lukechilds
/
raspiblitz
mirror of https://github.com/lukechilds/raspiblitz.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

#324 & #485

sshtunnel
Christian Rotzoll 6 years ago
parent
4d42270666
commit
324420a163
2 changed files with 66 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 53
      home.admin/_bootstrap.provision.sh
  2. 14
      home.admin/config.scripts/internet.sshtunnel.py

53
home.admin/_bootstrap.provision.sh
View File

@ -82,6 +82,21 @@ sed -i "6s/.*/After=${network}d.service/" /home/admin/assets/lnd.service >> ${lo
sudo cp /home/admin/assets/lnd.service /etc/systemd/system/lnd.service >> ${logFile} 2>&1
sudo chmod +x /etc/systemd/system/lnd.service >> ${logFile} 2>&1
# backup LND dir (especially for macaroons and tlscerts)
# https://github.com/rootzoll/raspiblitz/issues/324
echo "*** Make backup of LND directory" >> ${logFile}
sudo rm -r /mnt/hdd/backup_lnd
sudo cp -r /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1
numOfDiffers=$(sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd | grep -c "differ")
if [ ${numOfDiffers} -gt 0 ]; then
echo "FAIL: Backup was not successfull" >> ${logFile}
sudo diff -arq /mnt/hdd/lnd /mnt/hdd/backup_lnd >> ${logFile} 2>&1
echo "removing backup dir to prevent false override" >> ${logFile}
else
echo "OK Backup is valid." >> ${logFile}
fi
echo "" >> ${logFile}
# finish setup (SWAP, Benus, Firewall, Update, ..)
sudo sed -i "s/^message=.*/message='Setup System ..'/g" ${infoFile}
/home/admin/90finishSetup.sh >> ${logFile} 2>&1
@ -170,6 +185,44 @@ else
echo "Was not able to get LND port from config." >> ${logFile}
fi
# SSH TUNNEL
if [ "${#sshtunnel}" -gt 0 ]; then
echo "Provisioning SSH Tunnel - run config script" >> ${logFile}
sudo sed -i "s/^message=.*/message='Setup SSH Tunnel'/g" ${infoFile}
sudo /home/admin/config.scripts/internet.sshtunnel.py restore ${sshtunnel} >> ${logFile} 2>&1
else
echo "Provisioning SSH Tunnel - keep default" >> ${logFile}
fi
# ROOT SSH KEYS
# check if a backup on HDD exists and when retsore back
backupRootSSH=$(sudo ls /mnt/hdd/ssh/root_backup 2>/dev/null | grep -c "id_rsa")
if [ ${backupRootSSH} -gt 0 ]; then
echo "Provisioning Root SSH Keys - RESTORING from HDD" >> ${logFile}
sudo cp -r /mnt/hdd/ssh/root_backup /root/.ssh
sudo chown -R root:root /root/.ssh
else
echo "Provisioning Root SSH Keys - keep default" >> ${logFile}
fi
# replay backup LND dir (especially for macaroons and tlscerts)
# https://github.com/rootzoll/raspiblitz/issues/324
echo "" >> ${logFile}
echo "*** Replay backup of LND directory" >> ${logFile}
if [ -d "/mnt/hdd/backup_lnd" ]; then
echo "Copying ..." >> ${logFile}
sudo cp -r /mnt/hdd/backup_lnd /mnt/hdd/lnd >> ${logFile} 2>&1
echo "Updating user admin creds ..." >> ${logFile}
sudo cp /mnt/hdd/lnd/lnd.conf /home/admin/.lnd/lnd.conf >> ${logFile} 2>&1
sudo cp /mnt/hdd/lnd/tls.cert /home/admin/.lnd/tls.cert >> ${logFile} 2>&1
sudo cp -r /mnt/hdd/lnd/data/chain /home/admin/.lnd/data/chain >> ${logFile} 2>&1
sudo chown -R admin:admin /home/admin/.lnd >> ${logFile} 2>&1
echo "DONE" >> ${logFile}
else
echo "No BackupDir so skipping that step." >> ${logFile}
fi
echo "" >> ${logFile}
sudo sed -i "s/^message=.*/message='Setup Done'/g" ${infoFile}
echo "DONE - Give raspi some cool off time after hard building .... 20 secs sleep" >> ${logFile}

14
home.admin/config.scripts/internet.sshtunnel.py
View File

@ -6,13 +6,14 @@ from pathlib import Path
# display config script info
if len(sys.argv) <= 1 or sys.argv[1] == "-h" or sys.argv[1] == "help":
print("forward ports from another server to raspiblitz with reverse SSH tunnel")
print("internet.sshtunnel.py [on|off] [USER]@[SERVER] [INTERNAL-PORT]:[EXTERNAL-PORT]")
print("internet.sshtunnel.py [on|off|restore] [USER]@[SERVER] [INTERNAL-PORT]:[EXTERNAL-PORT]")
print("note that [INTERNAL-PORT]:[EXTERNAL-PORT] can one or multiple forwardings")
sys.exit(1)
#
# CONSTANTS
# sudo journalctl -f -u autossh-tunnel
#
SERVICENAME="autossh-tunnel.service"
SERVICEFILE="/etc/systemd/system/"+SERVICENAME
@ -32,6 +33,17 @@ StandardOutput=journal
WantedBy=multi-user.target
"""
#
# RESTORE = SWITCHING ON with restore flag on
# on restore other external scripts dont need calling
#
restoringOnUpdate = False
if sys.argv[1] == "restore":
print("internet.sshtunnel.py -> running with restore flag")
sys.argv[1] = "on"
restoringOnUpdate = True
#
# SWITCHING ON
#

Write Preview
Loading…
Cancel
Save