icvpn/scripts/gentinccfg

105 lines
2.8 KiB
Plaintext
Raw Normal View History

#!/bin/bash
#
#==========================================================================
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#==========================================================================
#
set -ix
# HOW TO USE
# * Check out the icvpn svn tree to the place where $SVN_DIR points to.
# You can do this by running:
# mkdir -p /mnt/data
# svn co https://kdserv.dyndns.org/svn/christof-icvpn icvpn
# Use "freifunk" as username as well as password.
# * create a /etc/gentinc.cfg file with the following content (remove
# the # signs in the beginning of each line containing a variable)
# and adapt the paths to your system:
# # ====== START OF gentinc.cfg ======
# # this points to the directory where you checked out the svn tree.
# SVN_DIR="/mnt/data/icvpn"
# TMP="/tmp"
# TINC_DIR="/etc/tinc/icvpn"
# TINC_INIT="/etc/init.d/tinc"
# SVN="/usr/bin/svn"
# LOCKDIR="/var/run/gentinccfg"
# SVN_USERNAME=freifunk
# SVN_PASSWORD=freifunk
# # ====== END OF gentinc.cfg =========
# * make /etc/gentinc.cfg world readable
# * run the script from cron on a daily basis
! [[ -f /etc/gentinc.cfg ]] && {
echo "config file does not exist in /etc/gentinc.cfg"
exit 1
}
. /etc/gentinc.cfg
cleanup() {
local exitcode
local i
exitcode=$1
for ((i=0;i<${#TMPFILES[@]};i++))
do
rm -f ${TMPFILES[i]}
done
[[ ! $exitcode -eq 0 ]] &&
echo "aborted due to error" >&2
trap - 1 2 3 6 9 13 14 15
rm -f "${LOCKDIR}/PID"
rm -rf "${LOCKDIR}"
exit ${exitcode:-1}
}
# obtain lock
lcount=0
while ! ( $(mkdir ${LOCKDIR} 2>/dev/null) )
do
echo there is already an instance of $0 running as PID: $(cat "${LOCKDIR}/PID" 2>/dev/null)
sleep 1
((lcount+=1))
if [[ $lcount -gt 4000 ]]
then
echo unable to obtain lock
exit 1
fi
done
trap 'cleanup 1' 1 2 3 6 9 13 14 15
# lock obtained
echo $$ > "${LOCKDIR}/PID"
# make sure we do not overload svn server when running the script from cron
if [[ $1 != "--nocron" ]]
then
sleep $((RANDOM%3600))
fi
# create new tinc config
cd "$SVN_DIR"
$SVN up --no-auth-cache --username $SVN_USERNAME --password $SVN_PASSWORD >/dev/null
if [[ $? -gt 0 ]]
then
echo svn update failed - no reload necessary >&2
cleanup 2
fi
footer=$(mktemp "$TMP/tinc_footer.XXXXXX")
TMPFILES[${#TMPFILES[@]}]="$footer"
header=$(mktemp "$TMP/tinc_footer.XXXXXX")
TMPFILES[${#TMPFILES[@]}]="$header"
for i in ${SVN_DIR}/hosts/*
do
echo "ConnectTo = $(basename $i)" >> "$footer"
done
grep -v "ConnectTo" "$TINC_DIR/tinc.conf" > "$header"
cat $header $footer >"$TINC_DIR/tinc.conf"
# exit
$TINC_INIT reload >/dev/null
cleanup 0