2022-06-15 10:20:58 -03:00 · 2022-06-13 07:57:37 -03:00
1 changed files with 25 additions and 7 deletions
--- a/install.sh
+++ b/install.sh
@ -1,5 +1,9 @@
 #!/bin/bash

+REPO="http://download.multapplied.net/bondingadmin/stable/"
+
+# make sure system have locales package
+apt install -y locales
 set -e

 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
@ -52,22 +56,32 @@ if [[ "$(cat /etc/hostname)" != "$dns_name" ]] ; then
 fi

 echo -e "\e[32mSetting up multapplied APT sources\e[0m"
-echo "deb http://debian.multapplied.net/debian/ buster main non-free" > /etc/apt/sources.list.d/bondingadmin.list
+echo "deb $REPO buster main non-free" > /etc/apt/sources.list.d/bondingadmin.list

 echo "Adding APT GPG keys"
 apt-get install -y gnupg wget
-wget -qO - http://debian.multapplied.net/debian/public.gpg.key | apt-key add -
-
+wget -qO - $REPO/public.gpg.key | apt-key add -
 apt-get update
+version=$(apt-cache policy bondingadmin | grep "Candidate" | cut -d ":" -f 3)
+version=${version:0:3}
+echo -e "\e[32mInstalling bondingadmin package $version \e[0m"

-echo -e "\e[32mInstalling bondingadmin package\e[0m"
-apt-get install -y ntp bondingadmin
+if [ $version = "6.6" ] ; then
+    apt-get install -y ntp bondingadmin
+else
+    apt-get install -y bondingadmin
+fi

 echo -e "\e[32mInstalling supporting packages\e[0m"
 apt-get install -y htop vim tcpdump tree

-echo -e "\e[32mRestarting firewall \e[0m"
-systemctl restart firewall
+if [ $version = "6.6" ] ; then
+    echo -e "\e[32mRestarting firewall \e[0m"
+    systemctl restart firewall
+else
+    echo -e "\e[32mRestarting bondingadmin-nftables \e[0m"
+    systemctl restart bondingadmin-nftables
+fi

 cat > /etc/bondingadmin/salt-config/states/bonder/resolv.conf <<EOF
 nameserver 8.8.8.8
@ -75,14 +89,18 @@ nameserver 8.8.4.4
 EOF

 cat > /etc/bondingadmin/salt-config/states/node/known_ips <<EOF
+iptables -A \$CHAIN -s 167.114.24.192/27         -j ACCEPT # MNI operations
 iptables -A \$CHAIN -s 74.121.35.0/25            -j ACCEPT # MNI operations
 iptables -A \$CHAIN -s 74.121.34.0/26            -j ACCEPT # MNI operations
 iptables -A \$CHAIN -s 74.121.32.112/28          -j ACCEPT # MNI operations
 iptables -A \$CHAIN -s 159.2.43.20/32            -j ACCEPT # MNI operations
 ip6tables -A \$CHAIN -s 2602:ff93:11ff::/48      -j ACCEPT # MNI operations
+ip6tables -A \$CHAIN -s 2001:470:b037:100::/64      -j ACCEPT # MNI operations
+ip6tables -A \$CHAIN -s 2001:470:b037:3::1/64      -j ACCEPT # MNI operations
 iptables -A \$CHAIN                      -p ospf -j ACCEPT
 ip6tables -A \$CHAIN                      -p ospf -j ACCEPT
 EOF
+
 test -f /usr/share/bondingadmin/default/firewall/filter-input-99-trusted-networks.nft \
    && cp /usr/share/bondingadmin/default/firewall/filter-input-99-trusted-networks.nft /etc/bondingadmin/salt-config/states/node/filter-input-99-trusted-networks.nft