You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.3 KiB
Bash
34 lines
1.3 KiB
Bash
#!/bin/sh
|
|
set -eu
|
|
|
|
. ./lib.shs
|
|
|
|
# typically: bring up the networks
|
|
ip link set dev lo up
|
|
|
|
# FIXME: Xe does not belong to this location (it is just conveniently also behind two NATs and IPv4-only…
|
|
# TODO: DHCP client!
|
|
ip addr add 192.168.0.3/24 dev wifi
|
|
# No IPv6 at public spaces lol (but we should try obtaining it anyway!
|
|
ip link set dev wifi up
|
|
ip route add default via 192.168.0.1 dev wifi
|
|
|
|
wireguard wg1 ./machines/$mach/wg1.conf 2a01:4f8:c0c:36b8:ff01:8000:10:f03/108
|
|
|
|
# Netns for running public VMs
|
|
vm_netns="./state/$mach/vm_netns"
|
|
touch "$vm_netns"
|
|
unshare --net="$vm_netns" /bin/true
|
|
ip link add name wg-vms type wireguard
|
|
wg setconf wg-vms ./machines/$mach/wg-vms.conf
|
|
ip link set wg-vms netns "$vm_netns"
|
|
nsenter --net="$vm_netns" ip link set wg-vms up
|
|
# The netns has *no* means of participating in the traffic, because it has no address to use.
|
|
# FIXME: Apart from possibly a link-local one :-/
|
|
nsenter --net="$vm_netns" ip route add 2a01:4f8:c0c:36b8:ff01:8000:0:0001/128 dev wg-vms onlink
|
|
nsenter --net="$vm_netns" ip route add default via 2a01:4f8:c0c:36b8:ff01:8000:0:0001 dev wg-vms
|
|
nsenter --net="$vm_netns" sysctl net.ipv6.conf.all.forwarding=1
|
|
|
|
nsenter --net="$vm_netns" ./machines/$mach/vm1/start.sh
|
|
#nsenter --net="$vm_netns" ip route add 2a01:4f8:c0c:36b8:ff01:8000:0:0001/128 dev wg-vms onlink
|