diff --git a/cli.sh b/cli.sh index fa7757e78..b13d910d6 100755 --- a/cli.sh +++ b/cli.sh @@ -279,6 +279,8 @@ function help { echo " vnc enables or disables the vnc server service" echo " default sets a raspbian back to default configuration" echo " upgrade upgrades $(basename "$0") package using npm" + echo " sshtunnel helps adding an sshtunnel" + echo " [user@host]" echo ;; esac @@ -869,6 +871,105 @@ function bridge { echo "the bridge has been built ;), a reboot is required to apply changes" } +function sshtunnel { + action="$1" + portinterval="$2" + host="$3" + + if [ -z "$host" ]; + then + host="ole@pirate.ole.org" + fi + + hostname=$(echo "$host" | tr "@" \\n | sed -n 2p) + + if [ "$action" = "add" ]; then + if [ -z "$portinterval" ]; + then + echo "Error: A port interval is required" + exit 1 + fi + + portssh=$((portinterval + 22)) + portweb=$((portinterval + 80)) + portcouchdb=$((portinterval + 84)) + + if [ ! -f "/root/.ssh/id_rsa" ]; then + ssh-keygen -q -N "" > /dev/null < /dev/zero + fi + + cat /root/.ssh/id_rsa.pub + + keys=$(ssh-keyscan -H "$hostname" 2>/dev/null) + while read -r key; do + if ! grep -q "$key" /root/.ssh/known_hosts 2>/dev/null; then + echo "$key" >> /root/.ssh/known_hosts + fi + done <<< "$keys" + + { + echo "#!/bin/bash" + echo + echo "/usr/bin/autossh -f -T -N -q -4 -M$portinterval -R $portssh:127.0.1.1:22 -R $portcouchdb:127.0.1.1:5984 -R $portweb:127.0.1.1:80 $host" + } > /etc/tunnel + + chmod +x /etc/tunnel + + if ! grep -q "\\-f \"/etc/tunnel\"" /etc/rc.local 2>/dev/null; then + sed -i 's/^exit 0/if [ -f "\/etc\/tunnel" ];\nthen\n \/etc\/tunnel\nfi\nexit 0/g' /etc/rc.local + fi + + { + echo "MAILTO=root" + echo "*/5 * * * * root if [ ! "$\(pidof autossh\)" ]; then /etc/tunnel; fi" + } > /etc/cron.d/autossh + elif [ "$action" = "remove" ]; then + if [ -f "/etc/tunnel" ] + then + rm -rf /etc/tunnel + fi + + if [ -f "/etc/cron.d/autossh" ] + then + rm -rf /etc/cron.d/autossh + fi + + pkill -3 autossh + elif [ "$action" = "show" ]; then + RED='\033[0;31m' + GREEN='\033[0;32m' + NC='\033[0m' + + if [ -f "/etc/tunnel" ]; then + echo -e "[${GREEN}OK${NC}] /etc/tunnel" + else + echo -e "[${RED}MISSING${NC}] /etc/tunnel" + fi + + if [ -f "/etc/cron.d/autossh" ] + then + echo -e "[${GREEN}OK${NC}] /etc/cron.d/autossh" + else + echo -e "[${RED}MISSING${NC}] /etc/cron.d/autossh" + fi + + if grep -q "\\-f \"/etc/tunnel\"" /etc/rc.local 2>/dev/null; then + echo -e "[${GREEN}OK${NC}] /etc/rc.local starts /etc/tunnel if exists" + else + echo -e "[${RED}MISSING${NC}] /etc/rc.local doesn't start /etc/tunnel if exists" + fi + + if [ "$(pidof autossh)" ] + then + echo -e "[${GREEN}OK${NC}] autossh pid: $(pidof autossh)" + else + echo -e "[${RED}MISSING${NC}] autossh not running" + fi + else + echo "Error: only 'add', 'remove', 'show' options are supported"; + exit 1 + fi +} case $1 in expandfs) @@ -947,6 +1048,10 @@ case $1 in checkroot bridge "$2" "$3" "$4" "$5" ;; + sshtunnel) + checkroot + sshtunnel "$2" "$3" "$4" + ;; help) help "$2" ;; diff --git a/package.json b/package.json index c66f332c6..ba21bd02a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@treehouses/cli", - "version": "0.3.1", + "version": "0.3.1-sshtunnel1", "description": "Thin command-line interface for Raspberry Pi low level configuration.", "main": "cli.sh", "bin": { diff --git a/templates/rc.local/bridge b/templates/rc.local/bridge index 300c5506f..3022f1d0e 100644 --- a/templates/rc.local/bridge +++ b/templates/rc.local/bridge @@ -20,5 +20,10 @@ fi sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -s 192.168.2.0/24 ! -d 192.168.2.0/24 -j MASQUERADE +if [ -f "/etc/tunnel" ]; +then + /etc/tunnel +fi + exit 0 diff --git a/templates/rc.local/default b/templates/rc.local/default index 333fdc932..7febd2676 100644 --- a/templates/rc.local/default +++ b/templates/rc.local/default @@ -17,5 +17,10 @@ if [ "$_IP" ]; then printf "My IP address is %s\n" "$_IP" fi +if [ -f "/etc/tunnel" ]; +then + /etc/tunnel +fi + exit 0 diff --git a/templates/rc.local/hotspot b/templates/rc.local/hotspot index 90eb0dbb3..c5a31cbf7 100644 --- a/templates/rc.local/hotspot +++ b/templates/rc.local/hotspot @@ -22,5 +22,10 @@ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT +if [ -f "/etc/tunnel" ]; +then + /etc/tunnel +fi + exit 0