From 30fbd76c8f3fec2dc539f0971b36a7087f3d6868 Mon Sep 17 00:00:00 2001 From: Gordon Grant-Stuart Date: Tue, 14 Mar 2023 14:56:27 +0000 Subject: [PATCH] making debug a ssh conf directive --- README.md | 9 +++---- etc/tunnelkeeper.conf | 9 +++---- tunnelkeeper | 55 ++++++++++++++++++++++++++----------------- 3 files changed, 41 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index 793a938..2cb1d5f 100644 --- a/README.md +++ b/README.md @@ -5,11 +5,8 @@ Install it as a service with `tunnelkeeper install`. Edit the config file `/opt/tunnelkeeper/etc/tunnelkeeper.conf`. If you make changes to tunnelkeeper.conf, run `systemctl restart tunnelkeeper`. -There are 3 sections: -#### settings -- `debug [0..3]`: Debug logging levels 0 (no logging) to 3 (too much logging). -#### ssh - It's an ssh config file, so see `man ssh_config` for information. TunnelKeeper will connect to each host listed, and make sure every connection in `tunnelkeeper.conf` stays open in the background. -- There are 2 options that aren't available in normal ssh config files: +- There are 3 options that aren't available in normal ssh config files: - `Watch N` : Enables an echo test on the host at intervals of **N** seconds. - - `Password` : Uses screen to log in with a password. This is **insecure**, since the password is in plaintext, so use passwordless auth if possible. \ No newline at end of file + - `Password` : Uses screen to log in with a password. This is **insecure**, since the password is in plaintext, so use passwordless auth if possible. + - `Debug [0..3]`: Debug logging levels 0 (no logging) to 3 (too much logging). \ No newline at end of file diff --git a/etc/tunnelkeeper.conf b/etc/tunnelkeeper.conf index 516f36b..c0a04a5 100644 --- a/etc/tunnelkeeper.conf +++ b/etc/tunnelkeeper.conf @@ -1,8 +1,8 @@ -[settings] -debug 0 - -[ssh] # Everything in this section obeys the same rules as ~/.ssh/config +# Excluding the following directives: +# - Password +# - Watch +# - Debug # Examples # @@ -18,3 +18,4 @@ debug 0 # User ubuntu # Port 2222 # RemoteForward 54321 127.0.0.1:22 +# Debug 2 diff --git a/tunnelkeeper b/tunnelkeeper index 589a481..3d74c2e 100755 --- a/tunnelkeeper +++ b/tunnelkeeper @@ -3,22 +3,26 @@ REALPATH="$(realpath $0)" BASEDIR="${REALPATH%/*}" -if [[ "${1}" == "start" ]]; then - rm $BASEDIR/var/*.conf &>/dev/null # Create separate .conf files in var/ from etc/tunnelkeeper.conf - awk -v "dir=$BASEDIR/var" ' - /^\[/ {sec=$1} - !/^[#\[]/ {print >> dir"/"sec".conf"}' < $BASEDIR/etc/tunnelkeeper.conf &>/dev/null -fi +# if [[ "${1}" == "start" ]]; then +# rm $BASEDIR/var/*.conf &>/dev/null # Create separate .conf files in var/ from etc/tunnelkeeper.conf +# awk -v "dir=$BASEDIR/var" ' +# /^\[/ {sec=$1} +# !/^[#\[]/ {print >> dir"/"sec".conf"}' < $BASEDIR/etc/tunnelkeeper.conf &>/dev/null +# fi -TKCONF="$BASEDIR/var/[settings].conf" +# TKCONF="$BASEDIR/var/[settings].conf" SSHCONF="$BASEDIR/var/ssh.conf" PWCONF="$BASEDIR/var/passwords.conf" WATCHCONF="$BASEDIR/var/watch.conf" +DEBUGCONF="$BASEDIR/var/debug.conf" -cat "$BASEDIR/var/[ssh].conf" | grep -Eiv '^ *(watch|password)' > "$SSHCONF" -# cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *watch|Host)' | grep -i -B1 watch | grep -i '^Host' | awk '{print $2}' > "$WATCHCONF" -cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *watch|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator watch | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Ww]atch//g' > "$WATCHCONF" -cat "$BASEDIR/var/[ssh].conf" | grep -Ei '^( *password|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator password | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Pp]assword//g' > "$PWCONF" +function genconfig () { + cat "$BASEDIR/etc/tunnelkeeper.conf" | grep -Eiv '^ *(watch|password|debug)' > "$SSHCONF" + # cat "$BASEDIR/etc/tunnelkeeper.conf" | grep -Ei '^( *watch|Host)' | grep -i -B1 watch | grep -i '^Host' | awk '{print $2}' > "$WATCHCONF" + cat "$BASEDIR/etc/tunnelkeeper.conf" | grep -Ei '^( *watch|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator watch | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Ww]atch//g' > "$WATCHCONF" + cat "$BASEDIR/etc/tunnelkeeper.conf" | grep -Ei '^( *password|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator password | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Pp]assword//g' > "$PWCONF" + cat "$BASEDIR/etc/tunnelkeeper.conf" | grep -Ei '^( *debug|Host)' | awk '{print $1 " " $2}' | grep -i -B1 --no-group-separator debug | tr '\n' ' ' | sed 's/Host /\n/g; s/ *[Dd]ebug//g' > "$DEBUGCONF" +} function ruroot () { if [[ $UID -ne 0 ]]; then @@ -27,23 +31,28 @@ function ruroot () { fi } -DEBUGLEVEL=$(awk '/^debug/ {print $2}' $TKCONF &>/dev/null) -[[ -z $DEBUGLEVEL ]] && DEBUGLEVEL='0' -case "$DEBUGLEVEL" in - 2) dbgopt='-v';; - 3) dbgopt='-vvv';; - *) dbgopt='';; -esac +# DEBUGLEVEL=$(awk '/^debug/ {print $2}' $TKCONF &>/dev/null) +# [[ -z $DEBUGLEVEL ]] && DEBUGLEVEL='0' + +function debugopt () { + # lvl=$(awk "/^$2/ {print \$2}" ${DEBUGCONF}) + case "$(awk "/^$1/ {print \$2}" ${DEBUGCONF})" in + 2) echo -n '-v';; + 3) echo -n '-vvv';; + # *) dbgopt='';; + esac +} # TIMEOUT=$(awk '/^timeout/ {print $2}' $TKCONF &>/dev/null) # [[ -z $TIMEOUT ]] && TIMEOUT='60' function dbg () { - [[ $DEBUGLEVEL != "0" ]] && logger -t tunnelkeeper + [[ "$(awk "/^$1/ {print \$2}" ${DEBUGCONF})" != "0" ]] && logger -t tunnelkeeper + # [[ $DEBUGLEVEL != "0" ]] && logger -t tunnelkeeper } function connect () { - ssh -F "${SSHCONF}" $dbgopt -o "ControlMaster auto" -o "StrictHostKeyChecking no" -S "$BASEDIR/var/$1.tksock" -N $1 '#tunnelkeeper' 2>&1 | dbg + echo ssh -F "${SSHCONF}" $(debugopt $1) -o "ControlMaster auto" -o "StrictHostKeyChecking no" -S "$BASEDIR/var/$1.tksock" -N $1 '#tunnelkeeper' 2>&1 | dbg $1 } @@ -63,7 +72,7 @@ case "$1" in done else # passwordless auth while true; do - connect $2 + connect $2 #$dbgopt sleep 5 done fi @@ -84,18 +93,20 @@ case "$1" in FORKSCREEN ) while true; do echo $$ > "$BASEDIR/var/${2}.screen" - connect $2 + connect $2 #$dbgopt sleep 5 done exit ;; start) + genconfig [[ -e "$BASEDIR/var/tunnelkeeper.pid" ]] && exit echo $$ > "$BASEDIR/var/tunnelkeeper.pid" cat "$SSHCONF" | awk '/^Host / {print $2}' | xargs -I% -P0 $0 FORKSTART % '#tunnelkeeper' & ;; stop ) rm -f "$BASEDIR/var/tunnelkeeper.pid" + rm -f "$BASEDIR/var/*.conf" pkill -f '#tunnelkeeper' &>/dev/null ;; restart )