router/makefile
2023-10-11 02:35:06 +00:00

96 lines
2.9 KiB
Makefile

# TODO: some kind of automatic (without confirmation) rollback setup?
.PHONY: default
default: copy-configuration-files restart-services
.PHONY: setup
setup: system-dependencies /root/router.wg-pub enable-and-start-services mkinitcpio
.PHONY: firewall-edit
firewall-edit:
./firewall-edit.bash
.PHONY: mkinitcpio
mkinitcpio:
mkinitcpio -p linux
.PHONY: system-dependencies
system-dependencies:
echo "Updating system..."
pacman -Sy --needed archlinux-keyring # get latest keys
pacman -Syu # update everything
pacman -S --needed dnsmasq nftables fail2ban radvd git dhcpcd wireguard-tools tailscale # install anything needed
echo "Done updating system!"
echo "The system has updated. This usually means the kernel updated, so tailscale needs you to reboot."
.PHONY: restart-services
restart-services:
echo "Restarting services..."
systemctl restart nftables
systemctl restart systemd-sysctl
systemctl restart systemd-networkd
systemctl restart dnsmasq
# systemctl restart systemd-resolved # this seems to conflict with dnsmasq - not sure we need it?
systemctl restart dhcpcd@lan0
systemctl restart dhcpcd@wan0
systemctl restart radvd
# ksystemctl restart tailscaled # is this necessary since no config lies in this repo?
echo "Services restarted!"
.PHONY: enable-and-start-services
enable-and-start-services:
echo "Enabling and starting services..."
systemctl enable --now nftables
systemctl enable --now systemd-sysctl
systemctl enable --now systemd-networkd
systemctl enable --now dnsmasq
# systemctl enable --now systemd-resolved # this seems to conflict with dnsmasq - not sure we need it?
systemctl enable --now dhcpcd@lan0
systemctl enable --now dhcpcd@wan0
systemctl enable --now radvd
# systemctl enable --now tailscaled # is this necessary since no config lies in this repo?
echo "Services enabled and restarted!"
.PHONY: copy-configuration-files
copy-configuration-files: /etc/dnsmasq.conf /etc/systemd/resolved.conf /etc/sysctl.d/10-router-configs.conf /etc/systemd/network/10-lan0.link /etc/systemd/network/10-wan0.link /etc/dhcpcd.conf /etc/hosts
/root/router.wg-key:
umask 0077 && wg genkey > $@
/root/router.wg-pub: /root/router.wg-key
umask 0077 && cat $^ wg genkey > $@
/etc/dnsmasq.conf: dnsmasq.conf
rm -f $@
cp $^ $@
/etc/systemd/resolved.conf: resolved.conf
rm -f $@
cp $^ $@
/etc/sysctl.d/10-router-configs.conf: sysctl-configs
rm -f $@
cp $^ $@
/etc/systemd/network/10-lan0.link: lan0.link
rm -f $@
cp $^ $@
/etc/systemd/network/10-wan0.link: wan0.link
rm -f $@
cp $^ $@
/etc/dhcpcd.conf: dhcpcd.conf
rm -f $@
cp $^ $@
/etc/hosts: ./etc-hosts
rm -f $@ /tmp/etc-hosts
printf "%s\n" "# DO NOT EDIT DIRECTLY - See router config for details" >> /tmp/etc-hosts
cat $^ >> /tmp/etc-hosts
printf "\n\n%s\n" "# DO NOT EDIT DIRECTLY - See router config for details" >> /tmp/etc-hosts
cp /tmp/etc-hosts $@
/etc/nftables.conf: nftables.conf
rm -f $@
cp $^ $@