diff options
| -rwxr-xr-x | bootstrap/apply-baseupdate.sh | 1 | ||||
| -rwxr-xr-x | bootstrap/make-base-requires.sh | 5 | ||||
| -rwxr-xr-x | bootstrap/make-dhcp6-init.sh | 426 | ||||
| -rwxr-xr-x | bootstrap/make-dhcpd.pl | 14 | ||||
| -rwxr-xr-x | bootstrap/make-dhcpd6.pl | 14 | ||||
| -rwxr-xr-x | bootstrap/make-missing-conf.pl | 2 | ||||
| -rwxr-xr-x | bootstrap/make-reverse4-files.pl | 19 | ||||
| -rwxr-xr-x | bootstrap/update-tools.sh | 2 | ||||
| -rwxr-xr-x | clients/update-public-nms.sh | 9 | ||||
| -rw-r--r-- | examples/tg15/nms-bootstrap.rst | 61 | ||||
| -rwxr-xr-x | include/config.pm.dist | 4 | ||||
| -rwxr-xr-x | tools/dhcp6-nets.pl | 12 | ||||
| -rwxr-xr-x | tools/make-linknet-hosts.pl | 34 | ||||
| -rw-r--r-- | web/etc/apache2/nms-public.tg15.gathering.org | 11 | ||||
| -rw-r--r-- | web/etc/apache2/nms.tg15.gathering.org | 36 | ||||
| -rw-r--r-- | web/etc/apache2/stream.tg15.gathering.org (renamed from web/etc/apache2/stream.tg13.gathering.org) | 12 | ||||
| -rw-r--r-- | web/etc/apache2/tech.tg13.gathering.org | 12 | ||||
| -rw-r--r-- | web/etc/apache2/tech.tg15.gathering.org | 12 |
18 files changed, 476 insertions, 210 deletions
diff --git a/bootstrap/apply-baseupdate.sh b/bootstrap/apply-baseupdate.sh index 055320c..d4c6fe2 100755 --- a/bootstrap/apply-baseupdate.sh +++ b/bootstrap/apply-baseupdate.sh @@ -10,5 +10,6 @@ then fi; ssh -l root ${PRIMARY} "/etc/init.d/isc-dhcp-server restart" +ssh -l root ${PRIMARY} "/etc/init.d/isc-dhcp6-server restart" ssh -l root ${PRIMARY} "/usr/sbin/rndc reload" ssh -l root ${SECONDARY} "/usr/sbin/rndc reload" diff --git a/bootstrap/make-base-requires.sh b/bootstrap/make-base-requires.sh index 228c620..8013cf6 100755 --- a/bootstrap/make-base-requires.sh +++ b/bootstrap/make-base-requires.sh @@ -44,6 +44,8 @@ ssh -l root ${PRIMARY} "mkdir -p ${BASE}/dhcp/conf-v4/" ssh -l root ${PRIMARY} "mkdir -p ${BASE}/dhcp/conf-v6/" ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcp6-init.sh" +ssh -l root ${PRIMARY} "systemctl enable isc-dhcp-server" +ssh -l root ${PRIMARY} "systemctl enable isc-dhcp6-server" ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-named.pl master ${BASE}" ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcpd.pl ${BASE}" ssh -l root ${PRIMARY} "~/tgmanage/bootstrap/make-dhcpd6.pl ${BASE}" @@ -56,7 +58,8 @@ ssh -l root ${SECONDARY} "mkdir -p ${BASE}/dhcp/conf-v4/" ssh -l root ${SECONDARY} "mkdir -p ${BASE}/dhcp/conf-v6/" ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcp6-init.sh" -ssh -l root ${SECONDARY} "insserv -r isc-dhcp-server" +ssh -l root ${SECONDARY} "systemctl disable isc-dhcp-server" +ssh -l root ${SECONDARY} "systemctl disable isc-dhcp6-server" ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcpd.pl ${BASE}" ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-dhcpd6.pl ${BASE}" ssh -l root ${SECONDARY} "~/tgmanage/bootstrap/make-named.pl slave ${BASE}" diff --git a/bootstrap/make-dhcp6-init.sh b/bootstrap/make-dhcp6-init.sh index b022b03..9525cdc 100755 --- a/bootstrap/make-dhcp6-init.sh +++ b/bootstrap/make-dhcp6-init.sh @@ -1,40 +1,69 @@ #!/bin/bash -DHCP_DEFAULT="/etc/default/isc-dhcp-server" -DHCP_INIT="/etc/init.d/isc-dhcp-server" +DHCP4_DEFAULT="/etc/default/isc-dhcp-server" +DHCP4_INIT="/etc/init.d/isc-dhcp-server" +DHCP6_DEFAULT="/etc/default/isc-dhcp6-server" +DHCP6_INIT="/etc/init.d/isc-dhcp6-server" -if [ -e "${DHCP_DEFAULT}" ]; +if [ -e "${DHCP4_DEFAULT}" ]; then - echo "${DHCP_DEFAULT} exists! Overwriting." + echo "${DHCP4_DEFAULT} exists! Overwriting." +fi +if [ -e "${DHCP6_DEFAULT}" ]; +then + echo "${DHCP6_DEFAULT} exists! Overwriting." fi set -e -cat > ${DHCP_DEFAULT}<<'_EOF' +cat > ${DHCP4_DEFAULT}<<'_EOF' +# Defaults for isc-dhcp-server initscript +# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). +DHCPD_CONF=/etc/dhcp/dhcpd.conf + +# Path to dhcpd's PID file (default: /var/run/dhcpd.pid). +DHCPD_PID=/var/run/dhcpd.pid + +# Additional options to start dhcpd with. +# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead +OPTIONS="-4" + +# On what interfaces should the DHCP server (dhcpd) serve DHCP requests? +# Separate multiple interfaces with spaces, e.g. "eth0 eth1". +INTERFACES="eth0" +_EOF + +cat > ${DHCP6_DEFAULT}<<'_EOF' +# Defaults for isc-dhcp-server initscript +# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). +DHCPD_CONF=/etc/dhcp/dhcpd6.conf -# Defaults for dhcp initscript +# Path to dhcpd's PID file (default: /var/run/dhcpd.pid). +DHCPD_PID=/var/run/dhcpd6.pid -# you can enable v4 and/or v6 protocols -V4_ENABLED="yes" -V6_ENABLED="yes" +# Additional options to start dhcpd with. +# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead +OPTIONS="-6" # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? -# Separate multiple interfaces with spaces, e.g. "eth0 eth1". -INTERFACES_V4="eth0" -INTERFACES_V6="eth0" +# Separate multiple interfaces with spaces, e.g. "eth0 eth1". +INTERFACES="eth0" _EOF set +e -if [ -e "${DHCP_INIT}" ]; +if [ -e "${DHCP4_INIT}" ]; then - echo "${DHCP_INIT} exists! Overwriting." + echo "${DHCP4_INIT} exists! Overwriting." +fi +if [ -e "${DHCP6_INIT}" ]; +then + echo "${DHCP6_INIT} exists! Overwriting." fi set -e -cat > ${DHCP_INIT}<<'_EOF' - +cat > ${DHCP4_INIT}<<'_EOF' #!/bin/sh # # @@ -55,154 +84,289 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin test -f /usr/sbin/dhcpd || exit 0 +DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp-server}" + # It is not safe to start if we don't have a default configuration... -if [ ! -f /etc/default/isc-dhcp-server ]; then - echo "/etc/default/isc-dhcp-server does not exist! - Aborting..." - echo "Run 'dpkg-reconfigure isc-dhcp-server' to fix the problem." - exit 0 +if [ ! -f "$DHCPD_DEFAULT" ]; then + echo "$DHCPD_DEFAULT does not exist! - Aborting..." + if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp-server" ]; then + echo "Run 'dpkg-reconfigure isc-dhcp-server' to fix the problem." + fi + exit 0 fi . /lib/lsb/init-functions -# Read init script configuration (so far only interfaces the daemon -# should listen on.) -[ -f /etc/default/isc-dhcp-server ] && . /etc/default/isc-dhcp-server +# Read init script configuration +[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" NAME=dhcpd -DESC="DHCPv4" -DHCPDPID=/var/run/dhcpd.pid - -NAME6=dhcpd6 -DESC6="DHCPv6" -DHCPDPID6=/var/run/dhcpd6.pid - +DESC="ISC DHCP server" +# fallback to default config file +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd.conf} +# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid +if [ -z "$DHCPD_PID" ]; then + DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) +fi +DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd.pid}" -# $1 -> version (-4 or -6) -# $2 -> config file (usually /etc/dhcp/dhcpd.conf or /etc/dhcp/dhcpd6.conf) test_config() { - if ! /usr/sbin/dhcpd -t $1 -cf $2 -q > /dev/null 2>&1; then - echo "dhcpd self-test failed. Please fix the config file." - echo "The error was: " - /usr/sbin/dhcpd -t -6 -cf $2 - exit 1 - fi + if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then + echo "dhcpd self-test failed. Please fix $DHCPD_CONF." + echo "The error was: " + /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" + exit 1 + fi + touch /var/lib/dhcp/dhcpd.leases } -# $1 -> -v for messages, -q for none -# $2 -> PID file -# $3 -> NAME +# single arg is -v for messages, -q for none check_status() { - if [ ! -r $2 ]; then - test "$1" != -v || echo "$3 is not running." - return 3 + if [ ! -r "$DHCPD_PID" ]; then + test "$1" != -v || echo "$NAME is not running." + return 3 fi - if read pid < "$2" && ps -p "$pid" > /dev/null 2>&1; then - test "$1" != -v || echo "$3 is running." - return 0 + if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then + test "$1" != -v || echo "$NAME is running." + return 0 else - test "$1" != -v || echo "$3 is not running but $2 exists." - return 1 + test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." + return 1 fi } +case "$1" in + start) + test_config + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ + --exec /usr/sbin/dhcpd -- \ + -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES + sleep 2 + + if check_status -q; then + log_end_msg 0 + else + log_failure_msg "check syslog for diagnostics." + log_end_msg 1 + exit 1 + fi + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" + log_end_msg $? + rm -f "$DHCPD_PID" + ;; + restart | force-reload) + test_config + $0 stop + sleep 2 + $0 start + if [ "$?" != "0" ]; then + exit 1 + fi + ;; + status) + echo -n "Status of $DESC: " + check_status -v + exit "$?" + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload|status}" + exit 1 +esac + +exit 0 + +_EOF + +cat > ${DHCP6_INIT}<<'_EOF' +#!/bin/sh +# +# -start_daemon() +### BEGIN INIT INFO +# Provides: isc-dhcp6-server +# Required-Start: $remote_fs $network $syslog +# Required-Stop: $remote_fs $network $syslog +# Should-Start: $local_fs slapd $named +# Should-Stop: $local_fs slapd +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: DHCP server v6 +# Description: Dynamic Host Configuration Protocol Server v6 +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin + +test -f /usr/sbin/dhcpd || exit 0 + +DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp6-server}" + +# It is not safe to start if we don't have a default configuration... +if [ ! -f "$DHCPD_DEFAULT" ]; then + echo "$DHCPD_DEFAULT does not exist! - Aborting..." + if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp6-server" ]; then + echo "Run 'dpkg-reconfigure isc-dhcp6-server' to fix the problem." + fi + exit 0 +fi + +. /lib/lsb/init-functions + +# Read init script configuration +[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT" + +NAME=dhcpd +DESC="ISC DHCP server" +# fallback to default config file +DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd6.conf} +# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid +if [ -z "$DHCPD_PID" ]; then + DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1) +fi +DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd6.pid}" + +test_config() { - VERSION=$1 - CONF_FILE=$2 - PROCESS=$3 - PIDFILE=$4 - DESCRIPTION=$5 - - shift 5 - INTERFACES=$* - - test_config "$VERSION" "$CONF_FILE"; - log_daemon_msg "Starting ISC $DESCRIPTION server" "$PROCESS"; - start-stop-daemon --start --quiet --pidfile $PIDFILE \ - --exec /usr/sbin/dhcpd -- $VERSION -q -cf $CONF_FILE \ - $INTERFACES - sleep 2 - if check_status -q $PIDFILE $NAME; then - log_end_msg 0 - else - log_failure_msg "check syslog for diagnostics." - log_end_msg 1 - exit 1 - fi + if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then + echo "dhcpd self-test failed. Please fix $DHCPD_CONF." + echo "The error was: " + /usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF" + exit 1 + fi + touch /var/lib/dhcp/dhcpd.leases } -stop_daemon() +# single arg is -v for messages, -q for none +check_status() { - # Is DHCPv6 enabled? or daemon is runing ? - if test "$V6_ENABLED" = "yes" || check_status -q $DHCPDPID6 $NAME; then - log_daemon_msg "Stopping ISC DHCPv6 server" "$NAME6" - start-stop-daemon --stop --quiet --pidfile $DHCPDPID6 - log_end_msg $? - rm -f "$DHCPDPID6" - fi - - # Is DHCPv4 enabled or daemon is runing? - if test "$V4_ENABLED" = "yes" || check_status -q $DHCPDPID $NAME; then - log_daemon_msg "Stopping ISC DHCPv4 server" "$NAME" - start-stop-daemon --stop --quiet --pidfile $DHCPDPID - log_end_msg $? - rm -f "$DHCPDPID" - fi + if [ ! -r "$DHCPD_PID" ]; then + test "$1" != -v || echo "$NAME is not running." + return 3 + fi + if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then + test "$1" != -v || echo "$NAME is running." + return 0 + else + test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists." + return 1 + fi } - case "$1" in - start) - # Is DHCPv6 enabled? - case "$V6_ENABLED" in - yes) - start_daemon "-6" "/etc/dhcp/dhcpd6.conf" \ - $NAME6 $DHCPDPID6 $DESC6 $INTERFACES_V6 - ;; - esac - - # Is DHCPv4 enabled? - case "$V4_ENABLED" in - yes) - start_daemon "-4" "/etc/dhcp/dhcpd.conf" \ - $NAME $DHCPDPID $DESC $INTERFACES_V4 - ;; - esac - - ;; - stop) - stop_daemon - ;; - restart | force-reload) - #test_config - $0 stop - sleep 2 - $0 start - if [ "$?" != "0" ]; then - exit 1 - fi - ;; - status) - echo -n "Status of $DESC: " - check_status -v $DHCPDPID $NAME - echo -n "Status of $DESC6: " - check_status -v $DHCPDPID6 $NAME6 - - exit "$?" - ;; - *) - echo "Usage: $0 {start|stop|restart|force-reload|status}" - exit 1 + start) + test_config + log_daemon_msg "Starting $DESC" "$NAME" + start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \ + --exec /usr/sbin/dhcpd -- \ + -q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES + sleep 2 + + if check_status -q; then + log_end_msg 0 + else + log_failure_msg "check syslog for diagnostics." + log_end_msg 1 + exit 1 + fi + ;; + stop) + log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID" + log_end_msg $? + rm -f "$DHCPD_PID" + ;; + restart | force-reload) + test_config + $0 stop + sleep 2 + $0 start + if [ "$?" != "0" ]; then + exit 1 + fi + ;; + status) + echo -n "Status of $DESC: " + check_status -v + exit "$?" + ;; + *) + echo "Usage: $0 {start|stop|restart|force-reload|status}" + exit 1 esac exit 0 _EOF + +# Very Debian specific +# Hacked together at TG15 +# FIXME :-D + +DHCP4_SYSTEMD="/run/systemd/generator.late/isc-dhcp-server.service" +DHCP6_SYSTEMD="/run/systemd/generator.late/isc-dhcp6-server.service" + +cat > ${DHCP4_SYSTEMD}<<'_EOF' +# Automatically generated by bootstrap + +[Unit] +SourcePath=/etc/init.d/isc-dhcp-server +Description=LSB: DHCP server +Before=runlevel2.target runlevel3.target runlevel4.target runlevel5.target shutdown.target +After=remote-fs.target network-online.target systemd-journald-dev-log.socket local-fs.target slapd.service nss-lookup.target +Wants=network-online.target +Conflicts=shutdown.target + +[Service] +Type=forking +Restart=no +TimeoutSec=5min +IgnoreSIGPIPE=no +KillMode=process +GuessMainPID=no +RemainAfterExit=yes +SysVStartPriority=3 +ExecStart=/etc/init.d/isc-dhcp-server start +ExecStop=/etc/init.d/isc-dhcp-server stop + +_EOF + +cat > ${DHCP6_SYSTEMD}<<'_EOF' +# Automatically generated by bootstrap + +[Unit] +SourcePath=/etc/init.d/isc-dhcp6-server +Description=LSB: DHCP server v6 +Before=runlevel2.target runlevel3.target runlevel4.target runlevel5.target shutdown.target +After=remote-fs.target network-online.target systemd-journald-dev-log.socket local-fs.target slapd.service nss-lookup.target +Wants=network-online.target +Conflicts=shutdown.target + +[Service] +Type=forking +Restart=no +TimeoutSec=5min +IgnoreSIGPIPE=no +KillMode=process +GuessMainPID=no +RemainAfterExit=yes +SysVStartPriority=3 +ExecStart=/etc/init.d/isc-dhcp6-server start +ExecStop=/etc/init.d/isc-dhcp6-server stop + +_EOF + + set +e -chmod 755 ${DHCP_INIT} +chmod 755 ${DHCP4_INIT} +chmod 755 ${DHCP6_INIT} +touch /var/lib/dhcp/dhcpd.leases +touch /var/lib/dhcp/dhcpd6.leases + diff --git a/bootstrap/make-dhcpd.pl b/bootstrap/make-dhcpd.pl index ea7bed6..3dbefbd 100755 --- a/bootstrap/make-dhcpd.pl +++ b/bootstrap/make-dhcpd.pl @@ -135,14 +135,16 @@ if ( not -f $dhcpd_wlc_conf ) open WLCFILE, ">" . $dhcpd_wlc_conf or die ( $! . " " . $dhcpd_wlc_conf); print WLCFILE <<"EOF"; -option space AP; -option AP.server-address code 241 = array of ip-address; +option space WLC; +option WLC.controller-address code 43 = text; set vendor-string = option vendor-class-identifier; class "access-points" { - match if substring (option vendor-class-identifier, 0, 8) = "Access Point"; - vendor-option-space AP; - option AP.server-address $nms::config::wlc1; + # Number of characters has to match the substring + # I.e if "Access Point", you have to use (0, 12) + match if substring (option vendor-class-identifier, 0, 12) = "Access Point"; + vendor-option-space WLC; + option WLC.controller-address "$nms::config::wlc1"; } EOF close WLCFILE; @@ -159,7 +161,7 @@ option space CiscoVOIP; option CiscoVOIP.cm-tftp-server code 150 = array of ip-address; class "cisco-voip-lan" { - match if substring (option vendor-class-identifier, 0, 28) = "Cisco Systems, Inc. IP Phone"; + match if substring (option vendor-class-identifier, 0, 28) = "Cisco Systems, Inc. IP Phone"; vendor-option-space CiscoVOIP; log( info, concat( "LOLOPHONE: " , option vendor-class-identifier )); option CiscoVOIP.cm-tftp-server $nms::config::voip1; diff --git a/bootstrap/make-dhcpd6.pl b/bootstrap/make-dhcpd6.pl index bd79dac..51d93c4 100755 --- a/bootstrap/make-dhcpd6.pl +++ b/bootstrap/make-dhcpd6.pl @@ -35,33 +35,33 @@ if ( not -f $dhcpd_conf ) # IPv6 address valid lifetime # (at the end the address is no longer usable by the client) # (set to 30 days, the usual IPv6 default) -default-lease-time 2592000; +default-lease-time 3600; # IPv6 address preferred lifetime # (at the end the address is deprecated, i.e., the client should use # other addresses for new connections) # (set to 7 days, the usual IPv6 default) -preferred-lifetime 604800; +preferred-lifetime 3600; # T1, the delay before Renew # (default is 1/2 preferred lifetime) # (set to 1 hour) -option dhcp-renewal-time 3600; +option dhcp-renewal-time 1800; # T2, the delay before Rebind (if Renews failed) # (default is 3/4 preferred lifetime) # (set to 2 hours) -option dhcp-rebinding-time 7200; +option dhcp-rebinding-time 1800; # Enable RFC 5007 support allow leasequery; # Set preference to 255 (maximum) in order to avoid waiting for # additional servers when there is only one -option dhcp6.preference 255; +#option dhcp6.preference 255; # Server side command to enable rapid-commit (2 packet exchange) -option dhcp6.rapid-commit; +#option dhcp6.rapid-commit; # The delay before information-request refresh # (minimum is 10 minutes, maximum one day, default is to not refresh) @@ -79,7 +79,7 @@ authoritative; # Global definitions for name server address(es) and domain search list option domain-name "$nms::config::tgname.gathering.org"; -option domain-name-servers $nms::config::pri_v6, $nms::config::sec_v6; +option dhcp6.name-servers $nms::config::pri_v6, $nms::config::sec_v6; key DHCP_UPDATER { algorithm HMAC-MD5.SIG-ALG.REG.INT; diff --git a/bootstrap/make-missing-conf.pl b/bootstrap/make-missing-conf.pl index b128695..0159452 100755 --- a/bootstrap/make-missing-conf.pl +++ b/bootstrap/make-missing-conf.pl @@ -40,7 +40,7 @@ my $base_ipv4 = Net::IP->new( $nms::config::base_ipv4net ); my ($cp_oct, $cs_oct, $ct_oct) = ($nms::config::base_ipv4net =~ m/^(\d+)\.(\d+)\.(\d+)\..*/); while ( <STDIN> ){ - next if ( $_ =~ m/^#/); + next if ( $_ =~ m/^(#|$)/); # comment or blank line my $line = $_; chomp $line; # <v4 net> <v6 net> <network-name> diff --git a/bootstrap/make-reverse4-files.pl b/bootstrap/make-reverse4-files.pl index 184f6fc..88f7a37 100755 --- a/bootstrap/make-reverse4-files.pl +++ b/bootstrap/make-reverse4-files.pl @@ -44,6 +44,7 @@ if ( $role eq "master" ) } elsif ( $role eq "slave" ) { + open DFILE, ">" . $dhcp_revzones_file or die $!; open SFILE, ">" . $bind_sec_revzones_file or die $!; } else @@ -52,7 +53,9 @@ else } sub add_zone{ - my $rev_zone = $t_oct . "." . $s_oct . "." . $p_oct . ".in-addr.arpa"; + my $ptr_zone = Net::IP->new("$p_oct.$s_oct.$t_oct.0/24") or die ("dhcp_reverse fail"); + my $dhcp_ptr = $ptr_zone->reverse_ip(); + (my $bind_ptr = $dhcp_ptr) =~ s/\.$//; if ( $role eq "master" ) { @@ -60,7 +63,7 @@ sub add_zone{ # both bind9 and dhcp on master. print DFILE <<"EOF"; -zone "$rev_zone" { +zone $dhcp_ptr { primary $nms::config::ddns_to; key DHCP_UPDATER; } @@ -68,17 +71,17 @@ EOF print NFILE <<"EOF"; // $block -zone "$rev_zone" { +zone "$bind_ptr" { type master; allow-update { key DHCP_UPDATER; }; notify yes; allow-transfer { ns-xfr; ext-xfr; }; - file "reverse/$rev_zone.zone"; + file "reverse/$bind_ptr.zone"; }; EOF - my $zfilename = $bind_base . "reverse/" . $rev_zone . ".zone"; + my $zfilename = $bind_base . "reverse/" . $bind_ptr . ".zone"; open ZFILE, ">", $zfilename; print ZFILE <<"EOF"; @@ -96,7 +99,7 @@ EOF IN NS $nms::config::pri_hostname.$nms::config::tgname.gathering.org. IN NS $nms::config::sec_hostname.$nms::config::tgname.gathering.org. -\$ORIGIN $rev_zone. +\$ORIGIN $bind_ptr. EOF # add reverse if DNS-servers belong to zone @@ -114,10 +117,10 @@ EOF # if not master, aka slave print SFILE <<"EOF"; // $block -zone "$rev_zone" { +zone "$bind_ptr" { type slave; notify no; - file "slave/$rev_zone.cache"; + file "slave/$bind_ptr.cache"; masters { master_ns; }; allow-transfer { ns-xfr; ext-xfr; }; }; diff --git a/bootstrap/update-tools.sh b/bootstrap/update-tools.sh index 04a2795..dacb86b 100755 --- a/bootstrap/update-tools.sh +++ b/bootstrap/update-tools.sh @@ -18,6 +18,8 @@ scp -r bootstrap root@${PRIMARY}:tgmanage/ scp -r bootstrap root@${SECONDARY}:tgmanage/ scp -r include root@${PRIMARY}:tgmanage/ scp -r include root@${SECONDARY}:tgmanage/ +scp -r clients root@${PRIMARY}:tgmanage/ +scp -r clients root@${SECONDARY}:tgmanage/ # use last years example files export TGNAME diff --git a/clients/update-public-nms.sh b/clients/update-public-nms.sh index fe384cb..8d56251 100755 --- a/clients/update-public-nms.sh +++ b/clients/update-public-nms.sh @@ -1,9 +1,12 @@ #!/bin/sh +YEAR=15 TGMANAGE=/root/tgmanage -DIR=$TGMANAGE/web/nms-public.gathering.org +DIR=/srv/www/nms-public.tg${YEAR}.gathering.org +set -x +mkdir -p $DIR -wget -qO$DIR/nettkart-dhcp.png.new http://nms.tg14.gathering.org/dhcpkart.pl -wget -qO$DIR/led.txt.new http://nms.tg14.gathering.org/led.pl +wget -qO$DIR/nettkart-dhcp.png.new http://nms.tg${YEAR}.gathering.org/dhcpkart.pl +wget -qO$DIR/led.txt.new http://nms.tg${YEAR}.gathering.org/led.pl mv $DIR/nettkart-dhcp.png.new $DIR/nettkart-dhcp.png mv $DIR/led.txt.new $DIR/led.txt /usr/bin/perl $TGMANAGE/clients/update-public-speedometer.pl > $DIR/speedometer.json.tmp diff --git a/examples/tg15/nms-bootstrap.rst b/examples/tg15/nms-bootstrap.rst new file mode 100644 index 0000000..e81f615 --- /dev/null +++ b/examples/tg15/nms-bootstrap.rst @@ -0,0 +1,61 @@ +Bostrappe NMS +============== + +1. Lag en maskin. Kall den, f.eks, Noget. Installer Debian på den. Tips: + "Web Server"-rollen fungerer bra. +2. Legg inn git, få inn tgmanage repoet. Legg det under /root om du ønsker + å spare deg selv for litt arbeid. +3. Gjør tgmanage tilgjengelig for andre brukere (type: chmod a+rx /root + f.eks) +4. Link:: + ln -s /root/tgmanage/web/etc/apache2/nms-public.tg15.gathering.org \ + /etc/apache2/sites-enabled/ + ln -s /root/tgmanage/web/etc/apache2/nms.tg15.gathering.org \ + /etc/apache2/sites-enabled/ +5. Fjern:: + + rm /etc/apache2/sites-enabled/000* + +6. Installer postgresql. Lag en bruker og mat databasen:: + + su - postgres + # (som postgres) + createuser nms + psql < /root/tgmanage/sql/nms.sql + +7. Sørg for at du har ``include/cofig.pm`` satt opp korrekt, dette henger + typisk sammen med bootstrappingen av TG, vel og merke. Det viktigste for + oss foreløpig er databaseinformasjonen. + +8. Installer Diverse dependencies:: + + cd /root/tgmanage/web/nms.gathering.org + ./nettkart.pl + # Hmm, den mangler Foo/Bar! + apt-get install libfoo-bar-perl + # Rinse and repeat til feilmeldinger magisk forsvinner + +9. Test: http://nms.tg15.gathering.org (her kan /etc/hosts være nyttig) + +10. Fiks det du gjorde feil. Du vil nå ha en nms-side som delvis funker, + men har null data og dermed bare viser tomme kart. + +11. Ta en velfortjent pause. Nyt f.eks http://i.imgur.com/n5Sx4Bx.gif litt + +12. Populer ``/srv/www/nms-public.tg15.gathering.org/``:: + + FOO=/srv/www/nms-public.tg15.gathering.org + mkdir -p ${FOO} + cp /root/tgmanage/web/nms-public.gathering.org/* ${FOO} + +13. Kjør ``/root/tgmanage/clients/update-public-nms.sh`` og fiks eventuel + whine om dependencies. + +14. Link opp cron:: + + ln -s /root/tgmanage/web/etc/cron/update-public-nms \ + /etc/cron/ + +15. Begynn det artige populeringsarbeidet + + diff --git a/include/config.pm.dist b/include/config.pm.dist index 65e5650..4af888e 100755 --- a/include/config.pm.dist +++ b/include/config.pm.dist @@ -10,10 +10,6 @@ our $db_host = "frank.tg14.gathering.org"; our $db_username = "nms"; our $db_password = "<removed>"; -# DHCP-servers -our $dhcp_server1 = "151.216.254.2"; # primary -our $dhcp_server2 = "151.216.253.19"; # secondary - # TACACS-login for NMS our $tacacs_user = "nms"; our $tacacs_pass = "<removed>"; diff --git a/tools/dhcp6-nets.pl b/tools/dhcp6-nets.pl deleted file mode 100755 index 3866ac5..0000000 --- a/tools/dhcp6-nets.pl +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/perl -use strict; -use warnings; - -while(<STDIN>){ - my ($row, $v6) = split; - $v6 =~ s/::1/::/; - - print "subnet6 $v6 {\n"; - print "\toption domain-name \"$row.tg13.gathering.org\";\n"; - print "}\n\n"; -} diff --git a/tools/make-linknet-hosts.pl b/tools/make-linknet-hosts.pl index d535832..5e411af 100755 --- a/tools/make-linknet-hosts.pl +++ b/tools/make-linknet-hosts.pl @@ -4,31 +4,27 @@ use Net::IP; # # Input file format: # -# ipv4-link-network router1 router2 +# <ipv4-linknet> <ipv6-linknet> src-router dst-router # # e.g. -# 151.216.0.2 telegw nocgw -# 151.216.0.4 telegw cam -# 151.216.0.6 nocgw coren -# 151.216.0.8 telegw pressegw -# -# Note: IPv6 linknets use link-local adresses, so they are not included in list. -# +# 151.216.128.0/31 2a02:ed02:FFFE::0/127 rs1.tele rs1.core +# 151.216.128.2/31 2a02:ed02:FFFE::2/127 rs1.tele rs1.noc + while (<STDIN>) { next if /^(#|\s+$)/; # skip if comment, or blank line - my ($ipv4_raw, $from, $to) = split; - my $ipv4; + my ($ipv4_raw, $ipv6_raw, $from, $to) = split; + + # v4 + my $ipv4_first = NetAddr::IP->new($ipv4_raw); + my $ipv4_second = $ipv4_first + 1; - # Assumes ipv4 address is the first address in a /31 :-)) - $ipv4 = NetAddr::IP->new($ipv4_raw."/31") unless $ipv4=~/no/; - printf STDERR "Missing IPv4 scope for linket %s -> %s\n", $from, $to if not $ipv4; - next if not $ipv4; + # v6 + my $ipv6_first = NetAddr::IP->new($ipv6_raw); + my $ipv6_second = $ipv6_first + 1; - # generate-dnsrr.pl format: - # hostname ipv4 ipv6 (with nope as valid null argument) - my $ipv4_other = $ipv4 +1; - printf("%s-%s %s nope\n", $from, $to, $ipv4->addr); - printf("%s-%s %s nope\n", $to, $from, $ipv4_other->addr); + # hostname ipv4 ipv6 + printf("%s-%s %s %s\n", $from, $to, $ipv4_first->addr, $ipv6_first->addr); + printf("%s-%s %s %s\n", $to, $from, $ipv4_second->addr, $ipv6_second->addr); } diff --git a/web/etc/apache2/nms-public.tg15.gathering.org b/web/etc/apache2/nms-public.tg15.gathering.org new file mode 100644 index 0000000..4ebf79b --- /dev/null +++ b/web/etc/apache2/nms-public.tg15.gathering.org @@ -0,0 +1,11 @@ +<VirtualHost *:80> + ServerAdmin drift@gathering.org + ServerName nms-public.tg15.gathering.org + + DocumentRoot /srv/www/nms-public.tg15.gathering.org + AddHandler cgi-script .cgi .sh .pl .py + + LogLevel warn + ErrorLog /var/log/apache2/error-nms-public.tg15.gathering.org.log + CustomLog /var/log/apache2/access-nms-public.tg15.gathering.org.log combined +</VirtualHost> diff --git a/web/etc/apache2/nms.tg15.gathering.org b/web/etc/apache2/nms.tg15.gathering.org new file mode 100644 index 0000000..b06257d --- /dev/null +++ b/web/etc/apache2/nms.tg15.gathering.org @@ -0,0 +1,36 @@ +<VirtualHost *:80> + ServerAdmin drift@gathering.org + ServerName nms.tg15.gathering.org + ServerAlias noget.tg15.gathering.org + + DocumentRoot /root/tgmanage/web/nms.gathering.org + <Directory "/root/tgmanage/web/nms.gathering.org"> + AllowOverride None + Options Indexes FollowSymLinks ExecCGI MultiViews + Order allow,deny + Satisfy any + Allow from ::1 + Allow from 127.0.0.1 + Allow from 192.168.122.0/24 + + AddHandler cgi-script .cgi .sh .pl .py + AddDefaultCharset UTF-8 + + AuthUserFile /root/tgmanage/web/.htpasswd + AuthGroupFile /dev/null + AuthName "Tech:Server Secret Volcano Lair" + AuthType Basic + + require valid-user + </Directory> + + ErrorLog /var/log/apache2/error-nms.tg15.gathering.org.log + + # Possible values include: debug, info, notice, warn, error, crit, + # alert, emerg. + LogLevel warn + + CustomLog /var/log/apache2/access-nms.tg15.gathering.org.log combined + ServerSignature On + +</VirtualHost> diff --git a/web/etc/apache2/stream.tg13.gathering.org b/web/etc/apache2/stream.tg15.gathering.org index ff8a7c0..a7c0dda 100644 --- a/web/etc/apache2/stream.tg13.gathering.org +++ b/web/etc/apache2/stream.tg15.gathering.org @@ -1,10 +1,10 @@ <VirtualHost *:80> ServerAdmin drift@gathering.org - ServerName stream.tg14.gathering.org - ServerAlias krosus.tg14.gathering.org + ServerName stream.tg15.gathering.org + ServerAlias krosus.tg15.gathering.org - DocumentRoot /srv/stream.tg14.gathering.org - <Directory "/srv/stream.tg14.gathering.org/"> + DocumentRoot /srv/stream.tg15.gathering.org + <Directory "/srv/stream.tg15.gathering.org/"> AllowOverride None Options Indexes FollowSymLinks ExecCGI MultiViews Order allow,deny @@ -14,12 +14,12 @@ </Directory> - ErrorLog /var/log/apache2/error-stream.tg14.gathering.org.log + ErrorLog /var/log/apache2/error-stream.tg15.gathering.org.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel info - CustomLog /var/log/apache2/access-stream.tg14.gathering.org.log combined + CustomLog /var/log/apache2/access-stream.tg15.gathering.org.log combined ServerSignature On </VirtualHost> diff --git a/web/etc/apache2/tech.tg13.gathering.org b/web/etc/apache2/tech.tg13.gathering.org deleted file mode 100644 index 7ab303b..0000000 --- a/web/etc/apache2/tech.tg13.gathering.org +++ /dev/null @@ -1,12 +0,0 @@ -<VirtualHost *:80> - ServerAdmin drift@gathering.org - ServerName tech.tg13.gathering.org - - DocumentRoot /srv/www/tech.tg13.gathering.org - - LogLevel warn - ErrorLog /var/log/apache2/error-tech.tg13.gathering.org.log - CustomLog /var/log/apache2/access-tech.tg13.gathering.org.log combined - - AddHandler cgi-script .pl -</VirtualHost> diff --git a/web/etc/apache2/tech.tg15.gathering.org b/web/etc/apache2/tech.tg15.gathering.org new file mode 100644 index 0000000..bf2840e --- /dev/null +++ b/web/etc/apache2/tech.tg15.gathering.org @@ -0,0 +1,12 @@ +<VirtualHost *:80> + ServerAdmin drift@gathering.org + ServerName tech.tg15.gathering.org + + DocumentRoot /srv/www/tech.tg15.gathering.org + + LogLevel warn + ErrorLog /var/log/apache2/error-tech.tg15.gathering.org.log + CustomLog /var/log/apache2/access-tech.tg15.gathering.org.log combined + + AddHandler cgi-script .pl +</VirtualHost> |