Merge pull request #15 from Freifunk-Troisdorf/new-new-net
New Net Merge to Master
This commit is contained in:
commit
8dfc15a496
@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64},
|
||||
}
|
||||
|
||||
filter hostroute {
|
||||
if net ~ 2a03:2260:121::/48 then accept;
|
||||
if net ~ 2a03:2260:121:4000::/52 then accept;
|
||||
reject;
|
||||
}
|
||||
|
@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64},
|
||||
}
|
||||
|
||||
filter hostroute {
|
||||
if net ~ 2a03:2260:121::/48 then accept;
|
||||
if net ~ 2a03:2260:121:5000::/52 then accept;
|
||||
reject;
|
||||
}
|
||||
|
||||
|
@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64},
|
||||
}
|
||||
|
||||
filter hostroute {
|
||||
if net ~ 2a03:2260:121::/48 then accept;
|
||||
if net ~ 2a03:2260:121:6000::/52 then accept;
|
||||
reject;
|
||||
}
|
||||
|
||||
|
@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64},
|
||||
}
|
||||
|
||||
filter hostroute {
|
||||
if net ~ 2a03:2260:121::/48 then accept;
|
||||
if net ~ 2a03:2260:121:7000::/52 then accept;
|
||||
reject;
|
||||
}
|
||||
|
@ -7,7 +7,7 @@ log-facility local7;
|
||||
subnet 10.188.0.0 netmask 255.255.0.0 {
|
||||
authoritative;
|
||||
range {{ sn_dhcp_range }};
|
||||
option domain-name-servers {{ sn_mesh_IPv4 }}, {{ sn_dhcp_dns_v4 }};
|
||||
option domain-name-servers {{ sn_mesh_IPv4 }};
|
||||
option routers {{ sn_mesh_IPv4 }};
|
||||
option interface-mtu {{ sn_mtu }};
|
||||
interface bat0;
|
||||
|
@ -6,17 +6,10 @@ authoritative;
|
||||
default-lease-time 300;
|
||||
max-lease-time 600;
|
||||
|
||||
#option dhcp6.name-servers {{ sn_mesh_IPv6 }};
|
||||
option dhcp6.name-servers {{ sn_mesh_IPv6 }}, {{ sn_dhcp_dns_v6 }};
|
||||
option dhcp6.name-servers {{ sn_mesh_IPv6 }};
|
||||
|
||||
option dhcp6.domain-search "fftdf";
|
||||
|
||||
subnet6 2a03:2260:121::/64 {
|
||||
#
|
||||
# # Range for clients
|
||||
# range6 2a03:2260:121::201 2a03:2260:121::ffff;
|
||||
#
|
||||
# # Range for clients requesting a temporary address
|
||||
# range6 2a03:2260:121::/64 temporary;
|
||||
subnet6 {{ sn_mesh_IPv6_net }} {
|
||||
}
|
||||
|
||||
|
25
files/fftdf/db.fftdf.j2
Normal file
25
files/fftdf/db.fftdf.j2
Normal file
@ -0,0 +1,25 @@
|
||||
;; db.fftdf
|
||||
;; Forwardlookupzone für .fftdf
|
||||
;;
|
||||
$TTL 600
|
||||
@ IN SOA fftdf. root.fftdf. (
|
||||
2015584543 ; Serial
|
||||
8H ; Refresh
|
||||
2H ; Retry
|
||||
4W ; Expire
|
||||
3H ) ; NX (TTL Negativ Cache)
|
||||
|
||||
@ IN NS {{ sn_hostname }}.infra.fftdf.
|
||||
IN A {{ sn_mesh_IPv4 }}
|
||||
IN AAAA {{ sn_mesh_IPv6 }}
|
||||
localhost IN A 127.0.0.1
|
||||
IN AAAA ::1
|
||||
nextnode IN A 10.188.0.1
|
||||
IN AAAA 2a03:2260:121::1
|
||||
;;This Supernode
|
||||
{{ sn_hostname }}.infra IN A {{ sn_mesh_IPv4 }}
|
||||
IN AAAA {{ sn_mesh_IPv6 }}
|
||||
;; Update Servers
|
||||
update1.infra IN AAAA 2a03:2260:121::22
|
||||
update2.infra IN AAAA 2a03:2260:121::23
|
||||
update3.infra IN AAAA 2a03:2260:121::24
|
6
files/fftdf/fftdf.conf
Normal file
6
files/fftdf/fftdf.conf
Normal file
@ -0,0 +1,6 @@
|
||||
// Zone declarations for Freifunk Troisdorf
|
||||
|
||||
zone "fftdf" {
|
||||
type master;
|
||||
file "/etc/bind/fftdf/db.fftdf";
|
||||
};
|
@ -9,12 +9,16 @@ iface lo inet loopback
|
||||
up ip address add 185.66.193.104/32 dev lo
|
||||
|
||||
iface lo inet6 loopback
|
||||
up ip address add 2a03:2260:121::104/48 dev lo
|
||||
up ip address add 2a03:2260:121:4000::105/52 dev lo
|
||||
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug eth0
|
||||
iface eth0 inet dhcp
|
||||
iface eth0 inet static
|
||||
address 212.129.50.141
|
||||
netmask 255.255.255.255
|
||||
gateway 163.172.210.1
|
||||
pointopoint 163.172.210.1
|
||||
post-up iptables -P OUTPUT ACCEPT
|
||||
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
|
||||
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
|
||||
@ -22,8 +26,8 @@ iface eth0 inet dhcp
|
||||
post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
|
||||
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
auto 6to4
|
||||
iface 6to4 inet6 6to4
|
||||
local 163.172.27.8
|
||||
iface 6to4 inet6 6to4
|
||||
local 212.129.50.141
|
||||
|
||||
# GRE Tunnel zum Rheinland Backbone
|
||||
# - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
|
||||
@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
|
||||
iface gre-bb-a.ak.ber inet static
|
||||
address 100.64.6.13
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
|
||||
iface gre-bb-b.ak.ber inet static
|
||||
address 100.64.6.19
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
|
||||
iface gre-bb-a.ix.dus inet static
|
||||
address 100.64.6.17
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
|
||||
iface gre-bb-b.ix.dus inet static
|
||||
address 100.64.6.23
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f
|
||||
iface gre-bb-a.fra3.f inet static
|
||||
address 100.64.6.15
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f
|
||||
iface gre-bb-b.fra3.f inet static
|
||||
address 100.64.6.21
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
@ -9,12 +9,16 @@ iface lo inet loopback
|
||||
up ip address add 185.66.193.105/32 dev lo
|
||||
|
||||
iface lo inet6 loopback
|
||||
up ip address add 2a03:2260:121::105/48 dev lo
|
||||
up ip address add 203:2260:121:5000::105/52 dev lo
|
||||
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug eth0
|
||||
iface eth0 inet dhcp
|
||||
iface eth0 inet static
|
||||
address 62.210.5.90
|
||||
netmask 255.255.255.255
|
||||
gateway 163.172.210.1
|
||||
pointopoint 163.172.210.1
|
||||
post-up iptables -P OUTPUT ACCEPT
|
||||
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
|
||||
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
|
||||
@ -23,7 +27,7 @@ iface eth0 inet dhcp
|
||||
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
auto 6to4
|
||||
iface 6to4 inet6 6to4
|
||||
local 138.201.54.123
|
||||
local 62.210.5.90
|
||||
|
||||
# GRE Tunnel zum Rheinland Backbone
|
||||
# - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
|
||||
@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
|
||||
iface gre-bb-a.ak.ber inet static
|
||||
address 100.64.2.151
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
|
||||
iface gre-bb-b.ak.ber inet static
|
||||
address 100.64.2.153
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
|
||||
iface gre-bb-a.ix.dus inet static
|
||||
address 100.64.2.155
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
|
||||
iface gre-bb-b.ix.dus inet static
|
||||
address 100.64.2.157
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
|
@ -9,17 +9,17 @@ iface lo inet loopback
|
||||
up ip address add 185.66.193.106/32 dev lo
|
||||
|
||||
iface lo inet6 loopback
|
||||
up ip address add 2a03:2260:121::106/48 dev lo
|
||||
up ip address add 2a03:2260:121:6000::105/52 dev lo
|
||||
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug eth0
|
||||
#iface eth0 inet dhcp
|
||||
iface eth0 inet static
|
||||
address 46.4.138.189
|
||||
netmask 255.255.255.192
|
||||
gateway 46.4.138.129
|
||||
dns-nameserver 213.133.100.100 213.133.99.99 213.133.98.98
|
||||
address 62.210.12.122
|
||||
netmask 255.255.255.255
|
||||
gateway 163.172.210.1
|
||||
pointopoint 163.172.210.1
|
||||
post-up iptables -P OUTPUT ACCEPT
|
||||
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
|
||||
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
|
||||
@ -27,10 +27,9 @@ iface eth0 inet static
|
||||
post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
|
||||
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
|
||||
iface eth0 inet6 static
|
||||
address 2a01:4f8:11d:600::189
|
||||
netmask 59
|
||||
gateway 2a01:4f8:11d:600::1
|
||||
auto 6to4
|
||||
iface 6to4 inet6 6to4
|
||||
local 62.210.12.122
|
||||
post-up ip6tables -P OUTPUT ACCEPT
|
||||
post-up ip6tables -A OUTPUT -o eth0 -d fc00::/7 -j DROP
|
||||
|
||||
@ -42,7 +41,7 @@ auto gre-bb-a.ak.ber
|
||||
iface gre-bb-a.ak.ber inet static
|
||||
address 100.64.2.159
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -59,7 +58,7 @@ auto gre-bb-b.ak.ber
|
||||
iface gre-bb-b.ak.ber inet static
|
||||
address 100.64.2.161
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -77,7 +76,7 @@ auto gre-bb-a.ix.dus
|
||||
iface gre-bb-a.ix.dus inet static
|
||||
address 100.64.2.163
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -95,7 +94,7 @@ auto gre-bb-b.ix.dus
|
||||
iface gre-bb-b.ix.dus inet static
|
||||
address 100.64.2.165
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
|
@ -9,12 +9,16 @@ iface lo inet loopback
|
||||
up ip address add 185.66.193.107/32 dev lo
|
||||
|
||||
iface lo inet6 loopback
|
||||
up ip address add 2a03:2260:121::107/48 dev lo
|
||||
up ip address add 2a03:2260:121:7000::105/52 dev lo
|
||||
|
||||
|
||||
# The primary network interface
|
||||
allow-hotplug eth0
|
||||
iface eth0 inet dhcp
|
||||
iface eth0 inet static
|
||||
address 212.83.154.70
|
||||
netmask 255.255.255.255
|
||||
gateway 163.172.210.1
|
||||
pointopoint 163.172.210.1
|
||||
post-up iptables -P OUTPUT ACCEPT
|
||||
post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
|
||||
post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
|
||||
@ -22,8 +26,8 @@ iface eth0 inet dhcp
|
||||
post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
|
||||
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||
auto 6to4
|
||||
iface 6to4 inet6 6to4
|
||||
local 163.172.28.228
|
||||
iface 6to4 inet6 6to4
|
||||
local 163.172.194.197
|
||||
|
||||
# GRE Tunnel zum Rheinland Backbone
|
||||
# - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
|
||||
@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
|
||||
iface gre-bb-a.ak.ber inet static
|
||||
address 100.64.6.25
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.195.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
|
||||
iface gre-bb-b.ak.ber inet static
|
||||
address 100.64.6.31
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.195.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
|
||||
iface gre-bb-a.ix.dus inet static
|
||||
address 100.64.6.29
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.193.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
|
||||
iface gre-bb-b.ix.dus inet static
|
||||
address 100.64.6.35
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.193.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f
|
||||
iface gre-bb-a.fra3.f inet static
|
||||
address 100.64.6.27
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.194.0 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.0 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
||||
@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f
|
||||
iface gre-bb-b.fra3.f inet static
|
||||
address 100.64.6.33
|
||||
netmask 255.255.255.254
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.194.1 ttl 255
|
||||
pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.1 ttl 255
|
||||
post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
|
||||
post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
|
||||
post-up ip link set $IFACE mtu 1400
|
@ -6,79 +6,82 @@ while [ true ] ; do
|
||||
iam=$(/bin/hostname)
|
||||
day=$(date +%d)
|
||||
BATCTL=/usr/local/sbin/batctl
|
||||
active_SN=$iam
|
||||
#### Settings ####
|
||||
# Names of the 2 Supernodes #
|
||||
loadbalance=$(cat /etc/supernode-status/loadbalancing.mode)
|
||||
if [ $iam = "troisdorf5" ]; then
|
||||
if [ $iam = "troisdorf4" ]; then
|
||||
my_SN_IP=185.66.193.104
|
||||
other_SN_IP=185.66.193.105
|
||||
other_SN_DNS=5.fftdf.de
|
||||
meship=10.188.0.4
|
||||
SN1=troisdorf4
|
||||
SN2=troisdorf5
|
||||
slack="/usr/local/bin/slacktee.sh -u troisdorf4"
|
||||
elif [ $iam = "troisdorf5" ]; then
|
||||
my_SN_IP=185.66.193.105
|
||||
other_SN_IP=185.66.193.106
|
||||
meship=10.188.255.5
|
||||
other_SN_DNS=6.fftdf.de
|
||||
meship=10.188.32.5
|
||||
SN1=troisdorf5
|
||||
SN2=troisdorf6
|
||||
slack="/usr/local/bin/slacktee.sh -u troisdorf5"
|
||||
elif [ $iam = "troisdorf6" ]; then
|
||||
my_SN_IP=185.66.193.106
|
||||
other_SN_IP=185.66.193.105
|
||||
meship=10.188.255.6
|
||||
SN1=troisdorf5
|
||||
SN2=troisdorf6
|
||||
elif [ $iam = "troisdorf1" ]; then
|
||||
my_SN_IP=185.66.193.101
|
||||
other_SN_IP=185.66.193.102
|
||||
meship=10.188.255.1
|
||||
SN1=troisdorf1
|
||||
SN2=troisdorf2
|
||||
elif [ $iam = "troisdorf2" ]; then
|
||||
my_SN_IP=185.66.193.102
|
||||
other_SN_IP=185.66.193.101
|
||||
meship=10.188.255.2
|
||||
SN1=troisdorf1
|
||||
SN2=troisdorf2
|
||||
other_SN_IP=185.66.193.104
|
||||
other_SN_DNS=4.fftdf.de
|
||||
meship=10.188.64.6
|
||||
SN1=troisdorf6
|
||||
SN2=troisdorf4
|
||||
slack="/usr/local/bin/slacktee.sh -u troisdorf6"
|
||||
elif [ $iam = "troisdorf7" ]; then
|
||||
my_SN_IP=185.66.193.107
|
||||
other_SN_IP=185.66.193.104
|
||||
other_SN_DNS=4.fftdf.de
|
||||
meship=10.188.92.7
|
||||
SN1=troisdorf7
|
||||
SN2=troisdorf4
|
||||
slack="/usr/local/bin/slacktee.sh -u troisdorf7"
|
||||
fi
|
||||
if [ $loadbalance = "1" ] && [ $mode != "0" ]; then
|
||||
if [ $day -gt 15 ]; then
|
||||
active_SN=$SN1
|
||||
else
|
||||
active_SN=$SN2
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
##################
|
||||
# functions #
|
||||
# Supernode off #
|
||||
supernode_off () {
|
||||
$BATCTL gw off
|
||||
/usr/local/sbin/batctl gw off
|
||||
/usr/sbin/service bird6 stop
|
||||
/usr/sbin/service bird stop
|
||||
/usr/sbin/service tunneldigger stop
|
||||
/usr/sbin/service tunneldigger-backup stop
|
||||
/usr/sbin/service radvd stop
|
||||
/usr/sbin/service isc-dhcp-server stop
|
||||
if [ $loadbalance == 1 ] && [ $mode != 0 ]; then
|
||||
echo 3 > /etc/supernode-status/supernode.status
|
||||
else
|
||||
echo 0 > /etc/supernode-status/supernode.status
|
||||
fi
|
||||
echo 0 > /etc/supernode-status/supernode.status
|
||||
echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
}
|
||||
# Supernode on #
|
||||
supernode_on () {
|
||||
$BATCTL gw server 100Mbit/100Mbit
|
||||
/usr/local/sbin/batctl gw server 100Mbit/100Mbit
|
||||
/usr/sbin/service bird6 start
|
||||
/usr/sbin/service bird start
|
||||
/usr/sbin/service tunneldigger start
|
||||
/usr/sbin/service tunneldigger-backup stop
|
||||
/usr/sbin/service radvd start
|
||||
/usr/sbin/service isc-dhcp-server start
|
||||
if [ $loadbalance == 1 ]; then
|
||||
echo 1 > /etc/supernode-status/supernode.status
|
||||
else
|
||||
echo 2 > /etc/supernode-status/supernode.status
|
||||
fi
|
||||
echo 1 > /etc/supernode-status/supernode.status
|
||||
echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
}
|
||||
# Supernode Backup Mode
|
||||
supernode_backup () {
|
||||
/usr/local/sbin/batctl gw server 100Mbit/100Mbit
|
||||
/usr/sbin/service bird6 start
|
||||
/usr/sbin/service bird start
|
||||
/usr/sbin/service tunneldigger start
|
||||
/usr/sbin/service tunneldigger-backup start
|
||||
/usr/sbin/service radvd start
|
||||
/usr/sbin/service isc-dhcp-server start
|
||||
echo 2 > /etc/supernode-status/supernode.status
|
||||
echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
}
|
||||
# Restart Services #
|
||||
supernode_fail () {
|
||||
$BATCTL gw off
|
||||
/usr/local/sbin/batctl gw off
|
||||
/usr/sbin/service bird6 restart
|
||||
/usr/sbin/service bird restart
|
||||
/usr/sbin/service tunneldigger restart
|
||||
@ -88,35 +91,33 @@ while [ true ] ; do
|
||||
echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
}
|
||||
#Check other Supernode
|
||||
if [ $iam != $active_SN ];
|
||||
then
|
||||
ping -q -c5 $other_SN_IP -I eth0 > /dev/null
|
||||
if [ $? -eq 0 ]
|
||||
then
|
||||
if [ $online ==1 ] || [ $online = 2 ]; then
|
||||
curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }}
|
||||
fi
|
||||
supernode_off
|
||||
else
|
||||
supernode_on
|
||||
curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode offline. Ich habe mich eingeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }}
|
||||
sleep 300
|
||||
fi
|
||||
else
|
||||
# Check this Supernode
|
||||
if [ $mode != "0" ]; then
|
||||
ping -q -c5 $my_SN_IP -I eth0 > /dev/null
|
||||
if [ $? -eq 0 ]
|
||||
then
|
||||
if [ $online = 0 ] || [ $online = 3 ]; then
|
||||
curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }}
|
||||
fi
|
||||
supernode_on
|
||||
if [ $mode != "0" ]; then
|
||||
if [ $mode = "1" ]; then
|
||||
/bin/nc -zvu $other_SN_DNS 53842
|
||||
if [ $? -eq 0 ]; then
|
||||
if [ $online = 2 ]; then
|
||||
echo "Supernode wieder online. Backup Modus abgeschaltet" | $slack
|
||||
supernode_on
|
||||
fi
|
||||
else
|
||||
supernode_fail
|
||||
curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }}
|
||||
supernode_backup
|
||||
echo "Supernode offline. Backup modus eingeschaltet" | $slack
|
||||
fi
|
||||
fi
|
||||
# Check this Supernode
|
||||
/bin/ping -q -c5 $my_SN_IP -I eth0 > /dev/null
|
||||
if [ $? -eq 0 ]; then
|
||||
if [ $online = 0 ]; then
|
||||
echo "Ich bin jetzt Supernode!" | $slack
|
||||
elif [ $mode = 1 ]; then
|
||||
supernode_on
|
||||
elif [ $mode = 2 ]; then
|
||||
supernode_backup
|
||||
fi
|
||||
else
|
||||
supernode_fail
|
||||
echo "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten" | $slack
|
||||
fi
|
||||
fi
|
||||
# Supernode off
|
||||
if [ $mode = "0" ]; then
|
||||
@ -127,17 +128,20 @@ while [ true ] ; do
|
||||
do
|
||||
x=`pidof $service`;
|
||||
if [ "$x" = "" ]; then
|
||||
echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
echo 0 > /etc/supernode-status/"$service".status
|
||||
echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
echo 0 > /etc/supernode-status/"$service".status
|
||||
else
|
||||
echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
echo 1 > /etc/supernode-status/"$service".status
|
||||
echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003
|
||||
echo 1 > /etc/supernode-status/"$service".status
|
||||
fi
|
||||
done
|
||||
# Check DNS Server
|
||||
host google.de $meship
|
||||
/usr/bin/host google.de $meship
|
||||
if [ "$?" != "0" ]; then
|
||||
service bind9 restart
|
||||
if [ $mode != "0" ]; then
|
||||
echo "DNS Server läuft nicht! Versuche neu zu starten!" | $slack
|
||||
fi
|
||||
fi
|
||||
#Check Tunneldigger Connections
|
||||
if ! [ -d /opt/freifunk/tunneldigger_interfaces ]; then
|
||||
|
@ -1,55 +1,41 @@
|
||||
#!/bin/sh
|
||||
# Version 6
|
||||
# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!!
|
||||
communityname="troisdorf"
|
||||
server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9"
|
||||
#server="troisdorf7 {{ sn_hostname }}"
|
||||
domain="freifunk-troisdorf.de"
|
||||
mtu={{ sn_mtu }}
|
||||
# community MAC address, without the last Byte (:)!
|
||||
communitymacaddress="a2:8c:ae:6f:f6"
|
||||
tunnelPrefix=10
|
||||
sessionPrefix=1
|
||||
# Netzwerkteil des Netzes, ohne abschliessenden Punkt
|
||||
communitynetwork="10.188"
|
||||
# IPv6 network
|
||||
#communitynetworkv6="fda0:747e:ab29:7405:255::"
|
||||
communitynetworkv6="2a03:2260:121::"
|
||||
# Drittes Octet des serverbereichs
|
||||
octet3rd="255"
|
||||
# CIDR muss /16 sein
|
||||
localserver=$(/bin/hostname)
|
||||
batadv=/usr/local/sbin/batadv-vis
|
||||
# Version 9
|
||||
sleep 60
|
||||
batctl=/usr/local/sbin/batctl
|
||||
ip=/sbin/ip
|
||||
dig=/usr/bin/dig
|
||||
communitymacaddress="a2:8c:ae:6f:f6"
|
||||
localserver=$(/bin/hostname)
|
||||
communityname=troisdorf
|
||||
|
||||
for i in $server; do
|
||||
(
|
||||
for j in $server; do
|
||||
if [ $i != $j ]; then
|
||||
if [ $i = $localserver ]; then
|
||||
ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname}
|
||||
ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname}
|
||||
#ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j
|
||||
ip link set dev l2tp-$j mtu $mtu
|
||||
ip link set up l2tp-$j
|
||||
$batctl if add l2tp-$j
|
||||
fi
|
||||
fi
|
||||
done
|
||||
)
|
||||
done
|
||||
# L2tp to Map
|
||||
$ip l2tp add tunnel remote 138.201.70.103 local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id {{ sn_number }}0 peer_tunnel_id 0{{ sn_number }} encap udp udp_sport 300{{ sn_number }}0 udp_dport 3000{{ sn_number }}
|
||||
$ip l2tp add session name l2tp-map tunnel_id {{ sn_number }}0 session_id 1{{ sn_number }}0 peer_session_id 2{{ sn_number }}0
|
||||
$ip link set dev l2tp-map mtu 1312
|
||||
$ip link set up l2tp-map
|
||||
$batctl if add l2tp-map
|
||||
|
||||
# Rest starten
|
||||
# Rest Starten
|
||||
$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0
|
||||
$ip link set up dev bat0
|
||||
$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0
|
||||
$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0
|
||||
$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }} table 42
|
||||
$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }}
|
||||
$ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0
|
||||
$ip -6 addr add {{ sn_mesh_IPv6 }}/64 dev bat0
|
||||
$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} table 42
|
||||
$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }}
|
||||
|
||||
$ip -6 route add 2a03:2260:121:4000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
|
||||
$ip -6 route add 2a03:2260:121:5000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
|
||||
$ip -6 route add 2a03:2260:121:6000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
|
||||
$ip -6 route add 2a03:2260:121:7000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
|
||||
|
||||
/usr/bin/killall batadv-vis
|
||||
/bin/sleep 15
|
||||
$batadv -i bat0 -s > /dev/null 2>&1 &
|
||||
/bin/sleep 15
|
||||
/usr/sbin/service tunneldigger restart
|
||||
/usr/sbin/service bind9 restart
|
||||
/usr/sbin/service bird restart
|
||||
/usr/sbin/service bird6 restart
|
||||
/usr/sbin/service isc-dhcp-server restart
|
||||
/usr/sbin/service radvd restart
|
||||
$batctl gw server 100Mbit/100Mbit
|
||||
|
||||
|
51
files/l2tp_broker-backup.cfg
Normal file
51
files/l2tp_broker-backup.cfg
Normal file
@ -0,0 +1,51 @@
|
||||
[broker]
|
||||
; IP address the broker will listen and accept tunnels on
|
||||
address={{ ansible_default_ipv4.address }}
|
||||
; Ports where the broker will listen on
|
||||
port={{ sn_l2tp_tb_backup_port }}
|
||||
; Interface with that IP address
|
||||
interface=eth0
|
||||
; Maximum number of cached cookies, required for establishing a
|
||||
; session with the broker
|
||||
max_cookies=1024
|
||||
; Maximum number of tunnels that will be allowed by the broker
|
||||
max_tunnels=150
|
||||
; Tunnel port base
|
||||
port_base=25000
|
||||
; Tunnel id base
|
||||
tunnel_id_base=500
|
||||
; Tunnel timeout interval in seconds
|
||||
tunnel_timeout=60
|
||||
; Should PMTU discovery be enabled
|
||||
pmtu_discovery=false
|
||||
; Namespace (for running multiple brokers); note that you must also
|
||||
; configure disjunct ports, and tunnel identifiers in order for
|
||||
; namespacing to work
|
||||
namespace=backup
|
||||
|
||||
[log]
|
||||
; Log filename
|
||||
filename=/var/log/tunneldigger-broker-backup.log
|
||||
; Verbosity
|
||||
verbosity=DEBUG
|
||||
; Should IP addresses be logged or not
|
||||
log_ip_addresses=false
|
||||
|
||||
[hooks]
|
||||
; Arguments to the session.{up,pre-down,down} hooks are as follows:
|
||||
;
|
||||
; <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>
|
||||
;
|
||||
; Arguments to the session.mtu-changed hook are as follows:
|
||||
;
|
||||
; <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>
|
||||
;
|
||||
|
||||
; Called after the tunnel interface goes up
|
||||
session.up=/srv/tunneldigger/bataddif.sh
|
||||
; Called just before the tunnel interface goes down
|
||||
session.pre-down=/srv/tunneldigger/batdelif.sh
|
||||
; Called after the tunnel interface goes down
|
||||
session.down=
|
||||
; Called after the tunnel MTU gets changed because of PMTU discovery
|
||||
session.mtu-changed=
|
@ -1,6 +0,0 @@
|
||||
zone "fftdf" {
|
||||
type slave;
|
||||
masters { 10.188.1.100; };
|
||||
file "/var/lib/bind/db.fftdf";
|
||||
};
|
||||
|
10
files/named.conf.local
Normal file
10
files/named.conf.local
Normal file
@ -0,0 +1,10 @@
|
||||
//
|
||||
// Do any local configuration here
|
||||
//
|
||||
|
||||
// Consider adding the 1918 zones here, if they are not used in your
|
||||
// organization
|
||||
//include "/etc/bind/zones.rfc1918";
|
||||
|
||||
// Include Freifunk Troisdorf (fftdf) zones
|
||||
include "/etc/bind/fftdf/fftdf.conf";
|
@ -3,8 +3,7 @@ interface bat0 {
|
||||
IgnoreIfMissing on;
|
||||
MaxRtrAdvInterval 200;
|
||||
RDNSS {{ sn_mesh_IPv6 }} {};
|
||||
# prefix fda0:747e:ab29:7405::/64 {
|
||||
prefix 2a03:2260:121::/64 {
|
||||
prefix {{ sn_mesh_IPv6_net }} {
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
AdvRouterAddr on;
|
||||
|
13
files/slacktee.conf
Normal file
13
files/slacktee.conf
Normal file
@ -0,0 +1,13 @@
|
||||
# ----------
|
||||
# Configuration
|
||||
# Describes the Incoming Webhook allowing you to post messages into Slack.
|
||||
# After the configuration, copy this file to /etc or your home directory.
|
||||
# NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory.
|
||||
# ----------
|
||||
webhook_url="https://hooks.slack.com/services/{{ slack_token }}" # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook
|
||||
upload_token="" # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth
|
||||
channel="technik" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
|
||||
tmp_dir="/tmp" # Temporary file is created in this directory.
|
||||
username="slacktee" # Default username to post messages.
|
||||
icon="ghost" # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com.
|
||||
attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used.
|
13
files/slacktee.conf.j2
Normal file
13
files/slacktee.conf.j2
Normal file
@ -0,0 +1,13 @@
|
||||
# ----------
|
||||
# Configuration
|
||||
# Describes the Incoming Webhook allowing you to post messages into Slack.
|
||||
# After the configuration, copy this file to /etc or your home directory.
|
||||
# NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory.
|
||||
# ----------
|
||||
webhook_url="https://hooks.slack.com/services/{{ slack_token }}" # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook
|
||||
upload_token="" # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth
|
||||
channel="technik" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
|
||||
tmp_dir="/tmp" # Temporary file is created in this directory.
|
||||
username="slacktee" # Default username to post messages.
|
||||
icon="ghost" # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com.
|
||||
attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used.
|
605
files/slacktee.sh
Normal file
605
files/slacktee.sh
Normal file
@ -0,0 +1,605 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# ----------
|
||||
# Default Configuration
|
||||
# ----------
|
||||
webhook_url="" # Incoming Webhooks integration URL
|
||||
upload_token="" # The user's API authentication token, only used for file uploads
|
||||
channel="general" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
|
||||
tmp_dir="/tmp" # Temporary file is created in this directory.
|
||||
username="slacktee" # Default username to post messages.
|
||||
icon="ghost" # Default emoji to post messages. Don't wrap it with ':'. See http://www.emoji-cheat-sheet.com; can be a url too.
|
||||
attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used.
|
||||
|
||||
# ----------
|
||||
# Initialization
|
||||
# ----------
|
||||
me=$(basename "$0")
|
||||
title=""
|
||||
mode="buffering"
|
||||
link=""
|
||||
textWrapper="\`\`\`"
|
||||
parseMode=""
|
||||
fields=()
|
||||
# Since bash 3 doesn't support the associative array, we store colors and patterns separately
|
||||
cond_color_colors=()
|
||||
cond_color_patterns=()
|
||||
found_pattern_color=""
|
||||
# This color is used when 'attachment' is used without color specification
|
||||
internal_default_color="#C0C0C0"
|
||||
|
||||
# Since bash 3 doesn't support the associative array, we store prefixes and patterns separately
|
||||
cond_prefix_prefixes=()
|
||||
cond_prefix_patterns=()
|
||||
found_title_prefix=""
|
||||
|
||||
function show_help()
|
||||
{
|
||||
echo "usage: $me [options]"
|
||||
echo " options:"
|
||||
echo " -h, --help Show this help."
|
||||
echo " -n, --no-buffering Post input values without buffering."
|
||||
echo " -f, --file Post input values as a file."
|
||||
echo " -l, --link Add a URL link to the message."
|
||||
echo " -c, --channel channel_name Post input values to specified channel or user."
|
||||
echo " -u, --username user_name This username is used for posting."
|
||||
echo " -i, --icon emoji_name|url This icon is used for posting. You can use a word"
|
||||
echo " from http://www.emoji-cheat-sheet.com or a direct url to an image."
|
||||
echo " -t, --title title_string This title is added to posts."
|
||||
echo " -m, --message-formatting format Switch message formatting (none|link_names|full)."
|
||||
echo " See https://api.slack.com/docs/formatting for more details."
|
||||
echo " -p, --plain-text Don't surround the post with triple backticks."
|
||||
echo " -a, --attachment [color] Use attachment (richly-formatted message)"
|
||||
echo " Color can be 'good','warning','danger' or any hex color code (eg. #439FE0)"
|
||||
echo " See https://api.slack.com/docs/attachments for more details."
|
||||
echo " -e, --field title value Add a field to the attachment. You can specify this multiple times."
|
||||
echo " -s, --short-field title value Add a short field to the attachment. You can specify this multiple times."
|
||||
echo " -o, --cond-color color pattern Change the attachment color if the specified Regex pattern matches the input."
|
||||
echo " You can specify this multile times."
|
||||
echo " If more than one pattern matches, the latest matched pattern is used."
|
||||
echo " -d, --cond-prefix prefix pattern This prefix is added to the message, if the specified Regex pattern matches the input."
|
||||
echo " You can specify this multile times."
|
||||
echo " If more than one pattern matches, the latest matched pattern is used."
|
||||
echo " --config config_file Specify the location of the config file."
|
||||
echo " --setup Setup slacktee interactively."
|
||||
}
|
||||
|
||||
|
||||
|
||||
function send_message()
|
||||
{
|
||||
message="$1"
|
||||
|
||||
# Prepend the prefix to the message, if it's set
|
||||
if [[ -z $attachment && -n $found_pattern_prefix ]]; then
|
||||
message="$found_pattern_prefix$message"
|
||||
# Clear conditional prefix for the nest send
|
||||
found_pattern_prefix=""
|
||||
fi
|
||||
|
||||
escaped_message=$(echo "$textWrapper\n$message\n$textWrapper" | sed 's/"/\\"/g' | sed "s/'/\\'/g" )
|
||||
message_attr=""
|
||||
if [[ $message != "" ]]; then
|
||||
if [[ -n $attachment ]]; then
|
||||
|
||||
# Set message color
|
||||
message_color="$attachment"
|
||||
if [[ -n $found_pattern_color ]]; then
|
||||
message_color="$found_pattern_color"
|
||||
# Reset with the default color for the next send
|
||||
found_pattern_color="$attachment"
|
||||
fi
|
||||
|
||||
message_attr="\"attachments\": [{ \"color\": \"$message_color\", \"mrkdwn_in\": [\"text\", \"fields\"], \"text\": \"$escaped_message\" "
|
||||
|
||||
if [[ -n $found_pattern_prefix ]]; then
|
||||
title="$found_pattern_prefix $title"
|
||||
# Clear conditional prefix for the nest send
|
||||
found_pattern_prefix=""
|
||||
fi
|
||||
|
||||
if [[ -n $title ]]; then
|
||||
message_attr="$message_attr, \"title\": \"$title\" "
|
||||
fi
|
||||
|
||||
if [[ -n $link ]]; then
|
||||
message_attr="$message_attr, \"title_link\": \"$link\" "
|
||||
fi
|
||||
|
||||
if [[ $mode == "file" ]]; then
|
||||
fields+=("{\"title\": \"Access URL\", \"value\": \"$access_url\" }")
|
||||
fields+=("{\"title\": \"Download URL\", \"value\": \"$download_url\"}")
|
||||
fi
|
||||
|
||||
if [[ ${#fields[@]} != 0 ]]; then
|
||||
message_attr="$message_attr, \"fields\": ["
|
||||
for field in "${fields[@]}"; do
|
||||
message_attr="$message_attr $field,"
|
||||
done
|
||||
message_attr=${message_attr%?} # Remove last comma
|
||||
message_attr="$message_attr ]"
|
||||
fi
|
||||
|
||||
# Close attachment
|
||||
message_attr="$message_attr }], "
|
||||
else
|
||||
message_attr="\"text\": \"$escaped_message\","
|
||||
fi
|
||||
|
||||
icon_url=""
|
||||
icon_emoji=""
|
||||
if echo "$icon" | grep -q "^https\?://.*"; then
|
||||
icon_url="$icon"
|
||||
else
|
||||
icon_emoji=":$icon:"
|
||||
fi
|
||||
|
||||
json="{\"channel\": \"$channel\", \"username\": \"$username\", $message_attr \"icon_emoji\": \"$icon_emoji\", \"icon_url\": \"$icon_url\" $parseMode}"
|
||||
post_result=$(curl -X POST --data-urlencode "payload=$json" "$webhook_url" 2> /dev/null)
|
||||
exit_code=1
|
||||
if [[ $post_result == "ok" ]]; then
|
||||
exit_code=0
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function process_line()
|
||||
{
|
||||
echo "$1"
|
||||
line="$(echo "$1" | sed $'s/\t/ /g')"
|
||||
|
||||
# Check the patterns of the conditional colors
|
||||
# If more than one pattern matches, the latest pattern is used
|
||||
if [[ ${#cond_color_patterns[@]} != 0 ]]; then
|
||||
for i in "${!cond_color_patterns[@]}"; do
|
||||
if [[ $line =~ ${cond_color_patterns[$i]} ]]; then
|
||||
found_pattern_color=${cond_color_colors[$i]}
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Check the patterns of the conditional titles
|
||||
# If more than one pattern matches, the latest pattern is used
|
||||
if [[ ${#cond_prefix_patterns[@]} != 0 ]]; then
|
||||
for i in "${!cond_prefix_patterns[@]}"; do
|
||||
if [[ $line =~ ${cond_prefix_patterns[$i]} ]]; then
|
||||
found_pattern_prefix=${cond_prefix_prefixes[$i]}
|
||||
if [[ -n $attachment || $mode != "no-buffering" ]]; then
|
||||
# Append a line break to the prefix for better formatting
|
||||
found_pattern_prefix="$found_pattern_prefix\n"
|
||||
else
|
||||
# Append a space to the prefix for better formatting
|
||||
found_pattern_prefix="$found_pattern_prefix "
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
if [[ $mode == "no-buffering" ]]; then
|
||||
prefix=''
|
||||
if [[ -z $attachment ]]; then
|
||||
prefix=$title
|
||||
fi
|
||||
send_message "$prefix$line"
|
||||
elif [[ $mode == "file" ]]; then
|
||||
echo "$line" >> "$filename"
|
||||
else
|
||||
if [[ -z "$text" ]]; then
|
||||
text="$line"
|
||||
else
|
||||
text="$text\n$line"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
function setup()
|
||||
{
|
||||
if [[ -z "$HOME" ]]; then
|
||||
echo "\$HOME is not defined. Please set it first."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
local_conf="$HOME/.slacktee"
|
||||
|
||||
if [[ -e "$local_conf" ]]; then
|
||||
echo ".slacktee is found in your home directory."
|
||||
read -p "Are you sure to overwrite it? [y/n] :" choice
|
||||
case "$choice" in
|
||||
y|Y )
|
||||
# Continue
|
||||
;;
|
||||
* )
|
||||
exit 0 # Abort
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
# Load current local config
|
||||
. $local_conf
|
||||
|
||||
# Start setup
|
||||
read -p "Incoming Webhook URL [$webhook_url]: " input_webhook_url
|
||||
if [[ -z "$input_webhook_url" ]]; then
|
||||
input_webhook_url=$webhook_url
|
||||
fi
|
||||
read -p "Upload Token [$upload_token]: " input_upload_token
|
||||
if [[ -z "$input_upload_token" ]]; then
|
||||
input_upload_token=$upload_token
|
||||
fi
|
||||
read -p "Temporary Directory [$tmp_dir]: " input_tmp_dir
|
||||
if [[ -z "$input_tmp_dir" ]]; then
|
||||
input_tmp_dir=$tmp_dir
|
||||
fi
|
||||
read -p "Default Channel [$channel]: " input_channel
|
||||
if [[ -z "$input_channel" ]]; then
|
||||
input_channel=$channel
|
||||
fi
|
||||
read -p "Default Username [$username]: " input_username
|
||||
if [[ -z "$input_username" ]]; then
|
||||
input_username=$username
|
||||
fi
|
||||
read -p "Default Icon: [$icon]: " input_icon
|
||||
if [[ -z "$input_icon" ]]; then
|
||||
input_icon=$icon
|
||||
fi
|
||||
read -p "Default color of the attachment. (empty string disables attachment) [$attachment]: " input_attachment
|
||||
if [[ -z "$input_attachment" ]]; then
|
||||
input_attachment=$attachment
|
||||
elif [[ $input_attachment == '""' || $input_attachment == "''" ]]; then
|
||||
input_attachment=""
|
||||
fi
|
||||
|
||||
cat <<- EOF | sed 's/^[[:space:]]*//' > "$local_conf"
|
||||
webhook_url="$input_webhook_url"
|
||||
upload_token="$input_upload_token"
|
||||
tmp_dir="$input_tmp_dir"
|
||||
channel="$input_channel"
|
||||
username="$input_username"
|
||||
icon="$input_icon"
|
||||
attachment="$input_attachment"
|
||||
EOF
|
||||
}
|
||||
|
||||
# ----------
|
||||
# Parse command line options
|
||||
# ----------
|
||||
OPTIND=1
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
opt="$1"
|
||||
shift
|
||||
|
||||
case "$opt" in
|
||||
-h|\?|--help)
|
||||
show_help
|
||||
exit 0
|
||||
;;
|
||||
-n|--no-buffering)
|
||||
mode="no-buffering"
|
||||
;;
|
||||
-f|--file)
|
||||
mode="file"
|
||||
;;
|
||||
-l|--link)
|
||||
link="$1"
|
||||
shift
|
||||
;;
|
||||
-c|--channel)
|
||||
opt_channel="$1"
|
||||
shift
|
||||
;;
|
||||
-u|--username)
|
||||
opt_username="$1"
|
||||
shift
|
||||
;;
|
||||
-i|--icon)
|
||||
opt_icon="$1"
|
||||
shift
|
||||
;;
|
||||
-t|--title)
|
||||
title="$1"
|
||||
shift
|
||||
;;
|
||||
-d|--cond-prefix)
|
||||
case "$1" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "a prefix of the conditional title was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
# Prefix should be found
|
||||
case "$2" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "a pattern of the conditional title was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
# Set the prefix and the pattern to arrays
|
||||
cond_prefix_prefixes+=("$1")
|
||||
cond_prefix_patterns+=("$2")
|
||||
shift
|
||||
shift
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
-m|--message-formatting)
|
||||
case "$1" in
|
||||
none)
|
||||
parseMode=', "parse": "none"'
|
||||
;;
|
||||
link_names)
|
||||
parseMode=', "link_names": "1"'
|
||||
;;
|
||||
full)
|
||||
parseMode=', "parse": "full"'
|
||||
;;
|
||||
*)
|
||||
echo "unknown message formatting option"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
;;
|
||||
-p|--plain-text)
|
||||
textWrapper=""
|
||||
;;
|
||||
|
||||
-a|--attachment)
|
||||
case "$1" in
|
||||
-*|'')
|
||||
# Found next command line option
|
||||
opt_attachment="$internal_default_color" # Use default color
|
||||
;;
|
||||
\#*|good|warning|danger)
|
||||
# Found hex color code or predefined colors
|
||||
opt_attachment="$1"
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
echo "unknown attachment color"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
-o|--cond-color)
|
||||
case "$1" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "a color of the conditional color was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
\#*|good|warning|danger)
|
||||
# Found hex color code or predefined colors
|
||||
case "$2" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "a pattern of the conditional color was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
# Set the color and the pattern to arrays
|
||||
cond_color_colors+=("$1")
|
||||
cond_color_patterns+=("$2")
|
||||
shift
|
||||
shift
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
*)
|
||||
echo "unknown attachment color $1"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
-e|-s|--field|--short-field)
|
||||
case "$1" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "field title was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
case "$2" in
|
||||
-*|'')
|
||||
# Found next command line option or empty. Error.
|
||||
echo "field value was not specified"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
if [[ $opt == "-s" || $opt == "--short-field" ]]; then
|
||||
fields+=("{\"title\": \"$1\", \"value\": \"$2\", \"short\": true}")
|
||||
else
|
||||
fields+=("{\"title\": \"$1\", \"value\": \"$2\"}")
|
||||
fi
|
||||
shift
|
||||
shift
|
||||
;;
|
||||
esac
|
||||
esac
|
||||
;;
|
||||
--config)
|
||||
CUSTOM_CONFIG=$1
|
||||
shift
|
||||
;;
|
||||
--setup)
|
||||
setup
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo "illegal option $opt"
|
||||
show_help
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# ---------
|
||||
# Read in our configurations
|
||||
# ---------
|
||||
if [[ -e "/etc/slacktee.conf" ]]; then
|
||||
. /etc/slacktee.conf
|
||||
fi
|
||||
|
||||
if [[ -n "$HOME" && -e "$HOME/.slacktee" ]]; then
|
||||
. "$HOME/.slacktee"
|
||||
fi
|
||||
|
||||
if [[ -e "$CUSTOM_CONFIG" ]]; then
|
||||
. $CUSTOM_CONFIG
|
||||
fi
|
||||
|
||||
# Overwrite webhook_url if the environment variable SLACKTEE_WEBHOOK is set
|
||||
if [[ "$SLACKTEE_WEBHOOK" != "" ]]; then
|
||||
webhook_url="$SLACKTEE_WEBHOOK"
|
||||
fi
|
||||
|
||||
# Overwrite upload_token if the environment variable SLACKTEE_TOKEN is set
|
||||
if [[ "$SLACKTEE_TOKEN" != "" ]]; then
|
||||
upload_token="$SLACKTEE_TOKEN"
|
||||
fi
|
||||
|
||||
# Overwrite channel if it's specified in the command line option
|
||||
if [[ "$opt_channel" != "" ]]; then
|
||||
channel="$opt_channel"
|
||||
fi
|
||||
|
||||
# Overwrite username if it's specified in the command line option
|
||||
if [[ "$opt_username" != "" ]]; then
|
||||
username="$opt_username"
|
||||
fi
|
||||
|
||||
# Overwrite icon if it's specified in the command line option
|
||||
if [[ "$opt_icon" != "" ]]; then
|
||||
icon="$opt_icon"
|
||||
fi
|
||||
|
||||
# Overwrite attachment if it's specified in the command line option
|
||||
if [[ "$opt_attachment" != "" ]]; then
|
||||
attachment="$opt_attachment"
|
||||
fi
|
||||
|
||||
# Set the default color to attachment if it's still empty and the length of the cond_color_patterns is not 0
|
||||
if [[ -z $attachment ]] && [[ ${#cond_color_patterns[@]} != 0 ]]; then
|
||||
attachment="$internal_default_color"
|
||||
fi
|
||||
|
||||
# ----------
|
||||
# Validate configurations
|
||||
# ----------
|
||||
|
||||
if [[ $webhook_url == "" ]]; then
|
||||
echo "Please setup the webhook url of this incoming webhook integration."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $upload_token == "" && $mode == "file" ]]; then
|
||||
echo "Please provide the authentication token for file uploads."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $channel == "" ]]; then
|
||||
echo "Please specify a channel."
|
||||
exit 1
|
||||
elif [[ ( "$channel" != "#"* ) && ( "$channel" != "@"* ) ]]; then
|
||||
channel="#$channel"
|
||||
fi
|
||||
|
||||
if [[ -n "$icon" ]]; then
|
||||
icon=${icon#:} # remove leading ':'
|
||||
icon=${icon%:} # remove trailing ':'
|
||||
fi
|
||||
|
||||
# ----------
|
||||
# Start script
|
||||
# ----------
|
||||
|
||||
text=""
|
||||
if [[ -n "$title" || -n "$link" ]]; then
|
||||
# Use link as title, if title is not specified
|
||||
if [[ -z "$title" ]]; then
|
||||
title="$link"
|
||||
fi
|
||||
|
||||
# Add title to filename in the file mode
|
||||
if [[ "$mode" == "file" ]]; then
|
||||
filetitle=$(echo "$title"|sed 's/[ /:.]//g')
|
||||
filetitle="$filetitle-"
|
||||
fi
|
||||
|
||||
if [[ -z "$attachment" ]]; then
|
||||
if [[ "$mode" == "no-buffering" ]]; then
|
||||
if [[ -n "$link" ]]; then
|
||||
title="<$link|$title>: "
|
||||
else
|
||||
title="$title: "
|
||||
fi
|
||||
elif [[ "$mode" == "file" ]]; then
|
||||
if [[ -n "$link" ]]; then
|
||||
title="<$link|$title>"
|
||||
fi
|
||||
else
|
||||
if [[ -n "$link" ]]; then
|
||||
text="-- <$link|$title> --\n"
|
||||
else
|
||||
text="-- $title --\n"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
timestamp="$(date +'%m%d%Y-%H%M%S')"
|
||||
filename="$tmp_dir/$filetitle$$-$timestamp.log"
|
||||
|
||||
if [[ "$mode" == "file" ]]; then
|
||||
touch $filename
|
||||
fi
|
||||
|
||||
exit_code=0
|
||||
|
||||
while IFS='' read line; do
|
||||
process_line "$line"
|
||||
done
|
||||
if [[ -n $line ]]; then
|
||||
process_line "$line"
|
||||
fi
|
||||
|
||||
if [[ "$mode" == "buffering" ]]; then
|
||||
send_message "$text"
|
||||
elif [[ "$mode" == "file" ]]; then
|
||||
if [[ -s "$filename" ]]; then
|
||||
channels_param=""
|
||||
if [[ ( "$channel" == "#"* ) ]]; then
|
||||
# Set channels for making the file public
|
||||
channels_param="-F channels=$channel"
|
||||
fi
|
||||
result="$(curl -F file=@"$filename" -F token="$upload_token" $channels_param https://slack.com/api/files.upload 2> /dev/null)"
|
||||
access_url="$(echo "$result" | awk 'match($0, /url_private":"([^"]*)"/) {print substr($0, RSTART+14, RLENGTH-15)}'|sed 's/\\//g')"
|
||||
download_url="$(echo "$result" | awk 'match($0, /url_private_download":"([^"]*)"/) {print substr($0, RSTART+23, RLENGTH-24)}'|sed 's/\\//g')"
|
||||
if [[ -n "$attachment" ]]; then
|
||||
text="Input file has been uploaded"
|
||||
else
|
||||
if [[ "$title" != "" ]]; then
|
||||
title=" of $title"
|
||||
fi
|
||||
text="Input file$title has been uploaded.\n$access_url\n\nYou can download it from the link below.\n$download_url"
|
||||
fi
|
||||
send_message "$text"
|
||||
fi
|
||||
# Clean up the temp file
|
||||
rm "$filename"
|
||||
fi
|
||||
|
||||
exit $exit_code
|
@ -19,11 +19,11 @@ curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted",
|
||||
|
||||
# Set mark 4 to Freifunk traffic
|
||||
/sbin/iptables -t mangle -A PREROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
|
||||
/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/64 ! -d 2a03:2260:121::/64 -j MARK --set-mark 4
|
||||
/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/48 ! -d 2a03:2260:121::/48 -j MARK --set-mark 4
|
||||
|
||||
# All from FF IPv4 via routing table 42
|
||||
/bin/ip rule add from {{ sn_ffrl_IPv4 }}/32 lookup 42
|
||||
/bin/ip -6 rule add from 2a03:2260:121::/64 lookup 42
|
||||
/bin/ip -6 rule add from {{ sn_mesh_IPv6_net }} lookup 42
|
||||
|
||||
# Allow MAC address spoofing
|
||||
/sbin/sysctl net.ipv4.conf.bat0.rp_filter=0
|
||||
|
9
files/start-broker-backup.sh
Normal file
9
files/start-broker-backup.sh
Normal file
@ -0,0 +1,9 @@
|
||||
#!/bin/bash
|
||||
|
||||
WDIR=/srv/tunneldigger
|
||||
VIRTUALENV_DIR=/srv/tunneldigger
|
||||
|
||||
cd $WDIR
|
||||
source $VIRTUALENV_DIR/bin/activate
|
||||
|
||||
bin/python broker/l2tp_broker.py l2tp_broker-backup.cfg
|
@ -1,50 +1,61 @@
|
||||
#!/bin/bash
|
||||
help () {
|
||||
echo "Supernode Settings:"
|
||||
echo "status | off | on | auto"
|
||||
echo "status | off | on | backup | backup_off"
|
||||
}
|
||||
|
||||
status () {
|
||||
supernode_status=$(/bin/cat /etc/supernode-status/supernode.status)
|
||||
supernode_mode=$(/bin/cat /etc/supernode-status/supernode.mode)
|
||||
loadbalancing=$(cat /etc/supernode-status/loadbalancing.mode)
|
||||
|
||||
echo "Supernode Status: (Ist-Zustand)"
|
||||
echo -e "\nSupernode Status: (Ist-Zustand)"
|
||||
if [ $supernode_status == 0 ]; then
|
||||
echo "Supernode ist Offline"
|
||||
echo "Supernode ist Abgeschaltet"
|
||||
elif [ $supernode_status == 1 ]; then
|
||||
echo "Supernode läuft (Loadbalancing)"
|
||||
echo "Supernode läuft (Automatik inkl. Backup)"
|
||||
elif [ $supernode_status == 2 ]; then
|
||||
echo "Supernode läuft (Dauer-Ein)"
|
||||
echo "Supernode läuft (Backup Netz Aktiv)"
|
||||
elif [ $supernode_status == 3 ]; then
|
||||
echo "Supernode Offline (Loadbalancing)"
|
||||
echo "Supernode läuft (Backup deaktiviert)"
|
||||
fi
|
||||
echo -e "\nSupernode Status: (Soll-Zustand)"
|
||||
if [ $supernode_mode == 0 ]; then
|
||||
echo "Supernode ist Abgeschaltet"
|
||||
elif [ $supernode_mode == 1 ]; then
|
||||
echo "Supernode läuft (Automatik inkl. Backup)"
|
||||
elif [ $supernode_mode == 2 ]; then
|
||||
echo "Supernode läuft (Backup Netz Aktiv)"
|
||||
elif [ $supernode_mode == 3 ]; then
|
||||
echo "Supernode läuft (Backup deaktiviert)"
|
||||
fi
|
||||
echo -e "\nService Status"
|
||||
for service in bird bird6 dhcpd radvd python named
|
||||
do
|
||||
if [ "$(/bin/cat /etc/supernode-status/$service.status)" = "1" ]; then
|
||||
echo -e "$service \e[1;4;93mläuft\e[0m"
|
||||
echo -e "$service läuft"
|
||||
else
|
||||
echo -e "$service \e[1;4;91mläuft nicht\e[0m"
|
||||
echo -e "$service aus"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
off () {
|
||||
echo 0 > /etc/supernode-status/supernode.mode
|
||||
echo 0 > /etc/supernode-status/loadbalancing.mode
|
||||
|
||||
echo "Supernode Aus"
|
||||
}
|
||||
|
||||
on () {
|
||||
echo 1 > /etc/supernode-status/supernode.mode
|
||||
echo 0 > /etc/supernode-status/loadbalancing.mode
|
||||
echo "Supernode Dauer-An"
|
||||
echo "Supernode An"
|
||||
}
|
||||
|
||||
auto () {
|
||||
echo 1 > /etc/supernode-status/loadbalancing.mode
|
||||
echo 1 > /etc/supernode-status/supernode.mode
|
||||
echo "Supernode Aktiviert inkl. Loadbalance"
|
||||
backup () {
|
||||
echo 2 > /etc/supernode-status/supernode.mode
|
||||
echo "Supernode Aktiviert inkl. Backup"
|
||||
}
|
||||
$1
|
||||
|
||||
backup_off () {
|
||||
echo 3 > /etc/supernode-status/supernode.mode
|
||||
echo "Supernode Aktiviert (Backup deaktiviert)"
|
||||
}
|
||||
$1
|
9
files/tunneldigger-backup.service
Normal file
9
files/tunneldigger-backup.service
Normal file
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description = Start tunneldigger L2TPv3 broker
|
||||
After = network.target
|
||||
|
||||
[Service]
|
||||
ExecStart = /srv/tunneldigger/start-broker-backup.sh
|
||||
|
||||
[Install]
|
||||
WantedBy = multi-user.target
|
@ -9,7 +9,7 @@
|
||||
user: root
|
||||
gather_facts: False
|
||||
vars:
|
||||
snversion: master_v3.0.14
|
||||
snversion: master_v3.0.15
|
||||
batmanversion: v2015.2
|
||||
common_required_packages:
|
||||
- git
|
||||
@ -51,11 +51,16 @@
|
||||
- l2tp_eth
|
||||
tunneldigger_scripts:
|
||||
- start-broker.sh
|
||||
- start-broker-backup.sh
|
||||
- batdelif.sh
|
||||
tunneldigger_service:
|
||||
- tunneldigger.service
|
||||
bind_zone_fftdf:
|
||||
- named.conf.fftdf
|
||||
- tunneldigger-backup.service
|
||||
broker_cfg:
|
||||
- l2tp_broker-backup.cfg
|
||||
- l2tp_broker.cfg
|
||||
# bind_zone_fftdf:
|
||||
# - named.conf.fftdf
|
||||
check_gw_script:
|
||||
- keepalive.sh
|
||||
authorized_keys:
|
||||
@ -160,7 +165,8 @@
|
||||
pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/
|
||||
when: tunneldigger.changed
|
||||
- name: Copy l2tp broker config template
|
||||
template: src=./files/l2tp_broker.cfg.j2 dest=/srv/tunneldigger/l2tp_broker.cfg owner=root group=root mode=0444
|
||||
template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444
|
||||
with_items: broker_cfg
|
||||
when: tunneldigger.changed
|
||||
- name: Copy tunneldigger script template
|
||||
template: src=./files/bataddif.sh.j2 dest=/srv/tunneldigger/bataddif.sh owner=root group=root mode=0500
|
||||
@ -169,8 +175,8 @@
|
||||
copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500
|
||||
with_items: tunneldigger_scripts
|
||||
when: tunneldigger.changed
|
||||
- name: Copy tunneldigger service file
|
||||
copy: src=./files/{{ item }} dest=/etc/systemd/system/tunneldigger.service owner=root group=root mode=0444
|
||||
- name: Copy tunneldigger service template
|
||||
copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444
|
||||
with_items: tunneldigger_service
|
||||
when: tunneldigger.changed
|
||||
- name: Tunneldigger reload
|
||||
@ -178,6 +184,7 @@
|
||||
with_items:
|
||||
- systemctl daemon-reload
|
||||
- systemctl enable tunneldigger.service
|
||||
- systemctl enable tunneldigger-backup.service
|
||||
when: tunneldigger.changed
|
||||
- name: Copy logrotate config
|
||||
copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500
|
||||
@ -201,9 +208,9 @@
|
||||
template: src=./files/keepalive.exit.sh.j2 dest=/opt/freifunk/keepalive.sh owner=root group=root mode=0500
|
||||
register: check_gw
|
||||
when: sn_exit is defined
|
||||
- name: Add cron job with check gateway script
|
||||
cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root"
|
||||
when: check_gw.changed
|
||||
# - name: Add cron job with check gateway script
|
||||
# cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root"
|
||||
# when: check_gw.changed
|
||||
- name: Supernode Config script super- and exitnode
|
||||
copy: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500
|
||||
when: sn_exit is defined
|
||||
@ -246,13 +253,18 @@
|
||||
- name: SSH authorized_keys
|
||||
copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400
|
||||
with_items: authorized_keys
|
||||
- name: Copy secondary zone file
|
||||
copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644
|
||||
with_items: bind_zone_fftdf
|
||||
- name: Bind9, activate fftdf zone
|
||||
lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/named.conf.fftdf";' state=present
|
||||
lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/fftdf/fftdf.conf";' state=present
|
||||
- name: Copy option template
|
||||
template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644
|
||||
- name: Create fftdf directory
|
||||
file: path=/etc/bind/fftdf state=directory
|
||||
- name: Copy FFTDF Zones
|
||||
copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644
|
||||
with_items:
|
||||
- fftdf.conf
|
||||
- name: Copy fftdf Zone config template
|
||||
template: src=./files/fftdf/db.fftdf.j2 dest=/etc/bind/fftdf/db.fftdf owner=radvd group=root mode=0444
|
||||
- name: Copy radvd config template
|
||||
template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444
|
||||
- name: Interface configuration with ffrl gre tunnel
|
||||
@ -272,6 +284,10 @@
|
||||
get_url: url=https://raw.githubusercontent.com/MightySCollins/speedtest-cli/master/speedtest_cli.py dest=/usr/bin/speedtest-cli
|
||||
- name: Change rights speedtest-cli
|
||||
file: path=/usr/bin/speedtest-cli owner=root group=root mode=0755
|
||||
- name: Copy Slacktee Config
|
||||
template: src=./files/slacktee.conf.j2 dest=/etc/slacktee.conf owner=root group=root mode=0544
|
||||
- name: Copy Slacktee
|
||||
copy: src=./files/slacktee.sh dest=/usr/local/bin/slacktee.sh owner=root group=root mode=0744
|
||||
- name: set netfilter rules
|
||||
lineinfile: dest=/etc/sysctl.conf line="{{ item }}"
|
||||
with_items:
|
||||
|
Loading…
Reference in New Issue
Block a user