tools/network-setup.sh - device/google/cuttlefish - Git at Google

 #!/bin/bash

 # Copyright 2019 Google Inc. All rights reserved.

 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at

 #     http://www.apache.org/licenses/LICENSE-2.0

 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 if [[ "$OSTYPE" != "linux-gnu" ]]; then
 	echo "error: must be running linux"
 	exit 1
 fi

 # escalate to superuser
 if [ "$UID" -ne 0 ]; then
 	exec sudo bash "$0"
 fi

 cleanup() {
 	echo "Starting up network-manager..."
 	service network-manager start
 	if [ $? != 0 ]; then
 		echo "error: failed to start network-manager"
 		exit 1
 	fi

 	echo "Starting up networking..."
 	service networking start
 	if [ $? != 0 ]; then
 		echo "error: failed to start networking"
 		exit 1
 	fi
 	if [ ! -z "$1" ]; then
 		exit $1
 	fi
 }

 sleep_time=0.1
 max_attempts=100
 DEFAULTNET=$1
 if [ "$DEFAULTNET" == "" ]; then
 	warn_no_default_network=0
 	warn_disconnect_rockpi=0
 	attempts=0
 	while true; do
 		NETLIST=`ip link | grep "state UP" | sed 's/[0-9]*: \([^:]*\):.*/\1/'`
 		if [[ "${NETLIST}" == "" ]]; then
 			if [[ $warn_no_default_network -eq 0 ]]; then
 				echo "error: couldn't detect any connected default network"
 				warn_no_default_network=1
 			fi
 			continue
 		elif [ `echo "${NETLIST}" | wc -l` -eq 1 ]; then
 			DEFAULTNET=${NETLIST}
 			break
 		elif [ `echo "${NETLIST}" | wc -l` -ne 1 ]; then
 			if [[ $warn_disconnect_rockpi -eq 0 ]]; then
 				echo "Please disconnect the network cable from the Rock Pi"
 				warn_disconnect_rockpi=1
 			fi
 			if [[ ${attempts} -gt ${max_attempts} ]]; then
 				echo -e "\nerror: detected multiple connected networks, please tell me what to do:"
 				count=1
 				for net in ${NETLIST}; do
 					echo "${count}) $net"
 					let count+=1
 				done
 				read -p "Enter the number of your default network connection: " num_default
 				count=1
 				for net in ${NETLIST}; do
 					if [ ${count} -eq ${num_default} ]; then
 						echo "Setting default to: ${net}"
 						DEFAULTNET=${net}
 					fi
 					let count+=1
 				done
 				warn_no_default_network=0
 				break
 			fi
 			echo -ne "\r"
 			printf "Manual configuration in %.1f seconds..." "$(( max_attempts-attempts ))e-1"
 			sleep $sleep_time
 		fi
 		let attempts+=1
 	done
 fi
 echo "Found default network at ${DEFAULTNET}"

 if [ "${ROCKNET}" == "" ]; then
 	echo "Please reconnect network cable from Rock Pi to PC's spare network port"
 	attempts=0
 	while true; do
 		NETLIST=`ip link | grep "state UP" | grep -v $DEFAULTNET | sed 's/[0-9]*: \([^:]*\):.*/\1/' | awk 'NF'`
 		networks=`echo "$NETLIST" | wc -l`
 		if [[ "${NETLIST}" == "" ]]; then
 			networks=0
 		fi
 		if [ $networks -eq 1 ]; then
 			ROCKNET=${NETLIST}
 			break
 		elif [ $networks -gt 1 ]; then
 			if [[ ${attempts} -gt ${max_attempts} ]]; then
 				echo -e "\nerror: detected multiple connected networks, please tell me what to do:"
 				count=1
 				for net in ${NETLIST}; do
 					echo "${count}) $net"
 					let count+=1
 				done
 				read -p "Enter the number of your rock pi network connection: " num_rockpi
 				count=1
 				for net in ${NETLIST}; do
 					if [ ${count} -eq ${num_rockpi} ]; then
 						echo "Setting rock pi to: ${net}"
 						ROCKNET=${net}
 					fi
 					let count+=1
 				done
 				break
 			fi
 			echo -ne "\r"
 			printf "Manual configuration in %.1f seconds..." "$(( max_attempts-attempts ))e-1"
 			let attempts+=1
 		fi
 		sleep $sleep_time
 	done
 fi
 echo "Found Rock Pi network at ${ROCKNET}"
 sudo ifconfig ${ROCKNET} down

 echo "Downloading dnsmasq..."
 apt-get install -d -y dnsmasq >/dev/null

 echo "Shutting down network-manager to prevent interference..."
 service network-manager stop
 if [ $? != 0 ]; then
 	echo "error: failed to stop network-manager"
 	cleanup 1
 fi

 echo "Shutting down networking to prevent interference..."
 service networking stop
 if [ $? != 0 ]; then
 	echo "error: failed to stop networking"
 	cleanup 1
 fi

 echo "Installing dnsmasq..."
 apt-get install dnsmasq >/dev/null

 echo "Enabling dnsmasq daemon..."
 cat /etc/default/dnsmasq | grep "ENABLED" >/dev/null
 if [ $? == 0 ]; then
 	sed -i 's/.*ENABLED.*/ENABLED=1/' /etc/default/dnsmasq
 else
 	echo "ENABLED=1" >> /etc/default/dnsmasq
 fi

 echo "Configuring dnsmasq for Rock Pi network..."
 cat >/etc/dnsmasq.d/${ROCKNET}.conf << EOF
 interface=${ROCKNET}
 bind-interfaces
 except-interface=lo
 dhcp-authoritative
 leasefile-ro
 port=0
 dhcp-range=192.168.0.100,192.168.0.199
 EOF

 echo "Configuring udev rules..."
 cat >/etc/udev/rules.d/82-${ROCKNET}.rules <<EOF
 ACTION=="add", SUBSYSTEM=="net", KERNEL=="${ROCKNET}", ENV{NM_UNMANAGED}="1"
 EOF

 echo "Configuring network interface..."
 cat >/etc/network/interfaces.d/${ROCKNET}.conf <<EOF
 auto ${ROCKNET}
 iface ${ROCKNET} inet static
 	address 192.168.0.1
 	netmask 255.255.255.0
 EOF

 echo "Enabling IP forwarding..."
 echo 1 >/proc/sys/net/ipv4/ip_forward

 echo "Creating IP tables rules script..."
 cat > /usr/local/sbin/iptables-rockpi.sh << EOF
 #!/bin/bash
 /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -m state --state RELATED,ESTABLISHED -j ACCEPT
 /sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -j ACCEPT
 /sbin/iptables -t nat -A POSTROUTING -o ${DEFAULTNET} -j MASQUERADE
 EOF
 sudo chown root:root /usr/local/sbin/iptables-rockpi.sh
 sudo chmod 750 /usr/local/sbin/iptables-rockpi.sh

 echo "Creating IP tables rules service..."
 cat > /etc/systemd/system/iptables-rockpi.service << EOF
 [Unit]
 Description=iptables rockpi service
 After=network.target

 [Service]
 Type=oneshot
 ExecStart=/usr/local/sbin/iptables-rockpi.sh
 RemainAfterExit=true
 StandardOutput=journal

 [Install]
 WantedBy=multi-user.target
 EOF

 echo "Reloading systemd manager configuration..."
 sudo systemctl daemon-reload

 echo "Start IP tables rules service..."
 sudo systemctl enable iptables-rockpi
 sudo systemctl start iptables-rockpi

 cleanup

 echo "Restarting dnsmasq service..."
 service dnsmasq restart
 if [ $? != 0 ]; then
 	echo "error: failed to restart dnsmasq"
 	exit 1
 fi

 # Verify the Rock Pi was configured correctly
 ip link show ${ROCKNET} >/dev/null
 if [ $? != 0 ]; then
 	echo "error: wasn't able to successfully configure connection to Rock Pi"
 	exit 1
 fi

 echo "Searching for Rock Pi's IP address..."
 while true; do
 	rockip=`cat /proc/net/arp | grep ${ROCKNET} | grep -v 00:00:00:00:00:00 | cut -d" " -f1`
 	if [[ ${#rockip} -ge 7 ]] && [[ ${#rockip} -le 15 ]]; then
 		break
 	fi
 	sleep 0.1
 done

 echo "Writing Rock Pi configuration to ~/.ssh/config..."
 USER_HOME=$(getent passwd $SUDO_USER | cut -d: -f6)
 grep -w "Host rock01" $USER_HOME/.ssh/config > /dev/null 2>&1
 if [ $? != 0 ]; then
 	cat >>$USER_HOME/.ssh/config << EOF
 Host rock01
     HostName ${rockip}
     User vsoc-01
     IdentityFile ~/.ssh/rock01_key
     LocalForward 6520 127.0.0.1:6520
     LocalForward 6444 127.0.0.1:6444
 EOF
 else
 	sed -i '/Host rock01/{n;s/.*/    HostName '${rockip}'/}' $USER_HOME/.ssh/config
 fi
 grep -w "Host rockpi01" $USER_HOME/.ssh/config > /dev/null 2>&1
 if [ $? != 0 ]; then
 	cat >>$USER_HOME/.ssh/config << EOF
 Host rockpi01
     HostName ${rockip}
     User vsoc-01
     IdentityFile ~/.ssh/rock01_key
 EOF
 else
 	sed -i '/Host rockpi01/{n;s/.*/    HostName '${rockip}'/}' $USER_HOME/.ssh/config
 fi

 sudo chown $SUDO_USER:`id -ng $SUDO_USER` $USER_HOME/.ssh/config
 sudo chmod 600 $USER_HOME/.ssh/config

 echo "Creating ssh key..."
 sudo -u $SUDO_USER echo "n" | sudo -u $SUDO_USER ssh-keygen -q -t rsa -b 4096 -f $USER_HOME/.ssh/rock01_key -N '' >/dev/null 2>&1
 tmpfile=`mktemp`
 echo "echo cuttlefish" > "$tmpfile"
 chmod a+x "$tmpfile"
 chown $SUDO_USER "$tmpfile"
 sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
 if [ $? != 0 ]; then
 	sed -i "/${rockip}/d" ${USER_HOME}/.ssh/known_hosts
 	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
 	if [ $? != 0 ]; then
 		echo "error: wasn't able to connect to Rock Pi over ssh"
 		exit 1
 	fi
 fi

 echo "Successfully configured!"
 echo "  Host: 192.168.0.1"
 echo "RockPi: ${rockip}"
 echo "SSH Alias: rock01 (auto port-forwarding)"
 echo "SSH Alias: rockpi01 (no port-forwarding)"
	#!/bin/bash

	# Copyright 2019 Google Inc. All rights reserved.

	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at

	# http://www.apache.org/licenses/LICENSE-2.0

	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	if [[ "$OSTYPE" != "linux-gnu" ]]; then
	echo "error: must be running linux"
	exit 1
	fi

	# escalate to superuser
	if [ "$UID" -ne 0 ]; then
	exec sudo bash "$0"
	fi

	cleanup() {
	echo "Starting up network-manager..."
	service network-manager start
	if [ $? != 0 ]; then
	echo "error: failed to start network-manager"
	exit 1
	fi

	echo "Starting up networking..."
	service networking start
	if [ $? != 0 ]; then
	echo "error: failed to start networking"
	exit 1
	fi
	if [ ! -z "$1" ]; then
	exit $1
	fi
	}

	sleep_time=0.1
	max_attempts=100
	DEFAULTNET=$1
	if [ "$DEFAULTNET" == "" ]; then
	warn_no_default_network=0
	warn_disconnect_rockpi=0
	attempts=0
	while true; do
	NETLIST=`ip link \| grep "state UP" \| sed 's/[0-9]: \([^:]\):.*/\1/'`
	if [[ "${NETLIST}" == "" ]]; then
	if [[ $warn_no_default_network -eq 0 ]]; then
	echo "error: couldn't detect any connected default network"
	warn_no_default_network=1
	fi
	continue
	elif [ `echo "${NETLIST}" \| wc -l` -eq 1 ]; then
	DEFAULTNET=${NETLIST}
	break
	elif [ `echo "${NETLIST}" \| wc -l` -ne 1 ]; then
	if [[ $warn_disconnect_rockpi -eq 0 ]]; then
	echo "Please disconnect the network cable from the Rock Pi"
	warn_disconnect_rockpi=1
	fi
	if [[ ${attempts} -gt ${max_attempts} ]]; then
	echo -e "\nerror: detected multiple connected networks, please tell me what to do:"
	count=1
	for net in ${NETLIST}; do
	echo "${count}) $net"
	let count+=1
	done
	read -p "Enter the number of your default network connection: " num_default
	count=1
	for net in ${NETLIST}; do
	if [ ${count} -eq ${num_default} ]; then
	echo "Setting default to: ${net}"
	DEFAULTNET=${net}
	fi
	let count+=1
	done
	warn_no_default_network=0
	break
	fi
	echo -ne "\r"
	printf "Manual configuration in %.1f seconds..." "$(( max_attempts-attempts ))e-1"
	sleep $sleep_time
	fi
	let attempts+=1
	done
	fi
	echo "Found default network at ${DEFAULTNET}"

	if [ "${ROCKNET}" == "" ]; then
	echo "Please reconnect network cable from Rock Pi to PC's spare network port"
	attempts=0
	while true; do
	NETLIST=`ip link \| grep "state UP" \| grep -v $DEFAULTNET \| sed 's/[0-9]: \([^:]\):.*/\1/' \| awk 'NF'`
	networks=`echo "$NETLIST" \| wc -l`
	if [[ "${NETLIST}" == "" ]]; then
	networks=0
	fi
	if [ $networks -eq 1 ]; then
	ROCKNET=${NETLIST}
	break
	elif [ $networks -gt 1 ]; then
	if [[ ${attempts} -gt ${max_attempts} ]]; then
	echo -e "\nerror: detected multiple connected networks, please tell me what to do:"
	count=1
	for net in ${NETLIST}; do
	echo "${count}) $net"
	let count+=1
	done
	read -p "Enter the number of your rock pi network connection: " num_rockpi
	count=1
	for net in ${NETLIST}; do
	if [ ${count} -eq ${num_rockpi} ]; then
	echo "Setting rock pi to: ${net}"
	ROCKNET=${net}
	fi
	let count+=1
	done
	break
	fi
	echo -ne "\r"
	printf "Manual configuration in %.1f seconds..." "$(( max_attempts-attempts ))e-1"
	let attempts+=1
	fi
	sleep $sleep_time
	done
	fi
	echo "Found Rock Pi network at ${ROCKNET}"
	sudo ifconfig ${ROCKNET} down

	echo "Downloading dnsmasq..."
	apt-get install -d -y dnsmasq >/dev/null

	echo "Shutting down network-manager to prevent interference..."
	service network-manager stop
	if [ $? != 0 ]; then
	echo "error: failed to stop network-manager"
	cleanup 1
	fi

	echo "Shutting down networking to prevent interference..."
	service networking stop
	if [ $? != 0 ]; then
	echo "error: failed to stop networking"
	cleanup 1
	fi

	echo "Installing dnsmasq..."
	apt-get install dnsmasq >/dev/null

	echo "Enabling dnsmasq daemon..."
	cat /etc/default/dnsmasq \| grep "ENABLED" >/dev/null
	if [ $? == 0 ]; then
	sed -i 's/.ENABLED./ENABLED=1/' /etc/default/dnsmasq
	else
	echo "ENABLED=1" >> /etc/default/dnsmasq
	fi

	echo "Configuring dnsmasq for Rock Pi network..."
	cat >/etc/dnsmasq.d/${ROCKNET}.conf << EOF
	interface=${ROCKNET}
	bind-interfaces
	except-interface=lo
	dhcp-authoritative
	leasefile-ro
	port=0
	dhcp-range=192.168.0.100,192.168.0.199
	EOF

	echo "Configuring udev rules..."
	cat >/etc/udev/rules.d/82-${ROCKNET}.rules <<EOF
	ACTION=="add", SUBSYSTEM=="net", KERNEL=="${ROCKNET}", ENV{NM_UNMANAGED}="1"
	EOF

	echo "Configuring network interface..."
	cat >/etc/network/interfaces.d/${ROCKNET}.conf <<EOF
	auto ${ROCKNET}
	iface ${ROCKNET} inet static
	address 192.168.0.1
	netmask 255.255.255.0
	EOF

	echo "Enabling IP forwarding..."
	echo 1 >/proc/sys/net/ipv4/ip_forward

	echo "Creating IP tables rules script..."
	cat > /usr/local/sbin/iptables-rockpi.sh << EOF
	#!/bin/bash
	/sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -m state --state RELATED,ESTABLISHED -j ACCEPT
	/sbin/iptables -A FORWARD -i ${ROCKNET} -o ${DEFAULTNET} -j ACCEPT
	/sbin/iptables -t nat -A POSTROUTING -o ${DEFAULTNET} -j MASQUERADE
	EOF
	sudo chown root:root /usr/local/sbin/iptables-rockpi.sh
	sudo chmod 750 /usr/local/sbin/iptables-rockpi.sh

	echo "Creating IP tables rules service..."
	cat > /etc/systemd/system/iptables-rockpi.service << EOF
	[Unit]
	Description=iptables rockpi service
	After=network.target

	[Service]
	Type=oneshot
	ExecStart=/usr/local/sbin/iptables-rockpi.sh
	RemainAfterExit=true
	StandardOutput=journal

	[Install]
	WantedBy=multi-user.target
	EOF

	echo "Reloading systemd manager configuration..."
	sudo systemctl daemon-reload

	echo "Start IP tables rules service..."
	sudo systemctl enable iptables-rockpi
	sudo systemctl start iptables-rockpi

	cleanup

	echo "Restarting dnsmasq service..."
	service dnsmasq restart
	if [ $? != 0 ]; then
	echo "error: failed to restart dnsmasq"
	exit 1
	fi

	# Verify the Rock Pi was configured correctly
	ip link show ${ROCKNET} >/dev/null
	if [ $? != 0 ]; then
	echo "error: wasn't able to successfully configure connection to Rock Pi"
	exit 1
	fi

	echo "Searching for Rock Pi's IP address..."
	while true; do
	rockip=`cat /proc/net/arp \| grep ${ROCKNET} \| grep -v 00:00:00:00:00:00 \| cut -d" " -f1`
	if [[ ${#rockip} -ge 7 ]] && [[ ${#rockip} -le 15 ]]; then
	break
	fi
	sleep 0.1
	done

	echo "Writing Rock Pi configuration to ~/.ssh/config..."
	USER_HOME=$(getent passwd $SUDO_USER \| cut -d: -f6)
	grep -w "Host rock01" $USER_HOME/.ssh/config > /dev/null 2>&1
	if [ $? != 0 ]; then
	cat >>$USER_HOME/.ssh/config << EOF
	Host rock01
	HostName ${rockip}
	User vsoc-01
	IdentityFile ~/.ssh/rock01_key
	LocalForward 6520 127.0.0.1:6520
	LocalForward 6444 127.0.0.1:6444
	EOF
	else
	sed -i '/Host rock01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config
	fi
	grep -w "Host rockpi01" $USER_HOME/.ssh/config > /dev/null 2>&1
	if [ $? != 0 ]; then
	cat >>$USER_HOME/.ssh/config << EOF
	Host rockpi01
	HostName ${rockip}
	User vsoc-01
	IdentityFile ~/.ssh/rock01_key
	EOF
	else
	sed -i '/Host rockpi01/{n;s/.*/ HostName '${rockip}'/}' $USER_HOME/.ssh/config
	fi

	sudo chown $SUDO_USER:`id -ng $SUDO_USER` $USER_HOME/.ssh/config
	sudo chmod 600 $USER_HOME/.ssh/config

	echo "Creating ssh key..."
	sudo -u $SUDO_USER echo "n" \| sudo -u $SUDO_USER ssh-keygen -q -t rsa -b 4096 -f $USER_HOME/.ssh/rock01_key -N '' >/dev/null 2>&1
	tmpfile=`mktemp`
	echo "echo cuttlefish" > "$tmpfile"
	chmod a+x "$tmpfile"
	chown $SUDO_USER "$tmpfile"
	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
	if [ $? != 0 ]; then
	sed -i "/${rockip}/d" ${USER_HOME}/.ssh/known_hosts
	sudo SSH_ASKPASS="${tmpfile}" DISPLAY=:0 su $SUDO_USER -c "setsid -w ssh-copy-id -i ${USER_HOME}/.ssh/rock01_key -o StrictHostKeyChecking=no vsoc-01@${rockip} >/dev/null 2>&1"
	if [ $? != 0 ]; then
	echo "error: wasn't able to connect to Rock Pi over ssh"
	exit 1
	fi
	fi

	echo "Successfully configured!"
	echo " Host: 192.168.0.1"
	echo "RockPi: ${rockip}"
	echo "SSH Alias: rock01 (auto port-forwarding)"
	echo "SSH Alias: rockpi01 (no port-forwarding)"