/conjure-up

Permalink
Browse files

Add conjureup0 network bridge 

Previously, we handled this bridge creation during the installation of
the openstack package. However, now that conjure-up can be invoked
without any spell initially this disrupts the user experience by putting
them back into the shell to install another deb package to get that
network bridge setup.

This includes a default network bridge which spells can make use of if necessary.

Signed-off-by: Adam Stokes <battlemidget@users.noreply.github.com>
  • Loading branch information...
1 parent ef4aa27 commit 50f4899c59e59bca166dfd4cffc2b3aad837bd35 @battlemidget battlemidget committed Sep 12, 2016
Unified Split
Showing with 56 additions and 2 deletions.
  1. +3 −1 debian/conjure-up.install
  2. +15 −0 debian/conjure-up.service
  3. +9 −1 debian/rules
  4. +15 −0 init/bridge.start
  5. +14 −0 init/bridge.stop
View
4 debian/conjure-up.install
@@ -1,2 +1,4 @@
conjure-up-rsyslog.conf usr/share/conjure-up
-etc/*
+etc/*
+init/bridge.start usr/lib/conjure-up
+init/bridge.stop usr/lib/conjure-up
View
15 debian/conjure-up.service
@@ -0,0 +1,15 @@
+[Unit]
+Description=conjure-up - network bridge
+Documentation=man:conjure-up(1)
+After=network-online.target
+Before=lxd.service
+Requires=network-online.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/conjure-up/bridge.start
+ExecStop=/usr/lib/conjure-up/bridge.stop
+
+[Install]
+WantedBy=multi-user.target
View
10 debian/rules
@@ -11,7 +11,15 @@ export PYBUILD_INSTALL_ARGS_python3=--install-data=usr/ \
--no-compile -O0
%:
- dh $@ --with python3 --buildsystem=pybuild
+ dh $@ --with python3 --buildsystem=pybuild --with systemd
+
+override_dh_installinit:
+ dh_systemd_enable -pconjure-up --name=conjure-up conjure-up.service
+ dh_installinit -pconjure-up --no-start --noscripts
+ dh_systemd_start -pconjure-up --no-restart-on-upgrade
+
+override_dh_systemd_start:
+ echo "Not running dh_systemd_start"
override_dh_install:
mkdir -p $(PKGDIR)/usr/share/man/man1
View
15 init/bridge.start
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+ip link add dev conjureup0 type bridge
+ip addr add 10.99.0.1/24 dev conjureup0
+ip link set dev conjureup0 up
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+
+iptables -I FORWARD -i conjureup0 -j ACCEPT
+iptables -I FORWARD -o conjureup0 -j ACCEPT
+iptables -t nat -A POSTROUTING -s 10.99.0.1/24 ! -d 10.99.0.1/24 -j MASQUERADE
+iptables -I INPUT -i conjureup0 -p tcp -m tcp --dport 53 -j ACCEPT
+iptables -I INPUT -i conjureup0 -p udp -m udp --dport 53 -j ACCEPT
+iptables -I INPUT -i conjureup0 -p tcp -m tcp --dport 67 -j ACCEPT
+iptables -I INPUT -i conjureup0 -p udp -m udp --dport 67 -j ACCEPT
View
14 init/bridge.stop
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+ip addr flush dev conjureup0
+ip link set dev conjureup0 down
+
+iptables -D FORWARD -i conjureup0 -j ACCEPT
+iptables -D FORWARD -o conjureup0 -j ACCEPT
+
+iptables -D INPUT -i conjureup0 -p tcp -m tcp --dport 53 -j ACCEPT
+iptables -D INPUT -i conjureup0 -p udp -m udp --dport 53 -j ACCEPT
+iptables -D INPUT -i conjureup0 -p tcp -m tcp --dport 67 -j ACCEPT
+iptables -D INPUT -i conjureup0 -p udp -m udp --dport 67 -j ACCEPT
+
+iptables -t nat -D POSTROUTING -s 10.99.0.1/24 ! -d 10.99.0.1/24 -j MASQUERADE

0 comments on commit 50f4899

Please sign in to comment.