+host-info-all() {
+ host-info-update
+
+ bindpushb8
+ # for wireguard configs
+ ssh iank@li.b8.nz conflink
+ wrt-setup
+}
+
+
+
+
+
+## for updating host info like ip, location, update /p/c/host-info and
+## host_info below. the host_info array should probably be in its own
+## file that gets sourced so that it can be more easily updated.
+
+# todo: this is so long that it becomes confusing,
+# try to split it up.
+#
+# To make some changes take effect, run host-info-all.
+host-info-update() {
+
+ local -A vpn_ips host_ips host_macs portfw_ips nonvpn_ips all_ips
+ local -a root_hosts nonroot_hosts
+
+ # the hosts with no mac
+ root_hosts=( bk je li b8.nz )
+ for h in ${root_hosts[@]}; do
+ root_hosts+=(${h}ex)
+ done
+ root_hosts+=(cmc)
+
+ while read -r ip host mac opts; do
+ if [[ $ip == *#* || ! $host ]]; then continue; fi
+
+ # opt parsing
+ vpn=false
+ root=false
+ for opt in $opts; do
+ case $opt in
+ user=root)
+ root=true
+ ;;
+ vpn)
+ vpn=true
+ ;;
+ esac
+ done
+
+ all_ips[$host]=$ip
+ if $vpn; then
+ portfw_ips[$host]=$ip
+ vpn_ips[$host]=$ip
+ else
+ nonvpn_ips[$host]=$ip
+ fi
+ if $root; then
+ # note: the reason we have b8.nz suffix here but not for non_root
+ # hosts is that it is for the User part, the IdentityFile part is
+ # redundant to *.b8.nz. Also note ${host}i, we only setup those for vpn hosts, but there is no harm in overspecifying here.
+ root_hosts+=($host ${host}i $host.b8.nz ${host}i.b8.nz)
+ root_hosts_a[$host]=t # a for associative array
+ else
+ nonroot_hosts+=($host ${host}i)
+ fi
+ host_ips[$host]=$ip
+ if [[ $mac ]]; then
+ host_macs[$host]=$mac
+ fi
+
+ done </p/c/host-info
+
+ {
+ cat <<EOF
+Host ${nonroot_hosts[@]}
+User iank
+IdentityFile ~/.ssh/home
+
+Host ${root_hosts[@]}
+IdentityFile ~/.ssh/home
+
+EOF
+ for host in ${!vpn_ips[@]}; do
+ ipsuf=${vpn_ips[$host]}
+ cat <<EOF
+Host ${host}i ${host}i.b8.nz
+Port $((2200 + ipsuf))
+EOF
+ done
+
+ # convenience of one auth key entry
+ for host in ${!all_ips[@]}; do
+ cat <<EOF
+Host $host ${host}i $host.b8.nz ${host}i.b8.nz
+HostKeyAlias $host.b8.nz
+EOF
+ done
+ } | cedit -e /p/c/subdir_files/.ssh/config-static
+
+ {
+ # hack to please emacs parser
+ here_begin="cat <<EOF"
+ echo "$here_begin"
+ for host in ${!vpn_ips[@]}; do
+ ipsuf=${vpn_ips[$host]}
+ i_port=$(( 2200 + ipsuf ))
+ cat <<EOF
+config redirect
+option name ssh$host
+option src wan
+option src_dport $i_port
+option dest_port 22
+option dest_ip \$l.$ipsuf
+option dest lan
+config rule
+option src wan
+option target ACCEPT
+option dest_port $i_port
+EOF
+ done
+ echo "EOF"
+ } >/p/c/cmc-firewall-data
+