lixonet-ee/build.sh

#!/bin/ash

# https://stackoverflow.com/questions/3474526/stop-on-first-error
# http://web.archive.org/web/20110314180918/http://www.davidpashley.com/articles/writing-robust-shell-scripts.html
set +e

process_template ( ) {
    processed_filename=$(dirname $1)/$(basename $1 .tmpl)
    echo "Processing template $1 -> $processed_filename"
	set -e
    sh -c "sigil -f $1 -p $2 > $processed_filename"
	set +e
    rm $1
}

function join_by { local IFS="$1"; shift; echo "$*"; }

process_templates ( ) {
for template_filename in `find $1 -type f -name '*.tmpl'`
do
    process_template $template_filename "$2"
done
}

topdir=`pwd`

for dir in `find /etc/lixonet/* -type d -maxdepth 0`
do
    export dir=${dir%*/}      # remove the trailing "/"
    export netname=${dir##*/}    # print everything after the final "/"
    export config_out="/etc/lixonet/${netname}/.config"

    # Load relevant environment variables from lixonet.conf
    unset git
    source $dir/lixonet.conf
    if [ -z "$git" ]; then echo "Missing 'git' variable in $dir/lixonet.conf"; exit 1; fi
    sigil_vars=$(cat /etc/lixonet/${netname}/lixonet.conf | tr "\\n" " ")
    sigil_vars=$(echo "$sigil_vars netname=$netname")

    # Parse subnets into a collection of IP reverse zones
    root_reverse_zones=$(echo '${network_address}/${global_prefix:-16}' | sigil -p $sigil_vars | xargs -I '{}' netcalc split {} 24 | sed 's/.0\/24$//' | awk 'BEGIN{FS="."}{print $3"."$2"."$1".in-addr.arpa"}' | sed -e ':a;N;$!ba;s/\n/,/g')
    sigil_vars=$(echo "$sigil_vars root_reverse_zones=$root_reverse_zones")
    local_reverse_zones=$(echo "$bgp_routes" | tr "," "\n" | xargs -I '{}' netcalc split {} 24 | sed 's/.0\/24$//' | awk 'BEGIN{FS="."}{print $3"."$2"."$1".in-addr.arpa"}' | sed -e ':a;N;$!ba;s/\n/,/g')
    sigil_vars=$(echo "$sigil_vars local_reverse_zones=$local_reverse_zones")

    echo "Configuring Lixonet3 network $netname from $git..."
    echo "Variables: $sigil_vars"

    # Clone and copy the repository
    rm -rfv "$(basename "$git" .git)"
    rsa_filename="/etc/lixonet/${netname}/id_rsa"
    if [ ! -f $rsa_filename ]; then rsa_filename="/etc/lixonet/id_rsa"; fi
    echo "Using SSH key: $rsa_filename"
    GIT_SSH_COMMAND="ssh -i $rsa_filename -o IdentitiesOnly=yes" git clone $git || { echo "clone $git failed, quitting" ; exit 1; }
    
    # Clone any add-ons
    for addon_git in `echo "$addons" | tr "," "\n"`
    do
    	rm -rfv "$(basename "$addon_git" .git)"     	
	rsa_filename="/etc/lixonet/${netname}/$(basename "$addon_git" .git).key"
	if [ ! -f $rsa_filename ]; then rsa_filename="/etc/lixonet/${netname}/id_rsa"; fi
    	echo "Using SSH key: $rsa_filename"
	GIT_SSH_COMMAND="ssh -i $rsa_filename -o IdentitiesOnly=yes" git clone $addon_git || { echo "clone addon $addon_git failed, quitting" ; exit 1; }
    done
    
    echo "Creating work directory..."
    rm -rfv work
    mkdir --verbose work
    cp -rv "$(basename "$git" .git)"/* work/
    for addon_git in `echo "$addons" | tr "," "\n"`
    do
    	cp -rv "$(basename "$addon_git" .git)"/* work/
    done
    
    cd work

    # Copy default files
    mkdir --verbose tinc; cp -rv ../tinc/* tinc/
    mkdir --verbose bird; cp -rv ../bird/* bird/
    mkdir --verbose bind; cp -rv ../bind/* bind/
    if [ "${wg_enabled:-0}" -eq "1" ]; then
	mkdir --verbose wireguard; cp -rv ../wireguard/* wireguard/
    fi
    if [ "${ddns_enabled:-0}" -eq "1" ]; then
	mkdir --verbose ddns; cp -rv ../ddns/* ddns/
    fi
    
    # Copy system-local custom files (if they even exist)
    cp -rv $dir/tinc/* tinc/
    cp -rv $dir/bird/* bird/
    cp -rv $dir/bind/* bind/
    if [ "${wg_enabled:-0}" -eq "1" ]; then
	cp -rv $dir/wireguard/* wireguard/
    fi
    if [ "${ddns:-0}" -eq "1" ]; then
	cp -rv $dir/ddns/* ddns/
    fi
    
    # Tinc
    #  Remove existing configuration
    rm -v -rf $config_out/tinc/*
    #  Copy all tinc default files to /etc/(tinc)
    find tinc -type d | xargs -I '{}' mkdir --verbose -p $config_out/{}
    find tinc -type f | sed -e "s@tinc/@@g" | xargs -I '{}' cp --verbose tinc/{} $config_out/tinc/{}
    #  Build list of all peer IP addresses
    tinc_peers=$(cat $config_out/tinc/hosts/* | grep 'Subnet' | grep '/32' | grep -oE '((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])' | sed -e ':a;N;$!ba;s/\n/,/g')
    sigil_vars=$(echo "$sigil_vars tinc_peers=$tinc_peers")
    #  Copy private key
    cp -v /etc/lixonet/$netname/tinc.key $config_out/tinc/rsa_key.priv
   
    # Bird
    #  Remove existing configuration
    rm -v -rf $config_out/bird/*
    #  Copy all bird default files to /etc/(bird)
    find bird -type d | xargs -I '{}' mkdir --verbose -p $config_out/{}
    find bird -type f | sed -e "s@bird/@@g" | xargs -I '{}' cp --verbose bird/{} $config_out/bird/{}

    # BIND
    #  Remove existing configuration
    rm -v -rf $config_out/bind/*
    #  Copy all bind default files to /etc/(bind)
    find bind -type d | xargs -I '{}' mkdir --verbose -p $config_out/{}
    find bind -type f | sed -e "s@bind/@@g" | xargs -I '{}' cp --verbose bind/{} $config_out/bind/{}
	
    # Wireguard
    if [ "${wg_enabled:-0}" -eq "1" ]; then
	#  Remove existing configuration
	rm -v -rf $config_out/wireguard/*
	#  Copy all wireguard default files to /etc/(wireguard)
	find wireguard -type d | xargs -I '{}' mkdir --verbose -p $config_out/{}
	find wireguard -type f | sed -e "s@wireguard/@@g" | xargs -I '{}' cp --verbose wireguard/{} $config_out/wireguard/{}
    fi
    
    # Docker
    #  Copy templates and dependencies to directory
    mkdir docker/
    cp -rv ../docker/* docker/
    if [ "${wg_enabled:-0}" -eq "1" ]; then
	cp -v docker/services.opt/wireguard docker/services/wireguard
	cp -v docker/services.opt/wireguard_router docker/services/wireguard_router
    fi
    if [ "${ddns_enabled:-0}" -eq "1" ]; then
	cp -v docker/services.opt/ddns docker/services/ddns
    fi
    
    for addon_git in `echo "$addons" | tr "," "\n"`
    do
    	echo "Running addon script for $(basename "$addon_git" .git)..."
    	chmod +x "$(basename "$addon_git" .git).sh" && "./$(basename "$addon_git" .git).sh"
    done
    
    # Process templates
    echo "Processing configuration templates..."
    process_templates "$config_out/" "$sigil_vars"
    echo "Setting any processed shell scripts as executable..."
    find $config_out -type f -name "*.sh" | xargs -I '{}' chmod -v +x {}
    chmod -v +x $config_out/tinc/tinc-up $config_out/tinc/tinc-down $config_out/tinc/subnet-up $config_out/tinc/subnet-down $config_out/tinc/host-up $config_out/tinc/host-down $config_out/tinc/check-node
	
    cp -rv $dir/docker/* docker/
    cp -v ./../docker-compose.yml.tmpl .
    cp -v ../Dockerfile.* .
    echo "Processing Docker templates..."
    process_templates "." "$sigil_vars"

    echo $sigil_vars | tr ' ' '\n' > .env
    cat docker-compose.yml
	
    set -e
    docker-compose -p $netname down
    docker-compose -p $netname up -d --build --remove-orphans
    set +e
	
    rm -v .env

    # Pop directory
    cd $topdir
done