added vlan createion and firewalld

This commit is contained in:
Jonas Forsberg 2021-09-22 16:33:00 +02:00
parent 68248df359
commit 04bf1ccbc4
3 changed files with 61 additions and 17 deletions

View File

@ -1,5 +1,6 @@
network:
domain: suse.lan
hostname: admin
netaddress: 192.168.0.0
netmask: 24
ip: 192.168.0.1
@ -7,3 +8,17 @@ network:
interface:
internal: eth0
external: eth0.1000
vlan:
-
id: 100
address: 192.168.100.1
netmask: 24
-
id: 200
address: 192.168.200.1
netmask: 24
-
id: 250
address: 192.168.250.1
netmask: 24

View File

@ -1,3 +1,5 @@
base:
'*':
- hostname
- firewalld
- chrony

View File

@ -40,23 +40,35 @@ function log(){
printf "%s\n" "$*"
}
function parse_yaml {
local prefix=$2
local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
sed -ne "s|^\($s\):|\1|" \
-e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 |
awk -F$fs '{
indent = length($1)/2;
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
printf("%s%s%s=\"%s\"\n", "'$prefix'",vn, $2, $3);
}
}'
}
function parse_yaml() {
# ripped from https://gist.github.com/pkuczynski/8665367#gistcomment-2174214
local yaml_file=$1
local prefix=$2
local s
local w
local fs
s='[[:space:]]*'
w='[a-zA-Z0-9_]*'
fs="$(echo @|tr @ '\034')"
(
sed -ne 's/--//g; s/\"/\\\"/g; s/\#.*//g; s/\s*$//g;' \
-e "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \
-e "s|^\($s\)\($w\)$s[:-]$s\(.*\)$s\$|\1$fs\2$fs\3|p" |
awk -F"$fs" '{
indent = length($1)/2;
if (length($2) == 0) { conj[indent]="+";} else {conj[indent]="";}
vname[indent] = $2;
for (i in vname) {if (i > indent) {delete vname[i]}}
if (length($3) > 0) {
vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
printf("%s%s%s%s=(\"%s\")\n", "'"$prefix"'",vn, $2, conj[indent-1],$3);
}
}' |
sed 's/_=/+=/g'
) < "$yaml_file"
}
function check_prerequisites(){
set +e
@ -92,17 +104,32 @@ function configure_network(){
if [[ -f salt/pillars/local.sls ]];then
eval $(parse_yaml salt/pillars/local.sls "SALT_")
fi
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.addresses "$SALT_network_ip"
#configure internal interface
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.addresses "${SALT_network_ip}/${SALT_network_netmask}"
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.dns "127.0.0.1, 1.1.1.1, 1.1.1.2"
sudo nmcli connection modify "$SALT_network_interface_internal" ipv4.method manual
sudo nmcli connection down "$SALT_network_interface_internal"
sudo nmcli connection up "$SALT_network_interface_internal"
#configure external interface
if [[ $(nmcli connection show | grep -i $SALT_network_interface_external | wc -l) == 0 ]]; then
sudo nmcli connection add type vlan con-name "$SALT_network_interface_external" ifname "$SALT_network_interface_external" dev "$SALT_network_interface_internal" id "${SALT_network_interface_external#*.}"
fi
sudo nmcli connection modify "$SALT_network_interface_external" ipv4.method auto
sudo nmcli connection up "$SALT_network_interface_external"
#configure vlan interfaces
local len=${#SALT_network_vlan__id[@]}
for (( i=0; i<$len; i++ ));do
ifname="vlan.${SALT_network_vlan__id[$i]}"
if [[ $(nmcli connection show | grep -i "$ifname" | wc -l) == 0 ]]; then
sudo nmcli connection add type vlan con-name "$ifname" ifname "$ifname" dev "$SALT_network_interface_internal" id "${SALT_network_vlan__id[$i]}"
fi
sudo nmcli connection modify "$ifname" ipv4.addresses "${SALT_network_vlan__address[$i]}/${SALT_network_vlan__netmask[$i]}"
sudo nmcli connection modify "$ifname" ipv4.method manual
sudo nmcli connection up "$ifname"
done
}