[debian-lan-devel] [SCM] Debian-LAN development and packaging branch, master, updated. 0.5-4-g885230d

Andreas B. Mundt andi.mundt at web.de
Mon Apr 9 16:07:45 UTC 2012 

The following commit has been merged in the master branch:
commit 885230d3f60f38a5f31a56fb3a6c3e53c5ba5b51
Author: Andreas B. Mundt <andi.mundt at web.de>
Date:   Mon Apr 9 17:56:30 2012 +0200

    Replace all hard-coded IP addresses by variables, part 1.
    
    Except from the '/etc/interfaces', DHCP and DNS configuration files,
    there should not be left any specific IP address in the config space.

diff --git a/fai/config/class/SERVER_A.var b/fai/config/class/SERVER_A.var
index c43aed3..6a9e2b2 100644
--- a/fai/config/class/SERVER_A.var
+++ b/fai/config/class/SERVER_A.var
@@ -30,6 +30,13 @@ KDC_MASTER_PW=
 ## created and saved in $DATADIR.
 LDAP_ADMIN_PW=
 
+## Variables that define the network architecture:
+MAINSERVER_IPADDR="10.0.0.1"
+SUBNETMASK="10.0.0.0/16"
+BROADCAST="10.0.255.255"
+GATEWAY="10.0.0.1"
+FAINETMASK="10.0.0.0/24"   # NETMASK for FAI config space access
+
 # MODULESLIST contains modules that will be loaded by the new system,
 # not during installation these modules will be written to /etc/modules
 # If you need a module during installation, add it to $kernelmodules
diff --git a/fai/config/scripts/DISKLESS_SERVER/10-setup b/fai/config/scripts/DISKLESS_SERVER/10-setup
index 0f510f0..9c0dee3 100755
--- a/fai/config/scripts/DISKLESS_SERVER/10-setup
+++ b/fai/config/scripts/DISKLESS_SERVER/10-setup
@@ -1,11 +1,11 @@
 #!/bin/bash
 #
-# setup the diskless+swap server 
+# setup the diskless+swap server
 #
 
 fcopy -m root,root,0755 /usr/sbin/nbdswapd
 
 $ROOTCMD update-inetd --add "9572 stream tcp nowait nobody /usr/sbin/tcpd /usr/sbin/nbdswapd"
 
-ainsl $target/etc/exports     "/opt  10.0.0.0/8(async,ro,no_subtree_check,no_root_squash)"
+ainsl $target/etc/exports     "/opt              ${SUBNETMASK}(async,ro,no_subtree_check,no_root_squash)"
 ainsl $target/etc/hosts.allow "nbdswapd: ALL: keepalive"
diff --git a/fai/config/scripts/FAISERVER/30-exports b/fai/config/scripts/FAISERVER/30-exports
index b2d0bcf..4fd2b5f 100755
--- a/fai/config/scripts/FAISERVER/30-exports
+++ b/fai/config/scripts/FAISERVER/30-exports
@@ -1,4 +1,6 @@
 #!/bin/bash
 
-ainsl $target/etc/exports "/srv/fai/nfsroot  10.0.0.0/24(async,ro,no_subtree_check,no_root_squash)"
-ainsl $target/etc/exports "/srv/fai/config  10.0.0.0/24(async,ro,no_subtree_check,no_root_squash)"
+set -e
+
+ainsl $target/etc/exports "/srv/fai/nfsroot  ${FAINETMASK}(async,ro,no_subtree_check,no_root_squash)"
+ainsl $target/etc/exports "/srv/fai/config   ${FAINETMASK}(async,ro,no_subtree_check,no_root_squash)"
diff --git a/fai/config/scripts/NFS_SERVER/10-config b/fai/config/scripts/NFS_SERVER/10-config
index 44c1bad..ada5257 100755
--- a/fai/config/scripts/NFS_SERVER/10-config
+++ b/fai/config/scripts/NFS_SERVER/10-config
@@ -26,8 +26,8 @@ editfiles:
 
 	{ ${target}/etc/exports
 	  ## kerberized NFS4:
-	  AppendIfNoSuchLine "/srv/nfs4        10.0.0.0/8(sec=krb5p:krb5i:sys,rw,sync,fsid=0,crossmnt,no_subtree_check)"
-	  AppendIfNoSuchLine "/srv/nfs4/home0  10.0.0.0/8(sec=krb5p:krb5i:sys,rw,sync,no_subtree_check)"
+	  AppendIfNoSuchLine "/srv/nfs4         ${SUBNETMASK}(sec=krb5p:krb5i:sys,rw,sync,fsid=0,crossmnt,no_subtree_check)"
+	  AppendIfNoSuchLine "/srv/nfs4/home0   ${SUBNETMASK}(sec=krb5p:krb5i:sys,rw,sync,no_subtree_check)"
 	}
 
 	{ ${target}/etc/fstab
diff --git a/fai/config/scripts/NTP_SERVER/10-ntp.conf b/fai/config/scripts/NTP_SERVER/10-ntp.conf
index 8aa8d60..8b1895d 100755
--- a/fai/config/scripts/NTP_SERVER/10-ntp.conf
+++ b/fai/config/scripts/NTP_SERVER/10-ntp.conf
@@ -8,7 +8,7 @@ control:
 editfiles:
    any::
 	{ ${target}/etc/ntp.conf
-	  ReplaceAll "#broadcast 192.168.123.255" With "broadcast 10.255.255.255"
+	  ReplaceAll "#broadcast 192.168.123.255" With "broadcast ${BROADCAST}"
 	  AppendIfNoSuchLine "server 127.127.1.0 # local clock"
 	  AppendIfNoSuchLine "fudge  127.127.1.0 stratum 10"
 	}
diff --git a/fai/config/scripts/PROXY/10-config b/fai/config/scripts/PROXY/10-config
index 0e46b1c..a8b83a0 100755
--- a/fai/config/scripts/PROXY/10-config
+++ b/fai/config/scripts/PROXY/10-config
@@ -8,7 +8,7 @@ control:
 editfiles:
    any::
 	{ ${target}/etc/adzapper.conf
-	  ## Configure adzapper: 
+	  ## Configure adzapper:
 	  ReplaceAll 'ZAP_MODE=""' With 'ZAP_MODE="CLEAR"'
 	}
 
@@ -19,16 +19,16 @@ editfiles:
 	     InsertLine "url_rewrite_program /usr/bin/adzapper.wrapper"
 	  EndGroup
 
-	  ## Comment if dansguardian is used (only allow access from localhost): 
-	  ReplaceAll "#acl localnet src 10.0.0.0/8" With "acl localnet src 10.0.0.0/8"
+	  ## Comment if dansguardian is used (only allow access from localhost):
+	  ReplaceAll "#acl localnet src 10.0.0.0/8" With "acl localnet src ${SUBNETMASK}"
 	  BeginGroupIfNoSuchLine "http_access allow localnet"
 	    LocateLineMatching "http_access allow localhost"
 	    InsertLine "http_access allow localnet"
 	  EndGroup
 	}
 
-## Uncomment if dansguardian is used: 
+## Uncomment if dansguardian is used:
 #	{ ${target}/etc/dansguardian/dansguardian.conf
-#	  ## Configure dansguardian: 
+#	  ## Configure dansguardian:
 #	  ReplaceAll "^UNCONFIGURED" With "#UNCONFIGURED"
 #	}

-- 
Debian-LAN development and packaging

More information about the debian-lan-devel mailing list