##// END OF EJS Templates
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list -Fix: check for kernel_threads -Fix: Cryptfs Kernel parameters -Renamed: Kernel_reduce renamed for better varaible grouping to Reduce_kernel -Fix: defaultgov check in 13-kernel.sh -Dropped: Enable_DHCP - now seperated in Enable_eth_dhcp and enable_wifi_dhcp -Feature: Dhcp and static configuration of both wired and wifi interface -Feature: added uart_2ndstage=1 for even more uart output in early stages -Renamed: eth.network and wlan.network to eth0 and wlan0 -Improve: sanity check for stattic ip -Renamed: Enable_SSHD to SSH_Enable for better variable gouping -Renamed PASSWORD to ROOT_PASSWORD for better distinction with USER_PASSWORD -Improved: Enable_dbus check on firstboot (generate-machineid) -improved: Reduce if ipv6 disable remove xtables -Improved: recomend $Release if xorg is enabled on some rpi models -Install wpasupplicant if Enabled_wireless is true -Reorder key:value in rpi23-gen-image.sh -fixing some wrong var assingments and missing declarations in rpi23-gen-image.sh -updated precompiled kernel links - changed the following default values: "Reduce_*,cryptfs_keysize (support for 0 and 1),rpi_model" - added a complete config (rpi3buster-fullconfig) in sync with new order of key:value in rpi23-gen-image.sh thx to trampeltier@fsfe for testing a lot!

Fichier de la dernière révision:

r732:4551fcf06923
r732:4551fcf06923
Show More
20-networking.sh
186 lines | 6.9 KiB | application/x-sh | BashLexer
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 #
Jan Wagner
spliting more files, fix-uboot, fix-fbturbo, fix-locale
r67 # Setup Networking
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 #
Jan Wagner
spliting more files, fix-uboot, fix-fbturbo, fix-locale
r67 # Load utility functions
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 . ./functions.sh
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install and setup hostname
drtyhlpr
Added Raspberry Pi 3 model support
r94 install_readonly files/network/hostname "${ETC_DIR}/hostname"
Unknown
its bin/sh again...
r384 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
Jan Wagner
spliting more files, fix-uboot, fix-fbturbo, fix-locale
r67
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install and setup hosts
drtyhlpr
Added Raspberry Pi 3 model support
r94 install_readonly files/network/hosts "${ETC_DIR}/hosts"
Unknown
its bin/sh again...
r384 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Setup hostname entry with static IP
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 if [ "$NET_ETH_ADDRESS" != "" ] ; then
NET_IP=$(echo "${NET_ETH_ADDRESS}" | cut -f 1 -d'/')
drtyhlpr
Added Raspberry Pi 3 model support
r94 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 fi
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Remove IPv6 hosts
if [ "$ENABLE_IPV6" = false ] ; then
drtyhlpr
Added Raspberry Pi 3 model support
r94 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 fi
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install hint about network configuration
drtyhlpr
Added Raspberry Pi 3 model support
r94 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install configuration for interface eth0
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 install_readonly files/network/eth0.network "${ETC_DIR}/systemd/network/eth0.network"
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71
Unknown
eth offload fix for rpi3b+...
r571 if [ "$RPI_MODEL" = 3P ] ; then
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 printf "\n[Link]\nGenericReceiveOffload=off\nTCPSegmentationOffload=off\nGenericSegmentationOffload=off" >> "${ETC_DIR}/systemd/network/eth0.network"
Unknown
eth offload fix for rpi3b+...
r571 fi
Unknown
RPI3B+...
r250 # Install configuration for interface wl*
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 install_readonly files/network/wlan0.network "${ETC_DIR}/systemd/network/wlan0.network"
Unknown
RPI3B+...
r250
#always with dhcp since wpa_supplicant integration is missing
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
Unknown
RPI3B+...
r250
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 if [ "$ENABLE_ETH_DHCP" = true ] ; then
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Enable DHCP configuration for interface eth0
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth0.network"
Unknown
RPI3B+...
r250
Jan Wagner
code cleanup and even more spliting
r70 # Set DHCP configuration to IPv4 only
Jan Wagner
spliting more files, fix-uboot, fix-fbturbo, fix-locale
r67 if [ "$ENABLE_IPV6" = false ] ; then
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth0.network"
sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/eth0.network"
Jan Wagner
spliting more files, fix-uboot, fix-fbturbo, fix-locale
r67 fi
Jan Wagner
code cleanup and even more spliting
r70
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 else # ENABLE_ETH_DHCP=false
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Set static network configuration for interface eth0
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 if [ -n NET_ETH_ADDRESS ] && [ -n NET_ETH_GATEWAY ] && [ -n NET_ETH_DNS_1 ] ; then
sed -i\
-e "s|DHCP=.*|DHCP=no|"\
-e "s|Address=\$|Address=${NET_ETH_ADDRESS}|"\
-e "s|Gateway=\$|Gateway=${NET_ETH_GATEWAY}|"\
-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_1}|"\
-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_ETH_DNS_2}|"\
-e "s|Domains=\$|Domains=${NET_ETH_DNS_DOMAINS}|"\
-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_1}|"\
-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_ETH_NTP_2}|"\
"${ETC_DIR}/systemd/network/eth0.network"
fi
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 fi
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71
Unknown
its bin/sh again...
r384 if [ "$ENABLE_WIRELESS" = true ] ; then
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732 if [ "$ENABLE_WIFI_DHCP" = true ] ; then
# Enable DHCP configuration for interface eth0
sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan0.network"
# Set DHCP configuration to IPv4 only
if [ "$ENABLE_IPV6" = false ] ; then
sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/wlan0.network"
sed '/IPv6PrivacyExtensions=true/d' "${ETC_DIR}/systemd/network/wlan0.network"
fi
else # ENABLE_WIFI_DHCP=false
# Set static network configuration for interface eth0
if [ -n NET_WIFI_ADDRESS ] && [ -n NET_WIFI_GATEWAY ] && [ -n NET_WIFI_DNS_1 ] ; then
sed -i\
-e "s|DHCP=.*|DHCP=no|"\
-e "s|Address=\$|Address=${NET_WIFI_ADDRESS}|"\
-e "s|Gateway=\$|Gateway=${NET_WIFI_GATEWAY}|"\
-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_1}|"\
-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_WIFI_DNS_2}|"\
-e "s|Domains=\$|Domains=${NET_WIFI_DNS_DOMAINS}|"\
-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_1}|"\
-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_WIFI_NTP_2}|"\
"${ETC_DIR}/systemd/network/wlan0.network"
fi
fi
if [ -z "$NET_WIFI_SSID" ] && [ -z "$NET_WIFI_PSK" ] ; then
printf "
ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=wheel
update_config=1
eapol_version=1
ap_scan=1
fast_reauth=1
" > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
#Configure WPA_supplicant
chroot_exec wpa_passphrase "$NET_SSID" "$NET_WPAPSK" >> /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
chroot_exec systemctl enable wpa_supplicant.service
chroot_exec systemctl enable wpa_supplicant@wlan0.service
fi
# Remove empty settings from wlan configuration
sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan0.network"
# If WLAN is enabled copy wlan configuration too
mv -v "${ETC_DIR}/systemd/network/wlan0.network" "${LIB_DIR}/systemd/network/11-wlan0.network"
drtyhlpr
Added Debian stretch release support
r92 fi
Unknown
-Enable_nonfree no longer enables non-free packages while install. now it enables non free packacges in sources.list...
r732
# Remove empty settings from network configuration
sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth0.network"
# Move systemd network configuration if required by Debian release
mv -v "${ETC_DIR}/systemd/network/eth0.network" "${LIB_DIR}/systemd/network/10-eth0.network"
#Clean up
Unknown
its bin/sh again...
r384 rm -fr "${ETC_DIR}/systemd/network"
drtyhlpr
Added Debian stretch release support
r92
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 # Enable systemd-networkd service
chroot_exec systemctl enable systemd-networkd
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install host.conf resolver configuration
drtyhlpr
Added Raspberry Pi 3 model support
r94 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 # Enable network stack hardening
if [ "$ENABLE_HARDNET" = true ] ; then
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Install sysctl.d configuration files
drtyhlpr
Added Raspberry Pi 3 model support
r94 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56
Jan Wagner
comment-cleanup, net-cleanup, size-calc-fix, split-more, menuconfig
r71 # Setup resolver warnings about spoofed addresses
drtyhlpr
Added Raspberry Pi 3 model support
r94 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
Filip Pytloun
Refactor: split bootstrap actions and allow custom
r56 fi
Stephen A. Brandli
Fixed: Enable systemd time sync.
r85
# Enable time sync
Unknown
https://www.shellcheck.net/...
r336 if [ "$NET_NTP_1" != "" ] ; then
Stephen A. Brandli
Fixed: Enable systemd time sync.
r85 chroot_exec systemctl enable systemd-timesyncd.service
fi
drtyhlpr
Added Raspberry Pi 3 model support
r94
# Download the firmware binary blob required to use the RPi3 wireless interface
if [ "$ENABLE_WIRELESS" = true ] ; then
Unknown
https://www.shellcheck.net/...
r336 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
drtyhlpr
fix: various fixes
r398 mkdir -p "${WLAN_FIRMWARE_DIR}"
drtyhlpr
Added Raspberry Pi 3 model support
r94 fi
drtyhlpr
Updated: Dropping privileges, chroot compiler install, dropbear sshd config
r142 # Create temporary directory for firmware binary blob
Petter Reinholdtsen
Introduce as_nobody() function to make it easier to control how it is done....
r174 temp_dir=$(as_nobody mktemp -d)
drtyhlpr
Updated: Dropping privileges, chroot compiler install, dropbear sshd config
r142
Unknown
RPI3B+...
r250 # Fetch firmware binary blob for RPI3B+
Unknown
PATCHES for:...
r665 if [ "$RPI_MODEL" = 3P ] || [ "$RPI_MODEL" = 4 ] ; then
drtyhlpr
fix: various fixes
r398 # Fetch firmware binary blob for RPi3P
as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
Unknown
Enable_Bluetooth var...
r437
# Move downloaded firmware binary blob
mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
# Set permissions of the firmware binary blob
chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
Unknown
Fix WIFI Raspberry 0W
r289 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
drtyhlpr
fix: various fixes
r398 # Fetch firmware binary blob for RPi3
as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
Unknown
Enable_Bluetooth var...
r437
# Move downloaded firmware binary blob
mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
# Set permissions of the firmware binary blob
chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
Unknown
RPI3B+...
r250 fi
drtyhlpr
Updated: Dropping privileges, chroot compiler install, dropbear sshd config
r142 # Remove temporary directory for firmware binary blob
rm -fr "${temp_dir}"
drtyhlpr
Added Raspberry Pi 3 model support
r94 fi