jonas/tlu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added vlan createion and firewalld

Browse Source
This commit is contained in:
Jonas Forsberg 2021-09-22 16:33:00 +02:00
parent 68248df359
commit 04bf1ccbc4
3 changed files with 61 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
salt/pillars/network.sls
View File

@ -1,5 +1,6 @@
network: network:
domain: suse.lan domain: suse.lan
hostname: admin
netaddress: 192.168.0.0 netaddress: 192.168.0.0
netmask: 24 netmask: 24
ip: 192.168.0.1 ip: 192.168.0.1
@ -7,3 +8,17 @@ network:
interface: interface:
internal: eth0 internal: eth0
external: eth0.1000 external: eth0.1000
vlan:
-
id: 100
address: 192.168.100.1
netmask: 24
-
id: 200
address: 192.168.200.1
netmask: 24
-
id: 250
address: 192.168.250.1
netmask: 24

2
salt/states/top.sls
View File

@ -1,3 +1,5 @@
base: base:
'*': '*':
- hostname
- firewalld
- chrony - chrony

61
update.sh
View File

@ -40,23 +40,35 @@ function log(){
printf "%s\n" "$*" printf "%s\n" "$*"
} }
function parse_yaml { function parse_yaml() {
local prefix=$2 # ripped from https://gist.github.com/pkuczynski/8665367#gistcomment-2174214
local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034') local yaml_file=$1
sed -ne "s|^\($s\):|\1|" \ local prefix=$2
-e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \ local s
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 | local w
awk -F$fs '{ local fs
indent = length($1)/2;
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
printf("%s%s%s=\"%s\"\n", "'$prefix'",vn, $2, $3);
}
}'
}
s='[[:space:]]*'
w='[a-zA-Z0-9_]*'
fs="$(echo @|tr @ '\034')"
(
sed -ne 's/--//g; s/\"/\\\"/g; s/\#.*//g; s/\s*$//g;' \
-e "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s[:-]$s\(.*\)$s\$|\1$fs\2$fs\3|p" |
awk -F"$fs" '{
indent = length($1)/2;
if (length($2) == 0) { conj[indent]="+";} else {conj[indent]="";}
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
printf("%s%s%s%s=(\"%s\")\n", "'"$prefix"'",vn, $2, conj[indent-1],$3);
}
}' |
sed 's/_=/+=/g'
) < "$yaml_file"
}
function check_prerequisites(){ function check_prerequisites(){
set +e set +e
@ -92,16 +104,31 @@ function configure_network(){
if [[ -f salt/pillars/local.sls ]];then if [[ -f salt/pillars/local.sls ]];then
eval $(parse_yaml salt/pillars/local.sls "SALT_") eval $(parse_yaml salt/pillars/local.sls "SALT_")
fi fi
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.addresses "$SALT_network_ip" #configure internal interface
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.addresses "${SALT_network_ip}/${SALT_network_netmask}"
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2" sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2"
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.method manual sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.method manual
sudo nmcli connection down "$SALT_network_interface_internal" sudo nmcli connection down "$SALT_network_interface_internal"
sudo nmcli connection up "$SALT_network_interface_internal" sudo nmcli connection up "$SALT_network_interface_internal"
#configure external interface
if [[ $(nmcli connection show | grep -i $SALT_network_interface_external | wc -l) == 0 ]]; then if [[ $(nmcli connection show | grep -i $SALT_network_interface_external | wc -l) == 0 ]]; then
sudo nmcli connection add type vlan con-name "$SALT_network_interface_external" ifname "$SALT_network_interface_external" dev "$SALT_network_interface_internal" id "${SALT_network_interface_external#*.}" sudo nmcli connection add type vlan con-name "$SALT_network_interface_external" ifname "$SALT_network_interface_external" dev "$SALT_network_interface_internal" id "${SALT_network_interface_external#*.}"
fi fi
sudo nmcli connection modify "$SALT_network_interface_external" ipv4.method auto sudo nmcli connection modify "$SALT_network_interface_external" ipv4.method auto
sudo nmcli connection up "$SALT_network_interface_external" sudo nmcli connection up "$SALT_network_interface_external"
#configure vlan interfaces
local len=${#SALT_network_vlan__id[@]}
for (( i=0; i<$len; i++ ));do
ifname="vlan.${SALT_network_vlan__id[$i]}"
if [[ $(nmcli connection show | grep -i "$ifname" | wc -l) == 0 ]]; then
sudo nmcli connection add type vlan con-name "$ifname" ifname "$ifname" dev "$SALT_network_interface_internal" id "${SALT_network_vlan__id[$i]}"
fi
sudo nmcli connection modify "$ifname" ipv4.addresses "${SALT_network_vlan__address[$i]}/${SALT_network_vlan__netmask[$i]}"
sudo nmcli connection modify "$ifname" ipv4.method manual
sudo nmcli connection up "$ifname"
done
} }