2018-07-27 15:51:10 -05:00
#!/bin/bash
2018-07-26 03:57:41 -05:00
# postinst script for #PACKAGE#
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure)
2018-07-28 15:52:38 -05:00
### START gather all the info from the box and generate the variabels
2018-10-01 07:59:33 -05:00
export LOOPBACKv4=$(dig a +short ${HOSTNAME})
export LOOPBACKv6=$(dig aaaa +short ${HOSTNAME})
2018-09-12 13:01:52 -05:00
NODEASN=$(dig txt +short asn.${HOSTNAME})
NODEASN="${NODEASN%\"}"
NODEASN="${NODEASN#\"}"
export NODEASN
if [ -z $LOOPBACKv4 ] || [ -z $LOOPBACKv6 ] || [ -z $NODEASN ]; then
echo "unable to find my LOOPBACK IP and/or ASN: $LOOPBACKv4/$LOOPBACKv6/$NODEASN"
2018-09-09 05:58:45 -05:00
exit 2
fi
2018-08-09 07:42:42 -05:00
2018-10-04 11:12:55 -05:00
declare -A MACS
for if in mgmt feth1 feth2 up1 up2
do
MACS["$if"]=$(dig txt +short mac.$if.$HOSTNAME) ## careful mac will be wrapped in quotes, but we don't care since we'll need it again wrapped in quotes (so far)
done
2018-08-09 05:18:19 -05:00
2018-07-28 15:52:38 -05:00
## END variables
## START writing config files
2018-07-27 15:34:21 -05:00
2018-09-09 05:58:45 -05:00
# disable password logins on ssh
2018-08-09 07:42:42 -05:00
sed -i -e '/#*\s*PasswordAuthentication /d' /etc/ssh/sshd_config
2018-08-02 10:45:52 -05:00
echo "PasswordAuthentication no" >>/etc/ssh/sshd_config
2018-07-27 05:39:47 -05:00
2018-09-09 05:58:45 -05:00
# set network interface configurations
2018-09-25 16:24:42 -05:00
cat <<-EOF >/etc/network/interfaces
source-directory /etc/network/interfaces.d
EOF
2018-09-09 05:58:45 -05:00
cat <<-EOF >/etc/network/interfaces.d/lo
auto lo
iface lo inet loopback
iface lo inet static
address ${LOOPBACKv4}/32
iface lo inet6 static
address ${LOOPBACKv6}/128
EOF
cat <<-"EOF" >/etc/network/interfaces.d/mgmt1
auto mgmt1
iface mgmt1 inet dhcp
pre-up /bin/ip link add mgmt type vrf table mgmt
pre-up /bin/ip link set up dev mgmt
pre-up /bin/ip link set master mgmt dev mgmt1
post-down /bin/ip link del dev mgmt
2018-09-12 05:27:37 -05:00
iface mgmt1 inet6 auto
2018-09-09 05:58:45 -05:00
EOF
cat <<-"EOF" >/etc/network/interfaces.d/feth
auto feth1
iface feth1 inet manual
mtu 9000
auto feth2
iface feth2 inet manual
mtu 9000
EOF
2018-07-27 15:34:21 -05:00
2018-07-28 13:47:08 -05:00
2018-09-09 05:58:45 -05:00
# set frr config
2018-09-12 13:01:52 -05:00
sed -i -e "s/FRRROUTERID/${LOOPBACKv4}/" -e "s/NODEASN/${NODEASN}/" /etc/frr/frr.conf.wit
2018-07-27 15:34:21 -05:00
chown frr.frr /etc/frr/frr.conf.wit /etc/frr/daemons.wit
2018-09-09 05:58:45 -05:00
# set ipsec config
2018-09-12 13:01:52 -05:00
sed -i -e "s/FQHOSTNAME/${HOSTNAME}/" /etc/ipsec.conf.wit
2018-08-02 16:35:37 -05:00
echo ": RSA ${HOSTNAME}.key" >/etc/ipsec.secrets
2018-07-27 05:39:47 -05:00
2018-07-28 13:47:08 -05:00
2018-09-09 05:58:45 -05:00
# write udev rules for device names
2018-10-04 11:12:55 -05:00
for if in ${!MACS[@]}
do
ifmac=${MACS[$if]}
[ "$if" == "mgmt" ] && if=mgmt1
[ -z "$ifmac" ] || echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=='$mac', ATTR{type}=="1", NAME="'${if}'"'
done >/etc/udev/rules.d/70-persistent-net.rules
2018-07-27 05:39:47 -05:00
2018-08-02 16:35:37 -05:00
2018-07-28 15:52:38 -05:00
2018-09-09 05:58:45 -05:00
# wite grub rules for serial terminal
2018-07-28 15:52:38 -05:00
sed -i -e '/GRUB_CMDLINE_LINUX_DEFAULT=/d' -e '/GRUB_CMDLINE_LINUX=/d' -e '/GRUB_SERIAL_COMMAND=/d' -e '/GRUB_TERMINAL=/d' /etc/default/grub
2018-09-09 05:58:45 -05:00
cat <<-EOF >>/etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="console=tty0 console=ttyS1,115200n8"
GRUB_TERMINAL=serial
2018-09-09 06:30:43 -05:00
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=1 --word=8 --parity=no --stop=1"
2018-09-09 05:58:45 -05:00
EOF
2018-07-28 15:52:38 -05:00
## END config file section
## START configuring services as we need it
2018-07-26 03:57:41 -05:00
systemctl enable firewall
systemctl restart systemd-timesyncd
2018-08-02 10:45:52 -05:00
systemctl restart ssh
2018-07-26 03:57:41 -05:00
update-grub
sysctl -p /etc/sysctl.d/10-frr.conf
2018-07-28 15:52:38 -05:00
## END services section
2018-07-26 03:57:41 -05:00
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0