diff options
author | Felix Richter <Felix.Richter@syntax-fehler.de> | 2011-05-29 15:48:47 +0200 |
---|---|---|
committer | Felix Richter <Felix.Richter@syntax-fehler.de> | 2011-05-29 15:48:47 +0200 |
commit | 590f55d10dd4ce2e00ecf422e38385d3c7bace29 (patch) | |
tree | a4e07d12b5763bd667438dce18ad092127ec4233 /retiolum/scripts/tinc_setup | |
parent | 427bdf4e2093217f967384f785e3907930a74a21 (diff) | |
parent | e0ec5d2e8560ae433ee677622b24ba82dbe7630b (diff) |
Merge branch 'master' of github.com:krebscode/painload
Diffstat (limited to 'retiolum/scripts/tinc_setup')
-rw-r--r-- | retiolum/scripts/tinc_setup/README | 18 | ||||
-rw-r--r-- | retiolum/scripts/tinc_setup/autoupdate_cron.sh | 7 | ||||
-rw-r--r-- | retiolum/scripts/tinc_setup/bootstrap.sh | 11 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/build_arch.sh | 14 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/build_debian.sh | 32 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/build_debian_clean.sh | 31 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/build_ec2.sh | 16 | ||||
-rw-r--r-- | retiolum/scripts/tinc_setup/build_no.de.sh | 1 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/install.sh | 72 | ||||
-rwxr-xr-x | retiolum/scripts/tinc_setup/tinc-up | 20 | ||||
-rw-r--r-- | retiolum/scripts/tinc_setup/write_channel.py | 26 |
11 files changed, 248 insertions, 0 deletions
diff --git a/retiolum/scripts/tinc_setup/README b/retiolum/scripts/tinc_setup/README new file mode 100644 index 00000000..11d6f6e9 --- /dev/null +++ b/retiolum/scripts/tinc_setup/README @@ -0,0 +1,18 @@ +This directory contains the build and install scripts for shack-retiolum + +1. build_arch + arch linux build script +2. build_debian + debian build script +3. build_debian_clean + debian script which builds a clean tinc daemon +4. build_ec2 + Amazon ec2 base instance build script +5. install.sh + configures the tinc daemon + $1 is the nickname + $2 is the ip-address + also writes a python file inside the tinc/retiolum folder which posts + the public key into the IRC:freenode/#tincspasm +6. build_no.de + nonfunct no.de smartmachine build script diff --git a/retiolum/scripts/tinc_setup/autoupdate_cron.sh b/retiolum/scripts/tinc_setup/autoupdate_cron.sh new file mode 100644 index 00000000..d5d41aaf --- /dev/null +++ b/retiolum/scripts/tinc_setup/autoupdate_cron.sh @@ -0,0 +1,7 @@ +cat <<EOF +# Add these lines to your crontab: + +12 23 * * * /home/node/usr/sbin/tincd -n retiolum &>/dev/null +12 23 * * * cd /home/node/etc/tinc/retiolum/hosts/ && /opt/local/bin/git pull && pkill -HUP tincd +EOF + diff --git a/retiolum/scripts/tinc_setup/bootstrap.sh b/retiolum/scripts/tinc_setup/bootstrap.sh new file mode 100644 index 00000000..32919e7d --- /dev/null +++ b/retiolum/scripts/tinc_setup/bootstrap.sh @@ -0,0 +1,11 @@ +if [ ! `id -u` -eq "0" ] +then + echo "not root, trying sudo" + exec sudo "$0" "$@" +fi + +mkdir -p /etc/tinc/retiolum/ +git clone git://github.com/miefda/retiolum.git /etc/tinc/retiolum/hosts +cd /etc/tinc/retiolum/hosts/.scripts + +echo "use the build script of your choice from /etc/tinc/retiolum/hosts/.scripts" diff --git a/retiolum/scripts/tinc_setup/build_arch.sh b/retiolum/scripts/tinc_setup/build_arch.sh new file mode 100755 index 00000000..5ef5d765 --- /dev/null +++ b/retiolum/scripts/tinc_setup/build_arch.sh @@ -0,0 +1,14 @@ +#!/bin/sh +set -e +sudo pacman -S openssl gcc lzo +curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz +cd tinc-1.0.13 +./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var +make +sudo make install +cd .. + +echo "overwriting python to python2" +sed 's/\/usr\/bin\/python/\/usr\/bin\/python2/g' install.sh >install2.sh +mv install2.sh install.sh + diff --git a/retiolum/scripts/tinc_setup/build_debian.sh b/retiolum/scripts/tinc_setup/build_debian.sh new file mode 100755 index 00000000..52e61390 --- /dev/null +++ b/retiolum/scripts/tinc_setup/build_debian.sh @@ -0,0 +1,32 @@ +#!/bin/bash +set -x +if [ ! "$MYIP" ] +then + MYIP=10.0.7.7.55 +fi +if [ ! "$MYHOSTNAME" ] +then + MYHOSTNAME="penis" +fi + +if [ "$MYHOSTNAME" = "penis" ]; +then + read -n1 -p "name is penis, are u sure? [yN]" + if [[ "$REPLY" != [yY] ]] + then + echo "then better RTFC" + echo "bailing out" + exit 0 + fi +fi +apt-get install tinc git curl python + +./install.sh "$MYHOSTNAME" "$MYIP" + +# for autostart +sed -i '/retiolum/d' /etc/tinc/nets.boot +echo "retiolum" >> /etc/tinc/nets.boot +sed -i '/EXTRA/d' /etc/tinc/nets.boot +echo "EXTRA=\"\"" >> /etc/default/tinc + +/etc/init.d/tinc start diff --git a/retiolum/scripts/tinc_setup/build_debian_clean.sh b/retiolum/scripts/tinc_setup/build_debian_clean.sh new file mode 100755 index 00000000..a7332f4e --- /dev/null +++ b/retiolum/scripts/tinc_setup/build_debian_clean.sh @@ -0,0 +1,31 @@ +#!/bin/bash +set -xe +MYIP=10.0.7.7.55 + +apt-get install tinc git curl gcc gcc-dev build-essential libssl-dev python + +git clone https://github.com/makefu/shack-retiolum.git + +mkdir build +cd build +curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar +xz +cd lzo-2.04 +./configure --prefix=/usr +make +sudo make install +cd .. +curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz +cd tinc-1.0.13 +./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var +make +sudo make install +cd ../.. + +cd shack-retiolum +./install.sh `hostname` $MYIP + +rm shack-retiolum +# for autostart +echo "retiolum" >> /etc/tinc/nets.boot +echo "EXTRA=\"--user=tincd --chroot\"" >> /etc/default/tinc diff --git a/retiolum/scripts/tinc_setup/build_ec2.sh b/retiolum/scripts/tinc_setup/build_ec2.sh new file mode 100755 index 00000000..79f2af28 --- /dev/null +++ b/retiolum/scripts/tinc_setup/build_ec2.sh @@ -0,0 +1,16 @@ +#!/bin/sh +set -e +sudo yum install -y gcc openssl-devel +mkdir build +cd build +curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz +cd lzo-2.04 +./configure --prefix=/usr +make +sudo make install +cd .. +curl http://www.tinc-vpn.org/packages/tinc-1.0.13.tar.gz | tar xz +cd tinc-1.0.13 +./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var +make +sudo make install diff --git a/retiolum/scripts/tinc_setup/build_no.de.sh b/retiolum/scripts/tinc_setup/build_no.de.sh new file mode 100644 index 00000000..2976d3a2 --- /dev/null +++ b/retiolum/scripts/tinc_setup/build_no.de.sh @@ -0,0 +1 @@ +pkgin in lzo gcc-tools gcc-compiler gcc34 diff --git a/retiolum/scripts/tinc_setup/install.sh b/retiolum/scripts/tinc_setup/install.sh new file mode 100755 index 00000000..9df38df7 --- /dev/null +++ b/retiolum/scripts/tinc_setup/install.sh @@ -0,0 +1,72 @@ +#! /bin/sh +# USE WITH GREAT CAUTION + +#make -C ../../ update +set -e +DIRNAME=`dirname $0` +CURR=`readlink -f ${DIRNAME}` +MYBIN=../../bin +netname=retiolum +# create configuration directory for $netname +mkdir -p /etc/tinc/$netname/hosts +cd /etc/tinc/$netname + +echo "added known hosts:" +ls -1 hosts | LC_ALL=C sort +echo "delete the nodes you do not trust!" + +myname="${1:-}" +if [ ! "$myname" ] +then + echo "select username: " + read myname +fi +if [ ! -e "hosts/$myname" ] +then + myipv4="${2:-}" + mynet4=10.7.7.0 + + if [ ! "$myipv4" ] + then + echo "select v4 subnet ip (1-255) :" + read v4num + myipv4=10.7.7.$v4num + if [ "$v4num" -gt 0 -a "$v4num" -lt "256" ]; + then + echo "check" + else + echo "you are made of stupid. bailing out" + exit 1 + fi + fi + echo "Subnet = $myipv4" > hosts/$myname + + myipv6=`${CURR}/../../bin/fillxx 42:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx`/128 + echo "Subnet = $myipv6" >> hosts/$myname +else + echo "own host file already exists! will not write again!" +fi + +cp $CURR/tinc-up /etc/tinc/$netname/ + +cat>tinc.conf<<EOF +Name = $myname +ConnectTo = supernode +ConnectTo = kaah +ConnectTo = pa_sharepoint +Device = /dev/net/tun +EOF + +if [ ! -e rsa_key.priv ] +then + echo "creating new keys" + tincd -n $netname -K + python ${CURR}/write_channel.py $myname || \ + echo "cannot write public key to IRC, you are on your own. Good Luck" +else + echo "key files already exist, skipping" + echo "if you know what you are doing, remove rsa_key.priv" +fi +# add user tincd +# this is what the setup scripts for the distribution has to do +#useradd tincd diff --git a/retiolum/scripts/tinc_setup/tinc-up b/retiolum/scripts/tinc_setup/tinc-up new file mode 100755 index 00000000..ae7c68e6 --- /dev/null +++ b/retiolum/scripts/tinc_setup/tinc-up @@ -0,0 +1,20 @@ +# source: krebscode/painload/retiolum/scripts/tinc_setup/tinc-up + +dirname="`dirname "$0"`" + +conf=$dirname/tinc.conf + +name=`sed -rn 's|^ *Name *= *([^ ]*) *$|\1|p' $conf` + +host=$dirname/hosts/$name + +route4=10.7.7.0/24 +addr4=`sed -rn 's|^ *Subnet *= *(10\.[^ ]*) *$|\1|p' $host` + +route6=42::/16 +addr6=`sed -rn 's|^ *Subnet *= *(42:[^ ]*) *$|\1|p' $host` + +ifconfig $INTERFACE up $addr4 +route add -net $route4 dev $INTERFACE +ip -6 addr add $addr6 dev $INTERFACE +ip -6 route add $route6 dev $INTERFACE diff --git a/retiolum/scripts/tinc_setup/write_channel.py b/retiolum/scripts/tinc_setup/write_channel.py new file mode 100644 index 00000000..a11d4605 --- /dev/null +++ b/retiolum/scripts/tinc_setup/write_channel.py @@ -0,0 +1,26 @@ +#!/usr/bin/python +import random, sys, time, socket +try: + myname=sys.argv[1] +except: + print "you are made of stupid" + exit (23) + +CHANNEL = '#tincspasm' +HOST='irc.freenode.net' +FILE="/etc/tinc/retiolum/hosts/"+myname +PORT=6667 +NICK= myname+"_"+str(random.randint(23,666)) + +sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM) +sock.connect((HOST,PORT)) +print NICK +sock.send("NICK %s\r\n" % NICK) +sock.send("USER %s %s bla : %s\r\n" %(NICK,HOST,NICK)) +sock.send("JOIN %s\r\n" % CHANNEL) +time.sleep(23) +f = open(FILE,'r') +a = [ sock.send("PRIVMSG %s : %s" % ( CHANNEL,line)) for line in f] +time.sleep(5) #because irc is so lazy +print "closing socket" +sock.close() |