Added pre-update DWC (Dynamic Wireless Credential) System to the systemd suite

This commit is contained in:
xdrm-brackets 2017-07-18 15:34:07 +02:00
parent 34ebdf824a
commit 1506364b93
5 changed files with 76 additions and 18 deletions

View File

@ -276,22 +276,27 @@ step7(){
echo " - /lib/systemd/system";
sudo cp ./utility/sats-install.service /mnt/lib/systemd/system/sats-install.service;
# (3) Install sats-boot service #
# (3) Install sats-update service #
echo " (.) Create sats-update service";
echo " - /lib/systemd/system";
sudo cp ./utility/sats-update.service /mnt/lib/systemd/system/sats-update.service;
# (4) Install sats-loop service #
# (4) Install sats-pre-update service #
echo " (.) Create sats-pre-update service";
echo " - /lib/systemd/system";
sudo cp ./utility/sats-pre-update.service /mnt/lib/systemd/system/sats-pre-update.service;
# (5) Install sats-loop service #
echo " (.) Create sats-loop service";
echo " - /lib/systemd/system";
sudo cp ./utility/sats-loop.service /mnt/lib/systemd/system/sats-loop.service;
# (5) Enable startup service unit #
# (6) Enable startup service unit #
echo " (.) Emulate \`systemctl enable sats-loop.service\`";
sudo mkdir -p /mnt/etc/systemd/system/multi-user.target.wants;
sudo ln -fs /lib/systemd/system/sats-loop.service /mnt/etc/systemd/system/multi-user.target.wants/sats-loop.service;
# (6) Create sats-install script #
# (7) Create sats-install script #
echo " (.) Create sats-install script";
sudo cp ./utility/sats-install /mnt/service/sats-install;
@ -299,15 +304,19 @@ step7(){
echo " (.) Create sats-update script";
cat ./utility/sats-update | sudo tee /mnt/service/sats-update > /dev/null;
# (8) Create sats-loop script #
# (9) Create sats-pre-update script #
echo " (.) Create sats-pre-update script";
cat ./utility/sats-pre-update | sed "s/\*\*\*SALT\*\*\*/$WIFI_SALT/" | sed "s/\*\*\*PEPPER\*\*\*/$WIFI_PEPPER/" | sudo tee /mnt/service/sats-pre-update > /dev/null;
# (10) Create sats-loop script #
echo " (.) Create sats-loop script";
cat ./utility/sats-loop | sudo tee /mnt/service/sats-loop > /dev/null;
# (9) Create sats-update timer #
# (11) Create sats-update timer #
echo " (.) Create sats-update timer";
echo " - Create sats-loop.timer file";
echo " - Create sats-update.timer file";
cat ./utility/sats-update.timer | sudo tee /mnt/lib/systemd/system/sats-update.timer > /dev/null;
echo " - Emulate \`systemctl enable sats-loop.timer\`";
echo " - Emulate \`systemctl enable sats-update.timer\`";
sudo ln -fs /lib/systemd/system/sats-update.timer /mnt/etc/systemd/system/multi-user.target.wants/sats-update.timer;
# (10) Set up permissions #
@ -318,6 +327,9 @@ step7(){
echo " - sats-update @sats";
sudo chown 666:666 /mnt/service/sats-update;
sudo chmod 770 /mnt/service/sats-update;
echo " - sats-pre-update @pi";
sudo chown 1000:1000 /mnt/service/sats-pre-update;
sudo chmod 770 /mnt/service/sats-pre-update;
echo " - sats-loop @sats";
sudo chown 666:666 /mnt/service/sats-loop;
sudo chmod 770 /mnt/service/sats-loop;
@ -402,9 +414,6 @@ step9(){
sudo chown -R 666:666 /mnt/home/sats/satsd;
sudo chmod -R 770 /mnt/home/sats/satsd;
# (4) Add entry in /etc/hosts if LOCAL_TEST not empty #
test -n "$LOCAL_TEST" && echo -e "\n$LOCAL_TEST\n" | sudo tee -a /mnt/etc/hosts > /dev/null;
echo "<<< done";
step10;

View File

@ -7,6 +7,8 @@ export IMAGE_GZIP="0";
# WIFI SETTINGS
export WIFI_SSID="SATS_AP1";
export WIFI_PASS="SATS_PASS";
export WIFI_SALT="W8DgnYq_TakTMbL2pg9VrLkumK7BR1jsoUhuUDrQhbBCmqoHHXrRguCPazoPnXVXAdScy8HNaeJpaTXlUS2QRXkHAWW5ITcik_sa8BNn27hWy_JCX7DIGeCW0D3ZnbH0RdLqGSLv0dOPzyyOX97lt1rObji_1hKJ42B6E4iyVH1Jlm2FZrPnSxtoC1g1jvQilaH3NCi2jP5dv0ZT_qfJTibhXEg9FvBLPpkTR6DWsPKJ_tihlC0SDUi5v2L6VM9i";
export WIFI_PEPPER="DPJdwTm9zj0KdaBY5jcz3GlrZzItSe4gzPJgY_p95yLCBgpEfCSslQxidWTflgyKOLvTwEo3kDQjCR78bk5V477NiiaLIxfKux_vdThjl4d136VIAfdupgKC5expOVUUMs8zymRYMwr02xRKEd8uUX4W1C46gzxE37QFfHw3rWsT_SMhUeOo5yu_cZRkO3O2HFDl_2uQonlQi9O8LSY_UY0MvVfw4IEvEsSnwttVc99QmJMrdyUJKyrwPEfk1rQG";
# SERVER SETTINGS
export SERVER_HOSTNAME="xdrm.io";
@ -21,8 +23,3 @@ export MACHINE_SECRET=$(tr -dc A-Za-z0-9_ < /dev/urandom | head -c 250);
export NEXT_SECRET=$(tr -dc A-Za-z0-9_ < /dev/urandom | head -c 250);
export UNLOCK_CODE=$(tr -dc a-f0-9 < /dev/urandom | head -c 128);
export WAREHOUSE_TOKEN="52131065a906de90e26da0732e58400edd6739cfa03fc658e7593abef4a4504e18e66e1a8fe9da374a8e8f753603463e4777789262b3ee945d4bf72dd8d6399c";
# FOR TESTING ONLY - IF RUN ON LOCAL
# will create an entry in /etc/hosts to user local SMMP
export LOCAL_TEST="10.0.1.4 logauth";

View File

@ -0,0 +1,43 @@
#!/bin/bash
slog(){
echo "$1" | sudo -u sats tee -a /home/sats/satsd/log/update.log > /dev/null;
}
HSALT="***SALT***";
HPEPPER="***PEPPER***";
slog ">>> Dynamic Wireless Credentials";
# [1] Wifi scan for "SATS_*" APs
#========================================================#
# (1) Get interface name #
IFACE=`ifconfig | grep -P "^w" | awk '{print $1}'`;
# (2) Get nearest AP matching "SATS_*" and extract HASH #
AP_HASH=`sudo iwlist wlan0 scan | grep -P "^\s*ESSID:\"SATS_.+\"\s*$" | sed 's/^[ \t]*ESSID:"SATS_//' | sed 's/"[ \t]*$//'`;
# (3) Manage no AP found #
test `echo -ne $AP_HASH | wc -l` -eq 0 && slog "no AP found" && exit;
# [2] Calculate WIFI PASS from SSID hash
#========================================================#
PASS=`echo -ne "$HPEPPER$(echo -n "${HSALT}${AP_HASH}" | sha512sum | sed 's/[ \t]*-$//')" | sha512sum | sed 's/[ \t]*-//'`;
# [3] Update 'wpa_supplicant.conf'
#========================================================#
# (1) Update SSID #
sudo cat /etc/wpa_supplicant/wpa_supplicant.conf | sed "s/^[ \t]*ssid=.*$/\tssid=\"SATS_$AP_HASH\"/" | sudo tee /etc/wpa_supplicant/wpa_supplicant.tmp;
# (2) Update PASS #
sudo cat /etc/wpa_supplicant/wpa_supplicant.tmp | sed "s/^[ \t]*psk=.*$/\tpsk=\"$PASS\"/" | sudo tee /etc/wpa_supplicant/wpa_supplicant.conf;
# (3) Remove tmp file #
sudo rm /etc/wpa_supplicant/wpa_supplicant.tmp;
slog "<<< Done";

View File

@ -0,0 +1,8 @@
[Unit]
Description=SATS Pre-update Process
[Service]
Type=oneshot
User=pi
Group=pi
ExecStart=/bin/bash /service/sats-pre-update

View File

@ -1,5 +1,6 @@
[Unit]
Description=SATS Update Process
After=sats-pre-update.service
Requires=network-online.target network.target
OnFailure=sats-install.service