nbanb
commented
2 years ago Hi
I'm sorry, but I need to be more precise on a point about HTTPS and this script and Freebox : If you use your own PKI for managing certificate on your local network and you define a domain name on a local domain with a certificate issued by your internal PKI, you need to be carefull if you use certificates which use keys length more than 4096.
In 2022 cURL does not natively support 8192 signed certificate signed by an 8192 CA even if the 8192 rootCA is properly installed on the system. wget does support such CA and certificate but we're using cURL here ! A workarround is to specify either '-k = --insecure' on cURL command line (bad) or to specify the 8192 CA public key on cURL command line (preferred)
For example, after the URL definition, add (you need to install your PKI root CA in your system certificate, here I use ca-certificate on Debian 11):
FREEBOX_CACERT='/usr/share/ca-certificates/nba/YOUR-PKI-rootCA-RSA8192.pem'
and after change at ligne ~183 `183c225 < local answer=$(curl -s "$FREEBOX_URL/api_version")
local answer=$(curl -s --cacert $FREEBOX_CACERT "$FREEBOX_URL/api_version")
and add line ~194[[ -n "$FREEBOX_CACERT" ]] && options+=(--cacert "$FREEBOX_CACERT") `
I will try to make a PR to add those change to this projects.
Kind regards nbanba
Dear JrCs,
Using your marvelous work, I was able to write 2 very small scripts for managing VM on freebox Delta (v7). Maybe I can write freeboxos_bash_api again removing JSON PARSING function from JSON.SH and using the marvelous 'jq' tool which is availiable today, but I did not do, your script work like a charm... Thanks
Here is the code, maybe it could interrested someone (found your source freeboxos-bash-api.sh on JDOM® and on other forums).
First, cp freeboxos_bash_api.sh to freeboxos-delta_bash_api.sh and change in freeboxos-delta_bash_api.sh the API version to 8 :
18:54:15 root@14RV-SERVER:/mnt/data/perso/freebox/api# diff freeboxos-delta_bash_api.sh freeboxos_bash_api.sh 4,5c4 < #_API_VERSION="7" < _API_VERSION="8"Continue to modify the script to use HTTPS (we're now in 2022, all internet must use https, but to enable HTTPS here, YOU MUST HAD CONFIGURED Freebox-Delta HTTPS access and certificate in the "domain name" part of the freebox configuration menu) :19:07:48 root@14RV-SERVER:/mnt/data/perso/freebox/api# grep -i https://fbx freeboxos-delta_bash_api.sh FREEBOX_URL="https://fbx.yourdomain.net"Second, use the authorized_application function as described in the main page of this project to authorized your application and to get your application token.
Third, you can use the following scripts to manage VM for example to send an ACPI shutdown to the VM before rebooting the freebox (to avoid the VM crash at reboot due to corrupted disk error)
Here is the script to retrieve informations / status of your running(or not running) VMs : fbxvm-status fbxvm-status.gz
Here is another script which allow you to start, stop, reboot and get status of all VM of Freebox Delta : fbxvm-ctrl Steps First to Third for script fbxvm-ctrl are the same as describe for the fbxvm-status script, so I will not write it again. Here is the script :
fbxvm-ctrl.gz
It's a starting, you can extend scripts to have a full control of VMs (creating VM dynamically, populating 'cloud-init', etc... and finally you can use it to use Freebox Delta VM's like a destructible fully automated sandbox or for on-demand applications or for permanent services needing a server 24h/24h (for example I was able to deploy a 'tor' node on my freebox delta...))
Hope it could help.
Kind regards, nbanba