diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..9f46766 --- /dev/null +++ b/Makefile @@ -0,0 +1,169 @@ +##### PARAMS + +include Makefile.conf + +##### TOOLS + +OPENSSL=openssl + +TAR=tar +GZIP=gzip + +###### DIRS + +KEYSDIR = ./keys +CFGDIR = ./configs +TMPDIR = ./tmp + +###### FILES + +hosts_keys_pub=$(foreach net,$(nets), \ + $(foreach host,$(net_$(net)_hosts), \ + $(KEYSDIR)/$(net)/$(host).pub \ + ) \ + ) + +hosts_keys_priv=$(foreach net,$(nets), \ + $(foreach host,$(net_$(net)_hosts), \ + $(KEYSDIR)/$(net)/$(host).priv \ + ) \ + ) + +hosts_tgz=$(foreach net,$(nets), \ + $(foreach host,$(net_$(net)_hosts), \ + $(CFGDIR)/$(net)/$(host).tar.gz \ + ) \ + ) + +nets_hosts=$(foreach net,$(nets), \ + $(foreach host,$(net_$(net)_hosts), \ + $(TMPDIR)/hosts/$(net)/$(host) \ + ) \ + ) + +.PHONY: all directories misc hosts_keys hosts_tgz clean cleanall cleantmp cleancfg cleankeys + +### ALL ### + +all: directories hosts_tgz + +### CLEAN ### + +clean: cleantmp cleancfg +cleanall: clean cleankeys + +cleantmp: + -rm -rv $(TMPDIR) + +cleancfg: + -rm -rv $(CFGDIR) + +cleankeys: + -rm -rv $(KEYSDIR) + +### DIRECTORIES ### + +directories: $(TMPDIR) $(KEYSDIR) $(CFGDIR) + +$(TMPDIR) $(KEYSDIR) $(CFGDIR): + mkdir -p $@ + +### MISC ### + +misc: + true + +### KEYS + +hosts_keys: $(hosts_keys_pub) $(hosts_keys_priv) + +$(KEYSDIR)/%.pem: + mkdir -p $(@D) + $(OPENSSL) genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out $@ + +$(KEYSDIR)/%.pub: $(KEYSDIR)/%.pem + $(OPENSSL) rsa -in $(KEYSDIR)/$*.pem -RSAPublicKey_out > $@ + +$(KEYSDIR)/%.priv: $(KEYSDIR)/%.pem + $(OPENSSL) rsa -in $(KEYSDIR)/$*.pem -text | sed -ne '/-----BEGIN RSA PRIVATE KEY-----/,/-----END RSA PRIVATE KEY-----/p' > $@ + +### NETS HOSTS + +nets_hosts: hosts_keys $(nets_hosts) + +$(TMPDIR)/hosts/%: net=$(firstword $(subst /, ,$*)) +$(TMPDIR)/hosts/%: host=$(@F) +$(TMPDIR)/hosts/%: pubkey=$(KEYSDIR)/$(net)/$(host).pub +$(TMPDIR)/hosts/%: pubaddr=$(net_$(net)_$(host)_public_address) +$(TMPDIR)/hosts/%: pubport=$(net_$(net)_$(host)_public_port) +$(TMPDIR)/hosts/%: subnets=$(net_$(net)_$(host)_local_subnets) + +$(TMPDIR)/hosts/%: + @echo hostconf net: $(net) + @echo hostconf host: $(host) + @echo hostconf pubkey: $(pubkey) + @mkdir -p $(@D) + @echo Generating $@ for $(*F) + @ + # Add Hostname + if [ -n "$(pubaddr)" ]; then echo "Address=$(pubaddr)" >> $@ ; fi + # Add Port + if [ -n "$(pubport)" ]; then echo "Port=$(pubport)" >> $@ ; fi + # Add Subnets + for subnet in $(subnets); do echo Subnet=$$subnet ; done >> $@ + echo "" >> $@ + # Add pubic key + cat $(pubkey) >> $@ + +### TINC.CONF + +$(TMPDIR)/tinc.conf/%: net=$(firstword $(subst /, ,$*)) +$(TMPDIR)/tinc.conf/%: host=$(@F) +$(TMPDIR)/tinc.conf/%: + @echo tinc.conf net: $(net) + @echo tinc.conf host: $(host) + @mkdir -p $(@D) + @echo Generating $@ for $(*F) + # Add Hostname + echo "Name=$(*F)" > $@ + # Add ConnectTo + for peer in $(net_$(net)_hosts); do if [ "$$peer" != $(host) ]; then echo ConnectTo=$$peer ; fi; done >> $@ + echo "" >> $@ + +### TINC-UP + +$(TMPDIR)/tinc-up/%: net=$(firstword $(subst /, ,$*)) +$(TMPDIR)/tinc-up/%: host=$(@F) +$(TMPDIR)/tinc-up/%: localaddr=$(net_$(net)_$(host)_local_address) +$(TMPDIR)/tinc-up/%: + @echo tinc-up net: $(net) + @echo tinc-up host: $(host) + @mkdir -p $(@D) + @echo Generating $@ for $(*F) + sed -e 's|^ADDRESS=$$|ADDRESS=$(localaddr)|' scripts/tinc-up > $@ + +### CONFIG ARCHIVES + +hosts_tgz: hosts_keys $(hosts_tgz) + +.SECONDEXPANSION: +$(CFGDIR)/%.tar.gz: net=$(firstword $(subst /, ,$*)) +$(CFGDIR)/%.tar.gz: host=$(basename $(basename $(@F))) +$(CFGDIR)/%.tar.gz: $(TMPDIR)/tinc.conf/% $(TMPDIR)/tinc-up/% $(nets_hosts) + @echo Generating $@ for $(net) - $(host) + @echo hosts_tgz net: $(net) + @echo hosts_tgz host: $(host) + @mkdir -p $(@D) + $(TAR) --append --file $(basename $@) --directory=$(KEYSDIR)/ --transform='s|$(host).priv|rsa_key.priv|' --mode=0600 $(net)/$(host).priv + + $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/hosts --transform='s|^$(net)|$(net)/hosts|' $(net) + + $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/tinc.conf/$(net) --transform='s|$(host)|$(net)/tinc.conf|' $(host) + +# $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 tinc-up + $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 tinc-down + $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 subnet-up + $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 subnet-down + $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/tinc-up/$(net) --transform='s|$(host)|$(net)/tinc-up|' --mode=0755 $(host) + + $(GZIP) $(basename $@)