freedombone-app-batman 12KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # batman adv mesh functions
  12. #
  13. # License
  14. # =======
  15. #
  16. # Copyright (C) 2014-2016 Bob Mottram <bob@freedombone.net>
  17. #
  18. # This program is free software: you can redistribute it and/or modify
  19. # it under the terms of the GNU Affero General Public License as published by
  20. # the Free Software Foundation, either version 3 of the License, or
  21. # (at your option) any later version.
  22. #
  23. # This program is distributed in the hope that it will be useful,
  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. # GNU Affero General Public License for more details.
  27. #
  28. # You should have received a copy of the GNU Affero General Public License
  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. VARIANTS=''
  31. IN_DEFAULT_INSTALL=0
  32. SHOW_ON_ABOUT=0
  33. ENABLE_BATMAN="no"
  34. BATMAN_CELLID='any'
  35. batman_variables=(MY_USERNAME
  36. BATMAN_CELLID)
  37. function logging_on_batman {
  38. echo -n ''
  39. }
  40. function logging_off_batman {
  41. echo -n ''
  42. }
  43. function install_interactive_batman {
  44. echo -n ''
  45. APP_INSTALLED=1
  46. }
  47. function configure_firewall_for_batman {
  48. if [[ $(is_completed $FUNCNAME) == "1" ]]; then
  49. return
  50. fi
  51. if [[ $ENABLE_BATMAN != "yes" ]]; then
  52. return
  53. fi
  54. function_check save_firewall_settings
  55. save_firewall_settings
  56. mark_completed $FUNCNAME
  57. }
  58. function reconfigure_batman {
  59. echo -n ''
  60. }
  61. function upgrade_batman {
  62. echo -n ''
  63. }
  64. function backup_local_batman {
  65. echo -n ''
  66. }
  67. function restore_local_batman {
  68. echo -n ''
  69. }
  70. function backup_remote_batman {
  71. echo -n ''
  72. }
  73. function restore_remote_batman {
  74. echo -n ''
  75. }
  76. function remove_batman {
  77. ${PROJECT_NAME}-mesh-install -f batman --remove yes
  78. if [ ! "$?" = "0" ]; then
  79. echo $'Failed to remove batman'
  80. exit 79353
  81. fi
  82. remove_completion_param install_batman
  83. remove_completion_param configure_firewall_for_batman
  84. }
  85. function mesh_install_batman {
  86. chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 batctl
  87. chroot "$rootdir" apt-get -yq install python-dev libevent-dev ebtables python-pip git
  88. chroot "$rootdir" apt-get -yq install wireless-tools rfkill
  89. if ! grep -q "batman_adv" $rootdir/etc/modules; then
  90. echo 'batman_adv' >> $rootdir/etc/modules
  91. fi
  92. BATMAN_SCRIPT=$rootdir/var/lib/batman
  93. if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
  94. cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
  95. else
  96. cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
  97. fi
  98. BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
  99. echo '[Unit]' > $BATMAN_DAEMON
  100. echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
  101. echo 'After=network.target' >> $BATMAN_DAEMON
  102. echo '' >> $BATMAN_DAEMON
  103. echo '[Service]' >> $BATMAN_DAEMON
  104. echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
  105. echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
  106. echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
  107. echo 'Restart=on-failure' >> $BATMAN_DAEMON
  108. echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
  109. echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
  110. echo '' >> $BATMAN_DAEMON
  111. echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
  112. echo 'TimeoutSec=300' >> $BATMAN_DAEMON
  113. echo '' >> $BATMAN_DAEMON
  114. echo '[Install]' >> $BATMAN_DAEMON
  115. echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
  116. chroot "$rootdir" systemctl enable batman
  117. }
  118. function install_mesh_tunnel {
  119. # https://sudoroom.org/wiki/Mesh/Relay_setup
  120. chroot "$rootdir" apt-get -yq install xl2tpd l2tpns
  121. chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 python-dev libevent-dev ebtables python-pip git
  122. git clone https://github.com/wlanslovenija/tunneldigger $rootdir/opt/tunneldigger
  123. cd $rootdir/opt/tunneldigger/client
  124. chroot "$rootdir" make
  125. if [ ! -f $rootdir/opt/tunneldigger/client/l2tp_client ]; then
  126. echo $'tunneldigger failed to build client'
  127. exit 823563
  128. fi
  129. cd $rootdir/opt/tunneldigger/broker
  130. chroot "$rootdir" pip install -r requirements.txt
  131. echo 'l2tp_core' >> $rootdir/etc/modules
  132. echo 'l2tp_eth' >> $rootdir/etc/modules
  133. echo 'l2tp_netlink' >> $rootdir/etc/modules
  134. echo '#!/bin/sh' > $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  135. echo 'INTERFACE="$3"' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  136. echo 'ifconfig $INTERFACE up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  137. echo 'batctl if add $INTERFACE' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  138. echo 'if [ `cat /sys/class/net/bat0/operstate` != "up" ]; then' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  139. echo " ipv4addr=\$(ip -o -f inet addr show dev \"eth0\" | awk '{print \$4}' | awk 'END {print}' | awk -F '/' '{print \$1}')" >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  140. echo ' ifconfig bat0 $ipv4addr netmask 255.0.0.0 up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  141. echo 'fi' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  142. chmod +x $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
  143. echo '[broker]' > $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  144. echo '; IP address the broker will listen and accept tunnels on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  145. echo 'address=127.0.0.1' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  146. echo '; Ports where the broker will listen on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  147. echo 'port=53,8942' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  148. echo '; Interface with that IP address' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  149. echo 'interface=lo' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  150. echo '; Maximum number of tunnels that will be allowed by the broker' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  151. echo 'max_tunnels=1024' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  152. echo '; Tunnel port base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  153. echo 'port_base=20000' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  154. echo '; Tunnel id base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  155. echo 'tunnel_id_base=100' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  156. echo '; Namespace (for running multiple brokers); note that you must also' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  157. echo '; configure disjunct ports, and tunnel identifiers in order for' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  158. echo '; namespacing to work' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  159. echo 'namespace=default' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  160. echo '; check if all kernel module are loaded. Do not check for built-ins.' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  161. echo 'check_modules=true' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  162. echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  163. echo '[log]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  164. echo '; Log filename' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  165. echo 'filename=tunneldigger-broker.log' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  166. echo '; Verbosity' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  167. echo 'verbosity=DEBUG' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  168. echo '; Should IP addresses be logged or not' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  169. echo 'log_ip_addresses=false' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  170. echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  171. echo '[hooks]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  172. echo '; Arguments to the session.{up,pre-down,down} hooks are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  173. echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  174. echo '; <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  175. echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  176. echo '; Arguments to the session.mtu-changed hook are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  177. echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  178. echo '; <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  179. echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  180. echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  181. echo '; Called after the tunnel interface goes up' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  182. echo 'session.up=/opt/tunneldigger/broker/scripts/up_hook.sh' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  183. echo '; Called just before the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  184. echo 'session.pre-down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  185. echo '; Called after the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  186. echo 'session.down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  187. echo '; Called after the tunnel MTU gets changed because of PMTU discovery' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  188. echo 'session.mtu-changed=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
  189. echo '[Unit]' > $rootdir/etc/systemd/system/tunneldigger.service
  190. echo 'Description=TunnelDigger Broker' >> $rootdir/etc/systemd/system/tunneldigger.service
  191. echo 'After=syslog.target' >> $rootdir/etc/systemd/system/tunneldigger.service
  192. echo 'After=network.target' >> $rootdir/etc/systemd/system/tunneldigger.service
  193. echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
  194. echo '[Service]' >> $rootdir/etc/systemd/system/tunneldigger.service
  195. echo 'Type=simple' >> $rootdir/etc/systemd/system/tunneldigger.service
  196. echo 'User=root' >> $rootdir/etc/systemd/system/tunneldigger.service
  197. echo 'Group=root' >> $rootdir/etc/systemd/system/tunneldigger.service
  198. echo 'WorkingDirectory=/opt/tunneldigger/broker' >> $rootdir/etc/systemd/system/tunneldigger.service
  199. echo 'ExecStart=/opt/tunneldigger/broker/l2tp_broker.py l2tp_broker.cfg' >> $rootdir/etc/systemd/system/tunneldigger.service
  200. echo 'Restart=always' >> $rootdir/etc/systemd/system/tunneldigger.service
  201. echo 'RestartSec=60' >> $rootdir/etc/systemd/system/tunneldigger.service
  202. echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
  203. echo '[Install]' >> $rootdir/etc/systemd/system/tunneldigger.service
  204. echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/tunneldigger.service
  205. echo '#!/bin/bash' > $rootdir/usr/bin/meshtunnel
  206. echo 'if [ ! $1 ]; then' >> $rootdir/usr/bin/meshtunnel
  207. echo ' echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
  208. echo ' exit 1' >> $rootdir/usr/bin/meshtunnel
  209. echo 'fi' >> $rootdir/usr/bin/meshtunnel
  210. echo 'if [ ! $2 ]; then' >> $rootdir/usr/bin/meshtunnel
  211. echo ' echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
  212. echo ' exit 2' >> $rootdir/usr/bin/meshtunnel
  213. echo 'fi' >> $rootdir/usr/bin/meshtunnel
  214. echo '' >> $rootdir/usr/bin/meshtunnel
  215. echo 'sed -i "s|address=.*|address=$1|g" /opt/tunneldigger/broker/l2tp_broker.cfg' >> $rootdir/usr/bin/meshtunnel
  216. echo 'systemctl restart tunneldigger' >> $rootdir/usr/bin/meshtunnel
  217. echo 'sleep 3' >> $rootdir/usr/bin/meshtunnel
  218. echo 'cd /opt/tunneldigger/client' >> $rootdir/usr/bin/meshtunnel
  219. echo './l2tp_client -f -u foo -l ${2}:53 -i l2tp' >> $rootdir/usr/bin/meshtunnel
  220. echo 'exit 0' >> $rootdir/usr/bin/meshtunnel
  221. chmod +x $rootdir/usr/bin/meshtunnel
  222. }
  223. function install_batman {
  224. if [ $INSTALLING_MESH ]; then
  225. mesh_install_batman
  226. return
  227. fi
  228. if [[ $ENABLE_BATMAN != "yes" ]]; then
  229. return
  230. fi
  231. ${PROJECT_NAME}-mesh-install -f batman
  232. if [ ! "$?" = "0" ]; then
  233. echo $'Failed to install batman'
  234. exit 72524
  235. fi
  236. function_check configure_firewall_for_batman
  237. configure_firewall_for_batman
  238. APP_INSTALLED=1
  239. }
  240. # NOTE: deliberately no exit 0