Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- linux:ansible:ffmuc-rpb4-ol [14.09.2022 14:48. ] – angelegt django
+++ linux:ansible:ffmuc-rpb4-ol [18.11.2024 18:58. ] (aktuell) – Externe Bearbeitung 127.0.0.1
@@ Zeile 11: / Zeile 11: @@
 ====== Inhalt ======
-<WRAP center round alert 30%>
-**ACHTUNG:** Artikel in Überarbeitung!!! **ACHTUNG:**
-</WRAP>
 <WRAP center round tip 90%>
@@ Zeile 146: / Zeile 141: @@
 */
 === Ansible-Konfigurationsdatei ===
+<WRAP center round tip 80%>
+Der ungeduldigen Leser kann auch direkt zur Tat schreiten und das manuelle Anlegen des Verzeichnisses und des Ansible-Scripts überspringen. Mit Folgendem Befehl erledigt man dies sozusagen auf einem Rutsch:
+   $ mkdir ~/ansible ; wget https://gitlab.nausch.org/django/example_8a/-/archive/main/example_8a-main.tar.gz -O - | tar -xz --strip-components=1 -C ~/ansible
+Anschliessend kann man direkt zur Ausführung des Playbooks schreiten:
+   $  ansible-playbook ~/ansible/playbooks/ansible_grundconfig_v1.yml -K
+</WRAP>
 /*
 Als nächstes kopieren wir uns die Vorlage-Konfiguratinsdatei aus dem Verzeichnis **''/etc/ansible/''** in unser Homeverzeichnis.
@@ Zeile 238: / Zeile 242: @@
    $ cd ~/ansible
-   $ git clone https://github.com/Django-BOfH/ffmuc-rpb4-ol.git .
+   $ git clone http://gitlab.nausch.org/django/ffmuc-offloader_rpb4.git .
 Somit ergibt sich folgende Verzeichnis- und Dateistruktur:
 <code>/ansible/
-├── filter_plugins
-│   └── main.yml
-├── inventories
-│   ├── production
-│   │   └── hosts.yml
-│   └── staging
-│       └── hosts.yml
-├── library
-│   └── main.yml
-├── LICENSE
-├── module_utils
-│   └── main.yml
-├── README.md
-├── roles
-│   ├── basic
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── hostname.yml
-│   │   │   ├── hosts.yml
-│   │   │   ├── main.yml
-│   │   │   ├── reboot.yml
-│   │   │   ├── rfkill.yml
-│   │   │   ├── update.yml
-│   │   │   └── usercomment.yml
-│   │   ├── templates
-│   │   │   ├── hosts.j2
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── batman
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── backport.yml
-│   │   │   ├── batmanstart.yml
-│   │   │   ├── compile.yml
-│   │   │   ├── install.yml
-│   │   │   ├── interfaceconfigure.yml
-│   │   │   ├── main.yml
-│   │   │   ├── modulloads.yml
-│   │   │   ├── reboot.yml
-│   │   │   └── utilsinstall.yml
-│   │   ├── templates
-│   │   │   ├── batman-adv.module.j2
-│   │   │   ├── dkms.j2
-│   │   │   ├── interfaces.j2
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── client-mesh
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── batmanmitwifi.yml
-│   │   │   ├── batmanohnewifi.yml
-│   │   │   ├── clientohnemesh.yml
-│   │   │   ├── getvxlanid.yml
-│   │   │   ├── main.yml
-│   │   │   ├── meshohneclient.yml
-│   │   │   └── meshundclient.yml
-│   │   ├── templates
-│   │   │   ├── interfaces_client_ohne_mesh.j2
-│   │   │   ├── interfaces_mesh_mit_client.j2
-│   │   │   ├── interfaces_mesh_ohne_client.j2
-│   │   │   ├── main.yml
-│   │   │   ├── rclocal_both.j2
-│   │   │   └── rclocal_vxlan.j2
-│   │   └── vars
-│   │       └── main.yml
-│   ├── common
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   └── main.yml
-│   │   ├── templates
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── ext-respondd
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── aliasgenerate.yml
-│   │   │   ├── configgenerate.yml
-│   │   │   ├── copyconfig.yml
-│   │   │   ├── gitclone.yml
-│   │   │   ├── gitinstall.yml
-│   │   │   ├── main.yml
-│   │   │   └── servicestartup.yml
-│   │   ├── templates
-│   │   │   ├── ext-respondd_alias.json.j2
-│   │   │   ├── ext-respondd_config.json.j2
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── fastd
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── directorygenerate.yml
-│   │   │   ├── fastdconfigure.yml
-│   │   │   ├── fastdgetsocket.yml
-│   │   │   ├── fastdinstall.yml
-│   │   │   ├── fastdkeygen.yml
-│   │   │   ├── fastdsecretkeyget.yml
-│   │   │   ├── fastdstartup.yml
-│   │   │   └── main.yml
-│   │   ├── templates
-│   │   │   ├── fastd.j2
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── final
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── main.yml
-│   │   │   └── reboot.yml
-│   │   ├── templates
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── hostapd
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── configure.yml
-│   │   │   ├── genconfig.yml
-│   │   │   ├── install.yml
-│   │   │   ├── main.yml
-│   │   │   ├── servicestartup.yml
-│   │   │   └── wlanbridging.yml
-│   │   ├── templates
-│   │   │   ├── hostapd.j2
-│   │   │   ├── main.yml
-│   │   │   └── rclocal_wifi.j2
-│   │   └── vars
-│   │       └── main.yml
-│   ├── kvm_hostgen
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── generate.yml
-│   │   │   └── main.yml
-│   │   ├── templates
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── kvm-new
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   └── main.yml
-│   │   ├── templates
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
-│   ├── oled
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── adafruitclone.yml
-│   │   │   ├── adafruitconfig.yml
-│   │   │   ├── i2c_arm.yml
-│   │   │   ├── i2c-bcm2708.yml
-│   │   │   ├── i2c-dev.yml
-│   │   │   ├── main.yml
-│   │   │   ├── packages.yml
-│   │   │   ├── reboot.yml
-│   │   │   ├── scriptclone.yml
-│   │   │   ├── scriptconfig.yml
-│   │   │   ├── scriptstartup.yml
-│   │   │   └── scriptstart.yml
-│   │   ├── templates
-│   │   │   ├── bandwidth.j2
-│   │   │   ├── config.j2
-│   │   │   ├── main.yml
-│   │   │   └── oled-bandwidth.j2
-│   │   └── vars
-│   │       └── main.yml
-│   ├── vxlan
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── tasks
-│   │   │   ├── configure.yml
-│   │   │   ├── main.yml
-│   │   │   └── vxlanstart.yml
-│   │   ├── templates
-│   │   │   ├── main.yml
-│   │   │   ├── systemd-service-file.j2
-│   │   │   └── vxlan-init.j2
-│   │   └── vars
-│   │       └── main.yml
-│   └── wireguard
-│       ├── defaults
-│       │   └── main.yml
-│       ├── files
-│       │   └── main.yml
-│       ├── handlers
-│       │   └── main.yml
-│       ├── meta
-│       │   └── main.yml
-│       ├── tasks
-│       │   ├── brokerinform.yml
-│       │   ├── checkup.yml
-│       │   ├── configuration.yml
-│       │   ├── genkeys.yml
-│       │   ├── genlinklocal.yml
-│       │   ├── install.yml
-│       │   ├── main.yml
-│       │   ├── radv-filter.yml
-│       │   └── wireguardstart.yml
-│       ├── templates
-│       │   ├── broker.j2
-│       │   ├── checkup.j2
-│       │   ├── crontab.j2
-│       │   ├── main.yml
-│       │   ├── radv-filter.j2
-│       │   └── uplink.j2
-│       └── vars
-│           └── main.yml
-└── wireguard-offloader.yml
-</code>
-==== Kopieren des Ansible-Playbooks ====
-Nun können wir uns "endlich" daran machen unseren Offloader auf Basis eines Raspberry 4B zu bauen. Hierzu greifen wir auf folgendes Playbook zurück und laden es uns auf unseren Rechner:
-  * **{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v6.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v6.tar.gz}}((Version v6 vom 22.02.2021)) ( WireGuard )**
-  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v5.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v5.tar.gz}}((Version v5 vom 17.02.2021)) ( WireGuard )//
-  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v4.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v4.tar.gz}}((Version v4 vom 12.12.2020)) ( WireGuard )//
-  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v3.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v3.tar.gz}}((Version v3 vom 20.11.2020)) ( FASTD )//
-  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v2.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v2.tar.gz}}((Version v2 vom 09.03.2020)) ( FASTD )//
-  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v1.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v1.tar.gz}}((Version v1 vom 14.02.2020)) ( FASTD )//
-   $ wget \
-         https://wiki.mailserver.guru/lib/exe/fetch.php/centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v6.tar.gz \
-         -O ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.tar.gz
-Anschließend entpacken wir es an Ort und Stelle.
-   $ tar -xvf ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.tar.gz
-Somit ergibt sich folgende Verzeichnis- und Dateistruktur:
-<code>ansible
 ├── filter_plugins
 ├── inventories
 │   ├── production
 │   │   ├── group_vars
-│   │   ├── hosts.yml
+│   │   │   └── ffmuc
+│   │   │       ├── gateway_keys
+│   │   │       ├── gateway_link_adresses
+│   │   │       ├── gateway_mesh_vpn_vxlan_ids
+│   │   │       ├── global_vars
+│   │   │       ├── vxlan_ids
+│   │   │       └── wireguard_ports
+│   │   ├── hosts
 │   │   └── host_vars
+│   │       ├── rpb4-ol-a
+│   │       │   └── individual_host_specification
+│   │       ├── rpb4-ol-b
+│   │       │   └── individual_host_specification
+│   │       └── rpb4-ol-p
+│   │           └── individual_host_specification
 │   └── staging
 │       ├── group_vars
@@ Zeile 566: / Zeile 269: @@
 │       └── host_vars
 ├── library
+├── LICENSE
 ├── module_utils
+├── playbooks
+│   └── wireguard-offloader.yml
+├── README.md
 ├── roles
 │   ├── basic
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
@@ Zeile 589: / Zeile 292: @@
 │   │   │   └── usercomment.yml
 │   │   ├── templates
-│   │   │   ├── hosts.j2
+│   │   │   └── hosts.j2
-│   │   │   └── main.yml
 │   │   └── vars
-│   │       └── main.yml
 │   ├── batman
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
-│   │   │   ├── backport.yml
 │   │   │   ├── batmanstart.yml
 │   │   │   ├── compile.yml
@@ Zeile 614: / Zeile 310: @@
 │   │   │   ├── modulloads.yml
 │   │   │   ├── reboot.yml
+│   │   │   ├── rsyslog.yml
 │   │   │   └── utilsinstall.yml
 │   │   ├── templates
+│   │   │   ├── 01-blocklist.j2
 │   │   │   ├── batman-adv.module.j2
 │   │   │   ├── dkms.j2
-│   │   │   ├── interfaces.j2
+│   │   │   └── interfaces.j2
-│   │   │   └── main.yml
 │   │   └── vars
-│   │       └── main.yml
 │   ├── client-mesh
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
@@ Zeile 646: / Zeile 338: @@
 │   │   │   ├── interfaces_mesh_mit_client.j2
 │   │   │   ├── interfaces_mesh_ohne_client.j2
-│   │   │   ├── main.yml
 │   │   │   ├── rclocal_both.j2
 │   │   │   └── rclocal_vxlan.j2
 │   │   └── vars
-│   │       └── main.yml
 │   ├── common
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
 │   │   │   └── main.yml
 │   │   ├── templates
-│   │   │   └── main.yml
 │   │   └── vars
-│   │       └── main.yml
 │   ├── ext-respondd
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
 │   │   │   ├── aliasgenerate.yml
+│   │   │   ├── bugfixing.yml
 │   │   │   ├── configgenerate.yml
 │   │   │   ├── copyconfig.yml
@@ Zeile 691: / Zeile 372: @@
 │   │   ├── templates
 │   │   │   ├── ext-respondd_alias.json.j2
-│   │   │   ├── ext-respondd_config.json.j2
+│   │   │   └── ext-respondd_config.json.j2
-│   │   │   └── main.yml
 │   │   └── vars
-│   │       └── main.yml
-│   ├── fastd
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── library
-│   │   ├── lookup_plugin
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── module_utils
-│   │   ├── tasks
-│   │   │   ├── directorygenerate.yml
-│   │   │   ├── fastdconfigure.yml
-│   │   │   ├── fastdgetsocket.yml
-│   │   │   ├── fastdinstall.yml
-│   │   │   ├── fastdkeygen.yml
-│   │   │   ├── fastdsecretkeyget.yml
-│   │   │   ├── fastdstartup.yml
-│   │   │   └── main.yml
-│   │   ├── templates
-│   │   │   ├── fastd.j2
-│   │   │   └── main.yml
-│   │   └── vars
-│   │       └── main.yml
 │   ├── final
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
@@ Zeile 737: / Zeile 386: @@
 │   │   │   └── reboot.yml
 │   │   ├── templates
-│   │   │   └── main.yml
 │   │   └── vars
-│   │       └── main.yml
 │   ├── hostapd
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
@@ Zeile 761: / Zeile 404: @@
 │   │   ├── templates
 │   │   │   ├── hostapd.j2
-│   │   │   ├── main.yml
 │   │   │   └── rclocal_wifi.j2
 │   │   └── vars
-│   │       └── main.yml
-│   ├── oled
-│   │   ├── defaults
-│   │   │   └── main.yml
-│   │   ├── files
-│   │   │   └── main.yml
-│   │   ├── handlers
-│   │   │   └── main.yml
-│   │   ├── library
-│   │   ├── lookup_plugin
-│   │   ├── meta
-│   │   │   └── main.yml
-│   │   ├── module_utils
-│   │   ├── tasks
-│   │   │   ├── adafruitclone.yml
-│   │   │   ├── adafruitconfig.yml
-│   │   │   ├── i2c_arm.yml
-│   │   │   ├── i2c-bcm2708.yml
-│   │   │   ├── i2c-dev.yml
-│   │   │   ├── main.yml
-│   │   │   ├── packages.yml
-│   │   │   ├── reboot.yml
-│   │   │   ├── scriptclone.yml
-│   │   │   ├── scriptconfig.yml
-│   │   │   ├── scriptstartup.yml
-│   │   │   └── scriptstart.yml
-│   │   ├── templates
-│   │   │   ├── bandwidth.j2
-│   │   │   ├── config.j2
-│   │   │   ├── main.yml
-│   │   │   └── oled-bandwidth.j2
-│   │   └── vars
-│   │       └── main.yml
 │   ├── vxlan
 │   │   ├── defaults
-│   │   │   └── main.yml
 │   │   ├── files
-│   │   │   └── main.yml
 │   │   ├── handlers
-│   │   │   └── main.yml
 │   │   ├── library
 │   │   ├── lookup_plugin
 │   │   ├── meta
-│   │   │   └── main.yml
 │   │   ├── module_utils
 │   │   ├── tasks
@@ Zeile 814: / Zeile 419: @@
 │   │   │   └── vxlanstart.yml
 │   │   ├── templates
-│   │   │   ├── main.yml
 │   │   │   ├── systemd-service-file.j2
 │   │   │   └── vxlan-init.j2
 │   │   └── vars
-│   │       └── main.yml
 │   └── wireguard
 │       ├── defaults
-│       │   └── main.yml
 │       ├── files
-│       │   └── main.yml
 │       ├── handlers
-│       │   └── main.yml
 │       ├── library
 │       ├── lookup_plugin
 │       ├── meta
-│       │   └── main.yml
 │       ├── module_utils
 │       ├── tasks
@@ Zeile 839: / Zeile 438: @@
 │       │   ├── install.yml
 │       │   ├── main.yml
+│       │   ├── radv-filter.yml
 │       │   └── wireguardstart.yml
 │       ├── templates
@@ Zeile 844: / Zeile 444: @@
 │       │   ├── checkup.j2
 │       │   ├── crontab.j2
-│       │   ├── main.yml
+│       │   ├── radv-filter.j2
 │       │   └── uplink.j2
 │       └── vars
-│           └── main.yml
 └── wireguard-offloader.yml
 </code>
+==== Kopieren des Ansible-Playbooks ====
+Alternativ zu einem **''git clone ...''** können wir natürlich das **tar.gz**-Archiv per wget holen. Hierzu greifen wir auf folgendes Playbook zurück und laden es uns auf unseren Rechner:
+  * **[[https://gitlab.nausch.org/django/ffmuc-offloader_rpb4/-/archive/main/ffmuc-offloader_rpb4-main.tar.gz|ffmuc-offloader_rpb4-main.tar.gz]](( (gitlab-hosted) Version v6 vom 22.02.2021)) ( WireGuard )**
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v6.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v6.tar.gz}}((Version v6 vom 22.02.2021)) ( WireGuard )//
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v5.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v5.tar.gz}}((Version v5 vom 17.02.2021)) ( WireGuard )//
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v4.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v4.tar.gz}}((Version v4 vom 12.12.2020)) ( WireGuard )//
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v3.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v3.tar.gz}}((Version v3 vom 20.11.2020)) ( FASTD )//
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v2.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v2.tar.gz}}((Version v2 vom 09.03.2020)) ( FASTD )//
+  * //{{:centos:ansible:ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v1.tar.gz|ansible-playbook-ffmuc-offloader-auf_basis_raspberry-4b.v1.tar.gz}}((Version v1 vom 14.02.2020)) ( FASTD )//
+   $ wget https://gitlab.nausch.org/django/ffmuc-offloader_rpb4/-/archive/main/ffmuc-offloader_rpb4-main.tar.gz
+Anschliessend entpacken wir es an Ort und Stelle.
+   $ tar -xvf ffmuc-offloader_rpb4-main.tar.gz
 ==== Aufbau des Ansible-Playbooks - Inhalte ====
 Nachfolgend finden wir die Inhalte der einzelnen Dateien die im ansible-playbook enthalten sind:
 === Inventory-Definition ===
-<file java ~/ansible/inventories/production/hosts.yml>--- #YAML start syntax (optional)
+Das Inventory ist aufgeteilt in einzelne Dateien. Die Definition der Hosts erfolgt via **''hosts''**-Datei:
-ffmuc:
+<file bash ~/ansible/inventories/production/hosts># Django : 2022-04-06
-  children:
-    ffmuc_deb:
-      vars:
-        ansible_ssh_user: pi
-      hosts:
-        raspberry-wireguard:
-          wireguard_ports:
-            muc_cty:            40002
-            muc_nord:           40003
-            muc_ost:            40004
-            muc_sued:           40005
-            muc_west:           40006
-            uml_nord:           40007
-            uml_ost:            40008
-            uml_sued:           40009
-            uml_west:           40010
-            gauting:            40012
-            freising:           40013
-            welt:               40011
-          vxlan_ids:
-            muc_cty:            10758607
-            muc_nord:           15521492
-            muc_ost:            2948862
-            muc_sued:           8599288
-            muc_west:           7318933
-            uml_nord:           5705961
-            uml_ost:            4892713
-            uml_sued:           16544703
-            uml_west:           16677749
-            gauting:            16175732
-            freising:           12937858
-            welt:               16306234
-          gw_linklocal:
-            gw04:               "fe80::27c:16ff:fec0:6c74"
-            gw05:               "fe80::281:8eff:fef0:73aa"
-            gw06:               "fe80::2a2:e4ff:fef9:2269"
-            gw07:               "fe80::23b:d2ff:fe95:967f"
-          gw_publickey:
-            gw04:               "TszFS3oFRdhsJP3K0VOlklGMGYZy+oFCtlaghXJqW2g="
-            gw05:               "igyqOmWiz4EZxPG8ZzU537MnHhaqlwfa7HarB3KmnEg="
-            gw06:               "pkRaUOoLuuHnUt9BEGeKrhF3OMYBPecc0iYkika6uhE="
-            gw07:               "PcKkakZcTEx3LKh+G06Opb8/esg08aWK33A5/Ff1YXE="
-          gw_vxlan_ids:
-            muc_cty:            3836090
-            muc_nord:           1920014
-            muc_ost:            12097488
-            muc_sued:           12815947
-            muc_west:           29149
-            uml_nord:           403289
-            uml_ost:            12645856
-            uml_sued:           12090508
-            uml_west:           935867
-            gauting:            4681119
-            freising:           4669918
-            welt:               4831583
-          batman_adv_version:   "2020.4"
-          ffmuc_segment:        "muc_ost"
-          ffmuc_gateway:        "gw04"
-          raspberry_hostname:   "raspbian-ansible-offloader"
-          node_contact_address: "https://bit.ly/2VxGoXp"
-          raspberry_latitude:   "48.239094621"
-          raspberry_longitude:  "11.558936834"
-          raspberry_wifi:       "ja"
-          raspberry_clientvlan: "123"
-          raspberry_meshvlan:   "456"
-          raspberry_oled:       "ja"
-          dtparam:              "i2c_arm=on"
-... #YAML ende syntax (optional)
-</file>
+# Definition einer Hostgruppe "ffmuc"
+[ffmuc]
+# Auflistung aller Hosts, die der vorgenannten Hostgruppe angehören.
+rpb4-ol-a
+rpb4-ol-b
+rpb4-ol-p</file>
+Je Host den wir bearbeiten wollen definieren wir dann dessen Eigenschaften in der Datei **''individual_host_specification''** im zugehörigen Unterverzeichnis. Beim Host ** rpb4-ol-b** als Beispiel liegt die individuelle Hostkonfiguration demnach hier:
+   $ less ~/ansible/inventories/production/host_vars/rpb4-ol-b/individual_host_specification
+<file bash ..inventories/production/host_vars/rpb4-ol-b/individual_host_specification># IP-Adresse unseres Raspberry in unserem eigenen lokalen Netzwerk
+# stationäre schwarzes Plastikgehäuse Raspberry 4B mit PoE-HAT und Display
+# MAC: dc:a6:32:22:f0:f2
+ansible_ssh_host: 192.168.0.22
+ansible_port: 22
+ansible_user: pi
+ansible_ssh_private_key_file: ~/.ssh/id_ed25519_freifunk
+#
+batman_adv_version: "2022.1"
+ffmuc_segment: "muc_ost"
+ffmuc_gateway: "gw06"
+raspberry_hostname: "ff_pliening_rpb4_ol_v6"
+node_contact_address: "hier entlang => https://bit.ly/2VxGoXp"
+raspberry_latitude: "48.198757565"
+raspberry_longitude: "11.798020899"
+raspberry_wifi: "true"
+raspberry_clientvlan: "4"
+raspberry_meshvlan: "2"
+raspberry_oled: "false"</file>
+<WRAP center round important 60%>
+Hier passen wir natürlich die Parameter unserer eigenen Umgebung an, damit diese richtig später vom ansible-script auch gesetzt werden!
+</WRAP>
+Im Verzeichnis **''../group_vars/ffmuc/''** finden sich alle System-/FFMUC-spezifischen Definitionen, die hier **__nicht__** verändert werden müssen!
+<code>../group_vars/ffmuc/
+├── gateway_keys
+├── gateway_link_adresses
+├── gateway_mesh_vpn_vxlan_ids
+├── global_vars
+├── vxlan_ids
+└── wireguard_ports</code>
+Der interessierte Leser kann hier natürlich bei Interesse jeweils einen Blick hinein werfen.
+   $ less ~/ansible/inventories/production/group_vars/ffmuc/..
+<file bash gateway_keys># aus https://github.com/freifunkMUC/site-ffm/blob/stable/domains/ "publickey"
+gw_publickey:
+  gw04: "TszFS3oFRdhsJP3K0VOlklGMGYZy+oFCtlaghXJqW2g="
+  gw05: "igyqOmWiz4EZxPG8ZzU537MnHhaqlwfa7HarB3KmnEg="
+  gw06: "pkRaUOoLuuHnUt9BEGeKrhF3OMYBPecc0iYkika6uhE="
+  gw07: "PcKkakZcTEx3LKh+G06Opb8/esg08aWK33A5/Ff1YXE="</file>
+<file bash gateway_link_adresses># aus https://github.com/freifunkMUC/site-ffm/blob/stable/domains/ "link_address"
+gw_linklocal:
+  gw04: "fe80::27c:16ff:fec0:6c74"
+  gw05: "fe80::281:8eff:fef0:73aa"
+  gw06: "fe80::2a2:e4ff:fef9:2269"
+  gw07: "fe80::23b:d2ff:fe95:967f"</file>
+<file bash gateway_mesh_vpn_vxlan_ids># https://ffmuc.net/wiki/doku.php?id=knb:rpb4_wg#berechnung_der_mesh_vpn_vxlan_id
+gw_vxlan_ids:
+  muc_cty:  3836090
+  muc_nord: 1920014
+  muc_ost:  12097488
+  muc_sued: 12815947
+  muc_west: 29149
+  uml_nord: 403289
+  uml_ost:  12645856
+  uml_sued: 12090508
+  uml_west: 935867
+  gauting:  4681119
+  freising: 4669918
+  welt:     4831583
+  augsburg: 2962115</file>
+<file bash global_vars>ansible_ssh_user: pi
+dtparam: "i2c_arm=on"</file>
+<file bash vxlan_ids># Die vxlan id berechnet sich aus dem domain_seed: https://ffmuc.net/wiki/doku.php?id=knb:rpb4_wg#mesh_per_vxlan1
+vxlan_ids:
+  muc_cty:  10758607
+  muc_nord: 15521492
+  muc_ost:  2948862
+  muc_sued: 8599288
+  muc_west: 7318933
+  uml_nord: 5705961
+  uml_ost:  4892713
+  uml_sued: 16544703
+  uml_west: 16677749
+  gauting:  16175732
+  freising: 12937858
+  welt:     16306234
+  augsburg: 10700201q</file>
+<file bash wireguard_ports>wireguard_ports:
+  muc_cty:  40002
+  muc_nord: 40003
+  muc_ost:  40004
+  muc_sued: 40005
+  muc_west: 40006
+  uml_nord: 40007
+  uml_ost:  40008
+  uml_sued: 40009
+  uml_west: 40010
+  gauting:  40012
+  freising: 40013
+  welt:     40011
+  augsburg: 40014</file>
 === Playbook "main" ===
-<file java ~/ansible/wireguard-offloader.yml>--- # Ansible Playbook für (statische) Konfiguration eines Offloader auf Basis eines Raspberry PI 4B
+<file c++ ~/ansible/wireguard-offloader.yml>--- # Start der YML Datei
-- name:         raspi_offloader_file.yml
+# Ansible Playbook für (statische) Konfiguration eines Offloader auf Basis eines Raspberry PI 4B
-  hosts:        raspberry-wireguard
+# Aufruf via $ ansible-playbook playbooks/wireguard-offloader.yml für alle Hosts der Gruppe
-  become:       yes
+# bzw. $ ansible-playbook playbooks/wireguard-offloader.yml --limit rpb4-ol-a für nur einen
-  become_user:  root
+# Host mit dem Namen rpb4 aus derm inventory
+- name: wireguard-offloader.yml         # Name des Playbooks
+  hosts: ffmuc                          # Hostgruppe für die das Playbook gelten soll
+  become: true                          # Rechteerweiterung am Zielsystem via sudo/su
+  become_user: root                     # Nutzer für die Ansible Aufgaben auf dem Remote-System
   roles:
-    - basic         # Basiskonfiguration des Hosts (Host-/Username anpassen und System Updaten)
+    - role: basic                       # Basiskonfiguration des Hosts (Host-/Username anpassen und System Updaten)
-    - batman        # Installation und Konfiguration der BATMAN Kernel-Module
+      tags: basic
-    - wireguard     # Installation und Konfiguration des wireguard Tunnels
+    - role: batman                      # Installation und Konfiguration der BATMAN Kernel-Module
-    - vxlan         # Konfiguration von VXLAN für wireguard-Tunnel-Verbindung in Richtung Gateway
+      tags: batmam                      #
-    - ext-respondd  # Installation und Konfiguration des ext-respondd (Statistiken für https://map.ffmuc.net)
+    - role: wireguard                   # Installation und Konfiguration des wireguard Tunnels
-    - hostapd       # Installation und Konfiguration des hostap Treibers für den WiFi-Support
+      tags: wireguard                   #
-    - client-mesh   # Grundkonfiguration von Client und/oder Meshing (V)LANs
+    - role: vxlan                       # Konfiguration von VXLAN für wireguard-Tunnel-Verbindung in Richtung Gateway
-    - oled          # Konfiguration eines OLEDisplays sofern eines am Respberry 4B verbaut ist
+      tags: vxlan                       #
-    - final         # Reboot nach Abschluss der Konfiguration unseres Offloaders
+    - role: ext-respondd                # Installation und Konfiguration des ext-respondd (Statistiken für https://map.ffmuc.net)
+      tags: ext-respondd                #
+    - role: hostapd                     # Installation und Konfiguration des hostap Treibers für den WiFi-Support
+      when: ( raspberry_wifi == true )  #
+      tags: hostapd                     #
+    - role: client-mesh                 # Grundkonfiguration von Client und/oder Meshing (V)LANs
+      tags: client-mesh                 #
+    - role: final                       # Reboot nach Abschluss der Konfiguration unseres Offloaders
+      tags: final                       #
 ... # YML Ende
 </file>
@@ Zeile 949: / Zeile 611: @@
 === Rolle "basic" ===
 == Tasks ==
-<file java ~/ansible/roles/basic/tasks/main.yml>--- # Grundkonfiguration und Systemupgrade des Raspberry Pi OS
+<file c++ ~/ansible/roles/basic/tasks/main.yml>---                                     # Grundkonfiguration und Systemupgrade des Raspberry Pi OS
 - include: hostname.yml                 # Hostname ändern
 - include: hosts.yml                    # /etc/hosts anpassen
@@ Zeile 955: / Zeile 617: @@
 - include: rfkill.yml                   # Service rfkill bei Raspberry Pi OS deaktivieren
 - include: update.yml                   # Update und Upgrade der APT-Pakete
-- include: reboot.yml                   # Reboot nach update
+- include: reboot.yml                   # Reboot nach Abschluss der Erstinstallation/-konfiguration
-</file>
+...</file>
-<file java ~/ansible/roles/basic/tasks/hostname.yml>---
+<file c++ ~/ansible/roles/basic/tasks/hostname.yml>---
-  - name: "Hostname ändern"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell:
-      cmd: hostnamectl set-hostname {{ raspberry_hostname }}
-</file>
-<file java ~/ansible/roles/basic/tasks/hosts.yml>---
+- name: "Hostname ändern"
-  - name: "Template Konfigurationsdatei für /etc/hosts an Ort und Stelle kopieren und Variablen anpassen"
+  ansible.builtin.command:
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+    cmd: hostnamectl set-hostname {{ raspberry_hostname }}
-    template:
+  changed_when: false
-      src: templates/hosts.j2
-      dest: /etc/hosts
-</file>
-<file java ~/ansible/roles/basic/tasks/usercomment.yml>---
+...
-  - name: "Beschreibung des User 'pi' anpassen"
-    # https://docs.ansible.com/ansible/latest/modules/user_module.htm
-    user:
-      name: pi
-      comment: "Raspberry Pi OS System User"
-      state: present
 </file>
-<file java ~/ansible/roles/basic/tasks/rfkill.yml>---
+<file c++ ~/ansible/roles/basic/tasks/hosts.yml>---
-  - name: "Service rfkill am Raspberry deaktivieren"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell:
-      cmd: rfkill unblock wifi
-</file>
-<file java ~/ansible/roles/basic/tasks/update.yml>---
+- name: "Template Konfigurationsdatei für /etc/hosts an Ort und Stelle kopieren und Variablen anpassen"
-  - name: "Update und Upgrade der APT-Pakete"
+  ansible.builtin.template:
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+    src: templates/hosts.j2
-    apt:
+    dest: /etc/hosts
-      upgrade: dist
+    owner: root
-      update_cache: yes
+    group: root
+    mode: '0644'
+...
 </file>
-<file java ~/ansible/roles/basic/tasks/reboot.yml>---
+<file c++ ~/ansible/roles/basic/tasks/usercomment.yml>---
-  - name: "Reboot nach update"
-    # https://docs.ansible.com/ansible/latest/modules/reboot_module.html
+- name: "Beschreibung des User 'pi' anpassen"
-    reboot:
+  ansible.builtin.user:
-</file>
+    name: pi
+    comment: "Raspberry Pi OS System User"
+    state: present
+...</file>
+<file c++ ~/ansible/roles/basic/tasks/rfkill.yml>---
+- name: "Service rfkill am Raspberry deaktivieren"
+  ansible.builtin.command:
+    cmd: rfkill unblock wifi
+  changed_when: false
+...</file>
+<file c++ ~/ansible/roles/basic/tasks/update.yml>---
+- name: "Zuerst 'apt-get update' ausführen"
+  ansible.builtin.apt:
+    update_cache: true
+- name: "Alle installierten Pakete Updaten"
+  ansible.builtin.apt:
+    name: "*"
+    state: latest
+...</file>
+<file c++ ~/ansible/roles/basic/tasks/reboot.yml>---
+- name: "Reboot nach update"
+  ansible.builtin.reboot:
+...</file>
 == Templates ==
 <file java ~/ansible/roles/basic/templates/hosts.j2>127.0.0.1	localhost {{ raspberry_hostname }}
@@ Zeile 1010: / Zeile 689: @@
 === Rolle "batman" ===
 == Tasks ==
-<file java ~/ansible/roles/batman/tasks/main.yml>--- # Installation und Konfiguration von BATMAN
+<file c++ ~/ansible/roles/batman/tasks/main.yml>--- # Installation und Konfiguration von BATMAN
 - include: install.yml                  # Download des aktuellen BATMAN Archives
 - include: compile.yml                  # BATMAN Kernel-Module erzeugen
 - include: modulloads.yml               # MATMAN-ADV und DUMMY Module laden
-- include: backport.yml                 # Buster-backports für Installation von batctl vorbereiten
+- include: utilsinstall.yml             # Installation der bridge-utils und batctl
-- include: utilsinstall.yml             # Installation der bridge-utils und batctl
 - include: batmanstart.yml              # Aktivierung von BATMAN_V
 - include: interfaceconfigure.yml       # Konfiguration der Interfaces
-- include: reboot.yml                   # Rebot nach Ende des Installationsschritts
+- include: rsyslog.yml                  # syslog-Anpassungen
-</file>
+- include: reboot.yml                   # Reboot nach Ende des Installationsschritts
+... # YML Ende</file>
-<file java ~/ansible/roles/batman/tasks/install.yml>---
+<file c++ ~/ansible/roles/batman/tasks/install.yml>---
-  - name: "*BATMAN Installation* : Download des aktuellen BATMAN Archives"
-    # https://docs.ansible.com/ansible/latest/modules/get_url_module.html
-    get_url:
-      url: https://downloads.open-mesh.org/batman/releases/batman-adv-{{ batman_adv_version }}/batman-adv-{{ batman_adv_version }}.tar.gz
-      dest: /usr/src/batman-adv-{{ batman_adv_version }}.tar.gz
-      mode: '0644'
-  - name: "*BATMAN Installation* : Entpacken des BATMAN-Archives"
+- name: "Download des aktuellen BATMAN Archives"
-    # https://docs.ansible.com/ansible/latest/modules/unarchive_module.html
+  ansible.builtin.get_url:
-    unarchive:
+    url: https://downloads.open-mesh.org/batman/releases/batman-adv-{{ batman_adv_version }}/batman-adv-{{ batman_adv_version }}.tar.gz
-      src: /usr/src/batman-adv-{{ batman_adv_version }}.tar.gz
+    dest: /usr/src/batman-adv-{{ batman_adv_version }}.tar.gz
-      dest: /usr/src
+    mode: '0644'
-      remote_src: yes
-</file>
-<file java ~/ansible/roles/batman/tasks/compile.yml>---
+- name: "Entpacken des BATMAN-Archives"
-  - name: "*BATMAN compile* : Installation des Dynamic Kernel Module Support Framework und der Header Files für den Raspberry Pi OS Linux Kernel"
+  ansible.builtin.unarchive:
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+    src: /usr/src/batman-adv-{{ batman_adv_version }}.tar.gz
-    apt:
+    dest: /usr/src
-      update_cache: yes
+    remote_src: true
-      pkg:
-        - dkms
-        - raspberrypi-kernel-headers
-      state: present
-  - name: "*BATMAN compile* : Rebuild BATMAN Kernel Header Dateien"
+...</file>
-    # https://docs.ansible.com/ansible/latest/modules/make_module.html
-    make:
-      chdir: /usr/src/linux-headers-{{ ansible_kernel }}
-      target: scripts
-    ignore_errors: yes
-  - name: "*BATMAN compile* : Anlegen der dkms.conf für Dynamic Kernel Module Support"
+<file c++ ~/ansible/roles/batman/tasks/compile.yml>---
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/dkms.j2
-      dest: /usr/src/batman-adv-{{ batman_adv_version }}/dkms.conf
-  - name: "*BATMAN compile* : Dynamic Kernel Module Support hinzufügen"
+- name: "Installation des Dynamic Kernel Module Support Framework und der Header Files für den Raspberry Pi OS Linux Kernel"
-    # https://docs.ansible.com/ansible/latest/modules/command_module.html
+  ansible.builtin.apt:
-    command: dkms add -m batman-adv -v {{ batman_adv_version }}
+    update_cache: true
-    register: ret
+    pkg:
-    failed_when: ret.rc != 0 and ret.rc != 3
+      - dkms
-    changed_when: ret.rc == 0
+      - raspberrypi-kernel-headers
+    state: present
-  - name: "*BATMAN compile* : Dynamic Kernel Module bauen"
+- name: "Rebuild BATMAN Kernel Header Dateien"
-    # https://docs.ansible.com/ansible/latest/modules/command_module.html
+  community.general.make:
-    command: dkms build -m batman-adv -v {{ batman_adv_version }}
+    chdir: /usr/src/linux-headers-{{ ansible_kernel }}
+    target: scripts
+  ignore_errors: true
-  - name: "*BATMAN compile* : BATMAN Dynamic Kernel Module installieren"
+- name: "Anlegen der dkms.conf für Dynamic Kernel Module Support"
-    # https://docs.ansible.com/ansible/latest/modules/command_module.html
+  ansible.builtin.template:
-    command: dkms install -m batman-adv -v {{batman_adv_version }}
+    src: templates/dkms.j2
-</file>
+    dest: /usr/src/batman-adv-{{ batman_adv_version }}/dkms.conf
+    owner: root
+    group: root
+    mode: '0644'
-<file java ~/ansible/roles/batman/tasks/modulloads.yml>---
+- name: "Dynamic Kernel Module Support hinzufügen"
-  - name: "*BATMAN load-modules* : Laden der BATMAN Dynamic Kernel Module beim Booten sicherstellen"
+  ansible.builtin.command:
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+    cmd: dkms add -m batman-adv -v {{ batman_adv_version }}
-    template:
+  register: ret
-      src: templates/batman-adv.module.j2
+  failed_when: ret.rc != 0 and ret.rc != 3
-      dest: /etc/modules-load.d/batman-adv.module.conf
+  changed_when: ret.rc == 0
-  - name: "*BATMAN load-modules* : dummy Modul laden"
+- name: "Dynamic Kernel Module bauen"
-    # https://docs.ansible.com/ansible/latest/modules/modprobe_module.html
+  ansible.builtin.command:
-    modprobe:
+    cmd: dkms build -m batman-adv -v {{ batman_adv_version }}
-      name: dummy
+  changed_when: false
-      state: present
-  - name: "*BATMAN load-modules* : BATMAN-ADV Modul laden"
+- name: "BATMAN Dynamic Kernel Module installieren"
-    # https://docs.ansible.com/ansible/latest/modules/modprobe_module.html
+  ansible.builtin.command:
-    modprobe:
+    cmd: dkms install -m batman-adv -v {{ batman_adv_version }}
-      name: batman_adv
+  changed_when: false
-      state: present
-</file>
-<file java ~/ansible/roles/batman/tasks/backport.yml>---
+...</file>
-  - name: "*buster-backport* : PGP-Schlüssel 04EE7237B7D453EC für buster-backports installieren"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell:
-      cmd: apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-key 04EE7237B7D453EC
-  - name: "*buster-backport* : PGP-Schlüssel 648ACFD622F3D138 für buster-backports installieren"
+<file c++ ~/ansible/roles/batman/tasks/modulloads.yml>---
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell:
-      cmd: apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-key 648ACFD622F3D138
-  - name: "*buster-backport* : buster-backports dem System bekannt machen"
+- name: "Laden der BATMAN Dynamic Kernel Module beim Booten sicherstellen"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
+  ansible.builtin.template:
-    shell:
+    src: templates/batman-adv.module.j2
-      cmd: echo "deb http://deb.debian.org/debian buster-backports main" | tee /etc/apt/sources.list.d/buster-backports.list
+    dest: /etc/modules-load.d/batman-adv.module.conf
+    owner: root
+    group: root
+    mode: '0644'
-  - name: "*buster-backport* : APT-Cache aktualisieren"
+- name: "BATMAN dummy Modul laden"
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+  community.general.modprobe:
-    apt:
+    name: dummy
-      update_cache: yes
+    state: present
-</file>
-<file java ~/ansible/roles/batman/tasks/utilsinstall.yml>---
+- name: "BATMAN-ADV Modul laden"
-  - name: "*utils-installation* : Installation der bridge-utils"
+  community.general.modprobe:
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+    name: batman_adv
-    apt:
+    state: present
-      #update_cache: yes
-      pkg:
+...</file>
-       - bridge-utils
-       - dnsutils
+<file c++ ~/ansible/roles/batman/tasks/utilsinstall.yml>---
-       - vim
-      state: present
-  - name: "*utils-installation* : Installation der bridge-utils"
+- name: "Installation der bridge-utils"
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+  ansible.builtin.apt:
-    apt:
+    pkg:
-      #update_cache: yes
+      - bridge-utils
-      pkg:
+      - dnsutils
+      - vim
+    state: present
+- name: "Installation des batctl-packages"
+  ansible.builtin.apt:
+    pkg:
       - batctl
-      default_release: buster-backports
+    default_release: "/^bullseye(|-security|-updates)$/"
-      state: present
+    state: present
-</file>
-<file java ~/ansible/roles/batman/tasks/batmanstart.yml>---
+...</file>
-  - name: "*BATMAN-ADV* : Aktivierung von BATMAN_V"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell:
-      cmd: batctl ra BATMAN_V
-</file>
-<file java ~/ansible/roles/batman/tasks/interfaceconfigure.yml>---
+<file c++ ~/ansible/roles/batman/tasks/batmanstart.yml>---
-  - name: "*BATMAN-ADV Interfaces* : Konfiguration des Interfaces"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/interfaces.j2
-      dest: /etc/network/interfaces
-</file>
-<file java ~/ansible/roles/batman/tasks/reboot.yml>---
+- name: "Aktivierung von BATMAN_V"
-  - name: "*BATMAN Installation* : Reboot nach Ende der BATMAN Installationsschritte"
+  ansible.builtin.command:
-    # https://docs.ansible.com/ansible/latest/modules/reboot_module.html
+    cmd: batctl ra BATMAN_V
-    reboot:
+  changed_when: false
-</file>
+...</file>
+<file c++ ~/ansible/roles/batman/tasks/interfaceconfigure.yml>---
+- name: "Konfiguration des Interfaces"
+  ansible.builtin.template:
+    src: templates/interfaces.j2
+    dest: /etc/network/interfaces
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/batman/tasks/rsyslog.yml>---
+- name: "rsyslog konfigurieren, damit received packet ... with own address as source address im syslog unterdrückit werden"
+  template:
+    src: templates/01-blocklist.j2
+    dest: /etc/rsyslog.d/01-blocklist.conf
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/batman/tasks/reboot.yml>---
+- name: "Reboot nach Ende der BATMAN Installationsschritte"
+  ansible.builtin.reboot:
+...</file>
 == Templates ==
-<file java ~/ansible/roles/batman/templates/batman-adv.module.j2>#
+<file c++ ~/ansible/roles/batman/templates/01-blocklist.j2>:msg,contains,": received packet on bat-{{ ffmuc_segment }} with own address as source address " STOP</file>
+<file c++ ~/ansible/roles/batman/templates/batman-adv.module.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+#
 # Load batman-adv module on system boot
 #
 batman-adv
-dummy
+dummy</file>
-</file>
-<file java ~/ansible/roles/batman/templates/dkms.j2>PACKAGE_NAME=batman-adv
+<file c++ ~/ansible/roles/batman/templates/dkms.j2>PACKAGE_NAME=batman-adv
 PACKAGE_VERSION={{ batman_adv_version }}
@@ Zeile 1178: / Zeile 860: @@
 CLEAN="'make' clean"
-AUTOINSTALL="yes"
+AUTOINSTALL="yes"</file>
-</file>
-<file java ~/ansible/roles/batman/templates/interfaces.j2># interfaces(5) file used by ifup(8) and ifdown(8)
+<file c++ ~/ansible/roles/batman/templates/interfaces.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+# interfaces(5) file used by ifup(8) and ifdown(8)
 # Please note that this file is written to be used with dhcpcd
@@ Zeile 1204: / Zeile 886: @@
         pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client
         pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }}
-        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}
+        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}</file>
-</file>
 === Rolle "wireguard" ===
 == Tasks ==
-<file java ~/ansible/roles/wireguard/tasks/main.yml>--- # Installation und Konfiguration von WIREGUARD
+<file c++ ~/ansible/roles/wireguard/tasks/main.yml>--- # Installation und Konfiguration von WIREGUARD
 - include: install.yml                  # Installation des wireguard-Paketes
 - include: genkeys.yml                  # Schlüsselmaterial erzeugen
 - include: genlinklocal.yml             # lokale link-local IPv6 Adresse generieren
 - include: configuration.yml            # Konfigurationsdatei kopieren und anpassen
 - include: brokerinform.yml             # Public-Key unseres Nodes an den Broker übermitteln
 - include: wireguardstart.yml           # Aktivierung des wireguard client-daemon
+- include: radv-filter.yml              # RADV-Filter setzen
 - include: checkup.yml                  # Wireguard überprüfen
-</file>
+... # YML Ende</file>
-<file java ~/ansible/roles/wireguard/tasks/install.yml>---
-  - name: "*wireguard* : Installation von wireguard"
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
-    apt:
-      #update_cache: yes
-      pkg:
-       - wireguard
-      state: present
-</file>
-<file java ~/ansible/roles/wireguard/tasks/genkeys.yml>---
+<file c++ ~/ansible/roles/wireguard/tasks/install.yml>---
-  - name: "*wireguard* : Schlüsselmaterial erstellen"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell: /usr/bin/wg genkey | tee client_private.key | wg pubkey | tee client_public.key
-    args:
-      chdir: /etc/wireguard/
-      creates: client_private.key
-  - name: "*wireguard* : Zugriffsrechte des Private Keys anpassen"
+- name: "Installation von wireguard und iptables"
-    # https://docs.ansible.com/ansible/latest/modules/file_module.html
+  ansible.builtin.apt:
-    file:
+    pkg:
-      path: /etc/wireguard/client_private.key
+      - wireguard
-      mode: '0600'
+      - iptables
+    state: present
-  - name: "*wireguard* : Zugriffsrechte des Public Keys anpassen"
+...</file>
-    # https://docs.ansible.com/ansible/latest/modules/file_module.html
-    file:
-      path: /etc/wireguard/client_public.key
-      mode: '0600'
-</file>
-<file java ~/ansible/roles/wireguard/tasks/genlinklocal.yml>---
-  - name: "*wireguard* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell: cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
-    register: wg_node_linklocal
-</file>
-<file java ~/ansible/roles/wireguard/tasks/configuration.yml>---
+<file c++ ~/ansible/roles/wireguard/tasks/genkeys.yml>---
-  - name: "*wireguard* : private-key einlesen und in Variable übergeben"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html
-    shell: cat /etc/wireguard/client_private.key
-    register: wg_client_privatekey
-  - name: "*wireguard* : public-key einlesen und in Variable übergeben"
+- name: "Schlüsselmaterial erstellen"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html
+  ansible.builtin.command:
-    shell: cat /etc/wireguard/client_public.key
+    cmd: /usr/bin/wg genkey | tee client_private.key | wg pubkey | tee client_public.key
-    register: wg_client_publickey
+  args:
+    chdir: /etc/wireguard/
+    creates: client_private.key
-  - name: "*wireguard* : Socket ermitteln"
+- name: "Zugriffsrechte des Private Keys anpassen"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/set_fact_module.html
+  ansible.builtin.file:
-    set_fact:
+    path: /etc/wireguard/client_private.key
-      ffmuc_wireguard_port: "{{ item.value }}"
+    mode: '0600'
-    loop: "{{ lookup('dict', wireguard_ports) }}"
-    when: "ffmuc_segment in item.key"
-  - name: "*wireguard* : link-local des Gateways ermitteln"
+- name: "Zugriffsrechte des Public Keys anpassen"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/set_fact_module.html
+  ansible.builtin.file:
-    set_fact:
+    path: /etc/wireguard/client_public.key
-      ffmuc_wireguard_linklocal: "{{ item.value }}"
+    mode: '0600'
-    loop: "{{ lookup('dict', gw_linklocal) }}"
-    when: "ffmuc_gateway in item.key"
-  - name: "*wireguard* : publickey des Gateways ermitteln"
+...</file>
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/set_fact_module.html
-    set_fact:
-      ffmuc_wireguard_gwpubkey: "{{ item.value }}"
-    loop: "{{ lookup('dict', gw_publickey) }}"
-    when: "ffmuc_gateway in item.key"
-  - name: "*wireguard* : Konfigurationsdatei des wireguard-Tunnels erzeugen"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/uplink.j2
-      dest: /etc/wireguard/wg-uplink.conf
-</file>
-<file java ~/ansible/roles/wireguard/tasks/brokerinform.yml>---
+<file c++ ~/ansible/roles/wireguard/tasks/genlinklocal.yml>---
-  - name: "*wireguard* : systemd unit file für broker -Information anlegen"
-     # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/broker.j2
-      dest: /etc/systemd/system/broker.service
-  - name: "*wireguard* : Service broker starten beim Booten starten"
+- name: "lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
+  ansible.builtin.shell: |
-    systemd:
+    cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
-      name: broker
+  register: wg_node_linklocal
-      daemon_reload: yes
+  changed_when: false
-      state: started
-      enabled: yes
-</file>
-<file java ~/ansible/roles/wireguard/tasks/wireguardstart.yml>---
+...</file>
-  - name: "*wireguard* : Service wireguard via systemd startem"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
-    systemd:
-      name: wg-quick@wg-uplink
-      daemon_reload: yes
-      state: started
-      enabled: yes
-</file>
-<file java ~/ansible/roles/wireguard/tasks/checkup.yml>---
+<file c++ ~/ansible/roles/wireguard/tasks/configuration.yml>---
-  - name: "*wireguard* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell: cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
-    register: wg_node_linklocal
-  - name: "*wireguard* : checkupscript zum Testen der wireguard-Verbindung anlegen"
+- name: "private-key einlesen und in Variable übergeben"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+  ansible.builtin.command:
-    template:
+    cmd: cat /etc/wireguard/client_private.key
-      src: templates/checkup.j2
+  register: wg_client_privatekey
-      dest: /usr/local/bin/checkup
+  changed_when: false
-  - name: "*wireguard* : Ausführungsrechte des Bash-Scripts anpassen"
+- name: "public-key einlesen und in Variable übergeben"
-    # https://docs.ansible.com/ansible/latest/modules/file_module.html
+  ansible.builtin.command:
-    file:
+    cmd: cat /etc/wireguard/client_public.key
-      path: /usr/local/bin/checkup
+  register: wg_client_publickey
-      mode: '0740'
+  changed_when: false
-  - name: "*wireguard* : crontab für minütlichen checkup der wireguard-Verbindung anlegen"
+- name: "Socket ermitteln"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+  ansible.builtin.set_fact:
-    template:
+    ffmuc_wireguard_port: "{{ item.value }}"
-      src: templates/crontab.j2
+  loop: "{{ lookup('dict', wireguard_ports) }}"
-      dest: /etc/crontab
+  when: "ffmuc_segment in item.key"
- </file>
+- name: "link-local des Gateways ermitteln"
+  ansible.builtin.set_fact:
+    ffmuc_wireguard_linklocal: "{{ item.value }}"
+  loop: "{{ lookup('dict', gw_linklocal) }}"
+  when: "ffmuc_gateway in item.key"
+- name: "publickey des Gateways ermitteln"
+  ansible.builtin.set_fact:
+    ffmuc_wireguard_gwpubkey: "{{ item.value }}"
+  loop: "{{ lookup('dict', gw_publickey) }}"
+  when: "ffmuc_gateway in item.key"
+- name: "Konfigurationsdatei des wireguard-Tunnels erzeugen"
+  ansible.builtin.template:
+    src: templates/uplink.j2
+    dest: /etc/wireguard/wg-uplink.conf
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/wireguard/tasks/brokerinform.yml>---
+- name: "systemd unit file für broker -Information anlegen"
+  ansible.builtin.template:
+    src: templates/broker.j2
+    dest: /etc/systemd/system/broker.service
+    owner: root
+    group: root
+    mode: '0644'
+- name: "Service broker starten beim Booten starten"
+  ansible.builtin.systemd:
+    name: broker
+    daemon_reload: true
+    state: started
+    enabled: true
+...</file>
+<file c++ ~/ansible/roles/wireguard/tasks/wireguardstart.yml>---
+- name: "Service wireguard via systemd starten"
+  ansible.builtin.systemd:
+    name: wg-quick@wg-uplink
+    daemon_reload: true
+    state: started
+    enabled: true
+...</file>
+<file c++ ~/ansible/roles/wireguard/tasks/radv-filter.yml>---
+- name: "Startsrcipt für der RADV-Filter anlegen"
+  template:
+    src: templates/radv-filter.j2
+    dest: /usr/local/bin/radv-filter
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/wireguard/tasks/checkup.yml>---
+- name: "Lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
+  ansible.builtin.shell: |
+    cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
+  register: wg_node_linklocal
+  changed_when: false
+- name: "checkupscript zum Testen der wireguard-Verbindung anlegen"
+  ansible.builtin.template:
+    src: templates/checkup.j2
+    dest: /usr/local/bin/checkup
+    owner: root
+    group: root
+    mode: '0750'
+- name: "Ausführungsrechte des Bash-Scripts anpassen"
+  ansible.builtin.file:
+    path: /usr/local/bin/checkup
+    mode: '0740'
+- name: "crontab für minütlichen checkup der wireguard-Verbindung anlegen"
+  ansible.builtin.template:
+    src: templates/crontab.j2
+    dest: /etc/crontab
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
 == Templates ==
-<file java ~/ansible/roles/wireguard/templates/broker.j2># Django : 2020-12-07
+<file c++ ~/ansible/roles/wireguard/templates/broker.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 [Unit]
 # see man systemd.unit
 Description=Inform tunnel about our wireguard-public key
-Documentation=https://wiki.mailserver.guru/doku.php/centos:ansible:ffmuc-rpb4-ol
+Documentation=https://dokuwiki.nausch.org/doku.php/centos:ansible:ffmuc-rpb4-ol
 Before=wg-quick.target
@@ Zeile 1364: / Zeile 1082: @@
 [Install]
 WantedBy=default.target
 </file>
-<file java ~/ansible/roles/wireguard/templates/checkup.j2>#!/bin/bash
+<file c++ ~/ansible/roles/wireguard/templates/checkup.j2>#!/bin/bash
+# Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 # Check connectivity to supernode
@@ Zeile 1387: / Zeile 1107: @@
         #logger -t checkuplink "wiregurad-tunnel is up an running : HTTP-statuscode: ${HTTP_STATUS_CODE}"
 fi
 </file>
-<file java ~/ansible/roles/wireguard/templates/crontab.j2># /etc/crontab: system-wide crontab
+<file c++ ~/ansible/roles/wireguard/templates/crontab.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+# /etc/crontab: system-wide crontab
 # Unlike any other crontab you don't have to run the `crontab'
 # command to install the new version when you edit this file
@@ Zeile 1397: / Zeile 1119: @@
 SHELL=/bin/sh
 PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+MAILTO=""
 # Example of job definition:
@@ Zeile 1406: / Zeile 1130: @@
 # |  |  |  |  |
 # *  *  *  *  * user-name command to be executed
-*	* * *	root    cd / && run-parts --report /etc/cron.hourly
+*    * * *   root    cd / && run-parts --report /etc/cron.hourly
-6	* * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
+6    * * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
-6	* * 7	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
+6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
-6	1 * *	root	test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
+6    1 * *   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
 #
 # check wireguard-connection
-* * * * *	root	/usr/local/bin/checkup 2>&1 /dev/null
+-* * * * *      root    /usr/local/bin/checkup 2>&1 /dev/null
+# set firewall-role for RA-Filter
+-* * * * *       root    /usr/local/bin/radv-filter 2>&1 /dev/null
 </file>
-<file java ~/ansible/roles/wireguard/templates/uplink.j2>[Interface]
+<file c++ ~/ansible/roles/wireguard/templates/uplink.j2>[Interface]
 PrivateKey = {{ wg_client_privatekey.stdout }}
 Address = {{ wg_node_linklocal.stdout }}
@@ Zeile 1429: / Zeile 1156: @@
 === Rolle "vxlan" ===
-<file java ~/ansible/roles/vxlan/tasks/main.yml>--- # Installation und Konfiguration von VXLAN
+== Tasks ==
+<file c++ ~/ansible/roles/vxlan/tasks/main.yml>--- # Installation und Konfiguration von VXLAN
 - include: configure.yml                # VXLAN Konfigurieren
 - include: vxlanstart.yml               # Aktivierung des wireguard client-daemon
-</file>
+... # YML Ende</file>
-== Tasks ==
+<file c++ ~/ansible/roles/vxlan/tasks/configure.yml>---
-<file java ~/ansible/roles/vxlan/tasks/configure.yml>  - name: "*VXLAN* : Paketfilter anpassen - Eingehenden VXLAN Verkehr auf dem Mesh-Interface erlauben"
-    # https://docs.ansible.com/ansible/latest/modules/commans_module.html
-    command: ip6tables -I INPUT 1 -i wg-uplink -m udp -p udp --dport 8472 -j ACCEPT
-  - name: "*VXLAN* : VXLAN-ID des gewählten Segments ermitteln"
+- name: "Paketfilter anpassen - Eingehenden VXLAN Verkehr auf dem Mesh-Interface erlauben"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/set_fact_module.html
+  ansible.builtin.command: |
-    set_fact:
+    ip6tables -I INPUT 1 -i wg-uplink -m udp -p udp --dport 8472 -j ACCEPT
-      ffmuc_vxlan_id: "{{ item.value }}"
+  changed_when: false
-    loop: "{{ lookup('dict', gw_vxlan_ids) }}"
-    when: "ffmuc_segment in item.key"
-  - name: "*VXLAN* : link-local des Gateways ermitteln"
+- name: "VXLAN-ID des gewählten Segments ermitteln"
-    # https://docs.ansible.com/ansible/latest/collections/ansible/builtin/set_fact_module.html
+  ansible.builtin.set_fact:
-    set_fact:
+    ffmuc_vxlan_id: "{{ item.value }}"
-      ffmuc_wireguard_linklocal: "{{ item.value }}"
+  loop: "{{ lookup('dict', gw_vxlan_ids) }}"
-    loop: "{{ lookup('dict', gw_linklocal) }}"
+  when: "ffmuc_segment in item.key"
-    when: "ffmuc_gateway in item.key"
-  - name: "*VXLAN* : lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
+- name: "link-local des Gateways ermitteln"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
+  ansible.builtin.set_fact:
-    shell: cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
+    ffmuc_wireguard_linklocal: "{{ item.value }}"
-    register: wg_node_linklocal
+  loop: "{{ lookup('dict', gw_linklocal) }}"
+  when: "ffmuc_gateway in item.key"
-  - name: "*VXLAN* : Startupdatei für VXLAN kopieren"
+- name: "lokale link-local IPv6 Adresse aus dem PUBLIC-Key erzeugen"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+  ansible.builtin.shell: |
-    template:
+    cat /etc/wireguard/client_public.key | md5sum | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/fe80::02\1:\2ff:fe\3:\4\5/'
-      src: templates/vxlan-init.j2
+  register: wg_node_linklocal
-      dest: /usr/local/bin/vxlan
+  changed_when: false
-  - name: "*VXLAN* : Ausführungsrechte des Bash-Scripts anpassen"
+- name: "Startupdatei für VXLAN kopieren"
-    # https://docs.ansible.com/ansible/latest/modules/file_module.html
+  template:
-    file:
+    src: templates/vxlan-init.j2
-      path: /usr/local/bin/vxlan
+    dest: /usr/local/bin/vxlan
-      mode: '0740'
+    owner: root
-</file>
+    group: root
+    mode: '0750'
-<file java ~/ansible/roles/vxlan/tasks/vxlanstart.yml>---
+...</file>
-  - name: "*VXLAN* : systemd-unitfile anlegen"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
+<file c++ ~/ansible/roles/vxlan/tasks/vxlanstart.yml>---
-      src: templates/systemd-service-file.j2
-      dest: /etc/systemd/system/vxlan.service
+- name: "systemd-unitfile anlegen"
+  ansible.builtin.template:
+    src: templates/systemd-service-file.j2
+    dest: /etc/systemd/system/vxlan.service
+    owner: root
+    group: root
+    mode: '0644'
+- name: "Neues Unitfile dem systemd bekannt geben"
+  ansible.builtin.systemd:
+    daemon_reload: true
+- name: "Service vxlan via systemd starten"
+  ansible.builtin.systemd:
+    name: vxlan.service
+    daemon_reload: true
+    state: started
+    enabled: true
+...</file>
-  - name: "*VXLAN* : Neues Unitfile dem systemd bekannt geben"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
-    systemd:
-      daemon_reexec: yes
-  - name: "*VXLAN* : Service vxlan via systemd starten"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
-    systemd:
-      name: vxlan.service
-      daemon_reload: yes
-      state: started
-      enabled: yes
-</file>
 == Templates ==
-<file java ~/ansible/roles/vxlan/templates/systemd-service-file.j2>[Unit]
+<file c++ ~/ansible/roles/vxlan/templates/systemd-service-file.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+[Unit]
 # see man systemd.unit
 Description=Bringing up VXLAN Interface
-Documentation=https://wiki.mailserver.guru/doku.php/centos:ansible:ffmuc-rpb4-ol
+Documentation=https://dokuwiki.nausch.org/doku.php/centos:ansible:ffmuc-rpb4-ol
 After=wg-quick@wg-uplink.service
@@ Zeile 1507: / Zeile 1239: @@
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target</file>
-</file>
-<file bash ~/ansible/roles/vxlan/templates/vxlan-init.j2>#!/bin/bash
+<file c++ ~/ansible/roles/vxlan/templates/vxlan-init.j2>#!/bin/bash
+# Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 # Bring up VXLAN
@@ Zeile 1522: / Zeile 1255: @@
 /usr/sbin/batctl hardif mesh-vpn throughput_override 10000
 </file>
 === Rolle "ext-respondd" ===
 == Tasks ==
-<file java ~/ansible/roles/ext-respondd/tasks/main.yml>--- # Installation und Konfiguration des ext-respondd (Statistiken für https://map.ffmuc.net)
+<file c++ ~/ansible/roles/ext-respondd/tasks/main.yml>--- # Installation und Konfiguration des ext-respondd (Statistiken für https://map.ffmuc.net)
 - include: gitinstall.yml               # Installation der Pakete git und python3-netifaces
 - include: gitclone.yml                 # Repo ext-respondd klonen
@@ Zeile 1536: / Zeile 1268: @@
 </file>
-<file java ~/ansible/roles/ext-respondd/tasks/aliasgenerate.yml>---
-  - name: "Erstellen der resondd Konfigurationsdatei alias.json"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/ext-respondd_alias.json.j2
-      dest: /opt/ext-respondd/alias.json
-</file>
-<file java ~/ansible/roles/ext-respondd/tasks/configgenerate.yml>---
+<file c++ ~/ansible/roles/ext-respondd/tasks/gitinstall.yml>---
-  - name: "Erstellen der resondd Konfigurationsdatei config.json"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/ext-respondd_config.json.j2
-      dest: /opt/ext-respondd/config.json
-</file>
-<file java ~/ansible/roles/ext-respondd/tasks/copyconfig.yml>---
+- name: "Installation der Pakete git und python3-netifaces"
-  - name: "Systemd Startdatei für respondd kopieren"
+  ansible.builtin.apt:
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
+    update_cache: true
-    shell:
+    pkg:
-      cmd: cp /opt/ext-respondd/ext-respondd.service.example /etc/systemd/system/ext-respondd.service
+      - git
-</file>
+      - python3-netifaces
+    state: present
+...</file>
-<file java ~/ansible/roles/ext-respondd/tasks/gitclone.yml>---
-  - name: "Repo ext-respondd klonen"
-    # https://docs.ansible.com/ansible/latest/modules/git_module.html
-    git:
-      repo: https://github.com/freifunkMUC/ext-respondd
-      dest: /opt/ext-respondd/
-</file>
-<file java ~/ansible/roles/ext-respondd/tasks/gitinstall.yml>---
-  - name: "Installation der Pakete git und python3-netifaces"
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
-    apt:
-      update_cache: yes
-      pkg:
-        - git
-        - python3-netifaces
-      state: present
-</file>
-<file java ~/ansible/roles/ext-respondd/tasks/servicestartup.yml>---
+<file c++ ~/ansible/roles/ext-respondd/tasks/gitclone.yml>---
-  - name: "Service ext-respondd beim Booten starten"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
+- name: "ggf. bestehende Altlast bereinigen"
-    systemd:
+  ansible.builtin.file:
-      name: ext-respondd
+    path: /opt/ext-respondd
-      daemon_reload: yes
+    state: absent
-      state: started
-      enabled: yes
+- name: "Repo ext-respondd klonen"
-</file>
+  ansible.builtin.git:
+    repo: https://github.com/freifunkMUC/ext-respondd
+    dest: /opt/ext-respondd/
+    version: master
+    clone: true
+    update: true
+...</file>
+<file c++ ~/ansible/roles/ext-respondd/tasks/copyconfig.yml>---
+- name: "Systemd Startdatei für respondd kopieren"
+  ansible.builtin.copy:
+    src: /opt/ext-respondd/ext-respondd.service.example
+    dest: /etc/systemd/system/ext-respondd.service
+    remote_src: true
+     # cmd: cp /opt/ext-respondd/ext-respondd.service.example /etc/systemd/system/ext-respondd.service
+...</file>
+<file c++ ~/ansible/roles/ext-respondd/tasks/aliasgenerate.yml>---
+- name: "Erstellen der resondd Konfigurationsdatei alias.json"
+  ansible.builtin.template:
+    src: templates/ext-respondd_alias.json.j2
+    dest: /opt/ext-respondd/alias.json
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/ext-respondd/tasks/configgenerate.yml>---
+- name: "Erstellen der resondd Konfigurationsdatei config.json"
+  ansible.builtin.template:
+    src: templates/ext-respondd_config.json.j2
+    dest: /opt/ext-respondd/config.json
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/ext-respondd/tasks/bugfixing.yml>---
+- name: "Typo in der /opt/ext-respondd/lib/nodeinfo.py korrigieren"
+  ansible.builtin.replace:
+    path: /opt/ext-respondd/lib/nodeinfo.py
+    # zu ersetzende/korrigierende Zeile
+    regexp: 'Processor'
+    # wird ersetzt durch
+    replace: 'processor'
+...</file>
+<file c++ ~/ansible/roles/ext-respondd/tasks/servicestartup.yml>---
+- name: "Service ext-respondd beim Booten starten"
+  systemd:
+    name: ext-respondd
+    daemon_reload: true
+    state: started
+    enabled: true
+...</file>
 == Templates ==
-<file java ~/ansible/roles/ext-respondd/templates/ext-respondd_alias.json.j2>{
+<file c++ ~/ansible/roles/ext-respondd/templates/ext-respondd_alias.json.j2>{
   "nodeinfo": {
     "hostname": "{{ raspberry_hostname }}",
@@ Zeile 1608: / Zeile 1381: @@
   },
   "firstseen": "2019-08-14T12:34:56"
-}
+}</file>
-</file>
 <file java ~/ansible/roles/ext-respondd/templates/ext-respondd_config.json.j2>{
@@ Zeile 1618: / Zeile 1390: @@
   "rate_limit": 30,
   "rate_limit_burst": 10
-}
+}</file>
-</file>
 === Rolle "hostapd" ===
 == Tasks ==
-<file java ~/ansible/roles/hostapd/tasks/main.yml>--- # Installation und Konfiguration des hostap Treibers für den WiFi-Support
+<file c++ ~/ansible/roles/hostapd/tasks/main.yml>--- # Installation und Konfiguration des hostap Treibers für den WiFi-Support
 - include: install.yml                  # Paket hostapd für WLAN installieren
 - include: configure.yml                # hostapd konfigurieren
 - include: genconfig.yml                # hostapd Konfigurationsdatei anlegen
 - include: wlanbridging.yml             # wlan0 in Bridge packen
-- include: servicestartup.yml           # Service hostapd beim Booten und jetzt starten und das Laden der Unit Datei vom Service hostapd ermöglichen
+- include: servicestartup.yml           # Service hostapd beim Booten und jetzt starten
-</file>
+                                        # und so das Laden der Unit Datei vom Service
+                                        # hostapd ermöglichen
+... # YML Ende</file>
-<file java ~/ansible/roles/hostapd/tasks/configure.yml>---
-  - name: "hostapd konfigurieren"
-    # https://docs.ansible.com/ansible/latest/modules/shell_module.html
-    shell: echo 'DAEMON_OPTS="-d"' >> /etc/default/hostapd
-    when: ( raspberry_wifi == "ja" )
-</file>
-<file java ~/ansible/roles/hostapd/tasks/genconfig.yml>---
+<file c++ ~/ansible/roles/hostapd/tasks/install.yml>---
-  - name: "hostapd Konfigurationsdatei anlegen"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/hostapd.j2
-      dest: /etc/hostapd/hostapd.conf
-    when: ( raspberry_wifi == "ja" )
-</file>
-<file java ~/ansible/roles/hostapd/tasks/install.yml>---
+- name: "Paket hostapd für WLAN installieren"
-  - name: "Paket hostapd für WLAN installieren"
+  ansible.builtin.apt:
-    # https://docs.ansible.com/ansible/latest/modules/apt_module.html
+    update_cache: true
-    apt:
+    pkg:
-      update_cache: yes
+      - hostapd
-      pkg:
+    state: present
-        - hostapd
-      state: present
+...</file>
-    when: ( raspberry_wifi == "ja" )
-</file>
+<file c++ ~/ansible/roles/hostapd/tasks/configure.yml>---
+- name: "hostapd konfigurieren"
+  ansible.builtin.command: |
+    echo 'DAEMON_OPTS="-d"' >> /etc/default/hostapd
+  changed_when: false
+...</file>
+<file c++ ~/ansible/roles/hostapd/tasks/genconfig.yml>---
+- name: "hostapd Konfigurationsdatei anlegen"
+  ansible.builtin.template:
+    src: templates/hostapd.j2
+    dest: /etc/hostapd/hostapd.conf
+    owner: root
+    group: root
+    mode: '0644'
+...</file>
+<file c++ ~/ansible/roles/hostapd/tasks/wlanbridging.yml>---
+- name: "wlan0 in Bridge packen"
+  template:
+    src: templates/rclocal_wifi.j2
+    dest: /etc/rc.local
+    owner: root
+    group: root
+    mode: '0750'
+...</file>
+<file c++ ~/ansible/roles/hostapd/tasks/servicestartup.yml>---
+- name: "Service hostapd beim Booten und jetzt starten und das Laden der Unit Datei vom Service hostapd ermöglichen"
+  ansible.builtin.systemd:
+    name: hostapd
+    enabled: true
+    masked: false
+    state: started
+...</file>
-<file java ~/ansible/roles/hostapd/tasks/servicestartup.yml>---
-  - name: "Service hostapd beim Booten und jetzt starten und das Laden der Unit Datei vom Service hostapd ermöglichen"
-    # https://docs.ansible.com/ansible/latest/modules/systemd_module.html
-    systemd:
-      name: hostapd
-      enabled: yes
-      masked: no
-      state: started
-    when: ( raspberry_wifi == "ja" )
-</file>
-<file java ~/ansible/roles/hostapd/tasks/wlanbridging.yml>---
-  - name: "wlan0 in Bridge packen"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/rclocal_wifi.j2
-      dest: /etc/rc.local
-    when: ( raspberry_wifi == "ja" )
-</file>
 == Templates ==
-<file java ~/ansible/roles/hostapd/templates/hostapd.j2>ssid=muenchen.freifunk.net/{{ ffmuc_segment }}
+<file c++ ~/ansible/roles/hostapd/templates/hostapd.j2>ssid=muenchen.freifunk.net/{{ ffmuc_segment }}
 country_code=US
@@ Zeile 1710: / Zeile 1497: @@
 vht_oper_chwidth=1
 channel=36
-vht_oper_centr_freq_seg0_idx=42
+vht_oper_centr_freq_seg0_idx=42</file>
-</file>
 <file java ~/ansible/roles/hostapd/templates/rclocal_wifi.j2>#!/bin/sh -e
+# Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 #
 # rc.local
@@ Zeile 1732: / Zeile 1520: @@
 fi
 sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0
-exit 0
+exit 0</file>
-</file>
 === Rolle "client-mesh" ===
 == Tasks ==
-<file java ~/ansible/roles/client-mesh/tasks/main.yml>--- # Grundkonfiguration von Client und/oder Meshing (V)LANs
+<file c++ ~/ansible/roles/client-mesh/tasks/main.yml>--- # Grundkonfiguration von Client und/oder Meshing (V)LANs
 - include: clientohnemesh.yml           # Konfiguration des Client-VLAN ohne Mesh-Netz
 - include: getvxlanid.yml               # vxlan_id für ausgewähltes Segment ermitteln
@@ Zeile 1745: / Zeile 1532: @@
 - include: batmanohnewifi.yml           # Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung
 - include: batmanmitwifi.yml            # Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung
-</file>
+... # YML Ende</file>
-<file java ~/ansible/roles/client-mesh/tasks/batmanmitwifi.yml>---
-  - name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/rclocal_both.j2
-      dest: /etc/rc.local
-    when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi == "ja" )
-</file>
-<file java  ~/ansible/roles/client-mesh/tasks/batmanohnewifi.yml>---
+<file c++ ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml>---
-  - name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/rclocal_vxlan.j2
-      dest: /etc/rc.local
-    when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi != "ja" )
-</file>
-<file java ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml>django@Djangos-ThinkPad-X230:~$ cat ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml
+- name: "Konfiguration des Client-VLAN ohne Mesh-Netz"
----
+  ansible.builtin.template:
-  - name: "Konfiguration des Client-VLAN ohne Mesh-Netz"
+    src: templates/interfaces_client_ohne_mesh.j2
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+    dest: /etc/network/interfaces
-    template:
+    owner: root
-      src: templates/interfaces_client_ohne_mesh.j2
+    group: root
-      dest: /etc/network/interfaces
+    mode: '0640'
-    when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length == 0 )
+  when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length == 0 )
-</file>
-<file java  ~/ansible/roles/client-mesh/tasks/getvxlanid.yml>---
+...</file>
-  - name: "vxlan_id für ausgewähltes Segment ermitteln"
-    # https://docs.ansible.com/ansible/latest/modules/set_fact_module.html
-    set_fact:
-      ffmuc_vxlan_id: "{{ item.value }}"
-    loop: "{{ lookup('dict', vxlan_ids) }}"
-    when: "ffmuc_segment in item.key"
-</file>
-<file java ~/ansible/roles/client-mesh/tasks/meshohneclient.yml>---
+<file c++ ~/ansible/roles/client-mesh/tasks/getvxlanid.yml>---
-  - name: "Konfiguration des Mesh-VLAN ohne Client-VLAN"
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
-    template:
-      src: templates/interfaces_mesh_ohne_client.j2
-      dest: /etc/network/interfaces
-    when: ( raspberry_clientvlan|length == 0 ) and ( raspberry_meshvlan|length > 0 )
-</file>
-<file java  ~/ansible/roles/client-mesh/tasks/meshundclient.yml>---
+- name: "vxlan_id für ausgewähltes Segment ermitteln"
-  - name: "Konfiguration von Mesh- und Client-VLAN"
+  ansible.builtin.set_fact:
-    # https://docs.ansible.com/ansible/latest/modules/template_module.html
+    ffmuc_vxlan_id: "{{ item.value }}"
-    template:
+  loop: "{{ lookup('dict', vxlan_ids) }}"
-      src: templates/interfaces_mesh_mit_client.j2
+  when: "ffmuc_segment in item.key"
-      dest: /etc/network/interfaces
-    when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length > 0 )
+...</file>
-</file>
+<file c++ ~/ansible/roles/client-mesh/tasks/meshohneclient.yml>---
+- name: "Konfiguration des Mesh-VLAN ohne Client-VLAN"
+  ansible.builtin.template:
+    src: templates/interfaces_mesh_ohne_client.j2
+    dest: /etc/network/interfaces
+    owner: root
+    group: root
+    mode: '0640'
+  when: ( raspberry_clientvlan|length == 0 ) and ( raspberry_meshvlan|length > 0 )
+...</file>
+<file c++ ~/ansible/roles/client-mesh/tasks/meshundclient.yml>---
+- name: "Konfiguration von Mesh- und Client-VLAN"
+  ansible.builtin.template:
+    src: templates/interfaces_mesh_mit_client.j2
+    dest: /etc/network/interfaces
+    owner: root
+    group: root
+    mode: '0640'
+  when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length > 0 )
+...</file>
+<file c++  ~/ansible/roles/client-mesh/tasks/batmanohnewifi.yml>---
+- name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung"
+  ansible.builtin.template:
+    src: templates/rclocal_vxlan.j2
+    dest: /etc/rc.local
+    owner: root
+    group: root
+    mode: '0750'
+  when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi != "true" )
+...</file>
+<file c++ ~/ansible/roles/client-mesh/tasks/batmanmitwifi.yml>---
+- name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung"
+  ansible.builtin.template:
+    src: templates/rclocal_both.j2
+    dest: /etc/rc.local
+    owner: root
+    group: root
+    mode: '0750'
+  when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi == "true" )
+...</file>
 == Templates ==
-<file java ~/ansible/roles/client-mesh/templates/interfaces_client_ohne_mesh.j2># interfaces(5) file used by ifup(8) and ifdown(8)
+<file c++ ~/ansible/roles/client-mesh/templates/interfaces_client_ohne_mesh.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+# interfaces(5) file used by ifup(8) and ifdown(8)
 # Please note that this file is written to be used with dhcpcd
@@ Zeile 1828: / Zeile 1639: @@
         pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client
         pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }}
-        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}
+        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}</file>
-</file>
-<file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_mit_client.j2># interfaces(5) file used by ifup(8) and ifdown(8)
+<file c++ ~/ansible/roles/client-mesh/templates/interfaces_mesh_mit_client.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+# interfaces(5) file used by ifup(8) and ifdown(8)
 # Please note that this file is written to be used with dhcpcd
@@ Zeile 1868: / Zeile 1680: @@
 </file>
-<file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_ohne_client.j2># interfaces(5) file used by ifup(8) and ifdown(8)
+<file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_ohne_client.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
+# interfaces(5) file used by ifup(8) and ifdown(8)
 # Please note that this file is written to be used with dhcpcd
@@ Zeile 1899: / Zeile 1713: @@
         pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client
         pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }}
-        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}
+        post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}</file>
-</file>
 <file bash ~/ansible/roles/client-mesh/templates/rclocal_both.j2>#!/bin/sh -e
+# Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 #
 # rc.local
@@ Zeile 1922: / Zeile 1737: @@
 sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0
 /usr/sbin/batctl hardif mesh-vpn throughput_override 10000
-exit 0
+exit 0</file>
-</file>
 <file bash ~/ansible/roles/client-mesh/templates/rclocal_vxlan.j2>#!/bin/sh -e
+# Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually!
 #
 # rc.local
@@ Zeile 1944: / Zeile 1760: @@
 fi
 /usr/sbin/batctl hardif mesh-vpn throughput_override 10000
-exit 0
+exit 0</file>
-</file>
+/*
 === Rolle "oled" ===
 == Tasks ==
@@ Zeile 2373: / Zeile 2188: @@
 # see man systemd.unit
 Description=Starting OLED-Trafic output
-Documentation=https://wiki.mailserver.guru/doku.php/centos:ansible:ffmuc-rpb4-ol
+Documentation=https://dokuwiki.nausch.org/doku.php/centos:ansible:ffmuc-rpb4-ol
 After=network.target
@@ Zeile 2386: / Zeile 2201: @@
 </file>
+*/
 === Rolle "final" ===
 == Tasks ==
 <file java ~/ansible/roles/final/tasks/main.yml>--- # Reboot nach Abschluss der Konfiguration unseres Offloaders
-- include: reboot.yml                   # /etc/hosts anpassen
+- include: reboot.yml                   # abschließender Reboot nach Fertigstellung
-... #YAML Ende Syntax
+... # YML Ende</file>
-</file>
 <file java ~/ansible/roles/final/tasks/reboot.yml>---
-  - name: "Reboot nach Abschluss der Konfiguration unseres Offloaders"
-    # https://docs.ansible.com/ansible/latest/modules/reboot_module.html
+- name: "Reboot nach Abschluss der Konfiguration unseres Offloaders"
-    reboot:
+  ansible.builtin.reboot:
-</file>
+...</file>
 ==== Download des auf Debian Buster basierenden Raspbian ====
@@ Zeile 2522: / Zeile 2339: @@
 Hier werden die zur Konfiguration benötigten Parameter nicht beim Aufruf des Playbooks abgefragt, sondern in zugehörigen **[[#inventory-definition|Inventory-Datei]]** hinterlegt. Das ist im ersten Schritt für den ungeübten Ansible-Nutzer zwar augenscheinlich aufwändiger, hat aber den Vorteil, dass man die zur Konfiguration benötigten Parameter immer sofort "zur Hand" hat.
-In den Zeilen **''55 bis 64''** sind diese Parameter entsprechend zu hinterlegen.
+In der Host-spezifischen Konfigurationsdatei  sind diese Parameter entsprechend zu hinterlegen. Folgendes Beispiel zeigt dies für den Host mit dem Namen **rpb4-ol-b** aus dem Inventory.
-   $ vim ~/ansible/inventories/production/hosts.yml +54
+   $ vim ~/ansible/inventories/production/host_vars/rpb4-ol-b/individual_host_specification
+<code># IP-Adresse unseres Raspberry in unserem eigenen lokalen Netzwerk
+# stationäre schwarzes Plastikgehäuse Raspberry 4B mit PoE-HAT und Display
+# MAC: dc:a6:32:22:f0:f2
+ansible_ssh_host: 192.168.0.22
+ansible_port: 22
+ansible_user: pi
+ansible_ssh_private_key_file: ~/.ssh/id_ed25519_freifunk
+#
+batman_adv_version: "2022.1"
+ffmuc_segment: "muc_ost"
+ffmuc_gateway: "gw06"
+raspberry_hostname: "ff_pliening_rpb4_ol_v6"
+node_contact_address: "hier entlang => https://bit.ly/2VxGoXp"
+raspberry_latitude: "48.198757565"
+raspberry_longitude: "11.798020899"
+raspberry_wifi: "true"
+raspberry_clientvlan: "4"
+raspberry_meshvlan: "2"
+raspberry_oled: "false"</code>
-<code> 54     batman_adv_version:   "2020.4"
+Diese passen wir natürlich noch auf unsere lokale Umgebung hin an.
-     ffmuc_segment:        "muc_ost"
-     ffmuc_gateway:        "gw04"
-     raspberry_hostname:   "raspbian-ansible-offloader"
-     node_contact_address: "https://bit.ly/2VxGoXp"
-     raspberry_latitude:   "48.239094621"
-     raspberry_longitude:  "11.558936834"
-     raspberry_wifi:       "ja"
-     raspberry_clientvlan: "123"
-     raspberry_meshvlan:   "456"
-     raspberry_oled:       "ja"</code>
 === Playbook Lauf ===
@@ Zeile 2858: / Zeile 2685: @@
   * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]**
   * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**