Update fastd peer limit configuration

* add list of legacy gateways (temporarily)
 * change backend-scripts branch to ansible
 * Role server-basic: ensure ffmwu config directory is present
 * Role service-fastd: add fastd-status script
 * role service-fastd-mesh: add templating for fastd peer limit
configuration
This commit is contained in:
Tobias Hachmer 2017-11-06 17:41:17 +01:00
parent 67c915e877
commit 387f3bbf6b
7 changed files with 73 additions and 1 deletions

View file

@ -161,3 +161,8 @@ bgp_mwu_servers:
suesskartoffel: suesskartoffel:
ipv4: 10.37.1.4 ipv4: 10.37.1.4
ipv6: fd37:b4dc:4b1e::a25:104 ipv6: fd37:b4dc:4b1e::a25:104
legacy_gateways:
- ingwer
- lotuswurzel
- spinat

View file

@ -2,7 +2,7 @@
common_repos: common_repos:
backend-scripts: backend-scripts:
repo_url: https://github.com/freifunk-mwu/backend-scripts.git repo_url: https://github.com/freifunk-mwu/backend-scripts.git
version: drop-photon version: ansible
icvpn-meta: icvpn-meta:
repo_url: https://github.com/freifunk/icvpn-meta.git repo_url: https://github.com/freifunk/icvpn-meta.git
version: master version: master

View file

@ -13,3 +13,11 @@
- name: set timezone to Europe/Berlin - name: set timezone to Europe/Berlin
timezone: timezone:
name: Europe/Berlin name: Europe/Berlin
- name: create ffmwu custom config dir
file:
path: /home/admin/.config
state: directory
owner: admin
group: admin
mode: 0750

View file

@ -112,6 +112,14 @@
mode: 0644 mode: 0644
notify: reload systemd notify: reload systemd
- name: write configuration for fastd-peer-limit-update script
template:
src: fastd_peer_limit_config.yaml.j2
dest: /home/admin/.config/fastd_peer_limit_config.yaml
owner: admin
group: admin
mode: 0644
- name: write systemd unit fastd-peer-limit-update.service - name: write systemd unit fastd-peer-limit-update.service
template: template:
src: fastd-peer-limit-update.service.j2 src: fastd-peer-limit-update.service.j2

View file

@ -0,0 +1,26 @@
#
# {{ ansible_managed }}
#
ansible_gate: True
additional: 8
fastd_instances:
{% for mesh in meshes %}
{% for instance in mesh.fastd.nodes.instances %}
- {{ mesh.id }}VPN-{{ instance.mtu }}
{% endfor %}
{% endfor %}
cronlog: '/home/admin/.cronlog/limit.%s.log'
fastd_config: '/etc/fastd/%s/peer_limit.conf'
fastd_status: '/usr/local/bin/fastd-status'
gateways:
{% for gateway in groups['ffmwu-gateways'] %}
- {{ gateway.rstrip('.freifunk-mwu.de') }}
{% endfor %}
{% for gateway in legacy_gateways %}
- {{ gateway }}
{% endfor %}
restart_max: 43200
stat: 'fastd_status.json'
stat_ext: 'http://%s.freifunk-mwu.de/%s'
stat_local: '/var/www/html/%s'
timeout: 900

View file

@ -0,0 +1,17 @@
#!/usr/bin/perl -w
use strict;
use IO::Socket::UNIX qw( SOCK_STREAM );
$ARGV[0] or die("Usage: fastd-status <socket>\n");
my $socket = IO::Socket::UNIX->new(
Type => SOCK_STREAM,
Peer => $ARGV[0],
)
or die("Can't connect to server: $!\n");
foreach my $line (<$socket>) {
print $line;
}

View file

@ -20,3 +20,11 @@
group: root group: root
mode: 0644 mode: 0644
notify: reload systemd notify: reload systemd
- name: copy fastd status script
copy:
src: fastd-status
dest: /usr/local/bin/fastd-status
owner: root
group: root
mode: 0755