From 041bd2205634298affdb2da6421ecd2102c9cf35 Mon Sep 17 00:00:00 2001 From: A Holt Date: Sat, 11 May 2019 22:22:00 -0400 Subject: [PATCH] /usr/bin/iiab-support = friendlier way to set up OpenVPN --- roles/openvpn/templates/iiab-support | 90 ++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 roles/openvpn/templates/iiab-support diff --git a/roles/openvpn/templates/iiab-support b/roles/openvpn/templates/iiab-support new file mode 100644 index 000000000..a31691338 --- /dev/null +++ b/roles/openvpn/templates/iiab-support @@ -0,0 +1,90 @@ +#!/bin/bash + +handle1=$(grep "^openvpn_handle:.*" /etc/iiab/local_vars.yml | sed -e "s/^openvpn_handle://; s/^\s*//; s/\s*$//" | cut -d'"' -f2 | cut -d"'" -f2) +if [ -f /etc/iiab/openvpn_handle ]; then + handle2=$(cat /etc/iiab/openvpn_handle) +else + handle2= +fi +echo -e "\n/etc/iiab/local_vars.yml source/master copy: $handle1" +echo -e "/etc/iiab/openvpn_handle for openvpn daemon: $handle2\n" + +echo -en "\e[1mPlease type a descriptive OpenVPN machine name (openvpn_handle) such as:\n\n cape-town-school-36-rpi-2019-05-31\n\nOr hit [Enter] to keep the existing name:\e[0m " +read ans < /dev/tty +if [ "$ans" != "" ]; then + if grep -q '^openvpn_handle:' /etc/iiab/local_vars.yml; then + sed -i -e "s/^openvpn_handle:.*/openvpn_handle: $ans/" /etc/iiab/local_vars.yml + else + echo "openvpn_handle: $ans" >> /etc/iiab/local_vars.yml + fi + echo $ans > /etc/iiab/openvpn_handle + echo -e "\n\e[1mYour openvpn_handle was saved into both above files.\e[0m\n" +else + if [ "$handle1" != "$handle2" ]; then + echo -e "\n\e[41mYou MUST specify an OpenVPN machine name (openvpn_handle) to resolve the above\e[0m" + echo -e "\e[41mnaming conflict. Please rerun to proceed.\e[0m\n" + exit 1 + fi + echo -e "\n\e[1mWARNING: openvpn_handle remains unchanged in both above files.\e[0m\n" +fi + +if grep -q '^openvpn_install: True' /etc/iiab/local_vars.yml; then + echo -e "Your IIAB installation appears normal, with OpenVPN already installed...\n" +else + echo -e "Please wait a few minutes as IIAB Stage 1 (1-prep) & OpenVPN are installed...\n" + if grep -q '^openvpn_install:' /etc/iiab/local_vars.yml; then + sed -i -e "s/^openvpn_install:.*/openvpn_install: True/" /etc/iiab/local_vars.yml + else + echo "openvpn_install: True" >> /etc/iiab/local_vars.yml + fi + cd /opt/iiab/iiab + ./runrole 1-prep + echo +fi + +echo -e "Now let's (re)enable OpenVPN...\n" +if grep -q '^openvpn_enabled:' /etc/iiab/local_vars.yml; then + sed -i -e "s/^openvpn_enabled:.*/openvpn_enabled: True/" /etc/iiab/local_vars.yml +else + echo "openvpn_enabled: True" >> /etc/iiab/local_vars.yml +fi +systemctl enable openvpn + +echo -e "\nNow let's restart OpenVPN..." +#systemctl start openvpn +systemctl restart openvpn + +echo -en "\n " +for i in {16..40} ; do echo -en "\e[48;5;${i}m \e[0m" ; done +echo -en " OpenVPN TIPS " +for i in {40..16} ; do echo -en "\e[48;5;${i}m \e[0m" ; done + +echo -e "\n\n 1. Check your Internet connection: run 'ping 8.8.8.8' and 'ping mit.edu'" +echo -e " 2. Check your OpenVPN connection: run 'ping 10.8.0.1'" +echo -e " 3. Run 'ip a' and look for a 'tun0' IP address like 10.8.0.x" +echo -e " 4. If necessary, run 'systemctl restart openvpn' which will" +echo -e " effectively run 'systemctl restart openvpn@xscenet' for you." +echo -e " 5. Sometimes waiting a minute helps -- retry steps 2 and 3 to monitor." +echo -e " 6. Read 'How can I remotely manage my Internet-in-a-Box?' at" +echo -e " http://FAQ.IIAB.IO to learn about DIY remote support alternatives" +echo -e " like ngrok, serveo, remot3.it and TeamViewer.\n" + +echo -en " " +for i in {16..40} ; do echo -en "\e[48;5;${i}m \e[0m" ; done +echo -en " OpenVPN TIPS " +for i in {40..16} ; do echo -en "\e[48;5;${i}m \e[0m" ; done + +echo -e "\n\nNow let's wait 15 seconds, as OpenVPN handshake sometimes needs that (or more!)" + +sleep 15 + +echo -en "\nYour OpenVPN machine name (openvpn_handle) is: \e[32m" +cat /etc/iiab/openvpn_handle +echo -en "\e[0m" + +vpnip=$(ip a | grep tun0$ | awk '{print $2}') +if [ "$vpnip" != "" ]; then + echo -e "\nYour OpenVPN IP address (which can change) is: \e[32m$vpnip\e[0m\n" +else + echo -e "\n \e[41m ERROR: OpenVPN IP address not ready - PLEASE TRY THE ABOVE TIPS \e[0m\n" +fi