From c5d95d0e5e62958097d7f3953fc0f1376c0f7995 Mon Sep 17 00:00:00 2001 From: f Date: Mon, 26 Sep 2022 16:01:02 -0300 Subject: [PATCH] Static routing. OVH network assigns IP addresses on a /32 subnet, so we can't add a default gateway because it's outside the subnet. --- config.yml | 2 + tasks/post_install.yml | 6 ++ tasks/update.yml | 6 ++ templates/etc/network/interfaces.j2 | 2 +- templates/usr/libexec/ifupdown-ng/routes.j2 | 72 +++++++++++++++++++++ 5 files changed, 87 insertions(+), 1 deletion(-) create mode 100755 templates/usr/libexec/ifupdown-ng/routes.j2 diff --git a/config.yml b/config.yml index 8c56691..d317b2d 100644 --- a/config.yml +++ b/config.yml @@ -40,6 +40,8 @@ templates: - "/etc/sysctl.d/coredump.conf" - "/etc/docker/daemon.json" - "/etc/ntp.conf" +executables: +- "/usr/libexec/ifupdown-ng/routes" services: - runlevel: "sysinit" service: "devfs" diff --git a/tasks/post_install.yml b/tasks/post_install.yml index cb81646..74f1d44 100644 --- a/tasks/post_install.yml +++ b/tasks/post_install.yml @@ -9,6 +9,12 @@ dest: "/mnt{{ item }}" mode: "640" loop: "{{ templates }}" +- name: "Also executables." + template: + src: "templates{{ item }}.j2" + dest: "/mnt{{ item }}" + mode: "750" + loop: "{{ executables }}" - name: "And services." template: src: "templates{{ item }}.j2" diff --git a/tasks/update.yml b/tasks/update.yml index b5f871e..d8ca695 100644 --- a/tasks/update.yml +++ b/tasks/update.yml @@ -7,6 +7,12 @@ dest: "{{ item }}" mode: "640" loop: "{{ templates }}" +- name: "Also executables." + template: + src: "templates{{ item }}.j2" + dest: "{{ item }}" + mode: "750" + loop: "{{ executables }}" - name: "And services." template: src: "templates{{ item }}.j2" diff --git a/templates/etc/network/interfaces.j2 b/templates/etc/network/interfaces.j2 index 3dc60ce..e142da6 100644 --- a/templates/etc/network/interfaces.j2 +++ b/templates/etc/network/interfaces.j2 @@ -6,7 +6,7 @@ auto eth0 iface eth0 inet static address {{ ansible_host }}/{{ netmask }} - gateway {{ gateway }} + routes-static {{ gateway }},default via {{ gateway }} {% if ip6 is defined %} iface eth0 inet6 static diff --git a/templates/usr/libexec/ifupdown-ng/routes.j2 b/templates/usr/libexec/ifupdown-ng/routes.j2 new file mode 100755 index 0000000..9b37e3d --- /dev/null +++ b/templates/usr/libexec/ifupdown-ng/routes.j2 @@ -0,0 +1,72 @@ +#!/bin/sh +# https://github.com/ifupdown-ng/ifupdown-ng/issues/42#issuecomment-849135927 +[ -z "${VERBOSE}" ] || set -x + +# routes-static 1.2.3.0/24,10.0.0.0/8 via 1.2.3.4 +# routes-rule dport 25 table 123,dport 587 table 123 + +# adds $3 to $1 if $1 does not contain $2 +addif() { + if [ "$1" = "${1%$2*}" ]; then + echo $1 $3 + else + echo $1 + fi +} +decidr() { + echo "${1%/*}" +} +addsrc() { + addif "$1" src "src $(decidr $IF_ADDRESS)" +} +adddev() { + addif "$1" dev "dev $IFACE" +} + +# $1: input string +# $2: delimeter +# $3: function to call +foreach() { + list="$1" + + while [ -n "$list" ]; do + line="${list%%$2*}" + list="${list#*$2}" + "$3" "$line" + + [ "$line" = "$list" ] && break + done +} + +# add a route +prep() { + route="$1" + route=$(addsrc "$route") + route=$(adddev "$route") + echo $route +} +routeadd() { + ${MOCK} ip route add $(prep "$1") +} +routedel() { + ${MOCK} ip route del $(prep "$1") +} + +ruleadd() { + ${MOCK} ip rule add $1 +} +ruledel() { + ${MOCK} ip rule del $1 +} + +case "$PHASE" in +up) + foreach "$IF_ROUTES_STATIC" , routeadd + foreach "$IF_ROUTES_RULE" , ruleadd + ;; +down) + foreach "$IF_ROUTES_STATIC" , routedel + foreach "$IF_ROUTES_RULE" , ruledel + ;; +*) exit 0 ;; +esac