From 5dc35ec7add3cd630db7de7053f7036a2ec5e46a Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 16:33:33 +0200 Subject: [PATCH 1/8] Link updates --- install_iptables.sh | 40 +++++++++++++++++++++++++++++++--------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/install_iptables.sh b/install_iptables.sh index f3f851b..b1d1bb9 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -9,7 +9,7 @@ NO_COLOR='\033[0m' ST_PORT=80 -LINK="" +LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh" P_HA=true P_ST=true @@ -55,8 +55,8 @@ function validate_num() { } function validate_dest() { - echo "Validating host '$1' ... " - if ping -c 4; then + echo "Validating host '$2' ... " + if ping -c 4 2>/dev/null; then info "OK" true else @@ -93,17 +93,17 @@ check "sed" check "ping" false && { PING=true; } || { PING=false; } echo -n "Trying to find Home Assitant ... " -for PATH in "${HA_PATHS[@]}"; do +for _PATH in "${HA_PATHS[@]}"; do if [ -n "$HA_PATH" ]; then break fi - if [ -f "$PATH/.HA_VERSION" ]; then - HA_PATH="$PATH" + if [ -f "$_PATH/.HA_VERSION" ]; then + HA_PATH="$_PATH" fi done -#[ -z $HA_PATH ] && { error "Home Assistant not found!"; } +[ -z $HA_PATH ] && { error "Home Assistant not found!"; } info "found at $HA_PATH" while true; do @@ -128,8 +128,28 @@ while true; do done if $PING; then - validate_dest $HA_IP || { cont "Home Assistant host is unreachable."; P_HA=false; } - validate_dest $ST_IP || { cont "Station is unreachable."; P_ST=false; } + validate_dest $HA_IP || { + cont "Home Assistant host is unreachable." + P_HA=false + } + validate_dest $ST_IP || { + cont "Station is unreachable." + P_ST=false + } +fi + +echo -n "Downloading 'iptables_redirect.sh' ... " +wget -q -O - "$LINK" | sed -e "s/\[_STATION_IP_\]/$ST_IP/" \ + -e "s/\[_HA_\]/$HA_IP/" \ + -e "s/\[_SRC_PORT_\]/$ST_PORT/" \ + -e "s/\[_DST_PORT_\]/$HA_PORT/" >./iptables_redirect.sh + +EXIT_STATUS=$? +if [ $EXIT_STATUS -ne 0 ]; then + warn "wget exited with error: $EXIT_STATUS" + error "Could not download 'iptables_redirect.sh'." +else + info "iptables_redirect.sh downloaded succeffully." fi info "\nYour configuration:" @@ -146,3 +166,5 @@ if $PING; then else error " (not tested)" false fi + +/bin/bash ./iptables_redirect.sh From be93b490e05bf490e8e0943243d74e06605db244 Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 17:00:42 +0200 Subject: [PATCH 2/8] Minor tweaks. --- install_iptables.sh | 5 +++- iptables_redirect.sh | 59 ++++++++++++++++++++++---------------------- 2 files changed, 34 insertions(+), 30 deletions(-) diff --git a/install_iptables.sh b/install_iptables.sh index b1d1bb9..f57dc19 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -73,7 +73,10 @@ function cont() { read -n 1 YN YN=${YN:-N} case $YN in - [Yy]) return 0 ;; + [Yy]) + echo -e "\n" + return 0 + ;; [Nn]) error "\nExiting." ;; *) error "\nInvalid response.\n" false ;; esac diff --git a/iptables_redirect.sh b/iptables_redirect.sh index 3ad002d..fc7b298 100755 --- a/iptables_redirect.sh +++ b/iptables_redirect.sh @@ -8,7 +8,6 @@ # # Script pro přesměrování portu pro stanici SWS12500 - STATION_IP=[_STATION_IP_] HA=[_HA_] SRC_PORT=[_SRC_PORT_] @@ -22,21 +21,22 @@ GREEN_COLOR='\033[0;32m' GREEN_YELLOW='\033[1;33m' NO_COLOR='\033[0m' - -function info () { echo -e "${GREEN_COLOR}INFO: $1${NO_COLOR}";} -function warn () { echo -e "${GREEN_YELLOW}WARN: $1${NO_COLOR}";} -function error () { echo -e "${RED_COLOR}ERROR: $1${NO_COLOR}"; if [ "$2" != "false" ]; then exit 1;fi; } - -function check () { - echo -n "Checking dependencies: '$1' ... " - if [ -z "$(command -v "$1")" ]; then - error "not installed" $2 - return 1 - fi - info "OK." - return 0 +function info() { echo -e "${GREEN_COLOR}$1${NO_COLOR}"; } +function warn() { echo -e "${GREEN_YELLOW}$1${NO_COLOR}"; } +function error() { + echo -e "${RED_COLOR}$1${NO_COLOR}" + if [ "$2" != "false" ]; then exit 1; fi } +function check() { + echo -n "Checking dependencies: '$1' ... " + if [ -z "$(command -v "$1")" ]; then + error "not installed" $2 + return 1 + fi + info "OK." + return 0 +} echo echo "**************************************************************" @@ -54,22 +54,21 @@ INSTALL_IPTABLES=$? check "apk" false APK_MISSING=$? - if [ $APK_MISSING -eq 1 ] && [ $INSTALL_IPTABLES -eq 1 ]; then - error "Could not install and run iptables.\n'apk' installer is missing and 'iptables' are not installed.\n" + error "Could not install and run iptables.\n'apk' installer is missing and 'iptables' are not installed.\n" fi if [ $INSTALL_IPTABLES -eq 1 ] && [ $APK_MISSING -eq 0 ]; then - declare -a RUNINSTALL=(apk add iptables) - echo -n "Installing 'iptables' ... ${RUNINSTALL[@]} ... " - ${RUNINSTALL[@]} - EXIT_STATUS=$? - if [ $EXIT_STATUS -ne 0 ]; then - warn "apk error code: $EXIT_STATUS" - error "Installation of iptables failed!" - else - info "'iptables' installed successfully." - fi + declare -a RUNINSTALL=(apk add iptables) + echo -n "Installing 'iptables' ... ${RUNINSTALL[@]} ... " + ${RUNINSTALL[@]} + EXIT_STATUS=$? + if [ $EXIT_STATUS -ne 0 ]; then + warn "apk error code: $EXIT_STATUS" + error "Installation of iptables failed!" + else + info "'iptables' installed successfully." + fi fi declare -a RULE=(PREROUTING -t nat -s $STATION_IP -d $HA -p tcp -m tcp --dport $SRC_PORT -j REDIRECT --to-ports $DST_PORT) echo -n "Chceking for existing rule in iptables ... " @@ -77,13 +76,15 @@ $(iptables -C ${RULE[@]} 2>/dev/null) if [ $? -eq 0 ]; then warn "Rule is already present in PREROUTING chain." else + info "not found." echo -n "Inserting iptables rule to PREROUTING chain ... " $(iptables -I ${RULE[@]}) fi EXIT_STATUS=$? if [ $EXIT_STATUS -ne 0 ]; then - warn "iptables error code: ${EXIT_STATUS} " - error "Rule could not be added!" + warn "iptables error code: ${EXIT_STATUS} " + error "Rule could not be added!" fi -info "iptables are set to forward port $SRC_PORT -> $DST_PORT for station's IP: $STATION_IP" \ No newline at end of file +info "OK." +info "iptables are now set to redirect incomming connections from $STATION_IP:Any -> $HA:$SRC_PORT to $HA:$DST_PORT" From 3f1869e6a970976e5eb82072917f41cea1295e2a Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 17:30:54 +0200 Subject: [PATCH 3/8] Fixing typos a minor changes --- install_iptables.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install_iptables.sh b/install_iptables.sh index f57dc19..0f8f0a3 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -55,8 +55,8 @@ function validate_num() { } function validate_dest() { - echo "Validating host '$2' ... " - if ping -c 4 2>/dev/null; then + echo "Validating host '$1' ... " + if ping -c 2 $1 >/dev/null 2>&1; then info "OK" true else From d1b7986550a9ebfcd3d88180feb6b9228c642a49 Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 17:32:32 +0200 Subject: [PATCH 4/8] Minor changes. --- iptables_redirect.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/iptables_redirect.sh b/iptables_redirect.sh index fc7b298..6cf857b 100755 --- a/iptables_redirect.sh +++ b/iptables_redirect.sh @@ -84,7 +84,8 @@ EXIT_STATUS=$? if [ $EXIT_STATUS -ne 0 ]; then warn "iptables error code: ${EXIT_STATUS} " error "Rule could not be added!" +else + info "OK." fi -info "OK." info "iptables are now set to redirect incomming connections from $STATION_IP:Any -> $HA:$SRC_PORT to $HA:$DST_PORT" From cd60d224f4a34979ebe06fbddcf8b4deb650379d Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 17:40:57 +0200 Subject: [PATCH 5/8] Remove old files. Remove iptables_redirect.sh if exists to download new one. --- install_iptables.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install_iptables.sh b/install_iptables.sh index 0f8f0a3..2ba5acd 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -10,6 +10,7 @@ NO_COLOR='\033[0m' ST_PORT=80 LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh" +FILENAME="iptables_redirect.sh" P_HA=true P_ST=true @@ -55,7 +56,7 @@ function validate_num() { } function validate_dest() { - echo "Validating host '$1' ... " + echo -n "Validating host '$1' ... " if ping -c 2 $1 >/dev/null 2>&1; then info "OK" true @@ -106,6 +107,8 @@ for _PATH in "${HA_PATHS[@]}"; do fi done +rm -f "$FILENAME" + [ -z $HA_PATH ] && { error "Home Assistant not found!"; } info "found at $HA_PATH" From 6b4ce5f49f9d2a7aadbd250a99a8d76fe91e3349 Mon Sep 17 00:00:00 2001 From: schizza Date: Sun, 28 Apr 2024 17:57:18 +0200 Subject: [PATCH 6/8] Typo --- iptables_redirect.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/iptables_redirect.sh b/iptables_redirect.sh index 6cf857b..41b77ce 100755 --- a/iptables_redirect.sh +++ b/iptables_redirect.sh @@ -88,4 +88,4 @@ else info "OK." fi -info "iptables are now set to redirect incomming connections from $STATION_IP:Any -> $HA:$SRC_PORT to $HA:$DST_PORT" +info "iptables are now set to redirect incoming connections from $STATION_IP:Any -> $HA:$SRC_PORT to $HA:$DST_PORT" From 4f9ef266e0e3fae58c390e4ae7d5bbd09ee4f24a Mon Sep 17 00:00:00 2001 From: schizza Date: Tue, 30 Apr 2024 14:33:43 +0200 Subject: [PATCH 7/8] Add script directory --- install_iptables.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/install_iptables.sh b/install_iptables.sh index 2ba5acd..a168108 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -11,6 +11,7 @@ ST_PORT=80 LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh" FILENAME="iptables_redirect.sh" +SCRIPT_DIR="iptables_redirect/" P_HA=true P_ST=true @@ -107,6 +108,9 @@ for _PATH in "${HA_PATHS[@]}"; do fi done +COMPLETE_PATH="$HA_PATH/$SCRIPT_DIR" +FILENAME="$COMPLETE_PATH$FILENAME" + rm -f "$FILENAME" [ -z $HA_PATH ] && { error "Home Assistant not found!"; } From 6a9daa063dbbcfaeda67c13ef288a171fd2048cf Mon Sep 17 00:00:00 2001 From: schizza Date: Tue, 30 Apr 2024 17:06:08 +0200 Subject: [PATCH 8/8] SSH, yaml config, scripts gen. * Add SSH pair keys generation * configuration.yaml auto add shell_command * scripts to run shell_command properly --- .gitignore | 1 + install_iptables.sh | 108 +++++++++++++++++++++++++++++++++++++++----- 2 files changed, 97 insertions(+), 12 deletions(-) diff --git a/.gitignore b/.gitignore index dbce267..a8ab95b 100644 --- a/.gitignore +++ b/.gitignore @@ -160,3 +160,4 @@ cython_debug/ #.idea/ .DS_Store +HA diff --git a/install_iptables.sh b/install_iptables.sh index a168108..2a9343d 100644 --- a/install_iptables.sh +++ b/install_iptables.sh @@ -11,7 +11,7 @@ ST_PORT=80 LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh" FILENAME="iptables_redirect.sh" -SCRIPT_DIR="iptables_redirect/" +SCRIPT_DIR="iptables_redirect" P_HA=true P_ST=true @@ -23,6 +23,7 @@ declare -a HA_PATHS=( "/homeassistant" "$HOME/.homeassistant" "/usr/share/hassio/homeassistant" + "./HA" ) function info() { echo -e $2 "${GREEN_COLOR}$1${NO_COLOR}"; } @@ -67,6 +68,21 @@ function validate_dest() { fi } +function exit_status() { + # argv 1 - status + # 2 - called function + # 3 - error message + # 4 - success message + # 5 - exit on error bool + + if [ $1 -ne 0 ]; then + warn "$2 exited with error: $1" + error "$3" $5 + else + info "$4" + fi +} + function cont() { while true; do @@ -96,6 +112,7 @@ echo check "wget" check "sed" check "ping" false && { PING=true; } || { PING=false; } +check "ssh-keygen" false && { KEYGEN=true; } || { KEYGEN=false; } echo -n "Trying to find Home Assitant ... " for _PATH in "${HA_PATHS[@]}"; do @@ -109,13 +126,18 @@ for _PATH in "${HA_PATHS[@]}"; do done COMPLETE_PATH="$HA_PATH/$SCRIPT_DIR" -FILENAME="$COMPLETE_PATH$FILENAME" - -rm -f "$FILENAME" +FILENAME="$COMPLETE_PATH/$FILENAME" [ -z $HA_PATH ] && { error "Home Assistant not found!"; } info "found at $HA_PATH" +[ -d $COMPLETE_PATH ] && { + warn "Previous version of script exists ... removing directory ($COMPLETE_PATH)" + rm -r $COMPLETE_PATH +} + +mkdir -p $COMPLETE_PATH + while true; do read -r -p "Your station's IP: " ST_IP if validate_ip $ST_IP; then break; fi @@ -137,6 +159,9 @@ while true; do warn "Provide valid port number." done +read -r -p "SSH server username: " SSH_USER +read -r -p "SSH server port: " SSH_PORT + if $PING; then validate_dest $HA_IP || { cont "Home Assistant host is unreachable." @@ -152,16 +177,72 @@ echo -n "Downloading 'iptables_redirect.sh' ... " wget -q -O - "$LINK" | sed -e "s/\[_STATION_IP_\]/$ST_IP/" \ -e "s/\[_HA_\]/$HA_IP/" \ -e "s/\[_SRC_PORT_\]/$ST_PORT/" \ - -e "s/\[_DST_PORT_\]/$HA_PORT/" >./iptables_redirect.sh + -e "s/\[_DST_PORT_\]/$HA_PORT/" >$FILENAME -EXIT_STATUS=$? -if [ $EXIT_STATUS -ne 0 ]; then - warn "wget exited with error: $EXIT_STATUS" - error "Could not download 'iptables_redirect.sh'." -else - info "iptables_redirect.sh downloaded succeffully." +exit_status $? "wget" \ + "Could not download 'iptables_redirect.sh'." \ + "iptables_redirect.sh downloaded successffully." + +if $KEYGEN; then + echo -n "Generating ssh key-pairs ... " + mkdir -p "$COMPLETE_PATH/ssh" + ssh-keygen -t ecdsa -b 521 -N "" -f "$COMPLETE_PATH/ssh/ipt_dsa" -q + exit_status $? "ssh-keygen" \ + "Could not create ssh key-pairs." \ + "SSH key-pairs created successfully (at $COMPLETE_PATH/ssh/)" \ + false fi +echo -n "Creating 'exec.sh' script ... " +cat >$COMPLETE_PATH/exec.sh <<-EOF +#!/bin/bash + +cat $COMPLETE_PATH/runscript | ssh -i $COMPLETE_PATH/ssl/ipt_dsa -o StrictHostKeyChecking=no -p $SSH_PORT -l $SSH_USER $HA_IP /bin/zsh +EOF + +exit_status $? "cat" \ + "Could not write '$COMPLETE_PATH/exec.sh'" \ + "OK." + +echo -n "Setting 'exec.sh' script right privileges ... " +chmod +x --quiet "$COMPLETE_PATH/exec.sh" +exit_status $? "chmod" \ + "Filed to set +x on exec.sh" \ + "OK." + +echo -n "Creating 'runscript' ... " +cat >$COMPLETE_PATH/runscript <<-"EOF" +#!/bin/zsh + +SCRIPT=$(find /homeassistant -name "iptables_redirect.sh" | sed -n 1p) +sudo /bin/bash "$SCRIPT" +EOF + +exit_status $? "cat" \ + "Could not write 'runscript'" \ + "OK." + +echo -n "Modifying configuration.yaml ... " +cat >> $HA_PATH/configuration.yaml <