diff --git a/clone/clone b/clone/clone index 563f22d..03a1565 100755 --- a/clone/clone +++ b/clone/clone @@ -259,83 +259,115 @@ step6(){ step7(){ echo -e "\n>>> [7] Set up systemd units"; + # (1) Defaults + #--------------------------------------------------------# - # (0) Create useful folders # + # (1) Create useful folders # echo " (.) Create useful folder"; echo " - /service"; sudo mkdir /mnt/service; echo " - /target"; sudo mkdir /mnt/target; - # (1) Create link in order to be handled # + # (2) Set multi-user.target as default # echo " (.) Emulate \`systemctl set-default multi-user.target\`"; sudo ln -fs /lib/systemd/system/multi-user.target /mnt/etc/systemd/system/default.target; - # (2) Install sats-install service # + + # (2) Create .service lib files () + #--------------------------------------------------------# + + # (1) Create sats-install service # echo " (.) Create sats-install service"; echo " - /lib/systemd/system"; sudo cp ./utility/sats-install.service /mnt/lib/systemd/system/sats-install.service; - # (3) Install sats-update service # + # (2) Create sats-update service # echo " (.) Create sats-update service"; echo " - /lib/systemd/system"; sudo cp ./utility/sats-update.service /mnt/lib/systemd/system/sats-update.service; - # (5) Install sats-loop service # + # (3) Create sats-loop service # echo " (.) Create sats-loop service"; echo " - /lib/systemd/system"; sudo cp ./utility/sats-loop.service /mnt/lib/systemd/system/sats-loop.service; - # (6) Enable startup service unit # - echo " (.) Emulate \`systemctl enable sats-loop.service\`"; + # (4) Create sats-dwc@ service # + echo " (.) Create sats-dwc@ service"; + echo " - /lib/systemd/system"; + sudo cp ./utility/sats-dwc@.service /mnt/lib/systemd/system/sats-dwc@.service; + + # (5) Create sats-update timer # + echo " (.) Create sats-update timer"; + echo " - /lib/systemd/system"; + cat ./utility/sats-update.timer | sudo tee /mnt/lib/systemd/system/sats-update.timer > /dev/null; + + + # (3) Install services + #--------------------------------------------------------# + # (1) Create startup folder (if not already exists) # sudo mkdir -p /mnt/etc/systemd/system/multi-user.target.wants; + + # (2) Enable sats-loop at startup # + echo " (.) Emulate \`systemctl enable sats-loop.service\`"; sudo ln -fs /lib/systemd/system/sats-loop.service /mnt/etc/systemd/system/multi-user.target.wants/sats-loop.service; - # (7) Create sats-install script # - echo " (.) Create sats-install script"; - sudo cp ./utility/sats-install /mnt/service/sats-install; + # (3) Enable sats-dwc@wlan0 at startup # + echo " (.) Emulate \`systemctl enable sats-dwc@wlan0.service\`"; + sudo ln -fs /lib/systemd/system/sats-dwc@.service /mnt/etc/systemd/system/multi-user.target.wants/sats-dwc@wlan0.service; - # (8) Create sats-update script # - echo " (.) Create sats-update script"; - cat ./utility/sats-update | sudo tee /mnt/service/sats-update > /dev/null; - - # (9) Create sats-wpa script # - echo " (.) Create sats-wpa script"; - cat ./utility/sats-wpa | sed "s/\*\*\*SALT\*\*\*/$WIFI_SALT/" | sed "s/\*\*\*PEPPER\*\*\*/$WIFI_PEPPER/" | sudo tee /mnt/service/sats-wpa > /dev/null; - - # (10) Create sats-loop script # - echo " (.) Create sats-loop script"; - cat ./utility/sats-loop | sudo tee /mnt/service/sats-loop > /dev/null; - - # (11) Create sats-update timer # - echo " (.) Create sats-update timer"; - echo " - Create sats-update.timer file"; - cat ./utility/sats-update.timer | sudo tee /mnt/lib/systemd/system/sats-update.timer > /dev/null; + # (4) Enable sats-update timer at startup # echo " - Emulate \`systemctl enable sats-update.timer\`"; sudo ln -fs /lib/systemd/system/sats-update.timer /mnt/etc/systemd/system/multi-user.target.wants/sats-update.timer; - # (10) Set up permissions # + + # (4) Create target scripts + #--------------------------------------------------------# + # (1) Create sats-install script # + echo " (.) Create sats-install script"; + sudo cp ./utility/sats-install /mnt/service/sats-install; + + # (2) Create sats-update script # + echo " (.) Create sats-update script"; + cat ./utility/sats-update | sudo tee /mnt/service/sats-update > /dev/null; + + # (3) Create sats-loop script # + echo " (.) Create sats-loop script"; + cat ./utility/sats-loop | sudo tee /mnt/service/sats-loop > /dev/null; + + # (4.1) Create sats-dwc@wlan0 script # + echo " (.) Create sats-dwc@wlan0 script"; + cat ./utility/wlan0.dwc | sed "s/\*\*\*SALT\*\*\*/$WIFI_SALT/" | sed "s/\*\*\*PEPPER\*\*\*/$WIFI_PEPPER/" | sudo tee /mnt/etc/wpa_supplicant/wlan0.dwc > /dev/null; + + + # (5) Set up permissions + #--------------------------------------------------------# echo " (.) Set up permissions"; - echo " - sats-install @pi"; + + # (1) Services scripts # + echo " - sats-install (owner: pi)"; sudo chown 1000:1000 /mnt/service/sats-install; - sudo chmod 770 /mnt/service/sats-install; - echo " - sats-update @sats"; + sudo chmod 550 /mnt/service/sats-install; + + echo " - sats-update (ownder: sats)"; sudo chown 666:666 /mnt/service/sats-update; - sudo chmod 770 /mnt/service/sats-update; - echo " - sats-wpa @pi"; - sudo chown 1000:1000 /mnt/service/sats-wpa; - sudo chmod 770 /mnt/service/sats-wpa; - echo " - sats-loop @sats"; + sudo chmod 550 /mnt/service/sats-update; + + echo " - sats-loop (ownder: sats)"; sudo chown 666:666 /mnt/service/sats-loop; - sudo chmod 770 /mnt/service/sats-loop; + sudo chmod 550 /mnt/service/sats-loop; - echo " - /service @sats"; + echo " - sats-dwc@wlan0 (ownder: pi)"; + sudo chown 1000:1000 /mnt/etc/wpa_supplicant/wlan0.dwc; + sudo chmod 550 /mnt/etc/wpa_supplicant/wlan0.dwc; + + echo " - /service (ownder: sats)"; sudo chown 666:666 /mnt/service/*; - sudo chmod 777 /mnt/service/*; + sudo chmod 555 /mnt/service/*; - echo " - /target @sats"; + echo " - /target (ownder: sats)"; sudo chown 666:666 /mnt/target; - sudo chmod 777 /mnt/target; + sudo chmod 555 /mnt/target; echo "<<< done"; diff --git a/clone/utility/sats-dwc@.service b/clone/utility/sats-dwc@.service new file mode 100644 index 0000000..c84b0c4 --- /dev/null +++ b/clone/utility/sats-dwc@.service @@ -0,0 +1,22 @@ +[Unit] +Description=SATS Dynamic Wireless Credentials (%i) +Wants=network.target +Before=network.target +BindsTo=sys-subsystem-net-devices-%i.device +After=sys-subsystem-net-devices-%i.device + +[Service] +Type=oneshot +RemainAfterExit=yes + +ExecStart=/bin/echo "[1] Bringing %i up" +ExecStart=-/usr/sbin/ip link set dev %i up +ExecStart=/bin/echo "[2] Running Dynamic Wireless Configuration" +ExecStart=/bin/bash /etc/wpa_supplicant/%i.dwc +ExecStart=/bin/echo "[3] Running WPA Supplicant" +ExecStart=/sbin/wpa_supplicant -B -Dwext -i%i -c/etc/wpa_supplicant/%i.conf +ExecStart=/bin/echo "[4] Running DHCP client" +ExecStart=/sbin/dhclient %i + +[Install] +WantedBy=multi-user.target diff --git a/clone/utility/sats-install.service b/clone/utility/sats-install.service index 6e48dbf..7508f41 100644 --- a/clone/utility/sats-install.service +++ b/clone/utility/sats-install.service @@ -1,7 +1,7 @@ [Unit] Description=SATS Install Process -Requires=network.target network-online.target -After=network.target network-online.target +Requires=sats-dwc@wlan0.service network-online.target +After=sats-dwc@wlan0.service Before=sats-loop.service [Service] diff --git a/clone/utility/sats-update.service b/clone/utility/sats-update.service index a950246..c8e8f7b 100644 --- a/clone/utility/sats-update.service +++ b/clone/utility/sats-update.service @@ -1,6 +1,7 @@ [Unit] Description=SATS Update Process -Requires=network.target network-online.target +Requires=sats-dwc@wlan0.service network-online.target +After=sats-dwc@wlan0.service OnFailure=sats-install.service [Service] diff --git a/clone/utility/sats-wpa.service b/clone/utility/sats-wpa.service deleted file mode 100644 index 512af38..0000000 --- a/clone/utility/sats-wpa.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=SATS DWC (Dynamic Wireless Credentials) -Requires=sats-install.service -Before=network.target - -[Service] -Type=simple -User=sats -Group=sats -ExecStart=/bin/sh /service/sats-loop -Restart=always - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/clone/utility/sats-wpa b/clone/utility/wlan0.dwc similarity index 56% rename from clone/utility/sats-wpa rename to clone/utility/wlan0.dwc index ebd6d28..3d4235a 100644 --- a/clone/utility/sats-wpa +++ b/clone/utility/wlan0.dwc @@ -1,19 +1,24 @@ #!/bin/bash + +LOGFILE="/home/sats/satsd/log/dwc.log"; slog(){ - echo "$1" | sudo -u sats tee -a /home/sats/satsd/log/update.log > /dev/null; + echo -e "$1" | sudo -u sats tee -a $LOGFILE > /dev/null; } +test ! -f $LOGFILE && sudo -u sats touch $LOGFILE; + HSALT="***SALT***"; HPEPPER="***PEPPER***"; + slog ">>> Dynamic Wireless Credentials"; # [1] Wifi scan for "SATS_*" APs #========================================================# # (1) Get interface name # -slog "(1) Looking for wireless interface"; +slog " * 1. Looking for wireless interface"; IFACE=`sudo ifconfig -a | grep -P "^w" | awk '{print $1}' | head -n 1`; sudo ifconfig $IFACE up; @@ -22,7 +27,7 @@ test -z "$IFACE" && slog " > no wireless IFACE found" && exit; slog " > got '$IFACE'"; # (3) Get nearest AP matching "SATS_*" and extract HASH # -slog "(2) Looking for nearest AP matching 'SATS_.+'"; +slog " * 2. Looking for nearest AP matching 'SATS_.+'"; AP_HASH=`sudo iwlist $IFACE scan | grep -P "^\s*ESSID:\"SATS_.+\"\s*$" | sed 's/^[ \t]*ESSID:"SATS_//' | sed 's/"[ \t]*$//' | head -n 1`; # (4) Manage no AP found # @@ -34,26 +39,14 @@ slog " > got 'SATS_$AP_HASH'"; # [2] Calculate WIFI PASS from SSID hash #========================================================# -slog "(3) Processing WPA2 passphrase" +slog " * 3. Processing WPA2 passphrase" PASS=`echo -ne "$HPEPPER$(echo -ne "${HSALT}${AP_HASH}" | sha512sum | sed 's/[ \t]*-$//')" | sha512sum | sed 's/[ \t]*-//' | cut -b 1-63`; slog " > done"; -# [3] Update 'wpa_supplicant.conf' +# [3] Update 'wpa_supplicant' configuration #========================================================# - -# (1) Update SSID # -sudo cat /etc/wpa_supplicant/wpa_supplicant.conf | sed "s/^[ \t]*ssid=.*$/\tssid=\"SATS_$AP_HASH\"/" | sudo tee /etc/wpa_supplicant/wpa_supplicant.tmp; - -# (2) Update PASS # -sudo cat /etc/wpa_supplicant/wpa_supplicant.tmp | sed "s/^[ \t]*psk=.*$/\tpsk=\"$PASS\"/" | sudo tee /etc/wpa_supplicant/wpa_supplicant.conf; - -# (3) Remove tmp file # -sudo rm /etc/wpa_supplicant/wpa_supplicant.tmp; +echo -e "network={\n\tssid=\"SATS_$AP_HASH\"/\n\tpsk=\"$PASS\"\n}" | sudo tee /etc/wpa_supplicant/$IFACE.conf; -slog "(4) Trying to connect"; -sudo wpa_supplicant -B -Dwext -i$IFACE -c/etc/wpa_supplicant/wpa_supplicant.conf; -sudo dhclient $IFACE; - -slog "<<< Done"; +slog "<<< Done\n";