Lowercase all network interface names

Readme.md

@@ -30,7 +30,7 @@ Diese Liste ist quasi das Herzstück zur Konfiguration der Mesh-spezifischen Par
 
 |Name|Type|Value|Format|Comment|
 |----|----|-----|------|-------|
-|id  |Variable|mz|string|Zum Teil werden Interface-Namen davon abgeleitet, z.B. `mzBR` oder `mzBAT`|
+|id  |Variable|mz|string|Zum Teil werden Interface-Namen davon abgeleitet, z.B. `mzbr` oder `mzbat`|
 |site_number|Variable|37|integer|Fließt in IP-Adress-Berechnung ein|
 |site_code|Variable|ffmz|string||
 |site_name|Variable|Mainz|string||
@@ -93,7 +93,7 @@ Weitere Gruppen-Variablen:
 |http_domain_external|Variable|freifunk-mwu.de|string|Haupt-Domain für HTTP-Server(extern)|
 |icvpn|Dictionary|||ICVPN Informationen|
 |icvpn.prefix|Key|mwu|string|Prefix für MWU Gateways,  z.B. `mwu7` für Spinat|
-|icvpn.interface|Key|icVPN|string|Name für ICVPN Interface + tinc Instanz|
+|icvpn.interface|Key|icvpn|string|Name für ICVPN Interface + tinc Instanz|
 |icvpn.icvpn_repo|Key|https://github.com/freifunk/icvpn|string|URL zum freifunk/icvpn Repository|
 |bgp_mwu_servers|Dictionary|||Enthält pro BGP MWU peer ein Dictionary - IP-Adressen aus bgp_ipvX_transfer_net|
 |bgp_mwu_servers.spinat|Dictionary||||
@@ -135,11 +135,11 @@ Alle Server- bzw. Gateway-spezifischen Parameter werden als Host-Variablen abgeb
 |ffrl_exit_server.ffrl-b-fra2-fra.tunnel_ipv4_network|Key|100.64.0.188/31|Network/Prefix|Internes IPv4-Tunnel-Subnetz|
 |ffrl_exit_server.ffrl-b-fra2-fra.tunnel_ipv6_network|Key|2a03:2260:0:64::/64|Network/Prefix|Internes IPv6-Tunnel-Subnetz|
 |fastd_secrets|Dictionary|||Ein Eintrag pro fastd-Interface mit passwordstore lookup zum pass-Pfad|
-|fastd_secrets.mzVPN|Key|"{{ lookup('passwordstore', 'fastd/mzVPN/spinat subkey=secret') }}"|||
-|fastd_secrets.wiVPN|Key|"{{ lookup('passwordstore', 'fastd/wiVPN/spinat subkey=secret') }}"|||
-|fastd_secrets.mzigVPN|Key|"{{ lookup('passwordstore', 'fastd/mzVPN/spinat subkey=secret') }}"|||
-|fastd_secrets.wiigVPN|Key|"{{ lookup('passwordstore', 'fastd/wiVPN/spinat subkey=secret') }}"|||
-|tinc_private_key|Variable|"{{ lookup('passwordstore', 'tinc/icVPN/spinat_private returnall=true') }}"||Passwordstore lookup zum pass-Pfad|
+|fastd_secrets.mzvpn|Key|"{{ lookup('passwordstore', 'fastd/mzvpn/spinat subkey=secret') }}"|||
+|fastd_secrets.wivpn|Key|"{{ lookup('passwordstore', 'fastd/wivpn/spinat subkey=secret') }}"|||
+|fastd_secrets.mzigvpn|Key|"{{ lookup('passwordstore', 'fastd/mzvpn/spinat subkey=secret') }}"|||
+|fastd_secrets.wiigvpn|Key|"{{ lookup('passwordstore', 'fastd/wivpn/spinat subkey=secret') }}"|||
+|tinc_private_key|Variable|"{{ lookup('passwordstore', 'tinc/icvpn/spinat_private returnall=true') }}"||Passwordstore lookup zum pass-Pfad|
 
 ## Sensible Informationen
 
@@ -196,13 +196,13 @@ ffrl_exit_server:
 
 # Pfade zu den fastd secrets im passwordstore
 fastd_secrets:
-  mzVPN: "{{ lookup('passwordstore', 'fastd/mzVPN/$Hostname subkey=secret') }}"
-  wiVPN: "{{ lookup('passwordstore', 'fastd/wiVPN/$Hostname subkey=secret') }}"
-  mzigVPN: "{{ lookup('passwordstore', 'fastd/mzVPN/$Hostname subkey=secret') }}"
-  wiigVPN: "{{ lookup('passwordstore', 'fastd/wiVPN/$Hostname subkey=secret') }}"
+  mzvpn: "{{ lookup('passwordstore', 'fastd/mzvpn/$Hostname subkey=secret') }}"
+  wivpn: "{{ lookup('passwordstore', 'fastd/wivpn/$Hostname subkey=secret') }}"
+  mzigvpn: "{{ lookup('passwordstore', 'fastd/mzvpn/$Hostname subkey=secret') }}"
+  wiigvpn: "{{ lookup('passwordstore', 'fastd/wivpn/$Hostname subkey=secret') }}"
 
 # Pfade zum tinc secret im passwordstore
-tinc_private_key: "{{ lookup('passwordstore', 'tinc/icVPN/$hostname_private returnall=true') }}"
+tinc_private_key: "{{ lookup('passwordstore', 'tinc/icvpn/$hostname_private returnall=true') }}"
 ```
 - Neues Gateway aufsetzen per `ansible-playbook playbooks/gateways.yml`
   - Hierbei werden die definierten Rollen auch auf schon aufgesetzte Gateways angewandt, was unkritisch ist, weil wir unsere Rollen idempotent schreiben.

inventory/group_vars/all

@@ -130,7 +130,7 @@ meshes:
 
 icvpn:
   prefix: mwu
-  interface: icVPN
+  interface: icvpn
   icvpn_repo: https://github.com/freifunk/icvpn
 
 bgp_mwu_servers:

roles/handlers/handlers/main.yml

@@ -36,7 +36,7 @@
 
 - name: restart fastd intragate instances
   systemd:
-    name: "fastd@{{ item.0.id }}igVPN-{{ item.1.mtu }}"
+    name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
     state: restarted
   with_subelements:
     - "{{ meshes }}"
@@ -44,7 +44,7 @@
 
 - name: restart fastd mesh instances
   systemd:
-    name: "fastd@{{ item.0.id }}VPN-{{ item.1.mtu }}"
+    name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
     state: restarted
   with_subelements:
     - "{{ meshes }}"

roles/network-batman/README.md

@@ -43,4 +43,4 @@ meshes:
 Die MAC-Adressen der Interfaces werden aus dem IPv4-Subnetz sowie der `magic`-Nummer des Hosts berechnet.
 
 xx0-prefix: `02:00`
-xxBAT-prefix: `02:01`
+xxbat-prefix: `02:01`

roles/network-batman/tasks/main.yml

@@ -9,7 +9,7 @@
 - name: create batman interfaces
   template:
     src: batman.j2
-    dest: "/etc/network/interfaces.d/{{ item.id }}BAT"
+    dest: "/etc/network/interfaces.d/{{ item.id }}bat"
   notify: reload network interfaces
   with_items: "{{ meshes }}"
 

roles/network-batman/templates/batman.j2

@@ -4,10 +4,10 @@
 #
 # {{ ansible_managed }}
 #
-auto {{ item.id }}BAT
-iface {{ item.id }}BAT
+auto {{ item.id }}bat
+iface {{ item.id }}bat
     hwaddress {{ mac | hwaddr('linux') }}
-    batman-ifaces {{ item.id }}0 {% for instance in item.fastd.nodes.instances %}{{ item.id }}VPN-{{ instance.mtu }}{% if not loop.last %} {% endif %}{% endfor %} {% for instance in item.fastd.intragate.instances %}{{ item.id }}igVPN-{{ instance.mtu }}{% if not loop.last %} {% endif %}{% endfor %}
+    batman-ifaces {{ item.id }}0 {% for instance in item.fastd.nodes.instances %}{{ item.id }}vpn-{{ instance.mtu }}{% if not loop.last %} {% endif %}{% endfor %} {% for instance in item.fastd.intragate.instances %}{{ item.id }}igvpn-{{ instance.mtu }}{% if not loop.last %} {% endif %}{% endfor %}
     batman-hop-penalty {{ item.batman.hop_penalty }}
     post-up /usr/sbin/batctl -m $IFACE it {{ item.batman.it }}
     post-up /usr/sbin/batctl -m $IFACE gw {{ item.batman.gw }}

roles/network-fastd/README.md

@@ -5,8 +5,8 @@ Diese Ansible role konfiguriert Netzwerk Interfaces für die definierten fastd I
 Es wird zwischen node- und intragate-Instanzen unterschieden.
 
 ## Interface-Benamung
-Node-Interfaces: $mesh.id + VPN + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzVPN-1312"
-Intragate-Interfaces: $mesh.id + 'ig' + VPN + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigVPN-1312"
+Node-Interfaces: $mesh.id + vpn + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzvpn-1312"
+Intragate-Interfaces: $mesh.id + 'ig' + vpn + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigvpn-1312"
 
 ## Benötigte Variablen
 
@@ -36,5 +36,5 @@ meshes:
 
 Die MAC-Adressen der Interfaces werden aus dem IPv4-Subnetz sowie der `magic`-Nummer des Hosts berechnet.
 
-xxVPN-$mtu prefix: `02:2x` # x = ID der fastd-Instanz
-xxigVPN-$mtu prefix: `02:3x` # x = ID der fastd-Instanz
+xxvpn-$mtu prefix: `02:2x` # x = ID der fastd-Instanz
+xxigvpn-$mtu prefix: `02:3x` # x = ID der fastd-Instanz

roles/network-fastd/tasks/main.yml

@@ -2,7 +2,7 @@
 - name: create fastd mesh interfaces
   template:
     src: fastd-mesh.j2
-    dest: "/etc/network/interfaces.d/{{ item.0.id }}VPN-{{ item.1.mtu }}"
+    dest: "/etc/network/interfaces.d/{{ item.0.id }}vpn-{{ item.1.mtu }}"
   notify: reload network interfaces
   with_subelements:
     - "{{ meshes }}"
@@ -11,7 +11,7 @@
 - name: create fastd intragate interfaces
   template:
     src: fastd-intragate.j2
-    dest: "/etc/network/interfaces.d/{{ item.0.id }}igVPN-{{ item.1.mtu }}"
+    dest: "/etc/network/interfaces.d/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
   notify: reload network interfaces
   with_subelements:
     - "{{ meshes }}"

roles/network-fastd/templates/fastd-intragate.j2

@@ -3,6 +3,6 @@
 #
 # {{ ansible_managed }}
 #
-auto {{ item.0.id }}igVPN-{{ item.1.mtu }}
-iface {{ item.0.id }}igVPN-{{ item.1.mtu }}
+auto {{ item.0.id }}igvpn-{{ item.1.mtu }}
+iface {{ item.0.id }}igvpn-{{ item.1.mtu }}
     hwaddress {{ mac | hwaddr('linux') }}

roles/network-fastd/templates/fastd-mesh.j2

@@ -3,6 +3,6 @@
 #
 # {{ ansible_managed }}
 #
-auto {{ item.0.id }}VPN-{{ item.1.mtu }}
-iface {{ item.0.id }}VPN-{{ item.1.mtu }}
+auto {{ item.0.id }}vpn-{{ item.1.mtu }}
+iface {{ item.0.id }}vpn-{{ item.1.mtu }}
     hwaddress {{ mac | hwaddr('linux') }}

roles/network-iptables-gateway/templates/rules.v4.j2

@@ -9,7 +9,7 @@
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 {% for mesh in meshes %}
--A FORWARD -i {{ mesh.id }}BR -o {{ mesh.id }}BR -j ACCEPT
+-A FORWARD -i {{ mesh.id }}br -o {{ mesh.id }}br -j ACCEPT
 {% endfor %}
 -A FORWARD -m conntrack --ctstate INVALID -j DROP
 -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

roles/network-iptables-gateway/templates/rules.v6.j2

@@ -8,7 +8,7 @@
 -A INPUT -m conntrack --ctstate INVALID -j DROP
 -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 {% for mesh in meshes %}
--A FORWARD -i {{ mesh.id }}BR -o {{ mesh.id }}BR -j ACCEPT
+-A FORWARD -i {{ mesh.id }}br -o {{ mesh.id }}br -j ACCEPT
 {% endfor %}
 -A FORWARD -m conntrack --ctstate INVALID -j DROP
 -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

roles/network-meshbridge/README.md

@@ -27,4 +27,4 @@ meshes:
 
 Die MAC-Adressen der Interfaces werden aus dem IPv4-Subnetz sowie der `magic`-Nummer des Hosts berechnet.
 
-xxBR-prefix: `02:10`
+xxbr-prefix: `02:10`

roles/network-meshbridge/tasks/main.yml

@@ -2,14 +2,14 @@
 - name: create mesh bridges
   template:
     src: bridge.j2
-    dest: "/etc/network/interfaces.d/{{ item.id }}BR"
+    dest: "/etc/network/interfaces.d/{{ item.id }}br"
   notify: reload network interfaces
   with_items: "{{ meshes }}"
 
 - name: set sysfs variables
   template:
     src: sysfs.j2
-    dest: "/etc/sysfs.d/99-{{ item.id }}BR.conf"
+    dest: "/etc/sysfs.d/99-{{ item.id }}br.conf"
   with_items: "{{ meshes }}"
   notify: activate sysfs variables
 

roles/network-meshbridge/templates/bridge.j2

@@ -3,8 +3,8 @@
 #
 # {{ ansible_managed }}
 #
-auto {{ item.id }}BR
-iface {{ item.id }}BR
+auto {{ item.id }}br
+iface {{ item.id }}br
     hwaddress {{ mac | hwaddr('linux') }}
     address {{ item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('ip/prefix') }}
 {% for prefix in item.ipv6_ula %}
@@ -13,4 +13,4 @@ iface {{ item.id }}BR
 {% for prefix in item.ipv6_public %}
     address {{ prefix | ipaddr('net') | ipsubnet(64, 0) | ipaddr(magic) | ipaddr('ip/prefix') }}
 {% endfor %}
-    bridge-ports {{ item.id }}BAT
+    bridge-ports {{ item.id }}bat

roles/network-meshbridge/templates/sysfs.j2

@@ -1,4 +1,4 @@
 #
 # {{ ansible_managed }}
 #
-class/net/{{ item.id }}BR/bridge/hash_max = 16384
+class/net/{{ item.id }}br/bridge/hash_max = 16384

roles/network-routing/templates/ffmwu-add-ip-rules.sh.j2

@@ -7,7 +7,7 @@
 {% for mesh in meshes %}
 ip -4 rule add from {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup mwu priority 7
 ip -4 rule add to {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup mwu priority 7
-ip -4 rule add from all oif {{ mesh.id }}BR lookup mwu priority 7
+ip -4 rule add from all oif {{ mesh.id }}br lookup mwu priority 7
 {% for ula in mesh.ipv6_ula %}
 ip -6 rule add from {{ ula }} lookup mwu priority 7
 ip -6 rule add to {{ ula }} lookup mwu priority 7
@@ -16,14 +16,14 @@ ip -6 rule add to {{ ula }} lookup mwu priority 7
 ip -6 rule add from {{ public }} lookup mwu priority 7
 ip -6 rule add to {{ public }} lookup mwu priority 7
 {% endfor %}
-ip -6 rule add from all oif {{ mesh.id }}BR lookup mwu priority 7
+ip -6 rule add from all oif {{ mesh.id }}br lookup mwu priority 7
 {% endfor %}
 
 # Priority 23 - lookup rt_table icvpn for all incoming traffic of freifunk bridges
 {% for mesh in meshes %}
 ip -4 rule add from {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup icvpn priority 23
 ip -4 rule add to {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup icvpn priority 23
-ip -4 rule add from all oif {{ mesh.id }}BR lookup icvpn priority 23
+ip -4 rule add from all oif {{ mesh.id }}br lookup icvpn priority 23
 {% for ula in mesh.ipv6_ula %}
 ip -6 rule add from {{ ula }} lookup icvpn priority 23
 ip -6 rule add to {{ ula }} lookup icvpn priority 23
@@ -32,10 +32,10 @@ ip -6 rule add to {{ ula }} lookup icvpn priority 23
 ip -6 rule add from {{ public }} lookup icvpn priority 23
 ip -6 rule add to {{ public }} lookup icvpn priority 23
 {% endfor %}
-ip -6 rule add from all oif {{ mesh.id }}BR lookup icvpn priority 23
+ip -6 rule add from all oif {{ mesh.id }}br lookup icvpn priority 23
 {% endfor %}
-ip -4 rule add from all oif icVPN lookup icvpn priority 23
-ip -6 rule add from all oif icVPN lookup icvpn priority 23
+ip -4 rule add from all oif icvpn lookup icvpn priority 23
+ip -6 rule add from all oif icvpn lookup icvpn priority 23
 
 # Priority 41 - lookup rt_table internet for all incoming traffic of freifunk bridges
 {% for mesh in meshes %}
@@ -48,23 +48,23 @@ ip -6 rule add to {{ ula }} lookup internet priority 41
 ip -6 rule add from {{ public }} lookup internet priority 41
 ip -6 rule add to {{ public }} lookup internet priority 41
 {% endfor %}
-ip -6 rule add from all oif {{ mesh.id }}BR lookup internet priority 41
+ip -6 rule add from all oif {{ mesh.id }}br lookup internet priority 41
 {% endfor %}
 ip -4 rule add from {{ ffrl_public_ipv4_nat | ipaddr('host') }} lookup internet priority 41
 ip -4 rule add to {{ ffrl_public_ipv4_nat | ipaddr('host') }} lookup internet priority 41
 
 # Priority 61 - at this point this is the end of policy routing for freifunk related routes
 {% for mesh in meshes %}
-ip -4 rule add from all iif {{ mesh.id }}BR type unreachable priority 61
-ip -6 rule add from all iif {{ mesh.id }}BR type unreachable priority 61
+ip -4 rule add from all iif {{ mesh.id }}br type unreachable priority 61
+ip -6 rule add from all iif {{ mesh.id }}br type unreachable priority 61
 {% endfor %}
-ip -4 rule add from all iif icVPN type unreachable priority 61
+ip -4 rule add from all iif icvpn type unreachable priority 61
 ip -4 rule add from all iif {{ ansible_default_ipv4.interface }} type unreachable priority 61
 {% for server_id, server_value in ffrl_exit_server.iteritems() %}
 ip -4 rule add from all iif {{ server_id }} type unreachable priority 61
 ip -6 rule add from all iif {{ server_id }} type unreachable priority 61
 {% endfor %}
-ip -6 rule add from all iif icVPN type unreachable priority 61
+ip -6 rule add from all iif icvpn type unreachable priority 61
 ip -6 rule add from all iif {{ ansible_default_ipv6.interface }} type unreachable priority 61
 {% for mesh in meshes %}
 {% for public in mesh.ipv6_public %}

roles/network-routing/templates/ffmwu-add-static-routes.sh.j2

@@ -5,13 +5,13 @@
 
 {% for mesh in meshes %}
 # static {{ mesh.site_name }} routes for rt_table mwu
-/sbin/ip -4 route add {{ mesh.ipv4_network }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -4 route add {{ mesh.ipv4_network }} proto static dev {{ mesh.id }}br table mwu
 {% for ula in mesh.ipv6_ula %}
-/sbin/ip -6 route add {{ ula | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -6 route add {{ ula | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}br table mwu
 {% endfor %}
 {% for public in mesh.ipv6_public %}
-/sbin/ip -6 route add {{ public | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}BR table mwu
-/sbin/ip -6 route add {{ public | ipaddr('net') | ipsubnet(56, magic) | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -6 route add {{ public | ipaddr('net') | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}br table mwu
+/sbin/ip -6 route add {{ public | ipaddr('net') | ipsubnet(56, magic) | ipsubnet(64, 0) | ipaddr('subnet') }} proto static dev {{ mesh.id }}br table mwu
 {% endfor %}
 {% if not loop.last %}
 

roles/network-routing/templates/ffmwu-del-ip-rules.sh.j2

@@ -7,7 +7,7 @@
 {% for mesh in meshes %}
 ip -4 rule del from {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup mwu priority 7
 ip -4 rule del to {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup mwu priority 7
-ip -4 rule del from all oif {{ mesh.id }}BR lookup mwu priority 7
+ip -4 rule del from all oif {{ mesh.id }}br lookup mwu priority 7
 {% for ula in mesh.ipv6_ula %}
 ip -6 rule del from {{ ula }} lookup mwu priority 7
 ip -6 rule del to {{ ula }} lookup mwu priority 7
@@ -16,14 +16,14 @@ ip -6 rule del to {{ ula }} lookup mwu priority 7
 ip -6 rule del from {{ public }} lookup mwu priority 7
 ip -6 rule del to {{ public }} lookup mwu priority 7
 {% endfor %}
-ip -6 rule del from all oif {{ mesh.id }}BR lookup mwu priority 7
+ip -6 rule del from all oif {{ mesh.id }}br lookup mwu priority 7
 {% endfor %}
 
 # Priority 23 - lookup rt_table icvpn for all incoming traffic of freifunk bridges
 {% for mesh in meshes %}
 ip -4 rule del from {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup icvpn priority 23
 ip -4 rule del to {{ mesh.ipv4_network | ipaddr('network') }}/16 lookup icvpn priority 23
-ip -4 rule del from all oif {{ mesh.id }}BR lookup icvpn priority 23
+ip -4 rule del from all oif {{ mesh.id }}br lookup icvpn priority 23
 {% for ula in mesh.ipv6_ula %}
 ip -6 rule del from {{ ula }} lookup icvpn priority 23
 ip -6 rule del to {{ ula }} lookup icvpn priority 23
@@ -32,10 +32,10 @@ ip -6 rule del to {{ ula }} lookup icvpn priority 23
 ip -6 rule del from {{ public }} lookup icvpn priority 23
 ip -6 rule del to {{ public }} lookup icvpn priority 23
 {% endfor %}
-ip -6 rule del from all oif {{ mesh.id }}BR lookup icvpn priority 23
+ip -6 rule del from all oif {{ mesh.id }}br lookup icvpn priority 23
 {% endfor %}
-ip -4 rule del from all oif icVPN lookup icvpn priority 23
-ip -6 rule del from all oif icVPN lookup icvpn priority 23
+ip -4 rule del from all oif icvpn lookup icvpn priority 23
+ip -6 rule del from all oif icvpn lookup icvpn priority 23
 
 # Priority 41 - lookup rt_table internet for all incoming traffic of freifunk bridges
 {% for mesh in meshes %}
@@ -48,23 +48,23 @@ ip -6 rule del to {{ ula }} lookup internet priority 41
 ip -6 rule del from {{ public }} lookup internet priority 41
 ip -6 rule del to {{ public }} lookup internet priority 41
 {% endfor %}
-ip -6 rule del from all oif {{ mesh.id }}BR lookup internet priority 41
+ip -6 rule del from all oif {{ mesh.id }}br lookup internet priority 41
 {% endfor %}
 ip -4 rule del from {{ ffrl_public_ipv4_nat | ipaddr('host') }} lookup internet priority 41
 ip -4 rule del to {{ ffrl_public_ipv4_nat | ipaddr('host') }} lookup internet priority 41
 
 # Priority 61 - at this point this is the end of policy routing for freifunk related routes
 {% for mesh in meshes %}
-ip -4 rule del from all iif {{ mesh.id }}BR type unreachable priority 61
-ip -6 rule del from all iif {{ mesh.id }}BR type unreachable priority 61
+ip -4 rule del from all iif {{ mesh.id }}br type unreachable priority 61
+ip -6 rule del from all iif {{ mesh.id }}br type unreachable priority 61
 {% endfor %}
-ip -4 rule del from all iif icVPN type unreachable priority 61
+ip -4 rule del from all iif icvpn type unreachable priority 61
 ip -4 rule del from all iif {{ ansible_default_ipv4.interface }} type unreachable priority 61
 {% for server_id, server_value in ffrl_exit_server.iteritems() %}
 ip -4 rule del from all iif {{ server_id }} type unreachable priority 61
 ip -6 rule del from all iif {{ server_id }} type unreachable priority 61
 {% endfor %}
-ip -6 rule del from all iif icVPN type unreachable priority 61
+ip -6 rule del from all iif icvpn type unreachable priority 61
 ip -6 rule del from all iif {{ ansible_default_ipv6.interface }} type unreachable priority 61
 {% for mesh in meshes %}
 {% for public in mesh.ipv6_public %}

roles/network-routing/templates/ffmwu-del-static-routes.sh.j2

@@ -5,13 +5,13 @@
 
 {% for mesh in meshes %}
 # static {{ mesh.site_name }} routes for rt_table mwu
-/sbin/ip -4 route del {{ mesh.ipv4_network }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -4 route del {{ mesh.ipv4_network }} proto static dev {{ mesh.id }}br table mwu
 {% for ula in mesh.ipv6_ula %}
-/sbin/ip -6 route del {{ ula | ipaddr('net') | ipsubnet(64, 0) }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -6 route del {{ ula | ipaddr('net') | ipsubnet(64, 0) }} proto static dev {{ mesh.id }}br table mwu
 {% endfor %}
 {% for public in mesh.ipv6_public %}
-/sbin/ip -6 route del {{ public | ipaddr('net') | ipsubnet(64, 0) }} proto static dev {{ mesh.id }}BR table mwu
-/sbin/ip -6 route del {{ public | ipaddr('net') | ipsubnet(64, magic) }} proto static dev {{ mesh.id }}BR table mwu
+/sbin/ip -6 route del {{ public | ipaddr('net') | ipsubnet(64, 0) }} proto static dev {{ mesh.id }}br table mwu
+/sbin/ip -6 route del {{ public | ipaddr('net') | ipsubnet(64, magic) }} proto static dev {{ mesh.id }}br table mwu
 {% endfor %}
 {% if not loop.last %}
 

roles/service-bird/templates/bird.conf.j2

@@ -51,7 +51,7 @@ protocol device {
 
 protocol direct mwu_subnets {
 {% for mesh in meshes %}
-    interface "{{ mesh.id }}BR";
+    interface "{{ mesh.id }}br";
 {% endfor %}
     import where is_mwu_self_nets();
 };

roles/service-bird/templates/bird6.conf.j2

@@ -40,7 +40,7 @@ protocol device {
 
 protocol direct mwu_subnets {
 {% for mesh in meshes %}
-    interface "{{ mesh.id }}BR";
+    interface "{{ mesh.id }}br";
 {% endfor %}
     import where is_mwu_self_nets();
 };

roles/service-dhcpd/tasks/main.yml

@@ -6,7 +6,7 @@
 
 - name: concatenate meshbridge interfaces
   set_fact:
-    dhcp_interfaces: "{% for mesh in meshes %}{{ mesh.id }}BR{% if not loop.last %} {% endif %}{% endfor %}"
+    dhcp_interfaces: "{% for mesh in meshes %}{{ mesh.id }}br{% if not loop.last %} {% endif %}{% endfor %}"
 
 - name: set ipv4 interfaces isc dhcp should listen on
   lineinfile:

roles/service-fastd-intragate/README.md

@@ -2,7 +2,7 @@
 
 Diese Ansible role konfiguriert die fastd-Instanz für die Intra-Server Kommunikation.
 
-- konfiguriert xxigVPN-Instanzen
+- konfiguriert xxigvpn-Instanzen
 - stellt sicher, dass die Instanz-Verzeichnisse existieren
 - schreibt fastd.conf
 - schreibt secret.conf
@@ -31,8 +31,8 @@ meshes:
 - Dictionary `fastd_secrets` (Host-Variable)
 ´´´
 fastd_secrets:
-  mzigVPN: "{{ lookup('passwordstore', 'fastd/mzigVPN/sparegate4 subkey=secret') }}"
-  wiigVPN: "{{ lookup('passwordstore', 'fastd/wiigVPN/sparegate4 subkey=secret') }}"
+  mzigvpn: "{{ lookup('passwordstore', 'fastd/mzigvpn/sparegate4 subkey=secret') }}"
+  wiigvpn: "{{ lookup('passwordstore', 'fastd/wiigvpn/sparegate4 subkey=secret') }}"
   ...
 
 ´´´

roles/service-fastd-intragate/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: create fastd intragate directories
   file:
-    path: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}"
+    path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}"
     state: directory
     mode: 0755
   with_subelements:
@@ -10,7 +10,7 @@
 
 - name: create fastd peer intragate directories
   file:
-    path: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/peers"
+    path: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
     state: directory
     mode: 0755
     owner: admin
@@ -22,7 +22,7 @@
 - name: clone fastd peer intragate repos
   git:
     repo: "{{ item.1.peers.repo }}"
-    dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/peers"
+    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/peers"
     version: "{{ item.1.peers.version }}"
     update: no
   with_subelements:
@@ -33,7 +33,7 @@
 - name: template fastd mesh config
   template:
     src: fastd-intragate.conf.j2
-    dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/fastd.conf"
+    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/fastd.conf"
   notify: restart fastd intragate instances
   with_subelements:
     - "{{ meshes }}"
@@ -42,7 +42,7 @@
 - name: write fastd intragate secret
   template:
     src: fastd-secret.conf.j2
-    dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/secret.conf"
+    dest: "/etc/fastd/{{ item.0.id }}igvpn-{{ item.1.mtu }}/secret.conf"
   notify: restart fastd intragate instances
   with_subelements:
     - "{{ meshes }}"
@@ -50,7 +50,7 @@
 
 - name: configure systemd unit fastd@
   systemd:
-    name: "fastd@{{ item.0.id }}igVPN-{{ item.1.mtu }}"
+    name: "fastd@{{ item.0.id }}igvpn-{{ item.1.mtu }}"
     enabled: yes
     state: started
   with_subelements:

roles/service-fastd-intragate/templates/fastd-intragate.conf.j2

@@ -9,7 +9,7 @@ hide mac addresses yes;
 
 method "aes128-ctr+umac";
 
-interface "{{ item.0.id }}igVPN-{{ item.1.mtu }}";
+interface "{{ item.0.id }}igvpn-{{ item.1.mtu }}";
 
 bind {{ ansible_default_ipv4.address | ipaddr('public') }}:11{{ item.1.id }}{{ item.0.site_number }};
 bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:11{{ item.1.id }}{{ item.0.site_number }};
@@ -27,11 +27,11 @@ on up "
     ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE
     ip link set $INTERFACE up
 
-    batctl -m {{ item.0.id }}BAT if add $INTERFACE
+    batctl -m {{ item.0.id }}bat if add $INTERFACE
 ";
 
 on down "
-    batctl -m {{ item.0.id }}BAT if del $INTERFACE
+    batctl -m {{ item.0.id }}bat if del $INTERFACE
 ";
 
-status socket "/var/run/fastd-{{ item.0.id }}igVPN-{{ item.1.mtu }}.status";
+status socket "/var/run/fastd-{{ item.0.id }}igvpn-{{ item.1.mtu }}.status";

roles/service-fastd-intragate/templates/fastd-secret.conf.j2

@@ -1,4 +1,4 @@
-{% set local_interface = item.0.id + 'igVPN' -%}
+{% set local_interface = item.0.id + 'igvpn' -%}
 #
 # {{ ansible_managed }}
 #

roles/service-fastd-mesh/README.md

@@ -11,8 +11,8 @@ Diese Ansible role konfiguriert die fastd-Instanz für die Knoten Kommunikation.
 - klont bingener fastd peer repo (im Moment hardcoded)
 
 ## Instanz-Benamung
-Node-Instanzen: $mesh.id + VPN + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzVPN-1312"
-Intragate-Instanzen: $mesh.id + 'ig' + VPN + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigVPN-1312"
+Node-Instanzen: $mesh.id + vpn + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzvpn-1312"
+Intragate-Instanzen: $mesh.id + 'ig' + vpn + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigvpn-1312"
 
 ## Benötigte Variablen
 
@@ -35,8 +35,8 @@ meshes:
 - Dictionary `fastd_secrets` (Host-Variable)
 ´´´
 fastd_secrets:
-  mzVPN: "{{ lookup('passwordstore', 'fastd/mzVPN/sparegate4 subkey=secret') }}"
-  wiVPN: "{{ lookup('passwordstore', 'fastd/wiVPN/sparegate4 subkey=secret') }}"
+  mzvpn: "{{ lookup('passwordstore', 'fastd/mzvpn/sparegate4 subkey=secret') }}"
+  wivpn: "{{ lookup('passwordstore', 'fastd/wivpn/sparegate4 subkey=secret') }}"
   ...
 
 ´´´

roles/service-fastd-mesh/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: create fastd directories
   file:
-    path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}"
+    path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}"
     state: directory
     mode: 0755
   with_subelements:
@@ -10,7 +10,7 @@
 
 - name: create fastd peer mesh directories
   file:
-    path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peers"
+    path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
     state: directory
     mode: 0755
     owner: admin
@@ -21,7 +21,7 @@
 
 - name: create fastd peer mesh directories for ffbin
   file:
-    path: "/etc/fastd/mzVPN-{{ item }}/peers_bingen"
+    path: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
     state: directory
     mode: 0755
     owner: admin
@@ -33,7 +33,7 @@
 - name: clone fastd peer mesh repos
   git:
     repo: "{{ item.1.peers.repo }}"
-    dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peers"
+    dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peers"
     version: "{{ item.1.peers.version }}"
     update: no
   with_subelements:
@@ -44,7 +44,7 @@
 - name: clone fastd peer mesh repo for ffbin
   git:
     repo: https://github.com/freifunk-bingen/peers-ffbin.git
-    dest: "/etc/fastd/mzVPN-{{ item }}/peers_bingen"
+    dest: "/etc/fastd/mzvpn-{{ item }}/peers_bingen"
     version: master
     update: no
   with_items:
@@ -55,7 +55,7 @@
 - name: template fastd mesh config
   template:
     src: fastd-mesh.conf.j2
-    dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/fastd.conf"
+    dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/fastd.conf"
   notify: restart fastd mesh instances
   with_subelements:
     - "{{ meshes }}"
@@ -64,7 +64,7 @@
 - name: write fastd mesh secret
   template:
     src: fastd-secret.conf.j2
-    dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/secret.conf"
+    dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/secret.conf"
   notify: restart fastd mesh instances
   with_subelements:
     - "{{ meshes }}"
@@ -73,7 +73,7 @@
 - name: copy peer_limit.conf if not exist
   copy:
     src: peer_limit.conf
-    dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peer_limit.conf"
+    dest: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peer_limit.conf"
     owner: admin
     group: admin
     mode: 0640
@@ -85,7 +85,7 @@
 
 - name: set file attributes for peer_limit.conf
   file:
-    path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peer_limit.conf"
+    path: "/etc/fastd/{{ item.0.id }}vpn-{{ item.1.mtu }}/peer_limit.conf"
     mode: 0640
     owner: admin
     group: admin
@@ -149,7 +149,7 @@
 
 - name: configure systemd unit fastd@
   systemd:
-    name: "fastd@{{ item.0.id }}VPN-{{ item.1.mtu }}"
+    name: "fastd@{{ item.0.id }}vpn-{{ item.1.mtu }}"
     enabled: yes
     state: started
   with_subelements:

roles/service-fastd-mesh/templates/fastd-mesh.conf.j2

@@ -9,7 +9,7 @@ hide mac addresses yes;
 
 method "salsa2012+umac";
 
-interface "{{ item.0.id }}VPN-{{ item.1.mtu }}";
+interface "{{ item.0.id }}vpn-{{ item.1.mtu }}";
 
 bind {{ ansible_default_ipv4.address | ipaddr('public') }}:10{{ item.1.id }}{{ item.0.site_number }};
 bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:10{{ item.1.id }}{{ item.0.site_number }};
@@ -34,11 +34,11 @@ on up "
     ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE
     ip link set $INTERFACE up
 
-    batctl -m {{ item.0.id }}BAT if add $INTERFACE
+    batctl -m {{ item.0.id }}bat if add $INTERFACE
 ";
 
 on down "
-    batctl -m {{ item.0.id }}BAT if del $INTERFACE
+    batctl -m {{ item.0.id }}bat if del $INTERFACE
 ";
 
-status socket "/var/run/fastd-{{ item.0.id }}VPN-{{ item.1.mtu }}.status";
+status socket "/var/run/fastd-{{ item.0.id }}vpn-{{ item.1.mtu }}.status";

roles/service-fastd-mesh/templates/fastd-secret.conf.j2

@@ -1,4 +1,4 @@
-{% set local_interface = item.0.id + 'VPN' -%}
+{% set local_interface = item.0.id + 'vpn' -%}
 #
 # {{ ansible_managed }}
 #

roles/service-fastd-mesh/templates/fastd_peer_limit_config.yaml.j2

@@ -6,7 +6,7 @@ additional: 8
 fastd_instances:
 {% for mesh in meshes %}
 {% for instance in mesh.fastd.nodes.instances %}
-  - {{ mesh.id }}VPN-{{ instance.mtu }}
+  - {{ mesh.id }}vpn-{{ instance.mtu }}
 {% endfor %}
 {% endfor %}
 cronlog: '/home/admin/.cronlog/limit.%s.log'

roles/service-radvd/templates/radvd.conf.j2

@@ -3,7 +3,7 @@
 # {{ ansible_managed }}
 #
 {% for mesh in meshes %}
-interface {{ mesh.id }}BR
+interface {{ mesh.id }}br
 {
 	AdvSendAdvert on;
 	IgnoreIfMissing on;

roles/service-respondd/templates/respondd.service.j2

@@ -2,7 +2,7 @@
 Description=respondd instance {{ item.id }}
 
 [Service]
-ExecStart=/home/admin/clones/mesh-announce/respondd.py -i {{ item.id }}BR {% for interface in item.fastd.nodes.instances %}-i {{ item.id }}VPN-{{ interface.mtu }}{% if not loop.last %} {% endif %}{% endfor %} -b {{ item.id }}BAT -s {{ item.site_code }} -d /home/admin/clones/mesh-announce/
+ExecStart=/home/admin/clones/mesh-announce/respondd.py -i {{ item.id }}br {% for interface in item.fastd.nodes.instances %}-i {{ item.id }}vpn-{{ interface.mtu }}{% if not loop.last %} {% endif %}{% endfor %} -b {{ item.id }}bat -s {{ item.site_code }} -d /home/admin/clones/mesh-announce/
 Restart=always
 Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 

roles/service-tinc/README.md

@@ -3,7 +3,7 @@
 Diese Ansible role installiert und konfiguriert den tinc daemon, der für die Verbindung in das InterCity-VPN benötigt wird.
 
 - installiert tinc
-- erzeugt icVPN tinc Instanz
+- erzeugt icvpn tinc Instanz
   - klont freifunk/icvpn repo
   - schreibt tinc.conf
   - schreibt tinc-up hook script
@@ -16,7 +16,7 @@ Diese Ansible role installiert und konfiguriert den tinc daemon, der für die Ve
 ```
 icvpn:
   prefix: mwu
-  interface: icVPN
+  interface: icvpn
   icvpn_repo: https://github.com/freifunk/icvpn
 ```
 - Variable `icvpn_ipv4_transfer_net`
@@ -30,12 +30,12 @@ routing_tables:
 - Host Variable `magic`
 - Host Variable `tinc_private_key`
 ```
-tinc_private_key: "{{ lookup('passwordstore', 'tinc/icVPN/$Hostname_private returnall=true') }}"
+tinc_private_key: "{{ lookup('passwordstore', 'tinc/icvpn/$Hostname_private returnall=true') }}"
 ```
 
 ## tinc private key
 
-Der private Schlüssel der icVPN tinc-Instanz liegt im passwordstore.
+Der private Schlüssel der icvpn tinc-Instanz liegt im passwordstore.
 Bevor man ein Gateway aufsetzt, muss der private Schlüssel generiert und im passwordstore hinterlegt werden.
 Die Variable `tinc_private_key` folgt dem Aufbau:
 ```