Mirrored_Repos/unifios-utilities
1
0
Fork 0
mirror of https://github.com/unifi-utilities/unifios-utilities.git synced 2024-08-30 18:32:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update method for macvlan, reducing IP clutter

Browse Source
This commit is contained in:
John Dorman 2020-06-17 07:02:49 -07:00
parent f075b3f66b
commit 8d1937fb74
6 changed files with 27 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
AdguardHome/udm-files/on_boot.sh
View File

@ -7,17 +7,18 @@ ln -s /mnt/data/podman/cni/20-dns.conflist /etc/cni/net.d/20-dns.conflist
# Create a new bridge interface so the host can talk to containers inside the podman macvlan network # Create a new bridge interface so the host can talk to containers inside the podman macvlan network
# Assumes your Podman network made in the controller is on VLAN 5 # Assumes your Podman network made in the controller is on VLAN 5
# Adjust the IP to match the address in your cni configuration # Adjust the IP to match the address in your cni configuration
ip link add br5.mac link br5 type macvlan mode bridge
ip link set br5 promisc on ip link set br5 promisc on
ip link add br5.mac link br5 type macvlan mode bridge
ip addr add 10.0.5.1/24 dev br5.mac noprefixroute
ip link set br5.mac promisc on ip link set br5.mac promisc on
ip addr add 10.0.5.2/24 dev br5.mac
ip link set br5.mac up ip link set br5.mac up
ip route add 10.0.5.3/32 dev br5.mac proto static scope link
ip route add 10.0.5.3/32 dev br5.mac
#Remove the # on the line below when Docker container is deployed. #Remove the # on the line below when Docker container is deployed.
#podman start AdguardHome #podman start AdguardHome
# Uncomment and adjust these rules if you want to use DNAT to force DNS to this container. # Uncomment and adjust these rules if you want to use DNAT to force DNS to this container.
# iptables -t nat -C PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 # iptables -t nat -C PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p udp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
# iptables -t nat -C PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 # iptables -t nat -C PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3 || iptables -t nat -A PREROUTING -i br0 -p tcp ! --source 10.0.5.3 ! --destination 10.0.5.3 --dport 53 -j DNAT --to 10.0.5.3
# iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p tcp --dport 53 -j MASQUERADE
# iptables -t nat -C POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE || iptables -t nat -A POSTROUTING -o br0 -d 10.0.5.3 -p udp --dport 53 -j MASQUERADE

2
nextdns/README.md
View File

@ -39,7 +39,7 @@ If you have already installed PiHole, skip right to step 6.
6. Create /mnt/data/nextdns and copy [nextdns.conf](https://github.com/boostchicken/udm-utilities/blob/master/nextdns/udm-files/nextdns.conf) to it. 6. Create /mnt/data/nextdns and copy [nextdns.conf](https://github.com/boostchicken/udm-utilities/blob/master/nextdns/udm-files/nextdns.conf) to it.
7. Run the NextDNS docker container. Mounting dbus and running in privileged is only required for mDNS. Also, please change the --dns arguments to whatever was provided by NextDNS. 7. Run the NextDNS docker container. Mounting dbus and running in privileged is only required for mDNS. Also, please change the --dns arguments to whatever was provided by NextDNS.
``` ```
podman run -d --privileged --network dns --restart always \ podman run -d -it --privileged --network dns --restart always \
--name nextdns \ --name nextdns \
-v "/mnt/data/nextdns/:/etc/nextdns/" \ -v "/mnt/data/nextdns/:/etc/nextdns/" \
-v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \ -v /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket \

17
nextdns/docker/Dockerfile
View File

@ -1,14 +1,11 @@
FROM alpine AS builder FROM alpine
ENV VERSION=1.6.4 ENV VERSION=1.6.4
WORKDIR /tmp
RUN apk add curl \
&& mkdir nextdns \
&& curl -fsSL https://github.com/nextdns/nextdns/releases/download/v${VERSION}/nextdns_${VERSION}_linux_arm64.tar.gz -o nextdns.tar.gz \
&& tar zxf nextdns.tar.gz -C ./nextdns
FROM debian:buster-slim
LABEL maintainer="John Dorman <dorman@ataxia.cloud>" LABEL maintainer="John Dorman <dorman@ataxia.cloud>"
RUN apt update && apt install -y ca-certificates RUN apk add --no-cache ca-certificates \
COPY --from=builder /tmp/nextdns /opt/nextdns && mkdir -p /opt/nextdns \
&& wget -O /tmp/nextdns.tar.gz https://github.com/nextdns/nextdns/releases/download/v${VERSION}/nextdns_${VERSION}_linux_arm64.tar.gz \
&& tar zxf /tmp/nextdns.tar.gz -C /opt/nextdns \
&& rm /tmp/nextdns.tar.gz
EXPOSE 53/tcp 53/udp EXPOSE 53/tcp 53/udp
ENTRYPOINT ["/opt/nextdns/nextdns","run", "-config-file", "/etc/nextdns/nextdns.conf"] ENTRYPOINT ["/opt/nextdns/nextdns","run", "-config-file", "/etc/nextdns/nextdns.conf"]
CMD []

2
nextdns/udm-files/20-dns.conflist
View File

@ -5,7 +5,7 @@
{ {
"type": "macvlan", "type": "macvlan",
"mode": "bridge", "mode": "bridge",
"master": "br5", "master": "br5.mac",
"ipam": { "ipam": {
"type": "static", "type": "static",
"addresses": [ "addresses": [

9
nextdns/udm-files/on_boot.sh
View File

@ -6,12 +6,15 @@ ln -s /mnt/data/podman/cni/20-dns.conflist /etc/cni/net.d/20-dns.conflist
# Assumes your Podman network made in the controller is on VLAN 5 # Assumes your Podman network made in the controller is on VLAN 5
# Adjust the IP to match the address in your cni configuration # Adjust the IP to match the address in your cni configuration
ip link add br5.mac link br5 type macvlan mode bridge
ip link set br5 promisc on ip link set br5 promisc on
ip link add br5.mac link br5 type macvlan mode bridge
ip addr add 10.0.5.1/24 dev br5.mac noprefixroute
ip link set br5.mac promisc on ip link set br5.mac promisc on
ip addr add 10.0.5.2/24 dev br5.mac
ip link set br5.mac up ip link set br5.mac up
ip route add 10.0.5.3/32 dev br5.mac proto static scope link
ip route add 10.0.5.3/32 dev br5.mac
# Remove the # on the line below when Docker container is deployed. # Remove the # on the line below when Docker container is deployed.
#podman start nextdns #podman start nextdns

8
run-pihole/udm-files/on_boot.sh
View File

@ -7,12 +7,14 @@ ln -s /mnt/data/podman/cni/20-dns.conflist /etc/cni/net.d/20-dns.conflist
# Create a new bridge interface so the host can talk to containers inside the podman macvlan network # Create a new bridge interface so the host can talk to containers inside the podman macvlan network
# Assumes your Podman network made in the controller is on VLAN 5 # Assumes your Podman network made in the controller is on VLAN 5
# Adjust the IP to match the address in your cni configuration # Adjust the IP to match the address in your cni configuration
ip link add br5.mac link br5 type macvlan mode bridge
ip link set br5 promisc on ip link set br5 promisc on
ip link add br5.mac link br5 type macvlan mode bridge
ip addr add 10.0.5.1/24 dev br5.mac noprefixroute
ip link set br5.mac promisc on ip link set br5.mac promisc on
ip addr add 10.0.5.2/24 dev br5.mac
ip link set br5.mac up ip link set br5.mac up
ip route add 10.0.5.3/32 dev br5.mac proto static scope link
ip route add 10.0.5.3/32 dev br5.mac
# Remove the # on the line below when Docker container is deployed. # Remove the # on the line below when Docker container is deployed.
#podman start pihole #podman start pihole