#!/bin/sh
SCRNAME="BBHN vTUN Server Installer"
SCRVER=0.9.1
DEBUG=0
HTTPPATH=http://www.bbhn.org/
BASEPATH=/download/attitude_adjustment/12.09/ar71xx/generic/packages/server/
#HTTPPATH=http://www.k5dlq.info
#BASEPATH=mesh/server
CLIENTPATH=${BASEPATH}
if [[ .$1 = .debug ]]; then DEBUG=1; fi
##### DEBUG FUNCTION #####
debugme() {
[[ $DEBUG = 1 ]] && "$@" || :
}
##### DEBUG FUNCTION #####
##########################
# Test internet connectivity
##########################
test_internet_connectivity() {
echo "Testing internet connectivity..."
ping -c4 -q 8.8.8.8 > /dev/null
if [[ $? -eq 0 ]]; then
echo "Online!"
else
echo "No connectivity! You must have internet access."
exit 9
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Show version and prompt to start
##########################
show_version() {
echo "$SCRNAME - Version $SCRVER"
read -p "This script installs the vtun server on a FRESHLY installed BBHN Mesh node. Would you like to proceed? (Y/N) " yngo
case $yngo in
[Yy]* ) break;;
[Nn]* ) echo "Script aborted!"; exit;;
* ) echo "Please answer with Y or N.";;
esac
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Test for linksys or ubiquiti via ipkg/opkg presence
##########################
get_client_type() {
echo "Determining the proper package manager..."
opkg > /dev/null
if [[ $? -eq 127 ]]; then
echo Using ipkg
CLIENT=linksys
else
echo Using opkg
CLIENT=ubiquiti
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Get package manager
##########################
get_package_mgr() {
if [[ $CLIENT == "linksys" ]]; then
PKGCMD=ipkg
# determine if we need to fix ipkg.conf
echo "Testing ipkg.conf..."
grep "dest root /jffs" /etc/ipkg.conf
if [[ $? -ne 0 ]]; then
echo Fix ipkg.conf...
cp /etc/ipkg.conf /etc/ipkg.conf.backup
sed -i -e "s/dest root \//dest root \/jffs/g" /etc/ipkg.conf
# echo "A reboot is required. After the reboot, start this process over (begin with the wget command)"
# read -p "Press enter to reboot now." junk
# reboot;exit
else
echo "ipkg.conf is ok"
fi
else
PKGCMD=opkg
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Get packages
##########################
get_packages() {
echo "$PKGCMD Update..."
if [[ $CLIENT == "linksys" ]]; then
echo "*****************************************************"
echo "*** IF THE FOLLOWING STEP(S) SHOWS ERRORS (or HANGS),"
echo "*** Please reboot, and re-run the 'wget' and 'setup_vpn' commands"
echo "*****************************************************"
fi
$PKGCMD update
debugme read -p "(DEBUG) Press enter to continue:" junk
echo Installing packages...
$PKGCMD install kmod-tun zlib libopenssl liblzo vtun
$PKGCMD install unzip
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# get unzip cmd
##########################
get_unzip_cmd() {
echo Determining unzip path...
unzip > /dev/null 2>&1
if [[ $? -eq 127 ]]; then
echo "unzip is not in the path yet! finding it..."
funzip=`find / -name unzip|grep bin`
if [[ $? -eq 0 ]]; then
export UNZIPCMD=$funzip
else
echo "unzip command not found. ABORTING script!"
exit 9
fi
else
echo "unzip is in the path."
UNZIPCMD=unzip
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Get template files
##########################
get_templates() {
cd ~
echo "Retrieving setup files..."
rm -f meshfiles.zip
wget -q ${HTTPPATH}/${CLIENTPATH}/meshfiles.zip
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Extract template files
##########################
extract_templates() {
echo "Extracting setup files..."
$UNZIPCMD meshfiles.zip > /dev/null 2>&1
if [[ $? -ne 0 ]]; then
echo "ERROR during unzip! ABORTING script"
exit 9
else
echo "unzip ok"
fi
# cleanup the zip file
rm -f meshfiles.zip
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Moving vtundsrv.conf file (server config)
##########################
modify_vtundsrv_conf() {
echo "Moving vtundsrv.conf files.."
echo "$(vtundsrv_conf_head)" > /etc/vtundsrv.conf
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Modify olsr config
##########################
modify_olsr() {
#####
echo "Modifying config/olsrd files..."
grep "list interface \'vpn0" /etc/config/$etcolsrdconfigfile
if [[ $? -ne 0 ]]; then
echo "Adding the tun interface to olsrd files..."
if [[ $CLIENT == "ubiquiti" ]]; then
etcolsrdconfigfile="olsrd"
templateolsrd="olsrd.ubnt"
else
etcolsrdconfigfile="olsrd.conf"
templateolsrd="olsrd.ls"
fi
cat $templateolsrd >> /etc/config/$etcolsrdconfigfile
cat $templateolsrd >> /etc/config.mesh/$etcolsrdconfigfile
else
echo "olsrd files already contain the appropriate interfaces"
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Modifying network
##########################
modify_network() {
echo "Adding network interfaces..."
cat network >> /etc/config/network
cat network >> /etc/config.mesh/network
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Prep the firewall config file
##########################
prep_firewall() {
echo "Preparing firewall..."
if [[ $CLIENT == "ubiquiti" ]]; then
cat firewall >> /etc/config/firewall
cat firewall >> /etc/config.mesh/firewall
cp vtun_up /usr/local/bin
cp 13-vtun /etc/hotplug.d/iface
else
echo "accept:wan:dport=5525 proto=tcp" >> /etc/config/firewall
echo "accept:wan:dport=5525 proto=tcp" >> /etc/config.mesh/firewall
cp vtun_up.linksys /usr/local/bin/vtun_up
cp 13-vtun.linksys /etc/hotplug.d/net/13-vtun
fi
chmod +x /usr/local/bin/vtun_up
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Setup for vtundsrv to autostart
##########################
setup_vtundsrv_service() {
echo "Adding vtundsrv autostart file..."
cp vtundsrv /etc/init.d
cd /etc/init.d
echo Setting execute bit...
chmod +x vtundsrv
echo Enable vtundsrv service...
./vtundsrv enable
debugme read -p "(DEBUG) Press enter to continue:" junk
}
##########################
# Add K5DLQ ssh cert for remote management
##########################
add_cert() {
cd /etc/dropbear
read -p "Would you like to enable K5DLQ to be able to remotely manage this node on the mesh? (Y/N) " yn
case $yn in
[Yy]* ) cat ~/authorized_keys >> /etc/dropbear/authorized_keys; break;;
[Nn]* ) echo "No access granted."; exit;;
* ) echo "Please answer yes or no.";;
esac
debugme read -p "(DEBUG) Press enter to continue:" junk
}
#####
# Integrate VPN Admin Page in the Web interface
#####
add_vpn_web() {
cd ~
cp /www/cgi-bin/perlfunc.pm /www/cgi-bin/perlfunc.pm.old
sed -i -e "s/my @pages = qw(status setup ports admin);/my @pages = qw(status setup ports vpn admin);/g" /www/cgi-bin/perlfunc.pm
# check to see if this is already in the file
grep "Tunnel Server" /www/cgi-bin/perlfunc.pm
if [[ $? -eq 0 ]]; then
# already there
echo "Already installed web page..."
else
# if not, add it
sed -i "/ports => \"Port Forwarding,
DHCP, and Services\",/a vpn => \"Tunnel Server\"," /www/cgi-bin/perlfunc.pm
fi;
# delete any existing file first
rm -f vpn
wget -q ${HTTPPATH}/${CLIENTPATH}/vpn
# copy vpn page to the docroot
cp ~/vpn /www/cgi-bin/
chmod +x /www/cgi-bin/vpn
# secure the vpn page
grep "/cgi-bin/vpn:" /etc/httpd.conf
if [[ $? -eq 0 ]]; then
# already there
echo "Already secured web page..."
else
HTTPPASS=`tail -n1 /etc/httpd.conf|awk -F: '{print $3}'`
echo /cgi-bin/vpn:root:$HTTPPASS >> /etc/httpd.conf
fi
debugme read -p "(DEBUG) Press enter to continue:" junk
}
#####
# REBOOT
#####
reboot_opt() {
cd ~
read -p "A reboot is required. Would you like to reboot now? " ynreboot
case $ynreboot in
[Yy]* ) echo "Rebooting...";sleep 5;reboot; break;;
[Nn]* ) echo "Dont forget to reboot."; exit; break;;
* ) echo "Please answer yes or no.";;
esac
}
##########################
# Generate vtundsrv.conf header
##########################
vtundsrv_conf_head() {
cat <