Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
centos:ansible:ffmuc-rpb4-ol [14.12.2021 16:40. ] – [Verzeichnis-Struktur] django | centos:ansible:ffmuc-rpb4-ol [14.09.2022 14:49. ] (aktuell) – gelöscht django | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
- | ====== Bau eines Freifunk-Offloaders auf Basis eines Raspberry 4B ====== | ||
- | {{: | ||
- | Bei größeren Installationen, | ||
- | \\ | ||
- | In diesem Konfigurationsbeispiel wollen wir möglichst einfach und schnell einen Offloader für **[[https:// | ||
- | |||
- | <WRAP center round tip 90%> | ||
- | Als Basis für die Konfiguration setzen wir beim sehr gut dokumentierten Artikel von **// | ||
- | </ | ||
- | |||
- | ====== Inhalt ====== | ||
- | |||
- | <WRAP center round alert 30%> | ||
- | **ACHTUNG: | ||
- | </ | ||
- | |||
- | |||
- | <WRAP center round tip 90%> | ||
- | Das Kapitel hier ist in folgende Abschnitte strukturiert. | ||
- | <WRAP center round important 100%> | ||
- | Wer also z.B. bereits einen SSH-Schlüssel sein eigen nennt oder Grundlagen zu Ansible bereits kennt und installiert hat, kann natürlich sofort beim Playbook bzw. dessen Ausführung einsteigen und die nachfolgenden Informationen überspringen. | ||
- | </ | ||
- | </ | ||
- | |||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | |||
- | Folgende Abschnitte beschreiben den eigentlichen Bau des Freifunk-Offloaders mit Ansible-Unterstützung und ist somit der ideale Einsprungpunkt für den versierten LINUX-Admin mit entsprechenden Ansible-Kenntnissen.: | ||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | * **[[# | ||
- | |||
- | ==== Grundlagen zu SSH ==== | ||
- | Grundlegende Informationen rund um die **[[https:// | ||
- | |||
- | ==== Erstellen eines SSH-Schlüsselpaares ==== | ||
- | Damit wir selbst für spätere Administrationsaufgaben und auch unser Ansible-Admin-Host Verbindungen mit Hilfe der **SSH**((**S**ecure** SH**ell)) zu unserem Offloader aufbauen kann, benötigen wir natürlich entsprechendes Schlüsselmaterial, | ||
- | |||
- | Bei der Erstellung wollen wir statt eines**[[https:// | ||
- | |||
- | Wir erstellen uns nun einen **ED25519**-Schlüssel (**'' | ||
- | $ ssh-keygen -t ed25519 -a 100 -C 'FFMUC Remote-User' | ||
- | |||
- | < | ||
- | Enter passphrase (empty for no passphrase): | ||
- | Enter same passphrase again: | ||
- | Your identification has been saved in ~/ | ||
- | Your public key has been saved in ~/ | ||
- | The key fingerprint is: | ||
- | SHA256: | ||
- | The key's randomart image is: | ||
- | +--[ED25519 256]--+ | ||
- | | | ||
- | | .E+ +.+. | | ||
- | | ++.. = * | | ||
- | | +..+ + O . | | ||
- | | | ||
- | | ... E * . | | ||
- | | .oo o + + .| | ||
- | | .... . =E | | ||
- | | .. + ooo | | ||
- | +----[SHA256]-----</ | ||
- | |||
- | ==== Grundlagen zu Ansible ==== | ||
- | {{: | ||
- | Grundlegende Informationen zu **[[https:// | ||
- | |||
- | ==== Installation von Ansible ==== | ||
- | Je nach verwendeter Systemumgebung installieren wir nun das vom Paketmaintainer zur Verfügung gestellte | ||
- | * RPM basierende Systeme: < | ||
- | * DEB basierende Systeme: < | ||
- | |||
- | ==== Einrichten der eigenen Ansible-Umgebung ==== | ||
- | /* | ||
- | === Verzeichnis-Struktur === | ||
- | Gemäß **[[http:// | ||
- | |||
- | <WRAP center round tip 90%> | ||
- | Jedoch empfiehlt es sich durchaus auf Empfohlenes zurückzugreifen! So empfiehlt es sich zum Beispiel auch, Rollen anstelle von Aufgaben zu verwenden, da dies wesentlich bei der Flexibilität und besseren Organisation der eigenen Playbooks/ | ||
- | </ | ||
- | |||
- | Ansible bietet **[[https:// | ||
- | |||
- | Mit dieser Struktur sind wir dann in der Lage jede Inventardatei mit ihrer **'' | ||
- | |||
- | Werfen wir also einfach mal auf die beschrieben Verzeichnisstruktur einen genaueren Blick. Die entsprechende Verwendung der einzelnen Verzeichnisse und DAteien ist in der Aufstellung entsprechend angegeben. | ||
- | < | ||
- | ├── filter_plugins | ||
- | ├── library | ||
- | ├── module_utils | ||
- | │ | ||
- | ├── inventories | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | ├── roles # Verzeichnis für die einzelnen (unterschiedlichen) Rollen | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | └── site.yml | ||
- | </ | ||
- | |||
- | Um dieses Verzeichnis-Layout einfach und schnell auf den Weg zu bringen, verwenden wir die nachfolgend gezeigten zwei Befehle bzw. genauer gesagt die beiden Befehlskette: | ||
- | $ mkdir -p ~/ | ||
- | ~/ | ||
- | ~/ | ||
- | |||
- | $ touch ~/ | ||
- | ~/ | ||
- | ~/ | ||
- | |||
- | */ | ||
- | === Ansible-Konfigurationsdatei === | ||
- | /* | ||
- | Als nächstes kopieren wir uns die Vorlage-Konfiguratinsdatei aus dem Verzeichnis **''/ | ||
- | $ cp / | ||
- | |||
- | Unter dem Konfigurationsgruppe **[ defaults ]** setzen wir den Parameter **'' | ||
- | |||
- | $ vim ~/ | ||
- | |||
- | Im Ganzen ergibt sich dann hier die doch überschaubare Konfigurationsdatei zu Ansible. | ||
- | $ egrep -v ' | ||
- | < | ||
- | inventory | ||
- | interpreter_python = auto_silent | ||
- | [inventory] | ||
- | [privilege_escalation] | ||
- | [paramiko_connection] | ||
- | [ssh_connection] | ||
- | [persistent_connection] | ||
- | connect_timeout = 30 | ||
- | [accelerate] | ||
- | [selinux] | ||
- | [colors] | ||
- | [diff] | ||
- | </ | ||
- | |||
- | :GO: | ||
- | |||
- | */ | ||
- | Als nächstes kopieren wir uns die Vorlage-Konfiguratinsdatei aus dem Verzeichnis **''/ | ||
- | $ cp / | ||
- | |||
- | Unter dem Konfigurationsgruppe **[ defaults ]** setzen wir den Parameter **'' | ||
- | |||
- | $ vim ~/ | ||
- | |||
- | Im Ganzen ergibt sich dann hier die doch überschaubare Konfigurationsdatei zu Ansible. | ||
- | $ egrep -v ' | ||
- | < | ||
- | inventory | ||
- | interpreter_python = auto_silent | ||
- | [inventory] | ||
- | [privilege_escalation] | ||
- | [paramiko_connection] | ||
- | [ssh_connection] | ||
- | [persistent_connection] | ||
- | connect_timeout = 30 | ||
- | [accelerate] | ||
- | [selinux] | ||
- | [colors] | ||
- | [diff] | ||
- | </ | ||
- | |||
- | |||
- | === Host-Definitionsdatei === | ||
- | /* | ||
- | Ähnlich wie bereits auch schon die Konfigurationsdatei zu Ansible wird auch die Datei zur Hostdefinition sehr überschaubar bleiben. | ||
- | Auch hier kopieren wir uns die Vorlagedatei in unser Homeverzeichnis an Ort und Stelle. | ||
- | $ cp / | ||
- | |||
- | Dort tragen wir den Namen ein, wie wir unseren Host später im Playbook ansprechen wollen. In diesem Konfigurationsbeispiel nutzen wir hier den Namen **'' | ||
- | $ vim ~/ | ||
- | |||
- | Somit ergibt sich auch hier eine sehr üersichtliche Konfigurationsdatei. | ||
- | $ egrep -v ' | ||
- | |||
- | raspberry-ansible | ||
- | |||
- | :GO: | ||
- | |||
- | */ | ||
- | Die Definition unseres Hosts mit den tzugehörigen Variablen beziehen wir später aus dem **[[# | ||
- | |||
- | |||
- | |||
- | |||
- | === SSH Konfigurationsdatei === | ||
- | Damit wir unseren Raspberry auch direkt über den zuvor definierten Namen ansprechen können, definieren wir nun noch in unserer **SSH**-Konfigurationsdatei **'' | ||
- | $ vim ~/ | ||
- | |||
- | < | ||
- | | ||
- | Port 22 | ||
- | User pi | ||
- | | ||
- | | ||
- | | ||
- | |||
- | Beim Parameter **'' | ||
- | |||
- | ==== Klonen des GIT-Repositories (Ansible-Playbook) ==== | ||
- | |||
- | $ cd ~/ansible | ||
- | $ git clone https:// | ||
- | Somit ergibt sich folgende Verzeichnis- und Dateistruktur: | ||
- | < | ||
- | ├── filter_plugins | ||
- | │ └── main.yml | ||
- | ├── inventories | ||
- | │ ├── production | ||
- | │ │ └── hosts.yml | ||
- | │ └── staging | ||
- | │ | ||
- | ├── library | ||
- | │ └── main.yml | ||
- | ├── LICENSE | ||
- | ├── module_utils | ||
- | │ └── main.yml | ||
- | ├── README.md | ||
- | ├── roles | ||
- | │ ├── basic | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── hostname.yml | ||
- | │ │ │ ├── hosts.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ ├── rfkill.yml | ||
- | │ │ │ ├── update.yml | ||
- | │ │ │ └── usercomment.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── hosts.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── batman | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── backport.yml | ||
- | │ │ │ ├── batmanstart.yml | ||
- | │ │ │ ├── compile.yml | ||
- | │ │ │ ├── install.yml | ||
- | │ │ │ ├── interfaceconfigure.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── modulloads.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ └── utilsinstall.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── batman-adv.module.j2 | ||
- | │ │ │ ├── dkms.j2 | ||
- | │ │ │ ├── interfaces.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── client-mesh | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── batmanmitwifi.yml | ||
- | │ │ │ ├── batmanohnewifi.yml | ||
- | │ │ │ ├── clientohnemesh.yml | ||
- | │ │ │ ├── getvxlanid.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── meshohneclient.yml | ||
- | │ │ │ └── meshundclient.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── interfaces_client_ohne_mesh.j2 | ||
- | │ │ │ ├── interfaces_mesh_mit_client.j2 | ||
- | │ │ │ ├── interfaces_mesh_ohne_client.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── rclocal_both.j2 | ||
- | │ │ │ └── rclocal_vxlan.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── common | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── ext-respondd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── aliasgenerate.yml | ||
- | │ │ │ ├── configgenerate.yml | ||
- | │ │ │ ├── copyconfig.yml | ||
- | │ │ │ ├── gitclone.yml | ||
- | │ │ │ ├── gitinstall.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── servicestartup.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── ext-respondd_alias.json.j2 | ||
- | │ │ │ ├── ext-respondd_config.json.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── fastd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── directorygenerate.yml | ||
- | │ │ │ ├── fastdconfigure.yml | ||
- | │ │ │ ├── fastdgetsocket.yml | ||
- | │ │ │ ├── fastdinstall.yml | ||
- | │ │ │ ├── fastdkeygen.yml | ||
- | │ │ │ ├── fastdsecretkeyget.yml | ||
- | │ │ │ ├── fastdstartup.yml | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── fastd.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── final | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── reboot.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── hostapd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── configure.yml | ||
- | │ │ │ ├── genconfig.yml | ||
- | │ │ │ ├── install.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── servicestartup.yml | ||
- | │ │ │ └── wlanbridging.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── hostapd.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── rclocal_wifi.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── kvm_hostgen | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── generate.yml | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── kvm-new | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── oled | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── adafruitclone.yml | ||
- | │ │ │ ├── adafruitconfig.yml | ||
- | │ │ │ ├── i2c_arm.yml | ||
- | │ │ │ ├── i2c-bcm2708.yml | ||
- | │ │ │ ├── i2c-dev.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── packages.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ ├── scriptclone.yml | ||
- | │ │ │ ├── scriptconfig.yml | ||
- | │ │ │ ├── scriptstartup.yml | ||
- | │ │ │ └── scriptstart.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── bandwidth.j2 | ||
- | │ │ │ ├── config.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── oled-bandwidth.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── vxlan | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── configure.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── vxlanstart.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── systemd-service-file.j2 | ||
- | │ │ │ └── vxlan-init.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ └── wireguard | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | └── wireguard-offloader.yml | ||
- | </ | ||
- | ==== Kopieren des Ansible-Playbooks ==== | ||
- | Nun können wir uns " | ||
- | * **{{: | ||
- | * // | ||
- | * // | ||
- | * // | ||
- | * // | ||
- | * // | ||
- | |||
- | $ wget \ | ||
- | | ||
- | -O ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.tar.gz | ||
- | |||
- | Anschließend entpacken wir es an Ort und Stelle. | ||
- | $ tar -xvf ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.tar.gz | ||
- | |||
- | Somit ergibt sich folgende Verzeichnis- und Dateistruktur: | ||
- | < | ||
- | ├── filter_plugins | ||
- | ├── inventories | ||
- | │ ├── production | ||
- | │ │ ├── group_vars | ||
- | │ │ ├── hosts.yml | ||
- | │ │ └── host_vars | ||
- | │ └── staging | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | ├── library | ||
- | ├── module_utils | ||
- | ├── roles | ||
- | │ ├── basic | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── hostname.yml | ||
- | │ │ │ ├── hosts.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ ├── rfkill.yml | ||
- | │ │ │ ├── update.yml | ||
- | │ │ │ └── usercomment.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── hosts.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── batman | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── backport.yml | ||
- | │ │ │ ├── batmanstart.yml | ||
- | │ │ │ ├── compile.yml | ||
- | │ │ │ ├── install.yml | ||
- | │ │ │ ├── interfaceconfigure.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── modulloads.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ └── utilsinstall.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── batman-adv.module.j2 | ||
- | │ │ │ ├── dkms.j2 | ||
- | │ │ │ ├── interfaces.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── client-mesh | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── batmanmitwifi.yml | ||
- | │ │ │ ├── batmanohnewifi.yml | ||
- | │ │ │ ├── clientohnemesh.yml | ||
- | │ │ │ ├── getvxlanid.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── meshohneclient.yml | ||
- | │ │ │ └── meshundclient.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── interfaces_client_ohne_mesh.j2 | ||
- | │ │ │ ├── interfaces_mesh_mit_client.j2 | ||
- | │ │ │ ├── interfaces_mesh_ohne_client.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── rclocal_both.j2 | ||
- | │ │ │ └── rclocal_vxlan.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── common | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── ext-respondd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── aliasgenerate.yml | ||
- | │ │ │ ├── configgenerate.yml | ||
- | │ │ │ ├── copyconfig.yml | ||
- | │ │ │ ├── gitclone.yml | ||
- | │ │ │ ├── gitinstall.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── servicestartup.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── ext-respondd_alias.json.j2 | ||
- | │ │ │ ├── ext-respondd_config.json.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── fastd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── directorygenerate.yml | ||
- | │ │ │ ├── fastdconfigure.yml | ||
- | │ │ │ ├── fastdgetsocket.yml | ||
- | │ │ │ ├── fastdinstall.yml | ||
- | │ │ │ ├── fastdkeygen.yml | ||
- | │ │ │ ├── fastdsecretkeyget.yml | ||
- | │ │ │ ├── fastdstartup.yml | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── fastd.j2 | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── final | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── reboot.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ └── main.yml | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── hostapd | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── configure.yml | ||
- | │ │ │ ├── genconfig.yml | ||
- | │ │ │ ├── install.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── servicestartup.yml | ||
- | │ │ │ └── wlanbridging.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── hostapd.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── rclocal_wifi.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── oled | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── adafruitclone.yml | ||
- | │ │ │ ├── adafruitconfig.yml | ||
- | │ │ │ ├── i2c_arm.yml | ||
- | │ │ │ ├── i2c-bcm2708.yml | ||
- | │ │ │ ├── i2c-dev.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── packages.yml | ||
- | │ │ │ ├── reboot.yml | ||
- | │ │ │ ├── scriptclone.yml | ||
- | │ │ │ ├── scriptconfig.yml | ||
- | │ │ │ ├── scriptstartup.yml | ||
- | │ │ │ └── scriptstart.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── bandwidth.j2 | ||
- | │ │ │ ├── config.j2 | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── oled-bandwidth.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ ├── vxlan | ||
- | │ │ ├── defaults | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── files | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── handlers | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── library | ||
- | │ │ ├── lookup_plugin | ||
- | │ │ ├── meta | ||
- | │ │ │ └── main.yml | ||
- | │ │ ├── module_utils | ||
- | │ │ ├── tasks | ||
- | │ │ │ ├── configure.yml | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ └── vxlanstart.yml | ||
- | │ │ ├── templates | ||
- | │ │ │ ├── main.yml | ||
- | │ │ │ ├── systemd-service-file.j2 | ||
- | │ │ │ └── vxlan-init.j2 | ||
- | │ │ └── vars | ||
- | │ │ | ||
- | │ └── wireguard | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | │ | ||
- | └── wireguard-offloader.yml | ||
- | </ | ||
- | ==== Aufbau des Ansible-Playbooks - Inhalte ==== | ||
- | Nachfolgend finden wir die Inhalte der einzelnen Dateien die im ansible-playbook enthalten sind: | ||
- | === Inventory-Definition === | ||
- | <file java ~/ | ||
- | ffmuc: | ||
- | children: | ||
- | ffmuc_deb: | ||
- | vars: | ||
- | ansible_ssh_user: | ||
- | hosts: | ||
- | raspberry-wireguard: | ||
- | wireguard_ports: | ||
- | muc_cty: | ||
- | muc_nord: | ||
- | muc_ost: | ||
- | muc_sued: | ||
- | muc_west: | ||
- | uml_nord: | ||
- | uml_ost: | ||
- | uml_sued: | ||
- | uml_west: | ||
- | gauting: | ||
- | freising: | ||
- | welt: 40011 | ||
- | vxlan_ids: | ||
- | muc_cty: | ||
- | muc_nord: | ||
- | muc_ost: | ||
- | muc_sued: | ||
- | muc_west: | ||
- | uml_nord: | ||
- | uml_ost: | ||
- | uml_sued: | ||
- | uml_west: | ||
- | gauting: | ||
- | freising: | ||
- | welt: | ||
- | gw_linklocal: | ||
- | gw04: " | ||
- | gw05: " | ||
- | gw06: " | ||
- | gw07: " | ||
- | gw_publickey: | ||
- | gw04: " | ||
- | gw05: " | ||
- | gw06: " | ||
- | gw07: " | ||
- | gw_vxlan_ids: | ||
- | muc_cty: | ||
- | muc_nord: | ||
- | muc_ost: | ||
- | muc_sued: | ||
- | muc_west: | ||
- | uml_nord: | ||
- | uml_ost: | ||
- | uml_sued: | ||
- | uml_west: | ||
- | gauting: | ||
- | freising: | ||
- | welt: | ||
- | batman_adv_version: | ||
- | ffmuc_segment: | ||
- | ffmuc_gateway: | ||
- | raspberry_hostname: | ||
- | node_contact_address: | ||
- | raspberry_latitude: | ||
- | raspberry_longitude: | ||
- | raspberry_wifi: | ||
- | raspberry_clientvlan: | ||
- | raspberry_meshvlan: | ||
- | raspberry_oled: | ||
- | dtparam: | ||
- | ... #YAML ende syntax (optional) | ||
- | </ | ||
- | |||
- | |||
- | === Playbook " | ||
- | <file java ~/ | ||
- | - name: | ||
- | hosts: | ||
- | become: | ||
- | become_user: | ||
- | |||
- | roles: | ||
- | - basic # Basiskonfiguration des Hosts (Host-/ | ||
- | - batman | ||
- | - wireguard | ||
- | - vxlan # Konfiguration von VXLAN für wireguard-Tunnel-Verbindung in Richtung Gateway | ||
- | - ext-respondd | ||
- | - hostapd | ||
- | - client-mesh | ||
- | - oled # Konfiguration eines OLEDisplays sofern eines am Respberry 4B verbaut ist | ||
- | - final # Reboot nach Abschluss der Konfiguration unseres Offloaders | ||
- | |||
- | ... # YML Ende | ||
- | </ | ||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: hostname.yml | ||
- | - include: hosts.yml | ||
- | - include: usercomment.yml | ||
- | - include: rfkill.yml | ||
- | - include: update.yml | ||
- | - include: reboot.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: hostnamectl set-hostname {{ raspberry_hostname }} | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: /etc/hosts | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | user: | ||
- | name: pi | ||
- | comment: " | ||
- | state: present | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: rfkill unblock wifi | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | upgrade: dist | ||
- | update_cache: | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | reboot: | ||
- | </ | ||
- | == Templates == | ||
- | <file java ~/ | ||
- | :: | ||
- | ff02:: | ||
- | ff02:: | ||
- | </ | ||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: install.yml | ||
- | - include: compile.yml | ||
- | - include: modulloads.yml | ||
- | - include: backport.yml | ||
- | - include: utilsinstall.yml | ||
- | - include: batmanstart.yml | ||
- | - include: interfaceconfigure.yml | ||
- | - include: reboot.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | get_url: | ||
- | url: https:// | ||
- | dest: / | ||
- | mode: ' | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | unarchive: | ||
- | src: / | ||
- | dest: /usr/src | ||
- | remote_src: yes | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | update_cache: | ||
- | pkg: | ||
- | - dkms | ||
- | - raspberrypi-kernel-headers | ||
- | state: present | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | make: | ||
- | chdir: / | ||
- | target: scripts | ||
- | ignore_errors: | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | command: dkms add -m batman-adv -v {{ batman_adv_version }} | ||
- | register: ret | ||
- | failed_when: | ||
- | changed_when: | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | command: dkms build -m batman-adv -v {{ batman_adv_version }} | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | command: dkms install -m batman-adv -v {{batman_adv_version }} | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | modprobe: | ||
- | name: dummy | ||
- | state: present | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | modprobe: | ||
- | name: batman_adv | ||
- | state: present | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: apt-key adv --keyserver hkp:// | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: apt-key adv --keyserver hkp:// | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: echo "deb http:// | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | update_cache: | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | # | ||
- | pkg: | ||
- | - bridge-utils | ||
- | - dnsutils | ||
- | - vim | ||
- | state: present | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | # | ||
- | pkg: | ||
- | - batctl | ||
- | default_release: | ||
- | state: present | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: batctl ra BATMAN_V | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | reboot: | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | # Load batman-adv module on system boot | ||
- | # | ||
- | batman-adv | ||
- | dummy | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | PACKAGE_VERSION={{ batman_adv_version }} | ||
- | |||
- | DEST_MODULE_LOCATION=/ | ||
- | BUILT_MODULE_NAME=batman-adv | ||
- | BUILT_MODULE_LOCATION=net/ | ||
- | |||
- | MAKE="' | ||
- | CLEAN="' | ||
- | |||
- | AUTOINSTALL=" | ||
- | </ | ||
- | |||
- | |||
- | <file java ~/ | ||
- | |||
- | # Please note that this file is written to be used with dhcpcd | ||
- | # For static IP, consult / | ||
- | |||
- | # Include files from / | ||
- | # source-directory / | ||
- | |||
- | auto eth0 | ||
- | iface eth0 inet dhcp | ||
- | |||
- | auto br-{{ ffmuc_segment }} | ||
- | iface br-{{ ffmuc_segment }} inet dhcp | ||
- | bridge-ports bat-{{ ffmuc_segment }} | ||
- | pre-up / | ||
- | pre-up /sbin/ip link add dummy-{{ ffmuc_segment }} type dummy | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | pre-up /sbin/ip link set dummy-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set bat-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: install.yml | ||
- | - include: genkeys.yml | ||
- | - include: genlinklocal.yml | ||
- | - include: configuration.yml | ||
- | - include: brokerinform.yml | ||
- | - include: wireguardstart.yml | ||
- | - include: checkup.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | # | ||
- | pkg: | ||
- | - wireguard | ||
- | state: present | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: /usr/bin/wg genkey | tee client_private.key | wg pubkey | tee client_public.key | ||
- | args: | ||
- | chdir: / | ||
- | creates: client_private.key | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | file: | ||
- | path: / | ||
- | mode: ' | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | file: | ||
- | path: / | ||
- | mode: ' | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: cat / | ||
- | register: wg_node_linklocal | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: cat / | ||
- | register: wg_client_privatekey | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | shell: cat / | ||
- | register: wg_client_publickey | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_wireguard_port: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_wireguard_linklocal: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_wireguard_gwpubkey: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: broker | ||
- | daemon_reload: | ||
- | state: started | ||
- | enabled: yes | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: wg-quick@wg-uplink | ||
- | daemon_reload: | ||
- | state: started | ||
- | enabled: yes | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: cat / | ||
- | register: wg_node_linklocal | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | file: | ||
- | path: / | ||
- | mode: ' | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | [Unit] | ||
- | # see man systemd.unit | ||
- | Description=Inform tunnel about our wireguard-public key | ||
- | Documentation=https:// | ||
- | Before=wg-quick.target | ||
- | |||
- | [Service] | ||
- | # see man systemd.service, | ||
- | ExecStart=/ | ||
- | StandardOutput=syslog | ||
- | StandardError=syslog | ||
- | |||
- | [Install] | ||
- | WantedBy=default.target | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | |||
- | # Check connectivity to supernode | ||
- | HTTP_STATUS_CODE=(`curl --silent --interface wg-uplink --get --ipv6 --connect-timeout 5 --write-out ' | ||
- | if [ ${HTTP_STATUS_CODE} != " | ||
- | logger -t checkuplink "curl --silent --interface wg-uplink --get --ipv6 --connect-timeout 5 --write-out ' | ||
- | logger -t checkuplink "... better we restart the wireguar-tunnel!" | ||
- | ip link set nomaster bat-{{ ffmuc_segment }} dev vxlan-mesh &> /dev/null | ||
- | ip link del dev mesh-vpn &> /dev/null | ||
- | ip link del wg-uplink &> /dev/null | ||
- | systemctl stop wg-quick@wg-uplink | ||
- | systemctl restart networking | ||
- | logger -t checkuplink " | ||
- | / | ||
- | logger -t checkuplink " | ||
- | systemctl start wg-quick@wg-uplink | ||
- | logger -t checkuplink " | ||
- | vxlan | ||
- | else | ||
- | #logger -t checkuplink " | ||
- | fi | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | # Unlike any other crontab you don't have to run the `crontab' | ||
- | # command to install the new version when you edit this file | ||
- | # and files in / | ||
- | # that none of the other crontabs do. | ||
- | |||
- | SHELL=/ | ||
- | PATH=/ | ||
- | |||
- | # Example of job definition: | ||
- | # .---------------- minute (0 - 59) | ||
- | # | .------------- hour (0 - 23) | ||
- | # | | .---------- day of month (1 - 31) | ||
- | # | | | .------- month (1 - 12) OR jan, | ||
- | # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun, | ||
- | # | | | | | | ||
- | # * * * * * user-name command to be executed | ||
- | 17 * * * * root | ||
- | 25 6 * * * root test -x / | ||
- | 47 6 * * 7 root test -x / | ||
- | 52 6 1 * * root test -x / | ||
- | # | ||
- | |||
- | # check wireguard-connection | ||
- | * * * * * root / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | PrivateKey = {{ wg_client_privatekey.stdout }} | ||
- | Address = {{ wg_node_linklocal.stdout }} | ||
- | |||
- | [Peer] | ||
- | PublicKey = {{ ffmuc_wireguard_gwpubkey }} | ||
- | AllowedIPs = {{ ffmuc_wireguard_linklocal }} | ||
- | Endpoint = {{ ffmuc_gateway }}.ext.ffmuc.net: | ||
- | PersistentKeepalive = 25 | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | <file java ~/ | ||
- | - include: configure.yml | ||
- | - include: vxlanstart.yml | ||
- | </ | ||
- | |||
- | == Tasks == | ||
- | <file java ~/ | ||
- | # https:// | ||
- | command: ip6tables -I INPUT 1 -i wg-uplink -m udp -p udp --dport 8472 -j ACCEPT | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_vxlan_id: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_wireguard_linklocal: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | shell: cat / | ||
- | register: wg_node_linklocal | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | file: | ||
- | path: / | ||
- | mode: ' | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | daemon_reexec: | ||
- | |||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: vxlan.service | ||
- | daemon_reload: | ||
- | state: started | ||
- | enabled: yes | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | # see man systemd.unit | ||
- | Description=Bringing up VXLAN Interface | ||
- | Documentation=https:// | ||
- | After=wg-quick@wg-uplink.service | ||
- | |||
- | [Service] | ||
- | # see man systemd.service, | ||
- | Type=oneshot | ||
- | ExecStart=/ | ||
- | StandardOutput=syslog | ||
- | StandardError=syslog | ||
- | |||
- | [Install] | ||
- | WantedBy=multi-user.target | ||
- | </ | ||
- | |||
- | <file bash ~/ | ||
- | |||
- | # Bring up VXLAN | ||
- | ip link add mesh-vpn type vxlan id {{ ffmuc_vxlan_id }} local {{ wg_node_linklocal.stdout }} remote {{ ffmuc_wireguard_linklocal }} dstport 8472 dev wg-uplink | ||
- | ip link set up dev mesh-vpn | ||
- | |||
- | # Bind mesh-vpn to BATMAN-Device | ||
- | / | ||
- | |||
- | # If we have a BATMAN_V env we need to correct the throughput value now | ||
- | / | ||
- | </ | ||
- | |||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: gitinstall.yml | ||
- | - include: gitclone.yml | ||
- | - include: copyconfig.yml | ||
- | - include: aliasgenerate.yml | ||
- | - include: configgenerate.yml | ||
- | - include: servicestartup.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: | ||
- | cmd: cp / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Repo ext-respondd klonen" | ||
- | # https:// | ||
- | git: | ||
- | repo: https:// | ||
- | dest: / | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | update_cache: | ||
- | pkg: | ||
- | - git | ||
- | - python3-netifaces | ||
- | state: present | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: ext-respondd | ||
- | daemon_reload: | ||
- | state: started | ||
- | enabled: yes | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | }, | ||
- | " | ||
- | " | ||
- | }, | ||
- | " | ||
- | " | ||
- | " | ||
- | }, | ||
- | " | ||
- | " | ||
- | " | ||
- | } | ||
- | }, | ||
- | " | ||
- | } | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | " | ||
- | } | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: install.yml | ||
- | - include: configure.yml | ||
- | - include: genconfig.yml | ||
- | - include: wlanbridging.yml | ||
- | - include: servicestartup.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | shell: echo ' | ||
- | when: ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Paket hostapd für WLAN installieren" | ||
- | # https:// | ||
- | apt: | ||
- | update_cache: | ||
- | pkg: | ||
- | - hostapd | ||
- | state: present | ||
- | when: ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: hostapd | ||
- | enabled: yes | ||
- | masked: no | ||
- | state: started | ||
- | when: ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "wlan0 in Bridge packen" | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | |||
- | country_code=US | ||
- | |||
- | interface=wlan0 | ||
- | driver=nl80211 | ||
- | |||
- | macaddr_acl=0 | ||
- | |||
- | logger_syslog=0 | ||
- | logger_syslog_level=4 | ||
- | logger_stdout=-1 | ||
- | logger_stdout_level=0 | ||
- | |||
- | hw_mode=a | ||
- | wmm_enabled=1 | ||
- | |||
- | # N | ||
- | ieee80211n=1 | ||
- | require_ht=1 | ||
- | ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40] | ||
- | |||
- | # AC | ||
- | ieee80211ac=1 | ||
- | require_vht=1 | ||
- | ieee80211d=0 | ||
- | ieee80211h=0 | ||
- | vht_capab=[MAX-AMSDU-3839][SHORT-GI-80] | ||
- | vht_oper_chwidth=1 | ||
- | channel=36 | ||
- | vht_oper_centr_freq_seg0_idx=42 | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | # | ||
- | # rc.local | ||
- | # | ||
- | # This script is executed at the end of each multiuser runlevel. | ||
- | # Make sure that the script will "exit 0" on success or any other | ||
- | # value on error. | ||
- | # | ||
- | # In order to enable or disable this script just change the execution | ||
- | # bits. | ||
- | # | ||
- | # By default this script does nothing. | ||
- | |||
- | # Print the IP address | ||
- | _IP=$(hostname -I) || true | ||
- | if [ " | ||
- | printf "My IP address is %s\n" " | ||
- | fi | ||
- | sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0 | ||
- | exit 0 | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: clientohnemesh.yml | ||
- | - include: getvxlanid.yml | ||
- | - include: meshohneclient.yml | ||
- | - include: meshundclient.yml | ||
- | - include: batmanohnewifi.yml | ||
- | - include: batmanmitwifi.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi != " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | --- | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length == 0 ) | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | set_fact: | ||
- | ffmuc_vxlan_id: | ||
- | loop: "{{ lookup(' | ||
- | when: " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_clientvlan|length == 0 ) and ( raspberry_meshvlan|length > 0 ) | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length > 0 ) | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file java ~/ | ||
- | |||
- | # Please note that this file is written to be used with dhcpcd | ||
- | # For static IP, consult / | ||
- | |||
- | # Include files from / | ||
- | # source-directory / | ||
- | |||
- | auto eth0 | ||
- | iface eth0 inet dhcp | ||
- | |||
- | auto eth0.{{ raspberry_clientvlan }} | ||
- | iface eth0.{{ raspberry_clientvlan }} inet manual | ||
- | |||
- | auto br-{{ ffmuc_segment }} | ||
- | iface br-{{ ffmuc_segment }} inet dhcp | ||
- | bridge-ports bat-{{ ffmuc_segment }} eth0.{{ raspberry_clientvlan }} | ||
- | pre-up / | ||
- | pre-up /sbin/ip link add dummy-{{ ffmuc_segment }} type dummy | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | pre-up /sbin/ip link set dummy-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set bat-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | |||
- | # Please note that this file is written to be used with dhcpcd | ||
- | # For static IP, consult / | ||
- | |||
- | # Include files from / | ||
- | # source-directory / | ||
- | |||
- | auto eth0 | ||
- | iface eth0 inet dhcp | ||
- | |||
- | auto eth0.{{ raspberry_meshvlan }} | ||
- | iface eth0.{{ raspberry_meshvlan }} inet manual | ||
- | pre-up /sbin/ip link add vxlan-mesh type vxlan id {{ ffmuc_vxlan_id }} group ff02::15c dstport 4789 port 32768 61000 no udpcsum udp6zerocsumtx udp6zerocsumrx dev eth0.{{ raspberry_meshvlan }} || true | ||
- | up /sbin/ip link set vxlan-mesh up | ||
- | post-up / | ||
- | post-up / | ||
- | down ip link set vxlan-mesh down | ||
- | post-down ip link del vxlan-mesh || true | ||
- | |||
- | auto eth0.{{ raspberry_clientvlan }} | ||
- | iface eth0.{{ raspberry_clientvlan }} inet manual | ||
- | |||
- | auto br-{{ ffmuc_segment }} | ||
- | iface br-{{ ffmuc_segment }} inet dhcp | ||
- | bridge-ports bat-{{ ffmuc_segment }} eth0.{{ raspberry_clientvlan }} | ||
- | pre-up / | ||
- | pre-up /sbin/ip link add dummy-{{ ffmuc_segment }} type dummy | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | pre-up /sbin/ip link set dummy-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set bat-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | |||
- | # Please note that this file is written to be used with dhcpcd | ||
- | # For static IP, consult / | ||
- | |||
- | # Include files from / | ||
- | # source-directory / | ||
- | |||
- | auto eth0 | ||
- | iface eth0 inet dhcp | ||
- | |||
- | auto eth0.{{ raspberry_meshvlan }} | ||
- | iface eth0.{{ raspberry_meshvlan }} inet manual | ||
- | pre-up /sbin/ip link add vxlan-mesh type vxlan id {{ ffmuc_vxlan_id }} group ff02::15c dstport 4789 port 32768 61000 no udpcsum udp6zerocsumtx udp6zerocsumrx dev eth0.{{ raspberry_meshvlan }} || true | ||
- | up /sbin/ip link set vxlan-mesh up | ||
- | post-up / | ||
- | post-up / | ||
- | down ip link set vxlan-mesh down | ||
- | post-down ip link del vxlan-mesh || true | ||
- | |||
- | auto br-{{ ffmuc_segment }} | ||
- | iface br-{{ ffmuc_segment }} inet dhcp | ||
- | bridge-ports bat-{{ ffmuc_segment }} | ||
- | pre-up / | ||
- | pre-up /sbin/ip link add dummy-{{ ffmuc_segment }} type dummy | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | pre-up /sbin/ip link set dummy-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set bat-{{ ffmuc_segment }} up | ||
- | pre-up / | ||
- | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o ' | ||
- | </ | ||
- | |||
- | <file bash ~/ | ||
- | # | ||
- | # rc.local | ||
- | # | ||
- | # This script is executed at the end of each multiuser runlevel. | ||
- | # Make sure that the script will "exit 0" on success or any other | ||
- | # value on error. | ||
- | # | ||
- | # In order to enable or disable this script just change the execution | ||
- | # bits. | ||
- | # | ||
- | # By default this script does nothing. | ||
- | |||
- | # Print the IP address | ||
- | _IP=$(hostname -I) || true | ||
- | if [ " | ||
- | printf "My IP address is %s\n" " | ||
- | fi | ||
- | sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0 | ||
- | / | ||
- | exit 0 | ||
- | </ | ||
- | |||
- | <file bash ~/ | ||
- | # | ||
- | # rc.local | ||
- | # | ||
- | # This script is executed at the end of each multiuser runlevel. | ||
- | # Make sure that the script will "exit 0" on success or any other | ||
- | # value on error. | ||
- | # | ||
- | # In order to enable or disable this script just change the execution | ||
- | # bits. | ||
- | # | ||
- | # By default this script does nothing. | ||
- | |||
- | # Print the IP address | ||
- | _IP=$(hostname -I) || true | ||
- | if [ " | ||
- | printf "My IP address is %s\n" " | ||
- | fi | ||
- | / | ||
- | exit 0 | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: i2c-bcm2708.yml | ||
- | - include: i2c-dev.yml | ||
- | - include: packages.yml | ||
- | - include: i2c_arm.yml | ||
- | - include: reboot.yml | ||
- | - include: adafruitclone.yml | ||
- | - include: adafruitconfig.yml | ||
- | - include: scriptclone.yml | ||
- | - include: scriptconfig.yml | ||
- | - include: scriptstart.yml | ||
- | - include: scriptstartup.yml | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Repo Adafruit_Python_SSD1306 klonen" | ||
- | # https:// | ||
- | git: | ||
- | repo: https:// | ||
- | dest: / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Für OLED-Konfiguration Adafruit_Python_SSD1306 installieren" | ||
- | # https:// | ||
- | shell: cd / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Laden des Kernelmodul i2c_arm beim Booten veranlassen" | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Für OLED-Konfiguration i2c-bcm2708 in / | ||
- | # https:// | ||
- | shell: echo i2c-bcm2708 >> / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: "Für OLED-Konfiguration i2c-dev in / | ||
- | # https:// | ||
- | shell: echo i2c-dev >> / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | apt: | ||
- | update_cache: | ||
- | pkg: | ||
- | - python3-dev | ||
- | - python3-smbus | ||
- | - i2c-tools | ||
- | - python3-pil | ||
- | - python3-pip | ||
- | - python3-setuptools | ||
- | - python3-rpi.gpio | ||
- | - git | ||
- | - fonts-freefont-ttf | ||
- | state: present | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | reboot: | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | git: | ||
- | repo: https:// | ||
- | dest: / | ||
- | force: yes | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | template: | ||
- | src: templates/ | ||
- | dest: / | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | systemd: | ||
- | name: oled-bandwidth | ||
- | daemon_reload: | ||
- | state: started | ||
- | enabled: yes | ||
- | when: ( raspberry_oled == " | ||
- | </ | ||
- | |||
- | == Templates == | ||
- | <file python ~/ | ||
- | # | ||
- | # Maintained by awlnx - aw@awlnx.space | ||
- | # | ||
- | |||
- | import subprocess | ||
- | import time | ||
- | import re | ||
- | import Adafruit_GPIO.SPI as SPI | ||
- | import Adafruit_SSD1306 | ||
- | from PIL import Image | ||
- | from PIL import ImageDraw | ||
- | from PIL import ImageFont | ||
- | import math | ||
- | |||
- | # Adjust to your needs | ||
- | wifi = ' | ||
- | vpn = ' | ||
- | batman = ' | ||
- | primary_mac = '{{ ansible_eth0.macaddress }}' | ||
- | |||
- | # We assume 100mbit/s max bandwidth | ||
- | maxRateIn = 10000000 | ||
- | maxRateOut = 10000000 | ||
- | PImaxRateIn = 10000000 | ||
- | PImaxRateOut = 10000000 | ||
- | |||
- | ### DO NOT EDIT BELOW THIS POINT ### | ||
- | |||
- | # Raspberry Pi pin configuration: | ||
- | RST = ' | ||
- | |||
- | # 128x64 display with hardware I2C: | ||
- | disp = Adafruit_SSD1306.SSD1306_128_64(rst=RST) | ||
- | |||
- | # Initialize library. | ||
- | disp.begin() | ||
- | |||
- | # Clear display. | ||
- | disp.clear() | ||
- | disp.display() | ||
- | |||
- | # Create blank image for drawing. | ||
- | # Make sure to create image with mode ' | ||
- | width = disp.width | ||
- | height = disp.height | ||
- | image = Image.new(' | ||
- | |||
- | # Get drawing object to draw on image. | ||
- | draw = ImageDraw.Draw(image) | ||
- | |||
- | font = ImageFont.truetype('/ | ||
- | fontsmall = ImageFont.truetype('/ | ||
- | fontverysmall = ImageFont.truetype('/ | ||
- | fontmedium = ImageFont.truetype('/ | ||
- | |||
- | #Display Image | ||
- | disp.image(image) | ||
- | disp.display() | ||
- | |||
- | #Functions | ||
- | |||
- | def get_network_bytes(interface): | ||
- | for line in open('/ | ||
- | if interface in line: | ||
- | data = line.split(' | ||
- | rx_bytes, tx_bytes = (data[0], data[8]) | ||
- | return (int(rx_bytes), | ||
- | |||
- | def drawBar (x, barHeight): | ||
- | # parameters are x, y, end x, end y | ||
- | # draw.rectangle ((x, height - barHeight, x + 10, height -1), outline=255, | ||
- | draw.rectangle ((x, 32 - barHeight, x + 8, height - 32), outline=255, | ||
- | |||
- | def drawBarLOW (x, barLOWHeight): | ||
- | # parameters are x, y, end x, end y | ||
- | draw.rectangle ((x, 32 + barLOWHeight, | ||
- | |||
- | def textRate(rate): | ||
- | # rate -> raw bitrate | ||
- | # Returns: SI formatted bitrate | ||
- | if rate == 0: | ||
- | return " | ||
- | rate = rate * 8 | ||
- | size_name = ( | ||
- | " | ||
- | i = int(math.floor(math.log(rate , 1024))) | ||
- | p = math.pow(1024, | ||
- | s = round(rate / p, 1) | ||
- | return "%s %s" % (s, size_name[i]) | ||
- | |||
- | lastInBytes = get_network_bytes(vpn)[0]; | ||
- | lastOutBytes = get_network_bytes(vpn)[1]; | ||
- | lastPIInBytes = get_network_bytes(wifi)[0]; | ||
- | lastPIOutBytes = get_network_bytes(wifi)[1]; | ||
- | lastTime = time.time() | ||
- | |||
- | #timed array vars | ||
- | timerTime = time.time() | ||
- | highestSpeedIn = 0 | ||
- | highestSpeedOut = 0 | ||
- | PIhighestSpeedIn = 0 | ||
- | PIhighestSpeedOut = 0 | ||
- | speedArrayIn = [] | ||
- | speedArrayOut = [] | ||
- | PIspeedArrayIn = [] | ||
- | PIspeedArrayOut = [] | ||
- | inMax = 0 | ||
- | outMax = 0 | ||
- | PIinMax = 0 | ||
- | PIoutMax = 0 | ||
- | |||
- | while (1): | ||
- | time.sleep(2) | ||
- | draw.rectangle((0, | ||
- | |||
- | now = time.time() | ||
- | elapsed = now - lastTime | ||
- | lastTime = now | ||
- | |||
- | #calculate rates in and out | ||
- | inBytes = get_network_bytes(vpn)[0] | ||
- | currInBytes = (inBytes - lastInBytes) / elapsed | ||
- | lastInBytes = inBytes | ||
- | |||
- | outBytes = get_network_bytes(vpn)[1] | ||
- | currOutBytes = (outBytes - lastOutBytes) / elapsed | ||
- | lastOutBytes = outBytes | ||
- | |||
- | PIinBytes = get_network_bytes(wifi)[0] | ||
- | currPIInBytes = (PIinBytes - lastPIInBytes) / elapsed | ||
- | lastPIInBytes = PIinBytes | ||
- | |||
- | PIoutBytes = get_network_bytes(wifi)[1] | ||
- | currPIOutBytes = (PIoutBytes - lastPIOutBytes) / elapsed | ||
- | lastPIOutBytes = PIoutBytes | ||
- | |||
- | |||
- | #max rate last 24 hours calculations | ||
- | |||
- | if currInBytes > highestSpeedIn: | ||
- | highestSpeedIn = currInBytes | ||
- | if currOutBytes > highestSpeedOut: | ||
- | highestSpeedOut = currOutBytes | ||
- | if currPIInBytes > PIhighestSpeedIn: | ||
- | PIhighestSpeedIn = currPIInBytes | ||
- | if currPIOutBytes > PIhighestSpeedOut: | ||
- | PIhighestSpeedOut = currPIOutBytes | ||
- | |||
- | if now > timerTime + 3600: | ||
- | print(' | ||
- | timerTime = now | ||
- | |||
- | speedArrayIn.append (highestSpeedIn) | ||
- | if len (speedArrayIn) > 23: | ||
- | del speedArrayIn[0] | ||
- | inMax = max(speedArrayIn) | ||
- | |||
- | speedArrayOut.append (highestSpeedOut) | ||
- | if len (speedArrayOut) > 23: | ||
- | del speedArrayOut[0] | ||
- | outMax = max(speedArrayOut) | ||
- | |||
- | highestSpeedIn = 0 | ||
- | highestSpeedOut = 0 | ||
- | |||
- | PIspeedArrayIn.append (PIhighestSpeedIn) | ||
- | if len (PIspeedArrayIn) > 23: | ||
- | del PIspeedArrayIn[0] | ||
- | PIinMax = max(PIspeedArrayIn) | ||
- | |||
- | PIspeedArrayOut.append (PIhighestSpeedOut) | ||
- | if len (PIspeedArrayOut) > 23: | ||
- | del PIspeedArrayOut[0] | ||
- | PIoutMax = max(PIspeedArrayOut) | ||
- | |||
- | PIhighestSpeedIn = 0 | ||
- | PIhighestSpeedOut = 0 | ||
- | |||
- | #adjust these in each loop in case we find a faster speed | ||
- | inMax = max(inMax, highestSpeedIn) | ||
- | outMax = max(outMax, highestSpeedOut) | ||
- | PIinMax = max(PIinMax, | ||
- | PIoutMax = max(PIoutMax, | ||
- | |||
- | #draw graph | ||
- | inHeight = 0.0 | ||
- | outHeight = 0.0 | ||
- | PIinHeight = 0.0 | ||
- | PIoutHeight = 0.0 | ||
- | |||
- | if currInBytes > 0: | ||
- | inHeight = float(currInBytes / maxRateIn) * 32 | ||
- | |||
- | if currOutBytes > 0: | ||
- | outHeight = float(currOutBytes / maxRateOut) * 32 | ||
- | |||
- | if currPIInBytes > 0: | ||
- | PIinHeight = float(currPIInBytes / PImaxRateIn) * 32 | ||
- | |||
- | if currPIOutBytes > 0: | ||
- | PIoutHeight = float(currPIOutBytes / PImaxRateOut) * 32 | ||
- | |||
- | drawBar (0, inHeight) | ||
- | drawBar (10, PIinHeight) | ||
- | drawBarLOW (0, outHeight) | ||
- | drawBarLOW (10, PIoutHeight) | ||
- | #write rates | ||
- | draw.text((26, | ||
- | draw.text((26, | ||
- | |||
- | draw.text((81, | ||
- | draw.text((81, | ||
- | |||
- | # Batman Clients | ||
- | clients = subprocess.check_output(" | ||
- | draw.text((0, | ||
- | draw.text((10, | ||
- | |||
- | #max rates | ||
- | draw.text((36, | ||
- | draw.text((26, | ||
- | draw.text((26, | ||
- | |||
- | draw.text((90, | ||
- | draw.text((81, | ||
- | draw.text((81, | ||
- | |||
- | disp.image(image) | ||
- | disp.display() | ||
- | </ | ||
- | |||
- | <file bash ~/ | ||
- | # http:// | ||
- | # Some settings may impact device functionality. See link above for details | ||
- | |||
- | # uncomment if you get no picture on HDMI for a default " | ||
- | # | ||
- | |||
- | # uncomment this if your display has a black border of unused pixels visible | ||
- | # and your display can output without overscan | ||
- | # | ||
- | |||
- | # uncomment the following to adjust overscan. Use positive numbers if console | ||
- | # goes off screen, and negative if there is too much border | ||
- | # | ||
- | # | ||
- | # | ||
- | # | ||
- | |||
- | # uncomment to force a console size. By default it will be display' | ||
- | # overscan. | ||
- | # | ||
- | # | ||
- | |||
- | # uncomment if hdmi display is not detected and composite is being output | ||
- | # | ||
- | |||
- | # uncomment to force a specific HDMI mode (this will force VGA) | ||
- | # | ||
- | # | ||
- | |||
- | # uncomment to force a HDMI mode rather than DVI. This can make audio work in | ||
- | # DMT (computer monitor) modes | ||
- | # | ||
- | |||
- | # uncomment to increase signal to HDMI, if you have interference, | ||
- | # no display | ||
- | # | ||
- | |||
- | # uncomment for composite PAL | ||
- | # | ||
- | |||
- | #uncomment to overclock the arm. 700 MHz is the default. | ||
- | # | ||
- | |||
- | # Uncomment some or all of these to enable the optional hardware interfaces | ||
- | # Django : 2019-09-11 | ||
- | # default: # dtparam=i2c_arm=on | ||
- | dtparam=i2c_arm=on | ||
- | # | ||
- | # | ||
- | |||
- | # Uncomment this to enable the lirc-rpi module | ||
- | # | ||
- | |||
- | # Additional overlays and parameters are documented / | ||
- | |||
- | # Enable audio (loads snd_bcm2835) | ||
- | dtparam=audio=on | ||
- | |||
- | [pi4] | ||
- | # Enable DRM VC4 V3D driver on top of the dispmanx display stack | ||
- | dtoverlay=vc4-fkms-v3d | ||
- | max_framebuffers=2 | ||
- | |||
- | [all] | ||
- | # | ||
- | </ | ||
- | |||
- | <file bash ~/ | ||
- | [Unit] | ||
- | # see man systemd.unit | ||
- | Description=Starting OLED-Trafic output | ||
- | Documentation=https:// | ||
- | After=network.target | ||
- | |||
- | [Service] | ||
- | # see man systemd.service, | ||
- | ExecStart=/ | ||
- | StandardOutput=syslog | ||
- | StandardError=syslog | ||
- | |||
- | [Install] | ||
- | WantedBy=default.target | ||
- | </ | ||
- | |||
- | |||
- | === Rolle " | ||
- | == Tasks == | ||
- | <file java ~/ | ||
- | - include: reboot.yml | ||
- | ... #YAML Ende Syntax | ||
- | </ | ||
- | |||
- | <file java ~/ | ||
- | - name: " | ||
- | # https:// | ||
- | reboot: | ||
- | </ | ||
- | |||
- | ==== Download des auf Debian Buster basierenden Raspbian ==== | ||
- | /* | ||
- | Nachdem es aktuell((Stand: | ||
- | |||
- | Eine Anleitung zur manuellen Installation findet man auf der **[[https:// | ||
- | |||
- | $ wget https:// | ||
- | |||
- | Bevor wir nun das Archiv entpacken überprüfen wir noch die Integrität der heruntergeladenen Datei. Hierzu berechnen wir erst einmal die **SHA256**-Prüfsumme der Datei **raspbian_lite_latest**. | ||
- | $ sha256sum raspbian_lite_latest | ||
- | |||
- | 12ae6e17bf95b6ba83beca61e7394e7411b45eba7e6a520f434b0748ea7370e8 | ||
- | |||
- | Die Zeichenfolge überprüfen wir nun mit den Angaben auf der Seite: https:// | ||
- | {{ : | ||
- | |||
- | |||
- | Da sich beide SHA-Werte **__nicht__** unterscheiden können wir das herunter geladene ZIP-Archiv nun entpacken. | ||
- | $ unzip raspbian_lite_latest | ||
- | |||
- | < | ||
- | inflating: 2020-02-13-raspbian-buster-lite.img | ||
- | </ | ||
- | |||
- | :GO: | ||
- | */ | ||
- | |||
- | Nachdem es aktuell((Stand: | ||
- | |||
- | Eine Anleitung zur manuellen Installation findet man auf der **[[https:// | ||
- | |||
- | $ https:// | ||
- | |||
- | Bevor wir nun das Archiv entpacken überprüfen wir noch die Integrität der heruntergeladenen Datei. Hierzu berechnen wir erst einmal die **SHA256**-Prüfsumme der Datei **raspbian_lite_latest**. | ||
- | $ sha256sum 2021-01-11-raspios-buster-armhf-lite.zip | ||
- | |||
- | d49d6fab1b8e533f7efc40416e98ec16019b9c034bc89c59b83d0921c2aefeef | ||
- | |||
- | Die Zeichenfolge überprüfen wir nun mit den Angaben auf der Seite: https:// | ||
- | {{ : | ||
- | |||
- | Da sich beide SHA-Werte **__nicht__** unterscheiden können wir das herunter geladene ZIP-Archiv nun entpacken. | ||
- | $ unzip 2021-01-11-raspios-buster-armhf-lite.zip | ||
- | |||
- | < | ||
- | inflating: 2021-01-11-raspios-buster-armhf-lite.img | ||
- | </ | ||
- | |||
- | ==== Kopieren des Raspbian Images auf die microSD-Karte ==== | ||
- | /* | ||
- | Nun können wir das Image auf die MicroSD Karte, die wir später in den Raspberry 4B stecken kopieren. Wir werfen also am besten einmal einen Blick in das syslog unseres Arbeitsrechners und erkennen so das Device unserer Speicherkarte. | ||
- | # tail -f / | ||
- | |||
- | < | ||
- | Feb 16 21:47:29 T410 kernel: usb 1-1.2: New USB device found, idVendor=1908, | ||
- | Feb 16 21:47:29 T410 kernel: usb 1-1.2: New USB device strings: Mfr=0, Product=0, SerialNumber=0 | ||
- | Feb 16 21:47:29 T410 kernel: usb-storage 1-1.2:1.0: USB Mass Storage device detected | ||
- | Feb 16 21:47:29 T410 kernel: scsi host4: usb-storage 1-1.2:1.0 | ||
- | Feb 16 21:47:29 T410 mtp-probe[38884]: | ||
- | Feb 16 21:47:29 T410 mtp-probe[38884]: | ||
- | Feb 16 21:47:29 T410 mtp-probe[38887]: | ||
- | Feb 16 21:47:29 T410 mtp-probe[38887]: | ||
- | Feb 16 21:47:30 T410 kernel: scsi 4:0:0:0: Direct-Access | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: Attached scsi generic sg2 type 0 | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: [sdb] 62333952 512-byte logical blocks: (31.9 GB/29.7 GiB) | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: [sdb] Write Protect is off | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: [sdb] No Caching mode page found | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through | ||
- | Feb 16 21:47:30 T410 kernel: sdb: sdb1 sdb2 < sdb5 > | ||
- | Feb 16 21:47:30 T410 kernel: sd 4:0:0:0: [sdb] Attached SCSI removable disk | ||
- | Feb 16 21:47:31 T410 kernel: EXT4-fs (sdb5): recovery complete | ||
- | Feb 16 21:47:31 T410 kernel: EXT4-fs (sdb5): mounted filesystem with ordered data mode. Opts: (null) | ||
- | Feb 16 21:47:31 T410 kernel: ext4 filesystem being mounted at / | ||
- | Feb 16 21:47:31 T410 journal[1042]: | ||
- | |||
- | In dem gezeigtem Fall handelt es sich also um die Gerätedatei **''/ | ||
- | |||
- | # dd if=~/ | ||
- | |||
- | Da wir später weder Tastatur noch Monitor an unseren Raspberry 4B anstecken wollen, diesen demnach im **headless**-Mode betreiben wollen und werden, legen wir noch eine Datei **''/ | ||
- | # touch / | ||
- | |||
- | Anschließend können wir nach einem unmounten des Gerätes **''/ | ||
- | |||
- | :GO: | ||
- | */ | ||
- | |||
- | |||
- | Nun können wir das Image auf die MicroSD Karte, die wir später in den Raspberry 4B stecken kopieren. Wir werfen also am besten einmal einen Blick in das syslog unseres Arbeitsrechners und erkennen so das Device unserer Speicherkarte. | ||
- | < | ||
- | |||
- | < | ||
- | Sep 5 21:10:57 Djangos-ThinkPad-X230 kernel: [12795.868313] mmcblk0: mmc0:aaaa SC16G 14.8 GiB | ||
- | Sep 5 21:10:57 Djangos-ThinkPad-X230 kernel: [12795.871017] | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 kernel: [12796.199093] FAT-fs (mmcblk0p1): | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 systemd[1]: Finished Clean the / | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 udisksd[976]: | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 kernel: [12796.302402] EXT4-fs (mmcblk0p2): | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 kernel: [12796.303545] EXT4-fs (mmcblk0p2): | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 systemd[1]: Finished Clean the / | ||
- | Sep 5 21:10:58 Djangos-ThinkPad-X230 udisksd[976]: | ||
- | Sep 5 21:11:09 Djangos-ThinkPad-X230 gnome-terminal-[8119]: | ||
- | |||
- | In dem gezeigtem Fall handelt es sich also um die Gerätedatei **''/ | ||
- | |||
- | < | ||
- | |||
- | Da wir später weder Tastatur noch Monitor an unseren Raspberry 4B anstecken wollen, diesen demnach im **headless**-Mode betreiben wollen und werden, legen wir noch eine Datei **''/ | ||
- | < | ||
- | |||
- | Anschließend können wir nach einem unmounten des Gerätes **''/ | ||
- | |||
- | ==== Ändern des Default-Passwortes und kopieren des SSH-Public-Keys auf den Raspberry 4 ==== | ||
- | |||
- | <WRAP center round important 80%> | ||
- | Der Benutzername lautet **'' | ||
- | </ | ||
- | |||
- | Wir ändern also das Default-Passwort gleich mal ab und packen auch unseren SSH-Public-key auf den Raspberry 4B. Da wir die IP-Adresse, die unser Raspberry vom DHCP-Server zugewiesen bekommt in unserer SSH-Client-Konfigurationsdatei bereits hinterlegt haben, können wir nun den RaspBerry 4B direkt über den definierten Namen **'' | ||
- | $ ssh -l pi raspberry-ansible -o IdentitiesOnly=yes " | ||
- | | ||
- | |||
- | Alternativ dazu müssten wir den Raspberry 4B über die IP-Adresse ansprechen, die dieser zugewiesen bekommt. In dem folgenden Beispiel wäre das die IP-Adresse: **192.168.0.25**: | ||
- | $ ssh -l pi 192.168.0.25 -o IdentitiesOnly=yes " | ||
- | | ||
- | |||
- | In dem folgenden Konfigurationsbeispiel vergeben wir für den Benutzer **'' | ||
- | |||
- | < | ||
- | ECDSA key fingerprint is SHA256: | ||
- | Are you sure you want to continue connecting (yes/ | ||
- | Warning: Permanently added ' | ||
- | pi@10.0.10.29' | ||
- | Current password: raspberry | ||
- | New password: gECzebzn7GYSLvXueECAxeGm7l7 | ||
- | Retype new password: gECzebzn7GYSLvXueECAxeGm7l7 | ||
- | passwd: password updated successfully | ||
- | Changing password for pi. | ||
- | / | ||
- | / | ||
- | / | ||
- | pi@10.0.10.29' | ||
- | |||
- | Number of key(s) added: 1 | ||
- | |||
- | Now try logging into the machine, with: " | ||
- | and check to make sure that only the key(s) you wanted were added. | ||
- | </ | ||
- | |||
- | $ ssh raspberry-ansible | ||
- | |||
- | < | ||
- | <font style=" | ||
- | |||
- | The programs included with the Debian GNU/Linux system are free software; | ||
- | the exact distribution terms for each program are described in the | ||
- | individual files in / | ||
- | |||
- | Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent | ||
- | permitted by applicable law. | ||
- | |||
- | Wi-Fi is currently blocked by rfkill. | ||
- | Use raspi-config to set the country before use. | ||
- | |||
- | <font style=" | ||
- | </ | ||
- | </ | ||
- | |||
- | ==== Starten des Ansible-Playbooks ==== | ||
- | Beim Abarbeiten des ansible-playbook werden zur Konfiguration des Offloaders und dessen Komponenten/ | ||
- | * Batman-Release ([[https:// | ||
- | * [[https:// | ||
- | * Angaben zur [[https:// | ||
- | * Hostname des Offloaders | ||
- | * Kontakt-Adresse des Node-Betreibers | ||
- | * Geographische Breitengrad des Raspberry Offloaders | ||
- | * Geographische Längengrad des Raspberry Offloaders | ||
- | * Funktionen, die der Raspberry Offloader noch ausführen soll: | ||
- | * Soll der Raspberry Offloader ein WLAN ausstrahlen (SSID leitet sich vom Segment-Namen ab)? | ||
- | * Soll der Raspberry Offloader ein Client-VLAN zur Verfügung stellen, wenn ja wie lautet die VLAN-ID? | ||
- | * Soll der Raspberry Offloader ein Mesh-VLAN zur Verfügung stellen, wenn ja wie lautet die VLAN-ID? | ||
- | * Ist an dem Raspberry ein OLE-Display von [[https:// | ||
- | |||
- | === wireguard-offloader.yml === | ||
- | In dem tar.gz-Archiv des Playbooks ist seit Version v4 ((Version v4 vom 12.12.2020)) folgendes ansible-playbooks enthalten: **wireguard-offloader.yml.yml** | ||
- | |||
- | Hier werden die zur Konfiguration benötigten Parameter nicht beim Aufruf des Playbooks abgefragt, sondern in zugehörigen **[[# | ||
- | |||
- | In den Zeilen **'' | ||
- | $ vim ~/ | ||
- | |||
- | < | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | |||
- | === Playbook Lauf === | ||
- | Nachdem wir die Informationen in dem Ansible-Playbook hinterlegt haben, können wir wie gewohnt das Ansible-Scriptes ausführen. | ||
- | $ ansible-playbook ~/ | ||
- | |||
- | < | ||
- | <font style=" | ||
- | PLAY [raspi_offloader.yml] ********************************************************************************************************************************* | ||
- | |||
- | TASK [Gathering Facts] ************************************************************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Hostname ändern] ***************************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Template Konfigurationsdatei für /etc/hosts an Ort und Stelle kopieren und Variablen anpassen] *********************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Beschreibung des User ' | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Service rfkill am Raspberry deaktivieren] **************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Update und Upgrade der APT-Paket] ************************************************************************************************************ | ||
- | <font style=" | ||
- | <font style=" | ||
- | |||
- | TASK [basic : Reboot nach update] ************************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN Installation* : Download des aktuellen BATMAN Archives] ***************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN Installation* : Entpacken des BATMAN-Archives] ************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : Installation des Dynamic Kernel Module Support Framework und der Header Files für den Raspberry Pi OS Linux Kernel] ****** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : Rebuild BATMAN Kernel Header Dateien] ************************************************************************************ | ||
- | <font style=" | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : Anlegen der dkms.conf für Dynamic Kernel Module Support] ***************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : Dynamic Kernel Module Support hinzufügen] ******************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : Dynamic Kernel Module bauen] ********************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN compile* : BATMAN Dynamic Kernel Module installieren] ******************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN load-modules* : Laden der BATMAN Dynamic Kernel Module beim Booten sicherstellen] *************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN load-modules* : dummy Modul laden] ************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN load-modules* : BATMAN-ADV Modul laden] ********************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *buster-backport* : PGP-Schlüssel 04EE7237B7D453EC für buster-backports installieren] ******************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *buster-backport* : PGP-Schlüssel 648ACFD622F3D138 für buster-backports installieren] ******************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *buster-backport* : buster-backports dem System bekannt machen] ***************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *buster-backport* : APT-Cache aktualisieren] ************************************************************************************************ | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *utils-installation* : Installation der bridge-utils] *************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *utils-installation* : Installation der bridge-utils] *************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN-ADV* : Aktivierung von BATMAN_V] **************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN-ADV Interfaces* : Konfiguration des Interfaces] ************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [batman : *BATMAN Installation* : Reboot nach Ende der BATMAN Installationsschritte] ****************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Installation von wireguard] ************************************************************************************************ | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Schlüsselmaterial erstellen] *********************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Zugriffsrechte des Private Keys anpassen] ********************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard : *wireguard* : Zugriffsrechte des Public Keys anpassen] ********************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard : *wireguard* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen] *************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : private-key einlesen und in Variable übergeben] **************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : public-key einlesen und in Variable übergeben] ***************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Socket ermitteln] ********************************************************************************************************** | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | <font style=" | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | |||
- | TASK [wireguard : *wireguard* : link-local des Gateways ermitteln] ****************************************************************************************** | ||
- | <font style=" | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : publickey des Gateways ermitteln] ******************************************************************************************* | ||
- | <font style=" | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Konfigurationsdatei des wireguard-Tunnels erzeugen] ************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : systemd unit file für broker -Information anlegen] ************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Service broker starten beim Booten starten] ********************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Service wireguard via systemd starten] ************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen] ***************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : checkupscript zum Testen der wireguard-Verbindung anlegen] ****************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : Ausführungsrechte des Bash-Scripts anpassen] ******************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [wireguard : *wireguard* : crontab für minütlichen checkup der wireguard-Verbindung anlegen] *********************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [Installation von FASTD] ******************************************************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [Verzeichnis für fastd- Konfigurationsdatei anlegen] *************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [Schlüssel für fastd erstellen] ************************************************************************************************************************ | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : Paketfilter anpassen - Eingehenden VXLAN Verkehr auf dem Mesh-Interface erlauben] *************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : VXLAN-ID des gewählten Segments ermitteln] ****************************************************************************************** | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | <font style=" | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | |||
- | TASK [vxlan : *VXLAN* : link-local des Gateways ermitteln] ************************************************************************************************** | ||
- | <font style=" | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen] ************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : Startupdatei für VXLAN kopieren] **************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : Ausführungsrechte des Bash-Scripts anpassen] **************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : systemd-unitfile anlegen] *********************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : Neues Unitfile dem systemd bekannt geben] ******************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [vxlan : *VXLAN* : Service vxlan via systemd starten] ************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Installation der Pakete git und python3-netifaces] ************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Repo ext-respondd klonen] ************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Systemd Startdatei für respondd kopieren] ********************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Erstellen der resondd Konfigurationsdatei alias.json] ********************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Erstellen der resondd Konfigurationsdatei config.json] ********************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [ext-respondd : Service ext-respondd beim Booten starten] ********************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [hostapd : Paket hostapd für WLAN installieren] ******************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [hostapd : hostapd konfigurieren] ********************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [hostapd : hostapd Konfigurationsdatei anlegen] ******************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [hostapd : wlan0 in Bridge packen] ********************************************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [hostapd : Service hostapd beim Booten und jetzt starten und das Laden der Unit Datei vom Service hostapd ermöglichen] ********************************* | ||
- | <font style=" | ||
- | |||
- | TASK [client-mesh : Konfiguration des Client-VLAN ohne Mesh-Netz] ******************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [client-mesh : vxlan_id für ausgewähltes Segment ermitteln] ******************************************************************************************** | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | <font style=" | ||
- | <font style=" | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | skipping: [raspberry-wireguard] => (item={' | ||
- | |||
- | TASK [client-mesh : Konfiguration des Mesh-VLAN ohne Client-VLAN] ******************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [client-mesh : Konfiguration von Mesh- und Client-VLAN] ************************************************************************************************ | ||
- | <font style=" | ||
- | |||
- | TASK [client-mesh : Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung] **************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [client-mesh : Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung ****************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Für OLED-Konfiguration i2c-bcm2708 in / | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Für OLED-Konfiguration i2c-dev in / | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Installation der für das OLED benötigten Pakete] *********************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Laden des Kernelmodul i2c_arm beim Booten veranlassen] ***************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Reboot nach Konfigurationsänderung] ************************************************************************************************************ | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Repo Adafruit_Python_SSD1306 klonen] *********************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Für OLED-Konfiguration Adafruit_Python_SSD1306 installieren] *********************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Script zur Anzeige klonen] ********************************************************************************************************************* | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Script zur Bandbreitenauslastung anpassen] ***************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Startscript für das OLED anlegen] ************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [oled : Service oled-bandwidth beim Booten starten] **************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | TASK [final : Reboot nach Abschluss der Konfiguration unseres Offloaders] *********************************************************************************** | ||
- | <font style=" | ||
- | |||
- | PLAY RECAP ***************************************************************************************************************************** | ||
- | <font style=" | ||
- | |||
- | </ | ||
- | </ | ||
- | |||
- | Auch hier wird nach Beendigung des Ansible-Laufs der Knoten auf der Freifunkkarte an der gewünschten Stelle auftauchen. | ||
- | Nach dem letzten Reboot, der automatisch ausgeführt wird, finden wir unseren Offloader auf der Freifunkkarte: | ||
- | |||
- | {{ : | ||
- | |||
- | ====== Links ====== | ||
- | * ** [[centos: | ||
- | * ** [[centos: | ||
- | * ** [[centos: | ||
- | * **[[wiki: | ||
- | * **[[http:// |