| #!/bin/bash |
| |
| # Copyright 2019 Google Inc. All rights reserved. |
| |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| if [[ "$OSTYPE" != "linux-gnu" ]]; then |
| echo "error: must be running linux" |
| exit 1 |
| fi |
| |
| sleep_time=0.1 |
| DEFAULTNET=$1 |
| if [ "$DEFAULTNET" == "" ]; then |
| warn_no_default_network=0 |
| warn_multiple_networks=0 |
| warn_disconnect_rockpi=0 |
| while true; do |
| DEFAULTNET=`ip link | grep "state UP" | sed 's/[0-9]*: \([^:]*\):.*/\1/'` |
| if [[ "${DEFAULTNET}" == "" ]]; then |
| if [[ $warn_no_default_network -eq 0 ]]; then |
| echo "error: couldn't detect any connected default network" |
| warn_no_default_network=1 |
| warn_multiple_networks=0 |
| fi |
| continue |
| elif [ `echo "$DEFAULTNET" | wc -l` -eq 1 ]; then |
| break |
| elif [ `echo "$DEFAULTNET" | wc -l` -ne 1 ]; then |
| if [[ $warn_disconnect_rockpi -eq 0 ]]; then |
| echo "Please disconnect the network cable from the Rock Pi" |
| warn_disconnect_rockpi=1 |
| fi |
| if [[ $warn_multiple_networks -eq 0 ]]; then |
| echo "error: detected multiple connected networks, not sure which to use as default:" |
| for net in $DEFAULTNET; do echo " $net"; done |
| warn_no_default_network=0 |
| warn_multiple_networks=1 |
| fi |
| sleep $sleep_time |
| fi |
| done |
| fi |
| |
| # escalate to superuser |
| if [ "$UID" -ne 0 ]; then |
| exec sudo bash "$0" "${DEFAULTNET}" |
| fi |
| |
| echo "Found default network at ${DEFAULTNET}" |
| echo "Please reconnect network cable from Rock Pi to PC's spare network port" |
| |
| ROCKNETinit=`ip link | grep "state UP" | grep -v $DEFAULTNET | sed 's/[0-9]*: \([^:]*\):.*/\1/' | awk 'NF'` |
| while true; do |
| ROCKNET=`ip link | grep "state UP" | grep -v $DEFAULTNET | sed 's/[0-9]*: \([^:]*\):.*/\1/' | awk 'NF'` |
| networks=`echo "$ROCKNET" | wc -l` |
| if [[ "${ROCKNET}" == "" ]]; then |
| continue |
| elif [ $networks -eq 1 ]; then |
| break |
| elif [ $networks -gt 1 ]; then |
| ROCKNET=`comm -3 <(echo "$ROCKNETinit" | sort) <(echo "$ROCKNET" | sort) | awk '{$1=$1};1'` |
| if [ "${ROCKNET}" != "" ]; then |
| break |
| fi |
| sleep $sleep_time |
| fi |
| done |
| echo "Found Rock Pi network at ${ROCKNET}" |
| sudo ifconfig ${ROCKNET} down |
| |
| echo "Configuring udev rules..." |
| cat >/etc/udev/rules.d/82-${ROCKNET}.rules <<EOF |
| ACTION=="add", SUBSYSTEM=="net", KERNEL=="${ROCKNET}", ENV{NM_UNMANAGED}="1" |
| EOF |
| |
| echo "Configuring network interface..." |
| cat >/etc/network/interfaces.d/${ROCKNET}.conf <<EOF |
| auto ${ROCKNET} |
| iface ${ROCKNET} inet static |
| address 192.168.0.1 |
| netmask 255.255.255.0 |
| EOF |
| |
| echo "Restarting network interface..." |
| service network-manager restart |
| if [ $? != 0 ]; then |
| echo "error: failed to restart network-manager" |
| exit 1 |
| fi |
| service networking restart |
| if [ $? != 0 ]; then |
| echo "error: failed to restart networking" |
| exit 1 |
| fi |
| |
| # Verify the Rock Pi was configured correctly |
| ip link show ${ROCKNET} >/dev/null |
| if [ $? != 0 ]; then |
| echo "error: wasn't able to successfully configure connection to Rock Pi" |
| exit 1 |
| fi |
| |
| # Check if dnsmasq is already installed |
| dpkg -l | grep " dnsmasq " >/dev/null |
| if [ $? != 0 ]; then |
| echo "Installing dnsmasq..." |
| apt-get install dnsmasq >/dev/null |
| fi |
| |
| echo "Enabling dnsmasq daemon..." |
| cat /etc/default/dnsmasq | grep "ENABLED" >/dev/null |
| if [ $? == 0 ]; then |
| sed -i 's/.*ENABLED.*/ENABLED=1/' /etc/default/dnsmasq |
| else |
| echo "ENABLED=1" >> /etc/default/dnsmasq |
| fi |
| |
| echo "Configuring dnsmasq for Rock Pi network..." |
| cat >/etc/dnsmasq.d/${ROCKNET}.conf << EOF |
| interface=${ROCKNET} |
| bind-interfaces |
| except-interface=lo |
| dhcp-authoritative |
| leasefile-ro |
| port=0 |
| dhcp-range=192.168.0.100,192.168.0.199 |
| EOF |
| |
| echo "Restarting dnsmasq service..." |
| service dnsmasq restart |
| if [ $? != 0 ]; then |
| echo "error: failed to restart dnsmasq" |
| exit 1 |
| fi |
| |
| echo "Enabling IP forwarding..." |
| echo 1 >/proc/sys/net/ipv4/ip_forward |
| |
| echo "Creating IP tables rules script..." |
| cat > /usr/local/sbin/iptables-rockpi.sh << EOF |
| #!/bin/bash |
| /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -m state --state RELATED,ESTABLISHED -j ACCEPT |
| /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -j ACCEPT |
| /sbin/iptables -t nat -A POSTROUTING -o ${DEFAULTNET} -j MASQUERADE |
| EOF |
| sudo chown root:root /usr/local/sbin/iptables-rockpi.sh |
| sudo chmod 750 /usr/local/sbin/iptables-rockpi.sh |
| |
| echo "Creating IP tables rules service..." |
| cat > /etc/systemd/system/iptables-rockpi.service << EOF |
| [Unit] |
| Description=iptables rockpi service |
| After=network.target |
| |
| [Service] |
| Type=oneshot |
| ExecStart=/usr/local/sbin/iptables-rockpi.sh |
| RemainAfterExit=true |
| StandardOutput=journal |
| |
| [Install] |
| WantedBy=multi-user.target |
| EOF |
| |
| echo "Reloading systemd manager configuration..." |
| sudo systemctl daemon-reload |
| |
| echo "Start IP tables rules service..." |
| sudo systemctl enable iptables-rockpi |
| sudo systemctl start iptables-rockpi |
| |
| echo "Searching for Rock Pi's IP address..." |
| while true; do |
| rockip=`cat /proc/net/arp | grep ${ROCKNET} | grep -v 00:00:00:00:00:00 | cut -d" " -f1` |
| if [[ ${#rockip} -ge 7 ]] && [[ ${#rockip} -le 15 ]]; then |
| break |
| fi |
| sleep 0.1 |
| done |
| |
| echo "Writing Rock Pi configuration to ~/.ssh/config..." |
| USER_HOME=$(getent passwd $SUDO_USER | cut -d: -f6) |
| grep -w "Host rock01" $USER_HOME/.ssh/config > /dev/null 2>&1 |
| if [ $? != 0 ]; then |
| cat >>$USER_HOME/.ssh/config << EOF |
| Host rock01 |
| HostName ${rockip} |
| User vsoc-01 |
| IdentityFile ~/.ssh/rock01_key |
| LocalForward 6520 127.0.0.1:6520 |
| LocalForward 6444 127.0.0.1:6444 |
| EOF |
| else |
| sed -i '/Host rock01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config |
| fi |
| grep -w "Host rockpi01" $USER_HOME/.ssh/config > /dev/null 2>&1 |
| if [ $? != 0 ]; then |
| cat >>$USER_HOME/.ssh/config << EOF |
| Host rockpi01 |
| HostName ${rockip} |
| User vsoc-01 |
| IdentityFile ~/.ssh/rock01_key |
| EOF |
| else |
| sed -i '/Host rockpi01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config |
| fi |
| |
| sudo chown $SUDO_USER:`id -ng $SUDO_USER` $USER_HOME/.ssh/config |
| sudo chmod 600 $USER_HOME/.ssh/config |
| |
| echo "Creating ssh key..." |
| sudo -u $SUDO_USER echo "n" | sudo -u $SUDO_USER ssh-keygen -q -t rsa -b 4096 -f $USER_HOME/.ssh/rock01_key -N '' >/dev/null 2>&1 |
| tmpfile=`mktemp` |
| echo "echo cuttlefish" > "$tmpfile" |
| chmod a+x "$tmpfile" |
| chown $SUDO_USER "$tmpfile" |
| sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1" |
| if [ $? != 0 ]; then |
| sed -i "/${rockip}/d" ${USER_HOME}/.ssh/known_hosts |
| sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1" |
| if [ $? != 0 ]; then |
| echo "error: wasn't able to connect to Rock Pi over ssh" |
| exit 1 |
| fi |
| fi |
| |
| echo "Successfully configured!" |
| echo " Host: 192.168.0.1" |
| echo "RockPi: ${rockip}" |
| echo "SSH Alias: rock01 (auto port-forwarding)" |
| echo "SSH Alias: rockpi01 (no port-forwarding)" |