3 let fs = require("fs");
5 let script_dir = sourcepath(0, true);
6 if (fs.basename(script_dir) == "scripts") {
7 unet_tool = fs.dirname(script_dir) + "/unet-tool";
8 if (!fs.access(unet_tool, "x")) {
9 warn("unet-tool missing\n");
13 unet_tool = "unet-tool";
25 warn("Usage: ",fs.basename(sourcepath())," [<flags>] <file> <command> [<args>] [<option>=<value> ...]\n",
28 " - create: Create a new network file\n",
29 " - set-config: Change network config parameters\n",
30 " - add-host <name>: Add a host\n",
31 " - add-ssh-host <name> <host>: Add a remote OpenWrt host via SSH\n",
32 " (<host> can contain SSH options as well)\n",
33 " - set-host <name>: Change host settings\n",
34 " - set-ssh-host <name> <host>: Update local and remote host settings\n",
35 " - add-service <name>: Add a service\n",
36 " - set-service <name>: Change service settings\n",
37 " - sign Sign network data\n",
40 " -p: Print modified JSON instead of updating file\n",
43 " - config options (create, set-config):\n",
44 " port=<val> set tunnel port (default: ", defaults.port, ")\n",
45 " pex_port=<val> set peer-exchange port (default: ", defaults.pex_port, ")\n",
46 " keepalive=<val> set keepalive interval (seconds, 0: off, default: ", defaults.keepalive,")\n",
47 " host options (add-host, add-ssh-host, set-host):\n",
48 " key=<val> set host public key (required for add-host)\n",
49 " port=<val> set host tunnel port number\n",
50 " groups=[+|-]<val>[,<val>...] set/add/remove groups that the host is a member of\n",
51 " ipaddr=[+|-]<val>[,<val>...] set/add/remove host ip addresses\n",
52 " subnet=[+|-]<val>[,<val>...] set/add/remove host announced subnets\n",
53 " endpoint=<val> set host endpoint address\n",
54 " ssh host options (add-ssh-host, set-ssh-host)\n",
55 " auth_key=<key> use <key> as public auth key on the remote host\n",
56 " priv_key=<key> use <key> as private host key on the remote host (default: generate a new key)\n",
57 " interface=<name> use <name> as interface in /etc/config/network on the remote host\n",
58 " domain=<name> use <name> as hosts file domain on the remote host (default: unet)\n",
59 " connect=<val>[,<val>...] set IP addresses that the host will contact for network updates\n",
60 " tunnels=<ifname>:<service>[,...] set active tunnel devices\n",
61 " service options (add-service, set-service):\n",
62 " type=<val> set service type (required for add-service)\n",
63 " members=[+|-]<val>[,<val>...] set/add/remove service member hosts/groups\n",
64 " vxlan service options (add-service, set-service):\n",
65 " id=<val> set VXLAN ID\n",
66 " port=<val> set VXLAN port\n",
67 " mtu=<val> set VXLAN device MTU\n",
68 " forward_ports=[+|-]<val>[,<val>...] set members allowed to receive broadcast/multicast/unknown-unicast\n",
70 " upload=<ip>[,<ip>...] upload signed file to hosts\n",
79 command = shift(ARGV);
82 int: function(object, name, val) {
83 object[name] = int(val);
85 string: function(object, name, val) {
88 array: function(object, name, val) {
89 let op = substr(val, 0, 1);
91 if (op == "+" || op == "-") {
99 let vals = split(val, ",");
101 object[name] = filter(object[name], function(v) {
105 push(object[name], val);
108 if (!length(object[name]))
113 service_field_types = {
118 forward_ports: "array",
130 if [ -n "$first" ]; then
135 uci $cmd "network.$INTERFACE.$field=$cur"
139 set_interface_attrs() {
140 [ -n "$AUTH_KEY" ] && uci set "network.$INTERFACE.auth_key=$AUTH_KEY"
141 set_list connect "$CONNECT"
142 set_list tunnels "$TUNNELS"
143 uci set "network.$INTERFACE.domain=$DOMAIN"
147 [ "$(uci -q get "network.$INTERFACE")" = "interface" -a "$(uci -q get "network.$INTERFACE.proto")" = "unet" ] && return 0
149 set network.$INTERFACE=interface
150 set network.$INTERFACE.proto=unet
151 set network.$INTERFACE.device=$INTERFACE
155 check_interface_key() {
156 key="$(uci -q get "network.$INTERFACE.key" | unet-tool -q -H -K -)"
158 uci set "network.$INTERFACE.key=$(unet-tool -G)"
159 key="$(uci get "network.$INTERFACE.key" | unet-tool -H -K -)"
175 function fetch_args() {
177 vals = match(arg, /^(.[[:alnum:]_-]*)=(.*)$/);
179 warn("Invalid argument: ", arg, "\n");
182 args[vals[1]] = vals[2]
186 function set_field(typename, object, name, val) {
187 if (!field_types[typename]) {
188 warn("Invalid type ", type, "\n");
192 if (type(val) != "string")
200 field_types[typename](object, name, val);
203 function set_fields(object, list) {
205 set_field(list[f], object, f, args[f]);
208 function set_host(name) {
209 let host = net_data.hosts[name];
221 function set_service(name) {
222 let service = net_data.services[name];
224 set_fields(service, {
229 if (service_field_types[service.type])
230 set_fields(service.config, service_field_types[service.type]);
233 function sync_ssh_host(host) {
234 let interface = args.interface ?? "unet";
235 let connect = replace(args.connect ?? "", ",", " ");
236 let auth_key = args.auth_key;
237 let tunnels = replace(replace(args.tunnels ?? "", ",", " "), ":", "=");
238 let domain = args.domain ?? "unet";
241 let fh = fs.mkstemp();
242 system(unet_tool + " -q -P -K " + file + ".key >&" + fh.fileno());
244 auth_key = fh.read("line");
246 auth_key = replace(auth_key, "\n", "");
247 if (auth_key == "") {
248 warn("Could not read auth key\n");
253 let fh = fs.mkstemp();
254 fh.write("INTERFACE='" + interface + "'\n");
255 fh.write("CONNECT='" + connect + "'\n");
256 fh.write("AUTH_KEY='" + auth_key + "'\n");
257 fh.write("TUNNELS='" + tunnels + "'\n");
258 fh.write("DOMAIN='" + domain + "'\n");
259 fh.write(ssh_script);
264 system(sprintf("ssh "+host+" sh <&%d >&%d", fh.fileno(), fh2.fileno()));
270 while (line = fh2.read("line")) {
271 let vals = match(line, /^(.[[:alnum:]_-]*)=(.*)\n$/);
273 warn("Invalid argument: ", arg, "\n");
276 data[vals[1]] = vals[2]
281 warn("Could not read host key from SSH host\n");
288 while (substr(ARGV[0], 0, 1) == "-") {
292 else if (opt == "-p")
298 if (command == "add-host" || command == "set-host" ||
299 command == "add-ssh-host" || command == "set-ssh-host") {
300 hostname = shift(ARGV);
302 warn("Missing host name argument\n");
307 if (command == "add-ssh-host" || command == "set-ssh-host") {
308 ssh_host = shift(ARGV);
310 warn("Missing SSH host/user argument\n");
315 if (command == "add-service" || command == "set-service") {
316 servicename = shift(ARGV);
318 warn("Missing service name argument\n");
325 if (command == "add-ssh-host" || command == "set-ssh-host") {
326 sync_ssh_host(ssh_host);
327 command = replace(command, "ssh-", "");
330 if (command == "create") {
339 warn("Could not open input file ", file, "\n");
345 warn("Could not parse input file ", file, "\n");
350 if (command == "create") {
351 for (key in keys(defaults))
352 args[key] ??= "" + defaults[key];
353 if (!fs.access(file + ".key"))
354 system(unet_tool + " -G > " + file + ".key");
357 if (command == "sign") {
358 ret = system(unet_tool + " -S -K " + file + ".key -o " + file + ".bin " + file);
363 hosts = split(args.upload, ",");
364 for (host in hosts) {
365 warn("Uploading " + file + ".bin to " + host + "\n");
366 ret = system(unet_tool + " -U " + host + " -K "+ file + ".key " + file + ".bin");
368 warn("Upload failed\n");
374 if (command == "create" || command == "set-config") {
375 set_fields(net_data.config, {
379 set_field("int", net_data.config, "peer-exchange-port", args.pex_port);
380 } else if (command == "add-host") {
381 net_data.hosts[hostname] = {};
383 warn("Missing host key\n");
387 } else if (command == "set-host") {
388 if (!net_data.hosts[hostname]) {
389 warn("Host '", hostname, "' does not exist\n");
393 } else if (command == "add-service") {
394 net_data.services[servicename] = {
399 warn("Missing service type\n");
402 set_service(servicename);
403 } else if (command == "set-service") {
404 if (!net_data.services[servicename]) {
405 warn("Service '", servicename, "' does not exist\n");
408 set_service(servicename);
410 warn("Unknown command\n");
414 net_data_json = sprintf("%.J\n", net_data);
416 print(net_data_json);
418 fs.writefile(file, net_data_json);