diff options
Diffstat (limited to 'bin')
| -rwxr-xr-x | bin/config.awk | 35 | ||||
| -rwxr-xr-x | bin/inet2.sh | 105 | ||||
| -rwxr-xr-x | bin/mkbirdconfig.sh | 84 | ||||
| -rwxr-xr-x | bin/mkwgconfig.sh | 9 |
4 files changed, 192 insertions, 41 deletions
diff --git a/bin/config.awk b/bin/config.awk deleted file mode 100755 index 9d0a117..0000000 --- a/bin/config.awk +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/awk -f - -BEGIN { - FS = "[ ]"; # use a single space as field separator and don't trim input - ind = 0; # indentation level - last = ARGC - 3; # last argument index - exitcode = 1; # whether anything has been matched - if(last < 0) { # there should be at least one argument after the filename - exit 1; - } - ARGC = 2; # don't read ARGV[2] and onward as files -} - -END { - exit exitcode; -} - -$0 != "" { # exit when the indentation block is exited - for(i = 0; i < ind; i++) { - if(! sub(/^\t/, "")) { - exit exitcode; - } - } -} - -# if on the last argument, interpret it as a key and print the value -ind == last && $1 == ARGV[ind + 2] { - exitcode = 0; - print substr($0, length($1) + 2); -} -# if not on the last argument, find the string exactly and increment indentation -ind != last && $0 == ARGV[ind + 2] { - ind++; -} - diff --git a/bin/inet2.sh b/bin/inet2.sh new file mode 100755 index 0000000..7a93cbb --- /dev/null +++ b/bin/inet2.sh @@ -0,0 +1,105 @@ +#!/usr/bin/env sh + +. /var/lib/inet2/inet2.sh + +runscripts() { + if [ -n "$(getval "interface $2" "$1")" ]; then + step "Running $1 for $2" + getval "interface $2" "$1" | while read -r line; do + (eval "$line") + done + fi +} + +start() { + step "Starting inet2" + + step "Removing old Wireguard interfaces" + for file in /sys/class/net/*; do # Clear all wireguard interfaces + type=$(cat "$file/type") + if [ "$type" = "65534" ]; then + ifname="$(basename $file)" + run ip link del "$ifname" + fi + done + + rm -fr /run/inet2/wg 2> /dev/null + mkdir -p /run/inet2/wg + + mkbirdconfig.sh + + step "Setting loopback addresses" + getval Loopback | while read -r addr; do + run ip addr add "$addr" dev lo + done + + getval interface | while read -r inter; do + step "Generating config for $inter" + run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" + + # create the wireguard interface *in the default namespace* + step "Adding Wireguard interface $inter" + run ip link add name "$inter" type wireguard + + # set up the new network from the config + step "Setting Wireguard config for $inter" + run wg setconf "$inter" /run/inet2/wg/"$inter" + + # the config doesn't actually add any addresses, do that here + step "Adding host addresses for $inter" + getval "interface $inter" Address | while read -r addr; do + run ip addr add "$addr" dev "$inter" + done + + runscripts PreUp "$inter" + + step "Bringing interface up" + run ip link set dev "$inter" up + + getval "interface $inter" Route | while read -r line; do + read -r route via addr2 < <(printf "%s" "$line") + if [ "$via" = "via" ]; then + run ip route add "$route" via "$addr2" dev "$inter" + else + run ip route add "$route" dev "$inter" + fi + done + + runscripts PostUp "$inter" + done + step "Done!" +} + +stop() { + step "Stopping inet2" + step "Removing loopback" + getval Loopback | while read -r addr; do + run ip addr del "$addr" dev lo + done + + getval interface | while read -r inter; do + runscripts PreDown "$inter" + + step "Bringing $inter down" + run ip link del "$inter" + + runscripts PostDown "$inter" + done +} + +reload() { + getval interface | while read -r inter; do + step "Generating config for $inter" + run mkwgconfig.sh "$inter" /run/inet2/wg/"$inter" /config/inet2.conf + + step "Setting Wireguard config for $inter" + run wg setconf "$inter" /run/inet2/wg/"$inter" + done +} + +restart() { + stop + start +} + +$1 diff --git a/bin/mkbirdconfig.sh b/bin/mkbirdconfig.sh new file mode 100755 index 0000000..bf5c1f3 --- /dev/null +++ b/bin/mkbirdconfig.sh @@ -0,0 +1,84 @@ +#!/bin/sh + +. /var/lib/inet2/inet2.sh + +escapebird() { + sed -e 's/\\/\\\\/g;s/"/\\"/g' +} + +step "Creating Bird configuration" + +touch /var/log/bird.log +chown bird:bird /var/log/bird.log + +interfacelist=$( + echo " interface \"lo\" { stub; };" + getval interface | while read -r inter; do + val="$(getval "interface $inter" OSPF)" + if [ "$?" = "0" ]; then + echo " interface \"$(printf "%s" "$inter" | escapebird)\" {" + echo " type ptp;" + if [ -n "$val" ]; then + echo " $val;"; + fi + echo " };" + fi + done +) + +filter4=$(getval "Subnet" | grep -v ':' | while read -r line; do printf "%s+," "$line"; done | sed 's/,$//') +filter6=$(getval "Subnet" | grep ':' | while read -r line; do printf "%s+," "$line"; done | sed 's/,$//') + +(cat <<EOF +log "/var/log/bird.log" all; + +$(getval RouterID | while read -r line; do echo "router id $line;"; done) + +protocol kernel { + ipv4 { export filter { if net ~ [$filter4] then accept; else reject; }; }; +} + +protocol kernel { + ipv6 { export filter { if net ~ [$filter6] then accept; else reject; }; }; +} + +protocol device { +} + +protocol direct { + ipv4; + ipv6; +} + +protocol static { + ipv4; +} + +EOF + +cat <<EOF +protocol ospf v3 ospf4 { + ipv4 { + import all; + export filter { if source ~ [RTS_DEVICE, RTS_INHERIT] && net ~ [$filter4] then accept; else reject; }; + }; + area 0 { +$(getval "Stubnet" | grep -v ':' | while read -r net; do echo " stubnet $net {};"; done) +$interfacelist + }; +} +protocol ospf v3 ospf6 { + ipv6 { + import all; + export filter { if source ~ [RTS_DEVICE, RTS_INHERIT] && net ~ [$filter6] then accept; else reject; }; + }; + area 0 { +$(getval "Stubnet" | grep ':' | while read -r net; do echo " stubnet $net {};"; done) +$interfacelist + }; +} +EOF +) > /etc/bird.conf + +chown root:bird /etc/bird.conf +chmod 640 /etc/bird.conf diff --git a/bin/mkwgconfig.sh b/bin/mkwgconfig.sh index dcbb98f..6ee11a9 100755 --- a/bin/mkwgconfig.sh +++ b/bin/mkwgconfig.sh @@ -1,14 +1,11 @@ -#!/bin/sh +#!/usr/bin/env sh # args: /path/to/interface-config /path/to/output.conf inter="$1" -configfile="$3" -if [ -z "$configfile" ]; then - configfile=/run/inet2/inet2.conf -fi +configfile=/etc/inet2.conf getval() { - /usr/local/bin/config.awk "$configfile" "$@" + /var/lib/inet2/config.awk "$configfile" "$@" } k() { |