Rename playbooks

14 files changed, 215 insertions, 0 deletions

diff --git a/playbooks.d/vpn-tinc/description.txt b/playbooks.d/vpn-tinc/description.txt
new file mode 100644
index 0000000..0bad766
--- /dev/null
+++ b/playbooks.d/vpn-tinc/description.txt
@@ -0,0 +1 @@
+VPN through tinc
diff --git a/playbooks.d/vpn-tinc/etc/defaults b/playbooks.d/vpn-tinc/etc/defaults
new file mode 100644
index 0000000..3186527
--- /dev/null
+++ b/playbooks.d/vpn-tinc/etc/defaults
@@ -0,0 +1,6 @@
+app.tinc=tinc
+app.tincd=tincd
+
+pkg.tinc=tinc
+
+svc.tinc=tincd
diff --git a/playbooks.d/vpn-tinc/etc/os.d/linux-debian_gnu_linux b/playbooks.d/vpn-tinc/etc/os.d/linux-debian_gnu_linux
new file mode 100644
index 0000000..9a5da58
--- /dev/null
+++ b/playbooks.d/vpn-tinc/etc/os.d/linux-debian_gnu_linux
@@ -0,0 +1 @@
+svc.tinc=tinc@tyilnet
diff --git a/playbooks.d/vpn-tinc/playbook.bash b/playbooks.d/vpn-tinc/playbook.bash
new file mode 100644
index 0000000..f9c8dd5
--- /dev/null
+++ b/playbooks.d/vpn-tinc/playbook.bash
@@ -0,0 +1,123 @@
+#!/usr/bin/env bash
+
+playbook_add()
+{
+	local tinc="$(config "app.tinc")"
+	local tincd="$(config "app.tincd")"
+	local dir="$(config "fs.etcdir")/tinc/tyilnet"
+	local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")"
+	local ipv4="$(config "vpn.ipv4")"
+
+	if [[ -z "$ipv4" ]]
+	then
+		emerg "$BASHTARD_PLAYBOOK" "No IPv4 address set for ${BASHTARD_PLATFORM[fqdn]}"
+		return 2
+	fi
+
+	case "${BASHTARD_PLATFORM[key]}" in
+		freebsd) iptool=ifconfig ;;
+		*)       iptool=ip
+	esac
+
+	info "$BASHTARD_PLAYBOOK" "Installing tinc"
+	pkg install "tinc"
+
+	info "$BASHTARD_PLAYBOOK" "Creating tinc configuration at $dir"
+	mkdir -pv -- \
+		"$dir" \
+		"$dir/hosts"
+
+	file_template tinc.conf \
+		"name=$name" \
+		> "$dir/tinc.conf"
+
+	file_template "tinc-up-$iptool" \
+		"ip4=$(config "vpn.ipv4")" \
+		> "$dir/tinc-up"
+
+	file_template "tinc-down-$iptool" \
+		"ip4=$(config "vpn.ipv4")" \
+		> "$dir/tinc-down"
+
+	file_template "host" \
+		"ip4=$(config "vpn.ipv4")" \
+		> "$dir/hosts/$name"
+
+	chmod +x \
+		"$dir/tinc-up" \
+		"$dir/tinc-down"
+
+	info "$BASHTARD_PLAYBOOK" "Generating private keys"
+
+	case "$($tincd --version | awk '{ print $3 }' | head -n1)" in
+		1.0*)
+			$tincd -n tyilnet -K4096
+			;;
+		1.1*|*)
+			$tinc -n tyilnet generate-rsa-keys 4096
+			$tinc -n tyilnet generate-ed25519-keys
+			;;
+	esac
+
+	info "$BASHTARD_PLAYBOOK" "Adding new host to Bashtard configs"
+
+	cp -v -- \
+		"$dir/hosts/$name" \
+		"$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts/$name"
+
+	playbook_sync
+
+	info "$BASHTARD_PLAYBOOK" "Enabling VPN service"
+
+	case "${BASHTARD_PLATFORM[key]}" in
+		freebsd)
+			if ! grep -Fq 'tincd_cfg="tyilnet"' "/etc/rc.conf.d/tincd"
+			then
+				printf 'tincd_cfg="%s"\n' "tyilnet" >> "/etc/rc.conf.d/tincd"
+			fi
+			;;
+		linux-gentoo)
+			if ! grep -Fq "NETWORK: tyilnet" /etc/conf.d/tinc.networks
+			then
+				printf "NETWORK: %s\n" "tyilnet" >> /etc/conf.d/tinc.networks
+			fi
+			;;
+	esac
+
+	svc enable "tinc"
+	svc start "tinc"
+}
+
+playbook_sync()
+{
+	local dir="$(config "fs.etcdir")/tinc/tyilnet"
+	local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")"
+	local host
+
+	info "$BASHTARD_PLAYBOOK" "Regenerating tinc hosts"
+	rm -fr -- "$dir/hosts"
+	mkdir -p -- "$dir/hosts"
+
+	for path in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts"/*
+	do
+		host="$(basename "$path")"
+
+		notice "$BASHTARD_PLAYBOOK" "Updating host $host"
+		file_template "hosts/$host" \
+			> "$dir/hosts/$host"
+	done
+
+	[[ "$BASHTARD_COMMAND" == "add" ]] && return
+
+	svc reload "tinc"
+}
+
+playbook_del()
+{
+	svc stop "tinc"
+	svc disable "tinc"
+
+	pkg uninstall "tinc"
+
+	rm -frv -- "$(config "fs.etcdir")/tinc/tyilnet"
+}
diff --git a/playbooks.d/vpn-tinc/share/host b/playbooks.d/vpn-tinc/share/host
new file mode 100644
index 0000000..c24d4ad
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/host
@@ -0,0 +1,2 @@
+Subnet = ${ip4}/32
+
diff --git a/playbooks.d/vpn-tinc/share/hosts/anoia_tyil_net b/playbooks.d/vpn-tinc/share/hosts/anoia_tyil_net
new file mode 100644
index 0000000..4856c95
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/hosts/anoia_tyil_net
@@ -0,0 +1,16 @@
+Subnet = 10.57.100.3/32
+
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAvcW/20fxgdGdNelD/eMwEpLChI03rvDbPHAp9en3cwlYaND40udO
+VxjRXj0rE9IA4N0f+o8oJdmG+mzl5Dd3rKXVnBnRymKzpNJ2w+cILPm1sQa6IO85
+F+7Q5v7lb5yFuy3JVi+tg4nqL+xHSZL6w/oPX667bR90oBJEd7C+U7p7r8DXvyHq
+cg9U1maDmZ0IzZtl6BxsjyfUr0o6xBtw+pCSIvOXW5xd4mfBPgvp+3nIcux6nek3
+VR6SJ85aXlYZxER23N13Vi3dGUJSIaBPN5MuS3IHBbAP/Feeyo8p4SCzl0AMfo/K
++ZGcheL/NX7EVGg4XcZNgFaTBpusScOfxiRlzAeImomiQwKIywXp1otCn6dKIDj0
+jj146Dodf2nHRbTQj7H/2zyiRDjY/tpis/xTVA5AJu+p5aaXBA/eSb4H1OKL5qYs
+38/bUiUJTSbpWvC9WiHq/xi5GSs+3ehDara89yXXhunWLsqvSZOZacqeZQw8k+ip
+pNcnXbbtS0zqNQie3OEKY9qqOGKzjUiYu8yWJ4eo370XzlQ9sUgGfKmwCcc2c2jX
+Rrhjck+4DGeRA10oJpoxKArPaWrGWezIHJ49Jrc+xiTJ5EMVqOpuGvL5lrKn7g6y
+qYk1u6x0We1nCkMNN2LxrmL6j3p6PKRbWg7bczqPO4uEyT/575Ih2ssCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+Ed25519PublicKey = 7jy41lK2S4BzhUVSAmULDSiZ9NQM4eQ0Geg2+F9pTpG
diff --git a/playbooks.d/vpn-tinc/share/hosts/caeghi_tyil_net b/playbooks.d/vpn-tinc/share/hosts/caeghi_tyil_net
new file mode 100644
index 0000000..c5d5b05
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/hosts/caeghi_tyil_net
@@ -0,0 +1,16 @@
+Address = 116.202.102.33
+Subnet = 10.57.20.2/32
+
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA2abFKFB1Dr1YMcAIWcy/2+jJn+suPyiQjz6vgt476P9a/I7SUCta
+P5QUPxvS9pZxFVTFKzpmdKxG1pbCAkhArtNg2R1VFEiYCxS+iey+F11pMPEZFVpC
+EIXeVDQeBm9UXjrOpcTRIwEO7Q2J2lzRrhGm6Rpb6XbdmtQ3S8XgVsXYwWoV7muf
+TE/d5fgtz8Hghti8w86FP9q61iH6AHCREwbHEUyat5hwznmbiNJHyjx+otI63sQo
+FS37EazhqCEvt9jyvVSmB7kVTOLnIVATWDaUlPCLLvps09eRsz6aAa7RHCGd3x/W
+mRHxDCbeKL4ilpo/FPZhANdQImLmFovOtwZ6xawRWKPcRXhkaL24qQC0MLH9wmnY
+oM6EMioWUa0F11iFM99DTK+NF2Pk8vHNzm0Ep5g0SHzqnAIDDzeNTC9ogwsETqL5
+t7VY1GXuKWgta9L2q03X7FMEgjIc3lPgVLc0Ccx11MTgVzcIaLxFQ58oo+xFuc9I
+rBqjZgJwg5MTdZiyZesLJuV+YP+yRat3LifAwIZhloSBVPU6YKx/y30BHjDM8FP1
+OM2IzJLrafZDy034XyD4s62YsKrHMcQ3CeoQ80QjvSyWvSlvn2vEqrbWIZADi0d/
+8vgl44gF9g9yN++G6S7BsTJ5PNgv0jrRFu/RpEN1hVOuo+nBqFsvxW8CAwEAAQ==
+-----END RSA PUBLIC KEY-----
diff --git a/playbooks.d/vpn-tinc/share/hosts/edephas_tyil_net b/playbooks.d/vpn-tinc/share/hosts/edephas_tyil_net
new file mode 100644
index 0000000..6e095bb
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/hosts/edephas_tyil_net
@@ -0,0 +1,16 @@
+Subnet = 10.57.100.7/32
+
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEApxmzAXv4Mch5FP5AxHmpvHjkJGxcegbFzdFzHjhdLDJ9MQQZdM1p
+PomhyYXB9Gsq4oJIOcjqJJdbp4dchYGJ++eS3V1wwstLMTl/+kWZ4ojI9sb/J5rl
+a3gknTjipdUuoOpdkAkXKCbq9AXyFsvLr4Q6WaFpeTuIjNb2QgPOLUmcD1eNCdnn
+KcHQAGR3zRh3uu8zMkaJZwQDZAdRLV6b77OLe7PXCsYgQ68qw3uti3JENv8VC80T
+UxUmv8He7xgAqRCJbD3FH3WT2O63mK9jpnFj/BKDTm5k4hUDtZRY1O92JUqQAruw
+gq3I8mhSqFMkvt+S67u950hRzN4/ZGs7lzxRkDqDqLy+ZISN2cDpbX1i4WmZFfex
+zj7ZbmfsVzwSF/+K31AOQrODt79bGGFwjZgAVn9Cny/bysBxrOJy39D2Awioynpc
+mjICtRP7utpo959YmSNsEcjfamIHVfUOTsEoIYhYASmWRjrSF6v7j2bbC+aFOWsf
+yIRZc0EtH803/Ks++ieIDWFmhB0ydtkqFm8HK2eyqOqnlHTepmrDflkxfao3JTXP
+CbldDpUGKBcLZ5FNaJ5hlQHnJGzU+wbnc133cdYtg9vvhFVgameme8ElcOjZZxMJ
+fPWXMAWc2Szx3Hs/jlaTSIH2GoX1Rr2HdrrNg0qOG/qhLPNrtmrxH/sCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+Ed25519PublicKey = 4ABczlbBBLs5WMztIzafWw1ozwKZVkj4/of3Jc6awiO
diff --git a/playbooks.d/vpn-tinc/share/hosts/gaeru_tyil_net b/playbooks.d/vpn-tinc/share/hosts/gaeru_tyil_net
new file mode 100644
index 0000000..eba305b
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/hosts/gaeru_tyil_net
@@ -0,0 +1,16 @@
+Address = 37.48.120.26
+Subnet = 10.57.20.6/32
+
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA9NUrWO0L8lqrfs4BgZsLdfJZPfKx+Fi8P4k79CIBuVfkQ4OzJmoV
+ahupoOo5edjYLJK09epa9zFRc1DuaotYC7Wm9DdIF82WNZXN9x/Mvuq06WaKXBdj
+iTJKbYfVN/yv8Xfjzfp4DH3txwsq+9AuICHJkHOmb0lsDinpfbmP8C8ozBnutrLM
+XGaIzXzkV2NbunyjaiR7dho5+4P6wedck+IV63KRzepbX36OW9xImmEEpBPeMPzd
+VOgWs35FIgnE5uumXXfIax9CA9wFahvMYUlQbxA6kCg9PTteM3C44udFx8DxzGcR
+giKEbfxjcZ4pK9JG+LTxNZC2BK1gsUNw8sX6mEEY496cs0T10RWzRZM/HvMIpj1W
+5i72yh6kc8ieSr9hGIkm/oM/gwrFeC11PZQKis1P/0O5j7Lv6S7u6Edrpy/+WziV
+Yk10eZXzHcFuVAh9+wQUeD3v4bMQA/mE8RPI9JX4Xkpbu1LOhtglEwFU1CWlG179
+B990cfr3cjJkTqS7qEfWuNh2lQd4iwpgqyPZB7Dd7tHT5EKEZSZ+4+w9Xo8xfy0v
+7pdfImVHZ1PGVEsRk6AZZqcVcCRrjbKfqqL0m9JmB8vV5L3oZL/mXhFkh52aRMeZ
+tzODNlBH0LW2TVVrBw3DJxFyRCRYjk4At8jagVe9fYM4ERkTQxqCFi0CAwEAAQ==
+-----END RSA PUBLIC KEY-----
diff --git a/playbooks.d/vpn-tinc/share/tinc-down-ifconfig b/playbooks.d/vpn-tinc/share/tinc-down-ifconfig
new file mode 100644
index 0000000..6563f07
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/tinc-down-ifconfig
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+ifconfig "$INTERFACE" down
diff --git a/playbooks.d/vpn-tinc/share/tinc-down-ip b/playbooks.d/vpn-tinc/share/tinc-down-ip
new file mode 100644
index 0000000..800ebb3
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/tinc-down-ip
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+ip link set "$INTERFACE" down
diff --git a/playbooks.d/vpn-tinc/share/tinc-up-ifconfig b/playbooks.d/vpn-tinc/share/tinc-up-ifconfig
new file mode 100644
index 0000000..66c897e
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/tinc-up-ifconfig
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+ifconfig "$INTERFACE" inet ${ip4} netmask 255.255.0.0
diff --git a/playbooks.d/vpn-tinc/share/tinc-up-ip b/playbooks.d/vpn-tinc/share/tinc-up-ip
new file mode 100644
index 0000000..191d310
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/tinc-up-ip
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+ip -4 addr add "${ip4}/16" dev "$INTERFACE"
+
+ip link set "$INTERFACE" up
diff --git a/playbooks.d/vpn-tinc/share/tinc.conf b/playbooks.d/vpn-tinc/share/tinc.conf
new file mode 100644
index 0000000..618a271
--- /dev/null
+++ b/playbooks.d/vpn-tinc/share/tinc.conf
@@ -0,0 +1,4 @@
+Name = ${name}
+
+ConnectTo = caeghi_tyil_net
+ConnectTo = gaeru_tyil_net