Commit 718b4445 authored by Ilja's avatar Ilja

Merge branch '7-import-certificates' into 'master'

Resolve "Import or download VPN certificates"

Closes #7

See merge request Neutrinet/neutrinet_cube_install!12
parents d7d50e9a f6ee056c
......@@ -20,14 +20,20 @@ This script is meant to make it easier to install a Neutrinet internet cube. Dow
```bash
bash neutrinet_cube_install.sh
```
This will create a subfolder `cube_resources` containing the install-sd.sh script and the internetcube images for your board.
It is possible to provide the directory containing your VPN certificates:
```
bash neutrinet_cube_install.sh -d <path/to/your/certificates>
```
If you are planning on installing multiple cubes, you may consider dedicating a folder on your PC/laptop for this and run
```bash
bash neutrinet_cube_install.sh -p
```
This will create a subfolder `cube_resources` containing the install-sd.sh script and the internetcube images for lime and lime2
This will download the install-sd.sh and internetcube images for lime and lime2. Everything will be stored in the `cube_resources` subfolder.
For more information you can use the -h option
For more information you can use the -h option:
```bash
bash neutrinet_cube_install.sh -h
```
......@@ -353,6 +353,39 @@ function get_hypercube_setting() {
fi
}
function find_vpn_certificate() {
crt_files="$@"
for crt_file in $crt_files
do
crt_file="$VPN_CERTIFICATES_LOCATION/$crt_file"
if [[ -f $crt_file ]]
then
cat "$crt_file"
return 0
fi
done
return 1
}
function import_vpn_certificates() {
if ! vpn_client_crt=$(find_vpn_certificate {client,user}.crt)
then
warn "Cannot find VPN client certificate (client.crt or user.crt)"
fi
if ! vpn_client_key=$(find_vpn_certificate {client,user}.key)
then
warn "Cannot find VPN client key (client.key or user.key)"
fi
if ! vpn_ca_crt=$(find_vpn_certificate {ca,ca-server}.crt)
then
warn "Cannot find VPN server certificate (ca.crt or ca-server.crt)"
fi
}
function show_hypercube_settings() {
echo "Domain: $(get_hypercube_setting yunohost.domain)"
echo "Admin password: $(get_hypercube_setting yunohost.password)"
......@@ -440,9 +473,6 @@ function create_hypercube_file() {
"$PASSWORD_PATTERN" \
"Password must have 3 symbols or more."
# TODO: The following should be automated
# See https://github.com/Neutrinet/scripts/tree/master/vpn for inspiration
# We could download the configuration package from the web interface?
info "You will now need to enter your Neutrinet VPN certificates and credentials"
info "If you want to reuse certificates from a previous install, you can find everything on that cube as user.crt, user.key, ca-server.crt and credentials in /etc/openvpn/keys"
......@@ -456,19 +486,38 @@ function create_hypercube_file() {
"$PASSWORD_PATTERN" \
"Password must have 3 symbols or more."
echo "VPN client certificate"
info "Paste all the content of client.crt below and end with a blank line: "
vpn_client_crt=$(sed '/^$/q' | sed '/^$/d') # TODO: figure out this black magic
if [[ -n $VPN_CERTIFICATES_LOCATION ]]
then
if [[ -d $VPN_CERTIFICATES_LOCATION ]]
then
info "Importing VPN certificates from '$VPN_CERTIFICATES_LOCATION'..."
import_vpn_certificates
else
warn "Cannot import VPN certificates: '$VPN_CERTIFICATES_LOCATION' not found"
fi
fi
echo "VPN client key"
info "Paste all the content of client.key below and end with a blank line: "
vpn_client_key=$(sed '/^$/q' | sed '/^$/d')
if [[ -z $vpn_client_crt ]]
then
echo "VPN client certificate"
info "Paste all the content of client.crt below and end with a blank line: "
# See https://stackoverflow.com/questions/20913635/how-to-read-multi-line-input-in-a-bash-script/20913871#20913871
vpn_client_crt=$(sed '/^$/q' | sed '/^$/d')
fi
echo "CA server certificate"
info "Paste all the content of ca.crt below and end with a blank line: "
vpn_ca_crt=$(sed '/^$/q' | sed '/^$/d')
if [[ -z $vpn_client_key ]]
then
echo "VPN client key"
info "Paste all the content of client.key below and end with a blank line: "
vpn_client_key=$(sed '/^$/q' | sed '/^$/d')
fi
info "ALRIGHT! That was it for the certificates ^^ Let's continue with the rest, shall we"
if [[ -z $vpn_ca_crt ]]
then
echo "CA server certificate"
info "Paste all the content of ca.crt below and end with a blank line: "
vpn_ca_crt=$(sed '/^$/q' | sed '/^$/d')
fi
prompt wifi_ssid "WiFi hotspot name" \
"If you bought a WiFi antenna, this will be the name of your own WiFi hotspot" \
......@@ -713,13 +762,15 @@ function show_goodbye() {
#=================================================
function show_help() {
echo -e "\n \e[7m\e[1m Neutrinet Cube installer \e[0m\n"
echo -e "\e[1mOPTIONS\e[0m"
echo -e " \e[1m-p\e[0m" >&2
echo -e " Downloads and prepares all general images and files needed for installing the cube" >&2
echo -e " \e[2mNext time this script is ran from the same folder as it is ran now, these files and scrips will be used\e[0m" >&2
echo -e " \e[1m-h\e[0m" >&2
echo -e " Show this help" >&2
echo -e "\n \e[7m\e[1m Neutrinet Cube installer \e[27m\n"
echo -e "\e[1mOPTIONS\e[21m"
echo -e " \e[1m-p\e[21m"
echo -e " Download and prepare all scripts and board images needed for installing a cube"
echo -e " \e[2mNext time this script is run from the same folder as it is run now, these scripts and images will be used\e[22m"
echo -e " \e[1m-d\e[21m \e[4mCERTS\e[24m"
echo -e " Import VPN certificates from \e[4mCERTS\e[24m directory"
echo -e " \e[1m-h\e[21m"
echo -e " Show this help"
}
function prepare() {
......@@ -741,9 +792,10 @@ function prepare() {
# GET OPTIONS
#=================================================
while getopts "vhp" opt; do
while getopts "vhpd:" opt; do
case $opt in
v) LOG_LEVEL=${LOG_LEVELS[DEBUG]};;
d) VPN_CERTIFICATES_LOCATION=$OPTARG;;
p) prepare; exit 0;;
h) show_help; exit 0;;
\?) show_help; exit 0;;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment