diff --git a/README.md b/README.md index 2c5dfa0..793a938 100644 --- a/README.md +++ b/README.md @@ -8,9 +8,8 @@ Edit the config file `/opt/tunnelkeeper/etc/tunnelkeeper.conf`. If you make chan There are 3 sections: #### settings - `debug [0..3]`: Debug logging levels 0 (no logging) to 3 (too much logging). -- `timeout`: Echo check timeout for watched connections. #### ssh - It's an ssh config file, so see `man ssh_config` for information. TunnelKeeper will connect to each host listed, and make sure every connection in `tunnelkeeper.conf` stays open in the background. - There are 2 options that aren't available in normal ssh config files: - - `Watch` : Enables an echo test on the host at regular intervals. + - `Watch N` : Enables an echo test on the host at intervals of **N** seconds. - `Password` : Uses screen to log in with a password. This is **insecure**, since the password is in plaintext, so use passwordless auth if possible. \ No newline at end of file diff --git a/etc/tunnelkeeper.conf b/etc/tunnelkeeper.conf index c3557ea..516f36b 100644 --- a/etc/tunnelkeeper.conf +++ b/etc/tunnelkeeper.conf @@ -1,6 +1,5 @@ [settings] debug 0 -timeout 30 [ssh] # Everything in this section obeys the same rules as ~/.ssh/config @@ -11,7 +10,7 @@ timeout 30 # Hostname 123.45.67.89 # User ubuntu # LocalForward 12345 127.0.0.1:22 -# Watch +# Watch 30 # Password p@$$w0rd # # Host server2 diff --git a/tunnelkeeper b/tunnelkeeper index 9a6af6d..589a481 100755 --- a/tunnelkeeper +++ b/tunnelkeeper @@ -15,8 +15,9 @@ SSHCONF="$BASEDIR/var/ssh.conf" PWCONF="$BASEDIR/var/passwords.conf" WATCHCONF="$BASEDIR/var/watch.conf" -cat "$BASEDIR/var/[ssh].conf" | grep -Eiv '^ *(watch|password)' > cat "$SSHCONF" -cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *watch|Host)' | grep -i -B1 watch | grep -i '^Host' | awk '{print $2}' > "$WATCHCONF" +cat "$BASEDIR/var/[ssh].conf" | grep -Eiv '^ *(watch|password)' > "$SSHCONF" +# cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *watch|Host)' | grep -i -B1 watch | grep -i '^Host' | awk '{print $2}' > "$WATCHCONF" +cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *watch|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator watch | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Ww]atch//g' > "$WATCHCONF" cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *password|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator password | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Pp]assword//g' > "$PWCONF" function ruroot () { @@ -34,8 +35,8 @@ case "$DEBUGLEVEL" in *) dbgopt='';; esac -TIMEOUT=$(awk '/^timeout/ {print $2}' $TKCONF &>/dev/null) -[[ -z $TIMEOUT ]] && TIMEOUT='60' +# TIMEOUT=$(awk '/^timeout/ {print $2}' $TKCONF &>/dev/null) +# [[ -z $TIMEOUT ]] && TIMEOUT='60' function dbg () { [[ $DEBUGLEVEL != "0" ]] && logger -t tunnelkeeper @@ -70,6 +71,7 @@ case "$1" in ;; FORKWATCH ) # makes sure the connection is still working, even if ssh doesn't drop it while true; do + TIMEOUT=$(awk "/^$2/ {print \$2}" ${WATCHCONF}) sleep $TIMEOUT echo "tick $2" | dbg if [[ $(timeout $TIMEOUT ssh localhost -o "StrictHostKeyChecking no" -S $BASEDIR/var/$2.tksock "echo tk") != "tk" ]]; then @@ -136,8 +138,9 @@ WantedBy=multi-user.target" > /lib/systemd/system/tunnelkeeper.service rm /usr/local/bin/tunnelkeeper rm /lib/systemd/system/tunnelkeeper.service systemctl daemon-reload + cp -f /opt/tunnelkeeper/etc/tunnelkeeper.conf /opt/tunnelkeeper.conf.bak rm -rf /opt/tunnelkeeper - echo -e "\nTunnelKeeper service uninstalled.\n" + echo -e "\nTunnelKeeper service uninstalled. Config backup saved as /opt/tunnelkeeper.conf.bak \n" ;; list ) echo "---"