diff options
| author | Patrick Spek <p.spek@tyil.nl> | 2022-04-25 13:45:34 +0200 |
|---|---|---|
| committer | Patrick Spek <p.spek@tyil.nl> | 2022-04-25 13:45:34 +0200 |
| commit | 908718a622fe229d17da7303b117eee0fe7f8d9d (patch) | |
| tree | 2fa0a4a6e6f953327a463165e6cfed7caea86cd1 /playbooks.d/vpn-tinc/playbook.bash | |
| parent | d5f5413825e75268abaa10d208beac48dd75d159 (diff) | |
Rename playbooks
Diffstat (limited to 'playbooks.d/vpn-tinc/playbook.bash')
| -rw-r--r-- | playbooks.d/vpn-tinc/playbook.bash | 123 |
1 files changed, 123 insertions, 0 deletions
diff --git a/playbooks.d/vpn-tinc/playbook.bash b/playbooks.d/vpn-tinc/playbook.bash new file mode 100644 index 0000000..f9c8dd5 --- /dev/null +++ b/playbooks.d/vpn-tinc/playbook.bash @@ -0,0 +1,123 @@ +#!/usr/bin/env bash + +playbook_add() +{ + local tinc="$(config "app.tinc")" + local tincd="$(config "app.tincd")" + local dir="$(config "fs.etcdir")/tinc/tyilnet" + local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")" + local ipv4="$(config "vpn.ipv4")" + + if [[ -z "$ipv4" ]] + then + emerg "$BASHTARD_PLAYBOOK" "No IPv4 address set for ${BASHTARD_PLATFORM[fqdn]}" + return 2 + fi + + case "${BASHTARD_PLATFORM[key]}" in + freebsd) iptool=ifconfig ;; + *) iptool=ip + esac + + info "$BASHTARD_PLAYBOOK" "Installing tinc" + pkg install "tinc" + + info "$BASHTARD_PLAYBOOK" "Creating tinc configuration at $dir" + mkdir -pv -- \ + "$dir" \ + "$dir/hosts" + + file_template tinc.conf \ + "name=$name" \ + > "$dir/tinc.conf" + + file_template "tinc-up-$iptool" \ + "ip4=$(config "vpn.ipv4")" \ + > "$dir/tinc-up" + + file_template "tinc-down-$iptool" \ + "ip4=$(config "vpn.ipv4")" \ + > "$dir/tinc-down" + + file_template "host" \ + "ip4=$(config "vpn.ipv4")" \ + > "$dir/hosts/$name" + + chmod +x \ + "$dir/tinc-up" \ + "$dir/tinc-down" + + info "$BASHTARD_PLAYBOOK" "Generating private keys" + + case "$($tincd --version | awk '{ print $3 }' | head -n1)" in + 1.0*) + $tincd -n tyilnet -K4096 + ;; + 1.1*|*) + $tinc -n tyilnet generate-rsa-keys 4096 + $tinc -n tyilnet generate-ed25519-keys + ;; + esac + + info "$BASHTARD_PLAYBOOK" "Adding new host to Bashtard configs" + + cp -v -- \ + "$dir/hosts/$name" \ + "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts/$name" + + playbook_sync + + info "$BASHTARD_PLAYBOOK" "Enabling VPN service" + + case "${BASHTARD_PLATFORM[key]}" in + freebsd) + if ! grep -Fq 'tincd_cfg="tyilnet"' "/etc/rc.conf.d/tincd" + then + printf 'tincd_cfg="%s"\n' "tyilnet" >> "/etc/rc.conf.d/tincd" + fi + ;; + linux-gentoo) + if ! grep -Fq "NETWORK: tyilnet" /etc/conf.d/tinc.networks + then + printf "NETWORK: %s\n" "tyilnet" >> /etc/conf.d/tinc.networks + fi + ;; + esac + + svc enable "tinc" + svc start "tinc" +} + +playbook_sync() +{ + local dir="$(config "fs.etcdir")/tinc/tyilnet" + local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")" + local host + + info "$BASHTARD_PLAYBOOK" "Regenerating tinc hosts" + rm -fr -- "$dir/hosts" + mkdir -p -- "$dir/hosts" + + for path in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts"/* + do + host="$(basename "$path")" + + notice "$BASHTARD_PLAYBOOK" "Updating host $host" + file_template "hosts/$host" \ + > "$dir/hosts/$host" + done + + [[ "$BASHTARD_COMMAND" == "add" ]] && return + + svc reload "tinc" +} + +playbook_del() +{ + svc stop "tinc" + svc disable "tinc" + + pkg uninstall "tinc" + + rm -frv -- "$(config "fs.etcdir")/tinc/tyilnet" +} |