From cb587171d25f2e8cc8fbb6c0466c1a7de1588a80 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:55:15 +0100 Subject: [PATCH 1/8] Create main.yml --- roles/network-ffrl/handlers/main.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 roles/network-ffrl/handlers/main.yml diff --git a/roles/network-ffrl/handlers/main.yml b/roles/network-ffrl/handlers/main.yml new file mode 100644 index 0000000..191d07d --- /dev/null +++ b/roles/network-ffrl/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: reload network interfaces + systemd: + name: networking + state: reloaded From 2c1462ab7d888e3b4bbe3c802a1c6e6180f275ed Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:56:34 +0100 Subject: [PATCH 2/8] Create tasks --- roles/network-ffrl/tasks | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 roles/network-ffrl/tasks diff --git a/roles/network-ffrl/tasks b/roles/network-ffrl/tasks new file mode 100644 index 0000000..96b7288 --- /dev/null +++ b/roles/network-ffrl/tasks @@ -0,0 +1,16 @@ +--- +- name: create ffrl interfaces + template: + src: ffrl.j2 + dest: "/etc/network/interfaces.d/{{ item.key }}" + notify: reload network interfaces + loop: "{{ ffrl_exit_server | dict2items }}" + +- name: create ffrl-nat dummy interface + template: + src: ffrl_nat.j2 + dest: "/etc/network/interfaces.d/ffrl-nat" + notify: reload network interfaces + +- name: flush handlers + meta: flush_handlers From 97a5b447ed2e060e6c5cf9beed951c3bb9c09203 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:57:18 +0100 Subject: [PATCH 3/8] Delete tasks --- roles/network-ffrl/tasks | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 roles/network-ffrl/tasks diff --git a/roles/network-ffrl/tasks b/roles/network-ffrl/tasks deleted file mode 100644 index 96b7288..0000000 --- a/roles/network-ffrl/tasks +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: create ffrl interfaces - template: - src: ffrl.j2 - dest: "/etc/network/interfaces.d/{{ item.key }}" - notify: reload network interfaces - loop: "{{ ffrl_exit_server | dict2items }}" - -- name: create ffrl-nat dummy interface - template: - src: ffrl_nat.j2 - dest: "/etc/network/interfaces.d/ffrl-nat" - notify: reload network interfaces - -- name: flush handlers - meta: flush_handlers From 789ec2c1a77a1fa7caa5a76045ef82098df601fa Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:58:03 +0100 Subject: [PATCH 4/8] Create main.yml --- roles/network-ffrl/tasks/main.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 roles/network-ffrl/tasks/main.yml diff --git a/roles/network-ffrl/tasks/main.yml b/roles/network-ffrl/tasks/main.yml new file mode 100644 index 0000000..96b7288 --- /dev/null +++ b/roles/network-ffrl/tasks/main.yml @@ -0,0 +1,16 @@ +--- +- name: create ffrl interfaces + template: + src: ffrl.j2 + dest: "/etc/network/interfaces.d/{{ item.key }}" + notify: reload network interfaces + loop: "{{ ffrl_exit_server | dict2items }}" + +- name: create ffrl-nat dummy interface + template: + src: ffrl_nat.j2 + dest: "/etc/network/interfaces.d/ffrl-nat" + notify: reload network interfaces + +- name: flush handlers + meta: flush_handlers From 6b59cacb7bf43a5161f8e58b554320687e3bb3f1 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:58:52 +0100 Subject: [PATCH 5/8] Create ffrl.j2 --- roles/network-ffrl/templates/ffrl.j2 | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 roles/network-ffrl/templates/ffrl.j2 diff --git a/roles/network-ffrl/templates/ffrl.j2 b/roles/network-ffrl/templates/ffrl.j2 new file mode 100644 index 0000000..ba8d4e7 --- /dev/null +++ b/roles/network-ffrl/templates/ffrl.j2 @@ -0,0 +1,17 @@ +# +# {{ ansible_managed }} +# +auto {{ item.key }} +iface {{ item.key }} inet tunnel + mode gre + local {{ ansible_default_ipv4.address | ipaddr('public') | ipaddr('address') }} + endpoint {{ item.value.public_ipv4_address | ipaddr('public') | ipaddr('address') }} + + ttl 64 + mtu 1400 + tunnel-physdev {{ ansible_default_ipv4.interface }} + ip-forward on + ip6-forward on + + address {{ item.value.tunnel_ipv4_network | ipaddr('net') | ipaddr('1') | ipaddr('ip/prefix') }} + address {{ item.value.tunnel_ipv6_network | ipaddr('net') | ipaddr('2') | ipaddr('ip/prefix') }} From 62ab8c8a0af30cbdd7523f86d8fb3ca54983c3b8 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:59:15 +0100 Subject: [PATCH 6/8] Add files via upload --- roles/network-ffrl/templates/ffrl_nat.j2 | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 roles/network-ffrl/templates/ffrl_nat.j2 diff --git a/roles/network-ffrl/templates/ffrl_nat.j2 b/roles/network-ffrl/templates/ffrl_nat.j2 new file mode 100644 index 0000000..39523e9 --- /dev/null +++ b/roles/network-ffrl/templates/ffrl_nat.j2 @@ -0,0 +1,7 @@ +# +# {{ ansible_managed }} +# +auto ffrl-nat +iface ffrl-nat + link-type dummy + address {{ ffrl_public_ipv4_nat | ipaddr('host') }} From f956d98787b31160bab0ec794bb68ad20a62aee1 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Tue, 23 Feb 2021 21:59:54 +0100 Subject: [PATCH 7/8] Add files via upload --- roles/network-ffrl/README.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 roles/network-ffrl/README.md diff --git a/roles/network-ffrl/README.md b/roles/network-ffrl/README.md new file mode 100644 index 0000000..1ae6752 --- /dev/null +++ b/roles/network-ffrl/README.md @@ -0,0 +1,34 @@ +# Ansible role network-ffrl + +Diese Ansible role konfiguriert die GRE-Tunnel Interfaces, die für den Internet-Exit über Freifunk Rheinland benötigt werden. + +## Benötigte Variablen +- Dictionary `ffrl_exit_server` (Host Variable) + +``` +ffrl_exit_server: + ffrl-a-ak-ber: + public_ipv4_address: 185.66.195.0 + tunnel_ipv4_network: # IPv4 Tunnel Transfernetz + tunnel_ipv6_network: # IPv6 Tunnel Transfernetz + ffrl-b-ak-ber: + public_ipv4_address: 185.66.195.1 + tunnel_ipv4_network: + tunnel_ipv6_network: + ffrl-a-ix-dus: + public_ipv4_address: 185.66.193.0 + tunnel_ipv4_network: + tunnel_ipv6_network: + ffrl-b-ix-dus: + public_ipv4_address: 185.66.193.1 + tunnel_ipv4_network: + tunnel_ipv6_network: + ffrl-a-fra2-fra: + public_ipv4_address: 185.66.194.0 + tunnel_ipv4_network: + tunnel_ipv6_network: + ffrl-b-fra2-fra: + public_ipv4_address: 185.66.194.1 + tunnel_ipv4_network: + tunnel_ipv6_network: +``` From f7465b1cc85dd7fa41d00409dab51e2592f2e2c6 Mon Sep 17 00:00:00 2001 From: Kwa5ir <47085934+Kwa5ir@users.noreply.github.com> Date: Wed, 24 Feb 2021 19:06:35 +0100 Subject: [PATCH 8/8] Exit Node Config --- exit_node.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 exit_node.yml diff --git a/exit_node.yml b/exit_node.yml new file mode 100644 index 0000000..9f450cc --- /dev/null +++ b/exit_node.yml @@ -0,0 +1,6 @@ +--- +- hosts: gw01.babel.md.freifunk.net: + become: yes + + roles: + - role: network-ffrl