host-info-all() {
host-info-update
bindpushb8
+ ssh li.b8.nz conflink
wrt-setup
}
} | cedit /p/c/subdir_files/.ssh/config || [[ $? == 1 ]]
{
- echo "cat <<EOF"
+ # hack to please emacs parser
+ here_begin="cat <<EOF"
+ echo "$here_begin"
for host in ${!vpn_ips[@]}; do
ipsuf=${vpn_ips[$host]}
i_port=$(( 2200 + ipsuf ))
cat <<EOF
-config redirect
- option name ssh$host
- option src wan
- option src_dport $i_port
- option dest_port 22
- option dest_ip \$l.$ipsuf
- option dest lan
-config rule
- option src wan
- option target ACCEPT
- option dest_port $i_port
+ config redirect
+ option name ssh$host
+ option src wan
+ option src_dport $i_port
+ option dest_port 22
+ option dest_ip \$l.$ipsuf
+ option dest lan
+ config rule
+ option src wan
+ option target ACCEPT
+ option dest_port $i_port
EOF
done
echo "EOF"
sedi '/edits below here are made automatically/,$d' /p/c/machine_specific/li/filesystem/etc/wireguard/wgmail.conf
for host in ${!vpn_ips[@]}; do
if [[ ${root_ips[$host]} ]]; then
- # root machines dont run transmission
+ # root machines dont actually need vpn, but
+ # the classification still helps with other
+ # configurations.
continue
fi
ipsuf=${vpn_ips[$host]}
wghole $host $ipsuf
+ sd /b/ds/machine_specific/li/filesystem/etc/openvpn/client-config-hole/$host <<EOF
+ifconfig-push 10.5.5.${vpn_ips[$host]} 255.255.255.0
+EOF
u /a/bin/ds/machine_specific/$host/filesystem/etc/systemd/system/openvpn-client-tr@.service <<EOF
[Unit]
Description=OpenVPN tunnel for %I
echo checking for stray files:
initial_dir="$PWD"
- cd /a/bin/ds/machine_specific
- ngset
- files=( */filesystem/etc/systemd/system/openvpn-client-tr@.service )
- ngreset
- cd "$initial_dir"
- for f in "${files[@]}"; do
- host=${f%%/*}
- if [[ ! ${vpn_ips[$host]} ]]; then
- e rm /a/bin/ds/machine_specific/$host/filesystem/etc/systemd/system/openvpn-client-tr@.service
- fi
- done
+ while read -r dir path; do
+ cd $dir
+ ngset
+ files=( */$path )
+ ngreset
+ cd "$initial_dir"
+ for f in "${files[@]}"; do
+ host=${f%%/*}
+ if [[ ! ${vpn_ips[$host]} ]]; then
+ e rm $dir/$f
+ fi
+ done
+ done <<'EOF'
+/a/bin/ds/machine_specific filesystem/etc/systemd/system/openvpn-client-tr@.service
+/p/c/machine_specific filesystem/etc/wireguard/wghole.conf
+EOF
- cd /p/c/machine_specific
- ngset
- files=( */filesystem/etc/wireguard/wghole.conf )
- ngreset
- cd $initial_dir
+ files=(/b/ds/machine_specific/li/filesystem/etc/openvpn/client-config-hole/* )
for f in "${files[@]}"; do
- host=${f%%/*}
+ host=${f##/*}
if [[ ! ${vpn_ips[$host]} ]]; then
- e rm /p/c/machine_specific/$host/filesystem/etc/wireguard/wghole.conf
+ e rm $f
+ e ssh root@li.b8.nz rm -f $f
fi
done
+
}
# usage host ipsuf [extrahost]