Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung |
linux:ansible:ffmuc-rpb4-ol [27.09.2022 15:30. ] – [Templates] django | linux:ansible:ffmuc-rpb4-ol [27.09.2022 15:47. ] (aktuell) – [Inhalt] django |
---|
| |
====== Inhalt ====== | ====== Inhalt ====== |
| |
<WRAP center round alert 30%> | |
**ACHTUNG:** Artikel in Überarbeitung!!! **ACHTUNG:** | |
</WRAP> | |
| |
| |
<WRAP center round tip 90%> | <WRAP center round tip 90%> |
=== Rolle "client-mesh" === | === Rolle "client-mesh" === |
== Tasks == | == Tasks == |
<file java ~/ansible/roles/client-mesh/tasks/main.yml>--- # Grundkonfiguration von Client und/oder Meshing (V)LANs | <file c++ ~/ansible/roles/client-mesh/tasks/main.yml>--- # Grundkonfiguration von Client und/oder Meshing (V)LANs |
- include: clientohnemesh.yml # Konfiguration des Client-VLAN ohne Mesh-Netz | - include: clientohnemesh.yml # Konfiguration des Client-VLAN ohne Mesh-Netz |
- include: getvxlanid.yml # vxlan_id für ausgewähltes Segment ermitteln | - include: getvxlanid.yml # vxlan_id für ausgewähltes Segment ermitteln |
- include: batmanohnewifi.yml # Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung | - include: batmanohnewifi.yml # Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung |
- include: batmanmitwifi.yml # Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung | - include: batmanmitwifi.yml # Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung |
</file> | ... # YML Ende</file> |
| |
<file java ~/ansible/roles/client-mesh/tasks/batmanmitwifi.yml>--- | |
- name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung" | |
# https://docs.ansible.com/ansible/latest/modules/template_module.html | |
template: | |
src: templates/rclocal_both.j2 | |
dest: /etc/rc.local | |
when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi == "ja" ) | |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/tasks/batmanohnewifi.yml>--- | <file c++ ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml>--- |
- name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung" | |
# https://docs.ansible.com/ansible/latest/modules/template_module.html | |
template: | |
src: templates/rclocal_vxlan.j2 | |
dest: /etc/rc.local | |
when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi != "ja" ) | |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml>django@Djangos-ThinkPad-X230:~$ cat ~/ansible/roles/client-mesh/tasks/clientohnemesh.yml | - name: "Konfiguration des Client-VLAN ohne Mesh-Netz" |
--- | ansible.builtin.template: |
- name: "Konfiguration des Client-VLAN ohne Mesh-Netz" | src: templates/interfaces_client_ohne_mesh.j2 |
# https://docs.ansible.com/ansible/latest/modules/template_module.html | dest: /etc/network/interfaces |
template: | owner: root |
src: templates/interfaces_client_ohne_mesh.j2 | group: root |
dest: /etc/network/interfaces | mode: '0640' |
when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length == 0 ) | when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length == 0 ) |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/tasks/getvxlanid.yml>--- | ...</file> |
- name: "vxlan_id für ausgewähltes Segment ermitteln" | |
# https://docs.ansible.com/ansible/latest/modules/set_fact_module.html | |
set_fact: | |
ffmuc_vxlan_id: "{{ item.value }}" | |
loop: "{{ lookup('dict', vxlan_ids) }}" | |
when: "ffmuc_segment in item.key" | |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/tasks/meshohneclient.yml>--- | <file c++ ~/ansible/roles/client-mesh/tasks/getvxlanid.yml>--- |
- name: "Konfiguration des Mesh-VLAN ohne Client-VLAN" | |
# https://docs.ansible.com/ansible/latest/modules/template_module.html | |
template: | |
src: templates/interfaces_mesh_ohne_client.j2 | |
dest: /etc/network/interfaces | |
when: ( raspberry_clientvlan|length == 0 ) and ( raspberry_meshvlan|length > 0 ) | |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/tasks/meshundclient.yml>--- | - name: "vxlan_id für ausgewähltes Segment ermitteln" |
- name: "Konfiguration von Mesh- und Client-VLAN" | ansible.builtin.set_fact: |
# https://docs.ansible.com/ansible/latest/modules/template_module.html | ffmuc_vxlan_id: "{{ item.value }}" |
template: | loop: "{{ lookup('dict', vxlan_ids) }}" |
src: templates/interfaces_mesh_mit_client.j2 | when: "ffmuc_segment in item.key" |
dest: /etc/network/interfaces | |
when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length > 0 ) | ...</file> |
</file> | |
| <file c++ ~/ansible/roles/client-mesh/tasks/meshohneclient.yml>--- |
| |
| - name: "Konfiguration des Mesh-VLAN ohne Client-VLAN" |
| ansible.builtin.template: |
| src: templates/interfaces_mesh_ohne_client.j2 |
| dest: /etc/network/interfaces |
| owner: root |
| group: root |
| mode: '0640' |
| when: ( raspberry_clientvlan|length == 0 ) and ( raspberry_meshvlan|length > 0 ) |
| |
| ...</file> |
| |
| |
| <file c++ ~/ansible/roles/client-mesh/tasks/meshundclient.yml>--- |
| |
| - name: "Konfiguration von Mesh- und Client-VLAN" |
| ansible.builtin.template: |
| src: templates/interfaces_mesh_mit_client.j2 |
| dest: /etc/network/interfaces |
| owner: root |
| group: root |
| mode: '0640' |
| when: ( raspberry_clientvlan|length > 0 ) and ( raspberry_meshvlan|length > 0 ) |
| |
| ...</file> |
| |
| <file c++ ~/ansible/roles/client-mesh/tasks/batmanohnewifi.yml>--- |
| |
| - name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V ohne Wifi-Nutzung" |
| ansible.builtin.template: |
| src: templates/rclocal_vxlan.j2 |
| dest: /etc/rc.local |
| owner: root |
| group: root |
| mode: '0750' |
| when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi != "true" ) |
| |
| ...</file> |
| |
| |
| <file c++ ~/ansible/roles/client-mesh/tasks/batmanmitwifi.yml>--- |
| |
| - name: "Konfiguration des bevorzugte Meshingpoint in BATMAN_V mit Wifi-Nutzung" |
| ansible.builtin.template: |
| src: templates/rclocal_both.j2 |
| dest: /etc/rc.local |
| owner: root |
| group: root |
| mode: '0750' |
| when: ( raspberry_meshvlan|length > 0 ) and ( raspberry_wifi == "true" ) |
| |
| ...</file> |
| |
== Templates == | == Templates == |
<file java ~/ansible/roles/client-mesh/templates/interfaces_client_ohne_mesh.j2># interfaces(5) file used by ifup(8) and ifdown(8) | <file c++ ~/ansible/roles/client-mesh/templates/interfaces_client_ohne_mesh.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually! |
| # interfaces(5) file used by ifup(8) and ifdown(8) |
| |
# Please note that this file is written to be used with dhcpcd | # Please note that this file is written to be used with dhcpcd |
pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client | pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client |
pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }} | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }} |
post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }} | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}</file> |
</file> | |
| |
<file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_mit_client.j2># interfaces(5) file used by ifup(8) and ifdown(8) | |
| <file c++ ~/ansible/roles/client-mesh/templates/interfaces_mesh_mit_client.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually! |
| # interfaces(5) file used by ifup(8) and ifdown(8) |
| |
# Please note that this file is written to be used with dhcpcd | # Please note that this file is written to be used with dhcpcd |
</file> | </file> |
| |
<file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_ohne_client.j2># interfaces(5) file used by ifup(8) and ifdown(8) | |
| <file java ~/ansible/roles/client-mesh/templates/interfaces_mesh_ohne_client.j2># Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually! |
| # interfaces(5) file used by ifup(8) and ifdown(8) |
| |
# Please note that this file is written to be used with dhcpcd | # Please note that this file is written to be used with dhcpcd |
pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client | pre-up /usr/sbin/batctl meshif bat-{{ ffmuc_segment }} gw_mode client |
pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }} | pre-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev bat-{{ ffmuc_segment }} |
post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }} | post-up /sbin/ip link set address $(ip -br l | grep eth0 | egrep -o '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})' | head -1) dev br-{{ ffmuc_segment }}</file> |
</file> | |
| |
<file bash ~/ansible/roles/client-mesh/templates/rclocal_both.j2>#!/bin/sh -e | <file bash ~/ansible/roles/client-mesh/templates/rclocal_both.j2>#!/bin/sh -e |
| # Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually! |
# | # |
# rc.local | # rc.local |
sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0 | sleep 10; /sbin/brctl addif br-{{ ffmuc_segment }} wlan0 |
/usr/sbin/batctl hardif mesh-vpn throughput_override 10000 | /usr/sbin/batctl hardif mesh-vpn throughput_override 10000 |
exit 0 | exit 0</file> |
</file> | |
| |
<file bash ~/ansible/roles/client-mesh/templates/rclocal_vxlan.j2>#!/bin/sh -e | <file bash ~/ansible/roles/client-mesh/templates/rclocal_vxlan.j2>#!/bin/sh -e |
| # Generated by Ansible on {{ ansible_date_time.date }}, do not edit manually! |
# | # |
# rc.local | # rc.local |
fi | fi |
/usr/sbin/batctl hardif mesh-vpn throughput_override 10000 | /usr/sbin/batctl hardif mesh-vpn throughput_override 10000 |
exit 0 | exit 0</file> |
</file> | |
| |
| /* |
=== Rolle "oled" === | === Rolle "oled" === |
== Tasks == | == Tasks == |
</file> | </file> |
| |
| */ |
| |
=== Rolle "final" === | === Rolle "final" === |
== Tasks == | == Tasks == |
<file java ~/ansible/roles/final/tasks/main.yml>--- # Reboot nach Abschluss der Konfiguration unseres Offloaders | <file java ~/ansible/roles/final/tasks/main.yml>--- # Reboot nach Abschluss der Konfiguration unseres Offloaders |
- include: reboot.yml # /etc/hosts anpassen | - include: reboot.yml # abschließender Reboot nach Fertigstellung |
... #YAML Ende Syntax | ... # YML Ende</file> |
</file> | |
| |
<file java ~/ansible/roles/final/tasks/reboot.yml>--- | <file java ~/ansible/roles/final/tasks/reboot.yml>--- |
- name: "Reboot nach Abschluss der Konfiguration unseres Offloaders" | |
# https://docs.ansible.com/ansible/latest/modules/reboot_module.html | - name: "Reboot nach Abschluss der Konfiguration unseres Offloaders" |
reboot: | ansible.builtin.reboot: |
</file> | |
| ...</file> |
| |
==== Download des auf Debian Buster basierenden Raspbian ==== | ==== Download des auf Debian Buster basierenden Raspbian ==== |
Hier werden die zur Konfiguration benötigten Parameter nicht beim Aufruf des Playbooks abgefragt, sondern in zugehörigen **[[#inventory-definition|Inventory-Datei]]** hinterlegt. Das ist im ersten Schritt für den ungeübten Ansible-Nutzer zwar augenscheinlich aufwändiger, hat aber den Vorteil, dass man die zur Konfiguration benötigten Parameter immer sofort "zur Hand" hat. | Hier werden die zur Konfiguration benötigten Parameter nicht beim Aufruf des Playbooks abgefragt, sondern in zugehörigen **[[#inventory-definition|Inventory-Datei]]** hinterlegt. Das ist im ersten Schritt für den ungeübten Ansible-Nutzer zwar augenscheinlich aufwändiger, hat aber den Vorteil, dass man die zur Konfiguration benötigten Parameter immer sofort "zur Hand" hat. |
| |
In den Zeilen **''55 bis 64''** sind diese Parameter entsprechend zu hinterlegen. | In der Host-spezifischen Konfigurationsdatei sind diese Parameter entsprechend zu hinterlegen. Folgendes Beispiel zeigt dies für den Host mit dem Namen **rpb4-ol-b** aus dem Inventory. |
$ vim ~/ansible/inventories/production/hosts.yml +54 | $ vim ~/ansible/inventories/production/host_vars/rpb4-ol-b/individual_host_specification |
| |
| <code># IP-Adresse unseres Raspberry in unserem eigenen lokalen Netzwerk |
| # stationäre schwarzes Plastikgehäuse Raspberry 4B mit PoE-HAT und Display |
| # MAC: dc:a6:32:22:f0:f2 |
| ansible_ssh_host: 192.168.0.22 |
| ansible_port: 22 |
| ansible_user: pi |
| ansible_ssh_private_key_file: ~/.ssh/id_ed25519_freifunk |
| # |
| batman_adv_version: "2022.1" |
| ffmuc_segment: "muc_ost" |
| ffmuc_gateway: "gw06" |
| raspberry_hostname: "ff_pliening_rpb4_ol_v6" |
| node_contact_address: "hier entlang => https://bit.ly/2VxGoXp" |
| raspberry_latitude: "48.198757565" |
| raspberry_longitude: "11.798020899" |
| raspberry_wifi: "true" |
| raspberry_clientvlan: "4" |
| raspberry_meshvlan: "2" |
| raspberry_oled: "false"</code> |
| |
<code> 54 batman_adv_version: "2020.4" | Diese passen wir natürlich noch auf unsere lokale Umgebung hin an. |
55 ffmuc_segment: "muc_ost" | |
56 ffmuc_gateway: "gw04" | |
57 raspberry_hostname: "raspbian-ansible-offloader" | |
58 node_contact_address: "https://bit.ly/2VxGoXp" | |
59 raspberry_latitude: "48.239094621" | |
60 raspberry_longitude: "11.558936834" | |
61 raspberry_wifi: "ja" | |
62 raspberry_clientvlan: "123" | |
63 raspberry_meshvlan: "456" | |
64 raspberry_oled: "ja"</code> | |
| |
=== Playbook Lauf === | === Playbook Lauf === |