# Get IP address on VPN bridge interface through some arcane magic ipaddr(){ if="${1:-br-VPN360}" result=$(/sbin/ip -o -4 addr show dev "${if}" 2&>/dev/null | /bin/sed 's/^.*inet // ; s/\/...*$//') /usr/bin/printf %s "${result}" } # Disable (broadcast) WiFi device stopwifi(){ /sbin/uci set wireless.radio0.disabled=1 /sbin/uci commit } # Enable (broadcast) WiFi device startwifi(){ /sbin/uci set wireless.radio0.disabled=0 /sbin/uci commit /sbin/wifi } # Disable and re-enable (broadcast) WiFi device restartwifi(){ stopwifi startwifi } # Set power LED brightness powerled(){ echo $1 > /sys/devices/platform/leds-gpio/leds/gl-ar750:white:power/brightness } # Set second LED brightness led2g(){ echo $1 > /sys/devices/platform/leds-gpio/leds/gl-ar750:white:wlan2g/brightness } # Set third LED brightness led5g(){ echo $1 > /sys/devices/platform/leds-gpio/leds/gl-ar750:white:wlan5g/brightness } . /etc/vpnsecret # Source the server authentication secret # Prepare for default VPN-WiFi bridge /sbin/uci set wireless.@wifi-iface[0].network="VPN360" /sbin/uci commit # Disable WiFi for as long as there is no bridge providing IP addresses stopwifi # Turn off all LEDs powerled 0 led2g 0 led5g 0 # Launch VPN client /usr/sbin/openvpn /etc/openvpn/client.conf >/var/log/openvpn & # Try for approx. 1 minute to get an IP from the VPN before falling back to DHCP counter=0 while [ $counter -lt 60 ] do # Retrieve hosts file from server if /usr/bin/wget -O/etc/hosts https://$HOSTNAME/hosts --timeout=2 --post-data "secret=$SECRET" --no-check-certificate >/var/log/wget 2>&1 then if pgrep "openvpn" >/dev/null then if [ $(ipaddr) ] # = If connection to the server is working then # Turn on LEDs indicating boot completion and connection success powerled 1 led5g 1 # Enable WiFi as the VPN bridge is now functional startwifi # Send a heartbeat to the server every 10 seconds # This is also used to transfer commands from the server to the device while [ True ] do /bin/sleep 10 # Let's hope there is an IP address on the VPN interface # If not, this might be a temporary issue (lost network connection or lease expiration) # We assume that users will reboot the device if it doesn't work for extended periods of time if [ $(ipaddr) ] then /usr/bin/wget -O- https://$HOSTNAME/heartbeat --post-data "secret=$SECRET&ip=$(ipaddr)" --no-check-certificate 2>/var/log/wget | /bin/ash fi done fi else # Launch VPN client if not running /usr/sbin/openvpn /etc/openvpn/client.conf >/var/log/openvpn & fi fi counter=$(( counter + 1 )) powerled $(( counter % 2 )) /bin/sleep 1 # Wait for a second before re-trying done # We should only ever get to this point if no VPN connection was established within a minute # Switch WiFi device to the DHCP bridge /sbin/uci set wireless.@wifi-iface[0].network="DHCP" /sbin/uci commit # Turn on LEDs indicating connection failure and DHCP fallback powerled 1 led2g 1 # Start WiFi device now bridged to the DHCP and assign server IP startwifi /sbin/ip a add 192.168.36.1/24 dev br-DHCP /sbin/ifconfig br-DHCP down /sbin/ifconfig br-DHCP up # Send a heartbeat to the server every 10 seconds # This is also used to transfer commands from the server to the device while [ True ] do sleep 10 /usr/bin/wget -O- https://$HOSTNAME/heartbeat --post-data "secret=$SECRET" --no-check-certificate 2>/var/log/wget | /bin/ash done