##### PARAMS include Makefile.conf ##### TOOLS OPENSSL=openssl TAR=tar GZIP=gzip ###### DIRS KEYSDIR = ./keys CFGDIR = ./configs TMPDIR = ./tmp ###### FILES hosts_keys_pub=$(foreach net,$(nets), \ $(foreach host,$(net_$(net)_hosts), \ $(KEYSDIR)/$(net)/$(host).pub \ ) \ ) hosts_keys_priv=$(foreach net,$(nets), \ $(foreach host,$(net_$(net)_hosts), \ $(KEYSDIR)/$(net)/$(host).priv \ ) \ ) hosts_tgz=$(foreach net,$(nets), \ $(foreach host,$(net_$(net)_hosts), \ $(CFGDIR)/$(net)/$(host).tar.gz \ ) \ ) nets_hosts=$(foreach net,$(nets), \ $(foreach host,$(net_$(net)_hosts), \ $(TMPDIR)/hosts/$(net)/$(host) \ ) \ ) .PHONY: all directories misc hosts_keys hosts_tgz clean cleanall cleantmp cleancfg cleankeys ### ALL ### all: directories hosts_tgz ### CLEAN ### clean: cleantmp cleancfg cleanall: clean cleankeys cleantmp: -rm -rv $(TMPDIR) cleancfg: -rm -rv $(CFGDIR) cleankeys: -rm -rv $(KEYSDIR) ### DIRECTORIES ### directories: $(TMPDIR) $(KEYSDIR) $(CFGDIR) $(TMPDIR) $(KEYSDIR) $(CFGDIR): mkdir -p $@ ### MISC ### misc: true ### KEYS hosts_keys: $(hosts_keys_pub) $(hosts_keys_priv) $(KEYSDIR)/%.pem: mkdir -p $(@D) $(OPENSSL) genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -out $@ $(KEYSDIR)/%.pub: $(KEYSDIR)/%.pem $(OPENSSL) rsa -in $(KEYSDIR)/$*.pem -RSAPublicKey_out > $@ $(KEYSDIR)/%.priv: $(KEYSDIR)/%.pem $(OPENSSL) rsa -in $(KEYSDIR)/$*.pem -text | sed -ne '/-----BEGIN RSA PRIVATE KEY-----/,/-----END RSA PRIVATE KEY-----/p' > $@ ### NETS HOSTS nets_hosts: hosts_keys $(nets_hosts) $(TMPDIR)/hosts/%: net=$(firstword $(subst /, ,$*)) $(TMPDIR)/hosts/%: host=$(@F) $(TMPDIR)/hosts/%: pubkey=$(KEYSDIR)/$(net)/$(host).pub $(TMPDIR)/hosts/%: pubaddr=$(net_$(net)_$(host)_public_address) $(TMPDIR)/hosts/%: pubport=$(net_$(net)_$(host)_public_port) $(TMPDIR)/hosts/%: subnets=$(net_$(net)_$(host)_local_subnets) $(TMPDIR)/hosts/%: @echo hostconf net: $(net) @echo hostconf host: $(host) @echo hostconf pubkey: $(pubkey) @mkdir -p $(@D) @echo Generating $@ for $(*F) @ # Add Hostname if [ -n "$(pubaddr)" ]; then echo "Address=$(pubaddr)" >> $@ ; fi # Add Port if [ -n "$(pubport)" ]; then echo "Port=$(pubport)" >> $@ ; fi # Add Subnets for subnet in $(subnets); do echo Subnet=$$subnet ; done >> $@ echo "" >> $@ # Add pubic key cat $(pubkey) >> $@ ### TINC.CONF $(TMPDIR)/tinc.conf/%: net=$(firstword $(subst /, ,$*)) $(TMPDIR)/tinc.conf/%: host=$(@F) $(TMPDIR)/tinc.conf/%: @echo tinc.conf net: $(net) @echo tinc.conf host: $(host) @mkdir -p $(@D) @echo Generating $@ for $(*F) # Add Hostname echo "Name=$(*F)" > $@ # Add ConnectTo for peer in $(net_$(net)_hosts); do if [ "$$peer" != $(host) ]; then echo ConnectTo=$$peer ; fi; done >> $@ echo "" >> $@ ### TINC-UP $(TMPDIR)/tinc-up/%: net=$(firstword $(subst /, ,$*)) $(TMPDIR)/tinc-up/%: host=$(@F) $(TMPDIR)/tinc-up/%: localaddr=$(net_$(net)_$(host)_local_address) $(TMPDIR)/tinc-up/%: @echo tinc-up net: $(net) @echo tinc-up host: $(host) @mkdir -p $(@D) @echo Generating $@ for $(*F) sed -e 's|^ADDRESS=$$|ADDRESS=$(localaddr)|' scripts/tinc-up > $@ ### CONFIG ARCHIVES hosts_tgz: hosts_keys $(hosts_tgz) .SECONDEXPANSION: $(CFGDIR)/%.tar.gz: net=$(firstword $(subst /, ,$*)) $(CFGDIR)/%.tar.gz: host=$(basename $(basename $(@F))) $(CFGDIR)/%.tar.gz: $(TMPDIR)/tinc.conf/% $(TMPDIR)/tinc-up/% $(nets_hosts) @echo Generating $@ for $(net) - $(host) @echo hosts_tgz net: $(net) @echo hosts_tgz host: $(host) @mkdir -p $(@D) $(TAR) --append --file $(basename $@) --directory=$(KEYSDIR)/ --transform='s|$(host).priv|rsa_key.priv|' --mode=0600 $(net)/$(host).priv $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/hosts --transform='s|^$(net)|$(net)/hosts|' $(net) $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/tinc.conf/$(net) --transform='s|$(host)|$(net)/tinc.conf|' $(host) # $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 tinc-up $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 tinc-down $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 subnet-up $(TAR) --append --file $(basename $@) --directory=./scripts --transform='s|^|$(net)/|' --mode=0755 subnet-down $(TAR) --append --file $(basename $@) --directory=$(TMPDIR)/tinc-up/$(net) --transform='s|$(host)|$(net)/tinc-up|' --mode=0755 $(host) $(GZIP) $(basename $@)