From c2ad56d41af2975736e36ade147be1729396994f Mon Sep 17 00:00:00 2001
From: Black and Red <wesoly.krzysztofa@gmail.com>
Date: Thu, 2 Mar 2017 07:09:13 +0100
Subject: [PATCH] Added first working version - 1.0

---
 .gitignore                    |  4 ++++
 README.md                     | 26 +++++++++++++++++++++++++
 bin/bind-network.sh           | 36 +++++++++++++++++++++++++++++++++++
 bin/kill-previous-sessions.sh | 26 +++++++++++++++++++++++++
 bin/send-public-key.sh        | 18 ++++++++++++++++++
 conf.d/config-example.sh.md   |  9 +++++++++
 var/pids/.gitkeep             |  0
 7 files changed, 119 insertions(+)
 create mode 100644 .gitignore
 create mode 100755 bin/bind-network.sh
 create mode 100755 bin/kill-previous-sessions.sh
 create mode 100755 bin/send-public-key.sh
 create mode 100644 conf.d/config-example.sh.md
 create mode 100644 var/pids/.gitkeep

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7d372a6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/var/pids/*
+!/var/pids/.gitkeep
+/conf.d/*
+!/conf.d/config-example.sh.md
\ No newline at end of file
diff --git a/README.md b/README.md
index 0691c72..e10f8cb 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,28 @@
 # private-networking
 Networking solution written in Bash, based on reverse proxy
+Allows to create multiple reverse tunnels from inside of NAT to the external server.
+
+## Setup
+
+- Put your configuration files into `conf.d`
+
+```
+1. File must be with ".sh" extension
+2. File must be executable (eg. chmod +x "webserver.sh")
+3. File must be in a proper syntax and implement proper configuration variables
+   described as an example in the "config-example.sh.md"
+```
+   
+Send public key to all servers described in your configuration
+so the communication could be without a password using a ssh key.
+
+Run: `./bin/send-public-key.sh`
+
+- Bind your ports to the external server
+
+Run: `./bin/bind-network.sh`
+
+That's all!
+Your local services should be exposed to the remote server and be
+visible on eg. http://localhost:1234, so you need an internal proxy or
+a load balancer like nginx to forward the traffic to the internet.
diff --git a/bin/bind-network.sh b/bin/bind-network.sh
new file mode 100755
index 0000000..d87eecc
--- /dev/null
+++ b/bin/bind-network.sh
@@ -0,0 +1,36 @@
+#!/bin/bash
+
+#--------------------------------------------
+# Bind network ports to the remote server
+# using a reverse proxy strategy
+#
+# @author Wolnościowiec Team
+# @see https://wolnosciowiec.net
+#--------------------------------------------
+
+cd "$( dirname "${BASH_SOURCE[0]}" )"
+DIR=$(pwd)
+
+./kill-previous-sessions.sh
+
+for config_file_name in ../conf.d/*.sh
+do
+    echo " >> Reading $config_file_name"
+    source "$config_file_name"
+
+    for forward_ports in ${PORTS[*]}
+    do
+        IFS='>' read -r -a parts <<< "$forward_ports"
+        source_port=${parts[0]}
+        dest_port=${parts[1]}
+
+        echo " --> Forwarding $source_port:$PN_HOST:$dest_port"
+        autossh -M 0 -N -f -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -R "$source_port:$PN_HOST:$dest_port" "$PN_USER@$PN_HOST" -p $PN_PORT
+        echo $! >> ../var/pids/ssh-servers.pid
+
+        if [[ $? != 0 ]]; then
+            echo " ~ The port forwarding failed, please verify if your SSH keys are well installed"
+            exit 1
+        fi
+    done
+done
diff --git a/bin/kill-previous-sessions.sh b/bin/kill-previous-sessions.sh
new file mode 100755
index 0000000..3598bac
--- /dev/null
+++ b/bin/kill-previous-sessions.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+#--------------------------------------------
+# Kill all previously opened ssh sessions
+#
+# @author Wolnościowiec Team
+# @see https://wolnosciowiec.net
+#--------------------------------------------
+
+cd "$( dirname "${BASH_SOURCE[0]}" )"
+DIR=$(pwd)
+
+for config_file_name in ../conf.d/*.sh
+do
+    source "$config_file_name"
+
+    for forward_ports in ${PORTS[*]}
+    do
+        pid=$(ps aux |grep autossh|grep "$source_port:$PN_HOST:$dest_port"|grep -v "grep"|awk '{print $2}')
+
+        if [[ $pid ]]; then
+            echo " >> Killing $pid"
+            kill $pid
+        fi
+    done
+done
diff --git a/bin/send-public-key.sh b/bin/send-public-key.sh
new file mode 100755
index 0000000..b997760
--- /dev/null
+++ b/bin/send-public-key.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+cd "$( dirname "${BASH_SOURCE[0]}" )"
+DIR=$(pwd)
+
+if [[ ! -f ~/.ssh/id_rsa.pub ]]; then
+    echo " >> RSA key not found, generating"
+    ssh-keygen -t rsa -f ~/.ssh/id_rsa
+fi
+
+for config_file_name in ../conf.d/*.sh
+do
+    echo " >> Reading $config_file_name"
+    source "$config_file_name"
+
+    echo " >> Copying your ID to the $PN_USER@$PN_HOST:$PN_PORT, please log in"
+    ssh-copy-id -i ~/.ssh/id_rsa "$PN_USER@$PN_HOST" -p $PN_PORT
+done
diff --git a/conf.d/config-example.sh.md b/conf.d/config-example.sh.md
new file mode 100644
index 0000000..954f8b0
--- /dev/null
+++ b/conf.d/config-example.sh.md
@@ -0,0 +1,9 @@
+```
+PN_USER=xxx
+PN_PORT=22
+PN_HOST=mydomain.org
+
+# local port => destination port
+PORTS[0]="8000>80"
+PORTS[1]="22>2222"
+```
\ No newline at end of file
diff --git a/var/pids/.gitkeep b/var/pids/.gitkeep
new file mode 100644
index 0000000..e69de29