add old script back and allow to use extended script

2023-12-17 08:59:17 +01:00 · 2023-12-17 08:59:17 +01:00 · 5a5a56d265
parent 74272172ad
commit 5a5a56d265
1 changed files with 59 additions and 139 deletions
--- a/script/network_config.sh
+++ b/script/network_config.sh
@ -1,88 +1,13 @@
 #!/bin/bash
-# Function to prompt for input with a default value
+read -p "MAIN_SERVER_IP: " MAINSERVERIP
-prompt_input() {
+read -p "MAIN_SERVER_GATEWAY_ADRESS: " GATEWAYADRESS
-    local prompt=$1
+read -p "NETMASK: " NETMASK
-    local default=$2
+read -p "BROADCASTIP: " BROADCASTIP
-    read -p "$prompt [$default]: " input
+read -p "ADDITIONAL_IP_ADRESS: " ADD_IP_ADRESS
-    echo "${input:-$default}"
+read -p "NETWORK_INTERFACE: " NETWORK_INTERFACE
 }
-# Function to create bridge interface text for additional IP and internal bridges
+echo "
 create_bridge_text() {
    local ip=$1
    local bridge_id=$2
    local mac_address=$3
    local external_bridge_id=$bridge_id
    local internal_bridge_id=$((bridge_id * 100))
    # WAN bridge configuration with MAC address and public IP
    local bridge_config="
 auto vmbr${external_bridge_id}
 iface vmbr${external_bridge_id} inet static
    address ${ip}
    netmask ${NETMASK}
    bridge_ports none
    bridge_stp off
    bridge_fd 0
    hwaddress ether ${mac_address}
 #WAN ${external_bridge_id}
 "
    # LAN bridge configuration without an IP, as it's for internal network only
    bridge_config+="
 auto vmbr${internal_bridge_id}
 iface vmbr${internal_bridge_id} inet manual
    bridge_ports none
    bridge_stp off
    bridge_fd 0
 #LAN ${internal_bridge_id}
 "
    echo "$bridge_config"
 }
 # Collect inputs
 MAINSERVERIP=$(prompt_input "MAIN_SERVER_IP" "192.168.0.1")
 GATEWAYADDRESS=$(prompt_input "MAIN_SERVER_GATEWAY_ADDRESS" "192.168.0.254")
 NETMASK=$(prompt_input "NETMASK" "255.255.255.0")
 BROADCASTIP=$(prompt_input "BROADCASTIP" "192.168.0.255")
 ADD_IP_ADDRESSES=$(prompt_input "ADDITIONAL_IP_ADDRESSES (comma-separated)" "")
 MAC_ADDRESSES=$(prompt_input "MAC_ADDRESSES for additional IPs (comma-separated)" "")
 NETWORK_INTERFACE=$(prompt_input "NETWORK_INTERFACE" "eth0")
 # Display inputs for confirmation
 echo "---------------------------------------------------------------------"
 echo "You have entered the following configuration:"
 echo "MAIN_SERVER_IP: $MAINSERVERIP"
 echo "MAIN_SERVER_GATEWAY_ADDRESS: $GATEWAYADDRESS"
 echo "NETMASK: $NETMASK"
 echo "BROADCASTIP: $BROADCASTIP"
 echo "ADDITIONAL_IP_ADDRESSES: $ADD_IP_ADDRESSES"
 echo "MAC_ADDRESSES: $MAC_ADDRESSES"
 echo "NETWORK_INTERFACE: $NETWORK_INTERFACE"
 echo "---------------------------------------------------------------------"
 read -p "Is this correct? [yes/no]: " confirmation
 if [[ $confirmation != [Yy]* ]]; then
    echo "Exiting without changes."
    exit
 fi
 # Split ADD_IP_ADDRESSES and MAC_ADDRESSES into arrays
 IFS=',' read -ra ADDR <<<"$ADD_IP_ADDRESSES"
 IFS=',' read -ra MACS <<<"$MAC_ADDRESSES"
 # Generate dynamic routing rules
 additional_routes=""
 for add_ip in "${ADDR[@]}"; do
    additional_routes+="    up ip route add $add_ip dev ${NETWORK_INTERFACE}
 "
 done
 # Initialize the interfaces file content
 interfaces_content="
 ### Hetzner Online GmbH installimage
 source /etc/network/interfaces.d/*
@ -91,68 +16,63 @@ auto lo
 iface lo inet loopback
 iface lo inet6 loopback
-# Main network interface configuration
+
 iface ${NETWORK_INTERFACE} inet manual
-    up ip route add -net ${GATEWAYADDRESS} netmask ${NETMASK} gw ${GATEWAYADDRESS} vmbr0
+
-    up sysctl -w net.ipv4.ip_forward=1
+  up ip route add -net up ip route add -net ${GATEWAYADRESS} netmask ${NETMASK} gw  ${GATEWAYADRESS} vmbr0
-    up sysctl -w net.ipv4.conf.${NETWORK_INTERFACE}.send_redirects=0
+  up sysctl -w net.ipv4.ip_forward=1
-    up sysctl -w net.ipv6.conf.all.forwarding=1
+  up sysctl -w net.ipv4.conf.${NETWORK_INTERFACE}.send_redirects=0
-$additional_routes
+  up sysctl -w net.ipv6.conf.all.forwarding=1
-    up ip route add 192.168.0.0/16 via ${MAINSERVERIP} dev vmbr0
+  up ip route add 192.168.0.0/16 via ${ADD_IP_ADRESS} dev vmbr0
-    up ip route add 172.16.0.0/12 via ${MAINSERVERIP} dev vmbr0
+  up ip route add 172.16.0.0/12 via ${ADD_IP_ADRESS} dev vmbr0
-    up ip route add 10.0.0.0/8 via ${MAINSERVERIP} dev vmbr0
+  up ip route add 10.0.0.0/8 via ${ADD_IP_ADRESS} dev vmbr0
 iface ${NETWORK_INTERFACE} inet6 static
  address 2a01:4f8:110:5143::2
  netmask 64
  gateway fe80::1
 auto vmbr0
 iface vmbr0 inet static
-    address  ${MAINSERVERIP}
+        address  ${MAINSERVERIP}
-    netmask  32
+        netmask  32
-    gateway  ${GATEWAYADDRESS}
+        gateway  ${GATEWAYADRESS}
-    broadcast  ${BROADCASTIP}
+        broadcast  ${BROADCASTIP}
-    bridge-ports ${NETWORK_INTERFACE}
+        bridge-ports ${NETWORK_INTERFACE}
-    bridge-stp off
+        bridge-stp off
-    bridge-fd 0
+        bridge-fd 0
-    pointopoint ${GATEWAYADDRESS}
+        pointopoint ${GATEWAYADRESS}
-#Main IP configuration
+#WAN
 "
-# Append bridge interfaces for each additional IP and MAC address and create internal bridges
+
-for i in "${!ADDR[@]}"; do
+# Virtual switch for DMZ
-    # Increment bridge_id for each additional IP
+# (connect your firewall/router KVM instance and private DMZ hosts here)
-    bridge_id=$((i + 1))
+auto vmbr1
-    interfaces_content+=$(create_bridge_text "${ADDR[i]}" "$bridge_id" "${MACS[i]}")
+iface vmbr1 inet manual
        bridge_ports none
        bridge_stp off
        bridge_fd 0
 #LAN0
 " >interfaces
 cat interfaces
 while true; do
    read -p "Config correct? [yes][no]: " yn
    case $yn in
    [Yy]*)
        echo ""
        break
        ;;
    [Nn]*) exit ;;
    *) echo "Please answer yes or no." ;;
    esac
 done
-# Save the new configuration to a temporary file
+mv /etc/network/interfaces /etc/network/interfaces.old
-echo "$interfaces_content" > /tmp/new_interfaces
+mv interfaces /etc/network/interfaces
-# Display the current network configuration
+echo "The network can be restarted with the following command:      /etc/init.d/networking restart    "
 echo "---------------------------------------------------------------------"
 echo "Current network configuration (/etc/network/interfaces):"
 cat /etc/network/interfaces
 echo ""
 # Display the new network configuration
 echo "---------------------------------------------------------------------"
 echo "New network configuration:"
 cat /tmp/new_interfaces
 echo ""
 # Show the differences
 echo "---------------------------------------------------------------------"
 echo "Configuration differences:"
 diff /etc/network/interfaces /tmp/new_interfaces
 echo ""
 # Confirm before applying changes
 echo "---------------------------------------------------------------------"
 read -p "Apply this network configuration? [yes/no]: " apply_conf
 if [[ $apply_conf == [Yy]* ]]; then
    timestamp=$(date +%Y%m%d-%H%M%S)
    mv /etc/network/interfaces /etc/network/interfaces.bak-$timestamp
    mv /tmp/new_interfaces /etc/network/interfaces
    echo "The network can be restarted with the following command: '/etc/init.d/networking' restart or 'systemctl restart networking'"
 else
    echo "Exiting without applying changes."
    rm /tmp/new_interfaces
 fi