Tobias Hachmer
99a77aa0b7
Role server-repos: remove universe-factory repo since fastd package is available in debian upstream
2017-11-09 06:20:23 +01:00
Tobias Hachmer
f0564b5ad2
Role service-respondd: install python3 module dependency
2017-11-07 20:25:39 +01:00
Tobias Hachmer
b1480594fa
Role server-repos: change ffmwu repo to stretch
2017-11-07 20:23:23 +01:00
Tobias Hachmer
fc04651e8b
Lowercase all network interface names
2017-11-06 21:24:56 +01:00
Tobias Hachmer
387f3bbf6b
Update fastd peer limit configuration
...
* add list of legacy gateways (temporarily)
* change backend-scripts branch to ansible
* Role server-basic: ensure ffmwu config directory is present
* Role service-fastd: add fastd-status script
* role service-fastd-mesh: add templating for fastd peer limit
configuration
2017-11-06 17:41:17 +01:00
Tobias Hachmer
67c915e877
Role service-respondd: also listen on fastd-interfaces
2017-10-31 22:54:58 +01:00
Tobias Hachmer
d6eea602b7
Flush handlers after configuring network interfaces
2017-10-29 21:26:10 +01:00
Tobias Hachmer
f00a216fef
Role service-nginx: add autoindex options to default vhost
2017-10-29 21:24:48 +01:00
Tobias Hachmer
dc146df5f7
Add role service-nginx-firmware
2017-10-27 11:41:00 +02:00
Tobias Hachmer
545162a46f
Add role service-nginx
2017-10-27 11:38:02 +02:00
Tobias Hachmer
8212e17d6a
Ensure systemd units are started
2017-10-26 22:35:55 +02:00
Tobias Hachmer
a2110b33ee
Fix some whitespaces
2017-10-26 22:29:15 +02:00
Tobias Hachmer
ac48746a11
Roles service-fastd-[intragate|mesh]: update mac prefixes due to fastd instances change
2017-10-25 19:50:06 +02:00
Tobias Hachmer
57fff0410e
Add role service-respondd
2017-10-15 10:18:26 +02:00
Tobias Hachmer
130980d863
Role network-routing: fix typos in ffmwu-del-ip-rules.sh template
2017-10-14 22:07:01 +02:00
Tobias Hachmer
00307bc9be
Move IP rules from role service-rclocal
to role network-routing
...
- add scripts to configure and delete IP rules via a systemd unit
- delete role `service-rclocal`
- update README.md
- add new handler
2017-10-13 07:59:43 +02:00
Tobias Hachmer
f934a88661
Move all handlers to one single role
2017-10-13 07:28:41 +02:00
Tobias Hachmer
f56215f03c
Remove unnecessary handlers
2017-10-11 22:04:36 +02:00
Tobias Hachmer
79017f02d6
Use package module where possible instead of apt
2017-10-11 17:53:20 +02:00
Tobias Hachmer
4ce00a6ac3
Add role network-routing
...
- move static routes from role service-rclocal to scripts run by systemd
unit
- mv routing specific sysctl settings
2017-10-11 06:52:24 +02:00
Tobias Hachmer
f18e53e4e7
Role service-fastd: use own systemd unit fastd@.service
...
- original uses %I which does not escaping, so dashes will be replaced
by slashes
- use %i instead of %I
2017-10-08 11:35:22 +02:00
Tobias Hachmer
c56dc3504c
Role service-fastd-mesh: fix typo in handler
2017-10-08 10:51:04 +02:00
Tobias Hachmer
534b0d045c
Role network-fastd: update README.md
2017-10-08 09:44:42 +02:00
Tobias Hachmer
e1e723809f
Role network-batman: update batman-ifaces due to fastd instance change
...
- update README.md
2017-10-08 09:36:38 +02:00
Tobias Hachmer
4732338cee
Roles service-fastd-[mesh|intragate]: update role dependencies
2017-10-07 01:08:48 +02:00
Tobias Hachmer
53d30c8ded
Restructure fastd configuration to define multiple instances easily
...
- introduce mesh subdictionary `fastd`
- change fastd instance naming
- change fastd network interface naming (identical with fastd instance
names)
- change mac address prefixes
2017-10-07 00:57:35 +02:00
Tobias Hachmer
63ca114c95
Migrate nested dictionary meshes
into a list of dictionaries
...
- migrate dictionary `ipv6` into two simple lists
- migrate dictionary `forward_zones` into a list
2017-10-06 22:58:00 +02:00
Tobias Hachmer
829d931ff9
Role service-fastd-mesh: add systemd timer for fastd peer limit update script
2017-10-06 11:47:09 +02:00
Tobias Hachmer
7e181923b3
Role service-fastd: ensure fastd service is masked
2017-10-06 10:49:41 +02:00
Tobias Hachmer
a2fa5ff223
Role service-fastd-mesh: move peer limit to a separate file which isn't managed by ansible
2017-10-06 10:38:26 +02:00
Tobias Hachmer
900eacafb2
Fix wrong IP subnet calculation in roles service-radvd + service-rclocal
2017-10-06 09:56:14 +02:00
Tobias Hachmer
ea08c856ac
Update some ipaddr filters
2017-10-06 00:15:31 +02:00
Tobias Hachmer
c4ed75ed36
Roles service-bird[|-ffrl|-icvpn]: rework handlers
2017-10-04 19:46:16 +02:00
Tobias Hachmer
94da0613a4
FFRL Internet Exit: move IPv4 NAT address to a single dummy interface
2017-10-04 13:51:03 +02:00
Tobias Hachmer
cc43741a91
Role network-iptables-gateway: rename var internet_exit_mtu_ipv[4|6] to internet_exit_tcp_mss_ipv[4|6]
2017-10-04 12:55:29 +02:00
Tobias Hachmer
b46be69a26
Role service-rclocal: fix wrong interface
2017-10-04 01:02:15 +02:00
Tobias Hachmer
98e1b60e00
Roles service-fastd-mesh + service-fastd-intragate: rename fastd socket
2017-10-04 00:51:18 +02:00
Tobias Hachmer
817f86abb7
Role service-bird-icvpn: rename systemd unit+timer icvpn-update to icvpn-tinc-bgp-update
2017-10-04 00:25:29 +02:00
Tobias Hachmer
b0f0d63383
Role service-bind-slave: add systemd unit + timer to update icvpn bind config
2017-10-04 00:20:50 +02:00
Tobias Hachmer
31e0b6da67
Role service-bind-slave: fix file permissions
2017-10-04 00:05:53 +02:00
Tobias Hachmer
1f7ab3c620
Role git-repos: change branch of backend-scripts repo to drop-photon
2017-10-03 23:32:00 +02:00
Tobias Hachmer
224a61a481
Role service-bird + service-bird-icvpn: add systemd unit + timer to update roa+peers+tinc hosts
2017-10-03 23:31:15 +02:00
Tobias Hachmer
0fa92eef1c
Role service-fastd-mesh: add systemd unit + timer to update mesh peers
2017-10-03 23:30:02 +02:00
Tobias Hachmer
07a0b25a09
Role service-radvd: make more parameters configurable
2017-10-03 21:24:36 +02:00
Tobias Hachmer
a1705da9a0
Role service-radvd: optimize ipaddr filters
2017-10-03 21:18:39 +02:00
Tobias Hachmer
ef6bedfee5
Update loop keys
2017-10-03 20:52:37 +02:00
Tobias Hachmer
937238d26e
Role service-radvd: update handlers
2017-10-03 20:43:23 +02:00
Tobias Hachmer
7506fae8a5
Role service-tinc: use a task instead of a handler for systemd stuff
2017-10-03 20:40:48 +02:00
Tobias Hachmer
3ee405bdf2
Restructure service-fastd roles
...
- migrate role git-fastd-peers
- add role service-fastd
- add repo clone for ffbin peers (currently hardcoded)
- add role dependency to role service-fastd-mesh +
service-fastd-intragate
- add systemd handlers
2017-10-03 20:25:17 +02:00
Tobias Hachmer
01af6903e6
Role service-fastd-mesh + service-fastd-intragate: fix mac address format
2017-10-03 15:13:00 +02:00
Tobias Hachmer
a112f6305e
Role service-dhcpd: fix disabled notify
2017-10-03 14:44:38 +02:00
Tobias Hachmer
2f32bd6c1e
Restructure network interfaces in order to use ifupdown2
...
- rewrite interface templates for batman, fastd, ffrl and meshbridge
- add package ethtool to role server-basic
- use more ipaddr filters and get rid of unneeded variables in dict
ffrl_exit_server
- change ffrl_public_ipv4_nat variable to ip/prefix format
- update readme files
2017-10-03 14:37:39 +02:00
Tobias Hachmer
821834c4b8
Add role service-bind-slave
2017-10-02 23:34:53 +02:00
Tobias Hachmer
5e38e4f6fb
Role service-bird-icvpn: use a task and not a handler to set file attrs
2017-10-02 23:08:53 +02:00
Tobias Hachmer
2e0e474ba7
Role kmod-batman: load kernel modules
2017-10-02 11:21:01 +02:00
Tobias Hachmer
b285305fe1
Add role network-iptables-gateway
...
- move netfilter specific sysctl settings
2017-10-02 11:18:16 +02:00
Tobias Hachmer
4596743a56
Add readme for role prerequisites
2017-10-02 11:15:58 +02:00
Tobias Hachmer
3a9edaa666
Add version to git modules in roles:
...
- git-fastd-peers
- git-repos
- service-tinc
2017-10-02 11:15:58 +02:00
Tobias Hachmer
41d6fb0ff1
Add role system-sysctl-gateway
2017-10-02 11:15:58 +02:00
Tobias Hachmer
846f385a21
Add role service-tinc
2017-10-02 11:15:58 +02:00
Tobias Hachmer
ab45622570
Role server-basic: add package bridge-utils
2017-09-29 20:34:38 +02:00
Tobias Hachmer
c87cb61a6b
Update readme of roles service-fastd-mesh + service-fastd-intragate
2017-09-28 20:09:18 +02:00
Tobias Hachmer
0edd928ec8
Role service-bird-ffrl: correct ipaddr filters
2017-09-18 13:22:55 +02:00
Tobias Hachmer
1c928881fc
Retouch tasks due to 'become' defaults to True
2017-09-18 13:22:55 +02:00
n0trax
951ab924a5
Set 'become' default to True ( #7 )
2017-09-17 10:11:45 +02:00
Tobias Hachmer
6792950fca
Add role service-bird-ffrl
2017-09-11 23:49:11 +02:00
Tobias Hachmer
dd6d5b6ec5
Add role service-bird-icvpn; add python3-yaml package to server-basic
...
role
2017-09-11 23:35:20 +02:00
Tobias Hachmer
a2816a152e
Add role git-repos
2017-09-11 23:23:34 +02:00
n0trax
84755f8bb9
Move localtestvm to separate role (untested) ( #6 )
2017-09-11 23:23:34 +02:00
Tobias Hachmer
34369638dc
Add role service-bird
2017-09-11 23:23:34 +02:00
Tobias Hachmer
6c238c7416
Add role service-rclocal
2017-09-11 23:23:34 +02:00
n0trax
166c67477b
Add relaxed yamllint config and fix errors
2017-09-11 23:23:34 +02:00
n0trax
4131825286
Modify prerequisites role and integrate prerequisites role into all playbooks ( #4 )
2017-09-11 23:23:34 +02:00
Tobias Hachmer
ed03ad8573
Roles: add role documentation
2017-09-11 23:23:34 +02:00
Tobias Hachmer
94cb21daad
Add a bunch of new roles
...
- Update Readme
- Update ansible.cfg
- Add playbook to set up gateways
- Add group variables
2017-09-11 23:21:44 +02:00
Tobias Hachmer
1f0b5925a8
Role test-prerequisites: improve tasks; update OS to current debian
...
stable
2017-09-05 11:29:13 +02:00
Tobias Hachmer
3270b5cc3e
Inventory: clean up & rename role ffmwu-prereq to test-prerequisites
...
Remove all hosts which aren't set up by ansible, yet. Prepare to start
from scratch. Only add hosts to the inventory which will be set up
completly by ansible.
2017-09-05 11:25:13 +02:00
kaba
ab2efe5df3
not runnable yet!
2016-12-20 16:59:03 +01:00
kaba
8cbb75ffe6
moved apt and pip package handling to sparate role - first step to streamline roles
2016-12-12 16:05:46 +01:00
kaba
e530b3dba2
conflict resolution after concurrent edits
2016-11-28 17:06:28 +01:00
kaba
7ea7290b4f
safeguard not to disrupt manually managed systems
2016-11-28 17:00:44 +01:00
Tobias Hachmer
0cb178663f
Role ffmwu-meshing: rename task file names for better reading
2016-11-28 16:21:13 +01:00
Tobias Hachmer
6127353ae7
Update ansible role ffmwu-build
...
* use ecdsautils from ffmwu debian repo instead of building from source
* remove some trailing white spaces
* use command module instead of shell module where it is possible
* update module syntax to list form for better reading
* role ffmwu-build should be idempotent now
2016-11-26 14:17:14 +01:00
ka-ba
0167536d22
cleeeeaning womaaaan
2016-11-24 00:28:23 +01:00
kaba
d37f6a4e45
replaced photon bootstrap script
2016-11-23 17:59:08 +01:00
kaba
c63e9d9538
rudimental fixes, still failing though
2016-11-23 13:43:37 +01:00
Tobias Hachmer
9dd7b203db
Roles: initially add role ffmwu-build and playbook for build-servers
2016-10-28 16:37:37 +02:00
Tobias Hachmer
1d9b50dbe6
Roles: add tasks to ffmwu-server
...
* ensure system user is present
* ensure vim is the default editor
* ensure timezone is Europe/Berlin (activate with ansible version 2.2)
2016-10-27 08:19:12 +02:00
ka-ba
40fe1d7fb5
fastd config differ for gates and for other meshing servers
2016-10-12 20:24:56 +02:00
ka-ba
1a96ad9ef7
set up meshing server (only local test for now) up to fastd - still missing: batman
2016-09-14 16:39:21 +02:00
ka-ba
ff9f0db3a6
req test for test VMs
2016-08-12 00:58:42 +02:00
ka-ba
33bfb4c427
allow additional ssh keys on specific hosts
2016-07-18 14:59:42 +02:00
ka-ba
07f094c177
kaschu, stonie, Debian
2016-07-16 00:54:54 +02:00
ka-ba
88fc423cc1
setup generic ffmwu server
2016-07-06 16:34:54 +02:00