diff options
Diffstat (limited to 'bootstrap')
| -rw-r--r-- | bootstrap/README.md | 140 | ||||
| -rwxr-xr-x | bootstrap/apply-baseupdate.sh | 15 | ||||
| -rwxr-xr-x | bootstrap/create-hostsfile.sh | 17 | ||||
| -rwxr-xr-x | bootstrap/create-shellconf.pl | 30 | ||||
| -rwxr-xr-x | bootstrap/fetch-debinstall.sh | 17 | ||||
| -rwxr-xr-x | bootstrap/fetch-ubuntulive.sh | 21 | ||||
| -rwxr-xr-x | bootstrap/init-sshkeys.sh | 14 | ||||
| -rwxr-xr-x | bootstrap/install-dependencies.sh | 61 | ||||
| -rwxr-xr-x | bootstrap/make-base-requires.sh | 82 | ||||
| -rwxr-xr-x | bootstrap/make-bind-include.pl | 48 | ||||
| -rwxr-xr-x | bootstrap/make-dhcp6-init.sh | 378 | ||||
| -rwxr-xr-x | bootstrap/make-dhcpd-include.pl | 30 | ||||
| -rwxr-xr-x | bootstrap/make-dhcpd.pl | 293 | ||||
| -rwxr-xr-x | bootstrap/make-dhcpd6.pl | 171 | ||||
| -rwxr-xr-x | bootstrap/make-first-zones.pl | 125 | ||||
| -rwxr-xr-x | bootstrap/make-missing-conf.pl | 174 | ||||
| -rwxr-xr-x | bootstrap/make-named.pl | 196 | ||||
| -rwxr-xr-x | bootstrap/make-pxeboot.sh | 35 | ||||
| -rwxr-xr-x | bootstrap/make-reverse4-files.pl | 160 | ||||
| -rwxr-xr-x | bootstrap/update-baseservice.sh | 31 | ||||
| -rwxr-xr-x | bootstrap/update-tools.sh | 27 |
21 files changed, 0 insertions, 2065 deletions
diff --git a/bootstrap/README.md b/bootstrap/README.md deleted file mode 100644 index 149da80..0000000 --- a/bootstrap/README.md +++ /dev/null @@ -1,140 +0,0 @@ -Outline: ------------------------------------------------------------------- - - 1. Install OS on three boxes - 2. Bootstrap: - * Install tgmanage on one, the bootstrap (tools, include, netlist.txt) - * Install dependencies on bootstrap - * Push SSH key key to the other boxes (init-sshkeys.sh) - * Update configuration - * Update netlist.txt - * Bootstrap the primary and secondary (make-base-requires.sh) - 3. Create new networks/scopes/zones Update during the party using - update-baseservice.sh from bootstrap - 4. Apply changes usling bootstrap/apply-baseupdate.sh (reloads bind, restarts dhcpd) - 5. Changes to generated scopes, pools, zones are done on the primary, in the files - 6. If tools need patching, patch on boot and push with update-tools.sh - 7. Before wednesday evening, the infra.tgXX.gathering.org zone should be updated! - -**Only use make-base-requires.sh during bootstrap !!!!!!! :P** - -Detailed instructions and description: -================================================================== - -1: Install Debian ------------------------------------------------------------------- - -The following three hosts/servers are normally used: - * A 'bootstrap' box. This server will be used to configure - the first TG-servers, and may end up hosting the switch-config and NMS. - * The server to use as Primary DNS and DHCP server - * The server to use as Secondary DNS and SMTP. - -2: Perform bootstrapping ------------------------------------------------------------------- - -Start by placing the 'tgmanage' directory as '/root/tgmanage' on the bootstrap -box. Change into the 'tgmanage' directory. Next, run -'bootstrap/install-dependencies.sh boot' - -Copy 'include/config.pm.dist' to 'include/config.pm'. Edit for this year's TG. Use -'bootstrap/create-shellconf.pl' to extract configuration from the perl module to -create/update the 'include/tgmanage.cfg.sh' configuration script. - -Run 'bootstrap/create-hostsfile.sh' to make sure the bootstrap-box can use -hostnames to reach the pri/sec DNS even before DNS is set up. - -The tools make extensive use of key-based SSH logins, to make this work -seamlessly, run 'bootstrap/init-sshkeys.sh' to create an RSA priv/pub keypair, and -push the pubkey to the Primary and Secondary boxes. - - -The Network-list is _not_ automagically updated. A copy of last year's -netlist.txt should be included in the goodiebag. With that as a base, update -for this year's address plan. Remember that client nets in the hall are -supposed to be pulled from switches.txt ... -The rest of the information needed should be pulled from techwiki.g.o The -format of the file is: one net per line, lines starting with # are skipped, -format of each net-line is: - - # <v4 net> <v6 net> <network-name> - 151.216.129.0/26 2a02:ed02:129a::/64 noc - - -Run 'bootstrap/make-base-requires.sh'. This script will log in on the Primary and -Secondary boxes, install dependencies and the BIND/DHCP packages, create all -needed directories, create the initial configuration files. - -A short listing of the tasks of scripts called by make-base-requires (NOTE: these -scripts are run by bootstrap/make-base-requires.sh, you should not need to run these individually): - * bootstrap/install-dependencies.sh - * Installs needed base software to boot, primary and secondary - * bootstrap/make-named.pl - * Basic BIND setup (creates named.conf et.al) - * bootstrap/make-first-zones.pl - * Creates static zone-files (tgname, infra, ipv6zone) - * bootstrap/make-reverse4-files.pl - * Creates reverse-zones for IPv4 - * bootstrap/make-dhcpd.pl - * Sets up the base setup for DHCP4 - * bootstrap/make-dhcpd6.pl - * Sets up the base setup for DHCP6 - -3++: Update during the party using update-baseservice.sh from bootstrap ------------------------------------------------------------------- - -After 'bootstrap/make-base-requires.sh' has been run, further updating should be -managed by the following three files: - * bootstrap/update-baseservice.sh - * Used to add/update bind and DHCP configuration - * bootstrap/apply-baseupdate.sh - * Used to reload bind and restart DHCP - * bootstrap/update-tools.sh - * Used to push changes to the tgmanage toolchain - -This means, after the base setup is completed, updating and managing the -configuration is done by updating netlist.txt and running bootstrap/update-baseservice.sh -from the bootstrap box, or from the NMS box if the toolchain gets moved there during -the party. - -To create a new DHCP scope, add DNS forward and reverse zone for a new network: - - * Add the network to netlist.txt - * Run bootstrap/update-baseservice.sh to generate new .conf and .zone files - * Run bootstrap/apply-baseupdate.sh to load new configuration - -To do changes to DHCP config after the scope .conf file has been created -(read: later in the party), log in to the primary/dhcp server, and make -the changes in the appropriate .conf file .. - -To do DNS changes to the main DNS zone or the infra-zone, make the changes -in the appropriate zone file on the primary DNS server. - -To add DNS records to any other DNS zone (forward or reverse), you have -to use 'nsupdate'. To simplify the process, use tools/generate-dnsrr.pl -Usage on this tool is documented in the "header" of the script... - - -The update prosess is handled by a bunch of "sub-tools", these should typically -not need to be run individually: - * bootstrap/make-bind-include.pl - * Run via update-baseservice, adds new net's to DNS include - * bootstrap/make-dhcpd-include.pl - * Run via update-baseservice, adds new net's to DHCP include - * bootstrap/make-missing-conf.pl - * Run via update-baseservice, adds missing net-conf to BIND/DHCP - - -7: Generation of linknet dns content ------------------------------------------------------------------- - -Format for linknet.txt is documented in make-linknet-hosts.pl - -Generate IPv4 infra hostnames and IP address assignments -by using tools/generate-dnsrr.pl - -Output from this shuld go in infra.tgXX.gathering.org.zone on primary: -> cat linknet.txt | tools/make-linknet-hosts.pl | tools/generate-dnsrr.pl --domain infra.tgXX.gathering.org - -Output from this should go as input to nsupdate, see doc in generate-dnsrr.pl: -> cat linknet.txt | tools/make-linknet-hosts.pl | tools/generate-dnsrr.pl --domain infra.tgXX.gathering.org -ns -rev diff --git a/bootstrap/apply-baseupdate.sh b/bootstrap/apply-baseupdate.sh deleted file mode 100755 index d4c6fe2..0000000 --- a/bootstrap/apply-baseupdate.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -set -e - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -ssh -l root ${PRIMARY} "/etc/init.d/isc-dhcp-server restart" -ssh -l root ${PRIMARY} "/etc/init.d/isc-dhcp6-server restart" -ssh -l root ${PRIMARY} "/usr/sbin/rndc reload" -ssh -l root ${SECONDARY} "/usr/sbin/rndc reload" diff --git a/bootstrap/create-hostsfile.sh b/bootstrap/create-hostsfile.sh deleted file mode 100755 index 2aaf9cb..0000000 --- a/bootstrap/create-hostsfile.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -set -e - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -echo >> /etc/hosts -echo "# Bootstrap hosts entries for ${TGNAME} ">> /etc/hosts -echo "${PRI_V6} ${PRIMARY}" >> /etc/hosts -echo "${PRI_V4} ${PRIMARY}" >> /etc/hosts -echo "${SEC_V6} ${SECONDARY}" >> /etc/hosts -echo "${SEC_V4} ${SECONDARY}" >> /etc/hosts diff --git a/bootstrap/create-shellconf.pl b/bootstrap/create-shellconf.pl deleted file mode 100755 index 63e4361..0000000 --- a/bootstrap/create-shellconf.pl +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $bind_base = "/etc/bind/"; -my $dhcpd_base = "/etc/dhcp/"; - -my $shellconf_file = "include/tgmanage.cfg.sh"; - -open CFG, ">" . $shellconf_file or die ($! . " " . $shellconf_file ); - -print CFG "# This file is autogenerated by bootstrap/create-shellconf.pl,\n"; -print CFG "# using data from nms::config.\n"; -print CFG "#\n"; -print CFG "# Do you need new common/configuration variables?\n"; -print CFG "# Add/update include/config.local.pm and bootstrap/create-shellconf.pl\n\n"; -print CFG "TGNAME=\"$nms::config::tgname\"\n\n"; -print CFG "PRIMARY=\"$nms::config::pri_hostname.$nms::config::tgname.gathering.org\"\n"; -print CFG "PRI_V4=\"$nms::config::pri_v4\"\n"; -print CFG "PRI_V6=\"$nms::config::pri_v6\"\n\n"; -print CFG "SECONDARY=\"$nms::config::sec_hostname.$nms::config::tgname.gathering.org\"\n"; -print CFG "SEC_V4=\"$nms::config::sec_v4\"\n"; -print CFG "SEC_V6=\"$nms::config::sec_v6\"\n"; -close CFG; diff --git a/bootstrap/fetch-debinstall.sh b/bootstrap/fetch-debinstall.sh deleted file mode 100755 index 017b864..0000000 --- a/bootstrap/fetch-debinstall.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -xe -INSTALLER_DEST=$1 -DEBINSTROOT=http://ftp.no.debian.org/debian/dists - -mkdir -p ${INSTALLER_DEST}/{wheezy,jessie}/{amd64,i386} -for DIST in wheezy jessie -do - for ARCH in i386 amd64; - do - for FILE in initrd.gz linux - do - wget ${DEBINSTROOT}/${DIST}/main/installer-${ARCH}/current/images/netboot/debian-installer/${ARCH}/${FILE} \ - -O ${INSTALLER_DEST}/${DIST}/${ARCH}/${FILE} - done - done -done - diff --git a/bootstrap/fetch-ubuntulive.sh b/bootstrap/fetch-ubuntulive.sh deleted file mode 100755 index 44d5d62..0000000 --- a/bootstrap/fetch-ubuntulive.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -INSTALLER_DEST=$1 -UBUNTU_MIRROR=http://no.releases.ubuntu.com/ -UBUNTU_VERSION=desktop -UBUNTU_DIST="14.10" -UBUNTU_ARCH="i386 amd64" -TMP_MNT="/mnt/tmp" - -mkdir -p ${TMP_MNT} -for DIST in ${UBUNTU_DIST} -do - for ARCH in ${UBUNTU_ARCH} - do - mkdir -p ${INSTALLER_DEST}/${UBUNTU_DIST}/${ARCH} - wget ${UBUNTU_MIRROR}/${DIST}/ubuntu-${DIST}-${UBUNTU_VERSION}-${ARCH}.iso -O /tmp/ubuntu-${DIST}-${UBUNTU_VERSION}-${ARCH}.iso && - mount -o loop "/tmp/ubuntu-${DIST}-${UBUNTU_VERSION}-${ARCH}.iso" ${TMP_MNT}/ && - cp -Rv ${TMP_MNT}/* ${INSTALLER_DEST}/${DIST}/${ARCH}/ && - umount ${TMP_MNT}/ - done - rmdir ${TMP_MNT}/ -done diff --git a/bootstrap/init-sshkeys.sh b/bootstrap/init-sshkeys.sh deleted file mode 100755 index 9427bad..0000000 --- a/bootstrap/init-sshkeys.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -set -e - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -ssh-keygen -P '' -f ~/.ssh/id_rsa -b 2048 -ssh-copy-id root@${PRIMARY} -ssh-copy-id root@${SECONDARY} diff --git a/bootstrap/install-dependencies.sh b/bootstrap/install-dependencies.sh deleted file mode 100755 index c10224f..0000000 --- a/bootstrap/install-dependencies.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/bin/bash -e - -if [ "$1" != "master" -a "$1" != "slave" -a "$1" != "boot" ]; then - echo "Run as $0 <boot|master|slave>" - exit -fi - -# OK, we know the content of $0 is OK. I prefer sane names. -ROLE=$1; - -# Resynchronize the package index before install - -apt-get -y update - -# Start by installing common packages. Remember to update -# this when a new common dependency is discovered, plx. - -apt-get -y install \ - vim-nox \ - git \ - ntp \ - screen \ - tmux \ - dnsutils \ - build-essential \ - libnet-ip-perl \ - libnetaddr-ip-perl \ - libnet-telnet-cisco-perl \ - libnet-ping-external-perl \ - perl-modules \ - libdbi-perl \ - libdbd-pg-perl \ - libnet-telnet-perl \ - libnetaddr-ip-perl - -if [ "${ROLE}" == "boot" ]; then - # Install-tasks specific for the _bootstrab box_ here - echo "Installing for bootstrap" - apt-get -y install \ - bind9utils -fi - -if [ "${ROLE}" == "master" ]; then - # Install-tasks specific for the _primary_ here - echo "Installing for primary/master" - apt-get -y install \ - isc-dhcp-server \ - bind9utils \ - bind9 -fi - -if [ "${ROLE}" == "slave" ]; then - # Install-tasks specific for the _secondary_ here - echo "Installing for secondary/slave" - apt-get -y install \ - isc-dhcp-server \ - bind9utils \ - bind9 -fi - -echo "Dependency installation for ${ROLE} complete." diff --git a/bootstrap/make-base-requires.sh b/bootstrap/make-base-requires.sh deleted file mode 100755 index 8013cf6..0000000 --- a/bootstrap/make-base-requires.sh +++ /dev/null @@ -1,82 +0,0 @@ -#!/bin/bash - -set -e - -BASE="/etc"; -if [ "$1" != "" ] -then - BASE=$1 - echo "Using base path ${BASE}" -fi - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -cd ~/tgmanage -bootstrap/update-tools.sh -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/install-dependencies.sh master" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/install-dependencies.sh slave" - -if [ "${BASE}" == "/etc" ]; then - ssh -l root ${PRIMARY} "cp -pR /etc/bind /etc/bind.dist" - ssh -l root ${PRIMARY} "cp -pR /etc/dhcp /etc/dhcp.dist" - - ssh -l root ${SECONDARY} "cp -pR /etc/bind /etc/bind.dist" - ssh -l root ${SECONDARY} "cp -pR /etc/dhcp /etc/dhcp.dist" - - set +e - ssh -l root ${PRIMARY} "rm /etc/bind/named.conf" - ssh -l root ${PRIMARY} "rm /etc/dhcp/dhcpd.conf" - - ssh -l root ${SECONDARY} "rm /etc/dhcp/dhcpd.conf" - ssh -l root ${SECONDARY} "rm /etc/bind/named.conf" - set -e -fi - -ssh -l root ${PRIMARY} "mkdir -p ${BASE}/bind/conf-master/" -ssh -l root ${PRIMARY} "mkdir -p ${BASE}/bind/reverse/" -ssh -l root ${PRIMARY} "mkdir -p ${BASE}/bind/dynamic/" -ssh -l root ${PRIMARY} "mkdir -p ${BASE}/dhcp/conf-v4/" -ssh -l root ${PRIMARY} "mkdir -p ${BASE}/dhcp/conf-v6/" - -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcp6-init.sh" -ssh -l root ${PRIMARY} "systemctl enable isc-dhcp-server" -ssh -l root ${PRIMARY} "systemctl enable isc-dhcp6-server" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-named.pl master ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcpd.pl ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcpd6.pl ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-first-zones.pl ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-reverse4-files.pl master ${BASE}" - -ssh -l root ${SECONDARY} "mkdir -p ${BASE}/bind/conf-slave/" -ssh -l root ${SECONDARY} "mkdir -p ${BASE}/bind/slave/" -ssh -l root ${SECONDARY} "mkdir -p ${BASE}/dhcp/conf-v4/" -ssh -l root ${SECONDARY} "mkdir -p ${BASE}/dhcp/conf-v6/" - -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcp6-init.sh" -ssh -l root ${SECONDARY} "systemctl disable isc-dhcp-server" -ssh -l root ${SECONDARY} "systemctl disable isc-dhcp6-server" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcpd.pl ${BASE}" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcpd6.pl ${BASE}" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-named.pl slave ${BASE}" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-reverse4-files.pl slave ${BASE}" - -set +e -ssh -l root ${PRIMARY} "chown -R bind.bind ${BASE}/bind" -ssh -l root ${SECONDARY} "chown -R bind.bind ${BASE}/bind" -set -e - -ssh -l root ${PRIMARY} "echo THIS COPY OF TGMANAGE IS MANAGED FROM BOOTSTRAP SERVER > ~/tgmanage/NOTICE" -ssh -l root ${SECONDARY} "echo THIS COPY OF TGMANAGE IS MANAGED FROM BOOTSTRAP SERVER > ~/tgmanage/NOTICE" - -# No point in _not_ running update-baseservice at this point.... -bootstrap/update-baseservice.sh ${BASE} - -# Set up PXE environment. NOTE that we assume that TFTP-server is the ${SECONDARY} (changed from older behaviour) -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-pxeboot.sh" - -# all done. diff --git a/bootstrap/make-bind-include.pl b/bootstrap/make-bind-include.pl deleted file mode 100755 index 880280e..0000000 --- a/bootstrap/make-bind-include.pl +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; - -unless ( (($#ARGV == 0 ) || ( $#ARGV == 1)) - && (( $ARGV[0] eq "master" ) || ( $ARGV[0] eq "slave" )) ) -{ - print STDERR "Invalid usage!\ncat netnames.txt | $0 <master|slave> [basedir]\n"; - exit 1; -} - -my $role = $ARGV[0]; - -my $base = "/etc"; -$base = $ARGV[1] if $#ARGV == 1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $bind_base = $base . "bind/"; -my $masterinclude = $bind_base . "named.master-include.conf"; -my $slaveinclude = $bind_base . "named.slave-include.conf"; - -my $glob; -my @configs; - -if ( $role eq "master" ) -{ - $glob = $bind_base . "conf-master/*.conf"; - @configs = glob($glob); - - open CONF, ">" . $masterinclude or die ( $! . " " . $masterinclude); - foreach my $config ( @configs ) - { - print CONF "include \"" . $config . "\";\n"; - } - close CONF; -} - -if ( $role eq "slave" ) -{ - $glob = $bind_base . "conf-slave/*.conf"; - @configs = glob($glob); - - open CONF, ">" . $slaveinclude or die ( $! . " " . $slaveinclude); - foreach my $config ( @configs ) - { - print CONF "include \"" . $config . "\";\n"; - } - close CONF; -} diff --git a/bootstrap/make-dhcp6-init.sh b/bootstrap/make-dhcp6-init.sh deleted file mode 100755 index 65f18a3..0000000 --- a/bootstrap/make-dhcp6-init.sh +++ /dev/null @@ -1,378 +0,0 @@ -#!/bin/bash - -DHCP4_DEFAULT="/etc/default/isc-dhcp-server" -DHCP4_INIT="/etc/init.d/isc-dhcp-server" -DHCP6_DEFAULT="/etc/default/isc-dhcp6-server" -DHCP6_INIT="/etc/init.d/isc-dhcp6-server" - -if [ -e "${DHCP4_DEFAULT}" ]; -then - echo "${DHCP4_DEFAULT} exists! Overwriting." -fi -if [ -e "${DHCP6_DEFAULT}" ]; -then - echo "${DHCP6_DEFAULT} exists! Overwriting." -fi - -set -e - -cat > ${DHCP4_DEFAULT}<<'_EOF' -# Defaults for isc-dhcp-server initscript -# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). -DHCPD_CONF=/etc/dhcp/dhcpd.conf - -# Path to dhcpd's PID file (default: /var/run/dhcpd.pid). -DHCPD_PID=/var/run/dhcpd.pid - -# Additional options to start dhcpd with. -# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead -OPTIONS="-4" - -# On what interfaces should the DHCP server (dhcpd) serve DHCP requests? -# Separate multiple interfaces with spaces, e.g. "eth0 eth1". -# If no interface names are specified, dhcpd will identify all network interfaces -# which are up, eliminating non-broadcast interfaces if possible, and listen -# for DHCP broadcasts on each interface. -INTERFACES="" -_EOF - -cat > ${DHCP6_DEFAULT}<<'_EOF' -# Defaults for isc-dhcp-server initscript -# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). -DHCPD_CONF=/etc/dhcp/dhcpd6.conf - -# Path to dhcpd's PID file (default: /var/run/dhcpd.pid). -DHCPD_PID=/var/run/dhcpd6.pid - -# Additional options to start dhcpd with. -# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead -OPTIONS="-6" - -# On what interfaces should the DHCP server (dhcpd) serve DHCP requests? -# Separate multiple interfaces with spaces, e.g. "eth0 eth1". -# If no interface names are specified, dhcpd will identify all network interfaces -# which are up, eliminating non-broadcast interfaces if possible, and listen -# for DHCP broadcasts on each interface. -INTERFACES="" -_EOF - -set +e - -if [ -e "${DHCP4_INIT}" ]; -then - echo "${DHCP4_INIT} exists! Overwriting." -fi -if [ -e "${DHCP6_INIT}" ]; -then - echo "${DHCP6_INIT} exists! Overwriting." -fi - -set -e - -cat > ${DHCP4_INIT}<<'_EOF' -#!/bin/sh -# -# - -### BEGIN INIT INFO -# Provides: isc-dhcp-server -# Required-Start: $remote_fs $network $syslog -# Required-Stop: $remote_fs $network $syslog -# Should-Start: $local_fs slapd $named -# Should-Stop: $local_fs slapd -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: DHCP server -# Description: Dynamic Host Configuration Protocol Server -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -test -f /usr/sbin/dhcpd || exit 0 - -DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp-server}" - -# It is not safe to start if we don't have a default configuration... -if [ ! -f "$DHCPD_DEFAULT" ]; then - echo "$DHCPD_DEFAULT does not exist! - Aborting..." - if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp-server" ]; then - echo "Run 'dpkg-reconfigure isc-dhcp-server' to fix the problem." - fi - exit 0 -fi - -. /lib/lsb/init-functions - -# Read init script configuration -[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" - -NAME=dhcpd -DESC="ISC DHCP server" -# fallback to default config file -DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd.conf} -# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid -if [ -z "$DHCPD_PID" ]; then - DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) -fi -DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd.pid}" - -test_config() -{ - if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then - echo "dhcpd self-test failed. Please fix $DHCPD_CONF." - echo "The error was: " - /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" - exit 1 - fi - touch /var/lib/dhcp/dhcpd.leases -} - -# single arg is -v for messages, -q for none -check_status() -{ - if [ ! -r "$DHCPD_PID" ]; then - test "$1" != -v || echo "$NAME is not running." - return 3 - fi - if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then - test "$1" != -v || echo "$NAME is running." - return 0 - else - test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." - return 1 - fi -} - -case "$1" in - start) - test_config - log_daemon_msg "Starting $DESC" "$NAME" - start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ - --exec /usr/sbin/dhcpd -- \ - -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES - sleep 2 - - if check_status -q; then - log_end_msg 0 - else - log_failure_msg "check syslog for diagnostics." - log_end_msg 1 - exit 1 - fi - ;; - stop) - log_daemon_msg "Stopping $DESC" "$NAME" - start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" - log_end_msg $? - rm -f "$DHCPD_PID" - ;; - restart | force-reload) - test_config - $0 stop - sleep 2 - $0 start - if [ "$?" != "0" ]; then - exit 1 - fi - ;; - status) - echo -n "Status of $DESC: " - check_status -v - exit "$?" - ;; - *) - echo "Usage: $0 {start|stop|restart|force-reload|status}" - exit 1 -esac - -exit 0 - -_EOF - -cat > ${DHCP6_INIT}<<'_EOF' -#!/bin/sh -# -# - -### BEGIN INIT INFO -# Provides: isc-dhcp6-server -# Required-Start: $remote_fs $network $syslog -# Required-Stop: $remote_fs $network $syslog -# Should-Start: $local_fs slapd $named -# Should-Stop: $local_fs slapd -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: DHCP server v6 -# Description: Dynamic Host Configuration Protocol Server v6 -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -test -f /usr/sbin/dhcpd || exit 0 - -DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp6-server}" - -# It is not safe to start if we don't have a default configuration... -if [ ! -f "$DHCPD_DEFAULT" ]; then - echo "$DHCPD_DEFAULT does not exist! - Aborting..." - if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp6-server" ]; then - echo "Run 'dpkg-reconfigure isc-dhcp6-server' to fix the problem." - fi - exit 0 -fi - -. /lib/lsb/init-functions - -# Read init script configuration -[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" - -NAME=dhcpd -DESC="ISC DHCP server" -# fallback to default config file -DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd6.conf} -# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid -if [ -z "$DHCPD_PID" ]; then - DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) -fi -DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd6.pid}" - -test_config() -{ - if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then - echo "dhcpd self-test failed. Please fix $DHCPD_CONF." - echo "The error was: " - /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" - exit 1 - fi - touch /var/lib/dhcp/dhcpd.leases -} - -# single arg is -v for messages, -q for none -check_status() -{ - if [ ! -r "$DHCPD_PID" ]; then - test "$1" != -v || echo "$NAME is not running." - return 3 - fi - if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then - test "$1" != -v || echo "$NAME is running." - return 0 - else - test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." - return 1 - fi -} - -case "$1" in - start) - test_config - log_daemon_msg "Starting $DESC" "$NAME" - start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ - --exec /usr/sbin/dhcpd -- \ - -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES - sleep 2 - - if check_status -q; then - log_end_msg 0 - else - log_failure_msg "check syslog for diagnostics." - log_end_msg 1 - exit 1 - fi - ;; - stop) - log_daemon_msg "Stopping $DESC" "$NAME" - start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" - log_end_msg $? - rm -f "$DHCPD_PID" - ;; - restart | force-reload) - test_config - $0 stop - sleep 2 - $0 start - if [ "$?" != "0" ]; then - exit 1 - fi - ;; - status) - echo -n "Status of $DESC: " - check_status -v - exit "$?" - ;; - *) - echo "Usage: $0 {start|stop|restart|force-reload|status}" - exit 1 -esac - -exit 0 - -_EOF - - -# Very Debian specific -# Hacked together at TG15 -# FIXME :-D - -DHCP4_SYSTEMD="/run/systemd/generator.late/isc-dhcp-server.service" -DHCP6_SYSTEMD="/run/systemd/generator.late/isc-dhcp6-server.service" - -cat > ${DHCP4_SYSTEMD}<<'_EOF' -# Automatically generated by bootstrap - -[Unit] -SourcePath=/etc/init.d/isc-dhcp-server -Description=LSB: DHCP server -Before=runlevel2.target runlevel3.target runlevel4.target runlevel5.target shutdown.target -After=remote-fs.target network-online.target systemd-journald-dev-log.socket local-fs.target slapd.service nss-lookup.target -Wants=network-online.target -Conflicts=shutdown.target - -[Service] -Type=forking -Restart=no -TimeoutSec=5min -IgnoreSIGPIPE=no -KillMode=process -GuessMainPID=no -RemainAfterExit=yes -SysVStartPriority=3 -ExecStart=/etc/init.d/isc-dhcp-server start -ExecStop=/etc/init.d/isc-dhcp-server stop - -_EOF - -cat > ${DHCP6_SYSTEMD}<<'_EOF' -# Automatically generated by bootstrap - -[Unit] -SourcePath=/etc/init.d/isc-dhcp6-server -Description=LSB: DHCP server v6 -Before=runlevel2.target runlevel3.target runlevel4.target runlevel5.target shutdown.target -After=remote-fs.target network-online.target systemd-journald-dev-log.socket local-fs.target slapd.service nss-lookup.target -Wants=network-online.target -Conflicts=shutdown.target - -[Service] -Type=forking -Restart=no -TimeoutSec=5min -IgnoreSIGPIPE=no -KillMode=process -GuessMainPID=no -RemainAfterExit=yes -SysVStartPriority=3 -ExecStart=/etc/init.d/isc-dhcp6-server start -ExecStop=/etc/init.d/isc-dhcp6-server stop - -_EOF - - -set +e - -chmod 755 ${DHCP4_INIT} -chmod 755 ${DHCP6_INIT} -touch /var/lib/dhcp/dhcpd.leases -touch /var/lib/dhcp/dhcpd6.leases - - diff --git a/bootstrap/make-dhcpd-include.pl b/bootstrap/make-dhcpd-include.pl deleted file mode 100755 index 86673cb..0000000 --- a/bootstrap/make-dhcpd-include.pl +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -my $base = "/etc"; -$base = $ARGV[0] if $#ARGV > -1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $dhcpd_base = $base . "dhcp/"; -my $includeconfig = $dhcpd_base . "v4-generated-include.conf"; - -my $glob = $dhcpd_base . "conf-v4/*.conf"; -my @configs = glob($glob); - -open CONF, ">" . $includeconfig or die ( $! . " " . $includeconfig); -foreach my $config ( @configs ) -{ - print CONF "include \"" . $config . "\";\n"; -} -close CONF; - -$includeconfig = $dhcpd_base . "v6-generated-include.conf"; - -my $glob = $dhcpd_base . "conf-v6/*.conf"; -my @configs = glob($glob); - -open CONF, ">" . $includeconfig or die ( $! . " " . $includeconfig); -foreach my $config ( @configs ) -{ - print CONF "include \"" . $config . "\";\n"; -} -close CONF;
\ No newline at end of file diff --git a/bootstrap/make-dhcpd.pl b/bootstrap/make-dhcpd.pl deleted file mode 100755 index a5919fc..0000000 --- a/bootstrap/make-dhcpd.pl +++ /dev/null @@ -1,293 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -use Net::IP; -use NetAddr::IP; - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $base = "/etc"; -$base = $ARGV[0] if $#ARGV > -1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $dhcpd_base = $base . "dhcp/"; -my $dhcpd_conf = $dhcpd_base . "dhcpd.conf"; -my $dhcpd_pxeconf = $dhcpd_base . "v4-pxe-boot.conf"; -my $dhcpd_wlc_conf = $dhcpd_base . "v4-wlc.conf"; -my $dhcpd_voip_conf = $dhcpd_base . "v4-voip.conf"; -my $dhcpd_fap_conf = $dhcpd_base . "v4-fap.conf"; - -# primary -my $pri_range = Net::IP->new($nms::config::pri_net_v4) or die ("pri_range fail"); -my $pri_mask = $pri_range->mask(); -my $pri_net = $pri_range->ip(); - -# secondary -my $sec_range = Net::IP->new($nms::config::sec_net_v4) or die ("sec_range fail"); -my $sec_mask = $sec_range->mask(); -my $sec_net = $sec_range->ip(); -(my $sec_last = NetAddr::IP->new($nms::config::sec_net_v4)->last()) =~ s/\/[0-9]{1,2}//; -(my $sec_gw = NetAddr::IP->new($nms::config::sec_net_v4)->first()) =~ s/\/[0-9]{1,2}//; -my $sec_num = NetAddr::IP->new($nms::config::sec_net_v4)->num(); -my $sec_n = $sec_num - int($sec_num / 4); # don't use more than 1/4 of the net for DHCP -(my $sec_first = NetAddr::IP->new($nms::config::sec_net_v4)->nth($sec_n)) =~ s/\/[0-9]{1,2}//; - -# Create main configuration file for DHCP -if ( not -f $dhcpd_conf ) -{ - print STDERR "Creating file " . $dhcpd_conf . "\n"; - open DHCPDFILE, ">" . $dhcpd_conf or die ( $! . " " . $dhcpd_conf); - - print DHCPDFILE <<"EOF"; -# GENERATED BY make-dhcpd.pl - -# 60 min leasetime, 120 min max -default-lease-time 3600; -max-lease-time 7200; - -# make server authorative -authoritative; - -# Don't let clients set their own FQDN -ignore client-updates; - -# enable DDNS -ddns-update-style interim; - -# set ddns-hostname -if exists host-name { - ddns-hostname = lcase(option host-name); -} elsif exists fqdn.hostname { - ddns-hostname = lcase(option fqdn.hostname); -} else { - ddns-hostname = binary-to-ascii(10, 8, "-", leased-address); -} - -# set 'hardware' option to a variable -# rebuilds the complete MAC in cases where you have a leading 0 -set hostmac = concat ( - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,1,1))),2), ":", - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,2,1))),2), ":", - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,3,1))),2), ":", - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,4,1))),2), ":", - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,5,1))),2), ":", - suffix (concat ("0", binary-to-ascii (16, 8, "", substring(hardware,6,1))),2) -); - -# Domain name (unless overriden elsewhere) -option domain-name "$nms::config::tgname.gathering.org"; -option domain-name-servers $nms::config::pri_v4, $nms::config::sec_v4; - -key DHCP_UPDATER { - algorithm HMAC-MD5.SIG-ALG.REG.INT; - secret $nms::config::ddns_key; -} - -# Servernetwork, Tele -subnet $pri_net netmask $pri_mask {} - -# Servernetwork, NOC -# Add small range at the end for PXE -subnet $sec_net netmask $sec_mask { - option subnet-mask $sec_mask; - option routers $sec_gw; - - # No DDNS - ddns-updates off; - ddns-hostname = none; - ddns-domainname = none; - - # supershort leasetime - default-lease-time 300; - max-lease-time 600; - - range $sec_first $sec_last; -} - -include "/etc/dhcp/v4-revzones.conf"; -include "/etc/dhcp/v4-generated-include.conf"; -include "$dhcpd_pxeconf"; -include "$dhcpd_wlc_conf"; -include "$dhcpd_voip_conf"; -include "$dhcpd_fap_conf"; - -EOF - close DHCPDFILE; -} - -# Create PXE-boot configuration file for DHCP -if ( not -f $dhcpd_pxeconf ) -{ - print STDERR "Creating file " . $dhcpd_pxeconf . "\n"; - open PXEFILE, ">" . $dhcpd_pxeconf or die ( $! . " " . $dhcpd_pxeconf); - - print PXEFILE <<"EOF"; -option arch code 93 = unsigned integer 16; - -if option arch = 00:07 { - filename "bootx64.efi"; -} else { - filename "pxelinux.0"; -} - -next-server $nms::config::pxe_server_v4; - -EOF - - close PXEFILE; -} - -# Create WLC configuration file -if ( not -f $dhcpd_wlc_conf ) -{ - print STDERR "Creating file " . $dhcpd_wlc_conf . "\n"; - open WLCFILE, ">" . $dhcpd_wlc_conf or die ( $! . " " . $dhcpd_wlc_conf); - - print WLCFILE <<"EOF"; -option space WLC; -option WLC.controller-address code 43 = text; - -class "access-points" { - # Number of characters has to match the substring - # I.e if "Access Point", you have to use (0, 12) - match if substring (option vendor-class-identifier, 0, 12) = "Access Point"; - - if exists agent.circuit-id { - log( info, concat( "AP: ", hostmac, " - ", option vendor-class-identifier, " - ", option agent.circuit-id )); - } else { - log( info, concat( "AP: ", hostmac, " - ", option vendor-class-identifier )); - } - - vendor-option-space WLC; - option WLC.controller-address "$nms::config::wlc1_v4"; -} -EOF - close WLCFILE; -} - -# Create VoIP config -if ( not -f $dhcpd_voip_conf ) -{ - print STDERR "Creating file " . $dhcpd_voip_conf . "\n"; - open VOIPFILE, ">" . $dhcpd_voip_conf or die ( $! . " " . $dhcpd_voip_conf); - - print VOIPFILE <<"EOF"; -option space CiscoVOIP; -option CiscoVOIP.cm-tftp-server code 150 = array of ip-address; - -class "cisco-voip-lan" { - match if substring (option vendor-class-identifier, 0, 28) = "Cisco Systems, Inc. IP Phone"; - log( info, concat( "LOLOPHONE: " , option vendor-class-identifier )); - - vendor-option-space CiscoVOIP; - option CiscoVOIP.cm-tftp-server $nms::config::voip1_v4; - next-server $nms::config::voip1_v4; -} - -class "cisco-voip-wlan" { - match if substring (option vendor-class-identifier, 0, 33) = "Cisco Systems Inc. Wireless Phone"; - log( info, concat( "BANANAPHONE: " , option vendor-class-identifier )); - - vendor-option-space CiscoVOIP; - option CiscoVOIP.cm-tftp-server $nms::config::voip1_v4; - next-server $nms::config::voip1_v4; -} -EOF - close VOIPFILE; -} - -# Create FAP/Gondul config -if ( not -f $dhcpd_fap_conf ) -{ - print STDERR "Creating file " . $dhcpd_fap_conf . "\n"; - open FAPFILE, ">" . $dhcpd_fap_conf or die ( $! . " " . $dhcpd_fap_conf); - - print FAPFILE <<"EOF"; -# FAP DHCP-configuration - -# Define structure of option 43 ( Zero Touch Protocol options) -option space ztp; -option ztp.image-file-name code 0 = text; -option ztp.config-file-name code 1 = text; -option ztp.image-file-type code 2 = text; -option ztp.transfer-mode code 3 = text; -option ztp.alt-image-file-name code 4 = text; - -# define option 150 - TFTP server (used for defining HTTP server for option 43) -option option-150 code 150 = { ip-address }; - -# define option 60 - used for classifying ZTP clients ("vendor class identifier") -option vendor-class-identifier code 60 = text; - -# only allow FAP "clients" -class "fap-vendor-class" { - # Vendor-Class Option 60, length 21: "Juniper-ex2200-48t-4g" - # Vendor-Class Option 60, length 21: "Juniper-ex3300-48p" - match if substring(option vendor-class-identifier, 0, 10) = "Juniper-ex"; - log( info, concat( "FAP: ", hostmac, " (", option host-name, ") - ", option agent.circuit-id, " - ", option vendor-class-identifier )); -} -class "fap-mac" { - # some Juniper switches won't send vendor-class-identifier - match if ( - ( binary-to-ascii(16, 8, ":", substring(hardware, 1, 3)) = "44:f4:77" ) or - ( binary-to-ascii(16, 8, ":", substring(hardware, 1, 3)) = "f0:1c:2d" ) - ); - if not exists vendor-class-identifier { - log( info, concat( "FAP: ", hostmac, " (", option host-name, ") - ", option agent.circuit-id )); - } -} - -group { - # No DDNS - ddns-updates off; - ddns-hostname = none; - ddns-domainname = none; - - # set short leasetime, so that it times out while the switch rebooting - default-lease-time 120; - max-lease-time 120; - - # ZTP Settings - vendor-option-space ztp; - option option-150 $nms::config::fap_server_v4; - option tftp-server-name "$nms::config::fap_server_v4"; - option ztp.transfer-mode "http"; - option ztp.config-file-name = concat("api/config/", (option agent.circuit-id)); - #option ztp.image-file-name "files/jinstall-ex-2200-14.1X53-D15.2-domestic-signed.tgz"; - - ### define ranges -EOF - - foreach my $fap_net (@nms::config::fap_networks){ - my $fap_subnet = Net::IP->new($fap_net)->ip(); - my $fap_mask = Net::IP->new($fap_net)->mask(); - (my $fap_last = NetAddr::IP->new($fap_net)->last()) =~ s/\/[0-9]{1,2}//; - (my $fap_gw = NetAddr::IP->new($fap_net)->first()) =~ s/\/[0-9]{1,2}//; - my $fap_num = NetAddr::IP->new($fap_net)->num(); - my $fap_n = $fap_num - int($fap_num / 2); # don't use more than 1/2 of the net for DHCP - (my $fap_first = NetAddr::IP->new($fap_net)->nth($fap_n)) =~ s/\/[0-9]{1,2}//; - - print FAPFILE <<"EOF"; - subnet $fap_subnet netmask $fap_mask { - option subnet-mask $fap_mask; - option routers $fap_gw; - pool { - range $fap_first $fap_last; - allow members of "fap-vendor-class"; - allow members of "fap-mac"; - } - } -EOF - - } - - print FAPFILE "}\n"; - close FAPFILE; -} - - - diff --git a/bootstrap/make-dhcpd6.pl b/bootstrap/make-dhcpd6.pl deleted file mode 100755 index dc3f8b9..0000000 --- a/bootstrap/make-dhcpd6.pl +++ /dev/null @@ -1,171 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; - -use Net::IP; - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $base = "/etc"; -$base = $ARGV[0] if $#ARGV > -1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $dhcpd_base = $base . "dhcp/"; -my $dhcpd_conf = $dhcpd_base . "dhcpd6.conf"; -my $dhcpd_pxeconf = $dhcpd_base . "v6-pxe-boot.conf"; -my $dhcpd_wlc_conf = $dhcpd_base . "v6-wlc.conf"; -my $dhcpd_voip_conf = $dhcpd_base . "v6-voip.conf"; - -my $sec_net = Net::IP->new($nms::config::sec_net_v6)->short(); -my ($sec_first, $sec_last) = ("8000", "9999"); - -# Create PXE-boot configuration file for DHCP -if ( not -f $dhcpd_conf ) -{ - print STDERR "Creating file " . $dhcpd_conf . "\n"; - open DHCPDFILE, ">" . $dhcpd_conf or die ( $! . " " . $dhcpd_conf); - - print DHCPDFILE <<"EOF"; -# GENERATED BY make-dhcpd6.pl - -# IPv6 address valid lifetime -# (at the end the address is no longer usable by the client) -# (usual IPv6 default is 30 days) -default-lease-time 3600; - -# IPv6 address preferred lifetime -# (at the end the address is deprecated, i.e., the client should use -# other addresses for new connections) -# (usual IPv6 default is 7 days) -preferred-lifetime 3600; - -# T1, the delay before Renew -# (default is 1/2 preferred lifetime) -option dhcp-renewal-time 1800; - -# T2, the delay before Rebind (if Renews failed) -# (default is 3/4 preferred lifetime) -option dhcp-rebinding-time 1800; - -# Enable RFC 5007 support -allow leasequery; - -# Set preference to 255 (maximum) in order to avoid waiting for -# additional servers when there is only one -option dhcp6.preference 255; - -# Server side command to enable rapid-commit (2 packet exchange) -option dhcp6.rapid-commit; - -# The delay before information-request refresh -# (minimum is 10 minutes, maximum one day, default is to not refresh) -# (set to 6 hours) -option dhcp6.info-refresh-time 21600; - -# Don't let clients set their own FQDN -ignore client-updates; - -# disable ddns -ddns-update-style none; - -# make server authorative -authoritative; - -# Global definitions for name server address(es) and domain search list -option domain-name "$nms::config::tgname.gathering.org"; -option dhcp6.name-servers $nms::config::pri_v6, $nms::config::sec_v6; - -key DHCP_UPDATER { - algorithm HMAC-MD5.SIG-ALG.REG.INT; - secret $nms::config::ddns_key; -} - -subnet6 $nms::config::pri_net_v6 {} -subnet6 $nms::config::sec_net_v6 { - range6 ${sec_net}${sec_first} ${sec_net}${sec_last}; -} - -include "/etc/dhcp/v6-generated-include.conf"; -include "$dhcpd_pxeconf"; -#include "$dhcpd_wlc_conf"; -#include "$dhcpd_voip_conf"; - -EOF - close DHCPDFILE; -} - -# Create PXE-boot configuration file for DHCP -if ( not -f $dhcpd_pxeconf ) -{ - print STDERR "Creating file " . $dhcpd_pxeconf . "\n"; - open PXEFILE, ">" . $dhcpd_pxeconf or die ( $! . " " . $dhcpd_pxeconf); - - print PXEFILE <<"EOF"; -option dhcp6.bootfile-url code 59 = string; -option dhcp6.client-arch-type code 61 = array of unsigned integer 16; - -if option dhcp6.client-arch-type = 00:07 { - option dhcp6.bootfile-url "tftp://[$nms::config::pxe_server_v6]/bootx64.efi"; -} else { - # support a hypothetical BIOS system that can PXE boot over IPv6 - option dhcp6.bootfile-url "tftp://[$nms::config::pxe_server_v6]/pxelinux.0"; -} - -EOF - - close PXEFILE; -} - -# Create WLC configuration file -if ( not -f $dhcpd_wlc_conf ) -{ - print STDERR "Creating file " . $dhcpd_wlc_conf . "\n"; - open WLCFILE, ">" . $dhcpd_wlc_conf or die ( $! . " " . $dhcpd_wlc_conf); - - print WLCFILE <<"EOF"; -option space AP; -option AP.server-address code 241 = array of ip-address; -set vendor-string = option vendor-class-identifier; - -class "access-points" { - match if substring (option vendor-class-identifier, 0, 8) = "Access Point"; - vendor-option-space AP; - option AP.server-address $nms::config::wlc1_v6; -} -EOF - close WLCFILE; -} - -# Create VoIP config -if ( not -f $dhcpd_voip_conf ) -{ - print STDERR "Creating file " . $dhcpd_voip_conf . "\n"; - open VOIPFILE, ">" . $dhcpd_voip_conf or die ( $! . " " . $dhcpd_voip_conf); - - print VOIPFILE <<"EOF"; -option space CiscoVOIP; -option CiscoVOIP.cm-tftp-server code 150 = array of ip-address; - -class "cisco-voip-lan" { - match if substring (option vendor-class-identifier, 0, 28) = "Cisco Systems, Inc. IP Phone"; - vendor-option-space CiscoVOIP; - log( info, concat( "LOLOPHONE: " , option vendor-class-identifier )); - option CiscoVOIP.cm-tftp-server $nms::config::voip1_v6; - next-server $nms::config::voip1_v6; -} - -class "cisco-voip-wlan" { - match if substring (option vendor-class-identifier, 0, 33) = "Cisco Systems Inc. Wireless Phone"; - vendor-option-space CiscoVOIP; - log( info, concat( "BANANAPHONE: " , option vendor-class-identifier )); - option CiscoVOIP.cm-tftp-server $nms::config::voip1_v6; - next-server $nms::config::voip1_v6; -} -EOF - close VOIPFILE; -} - diff --git a/bootstrap/make-first-zones.pl b/bootstrap/make-first-zones.pl deleted file mode 100755 index 63cf1d0..0000000 --- a/bootstrap/make-first-zones.pl +++ /dev/null @@ -1,125 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -use Net::IP; -use NetAddr::IP; -use POSIX qw(strftime); - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $base = "/etc"; -$base = $ARGV[0] if $#ARGV > -1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $serial = strftime("%Y%m%d", localtime(time())) . "01"; - -my $zonefile; -$zonefile = $base . "bind/" . $nms::config::tgname . ".gathering.org.zone"; - -if ( not -f $zonefile ) -{ - print $zonefile . "\n"; - open MAINZONE, ">" . $zonefile or die $! . " " . $zonefile; - - print MAINZONE <<"EOF"; -\$TTL 3600 -@ IN SOA $nms::config::pri_hostname.$nms::config::tgname.gathering.org. abuse.gathering.org. ( - $serial; serial - 3600 ; refresh - 1800 ; retry - 608400 ; expire - 3600 ) ; minimum and default TTL - - IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. - IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. - -$nms::config::pri_hostname IN A $nms::config::pri_v4 -$nms::config::pri_hostname IN AAAA $nms::config::pri_v6 -$nms::config::sec_hostname IN A $nms::config::sec_v4 -$nms::config::sec_hostname IN AAAA $nms::config::sec_v6 -ns1 IN CNAME $nms::config::pri_hostname.$nms::config::tgname.gathering.org. -ns2 IN CNAME $nms::config::sec_hostname.$nms::config::tgname.gathering.org. - -; Generated by make-all-config.sh on the bootstrapping/nms server. -; Will not be overwritten unless it is missing ;) - -EOF - close MAINZONE; -} -else { print "Skipped TG-zone, file exists.\n"; } - -$zonefile = $base . "bind/infra." . $nms::config::tgname . ".gathering.org.zone"; -if ( not -f $zonefile ) -{ - print $zonefile . "\n"; - open MAINZONE, ">" . $zonefile or die $! . " " . $zonefile; - - print MAINZONE <<"EOF"; -\$TTL 3600 -@ IN SOA $nms::config::pri_hostname.$nms::config::tgname.gathering.org. abuse.gathering.org. ( - $serial; serial - 3600 ; refresh - 1800 ; retry - 608400 ; expire - 3600 ) ; minimum and default TTL - - IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. - IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. - -; Generated by make-all-config.sh on the bootstrapping/nms server. -; Will not be overwritten unless it is missing ;) -EOF - close MAINZONE; -} -else { print "Skipped infra-zone, file exists.\n"; } - -# IPv6 PTR -foreach my $ipv6_net (NetAddr::IP->new($nms::config::base_ipv6net)->split(32)){ - my $ipv6 = Net::IP->new($ipv6_net); - (my $ipv6zone = $ipv6->reverse_ip()) =~ s/\.$//; - - $zonefile = $base . "bind/" . $ipv6zone . ".zone"; - if ( not -f $zonefile ) - { - print $zonefile . "\n"; - open IPV6ZONE, ">" . $zonefile or die $! . " " . $zonefile; - - print IPV6ZONE <<"EOF"; -; autogenerated, and updated from dhcpd -- DO NOT TOUCH! -\$TTL 3600 -@ IN SOA $nms::config::pri_hostname.$nms::config::tgname.gathering.org. abuse.gathering.org. ( - $serial; serial - 3600 ; refresh - 1800 ; retry - 608400 ; expire - 3600 ) ; minimum and default TTL - - IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. - IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. - -; WARNING! Do not edit this file directly! -; on the bootstrapping/nms server! -EOF - - # print NS reverse - my $ipv6addr = NetAddr::IP->new($ipv6_net); - my $ip_pri_1 = NetAddr::IP->new($nms::config::pri_v6); - if($ipv6addr->contains($ip_pri_1)){ - my $ip_pri = Net::IP->new( $nms::config::pri_v6 ) or die ( "Error, new Net::IP for " . $nms::config::pri_v6 ); - print IPV6ZONE $ip_pri->reverse_ip() . " IN PTR $nms::config::pri_hostname.$nms::config::tgname.gathering.org.\n"; - } - - my $ip_sec_1 = NetAddr::IP->new($nms::config::sec_v6); - if($ipv6addr->contains($ip_sec_1)){ - my $ip_sec = Net::IP->new( $nms::config::sec_v6 ) or die ( "Error, new Net::IP for " . $nms::config::sec_v6 ); - print IPV6ZONE $ip_sec->reverse_ip() . " IN PTR $nms::config::sec_hostname.$nms::config::tgname.gathering.org.\n"; - } - - close IPV6ZONE; - } - else { print "Skipped v6-reverse-zone, file exists.\n"; } -} diff --git a/bootstrap/make-missing-conf.pl b/bootstrap/make-missing-conf.pl deleted file mode 100755 index 0159452..0000000 --- a/bootstrap/make-missing-conf.pl +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -use Net::IP; -use NetAddr::IP; -use POSIX qw(strftime); - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $serial = strftime("%Y%m%d", localtime(time())) . "01"; - -unless ( (($#ARGV == 0 ) || ( $#ARGV == 1)) - && (( $ARGV[0] eq "master" ) || ( $ARGV[0] eq "slave" )) ) -{ - print STDERR "Invalid usage!\ncat netnames.txt | $0 <master|slave> [basedir]\n"; - exit 1; -} - -my $role = $ARGV[0]; - -my $base = "/etc"; -$base = $ARGV[1] if $#ARGV == 1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - - -print STDERR "Role is " . $role . "\n"; -print STDERR "Base dir is " . $base . "\n"; - -my $bind_base = $base . "bind/"; -my $dhcpd_base = $base . "dhcp/"; - -my $bind_conf_master = $bind_base . "conf-master/"; -my $bind_conf_slave = $bind_base . "conf-slave/"; - -my $base_ipv4 = Net::IP->new( $nms::config::base_ipv4net ); -my ($cp_oct, $cs_oct, $ct_oct) = ($nms::config::base_ipv4net =~ m/^(\d+)\.(\d+)\.(\d+)\..*/); - -while ( <STDIN> ){ - next if ( $_ =~ m/^(#|$)/); # comment or blank line - my $line = $_; - chomp $line; - # <v4 net> <v6 net> <network-name> - # 151.216.129.0/26 2a02:ed02:129a::/64 noc - # we assume not smaller than /64 on v6 - die ("Invalid format on input.\n") if not $line =~ m/^((\d+\.){3}\d+\/\d+)\s+(([a-fA-F0-9]+\:){1,4}\:\/\d+)\s+([\w|-]+).*/; - my ( $v4_net, $v6_net, $name ) = ( $1, $3, $5 ); - - my $master_config = $bind_conf_master . $name . ".conf"; - my $slave_config = $bind_conf_slave . $name . ".conf"; - my $zone_file = $bind_base . "dynamic/$name.$nms::config::tgname.gathering.org.zone"; - - # DHCP4 - my $dhcp_dynconf_dir = $dhcpd_base . "conf-v4/"; - my $dhconfig = $dhcp_dynconf_dir . $name . ".conf"; - - if ( not -f $dhconfig ){ - print STDERR "Creating file " . $dhconfig . "\n"; - - my $network = Net::IP->new($v4_net)->ip(); - my $netmask = Net::IP->new($v4_net)->mask(); - (my $first = NetAddr::IP->new($v4_net)->nth(3)) =~ s/\/[0-9]{1,2}//; # we reserve the three first addresses - (my $last = NetAddr::IP->new($v4_net)->last()) =~ s/\/[0-9]{1,2}//; - (my $gw = NetAddr::IP->new($v4_net)->first()) =~ s/\/[0-9]{1,2}//; - - open DFILE, ">" . $dhconfig or die ( $! . " " . $dhconfig); - - print DFILE <<"EOF"; -zone $name.$nms::config::tgname.gathering.org { - primary $nms::config::ddns_to; - key DHCP_UPDATER; -} -subnet $network netmask $netmask { - option subnet-mask $netmask; - option routers $gw; - option domain-name "$name.$nms::config::tgname.gathering.org"; - ddns-domainname "$name.$nms::config::tgname.gathering.org"; - range $first $last; -} - -EOF - - close DFILE; - } - - # DHCP6 - $dhcp_dynconf_dir = $dhcpd_base . "conf-v6/"; - $dhconfig = $dhcp_dynconf_dir . $name . ".conf"; - - if ( not -f $dhconfig ){ - print STDERR "Creating file " . $dhconfig . "\n"; - - my $network = Net::IP->new($v6_net)->short(); - my ($first, $last) = ("1000", "9999"); - - open DFILE, ">" . $dhconfig or die ( $! . " " . $dhconfig); - - print DFILE <<"EOF"; -zone $name.$nms::config::tgname.gathering.org { - primary $nms::config::ddns_to; - key DHCP_UPDATER; -} -subnet6 $v6_net { - option domain-name "$name.$nms::config::tgname.gathering.org"; - - range6 ${network}${first} ${network}${last}; -} - -EOF - - close DFILE; - } - - # Create zone files for bind9 on master/primary - if ( ( not -f $zone_file ) && ( $role eq "master" ) ) - { - print STDERR "Creating file " . $zone_file . "\n"; - open ZFILE, ">" . $zone_file or die ( $! . " " . $zone_file); - print ZFILE << "EOF"; -; Base reverse zones are updated from dhcpd -- DO NOT TOUCH! -\$TTL 3600 -@ IN SOA $nms::config::pri_hostname.$nms::config::tgname.gathering.org. abuse.gathering.org. ( - $serial ; serial - 3600 ; refresh - 1800 ; retry - 608400 ; expire - 3600 ) ; minimum and default TTL - - IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. - IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. -\$ORIGIN $name.$nms::config::tgname.gathering.org. -EOF - close ZFILE; - } - - # Create bind9 configuration files for zones. - my $bind_file = ""; - $bind_file = $master_config if ( $role eq "master"); - $bind_file = $slave_config if ( $role eq "slave"); - die ("WTF, role does not match 'master' or 'slave'" ) if ( $bind_file eq ""); - - if ( not -f $bind_file ){ - print STDERR "Creating file " . $bind_file . "\n"; - open NFILE, ">" . $bind_file or die ( $! . " " . $bind_file); - - print NFILE <<"EOF"; -zone "$name.$nms::config::tgname.gathering.org" { - allow-transfer { ns-xfr; }; -EOF - - if ( $role eq "master" ) { - print NFILE <<"EOF"; - type master; - notify yes; - allow-update { key DHCP_UPDATER; }; - file "dynamic/$name.$nms::config::tgname.gathering.org.zone"; -}; -EOF - } else { - print NFILE <<"EOF"; - type slave; - notify no; - masters { master_ns; }; - file "slave/$name.$nms::config::tgname.gathering.org.zone"; -}; -EOF - } - - close NFILE; - } -} diff --git a/bootstrap/make-named.pl b/bootstrap/make-named.pl deleted file mode 100755 index 9eaf592..0000000 --- a/bootstrap/make-named.pl +++ /dev/null @@ -1,196 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -use NetAddr::IP; - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - - -use Net::IP; -use Net::IP qw(:PROC); - -unless ( (($#ARGV == 0 ) || ( $#ARGV == 1)) - && (( $ARGV[0] eq "master" ) || ( $ARGV[0] eq "slave" )) ) -{ - print STDERR "Invalid usage!\ncat netnames.txt | $0 <master|slave> [basedir]\n"; - exit 1; -} - -my $role = $ARGV[0]; - -my $base = "/etc"; -$base = $ARGV[1] if $#ARGV == 1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $bind_base = $base . "bind/"; -my $named_file = $bind_base . "named.conf"; - -if ( -f $named_file ) -{ - print STDERR $named_file . " already exists. Cowardly refusing to continue.\n"; - exit; -} - -my $run = `date +%Y%m%d-%H%M`; - -open NFILE, ">" . $named_file or die ( $! . " " . $named_file ); - -chomp $run; -my $rec_net = join("; ", @nms::config::rec_net); -print NFILE <<EOF; -// This named.conf was generated by make-named.pl at $run -// The current version of make-named.pl should not overwrite this file. -acl tg-nett { $nms::config::base_ipv4net; $nms::config::base_ipv6net; $rec_net; 127.0.0.0/8; ::1; }; -acl ns-xfr { $nms::config::sec_v4; $nms::config::sec_v6; $nms::config::pri_v4; $nms::config::pri_v6; $nms::config::noc_net; }; -acl ext-xfr { $nms::config::ext_xfer; }; - -options { - directory "/etc/bind"; - allow-recursion { tg-nett; }; - allow-query { any; }; - allow-transfer { ns-xfr; }; - recursion yes; - auth-nxdomain no; - listen-on-v6 { any; }; - statistics-file "/etc/bind/named.rndc-stats"; -}; - -logging { - category "default" { "debug"; }; - category "general" { "debug"; }; - category "database" { "debug"; }; - category "security" { "debug"; "stats"; }; - category "config" { "debug"; "stats"; }; - category "resolver" { "debug"; "stats"; }; - category "xfer-in" { "debug"; "stats"; }; - category "xfer-out" { "debug"; "stats"; }; - category "notify" { "debug"; "stats"; }; - category "client" { "debug"; }; - category "unmatched" { "debug"; }; - category "network" { "debug"; }; - category "update" { "debug"; }; - category "queries" { "stats"; }; - category "dispatch" { "debug"; }; - category "dnssec" { "debug"; }; - category "lame-servers" { "debug"; }; - - channel "debug" { - file "/etc/bind/nameddbg" versions 2 size 50m; - print-time yes; - print-category yes; - print-severity yes; - severity debug 9; - }; - - channel "stats" { - file "/etc/bind/namedstats" versions 2 size 50m; - print-time yes; - print-category yes; - print-severity yes; - severity debug 3; - }; -}; - -key DHCP_UPDATER { - algorithm HMAC-MD5.SIG-ALG.REG.INT; - secret $nms::config::ddns_key; -}; -EOF - -if ( $role eq "master" ) -{ - print NFILE <<EOF; - -zone "$nms::config::tgname.gathering.org" { - type master; - file "$nms::config::tgname.gathering.org.zone"; - notify yes; - allow-transfer { ns-xfr; }; -}; - -zone "infra.$nms::config::tgname.gathering.org" { - type master; - file "infra.$nms::config::tgname.gathering.org.zone"; - notify yes; - allow-transfer { ns-xfr; }; -}; - -EOF - - # IPv6 PTR - foreach my $ipv6_net (NetAddr::IP->new($nms::config::base_ipv6net)->split(32)){ - my $ipv6 = Net::IP->new($ipv6_net); - (my $ipv6zone = $ipv6->reverse_ip()) =~ s/\.$//; - - - print NFILE <<EOF; -zone "$ipv6zone" { - type master; - allow-update { key DHCP_UPDATER; }; - notify yes; - file "$ipv6zone.zone"; - allow-transfer { ns-xfr; ext-xfr; }; -}; - -EOF - } - - print NFILE <<EOF; - -include "/etc/bind/named.conf.default-zones"; -include "named.reverse4.conf"; -include "named.master-include.conf"; -EOF - -} - -if ( $role eq "slave" ) -{ - print NFILE <<EOF; - -masters master_ns { $nms::config::pri_v6; $nms::config::pri_v4; }; - -zone "$nms::config::tgname.gathering.org" { - type slave; - file "slave/$nms::config::tgname.gathering.org"; - notify no; - masters { master_ns; }; -}; - -zone "infra.$nms::config::tgname.gathering.org" { - type slave; - file "slave/infra.$nms::config::tgname.gathering.org"; - notify no; - masters { master_ns; }; -}; - -EOF - - # IPv6 PTR - foreach my $ipv6_net (NetAddr::IP->new($nms::config::base_ipv6net)->split(32)){ - my $ipv6 = Net::IP->new($ipv6_net); - (my $ipv6zone = $ipv6->reverse_ip()) =~ s/\.$//; - - print NFILE <<EOF; -zone "$ipv6zone" { - type slave; - notify no; - masters { master_ns; }; - file "slave/$ipv6zone"; - allow-transfer { ns-xfr; ext-xfr; }; -}; - -EOF - } - - print NFILE <<EOF; - -include "named.conf.default-zones"; -include "named.slave-reverse4.conf"; -include "named.slave-include.conf"; -EOF -} diff --git a/bootstrap/make-pxeboot.sh b/bootstrap/make-pxeboot.sh deleted file mode 100755 index 4ee0063..0000000 --- a/bootstrap/make-pxeboot.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -# -# This tool is to be executed by make-base-requires.sh -# From tg14 we assume that TFTP server/PXE-boot server -# is the Secondary/SMTP/TFTP box. -# -# TODO: Either rewrite this to be run at/from the bootstrapper, -# and/or add support for ${BASE} redirection.. - -apt-get -y install tftpd-hpa -apt-get -y install nfs-kernel-server - -cat << END > /etc/default/tftpd-hpa -TFTP_USERNAME="tftp" -TFTP_DIRECTORY="/var/lib/tftpboot" -TFTP_ADDRESS=":69" -TFTP_OPTIONS="--secure" -END - -mkdir -p /var/lib/tftpboot - -cd ~/tgmanage -# NOTE, this step depends on an SCP of basic content from the bootstrap... -# This should be done by bootstrap/update-tools ... -cp -R pxe/* /var/lib/tftpboot - -bootstrap/fetch-debinstall.sh /var/lib/tftpboot/debian -# bootstrap/fetch-ubuntulive.sh <- this tool does not exist xD -# NOTE! The pxe/ directory contains an 'ubuntu' menu... -# The files required to booting Ubuntu installer or live -# must be fetched manually (for now) - -# Restart tftpd-hpa.service -systemctl restart tftpd-hpa.service - diff --git a/bootstrap/make-reverse4-files.pl b/bootstrap/make-reverse4-files.pl deleted file mode 100755 index 88f7a37..0000000 --- a/bootstrap/make-reverse4-files.pl +++ /dev/null @@ -1,160 +0,0 @@ -#!/usr/bin/perl -I /root/tgmanage -use strict; -use Net::IP; -use POSIX qw(strftime); - -BEGIN { - require "include/config.pm"; - eval { - require "include/config.local.pm"; - }; -} - -my $serial = strftime("%Y%m%d", localtime(time())) . "01"; - -unless ( (($#ARGV == 0 ) || ( $#ARGV == 1)) - && (( $ARGV[0] eq "master" ) || ( $ARGV[0] eq "slave" )) ) -{ - print STDERR "Invalid usage!\n$0 <master|slave> [basedir]\n"; - exit 1; -} - -my $role = $ARGV[0]; - -my $base = "/etc"; -$base = $ARGV[1] if $#ARGV == 1; -$base .= "/" if not $base =~ m/\/$/ and not $base eq ""; - -my $bind_base = $base . "bind/"; -my $dhcpd_base = $base . "dhcp/"; -my $dhcp_revzones_file = $dhcpd_base . "v4-revzones.conf"; -my $bind_pri_revzones_file = $bind_base . "named.reverse4.conf"; -my $bind_sec_revzones_file = $bind_base . "named.slave-reverse4.conf"; - -my $base_ipv4 = Net::IP->new($nms::config::base_ipv4net) or die ("base_v4 fail"); -my ($p_oct, $s_oct, $t_oct) = ($nms::config::base_ipv4net =~ m/^(\d+)\.(\d+)\.(\d+)\..*/); -my ($pp_oct, $ps_oct, $pt_oct, $pf_oct) = ($nms::config::pri_v4 =~ m/^(\d+)\.(\d+)\.(\d+)\.(\d+).*/); -my ($sp_oct, $ss_oct, $st_oct, $sf_oct) = ($nms::config::sec_v4 =~ m/^(\d+)\.(\d+)\.(\d+)\.(\d+).*/); -my $block; - -if ( $role eq "master" ) -{ - open DFILE, ">" . $dhcp_revzones_file or die $!; - open NFILE, ">" . $bind_pri_revzones_file or die $!; -} -elsif ( $role eq "slave" ) -{ - open DFILE, ">" . $dhcp_revzones_file or die $!; - open SFILE, ">" . $bind_sec_revzones_file or die $!; -} -else -{ - die ("WTF, role is neither 'master' or 'slave'"); -} - -sub add_zone{ - my $ptr_zone = Net::IP->new("$p_oct.$s_oct.$t_oct.0/24") or die ("dhcp_reverse fail"); - my $dhcp_ptr = $ptr_zone->reverse_ip(); - (my $bind_ptr = $dhcp_ptr) =~ s/\.$//; - - if ( $role eq "master" ) - { - # Generating IPv4-related reverse-stuff for - # both bind9 and dhcp on master. - - print DFILE <<"EOF"; -zone $dhcp_ptr { - primary $nms::config::ddns_to; - key DHCP_UPDATER; -} -EOF - - print NFILE <<"EOF"; -// $block -zone "$bind_ptr" { - type master; - allow-update { key DHCP_UPDATER; }; - notify yes; - allow-transfer { ns-xfr; ext-xfr; }; - file "reverse/$bind_ptr.zone"; -}; - -EOF - - my $zfilename = $bind_base . "reverse/" . $bind_ptr . ".zone"; - open ZFILE, ">", $zfilename; - - print ZFILE <<"EOF"; -; $zfilename -; $block -; Base reverse zones are updated from dhcpd -- DO NOT TOUCH! -\$TTL 3600 -@ IN SOA $nms::config::pri_hostname.$nms::config::tgname.gathering.org. abuse.gathering.org. ( - $serial ; serial - 3600 ; refresh - 1800 ; retry - 608400 ; expire - 3600 ) ; minimum and default TTL - - IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. - IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. - -\$ORIGIN $bind_ptr. -EOF - - # add reverse if DNS-servers belong to zone - if ( ($pt_oct == $t_oct) && ($ps_oct == $s_oct) ) - { - print ZFILE $pf_oct . " IN PTR $nms::config::pri_hostname.$nms::config::tgname.gathering.org.\n"; - } - if ( ($st_oct == $t_oct) && ($ss_oct == $s_oct) ) - { - print ZFILE $sf_oct . " IN PTR $nms::config::sec_hostname.$nms::config::tgname.gathering.org.\n"; - } - } - else - { - # if not master, aka slave - print SFILE <<"EOF"; -// $block -zone "$bind_ptr" { - type slave; - notify no; - file "slave/$bind_ptr.cache"; - masters { master_ns; }; - allow-transfer { ns-xfr; ext-xfr; }; -}; - -EOF - } -} - -# for each /24 in the primary v4-net -while (1){ - $block = $p_oct . "." . $s_oct . "." . $t_oct . ".0/24"; - my $current = Net::IP->new($block) or die ("Net::IP failed for " . $block); - - add_zone(); - - if ( $current->last_int() == $base_ipv4->last_int() ) - { - print STDERR "Reached last IP network. Finished.\n"; - last; - } - $t_oct++; -} - -# for each specially defined /24 -foreach my $special_net (@nms::config::extra_nets){ - # a.b.c.d/24 - $block = $special_net; - $base_ipv4 = Net::IP->new($special_net) or die ("base_v4 fail"); - ($p_oct, $s_oct, $t_oct) = ($special_net =~ m/^(\d+)\.(\d+)\.(\d+)\..*/); - - add_zone(); -} - -# Close all files, even those that have never been opened ;) -close DFILE; -close NFILE; -close SFILE; diff --git a/bootstrap/update-baseservice.sh b/bootstrap/update-baseservice.sh deleted file mode 100755 index c3c0c7e..0000000 --- a/bootstrap/update-baseservice.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/bash - -set -e - -BASE=""; -if [ -n $1 ] -then - BASE=$1 - echo "Using base path ${BASE}" -fi - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -cd ~/tgmanage - -cat netlist.txt | ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-missing-conf.pl master ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-bind-include.pl master ${BASE}" -ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcpd-include.pl ${BASE}" - -set +e -ssh -l root ${PRIMARY} "chown bind.bind /etc/bind/dynamic/*.zone"; -set -e - -cat netlist.txt | ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-missing-conf.pl slave ${BASE}" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-bind-include.pl slave ${BASE}" -ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcpd-include.pl ${BASE}" diff --git a/bootstrap/update-tools.sh b/bootstrap/update-tools.sh deleted file mode 100755 index dacb86b..0000000 --- a/bootstrap/update-tools.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -set -e - -source include/tgmanage.cfg.sh -if [ -z ${PRIMARY} ] -then - echo "Not configured!"; - exit 1; -fi; - -cd ~/tgmanage - -ssh -l root ${PRIMARY} "mkdir -p ~/tgmanage" -ssh -l root ${SECONDARY} "mkdir -p ~/tgmanage" - -scp -r bootstrap root@${PRIMARY}:tgmanage/ -scp -r bootstrap root@${SECONDARY}:tgmanage/ -scp -r include root@${PRIMARY}:tgmanage/ -scp -r include root@${SECONDARY}:tgmanage/ -scp -r clients root@${PRIMARY}:tgmanage/ -scp -r clients root@${SECONDARY}:tgmanage/ - -# use last years example files -export TGNAME -last_year=`perl -e '($y)=($ENV{TGNAME} =~ m/^tg(\d\d)$/); $y--; print "tg$y"'` -scp -r examples/$last_year/pxe root@${SECONDARY}:tgmanage/ |