From 88692313e57f39d34440efcb548c05874d738759 Mon Sep 17 00:00:00 2001 From: Nils Schneider Date: Wed, 9 Oct 2013 10:03:35 +0200 Subject: [PATCH] merge svn from https://kdserv.dyndns.org/svn/freifunk-icvpn --- hosts/castrop1 | 10 ++++ hosts/halle1 | 11 ++-- hosts/halle2 | 9 ++++ hosts/hamburg05 | 11 ++++ hosts/jena1 | 6 +++ hosts/mainz1 | 11 ++++ scripts/gentinc.cfg.sample | 8 +++ scripts/gentinccfg | 104 +++++++++++++++++++++++++++++++++++++ scripts/mdnstohosts | 73 ++++++++++++++++++++++++++ 9 files changed, 239 insertions(+), 4 deletions(-) create mode 100644 hosts/castrop1 create mode 100644 hosts/halle2 create mode 100644 hosts/hamburg05 create mode 100644 hosts/jena1 create mode 100644 hosts/mainz1 create mode 100644 scripts/gentinc.cfg.sample create mode 100755 scripts/gentinccfg create mode 100755 scripts/mdnstohosts diff --git a/hosts/castrop1 b/hosts/castrop1 new file mode 100644 index 0000000..79c61a8 --- /dev/null +++ b/hosts/castrop1 @@ -0,0 +1,10 @@ +address = ffcas.no-ip.info +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAr1d6XRKMLgt853J8qxguOb017hjVSB4LNWKiLEXk1K5B4sPBP3Sj +6/3PjI38dbZsmWqOV6azMmqTeBjBKt1Ii02sfrIB0hc3JuwcCeLLrPtmxUWCIXon +pA0gv1mstM5BY4HLgfH9h9iwtTQ80k3BaTz5/Wcn3i3tRm/MLeXKNIRbIYLGxmyQ +aSE4QJCnWPXxW+FoKRY6u4jAmYeVi+OyF3Hg9HnVvsBV3AeQ4Ptb90Pkr76udN4D +W5rEIJelvAT2bMGlCZgowtCEgEAVqI2YHujndHemsUv/ApYR1xwKWRB/df9O8Fpr +HqdYAjpMtYoGfBj0UhulKZtHpM06LGDZNQIDAQAB +-----END RSA PUBLIC KEY----- + diff --git a/hosts/halle1 b/hosts/halle1 index bbb27b3..e8e04c2 100644 --- a/hosts/halle1 +++ b/hosts/halle1 @@ -1,6 +1,9 @@ -Address = as65514.speichermonster.com +Address = ffvpn.3dfxatwork.de -----BEGIN RSA PUBLIC KEY----- -MIGJAoGBAMMuVBDR9eWpd7hw0DQwNZCmJMTI+nDF86U+8oo3mG9bHEYHMeAbj2Qe -dLROj68L1k9p1HW76e2Os1hLiAIWAbQ8j/q6CBZJ1sqxTbg6CKbFDw+iEmQDzcsF -Cb0YqgAjDOGnQkQASmeKQqiydi5+BJk+eTuiPvgKeWgmmTuycJiZAgMBAAE= +MIIBCgKCAQEAsYzXhlTKxR7YBUXHY0JscmtNbrFzZzviVzIhpuml499rh8TVhjMU +ozyjbaPhSUy+9RY4F1WpRmDi3lyDx7eT0viRlOkFG8huApXEgGLQgah0M/pfwkc1 +m4xHNKwDvzJIDSR9Xq2HI3Blygr11yM7EqA+8iLAmxpT3mYqHMq4F/pzEY9p5HEN +T7/m+PtdhO1m7vdUwh0fVz24Fa+Vwp78HmqVQxkylB8r+jM/9iiz+dajylyzeIC8 +n/wXT7Wd+bUn5K+pxWS5ReUKzDnKNkCwYcu9yO3F3xsCWg593Rog7xmILhmRzGvR +QianIwhsORSIHAJRPq4nVFPbv4qX98zhQQIDAQAB -----END RSA PUBLIC KEY----- diff --git a/hosts/halle2 b/hosts/halle2 new file mode 100644 index 0000000..c3d6de6 --- /dev/null +++ b/hosts/halle2 @@ -0,0 +1,9 @@ +Address = ffvpn2.3dfxatwork.de +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEA0F40mEg2vW9emNFi/Sr10rN4d/+O6VGLKjHGfMtUXxM9xILBlbDt +Tid/mB5eOJu6CjXxLAlxrx0Ppm49jooD0BJz/Ajk7Xr2FX1pDxCAxwBBGj2iruy4 +DXs9KL54EoI+Eb7rsX0HqVLVZK32yR8B1DTTMKNyjIyR3/t33nopUPp96C1XCazP +MpIPhnCbzqSnqRSIXo8/w4IcqaAE8/XpivRuLu3XAiIm0Ukuw3ZAJ6tS353Lj6+q +1aXczRUu6LYpaub7owK0BF4o4TSrJcWbYuO+1gcs+5PnPNzuKXE1aT0FmG3cCU6J +I3OylXC9/VmcN9BEBOYkAxA0sV2Wr+3szwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/hosts/hamburg05 b/hosts/hamburg05 new file mode 100644 index 0000000..d275280 --- /dev/null +++ b/hosts/hamburg05 @@ -0,0 +1,11 @@ +Address = gw05.hamburg.freifunk.net +Port = 656 + +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAviyczF+Agoa8GZKHNfc0PuiphDpwArZ58HKHPUN8Kg9WGb0RG77G +mzqSTbr7qNusmrXByETvi4ftLPVO9bfvTkAXatPZwhQoo0mAUyyJJhkMaAjH5HRx +UoJ9y1ulu9kn1Q7PBPUV3/HTpRknTBptoU/0XO+3t3pYI6ZhvxyoWhCGCw9TEQ+a +HHDFzKs45abKPZKPVOMoDqoVURe/atgwzy865AkKrCaiJLSGC3tjVQPUZbLJSl6L +bPd4j/lCn5KNjFlZsepme/1TMtotRaA2ICd6jmrVR5n2Jcf4zhZndDJYiUR6EPde +N0sEf70x7Dv4uHMWrczghU07DJiRL5ewcwIDAQAB +-----END RSA PUBLIC KEY----- diff --git a/hosts/jena1 b/hosts/jena1 new file mode 100644 index 0000000..4618abe --- /dev/null +++ b/hosts/jena1 @@ -0,0 +1,6 @@ +Address = freifunk-jena.martinmichel.info +-----BEGIN RSA PUBLIC KEY----- +MIGJAoGBALOB+mto3QHSrY6ADsHPVql0Uyxnz9b9vi+Nie5/ol2p8JPcetEaBMX+ +Ek6DE9oGewlLQQ8vTChwVz26wxYlLh+G2w+hdUK4DXowHH1AfhUtK5iKT7pJELiY +Rt74PA2De6xPJ1QKhhRnPazEejyqSRRMj6LdAXHwON3Z/hsnvoZ1AgMBAAE= +-----END RSA PUBLIC KEY----- diff --git a/hosts/mainz1 b/hosts/mainz1 new file mode 100644 index 0000000..375ceda --- /dev/null +++ b/hosts/mainz1 @@ -0,0 +1,11 @@ +Address = gate2.freifunk-mainz.de +Port = 656 +-----BEGIN RSA PUBLIC KEY----- +MIIBCgKCAQEAufGn5fV5dXxyQ75F1SARYxe3/7dDgcAsLp2IB8hXlQ6GGw/viYhF +vMR66Xg/sy1IcJspwxYQ8KWTC0062rpZlQ0c6kR77LlVXLQgjAF+tPUAbmxt4/tL +zl3NDOyF7nyiGQ6Ws+MwV7jMMYEO80flhZtiqNM10PS3RBg8D3M33r52NHvxrHvB +ytPZuKzBcyVwy4aE2MkJtyrfmH+yivy6OOo/1JkXJhUGYnjRT3ETcA+J4GCymX6b +BlUNKKWjEZ+pxtRPLjNekId9wMfAtKZ8cr5yWUC+L6LbUPCQRCFyjnkHraifU09B +8dHfDokJpcmVEU/VlU/sxGwqGp2khqteOwIDAQAB +-----END RSA PUBLIC KEY----- + diff --git a/scripts/gentinc.cfg.sample b/scripts/gentinc.cfg.sample new file mode 100644 index 0000000..355009e --- /dev/null +++ b/scripts/gentinc.cfg.sample @@ -0,0 +1,8 @@ +SVN_DIR="/mnt/data/freifunk-icvpn" +TMP="/tmp" +TINC_DIR="/etc/tinc/icvpn" +TINC_INIT="/etc/init.d/tinc" +SVN="/usr/bin/svn" +LOCKDIR="/var/run/gentinccfg" +SVN_USERNAME=freifunk +SVN_PASSWORD=freifunk diff --git a/scripts/gentinccfg b/scripts/gentinccfg new file mode 100755 index 0000000..05057d2 --- /dev/null +++ b/scripts/gentinccfg @@ -0,0 +1,104 @@ +#!/bin/bash +# +#========================================================================== +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +#========================================================================== +# +set -ix +# HOW TO USE +# * Check out the icvpn svn tree to the place where $SVN_DIR points to. +# You can do this by running: +# mkdir -p /mnt/data +# svn co https://kdserv.dyndns.org/svn/christof-icvpn icvpn +# Use "freifunk" as username as well as password. +# * create a /etc/gentinc.cfg file with the following content (remove +# the # signs in the beginning of each line containing a variable) +# and adapt the paths to your system: +# # ====== START OF gentinc.cfg ====== +# # this points to the directory where you checked out the svn tree. +# SVN_DIR="/mnt/data/icvpn" +# TMP="/tmp" +# TINC_DIR="/etc/tinc/icvpn" +# TINC_INIT="/etc/init.d/tinc" +# SVN="/usr/bin/svn" +# LOCKDIR="/var/run/gentinccfg" +# SVN_USERNAME=freifunk +# SVN_PASSWORD=freifunk +# # ====== END OF gentinc.cfg ========= +# * make /etc/gentinc.cfg world readable +# * run the script from cron on a daily basis + +! [[ -f /etc/gentinc.cfg ]] && { + echo "config file does not exist in /etc/gentinc.cfg" + exit 1 +} +. /etc/gentinc.cfg +cleanup() { + local exitcode + local i + exitcode=$1 + for ((i=0;i<${#TMPFILES[@]};i++)) + do + rm -f ${TMPFILES[i]} + done + [[ ! $exitcode -eq 0 ]] && + echo "aborted due to error" >&2 + trap - 1 2 3 6 9 13 14 15 + rm -f "${LOCKDIR}/PID" + rm -rf "${LOCKDIR}" + exit ${exitcode:-1} +} + +# obtain lock +lcount=0 +while ! ( $(mkdir ${LOCKDIR} 2>/dev/null) ) +do + echo there is already an instance of $0 running as PID: $(cat "${LOCKDIR}/PID" 2>/dev/null) + sleep 1 + ((lcount+=1)) + if [[ $lcount -gt 4000 ]] + then + echo unable to obtain lock + exit 1 + fi +done +trap 'cleanup 1' 1 2 3 6 9 13 14 15 + +# lock obtained +echo $$ > "${LOCKDIR}/PID" + +# make sure we do not overload svn server when running the script from cron +if [[ $1 != "--nocron" ]] +then + sleep $((RANDOM%3600)) +fi + +# create new tinc config +cd "$SVN_DIR" +$SVN up --no-auth-cache --username $SVN_USERNAME --password $SVN_PASSWORD >/dev/null +if [[ $? -gt 0 ]] +then + echo svn update failed - no reload necessary >&2 + cleanup 2 +fi +footer=$(mktemp "$TMP/tinc_footer.XXXXXX") +TMPFILES[${#TMPFILES[@]}]="$footer" +header=$(mktemp "$TMP/tinc_footer.XXXXXX") +TMPFILES[${#TMPFILES[@]}]="$header" + +for i in ${SVN_DIR}/hosts/* +do + echo "ConnectTo = $(basename $i)" >> "$footer" +done + +grep -v "ConnectTo" "$TINC_DIR/tinc.conf" > "$header" +cat $header $footer >"$TINC_DIR/tinc.conf" + +# exit +$TINC_INIT reload >/dev/null + +cleanup 0 + diff --git a/scripts/mdnstohosts b/scripts/mdnstohosts new file mode 100755 index 0000000..c6ea881 --- /dev/null +++ b/scripts/mdnstohosts @@ -0,0 +1,73 @@ +#!/bin/ash +# +# +#========================================================================== +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +#========================================================================== +# +# this script collects all mdns names and converts them to a file in /etc/hosts style +# This file can then be fed to a regular dns server +# +# This file should be executed frequently via cron + +FILENAME=/tmp/mdns_hosts +TMP="/tmp" + +# resolve the name chunksize hosts at the same time. +chunksize=15 +scriptname=$(basename $0) + +# where should the lockfile be kept? +LOCKDIR="$TMP/$scriptname" + +# use this executable to resolve a host that was announced via mdns +RESOLVER="/usr/bin/avahi-resolve-host-name" + +# set to -6 if you want to resolve IPv6 address +# -4 otherwise +RESOLVER_ARGS="-4" + +# Path to xargs +XARGS="/usr/bin/xargs" + +cleanup() +{ + local exitcode + local i + exitcode=$1 + rm -f ${host_tmp} + if [ ! $exitcode -eq 0 ] + then + echo "aborted due to error" >&2 + fi + trap - 1 2 3 6 9 13 14 15 + rm -f "${LOCKDIR}/PID" + rm -rf "${LOCKDIR}" + exit ${exitcode:-1} +} + +trap 'cleanup 1' 1 2 3 6 9 13 14 15 +# obtain lock +while ! ( $(mkdir ${LOCKDIR} 2>/dev/null) ) +do + echo there is already an instance of $(basename $0) running as PID: $(cat "${LOCKDIR}/PID" 2>/dev/null) + sleep 1 +done + +# lock obtained +echo $$ > "${LOCKDIR}/PID" + +host_tmp=$(mktemp ${TMP}/$scriptname.XXXXXX) + +hostnames=$(avahi-browse -t -p _workstation._tcp|cut -d\; -f4|cut -d\\ -f1|sort -u|awk '{print $1 ".local"}') + +echo $hostnames | $XARGS -n $chunksize $RESOLVER $RESOLVER_ARGS 2>/dev/null |awk '{print $2 " " $1}' >"${host_tmp}" + +mv "${host_tmp}" "${FILENAME}" +killall -SIGHUP dnsmasq + +cleanup 0 +