From 1cd7679a07014ff0f801fd3732318fad4bd130c8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 4 Jan 2019 20:20:20 +0100 Subject: [PATCH] update-tunnelbroker: get tunnelbroker config from interface comment --- global-config | 7 ------- update-tunnelbroker | 39 ++++++++++++++++++++------------------- 2 files changed, 20 insertions(+), 26 deletions(-) diff --git a/global-config b/global-config index 85fc54b..2a75b66 100644 --- a/global-config +++ b/global-config @@ -98,10 +98,3 @@ :global CertRenewUrl ""; #:global CertRenewUrl "https://example.com/certificates/"; :global CertRenewPass "v3ry-s3cr3t"; - -# Configuration for update-tunnelbroker -#:global TunnelUrl "ipv4.tunnelbroker.net"; -#:global TunnelUser "user"; -#:global TunnelPass "v3ry-s3cr3t"; -#:global TunnelId "user-XXX.tunnel.tserv6.fra1.ipv6.he.net"; -#:global TunnelInt "tunnelbroker"; diff --git a/update-tunnelbroker b/update-tunnelbroker index cf8af45..8696f61 100644 --- a/update-tunnelbroker +++ b/update-tunnelbroker @@ -3,35 +3,36 @@ # Copyright (c) 2013-2019 Christian Hesse # Michael Gisbers -:global TunnelUrl; -:global TunnelUser; -:global TunnelPass; -:global TunnelId; -:global TunnelInt; - :global CertificateAvailable; :if ([ / ip cloud get ddns-enabled ] != true) do={ :error "IP cloud DDNS is not enabled."; } -# get the last ip address from tunnel interface -:local TunnelLastIp [ / interface 6to4 get [ / interface 6to4 find where name=$TunnelInt ] local-address ]; - # Get the current ip address from cloud / ip cloud force-update; :while ([ / ip cloud get status ] != "updated") do={ :delay 1s; } -:local TunnelIp [ / ip cloud get public-address ]; +:local PublicAddress [ / ip cloud get public-address ]; -:if ($TunnelIp != $TunnelLastIp) do={ - $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield"; - :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $TunnelIp); - / tool fetch mode=https check-certificate=yes-without-crl \ - ("https://" . $TunnelUrl . "/nic/update\?hostname=" . $TunnelId) \ - user=$TunnelUser password=$TunnelPass keep-result=no; - / interface 6to4 set [ / interface 6to4 find where name=$TunnelInt ] local-address=$TunnelIp; -} else={ - :log debug "All tunnelbroker configuration is up to date."; +:foreach Interface in=[ / interface 6to4 find where comment~"^tunnelbroker" !disabled ] do={ + :local IntName [ / interface 6to4 get $Interface name ]; + :local LastAddress [ / interface 6to4 get $Interface local-address ]; + + :if ($PublicAddress != $LastAddress) do={ + :local Comment [ :toarray [ / interface 6to4 get $Interface comment ] ]; + :local User [ :pick [ :pick $Comment 1 ] 5 99 ]; + :local Pass [ :pick [ :pick $Comment 2 ] 5 99 ]; + :local Id [ :pick [ :pick $Comment 3 ] 5 99 ]; + + $CertificateAvailable "Starfield Secure Certificate Authority - G2" "starfield"; + :log info ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress); + / tool fetch mode=https check-certificate=yes-without-crl \ + ("https://ipv4.tunnelbroker.net/nic/update\?hostname=" . $Id) \ + user=$User password=$Pass keep-result=no; + / interface 6to4 set $Interface local-address=$PublicAddress; + } else={ + :log debug ("All tunnelbroker configuration is up to date for interface " . $IntName . "."); + } }