SIMPLE TINC template example
md at rpzdesign.com
md at rpzdesign.com
Mon Jan 12 15:40:31 CET 2015
Here is some examples of using templates for TINC configurations and
settings:
In your startup script, BEFORE starting TINC VPN, put a number of
entries to configure your VPN:
sh ./templatewriter.sh LAN LOSI101 8540 255.255.255.0 0.0.0.0 10.99.0.11
10.98.0.11 ConnectTo=LOSI102 ConnectTo= ConnectTo=
**PUT MORE ENTRIES HERE FOR MORE COMPLEX VPN setups
######Templatewriter.sh
#!/bin/bash
SDIR=$1
NODENAME=$2
PORT=$3
MASK=$4
LISTIP=$5
OPNIP=$6
VPNIP=$7
CONN1=$8
CONN2=$9
CONN3=${10}
#READING IN THE RSA AND 25519 KEYS CAUSES ALL SORTS OF HEADACHES WITH SED
#JUST KEEP THEM IN THE TEMPLATES AS IS
#RSAKEY=$(cat "/tinc/rsa_key.pub")
#ED25519KEY=$(cat "/tinc/ed25519_key.pub")
echo "-------------TEMPLATE WRITER VARIABLES-----------"
echo "DIR: ${SDIR}"
echo "NODENAME: ${NODENAME}"
echo "PORT: ${PORT}"
echo "MASK: ${MASK}"
echo "LISTIP: ${LISTIP}"
echo "OPNIP: ${OPNIP}"
echo "VPNIP: ${VPNIP}"
echo "CONN1: ${CONN1}"
echo "CONN2: ${CONN2}"
echo "CONN3: ${CONN3}"
mkdir /tinc/$SDIR
mkdir /tinc/$SDIR/hosts
cp -f /tinc/TEMPLATE/TINC-HOST.template /tinc/$SDIR/hosts/$NODENAME
cp -f /tinc/TEMPLATE/TINC-CONF.template /tinc/$SDIR/tinc.conf
cp -f /tinc/TEMPLATE/TINC-UP.template /tinc/$SDIR/tinc-up
#BIG FAILURES IN SED
#sed -i "s/VARRSAKEY/${RSAKEY}/g" /tinc/LAN/hosts/$NODENAME
#sed -i "s/VARSED25519KEY/${ED25519KEY}/g" /tinc/LAN/hosts/$NODENAME
sed -i "s/VAROPNIP/${OPNIP}/g" /tinc/$SDIR/hosts/$NODENAME
sed -i "s/VARVPNIP/${VPNIP}/g" /tinc/$SDIR/hosts/$NODENAME
sed -i "s/VARPORT/${PORT}/g" /tinc/$SDIR/hosts/$NODENAME
sed -i "s/VARNODENAME/${NODENAME}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARLISTIP/${LISTIP}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARPORT/${PORT}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN1/${CONN1}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN2/${CONN2}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARCONN3/${CONN3}/g" /tinc/$SDIR/tinc.conf
sed -i "s/VARVPNIP/${VPNIP}/g" /tinc/$SDIR/tinc-up
sed -i "s/VARMASK/${MASK}/g" /tinc/$SDIR/tinc-up
echo "-------------FINISHED WRITING TEMPLATE-----------"
######TINC-HOST.template
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA5Q6KOm16qYDJWSJKUkzK2L+othlwC8Sw5X6yO2AS1QWLwMyZLNoC
gj/USP4whil1UE9MxwGowkfeDA2vTy8vPTSVg+9h5SrcvG1Yb7Tck21HzmJuZwPv
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
DdaY0S17gFUVkurzRFX0Fmsd5OANFelpOe4Sy0KIZKD2W3/GV0KLS27d/4aktVYe
CI2oSLykQwr5l+m+uvxaJxsOOEQOOXGH9w+MAkqfa+d7AO0x72zlLK6P3yFOfCoT
Ik4hb7qHZOkzIjZV4lK06CTfk1nKA1ghcwIDAQAB
-----END RSA PUBLIC KEY-----
Ed25519PublicKey = wSkAtVALhv/PcPzD43PjiDBsMVXXXXXXXXXXXXXXXXX
Address = VAROPNIP
Subnet = VARVPNIP
Port = VARPORT
######TINC-CONF.template
Name=VARNODENAME
ListenAddress=VARLISTIP VARPORT
VARCONN1
VARCONN2
VARCONN3
AddressFamily = ipv4
Broadcast = no
Forwarding = internal
Hostnames = no
ExperimentalProtocol = yes
Device = /dev/net/tun
Ed25519APrivateKeyFile=/tinc/Ed25519_key.priv
PrivateKeyFile=/tinc/rsa_key.priv
######TINC-UP.template
#!/bin/sh
ifconfig $INTERFACE VARVPNIP netmask VARMASK
***************************************
Now your only configuration file is your STARTUP SCRIPT! Yeah, a single
file to manage and its fully parameterized.
Of course, you can modify the scripts to support greater complexity, but
you should get the idea!!!
Hope these EASY scripts make your life easier in setup and maintenance.
md
More information about the tinc
mailing list