Mercurial > hg > anonet-resdb

view contrib/peer2anonet/peer2anonet @ 1202:306a7562f05e draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
????????: abs <post@abslimit.info> ?? ????? master ???? ????? ????????? ? ???????????? ? ?origin/master?. ?????????, ??????? ????? ???????? ? ??????: ????? ????: db/as/49608/owner ????? ????: db/dom/ano/abslimit/owner ????? ????: db/dom/ano/netstalking/owner ????? ????: db/ip/15/0A/0B/00/cidr ????? ????: db/ip/15/0A/0B/00/owner ????? ????: db/usr/abslimit/git
author abs <abs@abslimit.info>
date Sun, 13 May 2018 14:57:04 +0300
parents 5ec278277aa4
children
line wrap: on
line source

#!/bin/bash
if [[ $(id -u) != 0 ]]; then
    echo "peer2anonet: root privileges required."
    exit 1
fi

if [ -e /services/bird ]; then
    [ -e /etc/peer2anonet/bird.tar ] || ( cd /services ; echo "creating /etc/peer2anonet/bird.tar backup" ;\
    tar cf /etc/peer2anonet/bird.tar bird )
fi

[ -e contrib/peer2anonet/peer2anonet ] || echo "peer2anonet: not in \$RESDB_ROOT"
[ -e contrib/peer2anonet/peer2anonet ] || exit 1

[ -w /etc/rc.local ] && chmod +x /etc/rc.local
[ -w /etc/rc.d/rc.local ] && chmod +x /etc/rc.d/rc.local

USAGE(){
    echo -e '\npeer2anonet:'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --configure             generate a new local configuration and exit'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --update                regenerate peer configurations'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --configure-peer        generate a new peer configuration and update'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --rm-peer               remove a peer configuration and update'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --install-daemontools   installs daemontools'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp     installs ucspi-tcp'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --install-djbdns        installs djbdns'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --install-nacl          installs nacl'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --setup-qmail           installs and configures qmail'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --configure-dns         configures dnscache and tinydns zones'
    echo -e '\n    ./contrib/peer2anonet/peer2anonet --update-dns            updates tinydns-ano zone\n'
    exit 0
    }

mkdir -p /service
mkdir -p /services
mkdir -p /services/bird
mkdir -p /etc/peer2anonet
mkdir -p /etc/peer2anonet/peers

CONFIGURE(){
    echo -e '\nCONFIGURE:\n'
    read -p "   Enter your AnoNet subnet: " P2A_NET
    read -p "   Enter your AnoNet router: " P2A_ROUTE
    read -p "   Enter your peering ip: " P2A_IP
    read -p "   Enter your AnoNet asn: " P2A_ASN


    echo "P2A_NET=\"$P2A_NET\"">/etc/peer2anonet/p2a.conf
    echo "P2A_ROUTE=\"$P2A_ROUTE\"">>/etc/peer2anonet/p2a.conf
    echo "P2A_IP=\"$P2A_IP\"">>/etc/peer2anonet/p2a.conf
    echo "P2A_ASN=\"$P2A_ASN\"">>/etc/peer2anonet/p2a.conf
    echo -e '\npeer2anonet: configured\n'

    NICK=`cat conf/git_name`
    ./scripts/add_as $P2A_ASN $NICK
    ./scripts/add_ip $P2A_NET/24 $NICK "`cat conf/tinydns__srvrname`/`cat conf/tinydns__srvrip`"
    [ -e "db/usr/$NICK" ] || mkdir -p "db/usr/$NICK"
    [ -e "db/usr/$NICK/git" ] || echo "git://git.$NICK.ano/">"db/usr/$NICK/git"
    [ -e "db/usr/$NICK/email" ] || echo "`cat conf/git_email`">"db/usr/$NICK/email"
    exit 0
    }

UPDATE(){
    if [ -e /etc/peer2anonet/p2a.conf ]; then
        source /etc/peer2anonet/p2a.conf
    else
        CONFIGURE
        exit 0
    fi

    echo -e '\nUPDATE:\n'
    if [[ $(ls /etc/peer2anonet/peers) ]]; then
        for PEER in `ls /etc/peer2anonet/peers`; do
            if [ -e /etc/peer2anonet/peers/"$PEER"/remote_ip ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/remote_ip`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/remote_ip is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/remote_ip not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/peering_ip ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/peering_ip`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/peering_ip is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/peering_ip not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/remote_port ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/remote_port`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/remote_port is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/remote_port not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/local_port ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/local_port`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/local_port is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/local_port not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/asn ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/asn`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/asn is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/asn not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/pubkey ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/pubkey`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/pubkey is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/pubkey not exists"
                exit 1
            fi

            if [ -e /etc/peer2anonet/peers/"$PEER"/seckey ]; then
                if [[ $(echo X`cat /etc/peer2anonet/peers/"$PEER"/seckey`) == 'X' ]]; then
                    echo "   fatal error: /etc/peer2anonet/peers/$PEER/seckey is void"
                    exit 1
                fi
            else
                echo "   fatal error: /etc/peer2anonet/peers/$PEER/seckey not exists"
                exit 1
            fi
        done
    else
        echo "   fatal error: peering configurations not exists"
        exit 1
    fi

    echo '#!/bin/bash
bird -c bird.conf -d' > /services/bird/run
    chmod +x /services/bird/run

    if [ -e /etc/peer2anonet/bird.conf ]; then
        cp /etc/peer2anonet/bird.conf /services/bird/bird.conf
    else
        echo "function n_AnoNet_mine (prefix arg) {
 if arg ~ [ $P2A_NET/24+ ] then return true;
return false; };

function n_AnoNet (prefix arg) {
 if arg ~ [ 1.0.0.0/8+ ] then return true;
return false; };

filter only_AnoNet_ebgp {
 if n_AnoNet(net) then
  if !n_AnoNet_mine(net) then
   accept \"AnoNet\";
  else reject \"mine\";
reject \"non-AnoNet\"; };

filter only_AnoNet_ebgp_export {
 if n_AnoNet(net) then accept \"AnoNet\";
reject \"non-AnoNet\"; };

filter only_AnoNet {
 if n_AnoNet(net) then accept \"AnoNet\";
reject \"non-AnoNet\"; };

table AnoNet_routes;

protocol pipe pipe_AnoNet_routes { peer table AnoNet_routes; mode transparent;
 import filter only_AnoNet;
 export filter only_AnoNet;
};

protocol static static_AnoNet_routes { table AnoNet_routes;
 route $P2A_NET/24 drop;
}

protocol kernel {
 scan time 10;
 import all;
 export all;
}

protocol device {
 scan time 900;
}

protocol direct direct_AnoNet_routes { table AnoNet_routes;
 interface \"eth0\";
 import filter only_AnoNet;
}" > /services/bird/bird.conf
    fi

    for PEER in `ls /etc/peer2anonet/peers`; do
        mkdir -p /services/"$PEER"
        REMOTEIP=`cat /etc/peer2anonet/peers/"$PEER"/remote_ip`
        PEERIP=`cat /etc/peer2anonet/peers/"$PEER"/peering_ip`
        PEERPORT=`cat /etc/peer2anonet/peers/"$PEER"/remote_port`
        LOCALPORT=`cat /etc/peer2anonet/peers/"$PEER"/local_port`
        PEERASN=`cat /etc/peer2anonet/peers/"$PEER"/asn`
        PUBKEY=`cat /etc/peer2anonet/peers/"$PEER"/pubkey`
        SECKEY=`cat /etc/peer2anonet/peers/"$PEER"/seckey`

        echo "
protocol bgp $PEER { table AnoNet_routes;
 local as $P2A_ASN;
 neighbor $PEERIP as $PEERASN;
 source address $P2A_IP;
 import filter only_AnoNet_ebgp;
 export filter only_AnoNet_ebgp_export;
}" >> /services/bird/bird.conf

        if [ -e /etc/peer2anonet/peers/"$PEER"/run ]; then
          test -L /services/"$PEER"/run || rm -f /services/"$PEER"/run
          test -L /services/"$PEER"/run || ln -s /etc/peer2anonet/peers/"$PEER"/run /services/"$PEER"/run
        else
            echo "#!/bin/bash

# uncomment for debugging. you'll need to use ./run to view output instead
# of svc -u /service/<peer name>
#
#export DEBUG=1

# uncomment if your peer has a dynamic IP
#
#export REMOTE_FLOAT=1

if [[ \$REMOTE_FLOAT != 1 ]]; then
  export REMOTE_ADDRESS=\`cat /etc/peer2anonet/peers/$PEER/remote_ip\`
  export REMOTE_PORT=\`cat /etc/peer2anonet/peers/$PEER/remote_port\`
fi

# not recommended to change these values
#
export LOCAL_PORT=\`cat /etc/peer2anonet/peers/$PEER/local_port\`
export PRIVATE_KEY=\`cat /etc/peer2anonet/peers/$PEER/seckey\`
export PUBLIC_KEY=\`cat /etc/peer2anonet/peers/$PEER/pubkey\`
export TUN_MODE=1
export INTERFACE=ppp-$PEER

# uncomment if you want to nuke your default gateway and configure
# routes only to peers through IcannNet. If any of your peers use
# dynamic IP's or you use Tor or i2p then this is probably NOT a
# good idea. You may need to modify the DEFAULT_ROUTE code below.
# If you run into problems with this please /msg /relayhell/d3v11
# so I can create a patch.
#
#DEFAULT_ROUTE=\`ip route show | grep default | cut -d' ' -f 3\`
#route del default gw \$DEFAULT_ROUTE
#route add \$REMOTE_ADDRESS gw \$DEFAULT_ROUTE

( sleep 5;
 ip addr add $P2A_IP peer \`cat /etc/peer2anonet/peers/$PEER/peering_ip\`/32 dev \$INTERFACE scope link
 ip addr add $P2A_ROUTE/32 dev \$INTERFACE scope global
 ip link set dev \$INTERFACE up

# comment the following ping line to remove pinghack. this is a
# trick used to help bird connect.
#
 ping -c 1 -I \$INTERFACE \`cat /etc/peer2anonet/peers/$PEER/peering_ip\` -r -w 5

) &
exec /usr/sbin/quicktun.nacltai" > /etc/peer2anonet/peers/$PEER/run
        fi
        chmod +x /etc/peer2anonet/peers/"$PEER"/run
        test -L /services/"$PEER"/run || rm -f /services/"$PEER"/run
        test -L /services/"$PEER"/run || ln -s /etc/peer2anonet/peers/"$PEER"/run /services/"$PEER"/run
        test -L "/service/$PEER" && svc -t "/service/$PEER"
        test -L "/service/$PEER" || ln -s "/services/$PEER" "/service/$PEER"
    done
    test -L /service/bird || ln -s /services/bird /service/bird
    echo configure | birdc
    }

CONFIGURE_PEER(){
    if [ -e /etc/peer2anonet/p2a.conf ]; then
        source /etc/peer2anonet/p2a.conf
    else
        CONFIGURE
        exit 0
    fi

    echo -e '\nCONFIGURE PEER:\n'
    read -p "   Enter your peer's name: " PEER
    read -p "   Enter your peer's remote ip: " REMOTEIP
    read -p "   Enter your peer's peering ip: " PEERIP
    read -p "   Enter your peer's remote port: " PEERPORT
    read -p "   Enter your local port: " LOCALPORT
    read -p "   Enter your peer's asn: " PEERASN
    read -p "   Enter your peer's public key: " PUBKEY
    read -p "   Enter your private key: " SECKEY
    [ -e /etc/peer2anonet/peers/"$PEER" ] && rm -r /etc/peer2anonet/peers/"$PEER"
    mkdir -p /etc/peer2anonet/peers/"$PEER"
    echo $REMOTEIP >/etc/peer2anonet/peers/"$PEER"/remote_ip
    echo $PEERIP >/etc/peer2anonet/peers/"$PEER"/peering_ip
    echo $PEERPORT >/etc/peer2anonet/peers/"$PEER"/remote_port
    echo $LOCALPORT >/etc/peer2anonet/peers/"$PEER"/local_port
    echo $PEERASN >/etc/peer2anonet/peers/"$PEER"/asn
    echo $PUBKEY >/etc/peer2anonet/peers/"$PEER"/pubkey
    echo $SECKEY >/etc/peer2anonet/peers/"$PEER"/seckey
    echo -e "\n   configured $PEER\n"
    }

RM_PEER(){
    if [ -e /etc/peer2anonet/p2a.conf ]; then
        source /etc/peer2anonet/p2a.conf
    else
        CONFIGURE
        exit 0
    fi

    echo -e '\nRM PEER:\n'
    read -p "   Enter your peer's name: " PEER
    if [ -e /etc/peer2anonet/peers/"$PEER" ]; then
        rm -r /etc/peer2anonet/peers/"$PEER"
        echo
        echo -e "   removed /etc/peer2anonet/peers/$PEER\n"
    else
        echo
        echo -e "   fatal error: /etc/peer2anonet/peers/$PEER not exists\n"
        exit 1
    fi
    }

INSTALL_DAEMONTOOLS(){
    echo -e '\nINSTALL DAEMONTOOLS:\n'
    [[ $(echo X`which gcc`) == X ]] && echo '   fatal error: cannot find gcc'
    [[ $(echo X`which gcc`) == X ]] && exit 1
    [[ $(echo X`which make`) == X ]] && echo '   fatal error: cannot find make'
    [[ $(echo X`which make`) == X ]] && exit 1

    if [ -w /etc/inittab ]; then :
    elif [ -w /etc/rc.local ] && ! [ -w /etc/inittab ]; then
        sed -i "s/exit 0/exec \/command\/svscanboot \&/" /etc/rc.local
        chmod +x /etc/rc.local
    else
        echo '   fatal error: cannot create reliable startup'
        exit 1
    fi

    mkdir -p /package
    chmod 1755 /package
    cd /package
    wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
    gunzip daemontools-0.76.tar
    tar -xpf daemontools-0.76.tar
    rm -f daemontools-0.76.tar
    cd admin/daemontools-0.76
    sed -i 's/gcc/gcc -include errno.h/g' src/conf-cc
    package/install
    exec /command/svscanboot >/dev/null 2>&1 &
    }

INSTALL_UCSPI_TCP(){
    echo -e '\nINSTALL UCSPI-TCP:\n'
    [[ $(echo X`which gcc`) == X ]] && echo '   fatal error: cannot find gcc'
    [[ $(echo X`which gcc`) == X ]] && exit 1
    [[ $(echo X`which make`) == X ]] && echo '   fatal error: cannot find make'
    [[ $(echo X`which make`) == X ]] && exit 1
    cd /usr/local/src
    wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
    gunzip ucspi-tcp-0.88.tar
    tar -xf ucspi-tcp-0.88.tar
    cd ucspi-tcp-0.88
    sed -i 's/gcc/gcc -include errno.h/g' conf-cc
    make
    make setup check
    }

SETUP_QMAIL(){
    echo -e '\nSETUP QMAIL:\n'

    echo -e '\tWARN:\n'
    echo -e '\tYou should patch or firewall off qmail from'
    echo -e '\treaching IcannNet so someone cannot harvest'
    echo -e '\tyour IP with the mailerdaemon response.'

    [[ $(echo X`which gcc`) == X ]] && echo '   fatal error: cannot find gcc'
    [[ $(echo X`which gcc`) == X ]] && exit 1
    [[ $(echo X`which make`) == X ]] && echo '   fatal error: cannot find make'
    [[ $(echo X`which make`) == X ]] && exit 1
    [[ $(echo X`which tcpserver`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp'
    [[ $(echo X`which tcpserver`) == X ]] && exit 1
    [[ $(echo X`which svscanboot`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-daemontools'
    [[ $(echo X`which svscanboot`) == X ]] && exit 1

    NICK=`cat conf/git_name` || exit 1
    MX_IP=`cat conf/gitd_ip` || exit 1
    MX_DOMAIN="a.mx.$NICK.ano" || exit 1

    if [ -e /services/tinydns ]; then
        (
            cd /services
            echo "creating /etc/peer2anonet/tinydns.tar backup"
            tar cf /etc/peer2anonet/tinydns.tar tinydns
            echo "@$NICK.ano:$MX_IP:a:12801:86400">>/services/tinydns/root/data
        )
    else
        echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --configure-dns'
        exit 1
    fi

    (
        cd /services/tinydns/root
        make
        cd /service
        sleep 5
        svc -t dnscache tinydns tinydns-ano tinydns-root
    )

    useradd qmaillog || exit 1

    if [ -w /etc/rc.local ]; then
        if [[ $(cat /etc/rc.local) != *"ip addr add $MX_IP/32 dev lo &"* ]]; then
            echo "ip addr add $MX_IP/32 dev lo &" >> /etc/rc.local
        fi
    elif [ -w /etc/rc.d/rc.local ]; then
        if [[ $(cat /etc/rc.d/rc.local) != *"ip addr add $MX_IP/32 dev lo &"* ]]; then
            echo "ip addr add $MX_IP/32 dev lo &" >> /etc/rc.d/rc.local
        fi
    else
        (
          mkdir -p /services/qmail-ips
          echo "#!/bin/sh -e" > /services/qmail-ips/run
          echo "ip addr add $MX_IP/32 dev lo &" >> /services/qmail-ips/run
          echo "svc -d ." /services/qmail-ips/run
          chmod +x /services/qmail-ips/run
          test -L /service/qmail-ips || ln -s /services/qmail-ips /service/qmail-ips
        )
    fi

    ip addr add $MX_IP/32 dev lo > /dev/null 2>&1

    if [ -e '/var/qmail/bin/qmail-qmtpd' ] || ! [ -e '/var/qmail/bin/qmail-smtpd' ]; then
        cd /usr/local/src
        wget http://www.srn.ano/software/qmail-1.03.tar.gz
        tar xzf qmail-1.03.tgz
        cd qmail-1.03
        unset http_proxy
        wget -O- http://www.srn.ano/patches/qmail-1.03-qmtpc.patch | patch -p1
        mkdir /var/qmail
        groupadd nofiles
        useradd -g nofiles -d /var/qmail/alias alias
        useradd -g nofiles -d /var/qmail qmaild
        useradd -g nofiles -d /var/qmail qmaill
        useradd -g nofiles -d /var/qmail qmailp
        groupadd qmail
        useradd -g qmail -d /var/qmail qmailq
        useradd -g qmail -d /var/qmail qmailr
        useradd -g qmail -d /var/qmail qmails
        sed -i 's/gcc/gcc -include errno.h/g' conf-cc
        make setup check
        ./config-fast $MX_DOMAIN
        echo yourdomain.ano >>/var/qmail/control/locals
        echo yourdomain.ano >>/var/qmail/control/rcpthosts
        (cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root)
        chmod 644 ~alias/.qmail*
    fi

    mkdir -p /services/qmail
    mkdir -p /services/qmail/log
    mkdir -p /services/qmail/log/main
    chown qmaillog /services/qmail/log/main
    echo -e '#!/bin/sh\nexec env - PATH="/var/qmail/bin:/usr/local/bin:/usr/bin:/bin" qmail-start ./Mailbox' >/services/qmail/run
    chmod +x /services/qmail/run
    echo -e '#!/bin/sh\nexec setuidgid qmaillog multilog t s10000 n4 ./main' >/services/qmail/log/run
    chmod +x /services/qmail/log/run

    ( cd / ; ln -s /services/qmail /service )

    mkdir -p /services/qmail-smtpd
    mkdir -p /services/qmail-smtpd/log
    mkdir -p /services/qmail-smtpd/log/main
    chown qmaillog /services/qmail-smtpd/log/main
    echo -e echo -e '#!/bin/sh\nexec envuidgid qmaild tcpserver -U -c 100 '$MX_IP' smtp /var/qmail/bin/qmail-smtpd' >/services/qmail-smtpd/run
    chmod +x /services/qmail-smtpd/run
    echo -e '#!/bin/sh\nexec setuidgid qmaillog multilog t s10000 n4 ./main' >/services/qmail-smtpd/log/run
    chmod +x /services/qmail-smtpd/log/run

    ( cd / ; ln -s /services/qmail-smtpd /service )

    mkdir -p /services/qmail-qmtpd
    mkdir -p /services/qmail-qmtpd/log
    mkdir -p /services/qmail-qmtpd/log/main
    chown qmaillog /services/qmail-qmtpd/log/main
    echo -e echo -e '#!/bin/sh\nexec envuidgid qmaild tcpserver -U -c 100 '$MX_IP' qmtp /var/qmail/bin/qmail-qmtpd' >/services/qmail-qmtpd/run
    chmod +x /services/qmail-qmtpd/run
    echo -e '#!/bin/sh\nexec setuidgid qmaillog multilog t s10000 n4 ./main' >/services/qmail-qmtpd/log/run
    chmod +x /services/qmail-qmtpd/log/run

    ( cd / ; ln -s /services/qmail-qmtpd /service )

    (
        cd /
        [ -e /usr/sbin/sendmail ] && mv /usr/sbin/sendmail /usr/sbin/sendmail.bak
        ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
    )

    echo 'export MAIL=~/Mailbox' >>/etc/profile
    }

INSTALL_DJBDNS(){
    echo -e '\nINSTALL DJBDNS:\n'
    [[ $(echo X`which gcc`) == X ]] && echo '   fatal error: cannot find gcc'
    [[ $(echo X`which gcc`) == X ]] && exit 1
    [[ $(echo X`which make`) == X ]] && echo '   fatal error: cannot find make'
    [[ $(echo X`which make`) == X ]] && exit 1
    [[ $(echo X`which tcpserver`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp'
    [[ $(echo X`which tcpserver`) == X ]] && exit 1
    [[ $(echo X`which svscanboot`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-daemontools'
    [[ $(echo X`which svscanboot`) == X ]] && exit 1
    cd /usr/local/src
    wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz
    gunzip djbdns-1.05.tar
    tar -xf djbdns-1.05.tar
    cd djbdns-1.05
    echo gcc -O2 -include /usr/include/errno.h > conf-cc
    make
    make setup check
    }

CONFIGURE_DNS(){
    if [ -e /etc/peer2anonet/p2a.conf ]; then
        source /etc/peer2anonet/p2a.conf
    else
        CONFIGURE
        exit 0
    fi

    [[ $(echo X`which tcpserver`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp'
    [[ $(echo X`which tcpserver`) == X ]] && exit 1
    [[ $(echo X`which svscanboot`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-daemontools'
    [[ $(echo X`which svscanboot`) == X ]] && exit 1
    [[ $(echo X`which tinydns`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-djbdns'
    [[ $(echo X`which tinydns`) == X ]] && exit 1

    if [ -e /services/dnscache ]; then
        [ -e /etc/peer2anonet/dnscache.tar ] || ( cd /services ; echo "creating /etc/peer2anonet/dnscache.tar backup" ;\
        tar cf /etc/peer2anonet/dnscache.tar dnscache )
    fi
    if [ -e /services/tinydns ]; then
        [ -e /etc/peer2anonet/tinydns.tar ] || ( cd /services ; echo "creating /etc/peer2anonet/tinydns.tar backup" ;\
        tar cf /etc/peer2anonet/tinydns.tar tinydns )
    fi
    if [ -e /services/tinydns-ano ]; then
        [ -e /etc/peer2anonet/tinydns-ano.tar ] || ( cd /services ; echo "creating /etc/peer2anonet/tinydns-ano.tar backup" ;\
        tar cf /etc/peer2anonet/tinydns-ano.tar tinydns-ano )
    fi
    if [ -e /services/tinydns-root ]; then
        [ -e /etc/peer2anonet/tinydns-root.tar ] || ( cd /services ; echo "creating /etc/peer2anonet/tinydns-root.tar backup" ;\
        tar cf /etc/peer2anonet/tinydns-root.tar tinydns-root )
    fi

    (
        cd /service
        svc -d dnscache tinydns tinydns-ano tinydns-root >/dev/null 2>&1
        rm -f dnscache tinydns tinydns-ano tinydns-root
        cd /services
        rm -rf dnscache tinydns tinydns-ano tinydns-root
    )

    echo -e '\nCONFIGURE DNS:\n'
    NICK=`cat conf/git_name` || exit 1
    TINYDNS_ROOT_IP=`cat conf/tinydns__rootsrvrip` || exit 1
    TINYDNS_ROOT_DOMAIN=`cat conf/tinydns__rootsrvrname` || exit 1
    TINYDNS_ANO_IP=`cat conf/tinydns__tldsrvrip` || exit 1
    TINYDNS_ANO_DOMAIN=`cat conf/tinydns__tldsrvrname` || exit 1
    TINYDNS_IP=`cat conf/tinydns__srvrip` || exit 1
    TINYDNS_DOMAIN=`cat conf/tinydns__srvrname` || exit 1
    GIT_IP=`cat conf/gitd_ip` || exit 1
    GIT_DOMAIN="git.$NICK.ano"

    ./scripts/add_dom $NICK.ano $NICK $TINYDNS_DOMAIN/$TINYDNS_IP > /dev/null 2>&1

    if [ -w /etc/rc.local ]; then
        if [[ $(cat /etc/rc.local) != *"ip addr add $TINYDNS_ROOT_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_ROOT_IP/32 dev lo &" >> /etc/rc.local
        fi
        if [[ $(cat /etc/rc.local) != *"ip addr add $TINYDNS_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_IP/32 dev lo &" >> /etc/rc.local
        fi
        if [[ $(cat /etc/rc.local) != *"ip addr add $TINYDNS_ANO_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_ANO_IP/32 dev lo &" >> /etc/rc.local
        fi
        if [[ $(cat /etc/rc.local) != *"ip addr add $GIT_IP/32 dev lo &"* ]]; then
        echo "ip addr add $GIT_IP/32 dev lo &" >> /etc/rc.local
        fi
    elif [ -w /etc/rc.d/rc.local ]; then
        if [[ $(cat /etc/rc.d/rc.local) != *"ip addr add $TINYDNS_ROOT_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_ROOT_IP/32 dev lo &" >> /etc/rc.d/rc.local
        fi
        if [[ $(cat /etc/rc.d/rc.local) != *"ip addr add $TINYDNS_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_IP/32 dev lo &" >> /etc/rc.d/rc.local
        fi
        if [[ $(cat /etc/rc.d/rc.local) != *"ip addr add $TINYDNS_ANO_IP/32 dev lo &"* ]]; then
            echo "ip addr add $TINYDNS_ANO_IP/32 dev lo &" >> /etc/rc.d/rc.local
        fi
        if [[ $(cat /etc/rc.d/rc.local) != *"ip addr add $GIT_IP/32 dev lo &"* ]]; then
        echo "ip addr add $GIT_IP/32 dev lo &" >> /etc/rc.d/rc.local
        fi
    else
        (
          mkdir -p /services/tinydns-ips
          echo "#!/bin/sh -e" > /services/tinydns-ips/run
          echo "ip addr add $TINYDNS_ROOT_IP/32 dev lo &" >> /services/tinydns-ips/run
          echo "ip addr add $TINYDNS_IP/32 dev lo &" >> /services/tinydns-ips/run
          echo "ip addr add $TINYDNS_ANO_IP/32 dev lo &" >> /services/tinydns-ips/run
          echo "ip addr add $GIT_IP/32 dev lo &" >> /services/tinydns-ips/run
          echo "svc -d ." /services/tinydns-ips/run
          chmod +x /services/tinydns-ips/run
          test -L /service/tinydns-ips || ln -s /services/tinydns-ips /service/tinydns-ips
        )
    fi

    ip addr add $TINYDNS_ROOT_IP/32 dev lo > /dev/null 2>&1
    ip addr add $TINYDNS_IP/32 dev lo > /dev/null 2>&1
    ip addr add $TINYDNS_ANO_IP/32 dev lo > /dev/null 2>&1
    ip addr add $GIT_IP/32 dev lo > /dev/null 2>&1

    useradd gdnscache
    useradd gdnslog
    useradd gtinydns

    dnscache-conf gdnscache gdnslog /services/dnscache
    mv /services/dnscache/root/servers/@ /services/dnscache/root/servers/@.icann
    echo $TINYDNS_ROOT_IP >/services/dnscache/root/servers/@
    echo 'nameserver 127.0.0.1' >/etc/resolv.conf


    tinydns-conf gtinydns gdnslog /services/tinydns $TINYDNS_IP
    (
        cd /services/tinydns/root
        ./add-ns $NICK.ano $TINYDNS_IP
        ./add-alias $GIT_DOMAIN $GIT_IP
        ./add-alias $TINYDNS_ROOT_DOMAIN $TINYDNS_ROOT_IP
        ./add-alias $TINYDNS_ANO_DOMAIN $TINYDNS_ANO_IP
        make
    )

    tinydns-conf gtinydns gdnslog /services/tinydns-root $TINYDNS_ROOT_IP
    ./scripts/nameserver_autogen/tinydns_root_datafile > /services/tinydns-root/root/data
    ( cd /services/tinydns-root/root ; make )

    tinydns-conf gtinydns gdnslog /services/tinydns-ano $TINYDNS_ANO_IP
    ./scripts/nameserver_autogen/tinydns_tld_datafile > /services/tinydns-ano/root/data
    ( cd /services/tinydns-ano/root ; make )

    (
        cd /
        ln -s /services/dnscache /service/dnscache
        ln -s /services/tinydns /service/tinydns
        ln -s /services/tinydns-ano /service/tinydns-ano
        ln -s /services/tinydns-root /service/tinydns-root
        cd /service ; sleep 5 ; svc -t dnscache tinydns tinydns-ano tinydns-root
    )
    }

INSTALL_DJBDNS(){
    echo -e '\nINSTALL DJBDNS:\n'
    [[ $(echo X`which gcc`) == X ]] && echo '   fatal error: cannot find gcc'
    [[ $(echo X`which gcc`) == X ]] && exit 1
    [[ $(echo X`which make`) == X ]] && echo '   fatal error: cannot find make'
    [[ $(echo X`which make`) == X ]] && exit 1
    [[ $(echo X`which tcpserver`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp'
    [[ $(echo X`which tcpserver`) == X ]] && exit 1
    [[ $(echo X`which svscanboot`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-daemontools'
    [[ $(echo X`which svscanboot`) == X ]] && exit 1
    cd /usr/local/src
    wget http://cr.yp.to/djbdns/djbdns-1.05.tar.gz
    gunzip djbdns-1.05.tar
    tar -xf djbdns-1.05.tar
    cd djbdns-1.05
    echo gcc -O2 -include /usr/include/errno.h > conf-cc
    make
    make setup check
    }

UPDATE_DNS(){
    if [ -e /etc/peer2anonet/p2a.conf ]; then
        source /etc/peer2anonet/p2a.conf
    else
        CONFIGURE
        exit 0
    fi

    [[ $(echo X`which tcpserver`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-ucspi-tcp'
    [[ $(echo X`which tcpserver`) == X ]] && exit 1
    [[ $(echo X`which svscanboot`) == X ]] && echo '   fatal error: needs ./contrib/peer2anonet/peer2anonet --install-daemontools'
    [[ $(echo X`which svscanboot`) == X ]] && exit 1

    if [ -e /services/tinydns-ano ]; then
        (
            cd /services
            echo "creating /etc/peer2anonet/tinydns-ano.tar backup"
            tar cf /etc/peer2anonet/tinydns-ano.tar tinydns-ano
        )
    fi

    echo -e '\nUPDATE DNS:\n'
    ./scripts/nameserver_autogen/tinydns_tld_datafile > /services/tinydns-ano/root/data
    ( cd /services/tinydns-ano/root ; make )

    (
        cd /service
        sleep 5
        svc -t dnscache tinydns tinydns-ano tinydns-root
    )
    }

INSTALL_NACL(){
    cd /usr/local/src
    wget http://hyperelliptic.org/nacl/nacl-20110221.tar.bz2
    bunzip2 < nacl-20110221.tar.bz2 | tar -xf -
    cd nacl-20110221
    ./do
    }


if [ "$1" == '--configure' ]; then
    CONFIGURE
elif [ "$1" == '--update' ]; then
    UPDATE
elif [ "$1" == '--configure-peer' ]; then
    CONFIGURE_PEER
    UPDATE
elif [ "$1" == '--rm-peer' ]; then
    RM_PEER
    UPDATE
elif [ "$1" == '--install-daemontools' ]; then
    INSTALL_DAEMONTOOLS
elif [ "$1" == '--install-ucspi-tcp' ]; then
    INSTALL_UCSPI_TCP
elif [ "$1" == '--install-djbdns' ]; then
    INSTALL_DJBDNS
elif [ "$1" == '--install-nacl' ]; then
    INSTALL_NACL
elif [ "$1" == '--setup-qmail' ]; then
    SETUP_QMAIL
elif [ "$1" == '--configure-dns' ]; then
    CONFIGURE_DNS
elif [ "$1" == '--update-dns' ]; then
    UPDATE_DNS
else
    USAGE
fi