From ea81317d3757f625c6728ef8b1bd512aa3393332 Mon Sep 17 00:00:00 2001
From: Boris Kolpackov <boris@codesynthesis.com>
Date: Fri, 24 Mar 2017 13:54:49 +0200
Subject: Implement second stage (systemd) network configuration

---
 init | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 63 insertions(+), 6 deletions(-)

(limited to 'init')

diff --git a/init b/init
index b733fde..28ec293 100755
--- a/init
+++ b/init
@@ -137,24 +137,81 @@ if [ -z "$eth" ]; then
 fi
 
 mac="$(cat "/sys/class/net/$eth/address")"
+mid="$(sed -e 's/://g' <<<"$mac")" # Machine id.
 
 info "configured $eth ($mac)"
 
 # Set the hostname.
 #
 hname="$(hostname)"
-
 if [ "$hname" = "(none)" ]; then
-  hname="build-$(sed -e 's/://g' <<<"$mac")"
+  hname="build-$mid"
   hostname "$hname"
 fi
-
 echo "$hname" >/etc/hostname
 
 info "hostname $hname"
 
-# --machine-id
+# Stop DHCP client without releasing the lease and deconfigure the interface.
+# The plan is to generate a bridge-based /etc/network/interfaces configuration
+# based on what we have discovered and then let the systemd networking bringup
+# to configure everything (at which point we will hopefully reuse the lease).
+#
+dhclient -q -x
+
+# @@ Need to be make configurable.
 #
-#exec /lib/systemd/systemd #</dev/console >/dev/console 2>&1
+priv_network="172.16.123.0"
+priv_netmask="255.255.255.0"
+priv_netbase="$(sed -e 's/^\(.*\)\.0$/\1/' <<<"$priv_network")"
 
-exec /bin/bash
+cat <<EOF >/etc/network/interfaces
+auto lo
+iface lo inet loopback
+
+# Public bridge.
+#
+auto br0
+iface br0 inet dhcp
+    bridge_ports   $eth
+    bridge_stp     off
+    bridge_maxwait 0
+    bridge_fd      0
+    bridge_mac     $mac
+
+# Private bridge with NAT to br0.
+#
+auto br1
+iface br1 inet static
+    address ${priv_netbase}.1
+    netmask $priv_netmask
+    bridge_ports   none
+    bridge_stp     off
+    bridge_maxwait 0
+    bridge_fd      0
+    post-up iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
+    post-up iptables -A FORWARD -i br0 -o br1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+    post-up iptables -A FORWARD -i br1 -o br0 -j ACCEPT
+EOF
+
+cat <<EOF >/etc/dnsmasq.d/br1-dhcp
+interface=br1
+bind-interfaces
+dhcp-range=${priv_netbase}.10,${priv_netbase}.250,12h
+EOF
+
+/bin/bash
+
+# Hand off to systemd. But first arrange to keep console output (which
+# becomes tty1).
+#
+mkdir -p /etc/systemd/system/getty@tty1.service.d
+cat <<EOF >/etc/systemd/system/getty@tty1.service.d/noclear.conf
+[Service]
+TTYVTDisallocate=no
+EOF
+
+exec /lib/systemd/systemd \
+  --show-status=1 \
+  --machine-id="00000000000000000000$mid" \
+  </dev/console >/dev/console 2>&1
-- 
cgit v1.1