ansible-ffibk/roles/service-fastd-mesh/tasks/main.yml

172 lines
4.6 KiB
YAML
Raw Normal View History

---
- name: create fastd directories
file:
2017-11-06 21:24:56 +01:00
path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}"
state: directory
mode: 0755
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: create fastd peer mesh directories
file:
2017-11-06 21:24:56 +01:00
path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
state: directory
mode: 0755
owner: admin
group: admin
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: create fastd peer mesh directories for ffbin
file:
2017-11-06 21:24:56 +01:00
path: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
state: directory
mode: 0755
owner: admin
group: admin
loop:
- 1406
- 1312
- name: clone fastd peer mesh repos
git:
repo: "{{ item.1.peers.repo }}"
2017-11-06 21:24:56 +01:00
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
version: "{{ item.1.peers.version }}"
update: no
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
become: false
- name: clone fastd peer mesh repo for ffbin
git:
repo: https://github.com/freifunk-bingen/peers-ffbin.git
2017-11-06 21:24:56 +01:00
dest: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
version: master
update: no
loop:
- 1406
- 1312
become: false
- name: template fastd mesh config
template:
src: fastd-mesh.conf.j2
2017-11-06 21:24:56 +01:00
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/fastd.conf"
notify: restart fastd mesh instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: write fastd mesh secret
template:
src: fastd-secret.conf.j2
2017-11-06 21:24:56 +01:00
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/secret.conf"
notify: restart fastd mesh instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: copy peer_limit.conf if not exist
copy:
src: peer_limit.conf
2017-11-06 21:24:56 +01:00
dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peer_limit.conf"
owner: admin
group: admin
mode: 0640
force: no
notify: restart fastd mesh instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: set file attributes for peer_limit.conf
file:
2017-11-06 21:24:56 +01:00
path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peer_limit.conf"
mode: 0640
owner: admin
group: admin
notify: restart fastd mesh instances
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: write systemd unit fastd-sync-meshkeys.service
template:
src: fastd-sync-meshkeys.service.j2
dest: /etc/systemd/system/fastd-sync-meshkeys.service
owner: root
group: root
mode: 0644
notify: reload systemd
- name: write systemd timer fastd-sync-meshkeys.timer
template:
src: fastd-sync-meshkeys.timer.j2
dest: /etc/systemd/system/fastd-sync-meshkeys.timer
owner: root
group: root
mode: 0644
notify: reload systemd
- name: create fastd_status.json file
file:
path: /var/www/html/fastd_status.json
state: touch
owner: admin
group: admin
mode: 0644
- name: write configuration for fastd-peer-limit-update script
template:
src: fastd_peer_limit_config.yaml.j2
dest: /home/admin/.ffmwu-config/fastd_peer_limit_config.yaml
owner: admin
group: admin
mode: 0644
- name: write systemd unit fastd-peer-limit-update.service
template:
src: fastd-peer-limit-update.service.j2
dest: /etc/systemd/system/fastd-peer-limit-update.service
owner: root
group: root
mode: 0644
notify: reload systemd
- name: write systemd timer fastd-peer-limit-update.timer
template:
src: fastd-peer-limit-update.timer.j2
dest: /etc/systemd/system/fastd-peer-limit-update.timer
owner: root
group: root
mode: 0644
notify: reload systemd
- name: configure systemd timers for fastd-mesh instance
systemd:
name: "{{ item }}.timer"
enabled: yes
state: started
loop:
- fastd-sync-meshkeys
- fastd-peer-limit-update
2017-10-26 22:35:55 +02:00
- name: configure systemd unit fastd@
systemd:
2017-11-06 21:24:56 +01:00
name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
2017-10-26 22:35:55 +02:00
enabled: yes
state: started
loop: "{{ meshes | subelements('fastd.nodes.instances') }}"
- name: build fastd-exporter binary
shell: "GOPATH={{ gopath }} go get -v -u github.com/freifunk-darmstadt/fastd-exporter"
notify: restart fastd-exporter
- name: copy vhost fastd_exporter.conf
template:
src: "fastd_exporter_vhost.conf.j2"
dest: "/etc/nginx/conf.d/fastd_exporter.conf"
notify: restart nginx
- name: create systemd unit for fastd-exporter
template:
src: "fastd-exporter.service.j2"
dest: "/etc/systemd/system/fastd-exporter.service"
notify: reload systemd
- name: configure fastd-exporter systemd unit
systemd:
name: "fastd-exporter.service"
enabled: yes
state: started