parent
a40299be92
commit
fe162a50b8
|
@ -0,0 +1,53 @@
|
||||||
|
[Match]
|
||||||
|
Name=eth0
|
||||||
|
|
||||||
|
## Only use one of these blocks!!
|
||||||
|
|
||||||
|
### DHCP (default most want)
|
||||||
|
[Network]
|
||||||
|
DHCP=yes
|
||||||
|
|
||||||
|
DNSOverTLS=opportunistic
|
||||||
|
|
||||||
|
DNS=1.1.1.1
|
||||||
|
|
||||||
|
DNS=1.0.0.1
|
||||||
|
|
||||||
|
# Link discovery causes some issues so disable it.
|
||||||
|
LLDP=no
|
||||||
|
|
||||||
|
## dhcp config end
|
||||||
|
|
||||||
|
## LAN
|
||||||
|
# Uncomment all below if you want to use eth0 as a lan network.
|
||||||
|
#[Network]
|
||||||
|
# IP address range.
|
||||||
|
#Address=192.168.156.1/24
|
||||||
|
|
||||||
|
# Packet forwarding.
|
||||||
|
#IPForward=yes
|
||||||
|
|
||||||
|
# Masquerade.
|
||||||
|
#IPMasquerade=both
|
||||||
|
|
||||||
|
# Link discovery causes some issues so disable it.
|
||||||
|
#LLDP=no
|
||||||
|
|
||||||
|
#[DHCPServer]
|
||||||
|
|
||||||
|
# Lease time
|
||||||
|
#DefaultLeaseTimeSec=300
|
||||||
|
|
||||||
|
# DNS to serve
|
||||||
|
#DNS=1.1.1.1
|
||||||
|
#DNS=1.0.0.1
|
||||||
|
|
||||||
|
# Enable serving of DHCP addresses from the network range.
|
||||||
|
#DHCPServer=yes
|
||||||
|
|
||||||
|
# Below not supported systemd < 250
|
||||||
|
#[DHCPServerStaticLease]
|
||||||
|
#MACAddress=xx:xx:xx:xx:xx:xx
|
||||||
|
#Address=192.168.156.2
|
||||||
|
|
||||||
|
## lan end
|
|
@ -0,0 +1,14 @@
|
||||||
|
[Match]
|
||||||
|
Name=wwan0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
DHCP=yes
|
||||||
|
|
||||||
|
DNSOverTLS=opportunistic
|
||||||
|
|
||||||
|
DNS=1.1.1.1
|
||||||
|
|
||||||
|
DNS=1.0.0.1
|
||||||
|
|
||||||
|
# Link discovery causes some issues so disable it.
|
||||||
|
LLDP=no
|
|
@ -0,0 +1,14 @@
|
||||||
|
[Match]
|
||||||
|
Name=usb0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
DHCP=yes
|
||||||
|
|
||||||
|
DNSOverTLS=opportunistic
|
||||||
|
|
||||||
|
DNS=1.1.1.1
|
||||||
|
|
||||||
|
DNS=1.0.0.1
|
||||||
|
|
||||||
|
# Link discovery causes some issues so disable it.
|
||||||
|
LLDP=no
|
|
@ -0,0 +1,15 @@
|
||||||
|
# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
|
||||||
|
[Match]
|
||||||
|
Name=wlan0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
DHCP=yes
|
||||||
|
|
||||||
|
DNSOverTLS=opportunistic
|
||||||
|
|
||||||
|
DNS=1.1.1.1
|
||||||
|
|
||||||
|
DNS=1.0.0.1
|
||||||
|
|
||||||
|
# Link discovery causes some issues so disable it.
|
||||||
|
LLDP=no
|
|
@ -1,12 +1,18 @@
|
||||||
[NetDev]
|
[NetDev]
|
||||||
Name=wgs0
|
Name=wgs0
|
||||||
|
|
||||||
|
Description=Wireguard Server Peer
|
||||||
|
|
||||||
Kind=wireguard
|
Kind=wireguard
|
||||||
|
|
||||||
[WireGuard]
|
[WireGuard]
|
||||||
|
|
||||||
# Port to listen on.
|
# Port to listen on.
|
||||||
ListenPort=31987
|
ListenPort=500
|
||||||
|
|
||||||
|
# I usually set this to the port number above it's not really needed
|
||||||
|
# but useful for firewalls.
|
||||||
|
FirewallMark=500
|
||||||
|
|
||||||
# The Base64 encoded private key for the interface. It can be generated
|
# The Base64 encoded private key for the interface. It can be generated
|
||||||
# using the wg genkey command (see wg(8)). This option or
|
# using the wg genkey command (see wg(8)). This option or
|
||||||
|
@ -14,8 +20,11 @@ ListenPort=31987
|
||||||
# information is secret, you may want to set the permissions of the
|
# information is secret, you may want to set the permissions of the
|
||||||
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
||||||
# mode.
|
# mode.
|
||||||
PrivateKey=<YOUR KEY HERE>
|
PrivateKey=<KEY>
|
||||||
|
|
||||||
|
# Public key for the above private key. Only here as a reminder.
|
||||||
|
# systemd will ignore if uncommented.
|
||||||
|
#PublicKey=<PUBKEY>
|
||||||
|
|
||||||
# Your Peers.
|
# Your Peers.
|
||||||
[WireGuardPeer]
|
[WireGuardPeer]
|
||||||
|
@ -23,10 +32,10 @@ PrivateKey=<YOUR KEY HERE>
|
||||||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||||
# private key, and usually transmitted out of band to the author of the
|
# private key, and usually transmitted out of band to the author of the
|
||||||
# configuration file. This option is mandatory for this section.
|
# configuration file. This option is mandatory for this section.
|
||||||
#PublicKey=<YOUR KEY HERE>
|
PublicKey=<KEY>
|
||||||
|
|
||||||
# Comma-separated list of IP addresses with CIDR masks from which this
|
# Comma-separated list of IP addresses with CIDR masks from which this
|
||||||
# peer is allowed to send incoming traffic and to which outgoing traffic
|
# peer is allowed to send incoming traffic and to which outgoing traffic
|
||||||
# for this peer is directed.
|
# for this peer is directed.
|
||||||
#AllowedIPs=10.0.0.2/32
|
AllowedIPs=10.0.0.1.2/32
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
# Needs netdev for wgs0, wireguard & wireguard-tools installed to work.
|
||||||
|
|
||||||
|
[Match]
|
||||||
|
Name=wgs0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
Address=10.0.0.1/24
|
||||||
|
IPForward=true
|
|
@ -1,29 +1,37 @@
|
||||||
[NetDev]
|
[NetDev]
|
||||||
Name=wg0
|
Name=wg0
|
||||||
|
|
||||||
|
Description=Wireguard Client Peer
|
||||||
|
|
||||||
Kind=wireguard
|
Kind=wireguard
|
||||||
|
|
||||||
[WireGuard]
|
[WireGuard]
|
||||||
|
|
||||||
|
# I usually set this to the port number of the main peer it's not really
|
||||||
|
# needed but useful for firewalls.
|
||||||
|
FirewallMark=500
|
||||||
|
|
||||||
# The Base64 encoded private key for the interface. It can be generated
|
# The Base64 encoded private key for the interface. It can be generated
|
||||||
# using the wg genkey command (see wg(8)). This option or
|
# using the wg genkey command (see wg(8)). This option or
|
||||||
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
||||||
# information is secret, you may want to set the permissions of the
|
# information is secret, you may want to set the permissions of the
|
||||||
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
||||||
# mode.
|
# mode.
|
||||||
PrivateKey=<YOUR KEY HERE>
|
PrivateKey=<KEY>
|
||||||
|
|
||||||
|
# Public key for the above private key. Only here as a reminder.
|
||||||
|
#PublicKey=<PUBKEY>
|
||||||
|
|
||||||
# DNS
|
# DNS
|
||||||
DNS = 1.1.1.1, 1.0.0.1
|
DNS = 1.1.1.1, 1.0.0.1
|
||||||
|
|
||||||
|
|
||||||
# Your Peers.
|
# Your Peers.
|
||||||
[WireGuardPeer]
|
[WireGuardPeer]
|
||||||
|
|
||||||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||||
# private key, and usually transmitted out of band to the author of the
|
# private key, and usually transmitted out of band to the author of the
|
||||||
# configuration file. This option is mandatory for this section.
|
# configuration file. This option is mandatory for this section.
|
||||||
#PublicKey=<YOUR KEY HERE>
|
PublicKey=<PUBKEY>
|
||||||
|
|
||||||
# Comma-separated list of IP addresses with CIDR masks from which this
|
# Comma-separated list of IP addresses with CIDR masks from which this
|
||||||
# peer is allowed to send incoming traffic and to which outgoing traffic
|
# peer is allowed to send incoming traffic and to which outgoing traffic
|
||||||
|
@ -33,4 +41,4 @@ AllowedIPs=0.0.0.0/0, ::/0
|
||||||
PersistentKeepalive=20
|
PersistentKeepalive=20
|
||||||
|
|
||||||
# Endpoint of a peer (for clients).
|
# Endpoint of a peer (for clients).
|
||||||
#Endpoint=<ip>:<port>
|
#Endpoint=<IP>:<PORT>
|
|
@ -2,3 +2,11 @@
|
||||||
|
|
||||||
[Match]
|
[Match]
|
||||||
Name=wg0
|
Name=wg0
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
Address=10.0.0.2/24
|
||||||
|
|
||||||
|
[Route]
|
||||||
|
Gateway=10.0.0.1
|
||||||
|
|
||||||
|
GatewayOnlink=true
|
|
@ -10,9 +10,7 @@ Say I have eth0 and want network access (and an IP via DHCP) from my router; I w
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo -s # Drop to root.
|
sudo -s # Drop to root.
|
||||||
cp -rv eth0* /etc/systemd/network/ # Copy the files.
|
cp -rv 10-eth0* /etc/systemd/network/ # Copy the files.
|
||||||
|
|
||||||
cat examples/dhcp.conf >> /etc/systemd/network/eth0.network # Append example dhcp to eth0.network
|
|
||||||
|
|
||||||
systemctl enable --now systemd-networkd # Enable networkd now.
|
systemctl enable --now systemd-networkd # Enable networkd now.
|
||||||
|
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Match]
|
|
||||||
Name=eth0
|
|
|
@ -0,0 +1 @@
|
||||||
|
systemd-network configuration examples for use in other .net* files!
|
|
@ -1,37 +1,40 @@
|
||||||
[Route]
|
|
||||||
|
|
||||||
# v4
|
|
||||||
Gateway=<IPv4>
|
|
||||||
|
|
||||||
# v6
|
|
||||||
Gateway=<IPv6>
|
|
||||||
|
|
||||||
# Not always needed but here just in case.
|
|
||||||
#GatewayOnLink=yes
|
|
||||||
|
|
||||||
[Network]
|
[Network]
|
||||||
|
# Put global network options here.
|
||||||
# v4
|
|
||||||
Address=<IPv4>/prefix
|
|
||||||
|
|
||||||
# v6
|
|
||||||
Address=<IPv6>/prefix
|
|
||||||
|
|
||||||
|
|
||||||
# DNS
|
|
||||||
# 1.1.1.1 / 1.0.0.1 / 2606:4700:4700::1111 / 2606:4700:4700::1001
|
|
||||||
# are Cloudflare
|
|
||||||
DNSOverTLS=opportunistic
|
DNSOverTLS=opportunistic
|
||||||
|
|
||||||
# v4
|
|
||||||
DNS=1.1.1.1
|
|
||||||
|
|
||||||
DNS=1.0.0.1
|
|
||||||
|
|
||||||
# v6
|
|
||||||
DNS=2606:4700:4700::1111
|
|
||||||
DNS=2606:4700:4700::1001
|
|
||||||
|
|
||||||
# Link discovery causes some issues so disable it.
|
# Link discovery causes some issues so disable it.
|
||||||
LLDP=no
|
LLDP=no
|
||||||
|
|
||||||
|
# IPv6 - must come before IPv4, or some weird things happen.
|
||||||
|
[Route]
|
||||||
|
# v6
|
||||||
|
Gateway=<IPv6>
|
||||||
|
|
||||||
|
# Not always needed but here just in case.
|
||||||
|
GatewayOnLink=yes
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
Address=<IPv6>/prefix
|
||||||
|
|
||||||
|
# DNS
|
||||||
|
# Cloudflare 2606:4700:4700::1111 / 2606:4700:4700::1001
|
||||||
|
DNS=2606:4700:4700::1111
|
||||||
|
DNS=2606:4700:4700::1001
|
||||||
|
|
||||||
|
# IPv4
|
||||||
|
[Route]
|
||||||
|
Gateway=<IPv4>
|
||||||
|
|
||||||
|
# Not always needed but here just in case.
|
||||||
|
GatewayOnLink=yes
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
# v4
|
||||||
|
Address=<IPv4>/prefix
|
||||||
|
|
||||||
|
# DNS
|
||||||
|
# Cloudflare 1.1.1.1 / 1.0.0.1
|
||||||
|
DNS=1.1.1.1
|
||||||
|
|
||||||
|
DNS=1.0.0.1
|
||||||
|
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Match]
|
|
||||||
Name=usb0
|
|
|
@ -1,4 +0,0 @@
|
||||||
# Needs wgs0.netdev & wireguard & wireguard-tools installed to work.
|
|
||||||
|
|
||||||
[Match]
|
|
||||||
Name=wgs0
|
|
|
@ -1,3 +0,0 @@
|
||||||
# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
|
|
||||||
[Match]
|
|
||||||
Name=wlan0
|
|
|
@ -1,2 +0,0 @@
|
||||||
[Match]
|
|
||||||
Name=wwan0
|
|
|
@ -17,19 +17,18 @@ Wants=sys-subsystem-net-devices-wwan%i.device
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=300s
|
TimeoutSec=240s
|
||||||
TimeoutSec=300s
|
|
||||||
|
|
||||||
|
ExecStartPre=-qmi-network /dev/cdc-wdm%i stop
|
||||||
|
ExecStartPre=-rm /tmp/qmi-network-state-cdc-wdm%i
|
||||||
ExecStartPre=networkctl down wwan%i
|
ExecStartPre=networkctl down wwan%i
|
||||||
ExecStartPre=sh -c "echo 'Y' | tee /sys/class/net/wwan%i/qmi/raw_ip"
|
ExecStartPre=sh -c "echo 'Y' | tee /sys/class/net/wwan%i/qmi/raw_ip"
|
||||||
|
|
||||||
# Add any qmi-network options here as needed.
|
|
||||||
ExecStartPre=qmi-network /dev/cdc-wdm%i start
|
ExecStartPre=qmi-network /dev/cdc-wdm%i start
|
||||||
|
|
||||||
|
|
||||||
ExecStartPre=networkctl up wwan%i
|
ExecStartPre=networkctl up wwan%i
|
||||||
ExecStart=sh -e -c "while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 240; done;"
|
|
||||||
|
|
||||||
|
ExecStart=sh -e -c "sleep 30; while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 300; done;"
|
||||||
|
|
||||||
|
ExecStop=-rm /tmp/qmi-network-state-cdc-wdm%i
|
||||||
ExecStop=networkctl down wwan%i
|
ExecStop=networkctl down wwan%i
|
||||||
ExecStop=qmi-network /dev/cdc-wdm%i stop
|
ExecStop=qmi-network /dev/cdc-wdm%i stop
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue