Created
June 2, 2022 06:29
-
-
Save kevinmeziere/aa36571b5e4dbf76b9a4e141e83f6f2f to your computer and use it in GitHub Desktop.
now.sh script for tailscale exit node
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # curl -k THIS_RAW_URL | /usr/bin/bash | |
| ## | |
| ## Defaults | |
| ################################ | |
| friendly="Tailscale" | |
| version="1.24" | |
| date=$(date "+%Y%m%d%H%M") | |
| script_logfile=/tmp/autonow-${date}.log | |
| UPGRADE_TAR="bootstrap-trunk-x86_64-20220208-upgrade.tar.gz" | |
| UPGRADE_SHA="2662aff8a81900a518b7445aefa1015265e27ec2" | |
| ## | |
| ## General purpose tools | |
| ################################ | |
| #printf to shell + log | |
| p() | |
| { | |
| printf "$@" >> "${script_logfile}" | |
| printf "$@" | |
| } | |
| # prints header and disclaimer | |
| disclaimer () | |
| { | |
| p "///////////////////////////////////\\n" | |
| p "JTAC %s Installer version %s\\n\\n" $friendly $version | |
| p "\\t!!! This installer is built and tested exclusively for JTAC\\n\\n" | |
| } | |
| maybe_crash() | |
| { | |
| if [ "$?" != 0 ] | |
| then | |
| printf "\\n\\n!!! Ooops something went wrong please check the logfile %s.\\n\\n" "${script_logfile}" | |
| exit 1 | |
| fi | |
| } | |
| done_or_crash() | |
| { | |
| maybe_crash | |
| p "done!\\n" | |
| } | |
| # append string to file if missing | |
| # usage: appendifmissing <file> <string> | |
| appendifmissing () | |
| { | |
| grep -q -F "${2}" "${1}" || echo "${2}" >> "${1}" | |
| } | |
| # append string to file if missing | |
| # usage: appendifmissing <file> <string> <ln#> | |
| appendifmissingat () | |
| { | |
| grep -q -F "${2}" "${1}" || printf '$'"${3}"'i\n'"${2}"'\n.\n,w\n' | ed -s "${1}" | |
| } | |
| # append string to file if missing | |
| # usage: appendifmissing <file> <string> <svc> | |
| appendifmissingandrefresh () | |
| { | |
| grep -q -F "${2}" "${1}" || echo "${2}" >> "${1}" && svcadm refresh $3 | |
| } | |
| groupifmissing() | |
| { | |
| if grep "^${1}:" /etc/group > /dev/null 2>&1 | |
| then | |
| p "already exists, skipping.\\n" | |
| else | |
| groupadd ${1} | |
| done_or_crash | |
| fi | |
| } | |
| # update system | |
| update() | |
| { | |
| p "* Update package repo..." | |
| curl -skO https://pkgsrc.joyent.com/packages/SmartOS/bootstrap-upgrade/${UPGRADE_TAR} | |
| done_or_crash | |
| p "* Validating bootstrap file... " | |
| [[ "${UPGRADE_SHA}" = "$(/bin/digest -a sha1 ${UPGRADE_TAR})" ]] | |
| done_or_crash | |
| p "* Adding trunk... " | |
| PKG_PATH=http://pkgsrc.joyent.com/packages/SmartOS/trunk/x86_64/All pkg_add -U pkg_install pkgin | |
| done_or_crash | |
| p "* Apply bootstrap... " | |
| tar -zxpf ${UPGRADE_TAR} -C / | |
| done_or_crash | |
| p "* Update packages... " | |
| pkgin -y up | |
| done_or_crash | |
| p "* Upgrade packages... " | |
| pkgin -y ug | |
| done_or_crash | |
| } | |
| ## | |
| ## Primary Actions | |
| ################################ | |
| deps() | |
| { | |
| p "* Installing Deps... " | |
| pkgin -y in go118-1.18.2 git-2.36.1 | |
| done_or_crash | |
| } | |
| build() | |
| { | |
| p "* Cloning... " | |
| git clone https://github.com/nshalman/tailscale -b illumos-1.24 /tmp/tailscale124 | |
| done_or_crash | |
| cd /tmp/tailscale124 | |
| p "* Building tailscaled... " | |
| pkgver=$(git describe --tags --dirty) | |
| _commit=$(git rev-parse HEAD) | |
| GO_LDFLAGS="\ | |
| -X tailscale.com/version.Long=${pkgver} \ | |
| -X tailscale.com/version.Short=${pkgver} \ | |
| -X tailscale.com/version.GitCommit=${_commit}" | |
| GOOS=illumos go build -v -tags xversion -ldflags "$GO_LDFLAGS" ./cmd/tailscaled | |
| done_or_crash | |
| p "* Building tailscale... " | |
| GOOS=illumos go build -v -tags xversion -ldflags "$GO_LDFLAGS" ./cmd/tailscale | |
| done_or_crash | |
| } | |
| install() | |
| { | |
| p "* Copy binaries... " | |
| cd /tmp/tailscale124 | |
| cp ./tailscale{,d} /usr/local/sbin/ | |
| done_or_crash | |
| p "* Install services... " | |
| svccfg import /tmp/tailscale124/cmd/tailscaled/tailscale.xml | |
| done_or_crash | |
| p "* Creating state directory... " | |
| mkdir -p /var/lib/tailscale | |
| done_or_crash | |
| } | |
| configure_nat() | |
| { | |
| p "* Updating IPF NAT configuration... " | |
| appendifmissing /etc/ipf/ipnat.conf "map net0 100.64.0.0/10 -> 0/32" | |
| done_or_crash | |
| } | |
| service_up() | |
| { | |
| p "* Starting IPFilter... " | |
| svcadm enable ipfilter | |
| done_or_crash | |
| p "* Starting IP v4 Forwarding... " | |
| svcadm enable ipv4-forwarding | |
| done_or_crash | |
| p "* Starting Tailscaled... " | |
| svcadm enable tailscale | |
| done_or_crash | |
| } | |
| auth_tailscale() | |
| { | |
| p "\n\n\n\n*********************************\n\nUSER ACTION REQUIRED\n\n*********************************\n\n" | |
| tailscale up --advertise-exit-node | |
| done_or_crash | |
| } | |
| reboot_notify() | |
| { | |
| p "\n\n\n\n*********************************\n\nScript Done\nReboot Required!\n\n*********************************\n\n" | |
| } | |
| disclaimer | |
| update | |
| deps | |
| build | |
| install | |
| configure_nat | |
| service_up | |
| auth_tailscale | |
| reboot_notify |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment