freedombone/src/freedombone-app-cjdns

#!/bin/bash
#
# .---.                  .              .
# |                      |              |
# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
#
#                    Freedom in the Cloud
#
# cjdns functions
#
# License
# =======
#
# Copyright (C) 2014-2016 Bob Mottram <bob@robotics.uk.to>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

VARIANTS=''

ENABLE_CJDNS="no"
CJDNS_PRIVATE_KEY=
CJDNS_PUBLIC_KEY=
CJDNS_IPV6=
CJDNS_PASSWORD=
CJDNS_PORT=
CJDNS_REPO="https://github.com/cjdelisle/cjdns.git"
CJDNS_COMMIT='13189fde111d0500427a7a0ce06a970753527bca'
CJDCMD_REPO="https://github.com/inhies/cjdcmd"
CJDCMD_COMMIT='973cca6ed0eecf9041c3403a40193c0b1291b808'

function install_interactive_cjdns {
    echo -n ''
}

function change_password_cjdns {
    echo -n ''
}

function reconfigure_cjdns {
    echo -n ''
}

function upgrade_cjdns {
    if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
        return
    fi
    function_check set_repo_commit
    set_repo_commit /etc/cjdns "cjdns commit" "$CJDNS_COMMIT" $CJDNS_REPO
}

function configure_firewall_for_cjdns {
    if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
        return
    fi
    if [[ $ENABLE_CJDNS != "yes" ]]; then
        return
    fi
    ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
    ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
    ip6tables -A INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
    ip6tables -A INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT

    function_check save_firewall_settings
    save_firewall_settings
    echo 'configure_firewall_for_cjdns' >> $COMPLETION_FILE
}

function get_cjdns_public_key {
    if [ -f /home/$MY_USERNAME/README ]; then
        if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
            if [ ! $CJDNS_PUBLIC_KEY ]; then
                CJDNS_PUBLIC_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns public key" | awk -F ':' '{print $2}' | sed 's/^ *//')
            fi
        fi
    fi
}

function get_cjdns_private_key {
    if [ -f /home/$MY_USERNAME/README ]; then
        if grep -q "cjdns private key" /home/$MY_USERNAME/README; then
            if [ ! $CJDNS_PRIVATE_KEY ]; then
                CJDNS_PRIVATE_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns private key" | awk -F ':' '{print $2}' | sed 's/^ *//')
            fi
        fi
    fi
}

function get_cjdns_ipv6_address {
    if [ -f /home/$MY_USERNAME/README ]; then
        if grep -q "cjdns IPv6 address" /home/$MY_USERNAME/README; then
            if [ ! $CJDNS_IPV6 ]; then
                CJDNS_IPV6=$(cat /home/$MY_USERNAME/README | grep "cjdns IPv6 address" | awk -F ':' '{print $2}' | sed 's/^ *//')
            fi
        fi
    fi
}

function get_cjdns_port {
    if [ -f /home/$MY_USERNAME/README ]; then
        if grep -q "cjdns port" /home/$MY_USERNAME/README; then
            if [ ! $CJDNS_PORT ]; then
                CJDNS_PORT=$(cat /home/$MY_USERNAME/README | grep "cjdns port" | awk -F ':' '{print $2}' | sed 's/^ *//')
            fi
        fi
    fi
}

function get_cjdns_password {
    if [ -f /home/$MY_USERNAME/README ]; then
        if grep -q "cjdns password" /home/$MY_USERNAME/README; then
            if [ ! $CJDNS_PASSWORD ]; then
                CJDNS_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//')
            fi
        fi
    fi
}

function backup_local_cjdns {
    echo -n ''
}

function restore_local_cjdns {
    if [ -d $USB_MOUNT/backup/cjdns ]; then
        echo $"Restoring cjdns installation"
        temp_restore_dir=/root/tempcjdns
        function_check restore_directory_from_usb
        restore_directory_from_usb $temp_restore_dir cjdns
        rm -rf /etc/cjdns
        cp -r $temp_restore_dir/etc/cjdns /etc/
        if [ ! "$?" = "0" ]; then
            function_check set_user_permissions
            set_user_permissions
            function_check backup_unmount_drive
            backup_unmount_drive
            exit 8472
        fi
        rm -rf $temp_restore_dir
    fi
}

function backup_remote_cjdns {
    echo -n ''
}

function restore_remote_cjdns {
    if [ -d $SERVER_DIRECTORY/backup/cjdns ]; then
        echo $"Restoring cjdns installation"
        temp_restore_dir=/root/tempcjdns
        function_check restore_directory_from_friend
        restore_directory_from_friend $temp_restore_dir cjdns
        rm -rf /etc/cjdns
        cp -r $temp_restore_dir/etc/cjdns /etc/
        if [ ! "$?" = "0" ]; then
            exit 7438
        fi
        rm -rf $temp_restore_dir
    fi
}

function remove_cjdns {
    if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
        return
    fi
    service cjdns stop
    ip6tables -D nat -D POSTROUTING -o tun0 -j MASQUERADE
    ip6tables -D FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
    ip6tables -D INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
    ip6tables -D INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
    function_check save_firewall_settings
    save_firewall_settings

    rm -rf /etc/cjdns
    sed -i '/install_cjdns/d' $COMPLETION_FILE
    sed -i '/cjdns /d' $COMPLETION_FILE
    sed -i '/configure_firewall_for_cjdns/d' $COMPLETION_FILE
}

function install_cjdns_main {
    if [[ $ENABLE_CJDNS != "yes" ]]; then
        return
    fi

    if grep -Fxq "install_cjdns_main" $COMPLETION_FILE; then
        return
    fi

    apt-get -y install nodejs git build-essential nmap

    # if a README exists then obtain the cjdns parameters
    function_check get_cjdns_ipv6_address
    get_cjdns_ipv6_address

    function_check get_cjdns_public_key
    get_cjdns_public_key

    function_check get_cjdns_private_key
    get_cjdns_private_key

    function_check get_cjdns_port
    get_cjdns_port

    function_check get_cjdns_password
    get_cjdns_password

    # special compile settings for running ./do on the Beaglebone Black
    if [[ $INSTALLING_ON_BBB == "yes" ]]; then
        CFLAGS="-O2 -march=armv7-a -mtune=cortex-a8 -mfpu=neon -ftree-vectorize -ffast-math -mfloat-abi=hard -marm -Wno-error=maybe-uninitialized"
        export LDFLAGS="$CFLAGS"
    fi

    if [ ! -d /etc/cjdns ]; then
        function_check git_pull
        git_clone $CJDNS_REPO /etc/cjdns
        cd /etc/cjdns

        git checkout $CJDNS_COMMIT -b $CJDNS_COMMIT
        if ! grep -q "cjdns commit" $COMPLETION_FILE; then
            echo "cjdns commit:$CJDNS_COMMIT" >> $COMPLETION_FILE
        else
            sed -i "s/cjdns commit.*/cjdns commit:$CJDNS_COMMIT/g" $COMPLETION_FILE
        fi

        ./do
        if [ ! "$?" = "0" ]; then
            exit 7439
        fi
        # create a configuration
        if [ ! -f /etc/cjdns/cjdroute.conf ]; then
            ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
            if [ ! "$?" = "0" ]; then
                exit 5922
            fi
        fi
        # create a user to run as
        useradd cjdns
    else
        cd /etc/cjdns
        function_check git_pull
        git_pull $CJDNS_REPO
        ./do
        if [ ! "$?" = "0" ]; then
            exit 9926
        fi
    fi

    # set permissions
    chown -R cjdns:cjdns /etc/cjdns
    chmod 600 /etc/cjdns/cjdroute.conf

    /sbin/ip tuntap add mode tun user cjdns dev cjdroute0

    # insert values into the configuration file
    if [ $CJDNS_PRIVATE_KEY ]; then
        sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
    else
        CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}' | sed -n 1p)
    fi
    if [ $CJDNS_PUBLIC_KEY ]; then
        sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
    else
        CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}' | sed -n 1p)
    fi
    if [ $CJDNS_IPV6 ]; then
        sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
    else
        CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}' | sed -n 1p)
    fi
    if [ $CJDNS_PASSWORD ]; then
        sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
    else
        CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
    fi
    if [ $CJDNS_PORT ]; then
        sed -i "s/\"bind\": \"0.0.0.0:.*/\"bind\": \"0.0.0.0:$CJDNS_PORT\",/g" /etc/cjdns/cjdroute.conf
    else
        CJDNS_PORT=$(cat /etc/cjdns/cjdroute.conf | grep '"bind": "0.0.0.0:' | awk -F '"' '{print $4}' | awk -F ':' '{print $2}' | sed -n 1p)
    fi

    function_check enable_ipv6
    enable_ipv6

    echo '#!/bin/sh -e' > /etc/init.d/cjdns
    echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
    echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
    echo '# Provides:          cjdroute' >> /etc/init.d/cjdns
    echo '# Required-Start:    $remote_fs $network' >> /etc/init.d/cjdns
    echo '# Required-Stop:     $remote_fs $network' >> /etc/init.d/cjdns
    echo '# Default-Start:     2 3 4 5' >> /etc/init.d/cjdns
    echo '# Default-Stop:      0 1 6' >> /etc/init.d/cjdns
    echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
    echo '# Description:       A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
    echo '# cjdns git repo:    https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
    echo '### END INIT INFO' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
    echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
    echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
    echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
    echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
    echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo 'start() {' >> /etc/init.d/cjdns
    echo '     # Start it up with the user cjdns' >> /etc/init.d/cjdns
    echo '     if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
    echo '     then' >> /etc/init.d/cjdns
    echo '         echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
    echo '     else' >> /etc/init.d/cjdns
    echo '         echo " * Starting cjdroute"' >> /etc/init.d/cjdns
    echo '         su -c "$PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG" - $CJDNS_USER' >> /etc/init.d/cjdns
    echo '         /sbin/ip addr add $CJDNS_IP/8 dev tun0' >> /etc/init.d/cjdns
    echo '         /sbin/ip link set mtu 1312 dev tun0' >> /etc/init.d/cjdns
    echo '         /sbin/ip link set tun0 up' >> /etc/init.d/cjdns
    echo '         /sbin/ip tuntap add mode tun user cjdns dev tun0' >> /etc/init.d/cjdns
    echo '     fi' >> /etc/init.d/cjdns
    echo '}' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo 'stop() {' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo '     if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
    echo '     then' >> /etc/init.d/cjdns
    echo '         echo "cjdns isnt running."' >> /etc/init.d/cjdns
    echo '     else' >> /etc/init.d/cjdns
    echo '         echo "Killing cjdroute"' >> /etc/init.d/cjdns
    echo '         killall cjdroute' >> /etc/init.d/cjdns
    echo '     fi' >> /etc/init.d/cjdns
    echo '}' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo 'status() {' >> /etc/init.d/cjdns
    echo '     if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
    echo '     then' >> /etc/init.d/cjdns
    echo '         echo "Cjdns is running"' >> /etc/init.d/cjdns
    echo '     else' >> /etc/init.d/cjdns
    echo '         echo "Cjdns is not running"' >> /etc/init.d/cjdns
    echo '     fi' >> /etc/init.d/cjdns
    echo '}' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo ' update() {' >> /etc/init.d/cjdns
    echo '     cd $GIT_PATH' >> /etc/init.d/cjdns
    echo '     echo "Updating..."' >> /etc/init.d/cjdns
    echo '     git pull' >> /etc/init.d/cjdns
    echo '     ./do' >> /etc/init.d/cjdns
    echo '}' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
    echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
    echo '    echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
    echo '    exit 1' >> /etc/init.d/cjdns
    echo 'fi' >> /etc/init.d/cjdns
    echo '' >> /etc/init.d/cjdns
    echo 'case $1 in' >> /etc/init.d/cjdns
    echo '     start)' >> /etc/init.d/cjdns
    echo '         start' >> /etc/init.d/cjdns
    echo '         exit 0' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo '     stop)' >> /etc/init.d/cjdns
    echo '         stop' >> /etc/init.d/cjdns
    echo '         exit 0' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo '     reload|restart|force-reload)' >> /etc/init.d/cjdns
    echo '         stop' >> /etc/init.d/cjdns
    echo '         sleep 1' >> /etc/init.d/cjdns
    echo '         start' >> /etc/init.d/cjdns
    echo '         exit 0' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo '     status)' >> /etc/init.d/cjdns
    echo '         status' >> /etc/init.d/cjdns
    echo '         exit 0' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo '     update|upgrade)' >> /etc/init.d/cjdns
    echo '         update' >> /etc/init.d/cjdns
    echo '         stop' >> /etc/init.d/cjdns
    echo '         sleep 2' >> /etc/init.d/cjdns
    echo '         start' >> /etc/init.d/cjdns
    echo '         exit 0' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo '     **)' >> /etc/init.d/cjdns
    echo '         echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
    echo '         exit 1' >> /etc/init.d/cjdns
    echo '     ;;' >> /etc/init.d/cjdns
    echo 'esac' >> /etc/init.d/cjdns
    chmod +x /etc/init.d/cjdns
    update-rc.d cjdns defaults
    service cjdns start
    if [ ! "$?" = "0" ]; then
        systemctl status cjdns.service
        exit 8260
    fi

    apt-get -y install radvd
    echo 'interface eth0' > /etc/radvd.conf
    echo '{' >> /etc/radvd.conf
    echo '    AdvSendAdvert on;' >> /etc/radvd.conf
    echo '    prefix fdfc::1/64' >> /etc/radvd.conf
    echo '    {' >> /etc/radvd.conf
    echo '        AdvRouterAddr on;' >> /etc/radvd.conf
    echo '    };' >> /etc/radvd.conf
    echo '};' >> /etc/radvd.conf
    systemctl restart radvd
    if [ ! "$?" = "0" ]; then
        systemctl status radvd.service
        exit 4395
    fi

    if ! grep -q "# Mesh Networking (cjdns)" /etc/network/interfaces; then
        echo '' >> /etc/network/interfaces
        echo '# Mesh Networking (cjdns)' >> /etc/network/interfaces
        echo 'iface eth0 inet6 static' >> /etc/network/interfaces
        echo '    pre-up modprobe ipv6' >> /etc/network/interfaces
        echo '    address fdfc:0000:0000:0000:0000:0000:0000:0001' >> /etc/network/interfaces
        echo '    netmask 64' >> /etc/network/interfaces
        service network-manager restart
        if [ ! "$?" = "0" ]; then
            systemctl status networking.service
            exit 6949
        fi
    fi

    if ! grep -q $"Mesh Networking (cjdns)" /home/$MY_USERNAME/README; then
        CURRENT_IP_ADDRESS=$(ip addr show | grep "inet " | sed -n 2p | awk -F ' ' '{print $2}' | awk -F '/' '{print $1}')

        echo '' >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $'Mesh Networking (cjdns)' >> /home/$MY_USERNAME/README
        echo '=======================' >> /home/$MY_USERNAME/README
        echo $"cjdns IPv6 address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
        echo $"cjdns public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
        echo $"cjdns private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
        echo $"cjdns password: $CJDNS_PASSWORD" >> /home/$MY_USERNAME/README
        echo $"cjdns port: $CJDNS_PORT" >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $"Forward port $CJDNS_PORT from your internet router to the ${PROJECT_NAME}" >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $'Below is an example of your connection credentials' >> /home/$MY_USERNAME/README
        echo $'that you can give to other people so they can connect' >> /home/$MY_USERNAME/README
        echo $'to you using your default password' >> /home/$MY_USERNAME/README
        echo $'Adding a unique password for each user is advisable' >> /home/$MY_USERNAME/README
        echo $'so that leaks can be isolated.' >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo "\"$CURRENT_IP_ADDRESS:$CJDNS_PORT\":{\"password\":\"$CJDNS_PASSWORD\",\"publicKey\":\"$CJDNS_PUBLIC_KEY\"}" >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $'More is not better. 3-5 cjdns peers is good. 30 peers is bad.' >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $'NEVER USE A PUBLIC PEER. These degrade the network and make it centralized.' >> /home/$MY_USERNAME/README
        echo $'Each node can handle many peers, but no node can handle the entire internet.' >> /home/$MY_USERNAME/README
        echo $'As this network grows any public peer will simply become saturated and' >> /home/$MY_USERNAME/README
        echo $'useless causing issues for the entire network.' >> /home/$MY_USERNAME/README
        echo $'Please report anyone offering you a public peer as they are promoting shared' >> /home/$MY_USERNAME/README
        echo $'passwords which could lead to people pretending to be you. A peering pass' >> /home/$MY_USERNAME/README
        echo $'should not contain someone elses nickname or info but should contain yours' >> /home/$MY_USERNAME/README
        echo $'to ensure it is not shared. It also helps when editing the conf to know who' >> /home/$MY_USERNAME/README
        echo $'each password is for.' >> /home/$MY_USERNAME/README
        echo '' >> /home/$MY_USERNAME/README
        echo $'Possible cjdns destinations of interest:' >> /home/$MY_USERNAME/README
        echo '    http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README
        echo '    http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README
        chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
        chmod 600 /home/$MY_USERNAME/README
    fi

    function_check configure_firewall_for_cjdns
    configure_firewall_for_cjdns

    echo 'install_cjdns_main' >> $COMPLETION_FILE
}

function install_cjdns_tools {
    if grep -Fxq "install_cjdns_tools" $COMPLETION_FILE; then
        return
    fi
    if [[ $ENABLE_CJDNS != "yes" ]]; then
        return
    fi
    if [ ! -d /etc/cjdns ]; then
        install_cjdns
    fi

    apt-get -y install mercurial
    if [ ! -f ~/.bashrc ]; then
        touch ~/.bashrc
    fi

    if [ ! -d /home/git ]; then
        # add a gogs user account
        adduser --disabled-login --gecos 'Gogs' git

        # install Go
        if ! grep -q "export GOPATH=" ~/.bashrc; then
            echo "export GOPATH=$GOPATH" >> ~/.bashrc
        fi
        systemctl set-environment GOPATH=$GOPATH
        if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
            echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
        fi
        if [ ! -d $GOPATH ]; then
            mkdir -p $GOPATH
        fi
    fi

    if ! grep -q "export GOPATH=" ~/.bashrc; then
        echo "export GOPATH=$GOPATH" >> ~/.bashrc
    fi
    expected_go_path='export PATH=$PATH:'${GOPATH}'/bin'
    export PATH=$PATH:${GOPATH}/bin
    if ! grep -q "$expected_go_path" ~/.bashrc; then
        echo "$expected_go_path" >> ~/.bashrc
    fi
    export PATH=$PATH:$GOPATH/bin
    CJDCMD_REPO2=$(echo "$CJDCMD_REPO" | sed 's|https://||g')
    go get $CJDCMD_REPO2
    if [ ! -f $GOPATH/bin/cjdcmd ]; then
        echo $'cjdcmd was not compiled. Check your golang installation'
        exit 7439
    fi
    cp $GOPATH/bin/cjdcmd /usr/bin

    # initialise from the cjdns config
    /usr/bin/cjdcmd cjdnsadmin -file /etc/cjdns/cjdroute.conf

    echo 'install_cjdns_tools' >> $COMPLETION_FILE
}

function install_cjdns {
    if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
        return
    fi
    install_cjdns_main
    install_cjdns_tools
    echo 'install_cjdns' >> $COMPLETION_FILE
}

# NOTE: deliberately no exit 0