$arch",
"https://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch",
"https://archlinux.mailtunnel.eu/$repo/os/$arch",
"https://arch.yourlabs.org/$repo/os/$arch",
"http://mirrors.standaloneinstaller.com/archlinux/$repo/os/$arch",
"http://mirrors.gandi.net/archlinux/$repo/os/$arch",
"http://mirrors.celianvdb.fr/archlinux/$repo/os/$arch",
"http://mirror.theo546.fr/archlinux/$repo/os/$arch",
"http://mirror.oldsql.cc/archlinux/$repo/os/$arch",
"http://mirror.lastmikoi.net/archlinux/$repo/os/$arch",
"http://mirror.its-tps.fr/archlinux/$repo/os/$arch",
"http://mirror.cyberbits.eu/archlinux/$repo/os/$arch",
"http://mirror.archlinux.ikoula.com/archlinux/$repo/os/$arch",
"http://mir.archlinux.fr/$repo/os/$arch",
"http://ftp.u-strasbg.fr/linux/distributions/archlinux/$repo/os/$arch",
"http://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch",
"http://archlinux.mailtunnel.eu/$repo/os/$arch",
"http://archlinux.datagr.am/$repo/os/$arch",
"http://arch.yourlabs.org/$repo/os/$arch"
],
"Germany": [
"https://pkg.fef.moe/archlinux/$repo/os/$arch",
"https://packages.oth-regensburg.de/archlinux/$repo/os/$arch",
"https://os.codefionn.eu/archlinux/$repo/os/$arch",
"https://mirrors.xtom.de/archlinux/$repo/os/$arch",
"https://mirrors.niyawe.de/archlinux/$repo/os/$arch",
"https://mirrors.n-ix.net/archlinux/$repo/os/$arch",
"https://mirrors.janbruckner.de/archlinux/$repo/os/$arch",
"https://mirror.wtnet.de/archlinux/$repo/os/$arch",
"https://mirror.ubrco.de/archlinux/$repo/os/$arch",
"https://mirror.sunred.org/archlinux/$repo/os/$arch",
"https://mirror.selfnet.de/archlinux/$repo/os/$arch",
"https://mirror.pseudoform.org/$repo/os/$arch",
"https://mirror.pagenotfound.de/archlinux/$repo/os/$arch",
"https://mirror.netcologne.de/archlinux/$repo/os/$arch",
"https://mirror.moson.org/arch/$repo/os/$arch",
"https://mirror.metalgamer.eu/archlinux/$repo/os/$arch",
"https://mirror.kumi.systems/archlinux/$repo/os/$arch",
"https://mirror.iusearchbtw.nl/$repo/os/$arch",
"https://mirror.informatik.tu-freiberg.de/arch/$repo/os/$arch",
"https://mirror.hugo-betrugo.de/archlinux/$repo/os/$arch",
"https://mirror.fra10.de.leaseweb.net/archlinux/$repo/os/$arch",
"https://mirror.f4st.host/archlinux/$repo/os/$arch",
"https://mirror.dogado.de/archlinux/$repo/os/$arch",
"https://mirror.cmt.de/archlinux/$repo/os/$arch",
"https://mirror.clientvps.com/archlinux/$repo/os/$arch",
"https://mirror.bethselamin.de/$repo/os/$arch",
"https://mirror.23m.com/archlinux/$repo/os/$arch",
"https://ftp.wrz.de/pub/archlinux/$repo/os/$arch",
"https://ftp.spline.inf.fu-berlin.de/mirrors/archlinux/$repo/os/$arch",
"https://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch",
"https://ftp.fau.de/archlinux/$repo/os/$arch",
"https://ftp.agdsn.de/pub/mirrors/archlinux/$repo/os/$arch",
"https://dist-mirror.fem.tu-ilmenau.de/archlinux/$repo/os/$arch",
"https://de.mirrors.cicku.me/archlinux/$repo/os/$arch",
"https://de.arch.mirror.kescher.at/$repo/os/$arch",
"https://archlinux.thaller.ws/$repo/os/$arch",
"https://archlinux.richard-neumann.de/$repo/os/$arch",
"https://archlinux.homeinfo.de/$repo/os/$arch",
"https://arch.unixpeople.org/$repo/os/$arch",
"https://arch.phinau.de/$repo/os/$arch",
"https://arch.kurdy.org/$repo/os/$arch",
"https://arch.jensgutermuth.de/$repo/os/$arch",
"http://packages.oth-regensburg.de/archlinux/$repo/os/$arch",
"http://os.codefionn.eu/archlinux/$repo/os/$arch",
"http://mirrors.xtom.de/archlinux/$repo/os/$arch",
"http://mirrors.niyawe.de/archlinux/$repo/os/$arch",
"http://mirrors.n-ix.net/archlinux/$repo/os/$arch",
"http://mirrors.janbruckner.de/archlinux/$repo/os/$arch",
"http://mirror.wtnet.de/archlinux/$repo/os/$arch",
"http://mirror.ubrco.de/archlinux/$repo/os/$arch",
"http://mirror.sunred.org/archlinux/$repo/os/$arch",
"http://mirror.selfnet.de/archlinux/$repo/os/$arch",
"http://mirror.pagenotfound.de/archlinux/$repo/os/$arch",
"http://mirror.netcologne.de/archlinux/$repo/os/$arch",
"http://mirror.moson.org/arch/$repo/os/$arch",
"http://mirror.metalgamer.eu/archlinux/$repo/os/$arch",
"http://mirror.kumi.systems/archlinux/$repo/os/$arch",
"http://mirror.informatik.tu-freiberg.de/arch/$repo/os/$arch",
"http://mirror.hugo-betrugo.de/archlinux/$repo/os/$arch",
"http://mirror.fra10.de.leaseweb.net/archlinux/$repo/os/$arch",
"http://mirror.f4st.host/archlinux/$repo/os/$arch",
"http://mirror.cmt.de/archlinux/$repo/os/$arch",
"http://mirror.clientvps.com/archlinux/$repo/os/$arch",
"http://mirror.23m.com/archlinux/$repo/os/$arch",
"http://linux.rz.rub.de/archlinux/$repo/os/$arch",
"http://ftp.wrz.de/pub/archlinux/$repo/os/$arch",
"http://ftp.uni-kl.de/pub/linux/archlinux/$repo/os/$arch",
"http://ftp.uni-hannover.de/archlinux/$repo/os/$arch",
"http://ftp.uni-bayreuth.de/linux/archlinux/$repo/os/$arch",
"http://ftp.tu-chemnitz.de/pub/linux/archlinux/$repo/os/$arch",
"http://ftp.spline.inf.fu-berlin.de/mirrors/archlinux/$repo/os/$arch",
"http://ftp.hosteurope.de/mirror/ftp.archlinux.org/$repo/os/$arch",
"http://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch",
"http://ftp.gwdg.de/pub/linux/archlinux/$repo/os/$arch",
"http://ftp.fau.de/archlinux/$repo/os/$arch",
"http://ftp.agdsn.de/pub/mirrors/archlinux/$repo/os/$arch",
"http://ftp-stud.hs-esslingen.de/pub/Mirrors/archlinux/$repo/os/$arch",
"http://de.mirrors.cicku.me/archlinux/$repo/os/$arch",
"http://artfiles.org/archlinux.org/$repo/os/$arch",
"http://archlinux.thaller.ws/$repo/os/$arch",
"http://archlinux.mirror.iphh.net/$repo/os/$arch",
"http://arch.phinau.de/$repo/os/$arch",
"http://arch.jensgutermuth.de/$repo/os/$arch"
],
"United Kingdom": [
"https://www.mirrorservice.org/sites/ftp.archlinux.org/$repo/os/$arch",
"https://repo.slithery.uk/$repo/os/$arch",
"https://mirrors.ukfast.co.uk/sites/archlinux.org/$repo/os/$arch",
"https://mirrors.melbourne.co.uk/archlinux/$repo/os/$arch",
"https://mirror.vinehost.net/archlinux/$repo/os/$arch",
"https://mirror.st2projects.com/archlinux/$repo/os/$arch",
"https://mirror.netweaver.uk/archlinux/$repo/os/$arch",
"https://mirror.bytemark.co.uk/archlinux/$repo/os/$arch",
"https://london.mirror.pkgbuild.com/$repo/os/$arch",
"https://lon.mirror.rackspace.com/archlinux/$repo/os/$arch",
"https://archlinux.uk.mirror.allworldit.com/archlinux/$repo/os/$arch",
"http://www.mirrorservice.org/sites/ftp.archlinux.org/$repo/os/$arch",
"http://mirrors.ukfast.co.uk/sites/archlinux.org/$repo/os/$arch",
"http://mirrors.melbourne.co.uk/archlinux/$repo/os/$arch",
"http://mirror.vinehost.net/archlinux/$repo/os/$arch",
"http://mirror.netweaver.uk/archlinux/$repo/os/$arch",
"http://mirror.bytemark.co.uk/archlinux/$repo/os/$arch",
"http://lon.mirror.rackspace.com/archlinux/$repo/os/$arch",
"http://archlinux.uk.mirror.allworldit.com/archlinux/$repo/os/$arch"
]
}
},
"network_config": {
"type": "nm"
},
"no_pkg_lookups": false,
"ntp": true,
"offline": false,
"packages": [
"less",
"python",
"openssh"
],
"parallel downloads": 0,
"profile_config": {
"gfx_driver": "All open-source",
"greeter": "ly",
"profile": {
"custom_settings": {
"Sway": {
"seat_access": "polkit"
}
},
"details": [
"Sway"
],
"main": "Desktop"
}
},
"script": "guided",
"silent": false,
"skip_ntp": false,
"skip_version_check": false,
"swap": true,
"timezone": "UTC",
"uki": false,
"version": "2.8.0"
}

10
vm_tools/archinstall-configs/user_credentials.json Normal file
View file

@ -0,0 +1,10 @@
{
"!root-password": "XX",
"!users": [
{
"!password": "XX",
"sudo": true,
"username": "mbess"
}
]
}

24
vm_tools/run_vm.sh Executable file
View file

@ -0,0 +1,24 @@
#!/usr/bin/sh
# -cdrom /mnt/extramedia3/mbess/os_images/arch/2024-05-01/archlinux-2024.05.01-x86_64.iso \
#
#-hdb secondary.qcow \
#
# -spice unix=on,addr=/tmp/vm_monakhos.spice.socket,disable-ticketing=on \
echo "Launching vm"
qemu-system-x86_64 \
-hda main.qcow \
-boot order=d \
-m 2G \
-accel kvm \
-monitor telnet:127.0.0.1:2069,server,nowait \
-cpu host \
-chardev qemu-vdagent,id=ch1,name=vdagent,clipboard=on \
-device virtio-serial \
-device virtserialport,chardev=ch1,name=com.redhat.spice.0 \
-spice addr=127.0.0.1,port=4354,disable-ticketing=on \
-net user,hostfwd=tcp::2222-:22 \
-net nic \