SIMPLE TINC template example

md at rpzdesign.com md at rpzdesign.com
Mon Jan 12 15:40:31 CET 2015


Here is some examples of using templates for TINC configurations and 
settings:

In your startup script, BEFORE starting TINC VPN, put a number of 
entries to configure your VPN:

sh ./templatewriter.sh LAN LOSI101 8540 255.255.255.0 0.0.0.0 10.99.0.11 
10.98.0.11 ConnectTo=LOSI102 ConnectTo= ConnectTo=

**PUT MORE ENTRIES HERE FOR MORE COMPLEX VPN setups

######Templatewriter.sh
#!/bin/bash

SDIR=$1
NODENAME=$2
PORT=$3
MASK=$4
LISTIP=$5
OPNIP=$6
VPNIP=$7
CONN1=$8
CONN2=$9
CONN3=${10}

#READING IN THE RSA AND 25519 KEYS CAUSES ALL SORTS OF HEADACHES WITH SED
#JUST KEEP THEM IN THE TEMPLATES AS IS
#RSAKEY=$(cat "/tinc/rsa_key.pub")
#ED25519KEY=$(cat "/tinc/ed25519_key.pub")

echo "-------------TEMPLATE WRITER VARIABLES-----------"
echo "DIR: ${SDIR}"
echo "NODENAME: ${NODENAME}"
echo "PORT: ${PORT}"
echo "MASK: ${MASK}"
echo "LISTIP: ${LISTIP}"
echo "OPNIP: ${OPNIP}"
echo "VPNIP: ${VPNIP}"
echo "CONN1: ${CONN1}"
echo "CONN2: ${CONN2}"
echo "CONN3: ${CONN3}"

mkdir /tinc/$SDIR
mkdir /tinc/$SDIR/hosts

cp -f /tinc/TEMPLATE/TINC-HOST.template /tinc/$SDIR/hosts/$NODENAME
cp -f /tinc/TEMPLATE/TINC-CONF.template /tinc/$SDIR/tinc.conf
cp -f /tinc/TEMPLATE/TINC-UP.template /tinc/$SDIR/tinc-up

#BIG FAILURES IN SED
#sed -i "s/VARRSAKEY/${RSAKEY}/g" /tinc/LAN/hosts/$NODENAME
#sed -i "s/VARSED25519KEY/${ED25519KEY}/g" /tinc/LAN/hosts/$NODENAME

sed -i "s/VAROPNIP/${OPNIP}/g" /tinc/$SDIR/hosts/$NODENAME
sed -i "s/VARVPNIP/${VPNIP}/g" /tinc/$SDIR/hosts/$NODENAME
sed -i "s/VARPORT/${PORT}/g" /tinc/$SDIR/hosts/$NODENAME


sed -i "s/VARNODENAME/${NODENAME}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARLISTIP/${LISTIP}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARPORT/${PORT}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN1/${CONN1}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN2/${CONN2}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN3/${CONN3}/g" /tinc/$SDIR/tinc.conf

sed -i "s/VARVPNIP/${VPNIP}/g" /tinc/$SDIR/tinc-up
sed -i "s/VARMASK/${MASK}/g" /tinc/$SDIR/tinc-up

echo "-------------FINISHED WRITING TEMPLATE-----------"

######TINC-HOST.template
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA5Q6KOm16qYDJWSJKUkzK2L+othlwC8Sw5X6yO2AS1QWLwMyZLNoC
gj/USP4whil1UE9MxwGowkfeDA2vTy8vPTSVg+9h5SrcvG1Yb7Tck21HzmJuZwPv
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
DdaY0S17gFUVkurzRFX0Fmsd5OANFelpOe4Sy0KIZKD2W3/GV0KLS27d/4aktVYe
CI2oSLykQwr5l+m+uvxaJxsOOEQOOXGH9w+MAkqfa+d7AO0x72zlLK6P3yFOfCoT
Ik4hb7qHZOkzIjZV4lK06CTfk1nKA1ghcwIDAQAB
-----END RSA PUBLIC KEY-----
Ed25519PublicKey = wSkAtVALhv/PcPzD43PjiDBsMVXXXXXXXXXXXXXXXXX
Address = VAROPNIP
Subnet = VARVPNIP
Port = VARPORT

######TINC-CONF.template
Name=VARNODENAME
ListenAddress=VARLISTIP VARPORT
VARCONN1
VARCONN2
VARCONN3
AddressFamily = ipv4
Broadcast = no
Forwarding = internal
Hostnames = no
ExperimentalProtocol = yes
Device = /dev/net/tun
Ed25519APrivateKeyFile=/tinc/Ed25519_key.priv
PrivateKeyFile=/tinc/rsa_key.priv

######TINC-UP.template
#!/bin/sh
ifconfig $INTERFACE VARVPNIP netmask VARMASK

***************************************

Now your only configuration file is your STARTUP SCRIPT!  Yeah, a single 
file to manage and its fully parameterized.

Of course, you can modify the scripts to support greater complexity, but 
you should get the idea!!!

Hope these EASY scripts make your life easier in setup and maintenance.

md


More information about the tinc mailing list