blob: f9c8dd5a45d13453757db4c96a49ea9c54b180d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
#!/usr/bin/env bash
playbook_add()
{
local tinc="$(config "app.tinc")"
local tincd="$(config "app.tincd")"
local dir="$(config "fs.etcdir")/tinc/tyilnet"
local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")"
local ipv4="$(config "vpn.ipv4")"
if [[ -z "$ipv4" ]]
then
emerg "$BASHTARD_PLAYBOOK" "No IPv4 address set for ${BASHTARD_PLATFORM[fqdn]}"
return 2
fi
case "${BASHTARD_PLATFORM[key]}" in
freebsd) iptool=ifconfig ;;
*) iptool=ip
esac
info "$BASHTARD_PLAYBOOK" "Installing tinc"
pkg install "tinc"
info "$BASHTARD_PLAYBOOK" "Creating tinc configuration at $dir"
mkdir -pv -- \
"$dir" \
"$dir/hosts"
file_template tinc.conf \
"name=$name" \
> "$dir/tinc.conf"
file_template "tinc-up-$iptool" \
"ip4=$(config "vpn.ipv4")" \
> "$dir/tinc-up"
file_template "tinc-down-$iptool" \
"ip4=$(config "vpn.ipv4")" \
> "$dir/tinc-down"
file_template "host" \
"ip4=$(config "vpn.ipv4")" \
> "$dir/hosts/$name"
chmod +x \
"$dir/tinc-up" \
"$dir/tinc-down"
info "$BASHTARD_PLAYBOOK" "Generating private keys"
case "$($tincd --version | awk '{ print $3 }' | head -n1)" in
1.0*)
$tincd -n tyilnet -K4096
;;
1.1*|*)
$tinc -n tyilnet generate-rsa-keys 4096
$tinc -n tyilnet generate-ed25519-keys
;;
esac
info "$BASHTARD_PLAYBOOK" "Adding new host to Bashtard configs"
cp -v -- \
"$dir/hosts/$name" \
"$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts/$name"
playbook_sync
info "$BASHTARD_PLAYBOOK" "Enabling VPN service"
case "${BASHTARD_PLATFORM[key]}" in
freebsd)
if ! grep -Fq 'tincd_cfg="tyilnet"' "/etc/rc.conf.d/tincd"
then
printf 'tincd_cfg="%s"\n' "tyilnet" >> "/etc/rc.conf.d/tincd"
fi
;;
linux-gentoo)
if ! grep -Fq "NETWORK: tyilnet" /etc/conf.d/tinc.networks
then
printf "NETWORK: %s\n" "tyilnet" >> /etc/conf.d/tinc.networks
fi
;;
esac
svc enable "tinc"
svc start "tinc"
}
playbook_sync()
{
local dir="$(config "fs.etcdir")/tinc/tyilnet"
local name="$(tr "." "_" <<< "${BASHTARD_PLATFORM[fqdn]}")"
local host
info "$BASHTARD_PLAYBOOK" "Regenerating tinc hosts"
rm -fr -- "$dir/hosts"
mkdir -p -- "$dir/hosts"
for path in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/hosts"/*
do
host="$(basename "$path")"
notice "$BASHTARD_PLAYBOOK" "Updating host $host"
file_template "hosts/$host" \
> "$dir/hosts/$host"
done
[[ "$BASHTARD_COMMAND" == "add" ]] && return
svc reload "tinc"
}
playbook_del()
{
svc stop "tinc"
svc disable "tinc"
pkg uninstall "tinc"
rm -frv -- "$(config "fs.etcdir")/tinc/tyilnet"
}
|