MPenate0/service-dhcp-whitelist
MPenate0/service-dhcp-whitelist
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
service-dhcp-whitelist/scripts/install-service.sh
Marcus Penate 141ac1c9dd Initial commit: DHCP whitelist service for direct link connections 
Features:
- Docker-based DHCP server with MAC address whitelisting
- Binds to specific ethernet interface only
- NO DNS/gateway advertised (direct link only, not a router)
- Configurable network parameters (subnet, DHCP range, lease times)
- Systemd service integration for Arch/Manjaro
- Test environment with isolated network (172.20.0.0/24)
- Auto-configuration script to detect network settings
- Complete Makefile with management targets

Security:
- Only responds to whitelisted MAC addresses
- deny unknown-clients configuration
- Runs in Docker container for isolation

Configuration:
- Copy .example files to create your config
- interface.conf: Network interface to bind to
- whitelist.conf: Allowed MAC addresses
- network.conf: Network parameters (optional)
2025-08-27 20:46:29 -04:00

134 lines
3.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
# Check if running as root
if [ "$EUID" -ne 0 ]; then
echo "This script must be run with sudo"
echo "Usage: sudo make install"
exit 1
fi
SERVICE_NAME="dhcp-whitelist"
SERVICE_FILE="systemd/${SERVICE_NAME}.service"
SYSTEMD_DIR="/etc/systemd/system"
CONFIG_DIR="/etc/dhcp-whitelist"
PROJECT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
echo "=== Installing DHCP Whitelist Service ==="
echo
# Check if Docker is installed
if ! command -v docker &> /dev/null; then
echo "Error: Docker is not installed"
echo "Please install Docker first"
exit 1
fi
# Check if docker-compose is installed
if ! command -v docker-compose &> /dev/null; then
echo "Error: docker-compose is not installed"
echo "Please install docker-compose first"
exit 1
fi
# Create config directory
echo "Creating configuration directory: ${CONFIG_DIR}"
mkdir -p "${CONFIG_DIR}"
# Copy configuration files
echo "Copying configuration files..."
if [ -f "${PROJECT_DIR}/config/interface.conf" ]; then
cp "${PROJECT_DIR}/config/interface.conf" "${CONFIG_DIR}/"
echo " Copied interface.conf"
else
echo "Warning: config/interface.conf not found"
echo " Creating default interface.conf"
echo "enp0s13f0u3" > "${CONFIG_DIR}/interface.conf"
fi
if [ -f "${PROJECT_DIR}/config/whitelist.conf" ]; then
cp "${PROJECT_DIR}/config/whitelist.conf" "${CONFIG_DIR}/"
echo " Copied whitelist.conf"
else
echo "Warning: config/whitelist.conf not found"
echo " Creating empty whitelist.conf"
touch "${CONFIG_DIR}/whitelist.conf"
fi
# Set proper permissions
chmod 644 "${CONFIG_DIR}"/*.conf
echo "Configuration files installed to: ${CONFIG_DIR}"
# Create service file from template
echo
echo "Creating systemd service file..."
cat > "${SYSTEMD_DIR}/${SERVICE_NAME}.service" << EOF
[Unit]
Description=DHCP Whitelist Service
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
Restart=always
RestartSec=10
WorkingDirectory=${PROJECT_DIR}
Environment="CONFIG_DIR=${CONFIG_DIR}"
# Pre-start: Build the image
ExecStartPre=/usr/bin/docker-compose build
# Start the service
ExecStart=/usr/bin/docker-compose up
# Stop the service
ExecStop=/usr/bin/docker-compose down
# Reload config by restarting containers
ExecReload=/usr/bin/docker-compose restart
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target
EOF
echo "Service file created: ${SYSTEMD_DIR}/${SERVICE_NAME}.service"
# Create docker-compose override for service mode
echo
echo "Creating docker-compose override for service mode..."
cat > "${PROJECT_DIR}/docker-compose.override.yml" << EOF
version: '3.8'
services:
dhcp-server:
volumes:
- ${CONFIG_DIR}:/config:ro
EOF
# Reload systemd
echo
echo "Reloading systemd daemon..."
systemctl daemon-reload
echo
echo "=== Installation Complete ==="
echo
echo "Configuration files location: ${CONFIG_DIR}"
echo " - ${CONFIG_DIR}/interface.conf"
echo " - ${CONFIG_DIR}/whitelist.conf"
echo
echo "Service management commands:"
echo " Start service: systemctl start ${SERVICE_NAME}"
echo " Stop service: systemctl stop ${SERVICE_NAME}"
echo " Enable on boot: systemctl enable ${SERVICE_NAME}"
echo " Check status: systemctl status ${SERVICE_NAME}"
echo " View logs: journalctl -u ${SERVICE_NAME} -f"
echo
echo "Or use make targets:"
echo " make service_up - Enable and start service"
echo " make service_down - Stop and disable service"
echo
echo "To start the service now, run: make service_up"
Reference in New Issue View Git Blame Copy Permalink