internal net initial working
This commit is contained in:
parent
490231d45a
commit
f2a9bfe8d5
@ -51,9 +51,9 @@ parameters:
|
||||
type: Boolean
|
||||
description: "Enable DHCP on the VM"
|
||||
default: false
|
||||
gateway:
|
||||
gateway_ip:
|
||||
type: String
|
||||
description: "Gateway for the VM"
|
||||
description: "Gateway IP for the VM"
|
||||
default: "100.40.223.1"
|
||||
nameserver1:
|
||||
type: String
|
||||
@ -107,7 +107,7 @@ steps:
|
||||
vm_name: $vm_name
|
||||
disk_path: "${disk_path}/${vm_name}.qcow2"
|
||||
staging_ip: $staging_ip
|
||||
|
||||
gateway_ip: $gateway_ip
|
||||
- name: install_packages
|
||||
description: Install Packages on the VM
|
||||
task: bolt_vm_automation::install_packages_alpine
|
||||
@ -130,7 +130,7 @@ steps:
|
||||
ip_with_cidr: $ip_with_cidr
|
||||
hostname: $hostname
|
||||
dhcp: $dhcp
|
||||
gateway: $gateway
|
||||
gateway_ip: $gateway_ip
|
||||
nameserver1: $nameserver1
|
||||
nameserver2: $nameserver2
|
||||
nameserver3: $nameserver3
|
||||
|
||||
@ -4,6 +4,7 @@
|
||||
VM_NAME="${PT_vm_name}"
|
||||
DISK_PATH="${PT_disk_path}"
|
||||
STAGING_IP="${PT_staging_ip}"
|
||||
GATEWAY_IP="${PT_gateway_ip}"
|
||||
|
||||
# Wait for VM to be accessible via SSH
|
||||
while ! ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 root@${STAGING_IP} "echo 'VM is accessible'"; do
|
||||
@ -19,9 +20,9 @@ iface lo inet loopback
|
||||
|
||||
auto eth0
|
||||
iface eth0 inet static
|
||||
address 100.40.223.190
|
||||
address ${STAGING_IP}
|
||||
netmask 255.255.255.0
|
||||
gateway 100.40.223.1
|
||||
gateway ${GATEWAY_IP}
|
||||
\"
|
||||
DNSOPTS=\"-n 8.8.8.8 8.8.4.4\"
|
||||
TIMEZONEOPTS=\"-z UTC\"
|
||||
|
||||
@ -7,7 +7,7 @@ STAGING_IP="${PT_staging_ip}"
|
||||
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i '3s/^#//' /etc/apk/repositories"
|
||||
|
||||
# Install required packages
|
||||
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk update && apk add --no-cache vim fping htop sudo bash mtr rsync tmux"
|
||||
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk update && apk add --no-cache vim git fping htop sudo bash mtr rsync tmux"
|
||||
|
||||
# Change default shell to bash
|
||||
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "sed -i -E '/^(root|moeny):/ s:/bin/sh$:/bin/bash:' /etc/passwd"
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
"description": "Whether to use DHCP for network configuration",
|
||||
"default": false
|
||||
},
|
||||
"gateway": {
|
||||
"gateway_ip": {
|
||||
"type": "String",
|
||||
"description": "Gateway IP address",
|
||||
"default": "100.40.223.1"
|
||||
|
||||
@ -4,14 +4,14 @@
|
||||
IP="${PT_ip_with_cidr}"
|
||||
HOSTNAME="${PT_hostname}"
|
||||
DHCP="${PT_dhcp}"
|
||||
GATEWAY="${PT_gateway}"
|
||||
GATEWAY_IP="${PT_gateway_ip}"
|
||||
NAMESERVER1="${PT_nameserver1}"
|
||||
NAMESERVER2="${PT_nameserver2}"
|
||||
NAMESERVER3="${PT_nameserver3}"
|
||||
STAGING_IP="${PT_staging_ip}"
|
||||
|
||||
# Check if all required parameters are provided
|
||||
if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then
|
||||
if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$DHCP" ] || [ -z "$GATEWAY_IP" ] || [ -z "$NAMESERVER1" ] || [ -z "$NAMESERVER2" ] || [ -z "$NAMESERVER3" ]; then
|
||||
echo '{"status": "failure", "message": "Missing required parameters. All parameters must be provided."}'
|
||||
exit 1
|
||||
fi
|
||||
@ -22,6 +22,7 @@ ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "apk add --no-cache iptables"
|
||||
# Configure iptables rules
|
||||
ssh -o StrictHostKeyChecking=no root@${STAGING_IP} "iptables -A INPUT -p tcp --dport 22 -s 100.40.223.128/26 -j ACCEPT && \
|
||||
iptables -A INPUT -p tcp --dport 22 -s 173.62.109.73/32 -j ACCEPT && \
|
||||
iptables -A INPUT -p tcp --dport 22 -s 10.0.0.0/8 -j ACCEPT && \
|
||||
iptables -A INPUT -p tcp --dport 22 -j DROP"
|
||||
|
||||
# Save iptables rules
|
||||
@ -34,7 +35,7 @@ if [ "$DHCP" = "false" ]; then
|
||||
auto eth0
|
||||
iface eth0 inet static
|
||||
address ${IP}
|
||||
gateway ${GATEWAY}
|
||||
gateway ${GATEWAY_IP}
|
||||
EOF"
|
||||
fi
|
||||
|
||||
|
||||
20
hosts/vortex/etc/init.d/setup-moeny-network
Normal file
20
hosts/vortex/etc/init.d/setup-moeny-network
Normal file
@ -0,0 +1,20 @@
|
||||
#!/sbin/openrc-run
|
||||
|
||||
description="Custom moeny network and iptables setup"
|
||||
|
||||
depend() {
|
||||
# Run after networking and libvirt (if used) are up
|
||||
after network-online libvirtd
|
||||
need net
|
||||
}
|
||||
|
||||
start() {
|
||||
ebegin "Setting moeny network routes and iptables"
|
||||
/usr/local/bin/setup-moeny-network.sh
|
||||
eend $?
|
||||
}
|
||||
|
||||
stop() {
|
||||
ebegin "Stopping moeny network Setup (no-op)"
|
||||
eend 0
|
||||
}
|
||||
9
hosts/vortex/usr/local/bin/setup-moeny-network.sh
Normal file
9
hosts/vortex/usr/local/bin/setup-moeny-network.sh
Normal file
@ -0,0 +1,9 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Wait for interfaces to be up (optional, adjust as needed)
|
||||
while ! ip link show virbr0 >/dev/null 2>&1 || ! ip link show br1 >/dev/null 2>&1; do
|
||||
sleep 1
|
||||
done
|
||||
|
||||
# Routing table setup
|
||||
ip route add 10.88.0.0/24 via 10.44.0.3 dev virbr0
|
||||
Loading…
Reference in New Issue
Block a user