From 3cf338ab4a2bed4b280aa388ec35f1c89edc0ebb Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 10 Mar 2024 17:10:20 +0330 Subject: [PATCH 01/48] Bugfix on OVPN + add lite version --- Makefile | 33 +++++++++++++++++++++++++ README.md | 11 ++++++++- usr/local/etc/wanpad/wanpad.conf.sample | 3 ++- usr/local/share/wanpad/common.sh | 17 +++++++++++-- 4 files changed, 60 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 6407046..28bf4bf 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,16 @@ WANPAD_USERNAME= hoopad all: @echo "Nothing to be done. Please use make install or make uninstall" +.PHONY: litedeps +litedeps: + @echo "Install lite version dependencies" + @if [ -e /etc/debian_version ]; then\ + DEBIAN_FRONTEND=noninteractive apt install -y net-tools git build-essential sudo git-lfs;\ + elif [ "${OS}" = "FreeBSD" ]; then\ + pkg install -y git python3 sudo;\ + fi + + .PHONY: deps deps: @echo "Install applications" @@ -101,6 +111,29 @@ install: ca deps generate echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ fi +.PHONY: liteinstall +liteinstall: litedeps + @echo "Installing wanpad lite version" + @echo + @cp -Rv usr / + @chmod +x ${WANPAD_CMD} + @echo "Make it administration cli tool only" + @if [ "${OS}" = "FreeBSD" ]; then\ + sed -i '' '1s/$$/\nexport LITE_VERSION=true/' /usr/local/share/wanpad/common.sh;\ + else\ + sed -i -e '1s/$$/\nexport LITE_VERSION=true/' /usr/local/share/wanpad/common.sh;\ + fi + @echo + @echo "Installing wanpad configuration" + @if [ ! -s /usr/local/etc/wanpad/wanpad.conf ]; then\ + cp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf;\ + else\ + echo "wanpad configuration file is already exists at /usr/local/etc/wanpad/wanpad.conf.";\ + echo "If you want the new configuration use the following command below:";\ + echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ + fi + + .PHONY: debug debug: @echo diff --git a/README.md b/README.md index 3fb8054..9d58483 100644 --- a/README.md +++ b/README.md @@ -92,7 +92,16 @@ After the prompt return, you should be able to access your device through the co wanpadctl ``` -## +## Lite Version + +Lite version is only for administration purposes. + +### Lite Install + +```sh +git clone https://github.com/HoopadCorp/wanpad-edge.git +make liteinstall +``` # Contributions diff --git a/usr/local/etc/wanpad/wanpad.conf.sample b/usr/local/etc/wanpad/wanpad.conf.sample index 6206442..9c0cf19 100644 --- a/usr/local/etc/wanpad/wanpad.conf.sample +++ b/usr/local/etc/wanpad/wanpad.conf.sample @@ -17,4 +17,5 @@ CONTROLLER_API_PORT=8001 TOKEN= # OpenVPN Client -OOB_CONFIG_FILE=/usr/local/etc/wanpad/client.ovpn \ No newline at end of file +# The ".ovpn" file must be located under /usr/local/etc/wanpad/ directory. +OOB_CONFIG_FILE=client.ovpn \ No newline at end of file diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index 511ba52..4763511 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -16,7 +16,20 @@ # along with this program. If not, see . . /usr/local/etc/wanpad/wanpad.conf + . /usr/local/share/wanpad/lib/base-lib.sh -. /usr/local/share/wanpad/lib/install-lib.sh -. /usr/local/share/wanpad/lib/ztp-lib.sh . /usr/local/share/wanpad/lib/adm-lib.sh + +if [ -n "$LITE_VERSION" ] +then + if [ "$1" != "adm" ] + then + echo "Error: Sub-commands other than 'adm' are not supported in the WANPAD Edge Lite version." + fi + echo "Lite version is administration only." + echo "Please install WANPAD Edge for full installation." + exit 1 +fi + +. /usr/local/share/wanpad/lib/install-lib.sh +. /usr/local/share/wanpad/lib/ztp-lib.sh \ No newline at end of file From bf90226c79bca057f25b4804f6cd45bb53cd4065 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 10 Mar 2024 17:49:34 +0330 Subject: [PATCH 02/48] change configuration format from URI to DOMAIN --- README.md | 6 +++--- usr/local/etc/wanpad/wanpad.conf.sample | 7 ++++++- usr/local/share/wanpad/init.sh | 2 +- usr/local/share/wanpad/lib/base-lib.sh | 12 +++++++++++- usr/local/share/wanpad/lib/ztp-lib.sh | 16 ++++++++++++---- usr/local/share/wanpad/ztp/pnp-client.py | 2 +- 6 files changed, 34 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 9d58483..b45d638 100644 --- a/README.md +++ b/README.md @@ -78,18 +78,18 @@ You'll be prompted to enter your controller URL and access token: ``` Please Provide the following information: -WANPAD controller URI: +WANPAD controller address: Your access token: ``` -- **URI format**: `controller.wanpad.ir` +- **DOMAIN format**: `controller.wanpad.ir` After the prompt return, you should be able to access your device through the controller panel. - **NOTE:** You can also run the script in **non-interactive** mode, doing: ```sh -wanpadctl +wanpadctl ``` ## Lite Version diff --git a/usr/local/etc/wanpad/wanpad.conf.sample b/usr/local/etc/wanpad/wanpad.conf.sample index 9c0cf19..8726faa 100644 --- a/usr/local/etc/wanpad/wanpad.conf.sample +++ b/usr/local/etc/wanpad/wanpad.conf.sample @@ -12,10 +12,15 @@ DEFAULT_SSH_PORT=24489 CLIENT_SERVICES_DIR="/usr/local/share/wanpad/client-services" # ZTP -URI=https://deploy.wanpad.ir:8001/wanpad/api/v1/devices/plug_play/ +CONTROLLER_DOMAIN=deploy.wanpad.ir CONTROLLER_API_PORT=8001 + +# Controller Token TOKEN= +# SSL for controller connectivity +SSL=true + # OpenVPN Client # The ".ovpn" file must be located under /usr/local/etc/wanpad/ directory. OOB_CONFIG_FILE=client.ovpn \ No newline at end of file diff --git a/usr/local/share/wanpad/init.sh b/usr/local/share/wanpad/init.sh index b865888..a7a0c42 100755 --- a/usr/local/share/wanpad/init.sh +++ b/usr/local/share/wanpad/init.sh @@ -28,7 +28,7 @@ case "$NA" in ztp_dialogue ;; 2) - URI=$1 + DOMAIN=$1 TOKEN=$2 ;; *) diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index 0221371..cba81db 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -41,7 +41,7 @@ force_run_as_root() fi } -getArch() +get_arch() { ARCH=$(uname -m) case $ARCH in @@ -65,4 +65,14 @@ getArch() exit 1 ;; esac +} + +get_scheme() +{ + if [ "$SSL" = "true" ] + then + export CONTROLLER_SCHEME="https" + else + export CONTROLLER_SCHEME="http" + fi } \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 2a11972..24a7f74 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -21,14 +21,22 @@ ztp_dialogue() echo " Please Provide the following information: " - read -r -p "WANPAD controller URI: " "URI" + read -r -p "WANPAD controller address: " "CONTROLLER_DOMAIN" read -r -p "Your access token: " "TOKEN" - echo $URI $TOKEN + echo $CONTROLLER_DOMAIN $TOKEN } validate_token() { - local val_status_code=`curl -is -X POST https://${URI}:${CONTROLLER_API_PORT}/wanpad/api/v1/auth/validate_token/ \ + local CONTROLLER_TOKEN_VALIDATION_API_PATH="/wanpad/api/v1/auth/validate_token/" + + # Run get scheme for CONTROLLER_SCHEME variable + get_scheme() + + # Set globally for python script + export CONTROLLER_TOKEN_VALIDATION_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_TOKEN_VALIDATION_API_PATH}" + + local val_status_code=`curl -is -X POST $CONTROLLER_TOKEN_VALIDATION_URL \ -H 'Content-Type: application/json' \ -d '{"token": "'"${TOKEN}"'"}' | grep "HTTP/" | awk '{print $2}'` @@ -50,7 +58,7 @@ validate_token() save_ztp_config() { - sed -i.bak -e "/^URI=/s/=.*/=https:\/\/$URI:$CONTROLLER_API_PORT\/wanpad\/api\/v1\/devices\/plug_play\//" \ + sed -i.bak -e "/^CONTROLLER_DOMAIN=/s/=.*/=${CONTROLLER_DOMAIN}/" \ -e "/^TOKEN=/s/=.*/=$TOKEN/" /usr/local/etc/wanpad/wanpad.conf } diff --git a/usr/local/share/wanpad/ztp/pnp-client.py b/usr/local/share/wanpad/ztp/pnp-client.py index 0d98317..a184a69 100755 --- a/usr/local/share/wanpad/ztp/pnp-client.py +++ b/usr/local/share/wanpad/ztp/pnp-client.py @@ -45,7 +45,7 @@ def client_program(): "hostname": socket.gethostname(), "token": os.environ['TOKEN'], "dsf": dsf} - url = os.environ['URI'] + url = os.environ['CONTROLLER_TOKEN_VALIDATION_URL'] request_to_url = requests.post(url, verify=False, data=data, timeout=6) if request_to_url.status_code == 400: print(request_to_url.text) From 1c653f171c9c9fa2e98bfe2c95f74dfc0e0d50aa Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 10 Mar 2024 18:11:02 +0330 Subject: [PATCH 03/48] lite cleaning --- Makefile | 4 +-- usr/local/bin/wanpadctl | 41 +++++++++----------------- usr/local/share/wanpad/adm.sh | 1 - usr/local/share/wanpad/common.sh | 12 -------- usr/local/share/wanpad/lib/base-lib.sh | 22 ++++++++++++++ 5 files changed, 38 insertions(+), 42 deletions(-) diff --git a/Makefile b/Makefile index 28bf4bf..37371d8 100644 --- a/Makefile +++ b/Makefile @@ -119,9 +119,9 @@ liteinstall: litedeps @chmod +x ${WANPAD_CMD} @echo "Make it administration cli tool only" @if [ "${OS}" = "FreeBSD" ]; then\ - sed -i '' '1s/$$/\nexport LITE_VERSION=true/' /usr/local/share/wanpad/common.sh;\ + sed -i '' '1s/$$/\nLITE_VERSION=true/' ${WANPAD_CMD};\ else\ - sed -i -e '1s/$$/\nexport LITE_VERSION=true/' /usr/local/share/wanpad/common.sh;\ + sed -i -e '1s/$$/\nLITE_VERSION=true/' ${WANPAD_CMD};\ fi @echo @echo "Installing wanpad configuration" diff --git a/usr/local/bin/wanpadctl b/usr/local/bin/wanpadctl index 1aadb3e..070e083 100644 --- a/usr/local/bin/wanpadctl +++ b/usr/local/bin/wanpadctl @@ -15,41 +15,28 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin - -. /usr/local/share/wanpad/common.sh -. /usr/local/etc/wanpad/wanpad.conf - ## version WANPAD_VERSION="3.0.0" -usage() -{ - cat << EOF -wanpadctl(8) is an open-source utility for automating deployment and management of -WANPAD edges for SD-WAN controller. - -Usage: - wanpadctl command [args] - -Available Commands: - install prepare and set up operating system to function as edge device. - init join to WANPAD controller. - oob connect to WANPAD controller using oob network. - lte configure lte module. (if any exists.) - -Use "wanpad -v|--version" for version information. -Use "wanpad command -h|--help" for more information about a command. - -EOF - exit 1 -} +. /usr/local/share/wanpad/common.sh +. /usr/local/etc/wanpad/wanpad.conf [ $# -lt 1 ] && usage -CMD=$1 +export CMD=$1 shift +if [ -n "$LITE_VERSION" ] +then + if [ "$CMD" != "adm" ] + then + echo "Error: Sub-commands other than 'adm' are not supported in the WANPAD Edge Lite version." + echo "Lite version is administration only." + echo "Please install WANPAD Edge for full installation." + exit 1 + fi +fi + # Handle special-case commands first. case "${CMD}" in version|-v|--version) diff --git a/usr/local/share/wanpad/adm.sh b/usr/local/share/wanpad/adm.sh index 041fdd1..1cb6d15 100644 --- a/usr/local/share/wanpad/adm.sh +++ b/usr/local/share/wanpad/adm.sh @@ -16,4 +16,3 @@ # along with this program. If not, see . . /usr/local/share/wanpad/common.sh - diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index 4763511..560ab36 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -19,17 +19,5 @@ . /usr/local/share/wanpad/lib/base-lib.sh . /usr/local/share/wanpad/lib/adm-lib.sh - -if [ -n "$LITE_VERSION" ] -then - if [ "$1" != "adm" ] - then - echo "Error: Sub-commands other than 'adm' are not supported in the WANPAD Edge Lite version." - fi - echo "Lite version is administration only." - echo "Please install WANPAD Edge for full installation." - exit 1 -fi - . /usr/local/share/wanpad/lib/install-lib.sh . /usr/local/share/wanpad/lib/ztp-lib.sh \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index cba81db..be02354 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -75,4 +75,26 @@ get_scheme() else export CONTROLLER_SCHEME="http" fi +} + +usage() +{ + cat << EOF +wanpadctl(8) is an open-source utility for automating deployment and management of +WANPAD edges for SD-WAN controller. + +Usage: + wanpadctl command [args] + +Available Commands: + install prepare and set up operating system to function as edge device. + init join to WANPAD controller. + oob connect to WANPAD controller using oob network. + lte configure lte module. (if any exists.) + +Use "wanpad -v|--version" for version information. +Use "wanpad command -h|--help" for more information about a command. + +EOF + exit 1 } \ No newline at end of file From a270fba916f796176316c05dabd022c11da830f5 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 10 Mar 2024 22:01:24 +0330 Subject: [PATCH 04/48] Add adm utilities, not tested --- Makefile | 8 +-- usr/local/share/wanpad/adm.sh | 41 ++++++++++++ usr/local/share/wanpad/common.sh | 2 + usr/local/share/wanpad/lib/adm-lib.sh | 89 +++++++++++++++++++++++++- usr/local/share/wanpad/lib/base-lib.sh | 42 ++++++++---- usr/local/share/wanpad/lib/ztp-lib.sh | 17 ++--- 6 files changed, 169 insertions(+), 30 deletions(-) diff --git a/Makefile b/Makefile index 37371d8..fafc540 100644 --- a/Makefile +++ b/Makefile @@ -14,9 +14,9 @@ all: litedeps: @echo "Install lite version dependencies" @if [ -e /etc/debian_version ]; then\ - DEBIAN_FRONTEND=noninteractive apt install -y net-tools git build-essential sudo git-lfs;\ + DEBIAN_FRONTEND=noninteractive apt install -y net-tools git build-essential sudo git-lfs jq;\ elif [ "${OS}" = "FreeBSD" ]; then\ - pkg install -y git python3 sudo;\ + pkg install -y git python3 sudo jq;\ fi @@ -25,9 +25,9 @@ deps: @echo "Install applications" @if [ -e /etc/debian_version ]; then\ DEBIAN_FRONTEND=noninteractive apt install -y net-tools git openvpn python3-pip wireguard snmpd libqmi-utils udhcpc build-essential\ - python3-dev strongswan strongswan-starter frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs;\ + python3-dev strongswan strongswan-starter frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq;\ elif [ "${OS}" = "FreeBSD" ]; then\ - pkg install -y git openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go;\ + pkg install -y git openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go jq;\ fi @echo @echo "Install python applications" diff --git a/usr/local/share/wanpad/adm.sh b/usr/local/share/wanpad/adm.sh index 1cb6d15..7a40e96 100644 --- a/usr/local/share/wanpad/adm.sh +++ b/usr/local/share/wanpad/adm.sh @@ -16,3 +16,44 @@ # along with this program. If not, see . . /usr/local/share/wanpad/common.sh + +if [ "$1" = "get" ] +then + if [ "$2" = "device" ] + then + if [ "$3" = "group" ] + then + get_device_group $4 + fi + fi +# elif [ "$1" = "add" ] +# then +# if [ "$2" = "device" ] +# then +# if [ "$3" = "group" ] +# then +# add_device_group $4 +# fi +# fi +elif [ "$1" = "set" ] +then + if [ "$2" = "bgp" ] + then + if [ "$3" = "mesh" ] + then + shift 3 + if [ $# -ne 2 ] + then + bgp_mesh_usage + exit 1 + fi + bgp_mesh_selected_device "$1" "$2" + fi + fi +elif [ "$1" = "show" ] +then + if [ "$2" = "device" ] + then + show_devices + fi +fi \ No newline at end of file diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index 560ab36..ffa4655 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -17,7 +17,9 @@ . /usr/local/etc/wanpad/wanpad.conf +# Base library should be first to call . /usr/local/share/wanpad/lib/base-lib.sh + . /usr/local/share/wanpad/lib/adm-lib.sh . /usr/local/share/wanpad/lib/install-lib.sh . /usr/local/share/wanpad/lib/ztp-lib.sh \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh index bb78197..8b45203 100644 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ b/usr/local/share/wanpad/lib/adm-lib.sh @@ -15,4 +15,91 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . -# This file exists for administration of the WANPAD controller. Will be completed in the near future. \ No newline at end of file +# This file exists for administration of the WANPAD controller. Will be completed in the near future. + +bgp_mesh_usage() +{ + echo -e "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]" +} + +get_device_group() +{ + local response_json="$(get_api /wanpad/api/v1/devices/devices-group/)" + + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + + case $val_status_code in + 200) + echo $response_json | jq -s '.[0]' + ;; + *) + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." + echo $response_json | jq + exit 1 + ;; + esac +} + +# add_device_group() +# # TODO: add a single device to a group +# { +# local response_json="$(post_api /wanpad/api/v1/devices/devices-group/ "$1")" + +# local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + +# case $val_status_code in +# 200) +# echo $response_json | jq -s '.[0]' +# ;; +# *) +# print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." +# echo $response_json | jq +# exit 1 +# ;; +# esac +# } + +bgp_mesh_selected_device() +{ + local LOCAL_AS=$1 + if [ $LOCAL_AS -lt 1 ] && [ $LOCAL_AS -gt 4294967295 ] + then + print_error "<1-4294967295> Autonomous system number" + exit 1 + fi + shift + local data="$(echo $@ | jq -R "split(\",\")|{devices:[.[]], local_as: \"$LOCAL_AS\"}")" + + local response_json="$(post_api /wanpad/api/v1/bgp/multi/bgp/neighbors/selected_devices/ $data)" + + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + + case $val_status_code in + 200) + echo $response_json | jq -s '.[0]' + ;; + *) + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." + echo $response_json | jq + exit 1 + ;; + esac +} + +show_devices() +{ + local response_json="$(get_api /wanpad/api/v1/devices/devices-list/)" + + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + + case $val_status_code in + 200) + echo $response_json | jq -s '.[0]' + ;; + *) + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." + echo $response_json | jq + exit 1 + ;; + esac +} \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index be02354..b1c2ad1 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -18,25 +18,18 @@ OSKERNEL=$(uname -s) -RED='\033[0;31m' -NC='\033[0m' # No Color - -print_error () +print_error() { -# usage: -# ERROR_MSG="some error" -# print_error - echo -e "${RED} - ERROR: - ${ERROR_MSG}${NC}" + local RED='\033[0;31m' + local NC='\033[0m' # No Color + printf "${RED}ERROR:\t$1${NC}\n" } force_run_as_root() { uid=`id -u` if [ $uid != 0 ]; then - ERROR_MSG="Please run as \"root\" and try again." - print_error + print_error "Please run as \"root\" and try again." exit 1 fi } @@ -97,4 +90,29 @@ Use "wanpad command -h|--help" for more information about a command. EOF exit 1 +} + +get_api() +{ + local CONTROLLER_API_PATH="$1" + + # Run get scheme for CONTROLLER_SCHEME variable + get_scheme + + local CONTROLLER_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" + + curl -s -X GET $CONTROLLER_URL -H 'Content-Type: application/json' -H "Authorization: Basic ${TOKEN}" -w "%{json}" +} + +post_api() +{ + local CONTROLLER_API_PATH="$1" + local data="$2" + + # Run get scheme for CONTROLLER_SCHEME variable + get_scheme + + local CONTROLLER_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" + + curl -s -X POST $CONTROLLER_URL -H 'Content-Type: application/json' -H "Authorization: Basic ${TOKEN}" -d "$data" -w "%{json}" } \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 24a7f74..e63e403 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -28,29 +28,20 @@ Please Provide the following information: validate_token() { - local CONTROLLER_TOKEN_VALIDATION_API_PATH="/wanpad/api/v1/auth/validate_token/" + local response_json="$(get_api /wanpad/api/v1/auth/validate_token/)" - # Run get scheme for CONTROLLER_SCHEME variable - get_scheme() - - # Set globally for python script - export CONTROLLER_TOKEN_VALIDATION_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_TOKEN_VALIDATION_API_PATH}" - - local val_status_code=`curl -is -X POST $CONTROLLER_TOKEN_VALIDATION_URL \ - -H 'Content-Type: application/json' \ - -d '{"token": "'"${TOKEN}"'"}' | grep "HTTP/" | awk '{print $2}'` + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) case $val_status_code in 200) echo Great! your token is valid. ;; 4??) - echo Sorry your token is not valid. Please check your token again or make a new one. + print_error "Sorry your token is not valid. Please check your token again or make a new one." exit 1 ;; *) - echo Something went wrong. Please check your token again and - the problem still remains, reach out to our technical support. + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." exit 1 ;; esac From ddf03301ea34ece52453715946c89f774b620895 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 10 Mar 2024 22:38:12 +0330 Subject: [PATCH 05/48] add other utilities to wanpad adm (not tested) --- README.md | 26 +++++++++++++ usr/local/share/wanpad/adm.sh | 18 ++++++++- usr/local/share/wanpad/lib/adm-lib.sh | 52 ++++++++++++++++++++++++++ usr/local/share/wanpad/lib/base-lib.sh | 12 ++++++ 4 files changed, 107 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b45d638..321483a 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,32 @@ git clone https://github.com/HoopadCorp/wanpad-edge.git make liteinstall ``` +## Admin CLI + +### Show list of device names + +```sh +wanpadctl adm show device | jq '[.results[].name]' +``` + +### Show list of device id + +```sh +wanpadctl adm show device | jq '[.results[].id]' +``` + +### Search device by name + +```sh +wanpadctl adm show device name wpe-210 +``` + +### Get device info + +```sh +wanpadctl adm get device info ID +``` + # Contributions Any PR(s) are welcomed. diff --git a/usr/local/share/wanpad/adm.sh b/usr/local/share/wanpad/adm.sh index 7a40e96..c2b5f67 100644 --- a/usr/local/share/wanpad/adm.sh +++ b/usr/local/share/wanpad/adm.sh @@ -17,6 +17,13 @@ . /usr/local/share/wanpad/common.sh +# Handle special-case commands first. +case "$1" in +help|-h|--help) + adm_usage + ;; +esac + if [ "$1" = "get" ] then if [ "$2" = "device" ] @@ -24,6 +31,9 @@ then if [ "$3" = "group" ] then get_device_group $4 + elif [ "$3" = "info" ] + then + get_device $4 fi fi # elif [ "$1" = "add" ] @@ -54,6 +64,12 @@ elif [ "$1" = "show" ] then if [ "$2" = "device" ] then - show_devices + if [ -z "$3" ] + then + show_devices + elif [ "$3" = "name" ] + then + show_device_by_name "$4" + fi fi fi \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh index 8b45203..94f6d3c 100644 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ b/usr/local/share/wanpad/lib/adm-lib.sh @@ -17,6 +17,21 @@ # This file exists for administration of the WANPAD controller. Will be completed in the near future. +adm_usage() +{ + cat << EOF +Usage: + wanpadctl adm COMMAND [args] + +COMMAND + Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, delete and show (or list ) objects, but some objects + do not allow all of these operations or have some additional commands. The help command is available for all objects. + +Use "wanpad -v|--version" for version information. +EOF + exit 1 +} + bgp_mesh_usage() { echo -e "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]" @@ -90,6 +105,43 @@ show_devices() { local response_json="$(get_api /wanpad/api/v1/devices/devices-list/)" + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + + case $val_status_code in + 200) + echo $response_json | jq -s '.[0]' + ;; + *) + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." + echo $response_json | jq + exit 1 + ;; + esac +} + +get_device() +{ + number_validator $1 || adm_usage + local response_json="$(get_api /wanpad/api/v1/devices/devices-list/$1/)" + + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) + + case $val_status_code in + 200) + echo $response_json | jq -s '.[0]' + ;; + *) + print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." + echo $response_json | jq + exit 1 + ;; + esac +} + +show_device_by_name() +{ + local response_json="$(get_api /wanpad/api/v1/devices/devices-list/?search="$1")" + local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) case $val_status_code in diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index b1c2ad1..c21fa5a 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -25,6 +25,18 @@ print_error() printf "${RED}ERROR:\t$1${NC}\n" } +number_validator() +{ + case $1 in + ''|*[!0-9]*) + false + ;; + *) + true + ;; + esac +} + force_run_as_root() { uid=`id -u` From 9973a6dec0e7fa8f388acb2cd59910a9a98d14c4 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 12:29:03 +0330 Subject: [PATCH 06/48] update api --- usr/local/share/wanpad/lib/adm-lib.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh index 94f6d3c..31a5cf5 100644 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ b/usr/local/share/wanpad/lib/adm-lib.sh @@ -39,7 +39,7 @@ bgp_mesh_usage() get_device_group() { - local response_json="$(get_api /wanpad/api/v1/devices/devices-group/)" + local response_json="$(get_api /wanpad/api/v1/devices/group/)" local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) @@ -85,7 +85,7 @@ bgp_mesh_selected_device() shift local data="$(echo $@ | jq -R "split(\",\")|{devices:[.[]], local_as: \"$LOCAL_AS\"}")" - local response_json="$(post_api /wanpad/api/v1/bgp/multi/bgp/neighbors/selected_devices/ $data)" + local response_json="$(post_api /wanpad/api/v1/bgp/mesh/neighbors/selected_devices/ $data)" local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) From 8f5536ddccbf0882ef6e1cdbf13da5bcb3da7433 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 12:29:03 +0330 Subject: [PATCH 07/48] update api bugfix on token validation --- usr/local/bin/wanpadctl | 2 +- usr/local/share/wanpad/init.sh | 2 +- usr/local/share/wanpad/install.sh | 2 -- usr/local/share/wanpad/lib/adm-lib.sh | 6 +++--- usr/local/share/wanpad/lib/base-lib.sh | 18 ++++++++---------- usr/local/share/wanpad/lib/ztp-lib.sh | 7 ++++--- 6 files changed, 17 insertions(+), 20 deletions(-) diff --git a/usr/local/bin/wanpadctl b/usr/local/bin/wanpadctl index 070e083..b7add28 100644 --- a/usr/local/bin/wanpadctl +++ b/usr/local/bin/wanpadctl @@ -56,5 +56,5 @@ if [ -f "${SCRIPTPATH}" ]; then : "${SH:=sh}" exec "${SH}" "${SCRIPTPATH}" "$@" else - error_exit "${SCRIPTPATH} not found." + print_error "${SCRIPTPATH} not found." fi \ No newline at end of file diff --git a/usr/local/share/wanpad/init.sh b/usr/local/share/wanpad/init.sh index a7a0c42..ecd86d0 100755 --- a/usr/local/share/wanpad/init.sh +++ b/usr/local/share/wanpad/init.sh @@ -37,6 +37,6 @@ case "$NA" in ;; esac -validate_token save_ztp_config +validate_token $2 run_ztp_py diff --git a/usr/local/share/wanpad/install.sh b/usr/local/share/wanpad/install.sh index a9e7ad7..9d5ac3f 100755 --- a/usr/local/share/wanpad/install.sh +++ b/usr/local/share/wanpad/install.sh @@ -18,9 +18,7 @@ . /usr/local/etc/wanpad/wanpad.conf . /usr/local/share/wanpad/common.sh -set +x force_run_as_root -set -x configure_birdwatcher if [ "$OSKERNEL" = "Linux" ]; then diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh index 94f6d3c..3d01cad 100644 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ b/usr/local/share/wanpad/lib/adm-lib.sh @@ -34,12 +34,12 @@ EOF bgp_mesh_usage() { - echo -e "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]" + echo "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]\n" } get_device_group() { - local response_json="$(get_api /wanpad/api/v1/devices/devices-group/)" + local response_json="$(get_api /wanpad/api/v1/devices/group/)" local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) @@ -85,7 +85,7 @@ bgp_mesh_selected_device() shift local data="$(echo $@ | jq -R "split(\",\")|{devices:[.[]], local_as: \"$LOCAL_AS\"}")" - local response_json="$(post_api /wanpad/api/v1/bgp/multi/bgp/neighbors/selected_devices/ $data)" + local response_json="$(post_api /wanpad/api/v1/bgp/mesh/neighbors/selected_devices/ $data)" local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index c21fa5a..67370a0 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -104,27 +104,25 @@ EOF exit 1 } -get_api() +get_controller_url() { - local CONTROLLER_API_PATH="$1" + local CONTROLLER_API_PATH="$1" # Run get scheme for CONTROLLER_SCHEME variable get_scheme - local CONTROLLER_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" + echo "${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" +} +get_api() +{ + local CONTROLLER_URL="$(get_controller_url $1)" curl -s -X GET $CONTROLLER_URL -H 'Content-Type: application/json' -H "Authorization: Basic ${TOKEN}" -w "%{json}" } post_api() { - local CONTROLLER_API_PATH="$1" local data="$2" - - # Run get scheme for CONTROLLER_SCHEME variable - get_scheme - - local CONTROLLER_URL="${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" - + local CONTROLLER_URL="$(get_controller_url $1)" curl -s -X POST $CONTROLLER_URL -H 'Content-Type: application/json' -H "Authorization: Basic ${TOKEN}" -d "$data" -w "%{json}" } \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index e63e403..14d6ef9 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -28,10 +28,10 @@ Please Provide the following information: validate_token() { - local response_json="$(get_api /wanpad/api/v1/auth/validate_token/)" + local data="$(echo '{}' | jq -c --arg token $1 '.token=$token')" + + local val_status_code="$(post_api /wanpad/api/v1/auth/validate_token/ "$data" | jq -s '.[].http_code')" - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - case $val_status_code in 200) echo Great! your token is valid. @@ -58,5 +58,6 @@ run_ztp_py() set -a . /usr/local/etc/wanpad/wanpad.conf set +a + export CONTROLLER_TOKEN_VALIDATION_URL="$(get_controller_url /wanpad/api/v1/auth/validate_token/)" python3 /usr/local/share/wanpad/ztp/pnp-client.py } \ No newline at end of file From 0e8e40a4befa57fe991368fa6e950e18e034d914 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 13:50:37 +0330 Subject: [PATCH 08/48] md enhancement --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 321483a..3a4113e 100644 --- a/README.md +++ b/README.md @@ -43,8 +43,6 @@ Login as `root`. > NOTE: Please just hit `Enter` when you are prompted for a configuration in a pink screen! (linux only) -> NOTE 2: The SSH service will be running on port 24489 after running this script! - ```sh git clone https://github.com/HoopadCorp/wanpad-edge.git git lfs pull @@ -52,6 +50,8 @@ make install wanpadctl install ``` +> NOTE 2: The SSH service will be running on port 24489 after installation + Wait for the installation to be completed. If there are any errors, feel free to reach out to _issues_ and inform us or call the tech assistans! ### Uninstall @@ -76,7 +76,7 @@ wanpadctl init You'll be prompted to enter your controller URL and access token: -``` +```txt Please Provide the following information: WANPAD controller address: Your access token: @@ -129,7 +129,7 @@ wanpadctl adm show device name wpe-210 wanpadctl adm get device info ID ``` -# Contributions +## Contributions Any PR(s) are welcomed. Check the wiki section of Github for more information. From ebd059609c5fcc88930d985d521a32ada5b2c45d Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 14:30:52 +0330 Subject: [PATCH 09/48] Add set_token --- usr/local/share/wanpad/adm.sh | 11 ++++++----- usr/local/share/wanpad/lib/adm-lib.sh | 17 +++++++++++++++++ usr/local/share/wanpad/lib/ztp-lib.sh | 10 ++++++++-- 3 files changed, 31 insertions(+), 7 deletions(-) diff --git a/usr/local/share/wanpad/adm.sh b/usr/local/share/wanpad/adm.sh index c2b5f67..a17ef55 100644 --- a/usr/local/share/wanpad/adm.sh +++ b/usr/local/share/wanpad/adm.sh @@ -52,13 +52,14 @@ then if [ "$3" = "mesh" ] then shift 3 - if [ $# -ne 2 ] - then - bgp_mesh_usage - exit 1 - fi + [ $# -ne 2 ] && bgp_mesh_usage bgp_mesh_selected_device "$1" "$2" fi + elif [ "$2" = "token" ] + then + shift 2 + [ $# -ne 1 ] && set_token_usage + set_token "$1" fi elif [ "$1" = "show" ] then diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh index 3d01cad..cc33ae0 100644 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ b/usr/local/share/wanpad/lib/adm-lib.sh @@ -35,6 +35,13 @@ EOF bgp_mesh_usage() { echo "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]\n" + exit 1 +} + +set_token_usage() +{ + echo "Usage: wanpadctl adm set token [ token ]\n" + exit 1 } get_device_group() @@ -154,4 +161,14 @@ show_device_by_name() exit 1 ;; esac +} + +set_token() +{ + if [ "${OSKERNEL}" = "FreeBSD" ] + then + sed -i '.bak' "/^TOKEN=/s/=.*/=$1/" /usr/local/etc/wanpad/wanpad.conf + else + sed -i.bak -e "/^TOKEN=/s/=.*/=$1/" /usr/local/etc/wanpad/wanpad.conf + fi } \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 14d6ef9..b96c3fd 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -49,8 +49,14 @@ validate_token() save_ztp_config() { - sed -i.bak -e "/^CONTROLLER_DOMAIN=/s/=.*/=${CONTROLLER_DOMAIN}/" \ - -e "/^TOKEN=/s/=.*/=$TOKEN/" /usr/local/etc/wanpad/wanpad.conf + if [ "${OSKERNEL}" = "FreeBSD" ] + then + sed -i '.bak' -e "/^CONTROLLER_DOMAIN=/s/=.*/=${CONTROLLER_DOMAIN}/" \ + -e "/^TOKEN=/s/=.*/=$TOKEN/" /usr/local/etc/wanpad/wanpad.conf + else + sed -i.bak -e "/^CONTROLLER_DOMAIN=/s/=.*/=${CONTROLLER_DOMAIN}/" \ + -e "/^TOKEN=/s/=.*/=$TOKEN/" /usr/local/etc/wanpad/wanpad.conf + fi } run_ztp_py() From 2b62e602d155b6428f3a82918bbf898f578f2056 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 17:30:42 +0330 Subject: [PATCH 10/48] bugfix init --- usr/local/share/wanpad/lib/ztp-lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index b96c3fd..4709802 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -30,7 +30,7 @@ validate_token() { local data="$(echo '{}' | jq -c --arg token $1 '.token=$token')" - local val_status_code="$(post_api /wanpad/api/v1/auth/validate_token/ "$data" | jq -s '.[].http_code')" + local val_status_code="$(post_api /wanpad/api/v1/auth/validate_token/ "$data" | jq -s '.[1].http_code')" case $val_status_code in 200) From 1fcabd1ca2e598843acf8fc219d52b1c44f8f1c5 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 17:39:16 +0330 Subject: [PATCH 11/48] bugfix on token validation --- usr/local/share/wanpad/lib/ztp-lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 4709802..9a6c62c 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -30,7 +30,7 @@ validate_token() { local data="$(echo '{}' | jq -c --arg token $1 '.token=$token')" - local val_status_code="$(post_api /wanpad/api/v1/auth/validate_token/ "$data" | jq -s '.[1].http_code')" + local val_status_code="$(post_api /wanpad/api/v1/auth/validate_token/ "$data" | jq -s 'add | .http_code')" case $val_status_code in 200) From dda9611fbb61c47d4f4d330ac317475b09f5f8a7 Mon Sep 17 00:00:00 2001 From: ali Date: Mon, 11 Mar 2024 20:51:26 +0330 Subject: [PATCH 12/48] install: bugfix on ssh configuration --- usr/local/share/wanpad/install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/install.sh b/usr/local/share/wanpad/install.sh index 9d5ac3f..a09fb03 100755 --- a/usr/local/share/wanpad/install.sh +++ b/usr/local/share/wanpad/install.sh @@ -29,6 +29,6 @@ enable_ipv4_forward set_fib_multipath_hash_policy_1 set_fib_ip_no_pmtu_disc_1 configure_fprobe -set_ssh_default_port +configure_ssh configure_snmpd save_current_nameserver_conf_and_disable_resolved From aa72a5a0b21240cc7b5bd35c1fef84ec542829b0 Mon Sep 17 00:00:00 2001 From: ali Date: Mon, 11 Mar 2024 20:56:00 +0330 Subject: [PATCH 13/48] install: bugfix on snmpd --- usr/local/share/wanpad/lib/install-lib.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 63b6a60..df2eda3 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -95,10 +95,9 @@ configure_snmpd() else wanpad_snmpd_config="/etc/${service}/${daemon}.conf" fi - local flag=`grep "${wanpad_conf_message}" $wanpad_snmpd_config` + local flag="$(grep "$wanpad_conf_message" $wanpad_snmpd_config)" - - if [[ -z $flag ]] + if [[ -z "$flag" ]] then cp "${CLIENT_SERVICES_DIR}/${service}/${daemon}.conf" $wanpad_snmpd_config service ${daemon} restart From d58f80ae2f3dcd4504251277df60999cb79ba593 Mon Sep 17 00:00:00 2001 From: ali Date: Mon, 11 Mar 2024 21:08:52 +0330 Subject: [PATCH 14/48] install: enhancement on nameserver --- usr/local/share/wanpad/lib/install-lib.sh | 45 +++++++++++------------ 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index df2eda3..ef7ce11 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -120,33 +120,33 @@ disable_stop_systemd_resolved() # nameservers by simply editing /etc/resolv.conf . save_current_nameserver_conf_and_disable_resolved() { - current_etc_resolv_conf=`cat /etc/resolv.conf | grep nameserver | awk '{print $2}'` + current_etc_resolv_conf="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}')" if [ -n "$(netplan get)" ]; then - netplan_conf_file=`ls /etc/netplan/*.y*ml | head -1` - if [[ $current_etc_resolv_conf == "127.0.0.53" ]] + netplan_conf_file="$(ls /etc/netplan/*.y*ml | head -1)" + if [[ "$current_etc_resolv_conf" == "127.0.0.53" ]] then - nameserver1_temp=`cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -1 ` - nameserver2_temp=`cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -2 | tail -1` + nameserver1_temp="$(cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -1)" + nameserver2_temp="$(cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -2 | tail -1)" - if [[ -n $nameserver1_temp ]] + if [[ -n "$nameserver1_temp" ]] then - DEFAULT_NS1=`echo $nameserver1_temp` - if [[ -n $nameserver1_temp ]] + DEFAULT_NS1="$(echo "$nameserver1_temp")" + if [[ -n "$nameserver1_temp" ]] then - DEFAULT_NS2=`echo $nameserver2_temp` + DEFAULT_NS2="$(echo $nameserver2_temp)" fi fi else - if [[ -n $current_etc_resolv_conf ]] + if [[ -n "$current_etc_resolv_conf" ]] then - nameserver1_temp=`cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -1 ` - nameserver2_temp=`cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -2 | tail -1` - if [[ -n $nameserver1_temp ]] + nameserver1_temp="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -1)" + nameserver2_temp="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -2 | tail -1)" + if [[ -n "$nameserver1_temp" ]] then - DEFAULT_NS1=`echo $nameserver1_temp` - if [[ -n $nameserver1_temp ]] + DEFAULT_NS1="$(echo $nameserver1_temp)" + if [[ -n "$nameserver1_temp" ]] then - DEFAULT_NS2=`echo $nameserver2_temp` + DEFAULT_NS2="$(echo $nameserver2_temp)" fi fi fi @@ -156,14 +156,13 @@ save_current_nameserver_conf_and_disable_resolved() chattr -i /etc/resolv.conf rm /etc/resolv.conf disable_stop_systemd_resolved - echo "nameserver $DEFAULT_NS1" > /etc/resolv.conf - echo "nameserver $DEFAULT_NS2" >> /etc/resolv.conf - set +x + [ -n "$DEFAULT_NS1" ] && echo "nameserver $DEFAULT_NS1" > /etc/resolv.conf + [ -n "$DEFAULT_NS2" ] && echo "nameserver $DEFAULT_NS2" >> /etc/resolv.conf + echo "PLEASE NOTE: The following servers are set as your DNS servers. - you can change this configuration by editing /etc/resolv.conf - - " - set -x + you can change this configuration by editing /etc/resolv.conf\n" + + cat /etc/resolv.conf } From 98c80abd2498fec47f8c9750e6e956d18fce4ee2 Mon Sep 17 00:00:00 2001 From: ali Date: Mon, 11 Mar 2024 21:13:34 +0330 Subject: [PATCH 15/48] install: replace tee with redirect --- usr/local/share/wanpad/install.sh | 2 +- usr/local/share/wanpad/lib/install-lib.sh | 20 ++++++++------------ 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/usr/local/share/wanpad/install.sh b/usr/local/share/wanpad/install.sh index a09fb03..1f44411 100755 --- a/usr/local/share/wanpad/install.sh +++ b/usr/local/share/wanpad/install.sh @@ -26,7 +26,7 @@ if [ "$OSKERNEL" = "Linux" ]; then fi start_wanpad_services enable_ipv4_forward -set_fib_multipath_hash_policy_1 +set_fib_multipath_hash_policy set_fib_ip_no_pmtu_disc_1 configure_fprobe configure_ssh diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index ef7ce11..9c62852 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -27,8 +27,8 @@ enable_wanpad_systemd_services() find /etc/systemd/ -lname "/usr/local/share/wanpad/client-services/wanpad-*.service" -exec rm {} + # remove any wanpad_os service existing on the host systemctl daemon-reload - for i in `ls /usr/local/share/wanpad/client-services/wanpad-*.service | xargs` - do systemctl enable $i || true + for service in "$(ls /usr/local/share/wanpad/client-services/wanpad-*.service | xargs)" + do systemctl enable $service || true done } @@ -39,19 +39,19 @@ start_wanpad_services() enable_ipv4_forward() { - echo "net.ipv4.ip_forward=1" | tee /etc/sysctl.d/10-ip_forward.conf + echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/10-ip_forward.conf sysctl -w net.ipv4.ip_forward=1 } -set_fib_multipath_hash_policy_1() +set_fib_multipath_hash_policy() { - echo 'net.ipv4.fib_multipath_hash_policy=1' | tee /etc/sysctl.d/10-fib_multipath_hash_policy.conf + echo 'net.ipv4.fib_multipath_hash_policy=1' > /etc/sysctl.d/10-fib_multipath_hash_policy.conf sysctl -w net.ipv4.fib_multipath_hash_policy=1 } set_fib_ip_no_pmtu_disc_1() { - echo 'net.ipv4.ip_no_pmtu_disc = 1' | tee /etc/sysctl.d/10-ip-no-pmtu-disc.conf + echo 'net.ipv4.ip_no_pmtu_disc=1' > /etc/sysctl.d/10-ip-no-pmtu-disc.conf sysctl -w net.ipv4.ip_no_pmtu_disc=1 } @@ -111,11 +111,6 @@ configure_snmpd() fi } -disable_stop_systemd_resolved() -{ - systemctl disable --now systemd-resolved -} - # This function enables controller to be able to change the # nameservers by simply editing /etc/resolv.conf . save_current_nameserver_conf_and_disable_resolved() @@ -155,7 +150,8 @@ save_current_nameserver_conf_and_disable_resolved() chattr -i /etc/resolv.conf rm /etc/resolv.conf - disable_stop_systemd_resolved + + [ "$OSKERNEL" == "Linux" ] && systemctl disable --now systemd-resolved [ -n "$DEFAULT_NS1" ] && echo "nameserver $DEFAULT_NS1" > /etc/resolv.conf [ -n "$DEFAULT_NS2" ] && echo "nameserver $DEFAULT_NS2" >> /etc/resolv.conf From 27f057963e4726ed06729ff7495222efd322a12b Mon Sep 17 00:00:00 2001 From: ali Date: Mon, 11 Mar 2024 21:18:13 +0330 Subject: [PATCH 16/48] install: bugfix on nameserver --- usr/local/share/wanpad/install.sh | 4 +--- usr/local/share/wanpad/lib/install-lib.sh | 16 ++++++++-------- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/usr/local/share/wanpad/install.sh b/usr/local/share/wanpad/install.sh index 1f44411..58318d8 100755 --- a/usr/local/share/wanpad/install.sh +++ b/usr/local/share/wanpad/install.sh @@ -21,9 +21,7 @@ force_run_as_root configure_birdwatcher -if [ "$OSKERNEL" = "Linux" ]; then - enable_wanpad_systemd_services -fi +[ "$OSKERNEL" = "Linux" ] && enable_wanpad_systemd_services start_wanpad_services enable_ipv4_forward set_fib_multipath_hash_policy diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 9c62852..21797af 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -97,7 +97,7 @@ configure_snmpd() fi local flag="$(grep "$wanpad_conf_message" $wanpad_snmpd_config)" - if [[ -z "$flag" ]] + if [ -z "$flag" ] then cp "${CLIENT_SERVICES_DIR}/${service}/${daemon}.conf" $wanpad_snmpd_config service ${daemon} restart @@ -118,28 +118,28 @@ save_current_nameserver_conf_and_disable_resolved() current_etc_resolv_conf="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}')" if [ -n "$(netplan get)" ]; then netplan_conf_file="$(ls /etc/netplan/*.y*ml | head -1)" - if [[ "$current_etc_resolv_conf" == "127.0.0.53" ]] + if [ "$current_etc_resolv_conf" = "127.0.0.53" ] then nameserver1_temp="$(cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -1)" nameserver2_temp="$(cat ${netplan_conf_file} | yq -e '.network.*.*.nameservers.addresses[]' | head -2 | tail -1)" - if [[ -n "$nameserver1_temp" ]] + if [ -n "$nameserver1_temp" ] then DEFAULT_NS1="$(echo "$nameserver1_temp")" - if [[ -n "$nameserver1_temp" ]] + if [ -n "$nameserver1_temp" ] then DEFAULT_NS2="$(echo $nameserver2_temp)" fi fi else - if [[ -n "$current_etc_resolv_conf" ]] + if [ -n "$current_etc_resolv_conf" ] then nameserver1_temp="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -1)" nameserver2_temp="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}'| head -2 | tail -1)" - if [[ -n "$nameserver1_temp" ]] + if [ -n "$nameserver1_temp" ] then DEFAULT_NS1="$(echo $nameserver1_temp)" - if [[ -n "$nameserver1_temp" ]] + if [ -n "$nameserver1_temp" ] then DEFAULT_NS2="$(echo $nameserver2_temp)" fi @@ -151,7 +151,7 @@ save_current_nameserver_conf_and_disable_resolved() chattr -i /etc/resolv.conf rm /etc/resolv.conf - [ "$OSKERNEL" == "Linux" ] && systemctl disable --now systemd-resolved + [ "$OSKERNEL" = "Linux" ] && systemctl disable --now systemd-resolved [ -n "$DEFAULT_NS1" ] && echo "nameserver $DEFAULT_NS1" > /etc/resolv.conf [ -n "$DEFAULT_NS2" ] && echo "nameserver $DEFAULT_NS2" >> /etc/resolv.conf From 8c15282de8fd1b5365074e6ac04aa38394023118 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 21:56:10 +0330 Subject: [PATCH 17/48] install: add installonly make and ssh bugfix --- Makefile | 15 +++++++++++++++ usr/local/share/wanpad/common.sh | 2 ++ usr/local/share/wanpad/lib/install-lib.sh | 13 +++++++------ usr/local/share/wanpad/ssh/99-wanpad.conf | 2 +- 4 files changed, 25 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index fafc540..bacb846 100644 --- a/Makefile +++ b/Makefile @@ -133,6 +133,21 @@ liteinstall: litedeps echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ fi +.PHONY: installonly +installonly: + @echo "Installing wanpad version" + @echo + @cp -Rv usr / + @chmod +x ${WANPAD_CMD} + @echo + @echo "Installing wanpad configuration" + @if [ ! -s /usr/local/etc/wanpad/wanpad.conf ]; then\ + cp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf;\ + else\ + echo "wanpad configuration file is already exists at /usr/local/etc/wanpad/wanpad.conf.";\ + echo "If you want the new configuration use the following command below:";\ + echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ + fi .PHONY: debug debug: diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index ffa4655..ba6efa0 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -15,7 +15,9 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +set -a . /usr/local/etc/wanpad/wanpad.conf +set +a # Base library should be first to call . /usr/local/share/wanpad/lib/base-lib.sh diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 21797af..7cb5161 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -68,17 +68,17 @@ configure_fprobe() configure_ssh() { - if [ $OSKERNEL = "FreeBSD" ]; then + if [ "$OSKERNEL" = "FreeBSD" ] + then sed -i '' -e '/.*Port */d' /etc/ssh/sshd_config envsubst < /usr/local/share/wanpad/ssh/99-wanpad.conf >> /etc/ssh/sshd_config else envsubst < /usr/local/share/wanpad/ssh/99-wanpad.conf > /etc/ssh/sshd_config.d/99-wanpad.conf - echo "DebianBanner no" >> /etc/ssh/sshd_config.d/99-wanpad.conf + sed -i -e '1s/$$/\nDebianBanner no/' /etc/ssh/sshd_config.d/99-wanpad.conf fi - set +x ; - echo "\nNOTICE: + + echo "NOTICE: The SSH port will be changed to $DEFAULT_SSH_PORT.\n" - set -x; service sshd restart } @@ -90,7 +90,8 @@ configure_snmpd() local wanpad_conf_message="# Configured By WANPAD" local service='snmp' local daemon='snmpd' - if [ $OSKERNEL = "FreeBSD" ]; then + if [ "$OSKERNEL" = "FreeBSD" ] + then wanpad_snmpd_config="/etc/${daemon}.config" else wanpad_snmpd_config="/etc/${service}/${daemon}.conf" diff --git a/usr/local/share/wanpad/ssh/99-wanpad.conf b/usr/local/share/wanpad/ssh/99-wanpad.conf index 38e14ad..6828fa2 100644 --- a/usr/local/share/wanpad/ssh/99-wanpad.conf +++ b/usr/local/share/wanpad/ssh/99-wanpad.conf @@ -1,4 +1,4 @@ -Port $WANPAD_PORT +Port $DEFAULT_SSH_PORT HostKey /etc/ssh/ssh_host_ecdsa_key TCPKeepAlive yes ClientAliveInterval 60 From ce010c22a641eb70f6d4762aa04fd4c2ea094c3d Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 22:57:19 +0330 Subject: [PATCH 18/48] install: ssh bugfix for linux --- usr/local/share/wanpad/lib/install-lib.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 7cb5161..993c3cb 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -74,7 +74,8 @@ configure_ssh() envsubst < /usr/local/share/wanpad/ssh/99-wanpad.conf >> /etc/ssh/sshd_config else envsubst < /usr/local/share/wanpad/ssh/99-wanpad.conf > /etc/ssh/sshd_config.d/99-wanpad.conf - sed -i -e '1s/$$/\nDebianBanner no/' /etc/ssh/sshd_config.d/99-wanpad.conf + # Non-POSIX SED + sed -i -e '1{/^DebianBanner .*/!s/^/DebianBanner no\n/}' /etc/ssh/sshd_config.d/99-wanpad.conf fi echo "NOTICE: From 8b555b5e00849dc8f79bf60cf9f00037a197cf44 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 11 Mar 2024 23:10:25 +0330 Subject: [PATCH 19/48] install: snmpd bugfix --- usr/local/share/wanpad/lib/install-lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 993c3cb..f2bce7e 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -101,7 +101,7 @@ configure_snmpd() if [ -z "$flag" ] then - cp "${CLIENT_SERVICES_DIR}/${service}/${daemon}.conf" $wanpad_snmpd_config + cp "/usr/local/share/wanpad/${service}/${daemon}.conf" $wanpad_snmpd_config service ${daemon} restart set +x echo "snmp is not yet configured by wanpad" From f5011b2452a76b7e97f65c44bab38ee113fb538e Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 19 Apr 2024 22:34:05 +0330 Subject: [PATCH 20/48] Add swanctl and ocserv Signed-off-by: Pouria Mousavizadeh Tehrani --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index bacb846..a0038c8 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ deps: @echo "Install applications" @if [ -e /etc/debian_version ]; then\ DEBIAN_FRONTEND=noninteractive apt install -y net-tools git openvpn python3-pip wireguard snmpd libqmi-utils udhcpc build-essential\ - python3-dev strongswan strongswan-starter frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq;\ + python3-dev strongswan strongswan-starter strongswan-swanctl ocserv frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq;\ elif [ "${OS}" = "FreeBSD" ]; then\ pkg install -y git openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go jq;\ fi @@ -245,4 +245,4 @@ purge: uninstall python3-dev strongswan strongswan-starter frr bird2 keepalived fprobe golang-1.20-go;\ elif [ "${OS}" = "FreeBSD"]; then\ pkg delete -y git openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go;\ - fi \ No newline at end of file + fi From c1cc0b9a88e2e2296a0747746b1827b21915fb99 Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 14:51:56 +0330 Subject: [PATCH 21/48] Add UDPSpeeder + replace git with git-lite on freebsd Signed-off-by: Pouria Mousavizadeh Tehrani --- Makefile | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a0038c8..fe77ba1 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ deps: DEBIAN_FRONTEND=noninteractive apt install -y net-tools git openvpn python3-pip wireguard snmpd libqmi-utils udhcpc build-essential\ python3-dev strongswan strongswan-starter strongswan-swanctl ocserv frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq;\ elif [ "${OS}" = "FreeBSD" ]; then\ - pkg install -y git openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go jq;\ + pkg install -y git-lite openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go jq gcc49;\ fi @echo @echo "Install python applications" @@ -42,6 +42,17 @@ deps: rm -rf /tmp/node_exporter*;\ fi @echo + @echo "Install UDPSpeeder (FEC)" + @echo + @git clone https://github.com/wangyu-/UDPspeeder.git /tmp/UDPspeeder + @cd /tmp/UDPspeeder + @if [ -e /etc/debian_version ]; then\ + make;\ + elif [ "${OS}" = "FreeBSD" ]; then\ + make freebsd;\ + fi + @cd - + @echo @echo "Install birdwatcher" @echo @if [ ! -s /usr/local/bin/birdwatcher ]; then\ From 55d79e7f5a68d662ebed78ab9a32690d68bde5cc Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 14:54:52 +0330 Subject: [PATCH 22/48] add g++ symlink to FreeBSD Version Signed-off-by: Pouria Mousavizadeh Tehrani --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index fe77ba1..dcc56fb 100644 --- a/Makefile +++ b/Makefile @@ -49,6 +49,7 @@ deps: @if [ -e /etc/debian_version ]; then\ make;\ elif [ "${OS}" = "FreeBSD" ]; then\ + ln -s /usr/local/bin/g++49 /usr/local/bin/g++;\ make freebsd;\ fi @cd - From cb37e015a0198d054398de3d5771c4e269468ce8 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:01:39 +0330 Subject: [PATCH 23/48] Add to startup files --- usr/local/etc/wanpad/startup/startup-0.sh | 1 + usr/local/etc/wanpad/startup/startup-4.sh | 1 + usr/local/etc/wanpad/startup/startup-5.sh | 1 + usr/local/etc/wanpad/startup/startup-6.sh | 1 + usr/local/etc/wanpad/startup/startup-7.sh | 1 + usr/local/etc/wanpad/startup/startup-8.sh | 1 + usr/local/etc/wanpad/startup/startup-9.sh | 1 + usr/local/etc/wanpad/startup/startup.sh | 7 +++++++ 8 files changed, 14 insertions(+) create mode 100755 usr/local/etc/wanpad/startup/startup-0.sh create mode 100755 usr/local/etc/wanpad/startup/startup-4.sh create mode 100755 usr/local/etc/wanpad/startup/startup-5.sh create mode 100755 usr/local/etc/wanpad/startup/startup-6.sh create mode 100755 usr/local/etc/wanpad/startup/startup-7.sh create mode 100755 usr/local/etc/wanpad/startup/startup-8.sh create mode 100755 usr/local/etc/wanpad/startup/startup-9.sh diff --git a/usr/local/etc/wanpad/startup/startup-0.sh b/usr/local/etc/wanpad/startup/startup-0.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-0.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-4.sh b/usr/local/etc/wanpad/startup/startup-4.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-4.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-5.sh b/usr/local/etc/wanpad/startup/startup-5.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-5.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-6.sh b/usr/local/etc/wanpad/startup/startup-6.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-6.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-7.sh b/usr/local/etc/wanpad/startup/startup-7.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-7.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-8.sh b/usr/local/etc/wanpad/startup/startup-8.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-8.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup-9.sh b/usr/local/etc/wanpad/startup/startup-9.sh new file mode 100755 index 0000000..1a24852 --- /dev/null +++ b/usr/local/etc/wanpad/startup/startup-9.sh @@ -0,0 +1 @@ +#!/bin/sh diff --git a/usr/local/etc/wanpad/startup/startup.sh b/usr/local/etc/wanpad/startup/startup.sh index 1ae70bd..5b6244a 100755 --- a/usr/local/etc/wanpad/startup/startup.sh +++ b/usr/local/etc/wanpad/startup/startup.sh @@ -5,6 +5,13 @@ DIR="/usr/local/etc/wanpad/startup" +. ${DIR}/startup-0.sh . ${DIR}/startup-1.sh . ${DIR}/startup-2.sh . ${DIR}/startup-3.sh +. ${DIR}/startup-4.sh +. ${DIR}/startup-5.sh +. ${DIR}/startup-6.sh +. ${DIR}/startup-7.sh +. ${DIR}/startup-8.sh +. ${DIR}/startup-9.sh From df9c42904d3a811393ce63aaa2d2d5b2a3e8671c Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:17:43 +0330 Subject: [PATCH 24/48] UDPspeeder cleaning Signed-off-by: Pouria Mousavizadeh Tehrani --- Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index dcc56fb..02176c6 100644 --- a/Makefile +++ b/Makefile @@ -45,14 +45,14 @@ deps: @echo "Install UDPSpeeder (FEC)" @echo @git clone https://github.com/wangyu-/UDPspeeder.git /tmp/UDPspeeder - @cd /tmp/UDPspeeder @if [ -e /etc/debian_version ]; then\ - make;\ + make -C /tmp/UDPspeeder;\ elif [ "${OS}" = "FreeBSD" ]; then\ ln -s /usr/local/bin/g++49 /usr/local/bin/g++;\ - make freebsd;\ + make -C /tmp/UDPspeeder freebsd;\ fi - @cd - + @cp /tmp/UDPspeeder/speederv2 /usr/local/bin/ + @rm -rf /tmp/UDPspeeder @echo @echo "Install birdwatcher" @echo From b031719c9b3a3603ba82e0de925e51eeea75a26b Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:23:40 +0330 Subject: [PATCH 25/48] add smoeping-prober --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 02176c6..41a06c8 100644 --- a/Makefile +++ b/Makefile @@ -25,7 +25,7 @@ deps: @echo "Install applications" @if [ -e /etc/debian_version ]; then\ DEBIAN_FRONTEND=noninteractive apt install -y net-tools git openvpn python3-pip wireguard snmpd libqmi-utils udhcpc build-essential\ - python3-dev strongswan strongswan-starter strongswan-swanctl ocserv frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq;\ + python3-dev strongswan strongswan-starter strongswan-swanctl ocserv frr bird2 keepalived fprobe sudo golang-1.20-go git-lfs jq prometheus-smokeping-prober;\ elif [ "${OS}" = "FreeBSD" ]; then\ pkg install -y git-lite openvpn python3 py39-pip strongswan frr9 frr9-pythontools bird2 fprobe sudo node_exporter go jq gcc49;\ fi From 8a1285a04f9e5dbf41f63e63a7668c9e77cfc129 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:32:42 +0330 Subject: [PATCH 26/48] configure smokeping-exporter --- usr/local/share/wanpad/install.sh | 1 + usr/local/share/wanpad/lib/install-lib.sh | 9 +++++++++ 2 files changed, 10 insertions(+) diff --git a/usr/local/share/wanpad/install.sh b/usr/local/share/wanpad/install.sh index 58318d8..1e19601 100755 --- a/usr/local/share/wanpad/install.sh +++ b/usr/local/share/wanpad/install.sh @@ -27,6 +27,7 @@ enable_ipv4_forward set_fib_multipath_hash_policy set_fib_ip_no_pmtu_disc_1 configure_fprobe +configure_prometheus_smokeping_prober configure_ssh configure_snmpd save_current_nameserver_conf_and_disable_resolved diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index f2bce7e..fbafbf2 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -66,6 +66,15 @@ configure_fprobe() done } +configure_prometheus_smokeping_prober() +{ + if [ "$OSKERNEL" = "Linux" ] + then + echo 'ARGS="--privileged"' > /etc/default/prometheus-smokeping-prober + service prometheus-smokeping-prober restart + fi +} + configure_ssh() { if [ "$OSKERNEL" = "FreeBSD" ] From f9222bb407dadc1ee49c616e6b2004322bdd4763 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:34:49 +0330 Subject: [PATCH 27/48] Check if speederv2 is installed or not --- Makefile | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 41a06c8..574e916 100644 --- a/Makefile +++ b/Makefile @@ -44,15 +44,17 @@ deps: @echo @echo "Install UDPSpeeder (FEC)" @echo - @git clone https://github.com/wangyu-/UDPspeeder.git /tmp/UDPspeeder - @if [ -e /etc/debian_version ]; then\ - make -C /tmp/UDPspeeder;\ - elif [ "${OS}" = "FreeBSD" ]; then\ - ln -s /usr/local/bin/g++49 /usr/local/bin/g++;\ - make -C /tmp/UDPspeeder freebsd;\ + @if [ ! -s /usr/local/bin/speederv2 ]; then\ + git clone https://github.com/wangyu-/UDPspeeder.git /tmp/UDPspeeder;\ + if [ -e /etc/debian_version ]; then\ + make -C /tmp/UDPspeeder;\ + elif [ "${OS}" = "FreeBSD" ]; then\ + ln -s /usr/local/bin/g++49 /usr/local/bin/g++;\ + make -C /tmp/UDPspeeder freebsd;\ + fi + cp /tmp/UDPspeeder/speederv2 /usr/local/bin/ + rm -rf /tmp/UDPspeeder fi - @cp /tmp/UDPspeeder/speederv2 /usr/local/bin/ - @rm -rf /tmp/UDPspeeder @echo @echo "Install birdwatcher" @echo From eafe7da08768326ca14511859349ca546629f696 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 15:35:37 +0330 Subject: [PATCH 28/48] Bugfix last commit --- Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 574e916..9972584 100644 --- a/Makefile +++ b/Makefile @@ -51,9 +51,9 @@ deps: elif [ "${OS}" = "FreeBSD" ]; then\ ln -s /usr/local/bin/g++49 /usr/local/bin/g++;\ make -C /tmp/UDPspeeder freebsd;\ - fi - cp /tmp/UDPspeeder/speederv2 /usr/local/bin/ - rm -rf /tmp/UDPspeeder + fi;\ + cp /tmp/UDPspeeder/speederv2 /usr/local/bin/;\ + rm -rf /tmp/UDPspeeder;\ fi @echo @echo "Install birdwatcher" From e20bb2e81903bc2c59dbc687b6a9a3a0a1fdb841 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 18:47:45 +0330 Subject: [PATCH 29/48] add sot command --- usr/local/share/man/man8/wanpadctl.8.gz | Bin 416 -> 472 bytes usr/local/share/wanpad/adm.sh | 2 ++ usr/local/share/wanpad/common.sh | 3 +- usr/local/share/wanpad/lib/base-lib.sh | 2 ++ usr/local/share/wanpad/lib/sot-lib.sh | 45 ++++++++++++++++++++++++ usr/local/share/wanpad/sot.sh | 35 ++++++++++++++++++ 6 files changed, 86 insertions(+), 1 deletion(-) create mode 100644 usr/local/share/wanpad/lib/sot-lib.sh create mode 100755 usr/local/share/wanpad/sot.sh diff --git a/usr/local/share/man/man8/wanpadctl.8.gz b/usr/local/share/man/man8/wanpadctl.8.gz index dd58ce9f46f4d8c7030179a6c0a9df5c2742bb91..d8ecfa437956706da53dd5a1c7dec86001f7b085 100644 GIT binary patch literal 472 zcmV;}0Vn<+iwFnzeae_#(B3dahg)nIZ*d^L#ZvXtfYrKQJ{7xtQI&IT=Q43`V8QYT zi<4H|!JSw}X$|X9GTvpP;3y-oG$wN%o%DDS&M?I34!vY;k5^Mn&<-}XlLZ-OzY3E_ zapC&ErC+3NBDn186*9Lbr}52V!|$SC2uVnUfki%%e-W8Ssi3OvpO;m+DIT6T#kVz# z(rbAz2rc>Kz>dyBV>DV$bge!P$y9XE>V)!iy{t&(SxwsY6^to^p44EX%@4YbD>?)I z(Sd{bIKk67<`Ija6;y&17q*wVpI(x36}eJ0k7leD8$EgO8u zMAM_pcbiOt^Zs9;j~Qx z*PXmlme!Og{#k1IpDauv8HqGl;*;~wBJ(5_s_NlsRh8S~)6=&2vcW99mIp)VoKFet zJX*9yljS7W>Eo0_#RQ#BEbnd?6bWA3q@CW#lqw8PO(w>Cqr14GGw7EN9K_p9Y|Lf- z`PcpD>M@=%w`k~03bmV}73|y;Y0ssJVTGP4! diff --git a/usr/local/share/wanpad/adm.sh b/usr/local/share/wanpad/adm.sh index a17ef55..e523457 100644 --- a/usr/local/share/wanpad/adm.sh +++ b/usr/local/share/wanpad/adm.sh @@ -73,4 +73,6 @@ then show_device_by_name "$4" fi fi +else + adm_usage fi \ No newline at end of file diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index ba6efa0..5177882 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -24,4 +24,5 @@ set +a . /usr/local/share/wanpad/lib/adm-lib.sh . /usr/local/share/wanpad/lib/install-lib.sh -. /usr/local/share/wanpad/lib/ztp-lib.sh \ No newline at end of file +. /usr/local/share/wanpad/lib/ztp-lib.sh +. /usr/local/share/wanpad/lib/sot-lib.sh \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index 67370a0..aaf05d1 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -96,6 +96,8 @@ Available Commands: init join to WANPAD controller. oob connect to WANPAD controller using oob network. lte configure lte module. (if any exists.) + sot client-side operations of source of truth. check wanpadctl(8) for more details. + adm administration tools of controller via admin api. check wanpadctl(8) for more details. Use "wanpad -v|--version" for version information. Use "wanpad command -h|--help" for more information about a command. diff --git a/usr/local/share/wanpad/lib/sot-lib.sh b/usr/local/share/wanpad/lib/sot-lib.sh new file mode 100644 index 0000000..fccf456 --- /dev/null +++ b/usr/local/share/wanpad/lib/sot-lib.sh @@ -0,0 +1,45 @@ +#!/bin/sh +# +# Copyright (c) 2024, Seyed Pouria Mousavizadeh Tehrani +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# This file exists for administration of the WANPAD controller. Will be completed in the near future. + +sot_usage() +{ + cat << EOF +Usage: + wanpadctl sot COMMAND [args] + +COMMAND + client-side operations of source of truth. + +Available Commands: + smokeping compare desired and current config file of smokeping probe to update the file and restart the service. + +Use "wanpad -v|--version" for version information. +EOF + exit 1 +} + +smokeping_compare_and_update() +{ + diff -q /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml + if [ "$?" != 0 ] + then + cp /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml + service prometheus-smokeping-prober restart + fi +} diff --git a/usr/local/share/wanpad/sot.sh b/usr/local/share/wanpad/sot.sh new file mode 100755 index 0000000..dea1875 --- /dev/null +++ b/usr/local/share/wanpad/sot.sh @@ -0,0 +1,35 @@ +#!/bin/sh +# +# Copyright (c) 2024, Seyed Pouria Mousavizadeh Tehrani +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +. /usr/local/share/wanpad/common.sh + +# Handle special-case commands first. +case "$1" in +help|-h|--help) + sot_usage + ;; +esac + +if [ "$1" = "update" ] +then + if [ "$2" = "smokeping" ] + then + smokeping_compare_and_update + fi +else + sot_usage +fi \ No newline at end of file From 89f32bc27709b348a15441d0c36b12719b7cc39c Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 18:51:43 +0330 Subject: [PATCH 30/48] add sot command --- usr/local/share/wanpad/lib/sot-lib.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/usr/local/share/wanpad/lib/sot-lib.sh b/usr/local/share/wanpad/lib/sot-lib.sh index fccf456..b13ca0c 100644 --- a/usr/local/share/wanpad/lib/sot-lib.sh +++ b/usr/local/share/wanpad/lib/sot-lib.sh @@ -21,13 +21,14 @@ sot_usage() { cat << EOF Usage: - wanpadctl sot COMMAND [args] + wanpadctl sot OPERATION COMMAND [args] -COMMAND - client-side operations of source of truth. +OPERATION + Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, update, delete and show (or list ) objects, but some objects + do not allow all of these operations or have some additional commands. The help command is available for all objects. Available Commands: - smokeping compare desired and current config file of smokeping probe to update the file and restart the service. + smokeping compare desired and current config file of smokeping probe to update the file and restart the service. (update operation only) Use "wanpad -v|--version" for version information. EOF From 4e91f3f4232eba7482eaa48a8c4f76df69d0fb9b Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Sun, 21 Apr 2024 18:55:02 +0330 Subject: [PATCH 31/48] add sot command --- usr/local/share/wanpad/lib/sot-lib.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/usr/local/share/wanpad/lib/sot-lib.sh b/usr/local/share/wanpad/lib/sot-lib.sh index b13ca0c..14595a8 100644 --- a/usr/local/share/wanpad/lib/sot-lib.sh +++ b/usr/local/share/wanpad/lib/sot-lib.sh @@ -37,10 +37,13 @@ EOF smokeping_compare_and_update() { - diff -q /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml - if [ "$?" != 0 ] + if [ -s /etc/prometheus/smokeping_prober.yml.sot ] then - cp /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml - service prometheus-smokeping-prober restart + diff -q /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml + if [ "$?" != 0 ] + then + cp /etc/prometheus/smokeping_prober.yml.sot /etc/prometheus/smokeping_prober.yml + service prometheus-smokeping-prober restart + fi fi } From 4fe187a9fab20b75f6601979ffd95a02e719f65c Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:12:29 +0330 Subject: [PATCH 32/48] Update README.md Signed-off-by: Pouria Mousavizadeh Tehrani --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3a4113e..45e42e5 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ After the prompt return, you should be able to access your device through the co - **NOTE:** You can also run the script in **non-interactive** mode, doing: ```sh -wanpadctl +wanpadctl init ``` ## Lite Version From c49ef768a2e5313360b8b98c44a0051ee9a073f6 Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:24:28 +0330 Subject: [PATCH 33/48] LITE_VERSION bugfix Signed-off-by: Pouria Mousavizadeh Tehrani --- usr/local/bin/wanpadctl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/bin/wanpadctl b/usr/local/bin/wanpadctl index b7add28..a0c0122 100644 --- a/usr/local/bin/wanpadctl +++ b/usr/local/bin/wanpadctl @@ -26,7 +26,7 @@ WANPAD_VERSION="3.0.0" export CMD=$1 shift -if [ -n "$LITE_VERSION" ] +if [ -n "${LITE_VERSION+true}" ] then if [ "$CMD" != "adm" ] then @@ -57,4 +57,4 @@ if [ -f "${SCRIPTPATH}" ]; then exec "${SH}" "${SCRIPTPATH}" "$@" else print_error "${SCRIPTPATH} not found." -fi \ No newline at end of file +fi From 723cf18c97d90a2cca35f1761584acaa5182a6ed Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:26:59 +0330 Subject: [PATCH 34/48] DOMAIN variable bugfix Signed-off-by: Pouria Mousavizadeh Tehrani --- usr/local/share/wanpad/init.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/init.sh b/usr/local/share/wanpad/init.sh index ecd86d0..38a5c61 100755 --- a/usr/local/share/wanpad/init.sh +++ b/usr/local/share/wanpad/init.sh @@ -28,7 +28,7 @@ case "$NA" in ztp_dialogue ;; 2) - DOMAIN=$1 + CONTROLLER_DOMAIN=$1 TOKEN=$2 ;; *) From fd108b992d070af8820a784d72cc8dee2096971c Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:29:54 +0330 Subject: [PATCH 35/48] Update wanpad.conf.sample Signed-off-by: Pouria Mousavizadeh Tehrani --- usr/local/etc/wanpad/wanpad.conf.sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/etc/wanpad/wanpad.conf.sample b/usr/local/etc/wanpad/wanpad.conf.sample index 8726faa..f2b76f9 100644 --- a/usr/local/etc/wanpad/wanpad.conf.sample +++ b/usr/local/etc/wanpad/wanpad.conf.sample @@ -23,4 +23,4 @@ SSL=true # OpenVPN Client # The ".ovpn" file must be located under /usr/local/etc/wanpad/ directory. -OOB_CONFIG_FILE=client.ovpn \ No newline at end of file +OOB_CONFIG_FILE=client.ovpn From 2a8804af5fe30b19c4940c493229db4432489adc Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:42:08 +0330 Subject: [PATCH 36/48] ztp bugfix Signed-off-by: Pouria Mousavizadeh Tehrani --- usr/local/share/wanpad/lib/ztp-lib.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 9a6c62c..010a032 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -64,6 +64,6 @@ run_ztp_py() set -a . /usr/local/etc/wanpad/wanpad.conf set +a - export CONTROLLER_TOKEN_VALIDATION_URL="$(get_controller_url /wanpad/api/v1/auth/validate_token/)" + export CONTROLLER_TOKEN_URL="$(get_controller_url /wanpad/api/v1/devices/plug_play/)" python3 /usr/local/share/wanpad/ztp/pnp-client.py -} \ No newline at end of file +} From 9879d861cd74f8774145139ebd8bb99884dc2c1d Mon Sep 17 00:00:00 2001 From: Pouria Mousavizadeh Tehrani Date: Fri, 26 Apr 2024 16:42:27 +0330 Subject: [PATCH 37/48] Update pnp-client.py Signed-off-by: Pouria Mousavizadeh Tehrani --- usr/local/share/wanpad/ztp/pnp-client.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/ztp/pnp-client.py b/usr/local/share/wanpad/ztp/pnp-client.py index a184a69..64949bf 100755 --- a/usr/local/share/wanpad/ztp/pnp-client.py +++ b/usr/local/share/wanpad/ztp/pnp-client.py @@ -45,7 +45,7 @@ def client_program(): "hostname": socket.gethostname(), "token": os.environ['TOKEN'], "dsf": dsf} - url = os.environ['CONTROLLER_TOKEN_VALIDATION_URL'] + url = os.environ['CONTROLLER_TOKEN_URL'] request_to_url = requests.post(url, verify=False, data=data, timeout=6) if request_to_url.status_code == 400: print(request_to_url.text) From d3533b92c315f7c23a9624f9a2e2a45badf9e786 Mon Sep 17 00:00:00 2001 From: Mostafa Khoshnood <88609364+mostafawkhd@users.noreply.github.com> Date: Sun, 7 Jul 2024 15:17:30 +0330 Subject: [PATCH 38/48] change script for starting wanpad services script for starting wanpad services is changed in order to make that compatible with running commands on wanpad-edge parent directory. Signed-off-by: Mostafa Khoshnood <88609364+mostafawkhd@users.noreply.github.com> --- usr/local/share/wanpad/lib/install-lib.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index fbafbf2..779f72b 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -34,7 +34,12 @@ enable_wanpad_systemd_services() start_wanpad_services() { - service wanpad-* start || true + if [ "$OSKERNEL" = "Linux" ] + then + systemctl start wanpad-*.service --all || true + else + service wanpad-* start|| true + fi } enable_ipv4_forward() From 7ea04148e3bdb6b29f26da3d36ca398c72145092 Mon Sep 17 00:00:00 2001 From: Mostafa Khoshnood <88609364+mostafawkhd@users.noreply.github.com> Date: Sun, 7 Jul 2024 15:44:00 +0330 Subject: [PATCH 39/48] fix a typo Signed-off-by: Mostafa Khoshnood <88609364+mostafawkhd@users.noreply.github.com> --- usr/local/share/wanpad/lib/install-lib.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/wanpad/lib/install-lib.sh b/usr/local/share/wanpad/lib/install-lib.sh index 779f72b..fd48e0a 100755 --- a/usr/local/share/wanpad/lib/install-lib.sh +++ b/usr/local/share/wanpad/lib/install-lib.sh @@ -38,7 +38,7 @@ start_wanpad_services() then systemctl start wanpad-*.service --all || true else - service wanpad-* start|| true + service wanpad-* start || true fi } From 321bc9908cdb5ba412c424e735b6498ad7e83c4b Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 19:02:50 +0330 Subject: [PATCH 40/48] Remove lite version (adm should be a separate package) --- Makefile | 32 ----- README.md | 37 ----- usr/local/bin/wanpadctl | 11 -- usr/local/share/man/man8/wanpadctl.8.gz | Bin 472 -> 443 bytes usr/local/share/wanpad/adm.sh | 78 ----------- usr/local/share/wanpad/common.sh | 1 - usr/local/share/wanpad/lib/adm-lib.sh | 174 ------------------------ usr/local/share/wanpad/lib/base-lib.sh | 1 - 8 files changed, 334 deletions(-) delete mode 100644 usr/local/share/wanpad/adm.sh delete mode 100644 usr/local/share/wanpad/lib/adm-lib.sh diff --git a/Makefile b/Makefile index 9972584..edae539 100644 --- a/Makefile +++ b/Makefile @@ -10,16 +10,6 @@ WANPAD_USERNAME= hoopad all: @echo "Nothing to be done. Please use make install or make uninstall" -.PHONY: litedeps -litedeps: - @echo "Install lite version dependencies" - @if [ -e /etc/debian_version ]; then\ - DEBIAN_FRONTEND=noninteractive apt install -y net-tools git build-essential sudo git-lfs jq;\ - elif [ "${OS}" = "FreeBSD" ]; then\ - pkg install -y git python3 sudo jq;\ - fi - - .PHONY: deps deps: @echo "Install applications" @@ -125,28 +115,6 @@ install: ca deps generate echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ fi -.PHONY: liteinstall -liteinstall: litedeps - @echo "Installing wanpad lite version" - @echo - @cp -Rv usr / - @chmod +x ${WANPAD_CMD} - @echo "Make it administration cli tool only" - @if [ "${OS}" = "FreeBSD" ]; then\ - sed -i '' '1s/$$/\nLITE_VERSION=true/' ${WANPAD_CMD};\ - else\ - sed -i -e '1s/$$/\nLITE_VERSION=true/' ${WANPAD_CMD};\ - fi - @echo - @echo "Installing wanpad configuration" - @if [ ! -s /usr/local/etc/wanpad/wanpad.conf ]; then\ - cp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf;\ - else\ - echo "wanpad configuration file is already exists at /usr/local/etc/wanpad/wanpad.conf.";\ - echo "If you want the new configuration use the following command below:";\ - echo "\tcp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf";\ - fi - .PHONY: installonly installonly: @echo "Installing wanpad version" diff --git a/README.md b/README.md index 3a4113e..5f6c427 100644 --- a/README.md +++ b/README.md @@ -92,43 +92,6 @@ After the prompt return, you should be able to access your device through the co wanpadctl ``` -## Lite Version - -Lite version is only for administration purposes. - -### Lite Install - -```sh -git clone https://github.com/HoopadCorp/wanpad-edge.git -make liteinstall -``` - -## Admin CLI - -### Show list of device names - -```sh -wanpadctl adm show device | jq '[.results[].name]' -``` - -### Show list of device id - -```sh -wanpadctl adm show device | jq '[.results[].id]' -``` - -### Search device by name - -```sh -wanpadctl adm show device name wpe-210 -``` - -### Get device info - -```sh -wanpadctl adm get device info ID -``` - ## Contributions Any PR(s) are welcomed. diff --git a/usr/local/bin/wanpadctl b/usr/local/bin/wanpadctl index b7add28..1ffca27 100644 --- a/usr/local/bin/wanpadctl +++ b/usr/local/bin/wanpadctl @@ -26,17 +26,6 @@ WANPAD_VERSION="3.0.0" export CMD=$1 shift -if [ -n "$LITE_VERSION" ] -then - if [ "$CMD" != "adm" ] - then - echo "Error: Sub-commands other than 'adm' are not supported in the WANPAD Edge Lite version." - echo "Lite version is administration only." - echo "Please install WANPAD Edge for full installation." - exit 1 - fi -fi - # Handle special-case commands first. case "${CMD}" in version|-v|--version) diff --git a/usr/local/share/man/man8/wanpadctl.8.gz b/usr/local/share/man/man8/wanpadctl.8.gz index d8ecfa437956706da53dd5a1c7dec86001f7b085..c863ebfd551c47b596ce7fc9f0a049587a1d37a4 100644 GIT binary patch literal 443 zcmV;s0Yv^EiwFoD1&n3@19xF=aA9O)bZjm-0CiGLuhTFPyysVp-U$x1gt%}duOASJ zCe=$3;`HRko5noH4)!Lc{Ce!B?c)Hq-OPA)W;bG`u%Uw=r9b1{`%J7DCus+%8aDWl ziMm6XZ`YY9`&S@#3QK3%I|J?r-|}*ouR!WZ2s)tT9Qi<-rhI z=TibZ4Hk{jWI4&T`Z%UgF+r;n%e&h(MS^EHX}>ozr4GGQqlq!!=r*qC4Em)52l4ho zPbZj1EP_^aTb#22u8rvE8%h=Xk-IoyZ7vtfzwSR*Pw_9vEowTG!Y)#^#MX^LPWrc0 l)L~DZmsTVHi7jIg{a@h6!8>-gm)b=4{U3QBU;D!X001q~)(-#x literal 472 zcmV;}0Vn<+iwFnzeae_#(B3dahg)nIZ*d^L#ZvXtfYrKQJ{7xtQI&IT=Q43`V8QYT zi<4H|!JSw}X$|X9GTvpP;3y-oG$wN%o%DDS&M?I34!vY;k5^Mn&<-}XlLZ-OzY3E_ zapC&ErC+3NBDn186*9Lbr}52V!|$SC2uVnUfki%%e-W8Ssi3OvpO;m+DIT6T#kVz# z(rbAz2rc>Kz>dyBV>DV$bge!P$y9XE>V)!iy{t&(SxwsY6^to^p44EX%@4YbD>?)I z(Sd{bIKk67<`Ija6 -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -. /usr/local/share/wanpad/common.sh - -# Handle special-case commands first. -case "$1" in -help|-h|--help) - adm_usage - ;; -esac - -if [ "$1" = "get" ] -then - if [ "$2" = "device" ] - then - if [ "$3" = "group" ] - then - get_device_group $4 - elif [ "$3" = "info" ] - then - get_device $4 - fi - fi -# elif [ "$1" = "add" ] -# then -# if [ "$2" = "device" ] -# then -# if [ "$3" = "group" ] -# then -# add_device_group $4 -# fi -# fi -elif [ "$1" = "set" ] -then - if [ "$2" = "bgp" ] - then - if [ "$3" = "mesh" ] - then - shift 3 - [ $# -ne 2 ] && bgp_mesh_usage - bgp_mesh_selected_device "$1" "$2" - fi - elif [ "$2" = "token" ] - then - shift 2 - [ $# -ne 1 ] && set_token_usage - set_token "$1" - fi -elif [ "$1" = "show" ] -then - if [ "$2" = "device" ] - then - if [ -z "$3" ] - then - show_devices - elif [ "$3" = "name" ] - then - show_device_by_name "$4" - fi - fi -else - adm_usage -fi \ No newline at end of file diff --git a/usr/local/share/wanpad/common.sh b/usr/local/share/wanpad/common.sh index 5177882..8b61e7b 100644 --- a/usr/local/share/wanpad/common.sh +++ b/usr/local/share/wanpad/common.sh @@ -22,7 +22,6 @@ set +a # Base library should be first to call . /usr/local/share/wanpad/lib/base-lib.sh -. /usr/local/share/wanpad/lib/adm-lib.sh . /usr/local/share/wanpad/lib/install-lib.sh . /usr/local/share/wanpad/lib/ztp-lib.sh . /usr/local/share/wanpad/lib/sot-lib.sh \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/adm-lib.sh b/usr/local/share/wanpad/lib/adm-lib.sh deleted file mode 100644 index cc33ae0..0000000 --- a/usr/local/share/wanpad/lib/adm-lib.sh +++ /dev/null @@ -1,174 +0,0 @@ -#!/bin/sh -# -# Copyright (c) 2024, Seyed Pouria Mousavizadeh Tehrani -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -# This file exists for administration of the WANPAD controller. Will be completed in the near future. - -adm_usage() -{ - cat << EOF -Usage: - wanpadctl adm COMMAND [args] - -COMMAND - Specifies the action to perform on the object. The set of possible actions depends on the object type. As a rule, it is possible to add, delete and show (or list ) objects, but some objects - do not allow all of these operations or have some additional commands. The help command is available for all objects. - -Use "wanpad -v|--version" for version information. -EOF - exit 1 -} - -bgp_mesh_usage() -{ - echo "Usage: wanpadctl adm set bgp mesh [ local-as ] [ devices ]\n" - exit 1 -} - -set_token_usage() -{ - echo "Usage: wanpadctl adm set token [ token ]\n" - exit 1 -} - -get_device_group() -{ - local response_json="$(get_api /wanpad/api/v1/devices/group/)" - - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - - case $val_status_code in - 200) - echo $response_json | jq -s '.[0]' - ;; - *) - print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." - echo $response_json | jq - exit 1 - ;; - esac -} - -# add_device_group() -# # TODO: add a single device to a group -# { -# local response_json="$(post_api /wanpad/api/v1/devices/devices-group/ "$1")" - -# local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - -# case $val_status_code in -# 200) -# echo $response_json | jq -s '.[0]' -# ;; -# *) -# print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." -# echo $response_json | jq -# exit 1 -# ;; -# esac -# } - -bgp_mesh_selected_device() -{ - local LOCAL_AS=$1 - if [ $LOCAL_AS -lt 1 ] && [ $LOCAL_AS -gt 4294967295 ] - then - print_error "<1-4294967295> Autonomous system number" - exit 1 - fi - shift - local data="$(echo $@ | jq -R "split(\",\")|{devices:[.[]], local_as: \"$LOCAL_AS\"}")" - - local response_json="$(post_api /wanpad/api/v1/bgp/mesh/neighbors/selected_devices/ $data)" - - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - - case $val_status_code in - 200) - echo $response_json | jq -s '.[0]' - ;; - *) - print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." - echo $response_json | jq - exit 1 - ;; - esac -} - -show_devices() -{ - local response_json="$(get_api /wanpad/api/v1/devices/devices-list/)" - - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - - case $val_status_code in - 200) - echo $response_json | jq -s '.[0]' - ;; - *) - print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." - echo $response_json | jq - exit 1 - ;; - esac -} - -get_device() -{ - number_validator $1 || adm_usage - local response_json="$(get_api /wanpad/api/v1/devices/devices-list/$1/)" - - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - - case $val_status_code in - 200) - echo $response_json | jq -s '.[0]' - ;; - *) - print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." - echo $response_json | jq - exit 1 - ;; - esac -} - -show_device_by_name() -{ - local response_json="$(get_api /wanpad/api/v1/devices/devices-list/?search="$1")" - - local val_status_code=$(echo $response_json | jq -s '.[1].http_code' ) - - case $val_status_code in - 200) - echo $response_json | jq -s '.[0]' - ;; - *) - print_error "Something went wrong. Please check your token again and the problem still remains, reach out to our technical support." - echo $response_json | jq - exit 1 - ;; - esac -} - -set_token() -{ - if [ "${OSKERNEL}" = "FreeBSD" ] - then - sed -i '.bak' "/^TOKEN=/s/=.*/=$1/" /usr/local/etc/wanpad/wanpad.conf - else - sed -i.bak -e "/^TOKEN=/s/=.*/=$1/" /usr/local/etc/wanpad/wanpad.conf - fi -} \ No newline at end of file diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index aaf05d1..fad1695 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -97,7 +97,6 @@ Available Commands: oob connect to WANPAD controller using oob network. lte configure lte module. (if any exists.) sot client-side operations of source of truth. check wanpadctl(8) for more details. - adm administration tools of controller via admin api. check wanpadctl(8) for more details. Use "wanpad -v|--version" for version information. Use "wanpad command -h|--help" for more information about a command. From 321a349cc152ab57cf3ae58ecc220a5b362bced9 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 19:08:01 +0330 Subject: [PATCH 41/48] add swanctl support to wanpad-edge client --- usr/local/etc/wanpad/swanctl/conf.d/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 usr/local/etc/wanpad/swanctl/conf.d/.gitkeep diff --git a/usr/local/etc/wanpad/swanctl/conf.d/.gitkeep b/usr/local/etc/wanpad/swanctl/conf.d/.gitkeep new file mode 100644 index 0000000..e69de29 From 4da1c3e2c344dd79af86d2d57cd731077539568c Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 19:45:12 +0330 Subject: [PATCH 42/48] swanctl: always include wanpad configuration --- usr/local/etc/wanpad/startup/startup.sh | 2 ++ usr/local/etc/wanpad/startup/swanctl.sh | 10 ++++++++++ 2 files changed, 12 insertions(+) create mode 100755 usr/local/etc/wanpad/startup/swanctl.sh diff --git a/usr/local/etc/wanpad/startup/startup.sh b/usr/local/etc/wanpad/startup/startup.sh index 5b6244a..bf39fce 100755 --- a/usr/local/etc/wanpad/startup/startup.sh +++ b/usr/local/etc/wanpad/startup/startup.sh @@ -15,3 +15,5 @@ DIR="/usr/local/etc/wanpad/startup" . ${DIR}/startup-7.sh . ${DIR}/startup-8.sh . ${DIR}/startup-9.sh + +. ${DIR}/swanctl.sh \ No newline at end of file diff --git a/usr/local/etc/wanpad/startup/swanctl.sh b/usr/local/etc/wanpad/startup/swanctl.sh new file mode 100755 index 0000000..41515dc --- /dev/null +++ b/usr/local/etc/wanpad/startup/swanctl.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +# This shell script ensures that strongswan has the exact configuration we want at any time. + +SWANCTL_DIR="/usr/local/etc/wanpad/swanctl/conf.d" + +if ! $(grep -q "include ${SWANCTL_DIR}/\*.conf" /etc/swanctl/swanctl.conf) +then + echo "include ${SWANCTL_DIR}/*.conf" >> /etc/swanctl/swanctl.conf +fi From 245263e210190ec44e346249647470c9ca1eb171 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 20:30:28 +0330 Subject: [PATCH 43/48] ZTP: Bugfix on wanpad-ztp service --- usr/local/etc/wanpad/wanpad.conf.sample | 3 +++ usr/local/share/wanpad/lib/base-lib.sh | 10 ---------- usr/local/share/wanpad/lib/ztp-lib.sh | 7 ++++++- usr/local/share/wanpad/ztp/pnp-client.py | 9 ++++++++- 4 files changed, 17 insertions(+), 12 deletions(-) diff --git a/usr/local/etc/wanpad/wanpad.conf.sample b/usr/local/etc/wanpad/wanpad.conf.sample index f2b76f9..6d899f7 100644 --- a/usr/local/etc/wanpad/wanpad.conf.sample +++ b/usr/local/etc/wanpad/wanpad.conf.sample @@ -24,3 +24,6 @@ SSL=true # OpenVPN Client # The ".ovpn" file must be located under /usr/local/etc/wanpad/ directory. OOB_CONFIG_FILE=client.ovpn + +# Advanced +CONTROLLER_API_PATH=/wanpad/api/v1/devices/plug_play/ diff --git a/usr/local/share/wanpad/lib/base-lib.sh b/usr/local/share/wanpad/lib/base-lib.sh index fad1695..9de1a72 100644 --- a/usr/local/share/wanpad/lib/base-lib.sh +++ b/usr/local/share/wanpad/lib/base-lib.sh @@ -105,16 +105,6 @@ EOF exit 1 } -get_controller_url() -{ - local CONTROLLER_API_PATH="$1" - - # Run get scheme for CONTROLLER_SCHEME variable - get_scheme - - echo "${CONTROLLER_SCHEME}://${CONTROLLER_DOMAIN}:${CONTROLLER_API_PORT}${CONTROLLER_API_PATH}" -} - get_api() { local CONTROLLER_URL="$(get_controller_url $1)" diff --git a/usr/local/share/wanpad/lib/ztp-lib.sh b/usr/local/share/wanpad/lib/ztp-lib.sh index 010a032..b92128d 100755 --- a/usr/local/share/wanpad/lib/ztp-lib.sh +++ b/usr/local/share/wanpad/lib/ztp-lib.sh @@ -64,6 +64,11 @@ run_ztp_py() set -a . /usr/local/etc/wanpad/wanpad.conf set +a - export CONTROLLER_TOKEN_URL="$(get_controller_url /wanpad/api/v1/devices/plug_play/)" + get_scheme + export CONTROLLER_SCHEME + export CONTROLLER_DOMAIN + export CONTROLLER_API_PORT + export CONTROLLER_API_PATH + python3 /usr/local/share/wanpad/ztp/pnp-client.py } diff --git a/usr/local/share/wanpad/ztp/pnp-client.py b/usr/local/share/wanpad/ztp/pnp-client.py index 64949bf..d1e8d58 100755 --- a/usr/local/share/wanpad/ztp/pnp-client.py +++ b/usr/local/share/wanpad/ztp/pnp-client.py @@ -45,7 +45,14 @@ def client_program(): "hostname": socket.gethostname(), "token": os.environ['TOKEN'], "dsf": dsf} - url = os.environ['CONTROLLER_TOKEN_URL'] + + if os.environ['SSL'] == "false": + http_scheme = "http" + else: + http_scheme = "https" + + url = f"{http_scheme}://{os.environ['CONTROLLER_DOMAIN']}:{os.environ['CONTROLLER_API_PORT']}{os.environ['CONTROLLER_API_PATH']}" + request_to_url = requests.post(url, verify=False, data=data, timeout=6) if request_to_url.status_code == 400: print(request_to_url.text) From 8f211175ab209a9ce99bbc24abbb00333aaa7276 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 20:55:57 +0330 Subject: [PATCH 44/48] Build: set ownership of etc directory --- Makefile | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/Makefile b/Makefile index edae539..3aa84b9 100644 --- a/Makefile +++ b/Makefile @@ -5,6 +5,7 @@ DEBUG= $$(if [ "${OS}" = "FreeBSD" ]; then echo set -xeouv pipefail; else ech WANPAD_VERSION= $$(git rev-parse HEAD) WANPAD_CMD= /usr/local/bin/wanpadctl WANPAD_USERNAME= hoopad +WANPAD_GROUP= hoopad .PHONY: all all: @@ -99,6 +100,10 @@ install: ca deps generate @echo "Installing wanpad" @echo @cp -Rv usr / + @echo + @echo "Set ownership of wanpad configuration directory to ${WANPAD_USERNAME} and ${WANPAD_GROUP} + @echo + @chown ${WANPAD_USERNAME}:${WANPAD_GROUP} -R /usr/local/etc/wanpad @chmod +x ${WANPAD_CMD} @echo @echo "Install filebeat" From 7ad44ca0cac757451cac2b1a3aed16184117ee42 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 21:02:21 +0330 Subject: [PATCH 45/48] Build: set ownership of etc directory --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 3aa84b9..39f95ae 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ DEBUG= $$(if [ "${OS}" = "FreeBSD" ]; then echo set -xeouv pipefail; else ech WANPAD_VERSION= $$(git rev-parse HEAD) WANPAD_CMD= /usr/local/bin/wanpadctl WANPAD_USERNAME= hoopad -WANPAD_GROUP= hoopad +WANPAD_GROUP= hoopad .PHONY: all all: @@ -101,7 +101,7 @@ install: ca deps generate @echo @cp -Rv usr / @echo - @echo "Set ownership of wanpad configuration directory to ${WANPAD_USERNAME} and ${WANPAD_GROUP} + @echo "Set ownership of wanpad configuration directory to ${WANPAD_USERNAME} and ${WANPAD_GROUP}"" @echo @chown ${WANPAD_USERNAME}:${WANPAD_GROUP} -R /usr/local/etc/wanpad @chmod +x ${WANPAD_CMD} From 3b0db51e0a93e63524a0cb9e557ba56332f68069 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 21:02:31 +0330 Subject: [PATCH 46/48] Build: set ownership of etc directory --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 39f95ae..6122800 100644 --- a/Makefile +++ b/Makefile @@ -101,7 +101,7 @@ install: ca deps generate @echo @cp -Rv usr / @echo - @echo "Set ownership of wanpad configuration directory to ${WANPAD_USERNAME} and ${WANPAD_GROUP}"" + @echo "Set ownership of wanpad configuration directory to ${WANPAD_USERNAME} and ${WANPAD_GROUP}" @echo @chown ${WANPAD_USERNAME}:${WANPAD_GROUP} -R /usr/local/etc/wanpad @chmod +x ${WANPAD_CMD} From b878a99a7ae4baceb53548810568ef62c8d7897c Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 22:27:52 +0330 Subject: [PATCH 47/48] swanctl: add apparmor profile to include wanpad directory --- Makefile | 5 +++++ usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl | 1 + 2 files changed, 6 insertions(+) create mode 100644 usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl diff --git a/Makefile b/Makefile index 6122800..c7b376d 100644 --- a/Makefile +++ b/Makefile @@ -111,6 +111,11 @@ install: ca deps generate @tar xzvf usr/local/share/wanpad/tar-files/filebeat.tar.gz -C /usr/local/share/wanpad/client-services/ @ln -sf /usr/local/share/wanpad/client-services/filebeat/filebeat /usr/local/bin/ @echo + @if [ "${OS}" = "GNU/Linux" ]; then\ + echo "Configure apparmor (Linux)";\ + cp /usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl /etc/apparmor.d/local/usr.sbin.swanctl;\ + aa-status --enabled && apparmor_parser -r /etc/apparmor.d/local/usr.sbin.swanctl;\ + fi @echo "Installing wanpad configuration" @if [ ! -s /usr/local/etc/wanpad/wanpad.conf ]; then\ cp /usr/local/etc/wanpad/wanpad.conf.sample /usr/local/etc/wanpad/wanpad.conf;\ diff --git a/usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl b/usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl new file mode 100644 index 0000000..19dee6a --- /dev/null +++ b/usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl @@ -0,0 +1 @@ +/usr/local/etc/wanpad/swanctl/** r, From 505161d41161d8126da1c6f11fe692497f1167d0 Mon Sep 17 00:00:00 2001 From: Seyed Pouria Mousavizadeh Tehrani Date: Mon, 8 Jul 2024 22:31:12 +0330 Subject: [PATCH 48/48] swanctl: add apparmor profile to include wanpad directory (bugfix) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index c7b376d..e11fdf1 100644 --- a/Makefile +++ b/Makefile @@ -114,7 +114,7 @@ install: ca deps generate @if [ "${OS}" = "GNU/Linux" ]; then\ echo "Configure apparmor (Linux)";\ cp /usr/local/share/wanpad/apparmor.d/usr.sbin.swanctl /etc/apparmor.d/local/usr.sbin.swanctl;\ - aa-status --enabled && apparmor_parser -r /etc/apparmor.d/local/usr.sbin.swanctl;\ + aa-status --enabled && apparmor_parser -r /etc/apparmor.d/usr.sbin.swanctl;\ fi @echo "Installing wanpad configuration" @if [ ! -s /usr/local/etc/wanpad/wanpad.conf ]; then\