Freifunk-Troisdorf/ansible.fftdf.supernode
5
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Housekeeping

Browse Source
This commit is contained in:
Freifunk Troisdorf 2019-02-05 21:40:58 +01:00
parent b1f766c946
commit 41e55996ac
17 changed files with 11 additions and 1000 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
files/authorized_keys
View File

@ -2,8 +2,4 @@ ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEAos0JvQsyAsP3FcsqDCBTDqzUGBeoxMKDj/SSRoy5MBDP
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM0d9uUUdkK80fYEAz+IwxbhQO2qsr87Q4uxxwqQCvjVWryL+IuKMBJJGroWDMz2d9UJcIXEYdMz4436U0DoPJuoXe5iDsVvum3Vz3276My+tqx1bZWCktPa8Isft7mO/wfELNjRNQduUiwh2y712s7/3GQI+5Rs/65HuLHTnpLKrlfptqmsmYw+IUFDzGwBLJ6sqP90ywjKkperPCAH3IWcTsQwnW3EJFPToMg6BrQslZlxx/z+co3e6jCWzUuuIRP9jp4SmNVfYaVGb1cOFdL1p1P0qWHBHdGUnXHZ+c773VKVSj+spUBxKGqNC1EhRCYTsPDLVrYrhKl2BRLcgB stefan@Stefan-Linux ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDM0d9uUUdkK80fYEAz+IwxbhQO2qsr87Q4uxxwqQCvjVWryL+IuKMBJJGroWDMz2d9UJcIXEYdMz4436U0DoPJuoXe5iDsVvum3Vz3276My+tqx1bZWCktPa8Isft7mO/wfELNjRNQduUiwh2y712s7/3GQI+5Rs/65HuLHTnpLKrlfptqmsmYw+IUFDzGwBLJ6sqP90ywjKkperPCAH3IWcTsQwnW3EJFPToMg6BrQslZlxx/z+co3e6jCWzUuuIRP9jp4SmNVfYaVGb1cOFdL1p1P0qWHBHdGUnXHZ+c773VKVSj+spUBxKGqNC1EhRCYTsPDLVrYrhKl2BRLcgB stefan@Stefan-Linux
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAgEA5OYOF+VBtXXxv/wZkT5K3P7QAUJaM88zJqeGh8NJCO7EDg9jLoWLzAP7LnM9XEA4ycWdl8HX1+EUKqVXAbSNItTZZkO9LCbIiIe1w8oJd2j9hY0IpxPqbz9ePPZh0JtxAZMh3NgOoSiND0leAeOt0lTlDPh4g3G4KvR33d9PIj5ZerU47ceLyy4xEwNbZDKD04+frpq1W+lDqglR0jV/h/pcoQTAEBflbmGLeXIXRsR6zq/of4Wx/MlX18VD9SXPLGXvQ5c4lt5PvV/oeHz4gEjPv2hrI3s3fyWakadAuI9ah48CaEgpVReUGjtYDc0PskvjAH/+slqIHW1D5El+R1Z/2wn/aEGokFHUc0SiFb3NAOwxWvMtUHhXi9ZiTHt0p/0FwWZ1pxqRzODvK8uZ7LAJRGe6q9NYQkIax6SLOfWm4MFWDpDLgWz5MSbPqo+Kfo0614z1mxA3vpY53lUqEGRx4I6z/PDaOHMFd3sxhSMPGvmMvAOLTRofFppwUq1YqQkd6embsJjBN0gU9AilpL5Q2il0OoW4g0rUR8HPJczuDzmHZTXpPU2dY6MhAJ0sbNmk0XhmyoEH9/A1zPEHmirTcBMmbFUsYmR6+MnHEhxnRu5PQpXqcu2vN+JAeasgJShRl7g+rHIdutswHUAWWyfgaD0GF3f6zuOLooz1XQU= localadmin@tst-ansible ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsaIe542Vk0/sH0GEEMPhjDHBip0PI6OX/teuTLu/osvdb9Hj7432HUlEsiw8cfkCZBXtkQGlYXRVjiZkRxc8CzDpOkq75ZcqTfhmf/tCejBbgSFfdruViU11cFHIdznOqe3PeFM+8BJzHf2Gwnb5P/Q0RDYQ05Hfr9LhQVw3IXM2VInE+xR0sMj2rNr8g8lYa9X/+boElwqFiJqaRyb61XI0DYIXuxFQkg/E2bxvrtbrYJt9Pv5Mu0HYY2Q+xGqOGwPjxtqIixG9ne4EkiQkshFhfnTegfRMmhuSa0G6+Qqh5e4RPbtCGOW27tqXNUo0zDtcNaoWqUCIDkplTlUsimXT8PO+qiwMpXuVBYiwLat3N97kin8GAXoxYdrYdALopLbbkWx/7e06vqwBmF4tsPMcTRKOEIJgWIAVyxxr999Q5GNWA52m7iTNIWH1ExeTm/FQrbU4QCY6YThqhC3AVTYcUINNVZuFp19tNkNydUDOqPtwG0c+Bi8y15RBPUzQDbTgTR3zayuiOc26MYH4SGoSGNKeQjbJWr8MDsGi+NGMs2crYXirYVziPPXdY+im3fBH3UuRDkfbfvl4gXpDYxEUh/8GYdMLnttk2ifoBtlynEhxyunoKm7Z3V8mTikON70/ko6QkOmei/r/F+V9Se6FFsOTUIufwu6BC9+hBkw== localadmin@ansible
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDA2KJvzjFxFrjJvxJj/AZ3rPKGT15JUnV7LhTo0BuXITwx+DpEK6u2m3yjigf2B8ws4VbpL7ceWyP8L3wspozqbqOgyYrQ9TISipkNV9O/DzR+F8R7mhn5mV7+pEOJu1Ba6rtYTfJTcloRKklfO9UjaFLwM69H0GNsomcKMd5Kl4c7DMMwcpXfhb8b7ET5agtfAhXU0CHalnhdAVCwmsC3mj9blOLlX4lxFLonGKVcZB7nWQEmvVAG+9yp6UWZZzeBCPea8Bw4hUVAZcsbK9XLbE4D+gUoxHu2oKGRja4kUnYmlWZOyqlUGbRD6bUxmnW1aBCh8x+b91YLlGv38vT6Y/sy0tPOoVK5kHxJ2yQmnlpgRzgBZf8Kl9ouO/onvExR787C+6TGG834ROW3SaiEeta0RvWwLzugexotT02qqpJmlIXu+gpvN+O9LSfQWzcaCFJTB6MD8mox1ks/W15Uij1pCeleUmiFdVtmt3PCs/ouuG1Uhm9MSWOBNwdFlTpAngopqBHSKYpTY+LhDD9Bv+U4Tno3i4dIGLYqNVmaRij2A0jZeSKOi/OgAaQsD7CzrDhn7C8dlsBFzPjtpFNqgk2Ss5bv3dpfQhBKsaxAe0X5W57vqJD+986039H3fj9/2o2PGuWCNr1LCWSjiy8t/P++cbn0rGdJAIexgTj3Q== supernodeadmin@update1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUTvOdUbtWOmQ1HHh1rNm9LvGozlVPOu0XVcmZ2/NfSOrDbnN99Y4o2Q2mm/ZITWtEZkijnS+LdqB/SO+I2c8NWQO3+gCd9WzI/pqRso2eDIMtPfidnEGdUi4+hHmT96TGOh6P/SrR71646AJkQr5vxLDs/U/57uyTxNwgHFYb1zfekeK4J8gm9StfiGTdfFDTQsYQljrO0YxGrNG2koRXDwgUca4kGjx/HYwnjtl1nDRSAa8HvgxqAASFFrqSOhCkrlCgxoKZZwGIFccYTcAJFDhqIG32q2tRAQOtqxy5OWbTkJLBTBaR7dG4W9iYHbV6vscfNQD7Ml3aMrS+TA0x stefan@ff-stefan@tst-office

1
files/bataddif.sh.j2
View File

@ -14,5 +14,4 @@ do
fi fi
done done
#echo "enabled" > /sys/devices/virtual/net/$INTERFACE/batman_adv/no_rebroadcast
$brctl addif br-nodes $INTERFACE $brctl addif br-nodes $INTERFACE

6
files/check_mk-dhcp.sh
View File

@ -1,6 +0,0 @@
#!/bin/bash
datum=$(date "+%b %d")
hostname=$(hostname)
clients=$(cat /var/log/syslog | grep "$(date "+%b %d")" | grep DHCPACK | grep -o -E '([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}' | sort | uniq | wc -l)
echo "nc.gateways."$hostname" $clients `date +%s`" | nc -n -q 5 10.188.0.10 2003
echo "0 Uniq-Clients count=$clients - $clients Uniq Clients heute"

392
files/check_mk-speedtest-cli
View File

@ -1,392 +0,0 @@
#! /bin/bash
#
# Script to check Internet connection speed using speedtest-cli
#
# Jon Witts - 20150228
#
#########################################################################################################################################################
#
# Nagios Exit Codes
#
# 0 = OK = The plugin was able to check the service and it appeared to be functioning properly
# 1 = Warning = The plugin was able to check the service, but it appeared to be above some warning
# threshold or did not appear to be working properly
# 2 = Critical = The plugin detected that either the service was not running or it was above some critical threshold
# 3 = Unknown = Invalid command line arguments were supplied to the plugin or low-level failures internal
# to the plugin (such as unable to fork, or open a tcp socket) that prevent it from performing the specified operation.
# Higher-level errors (such as name resolution errors, socket timeouts, etc) are outside of the control of plugins
# and should generally NOT be reported as UNKNOWN states.
#
########################################################################################################################################################
plugin_name="Nagios speedtest-cli plugin"
version="1.2 2015022818.19"
#####################################################################
#
# CHANGELOG
#
# Version 1.0 - Initial Release
#
# Version 1.1 - Added requirement to use server id in test and need to define
# full path to speedtest binary - thanks to Sigurdur Bjarnason
# for changes and improvements
#
# Version 1.2 - Added ability to check speed from an internal Speedtest Mini
# server. Idea sugested by Erik Brouwer
#
#
#
#####################################################################
# function to output script usage
usage()
{
cat << EOF
******************************************************************************************
$plugin_name - Version: $version
OPTIONS:
-h Show this message
-w Download Warning Level - *Required* - integer or floating point
-c Download Critical Level - *Required* - integer or floating point
-W Upload Warning Level - *Required* - integer or floating point
-C Upload Critical Level - *Required* - integer or floating point
-l Location of speedtest server - *Required * - takes either "i" or "e". If you pass "i" for
Internal then you will need to pass the URL of the Mini Server to the "s" option. If you pass
"e" for External then you must pass the server integer to the "s" option.
-s Server integer or URL for the speedtest server to test against - *Required* - Run
"speedtest --list | less" to find your nearest server and note the number of the server
or use the URL of an internal Speedtest Mini Server
-p Output Performance Data
-v Output plugin version
-V Output debug info for testing
This script will output the Internet Connection Speed using speedtest-cli to Nagios.
You need to have installed speedtest-cli on your system first and ensured that it is
working by calling "speedtest --simple".
See here: https://github.com/sivel/speedtest-cli for info about speedtest-cli
First you MUST define the location of your speedtest install in the script or this will
not work.
The speedtest-cli can take some time to return its result. I recommend that you set the
service_check_timeout value in your main nagios.cfg to 120 to allow time for
this script to run; but test yourself and adjust accordingly.
You also need to have access to bc on your system for this script to work and that it
exists in your path.
Your warning levels must be higher than your critical levels for both upload and download.
Performance Data will output upload and download speed against matching warning and
critical levels.
Jon Witts
******************************************************************************************
EOF
}
#####################################################################
# function to output error if speedtest binary location not set
locundef()
{
cat << EOF
******************************************************************************************
$plugin_name - Version: $version
You have not defined the location of the speedtest binary in the script! You MUST do
this before running the script. See line 170 of the script!
******************************************************************************************
EOF
}
#####################################################################
# function to check if a variable is numeric
# expects variable to check as first argument
# and human description of variable as second
isnumeric()
{
re='^[0-9]+([.][0-9]+)?$'
if ! [[ $1 =~ $re ]]; then
echo $2" with a value of: "$1" is not a number!"
usage
exit 3
fi
}
#####################################################################
# functions for floating point operations - require bc!
#####################################################################
# Default scale used by float functions.
float_scale=3
#####################################################################
# Evaluate a floating point number expression.
function float_eval()
{
local stat=0
local result=0.0
if [[ $# -gt 0 ]]; then
result=$(echo "scale=$float_scale; $*" | bc -q 2>/dev/null)
stat=$?
if [[ $stat -eq 0 && -z "$result" ]]; then stat=1; fi
fi
echo $result
return $stat
}
#####################################################################
# Evaluate a floating point number conditional expression.
function float_cond()
{
local cond=0
if [[ $# -gt 0 ]]; then
cond=$(echo "$*" | bc -q 2>/dev/null)
if [[ -z "$cond" ]]; then cond=0; fi
if [[ "$cond" != 0 && "$cond" != 1 ]]; then cond=0; fi
fi
local stat=$((cond == 0))
return $stat
}
########### End of functions ########################################
# Set up the variable for the location of the speedtest binary.
# Edit the line below so that the variable is defined as the location
# to speedtest on your system. On mine it is /usr/local/bin
# Ensure to leave the last slash off!
# You MUST define this or the script will not run!
STb=/usr/bin
# Set up the variables to take the arguments
DLw=150.00
DLc=100.00
ULw=150.00
ULc=100.00
Loc=e
# Server ID, if 0 using nearest server
SEs=0
#PerfData=TRUE
PerfData=
debug=
# Retrieve the arguments using getopts
while getopts "hw:c:W:C:l:s:pvV" OPTION
do
case $OPTION in
h)
usage
exit 3
;;
w)
DLw=$OPTARG
;;
c)
DLc=$OPTARG
;;
W)
ULw=$OPTARG
;;
C)
ULc=$OPTARG
;;
l)
Loc=$OPTARG
;;
s)
SEs=$OPTARG
;;
p)
PerfData="TRUE"
;;
v)
echo "$plugin_name. Version number: $version"
exit 3
;;
V)
debug="TRUE"
;;
esac
done
# Check if the Speedtest binary variable $STb has been defined and exit with warning if not
if [[ -z $STb ]]
then
locundef
exit 3
fi
# Check for empty arguments and exit to usage if found
if [[ -z $DLw ]] || [[ -z $DLc ]] || [[ -z $ULw ]] || [[ -z $ULc ]] || [[ -z $Loc ]] || [[ -z $SEs ]]
then
usage
exit 3
fi
# Check for invalid argument passed to $Loc and exit to usage if found
if [[ "$Loc" != "e" ]] && [[ "$Loc" != "i" ]]
then
usage
exit 3
fi
# Check for non-numeric arguments
isnumeric $DLw "Download Warning Level"
isnumeric $DLc "Download Critical Level"
isnumeric $ULw "Upload Warning Level"
isnumeric $ULc "Upload Critical Level"
#isnumeric $Serv "Server Number ID"
# Check that warning levels are not less than critical levels
if float_cond "$DLw < $DLc"; then
echo "\$DLw is less than \$DLc!"
usage
exit 3
elif float_cond "$ULw < $ULc"; then
echo "\$ULw is less than \$ULc!"
usage
exit 3
fi
# Output arguments for debug
if [ "$debug" == "TRUE" ]; then
echo "Download Warning Level = "$DLw
echo "Download Critical Level = "$DLc
echo "Upload Warning Level = "$ULw
echo "Upload Critical Level = "$ULc
echo "Server Location = "$Loc
echo "Server URL or Integer = "$SEs
fi
#Set command up depending upon internal or external
if [ "$Loc" == "e" ]; then
if [ "$debug" == "TRUE" ]; then
echo "External Server defined"
fi
if [ "$SEs" == "0" ]; then
if [ "$debug" == "TRUE" ]; then
echo "no SEs specified"
fi
command=$($STb/speedtest --simple)
else
command=$($STb/speedtest --server=$SEs --simple)
fi
elif [ "$Loc" == "i" ]; then
if [ "$debug" == "TRUE" ]; then
echo "Internal Server defined"
fi
command=$($STb/speedtest --mini=$SEs --simple)
else
if [ "$debug" == "TRUE" ]; then
echo "We should never get here as we checked the contents of Location variable earlier!"
fi
usage
exit 3
fi
# Get the output of the speedtest into an array
# so we can begin to process it
i=1
typeset -a array
array=($command)
# Check if array empty or not having at least 9 indicies
element_count=${#array[@]}
expected_count="9"
# Output array indicies count for debug
if [ "$debug" == "TRUE" ]; then
echo "count = $element_count"
fi
if [ "$element_count" -ne "$expected_count" ]; then
echo "You do not have the expected number of indices in your output from SpeedTest. Is it correctly installed?"
usage
exit 3
fi
# echo contents of speedtest for debug
if [ "$debug" == "TRUE" ]; then
echo "$command"
fi
# split array into our variables for processing
ping=${array[1]}
pingUOM=${array[2]}
download=${array[4]}
downloadUOM=${array[5]}
upload=${array[7]}
uploadUOM=${array[8]}
# echo each array for debug
if [ "$debug" == "TRUE" ]; then
echo "Ping = "$ping
echo "Download = "$download
echo "Upload = "$upload
fi
#set up our nagios status and exit code variables
status=
nagcode=
# now we check to see if returned values are within defined ranges
# we will make use of bc for our math!
if float_cond "$download < $DLc"; then
if [ "$debug" == "TRUE" ]; then
echo "Download less than critical limit. \$download = $download and \$DLc = $DLc "
fi
status="CRITICAL"
nagcode=2
elif float_cond "$upload < $ULc"; then
if [ "$debug" == "TRUE" ]; then
echo "Upload less than critical limit. \$upload = $upload and \$ULc = $ULc"
fi
status="CRITICAL"
nagcode=2
elif float_cond "$download < $DLw"; then
if [ "$debug" == "TRUE" ]; then
echo "Download less than warning limit. \$download = $download and \$DLw = $DLw"
fi
status="WARNING"
nagcode=1
elif float_cond "$upload < $ULw"; then
if [ "$debug" == "TRUE" ]; then
echo "Upload less than warning limit. \$upload = $upload and \$ULw = $ULw"
fi
status="WARNING"
nagcode=1
else
if [ "$debug" == "TRUE" ]; then
echo "Everything within bounds!"
fi
status="OK"
nagcode=0
fi
#nagout="$status - Ping = $ping $pingUOM Download = $download $downloadUOM Upload = $upload $uploadUOM"
#perfout="|'download'=$download;$DLw;$DLc 'upload'=$upload;$ULw;$ULc"
nagout="$nagcode speedtest-cli download=$download;$DLw;$DLc|upload=$upload;$ULw;$ULc|ping=$ping;250;500 Ping = $ping $pingUOM Download = $download $downloadUOM Upload = $upload $uploadUOM"
# append perfout if argument was passed to script
if [ "$PerfData" == "TRUE" ]; then
if [ "$debug" == "TRUE" ]; then
echo "PerfData requested!"
fi
nagout=$nagout$perfout
fi
echo $nagout
exit $nagcode

28
files/check_mk.conf
View File

@ -1,28 +0,0 @@
service check_mk
{
type = UNLISTED
port = 6556
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/bin/check_mk_agent
# listen on IPv4 AND IPv6 when available on this host
#flags = IPv6
# If you use fully redundant monitoring and poll the client
# from more then one monitoring servers in parallel you might
# want to use the agent cache wrapper:
#server = /usr/bin/check_mk_caching_agent
# configure the IP address(es) of your Nagios server here:
only_from = 78.47.37.172
# Don't be too verbose. Don't log every check. This might be
# commented out for debugging. If this option is commented out
# the default options will be used for this service.
log_on_success =
disable = no
}

70
files/ckeck_mk-supernode
View File

@ -1,70 +0,0 @@
#!/bin/bash
#/usr/lib/check_mk_agent/local
export LANG=de_DE.UTF-8
function confline # get first line from file $1 mathing $2, stripped of # and ; comment lines, stripped spaces and tabs down to spaces, remove trailing ;
{
echo $(cat $1|grep -v '^$\|^\s*\#'|sed -e "s/[[:space:]]\+/ /g"|sed s/^\ //|sed s/\;//|grep -i "$2"|head -n 1)
}
function ati # ipv4 to longint
{
ip4=$1; ipno=0
for (( i=0 ; i<4 ; ++i )); do
((ipno+=${ip4%%.*}*$((254**$((3-${i})))))) # .0 .255 should not be counted
ip4=${ip4#*.}
done
echo $ipno
}
## static data
bat_version=$(batctl -v);
kernel=$(uname -r);
release=$(lsb_release -ds);
## Batman
echo "0 Batman-Version Version=$bat_version; $bat_version"
list=$(ls -F /sys/kernel/debug/batman_adv|grep /)
for i in $list; do
z=$(ls /sys/kernel/debug/batman_adv/$i|wc -l)
if [ $z -ge 9 ]; then
b=$(echo $i|cut -d '/' -f1)
router=$(($(batctl -m $b o|wc -l)-2 ))
clients=$(grep -cEo "\[.*W.*\]+" /sys/kernel/debug/batman_adv/$b/transtable_global)
gateways=$(( $(batctl -m $b gwl|wc -l) -1 ))
ips=$(( $(batctl -m $b dc|wc -l) - 2))
wlow=$(( $router * 20 / 100 ))
clow=$(( $router * 5 / 100 ))
wlimit=$(( $router * 5 ))
climit=$(( $router * 10 ))
echo "P Batman-$b Router=$router.0;5:250;1:500|Clients=$clients.0;$wlow.0:$wlimit.0;$clow.0:$climit.0|Gateways=$gateways.0;0:3;0:5;|IPs=$ips.0";
fi;
done
## isc-dhcpd-server leases
# needs script https://github.com/eulenfunk/scripts/blob/master/dhcpleases
if [ -r /opt/freifunk/dhcpleases ] ; then
totalleases=2040
activeleases=$(python /opt/freifunk/dhcpleases|grep "^| Total"|cut -d":" -f2|sed s/\ //)
remainingleases=$(($totalleases - $activeleases))
actwarn=$(($totalleases * 75 / 100))
actcrit=$(($totalleases * 90 / 100))
echo "P Dhcp-Leases active-leases=$activeleases.0;5:$actwarn;1:$actcrit active:$activeleases remaining:$remainingleases pool=$totalleases";
fi
#L2TP
l_tunnel=$(ip a |grep l2tp | grep br-nodes -c);
tunneldigger=$(ifconfig|grep br-nodes -c);
echo "P L2TP Clients=$l_tunnel.0;1:100;0:150|Tunneldiggerbridges=$tunneldigger.0;0.1:1;0.1:2; L2TP-Clients:$l_tunnel Tunneldiggerbridges:$tunneldigger"
## Conntrack
conntrack=$(conntrack -C);
conntrack_limit=$(sysctl -a 2>/dev/null |grep net.nf_conntrack_max|cut -d ' ' -f 3);
conntrack_remain=$(echo $conntrack_limit - $conntrack|bc)
wlow=0.1
clow=1.1
wlimit=$(echo $conntrack_limit *0.7|bc)
climit=$(echo $conntrack_limit *0.9|bc)
wrlimit=$(echo $conntrack_limit *0.3|bc)
crlimit=$(echo $conntrack_limit *0.1|bc)
echo "P Conntrack conntrack=$conntrack.0;$wlow:$wlimit;$clow:$climit|conntrack_remain=$conntrack_remain.0;$wrlimit:$conntrack_limit;$crlimit:$conntrack_limit; Conntrack:$conntrack Conntrack-Remain:$conntrack_remain Conntrack-Limit:$conntrack_limit"

54
files/collectd.conf.j2
View File

@ -1,54 +0,0 @@
# Config file for collectd(1).
#
# Some plugins need additional configuration and are disabled by default.
# Please read collectd.conf(5) for details.
#
# You should also read /usr/share/doc/collectd-core/README.Debian.plugins
# before enabling any more plugins.
## General ##
Hostname "{{ sn_hostname }}"
FQDNLookup true
BaseDir "/var/lib/collectd"
PluginDir "/usr/lib/collectd"
Interval 60
Timeout 2
ReadThreads 5
## Load Plugins ##
LoadPlugin write_graphite
LoadPlugin syslog
LoadPlugin cpu
LoadPlugin load
LoadPlugin memory
LoadPlugin processes
LoadPlugin conntrack
LoadPlugin users
LoadPlugin uptime
LoadPlugin interface
LoadPlugin filecount
<Plugin "filecount">
<Directory "/opt/freifunk/tunneldigger_interfaces">
Instance "tunneldigger-connections"
Name "l2tp*"
</Directory>
</Plugin>
<Plugin write_graphite>
<Carbon>
Host "10.188.0.10"
Port "2003"
Prefix "collectd.gateways."
StoreRates true
AlwaysAppendDS false
EscapeCharacter "_"
</Carbon>
</Plugin>
<Plugin syslog>
LogLevel info
</Plugin>
###########################################################
Include "/etc/collectd/filters.conf"
Include "/etc/collectd/thresholds.conf"

260
files/dhcpleases
View File

@ -1,260 +0,0 @@
#!/usr/bin/python
# source: http://askubuntu.com/revisions/fb67e8e2-efd4-4d0e-bb2f-416855fd8369/view-source
# by http://askubuntu.com/users/499043/dfsmith
import datetime, bisect
def parse_timestamp(raw_str):
tokens = raw_str.split()
if len(tokens) == 1:
if tokens[0].lower() == 'never':
return 'never';
else:
raise Exception('Parse error in timestamp')
elif len(tokens) == 3:
return datetime.datetime.strptime(' '.join(tokens[1:]),
'%Y/%m/%d %H:%M:%S')
else:
raise Exception('Parse error in timestamp')
def timestamp_is_ge(t1, t2):
if t1 == 'never':
return True
elif t2 == 'never':
return False
else:
return t1 >= t2
def timestamp_is_lt(t1, t2):
if t1 == 'never':
return False
elif t2 == 'never':
return t1 != 'never'
else:
return t1 < t2
def timestamp_is_between(t, tstart, tend):
return timestamp_is_ge(t, tstart) and timestamp_is_lt(t, tend)
def parse_hardware(raw_str):
tokens = raw_str.split()
if len(tokens) == 2:
return tokens[1]
else:
raise Exception('Parse error in hardware')
def strip_endquotes(raw_str):
return raw_str.strip('"')
def identity(raw_str):
return raw_str
def parse_binding_state(raw_str):
tokens = raw_str.split()
if len(tokens) == 2:
return tokens[1]
else:
raise Exception('Parse error in binding state')
def parse_next_binding_state(raw_str):
tokens = raw_str.split()
if len(tokens) == 3:
return tokens[2]
else:
raise Exception('Parse error in next binding state')
def parse_rewind_binding_state(raw_str):
tokens = raw_str.split()
if len(tokens) == 3:
return tokens[2]
else:
raise Exception('Parse error in next binding state')
def parse_leases_file(leases_file):
valid_keys = {
'starts': parse_timestamp,
'ends': parse_timestamp,
'tstp': parse_timestamp,
'tsfp': parse_timestamp,
'atsfp': parse_timestamp,
'cltt': parse_timestamp,
'hardware': parse_hardware,
'binding': parse_binding_state,
'next': parse_next_binding_state,
'rewind': parse_rewind_binding_state,
'uid': strip_endquotes,
'client-hostname': strip_endquotes,
'option': identity,
'set': identity,
'on': identity,
'abandoned': None,
'bootp': None,
'reserved': None,
}
leases_db = {}
lease_rec = {}
in_lease = False
in_failover = False
for line in leases_file:
if line.lstrip().startswith('#'):
continue
tokens = line.split()
if len(tokens) == 0:
continue
key = tokens[0].lower()
if key == 'lease':
if not in_lease:
ip_address = tokens[1]
lease_rec = {'ip_address' : ip_address}
in_lease = True
else:
raise Exception('Parse error in leases file')
elif key == 'failover':
in_failover = True
elif key == '}':
if in_lease:
for k in valid_keys:
if callable(valid_keys[k]):
lease_rec[k] = lease_rec.get(k, '')
else:
lease_rec[k] = False
ip_address = lease_rec['ip_address']
if ip_address in leases_db:
leases_db[ip_address].insert(0, lease_rec)
else:
leases_db[ip_address] = [lease_rec]
lease_rec = {}
in_lease = False
elif in_failover:
in_failover = False
continue
else:
raise Exception('Parse error in leases file')
elif key in valid_keys:
if in_lease:
value = line[(line.index(key) + len(key)):]
value = value.strip().rstrip(';').rstrip()
if callable(valid_keys[key]):
lease_rec[key] = valid_keys[key](value)
else:
lease_rec[key] = True
else:
raise Exception('Parse error in leases file')
else:
if in_lease:
raise Exception('Parse error in leases file')
if in_lease:
raise Exception('Parse error in leases file')
return leases_db
def round_timedelta(tdelta):
return datetime.timedelta(tdelta.days,
tdelta.seconds + (0 if tdelta.microseconds < 500000 else 1))
def timestamp_now():
n = datetime.datetime.utcnow()
return datetime.datetime(n.year, n.month, n.day, n.hour, n.minute,
n.second + (0 if n.microsecond < 500000 else 1))
def lease_is_active(lease_rec, as_of_ts):
return timestamp_is_between(as_of_ts, lease_rec['starts'],
lease_rec['ends'])
def ipv4_to_int(ipv4_addr):
parts = ipv4_addr.split('.')
return (int(parts[0]) << 24) + (int(parts[1]) << 16) + \
(int(parts[2]) << 8) + int(parts[3])
def select_active_leases(leases_db, as_of_ts):
retarray = []
sortedarray = []
for ip_address in leases_db:
lease_rec = leases_db[ip_address][0]
if lease_is_active(lease_rec, as_of_ts):
ip_as_int = ipv4_to_int(ip_address)
insertpos = bisect.bisect(sortedarray, ip_as_int)
sortedarray.insert(insertpos, ip_as_int)
retarray.insert(insertpos, lease_rec)
return retarray
##############################################################################
myfile = open('/var/lib/dhcp/dhcpd.leases', 'r')
leases = parse_leases_file(myfile)
myfile.close()
now = timestamp_now()
report_dataset = select_active_leases(leases, now)
print('+------------------------------------------------------------------------------')
print('| DHCPD ACTIVE LEASES REPORT')
print('+-----------------+-------------------+----------------------+-----------------')
print('| IP Address | MAC Address | Expires (days,H:M:S) | Client Hostname ')
print('+-----------------+-------------------+----------------------+-----------------')
for lease in report_dataset:
print('| ' + format(lease['ip_address'], '<15') + ' | ' + \
format(lease['hardware'], '<17') + ' | ' + \
format(str((lease['ends'] - now) if lease['ends'] != 'never' else 'never'), '>20') + ' | ' + \
lease['client-hostname'])
print('+-----------------+-------------------+----------------------+-----------------')
print('| Total Active Leases: ' + str(len(report_dataset)))
print('| Report generated (UTC): ' + str(now))
print('+------------------------------------------------------------------------------')

19
files/keepalive.exit.sh.j2
View File

@ -1,19 +0,0 @@
#!/bin/bash
while [ true ] ; do
#Check Tunneldigger Connections
if ! [ -d /opt/freifunk/tunneldigger_interfaces ]; then
mkdir /opt/freifunk/tunneldigger_interfaces
fi
#Remove old Interfaces
rm /opt/freifunk/tunneldigger_interfaces/*
#Create Interace files
for i in `/sbin/brctl show br-nodes | grep l2tp`;
do
touch /opt/freifunk/tunneldigger_interfaces/$i
done
#Remove wrong file
rm /opt/freifunk/tunneldigger_interfaces/no
rm /opt/freifunk/tunneldigger_interfaces/br-*
rm /opt/freifunk/tunneldigger_interfaces/8*
sleep 60
done

7
files/l2tp_backbone.sh.exit.j2
View File

@ -7,13 +7,6 @@ communitymacaddress="a2:8c:ae:6f:f6"
localserver=$(/bin/hostname) localserver=$(/bin/hostname)
communityname=troisdorf communityname=troisdorf
# L2tp to Map
$ip l2tp add tunnel remote 163.172.225.200 local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id {{ sn_number }}0 peer_tunnel_id 0{{ sn_number }} encap udp udp_sport 300{{ sn_number }}0 udp_dport 3000{{ sn_number }}
$ip l2tp add session name l2tp-map tunnel_id {{ sn_number }}0 session_id 1{{ sn_number }}0 peer_session_id 2{{ sn_number }}0
$ip link set dev l2tp-map mtu 1312
$ip link set up l2tp-map
$batctl if add l2tp-map
# Rest Starten # Rest Starten
$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 $ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0
$ip link set up dev bat0 $ip link set up dev bat0

51
files/l2tp_broker-backup.cfg
View File

@ -1,51 +0,0 @@
[broker]
; IP address the broker will listen and accept tunnels on
address={{ ansible_default_ipv4.address }}
; Ports where the broker will listen on
port={{ sn_l2tp_tb_backup_port }}
; Interface with that IP address
interface=eth0
; Maximum number of cached cookies, required for establishing a
; session with the broker
max_cookies=1024
; Maximum number of tunnels that will be allowed by the broker
max_tunnels=150
; Tunnel port base
port_base=25000
; Tunnel id base
tunnel_id_base=500
; Tunnel timeout interval in seconds
tunnel_timeout=60
; Should PMTU discovery be enabled
pmtu_discovery=false
; Namespace (for running multiple brokers); note that you must also
; configure disjunct ports, and tunnel identifiers in order for
; namespacing to work
namespace=backup
[log]
; Log filename
filename=/var/log/tunneldigger-broker-backup.log
; Verbosity
verbosity=DEBUG
; Should IP addresses be logged or not
log_ip_addresses=false
[hooks]
; Arguments to the session.{up,pre-down,down} hooks are as follows:
;
; <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>
;
; Arguments to the session.mtu-changed hook are as follows:
;
; <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>
;
; Called after the tunnel interface goes up
session.up=/srv/tunneldigger/bataddif.sh
; Called just before the tunnel interface goes down
session.pre-down=/srv/tunneldigger/batdelif.sh
; Called after the tunnel interface goes down
session.down=
; Called after the tunnel MTU gets changed because of PMTU discovery
session.mtu-changed=

13
files/slacktee.conf
View File

@ -1,13 +0,0 @@
# ----------
# Configuration
# Describes the Incoming Webhook allowing you to post messages into Slack.
# After the configuration, copy this file to /etc or your home directory.
# NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory.
# ----------
webhook_url="https://hooks.slack.com/services/{{ slack_token }}" # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook
upload_token="" # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth
channel="technik" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
tmp_dir="/tmp" # Temporary file is created in this directory.
username="slacktee" # Default username to post messages.
icon="ghost" # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com.
attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used.

11
files/sn_startup.exit.sh.j2
View File

@ -35,10 +35,9 @@ curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted",
/usr/local/sbin/batctl if add br-nodes /usr/local/sbin/batctl if add br-nodes
sleep 5 sleep 5
/bin/systemctl restart radvd
#Stop all Services - Started from keepalive.sh /bin/systemctl retsrat tunneldigger
/bin/systemctl stop radvd /bin/systemctl restart bird
/bin/systemctl stop tunneldigger /bin/systemctl restart bird6
/bin/systemctl stop bird /bin/systemctl restart isc-dhcp-server
/bin/systemctl stop bird6
exit 0 exit 0

9
files/start-broker-backup.sh
View File

@ -1,9 +0,0 @@
#!/bin/bash
WDIR=/srv/tunneldigger
VIRTUALENV_DIR=/srv/tunneldigger
cd $WDIR
source $VIRTUALENV_DIR/bin/activate
bin/python broker/l2tp_broker.py l2tp_broker-backup.cfg

65
files/supernode
View File

@ -1,65 +0,0 @@
#!/bin/bash
help () {
echo "Supernode Settings:"
echo "status | off | on"
}
status () {
supernode_status=$(/bin/cat /etc/supernode-status/supernode.status)
supernode_mode=$(/bin/cat /etc/supernode-status/supernode.mode)
echo -e "\nSupernode Status: (Ist-Zustand)"
if [ $supernode_status == 0 ]; then
echo "Supernode ist Abgeschaltet"
elif [ $supernode_status == 1 ]; then
echo "Supernode läuft (Automatik inkl. Backup)"
elif [ $supernode_status == 2 ]; then
echo "Supernode läuft (Backup Netz Aktiv)"
elif [ $supernode_status == 3 ]; then
echo "Supernode läuft (Backup deaktiviert)"
fi
echo -e "\nSupernode Status: (Soll-Zustand)"
if [ $supernode_mode == 0 ]; then
echo "Supernode ist Abgeschaltet"
elif [ $supernode_mode == 1 ]; then
echo "Supernode läuft (Automatik inkl. Backup)"
elif [ $supernode_mode == 2 ]; then
echo "Supernode läuft (Backup Netz Aktiv)"
elif [ $supernode_mode == 3 ]; then
echo "Supernode läuft (Backup deaktiviert)"
fi
echo -e "\nService Status"
for service in bird bird6 dhcpd radvd python named
do
if [ "$(/bin/cat /etc/supernode-status/$service.status)" = "1" ]; then
echo -e "$service läuft"
else
echo -e "$service aus"
fi
done
}
off () {
echo 0 > /etc/supernode-status/supernode.mode
/usr/sbin/service tunneldigger stop
/usr/sbin/service bind9 stop
/usr/sbin/service bird stop
/usr/sbin/service bird6 stop
/usr/sbin/service isc-dhcp-server stop
/usr/sbin/service radvd stop
/usr/local/sbin/batctl gw off
echo "Supernode Aus"
}
on () {
echo 1 > /etc/supernode-status/supernode.mode
/usr/sbin/service tunneldigger restart
/usr/sbin/service bind9 restart
/usr/sbin/service bird restart
/usr/sbin/service bird6 restart
/usr/sbin/service isc-dhcp-server restart
/usr/sbin/service radvd restart
/usr/local/sbin/batctl gw server 100Mbit/100Mbit
echo "Supernode An"
}
$1

9
files/tunneldigger-backup.service
View File

@ -1,9 +0,0 @@
[Unit]
Description = Start tunneldigger L2TPv3 broker
After = network.target
[Service]
ExecStart = /srv/tunneldigger/start-broker-backup.sh
[Install]
WantedBy = multi-user.target

10
install.sn.yml
View File

@ -9,7 +9,7 @@
user: root user: root
gather_facts: False gather_facts: False
vars: vars:
snversion: master_v3.1.3 snversion: master_v3.1.4
batmanversion: v2017.4 batmanversion: v2017.4
common_required_packages: common_required_packages:
- git - git
@ -57,13 +57,13 @@
- l2tp_eth - l2tp_eth
tunneldigger_scripts: tunneldigger_scripts:
- start-broker.sh - start-broker.sh
- start-broker-backup.sh # - start-broker-backup.sh
- batdelif.sh - batdelif.sh
tunneldigger_service: tunneldigger_service:
- tunneldigger.service - tunneldigger.service
- tunneldigger-backup.service # - tunneldigger-backup.service
broker_cfg: broker_cfg:
- l2tp_broker-backup.cfg # - l2tp_broker-backup.cfg
- l2tp_broker.cfg - l2tp_broker.cfg
# bind_zone_fftdf: # bind_zone_fftdf:
# - named.conf.fftdf # - named.conf.fftdf
@ -219,7 +219,7 @@
with_items: with_items:
- systemctl daemon-reload - systemctl daemon-reload
- systemctl enable tunneldigger.service - systemctl enable tunneldigger.service
- systemctl enable tunneldigger-backup.service # - systemctl enable tunneldigger-backup.service
when: tunneldigger.changed when: tunneldigger.changed
- name: Copy logrotate config - name: Copy logrotate config
copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500 copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500