summaryrefslogtreecommitdiff
path: root/roles/install_fastd
diff options
context:
space:
mode:
authorNiklas Yann Wettengel <niyawe@niyawe.de>2017-03-17 22:35:38 +0100
committerNiklas Yann Wettengel <niyawe@niyawe.de>2017-03-17 22:35:38 +0100
commit4b97c64f947662cd4e2c233a51114c1ff3a9815c (patch)
tree07882522000071bfe7ffe7b10e773198bd6b06dd /roles/install_fastd
parent711f968dda1acca7d6b2a86e28a1535449938941 (diff)
updated setup_fastd playbook
added features: - install_bind - install_dhcp - install_fastd - setup_batman
Diffstat (limited to 'roles/install_fastd')
-rw-r--r--roles/install_fastd/files/fastd-api.php45
-rw-r--r--roles/install_fastd/files/fastd12
-rw-r--r--roles/install_fastd/files/fastd102
-rw-r--r--roles/install_fastd/files/fastd112
-rw-r--r--roles/install_fastd/files/fastd122
-rw-r--r--roles/install_fastd/files/fastd132
-rw-r--r--roles/install_fastd/files/fastd142
-rw-r--r--roles/install_fastd/files/fastd152
-rw-r--r--roles/install_fastd/files/fastd22
-rw-r--r--roles/install_fastd/files/fastd32
-rw-r--r--roles/install_fastd/files/fastd42
-rw-r--r--roles/install_fastd/files/fastd52
-rw-r--r--roles/install_fastd/files/fastd62
-rw-r--r--roles/install_fastd/files/fastd72
-rw-r--r--roles/install_fastd/files/fastd82
-rw-r--r--roles/install_fastd/files/fastd92
-rw-r--r--roles/install_fastd/tasks/main.yml94
-rw-r--r--roles/install_fastd/templates/fastd.conf.j218
-rw-r--r--roles/install_fastd/templates/fastd_up.sh.j211
19 files changed, 198 insertions, 0 deletions
diff --git a/roles/install_fastd/files/fastd-api.php b/roles/install_fastd/files/fastd-api.php
new file mode 100644
index 0000000..98da7a7
--- /dev/null
+++ b/roles/install_fastd/files/fastd-api.php
@@ -0,0 +1,45 @@
+#!/usr/bin/php -f
+<?php
+//$url = 'http://register.freifunk-myk.de/srvapi.php';
+$url = 'https://www.freifunk-myk.de/node/keys';
+$out = '/etc/fastd/ffmyk/peers/';
+
+if(!is_dir($out)) die('Output Dir missing');
+if(!is_writable($out)) die('Output Dir perms');
+
+if( ($data = file_get_contents($url)) === FALSE ) die('Error getting keys');
+$data = unserialize($data);
+
+$active=array();
+
+foreach($data as $router) {
+ $router['MAC'] = trim($router['MAC']);
+ $router['PublicKey'] = trim($router['PublicKey']);
+ if(!preg_match('/^[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}$/', $router['MAC'])) {
+ //trigger_error('Router mit falscher MAC?!', E_USER_WARNING);
+ }elseif(!preg_match('/^[A-F0-9]{64}$/', $router['PublicKey'])) {
+ //trigger_error('Router mit falschem Key?!'.$router['MAC'], E_USER_WARNING);
+ }else{
+ $filename='client_'.str_replace(':', '-', $router['MAC']);
+ $fp=fopen($out.$filename, 'w');
+ fwrite($fp, 'key "'.$router['PublicKey'].'";'."\n");
+ fclose($fp);
+ $active[] = $filename;
+ }
+}
+
+//Check if we fscked up
+if(count($active) < 10) die('Less than 10 nodes? Database broken?');
+
+$dh = opendir($out);
+while(($file = readdir($dh)) !== false) {
+ if($file != '.' && $file != '..') {
+ if(!in_array($file, $active) && (strpos($file, 'client_') !== false)) {
+ unlink($out.$file);
+ }
+ }
+}
+
+exec('killall -SIGHUP fastd');
+
+?>
diff --git a/roles/install_fastd/files/fastd1 b/roles/install_fastd/files/fastd1
new file mode 100644
index 0000000..e3bcd7a
--- /dev/null
+++ b/roles/install_fastd/files/fastd1
@@ -0,0 +1,2 @@
+key "d78c8c9b2977f732cdd00d2d4b557cfb5de1438897d33b9ec04037512dd11d6a";
+remote "fastd1.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd10 b/roles/install_fastd/files/fastd10
new file mode 100644
index 0000000..b722cee
--- /dev/null
+++ b/roles/install_fastd/files/fastd10
@@ -0,0 +1,2 @@
+key "03cb2b87af657dfc4a434c5dfe3234e947571ca5a8d114d24e0e9f9861eff558";
+remote "fastd10.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd11 b/roles/install_fastd/files/fastd11
new file mode 100644
index 0000000..8567a64
--- /dev/null
+++ b/roles/install_fastd/files/fastd11
@@ -0,0 +1,2 @@
+key "c5ddbdc98a9aa8eb4fc684571c23eabaefd6ef63b8cb9d3a31a2cd6e656c47f9";
+remote "fastd11.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd12 b/roles/install_fastd/files/fastd12
new file mode 100644
index 0000000..2618870
--- /dev/null
+++ b/roles/install_fastd/files/fastd12
@@ -0,0 +1,2 @@
+key "d47e917875f145a27a3ef10e29bf011c1f89ab4ea313c4bd0d8bac07ffacf557";
+remote "fastd12.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd13 b/roles/install_fastd/files/fastd13
new file mode 100644
index 0000000..034454a
--- /dev/null
+++ b/roles/install_fastd/files/fastd13
@@ -0,0 +1,2 @@
+key "2895322d66ba7aaa0daf779d795a2a44255d1d14bea639e1267149f466602fce";
+remote "fastd13.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd14 b/roles/install_fastd/files/fastd14
new file mode 100644
index 0000000..c33841b
--- /dev/null
+++ b/roles/install_fastd/files/fastd14
@@ -0,0 +1,2 @@
+key "22e08f6e9c72e77041aa635d380e03069cfe193d9f5a0551ff2188677d15d5c0";
+remote "fastd14.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd15 b/roles/install_fastd/files/fastd15
new file mode 100644
index 0000000..b1ab979
--- /dev/null
+++ b/roles/install_fastd/files/fastd15
@@ -0,0 +1,2 @@
+key "78605f4cc687a1a5c2a1cbbacb6310bb4dc2546e605a1f2852aabea5e2dbecbb";
+remote "fastd15.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd2 b/roles/install_fastd/files/fastd2
new file mode 100644
index 0000000..e911561
--- /dev/null
+++ b/roles/install_fastd/files/fastd2
@@ -0,0 +1,2 @@
+key "f753af06aff1e765a0601c21343965cd3a9abd91f98a76867589e742c041a550";
+remote "fastd2.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd3 b/roles/install_fastd/files/fastd3
new file mode 100644
index 0000000..f46363e
--- /dev/null
+++ b/roles/install_fastd/files/fastd3
@@ -0,0 +1,2 @@
+key "70a561adcea747e4758376222cddf7d43db43fac55b43e3840b6e3bc5042b170";
+remote "fastd3.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd4 b/roles/install_fastd/files/fastd4
new file mode 100644
index 0000000..34eb1e5
--- /dev/null
+++ b/roles/install_fastd/files/fastd4
@@ -0,0 +1,2 @@
+key "30e707472d8eed4397295554764846f309a4b046ba628d24f2acee79543d671c";
+remote "fastd4.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd5 b/roles/install_fastd/files/fastd5
new file mode 100644
index 0000000..0863396
--- /dev/null
+++ b/roles/install_fastd/files/fastd5
@@ -0,0 +1,2 @@
+key "c785f8d8f59b75ffbec7eb417e1971dc5a123ff3507e3121352102fdea646e89";
+remote "fastd5.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd6 b/roles/install_fastd/files/fastd6
new file mode 100644
index 0000000..63d7321
--- /dev/null
+++ b/roles/install_fastd/files/fastd6
@@ -0,0 +1,2 @@
+key "c40b725a5118b7c37f76b562461db160b1c99495f1df254067de2b5772831d22";
+remote "fastd6.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd7 b/roles/install_fastd/files/fastd7
new file mode 100644
index 0000000..8939a00
--- /dev/null
+++ b/roles/install_fastd/files/fastd7
@@ -0,0 +1,2 @@
+key "72dbb9f07c272e6cfba07ebc3e318cc66e7d6e7583d6aa27fdd0445cf1bea2d8";
+remote "fastd7.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd8 b/roles/install_fastd/files/fastd8
new file mode 100644
index 0000000..9181b6d
--- /dev/null
+++ b/roles/install_fastd/files/fastd8
@@ -0,0 +1,2 @@
+key "66744cda306b1087753a57a727c79a934c872e7221ec6a28ff41e3a316eff0ab";
+remote "fastd8.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/files/fastd9 b/roles/install_fastd/files/fastd9
new file mode 100644
index 0000000..a62df5f
--- /dev/null
+++ b/roles/install_fastd/files/fastd9
@@ -0,0 +1,2 @@
+key "a8a79387ffa4370c6ae322d99aeb5b8b82f5580ce8dfe5726e0d161a7894a6ed";
+remote "fastd9.services.freifunk-myk.de":10000;
diff --git a/roles/install_fastd/tasks/main.yml b/roles/install_fastd/tasks/main.yml
new file mode 100644
index 0000000..3bdd59e
--- /dev/null
+++ b/roles/install_fastd/tasks/main.yml
@@ -0,0 +1,94 @@
+---
+- name: install fastd
+ become: yes
+ become_user: '{{ aur_user }}'
+ aur:
+ name: fastd
+ tool: yaourt
+
+- name: create ffmyk folder
+ file:
+ path: /etc/fastd/ffmyk
+ state: directory
+
+- name: fastd.conf
+ template:
+ src: fastd.conf.j2
+ dest: /etc/fastd/ffmyk/fastd.conf
+ mode: 0640
+- name: create backbone folder
+ file:
+ path: /etc/fastd/ffmyk/backbone
+ state: directory
+
+- name: add backbone peers
+ copy:
+ src: '{{ item }}'
+ dest: /etc/fastd/ffmyk/backbone/{{ item }}
+ with_items:
+ - fastd1
+ - fastd2
+ - fastd3
+ - fastd4
+ - fastd5
+ - fastd6
+ - fastd7
+ - fastd8
+ - fastd9
+ - fastd10
+ - fastd11
+ - fastd12
+ - fastd13
+ - fastd14
+ - fastd15
+
+- name: add fastd bin folder
+ file:
+ path: /etc/fastd/ffmyk/bin
+ state: directory
+
+- name: add fastd up script
+ template:
+ src: fastd_up.sh.j2
+ dest: /etc/fastd/ffmyk/bin/up.sh
+ mode: 0744
+
+- name: add fastd peers folder
+ file:
+ path: /etc/fastd/ffmyk/peers
+ state: directory
+
+- name: install php for api script
+ pacman:
+ name: php
+ state: present
+
+- name: add fastd peer api script
+ copy:
+ src: fastd-api.php
+ dest: /etc/fastd/ffmyk/bin/fastd-api.php
+
+- name: install cronie
+ pacman:
+ name: cronie
+ state: present
+
+- name: start and enable cronie
+ systemd:
+ name: cronie.service
+ enabled: yes
+ state: started
+
+- name: setup cronjob for fastd-api
+ cron:
+ name: fastd-api
+ minute: '*/10'
+ user: root
+ cron_file: fastd-api
+ job: '/usr/bin/php /etc/fastd/ffmyk/bin/fastd-api.php'
+
+- name: start and enable fastd service
+ systemd:
+ name: fastd@ffmyk.service
+ enabled: yes
+ state: started
diff --git a/roles/install_fastd/templates/fastd.conf.j2 b/roles/install_fastd/templates/fastd.conf.j2
new file mode 100644
index 0000000..9d8a42b
--- /dev/null
+++ b/roles/install_fastd/templates/fastd.conf.j2
@@ -0,0 +1,18 @@
+log to syslog level info;
+interface "ffmyk-mesh-vpn";
+method "salsa2012+gmac";
+method "salsa2012+umac";
+secure handshakes yes;
+bind any:10000;
+hide ip addresses yes;
+hide mac addresses yes;
+mtu 1280;
+peer group "clients" {
+ include peers from "peers";
+ peer limit {{ fastd_peer_limit }};
+}
+include peers from "backbone";
+secret "{{ fastd_secret }}";
+on up "/etc/fastd/ffmyk/bin/up.sh $INTERFACE";
+status socket "/run/ffmyk.socket";
+
diff --git a/roles/install_fastd/templates/fastd_up.sh.j2 b/roles/install_fastd/templates/fastd_up.sh.j2
new file mode 100644
index 0000000..87b71ce
--- /dev/null
+++ b/roles/install_fastd/templates/fastd_up.sh.j2
@@ -0,0 +1,11 @@
+#!/bin/bash
+ip link set address {{ fastd_mesh_mac }} dev $1
+ip link set up dev $1
+batctl -m bat0 if add $1
+batctl -m bat0 gw server 1000000/1000000
+batctl -m bat0 it 10000
+batctl -m bat0 mm 1
+echo 128 > /sys/class/net/bat0/mesh/hop_penalty
+netctl start bat0
+systemctl restart dhcpd4.service
+systemctl restart named.service