refactoring...

Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
2025-10-28 10:40:07 +00:00 · 2023-12-31 02:02:59 +03:00 · 2023-12-31 02:02:59 +03:00 · 7eb8a41e60
commit 7eb8a41e60
parent c9a200d42e
3 changed files with 31 additions and 17 deletions
--- a/gate-traefik/make.sh
+++ b/gate-traefik/make.sh
@ -89,12 +89,15 @@ fi

 TEMPLATE=($(ls /var/lib/vz/template/cache/alpine-3.18*.tar.xz))

+# XXX should we set the initial ip as 10.x.x.2/23, dhcp or empty???
+#	--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=10.1.1.2/24,type=veth \
+#	--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=10.0.0.2/24,type=veth \
 OPTS_STAGE_1="\
 	--hostname $CTHOSTNAME \
 	--memory 128 \
 	--swap 128 \
 	--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
-	--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,type=veth \
+	--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \
 	--storage local-lvm \
 	--rootfs local-lvm:0.5 \
 	--unprivileged 1 \
--- a/gate-traefik/templates/etc/network/interfaces
+++ b/gate-traefik/templates/etc/network/interfaces
@ -4,10 +4,12 @@ iface lo inet6 loopback

 auto lan
 iface lan inet dhcp
+	#address 10.1.1.2
 	hostname $(hostname)

 auto admin
 iface admin inet dhcp
+	#address 10.0.0.2
 	hostname $(hostname)

 auto wan
--- a/ns/assets/etc/dnsmasq.conf
+++ b/ns/assets/etc/dnsmasq.conf
@ -1,4 +1,6 @@
-
+#----------------------------------------------------------------------
+#
+#----------------------------------------------------------------------
 # DNS

 # Never forward plain names (without a dot or domain part)
@ -10,49 +12,56 @@ resolv-file=/etc/resolv.conf

 local-service

-listen-address=::1,127.0.0.1,10.1.1.1,10.0.0.1
+listen-address=::1,127.0.0.1,10.0.0.1,10.1.1.1

 expand-hosts
+domain-needed

+#local=/adm/
 local=/srv/
+
+domain=adm,admin
+domain=adm,10.0.0.0/24
+
+domain=srv,lan
+domain=srv,10.1.1.0/24
+
 domain=srv



+#----------------------------------------------------------------------
 # DHCP

-#no-dhcp-interface=admin
-
+dhcp-fqdn
 dhcp-authoritative

-#dhcp-range=192.168.1.0,static
+dhcp-range=192.168.1.0,static
 dhcp-range=interface:admin,10.0.0.20,10.0.0.200,12h
 dhcp-range=interface:lan,10.1.1.20,10.1.1.200,12h

-#dhcp-lease-max=150
-#dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases
-
-
 # ns
 address=/ns/10.0.0.1
+address=/ns/10.1.1.1

 # gate
 address=/gate/10.0.0.2
-dhcp-option=option:router,10.0.0.2
-dhcp-option=3,10.0.0.2
+address=/gate/10.1.1.2
+dhcp-option=admin,option:router,10.0.0.2
+dhcp-option=lan,option:router,10.1.1.2
+dhcp-host=admin,gate,10.0.0.2,infinite
+dhcp-host=lan,gate,10.1.1.2,infinite

 # pve
 address=/pve/10.0.0.254

-# directly routed services get specific IPs...
-# NOTE: this is needed to reliably forward ports to these services.
-dhcp-host=ssh,10.0.0.4,infinite
-dhcp-host=wireguard,10.0.0.5,infinite
-


+#----------------------------------------------------------------------
 # MISC

 # Include all files in a directory which end in .conf
 conf-dir=/etc/dnsmasq.d/,*.conf

+
+#----------------------------------------------------------------------