1 #!/bin/bash 2 3 # Locate tincd 4 tincd="$( 5 export PATH="${PATH}:/usr/sbin:/sbin:/usr/local/sbin:/opt/appfs/rkeene.org/tinc/platform/latest/sbin" 6 which tincd 2>/dev/null 7 )" 8 if [ -z "${tincd}" -o ! -x "${tincd}" ]; then 9 echo "Unable to locate a working \"tincd\", aborting." >&2 10 11 exit 1 12 fi 13 14 case "${tincd}" in 15 /usr/local/*|/opt/appfs/*) 16 tincdprefix="$(dirname "$(dirname "${tincd}")")" 17 ;; 18 *) 19 tincdprefix='' 20 ;; 21 esac 22 23 echo -n "IP Address on VPN: " 24 read IPADDR 25 26 if [ -z "${IPADDR}" ]; then 27 echo "Invalid IP address." >&2 28 exit 1 29 fi 30 31 NAME="$(hostname | cut -f 1 -d '.' | sed 's@-@@g')" 32 33 mkdir -p "${tincdprefix}"/etc/tinc/ocvpn/hosts/ || exit 1 34 cat <<EOF > "${tincdprefix}"/etc/tinc/ocvpn/tinc.conf 35 Mode = switch 36 Name = ${NAME} 37 AddressFamily = ipv4 38 Hostnames = no 39 ConnectTo = maul 40 ConnectTo = olympus 41 EOF 42 43 KEYFILE="${tincdprefix}/etc/tinc/ocvpn/hosts/${NAME}" 44 if [ -f "${KEYFILE}" ]; then 45 echo "*** WARNING: An existing key file was found, it's been moved to:" >&2 46 echo "*** WARNING: ${KEYFILE}.old" >&2 47 echo "*** WARNING: Please re-run this script once you've saved it." >&2 48 mv "${KEYFILE}" "${KEYFILE}.old" 49 exit 1 50 fi 51 echo "IndirectData = yes" >> "${KEYFILE}" 52 echo | "${tincd}" -n ocvpn -K 53 54 cat <<\EOF >"${tincdprefix}"/etc/tinc/ocvpn/hosts/maul 55 Address = 108.175.9.112 56 -----BEGIN RSA PUBLIC KEY----- 57 MIIBCgKCAQEAssCRLpqWplyLhlJtdhtmYsrQbtVlVNh1/Lgtnj3F6NR/g8eWfowq 58 AGO0Ni3V0N0TRopHO5DI6N7xKqk6NG9am9qrnuvcYZEfqz5EOBFcSkLD1YmH6pMb 59 PmxcYrVit+AVes9JpHE8e4WA8gaO1AmKkvlnuQIPnJGBAYRT6bQ7BtHczukLwmKU 60 frkus31+akjntGYoNJBZy2t82lPXMGtEDIULnwDol/2KX8ivGBrU0z1hc6QNAZjU 61 e00CYTWoCyqJ2PW/2FTspWtnfoIHnrA3vvPWvpW7laUe9qGfWcI9Mq+DthMLNJ1A 62 dnSl2e+eV7QsSuLJ53I2X2U/EwHkdyj5jwIDAQAB 63 -----END RSA PUBLIC KEY----- 64 EOF 65 66 cat <<EOF >"${tincdprefix}"/etc/tinc/ocvpn/tinc-up 67 #!/bin/bash 68 69 if [ ! -z "\${INTERFACE}" ]; then 70 ifconfig "\${INTERFACE}" ${IPADDR} netmask 255.255.255.0 broadcast 10.8.0.255 up 71 fi 72 73 exit 0 74 EOF 75 cat <<EOF >"${tincdprefix}"/etc/tinc/ocvpn/hosts/maul-up 76 #! /bin/bash 77 78 ( 79 cd '${tincdprefix}/etc/tinc/ocvpn/hosts/' || exit 0 80 wget -O all.tar.gz http://10.8.0.1/~rkeene/projects/vpn/hosts/all.tar.gz 2>/dev/null >/dev/null 81 tar -zxf all.tar.gz maul-up olympus 2>/dev/null >/dev/null 82 rm -f all.tar.gz 83 ) & 84 85 exit 0 86 EOF 87 chmod 755 "${tincdprefix}"/etc/tinc/ocvpn/tinc-up "${tincdprefix}"/etc/tinc/ocvpn/hosts/maul-up 88 chown root:root "${tincdprefix}"/etc/tinc/ocvpn/tinc-up "${tincdprefix}"/etc/tinc/ocvpn/hosts/maul-up 89 90 initscp="/usr/sbin/start_vpn" 91 if [ -d "/etc/rc.d/" ]; then 92 initscp="/etc/rc.d/rc.vpn" 93 fi 94 if [ -d "/etc/init.d/" ]; then 95 initscp="/etc/init.d/tinc" 96 fi 97 98 if [ ! -f "${initscp}" ]; then 99 100 cat <<EOF >"${initscp}" 101 #!/bin/bash 102 103 PATH="\${PATH}:$(dirname "${tincd}")" 104 105 if [ "\$1" = "stop" -o "\$1" = "restart" ]; then 106 tincd -n ocvpn -k >/dev/null 2>/dev/null 107 if [ "\$1" = "stop" ]; then exit 0; fi 108 sleep 1 109 fi 110 111 if [ "\$1" = 'start' -o "\$1" = 'restart' -o "\$1" = '' ]; then 112 : 113 else 114 echo "Usage: tincd {stop|start|restart}" >&2 115 116 exit 1 117 fi 118 119 tincd="\$(which tincd 2>/dev/null)" 120 if [ -d ${tincdprefix}/etc/tinc -a -x "\${tincd}" ]; then 121 modprobe tun >/dev/null 2>/dev/null 122 123 echo -n "Starting VPN client: " 124 tincd -n ocvpn 125 echo "tincd" 126 fi 127 EOF 128 129 chmod 755 "${initscp}" 130 chown root:root "${initscp}" 131 fi 132 133 echo "Your public key (feed to maul):" 134 echo "# Node ${KEYFILE}" 135 cat "${KEYFILE}" config_vpn.sh is a script to configure the VPN on Linux machines. |