summaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/configure_iptables/templates/ip6tables.rules2
-rw-r--r--roles/install_mesh-announce/tasks/main.yml24
-rw-r--r--roles/install_mesh-announce/templates/respondd.service.j212
3 files changed, 38 insertions, 0 deletions
diff --git a/roles/configure_iptables/templates/ip6tables.rules b/roles/configure_iptables/templates/ip6tables.rules
index f8da091..d194ae6 100644
--- a/roles/configure_iptables/templates/ip6tables.rules
+++ b/roles/configure_iptables/templates/ip6tables.rules
@@ -51,6 +51,8 @@ COMMIT
# fastd
-A INPUT -s 2a03:2260:1016::/48 -p udp -m udp --dport 10010:10021 -j DROP
-A INPUT -p udp -m udp --dport 10010:10021 -j ACCEPT
+# respondd
+-A INPUT -i bat+ -p udp -m udp --dport 1001 -j ACCEPT
# wireguard_mesh
{% for site in sites %}
-A INPUT -p udp -m udp --dport {{ site.wireguard_mesh_port }} -j ACCEPT
diff --git a/roles/install_mesh-announce/tasks/main.yml b/roles/install_mesh-announce/tasks/main.yml
new file mode 100644
index 0000000..ea81a45
--- /dev/null
+++ b/roles/install_mesh-announce/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: clone mesh-announce repo
+ git:
+ repo: https://github.com/FreifunkMYK/mesh-announce.git
+ dest: /opt/mesh-announce
+
+- name: install mesh-announce dependencies
+ pacman:
+ name:
+ - lsb-release
+ - ethtool
+ state: present
+
+- name: create respondd service
+ template:
+ src: respondd.service.j2
+ dest: /etc/systemd/system/respondd.service
+ mode: 0644
+
+- name: start and enable respondd service
+ systemd:
+ name: respondd
+ state: started
+ enabled: yes
diff --git a/roles/install_mesh-announce/templates/respondd.service.j2 b/roles/install_mesh-announce/templates/respondd.service.j2
new file mode 100644
index 0000000..53970a7
--- /dev/null
+++ b/roles/install_mesh-announce/templates/respondd.service.j2
@@ -0,0 +1,12 @@
+[Unit]
+Description=Respondd
+After=network.target
+
+[Service]
+ExecStart=/opt/mesh-announce/respondd.py -d /opt/mesh-announce/providers {% for site in sites %}-i bat{{ site.name }} -i vpn{{ site.name }} -b bat{{ site.name }} {% endfor %}
+
+Restart=always
+Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+[Install]
+WantedBy=multi-user.target