Skip to content

Commit 4db2971

Browse files
SamNet-devSamNet-dev
committed
Fix do_add_domain crash, fix DNSTT pubkey mismatch, show both keys
- Move arg parser after all function definitions so --manage can call do_add_domain (fixes "command not found" on menu option 4) - Fix dnstt-ssh slipnet:// URL using wrong pubkey (was dnstt1's key, now reads from /etc/dnstm/tunnels/dnstt-ssh/server.pub) - Show both DNSTT public keys (socks + ssh) in step_summary and do_add_domain - Add note that SSH slipnet URLs require credentials via --manage
1 parent 78089ea commit 4db2971

1 file changed

Lines changed: 108 additions & 88 deletions

File tree

dnstm-setup.sh

Lines changed: 108 additions & 88 deletions
Original file line numberDiff line numberDiff line change
@@ -1908,88 +1908,6 @@ SOCKS_PASS=""
19081908
SOCKS_AUTH=false
19091909
TUNNELS_CHANGED=false
19101910

1911-
# ─── Parse Arguments ────────────────────────────────────────────────────────────
1912-
1913-
ADD_DOMAIN_MODE=false
1914-
HARDEN_ONLY_MODE=false
1915-
MANAGE_USERS_MODE=false
1916-
DNSTT_MTU=1232
1917-
1918-
while [[ $# -gt 0 ]]; do
1919-
case "$1" in
1920-
--help|-h)
1921-
show_help
1922-
exit 0
1923-
;;
1924-
--about)
1925-
show_about
1926-
exit 0
1927-
;;
1928-
--status)
1929-
do_status
1930-
exit 0
1931-
;;
1932-
--manage)
1933-
do_manage
1934-
exit 0
1935-
;;
1936-
--uninstall)
1937-
do_uninstall
1938-
exit 0
1939-
;;
1940-
--remove-tunnel)
1941-
# If $2 looks like another flag (starts with --), treat as no tag given
1942-
if [[ -n "${2:-}" && "${2:0:2}" != "--" ]]; then
1943-
do_remove_tunnel "$2"
1944-
else
1945-
do_remove_tunnel ""
1946-
fi
1947-
exit 0
1948-
;;
1949-
--add-tunnel)
1950-
do_add_tunnel
1951-
exit 0
1952-
;;
1953-
--add-domain)
1954-
ADD_DOMAIN_MODE=true
1955-
shift
1956-
;;
1957-
--users)
1958-
MANAGE_USERS_MODE=true
1959-
shift
1960-
;;
1961-
--harden)
1962-
HARDEN_ONLY_MODE=true
1963-
shift
1964-
;;
1965-
--mtu)
1966-
if [[ -n "${2:-}" ]] && [[ "$2" =~ ^[0-9]+$ ]] && [[ "$2" -ge 512 ]] && [[ "$2" -le 1400 ]]; then
1967-
DNSTT_MTU="$2"
1968-
shift 2
1969-
else
1970-
echo "Error: --mtu requires a value between 512 and 1400"
1971-
exit 1
1972-
fi
1973-
;;
1974-
*)
1975-
echo "Unknown option: $1"
1976-
echo "Use --help for usage information."
1977-
exit 1
1978-
;;
1979-
esac
1980-
done
1981-
1982-
# ─── Validate conflicting flags ──────────────────────────────────────────────────
1983-
1984-
mode_count=0
1985-
[[ "$ADD_DOMAIN_MODE" == true ]] && ((mode_count++))
1986-
[[ "$HARDEN_ONLY_MODE" == true ]] && ((mode_count++))
1987-
[[ "$MANAGE_USERS_MODE" == true ]] && ((mode_count++))
1988-
if [[ $mode_count -gt 1 ]]; then
1989-
echo "Error: --add-domain, --harden, and --users cannot be combined."
1990-
exit 1
1991-
fi
1992-
19931911
# ─── Variables (populated during setup) ─────────────────────────────────────────
19941912

19951913
SSH_SETUP_DONE=false
@@ -2964,9 +2882,16 @@ step_summary() {
29642882
echo ""
29652883

29662884
if [[ -n "$DNSTT_PUBKEY" ]]; then
2967-
echo -e " ${BOLD}DNSTT Public Key${NC}"
2885+
echo -e " ${BOLD}DNSTT Public Keys${NC}"
29682886
echo -e " ${DIM}────────────────────────────────────────${NC}"
2969-
echo -e " ${GREEN}${DNSTT_PUBKEY}${NC}"
2887+
echo -e " ${GREEN}dnstt1 (SOCKS):${NC} ${DNSTT_PUBKEY}"
2888+
local _dnstt_ssh_pk=""
2889+
if [[ -f /etc/dnstm/tunnels/dnstt-ssh/server.pub ]]; then
2890+
_dnstt_ssh_pk=$(cat /etc/dnstm/tunnels/dnstt-ssh/server.pub 2>/dev/null || true)
2891+
fi
2892+
if [[ -n "$_dnstt_ssh_pk" ]]; then
2893+
echo -e " ${GREEN}dnstt-ssh (SSH):${NC} ${_dnstt_ssh_pk}"
2894+
fi
29702895
echo ""
29712896
fi
29722897

@@ -3011,8 +2936,13 @@ step_summary() {
30112936
if [[ "$SSH_SETUP_DONE" == true && -n "$SSH_USER" && -n "$SSH_PASS" ]]; then
30122937
slipnet_url=$(generate_slipnet_url "slipstream_ssh" "s2" "" "$SSH_USER" "$SSH_PASS" "$s_user" "$s_pass")
30132938
echo -e " ${GREEN}slip-ssh:${NC} ${slipnet_url}"
3014-
if [[ -n "$DNSTT_PUBKEY" ]]; then
3015-
slipnet_url=$(generate_slipnet_url "dnstt_ssh" "ds2" "$DNSTT_PUBKEY" "$SSH_USER" "$SSH_PASS" "$s_user" "$s_pass")
2939+
# dnstt-ssh has its own keypair — read from its own tunnel dir
2940+
local dnstt_ssh_pubkey=""
2941+
if [[ -f /etc/dnstm/tunnels/dnstt-ssh/server.pub ]]; then
2942+
dnstt_ssh_pubkey=$(cat /etc/dnstm/tunnels/dnstt-ssh/server.pub 2>/dev/null || true)
2943+
fi
2944+
if [[ -n "$dnstt_ssh_pubkey" ]]; then
2945+
slipnet_url=$(generate_slipnet_url "dnstt_ssh" "ds2" "$dnstt_ssh_pubkey" "$SSH_USER" "$SSH_PASS" "$s_user" "$s_pass")
30162946
echo -e " ${GREEN}dnstt-ssh:${NC} ${slipnet_url}"
30172947
fi
30182948
fi
@@ -3354,9 +3284,16 @@ do_add_domain() {
33543284
echo ""
33553285

33563286
if [[ -n "$DNSTT_PUBKEY" ]]; then
3357-
echo -e " ${BOLD}DNSTT Public Key${NC}"
3287+
echo -e " ${BOLD}DNSTT Public Keys${NC}"
33583288
echo -e " ${DIM}────────────────────────────────────────${NC}"
3359-
echo -e " ${GREEN}${DNSTT_PUBKEY}${NC}"
3289+
echo -e " ${GREEN}${dnstt_tag} (SOCKS):${NC} ${DNSTT_PUBKEY}"
3290+
local _dnstt_ssh_pk=""
3291+
if [[ -f "/etc/dnstm/tunnels/${dnstt_ssh_tag}/server.pub" ]]; then
3292+
_dnstt_ssh_pk=$(cat "/etc/dnstm/tunnels/${dnstt_ssh_tag}/server.pub" 2>/dev/null || true)
3293+
fi
3294+
if [[ -n "$_dnstt_ssh_pk" ]]; then
3295+
echo -e " ${GREEN}${dnstt_ssh_tag} (SSH):${NC} ${_dnstt_ssh_pk}"
3296+
fi
33603297
echo ""
33613298
fi
33623299

@@ -3391,12 +3328,95 @@ do_add_domain() {
33913328
slipnet_url=$(generate_slipnet_url "dnstt" "d2" "$DNSTT_PUBKEY" "" "" "$s_user" "$s_pass")
33923329
echo -e " ${GREEN}${dnstt_tag}:${NC} ${slipnet_url}"
33933330
fi
3331+
echo -e " ${DIM}SSH tunnel slipnet:// URLs require credentials. Use --manage → Manage SSH users first.${NC}"
33943332
echo ""
33953333

33963334
echo -e " ${DIM}To add more domains, run again: sudo bash $0 --add-domain${NC}"
33973335
echo ""
33983336
}
33993337

3338+
# ─── Parse Arguments ────────────────────────────────────────────────────────────
3339+
3340+
ADD_DOMAIN_MODE=false
3341+
HARDEN_ONLY_MODE=false
3342+
MANAGE_USERS_MODE=false
3343+
DNSTT_MTU=1232
3344+
3345+
while [[ $# -gt 0 ]]; do
3346+
case "$1" in
3347+
--help|-h)
3348+
show_help
3349+
exit 0
3350+
;;
3351+
--about)
3352+
show_about
3353+
exit 0
3354+
;;
3355+
--status)
3356+
do_status
3357+
exit 0
3358+
;;
3359+
--manage)
3360+
do_manage
3361+
exit 0
3362+
;;
3363+
--uninstall)
3364+
do_uninstall
3365+
exit 0
3366+
;;
3367+
--remove-tunnel)
3368+
# If $2 looks like another flag (starts with --), treat as no tag given
3369+
if [[ -n "${2:-}" && "${2:0:2}" != "--" ]]; then
3370+
do_remove_tunnel "$2"
3371+
else
3372+
do_remove_tunnel ""
3373+
fi
3374+
exit 0
3375+
;;
3376+
--add-tunnel)
3377+
do_add_tunnel
3378+
exit 0
3379+
;;
3380+
--add-domain)
3381+
ADD_DOMAIN_MODE=true
3382+
shift
3383+
;;
3384+
--users)
3385+
MANAGE_USERS_MODE=true
3386+
shift
3387+
;;
3388+
--harden)
3389+
HARDEN_ONLY_MODE=true
3390+
shift
3391+
;;
3392+
--mtu)
3393+
if [[ -n "${2:-}" ]] && [[ "$2" =~ ^[0-9]+$ ]] && [[ "$2" -ge 512 ]] && [[ "$2" -le 1400 ]]; then
3394+
DNSTT_MTU="$2"
3395+
shift 2
3396+
else
3397+
echo "Error: --mtu requires a value between 512 and 1400"
3398+
exit 1
3399+
fi
3400+
;;
3401+
*)
3402+
echo "Unknown option: $1"
3403+
echo "Use --help for usage information."
3404+
exit 1
3405+
;;
3406+
esac
3407+
done
3408+
3409+
# ─── Validate conflicting flags ──────────────────────────────────────────────────
3410+
3411+
mode_count=0
3412+
[[ "$ADD_DOMAIN_MODE" == true ]] && ((mode_count++))
3413+
[[ "$HARDEN_ONLY_MODE" == true ]] && ((mode_count++))
3414+
[[ "$MANAGE_USERS_MODE" == true ]] && ((mode_count++))
3415+
if [[ $mode_count -gt 1 ]]; then
3416+
echo "Error: --add-domain, --harden, and --users cannot be combined."
3417+
exit 1
3418+
fi
3419+
34003420
# ─── Main ───────────────────────────────────────────────────────────────────────
34013421

34023422
main() {

0 commit comments

Comments
 (0)