ungleich-public/ungleich-tools
6
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Change configuration to drop the conflicting ipv4 address

Browse source
This commit is contained in:
Nico Schottelius 2020-06-14 23:21:38 +02:00
parent 53e827ba43
commit b7f84307b2
1 changed files with 62 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

120
viirb-configure-fully-after-upgrade.sh
View file

@ -33,7 +33,6 @@ vpn_endpoint_pubkey=ft68G2RID7gZ6PXjFCSCOdJ9yspRg+tUw0YrNK9cTxE=
cat <<EOF | ssh -t "root@${viirb_ip}" cat <<EOF | ssh -t "root@${viirb_ip}"
set -x set -x
# Setup lan to also retrieve an ip address via dhcp # Setup lan to also retrieve an ip address via dhcp
# This stays in the final setup # This stays in the final setup
@ -41,64 +40,12 @@ uci set network.lan.proto='dhcp'
uci delete network.lan.ipaddr uci delete network.lan.ipaddr
uci delete network.lan.netmask uci delete network.lan.netmask
# This is temporary - keeping it until the config process is through
uci set network.lanv4temp=interface
uci set network.lanv4temp.proto='static'
uci set network.lanv4temp.ifname='br-lan'
uci set network.lanv4temp.ipaddr='192.168.61.1'
uci set network.lanv4temp.netmask='255.255.255.0'
uci commit network
/etc/init.d/network restart
# ensure internet is up and running
sleep 5
ping -c5 ungleich.ch || exit 1
# update the sources
opkg update
# install wireguard + gui
opkg install wireguard
opkg install luci-app-wireguard
# The IPv6 lan configuration # The IPv6 lan configuration
uci set network.lanv6=interface uci set network.lanv6=interface
uci set network.lanv6.proto='static' uci set network.lanv6.proto='static'
uci set network.lanv6.ip6addr='${my_lan_ip}/64' uci set network.lanv6.ip6addr='${my_lan_ip}/64'
uci set network.lanv6.ifname='br-lan' uci set network.lanv6.ifname='br-lan'
# wifi ip address
uci set network.wifi=interface
uci set network.wifi.proto='static'
uci set network.wifi.ip6addr='${my_wifi_ip}/64'
# Wifi configuration
uci set wireless.radio0=wifi-device
uci set wireless.radio0.type='mac80211'
uci set wireless.radio0.hwmode='11g'
uci set wireless.radio0.path='platform/10300000.wmac'
uci set wireless.radio0.htmode='HT40'
uci set wireless.radio0.country='CH'
uci set wireless.radio0.channel='6'
# Ensure it is not disabled
uci delete wireless.radio0.disabled
uci set wireless.default_radio0=wifi-iface
uci set wireless.default_radio0.device='radio0'
uci set wireless.default_radio0.mode='ap'
uci set wireless.default_radio0.encryption='psk2'
uci set wireless.default_radio0.key='iloveipv6'
uci set wireless.default_radio0.ssid='IPv6 everywhere ${viirb_hostname}'
uci set wireless.default_radio0.network='wifi'
# Wifi / Router advertisements
uci set dhcp.wifi=dhcp
uci set dhcp.wifi.interface='wifi'
uci set dhcp.wifi.ra='server'
uci set dhcp.wifi.dynamicdhcp='0'
# LAN / Router advertisements / DHCP # LAN / Router advertisements / DHCP
# DHCP: we are not authoratative # DHCP: we are not authoratative
uci delete dhcp.@dnsmasq[0].authoritative uci delete dhcp.@dnsmasq[0].authoritative
@ -129,6 +76,67 @@ uci delete dhcp.@dnsmasq[0].server
uci add_list dhcp.@dnsmasq[0].server='2a0a:e5c0:0:a::a' uci add_list dhcp.@dnsmasq[0].server='2a0a:e5c0:0:a::a'
uci add_list dhcp.@dnsmasq[0].server='2a0a:e5c0:2:a::a' uci add_list dhcp.@dnsmasq[0].server='2a0a:e5c0:2:a::a'
# wifi ip address
uci set network.wifi=interface
uci set network.wifi.proto='static'
uci set network.wifi.ip6addr='${my_wifi_ip}/64'
# Wifi configuration
uci set wireless.radio0=wifi-device
uci set wireless.radio0.type='mac80211'
uci set wireless.radio0.hwmode='11g'
uci set wireless.radio0.path='platform/10300000.wmac'
uci set wireless.radio0.htmode='HT40'
uci set wireless.radio0.country='CH'
uci set wireless.radio0.channel='6'
uci set wireless.default_radio0=wifi-iface
uci set wireless.default_radio0.device='radio0'
uci set wireless.default_radio0.mode='ap'
uci set wireless.default_radio0.encryption='psk2'
uci set wireless.default_radio0.key='iloveipv6'
uci set wireless.default_radio0.ssid='IPv6 everywhere ${viirb_hostname}'
uci set wireless.default_radio0.network='wifi'
# Wifi / Router advertisements
uci set dhcp.wifi=dhcp
uci set dhcp.wifi.interface='wifi'
uci set dhcp.wifi.ra='server'
uci set dhcp.wifi.dynamicdhcp='0'
# Ensure it is not disabled
uci delete wireless.radio0.disabled
# This is temporary - keeping it until the config process is through
# Probably not needet - we can connect to the final IPv6 address!
# uci set network.lanv4temp=interface
# uci set network.lanv4temp.proto='static'
# uci set network.lanv4temp.ifname='br-lan'
# uci set network.lanv4temp.ipaddr='192.168.61.1'
# uci set network.lanv4temp.netmask='255.255.255.0'
uci commit
/etc/init.d/network restart
EOF
# ensure network is up and running - bridge takes a bit of time
sleep 10
# change to ipv6
viirb_ip=${my_lan_ip}
cat <<EOF | ssh -t "root@${viirb_ip}"
ping -c5 ungleich.ch || exit 1
# update the sources
opkg update
# install wireguard + gui
opkg install wireguard
opkg install luci-app-wireguard
# VPN / Wireguard # VPN / Wireguard
uci set network.wg0=interface uci set network.wg0=interface
uci set network.wg0.proto='wireguard' uci set network.wg0.proto='wireguard'
@ -151,10 +159,7 @@ uci set network.@wireguard_wg0[0].route_allowed_ips='1'
uci set system.@system[0].hostname="${viirb_hostname}" uci set system.@system[0].hostname="${viirb_hostname}"
uci commit
# Firewall configuration # Firewall configuration
if ! uci show firewall | grep "name='Allow-SSH'"; then if ! uci show firewall | grep "name='Allow-SSH'"; then
uci add firewall rule uci add firewall rule
uci set firewall.@rule[-1].name='Allow-SSH' uci set firewall.@rule[-1].name='Allow-SSH'
@ -189,9 +194,8 @@ fi
uci set firewall.@zone[0].network='lan lanv6 wifi' uci set firewall.@zone[0].network='lan lanv6 wifi'
uci set firewall.@zone[1].network='wg0' uci set firewall.@zone[1].network='wg0'
uci commit firewall uci commit
# Reboot
reboot reboot
EOF EOF