Raspi2-3_GenImage Commit - r85:4567264214bc · Collaboration Tremplin des Sciences

1

#

1

#

2

# Setup Networking

2

# Setup Networking

3

#

3

#

4

5

# Load utility functions

5

# Load utility functions

6

. ./functions.sh

6

. ./functions.sh

7

8

# Install and setup hostname

8

# Install and setup hostname

9

install_readonly files/network/hostname "${ETCDIR}/hostname"

9

install_readonly files/network/hostname "${ETCDIR}/hostname"

10

sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hostname"

10

sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hostname"

11

12

# Install and setup hosts

12

# Install and setup hosts

13

install_readonly files/network/hosts "${ETCDIR}/hosts"

13

install_readonly files/network/hosts "${ETCDIR}/hosts"

14

sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hosts"

14

sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hosts"

15

16

# Setup hostname entry with static IP

16

# Setup hostname entry with static IP

17

if [ "$NET_ADDRESS" != "" ] ; then

17

if [ "$NET_ADDRESS" != "" ] ; then

18

NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')

18

NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')

19

sed -i "s/^127.0.1.1/${NET_IP}/" "${ETCDIR}/hosts"

19

sed -i "s/^127.0.1.1/${NET_IP}/" "${ETCDIR}/hosts"

20

fi

20

fi

21

22

# Remove IPv6 hosts

22

# Remove IPv6 hosts

23

if [ "$ENABLE_IPV6" = false ] ; then

23

if [ "$ENABLE_IPV6" = false ] ; then

24

sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETCDIR}/hosts"

24

sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETCDIR}/hosts"

25

fi

25

fi

26

27

# Install hint about network configuration

27

# Install hint about network configuration

28

install_readonly files/network/interfaces "${ETCDIR}/network/interfaces"

28

install_readonly files/network/interfaces "${ETCDIR}/network/interfaces"

29

30

# Install configuration for interface eth0

30

# Install configuration for interface eth0

31

install_readonly files/network/eth.network "${ETCDIR}/systemd/network/eth.network"

31

install_readonly files/network/eth.network "${ETCDIR}/systemd/network/eth.network"

32

33

if [ "$ENABLE_DHCP" = true ] ; then

33

if [ "$ENABLE_DHCP" = true ] ; then

34

# Enable DHCP configuration for interface eth0

34

# Enable DHCP configuration for interface eth0

35

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETCDIR}/systemd/network/eth.network"

35

sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETCDIR}/systemd/network/eth.network"

36

37

# Set DHCP configuration to IPv4 only

37

# Set DHCP configuration to IPv4 only

38

if [ "$ENABLE_IPV6" = false ] ; then

38

if [ "$ENABLE_IPV6" = false ] ; then

39

sed -i "s/DHCP=.*/DHCP=v4/" "${ETCDIR}/systemd/network/eth.network"

39

sed -i "s/DHCP=.*/DHCP=v4/" "${ETCDIR}/systemd/network/eth.network"

40

fi

40

fi

41

42

else # ENABLE_DHCP=false

42

else # ENABLE_DHCP=false

43

# Set static network configuration for interface eth0

43

# Set static network configuration for interface eth0

44

sed -i\

44

sed -i\

45

-e "s|DHCP=.*|DHCP=no|"\

45

-e "s|DHCP=.*|DHCP=no|"\

46

-e "s|Address=\$|Address=${NET_ADDRESS}|"\

46

-e "s|Address=\$|Address=${NET_ADDRESS}|"\

47

-e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\

47

-e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\

48

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\

48

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\

49

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\

49

-e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\

50

-e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\

50

-e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\

51

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\

51

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\

52

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\

52

-e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\

53

"${ETCDIR}/systemd/network/eth.network"

53

"${ETCDIR}/systemd/network/eth.network"

54

fi

54

fi

55

56

# Remove empty settings from network configuration

56

# Remove empty settings from network configuration

57

sed -i "/.*=\$/d" "${ETCDIR}/systemd/network/eth.network"

57

sed -i "/.*=\$/d" "${ETCDIR}/systemd/network/eth.network"

58

59

# Enable systemd-networkd service

59

# Enable systemd-networkd service

60

chroot_exec systemctl enable systemd-networkd

60

chroot_exec systemctl enable systemd-networkd

61

62

# Install host.conf resolver configuration

62

# Install host.conf resolver configuration

63

install_readonly files/network/host.conf "${ETCDIR}/host.conf"

63

install_readonly files/network/host.conf "${ETCDIR}/host.conf"

64

65

# Enable network stack hardening

65

# Enable network stack hardening

66

if [ "$ENABLE_HARDNET" = true ] ; then

66

if [ "$ENABLE_HARDNET" = true ] ; then

67

# Install sysctl.d configuration files

67

# Install sysctl.d configuration files

68

install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETCDIR}/sysctl.d/82-rpi-net-hardening.conf"

68

install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETCDIR}/sysctl.d/82-rpi-net-hardening.conf"

69

70

# Setup resolver warnings about spoofed addresses

70

# Setup resolver warnings about spoofed addresses

71

sed -i "s/^# spoof warn/spoof warn/" "${ETCDIR}/host.conf"

71

sed -i "s/^# spoof warn/spoof warn/" "${ETCDIR}/host.conf"

72

fi

72

fi

73

74

# Enable time sync

75

if [ "NET_NTP_1" != "" ] ; then

76

chroot_exec systemctl enable systemd-timesyncd.service

77

fi

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             #
             # Setup Networking
             #
             # Load utility functions
             . ./functions.sh
             # Install and setup hostname
             install_readonly files/network/hostname "${ETCDIR}/hostname"
             sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hostname"
             # Install and setup hosts
             install_readonly files/network/hosts "${ETCDIR}/hosts"
             sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hosts"
             # Setup hostname entry with static IP
             if [ "$NET_ADDRESS" != "" ] ; then
               NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
               sed -i "s/^127.0.1.1/${NET_IP}/" "${ETCDIR}/hosts"
             fi
             # Remove IPv6 hosts
             if [ "$ENABLE_IPV6" = false ] ; then
               sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETCDIR}/hosts"
             fi
             # Install hint about network configuration
             install_readonly files/network/interfaces "${ETCDIR}/network/interfaces"
             # Install configuration for interface eth0
             install_readonly files/network/eth.network "${ETCDIR}/systemd/network/eth.network"
             if [ "$ENABLE_DHCP" = true ] ; then
               # Enable DHCP configuration for interface eth0
               sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETCDIR}/systemd/network/eth.network"
               # Set DHCP configuration to IPv4 only
               if [ "$ENABLE_IPV6" = false ] ; then
                 sed -i "s/DHCP=.*/DHCP=v4/" "${ETCDIR}/systemd/network/eth.network"
               fi
             else # ENABLE_DHCP=false
               # Set static network configuration for interface eth0
               sed -i\
               -e "s|DHCP=.*|DHCP=no|"\
               -e "s|Address=\$|Address=${NET_ADDRESS}|"\
               -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
               -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
               -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
               -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
               -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
               -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
               "${ETCDIR}/systemd/network/eth.network"
             fi
             # Remove empty settings from network configuration
             sed -i "/.*=\$/d" "${ETCDIR}/systemd/network/eth.network"
             # Enable systemd-networkd service
             chroot_exec systemctl enable systemd-networkd
             # Install host.conf resolver configuration
             install_readonly files/network/host.conf "${ETCDIR}/host.conf"
             # Enable network stack hardening
             if [ "$ENABLE_HARDNET" = true ] ; then
               # Install sysctl.d configuration files
               install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETCDIR}/sysctl.d/82-rpi-net-hardening.conf"
               # Setup resolver warnings about spoofed addresses
               sed -i "s/^# spoof warn/spoof warn/" "${ETCDIR}/host.conf"
             fi
+            # Enable time sync
+            if [ "NET_NTP_1" != "" ] ; then
+              chroot_exec systemctl enable systemd-timesyncd.service
+            fi