linse/boxtools
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

moved from centos 7 to debian-bookworm

Browse Source 
includes modifications in install.py and router.py
This commit is contained in:
l_samenv
2024-03-05 08:03:00 +01:00
parent 8680e5b2a9
commit e4e37eb049
17 changed files with 110 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -1,14 +1,14 @@
# APU server # Linux Box installtion tools
The APU is a Linux box to be used as a control box at LIN sample environment The APU is a Linux box to be used as a control box at LIN sample environment
`servercfg/` contains the configuration files for all boxes `cfg/` contains the configuration files for all boxes
`to_system/` contains the files to be installed in the system `to_system/` contains the files to be installed in the system
## config files ## config files
filename: servercfg/(hostname)_(hexdigits).cfg filename: cfg/(hostname)_(hexdigits).cfg
* (hostname) the hostname to be given on startup * (hostname) the hostname to be given on startup
* (hexdigits) the last six digits of the ethernet adress of the first interface on the APU (leftmost plug) * (hexdigits) the last six digits of the ethernet adress of the first interface on the APU (leftmost plug)
@ -96,7 +96,7 @@ If you do not have one, you may create it from another box
log in as root/FrappyLinse to an apu box log in as root/FrappyLinse to an apu box
``` ```
apu> cd aputools apu> cd boxtools
apu> bash mkusb.sh apu> bash mkusb.sh
``` ```
You are asked to give the device name from a list (typically sdb) You are asked to give the device name from a list (typically sdb)
@ -150,7 +150,7 @@ which image?
login with root/FrappyLinse login with root/FrappyLinse
``` ```
> cd aputools > cd boxtools
> git pull > git pull
> python3 install.py > python3 install.py
... ...

0
servercfg/dilsc_5a58e4.cfg → cfg/dilsc_5a58e4.cfg
View File

0
servercfg/flame-mag_591fac.cfg → cfg/flame-mag_591fac.cfg
View File

0
servercfg/ir-dil_60f0e8.cfg → cfg/ir-dil_60f0e8.cfg
View File

11
cfg/linse-apu7_5fb688.cfg Normal file
View File

@ -0,0 +1,11 @@
[NETWORK]
; please refer to README.md for help
enp1s0=wan,192.168.1.0/24
enp2s0=192.168.2.2
enp3s0=192.168.3.3
enp4s0=192.168.127.254
[ROUTER]
; please refer to README.md for help
3001=192.168.127.254:3001
8080=192.168.127.254:80

0
servercfg/linse-box1_5b265c.cfg → cfg/linse-box1_5b265c.cfg
View File

0
servercfg/linse-dil5_5a4c90.cfg → cfg/linse-dil5_5a4c90.cfg
View File

0
servercfg/linse-uniax_5920a8.cfg → cfg/linse-uniax_5920a8.cfg
View File

0
servercfg/linseapu6_5fa5cc.cfg → cfg/linseapu6_5fa5cc.cfg
View File

2
display.py
View File

@ -7,7 +7,7 @@ import threading
# display tty device # display tty device
tty = '/dev/ttyS1' tty = '/dev/ttyS1'
STARTUP_TEXT = '/root/aputools/startup_display.txt' STARTUP_TEXT = '/home/l_samenv/installtools/startup_display.txt'
ESC = 0x1b ESC = 0x1b
ESCESC = bytes((ESC, ESC)) ESCESC = bytes((ESC, ESC))

78
install.py
View File

@ -2,7 +2,7 @@
"""install.py """install.py
- copy files from to_system into system directories - copy files from to_system into system directories
- set host name / network settings from aputools/servercfg file - set host name / network settings from boxtools/cfg file
""" """
if bytes == str: if bytes == str:
@ -21,12 +21,17 @@ from ipaddress import IPv4Interface
from configparser import ConfigParser from configparser import ConfigParser
from os.path import join, getmtime, exists, basename from os.path import join, getmtime, exists, basename
if os.geteuid() != 0:
exit("You need to have root privileges to run this script.\nPlease try again, this time using 'sudo'. Exiting.")
TOOLS = '/home/l_samenv/boxtools'
more_info = False more_info = False
os.chdir('/root/aputools/to_system') os.chdir(f'{TOOLS}/to_system')
DEL = '__to_delete__' DEL = '__to_delete__'
CFGPATH = '/root/aputools/servercfg/%s_%6.6x.cfg' CFGPATH = f'{TOOLS}/cfg/%s_%6.6x.cfg'
STARTUP_TEXT = '/root/aputools/startup_display.txt' STARTUP_TEXT = f'{TOOLS}/startup_display.txt'
COMMENT = "; please refer to README.md for help" COMMENT = "; please refer to README.md for help"
@ -62,12 +67,12 @@ max-lease-time 7200;
authoritative; authoritative;
""" """
ROUTER_TEMPLATE = """[Unit] ROUTER_TEMPLATE = f"""[Unit]
Description = Routing to locally connected hardware Description = Routing to locally connected hardware
After = network.target After = network.target
[Service] [Service]
ExecStart = /usr/bin/python3 /root/aputools/router.py ExecStart = /usr/bin/python3 {TOOLS}/router.py
[Install] [Install]
WantedBy = multi-user.target WantedBy = multi-user.target
@ -79,19 +84,19 @@ After = network.target
[Service] [Service]
User = l_samenv User = l_samenv
ExecStart = /usr/bin/python3 /home/l_samenv/frappy/bin/secop-server %s ExecStart = /usr/bin/python3 /home/l_samenv/frappy/bin/frappy-server %s
[Install] [Install]
WantedBy = multi-user.target WantedBy = multi-user.target
""" """
DISPLAY_TEMPLATE = """[Unit] DISPLAY_TEMPLATE = f"""[Unit]
Description = status display Description = status display
After = network.target After = network.target
[Service] [Service]
User = root User = root
ExecStart = /usr/bin/python3 /root/aputools/display.py -d ExecStart = /usr/bin/python3 {TOOLS}/display.py -d
[Install] [Install]
WantedBy = multi-user.target WantedBy = multi-user.target
@ -105,8 +110,8 @@ ifname_mapping = {
} }
pip_requirements = { pip_requirements = {
'root': {},
'l_samenv': {}, 'l_samenv': {},
'root': {}
} }
@ -115,7 +120,6 @@ dhcp_server_cfg = [] # configuration for dhcp
main_info = { # info to be determined depending on cfg main_info = { # info to be determined depending on cfg
'ifname': '', # name of interface of wan (dhcp) port 'ifname': '', # name of interface of wan (dhcp) port
'addr': '', # addr of wan port 'addr': '', # addr of wan port
'current': None,
'hostname': socket.gethostname() # effective or given host name 'hostname': socket.gethostname() # effective or given host name
} }
@ -145,8 +149,8 @@ def router(**opts):
if not opts: if not opts:
return None return None
try: try:
with open('/root/aputools/requirements.txt') as f: with open(f'{TOOLS}/requirements.txt') as f:
pip_requirements['root']['aputools'] = f.read() pip_requirements['root']['tools'] = f.read()
except FileNotFoundError: except FileNotFoundError:
pass pass
return ROUTER_TEMPLATE return ROUTER_TEMPLATE
@ -225,7 +229,7 @@ def write_when_new(filename, content, ignore_reduction=False):
old_set = set(v for v in (old or '').split('\n') if not v.startswith('#')) old_set = set(v for v in (old or '').split('\n') if not v.startswith('#'))
content_set -= old_set content_set -= old_set
if content_set: if content_set:
print('missing packages: %s' % (', '.join(content_set - old_set))) print(f"missing in {filename}: {(', '.join(content_set - old_set))}")
else: else:
return False return False
if doit: if doit:
@ -264,24 +268,13 @@ def write_when_new(filename, content, ignore_reduction=False):
def create_if(name, cfg): def create_if(name, cfg):
result = dict(
TYPE='Ethernet',
NAME=name,
DEVICE=name,
BOOTPROTO='none',
ONBOOT='yes',
PROXY_METHOD='none',
BROWSER_ONLY='no',
IPV4_FAILURE_FATAL='yes',
IPV6INIT='no')
if cfg == 'off': if cfg == 'off':
result['ONBOOT'] = 'no' result = None
elif cfg.startswith('wan') or cfg == 'dhcp': elif cfg.startswith('wan') or cfg == 'dhcp':
if main_info.get('mainif', name) != name: if main_info.get('mainif', name) != name:
raise ValueError('can not have more than one WAN/DHCP port') raise ValueError('can not have more than one WAN/DHCP port')
main_info['mainif'] = name main_info['mainif'] = name
main_info['addr'] = net_addr[name] main_info['addr'] = net_addr[name]
result['BOOTPROTO'] = 'dhcp'
# default: all <= 192.0.0.0 # default: all <= 192.0.0.0
# others have to be added explicitly # others have to be added explicitly
dhcp_server_cfg.append(('0.0.0.0/128.0.0.0', [])) dhcp_server_cfg.append(('0.0.0.0/128.0.0.0', []))
@ -289,6 +282,7 @@ def create_if(name, cfg):
for nw in cfg.split(',')[1:]: for nw in cfg.split(',')[1:]:
nw = IPv4Interface(nw).network nw = IPv4Interface(nw).network
dhcp_server_cfg.append((nw.with_netmask, [])) dhcp_server_cfg.append((nw.with_netmask, []))
result = f"allow-hotplug {name}\niface {name} inet dhcp"
else: else:
cfgip = IPv4Interface(cfg) cfgip = IPv4Interface(cfg)
network = cfgip.network network = cfgip.network
@ -300,12 +294,12 @@ def create_if(name, cfg):
else: else:
cfgip = network.network_address + 1 cfgip = network.network_address + 1
dhcp_server_cfg.append((network.with_netmask, [(str(otherip.ip), str(otherip.ip))])) dhcp_server_cfg.append((network.with_netmask, [(str(otherip.ip), str(otherip.ip))]))
result['IPADDR'] = str(cfgip) addr = str(cfgip)
else: # subnet with multiple adresses -> static adresses only. dhcp range not yet implemented else: # subnet with multiple adresses -> static adresses only. dhcp range not yet implemented
result['IPADDR'] = str(cfgip.ip) addr = str(cfgip.ip)
result['NETMASK'] = network.netmask # result['NETMASK'] = network.netmask
result['PREFIX'] = str(network.prefixlen) result = f"allow-hotplug {name}\niface {name} inet static\n address {addr}/{network.prefixlen}"
return result return result + '\n'
def walk(action): def walk(action):
@ -416,12 +410,12 @@ def handle_config():
display_available = disp.read(8)[0:4] == b'\x1b\x1b\x05\xf3' display_available = disp.read(8)[0:4] == b'\x1b\x1b\x05\xf3'
if display_available: if display_available:
# leftmost interface labelled 'eth0' # leftmost interface labelled 'eth0'
main['mainif'] = sorted_if[0] # main_info['mainif'] = sorted_if[0]
typ = 'controlbox' typ = 'controlbox'
template = CONTROLBOX_TEMPLATE template = CONTROLBOX_TEMPLATE
else: else:
# rightmost interface # rightmost interface
main['mainif'] = sorted_if[-1] # main_info['mainif'] = sorted_if[-1]
typ = 'bare apu' typ = 'bare apu'
template = CONFIG_TEMPLATE template = CONFIG_TEMPLATE
print('no cfg file found for this', typ, f'with id {apuid:%6.6x} (hostname={hostname})') print('no cfg file found for this', typ, f'with id {apuid:%6.6x} (hostname={hostname})')
@ -443,7 +437,7 @@ def handle_config():
os.system('sh sethostname.sh') os.system('sh sethostname.sh')
else: else:
if cfgfile: if cfgfile:
print('replace host name %r by %r' % (hostname, newhostname)) print('replace host name %r by %r' % (main_info['hostname'], newhostname))
show.dirty = True show.dirty = True
main_info['hostname'] = newhostname main_info['hostname'] = newhostname
if cfgfile is None: if cfgfile is None:
@ -456,8 +450,8 @@ def handle_config():
network = {ifname_mapping.get(k, k): v for k, v in parser['NETWORK'].items()} network = {ifname_mapping.get(k, k): v for k, v in parser['NETWORK'].items()}
for ifname in net_addr: for ifname in net_addr:
content = create_if(ifname, network.pop(ifname, 'off')) content = create_if(ifname, network.pop(ifname, 'off'))
content = '\n'.join('%s=%s' % kv for kv in content.items()) # content = '\n'.join('%s=%s' % kv for kv in content.items())
todo = write_when_new('/etc/sysconfig/network-scripts/ifcfg-%s' % ifname, content) todo = write_when_new(f'/etc/network/interfaces.d/{ifname}', content)
if todo and not more_info: if todo and not more_info:
print('change', ifname) print('change', ifname)
show.dirty = True show.dirty = True
@ -479,11 +473,11 @@ def handle_config():
todo = write_when_new('/etc/dhcp/dhcpd.conf', content) todo = write_when_new('/etc/dhcp/dhcpd.conf', content)
if todo: if todo:
print('change dhcpd.conf') print('change dhcpd.conf')
to_start['dhcpd'] = 'restart' to_start['isc-dhcp-server'] = 'restart'
show.dirty = True show.dirty = True
elif doit: elif doit:
unix_cmd('systemctl stop dhcpd') unix_cmd('systemctl stop isc-dhcp-server')
unix_cmd('systemctl disable dhcpd') unix_cmd('systemctl disable isc-dhcp-server')
content = [] content = []
dirty = False dirty = False
for section in parser.sections(): for section in parser.sections():
@ -502,7 +496,7 @@ def handle_config():
with open(cfgfile, 'w') as f: with open(cfgfile, 'w') as f:
f.write('\n'.join(content)) f.write('\n'.join(content))
except Exception as e: except Exception as e:
print('ERROR: can not handle %s %s: %r' % (hostname, ifname, e)) print('ERROR: can not handle %s %s: %r' % (main_info['hostname'], ifname, e))
raise raise
return False return False
@ -546,6 +540,8 @@ def handle_config():
show.dirty = True show.dirty = True
if action == 'if_restart': if action == 'if_restart':
unix_cmd('ifdown %s' % service) unix_cmd('ifdown %s' % service)
for service, action in to_start.items():
if action == 'if_restart':
unix_cmd('ifup %s' % service) unix_cmd('ifup %s' % service)
else: else:
if action == 'restart': if action == 'restart':
@ -579,7 +575,7 @@ else:
doit = True doit = True
handle_config() handle_config()
walk(Do()) walk(Do())
with open('/root/aputools/current', 'w') as f: with open(f'{TOOLS}/current', 'w') as f:
f.write(result) f.write(result)
elif 'more'.startswith(answer.lower()): elif 'more'.startswith(answer.lower()):
more_info = True more_info = True

2
mkusb.sh Normal file → Executable file
View File

@ -1,3 +1,5 @@
#!/bin/bash
# create an USB stick with TinyLinux on it
# name of the USB stick to be created # name of the USB stick to be created
NAME=BOOT_TINY NAME=BOOT_TINY

47
router.py
View File

@ -11,6 +11,7 @@ from serial import serial_for_url
from subprocess import Popen, PIPE, check_output, call, DEVNULL from subprocess import Popen, PIPE, check_output, call, DEVNULL
from configparser import ConfigParser from configparser import ConfigParser
FIREWALL_CONF = '/etc/nftables.conf'
class Log: class Log:
DEBUG = 0 DEBUG = 0
@ -187,7 +188,7 @@ class Router(IoHandler):
pass pass
except Exception as e: except Exception as e:
msg = f'error in reply: {e!r}' msg = f'error in reply: {e!r}'
service.failures[service.port] = msg self.service.failures[self.service.port] = msg
self.close() self.close()
def close(self): def close(self):
@ -330,7 +331,7 @@ class InfoHandler(IoHandler):
class Service: class Service:
"""service handler """service handler
:param: port offered port for routing :param: port offered port for routing
:param: addr where to route (or None for InfoHandler) :param: addr where to route (or None for InfoHandler)
:param: iocls the io handler class, currently TcpHandler, SerialHandler, InfoHandler :param: iocls the io handler class, currently TcpHandler, SerialHandler, InfoHandler
@ -344,6 +345,7 @@ class Service:
pending_connects = {} pending_connects = {}
routes = {} routes = {}
failures = {} failures = {}
firewall_ports = set()
tmo = 5 tmo = 5
def __init__(self, port, addr, iocls, maxcount=None, handler_args=()): def __init__(self, port, addr, iocls, maxcount=None, handler_args=()):
@ -358,6 +360,7 @@ class Service:
self.handler_args = handler_args self.handler_args = handler_args
self.readers[s.fileno()] = self.accept self.readers[s.fileno()] = self.accept
self.port = port self.port = port
self.firewall_ports.add(port)
if addr: if addr:
self.routes[port] = self # not for InfoHandler self.routes[port] = self # not for InfoHandler
if maxcount is None: if maxcount is None:
@ -399,23 +402,38 @@ class Service:
self.handlers[handler.fno] = handler self.handlers[handler.fno] = handler
@classmethod @classmethod
def run(cls, routes, restrict=None): def change_firewall(cls):
if restrict is not None: pattern = re.compile('(tcp dport ({.*}) ct state new accept)', re.MULTILINE | re.DOTALL)
lines = BASIC % dict(accept='DROP' if restrict else 'ACCEPT')
unix_cmd('iptables -F')
for line in lines.split('\n'):
if line.strip():
unix_cmd(line)
if restrict:
unix_cmd(FILTER % 22)
with open(FIREWALL_CONF) as f:
content = f.read()
try:
((prevline, prevports),) = pattern.findall(content)
except TypeError:
raise ValueError(f'{FIREWALL_CONF} does not contain expected pattern for open ports')
# parse previous port set
prevportset = {int(p) for p in prevports[1:-1].split(',')}
# keep port numbers below 1024
ports = {p for p in prevportset if p < 1024} | set(cls.firewall_ports)
line = prevline.replace(prevports, '{ %s }' % ', '.join((str(p) for p in sorted(ports))))
if prevportset != ports:
if os.geteuid() == 0:
with open('f{FIREWALL_CONF}.tmp', 'w') as f:
f.write(content.replace(prevline, line))
os.rename('f{FIREWALL_CONF}.tmp', FIREWALL_CONF)
unix_cmd('systemctl enable --now nftables')
else:
print('need sudo rights to modify firewall')
@classmethod
def run(cls, routes):
Service(1110, None, InfoHandler, 5, handler_args=(log.DEBUG,)) Service(1110, None, InfoHandler, 5, handler_args=(log.DEBUG,))
Service(1111, None, InfoHandler, 5, handler_args=(log.INFO,)) Service(1111, None, InfoHandler, 5, handler_args=(log.INFO,))
Service(1112, None, InfoHandler, 5, handler_args=(log.WARN,)) Service(1112, None, InfoHandler, 5, handler_args=(log.WARN,))
for port, dest in routes.items(): for port, dest in routes.items():
port = int(port) port = int(port)
if restrict:
unix_cmd(FILTER % port)
if '/' in dest: if '/' in dest:
Service(port, dest, SerialHandler) Service(port, dest, SerialHandler)
else: else:
@ -425,6 +443,7 @@ class Service:
else: else:
remoteport = port remoteport = port
Service(port, (host, remoteport), TcpHandler) Service(port, (host, remoteport), TcpHandler)
cls.change_firewall()
while True: while True:
try: try:
# log.debug('select %r', list(cls.readers)) # log.debug('select %r', list(cls.readers))
@ -458,7 +477,7 @@ class Service:
if __name__ == '__main__': if __name__ == '__main__':
parser = ConfigParser() parser = ConfigParser()
cfgfiles = glob('/root/aputools/servercfg/%s_*.cfg' % socket.gethostname()) cfgfiles = glob('/home/l_samenv/boxtools/cfg/%s_*.cfg' % socket.gethostname())
if len(cfgfiles) != 1: if len(cfgfiles) != 1:
raise ValueError('there must be one and only one single cfgfile %r' % cfgfiles) raise ValueError('there must be one and only one single cfgfile %r' % cfgfiles)
parser.read(cfgfiles[0]) parser.read(cfgfiles[0])

2
sethostname.sh
View File

@ -1,7 +1,7 @@
ETHNAME=$(cat /sys/class/net/enp1s0/address) ETHNAME=$(cat /sys/class/net/enp1s0/address)
ETHNAME=${ETHNAME//:/} ETHNAME=${ETHNAME//:/}
APUID=${ETHNAME: -6} APUID=${ETHNAME: -6}
FOUND="$(shopt -s nullglob; echo /root/aputools/servercfg/*_$APUID.cfg)" FOUND="$(shopt -s nullglob; echo /home/l_samenv/boxtools/cfg/*_$APUID.cfg)"
if [ -z "$FOUND" ]; then if [ -z "$FOUND" ]; then
HOSTNAME=apu$APUID HOSTNAME=apu$APUID
else else

18
to_system/etc/default/isc-dhcp-server Normal file
View File

@ -0,0 +1,18 @@
# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
#DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
#DHCPDv4_PID=/var/run/dhcpd.pid
#DHCPDv6_PID=/var/run/dhcpd6.pid
# Additional options to start dhcpd with.
# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="enp2s0 enp3s0 enp4s0"
INTERFACESv6=""

2
to_system/etc/profile.d/welcome.sh
View File

@ -7,6 +7,6 @@ function service_status () {
echo ${name} $(systemctl is-active ${name}) $enabled; \ echo ${name} $(systemctl is-active ${name}) $enabled; \
done | column -t | grep --color=always '\(disabled\|inactive\|$\)' | nl -bn done | column -t | grep --color=always '\(disabled\|inactive\|$\)' | nl -bn
} }
alias current='cat /root/aputools/current' alias current='cat /home/l_samenv/boxtools/current'
service_status router frappy display service_status router frappy display
echo "> current # show currently installed state" echo "> current # show currently installed state"

2
to_system/etc/systemd/system/sethostname.service
View File

@ -5,7 +5,7 @@ Before=network.pre-target
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart = /usr/bin/bash /root/aputools/sethostname.sh ExecStart = /usr/bin/bash /home/l_samenv/boxtools/sethostname.sh
RemainAfterExit=yes RemainAfterExit=yes
[Install] [Install]