summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--host_vars/ff-loppermann136
-rw-r--r--host_vars/ff-niyawe236
-rw-r--r--host_vars/ff-niyawe336
-rw-r--r--host_vars/ff-uniko136
-rw-r--r--roles/install_fastd/files/fastd_grep.sh7
-rw-r--r--roles/install_fastd/files/verify.sh6
-rw-r--r--roles/install_fastd/handlers/main.yml40
-rw-r--r--roles/install_fastd/tasks/main.yml61
-rw-r--r--roles/install_fastd/templates/fastd-api.php.j245
-rw-r--r--roles/install_fastd/templates/fastd.conf.j213
-rw-r--r--roles/install_fastd/templates/fastd_up.sh.j211
11 files changed, 0 insertions, 327 deletions
diff --git a/host_vars/ff-loppermann1 b/host_vars/ff-loppermann1
index 9c6be88..d2eae86 100644
--- a/host_vars/ff-loppermann1
+++ b/host_vars/ff-loppermann1
@@ -5,18 +5,6 @@ sites:
net4: '10.222.80.0/21'
net6: '2a03:2260:1016:0201::/64'
site_net6: 'fd62:44e1:da:0200::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 66613864623830333561306634656664623831613235336463353433393835623633313531636164
- 3132343936323530316438366530343336393366343735390a643862663163366661383963366461
- 63356536333162306635653863386430306463323963633066626336663837633762356632393163
- 3661353338313935330a303338343231393965333534633438396261633431613734646265373830
- 30623665633364343639646539616262666663333830396363336436343938613266333963363432
- 65303930366339626331356230316236396138653735666431633437313436303862363437313738
- 38626439626562386264623534646238666436656362633432666137666334643366303733396132
- 35396461636664396633
- fastd_mesh_mac: '02:ff:41:57:00:10'
- fastd_port1: 10014
bat_ipv6: '2a03:2260:1016:0201::1'
bat_ipv4: '10.222.80.1'
bat_ipv4_cidr: 21
@@ -43,18 +31,6 @@ sites:
net4: '10.222.48.0/21'
net6: '2a03:2260:1016:0101::/64'
site_net6: 'fd62:44e1:da:0100::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 36343336633735316533356365663562633136316164346335613665343736643538613033323837
- 3163666137323238323535623663393466343061393432640a363838366533663135366665343137
- 64393938336636336230306333376365646631393432333934326631366666363266633631366636
- 3232396339613063360a356636623235333161633630363361653064626232386132393065363961
- 64653535613861636633303164353964393461376432646539656332373461626139333166343163
- 65376133646361616539303338373164623933633061663635353338643036396332656332643738
- 61626236323463623362613335653436643631356362343866333035623662336262323166616163
- 61303232626638303231
- fastd_mesh_mac: '02:ff:43:4f:43:10'
- fastd_port1: 10012
bat_ipv6: '2a03:2260:1016:0101::1'
bat_ipv4: '10.222.48.1'
bat_ipv4_cidr: 21
@@ -81,18 +57,6 @@ sites:
net4: '10.222.184.0/21'
net6: '2a03:2260:1016:0402::/64'
site_net6: 'fd62:44e1:da:0400::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 39303135363836313137613238633137646235366637393463346132366361363465303531653565
- 3439336633396532303563613536333264373863663933650a653566626462346133363433333337
- 64333138353862613937653065613136323238666336363635643062643538363265323335643766
- 6465393863393630640a643531376464336334346530393764376139623033336139616138653534
- 64616531313665336365323331616263613336313938316663383437353532316631636138663661
- 37666538656533346365393435316630323065316336303138373962393038653831623339656634
- 37343837373965393866653965366335636563303931333465656539316563646162626261633535
- 34303934616666633764
- fastd_mesh_mac: '02:ff:53:49:4d:20'
- fastd_port1: 10018
bat_ipv6: '2a03:2260:1016:0402::1'
bat_ipv4: '10.222.184.1'
bat_ipv4_cidr: 21
diff --git a/host_vars/ff-niyawe2 b/host_vars/ff-niyawe2
index d1340a1..16e9a13 100644
--- a/host_vars/ff-niyawe2
+++ b/host_vars/ff-niyawe2
@@ -6,18 +6,6 @@ sites:
net4: '10.222.88.0/21'
net6: '2a03:2260:1016:0202::/64'
site_net6: 'fd62:44e1:da:0200::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 64316166303564616561623661653739386434373564646630396361366262303737346632656136
- 3164613138393838616235343936633162333032323563320a666235383763383766373761623533
- 36313135643830623363353966653138346364646639386339393664366565323265366630333362
- 6264633837626133300a373133353532656331623038346637643834613563383435366534393865
- 31343432663535653364643564306533383333303939656232336232306136663839376662656332
- 63396465303038396531653239323264346233313563636261613231343763306130316530386262
- 31316432383834323237386138336434663365643732643732323439313564303337636466393334
- 63613666333161366366
- fastd_mesh_mac: '02:ff:41:57:00:20'
- fastd_port1: 10014
bat_ipv6: '2a03:2260:1016:0202::1'
bat_ipv4: '10.222.88.1'
bat_ipv4_cidr: 21
@@ -44,18 +32,6 @@ sites:
net4: '10.222.56.0/21'
net6: '2a03:2260:1016:0102::/64'
site_net6: 'fd62:44e1:da:0100::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 64346365626531663039636230633430613338336164623065393964313538633839346537356533
- 3363313832333561373134363136333663313864383466360a333533643462336533336433353030
- 64306535326562343964373931306366613365356335386163303062363663383264353566656438
- 3838323261303331380a613366306566623531323162373266663863393563323232626565346163
- 64333835356662643561373062393831303366656138356464326232363235373734663038316336
- 37313164306565643032373938353434393333653531623635663030613861306663373761336233
- 65373565653939663832353565656262306633306461316461343735336431393033316433313164
- 35346363653832386138
- fastd_mesh_mac: '02:ff:43:4f:43:20'
- fastd_port1: 10012
bat_ipv6: '2a03:2260:1016:0102::1'
bat_ipv4: '10.222.56.1'
bat_ipv4_cidr: 21
@@ -82,18 +58,6 @@ sites:
net4: '10.222.176.0/21'
net6: '2a03:2260:1016:0401::/64'
site_net6: 'fd62:44e1:da:0400::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 36623461376163303538353865656462643537646265393461656337383936363634653063363938
- 3735616161636231633238323935313861346163636565620a353132303235636662366231393236
- 30323734313065356132623736633231326537626462366264653138666533633461393830336634
- 6530666637613164340a663133386134393235636362633833373531323132636138623163656638
- 34363637623331666335353464366539623936306437356538393034376232346566323431636231
- 32653236386632656633636438303130323065386635616462666631386361396233303965393332
- 63333233656336313633303166333638663335363035653230316633303233376131396135373462
- 34343163616561343163
- fastd_mesh_mac: '02:ff:53:49:4d:10'
- fastd_port1: 10018
bat_ipv6: '2a03:2260:1016:0401::1'
bat_ipv4: '10.222.176.1'
bat_ipv4_cidr: 21
diff --git a/host_vars/ff-niyawe3 b/host_vars/ff-niyawe3
index 88e093e..4bdf6a3 100644
--- a/host_vars/ff-niyawe3
+++ b/host_vars/ff-niyawe3
@@ -6,18 +6,6 @@ sites:
net4: '10.222.200.0/21'
net6: '2a03:2260:1016:0502::/64'
site_net6: 'fd62:44e1:da:0500::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 39643432623937346662666565393066356635346236313562376339373665653837376365326531
- 3366643661613065303837353830666566356266613036650a383531336266363036366664323439
- 64636330346166306464353564363266303836666134373739646566306337333666356231616364
- 3635616561323332340a323665353031653566646562393430666261363834353036663938636634
- 62363261663531383464646262306237353233346535623235643561633435623939646262313561
- 30656531313664326663666661636465303239353331356633353238363433336561316264613037
- 33636239303465623333316561653732653638633632343165383934313738303365633937373038
- 33396464306363333965
- fastd_mesh_mac: '02:ff:45:4d:53:20'
- fastd_port1: 10020
bat_ipv6: '2a03:2260:1016:0502::1'
bat_ipv4: '10.222.200.1'
bat_ipv4_cidr: 21
@@ -44,18 +32,6 @@ sites:
net4: '10.222.24.0/21'
net6: '2a03:2260:1016:0002::/64'
site_net6: 'fd62:44e1:da::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 32616565386335373931326566326366306138386431303537386639373339306264613665613936
- 3630343838353631633832393265653666656164623434330a636537666266663835303561393437
- 61666665666162353665386434646439323730393839643464303237383034303066623731386638
- 6461303434383162300a303332333031396233383637653737393933636164653833303333633466
- 39336465616562613838646139303462306131326364356265366564356131343866313164356365
- 61623137653661633062613334633231633438626234303064363063396437666431353839313764
- 37313535646131393963353562353862363933373765316531656531353835653231643031383236
- 39633866633130373430
- fastd_mesh_mac: '02:ff:4b:4f:00:20'
- fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0002::1'
bat_ipv4: '10.222.24.1'
bat_ipv4_cidr: 21
@@ -82,18 +58,6 @@ sites:
net4: '10.222.72.0/21'
net6: '2a03:2260:1016:0302::/64'
site_net6: 'fd62:44e1:da:300::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 36356665356465363064623732316337393137633133383133666330353238636432643232383534
- 3136386561663630633461653132626531666336663962650a363164343264623664316465663264
- 39336561346634623530636464646261313362383533363336383138663435346265626563646461
- 3231313735313266610a373663363966303961363039346137353132353864326639343732613032
- 33626665646364643036633662316234366666303364373434656137666233613030386562643662
- 37663232306135643461376435653263333834366163663634646164326236643730356135386464
- 31303439643035643732306162666261393735333334323433306633313635373363636364306663
- 36396363306537636164
- fastd_mesh_mac: '02:ff:4d:59:00:20'
- fastd_port1: 10016
bat_ipv6: '2a03:2260:1016:0302::1'
bat_ipv4: '10.222.72.1'
bat_ipv4_cidr: 21
diff --git a/host_vars/ff-uniko1 b/host_vars/ff-uniko1
index 3cf6ca3..de7c6d9 100644
--- a/host_vars/ff-uniko1
+++ b/host_vars/ff-uniko1
@@ -5,18 +5,6 @@ sites:
net4: '10.222.192.0/21'
net6: '2a03:2260:1016:0501::/64'
site_net6: 'fd62:44e1:da:0500::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 64366430303532336538633661343838386537316364613866623134663866643634633436316565
- 3764303032353633336662613430663961646535353262310a613238643666313033343438666235
- 36316438366137333430663235303237666132306362616366356439306162633430326366663862
- 6633353266376537640a623163646437396564666232316530616264346566633032393033616438
- 31313538363462633865376234363262653861656234333661613139383538643963646436396464
- 65613834396464613266383936326539623461646661666464623337343834326533303039623665
- 37386130306432313766306638343561653232656238313734396562653661376131653036353264
- 63646437393532356338
- fastd_mesh_mac: '02:ff:45:4d:53:10'
- fastd_port1: 10020
bat_ipv6: '2a03:2260:1016:0501::1'
bat_ipv4: '10.222.192.1'
bat_ipv4_cidr: 21
@@ -43,18 +31,6 @@ sites:
net4: '10.222.16.0/21'
net6: '2a03:2260:1016:0001::/64'
site_net6: 'fd62:44e1:da::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 62303765323237376233313337343961663435363430646565616238356261646133326562363235
- 6639356166623437646664323236643161353837393330650a613565306362663932383436333635
- 63663832616334643939623835373731323835326361373266653331346530393462616364343633
- 3935316666653463370a653038313766383436303862306666356138353838386362363731663631
- 35313830346562643434393266393039336264663939363433336435653833323038363432623431
- 31636465666133633538633562323437333836376632343333306332356461663163396232626564
- 63393432373965323037656437313762383037363534343937303462393736666534653835633433
- 36656539623732333130
- fastd_mesh_mac: '02:ff:4b:4f:00:10'
- fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0001::1'
bat_ipv4: '10.222.16.1'
bat_ipv4_cidr: 21
@@ -81,18 +57,6 @@ sites:
net4: '10.222.64.0/21'
net6: '2a03:2260:1016:0301::/64'
site_net6: 'fd62:44e1:da:300::/64'
- fastd_secret: !vault |
- $ANSIBLE_VAULT;1.1;AES256
- 38333436396361633136336561633864383663666439613335613534336339373366396231646333
- 6264303364616131313966306438333135353564366134330a353438343861666337646633383534
- 31366233346663316434316439346639666639653433323363366161313362376262646663396330
- 6362356563616535640a633130623433316165313238346165376337326364306262643139376130
- 39326531633631656665346239386133363833623263663162356161333562636437633333643338
- 32623535323934306164653535633463626234623935653262633739383137326461623731623536
- 30366431633431363164633833323466616637633135636538656332356434333564386165643736
- 36303333346530376134
- fastd_mesh_mac: '02:ff:4d:59:00:10'
- fastd_port1: 10016
bat_ipv6: '2a03:2260:1016:0301::1'
bat_ipv4: '10.222.64.1'
bat_ipv4_cidr: 21
diff --git a/roles/install_fastd/files/fastd_grep.sh b/roles/install_fastd/files/fastd_grep.sh
deleted file mode 100644
index 37f5118..0000000
--- a/roles/install_fastd/files/fastd_grep.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-for file in /run/ff*.socket
-do
- echo $file
- nc -U $file | jq -r '.peers | keys[] as $k | "\(.[$k] | .connection.mac_addresses[]) \(.[$k] | .address) \($k)"' | grep $1
-done
diff --git a/roles/install_fastd/files/verify.sh b/roles/install_fastd/files/verify.sh
deleted file mode 100644
index 77cf5f4..0000000
--- a/roles/install_fastd/files/verify.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-if grep -q $PEER_KEY /etc/fastd_blacklist; then
- echo $PEER_KEY blacklisted
- exit 1
-fi
-exit 0
diff --git a/roles/install_fastd/handlers/main.yml b/roles/install_fastd/handlers/main.yml
deleted file mode 100644
index 68b2174..0000000
--- a/roles/install_fastd/handlers/main.yml
+++ /dev/null
@@ -1,40 +0,0 @@
----
-- name: reload fastd
- systemd:
- name: fastd@ffmyk.service
- state: reloaded
-
-- name: restart fastdaw
- systemd:
- name: fastd@ffaw.service
- state: restarted
-
-- name: restart fastdcoc
- systemd:
- name: fastd@ffcoc.service
- state: restarted
-
-- name: restart fastdems
- systemd:
- name: fastd@ffems.service
- state: restarted
-
-- name: restart fastdko
- systemd:
- name: fastd@ffko.service
- state: restarted
-
-- name: restart fastdmy
- systemd:
- name: fastd@ffmy.service
- state: restarted
-
-- name: restart fastdsim
- systemd:
- name: fastd@ffsim.service
- state: restarted
-
-- name: restart fastdww
- systemd:
- name: fastd@ffww.service
- state: restarted
diff --git a/roles/install_fastd/tasks/main.yml b/roles/install_fastd/tasks/main.yml
deleted file mode 100644
index 85d6aa2..0000000
--- a/roles/install_fastd/tasks/main.yml
+++ /dev/null
@@ -1,61 +0,0 @@
----
-- name: install fastd
- pacman:
- name: fastd
- state: present
-
-- name: create site folder
- file:
- path: /etc/fastd/ff{{ item.name }}
- state: directory
- with_items: "{{ sites }}"
-
-- name: fastd.conf
- template:
- src: fastd.conf.j2
- dest: /etc/fastd/ff{{ item.name }}/fastd.conf
- mode: 0640
- notify: restart fastd{{ item.name }}
- with_items: "{{ sites }}"
-
-- name: add fastd bin folder
- file:
- path: /etc/fastd/ff{{ item.name }}/bin
- state: directory
- with_items: "{{ sites }}"
-
-- name: add fastd up script
- template:
- src: fastd_up.sh.j2
- dest: /etc/fastd/ff{{ item.name }}/bin/up.sh
- mode: 0744
- notify: restart fastd{{ item.name }}
- with_items: "{{ sites }}"
-
-- name: add fastd verify script
- copy:
- src: verify.sh
- dest: /etc/fastd/ff{{ item.name }}/bin/verify.sh
- mode: 0744
- with_items: "{{ sites }}"
-
-- name: add fastd_grep script
- copy:
- src: fastd_grep.sh
- dest: /root/fastd_grep.sh
- mode: 0744
-
-- name: install fastd_grep dependencies
- pacman:
- name:
- - openbsd-netcat
- - jq
- state: present
-
-
-- name: start and enable fastd service
- systemd:
- name: fastd@ff{{ item.name }}.service
- enabled: yes
- state: started
- with_items: "{{ sites }}"
diff --git a/roles/install_fastd/templates/fastd-api.php.j2 b/roles/install_fastd/templates/fastd-api.php.j2
deleted file mode 100644
index 7b1fc17..0000000
--- a/roles/install_fastd/templates/fastd-api.php.j2
+++ /dev/null
@@ -1,45 +0,0 @@
-#!/usr/bin/php -f
-<?php
-//$url = 'http://register.freifunk-myk.de/srvapi.php';
-$url = 'https://www.freifunk-myk.de/node/keys';
-$out = '/etc/fastd/ff{{ item.name }}/peers/';
-
-if(!is_dir($out)) die('Output Dir missing');
-if(!is_writable($out)) die('Output Dir perms');
-
-if( ($data = file_get_contents($url)) === FALSE ) die('Error getting keys');
-$data = unserialize($data);
-
-$active=array();
-
-foreach($data as $router) {
- $router['MAC'] = trim($router['MAC']);
- $router['PublicKey'] = trim($router['PublicKey']);
- if(!preg_match('/^[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}$/', $router['MAC'])) {
- //trigger_error('Router mit falscher MAC?!', E_USER_WARNING);
- }elseif(!preg_match('/^[A-F0-9]{64}$/', $router['PublicKey'])) {
- //trigger_error('Router mit falschem Key?!'.$router['MAC'], E_USER_WARNING);
- }else{
- $filename='client_'.str_replace(':', '-', $router['MAC']);
- $fp=fopen($out.$filename, 'w');
- fwrite($fp, 'key "'.$router['PublicKey'].'";'."\n");
- fclose($fp);
- $active[] = $filename;
- }
-}
-
-//Check if we fscked up
-if(count($active) < 10) die('Less than 10 nodes? Database broken?');
-
-$dh = opendir($out);
-while(($file = readdir($dh)) !== false) {
- if($file != '.' && $file != '..') {
- if(!in_array($file, $active) && (strpos($file, 'client_') !== false)) {
- unlink($out.$file);
- }
- }
-}
-
-exec('killall -SIGHUP fastd');
-
-?>
diff --git a/roles/install_fastd/templates/fastd.conf.j2 b/roles/install_fastd/templates/fastd.conf.j2
deleted file mode 100644
index 417d8e8..0000000
--- a/roles/install_fastd/templates/fastd.conf.j2
+++ /dev/null
@@ -1,13 +0,0 @@
-log to syslog level info;
-interface "vpn{{ item.name }}";
-method "salsa2012+gmac";
-method "salsa2012+umac";
-secure handshakes yes;
-bind any:{{ item.fastd_port1 }};
-hide ip addresses yes;
-hide mac addresses yes;
-mtu 1280;
-secret "{{ item.fastd_secret }}";
-on up "/etc/fastd/ff{{ item.name }}/bin/up.sh $INTERFACE";
-status socket "/run/ff{{ item.name }}1.socket";
-on verify "/etc/fastd/ff{{ item.name }}/bin/verify.sh";
diff --git a/roles/install_fastd/templates/fastd_up.sh.j2 b/roles/install_fastd/templates/fastd_up.sh.j2
deleted file mode 100644
index 872e681..0000000
--- a/roles/install_fastd/templates/fastd_up.sh.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-ip link set address {{ item.fastd_mesh_mac }} dev $1
-ip link set up dev $1
-batctl meshif bat{{ item.name }} if add $1
-batctl meshif bat{{ item.name }} gw server 1000000/1000000
-batctl meshif bat{{ item.name }} it 10000
-batctl meshif bat{{ item.name }} mm 1
-batctl meshif bat{{ item.name }} hop_penalty 64
-netctl start bat{{ item.name }}
-systemctl restart dhcpd4.service
-systemctl restart named.service