jcarr
/
wit-network-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
253 Commits 1 Branch 0 Tags 268 KiB
Commit Graph

122 Commits

Author SHA1 Message Date
toby 13be20d519 writing out ipsec.secrets through postinst again since apparmor blocks any type of hide/displace action 2019-02-14 22:15:36 -08:00
toby 289b42e100 fixing sysctl tweak path 2019-02-14 17:31:38 -08:00
toby 3003509bf4 trying yet again a different approach to update files correctly upon install 2019-02-14 16:43:13 -08:00
toby a3934b7014 evidently everything is breaking right now, so trying a different approach 2019-02-14 14:43:53 -08:00
toby 1066e48dc7 evidently everything is breaking right now, so trying a different approach 2019-02-14 14:38:06 -08:00
toby db0f639547 switching the debian install around: all 'templates' are modified in the local folder and are than installed when already modified using isc-dhcp-server as an example in hope to imporove upgrade-consistency. 2019-02-14 12:35:33 -08:00
toby 48abb08b5a setting loopback source IP on all bgp routes for IPv6 as well - did this on ipv4 but may need patching as I wanted to use only the public IP for public routes on IPv4. may still break if for whatever reason it prefers the mgmtgw/ipmigw IP like it just happened on ipv6 2019-02-04 18:09:28 -08:00
toby d8245c2223 limiting lldp to only mgmt interfaces and avoid VMs to see lldp neigh requests 2019-01-30 11:36:56 -08:00
toby 0de30974af fixing the copyright in debian to be GPLv3 2019-01-09 23:20:40 +01:00
toby 277cd58eaa completely removing grub left overs 2019-01-08 21:00:46 +01:00
toby afdcd416b7 removing ssh-password less which is now default anyway, and also remove grub config which needs to be broken out since it differes on various platforms like arm and s86 2019-01-08 19:11:29 +01:00
toby 643519147d removing grub-pc from dependencies again, PXE has more issues anyway and we wanna work towards the EFI boot options and it bites grub-efi 2019-01-03 15:48:13 +01:00
toby 7468e4fddf more work on customer link support on edges 2019-01-02 22:05:35 +01:00
toby 279648eeb3 adding frr-pythontools and grub-pc as dependencies 2018-12-19 23:53:35 +01:00
toby d0d6eacce6 adding strongswan-swanctl to the dependencies, this is nice to have 2018-12-12 00:34:21 +01:00
toby b5710ce2fd fixing bug if no GRE tunnel is defined 2018-12-06 23:19:52 +01:00
toby 4714fb8981 yeah yeah I know I'm anal 2018-12-06 23:12:57 +01:00
toby 1c1b6e6383 some work to actually advertise mgmt/ipmi networks from bastion into the bgp domain 2018-12-06 18:57:32 +01:00
toby f8e0d68111 removing handler for NTP since we use DHCP (not sure why I didn't do that from the beginning, sometimes I just blank 2018-12-06 10:23:41 +01:00
toby 51f6a94ccd increasing error checking on ipsec generation 2018-12-03 22:22:54 +01:00
toby adefd694e4 enabling debug post-script again and removing hardcoded domain name in post-script for subnets lookups 2018-12-01 18:30:10 +01:00
toby 8e8e18adc0 ignoring a fail of timesyncd restart.... 2018-11-30 19:17:08 +01:00
toby 91e34ea5e1 ipsec: removing old proposal now that we are 100% upgraded, also tweaking some settings making use of ikev2 2018-11-30 18:27:18 +01:00
toby 83e0ccc728 adding firewall restart to postinst script. firewall is now restarted on upgrade, may break kickstart, need to test 2018-11-28 18:14:08 +01:00
toby f022e1e2c0 always update NTP server in timesyncd, not just when commented out 2018-11-26 19:55:11 +01:00
toby 188f689bbf testing useing bastion as NTP, moving it to a internal only service 2018-11-26 18:49:04 +01:00
toby 2ff6566d2e firewall house-keeping 2018-11-26 18:39:18 +01:00
toby 0a3575db3c fixing ipv6 prefix announcement for bastion boxes, no change for anything but bastion installs 2018-11-20 00:11:40 +01:00
toby c65529f6ad adding support for bastions public lo ipv4 2018-11-19 18:35:11 +01:00
toby b4fb94c60b ah what the hell. I keep the swanctl config around for now even when not used. we do eventually wanna switch 2018-11-18 22:59:14 +01:00
toby 86d5c80bbb ipsec changes: IKEv2, and more ipsec changes to hopefully inclrease stability 2018-11-18 22:06:53 +01:00
toby 346f3516d4 more/better bastion support 2018-11-13 17:22:42 +01:00
toby cd7566f253 god damn control file syntax and pickiness 2018-11-07 22:10:26 +01:00
toby 1316620232 god damn control file syntax and pickiness 2018-11-07 19:11:06 +01:00
toby 39e447d633 adjustments for frr 6.0 2018-11-07 17:16:12 +01:00
toby 039b56b15d fixing issue showing IPs 2018-11-07 17:07:47 +01:00
toby b5caf073ba fixing DNS querry for bastion public IP 2018-11-06 21:14:44 +01:00
toby 01d5a92771 doh... typo... 2018-11-06 19:30:03 +01:00
toby f7738182af fixing sed escape bug 2018-11-06 18:42:11 +01:00
toby d6566cff38 enabling debugging 2018-11-06 18:30:27 +01:00
toby 0868dd4df3 adding some early work for bastion support 2018-11-04 21:02:07 +01:00
toby 249e13bac6 adding mgmt IPs on the console output 2018-11-03 20:27:10 +01:00
toby 188c679218 fixing another bug for ipmi/mgmtgw interfaces 2018-11-03 00:02:42 +01:00
toby 51cef1a3e5 fixing minor bug on ipmigw/mgmtgw interface 2018-11-02 23:54:39 +01:00
toby 6c16ceb2c9 fixing typo 2018-11-01 21:12:23 +01:00
toby 2bfed0b53e leaving strongswan untouched since it would otherwise break a upgrade process 2018-10-31 23:22:31 +01:00
toby a6e4647a9c adding more support for ipmigw/mgmtgw interfaces 2018-10-31 21:02:57 +01:00
toby 65b2ecb368 making sure systemd-timesyncd is enabled as well 2018-10-31 20:40:10 +01:00
toby 8b3d04f16e need the .wit extension otherwise sed won't work ... doh 2018-10-29 20:15:58 +01:00
toby 633b0a7521 removing hardcoded ike version and also fixing file path for swanctl-conf file 2018-10-28 22:04:16 +01:00