From patchwork Thu Aug 6 23:33:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: Make vpn-select modular From: Robert Langhammer X-Patchwork-Id: 1424 Message-Id: <20200806233329.4413-1-rlanghammer@web.de> To: franken-dev@freifunk.net Date: Fri, 7 Aug 2020 01:33:29 +0200 vpn-select is an old relic and did not reflect the opportunities of our hoodfile. This rewrite makes vpn-select modular to easely add new vpn-protocols. The stuff dependent on the vpn-protocol is outsourced to files in /etc/vpn-select.d and comes in with the respective vpn package. vpn-stop is removed to use the protocol independent start/stop mechanism of vpn-select. Signed-off-by: Robert Langhammer --- .../fff-fastd/files/etc/vpn-select.d/fastd | 35 +++++++++ .../fff-hoods/files/usr/sbin/configurehood | 2 +- .../fff-vpn-select/files/usr/sbin/vpn-select | 75 +++++++------------ .../fff-vpn-select/files/usr/sbin/vpn-stop | 5 -- 4 files changed, 62 insertions(+), 55 deletions(-) create mode 100644 src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd delete mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop -- 2.20.1 diff --git a/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd new file mode 100644 index 0000000..bd73761 --- /dev/null +++ b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd @@ -0,0 +1,35 @@ +protocol=fastd + +fastd_clear() { + rm /tmp/fastd_fff_peers/* +} + +fastd_addpeer() { + [ -d /tmp/fastd_fff_peers ] || mkdir /tmp/fastd_fff_peers + + # write fastd-config + json_get_var servername name + filename="/etc/fastd/fff/peers/$servername" + echo "#name \"${servername}\";" > "$filename" + json_get_var key key + echo "key \"${key}\";" >> "$filename" + json_get_var address address + json_get_var port port + echo "remote \"${address}\" port ${port};" >> "$filename" + echo "" >> "$filename" + echo "float yes;" >> "$filename" +} + +fastd_start_stop() { + /etc/init.d/fastd reload # does nothing if fastd was not running + + # fastd start/stop for various situations + # this is needed for first start and if fastd comes up or disappears in hoodfile + pidfile="/tmp/run/fastd.fff.pid" + if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then + ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start + else + ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop + fi +} + diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood index 3b92cbc..c84a8cc 100755 --- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood @@ -207,7 +207,7 @@ if [ -s "$hoodfiletmp" ]; then if hasInternet ; then /usr/sbin/vpn-select "$hoodfiletmp" else - /usr/sbin/vpn-stop + /usr/sbin/vpn-select stop-VPN fi # now we load the prefix from the hoodfile and set this to br-mesh diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select index 30883f5..8f48f9a 100755 --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select @@ -1,65 +1,42 @@ #!/bin/sh # Usage: vpn-select +# To add a new protocol, put a file with three functions to /etc/vpn-select.d/ . +# The file must start with protocol=name. It is most important to use the same name here and in hoodfile. +# The old config can be cleared in function ${protocol}_clear(). It is called once per installed protocol. +# The function ${protocol}_addpeer() is called for every peer in hoodfile. +# The function ${protocol}_start_stop() is called once per installed protocol. . /usr/share/libubox/jshn.sh hoodfile="$1" -make_config() { - # remove old config - rm /tmp/fastd_fff_peers/* +# source functions +for file in /etc/vpn-select.d/*; do + . "$file" + supported_protocols="$supported_protocols $protocol" +done - # prepare - Index=1 +# clear old config +for protocol in $supported_protocols; do + "${protocol}_clear" +done + +# load hoodfile and add peers +if [ -s "$hoodfile" ] ; then json_load "$(cat "$hoodfile")" json_select vpn - - # get fastd peers - while json_select "$Index" > /dev/null - do + index=1 + while json_select "$index" > /dev/null ; do json_get_var protocol protocol - if [ "$protocol" = "fastd" ]; then - # set up fastd - json_get_var servername name - filename="/etc/fastd/fff/peers/$servername" - echo "#name \"${servername}\";" > "$filename" - json_get_var key key - echo "key \"${key}\";" >> "$filename" - json_get_var address address - json_get_var port port - echo "remote \"${address}\" port ${port};" >> "$filename" - echo "" >> "$filename" - echo "float yes;" >> "$filename" - fi + "${protocol}_addpeer" || echo "protocol $protocol unknown" json_select ".." # back to vpn - Index=$(( Index + 1 )) + index=$(( index + 1 )) done - json_select ".." # back to root -} +fi -# Only do something if file is there and not empty; otherwise exit 1 -if [ -s "$hoodfile" ]; then - if [ ! -d /tmp/fastd_fff_peers ]; then - # first run after reboot - mkdir /tmp/fastd_fff_peers - make_config - # start fastd only if there are some peers - [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start - else - make_config - /etc/init.d/fastd reload +# start/restart/stop vpnservices +for protocol in $supported_protocols; do + "${protocol}_start_stop" +done - # fastd start/stop for various situations - pidfile="/tmp/run/fastd.fff.pid" - if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then - ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start - else - ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop - fi - fi - exit 0 -else - echo "vpn-select: Hood file not found or empty!" - exit 1 -fi diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop deleted file mode 100755 index 03a160b..0000000 --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -rm /tmp/fastd_fff_peers/* -/etc/init.d/fastd stop -