diff --git a/CHANGES.md b/CHANGES.md index c085adb36..5a05d80ce 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,6 +1,6 @@ ## What's new in Version 1.11.3 of RaspiBlitz? -- New: Tailscale (basic install script) [details](https://en.wikipedia.org/wiki/Tailscale) +- New: Tailscale (SSH menu > SETTINGS) [details](https://en.wikipedia.org/wiki/Tailscale) - New: Connect Zeus to CLN via CLNrest (using the clnrest plugin and runes) - Update: Core Lightning v24.08.1 [details](https://github.com/ElementsProject/lightning/releases/tag/v24.08.1) - Update: Thunderhub v0.13.31 [details](https://github.com/apotdevin/thunderhub/releases/tag/v0.13.31) diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh index 5fc9bcf56..e9568f32e 100755 --- a/home.admin/00mainMenu.sh +++ b/home.admin/00mainMenu.sh @@ -171,6 +171,10 @@ fi if [ "${labelbase}" == "on" ]; then OPTIONS+=(LABELBASE "Labelbase (UTXO labeling)") fi +if [ "${tailscale}" == "on" ]; then + OPTIONS+=(TAILSCALE "Tailscale VPN") +fi + # dont offer to switch to "testnet view for now" - so no wswitch back to mainnet needed #if [ ${chain} != "main" ]; then @@ -311,7 +315,7 @@ case $CHOICE in sudo /home/admin/config.scripts/bonus.thunderhub.sh menu ;; ZEROTIER) - sudo /home/admin/config.scripts/bonus.zerotier.sh menu + sudo /home/admin/config.scripts/internet.zerotier.sh menu ;; SPHINX) sudo /home/admin/config.scripts/bonus.sphinxrelay.sh menu @@ -334,6 +338,9 @@ case $CHOICE in LABELBASE) sudo /home/admin/config.scripts/bonus.labelbase.sh menu ;; + TAILSCALE) + sudo /home/admin/config.scripts/internet.tailscale.sh menu + ;; FINTS) sudo /home/admin/config.scripts/bonus.fints.sh menu ;; diff --git a/home.admin/00settingsMenuBasics.sh b/home.admin/00settingsMenuBasics.sh index c3dd4cfa5..972841164 100755 --- a/home.admin/00settingsMenuBasics.sh +++ b/home.admin/00settingsMenuBasics.sh @@ -7,7 +7,6 @@ source /mnt/hdd/raspiblitz.conf echo "services default values" if [ ${#runBehindTor} -eq 0 ]; then runBehindTor="off"; fi -if [ ${#networkUPnP} -eq 0 ]; then networkUPnP="off"; fi if [ ${#touchscreen} -eq 0 ]; then touchscreen=0; fi if [ ${#lcdrotate} -eq 0 ]; then lcdrotate=0; fi if [ ${#zerotier} -eq 0 ]; then zerotier="off"; fi @@ -17,6 +16,7 @@ if [ ${#clEncryptedHSM} -eq 0 ]; then clEncryptedHSM="off"; fi if [ ${#clAutoUnlock} -eq 0 ]; then clAutoUnlock="off"; fi if [ ${#clWatchtowerClient} -eq 0 ]; then clWatchtowerClient="off"; fi if [ ${#blitzapi} -eq 0 ]; then blitzapi="off"; fi +if [ ${#tailscale} -eq 0 ]; then tailscale="off"; fi # detect if LND auto-unlock is active source <(/home/admin/config.scripts/lnd.autounlock.sh status) @@ -112,10 +112,10 @@ fi # Important basic options OPTIONS+=(t 'Run behind Tor' ${runBehindTor}) OPTIONS+=(z 'ZeroTier' ${zerotierSwitch}) +OPTIONS+=(l 'Tailscale VPN' ${tailscale}) if [ ${#runBehindTor} -eq 0 ] || [ "${runBehindTor}" = "off" ]; then OPTIONS+=(y ${dynDomainMenu} ${domainValue}) - OPTIONS+=(b 'BTC UPnP (AutoNAT)' ${networkUPnP}) fi OPTIONS+=(p 'Parallel Testnet/Signet' ${parallelTestnets}) @@ -194,26 +194,6 @@ else echo "Dynamic Domain unchanged." fi -# UPnP -choice="off"; check=$(echo "${CHOICES}" | grep -c "b") -if [ ${check} -eq 1 ]; then choice="on"; fi -if [ "${networkUPnP}" != "${choice}" ]; then - echo "BTC UPnP Setting changed .." - anychange=1 - if [ "${choice}" = "on" ]; then - echo "Starting BTC UPNP ..." - /home/admin/config.scripts/network.upnp.sh on - networkUPnP="on" - needsReboot=1 - else - echo "Stopping BTC UPNP ..." - /home/admin/config.scripts/network.upnp.sh off - networkUPnP="off" - needsReboot=1 - fi -else - echo "BTC UPnP Setting unchanged." -fi # Tor process choice choice="off"; check=$(echo "${CHOICES}" | grep -c "t") @@ -334,15 +314,29 @@ if [ "${zerotierSwitch}" != "${choice}" ]; then echo "zerotier setting changed .." anychange=1 error="" - sudo -u admin /home/admin/config.scripts/bonus.zerotier.sh ${choice} + sudo -u admin /home/admin/config.scripts/internet.zerotier.sh ${choice} if [ "${choice}" != "on" ]; then dialog --msgbox "ZeroTier is now OFF." 5 46 fi - else echo "ZeroTier setting unchanged." fi +# Tailscale process choice +choice="off"; check=$(echo "${CHOICES}" | grep -c "l") +if [ ${check} -eq 1 ]; then choice="on"; fi +if [ "${tailscale}" != "${choice}" ]; then + echo "tailscale setting changed .." + anychange=1 + error="" + sudo -u admin /home/admin/config.scripts/internet.tailscale.sh ${choice} + if [ "${choice}" = "on" ]; then + sudo -u admin /home/admin/config.scripts/internet.tailscale.sh menu + fi +else + echo "tailscale setting unchanged." +fi + # LND choice choice="off"; check=$(echo "${CHOICES}" | grep -c "m") if [ ${check} -eq 1 ]; then choice="on"; fi diff --git a/home.admin/_provision_.sh b/home.admin/_provision_.sh index a53f56750..65154f4ba 100755 --- a/home.admin/_provision_.sh +++ b/home.admin/_provision_.sh @@ -515,7 +515,7 @@ fi if [ "${#zerotier}" -gt 0 ] && [ "${zerotier}" != "off" ]; then echo "Provisioning ZeroTier - run config script" >> ${logFile} /home/admin/_cache.sh set message "Setup ZeroTier" - /home/admin/config.scripts/bonus.zerotier.sh on ${zerotier} >> ${logFile} 2>&1 + /home/admin/config.scripts/internet.zerotier.sh on ${zerotier} >> ${logFile} 2>&1 else echo "Provisioning ZeroTier - not active" >> ${logFile} fi @@ -729,7 +729,7 @@ fi if [ "${tailscale}" = "on" ]; then echo "Provisioning Tailscale - run config script" >> ${logFile} /home/admin/_cache.sh set message "Setup Tailscale" - sudo -u admin /home/admin/config.scripts/bonus.tailscale.sh on >> ${logFile} 2>&1 + sudo -u admin /home/admin/config.scripts/internet.tailscale.sh on >> ${logFile} 2>&1 else echo "Provisioning Tailscale - keep default" >> ${logFile} fi diff --git a/home.admin/config.scripts/bonus.tailscale.sh b/home.admin/config.scripts/bonus.tailscale.sh deleted file mode 100644 index 791f5da57..000000000 --- a/home.admin/config.scripts/bonus.tailscale.sh +++ /dev/null @@ -1,654 +0,0 @@ -#!/bin/sh - -if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then - echo "config script to install Tailscale" - echo "bonus.tailscale.sh on" - echo "bonus.tailscale.sh off <--delete-data|--keep-data>" - exit 1 -fi - -# --- Sourced from https://tailscale.com/install.sh on 2024-08-29 --- -# Copyright (c) Tailscale Inc & AUTHORS -# SPDX-License-Identifier: BSD-3-Clause -# -# This script detects the current operating system, and installs -# Tailscale according to that OS's conventions. - -set -e - -# All the code is wrapped in a main function that gets called at the -# bottom of the file, so that a truncated partial download doesn't end -# up executing half a script. -installTailscale() { - # Step 1: detect the current linux distro, version, and packaging system. - # - # We rely on a combination of 'uname' and /etc/os-release to find - # an OS name and version, and from there work out what - # installation method we should be using. - # - # The end result of this step is that the following three - # variables are populated, if detection was successful. - OS="" - VERSION="" - PACKAGETYPE="" - APT_KEY_TYPE="" # Only for apt-based distros - APT_SYSTEMCTL_START=false # Only needs to be true for Kali - TRACK="${TRACK:-stable}" - - case "$TRACK" in - stable | unstable) ;; - *) - echo "unsupported track $TRACK" - exit 1 - ;; - esac - - if [ -f /etc/os-release ]; then - # /etc/os-release populates a number of shell variables. We care about the following: - # - ID: the short name of the OS (e.g. "debian", "freebsd") - # - VERSION_ID: the numeric release version for the OS, if any (e.g. "18.04") - # - VERSION_CODENAME: the codename of the OS release, if any (e.g. "buster") - # - UBUNTU_CODENAME: if it exists, use instead of VERSION_CODENAME - . /etc/os-release - case "$ID" in - ubuntu | pop | neon | zorin | tuxedo) - OS="ubuntu" - if [ "${UBUNTU_CODENAME:-}" != "" ]; then - VERSION="$UBUNTU_CODENAME" - else - VERSION="$VERSION_CODENAME" - fi - PACKAGETYPE="apt" - # Third-party keyrings became the preferred method of - # installation in Ubuntu 20.04. - if expr "$VERSION_ID" : "2.*" >/dev/null; then - APT_KEY_TYPE="keyring" - else - APT_KEY_TYPE="legacy" - fi - ;; - debian) - OS="$ID" - VERSION="$VERSION_CODENAME" - PACKAGETYPE="apt" - # Third-party keyrings became the preferred method of - # installation in Debian 11 (Bullseye). - if [ -z "${VERSION_ID:-}" ]; then - # rolling release. If you haven't kept current, that's on you. - APT_KEY_TYPE="keyring" - elif [ "$VERSION_ID" -lt 11 ]; then - APT_KEY_TYPE="legacy" - else - APT_KEY_TYPE="keyring" - fi - ;; - linuxmint) - if [ "${UBUNTU_CODENAME:-}" != "" ]; then - OS="ubuntu" - VERSION="$UBUNTU_CODENAME" - elif [ "${DEBIAN_CODENAME:-}" != "" ]; then - OS="debian" - VERSION="$DEBIAN_CODENAME" - else - OS="ubuntu" - VERSION="$VERSION_CODENAME" - fi - PACKAGETYPE="apt" - if [ "$VERSION_ID" -lt 5 ]; then - APT_KEY_TYPE="legacy" - else - APT_KEY_TYPE="keyring" - fi - ;; - elementary) - OS="ubuntu" - VERSION="$UBUNTU_CODENAME" - PACKAGETYPE="apt" - if [ "$VERSION_ID" -lt 6 ]; then - APT_KEY_TYPE="legacy" - else - APT_KEY_TYPE="keyring" - fi - ;; - parrot | mendel) - OS="debian" - PACKAGETYPE="apt" - if [ "$VERSION_ID" -lt 5 ]; then - VERSION="buster" - APT_KEY_TYPE="legacy" - else - VERSION="bullseye" - APT_KEY_TYPE="keyring" - fi - ;; - galliumos) - OS="ubuntu" - PACKAGETYPE="apt" - VERSION="bionic" - APT_KEY_TYPE="legacy" - ;; - pureos | kaisen) - OS="debian" - PACKAGETYPE="apt" - VERSION="bullseye" - APT_KEY_TYPE="keyring" - ;; - raspbian) - OS="$ID" - VERSION="$VERSION_CODENAME" - PACKAGETYPE="apt" - # Third-party keyrings became the preferred method of - # installation in Raspbian 11 (Bullseye). - if [ "$VERSION_ID" -lt 11 ]; then - APT_KEY_TYPE="legacy" - else - APT_KEY_TYPE="keyring" - fi - ;; - kali) - OS="debian" - PACKAGETYPE="apt" - YEAR="$(echo "$VERSION_ID" | cut -f1 -d.)" - APT_SYSTEMCTL_START=true - # Third-party keyrings became the preferred method of - # installation in Debian 11 (Bullseye), which Kali switched - # to in roughly 2021.x releases - if [ "$YEAR" -lt 2021 ]; then - # Kali VERSION_ID is "kali-rolling", which isn't distinguishing - VERSION="buster" - APT_KEY_TYPE="legacy" - else - VERSION="bullseye" - APT_KEY_TYPE="keyring" - fi - ;; - Deepin) # https://github.com/tailscale/tailscale/issues/7862 - OS="debian" - PACKAGETYPE="apt" - if [ "$VERSION_ID" -lt 20 ]; then - APT_KEY_TYPE="legacy" - VERSION="buster" - else - APT_KEY_TYPE="keyring" - VERSION="bullseye" - fi - ;; - centos) - OS="$ID" - VERSION="$VERSION_ID" - PACKAGETYPE="dnf" - if [ "$VERSION" = "7" ]; then - PACKAGETYPE="yum" - fi - ;; - ol) - OS="oracle" - VERSION="$(echo "$VERSION_ID" | cut -f1 -d.)" - PACKAGETYPE="dnf" - if [ "$VERSION" = "7" ]; then - PACKAGETYPE="yum" - fi - ;; - rhel) - OS="$ID" - VERSION="$(echo "$VERSION_ID" | cut -f1 -d.)" - PACKAGETYPE="dnf" - if [ "$VERSION" = "7" ]; then - PACKAGETYPE="yum" - fi - ;; - fedora) - OS="$ID" - VERSION="" - PACKAGETYPE="dnf" - ;; - rocky | almalinux | nobara | openmandriva | sangoma | risios | cloudlinux | alinux | fedora-asahi-remix) - OS="fedora" - VERSION="" - PACKAGETYPE="dnf" - ;; - amzn) - OS="amazon-linux" - VERSION="$VERSION_ID" - PACKAGETYPE="yum" - ;; - xenenterprise) - OS="centos" - VERSION="$(echo "$VERSION_ID" | cut -f1 -d.)" - PACKAGETYPE="yum" - ;; - opensuse-leap | sles) - OS="opensuse" - VERSION="leap/$VERSION_ID" - PACKAGETYPE="zypper" - ;; - opensuse-tumbleweed) - OS="opensuse" - VERSION="tumbleweed" - PACKAGETYPE="zypper" - ;; - sle-micro-rancher) - OS="opensuse" - VERSION="leap/15.4" - PACKAGETYPE="zypper" - ;; - arch | archarm | endeavouros | blendos | garuda) - OS="arch" - VERSION="" # rolling release - PACKAGETYPE="pacman" - ;; - manjaro | manjaro-arm) - OS="manjaro" - VERSION="" # rolling release - PACKAGETYPE="pacman" - ;; - alpine) - OS="$ID" - VERSION="$VERSION_ID" - PACKAGETYPE="apk" - ;; - postmarketos) - OS="alpine" - VERSION="$VERSION_ID" - PACKAGETYPE="apk" - ;; - nixos) - echo "Please add Tailscale to your NixOS configuration directly:" - echo - echo "services.tailscale.enable = true;" - exit 1 - ;; - void) - OS="$ID" - VERSION="" # rolling release - PACKAGETYPE="xbps" - ;; - gentoo) - OS="$ID" - VERSION="" # rolling release - PACKAGETYPE="emerge" - ;; - freebsd) - OS="$ID" - VERSION="$(echo "$VERSION_ID" | cut -f1 -d.)" - PACKAGETYPE="pkg" - ;; - osmc) - OS="debian" - PACKAGETYPE="apt" - VERSION="bullseye" - APT_KEY_TYPE="keyring" - ;; - photon) - OS="photon" - VERSION="$(echo "$VERSION_ID" | cut -f1 -d.)" - PACKAGETYPE="tdnf" - ;; - - # TODO: wsl? - # TODO: synology? qnap? - esac - fi - - # If we failed to detect something through os-release, consult - # uname and try to infer things from that. - if [ -z "$OS" ]; then - if type uname >/dev/null 2>&1; then - case "$(uname)" in - FreeBSD) - # FreeBSD before 12.2 doesn't have - # /etc/os-release, so we wouldn't have found it in - # the os-release probing above. - OS="freebsd" - VERSION="$(freebsd-version | cut -f1 -d.)" - PACKAGETYPE="pkg" - ;; - OpenBSD) - OS="openbsd" - VERSION="$(uname -r)" - PACKAGETYPE="" - ;; - Darwin) - OS="macos" - VERSION="$(sw_vers -productVersion | cut -f1-2 -d.)" - PACKAGETYPE="appstore" - ;; - Linux) - OS="other-linux" - VERSION="" - PACKAGETYPE="" - ;; - esac - fi - fi - - # Ideally we want to use curl, but on some installs we - # only have wget. Detect and use what's available. - CURL= - if type curl >/dev/null; then - CURL="curl -fsSL" - elif type wget >/dev/null; then - CURL="wget -q -O-" - fi - if [ -z "$CURL" ]; then - echo "The installer needs either curl or wget to download files." - echo "Please install either curl or wget to proceed." - exit 1 - fi - - TEST_URL="https://pkgs.tailscale.com/" - RC=0 - TEST_OUT=$($CURL "$TEST_URL" 2>&1) || RC=$? - if [ $RC != 0 ]; then - echo "The installer cannot reach $TEST_URL" - echo "Please make sure that your machine has internet access." - echo "Test output:" - echo $TEST_OUT - exit 1 - fi - - # Step 2: having detected an OS we support, is it one of the - # versions we support? - OS_UNSUPPORTED= - case "$OS" in - ubuntu | debian | raspbian | centos | oracle | rhel | amazon-linux | opensuse | photon) - # Check with the package server whether a given version is supported. - URL="https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/installer-supported" - $CURL "$URL" 2>/dev/null | grep -q OK || OS_UNSUPPORTED=1 - ;; - fedora) - # All versions supported, no version checking required. - ;; - arch) - # Rolling release, no version checking needed. - ;; - manjaro) - # Rolling release, no version checking needed. - ;; - alpine) - # All versions supported, no version checking needed. - # TODO: is that true? When was tailscale packaged? - ;; - void) - # Rolling release, no version checking needed. - ;; - gentoo) - # Rolling release, no version checking needed. - ;; - freebsd) - if [ "$VERSION" != "12" ] && - [ "$VERSION" != "13" ]; then - OS_UNSUPPORTED=1 - fi - ;; - openbsd) - OS_UNSUPPORTED=1 - ;; - macos) - # We delegate macOS installation to the app store, it will - # perform version checks for us. - ;; - other-linux) - OS_UNSUPPORTED=1 - ;; - *) - OS_UNSUPPORTED=1 - ;; - esac - if [ "$OS_UNSUPPORTED" = "1" ]; then - case "$OS" in - other-linux) - echo "Couldn't determine what kind of Linux is running." - echo "You could try the static binaries at:" - echo "https://pkgs.tailscale.com/$TRACK/#static" - ;; - "") - echo "Couldn't determine what operating system you're running." - ;; - *) - echo "$OS $VERSION isn't supported by this script yet." - ;; - esac - echo - echo "If you'd like us to support your system better, please email support@tailscale.com" - echo "and tell us what OS you're running." - echo - echo "Please include the following information we gathered from your system:" - echo - echo "OS=$OS" - echo "VERSION=$VERSION" - echo "PACKAGETYPE=$PACKAGETYPE" - if type uname >/dev/null 2>&1; then - echo "UNAME=$(uname -a)" - else - echo "UNAME=" - fi - echo - if [ -f /etc/os-release ]; then - cat /etc/os-release - else - echo "No /etc/os-release" - fi - exit 1 - fi - - # Step 3: work out if we can run privileged commands, and if so, - # how. - CAN_ROOT= - SUDO= - if [ "$(id -u)" = 0 ]; then - CAN_ROOT=1 - SUDO="" - elif type sudo >/dev/null; then - CAN_ROOT=1 - SUDO="sudo" - elif type doas >/dev/null; then - CAN_ROOT=1 - SUDO="doas" - fi - if [ "$CAN_ROOT" != "1" ]; then - echo "This installer needs to run commands as root." - echo "We tried looking for 'sudo' and 'doas', but couldn't find them." - echo "Either re-run this script as root, or set up sudo/doas." - exit 1 - fi - - # Step 4: run the installation. - OSVERSION="$OS" - [ "$VERSION" != "" ] && OSVERSION="$OSVERSION $VERSION" - echo "Installing Tailscale for $OSVERSION, using method $PACKAGETYPE" - case "$PACKAGETYPE" in - apt) - export DEBIAN_FRONTEND=noninteractive - if [ "$APT_KEY_TYPE" = "legacy" ] && ! type gpg >/dev/null; then - $SUDO apt-get update - $SUDO apt-get install -y gnupg - fi - - set -x - $SUDO mkdir -p --mode=0755 /usr/share/keyrings - case "$APT_KEY_TYPE" in - legacy) - $CURL "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION.asc" | $SUDO apt-key add - - $CURL "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION.list" | $SUDO tee /etc/apt/sources.list.d/tailscale.list - ;; - keyring) - $CURL "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION.noarmor.gpg" | $SUDO tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null - $CURL "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION.tailscale-keyring.list" | $SUDO tee /etc/apt/sources.list.d/tailscale.list - ;; - esac - $SUDO apt-get update - $SUDO apt-get install -y tailscale tailscale-archive-keyring - if [ "$APT_SYSTEMCTL_START" = "true" ]; then - $SUDO systemctl enable --now tailscaled - $SUDO systemctl start tailscaled - fi - set +x - ;; - yum) - set -x - $SUDO yum install yum-utils -y - $SUDO yum-config-manager -y --add-repo "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/tailscale.repo" - $SUDO yum install tailscale -y - $SUDO systemctl enable --now tailscaled - set +x - ;; - dnf) - set -x - $SUDO dnf install -y 'dnf-command(config-manager)' - $SUDO dnf config-manager --add-repo "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/tailscale.repo" - $SUDO dnf install -y tailscale - $SUDO systemctl enable --now tailscaled - set +x - ;; - tdnf) - set -x - curl -fsSL "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/tailscale.repo" >/etc/yum.repos.d/tailscale.repo - $SUDO tdnf install -y tailscale - $SUDO systemctl enable --now tailscaled - set +x - ;; - zypper) - set -x - $SUDO rpm --import "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/repo.gpg" - $SUDO zypper --non-interactive ar -g -r "https://pkgs.tailscale.com/$TRACK/$OS/$VERSION/tailscale.repo" - $SUDO zypper --non-interactive --gpg-auto-import-keys refresh - $SUDO zypper --non-interactive install tailscale - $SUDO systemctl enable --now tailscaled - set +x - ;; - pacman) - set -x - $SUDO pacman -S tailscale --noconfirm - $SUDO systemctl enable --now tailscaled - set +x - ;; - pkg) - set -x - $SUDO pkg install tailscale - $SUDO service tailscaled enable - $SUDO service tailscaled start - set +x - ;; - apk) - set -x - if ! grep -Eq '^http.*/community$' /etc/apk/repositories; then - if type setup-apkrepos >/dev/null; then - $SUDO setup-apkrepos -c -1 - else - echo "installing tailscale requires the community repo to be enabled in /etc/apk/repositories" - exit 1 - fi - fi - $SUDO apk add tailscale - $SUDO rc-update add tailscale - $SUDO rc-service tailscale start - set +x - ;; - xbps) - set -x - $SUDO xbps-install tailscale -y - set +x - ;; - emerge) - set -x - $SUDO emerge --ask=n net-vpn/tailscale - set +x - ;; - appstore) - set -x - open "https://apps.apple.com/us/app/tailscale/id1475387142" - set +x - ;; - *) - echo "unexpected: unknown package type $PACKAGETYPE" - exit 1 - ;; - esac -} -# --- End of part from https://tailscale.com/install.sh on 2024-08-29 --- - -if [ "$1" = "on" ]; then - if ! systemctl is-active tailscaled; then - - echo "# Installing Tailscale" - - # backup tailscale library if exists - if [ -d /var/lib/tailscale ]; then - if [ ! -d /mnt/hdd/app-data/tailscale ]; then - echo "# Moving the Tailscale data to disk" - sudo mv /var/lib/tailscale /mnt/hdd/app-data/tailscale - else - echo "# Backing up /var/lib/tailscale to /var/lib/tailscale.backup" - sudo mv /var/lib/tailscale /var/lib/tailscale.backup - fi - fi - - installTailscale - - # move tailscale state to HDD - sudo systemctl stop tailscaled - sudo systemctl disable tailscaled - sudo rm -rf /var/lib/tailscale - sudo mkdir -p /mnt/hdd/app-data/tailscale - sudo cp /lib/systemd/system/tailscaled.service /etc/systemd/system/ - sudo sed -i 's|--state=/var/lib/tailscale/tailscaled.state|--state=/mnt/hdd/app-data/tailscale/tailscaled.state|' /etc/systemd/system/tailscaled.service - sudo systemctl enable tailscaled - sudo systemctl start tailscaled - - # setting value in raspiblitz config - /home/admin/config.scripts/blitz.conf.sh set tailscale on - - echo "# Installation complete!" - if ! tailscale ip -4; then - echo "# Log in to start using Tailscale by running:" - echo - if [ -z "$SUDO" ]; then - echo "tailscale up" - else - echo "$SUDO tailscale up" - fi - else - echo "# Check your Tailscale IP with the command:" - echo "tailscale ip -4" - echo "# Your Tailscale IP is:" - tailscale ip -4 - fi - else - echo "# Tailscale is already running" - fi - -elif [ "$1" = "off" ]; then - echo "# Removing Tailscale" - sudo systemctl disable --now tailscaled - sudo apt purge -y tailscale - - # get delete data status - either by parameter or if not set by user dialog - deleteData="" - if [ "$2" = "--delete-data" ]; then - deleteData="1" - fi - if [ "$2" = "--keep-data" ]; then - deleteData="0" - fi - if [ "${deleteData}" = "" ]; then - if (whiptail --title "Delete Data?" --yes-button "Keep Data" --no-button "Delete Data" --yesno "Do you want to delete all data related to Tailscale?" 0 0); then - deleteData="0" - else - deleteData="1" - fi - fi - - # execute on delete data - if [ "${deleteData}" = "1" ]; then - echo "# Removing Tailscale data" - sudo rm -rf /mnt/hdd/app-data/tailscale - else - echo "# Tailscale data is preserved on the disk (if exist)" - fi - - # setting value in raspiblitz config - /home/admin/config.scripts/blitz.conf.sh set tailscale off - - echo "# Removed Tailscale" -fi diff --git a/home.admin/config.scripts/internet.tailscale.sh b/home.admin/config.scripts/internet.tailscale.sh new file mode 100644 index 000000000..29291c2ae --- /dev/null +++ b/home.admin/config.scripts/internet.tailscale.sh @@ -0,0 +1,190 @@ +#!/bin/sh + +if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then + echo "# config script to install Tailscale" + echo "# internet.tailscale.sh state" + echo "# internet.tailscale.sh on" + echo "# internet.tailscale.sh menu" + echo "# internet.tailscale.sh off <--delete-data|--keep-data>" + exit 0 +fi + +if [ "$1" = "on" ]; then + + # check if tailscale is already installed + if [ "$(systemctl is-active tailscaled)" = "active" ]; then + echo "# Tailscale is already running" + exit 0 + fi + + # get debian release codename + . /etc/os-release + if [ -z "$VERSION_CODENAME" ]; then + echo "error='missing VERSION_CODENAME in /etc/os-release'" + exit 1 + fi + + echo "# Installing Tailscale" + + # backup tailscale library if exists + if [ -d /var/lib/tailscale ]; then + if [ ! -d /mnt/hdd/app-data/tailscale ]; then + echo "# Moving the Tailscale data to disk" + sudo mv /var/lib/tailscale /mnt/hdd/app-data/tailscale + else + echo "# Backing up /var/lib/tailscale to /var/lib/tailscale.backup" + sudo mv /var/lib/tailscale /var/lib/tailscale.backup + fi + fi + + # add tailscale repository if not already added + if [ ! -f /etc/apt/sources.list.d/tailscale.list ]; then + echo "# Adding Tailscale repository" + sudo mkdir -p --mode=0755 /usr/share/keyrings + curl -fsSL "https://pkgs.tailscale.com/stable/debian/$VERSION_CODENAME.noarmor.gpg" -o /tmp/tailscale-archive-keyring.gpg && sudo mv /tmp/tailscale-archive-keyring.gpg /usr/share/keyrings/tailscale-archive-keyring.gpg + curl -fsSL "https://pkgs.tailscale.com/stable/debian/$VERSION_CODENAME.tailscale-keyring.list" -o /tmp/tailscale-keyring.list && sudo mv /tmp/tailscale-keyring.list /etc/apt/sources.list.d/tailscale.list + else + echo "# Tailscale repository already added" + fi + + # install tailscale + sudo apt-get update + sudo apt-get install -y tailscale tailscale-archive-keyring + + # move tailscale state to HDD + sudo systemctl stop tailscaled + sudo systemctl disable tailscaled + sudo rm -rf /var/lib/tailscale + sudo mkdir -p /mnt/hdd/app-data/tailscale + sudo cp /lib/systemd/system/tailscaled.service /etc/systemd/system/ + sudo sed -i 's|--state=/var/lib/tailscale/tailscaled.state|--state=/mnt/hdd/app-data/tailscale/tailscaled.state|' /etc/systemd/system/tailscaled.service + sudo systemctl enable tailscaled + sudo systemctl start tailscaled + + # setting value in raspiblitz config + /home/admin/config.scripts/blitz.conf.sh set tailscale on + + echo "# Grace period for Tailscale to start ... 10 seconds" + sleep 10 + + echo + echo "##############################" + echo "# Installation complete!" + echo "# To config or see state of tailscale call:" + echo "# /home/admin/config.scripts/internet.tailscale.sh menu" + + exit 0 +fi + +if [ "$1" = "off" ]; then + + echo "# Removing Tailscale" + sudo systemctl disable --now tailscaled + sudo apt purge -y tailscale + + # get delete data status - either by parameter or if not set by user dialog + deleteData="" + if [ "$2" = "--delete-data" ]; then + deleteData="1" + fi + if [ "$2" = "--keep-data" ]; then + deleteData="0" + fi + if [ -z "$deleteData" ]; then + if (whiptail --title "Delete Data?" --yes-button "Keep Data" --no-button "Delete Data" --yesno "Do you want to delete all data related to Tailscale?" 0 0); then + deleteData="0" + else + deleteData="1" + fi + fi + + # execute on delete data + if [ "$deleteData" = "1" ]; then + echo "# Removing Tailscale data" + sudo rm -rf /mnt/hdd/app-data/tailscale + else + echo "# Tailscale data is preserved on the disk (if exist)" + fi + + # setting value in raspiblitz config + /home/admin/config.scripts/blitz.conf.sh set tailscale off + + echo "# Removed Tailscale" + exit 0 +fi + +# gather status if tailscale +installed=0 +backend_state="" +status=$(sudo tailscale status --json 2>/dev/null) +if [ -n "$status" ]; then + installed=1 + backend_state=$(echo "$status" | jq -r '.BackendState' 2>/dev/null) + login_name=$(echo "$status" | jq -r '.User[] | .LoginName' 2>/dev/null) +fi + +if [ "$1" = "status" ]; then + + echo "# Tailscale Status" + echo "installed=${installed}" + echo "state=${backend_state}" + + # get login URL if needed + login_url="" + if [ "$backend_state" = "NeedsLogin" ]; then + login_url=$(sudo timeout 3s tailscale login --nickname RaspiBlitz 2>&1 | grep https:// | awk '{$1=$1; print}') + fi + echo "login_url=${login_url}" + + exit 0 +fi + +if [ "$1" = "menu" ]; then + + # exit if tailscale is not installed + if [ ${installed} -eq 0 ]; then + echo "# Tailscale is not installed" + exit 0 + fi + + # if tailscale needs login + if [ "$backend_state" = "NeedsLogin" ]; then + echo "# Tailscale needs login" + + # while loop until user selects cancel in whiptail + while : + do + + # get tailscale login URL + login_url=$(sudo timeout 3s tailscale login --nickname RaspiBlitz 2>&1 | grep https:// | awk '{$1=$1; print}') + if [ -z "$login_url" ]; then + echo "# Error getting login URL" + sleep 3 + exit 1 + fi + + # ask user to login + if (whiptail --title "Tailscale Login Needed" --yes-button "Test Login" --no-button "Cancel Login" --yesno "To connect your RaspiBlitz with Tailscale open the following Url in your browser:\n${login_url}\n\nIf you connected this device to Tailscale successfully, choose 'Test Login'" 0 0); then + # check if tailscale is now logged in + status=$(sudo tailscale status --json 2>/dev/null) + backend_state=$(echo "$status" | jq -r '.BackendState' 2>/dev/null) + if [ "$backend_state" = "NeedsLogin" ]; then + echo "# Tailscale still needs login" + else + echo "# OK Tailscale is logged in" + whiptail --msgbox "Tailscale is now connected" 0 0 + break + fi + else + echo "# Cancelled Tailscle login" + sleep 2 + break + fi + done + exit 0 + else + echo "# Tailscale state is '${backend_state}'" + whiptail --msgbox "Tailscale state on RaspiBlitz is '${backend_state}'.\n\nFor details login with '${login_name}' to Tailscale service:\nhttps://login.tailscale.com\n\nOr use on terminal command:\nsudo tailscale status --json" 0 0 + fi + exit 0 +fi \ No newline at end of file diff --git a/home.admin/config.scripts/bonus.zerotier.sh b/home.admin/config.scripts/internet.zerotier.sh similarity index 96% rename from home.admin/config.scripts/bonus.zerotier.sh rename to home.admin/config.scripts/internet.zerotier.sh index 19591f8f7..4400a1c43 100755 --- a/home.admin/config.scripts/bonus.zerotier.sh +++ b/home.admin/config.scripts/internet.zerotier.sh @@ -3,9 +3,9 @@ # command info if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then echo "config script to install, uninstall ZeroTier" - echo "bonus.zerotier.sh on [?networkid]" - echo "bonus.zerotier.sh off" - echo "bonus.zerotier.sh menu" + echo "internet.zerotier.sh on [?networkid]" + echo "internet.zerotier.sh off" + echo "internet.zerotier.sh menu" exit 1 fi