#!/usr/bin/env bash # shellcheck disable=SC2034 BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.ipv4]="required" BASHTARD_PLAYBOOK_VARS[$BASHTARD_PLAYBOOK.name]="required" playbook_add() { local data local etc local host local ipv4 local name local tinc local tincd data="$(playbook_path "data")" etc="$(config "fs.etcdir")/tinc/tyilnet" host="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")" ipv4="$(config "$BASHTARD_PLAYBOOK.ipv4")" name="$(config "$BASHTARD_PLAYBOOK.name")" tinc="$(config "app.tinc")" tincd="$(config "app.tincd")" case "${BASHTARD_PLATFORM[key]}" in freebsd) iptool=ifconfig ;; *) iptool=ip esac info "$BASHTARD_PLAYBOOK/add" "Installing tinc" pkg install "tinc" info "$BASHTARD_PLAYBOOK/add" "Creating tinc configuration at $etc" mkdir -pv -- \ "$etc" \ "$etc/hosts" file_template tinc.conf \ "name=$host" \ > "$etc/tinc.conf" file_template "tinc-up-$iptool" \ "ip4=$ipv4" \ > "$etc/tinc-up" file_template "tinc-down-$iptool" \ "ip4=$ipv4" \ > "$etc/tinc-down" file_template "host" \ "ip4=$ipv4" \ > "$etc/hosts/$host" chmod +x \ "$etc/tinc-up" \ "$etc/tinc-down" info "$BASHTARD_PLAYBOOK/add" "Generating private keys" case "$($tincd --version | awk '{ print $3 }' | head -n1)" in 1.0*) $tincd -n "$name" -K4096 ;; 1.1*|*) $tinc -n "$name" generate-rsa-keys 4096 $tinc -n "$name" generate-ed25519-keys ;; esac info "$BASHTARD_PLAYBOOK/add" "Adding new host to Bashtard configs" mkdir -pv -- "$data/hosts" cp -v -- \ "$etc/hosts/$host" \ "$data/hosts/$host" playbook_sync info "$BASHTARD_PLAYBOOK" "Enabling VPN service" case "${BASHTARD_PLATFORM[key]}" in freebsd) if ! grep -Fq 'tincd_cfg="'"$name"'"' "/etc/rc.conf.d/tincd" then printf 'tincd_cfg="%s"\n' "$name" >> "/etc/rc.conf.d/tincd" fi ;; linux-gentoo|linux-alpine_linux) if ! grep -Fq "NETWORK: $name" /etc/conf.d/tinc.networks then printf "NETWORK: %s\n" "$name" >> /etc/conf.d/tinc.networks fi ;; esac case "${BASHTARD_PLATFORM[init]}" in systemd) systemctl enable --now "tinc@$name.service" ;; *) svc enable "tinc" svc start "tinc" ;; esac } playbook_sync() { local data local etc local hash local host local name data="$(playbook_path "data")" etc="$(config "fs.etcdir")/tinc/$(config "$BASHTARD_PLAYBOOK.name")" hash="$(dir_hash "$etc/hosts")" host="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")" name="$(config "$BASHTARD_PLAYBOOK.name")" info "$BASHTARD_PLAYBOOK" "Regenerating tinc hosts" rm -fr -- "$etc/hosts" mkdir -p -- "$etc/hosts" for path in "$data/hosts"/* do file="$(basename "$path")" notice "$BASHTARD_PLAYBOOK" "Updating host $file" cp -v -- "$data/hosts/$file" "$etc/hosts/$file" done [[ "$BASHTARD_COMMAND" == "add" ]] && return [[ "$hash" == "$(dir_hash "$etc/hosts")" ]] && return info "$BASHTARD_PLAYBOOK" "Reloading service" case "${BASHTARD_PLATFORM[init]}" in systemd) systemctl reload "tinc@$name.service" ;; *) svc reload "tinc" ;; esac } playbook_del() { local etc local name etc="$(config "fs.etcdir")" name="$(config "$BASHTARD_PLAYBOOK.name")" case "${BASHTARD_PLATFORM[init]}" in systemd) systemctl disable --now "tinc@$name.service" ;; *) svc stop "tinc" svc disable "tinc" ;; esac pkg uninstall "tinc" rm -frv -- "$etc/tinc/$name" }