From 922067213b59ef05204931c0d3177e452ea6cddf Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 7 Jan 2006 15:22:16 +0000
Subject: Support variable namespace instead of fixed "noreply2"

git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@44 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
---
 Generate | 63 ++++++++++++++++++++++++++++++++-------------------------------
 Push     | 15 ++++++++-------
 2 files changed, 40 insertions(+), 38 deletions(-)

diff --git a/Generate b/Generate
index fefce8e..bcc0af9 100755
--- a/Generate
+++ b/Generate
@@ -166,6 +166,7 @@ echo 0 > /proc/sys/net/ipv4/conf/$TUN_DEV/rp_filter
 ######################################################################################
 
 $config = YAML::load( File.open( 'Hosts' ) )
+$NAMESPACE=$config['namespace']
 
 def sys(command)
 	system(command) or throw "Command '#{command}' failed"
@@ -302,52 +303,52 @@ hostlist.each{ |host|
 
 	check_keys host
 	cn = host['name'] +'.'+ $config['cadndomain']
-	dir = "noreply2-#{host['name']}"
+	dir = "#{$NAMESPACE}-#{host['name']}"
 	Dir.mkdir(dir) unless FileTest.directory?(dir)
 
-	sys("rm -f #{dir}/noreply2-#{cn}.p12")
-	sys("rm -f #{dir}/noreply2-#{cn}.crt")
-	sys("rm -f #{dir}/noreply2-#{cn}.key")
-	sys("rm -f #{dir}/noreply2-CA.crt")
+	sys("rm -f #{dir}/#{$NAMESPACE}-#{cn}.p12")
+	sys("rm -f #{dir}/#{$NAMESPACE}-#{cn}.crt")
+	sys("rm -f #{dir}/#{$NAMESPACE}-#{cn}.key")
+	sys("rm -f #{dir}/#{$NAMESPACE}-CA.crt")
 	if host['pkcs12']
-		sys("ln CA/keys/#{cn}.p12 #{dir}/noreply2-#{cn}.p12")
+		sys("ln CA/keys/#{cn}.p12 #{dir}/#{$NAMESPACE}-#{cn}.p12")
 	else
-		sys("ln CA/keys/#{cn}.crt #{dir}/noreply2-#{cn}.crt")
-		sys("ln CA/keys/#{cn}.key #{dir}/noreply2-#{cn}.key")
-		sys("ln CA/keys/ca.crt #{dir}/noreply2-CA.crt")
+		sys("ln CA/keys/#{cn}.crt #{dir}/#{$NAMESPACE}-#{cn}.crt")
+		sys("ln CA/keys/#{cn}.key #{dir}/#{$NAMESPACE}-#{cn}.key")
+		sys("ln CA/keys/ca.crt #{dir}/#{$NAMESPACE}-CA.crt")
 	end
-	sys("rm -f #{dir}/noreply2.dh2048.pem && ln CA/keys/dh2048.pem #{dir}/noreply2.dh2048.pem")
+	sys("rm -f #{dir}/#{$NAMESPACE}.dh2048.pem && ln CA/keys/dh2048.pem #{dir}/#{$NAMESPACE}.dh2048.pem")
 
 
-	iptables = File.new("#{dir}/noreply2.iptables.sh", "w")
-	ip6tables = File.new("#{dir}/noreply2.ip6tables.sh", "w")
+	iptables = File.new("#{dir}/#{$NAMESPACE}.iptables.sh", "w")
+	ip6tables = File.new("#{dir}/#{$NAMESPACE}.ip6tables.sh", "w")
 	iptables.puts "# Automatically created on #{THISHOST} at #{RIGHTNOW} by #{THISPROGRAM}."
 	iptables.puts "PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin"
-	iptables.puts "echo 'Doing noreply2 VPN rules.'"
-	iptables.puts "iptables --new-chain vpn-noreply2"
-	iptables.puts "iptables --flush vpn-noreply2"
+	iptables.puts "echo 'Doing #{$NAMESPACE} VPN rules.'"
+	iptables.puts "iptables --new-chain vpn-#{$NAMESPACE}"
+	iptables.puts "iptables --flush vpn-#{$NAMESPACE}"
 
 	ip6tables.puts "# Automatically created on #{THISHOST} at #{RIGHTNOW} by #{THISPROGRAM}."
 	ip6tables.puts "PATH=/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin"
-	ip6tables.puts "echo 'Doing noreply2 VPN rules.'"
+	ip6tables.puts "echo 'Doing #{$NAMESPACE} VPN rules.'"
 	if host['ipv6']
-		ip6tables.puts "ip6tables --new-chain vpn-noreply2"
-		ip6tables.puts "ip6tables --flush vpn-noreply2"
+		ip6tables.puts "ip6tables --new-chain vpn-#{$NAMESPACE}"
+		ip6tables.puts "ip6tables --flush vpn-#{$NAMESPACE}"
 	end
 
-	daemonsfilename = "#{dir}/noreply2.quagga.daemons"
+	daemonsfilename = "#{dir}/#{$NAMESPACE}.quagga.daemons"
 	daemons = File.new(daemonsfilename, "w")
 	daemons.puts QUAGGA_DAEMONS.gsub('HOSTNAME', host['name'])
 	daemons.close
 
-	zebrafilename = "#{dir}/noreply2.quagga.zebra"
+	zebrafilename = "#{dir}/#{$NAMESPACE}.quagga.zebra"
 	zebra = File.new(zebrafilename, "w")
 	zebra.puts QUAGGA_ZEBRA.gsub('HOSTNAME', host['name'])
 	zebra.close
 	File.chmod(0600, zebrafilename) == 1 or throw "Cannot chmod #{zebrafilename}"
 
 	# BGP config
-	bgpdfilename = "#{dir}/noreply2.quagga.bgpd"
+	bgpdfilename = "#{dir}/#{$NAMESPACE}.quagga.bgpd"
 	bgpd = File.new(bgpdfilename, "w")
 	bgpd.puts QUAGGA_BGPD_HEAD.gsub('HOSTNAME', host['name'])
 	bgpd.puts QUAGGA_BGPD_DEFAULT_PREFIX_LIST_PERMIT.gsub('LISTNAME', 'VPNn2')
@@ -560,10 +561,10 @@ hostlist.each{ |host|
 		throw "peer is server but doesn't have an address" if !host_is_server and peer['host_address'] == nil
 
 
-		upscriptnamebase = 'noreply2-%s.up'%[peer['name']]
+		upscriptnamebase = "#{$NAMESPACE}-#{peer['name']}.up"
 		upscriptname = "#{dir}/"+upscriptnamebase
 
-		conffile = File.new("#{dir}/noreply2-%s.conf"%[peer['name']], "w")
+		conffile = File.new("#{dir}/#{$NAMESPACE}-%s.conf"%[peer['name']], "w")
 		conffile.puts "dev %s"%[peer['ifacename']]
 		conffile.puts "tun-ipv6" if host['ipv6'] and peer['ipv6']
 		#mtu = 1434
@@ -579,17 +580,17 @@ hostlist.each{ |host|
 		conffile.puts "local %s"%[host['host_address']] if host['host_address']
 		if host_is_server
 			conffile.puts "tls-server"
-			conffile.puts "dh noreply2.dh2048.pem"
+			conffile.puts "dh #{$NAMESPACE}.dh2048.pem"
 		else
 			conffile.puts "tls-client"
 		end
 		conffile.puts "tls-remote %s.%s"%[peer['name'], $config['cadndomain']]
 		if host['pkcs12']
-			conffile.puts "pkcs12 noreply2-%s.%s.p12"%[host['name'], $config['cadndomain']]
+			conffile.puts "pkcs12 #{$NAMESPACE}-%s.%s.p12"%[host['name'], $config['cadndomain']]
 		else
-			conffile.puts "ca   noreply2-CA.crt"
-			conffile.puts "cert noreply2-%s.%s.crt"%[host['name'], $config['cadndomain']]
-			conffile.puts "key  noreply2-%s.%s.key"%[host['name'], $config['cadndomain']]
+			conffile.puts "ca   #{$NAMESPACE}-CA.crt"
+			conffile.puts "cert #{$NAMESPACE}-%s.%s.crt"%[host['name'], $config['cadndomain']]
+			conffile.puts "key  #{$NAMESPACE}-%s.%s.key"%[host['name'], $config['cadndomain']]
 		end
 		conffile.puts "up /etc/openvpn/#{upscriptnamebase}"
 		conffile.puts "up-delay"
@@ -613,16 +614,16 @@ hostlist.each{ |host|
 		File.chmod(0755, upscriptname) == 1 or throw "Cannot chmod #{upscriptname}"
 
 		##########
-		iptables.puts "iptables --append vpn-noreply2 --source #{ peer['host_address'] || '0.0.0.0/0' } --destination #{ host['host_address'] || '0.0.0.0/0' } \\"
+		iptables.puts "iptables --append vpn-#{$NAMESPACE} --source #{ peer['host_address'] || '0.0.0.0/0' } --destination #{ host['host_address'] || '0.0.0.0/0' } \\"
 		iptables.puts "         --protocol udp                                      --destination-port #{ peer['inet_port'] } \\"
 		iptables.puts "         --jump ACCEPT"
 		
-		iptables.puts "iptables --append vpn-noreply2 --source #{ peer['vpn_address'] } --destination #{ host['vpn_address'] } \\"
+		iptables.puts "iptables --append vpn-#{$NAMESPACE} --source #{ peer['vpn_address'] } --destination #{ host['vpn_address'] } \\"
 		iptables.puts "         --protocol tcp --destination-port #{ host['bgp_port'] or 'bgp' } \\"
 		iptables.puts "         --in-interface #{ peer['ifacename'] } \\"
 		iptables.puts "         --jump ACCEPT"
 		if host['ipv6'] and peer['ipv6']
-			ip6tables.puts "ip6tables --append vpn-noreply2 \\"
+			ip6tables.puts "ip6tables --append vpn-#{$NAMESPACE} \\"
 			ip6tables.puts "         --source #{ host['link-local'][ peer['name'] ]['peer'] } \\"
 			ip6tables.puts "         --destination #{ host['link-local'][ peer['name'] ]['me'] } \\"
 			ip6tables.puts "         --protocol tcp --destination-port #{ host['bgp_port'] or 'bgp' } \\"
diff --git a/Push b/Push
index 9b9846f..63a743a 100755
--- a/Push
+++ b/Push
@@ -3,6 +3,7 @@
 require 'yaml';
 
 $config = YAML::load( File.open( 'Hosts' ) )
+$NAMESPACE=$config['namespace']
 
 def sys(command)
 	puts "} #{command}"
@@ -13,17 +14,17 @@ end
 def getFilesMD5(host, ssh_hostname)
 	cmd = ssh_hostname ?
 		"ssh root@#{ssh_hostname} /bin/ls -1 /etc/openvpn" :
-		"ls -1 noreply2-#{host}"
+		"ls -1 #{$NAMESPACE}-#{host}"
 	puts "| " + cmd
 	f = IO.popen( cmd, aModeString="r" );
-	files = f.readlines.delete_if{|e| not e =~ /^noreply2[.-]/ }.collect{|e| e.chomp}
+	files = f.readlines.delete_if{|e| not e =~ /^#{$NAMESPACE}[.-]/ }.collect{|e| e.chomp}
 	f.close
 
 	md5 = {}
 	if (files.length > 0)
 		cmd = ssh_hostname ?
 			"ssh root@#{ssh_hostname} 'cd /etc/openvpn && md5sum " + files.join(' ') + "'" :
-			"cd noreply2-#{host} && md5sum " + files.join(' ')
+			"cd #{$NAMESPACE}-#{host} && md5sum " + files.join(' ')
 		puts "| " + cmd
 		f = IO.popen( cmd, aModeString="r" );
 		f.each_line{ |l|
@@ -99,7 +100,7 @@ hosts.each{ |hostname|
 		end
 	}
 
-	dir = "noreply2-#{hostname}/"
+	dir = "#{$NAMESPACE}-#{hostname}/"
 	sys("scp "+copy.collect{|f| dir+f }.join(' ')+" root@#{ssh_hostname}:/etc/openvpn/") if copy.size > 0
 	commands = []
 	commands << "sh ./#{do_iptables} &&\n"                                if do_iptables
@@ -112,9 +113,9 @@ hosts.each{ |hostname|
 	command << "echo 'all done'"
 	sys("ssh root@#{ssh_hostname} '#{command}'") if commands.size > 0
 	if (do_quagga)
-		sys("ssh root@#{ssh_hostname} 'cp -a /etc/openvpn/noreply2.quagga.bgpd /etc/quagga/bgpd.conf &&
-		                               cp -a /etc/openvpn/noreply2.quagga.zebra /etc/quagga/zebra.conf &&
-		                               cp -a /etc/openvpn/noreply2.quagga.daemons /etc/quagga/daemons &&
+		sys("ssh root@#{ssh_hostname} 'cp -a /etc/openvpn/#{$NAMESPACE}.quagga.bgpd /etc/quagga/bgpd.conf &&
+		                               cp -a /etc/openvpn/#{$NAMESPACE}.quagga.zebra /etc/quagga/zebra.conf &&
+		                               cp -a /etc/openvpn/#{$NAMESPACE}.quagga.daemons /etc/quagga/daemons &&
 		                               chmod 640 /etc/quagga/bgpd.conf /etc/quagga/zebra.conf &&
 		                               chgrp quagga /etc/quagga/bgpd.conf /etc/quagga/zebra.conf &&
 		                               /etc/init.d/quagga restart'")
-- 
cgit v1.2.3