Merge branch 'master' of code.ungleich.ch:ungleich-public/ungleich-tools
This commit is contained in:
commit
de918f9456
2 changed files with 45 additions and 15 deletions
|
@ -33,7 +33,7 @@ debootstrap "${suite}" "${chroot_dir}"
|
||||||
echo "deb http://pkgmaster.devuan.org/merged ${suite} main contrib non-free" > ${chroot_dir}/etc/apt/sources.list
|
echo "deb http://pkgmaster.devuan.org/merged ${suite} main contrib non-free" > ${chroot_dir}/etc/apt/sources.list
|
||||||
|
|
||||||
chroot ${chroot_dir} apt update
|
chroot ${chroot_dir} apt update
|
||||||
chroot ${chroot_dir} apt install -y openssh-server rdnssd linux-image-amd64 firmware-bnx2
|
chroot ${chroot_dir} apt install -y openssh-server rdnssd linux-image-amd64 firmware-bnx2 ifenslave vlan
|
||||||
|
|
||||||
echo "unconfigured-host" > ${chroot_dir}/etc/hostname
|
echo "unconfigured-host" > ${chroot_dir}/etc/hostname
|
||||||
|
|
||||||
|
@ -53,30 +53,52 @@ chown -R root:root ${chroot_dir}/root/
|
||||||
################################################################################
|
################################################################################
|
||||||
# networking
|
# networking
|
||||||
|
|
||||||
# always lo
|
# echo bonding
|
||||||
|
|
||||||
cat > ${chroot_dir}/etc/network/interfaces << EOF
|
cat > ${chroot_dir}/etc/network/interfaces << EOF
|
||||||
auto lo
|
auto lo
|
||||||
iface lo inet loopback
|
iface lo inet loopback
|
||||||
|
|
||||||
source-directory /etc/network/interfaces.d
|
auto bond0
|
||||||
|
iface bond0 inet manual
|
||||||
|
bond-miimon 500
|
||||||
|
bond-mode 4
|
||||||
|
post-up /sbin/ip link set \$IFACE mtu 9000
|
||||||
|
bond-slaves none
|
||||||
|
|
||||||
|
auto eth0
|
||||||
|
iface eth0 inet manual
|
||||||
|
bond-master bond0
|
||||||
|
post-up /sbin/ip link set \$IFACE mtu 9000
|
||||||
|
|
||||||
|
auto eth1
|
||||||
|
iface eth1 inet manual
|
||||||
|
bond-master bond0
|
||||||
|
post-up /sbin/ip link set \$IFACE mtu 9000
|
||||||
|
|
||||||
|
# server network
|
||||||
|
auto bond0.11
|
||||||
|
iface bond0.11 inet6 auto
|
||||||
|
post-up /sbin/ip link set \$IFACE mtu 9000
|
||||||
|
vlan-raw-device bond0
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
# find the boot interfaces at boot
|
# find the boot interfaces at boot - not needed, always eth0/eth1
|
||||||
cat > ${chroot_dir}/etc/rc.local <<EOF
|
# cat > ${chroot_dir}/etc/rc.local <<EOF
|
||||||
mac=\$(cat /proc/cmdline | tr ' ' '\n' | awk -F= '/bootdev/ { print \$2 }')
|
# mac=\$(cat /proc/cmdline | tr ' ' '\n' | awk -F= '/bootdev/ { print \$2 }')
|
||||||
dev=\$(ip -o link | awk -F: "/\$mac/ { print \\\$2 }" | sed 's/ *//g')
|
# dev=\$(ip -o link | awk -F: "/\$mac/ { print \\\$2 }" | sed 's/ *//g')
|
||||||
|
|
||||||
cat > /etc/network/interfaces.d/bootinterface << eof
|
# cat > /etc/network/interfaces.d/bootinterface << eof
|
||||||
auto \$dev
|
# auto \$dev
|
||||||
iface \$dev inet6 auto
|
# iface \$dev inet6 auto
|
||||||
eof
|
# eof
|
||||||
|
|
||||||
ifup "\${dev}"
|
# ifup "\${dev}"
|
||||||
|
|
||||||
exit 0
|
# exit 0
|
||||||
EOF
|
# EOF
|
||||||
|
|
||||||
chmod a+rx "${chroot_dir}/etc/rc.local"
|
# chmod a+rx "${chroot_dir}/etc/rc.local"
|
||||||
|
|
||||||
# ensure there is /init in the initramfs -> otherwise there is a kernel panic
|
# ensure there is /init in the initramfs -> otherwise there is a kernel panic
|
||||||
# reason: initramfs is designed to be PRE regular os, so /init usually hands over to /sbin/init
|
# reason: initramfs is designed to be PRE regular os, so /init usually hands over to /sbin/init
|
||||||
|
|
|
@ -226,6 +226,14 @@ uci set dhcp.wifi.interface='wifi'
|
||||||
uci set dhcp.wifi.ra='server'
|
uci set dhcp.wifi.ra='server'
|
||||||
uci set dhcp.wifi.dynamicdhcp='0'
|
uci set dhcp.wifi.dynamicdhcp='0'
|
||||||
|
|
||||||
|
# Fix DNS: make dnsmasq NOT use a resolv.conf
|
||||||
|
# so that it only reads from our servers with DNS64 enabled
|
||||||
|
uci set dhcp.@dnsmasq[0].noresolv='1'
|
||||||
|
|
||||||
|
# Fix DNS: make the OS use the locally provided DNS servers
|
||||||
|
# otherwise the VPN tunnel cannot be established
|
||||||
|
dhcp.@dnsmasq[0].localuse='0'
|
||||||
|
|
||||||
|
|
||||||
# VPN / Wireguard
|
# VPN / Wireguard
|
||||||
uci set network.wg0=interface
|
uci set network.wg0=interface
|
||||||
|
|
Loading…
Reference in a new issue