72 lines
1.7 KiB
Bash
Executable File
72 lines
1.7 KiB
Bash
Executable File
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
opdir="${1?Output dir missing}"
|
|
|
|
: "${HOME?HOME is not set}"
|
|
|
|
script_dir=$(dirname "$(realpath "$0")")
|
|
common_ssh_cfg_path="${DIYVPN_SSH_CFG:-$script_dir/common_sshconfig}"
|
|
diyvpn_cfg="${DIYVPN_CFG:-$HOME/.config/diyvpn/servers}"
|
|
|
|
generate() {
|
|
local cfgpath name server_ssh_cfg idle_timeout listen_address
|
|
cfgpath="$1"
|
|
name=$(basename "$cfgpath" | tr -d '[:space:]')
|
|
server_ssh_cfg="$cfgpath"/ssh_config # TODO validate
|
|
|
|
source "$cfgpath/config.rc"
|
|
|
|
idle_timeout="${IDLE_TIMEOUT:-10min}"
|
|
listen_address="${LISTEN_ADDRESS:?LISTEN_ADDRESS should be set}"
|
|
|
|
cat >"$opdir/diyvpnssh-$name.service" <<-EOF
|
|
[Unit]
|
|
Description=ssh to $name
|
|
StopWhenUnneeded=yes
|
|
|
|
[Service]
|
|
Type=notify
|
|
NotifyAccess=all
|
|
|
|
# TODO change to yes?
|
|
Restart=no
|
|
RuntimeDirectory=diyvpn-$name
|
|
Environment=SSH_CFG_PATH=$server_ssh_cfg
|
|
ExecStart=ssh -F "$common_ssh_cfg_path" default
|
|
EOF
|
|
|
|
cat >"$opdir/diyvpnact-$name.service" <<-EOF
|
|
[Unit]
|
|
Description=Socket activator for diyvpn to server $name
|
|
Requires=diyvpnssh-$name.service
|
|
After=diyvpnssh-$name.service
|
|
BindsTo=diyvpnssh-$name.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/lib/systemd/systemd-socket-proxyd --exit-idle-time=$idle_timeout %t/diyvpn-$name/sock
|
|
EOF
|
|
|
|
cat >"$opdir/diyvpnact-$name.socket" <<-EOF
|
|
[Unit]
|
|
Description=Socket for diyvpn to server $name
|
|
|
|
[Socket]
|
|
ListenStream=$listen_address
|
|
|
|
[Install]
|
|
WantedBy=sockets.target
|
|
EOF
|
|
|
|
mkdir -p "$opdir/sockets.target.wants"
|
|
ln -snf "../diyvpnact-$name.socket" "$opdir/sockets.target.wants"
|
|
}
|
|
|
|
for server in "$diyvpn_cfg"/*; do
|
|
if [[ -d "$server" ]]; then
|
|
(generate "$server" "$opdir")
|
|
else
|
|
echo "Ignoring $server. Not a directory."
|
|
fi
|
|
done
|