From 497c6dce0e6a0b5cb2da7c938e34e8e9b9da6da5 Mon Sep 17 00:00:00 2001 From: ColorfulRhino <131405023+ColorfulRhino@users.noreply.github.com> Date: Wed, 19 Jun 2024 13:59:06 +0200 Subject: [PATCH] extension: net: Refactor, fix and improve network extensions - Rename extensions with "net-*" prefix - Put the extensions into their own folder - Split off time sync packages into their own extensions to be able to be used separately - Put their config files into directories instead of using inline `cat <<- EOF >` - Move some other NetworkManager related stuff into the extension - Remove unneeded steps - Install iproute2 by default on all images (for the `ip` command) --- config/cli/common/main/packages | 3 +- extensions/network-manager.sh | 48 ------------------ .../netplan/10-dhcp-all-interfaces.yaml | 16 ++++++ .../systemd/network/00-armbian-readme.network | 8 +++ .../NetworkManager/00-armbian-readme.conf | 3 ++ ...z-10-override-wifi-random-mac-disable.conf | 0 ...zz-20-override-wifi-powersave-disable.conf | 0 .../00-default-use-network-manager.yaml | 11 +++++ extensions/network/net-chrony.sh | 7 +++ .../net-ifupdown2.sh} | 0 extensions/network/net-network-manager.sh | 49 +++++++++++++++++++ extensions/network/net-systemd-neworkd.sh | 32 ++++++++++++ extensions/network/net-systemd-timesyncd.sh | 14 ++++++ extensions/systemd-neworkd.sh | 44 ----------------- lib/functions/configuration/main-config.sh | 9 ++-- lib/functions/general/extensions.sh | 8 +++ 16 files changed, 156 insertions(+), 96 deletions(-) delete mode 100644 extensions/network-manager.sh create mode 100644 extensions/network/config-networkd/netplan/10-dhcp-all-interfaces.yaml create mode 100644 extensions/network/config-networkd/systemd/network/00-armbian-readme.network create mode 100644 extensions/network/config-nm/NetworkManager/00-armbian-readme.conf rename {packages/bsp/common/etc/NetworkManager/conf.d => extensions/network/config-nm/NetworkManager}/zz-10-override-wifi-random-mac-disable.conf (100%) rename {packages/bsp/common/etc/NetworkManager/conf.d => extensions/network/config-nm/NetworkManager}/zz-20-override-wifi-powersave-disable.conf (100%) create mode 100644 extensions/network/config-nm/netplan/00-default-use-network-manager.yaml create mode 100644 extensions/network/net-chrony.sh rename extensions/{ifupdown2.sh => network/net-ifupdown2.sh} (100%) create mode 100644 extensions/network/net-network-manager.sh create mode 100644 extensions/network/net-systemd-neworkd.sh create mode 100644 extensions/network/net-systemd-timesyncd.sh delete mode 100644 extensions/systemd-neworkd.sh diff --git a/config/cli/common/main/packages b/config/cli/common/main/packages index 99300082b..0bb543231 100644 --- a/config/cli/common/main/packages +++ b/config/cli/common/main/packages @@ -13,9 +13,10 @@ fake-hwclock fdisk figlet htop -init inetutils-ping +init initramfs-tools +iproute2 iw jq logrotate diff --git a/extensions/network-manager.sh b/extensions/network-manager.sh deleted file mode 100644 index dd78c4f79..000000000 --- a/extensions/network-manager.sh +++ /dev/null @@ -1,48 +0,0 @@ -# -# Extension for Network Manager + Netplan + Chrony -# -function add_host_dependencies__install_network_manager() { - display_alert "Adding Networking manager related packages" "network-manager network-manager-openvpn" "info" - add_packages_to_rootfs network-manager network-manager-openvpn netplan.io chrony - if [[ "${BUILD_DESKTOP}" == "yes" ]]; then - add_packages_to_rootfs network-manager-gnome network-manager-ssh network-manager-vpnc - fi - if [[ "${DISTRIBUTION}" == "Ubuntu" ]]; then - add_packages_to_rootfs network-manager-config-connectivity-ubuntu - fi -} - -function pre_install_kernel_debs__configure_network_manager() -{ - display_alert "${EXTENSION}: enabling Network Manager" "" "info" - - # configure network manager - sed "s/managed=\(.*\)/managed=true/g" -i "${SDCARD}"/etc/NetworkManager/NetworkManager.conf - - ## remove network manager defaults to handle eth by default @TODO: why? - # rm -f "${SDCARD}"/usr/lib/NetworkManager/conf.d/10-globally-managed-devices.conf - - # `systemd-networkd.service` will be enabled by `/lib/systemd/system-preset/90-systemd.preset` during first-run. - # Mask it to avoid conflict - chroot_sdcard systemctl mask systemd-networkd.service - - # most likely we don't need to wait for nm to get online - chroot_sdcard systemctl disable NetworkManager-wait-online.service - - if [[ -n $NM_IGNORE_DEVICES ]]; then - mkdir -p "${SDCARD}"/etc/NetworkManager/conf.d/ - cat <<- EOF > "${SDCARD}"/etc/NetworkManager/conf.d/10-ignore-interfaces.conf - [keyfile] - unmanaged-devices=$NM_IGNORE_DEVICES - EOF - fi - - # Let NetworkManager manage all devices on this system by default - cat <<- EOF > "${SDCARD}"/etc/netplan/armbian-default.yaml - # This installation supports NetworkManager renderer only. You need to install additional packages in case you want something else - network: - version: 2 - renderer: NetworkManager - EOF - -} diff --git a/extensions/network/config-networkd/netplan/10-dhcp-all-interfaces.yaml b/extensions/network/config-networkd/netplan/10-dhcp-all-interfaces.yaml new file mode 100644 index 000000000..1aced1ba5 --- /dev/null +++ b/extensions/network/config-networkd/netplan/10-dhcp-all-interfaces.yaml @@ -0,0 +1,16 @@ +# Added by Armbian +# +# Reference: https://netplan.readthedocs.io/en/stable/netplan-yaml/ +# +# Let systemd-networkd manage all Ethernet devices on this system, but be configured by Netplan. + +network: + version: 2 + renderer: networkd + ethernets: + all-eth-interfaces: + match: + name: "*" + dhcp4: yes + dhcp6: yes + ipv6-privacy: yes # Enabled by default on most current systems, but networkd currently doesn't enable IPv6 privacy by default, see https://man.archlinux.org/man/systemd.network.5 diff --git a/extensions/network/config-networkd/systemd/network/00-armbian-readme.network b/extensions/network/config-networkd/systemd/network/00-armbian-readme.network new file mode 100644 index 000000000..256431e45 --- /dev/null +++ b/extensions/network/config-networkd/systemd/network/00-armbian-readme.network @@ -0,0 +1,8 @@ +# Added by Armbian +# +# The systemd-networkd configuration is managed by Netplan +# See /etc/netplan/ + +# The match section is just to ignore a warning due to empty file +[Match] +MACAddress=NONE.ABCD.NONE # Will never match with anything \ No newline at end of file diff --git a/extensions/network/config-nm/NetworkManager/00-armbian-readme.conf b/extensions/network/config-nm/NetworkManager/00-armbian-readme.conf new file mode 100644 index 000000000..6df264c2f --- /dev/null +++ b/extensions/network/config-nm/NetworkManager/00-armbian-readme.conf @@ -0,0 +1,3 @@ +# Added by Armbian +# The NetworkManager configuration is mainly managed by Netplan +# See /etc/netplan/ diff --git a/packages/bsp/common/etc/NetworkManager/conf.d/zz-10-override-wifi-random-mac-disable.conf b/extensions/network/config-nm/NetworkManager/zz-10-override-wifi-random-mac-disable.conf similarity index 100% rename from packages/bsp/common/etc/NetworkManager/conf.d/zz-10-override-wifi-random-mac-disable.conf rename to extensions/network/config-nm/NetworkManager/zz-10-override-wifi-random-mac-disable.conf diff --git a/packages/bsp/common/etc/NetworkManager/conf.d/zz-20-override-wifi-powersave-disable.conf b/extensions/network/config-nm/NetworkManager/zz-20-override-wifi-powersave-disable.conf similarity index 100% rename from packages/bsp/common/etc/NetworkManager/conf.d/zz-20-override-wifi-powersave-disable.conf rename to extensions/network/config-nm/NetworkManager/zz-20-override-wifi-powersave-disable.conf diff --git a/extensions/network/config-nm/netplan/00-default-use-network-manager.yaml b/extensions/network/config-nm/netplan/00-default-use-network-manager.yaml new file mode 100644 index 000000000..23f31cdb9 --- /dev/null +++ b/extensions/network/config-nm/netplan/00-default-use-network-manager.yaml @@ -0,0 +1,11 @@ +# Added by Armbian +# +# Reference: https://netplan.readthedocs.io/en/stable/netplan-yaml/ +# +# Let NetworkManager manage all devices on this system. +# Any device will come up with DHCP, once carrier is detected. +# This is basically Netplan passing control over to NetworkManager at boot time. + +network: + version: 2 + renderer: NetworkManager diff --git a/extensions/network/net-chrony.sh b/extensions/network/net-chrony.sh new file mode 100644 index 000000000..30da20493 --- /dev/null +++ b/extensions/network/net-chrony.sh @@ -0,0 +1,7 @@ +# +# Extension to manage network time synchronization with Chrony +# +function add_host_dependencies__install_chrony() { + display_alert "Extension: ${EXTENSION}: Installing additional packages" "chrony" "info" + add_packages_to_rootfs chrony +} diff --git a/extensions/ifupdown2.sh b/extensions/network/net-ifupdown2.sh similarity index 100% rename from extensions/ifupdown2.sh rename to extensions/network/net-ifupdown2.sh diff --git a/extensions/network/net-network-manager.sh b/extensions/network/net-network-manager.sh new file mode 100644 index 000000000..e78911f08 --- /dev/null +++ b/extensions/network/net-network-manager.sh @@ -0,0 +1,49 @@ +# +# Extension to manage network interfaces with NetworkManager + Netplan +# +function add_host_dependencies__install_network_manager() { + display_alert "Extension: ${EXTENSION}: Installing additional packages" "network-manager network-manager-openvpn netplan.io" "info" + add_packages_to_rootfs network-manager network-manager-openvpn netplan.io + + if [[ "${BUILD_DESKTOP}" == "yes" ]]; then + display_alert "Extension: ${EXTENSION}: Installing additional packages for desktop" "network-manager-gnome network-manager-ssh network-manager-vpnc" "info" + add_packages_to_rootfs network-manager-gnome network-manager-ssh network-manager-vpnc + fi + + if [[ "${DISTRIBUTION}" == "Ubuntu" ]]; then + display_alert "Extension: ${EXTENSION}: Installing additional packages for Ubuntu" "network-manager-config-connectivity-ubuntu" "info" + add_packages_to_rootfs network-manager-config-connectivity-ubuntu + fi +} + +function pre_install_kernel_debs__configure_network_manager() +{ + display_alert "Extension: ${EXTENSION}: Enabling Network-Manager" "" "info" + + # We can't disable/mask systemd-networkd.service since it is required by Netplan + + # Most likely we don't need to wait for nm to get online + chroot_sdcard systemctl disable NetworkManager-wait-online.service + + if [[ -n $NM_IGNORE_DEVICES ]]; then + mkdir -p "${SDCARD}"/etc/NetworkManager/conf.d/ + cat <<- EOF > "${SDCARD}"/etc/NetworkManager/conf.d/10-ignore-interfaces.conf + [keyfile] + unmanaged-devices=$NM_IGNORE_DEVICES + EOF + fi + + # Copy network config files into the appropriate folders + display_alert "Configuring" "NetworkManager and Netplan" "info" + local netplan_config_src_folder="${EXTENSION_DIR}/config-nm/netplan/" + local netplan_config_dst_folder="${SDCARD}/etc/netplan/" + + local network_manager_config_src_folder="${EXTENSION_DIR}/config-nm/NetworkManager/" + local network_manager_config_dst_folder="${SDCARD}/etc/NetworkManager/conf.d/" + + run_host_command_logged cp "${netplan_config_src_folder}"* "${netplan_config_dst_folder}" + run_host_command_logged cp "${network_manager_config_src_folder}"* "${network_manager_config_dst_folder}" + + # Change the file permissions according to https://netplan.readthedocs.io/en/stable/security/ + chmod 600 "${SDCARD}"/etc/netplan/* +} diff --git a/extensions/network/net-systemd-neworkd.sh b/extensions/network/net-systemd-neworkd.sh new file mode 100644 index 000000000..747afb04e --- /dev/null +++ b/extensions/network/net-systemd-neworkd.sh @@ -0,0 +1,32 @@ +# +# Extension to manage network interfaces with systemd-networkd + Netplan +# +function add_host_dependencies__install_systemd_networkd() { + display_alert "Extension: ${EXTENSION}: Installing additional packages" "netplan.io" "info" + add_packages_to_rootfs netplan.io +} + +function pre_install_kernel_debs__configure_systemd_networkd() +{ + display_alert "Extension: ${EXTENSION}: Enabling systemd-networkd" "" "info" + + # Enable networkd + chroot_sdcard systemctl enable systemd-networkd.service || display_alert "Failed to enable systemd-networkd.service" "" "wrn" + + # Enable resolved too + chroot_sdcard systemctl enable systemd-resolved.service || display_alert "Failed to enable systemd-resolved.service" "" "wrn" + + # Copy network config files into the appropriate folders + display_alert "Configuring" "systemd-networkd and Netplan" "info" + local netplan_config_src_folder="${EXTENSION_DIR}/config-networkd/netplan/" + local netplan_config_dst_folder="${SDCARD}/etc/netplan/" + + local networkd_config_src_folder="${EXTENSION_DIR}/config-networkd/systemd/network/" + local networkd_config_dst_folder="${SDCARD}/etc/systemd/network/" + + run_host_command_logged cp "${netplan_config_src_folder}"* "${netplan_config_dst_folder}" + run_host_command_logged cp "${networkd_config_src_folder}"* "${networkd_config_dst_folder}" + + # Change the file permissions according to https://netplan.readthedocs.io/en/stable/security/ + chmod 600 "${SDCARD}"/etc/netplan/* +} diff --git a/extensions/network/net-systemd-timesyncd.sh b/extensions/network/net-systemd-timesyncd.sh new file mode 100644 index 000000000..c4adaf42c --- /dev/null +++ b/extensions/network/net-systemd-timesyncd.sh @@ -0,0 +1,14 @@ +# +# Extension to manage network time synchronization with systemd-timesyncd +# +function add_host_dependencies__install_systemd-timesyncd() { + display_alert "Extension: ${EXTENSION}: Installing additional packages" "systemd-timesyncd" "info" + add_packages_to_rootfs systemd-timesyncd +} + +function pre_install_kernel_debs__configure_systemd-timesyncd() +{ + # Enable timesyncd + display_alert "Extension: ${EXTENSION}: Enabling systemd-timesyncd" "" "info" + chroot_sdcard systemctl enable systemd-timesyncd.service +} diff --git a/extensions/systemd-neworkd.sh b/extensions/systemd-neworkd.sh deleted file mode 100644 index 8059beed7..000000000 --- a/extensions/systemd-neworkd.sh +++ /dev/null @@ -1,44 +0,0 @@ -# -# Extension for systemd-networkd + systemd-timesyncd -# -function add_host_dependencies__install_network_manager() { - display_alert "Extension: ${EXTENSION}: install additional packages" "iproute2 systemd-timesyncd netplan.io" "info" - add_packages_to_rootfs iproute2 systemd-timesyncd netplan.io -} - -function pre_install_kernel_debs__configure_systemd_networkd() -{ - display_alert "Extension: ${EXTENSION}: enabling systemd-networkd" "" "info" - - # remove default interfaces file if present - rm -f "${SDCARD}"/etc/network/interfaces - - # enable networkd - chroot_sdcard systemctl enable systemd-networkd.service || display_alert "Failed to enable systemd-networkd.service" "" "wrn" - - # enable resolved too - chroot_sdcard systemctl enable systemd-resolved.service || display_alert "Failed to enable systemd-resolved.service" "" "wrn" - - # Mask `NetworkManager.service` to avoid conflict just to make sure - chroot_sdcard systemctl mask NetworkManager.service - - # Enable timesyncd - display_alert "${EXTENSION}: enabling systemd-timesyncd" "" "info" - chroot_sdcard systemctl enable systemd-timesyncd.service - - # Let's have DHCP on all network devices - cat <<- EOF > "${SDCARD}"/etc/netplan/armbian-default.yaml - # This installation supports systemd-networkd renderer only. You need to install additional packages in case you want something else - network: - version: 2 - renderer: networkd - ethernets: - alleths: - match: - name: e* - dhcp4: true - EOF - - # Fix NetPlan permission issue - chmod 600 "${SDCARD}"/etc/netplan/armbian-default.yaml -} diff --git a/lib/functions/configuration/main-config.sh b/lib/functions/configuration/main-config.sh index c246c4f08..1963e84f1 100644 --- a/lib/functions/configuration/main-config.sh +++ b/lib/functions/configuration/main-config.sh @@ -61,11 +61,14 @@ function do_main_configuration() { declare -g SKIP_EXTERNAL_TOOLCHAINS="${SKIP_EXTERNAL_TOOLCHAINS:-yes}" # don't use any external toolchains, by default. - # Network manager for CLI and desktop, systemd-networkd for minimal + # Network-manager and Chrony for standard CLI and desktop, systemd-networkd and systemd-timesyncd for minimal + # systemd-timesyncd is slimmer and less resource intensive than Chrony, see https://unix.stackexchange.com/questions/504381/chrony-vs-systemd-timesyncd-what-are-the-differences-and-use-cases-as-ntp-cli if [[ ${BUILD_MINIMAL} == yes ]]; then - enable_extension "systemd-neworkd" + enable_extension "net-systemd-neworkd" + enable_extension "net-systemd-timesyncd" else - enable_extension "network-manager" + enable_extension "net-network-manager" + enable_extension "net-chrony" fi # Timezone diff --git a/lib/functions/general/extensions.sh b/lib/functions/general/extensions.sh index 4fb9cff6a..00c487c4c 100644 --- a/lib/functions/general/extensions.sh +++ b/lib/functions/general/extensions.sh @@ -476,6 +476,14 @@ function enable_extension() { extension_dir="${extension_base_path}" # this is misleading. only directory-based extensions should have this. extension_file="${extension_floating_file}" break + else + # Search for the extension file in any subdirectory + extension_file=$(find "${extension_base_path}" -type f -name "${extension_name}.sh" | head -n 1) # Example format: extensions/network/net-network-manager.sh + if [[ -n "${extension_file}" ]]; then + # Extract extension dir from file, e.g. from "extensions/network/net-network-manager.sh" the dir "extensions/network/" gets extracted + extension_dir="${extension_file%/*}" + break + fi fi done