20-networking.sh
68 lines
| 1.7 KiB
| application/x-sh
|
BashLexer
/ bootstrap.d / 20-networking.sh
Filip Pytloun
|
r56 | # | ||
Jan Wagner
|
r67 | # Setup Networking | ||
Filip Pytloun
|
r56 | # | ||
Jan Wagner
|
r67 | # Load utility functions | ||
Filip Pytloun
|
r56 | . ./functions.sh | ||
# Set up IPv4 hosts | ||||
Jan Wagner
|
r67 | install_readonly files/network/hostname $R/etc/hostname | ||
Jan Wagner
|
r70 | sed -i "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname | ||
Jan Wagner
|
r67 | |||
install_readonly files/network/hosts $R/etc/hosts | ||||
Jan Wagner
|
r70 | sed -i "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts | ||
Filip Pytloun
|
r56 | |||
if [ "$NET_ADDRESS" != "" ] ; then | ||||
Jan Wagner
|
r67 | NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/') | ||
sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts | ||||
Filip Pytloun
|
r56 | fi | ||
# Set up IPv6 hosts | ||||
if [ "$ENABLE_IPV6" = true ] ; then | ||||
Jan Wagner
|
r67 | cat <<EOM >>$R/etc/hosts | ||
Filip Pytloun
|
r56 | |||
::1 localhost ip6-localhost ip6-loopback | ||||
ff02::1 ip6-allnodes | ||||
ff02::2 ip6-allrouters | ||||
EOM | ||||
fi | ||||
# Place hint about network configuration | ||||
Jan Wagner
|
r67 | install_readonly files/network/interfaces $R/etc/network/interfaces | ||
Filip Pytloun
|
r56 | |||
if [ "$ENABLE_DHCP" = true ] ; then | ||||
Jan Wagner
|
r70 | # Enable systemd-networkd DHCP configuration for interface eth0 | ||
install_readonly files/network/eth.network $R/etc/systemd/network/eth.network | ||||
Filip Pytloun
|
r56 | |||
Jan Wagner
|
r70 | # Set DHCP configuration to IPv4 only | ||
Jan Wagner
|
r67 | if [ "$ENABLE_IPV6" = false ] ; then | ||
sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network | ||||
fi | ||||
Jan Wagner
|
r70 | |||
Filip Pytloun
|
r56 | else # ENABLE_DHCP=false | ||
Jan Wagner
|
r67 | cat <<EOM >$R/etc/systemd/network/eth.network | ||
Filip Pytloun
|
r56 | [Match] | ||
Name=eth0 | ||||
[Network] | ||||
DHCP=no | ||||
Address=${NET_ADDRESS} | ||||
Gateway=${NET_GATEWAY} | ||||
DNS=${NET_DNS_1} | ||||
DNS=${NET_DNS_2} | ||||
Domains=${NET_DNS_DOMAINS} | ||||
NTP=${NET_NTP_1} | ||||
NTP=${NET_NTP_2} | ||||
EOM | ||||
fi | ||||
# Enable systemd-networkd service | ||||
chroot_exec systemctl enable systemd-networkd | ||||
# Enable network stack hardening | ||||
if [ "$ENABLE_HARDNET" = true ] ; then | ||||
Jan Wagner
|
r68 | install_readonly files/sysctl.d/82-rpi-net-hardening.conf $R/etc/sysctl.d/82-rpi-net-hardening.conf | ||
Filip Pytloun
|
r56 | |||
Jan Wagner
|
r70 | # Enable resolver warnings about spoofed addresses | ||
install_readonly files/network/host.conf $R/etc/host.conf | ||||
Filip Pytloun
|
r56 | fi | ||