diff --git a/roles/service-fastd-mesh/tasks/main.yml b/roles/service-fastd-mesh/tasks/main.yml index 6e63df0..5fcc5ed 100644 --- a/roles/service-fastd-mesh/tasks/main.yml +++ b/roles/service-fastd-mesh/tasks/main.yml @@ -59,6 +59,48 @@ notify: restart fastd mesh instances loop: "{{ meshes | subelements('fastd.nodes.instances') }}" +- name: install redis-server + apt: + name: redis-server + state: latest + default_release: stretch-backports + +- name: build fastd-limiter + shell: "go get -v -u github.com/freifunk-mwu/fastd-limiter" + environment: + GOPATH: "{{ gopath }}" + +- name: write fastd-limiter config + template: + src: fastd-limiter.yaml.j2 + dest: /etc/fastd-limiter.yaml + owner: admin + group: admin + mode: 0644 + +- name: write systemd units for fastd-limiter + template: + src: "{{ item }}.j2" + dest: "/etc/systemd/system/{{ item }}" + owner: root + group: root + mode: 0644 + notify: reload systemd + loop: + - fastd-limiter-limit.service + - fastd-limiter-limit.timer + - fastd-limiter-peers.service + - fastd-limiter-peers.timer + +- name: configure systemd timers for fastd-limiter + systemd: + name: "{{ item }}" + enabled: yes + state: started + loop: + - fastd-limiter-limit.timer + - fastd-limiter-peers.timer + - name: write systemd unit fastd-sync-meshkeys.service template: src: fastd-sync-meshkeys.service.j2 diff --git a/roles/service-fastd-mesh/templates/fastd-limiter-limit.service.j2 b/roles/service-fastd-mesh/templates/fastd-limiter-limit.service.j2 new file mode 100644 index 0000000..772208c --- /dev/null +++ b/roles/service-fastd-mesh/templates/fastd-limiter-limit.service.j2 @@ -0,0 +1,11 @@ +# +# {{ ansible_managed }} +# +[Unit] +Description=Update fastd peer limits + +[Service] +Type=oneshot +ExecStart={{ gopath }}/bin/fastd-limiter limit +User=admin +Group=admin diff --git a/roles/service-fastd-mesh/templates/fastd-limiter-limit.timer.j2 b/roles/service-fastd-mesh/templates/fastd-limiter-limit.timer.j2 new file mode 100644 index 0000000..be68d3c --- /dev/null +++ b/roles/service-fastd-mesh/templates/fastd-limiter-limit.timer.j2 @@ -0,0 +1,12 @@ +# +# {{ ansible_managed }} +# +[Unit] +Description=Timer which schedules fastd-limiter-limit.service + +[Timer] +OnBootSec=5min +OnUnitActiveSec=5min + +[Install] +WantedBy=timers.target diff --git a/roles/service-fastd-mesh/templates/fastd-limiter-peers.service.j2 b/roles/service-fastd-mesh/templates/fastd-limiter-peers.service.j2 new file mode 100644 index 0000000..80edf0d --- /dev/null +++ b/roles/service-fastd-mesh/templates/fastd-limiter-peers.service.j2 @@ -0,0 +1,11 @@ +# +# {{ ansible_managed }} +# +[Unit] +Description=Update fastd connected peers + +[Service] +Type=oneshot +ExecStart={{ gopath }}/bin/fastd-limiter peers +User=admin +Group=admin diff --git a/roles/service-fastd-mesh/templates/fastd-limiter-peers.timer.j2 b/roles/service-fastd-mesh/templates/fastd-limiter-peers.timer.j2 new file mode 100644 index 0000000..e0f0724 --- /dev/null +++ b/roles/service-fastd-mesh/templates/fastd-limiter-peers.timer.j2 @@ -0,0 +1,12 @@ +# +# {{ ansible_managed }} +# +[Unit] +Description=Timer which schedules fastd-limiter-peers.service + +[Timer] +OnBootSec=5min +OnUnitActiveSec=1min + +[Install] +WantedBy=timers.target diff --git a/roles/service-fastd-mesh/templates/fastd-limiter.yaml.j2 b/roles/service-fastd-mesh/templates/fastd-limiter.yaml.j2 new file mode 100644 index 0000000..e21da6b --- /dev/null +++ b/roles/service-fastd-mesh/templates/fastd-limiter.yaml.j2 @@ -0,0 +1,17 @@ +# +# {{ ansible_managed }} +# + +additional: 8 + +redis_db: '127.0.0.1:6379' + +fastd_keys: '{{ git_path }}/peers-ffmwu' +key_ttl: 900 + +gateways: +{% for gateway in groups['ffmwu-gateways'] %} + - {{ gateway.rsplit('.freifunk-mwu.de')[0] }} +{% endfor %} + +metrics_url: 'https://%s.freifunk-mwu.de:9281/metrics'