Michal
/
SWS-12500-custom-component
mirror of https://github.com/schizza/SWS-12500-custom-component
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #18 from schizza/iptables-script 

Iptables script
pull/19/head
schizza 2024-04-30 17:12:38 +02:00 committed by GitHub
parent a916e342f7 4f2e93e63e
commit 88a4f2af49
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 100 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -160,3 +160,4 @@ cython_debug/
#.idea/ #.idea/
.DS_Store .DS_Store
HA

108
install_iptables.sh
View File

@ -11,6 +11,8 @@ ST_PORT=80
LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh" LINK="https://raw.githubusercontent.com/schizza/SWS-12500-custom-component/main/iptables_redirect.sh"
FILENAME="iptables_redirect.sh" FILENAME="iptables_redirect.sh"
SCRIPT_DIR="iptables_redirect"
P_HA=true P_HA=true
P_ST=true P_ST=true
@ -22,6 +24,7 @@ declare -a HA_PATHS=(
"/homeassistant" "/homeassistant"
"$HOME/.homeassistant" "$HOME/.homeassistant"
"/usr/share/hassio/homeassistant" "/usr/share/hassio/homeassistant"
"./HA"
) )
function info() { echo -e $2 "${GREEN_COLOR}$1${NO_COLOR}"; } function info() { echo -e $2 "${GREEN_COLOR}$1${NO_COLOR}"; }
@ -66,6 +69,21 @@ function validate_dest() {
fi fi
} }
function exit_status() {
# argv 1 - status
# 2 - called function
# 3 - error message
# 4 - success message
# 5 - exit on error bool
if [ $1 -ne 0 ]; then
warn "$2 exited with error: $1"
error "$3" $5
else
info "$4"
fi
}
function cont() { function cont() {
while true; do while true; do
@ -95,6 +113,7 @@ echo
check "wget" check "wget"
check "sed" check "sed"
check "ping" false && { PING=true; } || { PING=false; } check "ping" false && { PING=true; } || { PING=false; }
check "ssh-keygen" false && { KEYGEN=true; } || { KEYGEN=false; }
echo -n "Trying to find Home Assitant ... " echo -n "Trying to find Home Assitant ... "
for _PATH in "${HA_PATHS[@]}"; do for _PATH in "${HA_PATHS[@]}"; do
@ -107,11 +126,19 @@ for _PATH in "${HA_PATHS[@]}"; do
fi fi
done done
rm -f "$FILENAME" COMPLETE_PATH="$HA_PATH/$SCRIPT_DIR"
FILENAME="$COMPLETE_PATH/$FILENAME"
[ -z $HA_PATH ] && { error "Home Assistant not found!"; } [ -z $HA_PATH ] && { error "Home Assistant not found!"; }
info "found at $HA_PATH" info "found at $HA_PATH"
[ -d $COMPLETE_PATH ] && {
warn "Previous version of script exists ... removing directory ($COMPLETE_PATH)"
rm -r $COMPLETE_PATH
}
mkdir -p $COMPLETE_PATH
while true; do while true; do
read -r -p "Your station's IP: " ST_IP read -r -p "Your station's IP: " ST_IP
if validate_ip $ST_IP; then break; fi if validate_ip $ST_IP; then break; fi
@ -133,6 +160,9 @@ while true; do
warn "Provide valid port number." warn "Provide valid port number."
done done
read -r -p "SSH server username: " SSH_USER
read -r -p "SSH server port: " SSH_PORT
if $PING; then if $PING; then
validate_dest $HA_IP || { validate_dest $HA_IP || {
cont "Home Assistant host is unreachable." cont "Home Assistant host is unreachable."
@ -148,16 +178,72 @@ echo -n "Downloading 'iptables_redirect.sh' ... "
wget -q -O - "$LINK" | sed -e "s/\[_STATION_IP_\]/$ST_IP/" \ wget -q -O - "$LINK" | sed -e "s/\[_STATION_IP_\]/$ST_IP/" \
-e "s/\[_HA_\]/$HA_IP/" \ -e "s/\[_HA_\]/$HA_IP/" \
-e "s/\[_SRC_PORT_\]/$ST_PORT/" \ -e "s/\[_SRC_PORT_\]/$ST_PORT/" \
-e "s/\[_DST_PORT_\]/$HA_PORT/" >./iptables_redirect.sh -e "s/\[_DST_PORT_\]/$HA_PORT/" >$FILENAME
EXIT_STATUS=$? exit_status $? "wget" \
if [ $EXIT_STATUS -ne 0 ]; then "Could not download 'iptables_redirect.sh'." \
warn "wget exited with error: $EXIT_STATUS" "iptables_redirect.sh downloaded successffully."
error "Could not download 'iptables_redirect.sh'."
else if $KEYGEN; then
info "iptables_redirect.sh downloaded succeffully." echo -n "Generating ssh key-pairs ... "
mkdir -p "$COMPLETE_PATH/ssh"
ssh-keygen -t ecdsa -b 521 -N "" -f "$COMPLETE_PATH/ssh/ipt_dsa" -q
exit_status $? "ssh-keygen" \
"Could not create ssh key-pairs." \
"SSH key-pairs created successfully (at $COMPLETE_PATH/ssh/)" \
false
fi fi
echo -n "Creating 'exec.sh' script ... "
cat >$COMPLETE_PATH/exec.sh <<-EOF
#!/bin/bash
cat $COMPLETE_PATH/runscript | ssh -i $COMPLETE_PATH/ssl/ipt_dsa -o StrictHostKeyChecking=no -p $SSH_PORT -l $SSH_USER $HA_IP /bin/zsh
EOF
exit_status $? "cat" \
"Could not write '$COMPLETE_PATH/exec.sh'" \
"OK."
echo -n "Setting 'exec.sh' script right privileges ... "
chmod +x --quiet "$COMPLETE_PATH/exec.sh"
exit_status $? "chmod" \
"Filed to set +x on exec.sh" \
"OK."
echo -n "Creating 'runscript' ... "
cat >$COMPLETE_PATH/runscript <<-"EOF"
#!/bin/zsh
SCRIPT=$(find /homeassistant -name "iptables_redirect.sh" | sed -n 1p)
sudo /bin/bash "$SCRIPT"
EOF
exit_status $? "cat" \
"Could not write 'runscript'" \
"OK."
echo -n "Modifying configuration.yaml ... "
cat >> $HA_PATH/configuration.yaml <<EOF
shell_command:
iptables_script: ./iptables_redirect/exec.sh
EOF
exit_status $? "cat" \
"Could not modify configuration.yaml" \
"OK." \
false
echo "Executing 'iptables_redirecet.sh' ..."
/bin/bash $FILENAME
FIRST_RUN=$?
exit_status $FIRST_RUN "iptables_redirect.sh" \
"iptables_redirect scritp did not run successfully.\n But is installed in $FILENAME.\n Please run it again a look at the log." \
"First run of 'iptables_redirect.sh' was successfful. Your iptables are set." \
false
info "\nYour configuration:" info "\nYour configuration:"
info " Home Assistant at: $HA_PATH" info " Home Assistant at: $HA_PATH"
info " Home Assistant server at: $HA_IP:$HA_PORT" -n info " Home Assistant server at: $HA_IP:$HA_PORT" -n
@ -173,4 +259,8 @@ else
error " (not tested)" false error " (not tested)" false
fi fi
/bin/bash ./iptables_redirect.sh info " First run of 'iptables_redirect.sh' script " -n
[ $FIRST_RUN -ne 0 ] && { error " failed." false; } || { info " passed."; }
info " SSH pub_key: at $COMPLETE_PATH/ssh/ipt_dsa.pub"