script/manage-gw-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
16d09fb42a6dfc2046fe0676ade6e2469146d2fa
manage-gw-config/change_network_gateway.sh
root 16d09fb42a Change output, improve error handling.
2017-02-25 05:08:48 +01:00

721 lines
17 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
base_dir=/root/Office_Networks
chown -R root:root $base_dir
logfile=$(mktemp)
function usage() {
if [ -n "$1" ];then
echo -e "\nError: $1"
fi
cat<<EOF
`basename $0` - configure that gateway for a certain network
Usage: `basename $0` <network-name>
network-name possible values are:
NONE-WF
NONE-CKUBU
AKB
ANW-URB
ANW-KM
B3-Bornim
CKUBU
FLR-BRB
GA-AL
GA-Ersatz
GA-NH
GA-Schloss
JONAS
Kanzlei-Kiel
MBR
OOLM
OPP
ReachOut
SPR-BE
WF
Notice:
!! To change the network, you have to chroot into /ro !!
remountrw
rebind on
chroot /ro
`basename $0` <network-name>
exit
rebind off
remountro
EOF
rm -rf $logfile
exit
}
error(){
echo ""
if $terminal ; then
echo -e "\t[ \033[31m\033[1mFehler\033[m ]: $*"
else
echo "Error: $*"
fi
echo ""
}
warn (){
echo ""
if $terminal ; then
echo -e "\t[ \033[33m\033[1mWarning\033[m ]: $*"
else
echo "Warning: $*"
fi
echo ""
}
info (){
echo ""
if $terminal ; then
echo -e "\t[ \033[32m\033[1mInfo\033[m ]: $*"
else
echo "Info: $*"
fi
echo ""
}
echo_OK() {
echo -en "\\033[45G[ \\033[1;32mOK\\033[0;39m ]\n"
}
echo_FAILED() {
echo -en "\\033[45G[ \\033[1;31mFAIL\\033[0;39m ]\n"
}
echo_SKIPPED() {
echo -en "\\033[45G[ \\033[37mSkipped\\033[0;39m ]\n"
}
[ $# -ne "1" ] && usage "wrong number of arguments"
case $1 in
CKUBU)
network=$1
_igmproxy=true
_add_support_if=true
;;
NONE-CKUBU|NONE-WF)
network=$1
_igmproxy=false
_add_support_if=false
;;
AKB|ANW-URB|ANW-KM|B3-Bornim|FLR-BRB|GA-AL|GA-Ersatz|GA-NH|GA-Schloss|JONAS|Kanzlei-Kiel|MBR|OOLM|OPP|ReachOut|SPR-BE|WF)
network=$1
_igmproxy=false
_add_support_if=true
;;
*)
usage
exit 1
esac
echo ""
echo "Configure gateway for network \"$network\".."
echo ""
# - Nameserver Bind
# - /etc/bind/*
# -
echo -en "\tNameserver settings.."
_rval=true
rm -rf /etc/bind
if [ "$?" != "0" ]; then
_rval=false
fi
mkdir -p /var/log/named
if [ "$?" != "0" ]; then
_rval=false
fi
chown bind:bind /var/log/named > /dev/null 2>&1
cp -a ${base_dir}/${network}/bind /etc/bind
if [ "$?" != "0" ]; then
_rval=false
fi
if ! $_rval ; then
echo_FAILED
else
echo_OK
fi
# - OpenVPN:
# - /etc/openvpn/*
# -
if [[ -d "/etc/openvpn" ]]; then
echo -en "\tVPN settings.."
/etc/init.d/openvpn stop > /dev/null
rm -rf /etc/openvpn
cp -a ${base_dir}/${network}/openvpn /etc/openvpn > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if [ -d "/root/.openvpn" ]; then
echo -en "\tCleanup private VPN settings for user root.."
rm -r /root/.openvpn > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if [ -d "${base_dir}/${network}/.openvpn" ];then
echo -en "\tPrivate VPN settings for root user.."
cp -a ${base_dir}/${network}/.openvpn /root/.openvpn > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
chown -R root:root /root/.openvpn
chmod 700 /root/.openvpn
else
if [ -d "/root/.openvpn" ];then
rm /root/.openvpn
fi
fi
# - DynDNS
# - /etc/ddclient.conf
if [ -f ${base_dir}/${network}/ddclient.conf.${network} ];then
echo -en "\tConfigure DynDNS.."
cp -a ${base_dir}/${network}/ddclient.conf.${network} /etc/ddclient.conf > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
# - DHCP Server
# - /etc/dhcp/dhcpd.conf
echo -en "\tDHCP Server settings.."
files="dhcpd.conf.${network}
dhcpd6.conf.${network}
hosts.lan.conf.${_network}
hosts.w-lan.conf.${_network}"
failed=false
success=false
for file in $files ; do
file_real_name="${file%.*}"
if [[ -f "${base_dir}/${network}/$file" ]]; then
if [[ -d /etc/dhcp ]]; then
cp -a ${base_dir}/${network}/$file /etc/dhcp/ > $logfile 2>&1
if [[ "$?" = "0" ]]; then
success=true
else
failed=true
fi
elif [[ -d /etc/dhcp3 ]] ;then
cp -a ${base_dir}/${network}/$file /etc/dhcp3/ > $logfile 2>&1
if [[ "$?" = "0" ]]; then
success=true
else
failed=true
fi
fi
fi
done
if $failed ; then
echo_FAILED
error $(cat $logfile)
elif $success ; then
echo_OK
else
echo_SKIPPED
fi
#if [ -f "${base_dir}/${network}/isc-dhcp6-server.${network}" ]; then
# echo -en "\tINIT-Script isc-dhcp6-server.."
# cp -a ${base_dir}/${network}/isc-dhcp6-server.${network} /etc/init.d/isc-dhcp6-server
# if [ "$?" != "0" ]; then
# echo_FAILED
# else
# echo_OK
# fi
#fi
# - DSL:
# - /etc/ppp/peers/dsl-provider
# - /etc/ppp/ip-up.d/email_notice
rval=true
echo -en "\tDSL settings.."
if [[ -d "/etc/ppp/peers" ]]; then
if [[ -d "{base_dir}/${network}/peers" ]]; then
cp -a ${base_dir}/${network}/peers/* /etc/ppp/peers/ > $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
fi
fi
if [[ -f "{base_dir}/${network}/email_notice.${network}" ]] ; then
cp -a ${base_dir}/${network}/email_notice.${network} /etc/ppp/ip-up.d/email_notice >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
fi
cp -a ${base_dir}/${network}/pap-secrets.${network} /etc/ppp/pap-secrets >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/chap-secrets.${network} /etc/ppp/chap-secrets >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
# - Postfix SMTP
# - /etc/postfix/main.cf
# - /etc/mailname
# - /etc/postfix/generic
# - /etc/postfix/generic.db
echo -en "\tConfigure Postfix SMTP Server.."
_rval=true
/etc/init.d/postfix stop > /dev/null
cp -a ${base_dir}/${network}/main.cf.${network} /etc/postfix/main.cf > $logfile 2>&1
if [ -f ${base_dir}/${network}/generic.${network} ]; then
cp -a ${base_dir}/${network}/generic.${network} /etc/postfix/generic >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/generic.db.${network} /etc/postfix/generic.db >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
fi
if [ -f ${base_dir}/${network}/sasl_passwd.${network} ]; then
cp -a ${base_dir}/${network}/sasl_passwd.${network} /etc/postfix/sasl_passwd >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/sasl_passwd.db.${network} /etc/postfix/sasl_passwd.db >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
fi
cp -a ${base_dir}/${network}/mailname.${network} /etc/mailname >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
# - Netzwerk:
# - /etc/network/interfaces
# - /etc/resolv.conf
# - /etc/hostname
# - /etc/hosts
echo -en "\tConfigure network settings.."
_rval=true
cp -a ${base_dir}/${network}/interfaces.${network} /etc/network/interfaces > $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/resolv.conf.${network} /etc/resolv.conf >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/hosts.${network} /etc/hosts >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
cp -a ${base_dir}/${network}/hostname.${network} /etc/hostname >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
# - /usr/local/src directory
# -
echo -en "\t/root/bin directory"
if [[ -d "${base_dir}/${network}/bin" ]]; then
if [[ ! -d "/root/bin" ]]; then
mkdir /root/bin > $logfile 2>&1
fi
cp -a ${base_dir}/${network}/bin/* /root/bin/ > $logfile 2>&1
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
else
echo_SKIPPED
fi
# - /usr/local/src directory
# -
echo -en "\t/usr/local/src directory"
if [[ -d "${base_dir}/${network}/src" ]]; then
cp -a ${base_dir}/${network}/src/* /usr/local/src/ > $logfile 2>&1
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
else
echo_SKIPPED
fi
# - /usr/local/sbin directory
# -
echo -en "\t/usr/local/sbin directory"
if [[ -d "${base_dir}/${network}/sbin" ]]; then
cp -a ${base_dir}/${network}/sbin/* /usr/local/sbin/ > $logfile 2>&1
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
else
echo_SKIPPED
fi
# - Firewall:
# -
_rval=true
echo -en "\tFirewall.."
if [[ -d "${base_dir}/${network}/ipt-firewall" ]]; then
if [[ -d "/etc/ipt-firewall" ]]; then
rm -rf /etc/ipt-firewall
fi
mkdir -p /etc/ipt-firewall
cp -a ${base_dir}/${network}/ipt-firewall /etc/ > $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -d "/etc/ipt-firewall" ]]; then
rm -rf /etc/ipt-firewall >> $logfile 2>&1
fi
fi
if [ -f ${base_dir}/${network}/ipt-firewall.${network} ]; then
cp -a ${base_dir}/${network}/ipt-firewall.${network} /etc/init.d/ipt-firewall >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
rm -f /etc/init.d/ipt-firewall >> $logfile 2>&1
fi
if [ -f ${base_dir}/${network}/ip6t-firewall.${network} ]; then
cp -a ${base_dir}/${network}/ip6t-firewall.${network} /etc/init.d/ip6t-firewall >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [ -f "/etc/init.d/ip6t-firewall" ]; then
rm -f /etc/init.d/ip6t-firewall >> $logfile 2>&1
fi
fi
if [ -f ${base_dir}/${network}/ip6t-firewall.${network} ]; then
echo -en "\tFirewall IPv6.."
cp -a ${base_dir}/${network}/ip6t-firewall.${network} /etc/init.d/ip6t-firewall >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [ -f "/etc/init.d/ip6t-firewall" ]; then
rm /etc/init.d/ip6t-firewall
fi
fi
if [[ -f "${base_dir}/${network}/ipt-firewall.service.${network}" ]]; then
cp ${base_dir}/${network}/ipt-firewall.service.${network} /etc/systemd/system/ipt-firewall.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
systemctl daemon-reload >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
systemctl enable ipt-firewall.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -f "/etc/systemd/system/ipt-firewall.service" ]]; then
systemctl disable ipt-firewall.service >> $logfile 2>&1
rm /etc/systemd/system/ipt-firewall.service >> $logfile 2>&1
fi
fi
if [[ -f "${base_dir}/${network}/ip6t-firewall.service.${network}" ]]; then
cp ${base_dir}/${network}/ip6t-firewall.service.${network} /etc/systemd/system/ip6t-firewall.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
systemctl daemon-reload >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
systemctl enable ip6t-firewall.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -f "/etc/systemd/system/ip6t-firewall.service" ]]; then
systemctl disable ip6t-firewall.service >> $logfile 2>&1
rm /etc/systemd/system/ip6t-firewall.service >> $logfile 2>&1
fi
fi
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
# - Check Script Onlinestatus
# -
echo -en "\tCheck Script Onlinestatus.."
_rval=true
if [[ -d "${base_dir}/${network}/check_net" ]]; then
if [[ -d "/etceck_net" ]]; then
rm -rf /etc/check_net > $logfile 2>&1
fi
mkdir -p /etc/check_net
cp -a ${base_dir}/${network}/check_net /etc/ >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -d "/etc/check_net" ]]; then
rm -rf /etc/check_net >> $logfile 2>&1
fi
fi
if [ -f ${base_dir}/${network}/check_net.service.${_network} ] ; then
cp -a ${base_dir}/${network}/check_net.service.${_network} /etc/systemd/system/check_net.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
systemctl daemon-reload >> $logfile 2>&1
systemctl enable check_net.service >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -f "/etc/systemd/system/check_net.service" ]]; then
systemctl disable check_net.service >> $logfile 2>&1
rm /etc/systemd/system/check_net.service >> $logfile 2>&1
systemctl daemon-reload
fi
fi
if [[ -f "${base_dir}/${network}/check_net-logrotate.${_network}" ]]; then
cp -a ${base_dir}/${network}/check_net-logrotate.${_network} /etc/logrotated.d/check_net >> $logfile 2>&1
if [ "$?" != "0" ]; then
_rval=false
fi
else
if [[ -f "/etc/logrotated.d/check_net" ]]; then
rm /etc/logrotated.d/check_net >> $logfile 2>&1
fi
fi
if ! $_rval ; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
# - Other files
# -
if [ -f ${base_dir}/${network}/igmpproxy.conf.${network} ];then
echo -en "\tConfigure igmproxy (Entertain TV).."
PID=`ps aux | grep "/igmpproxy " | grep -v grep | awk '{print$2}'`
kill -9 $PID > /dev/null 2>&1
cp -a ${base_dir}/${network}/igmpproxy.conf.${network} /usr/local/igmpproxy/etc/igmpproxy.conf > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if [ -f ${base_dir}/${network}/aiccu.conf.${network} ]; then
echo -en "\tConfigure aiccu (IPv6 Tunnel).."
cp -a ${base_dir}/${network}/aiccu.conf.${network} /etc/aiccu.conf > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if [ -f ${base_dir}/${network}/aiccu.${network} ]; then
echo -en "\tSetting /etc/defaults/aiccu.."
cp -a ${base_dir}/${network}/aiccu.${network} /etc/default/aiccu > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if [ -f ${base_dir}/${network}/radvd.conf.${network} ]; then
echo -en "\tConfigure radvd (Router Advertisment Daemon).."
cp -a ${base_dir}/${network}/radvd.conf.${network} /etc/radvd.conf > $logfile 2>&1
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
fi
if $_add_support_if ; then
if ! grep -e "eth1:rescue " /etc/network/interfaces > /dev/null ; then
echo -en "\tAdd interface eth1:rescue.."
cat << EOF >> /etc/network/interfaces
auto eth1:rescue
iface eth1:rescue inet static
address 172.16.1.1
network 172.16.1.0
netmask 255.255.255.0
broadcast 172.16.1.255
EOF
if [ "$?" != "0" ]; then
echo_FAILED
else
echo_OK
fi
fi
fi
## - Cron (root)
## -
echo -en "\tSetting up cronjobs.."
if [ "$network" = "NONE-CKUBU" -o "$network" = "NONE-WF" -o "$network" = "GA-Ersatz" ];then
cp -a ${base_dir}/crontab_root.NONE /var/spool/cron/crontabs/root > $logfile 2>&1
else
if [ -f ${base_dir}/${network}/cron_root.${network} ];then
cp -a ${base_dir}/${network}/cron_root.${network} /var/spool/cron/crontabs/root > $logfile 2>&1
fi
fi
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
echo -en "\tSetting up rc.local.."
if [ "$network" = "NONE-CKUBU" -o "$network" = "NONE-WF" -o "$network" = "GA-Ersatz" ];then
cp -a ${base_dir}/rc.local.NONE /etc/rc.local > $logfile 2>&1
else
#cp -a ${base_dir}/rc.local /etc/rc.local
cp -a ${base_dir}/${network}/rc.local.${network} /etc/rc.local > $logfile 2>&1
fi
if [ "$?" != "0" ]; then
echo_FAILED
error $(cat $logfile)
else
echo_OK
fi
if $_add_support_if ; then
echo -e " After restarting, you can reach that device"
echo -e " at ip-address: \\033[1;33m172.16.1.1\\033[0;39m"
fi
if [ "$(stat -c %d:%i /)" = "$(stat -c %d:%i /proc/1/root/.)" ]; then
warn "This is NOT a chrooted environment. Maybe thats ok. \n\n\t\033[1;37mIf this is a readonly system, take care, you are chrooted into /ro.\n\tOtherwise changes are not persistent.\033[m"
#echo ""
#echo ""
#echo -e " \\033[1;31m Take care, you are chrooted into /ro. Otherwise"
#echo -e " changes are not persistent \\033[0;39m !!"
#echo ""
#echo ""
else
info "Programm was running in a chrooted environment.\n\n\t\033[1;37mExit from chroot environment and restart to make changes active..\033[m"
#echo ""
#echo ""
#echo -e " \\033[1;33mExit from chroot environment and restart to make changes active..\\033[0;39m"
#echo ""
fi
exit 0
Reference in New Issue View Git Blame Copy Permalink