Mercurial > code > home > repos > infra

comparison net.py @ 115:8012f6095220

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
update to current configs
author drewp@bigasterisk.com
date Sun, 30 Oct 2022 14:19:46 -0700
parents d70816c7c7db
children 2065998876e4
comparison
equal deleted inserted replaced
114:7e280bf26dba 115:8012f6095220
5 is_wifi_pi = host.name in ['frontdoor'] 5 is_wifi_pi = host.name in ['frontdoor']
6 6
7 7
8 def cleanup(): 8 def cleanup():
9 # past attempts 9 # past attempts
10 files.file(path='/etc/netplan/99-pyinfra-written.yaml', present=False)
11 files.file(path='/etc/network/interfaces', present=False) 10 files.file(path='/etc/network/interfaces', present=False)
12 11
13 for search_dir in [ 12 for search_dir in [
14 # search path per `man systemd.network`: 13 # search path per `man systemd.network`:
15 # /lib/systemd/network # These OS files are ok. 14 # /lib/systemd/network # These OS files are ok.
21 src="files/empty_dir/", 20 src="files/empty_dir/",
22 dest=search_dir, 21 dest=search_dir,
23 delete=True, 22 delete=True,
24 ) 23 )
25 24
26 apt.packages(packages=['network-manager', 'connman'], present=False) 25 # On bang (now pipe):
27
28 # On bang:
29 # Now using a HW router for this firewall. No incoming connections. 26 # Now using a HW router for this firewall. No incoming connections.
30 # test connections from the outside: 27 # test connections from the outside:
31 # http://www.t1shopper.com/tools/port-scanner/ 28 # http://www.t1shopper.com/tools/port-scanner/
32 # On prime: 29 # On prime:
33 # using digitalocean network config: 30 # using digitalocean network config:
41 'update-alternatives --set iptables /usr/sbin/iptables-legacy', 38 'update-alternatives --set iptables /usr/sbin/iptables-legacy',
42 'update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy', 39 'update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy',
43 ]) 40 ])
44 # needs reboot if this changed 41 # needs reboot if this changed
45 42
46 server.sysctl(key='net.ipv6.conf.all.disable_ipv6', value=1, persist=True) 43 if host.name in ['slash', 'dash']:
44 pass # don't break k3s networking!
45 else:
46 server.sysctl(key='net.ipv6.conf.all.disable_ipv6', value=1, persist=True)
47 47
48 if is_wifi_pi: 48 if is_wifi_pi:
49 files.put(dest="/etc/network/interfaces.d/wlan0", src="files/pi_wlan0_powersave") 49 files.put(dest="/etc/network/interfaces.d/wlan0", src="files/pi_wlan0_powersave")
50 ssh.command(host.name, "iw wlan0 set power_save off") 50 ssh.command(host.name, "iw wlan0 set power_save off")
51 51
52 files.directory('/etc/systemd/network') 52 files.directory('/etc/systemd/network')
53 if host.name == 'prime': 53 if host.name == 'prime':
54 cleanup() 54 cleanup()
55 55
56 files.template( 56 files.template(
57 src="templates/net/prime.network.j2", 57 src="templates/net/prime.network.j2",
58 dest="/etc/systemd/network/99-prime.network", 58 dest="/etc/systemd/network/99-prime.network",
59 mac=host.host_data['mac'], 59 mac=host.host_data['mac'],
60 ) 60 )
61 61
62 elif host.name == 'bang': 62 elif host.name == 'bang':
63 cleanup() 63 cleanup()
64 64
65 files.template(src="templates/net/bang_10.2.network.j2", dest="/etc/systemd/network/99-10.2.network") 65 files.template(src="templates/net/bang_10.2.network.j2", dest="/etc/systemd/network/20-10.2.network")
66 files.file(path="/etc/systemd/network/99-isp.network", present=False) 66 apt.packages(packages=['network-manager'], present=False)
67 files.file(path="/etc/systemd/system/house_net.service", present=False)
68 systemd.service(service='house_net.service', enabled=False, running=False)
69 67
70 elif host.name == 'plus':
71 pass
72 68
73 elif host.name == 'pipe': 69 elif host.name == 'plus':
74 cleanup() 70 apt.packages(packages=['network-manager'], present=True)
75 71
76 files.template(src="templates/net/pipe_10.2.network.j2", dest="/etc/systemd/network/99-10.2.network") 72 elif host.name == 'pipe':
77 files.template(src="templates/net/pipe_isp.network.j2", dest="/etc/systemd/network/99-isp.network") 73 cleanup()
78 server.sysctl(key='net.ipv4.ip_forward', value=1, persist=True)
79 files.template(src="templates/net/house_net.service.j2", dest="/etc/systemd/system/house_net.service", out_interface='eth0')
80 systemd.service(service='house_net.service', daemon_reload=True, enabled=True, running=True, restarted=True)
81 74
82 else: 75 files.template(src="templates/net/pipe_10.2.network.j2", dest="/etc/systemd/network/99-10.2.network")
83 cleanup() 76 files.template(src="templates/net/pipe_isp.network.j2", dest="/etc/systemd/network/99-isp.network")
77 server.sysctl(key='net.ipv4.ip_forward', value=1, persist=True)
78 files.template(src="templates/net/house_net.service.j2", dest="/etc/systemd/system/house_net.service", out_interface='eth0')
79 systemd.service(service='house_net.service', daemon_reload=True, enabled=True, running=True, restarted=True)
84 80
85 if is_wifi: 81 else:
86 files.put(src="secrets/wpa_supplicant.conf", dest="/etc/wpa_supplicant/wpa_supplicant.conf") 82 cleanup()
87 83
88 files.template( 84 if is_wifi:
89 src="templates/net/singlenic.network.j2", 85 files.put(src="secrets/wpa_supplicant.conf", dest="/etc/wpa_supplicant/wpa_supplicant.conf")
90 dest="/etc/systemd/network/99-bigasterisk.network",
91 create_remote_dir=True,
92 )
93 86
94 systemd.service(service='systemd-networkd.service', enabled=True, running=True, restarted=True) 87 files.template(
88 src="templates/net/singlenic.network.j2",
89 dest="/etc/systemd/network/20-bigasterisk.network",
90 create_remote_dir=True,
91 )
92 apt.packages(packages=['network-manager'], present=False)
93
94 systemd.service(service='systemd-networkd.service', enabled=True, running=True, restarted=True)