diff options
author | Niklas Yann Wettengel <niyawe@niyawe.de> | 2017-03-17 22:35:38 +0100 |
---|---|---|
committer | Niklas Yann Wettengel <niyawe@niyawe.de> | 2017-03-17 22:35:38 +0100 |
commit | 4b97c64f947662cd4e2c233a51114c1ff3a9815c (patch) | |
tree | 07882522000071bfe7ffe7b10e773198bd6b06dd /roles/install_fastd | |
parent | 711f968dda1acca7d6b2a86e28a1535449938941 (diff) |
updated setup_fastd playbook
added features:
- install_bind
- install_dhcp
- install_fastd
- setup_batman
Diffstat (limited to 'roles/install_fastd')
-rw-r--r-- | roles/install_fastd/files/fastd-api.php | 45 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd1 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd10 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd11 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd12 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd13 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd14 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd15 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd2 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd3 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd4 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd5 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd6 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd7 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd8 | 2 | ||||
-rw-r--r-- | roles/install_fastd/files/fastd9 | 2 | ||||
-rw-r--r-- | roles/install_fastd/tasks/main.yml | 94 | ||||
-rw-r--r-- | roles/install_fastd/templates/fastd.conf.j2 | 18 | ||||
-rw-r--r-- | roles/install_fastd/templates/fastd_up.sh.j2 | 11 |
19 files changed, 198 insertions, 0 deletions
diff --git a/roles/install_fastd/files/fastd-api.php b/roles/install_fastd/files/fastd-api.php new file mode 100644 index 0000000..98da7a7 --- /dev/null +++ b/roles/install_fastd/files/fastd-api.php @@ -0,0 +1,45 @@ +#!/usr/bin/php -f +<?php +//$url = 'http://register.freifunk-myk.de/srvapi.php'; +$url = 'https://www.freifunk-myk.de/node/keys'; +$out = '/etc/fastd/ffmyk/peers/'; + +if(!is_dir($out)) die('Output Dir missing'); +if(!is_writable($out)) die('Output Dir perms'); + +if( ($data = file_get_contents($url)) === FALSE ) die('Error getting keys'); +$data = unserialize($data); + +$active=array(); + +foreach($data as $router) { + $router['MAC'] = trim($router['MAC']); + $router['PublicKey'] = trim($router['PublicKey']); + if(!preg_match('/^[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}$/', $router['MAC'])) { + //trigger_error('Router mit falscher MAC?!', E_USER_WARNING); + }elseif(!preg_match('/^[A-F0-9]{64}$/', $router['PublicKey'])) { + //trigger_error('Router mit falschem Key?!'.$router['MAC'], E_USER_WARNING); + }else{ + $filename='client_'.str_replace(':', '-', $router['MAC']); + $fp=fopen($out.$filename, 'w'); + fwrite($fp, 'key "'.$router['PublicKey'].'";'."\n"); + fclose($fp); + $active[] = $filename; + } +} + +//Check if we fscked up +if(count($active) < 10) die('Less than 10 nodes? Database broken?'); + +$dh = opendir($out); +while(($file = readdir($dh)) !== false) { + if($file != '.' && $file != '..') { + if(!in_array($file, $active) && (strpos($file, 'client_') !== false)) { + unlink($out.$file); + } + } +} + +exec('killall -SIGHUP fastd'); + +?> diff --git a/roles/install_fastd/files/fastd1 b/roles/install_fastd/files/fastd1 new file mode 100644 index 0000000..e3bcd7a --- /dev/null +++ b/roles/install_fastd/files/fastd1 @@ -0,0 +1,2 @@ +key "d78c8c9b2977f732cdd00d2d4b557cfb5de1438897d33b9ec04037512dd11d6a"; +remote "fastd1.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd10 b/roles/install_fastd/files/fastd10 new file mode 100644 index 0000000..b722cee --- /dev/null +++ b/roles/install_fastd/files/fastd10 @@ -0,0 +1,2 @@ +key "03cb2b87af657dfc4a434c5dfe3234e947571ca5a8d114d24e0e9f9861eff558"; +remote "fastd10.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd11 b/roles/install_fastd/files/fastd11 new file mode 100644 index 0000000..8567a64 --- /dev/null +++ b/roles/install_fastd/files/fastd11 @@ -0,0 +1,2 @@ +key "c5ddbdc98a9aa8eb4fc684571c23eabaefd6ef63b8cb9d3a31a2cd6e656c47f9"; +remote "fastd11.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd12 b/roles/install_fastd/files/fastd12 new file mode 100644 index 0000000..2618870 --- /dev/null +++ b/roles/install_fastd/files/fastd12 @@ -0,0 +1,2 @@ +key "d47e917875f145a27a3ef10e29bf011c1f89ab4ea313c4bd0d8bac07ffacf557"; +remote "fastd12.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd13 b/roles/install_fastd/files/fastd13 new file mode 100644 index 0000000..034454a --- /dev/null +++ b/roles/install_fastd/files/fastd13 @@ -0,0 +1,2 @@ +key "2895322d66ba7aaa0daf779d795a2a44255d1d14bea639e1267149f466602fce"; +remote "fastd13.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd14 b/roles/install_fastd/files/fastd14 new file mode 100644 index 0000000..c33841b --- /dev/null +++ b/roles/install_fastd/files/fastd14 @@ -0,0 +1,2 @@ +key "22e08f6e9c72e77041aa635d380e03069cfe193d9f5a0551ff2188677d15d5c0"; +remote "fastd14.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd15 b/roles/install_fastd/files/fastd15 new file mode 100644 index 0000000..b1ab979 --- /dev/null +++ b/roles/install_fastd/files/fastd15 @@ -0,0 +1,2 @@ +key "78605f4cc687a1a5c2a1cbbacb6310bb4dc2546e605a1f2852aabea5e2dbecbb"; +remote "fastd15.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd2 b/roles/install_fastd/files/fastd2 new file mode 100644 index 0000000..e911561 --- /dev/null +++ b/roles/install_fastd/files/fastd2 @@ -0,0 +1,2 @@ +key "f753af06aff1e765a0601c21343965cd3a9abd91f98a76867589e742c041a550"; +remote "fastd2.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd3 b/roles/install_fastd/files/fastd3 new file mode 100644 index 0000000..f46363e --- /dev/null +++ b/roles/install_fastd/files/fastd3 @@ -0,0 +1,2 @@ +key "70a561adcea747e4758376222cddf7d43db43fac55b43e3840b6e3bc5042b170"; +remote "fastd3.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd4 b/roles/install_fastd/files/fastd4 new file mode 100644 index 0000000..34eb1e5 --- /dev/null +++ b/roles/install_fastd/files/fastd4 @@ -0,0 +1,2 @@ +key "30e707472d8eed4397295554764846f309a4b046ba628d24f2acee79543d671c"; +remote "fastd4.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd5 b/roles/install_fastd/files/fastd5 new file mode 100644 index 0000000..0863396 --- /dev/null +++ b/roles/install_fastd/files/fastd5 @@ -0,0 +1,2 @@ +key "c785f8d8f59b75ffbec7eb417e1971dc5a123ff3507e3121352102fdea646e89"; +remote "fastd5.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd6 b/roles/install_fastd/files/fastd6 new file mode 100644 index 0000000..63d7321 --- /dev/null +++ b/roles/install_fastd/files/fastd6 @@ -0,0 +1,2 @@ +key "c40b725a5118b7c37f76b562461db160b1c99495f1df254067de2b5772831d22"; +remote "fastd6.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd7 b/roles/install_fastd/files/fastd7 new file mode 100644 index 0000000..8939a00 --- /dev/null +++ b/roles/install_fastd/files/fastd7 @@ -0,0 +1,2 @@ +key "72dbb9f07c272e6cfba07ebc3e318cc66e7d6e7583d6aa27fdd0445cf1bea2d8"; +remote "fastd7.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd8 b/roles/install_fastd/files/fastd8 new file mode 100644 index 0000000..9181b6d --- /dev/null +++ b/roles/install_fastd/files/fastd8 @@ -0,0 +1,2 @@ +key "66744cda306b1087753a57a727c79a934c872e7221ec6a28ff41e3a316eff0ab"; +remote "fastd8.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/files/fastd9 b/roles/install_fastd/files/fastd9 new file mode 100644 index 0000000..a62df5f --- /dev/null +++ b/roles/install_fastd/files/fastd9 @@ -0,0 +1,2 @@ +key "a8a79387ffa4370c6ae322d99aeb5b8b82f5580ce8dfe5726e0d161a7894a6ed"; +remote "fastd9.services.freifunk-myk.de":10000; diff --git a/roles/install_fastd/tasks/main.yml b/roles/install_fastd/tasks/main.yml new file mode 100644 index 0000000..3bdd59e --- /dev/null +++ b/roles/install_fastd/tasks/main.yml @@ -0,0 +1,94 @@ +--- +- name: install fastd + become: yes + become_user: '{{ aur_user }}' + aur: + name: fastd + tool: yaourt + +- name: create ffmyk folder + file: + path: /etc/fastd/ffmyk + state: directory + +- name: fastd.conf + template: + src: fastd.conf.j2 + dest: /etc/fastd/ffmyk/fastd.conf + mode: 0640 +- name: create backbone folder + file: + path: /etc/fastd/ffmyk/backbone + state: directory + +- name: add backbone peers + copy: + src: '{{ item }}' + dest: /etc/fastd/ffmyk/backbone/{{ item }} + with_items: + - fastd1 + - fastd2 + - fastd3 + - fastd4 + - fastd5 + - fastd6 + - fastd7 + - fastd8 + - fastd9 + - fastd10 + - fastd11 + - fastd12 + - fastd13 + - fastd14 + - fastd15 + +- name: add fastd bin folder + file: + path: /etc/fastd/ffmyk/bin + state: directory + +- name: add fastd up script + template: + src: fastd_up.sh.j2 + dest: /etc/fastd/ffmyk/bin/up.sh + mode: 0744 + +- name: add fastd peers folder + file: + path: /etc/fastd/ffmyk/peers + state: directory + +- name: install php for api script + pacman: + name: php + state: present + +- name: add fastd peer api script + copy: + src: fastd-api.php + dest: /etc/fastd/ffmyk/bin/fastd-api.php + +- name: install cronie + pacman: + name: cronie + state: present + +- name: start and enable cronie + systemd: + name: cronie.service + enabled: yes + state: started + +- name: setup cronjob for fastd-api + cron: + name: fastd-api + minute: '*/10' + user: root + cron_file: fastd-api + job: '/usr/bin/php /etc/fastd/ffmyk/bin/fastd-api.php' + +- name: start and enable fastd service + systemd: + name: fastd@ffmyk.service + enabled: yes + state: started diff --git a/roles/install_fastd/templates/fastd.conf.j2 b/roles/install_fastd/templates/fastd.conf.j2 new file mode 100644 index 0000000..9d8a42b --- /dev/null +++ b/roles/install_fastd/templates/fastd.conf.j2 @@ -0,0 +1,18 @@ +log to syslog level info; +interface "ffmyk-mesh-vpn"; +method "salsa2012+gmac"; +method "salsa2012+umac"; +secure handshakes yes; +bind any:10000; +hide ip addresses yes; +hide mac addresses yes; +mtu 1280; +peer group "clients" { + include peers from "peers"; + peer limit {{ fastd_peer_limit }}; +} +include peers from "backbone"; +secret "{{ fastd_secret }}"; +on up "/etc/fastd/ffmyk/bin/up.sh $INTERFACE"; +status socket "/run/ffmyk.socket"; + diff --git a/roles/install_fastd/templates/fastd_up.sh.j2 b/roles/install_fastd/templates/fastd_up.sh.j2 new file mode 100644 index 0000000..87b71ce --- /dev/null +++ b/roles/install_fastd/templates/fastd_up.sh.j2 @@ -0,0 +1,11 @@ +#!/bin/bash +ip link set address {{ fastd_mesh_mac }} dev $1 +ip link set up dev $1 +batctl -m bat0 if add $1 +batctl -m bat0 gw server 1000000/1000000 +batctl -m bat0 it 10000 +batctl -m bat0 mm 1 +echo 128 > /sys/class/net/bat0/mesh/hop_penalty +netctl start bat0 +systemctl restart dhcpd4.service +systemctl restart named.service |