X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=wrt-setup;h=9ac518afca061bf9f20a3928eb4c557f26f2e25e;hb=7a4577880f3d646ec68d60b1cd3a38f110f784bb;hp=fda94a3b948065d87cb3e72dea0f106dad2e6ac2;hpb=a43d3eec943c5f0491b300214a3c744d31a6e542;p=automated-distro-installer

diff --git a/wrt-setup b/wrt-setup
index fda94a3..9ac518a 100755
--- a/wrt-setup
+++ b/wrt-setup
@@ -1,274 +1,63 @@
 #!/bin/bash
+# Copyright (C) 2016 Ian Kelling
 
-set -eE -o pipefail
-trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?"' ERR
-
-
-# ssh
-
-pmirror() {
-    # background: upgrading all packages is not recommended because it
-    # doesn't go into the firmware. build new firmware if you want
-    # lots of upgrades.
-    f=(/tmp/opkg-lists/*)
-    f=${f[0]}
-    if ! (( $(date -r $f +%s) + 60*60*24 > $(date +%s) )); then
-        opkg update
-    fi
-}
-
-pi() {
-    for x in "$@"; do
-        if [[ ! $(opkg list-installed "$x") ]]; then
-            pmirror
-            opkg install "$@"
-        fi
-    done
-}
-
-v() {
-    printf "+ %s\n" "$*"
-    "$@"
-}
-
-cat >/usr/bin/arch-pxe-mount <<'EOFOUTER'
-#!/bin/bash
-# symlinks are collapsed for nfs mount points, so use a bind mount.
-# tried putting this in /etc/config/fstab,
-# then doig block mount, it didn't work. This doesn't persist across reboots,
-# todo: figure that out
-d=/run/archiso/bootmnt
-cat > /etc/fstab <<EOF
-/mnt/usb/tftpboot $d none bind 0 0
-EOF
-mount | grep $d &>/dev/null || mount $d
-/etc/init.d/nfsd restart
-EOFOUTER
-chmod +x /usr/bin/arch-pxe-mount
-
-cat >.profile <<'EOF'
-# changing login shell emits spam on ssh single commands & scp
-    # sed -i 's#/bin/ash$#/bin/bash#' /etc/passwd
-#https://dev.openwrt.org/ticket/13852
-[ "$PS1" = "" ] || {
-       /bin/bash
-       exit
-}
-EOF
-v pi kmod-usb-storage block-mount kmod-fs-ext4 nfs-kernel-server
-
-
-
-sed -ri "s/option[[:space:]]*encryption[[:space:]]*'?none'?/option encryption psk2\n        option key  pictionary49/" /etc/config/wireless
-sed -i '/^[[:space:]]*option disabled/d' /etc/config/wireless
-v wifi
-
-
-v /etc/init.d/fstab enable ||:
-
-# rebooting makes mounting work, but comparing lsmod,
-# i'm guessing this will too. todo, test it.
-# 255 == module already loaded
-for mod in scsi_mod sd_mod; do v modprobe $mod || [[ $? == 255 ]]; done
-
-# for arch pxe. The default settings in the installer expect to find
-# the NFS at /run/archiso/bootmnt
-mkdir -p /run/archiso/bootmnt
-
-# todo: at some later time, i found /mnt/usb not mounted, watch to see if
-# that is the case after running this or rebooting.
-# wiki says safe to do in case of fstab changes:
-cedit /etc/config/fstab <<'EOF' || { v block umount; v block mount; }
-config global automount
-      option from_fstab 1
-      option anon_mount 1
-
-config global autoswap
-      option from_fstab 1
-      option anon_swap 1
-
-config mount
-      option target	/mnt/usb
-      option device	/dev/sda2
-      option fstype	ext4
-      option options	rw,async,noatime,nodiratime
-      option enabled	1
-      option enabled_fsck 0
-
-config swap
-      option device	/dev/sda1
-      option enabled	1
-
-EOF
-
-
-
- # exportfs -ra won't cut it when its the same path, but now a bind mount
-cedit /etc/exports <<'EOF' || v /etc/init.d/nfsd restart ||:
-/mnt/usb  192.168.1.0/255.255.255.0(rw,no_root_squash,insecure,sync,no_subtree_check)
-# for arch pxe
-/run/archiso/bootmnt	192.168.1.0/255.255.255.0(rw,no_root_squash,insecure,sync,no_subtree_check)
-
-EOF
-
-
-v /etc/init.d/portmap start
-v /etc/init.d/nfsd start
-v /etc/init.d/portmap enable
-v /etc/init.d/nfsd enable
-
-
-
-cedit /etc/config/firewall <<'EOF' || /etc/init.d/firewall restart
-# port forwarding
-config redirect
-option name bittorrent
-option src              wan
-option src_dport        63324
-option dest_ip          192.168.1.2
-option dest             lan
-# making the port open (not sure if this is actually needed)
-config rule
-option src              wan
-option target           ACCEPT
-option dest_port        63324
-
-
-config redirect
-option name bithtpc
-option src              wan
-option src_dport        63325
-option dest_ip          192.168.1.4
-option dest             lan
-
-config rule
-option src              wan
-option target           ACCEPT
-option dest_port        63325
-
-
-config redirect
-option name ssh
-option src              wan
-#uncomment the 2 lines for security of using a non-standard port
-# and comment out the 22 port line
-#   option src_dport        63321
-option src_dport        22
-option dest_ip          192.168.1.2
-option dest             lan
-#   option dest_port        22  # already default
-
-config rule
-option src              wan
-option target           ACCEPT
-option dest_port        22
-
-
-# for https
-config redirect
-       option src                      wan
-       option src_dport        443
-       option dest                     lan
-       option dest_ip          192.168.1.2
-       option proto            tcp
-
-config rule
-       option src              wan
-       option target           ACCEPT
-       option dest_port        443
-       option proto            tcp
-
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
 
-config redirect
-       option src                      wan
-       option src_dport        80
-       option dest                     lan
-       option dest_ip          192.168.1.2
-       option proto            tcp
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
 
-config rule
-       option src              wan
-       option target           ACCEPT
-       option dest_port        80
-       option proto            tcp
-EOF
-
-
-dnsmasq_restart=false
-cedit /etc/hosts <<EOF || dnsmasq_restart=true
-192.168.1.1 wrt
-192.168.1.2 treetowl
-192.168.1.3 frodo
-192.168.1.4 htpc
-192.168.1.5 x2
-192.168.1.6 testvm
-192.168.1.7 faiserver
-72.14.176.105 li
-EOF
-
-
-
-# useful: http://wiki.openwrt.org/doc/howto/dhcp.dnsmasq
-
-cedit /etc/dnsmasq.conf <<'EOF' || dnsmasq_restart=true
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
-############ updating dns servers ###################3
-# download namebench and run it like this:
-# for x in all regional isp global preferred nearby; do ./namebench.py -s $x -c US -i firefox -m weighted -J 10 -w; echo $x; hr;  done
-
-
-# this says the ip of default gateway and dns server,
-# but I think they are unneded and default
-#dhcp-option=3,192.168.1.1
-#dhcp-option=6,192.168.1.1
-
-
-
-# results from googling around dnsmasq optimizations
-# about 50k in memory. router has 62 megs.
-# in a browsing session, I probably won't ever do 5000 lookups
-# before the ttl expiration or whatever does expiration.
-cache-size=10000
-# http://ma.ttwagner.com/make-dns-fly-with-dnsmasq-all-servers/
-all-servers
-# namebench showed 4 servers fairly close ranking:
-# qwest
-server=205.171.3.65
-server=205.171.2.25
-# clearwire anchorage
-server=64.13.115.12
-# comcast spokane
-server=68.87.69.146
-# google
-server=8.8.4.4
-# NTT
-server=129.250.35.250
-# isp servers
-server=75.75.76.76
-server=75.75.75.75
 
+set -eE -o pipefail
+trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
 
+x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*}
 
-# to fixup existin ips, on the client you can do
-# sudo dhclient -r; sudo dhclient <interface-name>
+usage() {
+  cat <<EOF
+usage: ${0##*/} [-h|--help] [HOST/IP] [wrt-setup-local_ARGS]
+setup my router in general: dhcp, dns, etc.
 
-dhcp-host=f4:6d:04:02:ee:eb,192.168.1.2,treetowl
-dhcp-host=00:26:18:97:bb:16,192.168.1.3,frodo
-dhcp-host=10:78:d2:da:29:22,192.168.1.4,htpc
-dhcp-host=00:1f:16:16:39:24,192.168.1.5,x2
-# this is so fai can have an explicit name to use for testing,
-# or else any random machine which did a pxe boot would get
-# reformatted. The mac is from doing a virt-install, cancelling it,
-# and copying the generated mac, so it should be randomish.
-dhcp-host=52:54:00:9c:ef:ad,192.168.1.6,demohost
-dhcp-host=52:54:00:56:09:f9,192.168.1.7,faiserver
-dhcp-host=80:fa:5b:1c:6e:cf,192.168.1.8,tp
+Default HOST is root@10.0.0.1
 
+Note, use -m "''" to send an empty mac arg. When we get a new enough
+bash, we can use ${@@Q} to properly pass an empty var.
 
-# template
-# dhcp-host=,192.168.1.,
 EOF
+  wrt-setup-local -h
+  exit $1
+}
 
-if $dnsmasq_restart; then
-    v /etc/init.d/dnsmasq restart
+h=root@10.0.0.1
+
+case $1 in
+  -h|--help) usage ;;
+  -*) : ;;
+  ?*) h="$1"; shift ;;
+esac
+
+echo "$0: host=$h"
+
+cat ~/.ssh/home.pub | ssh $h dd of=/etc/dropbear/authorized_keys 2>/dev/null
+scp /a/work/libremanage/libremanage /a/bin/fai/wrt-setup-local /a/bin/cedit/cedit $h:/usr/bin
+# relay is built for openwrt 18.06.2, r7676-cddd7b4c77
+sudo scp /q/root/shadow/router /p/c/machine_specific/wrt/etc/dropbear/dropbear_rsa_host_key \
+     /a/opt/openwrt/source/bin/packages/mips_24kc/mypackages/relay_1.0-1_mips_24kc.ipk $h:
+ssh $h <<EOF
+set -x
+if ! opkg list-installed|grep bash; then
+    opkg update
+    opkg install bash
 fi
+export HOME_DOMAIN=$HOME_DOMAIN
+export WIRELESSMAC=$WIRELESSMAC
+wrt-setup-local $@
+EOF