treehouses sshtunnel (Fixes #122)

cli.sh

@@ -279,6 +279,8 @@ function help {
       echo "   vnc <on|off>                             enables or disables the vnc server service"
       echo "   default                                  sets a raspbian back to default configuration"
       echo "   upgrade                                  upgrades $(basename "$0") package using npm"
+      echo "   sshtunnel <add|remove|show>              helps adding an sshtunnel"
+      echo "             <portinterval> [user@host]"
       echo
       ;;
   esac
@@ -869,6 +871,105 @@ function bridge {
   echo "the bridge has been built ;), a reboot is required to apply changes"
 }
 
+function sshtunnel {
+  action="$1"
+  portinterval="$2"
+  host="$3"
+
+  if [ -z "$host" ];
+  then
+    host="ole@pirate.ole.org"
+  fi
+
+  hostname=$(echo "$host" | tr "@" \\n | sed -n 2p)
+
+  if [ "$action" = "add" ]; then
+    if [ -z "$portinterval" ];
+    then
+      echo "Error: A port interval is required"
+      exit 1
+    fi
+
+    portssh=$((portinterval + 22))
+    portweb=$((portinterval + 80))
+    portcouchdb=$((portinterval + 84))
+
+    if [ ! -f "/root/.ssh/id_rsa" ]; then
+      ssh-keygen -q -N "" > /dev/null < /dev/zero
+    fi
+
+    cat /root/.ssh/id_rsa.pub
+
+    keys=$(ssh-keyscan -H "$hostname" 2>/dev/null)
+    while read -r key; do
+      if ! grep -q "$key" /root/.ssh/known_hosts 2>/dev/null; then
+          echo "$key" >> /root/.ssh/known_hosts
+      fi
+    done <<< "$keys"
+
+    {
+      echo "#!/bin/bash"
+      echo
+      echo "/usr/bin/autossh -f -T -N -q -4 -M$portinterval -R $portssh:127.0.1.1:22 -R $portcouchdb:127.0.1.1:5984 -R $portweb:127.0.1.1:80 $host"
+    } > /etc/tunnel
+
+    chmod +x /etc/tunnel
+
+    if ! grep -q "\\-f \"/etc/tunnel\"" /etc/rc.local 2>/dev/null; then
+      sed -i 's/^exit 0/if [ -f "\/etc\/tunnel" ];\nthen\n  \/etc\/tunnel\nfi\nexit 0/g' /etc/rc.local
+    fi
+
+    {
+      echo "MAILTO=root"
+      echo "*/5 * * * * root if [ ! "$\(pidof autossh\)" ]; then /etc/tunnel; fi"
+    } > /etc/cron.d/autossh
+  elif [ "$action" = "remove" ]; then
+    if [ -f "/etc/tunnel" ]
+    then
+      rm -rf /etc/tunnel
+    fi
+
+    if [ -f "/etc/cron.d/autossh" ]
+    then
+      rm -rf /etc/cron.d/autossh
+    fi
+
+    pkill -3 autossh
+  elif [ "$action" = "show" ]; then
+    RED='\033[0;31m'
+    GREEN='\033[0;32m'
+    NC='\033[0m'
+
+    if [ -f "/etc/tunnel" ]; then
+      echo -e "[${GREEN}OK${NC}] /etc/tunnel"
+    else
+      echo -e "[${RED}MISSING${NC}] /etc/tunnel"
+    fi
+
+    if [ -f "/etc/cron.d/autossh" ]
+    then
+      echo -e "[${GREEN}OK${NC}] /etc/cron.d/autossh"
+    else
+      echo -e "[${RED}MISSING${NC}] /etc/cron.d/autossh"
+    fi
+
+    if grep -q "\\-f \"/etc/tunnel\"" /etc/rc.local 2>/dev/null; then
+      echo -e "[${GREEN}OK${NC}] /etc/rc.local starts /etc/tunnel if exists"
+    else
+      echo -e "[${RED}MISSING${NC}] /etc/rc.local doesn't start /etc/tunnel if exists"
+    fi
+
+    if [ "$(pidof autossh)" ]
+    then
+      echo -e "[${GREEN}OK${NC}] autossh pid: $(pidof autossh)"
+    else
+      echo -e "[${RED}MISSING${NC}] autossh not running"
+    fi
+  else
+    echo "Error: only 'add', 'remove', 'show' options are supported";
+    exit 1
+  fi
+}
 
 case $1 in
   expandfs)
@@ -947,6 +1048,10 @@ case $1 in
     checkroot
     bridge "$2" "$3" "$4" "$5"
     ;;
+  sshtunnel)
+    checkroot
+    sshtunnel "$2" "$3" "$4"
+    ;;
   help)
     help "$2"
     ;;

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@treehouses/cli",
-  "version": "0.3.1",
+  "version": "0.3.1-sshtunnel1",
   "description": "Thin command-line interface for Raspberry Pi low level configuration.",
   "main": "cli.sh",
   "bin": {

templates/rc.local/bridge

@@ -20,5 +20,10 @@ fi
 sysctl -w net.ipv4.ip_forward=1
 iptables -t nat -A POSTROUTING -s 192.168.2.0/24 ! -d 192.168.2.0/24 -j MASQUERADE
 
+if [ -f "/etc/tunnel" ];
+then
+  /etc/tunnel
+fi
+
 exit 0
 

templates/rc.local/default

@@ -17,5 +17,10 @@ if [ "$_IP" ]; then
   printf "My IP address is %s\n" "$_IP"
 fi
 
+if [ -f "/etc/tunnel" ];
+then
+  /etc/tunnel
+fi
+
 exit 0
 

templates/rc.local/hotspot

@@ -22,5 +22,10 @@ iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
 iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
 
+if [ -f "/etc/tunnel" ];
+then
+  /etc/tunnel
+fi
+
 exit 0