forked from univention/ucs-appliance-container
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path00-network
137 lines (118 loc) · 5.11 KB
/
00-network
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
#!/bin/bash
#
# Univention Container Mode - network
#
# Copyright 2020-2021 Univention GmbH
#
# http://www.univention.de/
#
# All rights reserved.
#
# The source code of this program is made available
# under the terms of the GNU Affero General Public License version 3
# (GNU AGPL V3) as published by the Free Software Foundation.
#
# Binary versions of this program provided by Univention to you as
# well as other copyrighted, protected or trademarked materials like
# Logos, graphics, fonts, specific documentations and configurations,
# cryptographic keys etc. are subject to a license agreement between
# you and Univention and not subject to the GNU AGPL V3.
#
# In the case you use this program under the terms of the GNU AGPL V3,
# the program is provided in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public
# License with the Debian GNU/Linux or Univention distribution in file
# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.
## util(s)
source /usr/lib/univention-container-mode/utils.sh || exit 1
## function(s)
# function name() { # name: (IN)[>(OUT)]
# echo function
# }
## ucr shell
# eval "$(ucr shell hostname domainname)"
## declare
declare -a ucrchanges
# ucrchanges+=("key=value")
declare -a ucrremoves
# ucrremoves+=("key")
declare -A ucrcounter
# ucrcounter[<STRING>]=<INT>
declare -A ucrcommit
# ucrcommit+=/<PATH>/<FILE> OR ucrcommit[<FILE>]=/<PATH>/<FILE>
declare -A network
network[ipv4]=4
network[ipv6]=6
debug "### START SCRIPT($(pwd)/$0) ###"
## Set network config from container mode environment
#
for version in ${network[@]}; do
# get default interface from ip -(4|6) route list
#
network[routelist]=$(ip -${version} route list | awk ' /^default/{ print $0 }' | head -1) # default via <address> dev <interface>
network[interface]=$(echo ${network[routelist]} | awk '/^default/{ for (I=1;I<=NF;I++) if ( $I=="dev" ) { print $(I+1) } }')
network[gateway]=$(echo ${network[routelist]} | awk ' /^default/{ for (I=1;I<=NF;I++) if ( $I=="dev" ) { print $(I-1) } }')
[[ -z ${network[interface]:-} ]] || {
network[addresses]=$(ip -${version} address show scope global dev ${network[interface]} | egrep -- "^*inet") # inet* <address>/<cidr> [brd <broadcast>] scope global <interface>
network[broadcast]=$(echo ${network[addresses]} | awk '/inet.*brd/{ for (I=1;I<=NF;I++) if ( $I=="brd" ) { print $(I+1) } }')
network[address]=$(echo ${network[addresses]} | awk '/inet/{ split($2,IP,"/"); printf IP[1] }') # get only first match in awk by $2
network[cidr]=$(echo ${network[addresses]} | awk ' /inet/{ split($2,IP,"/"); printf IP[2] }') # get only first match in awk by $2
ucrchanges+=("interfaces/primary=${network[interface]}")
echo "NETWORK IPv${version} INTERFACE(${network[interface]}) ADDRESS(${network[address]}/${network[cidr]}) GATEWAY(${network[gateway]})"
}
#
# set network config from ip -6 route list and ip -6 address show scope global dev <interface>
#
[[ ${version} == 6 && ${#network[interface]} != 0 ]] && {
# network[network]=$(ip -${version} route list | awk '/^.*\/'${network[cidr]}'.*'${network[interface]}'.*src.*'${network[address]}'/{ split($1,IP,"/"); printf IP[1] }')
# network[netmask]=$(netmask ${network[cidr]})
if [[ "${network[gateway]}" != "$(ucr get ipv${version}/gateway)" ]]; then
ucrchanges+=("ipv${version}/gateway=${network[gateway]}")
fi
ucrchanges+=(
"interfaces/${network[interface]}/ipv${version}/default/address=${network[address]}"
"interfaces/${network[interface]}/ipv${version}/default/prefix=${network[cidr]}"
)
}
#
# set network config from ip -4 route list and ip -4 address show scope global dev <interface>
#
[[ ${version} == 4 && ${#network[interface]} != 0 ]] && {
network[network]=$(ip -${version} route list | awk '/^.*\/'${network[cidr]}'.*'${network[interface]}'.*src.*'${network[address]}'/{ split($1,IP,"/"); printf IP[1] }')
network[netmask]=$(netmask ${network[cidr]})
if [[ "${network[gateway]}" != "$(ucr get gateway)" ]]; then
ucrchanges+=("gateway=${network[gateway]}")
fi
ucrchanges+=(
"interfaces/${network[interface]}/type=static"
"interfaces/${network[interface]}/default/acceptRA=true"
"interfaces/${network[interface]}/address=${network[address]}"
"interfaces/${network[interface]}/network=${network[network]}"
"interfaces/${network[interface]}/netmask=${network[netmask]}"
"interfaces/${network[interface]}/broadcast=${network[broadcast]}"
)
}
#
done
#
[[ -f /etc/default/networking ]] &&
sed -i 's/^#CONFIGURE_INTERFACES=yes/CONFIGURE_INTERFACES=no/g' /etc/default/networking
#
## Set network config from container mode environment
debug "### STOPP SCRIPT($(pwd)/$0) ###"
## ucr removes
UniventionConfigRegistryUnSet ${ucrremoves[@]}
## ucr changes
UniventionConfigRegistrySet ${ucrchanges[@]}
## ucr commit
UniventionConfigCommit ${ucrcommit[@]}
## cleanup
unset \
network \
ucrchanges ucrremoves ucrcounter ucrcommit
debug "### CLEAN SCRIPT($(pwd)/$0) ###"