tools/network-setup.sh - device/google/cuttlefish_common - Git at Google

 #!/bin/bash

 # Copyright 2019 Google Inc. All rights reserved.

 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at

 #     http://www.apache.org/licenses/LICENSE-2.0

 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 if [[ "$OSTYPE" != "linux-gnu" ]]; then
 	echo "error: must be running linux"
 	exit 1
 fi

 sleep_time=0.1
 DEFAULTNET=$1
 if [ "$DEFAULTNET" == "" ]; then
 	warn_no_default_network=0
 	warn_multiple_networks=0
 	warn_disconnect_rockpi=0
 	while true; do
 		DEFAULTNET=`ip link | grep "state UP" | sed 's/[0-9]*: \([^:]*\):.*/\1/'`
 		if [[ "${DEFAULTNET}" == "" ]]; then
 			if [[ $warn_no_default_network -eq 0 ]]; then
 				echo "error: couldn't detect any connected default network"
 				warn_no_default_network=1
 				warn_multiple_networks=0
 			fi
 			continue
 		elif [ `echo "$DEFAULTNET" | wc -l` -eq 1 ]; then
 			break
 		elif [ `echo "$DEFAULTNET" | wc -l` -ne 1 ]; then
 			if [[ $warn_disconnect_rockpi -eq 0 ]]; then
 				echo "Please disconnect the network cable from the Rock Pi"
 				warn_disconnect_rockpi=1
 			fi
 			if [[ $warn_multiple_networks -eq 0 ]]; then
 				echo "error: detected multiple connected networks, not sure which to use as default:"
 				for net in $DEFAULTNET; do echo "    $net"; done
 				warn_no_default_network=0
 				warn_multiple_networks=1
 			fi
 			sleep $sleep_time
 		fi
 	done
 fi

 # escalate to superuser
 if [ "$UID" -ne 0 ]; then
 	exec sudo bash "$0" "${DEFAULTNET}"
 fi

 echo "Found default network at ${DEFAULTNET}"
 echo "Please reconnect network cable from Rock Pi to PC's spare network port"

 ROCKNETinit=`ip link | grep "state UP" | grep -v $DEFAULTNET | sed 's/[0-9]*: \([^:]*\):.*/\1/' | awk 'NF'`
 while true; do
 	ROCKNET=`ip link | grep "state UP" | grep -v $DEFAULTNET | sed 's/[0-9]*: \([^:]*\):.*/\1/' | awk 'NF'`
 	networks=`echo "$ROCKNET" | wc -l`
 	if [[ "${ROCKNET}" == "" ]]; then
 		continue
 	elif [ $networks -eq 1 ]; then
 		break
 	elif [ $networks -gt 1 ]; then
 		ROCKNET=`comm -3 <(echo "$ROCKNETinit" | sort) <(echo "$ROCKNET" | sort) | awk '{$1=$1};1'`
 		if [ "${ROCKNET}" != "" ]; then
 			break
 		fi
 		sleep $sleep_time
 	fi
 done
 echo "Found Rock Pi network at ${ROCKNET}"
 sudo ifconfig ${ROCKNET} down

 echo "Configuring udev rules..."
 cat >/etc/udev/rules.d/82-${ROCKNET}.rules <<EOF
 ACTION=="add", SUBSYSTEM=="net", KERNEL=="${ROCKNET}", ENV{NM_UNMANAGED}="1"
 EOF

 echo "Configuring network interface..."
 cat >/etc/network/interfaces.d/${ROCKNET}.conf <<EOF
 auto ${ROCKNET}
 iface ${ROCKNET} inet static
 	address 192.168.0.1
 	netmask 255.255.255.0
 EOF

 echo "Restarting network interface..."
 service network-manager restart
 if [ $? != 0 ]; then
 	echo "error: failed to restart network-manager"
 	exit 1
 fi
 service networking restart
 if [ $? != 0 ]; then
 	echo "error: failed to restart networking"
 	exit 1
 fi

 # Verify the Rock Pi was configured correctly
 ip link show ${ROCKNET} >/dev/null
 if [ $? != 0 ]; then
 	echo "error: wasn't able to successfully configure connection to Rock Pi"
 	exit 1
 fi

 # Check if dnsmasq is already installed
 dpkg -l | grep " dnsmasq " >/dev/null
 if [ $? != 0 ]; then
 	echo "Installing dnsmasq..."
 	apt-get install dnsmasq >/dev/null
 fi

 echo "Enabling dnsmasq daemon..."
 cat /etc/default/dnsmasq | grep "ENABLED" >/dev/null
 if [ $? == 0 ]; then
 	sed -i 's/.*ENABLED.*/ENABLED=1/' /etc/default/dnsmasq
 else
 	echo "ENABLED=1" >> /etc/default/dnsmasq
 fi

 echo "Configuring dnsmasq for Rock Pi network..."
 cat >/etc/dnsmasq.d/${ROCKNET}.conf << EOF
 interface=${ROCKNET}
 bind-interfaces
 except-interface=lo
 dhcp-authoritative
 leasefile-ro
 port=0
 dhcp-range=192.168.0.100,192.168.0.199
 EOF

 echo "Restarting dnsmasq service..."
 service dnsmasq restart
 if [ $? != 0 ]; then
 	echo "error: failed to restart dnsmasq"
 	exit 1
 fi

 echo "Enabling IP forwarding..."
 echo 1 >/proc/sys/net/ipv4/ip_forward

 echo "Creating IP tables rules script..."
 cat > /usr/local/sbin/iptables-rockpi.sh << EOF
 #!/bin/bash
 /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -m state --state RELATED,ESTABLISHED -j ACCEPT
 /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -j ACCEPT
 /sbin/iptables -t nat -A POSTROUTING -o ${DEFAULTNET} -j MASQUERADE
 EOF
 sudo chown root:root /usr/local/sbin/iptables-rockpi.sh
 sudo chmod 750 /usr/local/sbin/iptables-rockpi.sh

 echo "Creating IP tables rules service..."
 cat > /etc/systemd/system/iptables-rockpi.service << EOF
 [Unit]
 Description=iptables rockpi service
 After=network.target

 [Service]
 Type=oneshot
 ExecStart=/usr/local/sbin/iptables-rockpi.sh
 RemainAfterExit=true
 StandardOutput=journal

 [Install]
 WantedBy=multi-user.target
 EOF

 echo "Reloading systemd manager configuration..."
 sudo systemctl daemon-reload

 echo "Start IP tables rules service..."
 sudo systemctl enable iptables-rockpi
 sudo systemctl start iptables-rockpi

 echo "Searching for Rock Pi's IP address..."
 while true; do
 	rockip=`cat /proc/net/arp | grep ${ROCKNET} | grep -v 00:00:00:00:00:00 | cut -d" " -f1`
 	if [[ ${#rockip} -ge 7 ]] && [[ ${#rockip} -le 15 ]]; then
 		break
 	fi
 	sleep 0.1
 done

 echo "Writing Rock Pi configuration to ~/.ssh/config..."
 USER_HOME=$(getent passwd $SUDO_USER | cut -d: -f6)
 grep -w "Host rock01" $USER_HOME/.ssh/config > /dev/null 2>&1
 if [ $? != 0 ]; then
 	cat >>$USER_HOME/.ssh/config << EOF
 Host rock01
     HostName ${rockip}
     User vsoc-01
     IdentityFile ~/.ssh/rock01_key
     LocalForward 6520 127.0.0.1:6520
     LocalForward 6444 127.0.0.1:6444
 EOF
 else
 	sed -i '/Host rock01/{n;s/.*/    HostName '${rockip}'/}' $USER_HOME/.ssh/config
 fi
 grep -w "Host rockpi01" $USER_HOME/.ssh/config > /dev/null 2>&1
 if [ $? != 0 ]; then
 	cat >>$USER_HOME/.ssh/config << EOF
 Host rockpi01
     HostName ${rockip}
     User vsoc-01
     IdentityFile ~/.ssh/rock01_key
 EOF
 else
 	sed -i '/Host rockpi01/{n;s/.*/    HostName '${rockip}'/}' $USER_HOME/.ssh/config
 fi

 sudo chown $SUDO_USER:`id -ng $SUDO_USER` $USER_HOME/.ssh/config
 sudo chmod 600 $USER_HOME/.ssh/config

 echo "Creating ssh key..."
 sudo -u $SUDO_USER echo "n" | sudo -u $SUDO_USER ssh-keygen -q -t rsa -b 4096 -f $USER_HOME/.ssh/rock01_key -N '' >/dev/null 2>&1
 tmpfile=`mktemp`
 echo "echo cuttlefish" > "$tmpfile"
 chmod a+x "$tmpfile"
 chown $SUDO_USER "$tmpfile"
 sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
 if [ $? != 0 ]; then
 	sed -i "/${rockip}/d" ${USER_HOME}/.ssh/known_hosts
 	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
 	if [ $? != 0 ]; then
 		echo "error: wasn't able to connect to Rock Pi over ssh"
 		exit 1
 	fi
 fi

 echo "Successfully configured!"
 echo "  Host: 192.168.0.1"
 echo "RockPi: ${rockip}"
 echo "SSH Alias: rock01 (auto port-forwarding)"
 echo "SSH Alias: rockpi01 (no port-forwarding)"
	#!/bin/bash

	# Copyright 2019 Google Inc. All rights reserved.

	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at

	# http://www.apache.org/licenses/LICENSE-2.0

	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	if [[ "$OSTYPE" != "linux-gnu" ]]; then
	echo "error: must be running linux"
	exit 1
	fi

	sleep_time=0.1
	DEFAULTNET=$1
	if [ "$DEFAULTNET" == "" ]; then
	warn_no_default_network=0
	warn_multiple_networks=0
	warn_disconnect_rockpi=0
	while true; do
	DEFAULTNET=`ip link \| grep "state UP" \| sed 's/[0-9]: \([^:]\):.*/\1/'`
	if [[ "${DEFAULTNET}" == "" ]]; then
	if [[ $warn_no_default_network -eq 0 ]]; then
	echo "error: couldn't detect any connected default network"
	warn_no_default_network=1
	warn_multiple_networks=0
	fi
	continue
	elif [ `echo "$DEFAULTNET" \| wc -l` -eq 1 ]; then
	break
	elif [ `echo "$DEFAULTNET" \| wc -l` -ne 1 ]; then
	if [[ $warn_disconnect_rockpi -eq 0 ]]; then
	echo "Please disconnect the network cable from the Rock Pi"
	warn_disconnect_rockpi=1
	fi
	if [[ $warn_multiple_networks -eq 0 ]]; then
	echo "error: detected multiple connected networks, not sure which to use as default:"
	for net in $DEFAULTNET; do echo " $net"; done
	warn_no_default_network=0
	warn_multiple_networks=1
	fi
	sleep $sleep_time
	fi
	done
	fi

	# escalate to superuser
	if [ "$UID" -ne 0 ]; then
	exec sudo bash "$0" "${DEFAULTNET}"
	fi

	echo "Found default network at ${DEFAULTNET}"
	echo "Please reconnect network cable from Rock Pi to PC's spare network port"

	ROCKNETinit=`ip link \| grep "state UP" \| grep -v $DEFAULTNET \| sed 's/[0-9]: \([^:]\):.*/\1/' \| awk 'NF'`
	while true; do
	ROCKNET=`ip link \| grep "state UP" \| grep -v $DEFAULTNET \| sed 's/[0-9]: \([^:]\):.*/\1/' \| awk 'NF'`
	networks=`echo "$ROCKNET" \| wc -l`
	if [[ "${ROCKNET}" == "" ]]; then
	continue
	elif [ $networks -eq 1 ]; then
	break
	elif [ $networks -gt 1 ]; then
	ROCKNET=`comm -3 <(echo "$ROCKNETinit" \| sort) <(echo "$ROCKNET" \| sort) \| awk '{$1=$1};1'`
	if [ "${ROCKNET}" != "" ]; then
	break
	fi
	sleep $sleep_time
	fi
	done
	echo "Found Rock Pi network at ${ROCKNET}"
	sudo ifconfig ${ROCKNET} down

	echo "Configuring udev rules..."
	cat >/etc/udev/rules.d/82-${ROCKNET}.rules <<EOF
	ACTION=="add", SUBSYSTEM=="net", KERNEL=="${ROCKNET}", ENV{NM_UNMANAGED}="1"
	EOF

	echo "Configuring network interface..."
	cat >/etc/network/interfaces.d/${ROCKNET}.conf <<EOF
	auto ${ROCKNET}
	iface ${ROCKNET} inet static
	address 192.168.0.1
	netmask 255.255.255.0
	EOF

	echo "Restarting network interface..."
	service network-manager restart
	if [ $? != 0 ]; then
	echo "error: failed to restart network-manager"
	exit 1
	fi
	service networking restart
	if [ $? != 0 ]; then
	echo "error: failed to restart networking"
	exit 1
	fi

	# Verify the Rock Pi was configured correctly
	ip link show ${ROCKNET} >/dev/null
	if [ $? != 0 ]; then
	echo "error: wasn't able to successfully configure connection to Rock Pi"
	exit 1
	fi

	# Check if dnsmasq is already installed
	dpkg -l \| grep " dnsmasq " >/dev/null
	if [ $? != 0 ]; then
	echo "Installing dnsmasq..."
	apt-get install dnsmasq >/dev/null
	fi

	echo "Enabling dnsmasq daemon..."
	cat /etc/default/dnsmasq \| grep "ENABLED" >/dev/null
	if [ $? == 0 ]; then
	sed -i 's/.ENABLED./ENABLED=1/' /etc/default/dnsmasq
	else
	echo "ENABLED=1" >> /etc/default/dnsmasq
	fi

	echo "Configuring dnsmasq for Rock Pi network..."
	cat >/etc/dnsmasq.d/${ROCKNET}.conf << EOF
	interface=${ROCKNET}
	bind-interfaces
	except-interface=lo
	dhcp-authoritative
	leasefile-ro
	port=0
	dhcp-range=192.168.0.100,192.168.0.199
	EOF

	echo "Restarting dnsmasq service..."
	service dnsmasq restart
	if [ $? != 0 ]; then
	echo "error: failed to restart dnsmasq"
	exit 1
	fi

	echo "Enabling IP forwarding..."
	echo 1 >/proc/sys/net/ipv4/ip_forward

	echo "Creating IP tables rules script..."
	cat > /usr/local/sbin/iptables-rockpi.sh << EOF
	#!/bin/bash
	/sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -m state --state RELATED,ESTABLISHED -j ACCEPT
	/sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -j ACCEPT
	/sbin/iptables -t nat -A POSTROUTING -o ${DEFAULTNET} -j MASQUERADE
	EOF
	sudo chown root:root /usr/local/sbin/iptables-rockpi.sh
	sudo chmod 750 /usr/local/sbin/iptables-rockpi.sh

	echo "Creating IP tables rules service..."
	cat > /etc/systemd/system/iptables-rockpi.service << EOF
	[Unit]
	Description=iptables rockpi service
	After=network.target

	[Service]
	Type=oneshot
	ExecStart=/usr/local/sbin/iptables-rockpi.sh
	RemainAfterExit=true
	StandardOutput=journal

	[Install]
	WantedBy=multi-user.target
	EOF

	echo "Reloading systemd manager configuration..."
	sudo systemctl daemon-reload

	echo "Start IP tables rules service..."
	sudo systemctl enable iptables-rockpi
	sudo systemctl start iptables-rockpi

	echo "Searching for Rock Pi's IP address..."
	while true; do
	rockip=`cat /proc/net/arp \| grep ${ROCKNET} \| grep -v 00:00:00:00:00:00 \| cut -d" " -f1`
	if [[ ${#rockip} -ge 7 ]] && [[ ${#rockip} -le 15 ]]; then
	break
	fi
	sleep 0.1
	done

	echo "Writing Rock Pi configuration to ~/.ssh/config..."
	USER_HOME=$(getent passwd $SUDO_USER \| cut -d: -f6)
	grep -w "Host rock01" $USER_HOME/.ssh/config > /dev/null 2>&1
	if [ $? != 0 ]; then
	cat >>$USER_HOME/.ssh/config << EOF
	Host rock01
	HostName ${rockip}
	User vsoc-01
	IdentityFile ~/.ssh/rock01_key
	LocalForward 6520 127.0.0.1:6520
	LocalForward 6444 127.0.0.1:6444
	EOF
	else
	sed -i '/Host rock01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config
	fi
	grep -w "Host rockpi01" $USER_HOME/.ssh/config > /dev/null 2>&1
	if [ $? != 0 ]; then
	cat >>$USER_HOME/.ssh/config << EOF
	Host rockpi01
	HostName ${rockip}
	User vsoc-01
	IdentityFile ~/.ssh/rock01_key
	EOF
	else
	sed -i '/Host rockpi01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config
	fi

	sudo chown $SUDO_USER:`id -ng $SUDO_USER` $USER_HOME/.ssh/config
	sudo chmod 600 $USER_HOME/.ssh/config

	echo "Creating ssh key..."
	sudo -u $SUDO_USER echo "n" \| sudo -u $SUDO_USER ssh-keygen -q -t rsa -b 4096 -f $USER_HOME/.ssh/rock01_key -N '' >/dev/null 2>&1
	tmpfile=`mktemp`
	echo "echo cuttlefish" > "$tmpfile"
	chmod a+x "$tmpfile"
	chown $SUDO_USER "$tmpfile"
	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
	if [ $? != 0 ]; then
	sed -i "/${rockip}/d" ${USER_HOME}/.ssh/known_hosts
	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
	if [ $? != 0 ]; then
	echo "error: wasn't able to connect to Rock Pi over ssh"
	exit 1
	fi
	fi

	echo "Successfully configured!"
	echo " Host: 192.168.0.1"
	echo "RockPi: ${rockip}"
	echo "SSH Alias: rock01 (auto port-forwarding)"
	echo "SSH Alias: rockpi01 (no port-forwarding)"