From 08753920987214a8aa2fa88256889b4fe1cac8cd Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Mon, 12 Oct 2020 18:53:48 +0200
Subject: [PATCH] +mod

Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org>
---
 alpine-rebuild-initramfs.sh | 87 ++++++++++++++++++++++---------------
 mikrotik-update.sh          | 13 +++++-
 openwrt-add-letsencrypt.sh  |  0
 openwrt-add-lte.sh          |  0
 openwrt-motion-config.sh    |  0
 5 files changed, 64 insertions(+), 36 deletions(-)
 mode change 100644 => 100755 openwrt-add-letsencrypt.sh
 mode change 100644 => 100755 openwrt-add-lte.sh
 mode change 100644 => 100755 openwrt-motion-config.sh

diff --git a/alpine-rebuild-initramfs.sh b/alpine-rebuild-initramfs.sh
index b56454b..8913924 100755
--- a/alpine-rebuild-initramfs.sh
+++ b/alpine-rebuild-initramfs.sh
@@ -1,90 +1,107 @@
 #!/bin/sh
 
+if [ $# -ne 1 ]; then
+    echo "$0 ssh-keyfile"
+    echo "   ssh-keyfile: ssh keys to add into the image"
+    exit 1
+fi
+
 set -e
 set -x
 
-MAJOR_VERSION=3.11
-MINOR_VERSION=2
+SSH_KEYS=$1; shift
+
+MAJOR_VERSION=3.12
+MINOR_VERSION=0
 IMAGE=alpine-minirootfs-$MAJOR_VERSION.$MINOR_VERSION-x86_64.tar.gz
-SSH_KEYS=$(cat ~/.ssh/id_rsa.pub)
+
 RESOLVCONF=/etc/resolv.conf
 
 working_directory=$(pwd -P)
 rootfs_tmpdir=$(mktemp -d)
+rootfs_tmpdir=alpine_${MAJOR_VERSION}-${MINOR_VERSION}-rootfs
+
+mkdir -p ${rootfs_tmpdir}
+
 rootfs_url="http://dl-cdn.alpinelinux.org/alpine/v$MAJOR_VERSION/releases/x86_64/$IMAGE"
 
 run_root () {
-    chroot $rootfs_tmpdir /usr/bin/env \
+    sudo chroot $rootfs_tmpdir /usr/bin/env \
         PATH=/bin:/sbin \
         /bin/sh -c "$*"
 }
 
-if [ "$(whoami)" != 'root' ]; then
-    echo "This script must be run as root." >&2
-    exit 1
-fi
+wget -c "$rootfs_url" -O "$working_directory/$IMAGE"
 
-# Download, extract inital rootfs.
-curl "$rootfs_url" -o "$working_directory/$IMAGE"
-tar xf $IMAGE -C $rootfs_tmpdir
+# keep right permissions, use sudo
+sudo tar xf $IMAGE -C $rootfs_tmpdir
 
 # Add SSH keys
 run_root mkdir -p root/.ssh
-echo $SSH_KEYS > $rootfs_tmpdir/root/.ssh/authorized_keys
+sudo cp $SSH_KEYS $rootfs_tmpdir/root/.ssh/authorized_keys
+run_root chown root:root root/.ssh/authorized_keys
 run_root chmod 0600 root/.ssh/authorized_keys
 run_root chmod 0700 root/.ssh
 
 # Import local resolv.conf.
-cat "$RESOLVCONF" > $rootfs_tmpdir/etc/resolv.conf
+sudo cp "$RESOLVCONF" $rootfs_tmpdir/etc/resolv.conf
 
 # Make sure init is found by the kernel.
-run_root ln -s /sbin/init /init
+#run_root ln -sf /sbin/init /init
+
+
+# Layer atop base rootfs.
+run_root apk update
+run_root apk upgrade
+run_root apk add openssh linux-lts openrc udev ndisc6
+
+run_root rc-update add udev
+run_root rc-update add udev-trigger
+run_root rc-update add sshd
+run_root rc-update add networking
+run_root rc-update add hostname
+run_root rc-update add rdnssd
+
+# Generate iniramfs image
+(cd $rootfs_tmpdir; sudo find . | sudo cpio -H newc -o | gzip -9 > "$working_directory/alpine-initramfs.gz")
+cp "$rootfs_tmpdir/boot/vmlinuz-lts" "$working_directory/alpine-kernel"
+
 
 # Servers have static addresses, disable the standard
 # alpine setting of using tempaddr = 2
-cat > "$rootfs_tmpdir/etc/sysctl.d/99-ipv6.conf" <<EOF
+sudo tee "$rootfs_tmpdir/etc/sysctl.d/99-ipv6.conf" <<EOF
 net.ipv6.conf.default.use_tempaddr = 0
 net.ipv6.conf.all.use_tempaddr = 0
 
 net.ipv6.conf.all.accept_ra = 1
 EOF
 
-cat > "$rootfs_tmpdir/etc/network/interfaces" <<EOF
+sudo tee "$rootfs_tmpdir/etc/network/interfaces" <<EOF
 auto lo
 iface lo inet loopback
 
 auto eth0
 iface eth0 inet6 manual
     pre-up ip link set eth0 up
+    post-up sleep 10
     post-up ip addr show dev eth0 | grep inet6 >> /etc/issue
-    post-up echo post post up >> /etc/issue
 EOF
 
-cat > "$rootfs_tmpdir/etc/hostname" <<EOF
+sudo tee "$rootfs_tmpdir/etc/hostname" <<EOF
 alpine-unconfigured
 EOF
 
-echo ipv6 >> "$rootfs_tmpdir/etc/modules"
+echo ipv6 | sudo tee -a "$rootfs_tmpdir/etc/modules"
+
+
+# Upload to netboot server. - needs to be done outside sudo
+echo "Use alpine-initramfs.gz alpine-kernel from $working_directory"!
+
+exit 0
 
-# Layer atop base rootfs.
-run_root apk update
-run_root apk upgrade
-run_root apk add openssh linux-vanilla openrc udev
-run_root rc-update add udev
-run_root rc-update add udev-trigger
-run_root rc-update add sshd
-run_root rc-update add networking
-run_root rc-update add hostname
 
 # FIXME: add / install rdnssd / ndisc6 / start it on boot
 # ndisc6 is only @testing
 
-# Generate iniramfs image
-(cd $rootfs_tmpdir; find . | cpio -H newc -o | gzip -9 > "$working_directory/alpine-initramfs.gz")
-cp "$rootfs_tmpdir/boot/vmlinuz-vanilla" "$working_directory/alpine-kernel"
-
 # Cleanup.
 #rm -r "$rootfs_tmpdir"
-
-# Upload to netboot server. - needs to be done outside sudo
-echo "Use alpine-initramfs.gz alpine-kernel from $working_directory"!
diff --git a/mikrotik-update.sh b/mikrotik-update.sh
index 027bdba..1b4d252 100755
--- a/mikrotik-update.sh
+++ b/mikrotik-update.sh
@@ -2,6 +2,8 @@
 # Nico Schottelius, 2019-12-02
 # Update mikrotik routers to the latest package
 
+set -e
+
 if [ $# -lt 2 ]; then
     echo "$0 <version> <arch> router [router...]"
     cat <<EOF
@@ -31,11 +33,20 @@ unzip "${file}"
 
 pkg_list="dhcp ipv6 lcd lte multicast ppp routing security system user-manager wireless"
 
+
 while [ $# -ge 1 ]; do
     target=$1; shift
+
+    # Escape literal IPv6 addresses
+    if echo $target | grep ':'; then
+        target_scp="[$target]"
+    else
+        target_scp="$target"
+    fi
+
     echo "Updating ${target}"
     for pkg in $pkg_list; do
-        scp ${pkg}-${version}-${arch}.npk "admin@${target}:"
+        scp ${pkg}-${version}-${arch}.npk "admin@${target_scp}:"
     done
     ssh admin@${target} "/system reboot"
 done
diff --git a/openwrt-add-letsencrypt.sh b/openwrt-add-letsencrypt.sh
old mode 100644
new mode 100755
diff --git a/openwrt-add-lte.sh b/openwrt-add-lte.sh
old mode 100644
new mode 100755
diff --git a/openwrt-motion-config.sh b/openwrt-motion-config.sh
old mode 100644
new mode 100755