Skip to content

Instantly share code, notes, and snippets.

@husjon

husjon/binds_on_mount.sh

Forked from alexandrusavin/binds_on_mount.sh
Created June 8, 2023 17:52
Show Gist options
  • Save husjon/81efa207166e937d328350dd3db12911 to your computer and use it in GitHub Desktop.
Save husjon/81efa207166e937d328350dd3db12911 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -20,7 +20,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`

    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._
    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` and `../../archive` folders to get access in the next steps._

    1. `cd` to `./live/[your.domain]`

  2. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 2 additions and 2 deletions.
    4 changes: 2 additions & 2 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -18,9 +18,9 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. Execute certbot to create the certificate

    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`
    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`

    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._
    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._

    1. `cd` to `./live/[your.domain]`

  3. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 3 additions and 4 deletions.
    7 changes: 3 additions & 4 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -18,10 +18,9 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. Execute certbot to create the certificate

    ```
    sudo certbot certonly --standalone --config-dir . --logs-dir . --work-dir .
    ```
    When promted select `Spin up a temporary webserver (standalone)`
    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`

    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._

    1. `cd` to `./live/[your.domain]`

  4. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 31 additions and 6 deletions.
    37 changes: 31 additions & 6 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -9,38 +9,63 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279
    1. Enable JFFS2 Support form Administration tab

    1. Create the certificate files

    1. Install certbot

    `brew install certbot`

    1. Go to a folder where you will configure certbot

    1. Execute certbot to create the certificate

    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`
    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._
    ```
    sudo certbot certonly --standalone --config-dir . --logs-dir . --work-dir .
    ```
    When promted select `Spin up a temporary webserver (standalone)`

    1. `cd` to `./live/[your.domain]`

    1. Create rsa key from private key
    ```bash
    openssl rsa -in privkey.pem -out key.pem
    ```

    `openssl rsa -in privkey.pem -out key.pem`

    1. Put the certificate files into the router

    1. cd to jffs

    `cd /jffs`

    1. create startup folder
    `mkdir startup && cd startup`

    `mkdir startup && cd startup`

    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable

    `chmod +x binds_on_mount.sh`

    1. create etc folder in jffs and cd in it

    `mkdir /jffs/etc && cd /jffs/etc`

    1. create the certificate files from local certbot files

    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. Remove portfw and enable Web GUI Management remote access from Administration tab

    1. Web Access
    1. Protocol: Check https and Uncheck http

    1. Remote Access

    1. Web GUI Management: Enable

    1. Web GUI Port: 443

    1. Test by executing the script and then try to access the web gui. If the browser has a green lock next to the address than everything is correct.

    1. Add command to execute the script on startup

    1. save this command as `Startup` in Administration > Commands

    `cd /jffs/startup && ./binds_on_mount.sh > ./log`
  5. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -15,6 +15,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279
    1. Go to a folder where you will configure certbot

    1. Execute certbot to create the certificate

    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`
    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._
    1. `cd` to `./live/[your.domain]`
  6. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 6 additions and 33 deletions.
    39 changes: 6 additions & 33 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -9,64 +9,37 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279
    1. Enable JFFS2 Support form Administration tab

    1. Create the certificate files

    1. Install certbot

    `brew install certbot`

    1. Go to a folder where you will configure certbot

    1. Execute certbot to create the certificate

    ```
    sudo certbot certonly --standalone --config-dir . --logs-dir . --work-dir .
    ```

    When promted select `Spin up a temporary webserver (standalone)`

    `certbot certonly --standalone --config-dir . --logs-dir . --work-dir .`
    _If it says it cannot bind to port `80` it means you need to add `sudo` to the above command. If the case then you'll need to change ownsership (`chow`) of the `live` folder to get access in the next steps._
    1. `cd` to `./live/[your.domain]`

    1. Create rsa key from private key

    `openssl rsa -in privkey.pem -out key.pem`

    ```bash
    openssl rsa -in privkey.pem -out key.pem
    ```
    1. Put the certificate files into the router

    1. cd to jffs

    `cd /jffs`

    1. create startup folder

    `mkdir startup && cd startup`

    `mkdir startup && cd startup`
    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable

    `chmod +x binds_on_mount.sh`

    1. create etc folder in jffs and cd in it

    `mkdir /jffs/etc && cd /jffs/etc`

    1. create the certificate files from local certbot files

    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. Remove portfw and enable Web GUI Management remote access from Administration tab

    1. Web Access
    1. Protocol: Check https and Uncheck http

    1. Remote Access

    1. Web GUI Management: Enable

    1. Web GUI Port: 443

    1. Test by executing the script and then try to access the web gui. If the browser has a green lock next to the address than everything is correct.

    1. Add command to execute the script on startup

    1. save this command as `Startup` in Administration > Commands

    `cd /jffs/startup && ./binds_on_mount.sh > ./log`
  7. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -21,6 +21,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279
    ```
    sudo certbot certonly --standalone --config-dir . --logs-dir . --work-dir .
    ```

    When promted select `Spin up a temporary webserver (standalone)`

    1. `cd` to `./live/[your.domain]`
  8. @alexandrusavin alexandrusavin revised this gist Mar 3, 2019. 1 changed file with 4 additions and 4 deletions.
    8 changes: 4 additions & 4 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -18,12 +18,12 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. Execute certbot to create the certificate

    ```
    certbot certonly --config-dir . --logs-dir . --work-dir .
    ```
    sudo certbot certonly --standalone --config-dir . --logs-dir . --work-dir .
    ```
    When promted select `Spin up a temporary webserver (standalone)`

    1. Go to `./live/[your.domain]`
    1. `cd` to `./live/[your.domain]`

    1. Create rsa key from private key

    @@ -37,7 +37,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. create startup folder

    `mkdir startup`
    `mkdir startup && cd startup`

    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable

  9. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 15 additions and 4 deletions.
    19 changes: 15 additions & 4 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -49,11 +49,22 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. create the certificate files from local certbot files

    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. test by executing the script
    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. Remove portfw and enable Web GUI Management remote access from Administration tab

    1. Web Access
    1. Protocol: Check https and Uncheck http

    1. Remote Access

    1. Web GUI Management: Enable

    1. Web GUI Port: 443

    1. Test by executing the script and then try to access the web gui. If the browser has a green lock next to the address than everything is correct.

    1. Execute the script on startup
    1. Add command to execute the script on startup

    1. save this command as `Startup` in Administration > Commands

  10. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -29,7 +29,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    `openssl rsa -in privkey.pem -out key.pem`

    1. Put the certificate file into the router
    1. Put the certificate files into the router

    1. cd to jffs

  11. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 2 additions and 2 deletions.
    4 changes: 2 additions & 2 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -8,7 +8,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    1. Enable JFFS2 Support form Administration tab

    1. Create the certificate
    1. Create the certificate files

    1. Install certbot

    @@ -29,7 +29,7 @@ Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=279

    `openssl rsa -in privkey.pem -out key.pem`

    1. ssh into the router
    1. Put the certificate file into the router

    1. cd to jffs

  12. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,4 +1,4 @@
    Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=27979)
    Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=27979).

    1. Prepare the router

  13. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 2 additions and 0 deletions.
    2 changes: 2 additions & 0 deletions letsencrypt-ddwrt.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,3 +1,5 @@
    Inspired from this blog [post](https://www.dd-wrt.com/phpBB2/viewtopic.php?t=27979)

    1. Prepare the router

    1. Use portfw to forward port 80 and 445 to the ip of the computer where you have certbot installed
  14. @alexandrusavin alexandrusavin renamed this gist Feb 25, 2017. 1 changed file with 0 additions and 0 deletions.
    0 README.md → letsencrypt-ddwrt.md
    View file
    File renamed without changes.
  15. @alexandrusavin alexandrusavin revised this gist Feb 25, 2017. 1 changed file with 27 additions and 25 deletions.
    52 changes: 27 additions & 25 deletions README.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,56 +1,58 @@
    1. Prepare the router

    1. Use portfw to forward port 80 and 445 to the ip of the computer where you have certbot installed
    1. Use portfw to forward port 80 and 445 to the ip of the computer where you have certbot installed

    1. Enable Secure Shell from Services tab
    1. Enable Secure Shell from Services tab

    1. Enable JFFS2 Support form Administration tab
    1. Enable JFFS2 Support form Administration tab

    1. Create the certificate

    1. Install certbot
    `brew install certbot`
    1. Install certbot

    `brew install certbot`

    1. Go to a folder where you will configure certbot
    1. Go to a folder where you will configure certbot

    1. Execute certbot to create the certificate
    1. Execute certbot to create the certificate

    `certbot certonly --config-dir . --logs-dir . --work-dir .`
    ```
    certbot certonly --config-dir . --logs-dir . --work-dir .
    ```
    When promted select `Spin up a temporary webserver (standalone)`

    When promted select `Spin up a temporary webserver (standalone)`
    1. Go to `./live/[your.domain]`

    1. Go to `./live/[your.domain]`
    1. Create rsa key from private key

    1. Create rsa key from private key

    `openssl rsa -in privkey.pem -out key.pem`
    `openssl rsa -in privkey.pem -out key.pem`

    1. ssh into the router

    1. cd to jffs
    1. cd to jffs

    `cd /jffs`
    `cd /jffs`

    1. create startup folder
    1. create startup folder

    `mkdir startup`
    `mkdir startup`

    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable
    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable

    `chmod +x binds_on_mount.sh`
    `chmod +x binds_on_mount.sh`

    1. create etc folder in jffs and cd in it
    1. create etc folder in jffs and cd in it

    `mkdir /jffs/etc && cd /jffs/etc`
    `mkdir /jffs/etc && cd /jffs/etc`

    1. create the certificate files from local certbot files
    1. create the certificate files from local certbot files

    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. test by executing the script
    1. test by executing the script

    1. Execute the script on startup

    1. save this command as `Startup` in Administration > Commands
    1. save this command as `Startup` in Administration > Commands

    `cd /jffs/startup && ./binds_on_mount.sh > ./log`
    `cd /jffs/startup && ./binds_on_mount.sh > ./log`
  16. @alexandrusavin alexandrusavin created this gist Feb 25, 2017.
    56 changes: 56 additions & 0 deletions README.md
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,56 @@
    1. Prepare the router

    1. Use portfw to forward port 80 and 445 to the ip of the computer where you have certbot installed

    1. Enable Secure Shell from Services tab

    1. Enable JFFS2 Support form Administration tab

    1. Create the certificate

    1. Install certbot
    `brew install certbot`

    1. Go to a folder where you will configure certbot

    1. Execute certbot to create the certificate

    `certbot certonly --config-dir . --logs-dir . --work-dir .`

    When promted select `Spin up a temporary webserver (standalone)`

    1. Go to `./live/[your.domain]`

    1. Create rsa key from private key

    `openssl rsa -in privkey.pem -out key.pem`

    1. ssh into the router

    1. cd to jffs

    `cd /jffs`

    1. create startup folder

    `mkdir startup`

    1. create the script (`binds_on_mount.sh`) that binds certificate files and make it executable

    `chmod +x binds_on_mount.sh`

    1. create etc folder in jffs and cd in it

    `mkdir /jffs/etc && cd /jffs/etc`

    1. create the certificate files from local certbot files

    1. paste contents of `key.pem`, `cert.pem` and `privkey.pem` into their respective file in `/jffs/etc`

    1. test by executing the script

    1. Execute the script on startup

    1. save this command as `Startup` in Administration > Commands

    `cd /jffs/startup && ./binds_on_mount.sh > ./log`
    40 changes: 40 additions & 0 deletions binds_on_mount.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,40 @@
    #!/bin/sh


    if [ `nvram get https_enable` -gt 0 ] ; then

    # get the absolute directory of the executable
    SELF_PATH=$(cd -P "$(dirname "$0")" && pwd -P)
    echo SELF_PATH: ${SELF_PATH}

    # extract the mount path
    MOUNT_PATH=`echo ${SELF_PATH} | cut -d / -f1-2`
    echo MOUNT_PATH: ${MOUNT_PATH}

    # do binds
    for BIND_PATH in '/jffs' ; do
    echo Binding ${BIND_PATH}
    if [ "${MOUNT_PATH}" != "${BIND_PATH}" ]; then
    grep -q -e "${BIND_PATH}" /proc/mounts || mount -o bind ${MOUNT_PATH}${BIND_PATH} ${BIND_PATH}
    fi
    done

    HTTPS_RESET=0

    if [ `pidof httpd` -gt 0 ]; then
    echo Stopping httpd
    stopservice httpd
    HTTPS_RESET=1
    fi

    echo Binding HTTPS certifcate
    grep -q -e "/etc/cert.pem" /proc/mounts || mount -o bind ${MOUNT_PATH}/etc/cert.pem /etc/cert.pem
    grep -q -e "/etc/key.pem" /proc/mounts || mount -o bind ${MOUNT_PATH}/etc/key.pem /etc/key.pem
    grep -q -e "/etc/privkey.pem" /proc/mounts || mount -o bind ${MOUNT_PATH}/etc/privkey.pem /etc/privkey.pem

    if [ "$HTTPS_RESET" = "1" ]; then
    echo Starting httpd
    startservice httpd
    unset HTTPS_RESET
    fi
    fi