jcarr
/
wit-network-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

switching the debian install around: all 'templates' are modified in the local folder and are than installed when already modified using isc-dhcp-server as an example in hope to imporove upgrade-consistency.

This commit is contained in:
toby 2019-02-14 12:35:33 -08:00
parent 94b3a68407
commit db0f639547
9 changed files with 18 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/wit-network-config.displace vendored
View File

@ -1,5 +1,6 @@
/etc/frr/frr.conf.wit
/etc/ipsec.conf.wit
/etc/ipsec.secrets.wit
/etc/qemu-ifdown.wit
/etc/qemu-ifup.wit
/etc/default/lldpd.wit

9
debian/wit-network-config.install vendored
View File

@ -10,9 +10,12 @@ files/qemu-ifdown etc/libvirt/hooks
files/qemu-ifup-public etc/libvirt/hooks
files/qemu-ifup etc/libvirt/hooks
files/firewall etc/init.d
files/frr.conf.wit etc/frr
files/ipsec.conf.wit etc
files/ips.issue etc/issue.d
files/wit-logging.conf etc/strongswan.d
files/wit-swanctl.conf etc/swanctl/conf.d
files/lldpd.wit /etc/default
templates/wit-swanctl.conf etc/swanctl/conf.d
templates/frr.conf.wit etc/frr
templates/70-persistent-net.rules etc/udev/rules.d
templates/interfaces /etc/network
templates/ipsec.conf.wit etc
templates/ipsec.secrets.wit etc

30
debian/wit-network-config.postinst vendored
View File

@ -22,15 +22,15 @@ case "$1" in
## START gather all the info from the box and generate the variabels
IFCONFIG="/etc/network/interfaces"
UDEVCONFIG="/etc/udev/rules.d/70-persistent-net.rules"
FRRCONFIG="/etc/frr/frr.conf.wit"
IPSECCONFIG="/etc/ipsec.conf.wit"
SWANCTLCONFIG="/etc/swanctl/conf.d/wit-swanctl.conf"
IFCONFIG="templates/interfaces"
UDEVCONFIG="templates/70-persistent-net.rules"
FRRCONFIG="templates/frr.conf.wit"
IPSECCONFIG="templates/ipsec.conf.wit"
IPSECSECRETS="templates/ipsec.secrets.wit"
SWANCTLCONFIG="templates/wit-swanctl.conf"
DOMAINNAME=$(hostname -d)
dig_txt() {
TMPDIG=$(dig txt +short $1)
[ -z ${TMPDIG} ] && exit 2
@ -63,14 +63,6 @@ case "$1" in
## START nic config compile
# wiping existing config in prep for re-deploying it
mv -f ${IFCONFIG} ${IFCONFIG}.dpkg-old || true
mv -f ${UDEVCONFIG} ${UDEVCONFIG}.dpkg-old || true
# write loopback config
cat <<-EOF >>$IFCONFIG
auto lo
@ -363,7 +355,7 @@ case "$1" in
# set ipsec config
for IPSECCONFIGFILE in $IPSECCONFIG $SWANCTLCONFIG
for IPSECCONFIGFILE in $IPSECCONFIG $SWANCTLCONFIG $IPSECSECRETS
do
sed -i \
-e "s/FQHOSTNAME/${HOSTNAME}/" \
@ -374,12 +366,6 @@ case "$1" in
$IPSECCONFIGFILE
done
echo ": RSA ${HOSTNAME}.key" >/etc/ipsec.secrets
chown frr.frr $FRRCONFIG /etc/frr/daemons.wit
## END config file section
@ -390,7 +376,7 @@ case "$1" in
systemctl restart ssh
systemctl reload strongswan || true ## in case we kick-start or done have it enabled for some reason
sysctl -p /etc/sysctl.d/10-frr.conf
sysctl -p files/10-frr.conf
## END services section

1
templates/70-persistent-net.rules Normal file
View File

@ -0,0 +1 @@
# this file is entirely compiled dynamically

0
files/frr.conf.wit → templates/frr.conf.wit
View File

1
templates/interfaces Normal file
View File

@ -0,0 +1 @@
# this file is entirely compiled dynamically

0
files/ipsec.conf.wit → templates/ipsec.conf.wit
View File

1
templates/ipsec.secrets.wit Normal file
View File

@ -0,0 +1 @@
: RSA FQDNHOSTNAME.key

0
files/wit-swanctl.conf → templates/wit-swanctl.conf
View File