From 5a5a56d26566db2afe845171b699d9750a4f19b6 Mon Sep 17 00:00:00 2001 From: Artem Lajko Date: Sun, 17 Dec 2023 08:59:17 +0100 Subject: [PATCH] add old script back and allow to use extended script --- script/network_config.sh | 198 ++++++++++++--------------------------- 1 file changed, 59 insertions(+), 139 deletions(-) diff --git a/script/network_config.sh b/script/network_config.sh index 70f1751..6b59df8 100755 --- a/script/network_config.sh +++ b/script/network_config.sh @@ -1,88 +1,13 @@ #!/bin/bash -# Function to prompt for input with a default value -prompt_input() { - local prompt=$1 - local default=$2 - read -p "$prompt [$default]: " input - echo "${input:-$default}" -} +read -p "MAIN_SERVER_IP: " MAINSERVERIP +read -p "MAIN_SERVER_GATEWAY_ADRESS: " GATEWAYADRESS +read -p "NETMASK: " NETMASK +read -p "BROADCASTIP: " BROADCASTIP +read -p "ADDITIONAL_IP_ADRESS: " ADD_IP_ADRESS +read -p "NETWORK_INTERFACE: " NETWORK_INTERFACE -# Function to create bridge interface text for additional IP and internal bridges -create_bridge_text() { - local ip=$1 - local bridge_id=$2 - local mac_address=$3 - local external_bridge_id=$bridge_id - local internal_bridge_id=$((bridge_id * 100)) - - # WAN bridge configuration with MAC address and public IP - local bridge_config=" -auto vmbr${external_bridge_id} -iface vmbr${external_bridge_id} inet static - address ${ip} - netmask ${NETMASK} - bridge_ports none - bridge_stp off - bridge_fd 0 - hwaddress ether ${mac_address} -#WAN ${external_bridge_id} -" - - # LAN bridge configuration without an IP, as it's for internal network only - bridge_config+=" -auto vmbr${internal_bridge_id} -iface vmbr${internal_bridge_id} inet manual - bridge_ports none - bridge_stp off - bridge_fd 0 -#LAN ${internal_bridge_id} -" - - echo "$bridge_config" -} - -# Collect inputs -MAINSERVERIP=$(prompt_input "MAIN_SERVER_IP" "192.168.0.1") -GATEWAYADDRESS=$(prompt_input "MAIN_SERVER_GATEWAY_ADDRESS" "192.168.0.254") -NETMASK=$(prompt_input "NETMASK" "255.255.255.0") -BROADCASTIP=$(prompt_input "BROADCASTIP" "192.168.0.255") -ADD_IP_ADDRESSES=$(prompt_input "ADDITIONAL_IP_ADDRESSES (comma-separated)" "") -MAC_ADDRESSES=$(prompt_input "MAC_ADDRESSES for additional IPs (comma-separated)" "") -NETWORK_INTERFACE=$(prompt_input "NETWORK_INTERFACE" "eth0") - -# Display inputs for confirmation -echo "---------------------------------------------------------------------" -echo "You have entered the following configuration:" -echo "MAIN_SERVER_IP: $MAINSERVERIP" -echo "MAIN_SERVER_GATEWAY_ADDRESS: $GATEWAYADDRESS" -echo "NETMASK: $NETMASK" -echo "BROADCASTIP: $BROADCASTIP" -echo "ADDITIONAL_IP_ADDRESSES: $ADD_IP_ADDRESSES" -echo "MAC_ADDRESSES: $MAC_ADDRESSES" -echo "NETWORK_INTERFACE: $NETWORK_INTERFACE" - -echo "---------------------------------------------------------------------" -read -p "Is this correct? [yes/no]: " confirmation - -if [[ $confirmation != [Yy]* ]]; then - echo "Exiting without changes." - exit -fi - -# Split ADD_IP_ADDRESSES and MAC_ADDRESSES into arrays -IFS=',' read -ra ADDR <<<"$ADD_IP_ADDRESSES" -IFS=',' read -ra MACS <<<"$MAC_ADDRESSES" - -# Generate dynamic routing rules -additional_routes="" -for add_ip in "${ADDR[@]}"; do - additional_routes+=" up ip route add $add_ip dev ${NETWORK_INTERFACE} -" -done - -# Initialize the interfaces file content -interfaces_content=" +echo " ### Hetzner Online GmbH installimage source /etc/network/interfaces.d/* @@ -91,68 +16,63 @@ auto lo iface lo inet loopback iface lo inet6 loopback -# Main network interface configuration + iface ${NETWORK_INTERFACE} inet manual - up ip route add -net ${GATEWAYADDRESS} netmask ${NETMASK} gw ${GATEWAYADDRESS} vmbr0 - up sysctl -w net.ipv4.ip_forward=1 - up sysctl -w net.ipv4.conf.${NETWORK_INTERFACE}.send_redirects=0 - up sysctl -w net.ipv6.conf.all.forwarding=1 -$additional_routes - up ip route add 192.168.0.0/16 via ${MAINSERVERIP} dev vmbr0 - up ip route add 172.16.0.0/12 via ${MAINSERVERIP} dev vmbr0 - up ip route add 10.0.0.0/8 via ${MAINSERVERIP} dev vmbr0 + + up ip route add -net up ip route add -net ${GATEWAYADRESS} netmask ${NETMASK} gw ${GATEWAYADRESS} vmbr0 + up sysctl -w net.ipv4.ip_forward=1 + up sysctl -w net.ipv4.conf.${NETWORK_INTERFACE}.send_redirects=0 + up sysctl -w net.ipv6.conf.all.forwarding=1 + up ip route add 192.168.0.0/16 via ${ADD_IP_ADRESS} dev vmbr0 + up ip route add 172.16.0.0/12 via ${ADD_IP_ADRESS} dev vmbr0 + up ip route add 10.0.0.0/8 via ${ADD_IP_ADRESS} dev vmbr0 + + +iface ${NETWORK_INTERFACE} inet6 static + address 2a01:4f8:110:5143::2 + netmask 64 + gateway fe80::1 + auto vmbr0 iface vmbr0 inet static - address ${MAINSERVERIP} - netmask 32 - gateway ${GATEWAYADDRESS} - broadcast ${BROADCASTIP} - bridge-ports ${NETWORK_INTERFACE} - bridge-stp off - bridge-fd 0 - pointopoint ${GATEWAYADDRESS} -#Main IP configuration -" + address ${MAINSERVERIP} + netmask 32 + gateway ${GATEWAYADRESS} + broadcast ${BROADCASTIP} + bridge-ports ${NETWORK_INTERFACE} + bridge-stp off + bridge-fd 0 + pointopoint ${GATEWAYADRESS} +#WAN -# Append bridge interfaces for each additional IP and MAC address and create internal bridges -for i in "${!ADDR[@]}"; do - # Increment bridge_id for each additional IP - bridge_id=$((i + 1)) - interfaces_content+=$(create_bridge_text "${ADDR[i]}" "$bridge_id" "${MACS[i]}") + +# Virtual switch for DMZ +# (connect your firewall/router KVM instance and private DMZ hosts here) +auto vmbr1 +iface vmbr1 inet manual + bridge_ports none + bridge_stp off + bridge_fd 0 +#LAN0 + +" >interfaces + +cat interfaces + +while true; do + read -p "Config correct? [yes][no]: " yn + case $yn in + [Yy]*) + echo "" + break + ;; + [Nn]*) exit ;; + *) echo "Please answer yes or no." ;; + esac done -# Save the new configuration to a temporary file -echo "$interfaces_content" > /tmp/new_interfaces +mv /etc/network/interfaces /etc/network/interfaces.old +mv interfaces /etc/network/interfaces -# Display the current network configuration -echo "---------------------------------------------------------------------" -echo "Current network configuration (/etc/network/interfaces):" -cat /etc/network/interfaces -echo "" - -# Display the new network configuration -echo "---------------------------------------------------------------------" -echo "New network configuration:" -cat /tmp/new_interfaces -echo "" - -# Show the differences -echo "---------------------------------------------------------------------" -echo "Configuration differences:" -diff /etc/network/interfaces /tmp/new_interfaces -echo "" - -# Confirm before applying changes -echo "---------------------------------------------------------------------" -read -p "Apply this network configuration? [yes/no]: " apply_conf - -if [[ $apply_conf == [Yy]* ]]; then - timestamp=$(date +%Y%m%d-%H%M%S) - mv /etc/network/interfaces /etc/network/interfaces.bak-$timestamp - mv /tmp/new_interfaces /etc/network/interfaces - echo "The network can be restarted with the following command: '/etc/init.d/networking' restart or 'systemctl restart networking'" -else - echo "Exiting without applying changes." - rm /tmp/new_interfaces -fi +echo "The network can be restarted with the following command: /etc/init.d/networking restart "