fi
fi
- # check if $d is a snapshot of any of the btrbk backups
+ # check if $d is a snapshot of any of the btrbk backups other than the latest
if [[ ! $stale ]]; then
for f in ${snaps[@]}; do
if [[ $f == $last_snap ]]; then continue; fi
if [[ ! $stale ]]; then
last_snap_gen=$(btrfs sub show $last_snap| awk '$1 == "Generation:" {print $2}')
d_gen=$(btrfs sub show $d| awk '$1 == "Generation:" {print $2}')
- if (( last_snap_gen < d_gen )); then
+ if (( d_gen < last_snap_gen )); then
stale=false
else
echo "$d stale: it's generation, $d_gen, is earlier than the last snapshot's, $last_snap_gen"
start)
iptables_op=-A
ip_op=add
+ tun_dev=$(ip a show to 10.8.0.4/24 | sed -rn '1s/^\S+\s+([^:]+).*/\1/p')
+ if [[ $tun_dev != tun* ]]; then
+ echo "$0: error: failed to find tun device"
+ exit 1
+ fi
e() { "$@"; }
;;
stop)
iptables_op=-D
ip_op=del
+ tun_dev=$(iptables -t nat -S | sed -rn "s/^-A POSTROUTING -o (tun[[:digit:]]+) -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4$/\1/p"|head -n1) || printf "failed to find tun device.\n"
e() { "$@" || printf "maybe ok failure: %s\n" "$*"; }
;;
show)
e iptables -t mangle $iptables_op \
OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark 0x1
e iptables -t mangle $iptables_op \
- OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark 0x0 \
- -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
-# note, we could have used a custom chain and returned instead of setting the mark again.
+ OUTPUT -m tcp -p tcp -m multiport --ports $port -j MARK --set-mark 0x0 \
+ -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+ # note, we could have used a custom chain and returned instead of setting the mark again.
# in case anyone was ever curious, the inverse of private ips is: #0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4,224.0.0.0/3
done
-e iptables -t nat $iptables_op POSTROUTING -o tun0 -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4
+e iptables -t nat $iptables_op POSTROUTING -o $tun_dev -m mark --mark 0x1 -j SNAT --to-source 10.8.0.4
e ip rule $ip_op fwmark 1 table 1
# note, this rule does not persist when the tun interface is deleted
e ip route $ip_op default via 10.8.0.1 table 1
if [[ $new_host == "$HOSTNAME" ]]; then
localhost_new=true
- ssh_prefix=ssh
+ new_shell="ssh $new_host"
else
localhost_new=false
- ssh_prefix=
+ new_shell=
fi
+
+old_shell=
+if [[ $old_host == "$HOSTNAME" ]]; then
+ old_shell="ssh $old_host"
+fi
+
if [[ ! $new_host || ! $old_host ]]; then
echo "$0: bad args. see script"
exit 1
fi
at_home=false
-if timeout -s 9 10 ssh root@wrt.lan :; then
+if [[ $HOSTNAME == treetowl ]] || [[ $HOSTNAME == frodo ]] || timeout -s 9 5 ssh wrt.lan :; then
at_home=true
fi
+echo "$0: at_home = $at_home"
source /a/bin/bash_unpublished/source-semi-priv
#### begin convert private hostnames to public hostnames ####
# because our port forward is not robust enough, we can't use proxy command,
-# todo: just open an ssh port to the world on wrt
+# todo: just open an ssh port to the world on wrt.lan
if ! $at_home; then
- ssh_cmd="ssh $HOME_DOMAIN ssh wrt"
+ wrt_shell="ssh $HOME_DOMAIN ssh wrt.lan"
else
- ssh_cmd="ssh wrt"
+ wrt_shell="ssh wrt.lan"
+fi
+
+btrbk_test="systemctl is-active btrbk.service"
+while ! $new_shell $btrbk_test || $old_shell $btrbk_test; do
+ echo "$0: btrbk is running on new or old host. sleeping for 8 seconds"
+ sleep 6
+ echo "$0: testing for btrbk activity in 2 seconds"
+ sleep 2
+done
+
+########### end initial processing, begin actually modifying things ##########
+
+restore_new_btrbk=false
+if $new_shell systemctl is-active btrbk.timer; then
+ $new_shell sudo systemctl stop btrbk.timer
+ restore_new_btrbk=true
fi
+restore_old_btrbk=false
+if $old_shell systemctl is-active btrbk.timer; then
+ $old_shell sudo systemctl stop btrbk.timer
+ restore_old_btrbk=true
+fi
+
+$new_shell bash -s <<'EOF'
+set -eE
+if mountpoint /m; then sudo umount /m; fi
+if mountpoint /o; then sudo umount /o; fi
+EOF
+
# if new_host is not on home network, make mail.iankelling.org not resolve
# on the home network.
if [[ $new_host == $HOSTNAME ]] && ! $at_home; then
- echo | $ssh_cmd cedit mail_host /etc/hosts
+ echo | $wrt_shell cedit mail_host /etc/hosts || [[ $? == 1 ]] # 1 means file changed.
else
- $ssh_cmd bash -s <<EOFOUTER
+ $wrt_shell bash -s <<EOFOUTER
cedit mail_host /etc/hosts <<'EOF' || /etc/init.d/dnsmasq restart
\$(grep "\b$new_host\b" /etc/hosts | awk '{print $1}') mail.iankelling.org
EOF
$shell /a/bin/distro-setup/mail-setup exim4
}
-mail-setup "ssh $old_host"
+mail-setup "$old_shell"
sudo dd of=/etc/btrbk.conf <<'EOF'
ssh_identity /root/.ssh/id_rsa
sudo btrbk --progress run
-$ssh_prefix $new_host mount-latest-subvol
+$new_shell mount-latest-subvol
mail-setup
+
+if $restore_new_btrbk; then
+ $new_shell sudo systemctl start btrbk.timer
+fi
+if $restore_old_btrbk; then
+ $old_shell sudo systemctl start btrbk.timer
+fi
iankelling.org / git / distro-setup / commitdiff