From 306f0ddc4c4959b458f73a59116ef62c43826c78 Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Wed, 31 Jan 2024 17:26:58 +0300 Subject: [PATCH] added dns config + refactoring... Signed-off-by: Alex A. Naanou --- .pct-helpers | 35 ++++++++++++++++++ host/make.sh | 37 +++++++++++++------ .../{pve/etc => etc/pve}/firewall/cluster.fw | 0 host/templates/etc/resolv.conf | 4 ++ 4 files changed, 65 insertions(+), 11 deletions(-) rename host/templates/{pve/etc => etc/pve}/firewall/cluster.fw (100%) create mode 100644 host/templates/etc/resolv.conf diff --git a/.pct-helpers b/.pct-helpers index f811929..97470e2 100644 --- a/.pct-helpers +++ b/.pct-helpers @@ -286,6 +286,41 @@ xreadpass(){ } +# Review changes in PATH.new, then edit/apply changes to PATH +# +# reviewApplyChanges PATH +# +# NOTE: if changes are not applied this will return non-zero making this +# usable in conditionals... +reviewApplyChanges(){ + local file=$1 + echo "# Review updated: ${file}.new:" + @ cat ${file}.new + echo + # XXX add option to edit... + local res + while true ; do + read -ep "# [a]pply, [e]dit, [s]kip? " res + case "${res,,}" in + a|apply) + break + ;; + e|edit) + ${EDITOR} "${file}" + ;; + s|skip) + echo "# file saved as: ${file}.new" + return 1 + ;; + *) + echo "ERROR: unknown command: \"$res\"" >&2 + continue + ;; + esac + done + @ mv -b "${file}"{.new,} +} + #---------------------------------------------------------------------- diff --git a/host/make.sh b/host/make.sh index 1f4f8d1..25a73df 100755 --- a/host/make.sh +++ b/host/make.sh @@ -52,7 +52,7 @@ if xreadYes "# Install additional apps?" APPS ; then @ apt install ${SOFTWARE[@]} fi -# Networking +# Bridges... # XXX need to: # - bootstrap this # - setup the gate, ssh, and wireguard @@ -88,25 +88,40 @@ if xreadYes "# Create bridges?" BRIDGES ; then cat bridges.tpl \ | expandPCTTemplate WAN_PORT ADMIN_PORT)" - # XXX add $BRIDGES to /etc/network/interfaces either before the - # source command or at the end... - # XXX + if [ -z "$DRY_RUN" ] ; then + # XXX add $BRIDGES to /etc/network/interfaces either before the + # source command or at the end... + # XXX + echo + fi - # review/apply setup... - echo "# Review updated: /etc/network/interfaces.new:" - @ cat /etc/network/interfaces.new - echo - if xreadYes "# Apply changes?" ; then - @ mv -b /etc/network/interfaces{.new,} + if reviewApplyChanges /etc/network/interfaces ; then @ ifreload -a fi fi + +echo "# Building config..." +# XXX do we need any extra vars here??? +buildAssets + + +# DNS +if xreadYes "# Update DNS?" DNS ; then + file=/etc/resolv.conf + @ cp "staging/${file}" "${file}".new + reviewApplyChanges "${file}" +fi + + # Firewall if xreadYes "# Update firewall rules?" FIREWALL ; then - @ cp --backup -i templates/etc/pve/firewall/cluster.fw /etc/pve/firewall/ + file=/etc/pve/firewall/cluster.fw + @ cp "staging/${file}" "${file}".new + reviewApplyChanges "${file}" fi + showNotes echo "# Done." diff --git a/host/templates/pve/etc/firewall/cluster.fw b/host/templates/etc/pve/firewall/cluster.fw similarity index 100% rename from host/templates/pve/etc/firewall/cluster.fw rename to host/templates/etc/pve/firewall/cluster.fw diff --git a/host/templates/etc/resolv.conf b/host/templates/etc/resolv.conf new file mode 100644 index 0000000..395b462 --- /dev/null +++ b/host/templates/etc/resolv.conf @@ -0,0 +1,4 @@ +search srv +nameserver 127.0.0.1 +nameserver ${NS_ADMIN_IPn} +nameserver 8.8.8.8