From 39b42883fcd64050bd034d95fbb9b1bf16efec4d Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Mon, 21 Oct 2024 21:13:44 +0300 Subject: [PATCH] cleanup... Signed-off-by: Alex A. Naanou --- README.md | 19 ++++++++----------- host/make.sh | 16 ++++++++++++---- 2 files changed, 20 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 70949e4..6ba9ff3 100644 --- a/README.md +++ b/README.md @@ -173,20 +173,17 @@ To finalize the setup run: make finalize ``` -This will break the ssh connection, reconnect via the WAN port -and reattach to the `tmux` session via: - -```shell -tmux a -``` - This will -- detach the host from any external ports and make it accessible only - from the internal network. - See: [Architecture](#architecture) and [Bootstrapping](#bootstrapping) -- setup firewall rules. +- Setup firewall rules. Note that the firewall will not be enabled, this should be done manually after rule review. +- Detach the host from any external ports and make it accessible only + from the internal network. + See: [Architecture](#architecture) and [Bootstrapping](#bootstrapping) + +This will break the ssh connection when done, reconnect via the WAN port +to continue (see: [Accessing the host](#accessing-the-host)), or connect +directly to the ADMIN port (DHCP) and ssh into `$HOST_ADMIN_IP` (default: 10.0.0.254). _Note that the ADMIN port is configured for direct connections only (DHCP), diff --git a/host/make.sh b/host/make.sh index 673a5a4..69634ac 100755 --- a/host/make.sh +++ b/host/make.sh @@ -49,6 +49,7 @@ BRIDGES_TPL=${BRIDGES_TPL:-bridges.tpl} # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Bootstrap... +# cleanup... if ! [ -z $BOOTSTRAP_CLEAN ] ; then @ cp "$INTERFACES"{,.bak} @@ -61,6 +62,7 @@ if ! [ -z $BOOTSTRAP_CLEAN ] ; then @ ifreload -a fi fi + # clear self to avoid a second deffered execution... unset -f __finalize } @@ -74,6 +76,7 @@ if ! [ -z $BOOTSTRAP_CLEAN ] ; then DFL_DNS=1 DFL_FIREWALL=SKIP + # NOTE: in general this is non-destructive and can be done inline. __finalize # stage 2: clean -> final @@ -86,6 +89,8 @@ if ! [ -z $BOOTSTRAP_CLEAN ] ; then DFL_DNS=SKIP DFL_FIREWALL=1 + # NOTE: __finalize is deferred to just before reboot... + REBOOT=1 # done @@ -112,20 +117,20 @@ fi #---------------------------------------------------------------------- -# System... +# system... if xreadYes "# Update system?" UPDATE ; then @ apt update @ apt upgrade fi -# Tools... +# tools... if xreadYes "# Install additional apps?" APPS ; then @ apt install ${SOFTWARE[@]} fi -# Bridges... +# bridges... if xreadYes "# Create bridges?" BRIDGES ; then xread "WAN port: " WAN_PORT xread "ADMIN port: " ADMIN_PORT @@ -262,11 +267,14 @@ showNotes echo "# Done." -if [[ $( type -t __finalize ) == function ]] ; then +# finalize... +if [[ $( type -t __finalize ) == "function" ]] ; then + echo "# Finalizing ${INTERFACES}..." __finalize fi +# reboot... if ! [ -z $REBOOT ] ; then echo "# Rebooting..." @ reboot