Commit 1bf4a0d2 authored by HgO's avatar HgO

Ask the user if they want to import VPN certificates

parent 5884971b
......@@ -10,7 +10,7 @@ A script to easily install Neutrinet internetcubes
You will need the following packages installed on your system:
```
sudo apt install git curl jq unzip
sudo apt install git curl jq unzip gpg
```
In addition, some parts of this script require sudo access to be executed.
......@@ -22,11 +22,6 @@ bash neutrinet_cube_install.sh
```
This will create a subfolder `cube_resources` containing the install-sd.sh script and the internetcube images for your board.
It is possible to provide the directory containing your VPN certificates:
```
bash neutrinet_cube_install.sh -d <path/to/your/certificates>
```
If you are planning on installing multiple cubes, you may consider dedicating a folder on your PC/laptop for this and run
```bash
bash neutrinet_cube_install.sh -p
......
......@@ -401,11 +401,14 @@ function get_hypercube_setting() {
}
function find_vpn_certificate() {
crt_files="$@"
local certs_dir=$1
shift
local crt_files="$@"
for crt_file in $crt_files
do
crt_file="$VPN_CERTIFICATES_LOCATION/$crt_file"
crt_file="$certs_dir/$crt_file"
if [[ -f $crt_file ]]
then
cat "$crt_file"
......@@ -417,19 +420,38 @@ function find_vpn_certificate() {
}
function import_vpn_certificates() {
if ! vpn_client_crt=$(find_vpn_certificate {client,user}.crt)
local certs_dir=$1
local import_has_error=false
if [[ ! -d "$certs_dir" ]]
then
error "Either the location is wrong or it is not a directory"
return 1
fi
info "Importing VPN certificates from '$certs_dir'..."
if ! vpn_client_crt=$(find_vpn_certificate "$certs_dir" {client,user}.crt)
then
warn "Cannot find VPN client certificate (client.crt or user.crt)"
error "Cannot find VPN client certificate (client.crt or user.crt)"
import_has_error=true
fi
if ! vpn_client_key=$(find_vpn_certificate {client,user}.key)
if ! vpn_client_key=$(find_vpn_certificate "$certs_dir" {client,user}.key)
then
warn "Cannot find VPN client key (client.key or user.key)"
error "Cannot find VPN client key (client.key or user.key)"
import_has_error=true
fi
if ! vpn_ca_crt=$(find_vpn_certificate {ca,ca-server}.crt)
if ! vpn_ca_crt=$(find_vpn_certificate "$certs_dir" {ca,ca-server}.crt)
then
warn "Cannot find VPN server certificate (ca.crt or ca-server.crt)"
error "Cannot find VPN server certificate (ca.crt or ca-server.crt)"
import_has_error=true
fi
if $import_has_error
then
return 2
fi
}
......@@ -533,38 +555,33 @@ function create_hypercube_file() {
"$PASSWORD_PATTERN" \
"Password must have 3 symbols or more."
if [[ -n $VPN_CERTIFICATES_LOCATION ]]
then
if [[ -d $VPN_CERTIFICATES_LOCATION ]]
location_has_error=true
while $location_has_error
do
if confirm "Would you like to import the VPN certificates from a directory?" "y"
then
info "Importing VPN certificates from '$VPN_CERTIFICATES_LOCATION'..."
import_vpn_certificates
read -e -r -p "Enter your VPN certificates' location: " VPN_CERTIFICATES_LOCATION
if import_vpn_certificates $VPN_CERTIFICATES_LOCATION
then
location_has_error=false
fi
else
warn "Cannot import VPN certificates: '$VPN_CERTIFICATES_LOCATION' not found"
fi
fi
location_has_error=false
if [[ -z $vpn_client_crt ]]
then
echo "VPN client certificate"
info "Paste all the content of client.crt below and end with a blank line: "
# See https://stackoverflow.com/questions/20913635/how-to-read-multi-line-input-in-a-bash-script/20913871#20913871
vpn_client_crt=$(sed '/^$/q' | sed '/^$/d')
fi
echo "Enter your VPN client certificate"
info "Paste all the content of client.crt below and end with a blank line: "
# See https://stackoverflow.com/questions/20913635/how-to-read-multi-line-input-in-a-bash-script/20913871#20913871
vpn_client_crt=$(sed '/^$/q' | sed '/^$/d')
if [[ -z $vpn_client_key ]]
then
echo "VPN client key"
info "Paste all the content of client.key below and end with a blank line: "
vpn_client_key=$(sed '/^$/q' | sed '/^$/d')
fi
echo "Enter your VPN client key"
info "Paste all the content of client.key below and end with a blank line: "
vpn_client_key=$(sed '/^$/q' | sed '/^$/d')
if [[ -z $vpn_ca_crt ]]
then
echo "CA server certificate"
info "Paste all the content of ca.crt below and end with a blank line: "
vpn_ca_crt=$(sed '/^$/q' | sed '/^$/d')
fi
echo "Enter the CA server certificate"
info "Paste all the content of ca.crt below and end with a blank line: "
vpn_ca_crt=$(sed '/^$/q' | sed '/^$/d')
fi
done
prompt wifi_ssid "WiFi hotspot name" \
"If you bought a WiFi antenna, this will be the name of your own WiFi hotspot" \
......@@ -841,8 +858,6 @@ function show_help() {
echo -e " \e[1m-p\e[21m"
echo -e " Download and prepare all scripts and board images needed for installing a cube"
echo -e " \e[2mNext time this script is run from the same folder as it is run now, these scripts and images will be used\e[22m"
echo -e " \e[1m-d\e[21m \e[4mCERTS\e[24m"
echo -e " Import VPN certificates from \e[4mCERTS\e[24m directory"
echo -e " \e[1m-h\e[21m"
echo -e " Show this help"
}
......@@ -866,10 +881,9 @@ function prepare() {
# GET OPTIONS
#=================================================
while getopts "vhpd:" opt; do
while getopts "vhp" opt; do
case $opt in
v) LOG_LEVEL=${LOG_LEVELS[DEBUG]};;
d) VPN_CERTIFICATES_LOCATION=$OPTARG;;
p) prepare; exit 0;;
h) show_help; exit 0;;
\?) show_help; exit 0;;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment