409 lines
9.2 KiB
Bash
Executable File
409 lines
9.2 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# Generate s6 network definitions
|
|
|
|
header_eb() {
|
|
echo '#!/bin/execlineb -P'
|
|
}
|
|
|
|
header_if() {
|
|
echo "define INTERFACE $1"
|
|
}
|
|
|
|
header_addr() {
|
|
echo "define ADDR $1"
|
|
}
|
|
|
|
header_vlan() {
|
|
echo "define VLAN $1"
|
|
echo "define PARENT $2"
|
|
}
|
|
|
|
header_vrf() {
|
|
echo "define VRF $1"
|
|
}
|
|
|
|
header_path() {
|
|
cat <<EOF
|
|
s6-envdir -i /etc/s6/env/path
|
|
emptyenv -p
|
|
EOF
|
|
}
|
|
|
|
h_if() {
|
|
header_eb
|
|
header_if "$1"
|
|
header_path
|
|
}
|
|
|
|
h_if_addr() {
|
|
header_eb
|
|
header_if "$1"
|
|
header_addr "$2"
|
|
header_path
|
|
}
|
|
|
|
linkdel() {
|
|
h_if "$1"
|
|
echo 'ip link del $INTERFACE'
|
|
}
|
|
|
|
ifbundle() {
|
|
local if="$1"
|
|
[ -r "rc/bundle.interface.$if/type" ] || install -Dm644 <(echo bundle) rc/bundle.interface."$if"/type
|
|
shift 1
|
|
for sname in $@; do
|
|
install -Dm644 /dev/null rc/bundle.interface."$if"/contents.d/"$sname"
|
|
done
|
|
}
|
|
|
|
new_link() {
|
|
local if="$1"
|
|
|
|
local sname="interface.$if.link"
|
|
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip link set dev $INTERFACE up'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip link set dev $INTERFACE down'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/bundle.interface."$if"
|
|
}
|
|
|
|
new_forward() {
|
|
local if="$1"
|
|
|
|
local sname="sysctl.net-ipv6-conf-$if-forwarding"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_eb
|
|
header_if "$if"
|
|
cat <<EOF
|
|
s6-envdir -i /etc/s6/env/sysctl.net-ipv6-conf-\${INTERFACE}-forwarding
|
|
export SYSCTL net/ipv6/conf/\${INTERFACE}/forwarding
|
|
/usr/libexec/nnd/s6/sysctl
|
|
EOF
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
header_eb
|
|
header_if "$if"
|
|
cat <<EOF
|
|
export SYSCTL net/ipv6/conf/\${INTERFACE}/forwarding
|
|
export VAL 0
|
|
/usr/libexec/nnd/s6/sysctl
|
|
EOF
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/module.ipv6
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/mount.proc
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$if".create
|
|
install -Dm644 <(echo 1) env/"$sname"/VAL
|
|
}
|
|
|
|
new_if_slave() {
|
|
local master="$1"
|
|
local slave="$2"
|
|
|
|
local sname="interface.$master.slave.$slave"
|
|
ifbundle "$master" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_eb
|
|
cat <<EOF
|
|
define MASTERIF $master
|
|
define SLAVEIF $slave
|
|
EOF
|
|
header_path
|
|
echo 'ip link set dev $SLAVEIF master $MASTERIF'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
header_eb
|
|
cat <<EOF
|
|
define SLAVEIF $slave
|
|
EOF
|
|
header_path
|
|
echo 'ip link set dev $SLAVEIF nomaster'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$master".create
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$slave".create
|
|
}
|
|
|
|
new_if_bridge() {
|
|
local if="$1"
|
|
|
|
local sname="interface.$if.create"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip link add $INTERFACE type bridge'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(linkdel) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/module.bridge
|
|
|
|
new_link "$if"
|
|
}
|
|
|
|
new_if_phys() {
|
|
local if="$1"
|
|
|
|
local sname="interface.$if.create"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'bcnm-waitif 1 $INTERFACE'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/mdevd.coldplug
|
|
|
|
new_link "$if"
|
|
}
|
|
|
|
new_if_wg() {
|
|
local if="$1"
|
|
|
|
# Main service for creating interface
|
|
local sname="interface.$if.create"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip link add $INTERFACE type wireguard'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(linkdel) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/module.wireguard
|
|
|
|
# Secondary service for loading config
|
|
wgconf "$if"
|
|
|
|
new_link "$if"
|
|
}
|
|
|
|
wgconf() {
|
|
local if="$1"
|
|
|
|
local sname="interface.$if.wg-config"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_eb
|
|
header_if "$if"
|
|
cat <<EOF
|
|
s6-envdir -i /etc/s6/env/interface.\${INTERFACE}.wg-config
|
|
importas -i CONFIG CONFIG
|
|
EOF
|
|
header_path
|
|
echo 'wg setconf $INTERFACE $CONFIG'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/"interface.$if.create"
|
|
install -Dm644 <(echo "/etc/wireguard/$if") env/"$sname"/CONFIG
|
|
}
|
|
|
|
new_if_vrf() {
|
|
local if="$1"
|
|
local table="$2"
|
|
|
|
local sname="interface.$if.create"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_eb
|
|
header_if "$if"
|
|
cat <<EOF
|
|
s6-envdir -i /etc/s6/env/interface.\${INTERFACE}
|
|
importas -i TABLE TABLE
|
|
EOF
|
|
header_path
|
|
echo 'ip link add $INTERFACE type vrf table $TABLE'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(linkdel) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 <(echo "$table") env/interface."$if"/TABLE
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/module.vrf
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/sysctl.net-ipv6-conf-all-keep_addr_on_down
|
|
|
|
new_link "$if"
|
|
}
|
|
|
|
new_if_vlan() {
|
|
local if="$1"
|
|
local vlan="$(echo $if | cut -d'-' -f2)"
|
|
local parent="$(echo $if | cut -d'-' -f1)"
|
|
|
|
local sname="interface.$if.create"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_eb
|
|
header_if "$if"
|
|
header_vlan "$vlan" "$parent"
|
|
header_path
|
|
echo 'ip link add link $PARENT name $INTERFACE type vlan id $VLAN'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(linkdel) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/module.8021q
|
|
|
|
new_link "$if"
|
|
install -Dm644 /dev/null rc/interface."$if".link/dependencies.d/interface."$parent".link
|
|
}
|
|
|
|
addr_v6_static_if() {
|
|
local if="$1"
|
|
local addr="$2"
|
|
local addrn="$(echo "$addr" | sed 's/\//_/g')"
|
|
|
|
local sname="interface.$if.static.addr.6.$addrn"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if_addr "$if" "$addr"
|
|
echo 'ip -6 address add $ADDR dev $INTERFACE'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
h_if_addr "$if" "$addr"
|
|
echo 'ip -6 address del $ADDR dev $INTERFACE'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$if".create
|
|
}
|
|
|
|
route_v6_vrf_default_if() {
|
|
local vrf="$1"
|
|
local if="$2"
|
|
|
|
local sname="interface.$vrf.route.6.default"
|
|
ifbundle "$vrf" "$sname"
|
|
|
|
install -Dm644 <(
|
|
header_vrf "$vrf"
|
|
h_if "$if"
|
|
echo 'ip -6 route add default dev $INTERFACE vrf $VRF'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
header_vrf "$vrf"
|
|
h_if "$if"
|
|
echo 'ip -6 route del default dev $INTERFACE vrf $VRF'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$vrf".create
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/interface."$if".create
|
|
}
|
|
|
|
route_v6_vrf_default_unreach() {
|
|
local if="$1"
|
|
|
|
local sname="interface.$if.route.6.unreach"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip -6 route add unreachable default vrf $INTERFACE'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
h_if "$if"
|
|
echo 'ip -6 route del unreachable default vrf $INTERFACE'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/"interface.$if.create"
|
|
}
|
|
|
|
route_v6_vrf_sink_unreach() {
|
|
local if="$1"
|
|
local addr="$2"
|
|
local addrn="$(echo "$addr" | sed 's/\//_/g')"
|
|
|
|
local sname="interface.$if.route.6.sink.$addrn"
|
|
ifbundle "$if" "$sname"
|
|
|
|
install -Dm644 <(
|
|
h_if_addr "$if" "$addr"
|
|
echo 'ip -6 route add unreachable $ADDR vrf $INTERFACE'
|
|
) rc/"$sname"/up
|
|
install -Dm644 <(
|
|
h_if_addr "$if" "$addr"
|
|
echo 'ip -6 route del unreachable $ADDR vrf $INTERFACE'
|
|
) rc/"$sname"/down
|
|
install -Dm644 <(echo oneshot) rc/"$sname"/type
|
|
install -Dm644 /dev/null rc/"$sname"/dependencies.d/"interface.$if.create"
|
|
}
|
|
|
|
# Physical
|
|
new_if_phys "phys0"
|
|
new_if_phys "phys1"
|
|
new_if_phys "phys2"
|
|
new_if_vlan "phys2-42"
|
|
new_if_vlan "phys2-66"
|
|
new_if_phys "phys3"
|
|
|
|
# Virtual
|
|
new_if_phys "vnet0"
|
|
new_if_phys "vnet1"
|
|
new_if_phys "vnet2"
|
|
new_if_phys "vnet3"
|
|
new_if_phys "vnet4"
|
|
|
|
# Bridges
|
|
new_if_bridge "home"
|
|
new_forward "home"
|
|
new_if_slave "home" "vnet1"
|
|
new_if_slave "home" "phys3"
|
|
new_if_slave "home" "phys2"
|
|
|
|
new_if_bridge "br-dn42"
|
|
new_if_slave "br-dn42" "phys2-42"
|
|
|
|
new_if_bridge "f33d"
|
|
addr_v6_static_if "f33d" "2a04:5b81:2060:f33d::1/64"
|
|
new_if_slave "f33d" "vnet2"
|
|
|
|
new_if_bridge "b00b"
|
|
addr_v6_static_if "b00b" "2a04:5b81:2060:b00b::1/64"
|
|
new_if_slave "b00b" "vnet0"
|
|
new_if_slave "b00b" "vnet4"
|
|
new_if_slave "b00b" "phys2-66"
|
|
|
|
new_if_bridge "d00d"
|
|
addr_v6_static_if "d00d" "2a04:5b81:2060:d00d::1/64"
|
|
new_if_slave "d00d" "vnet3"
|
|
|
|
# Wireguard
|
|
new_if_wg "famfo"
|
|
addr_v6_static_if "famfo" "fe80::1422:1/64"
|
|
new_if_wg "kioubit"
|
|
addr_v6_static_if "kioubit" "fe80::2/64"
|
|
new_if_wg "highdef"
|
|
addr_v6_static_if "highdef" "fe80::2/64"
|
|
new_if_wg "mark22k"
|
|
addr_v6_static_if "mark22k" "fe80::4546/64"
|
|
new_if_wg "intersix"
|
|
addr_v6_static_if "intersix" "fe80::2/64"
|
|
addr_v6_static_if "intersix" "2a04:5b80:ffff:ff0b::2/64"
|
|
|
|
# VRFs
|
|
new_if_vrf "vrf-dn42" 20
|
|
route_v6_vrf_default_unreach "vrf-dn42"
|
|
new_if_slave "vrf-dn42" "br-dn42"
|
|
new_if_slave "vrf-dn42" "famfo"
|
|
new_if_slave "vrf-dn42" "mark22k"
|
|
new_if_slave "vrf-dn42" "highdef"
|
|
new_if_slave "vrf-dn42" "kioubit"
|
|
|
|
new_if_vrf "vrf-v6" 10
|
|
route_v6_vrf_default_if "vrf-v6" "intersix"
|
|
route_v6_vrf_sink_unreach "vrf-v6" "2a04:5b81:2060::/48"
|
|
new_if_slave "vrf-v6" "intersix"
|
|
new_if_slave "vrf-v6" "b00b"
|
|
new_if_slave "vrf-v6" "f33d"
|
|
new_if_slave "vrf-v6" "d00d"
|