hvisage/hosts

## hosts
# sample config file
[do]
198.199.74.236 tinc_ip=10.1.1.1 hostname=ca_1_1 tinc_connectto=ca_2_2
192.34.60.13 tinc_ip=10.1.1.2 hostname=ca_1_2 tinc_connectto=ca_1_1
198.199.70.163 tinc_ip=10.1.1.3 hostname=ca_1_3 tinc_connectto=ca_1_2
198.199.71.204 tinc_ip=10.1.2.1 hostname=ca_2_1 tinc_connectto=ca_1_3
198.199.70.208 tinc_ip=10.1.2.2 hostname=ca_2_2 tinc_connectto=ca_2_1

## setup_tinc.py
#!/usr/bin/python
import os
import argparse
import sys
import logging

# Arguments handling
# Sample call:
# sudo rm /etc/tinc/ttt -Rf && sudo python setup_tinc.py -t 10.0.0.1 -n ttt --hostname s1 -p 192.168.1.25 -c s1,s2
parser = argparse.ArgumentParser()
parser.add_argument("-n", "--network", help="tinc network name")
parser.add_argument("-p", "--public-ip", help="Public IP")
parser.add_argument("-t", "--tinc-ip", help="Tinc IP")
parser.add_argument("-a", "--hostname", help="Hostname in the tinc network")
parser.add_argument("-c", "--connect-to", help="Hosts to connect to")
args = parser.parse_args()

# Logging
log = logging.getLogger("default")
log.setLevel(logging.DEBUG)
stStdout = logging.StreamHandler()
stStdout.setFormatter(logging.Formatter("%(asctime)s | %(levelname)8s | %(message)s"))
log.addHandler(stStdout)

# Preparing parameters
hostname= args.hostname

net = args.network
log.debug("net = "+net)
netdir = "/etc/tinc/"+net
log.debug("netdir = "+netdir)
conffile = netdir+"/tinc.conf"
tincupfile = netdir+"/tinc-up"
log.debug("conffile = "+conffile)
pubfile = netdir+"/rsa_key.pub"
privfile = netdir+"/rsa_key.priv"
hostsdir = netdir+"/hosts"
sharedfile = hostsdir + "/"+hostname

tincip = args.tinc_ip

pubip = args.public_ip

connectTo = args.connect_to

# Let's go
log.info( "Starting tinc setup" )

# tinc dir
if not os.path.exists( netdir ):
	log.info("Creating dir \""+netdir+"\"");
	os.mkdir( netdir )
	with open("/etc/tinc/nets.boot", "a") as f:
		f.write( net+"\n" )

# tinc keys
if not os.path.exists( pubfile ) or not os.path.exists( privfile ):
	log.info("Creating public (\""+pubfile+"\") and private (\""+privfile+"\") keys")
	os.system("tincd -K2048 -c "+netdir+" </dev/null 2>/dev/null")

# tinc conf file
if not os.path.exists( conffile ):
	log.info("Creating tinc conf file \""+conffile+"\"")
	with open( conffile, "w") as f:
		f.write("Name = "+hostname+"\n")
		if connectTo:
			for ct in connectTo.split(','):
				if hostname != ct:
					f.write("ConnectTo = "+ct+"\n")
		f.write("""
#Interface = tun0
Device = /dev/net/tun
AddressFamily = any
""")

# tinc-up file
if not os.path.exists( tincupfile ):
	log.info("Creating tinc-up file \""+tincupfile+"\"")
	with open( tincupfile, "w") as f:
		f.write("""#!/bin/sh
ifconfig $INTERFACE {tincip} netmask 255.0.0.0
""".format(tincip=tincip))
	os.system('chmod a+rx '+tincupfile)

# tinc hosts dir
if not os.path.exists( hostsdir ):
	log.info("Creating hosts dir \""+hostsdir+"\"")
	os.mkdir( hostsdir )

# tinc own file
if not os.path.exists( sharedfile ):
	log.info("Creating tinc host description file \""+sharedfile+"\"")
	with open(sharedfile, "w") as f:
		f.write( "Address = "+pubip+"\n")
		f.write( "Subnet = "+tincip+"/32\n" )
		# We copy the content of the public key into the tinc file
		with open( pubfile ) as p:
			for l in p.readlines():
				f.write( l )


## setup_tinc.yml
# We must have a local "hosts" dir
- name: tinc install & setup
  hosts: do
  user: root
  vars:
    tincnet: cloudnet
  tasks:
  - name: Install tinc package
    action: command apt-get install tinc python-argparse -y
  - name: Copy tinc setup script
    action: copy src=setup_tinc.py dest=/tmp/setup_tinc.py mode=755
  - name: Run tinc setup script
    action: command /tmp/setup_tinc.py --public-ip {{ ansible_eth0["ipv4"]["address"] }} --network {{ tincnet }} --tinc-ip {{ tinc_ip }} --hostname {{ hostname }} --connect-to  {{ tinc_connectto }}
  - name: Prepare a local hosts directory
    local_action: shell [ -e hosts ] || mkdir hosts ; rm hosts/* -Rf
  - name: Fetch back the tinc file
    action: fetch src=/etc/tinc/{{ tincnet }}/hosts/{{ hostname }} dest=hosts dest_prefix=simple
  - name: Create an archive with these hosts files
    local_action: shell [ ! -e hosts.tar.gz ] || rm hosts.tar.gz ; tar -zcf hosts.tar.gz hosts
  - name: Copy the hosts dir
    action: copy src=hosts.tar.gz dest=/etc/tinc/{{ tincnet }}/hosts.tar.gz
  - name: Extract the hosts dir
    action: shell cd /etc/tinc/{{ tincnet }} && [ ! -e hosts ] || rm -Rf hosts ; tar -zxvf hosts.tar.gz
  - name: Restart tinc
    action: command /etc/init.d/tinc restart
#action: service name=tinc state=restarted
  - name: Adding firewall rule
    action: command ufw allow 655
	# sample config file
	[do]
	198.199.74.236 tinc_ip=10.1.1.1 hostname=ca_1_1 tinc_connectto=ca_2_2
	192.34.60.13 tinc_ip=10.1.1.2 hostname=ca_1_2 tinc_connectto=ca_1_1
	198.199.70.163 tinc_ip=10.1.1.3 hostname=ca_1_3 tinc_connectto=ca_1_2
	198.199.71.204 tinc_ip=10.1.2.1 hostname=ca_2_1 tinc_connectto=ca_1_3
	198.199.70.208 tinc_ip=10.1.2.2 hostname=ca_2_2 tinc_connectto=ca_2_1
	#!/usr/bin/python
	import os
	import argparse
	import sys
	import logging

	# Arguments handling
	# Sample call:
	# sudo rm /etc/tinc/ttt -Rf && sudo python setup_tinc.py -t 10.0.0.1 -n ttt --hostname s1 -p 192.168.1.25 -c s1,s2
	parser = argparse.ArgumentParser()
	parser.add_argument("-n", "--network", help="tinc network name")
	parser.add_argument("-p", "--public-ip", help="Public IP")
	parser.add_argument("-t", "--tinc-ip", help="Tinc IP")
	parser.add_argument("-a", "--hostname", help="Hostname in the tinc network")
	parser.add_argument("-c", "--connect-to", help="Hosts to connect to")
	args = parser.parse_args()

	# Logging
	log = logging.getLogger("default")
	log.setLevel(logging.DEBUG)
	stStdout = logging.StreamHandler()
	stStdout.setFormatter(logging.Formatter("%(asctime)s \| %(levelname)8s \| %(message)s"))
	log.addHandler(stStdout)

	# Preparing parameters
	hostname= args.hostname

	net = args.network
	log.debug("net = "+net)
	netdir = "/etc/tinc/"+net
	log.debug("netdir = "+netdir)
	conffile = netdir+"/tinc.conf"
	tincupfile = netdir+"/tinc-up"
	log.debug("conffile = "+conffile)
	pubfile = netdir+"/rsa_key.pub"
	privfile = netdir+"/rsa_key.priv"
	hostsdir = netdir+"/hosts"
	sharedfile = hostsdir + "/"+hostname

	tincip = args.tinc_ip

	pubip = args.public_ip

	connectTo = args.connect_to

	# Let's go
	log.info( "Starting tinc setup" )

	# tinc dir
	if not os.path.exists( netdir ):
	log.info("Creating dir \""+netdir+"\"");
	os.mkdir( netdir )
	with open("/etc/tinc/nets.boot", "a") as f:
	f.write( net+"\n" )

	# tinc keys
	if not os.path.exists( pubfile ) or not os.path.exists( privfile ):
	log.info("Creating public (\""+pubfile+"\") and private (\""+privfile+"\") keys")
	os.system("tincd -K2048 -c "+netdir+" </dev/null 2>/dev/null")

	# tinc conf file
	if not os.path.exists( conffile ):
	log.info("Creating tinc conf file \""+conffile+"\"")
	with open( conffile, "w") as f:
	f.write("Name = "+hostname+"\n")
	if connectTo:
	for ct in connectTo.split(','):
	if hostname != ct:
	f.write("ConnectTo = "+ct+"\n")
	f.write("""
	#Interface = tun0
	Device = /dev/net/tun
	AddressFamily = any
	""")

	# tinc-up file
	if not os.path.exists( tincupfile ):
	log.info("Creating tinc-up file \""+tincupfile+"\"")
	with open( tincupfile, "w") as f:
	f.write("""#!/bin/sh
	ifconfig $INTERFACE {tincip} netmask 255.0.0.0
	""".format(tincip=tincip))
	os.system('chmod a+rx '+tincupfile)

	# tinc hosts dir
	if not os.path.exists( hostsdir ):
	log.info("Creating hosts dir \""+hostsdir+"\"")
	os.mkdir( hostsdir )

	# tinc own file
	if not os.path.exists( sharedfile ):
	log.info("Creating tinc host description file \""+sharedfile+"\"")
	with open(sharedfile, "w") as f:
	f.write( "Address = "+pubip+"\n")
	f.write( "Subnet = "+tincip+"/32\n" )
	# We copy the content of the public key into the tinc file
	with open( pubfile ) as p:
	for l in p.readlines():
	f.write( l )
	# We must have a local "hosts" dir
	- name: tinc install & setup
	hosts: do
	user: root
	vars:
	tincnet: cloudnet
	tasks:
	- name: Install tinc package
	action: command apt-get install tinc python-argparse -y
	- name: Copy tinc setup script
	action: copy src=setup_tinc.py dest=/tmp/setup_tinc.py mode=755
	- name: Run tinc setup script
	action: command /tmp/setup_tinc.py --public-ip {{ ansible_eth0["ipv4"]["address"] }} --network {{ tincnet }} --tinc-ip {{ tinc_ip }} --hostname {{ hostname }} --connect-to {{ tinc_connectto }}
	- name: Prepare a local hosts directory
	local_action: shell [ -e hosts ] \|\| mkdir hosts ; rm hosts/* -Rf
	- name: Fetch back the tinc file
	action: fetch src=/etc/tinc/{{ tincnet }}/hosts/{{ hostname }} dest=hosts dest_prefix=simple
	- name: Create an archive with these hosts files
	local_action: shell [ ! -e hosts.tar.gz ] \|\| rm hosts.tar.gz ; tar -zcf hosts.tar.gz hosts
	- name: Copy the hosts dir
	action: copy src=hosts.tar.gz dest=/etc/tinc/{{ tincnet }}/hosts.tar.gz
	- name: Extract the hosts dir
	action: shell cd /etc/tinc/{{ tincnet }} && [ ! -e hosts ] \|\| rm -Rf hosts ; tar -zxvf hosts.tar.gz
	- name: Restart tinc
	action: command /etc/init.d/tinc restart
	#action: service name=tinc state=restarted
	- name: Adding firewall rule
	action: command ufw allow 655