# Makefile for pfsense-pair # # Copyright (C) 2019 Stack41, LLC. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . mkdir=mkdir -p define randmac $(shell openssl rand -hex 5 | tr [a-z] [A-Z] | sed 's/\(..\)/\1:/g; s/.$$//' | sed 's/^ *//;s/ *$$//' | xargs -I mac echo 00:mac) endef pfsense_config=source/${version}/fat # Please set the variables according to your system shrx_path=${HOME}/Developer/shrx version=pfsense-2.4. wan_bridge=br0 lan_bridge=brserv sync_bridge=brsync mgmt_bridge=brmgmt # Get these from the server automatically # echo $(($(ls *.conf | sort -n | tail -n 1 | cut -d. -f1)+1)) # This is the host our uploadX targets go to pxhost=172.16.30.45 pmid1=8000 pmid2=8001 vlan_lan=421 vlan_sync=422 vlan_mgmt=423 .PHONY: clean clean: rm -rf "os" "build" build: $(mkdir) $@ os: $(mkdir) $@ ${shrx_path}/os/${version}-boot.qcow2: os make --directory=${shrx_path} os/${version}-boot.qcow2 build/${version}-boot1.qcow2: ${shrx_path}/os/${version}-boot.qcow2 load-config.exp build/fat1/config.xml build cp $< $@ expect -f $(word 2,$^) ${wan_bridge} $(call randmac) ${lan_bridge} \ $(call randmac) ${sync_bridge} $(call randmac) ${mgmt_bridge} \ $(call randmac) $@ build/fat1 build/${version}-boot2.qcow2: ${shrx_path}/os/${version}-boot.qcow2 load-config.exp build/fat2/config.xml build cp $< $@ expect -f $(word 2,$^) ${wan_bridge} $(call randmac) ${lan_bridge} \ $(call randmac) ${sync_bridge} $(call randmac) ${mgmt_bridge} \ $(call randmac) $@ build/fat2 build/fat1/config.xml: source/config1.xml build $(mkdir) build/fat1 cp "$<" "$@" build/fat2/config.xml: source/config2.xml build $(mkdir) build/fat2 cp "$<" "$@" # This will build the disk images ready for production, but will not # run them locally. .PHONY: disks disks: build/${version}-boot1.qcow2 build/${version}-boot2.qcow2 build/${pmid1}.conf: build echo "balloon: 0" > "$@" echo "bootdisk: virtio0" >> "$@" echo "cores: 1" >> "$@" echo "memory: 512" >> "$@" echo "name: davis-test-vm" >> "$@" echo "net0: virtio=$(call randmac),bridge=vmbr0" >> "$@" echo "net1: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_lan}" >> "$@" echo "net2: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_sync}" >> "$@" echo "net3: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_mgmt}" >> "$@" echo "numa: 0" >> "$@" echo "ostype: other" >> "$@" echo "scsihw: virtio-scsi-pci" >> "$@" echo "smbios1: uuid=$(shell uuid)" >> "$@" echo "sockets: 1" >> "$@" echo "virtio0: local:${pmid1}/${version}-boot1.qcow2" >> "$@" echo "vmgenid: $(shell uuid)" >> "$@" build/${pmid2}.conf: build echo "balloon: 0" > "$@" echo "bootdisk: virtio0" >> "$@" echo "cores: 1" >> "$@" echo "memory: 512" >> "$@" echo "name: davis-test-vm" >> "$@" echo "net0: virtio=$(call randmac),bridge=vmbr0" >> "$@" echo "net1: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_lan}" >> "$@" echo "net2: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_sync}" >> "$@" echo "net3: virtio=$(call randmac),bridge=vmbr0,tag=${vlan_mgmt}" >> "$@" echo "numa: 0" >> "$@" echo "ostype: other" >> "$@" echo "scsihw: virtio-scsi-pci" >> "$@" echo "smbios1: uuid=$(shell uuid)" >> "$@" echo "sockets: 1" >> "$@" echo "virtio0: local:${pmid2}/${version}-boot2.qcow2" >> "$@" echo "vmgenid: $(shell uuid)" >> "$@" .PHONY: upload1 upload1: build/${pmid1}.conf build/${version}-boot1.qcow2 ssh root@${pxhost} 'mkdir -p /var/lib/vz/images/${pmid1}' scp build/${pmid1}.conf root@${pxhost}:/etc/pve/qemu-server scp build/${version}-boot1.qcow2 root@${pxhost}:/var/lib/vz/images/${pmid1}/ .PHONY: upload2 upload2: build/${pmid2}.conf build/${version}-boot2.qcow2 ssh root@${pxhost} 'mkdir -p /var/lib/vz/images/${pmid2}' scp build/${pmid2}.conf root@${pxhost}:/etc/pve/qemu-server scp build/${version}-boot2.qcow2 root@${pxhost}:/var/lib/vz/images/${pmid2}/ # run1 and run2 will run the first, and the second, firewalls # respectively in a pair configuration. .PHONY: run1 run2 run1: build/${version}-boot1.qcow2 qemu-system-x86_64 \ -enable-kvm \ -smp 1 \ -m 512 \ -display none -serial stdio \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${wan_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${lan_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${mgmt_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${sync_bridge} \ -drive file=$<,if=virtio run2: build/${version}-boot2.qcow2 qemu-system-x86_64 \ -enable-kvm \ -smp 1 \ -m 512 \ -display none -serial stdio \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${wan_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${lan_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${mgmt_bridge} \ -net nic,model=virtio,macaddr=$(call randmac) -net bridge,br=${sync_bridge} \ -drive file=$<,if=virtio