From a7c3fb1800e94aed3ad8f7cd6656a38ac1e0fb21 Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Sat, 28 May 2011 22:39:09 +0200 Subject: documented my odyssey to install tinc on dotcloud the documentation contains what to do to install tinc on the dotcloud. i am not sure if it really works but it should help for installing on other user-only but public accessible hosts --- modules/retiolum/doc/install_dotcloud | 85 +++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 modules/retiolum/doc/install_dotcloud diff --git a/modules/retiolum/doc/install_dotcloud b/modules/retiolum/doc/install_dotcloud new file mode 100644 index 00000000..29a13604 --- /dev/null +++ b/modules/retiolum/doc/install_dotcloud @@ -0,0 +1,85 @@ +The Dotcloud provided by duostack.com is a application development platform +for simple deployment of your stuff. + +It also provides an ssh-interface via: + + dotcloud ssh project.module + + +to be able to use it without the hassle of going through the api, you will +need to create an own dsa-key for ssh to use and deploy this public key on +the machine + + ssh-keygen -t dsa -f dotcloud_project.dss + cat dotcloud_project.dss.pub (copy the contents to the dotclouds + ~/.ssh/authorized_keys2) + +find your dotcloud host ip via + + dotcloud info project.module + + +You will gain a user shell with + + ssh dotcloud@module.project -p 5960 + +we will need to build some stuff in order to get a working copy of tinc. +Everything needs to be done in userspace. + +mkdir build +cd build +curl http://www.openssl.org/source/openssl-1.0.0d.tar.gz | tar xz +cd openssl-1.0.0d +./config --prefix=$HOME/usr -fPIC +make install +cp lib* $HOME/usr/lib +cd .. + +curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz +cd lzo-2.04 +./configure --prefix=$HOME/usr + +curl http://zlib.net/zlib-1.2.5.tar.gz | tar xz +cd zlib-1.2.5/ +./configure --prefix=$HOME/usr +make install + +before building we need to patch the tinc daemon to run without the need +for a tun device. + +tutorial is here: +https://hackerspace.be/TincVPN + + +curl http://www.tinc-vpn.org/packages/tinc-1.0.14.tar.gz | tar xz +cd tinc-1.0.14 +#apply patch here +./configure --prefix=$HOME/usr --sysconfdir=$HOME/etc \ +--localstatedir=$HOME/var --with-openssl=`pwd`/../openssl-1.0.0d/ \ +--with-openssl-lib=`pwd`/../openssl-1.0.0d/ \ +--with-zlib-include=$HOME/usr/include --with-zlib-lib=$HOME/usr/lib +make +make install +mkdir ~/etc +mkdir ~/var +cd ~/painload/modules/retiolum/scripts/tinc_setup +./install cloudkrebs 10.7.7.221 + + +be sure to fix the portnumber in the generated host file and add your own +address in hosts/cloudkrebs: + +Address = my.public.address +Port = 1655 + +PUBKEY + + +also write the right in tinc.conf: + +Name = cloudkrebs + +Mode = switch +#device = ... +# no device :) + -- cgit v1.2.3 From 5392511e88b7ca77b88b3d16f5991bde70823144 Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Sat, 28 May 2011 22:41:20 +0200 Subject: install.sh: bugfixes/ does the right thing now autostart/Makefile: fixed paths as this will only work with debian anyway --- modules/retiolum/scripts/autostart/Makefile | 12 +++++++++--- modules/retiolum/scripts/tinc_setup/install.sh | 12 ++++++------ 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/modules/retiolum/scripts/autostart/Makefile b/modules/retiolum/scripts/autostart/Makefile index 7ca589e1..aba6bd33 100644 --- a/modules/retiolum/scripts/autostart/Makefile +++ b/modules/retiolum/scripts/autostart/Makefile @@ -1,8 +1,14 @@ INIT_FOLDER=/etc/init.d .phony: all -all: +debian: #TODO change the tinc file before writing - cp tinc $(INIT_FOLDER)/tinc - chmod +x $(INIT_FOLDER)/tinc + cp tinc /etc/init.d/tinc + chmod +x /etc/init.d echo "retiolum" > /etc/tinc/nets.boot update-rc.d tinc defaults +arch: + @cp tinc /etc/rc.d + @chmod +x /etc/rc.d/tinc + @echo "add tinc to DAEMONS in /etc/rc.conf" + + diff --git a/modules/retiolum/scripts/tinc_setup/install.sh b/modules/retiolum/scripts/tinc_setup/install.sh index de7d2225..9df38df7 100755 --- a/modules/retiolum/scripts/tinc_setup/install.sh +++ b/modules/retiolum/scripts/tinc_setup/install.sh @@ -1,10 +1,10 @@ #! /bin/sh # USE WITH GREAT CAUTION -make -C ../../ update +#make -C ../../ update set -e - -CURR=`dirname "$0"` +DIRNAME=`dirname $0` +CURR=`readlink -f ${DIRNAME}` MYBIN=../../bin netname=retiolum # create configuration directory for $netname @@ -30,6 +30,7 @@ then then echo "select v4 subnet ip (1-255) :" read v4num + myipv4=10.7.7.$v4num if [ "$v4num" -gt 0 -a "$v4num" -lt "256" ]; then echo "check" @@ -37,7 +38,6 @@ then echo "you are made of stupid. bailing out" exit 1 fi - myipv4=10.7.7.$v4num fi echo "Subnet = $myipv4" > hosts/$myname @@ -47,7 +47,7 @@ else echo "own host file already exists! will not write again!" fi -cp $CURR/tinc-up . +cp $CURR/tinc-up /etc/tinc/$netname/ cat>tinc.conf< Date: Sun, 29 May 2011 12:08:13 +0200 Subject: docu for cloudinstall,update graphgen doc/install_dotcloud : updated docu, now specified which file to patch doc/install_no.de : added docu for no.de cloud parse.py : nodes which are down will not be written auoupdate_cron.sh : contains what to do when the nodes should auto-update --- modules/retiolum/doc/install_dotcloud | 70 +++++++++++----------- modules/retiolum/doc/install_no.de | 4 ++ modules/retiolum/scripts/adv_graphgen/parse.py | 11 +++- modules/retiolum/scripts/adv_graphgen/sanitize.sh | 2 +- .../retiolum/scripts/tinc_setup/autoupdate_cron.sh | 7 +++ 5 files changed, 56 insertions(+), 38 deletions(-) create mode 100644 modules/retiolum/doc/install_no.de create mode 100644 modules/retiolum/scripts/tinc_setup/autoupdate_cron.sh diff --git a/modules/retiolum/doc/install_dotcloud b/modules/retiolum/doc/install_dotcloud index 29a13604..ab7206b1 100644 --- a/modules/retiolum/doc/install_dotcloud +++ b/modules/retiolum/doc/install_dotcloud @@ -26,23 +26,23 @@ You will gain a user shell with we will need to build some stuff in order to get a working copy of tinc. Everything needs to be done in userspace. -mkdir build -cd build -curl http://www.openssl.org/source/openssl-1.0.0d.tar.gz | tar xz -cd openssl-1.0.0d -./config --prefix=$HOME/usr -fPIC -make install -cp lib* $HOME/usr/lib -cd .. + mkdir build + cd build + curl http://www.openssl.org/source/openssl-1.0.0d.tar.gz | tar xz + cd openssl-1.0.0d + ./config --prefix=$HOME/usr -fPIC + make install + cp lib* $HOME/usr/lib + cd .. -curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz -cd lzo-2.04 -./configure --prefix=$HOME/usr + curl http://www.oberhumer.com/opensource/lzo/download/lzo-2.04.tar.gz | tar xz + cd lzo-2.04 + ./configure --prefix=$HOME/usr -curl http://zlib.net/zlib-1.2.5.tar.gz | tar xz -cd zlib-1.2.5/ -./configure --prefix=$HOME/usr -make install + curl http://zlib.net/zlib-1.2.5.tar.gz | tar xz + cd zlib-1.2.5/ + ./configure --prefix=$HOME/usr + make install before building we need to patch the tinc daemon to run without the need for a tun device. @@ -51,35 +51,35 @@ tutorial is here: https://hackerspace.be/TincVPN -curl http://www.tinc-vpn.org/packages/tinc-1.0.14.tar.gz | tar xz -cd tinc-1.0.14 -#apply patch here -./configure --prefix=$HOME/usr --sysconfdir=$HOME/etc \ ---localstatedir=$HOME/var --with-openssl=`pwd`/../openssl-1.0.0d/ \ ---with-openssl-lib=`pwd`/../openssl-1.0.0d/ \ ---with-zlib-include=$HOME/usr/include --with-zlib-lib=$HOME/usr/lib -make -make install -mkdir ~/etc -mkdir ~/var -cd ~/painload/modules/retiolum/scripts/tinc_setup -./install cloudkrebs 10.7.7.221 + curl http://www.tinc-vpn.org/packages/tinc-1.0.14.tar.gz | tar xz + cd tinc-1.0.14 + #replace the device.c with the patched (empty) one from the webpage + ./configure --prefix=$HOME/usr --sysconfdir=$HOME/etc \ + --localstatedir=$HOME/var --with-openssl=`pwd`/../openssl-1.0.0d/ \ + --with-openssl-lib=`pwd`/../openssl-1.0.0d/ \ + --with-zlib-include=$HOME/usr/include --with-zlib-lib=$HOME/usr/lib + make + make install + mkdir ~/etc + mkdir -p ~/var/run + cd ~/painload/modules/retiolum/scripts/tinc_setup + ./install cloudkrebs 10.7.7.221 be sure to fix the portnumber in the generated host file and add your own address in hosts/cloudkrebs: -Address = my.public.address -Port = 1655 + Address = my.public.address + Port = 1655 -PUBKEY + PUBKEY also write the right in tinc.conf: -Name = cloudkrebs + Name = cloudkrebs -Mode = switch -#device = ... -# no device :) + Mode = switch + #device = ... + # no device :) diff --git a/modules/retiolum/doc/install_no.de b/modules/retiolum/doc/install_no.de new file mode 100644 index 00000000..a8b72a78 --- /dev/null +++ b/modules/retiolum/doc/install_no.de @@ -0,0 +1,4 @@ +ok, i tried to just do the same step i did in the other cloud service, but +it failed when trying to include tunnel headers.this is what to do: + +# add PATH_MAX to conf.c diff --git a/modules/retiolum/scripts/adv_graphgen/parse.py b/modules/retiolum/scripts/adv_graphgen/parse.py index 04b42c33..16d3043b 100755 --- a/modules/retiolum/scripts/adv_graphgen/parse.py +++ b/modules/retiolum/scripts/adv_graphgen/parse.py @@ -12,6 +12,7 @@ def write_digraph(nodes): print ('digraph retiolum {') print (' node[shape=box,style=filled,fillcolor=grey]') generate_stats(nodes) + nodes = delete_unused_nodes(nodes) merge_edges(nodes) for k,v in nodes.iteritems(): write_node(k,v) @@ -21,7 +22,12 @@ def generate_stats(nodes): """ for k,v in nodes.iteritems(): v['num_conns'] = len(v.get('to',[])) - +def delete_unused_nodes(nodes): + new_nodes = {} + for k,v in nodes.iteritems(): + if v.get('to',[]): + new_nodes[k] = v + return new_nodes def merge_edges(nodes): """ merge back and forth edges into one DESTRUCTS the current structure by deleting "connections" in the nodes @@ -50,7 +56,8 @@ def write_node(k,v): if v['external-ip'] == "MYSELF": node += ",fillcolor=steelblue1" node += "]" - print (node) + print node + for con in v.get('to',[]): edge = " "+k+ " -> " +con['name'] + "[weight="+str(float(con['weight'])) if con.get('bidirectional',False): diff --git a/modules/retiolum/scripts/adv_graphgen/sanitize.sh b/modules/retiolum/scripts/adv_graphgen/sanitize.sh index 88591b67..0e12d207 100755 --- a/modules/retiolum/scripts/adv_graphgen/sanitize.sh +++ b/modules/retiolum/scripts/adv_graphgen/sanitize.sh @@ -10,4 +10,4 @@ sudo sed -n '/tinc.retiolum/{s/.*tinc.retiolum\[[0-9]*\]: //gp}' $LOG_FILE |\ $GRAPH_SETTER1 -Tpng -o $1retiolum_1.png retiolum.dot $GRAPH_SETTER2 -Tpng -o $1retiolum_2.png retiolum.dot $OPENER retiolum_1.png &>/dev/null -rm retiolum.dot +#rm retiolum.dot diff --git a/modules/retiolum/scripts/tinc_setup/autoupdate_cron.sh b/modules/retiolum/scripts/tinc_setup/autoupdate_cron.sh new file mode 100644 index 00000000..d5d41aaf --- /dev/null +++ b/modules/retiolum/scripts/tinc_setup/autoupdate_cron.sh @@ -0,0 +1,7 @@ +cat </dev/null +12 23 * * * cd /home/node/etc/tinc/retiolum/hosts/ && /opt/local/bin/git pull && pkill -HUP tincd +EOF + -- cgit v1.2.3 From b7e9b977884f8d4d6149b06e3567f288b920daa6 Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Sun, 29 May 2011 12:25:46 +0200 Subject: updated graphgen script parse.py: parser now stores all internal addresses for nodes which have v4 and v6 addresses --- modules/retiolum/scripts/adv_graphgen/parse.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/modules/retiolum/scripts/adv_graphgen/parse.py b/modules/retiolum/scripts/adv_graphgen/parse.py index 16d3043b..639c5316 100755 --- a/modules/retiolum/scripts/adv_graphgen/parse.py +++ b/modules/retiolum/scripts/adv_graphgen/parse.py @@ -51,8 +51,9 @@ def write_node(k,v): node += "external:"+v['external-ip']+":"+v['external-port']+"\\l" if v.has_key('num_conns'): node += "Num Connects:"+str(v['num_conns'])+"\\l" - - node += "internal:"+v.get('internal-ip','¯\\\\(°_o)/¯')+"\\l\"" + for addr in v.get('internal-ip',['¯\\\\(°_o)/¯']): + node += "internal:"+addr+"\\l" + node +="\"" if v['external-ip'] == "MYSELF": node += ",fillcolor=steelblue1" node += "]" @@ -81,7 +82,9 @@ def parse_input(): if line == 'End of subnet list.\n': break l = line.replace('\n','').split() - nodes[l[2]]['internal-ip'] = l[0].split('#')[0] + if not nodes[l[2]].get('internal-ip',False): + nodes[l[2]]['internal-ip'] = [] + nodes[l[2]]['internal-ip'].append(l[0].split('#')[0]) if line == 'Edges:': edges = {} for line in sys.stdin: -- cgit v1.2.3