10 files changed, 94 insertions, 17 deletions

diff --git a/retiolum/Makefile b/retiolum/Makefile
index f3424dea..b3a3c124 100755
--- a/retiolum/Makefile
+++ b/retiolum/Makefile
@@ -29,4 +29,4 @@ startup:
 
 hosts:
 	bin/update-retiolum-hosts || :;
-	sudo bin/apply-custom-hosts-patches
+	sudo bin/patch-retiolum-hosts
diff --git a/retiolum/bin/apply-custom-hosts-patches b/retiolum/bin/apply-custom-hosts-patches
deleted file mode 100755
index 2b2fda80..00000000
--- a/retiolum/bin/apply-custom-hosts-patches
+++ /dev/null
@@ -1,8 +0,0 @@
-#! /bin/sh
-set -euf
-
-patch=/etc/tinc/retiolum/hosts.patch
-
-if test -e $patch; then
-  patch -N -d /etc/tinc/retiolum/hosts -r - < $patch
-fi
diff --git a/retiolum/bin/list-known-public-addresses b/retiolum/bin/list-known-public-addresses
new file mode 100755
index 00000000..21b1c389
--- /dev/null
+++ b/retiolum/bin/list-known-public-addresses
@@ -0,0 +1,38 @@
+#! /bin/sh
+#
+# printf '%s %s\n' hostname IP-address for each known public retiolum address
+#
+set -eu
+
+_list_hostname_address() {
+  cd /etc/tinc/retiolum/hosts
+  grep --with-filename '^Address' * |
+  sed -n '
+    s/: */ /
+    s/ *= */ /
+    s/ Address \([a-zA-Z0-9.:_]*\) \?.*/ \1/p'
+}
+_lookup_address() {
+  sed '
+    /:/!{/ [0-9.]*$/!{s/ / `dig +short /;s/$/` \&/}}
+    s/^/echo /
+    $s/$/\nwait/
+  ' | sh
+}
+_filter_public() {
+  sed '
+    # drop private IPv4 addresses
+    / 10\./d
+    / 172\.\(1[6-9]\|2[0-9]\|3[01]\)\./d
+    / 192\.168\./d
+    # TODO drop private IPv6 addresses
+  '
+}
+_filter_online() {
+  awk '
+    {print"nc -zw 2 "$2" 655 2>/dev/null && echo "$1" "$2" &"}
+    END {print"wait"}
+  ' | sh
+}
+
+_list_hostname_address | _lookup_address | _filter_public
diff --git a/retiolum/bin/patch-retiolum-hosts b/retiolum/bin/patch-retiolum-hosts
new file mode 100755
index 00000000..69d7b92c
--- /dev/null
+++ b/retiolum/bin/patch-retiolum-hosts
@@ -0,0 +1,13 @@
+#! /bin/sh
+#
+# Apply custom retiolum hosts patches, if any.
+#
+# usage: patch-retiolum-hosts [--reverse]
+#
+set -euf
+
+patch=/etc/tinc/retiolum/hosts.patch
+
+if test -e $patch; then
+  patch -N -d /etc/tinc/retiolum/hosts -r - "$@" < $patch
+fi
diff --git a/retiolum/bin/update-retiolum-hosts b/retiolum/bin/update-retiolum-hosts
index 2a379459..214ac205 100755
--- a/retiolum/bin/update-retiolum-hosts
+++ b/retiolum/bin/update-retiolum-hosts
@@ -1,5 +1,5 @@
 #! /bin/sh
-set -eu
+set -euf
 
 if test "${nosudo-false}" != true -a `id -u` != 0; then
   echo "we're going sudo..." >&2
@@ -11,6 +11,4 @@ fi
 cd $(dirname $(readlink -f $0))/..
 
 mkdir -p /etc/tinc/retiolum/hosts
-cp -v -r hosts/* /etc/tinc/retiolum/hosts
-pkill -HUP tincd
-pkill -ALRM tincd
+rsync -va --delete hosts/ /etc/tinc/retiolum/hosts/
diff --git a/retiolum/bin/update_tinc_hosts b/retiolum/bin/update_tinc_hosts
index 7be30c2a..ce1be497 100755
--- a/retiolum/bin/update_tinc_hosts
+++ b/retiolum/bin/update_tinc_hosts
@@ -7,8 +7,12 @@ if test "${nosudo-false}" != true -a `id -u` != 0; then
   exit 23 # go to hell
 fi
 
-DIRNAME=`dirname $0`
-export PATH="`readlink -f $DIRNAME`:$PATH"
+list_hosts="$(
+  basename="`readlink -f "$0"`"
+  bindir="`dirname "$basename"`"
+  echo "$bindir/hosts"
+)"
+hosts() { "$list_hosts"; }
 
 hosts="${hosts-/etc/hosts}"
 
diff --git a/retiolum/hosts/Discordius b/retiolum/hosts/Discordius
new file mode 100644
index 00000000..561b28ca
--- /dev/null
+++ b/retiolum/hosts/Discordius
@@ -0,0 +1,11 @@
+Subnet = 10.243.144.246
+Subnet = 42:017a:4584:17e1:685a:3991:6533:067b
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAsOoWkyydyfW9ml7SBV8d+qXU8E1c4l0vEpdBnmOouZozo1bzzkH3
+bLn2DkZaOLCqVUC1twbeGi2a7tXHh4dLvkIcT38V3XbEwxHhMn7enpKr79GO/VFf
+Lu8t5dLbmPFFTOEeC54ke8X4MdlMrUMuXiGspnl/vc1NBSJIVECl6zdqvZt/UTWA
+vI7evk3F+Tf5dPATqSMdxE5506i2y/W6obwYwaXdPbyBsAQkgdTjfVUe2u0GKfld
+/THprmZYTwlBEZ3YAf12OdfO1aRsDpbogpZs/rcnebScDj7myzh7FkLHdH9nIfxg
+dfGxSBV7kRMwQmgfKjp/yETPjvRz0OMZoQIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/retiolum/hosts/alphalabs b/retiolum/hosts/alphalabs
index e7265e67..a2e1032c 100644
--- a/retiolum/hosts/alphalabs
+++ b/retiolum/hosts/alphalabs
@@ -1,6 +1,5 @@
-Address = 10.9.0.10
 Subnet = 42:0:0:0:0:0:0:a1fa/128
-Subnet = 10.243.0.10/32
+Subnet = 10.243.1.10/32
 Compression = 9
 -----BEGIN RSA PUBLIC KEY-----
 MIIBCgKCAQEAvUAbMmmOFn+4kOvJAvmi0R/XCQa1YBlkjUvC6Pmt0Q8gV1DodXjB
diff --git a/retiolum/hosts/ire b/retiolum/hosts/ire
new file mode 100644
index 00000000..724158cb
--- /dev/null
+++ b/retiolum/hosts/ire
@@ -0,0 +1,12 @@
+Address = 198.147.23.143
+Subnet = 10.243.231.66
+Subnet = 42:b912:0f42:a82d:0d27:8610:e89b:490c
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAwofjmP/XBf5pwsJlWklkSzI+Bo0I0B9ONc7/j+zpbmMRkwbWk4X7
+rVLt1cWvTY15ujg2u8l0o6OgEbIkc6rslkD603fv1sEAd0KOv7iKLgRpE9qfSvAt
+6YpiSv+mxEMTpH0g36OmBfOJ10uT+iHDB/FfxmgGJx//jdJADzLjjWC6ID+iGkGU
+1Sf+yHXF7HRmQ29Yak8LYVCJpGC5bQfWIMSL5lujLq4NchY2d+NZDkuvh42Ayr0K
+LPflnPBQ3XnKHKtSsnFR2vaP6q+d3Opsq/kzBnAkjL26jEuFK1v7P/HhNhJoPzwu
+nKKWj/W/k448ce374k5ycjvKm0c6baAC/wIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/retiolum/hosts/nomic2 b/retiolum/hosts/nomic2
new file mode 100644
index 00000000..63d83ff5
--- /dev/null
+++ b/retiolum/hosts/nomic2
@@ -0,0 +1,10 @@
+Subnet = 10.243.0.111/32
+Subnet = 42:02d5:733f:d6da:c0f5:2bb7:2b18:09ed/128
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA4RATrMG+MJyNq77+qUqoXkBIpUeytIvUNXT5OdvU5v91Xo2eGI23
+NXiFtILDb1nEPB+L4vVWkUKRuPAy+ThgqgTH1vyugT6jRoRhWWmGmSn2GjaF+UxK
+edTfGJqO0Iwn0kZsIFxXUibkmG5iRbJBoPXXz33VtNxOv2gZZ6klfv/pYWnrxmLm
+RZXkE1H3Y0U2ulQEXvpexzVscfYmlAw7h0Ew4aaY2LK4spLLPjx9RdDgfwZOZdS+
+gi5cmi/qM71/o67/4XippR9+7GQ8YecbeoR4bcZpDNoDy1ri7HPPu/t6CiqsYVyg
+jYGBm+IGbwI9hxGel2bXCVBGLE7gpN51TwIDAQAB
+-----END RSA PUBLIC KEY-----