|
|
|
@ -3,6 +3,10 @@
|
|
|
|
|
# this script does EVERYTHING
|
|
|
|
|
# all other scripts are only frontends :)
|
|
|
|
|
#
|
|
|
|
|
# called by:
|
|
|
|
|
# - some rc-scripts
|
|
|
|
|
# - the web frontend cgi
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
set -eu
|
|
|
|
|
|
|
|
|
@ -10,7 +14,7 @@ set -eu
|
|
|
|
|
. /etc/cryptobox/cryptobox.conf
|
|
|
|
|
|
|
|
|
|
## configuration
|
|
|
|
|
MARKER="$CONFIG_DIR/cryptobox.marker"
|
|
|
|
|
CONFIG_MARKER="$CONFIG_DIR/cryptobox.marker"
|
|
|
|
|
CERT_TEMP=/tmp/stunnel.pem
|
|
|
|
|
|
|
|
|
|
#####
|
|
|
|
@ -86,7 +90,7 @@ function create_config()
|
|
|
|
|
# mount the config partition rw
|
|
|
|
|
mount "$device" "$CONFIG_DIR"
|
|
|
|
|
# create a marker to recognize a cryptobox partition
|
|
|
|
|
date -I >"$MARKER"
|
|
|
|
|
date -I >"$CONFIG_MARKER"
|
|
|
|
|
## write (network) interfaces
|
|
|
|
|
cp -a "$CONFIG_DEFAULTS_DIR/." "$CONFIG_DIR"
|
|
|
|
|
|
|
|
|
@ -147,7 +151,7 @@ function config_mount_test()
|
|
|
|
|
|
|
|
|
|
function is_config_mounted()
|
|
|
|
|
{
|
|
|
|
|
mount | grep -q " ${CONFIG_DIR} " && [ -f "$MARKER" ]
|
|
|
|
|
mount | grep -q " ${CONFIG_DIR} " && [ -f "$CONFIG_MARKER" ]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -282,12 +286,12 @@ case "$ACTION" in
|
|
|
|
|
conf_ip=$(config_get_value "ip")
|
|
|
|
|
ifconfig $NET_IFACE "$conf_ip"
|
|
|
|
|
echo "Configured network interface for $NET_IFACE: $conf_ip"
|
|
|
|
|
/scripts/firewall.sh start
|
|
|
|
|
$FIREWALL_SCRIPT start
|
|
|
|
|
# start stunnel
|
|
|
|
|
if [ -f "$CERT_FILE" ]
|
|
|
|
|
then USE_CERT=$CERT_FILE
|
|
|
|
|
else USE_CERT=$CERT_TEMP
|
|
|
|
|
/scripts/make_stunnel_cert.sh "$CERT_TEMP" >>"$LOG_FILE" 2>&1
|
|
|
|
|
$MAKE_CERT_SCRIPT "$CERT_TEMP" >>"$LOG_FILE" 2>&1
|
|
|
|
|
fi
|
|
|
|
|
stunnel -p "$USE_CERT" -r localhost:80 -d 443 \
|
|
|
|
|
|| echo "$USE_CERT not found - not starting stunnel"
|
|
|
|
@ -296,7 +300,7 @@ case "$ACTION" in
|
|
|
|
|
ping -b -c 1 $(ifconfig $NET_IFACE | grep Bcast | cut -d ":" -f 3 | cut -d " " -f 1) &>/dev/null
|
|
|
|
|
;;
|
|
|
|
|
network-down )
|
|
|
|
|
/scripts/firewall.sh stop
|
|
|
|
|
$FIREWALL_SCRIPT stop
|
|
|
|
|
killall stunnel
|
|
|
|
|
ifconfig $NET_IFACE down
|
|
|
|
|
;;
|