From e085ddd3a515494c3771c0862b40e82cf4a7d733 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Tue, 17 May 2016 23:42:37 +0200 Subject: [PATCH 01/36] new-new-net --- ...d-troisdorf1.conf => bird-troisdorf4.conf} | 0 ...d-troisdorf2.conf => bird-troisdorf7.conf} | 0 ...-troisdorf1.conf => bird6-troisdorf4.conf} | 0 ...-troisdorf2.conf => bird6-troisdorf7.conf} | 0 files/dhcpd.conf.j2 | 4 +- files/dhcpd6.conf.j2 | 11 +---- ...faces-troisdorf1 => interfaces-troisdorf4} | 0 ...faces-troisdorf2 => interfaces-troisdorf7} | 0 files/l2tp_backbone.sh.exit.j2 | 43 ++++++++++--------- 9 files changed, 26 insertions(+), 32 deletions(-) rename files/{bird-troisdorf1.conf => bird-troisdorf4.conf} (100%) rename files/{bird-troisdorf2.conf => bird-troisdorf7.conf} (100%) rename files/{bird6-troisdorf1.conf => bird6-troisdorf4.conf} (100%) rename files/{bird6-troisdorf2.conf => bird6-troisdorf7.conf} (100%) rename files/{interfaces-troisdorf1 => interfaces-troisdorf4} (100%) rename files/{interfaces-troisdorf2 => interfaces-troisdorf7} (100%) diff --git a/files/bird-troisdorf1.conf b/files/bird-troisdorf4.conf similarity index 100% rename from files/bird-troisdorf1.conf rename to files/bird-troisdorf4.conf diff --git a/files/bird-troisdorf2.conf b/files/bird-troisdorf7.conf similarity index 100% rename from files/bird-troisdorf2.conf rename to files/bird-troisdorf7.conf diff --git a/files/bird6-troisdorf1.conf b/files/bird6-troisdorf4.conf similarity index 100% rename from files/bird6-troisdorf1.conf rename to files/bird6-troisdorf4.conf diff --git a/files/bird6-troisdorf2.conf b/files/bird6-troisdorf7.conf similarity index 100% rename from files/bird6-troisdorf2.conf rename to files/bird6-troisdorf7.conf diff --git a/files/dhcpd.conf.j2 b/files/dhcpd.conf.j2 index e226e31..8cd5205 100644 --- a/files/dhcpd.conf.j2 +++ b/files/dhcpd.conf.j2 @@ -4,10 +4,10 @@ option domain-name "fftdf"; default-lease-time 300; max-lease-time 3600; log-facility local7; -subnet 10.188.0.0 netmask 255.255.0.0 { +subnet {{ sn_mesh_IPv4_net }} netmask 255.255.224.0 { authoritative; range {{ sn_dhcp_range }}; -option domain-name-servers {{ sn_mesh_IPv4 }}, {{ sn_dhcp_dns_v4 }}; +option domain-name-servers {{ sn_mesh_IPv4 }}; option routers {{ sn_mesh_IPv4 }}; option interface-mtu {{ sn_mtu }}; interface bat0; diff --git a/files/dhcpd6.conf.j2 b/files/dhcpd6.conf.j2 index e16eb8b..2a79b20 100644 --- a/files/dhcpd6.conf.j2 +++ b/files/dhcpd6.conf.j2 @@ -6,17 +6,10 @@ authoritative; default-lease-time 300; max-lease-time 600; -#option dhcp6.name-servers {{ sn_mesh_IPv6 }}; -option dhcp6.name-servers {{ sn_mesh_IPv6 }}, {{ sn_dhcp_dns_v6 }}; +option dhcp6.name-servers {{ sn_mesh_IPv6 }}; option dhcp6.domain-search "fftdf"; -subnet6 2a03:2260:121::/64 { -# -# # Range for clients -# range6 2a03:2260:121::201 2a03:2260:121::ffff; -# -# # Range for clients requesting a temporary address -# range6 2a03:2260:121::/64 temporary; +subnet6 {{ sn_mesh_IPv6_net }} { } diff --git a/files/interfaces-troisdorf1 b/files/interfaces-troisdorf4 similarity index 100% rename from files/interfaces-troisdorf1 rename to files/interfaces-troisdorf4 diff --git a/files/interfaces-troisdorf2 b/files/interfaces-troisdorf7 similarity index 100% rename from files/interfaces-troisdorf2 rename to files/interfaces-troisdorf7 diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index 28e4b2a..58da4c1 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -1,5 +1,5 @@ #!/bin/sh -# Version 6 +# Version 7 # Der servername muss mit einer einstelligen Zahl aufhoeren!!!!! communityname="troisdorf" server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9" @@ -24,30 +24,31 @@ batctl=/usr/local/sbin/batctl ip=/sbin/ip dig=/usr/bin/dig -for i in $server; do -( - for j in $server; do - if [ $i != $j ]; then - if [ $i = $localserver ]; then - ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname} - ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname} - #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j - ip link set dev l2tp-$j mtu $mtu - ip link set up l2tp-$j - $batctl if add l2tp-$j - fi - fi - done -) -done +#for i in $server; do +#( +# for j in $server; do +# if [ $i != $j ]; then +# if [ $i = $localserver ]; then +# ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname} +# ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname} +# #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j +# ip link set dev l2tp-$j mtu $mtu +# ip link set up l2tp-$j +# $batctl if add l2tp-$j +# fi +# fi +# done +#) +#done # Rest starten $ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 $ip link set up dev bat0 -$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0 -$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0 -$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }} table 42 -$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }} +#$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0 +$ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0 +#$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0 +$ip -6 addr add {{ sn_mesh_IPv6 }}/64 dev bat0 +$ip route add 10.188.0.0/16 via 10.188.x.254 table 42 /usr/bin/killall batadv-vis /bin/sleep 15 From e3be9b0e0f867e196f08b9a7bbaff52790c0e7ed Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Tue, 17 May 2016 23:50:08 +0200 Subject: [PATCH 02/36] newn-new-net --- files/named.conf.fftdf | 6 ------ files/radvd.conf.j2 | 3 +-- files/sn_startup.exit.sh.j2 | 4 ++-- 3 files changed, 3 insertions(+), 10 deletions(-) delete mode 100644 files/named.conf.fftdf diff --git a/files/named.conf.fftdf b/files/named.conf.fftdf deleted file mode 100644 index 0807a3e..0000000 --- a/files/named.conf.fftdf +++ /dev/null @@ -1,6 +0,0 @@ -zone "fftdf" { - type slave; - masters { 10.188.1.100; }; - file "/var/lib/bind/db.fftdf"; -}; - diff --git a/files/radvd.conf.j2 b/files/radvd.conf.j2 index 6951b8e..10737a0 100644 --- a/files/radvd.conf.j2 +++ b/files/radvd.conf.j2 @@ -3,8 +3,7 @@ interface bat0 { IgnoreIfMissing on; MaxRtrAdvInterval 200; RDNSS {{ sn_mesh_IPv6 }} {}; -# prefix fda0:747e:ab29:7405::/64 { - prefix 2a03:2260:121::/64 { + prefix {{ sn_mesh_IPv6_net }} { AdvOnLink on; AdvAutonomous on; AdvRouterAddr on; diff --git a/files/sn_startup.exit.sh.j2 b/files/sn_startup.exit.sh.j2 index 9c44143..51ce325 100644 --- a/files/sn_startup.exit.sh.j2 +++ b/files/sn_startup.exit.sh.j2 @@ -19,11 +19,11 @@ curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted", # Set mark 4 to Freifunk traffic /sbin/iptables -t mangle -A PREROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4 -/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/64 ! -d 2a03:2260:121::/64 -j MARK --set-mark 4 +/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/48 ! -d 2a03:2260:121::/48 -j MARK --set-mark 4 # All from FF IPv4 via routing table 42 /bin/ip rule add from {{ sn_ffrl_IPv4 }}/32 lookup 42 -/bin/ip -6 rule add from 2a03:2260:121::/64 lookup 42 +/bin/ip -6 rule add from {{ sn_mesh_IPv6_net }} lookup 42 # Allow MAC address spoofing /sbin/sysctl net.ipv4.conf.bat0.rp_filter=0 From 559d2cc19598269c3a294def0382bca05a2950ad Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Wed, 18 May 2016 00:36:33 +0200 Subject: [PATCH 03/36] Tunneldigger Backup Config --- files/l2tp_broker.cfg-backup.j2 | 51 +++++++++++++++++++++++++++++++ files/start-broker-backup.sh | 9 ++++++ files/tunneldigger-backup.service | 9 ++++++ 3 files changed, 69 insertions(+) create mode 100644 files/l2tp_broker.cfg-backup.j2 create mode 100644 files/start-broker-backup.sh create mode 100644 files/tunneldigger-backup.service diff --git a/files/l2tp_broker.cfg-backup.j2 b/files/l2tp_broker.cfg-backup.j2 new file mode 100644 index 0000000..debcd1d --- /dev/null +++ b/files/l2tp_broker.cfg-backup.j2 @@ -0,0 +1,51 @@ +[broker] +; IP address the broker will listen and accept tunnels on +address={{ ansible_default_ipv4.address }} +; Ports where the broker will listen on +port={{ sn_l2tp_tb_backup_port }} +; Interface with that IP address +interface=eth0 +; Maximum number of cached cookies, required for establishing a +; session with the broker +max_cookies=1024 +; Maximum number of tunnels that will be allowed by the broker +max_tunnels=150 +; Tunnel port base +port_base=25000 +; Tunnel id base +tunnel_id_base=500 +; Tunnel timeout interval in seconds +tunnel_timeout=60 +; Should PMTU discovery be enabled +pmtu_discovery=false +; Namespace (for running multiple brokers); note that you must also +; configure disjunct ports, and tunnel identifiers in order for +; namespacing to work +namespace=backup + +[log] +; Log filename +filename=/var/log/tunneldigger-broker-backup.log +; Verbosity +verbosity=DEBUG +; Should IP addresses be logged or not +log_ip_addresses=false + +[hooks] +; Arguments to the session.{up,pre-down,down} hooks are as follows: +; +; +; +; Arguments to the session.mtu-changed hook are as follows: +; +; +; + +; Called after the tunnel interface goes up +session.up=/srv/tunneldigger/bataddif.sh +; Called just before the tunnel interface goes down +session.pre-down=/srv/tunneldigger/batdelif.sh +; Called after the tunnel interface goes down +session.down= +; Called after the tunnel MTU gets changed because of PMTU discovery +session.mtu-changed= diff --git a/files/start-broker-backup.sh b/files/start-broker-backup.sh new file mode 100644 index 0000000..8f05c33 --- /dev/null +++ b/files/start-broker-backup.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +WDIR=/srv/tunneldigger +VIRTUALENV_DIR=/srv/tunneldigger + +cd $WDIR +source $VIRTUALENV_DIR/bin/activate + +bin/python broker/l2tp_broker.py l2tp_broker-backup.cfg diff --git a/files/tunneldigger-backup.service b/files/tunneldigger-backup.service new file mode 100644 index 0000000..afa351b --- /dev/null +++ b/files/tunneldigger-backup.service @@ -0,0 +1,9 @@ +[Unit] +Description = Start tunneldigger L2TPv3 broker +After = network.target + +[Service] +ExecStart = /srv/tunneldigger/start-broker-backup.sh + +[Install] +WantedBy = multi-user.target From dfa92530ec30a36ce3e7664adce54f00678ddbc1 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Wed, 18 May 2016 20:27:11 +0200 Subject: [PATCH 04/36] new-new-new-newer-net --- install.sn.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/install.sn.yml b/install.sn.yml index 6f6f94a..f253f7b 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -51,9 +51,14 @@ - l2tp_eth tunneldigger_scripts: - start-broker.sh + - start-broker-backup.sh - batdelif.sh tunneldigger_service: - tunneldigger.service + - tunneldigger-backup.service + broker_cfg + - l2tp_broker.cfg-backup.j2 + - l2tp_broker.cfg.j2 bind_zone_fftdf: - named.conf.fftdf check_gw_script: @@ -160,7 +165,8 @@ pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/ when: tunneldigger.changed - name: Copy l2tp broker config template - template: src=./files/l2tp_broker.cfg.j2 dest=/srv/tunneldigger/l2tp_broker.cfg owner=root group=root mode=0444 + template: src=./files/{{ item }} dest=/srv/ owner=root group=root mode=0444 + with_items: broker_cfg when: tunneldigger.changed - name: Copy tunneldigger script template template: src=./files/bataddif.sh.j2 dest=/srv/tunneldigger/bataddif.sh owner=root group=root mode=0500 From 6a2a18f8a783711b9ceb5f443c921926d21463e0 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Fri, 20 May 2016 21:58:25 +0200 Subject: [PATCH 05/36] new-new-net --- install.sn.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/install.sn.yml b/install.sn.yml index f253f7b..37b201e 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -56,11 +56,11 @@ tunneldigger_service: - tunneldigger.service - tunneldigger-backup.service - broker_cfg + broker_cfg: - l2tp_broker.cfg-backup.j2 - l2tp_broker.cfg.j2 - bind_zone_fftdf: - - named.conf.fftdf +# bind_zone_fftdf: +# - named.conf.fftdf check_gw_script: - keepalive.sh authorized_keys: @@ -252,9 +252,9 @@ - name: SSH authorized_keys copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400 with_items: authorized_keys - - name: Copy secondary zone file - copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644 - with_items: bind_zone_fftdf +# - name: Copy secondary zone file +# copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644 +# with_items: bind_zone_fftdf - name: Bind9, activate fftdf zone lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/named.conf.fftdf";' state=present - name: Copy option template From c8cbc23f99b2e69f3d11056a7ef3ed75028e3302 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Fri, 20 May 2016 23:13:42 +0200 Subject: [PATCH 06/36] new_new_net --- ..._broker.cfg-backup.j2 => l2tp_broker-backup.cfg} | 0 files/{l2tp_broker.cfg.j2 => l2tp_broker.cfg} | 0 install.sn.yml | 13 +++++++------ 3 files changed, 7 insertions(+), 6 deletions(-) rename files/{l2tp_broker.cfg-backup.j2 => l2tp_broker-backup.cfg} (100%) rename files/{l2tp_broker.cfg.j2 => l2tp_broker.cfg} (100%) diff --git a/files/l2tp_broker.cfg-backup.j2 b/files/l2tp_broker-backup.cfg similarity index 100% rename from files/l2tp_broker.cfg-backup.j2 rename to files/l2tp_broker-backup.cfg diff --git a/files/l2tp_broker.cfg.j2 b/files/l2tp_broker.cfg similarity index 100% rename from files/l2tp_broker.cfg.j2 rename to files/l2tp_broker.cfg diff --git a/install.sn.yml b/install.sn.yml index 37b201e..ad104a1 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -9,7 +9,7 @@ user: root gather_facts: False vars: - snversion: master_v3.0.14 + snversion: master_v3.0.15 batmanversion: v2015.2 common_required_packages: - git @@ -57,8 +57,8 @@ - tunneldigger.service - tunneldigger-backup.service broker_cfg: - - l2tp_broker.cfg-backup.j2 - - l2tp_broker.cfg.j2 + - l2tp_broker-backup.cfg + - l2tp_broker.cfg # bind_zone_fftdf: # - named.conf.fftdf check_gw_script: @@ -165,7 +165,7 @@ pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/ when: tunneldigger.changed - name: Copy l2tp broker config template - template: src=./files/{{ item }} dest=/srv/ owner=root group=root mode=0444 + template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444 with_items: broker_cfg when: tunneldigger.changed - name: Copy tunneldigger script template @@ -175,8 +175,8 @@ copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500 with_items: tunneldigger_scripts when: tunneldigger.changed - - name: Copy tunneldigger service file - copy: src=./files/{{ item }} dest=/etc/systemd/system/tunneldigger.service owner=root group=root mode=0444 + - name: Copy tunneldigger service template + copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444 with_items: tunneldigger_service when: tunneldigger.changed - name: Tunneldigger reload @@ -184,6 +184,7 @@ with_items: - systemctl daemon-reload - systemctl enable tunneldigger.service + - systemctl enable tunneldigger-backup.service when: tunneldigger.changed - name: Copy logrotate config copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500 From ed9222a3b4d0a09568a55e143cfbfa86aa9adede Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Thu, 26 May 2016 22:38:20 +0200 Subject: [PATCH 07/36] new-new-net --- files/l2tp_backbone.sh.exit.j2 | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index 58da4c1..f56d720 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -1,5 +1,8 @@ #!/bin/sh -# Version 7 +# Version 8 + +sleep 120 + # Der servername muss mit einer einstelligen Zahl aufhoeren!!!!! communityname="troisdorf" server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9" @@ -11,12 +14,12 @@ communitymacaddress="a2:8c:ae:6f:f6" tunnelPrefix=10 sessionPrefix=1 # Netzwerkteil des Netzes, ohne abschliessenden Punkt -communitynetwork="10.188" +#communitynetwork="10.188" # IPv6 network #communitynetworkv6="fda0:747e:ab29:7405:255::" -communitynetworkv6="2a03:2260:121::" +#communitynetworkv6="2a03:2260:121::" # Drittes Octet des serverbereichs -octet3rd="255" +#octet3rd="255" # CIDR muss /16 sein localserver=$(/bin/hostname) batadv=/usr/local/sbin/batadv-vis @@ -44,11 +47,12 @@ dig=/usr/bin/dig # Rest starten $ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 $ip link set up dev bat0 -#$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0 $ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0 -#$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0 $ip -6 addr add {{ sn_mesh_IPv6 }}/64 dev bat0 -$ip route add 10.188.0.0/16 via 10.188.x.254 table 42 +$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} table 42 +$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} +$ip -6 route add 2a03:2260:121::/56 via {{ sn_mesh_IPv6_xfer }} table 42 +$ip -6 route add 2a03:2260:121::/56 via {{ sn_mesh_IPv6_xfer }} /usr/bin/killall batadv-vis /bin/sleep 15 From 3e4b83d964a4b79005482b23960476585b6b04d8 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 01:41:07 +0200 Subject: [PATCH 08/36] Added DNS Configs --- files/fftdf/db.188.10 | 22 +++++++++++++++++++ ...b.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa | 20 +++++++++++++++++ files/fftdf/db.fftdf | 22 +++++++++++++++++++ files/fftdf/fftdf.conf | 21 ++++++++++++++++++ files/named.conf.local | 10 +++++++++ 5 files changed, 95 insertions(+) create mode 100644 files/fftdf/db.188.10 create mode 100644 files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa create mode 100644 files/fftdf/db.fftdf create mode 100644 files/fftdf/fftdf.conf create mode 100644 files/named.conf.local diff --git a/files/fftdf/db.188.10 b/files/fftdf/db.188.10 new file mode 100644 index 0000000..2d6dad7 --- /dev/null +++ b/files/fftdf/db.188.10 @@ -0,0 +1,22 @@ +;; db.188.10 +;; Reverse lookup zone for fftdf +;; +$TTL 2D +@ IN SOA fftdf. root.fftdf. ( + 2014071300 ; Serial + 8H ; Refresh + 2H ; Retry + 4W ; Expire + 2D ) ; TTL Negative Cache + +@ IN NS dns1.infra.fftdf. + +1.0 IN PTR nextnode.fftdf. +;; Update Servers +22.1 IN PTR update1.infra.fftdf. +23.1 IN PTR update2.infra.fftdf. +24.1 IN PTR update3.infra.fftdf. +25.1 IN PTR update4.infra.fftdf. +;; Map Server +21.1 IN PTR map.infa.fftdf. +1.1 IN PTR gateway1.infra.fftdf. \ No newline at end of file diff --git a/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa b/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa new file mode 100644 index 0000000..49903e0 --- /dev/null +++ b/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa @@ -0,0 +1,20 @@ +;; db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa +;; IPv6 reverse lookup zone for fftdf +;; +$TTL 2D +$ORIGIN 5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa. +@ IN SOA fftdf. root.fftdf. ( + 2014071301 ; Serial + 8H ; Refresh + 2H ; Retry + 4W ; Expire + 2D ) ; TTL Negative Cache +@ NS dns1.infra.fftdf. + +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR nextnode.fftdf. +2.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. +3.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. +4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. +5.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. +1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR map.infra.fftdf. +1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR gateway1.infra.fftdf. \ No newline at end of file diff --git a/files/fftdf/db.fftdf b/files/fftdf/db.fftdf new file mode 100644 index 0000000..56b405d --- /dev/null +++ b/files/fftdf/db.fftdf @@ -0,0 +1,22 @@ +;; db.fftdf +;; Forwardlookupzone für .fftdf +;; +$TTL 600 +@ IN SOA fftdf. root.fftdf. ( + 2015584543 ; Serial + 8H ; Refresh + 2H ; Retry + 4W ; Expire + 3H ) ; NX (TTL Negativ Cache) + +@ IN NS {{ sn_hostname }}.infra.fftdf. + IN A {{ sn_mesh_ipv4 }} + IN AAAA {{ sn_mesh_ipv6 }} +localhost IN A 127.0.0.1 + IN AAAA ::1 +nextnode IN A 10.188.0.1 + IN AAAA 2a03:2260:121::1 +;; Update Servers +update1.infra IN AAAA 2a03:2260:121::22 +update2.infra IN AAAA 2a03:2260:121::23 +update3.infra IN AAAA 2a03:2260:121::24 diff --git a/files/fftdf/fftdf.conf b/files/fftdf/fftdf.conf new file mode 100644 index 0000000..7d40d95 --- /dev/null +++ b/files/fftdf/fftdf.conf @@ -0,0 +1,21 @@ +// Zone declarations for Freifunk Troisdorf + +zone "fftdf" { + type master; + file "/etc/bind/fftdf/db.fftdf"; +}; + +zone "nodes.fftdf" { + type master; + file "/etc/bind/fftdf/db.nodes.fftdf"; +}; + +zone "188.10.in-addr.arpa" { + type master; + file "/etc/bind/fftdf/db.188.10"; +}; + +zone "5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa" { + type master; + file "/etc/bind/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa"; +}; \ No newline at end of file diff --git a/files/named.conf.local b/files/named.conf.local new file mode 100644 index 0000000..db75b20 --- /dev/null +++ b/files/named.conf.local @@ -0,0 +1,10 @@ +// +// Do any local configuration here +// + +// Consider adding the 1918 zones here, if they are not used in your +// organization +//include "/etc/bind/zones.rfc1918"; + +// Include Freifunk Troisdorf (fftdf) zones +include "/etc/bind/fftdf/fftdf.conf"; \ No newline at end of file From 2ce8651c26cd3df2ceaee0617a03434a00da688f Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 12:26:12 +0200 Subject: [PATCH 09/36] DNS Integration --- files/fftdf/fftdf.conf | 15 --------------- install.sn.yml | 39 ++++++++++++++++++--------------------- 2 files changed, 18 insertions(+), 36 deletions(-) diff --git a/files/fftdf/fftdf.conf b/files/fftdf/fftdf.conf index 7d40d95..e94dfa6 100644 --- a/files/fftdf/fftdf.conf +++ b/files/fftdf/fftdf.conf @@ -3,19 +3,4 @@ zone "fftdf" { type master; file "/etc/bind/fftdf/db.fftdf"; -}; - -zone "nodes.fftdf" { - type master; - file "/etc/bind/fftdf/db.nodes.fftdf"; -}; - -zone "188.10.in-addr.arpa" { - type master; - file "/etc/bind/fftdf/db.188.10"; -}; - -zone "5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa" { - type master; - file "/etc/bind/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa"; }; \ No newline at end of file diff --git a/install.sn.yml b/install.sn.yml index ad104a1..5a8e20d 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -3,13 +3,12 @@ # ansible troisdorf4 -u root -m raw -a "apt-get update && apt-get install python -y" - name: Install Freifunk Troisdorf super node -# hosts: FreifunkSupernodesL2TP hosts: '{{ target }}' sudo: False user: root gather_facts: False vars: - snversion: master_v3.0.15 + snversion: master_v3.0.14 batmanversion: v2015.2 common_required_packages: - git @@ -57,10 +56,10 @@ - tunneldigger.service - tunneldigger-backup.service broker_cfg: - - l2tp_broker-backup.cfg - - l2tp_broker.cfg -# bind_zone_fftdf: -# - named.conf.fftdf + - l2tp_broker.cfg-backup.j2 + - l2tp_broker.cfg.j2 + bind_zone_fftdf: + - named.conf.fftdf check_gw_script: - keepalive.sh authorized_keys: @@ -76,8 +75,6 @@ raw: "sed -i '/deb cdrom/c\\#' /etc/apt/sources.list" - name: Make this server ansible compatible raw: "apt-get update && apt-get install python -y" -# - name: Add backport repo to source list #target: /etc/apt/sources.list.d -# apt_repository: repo='deb http://http.debian.net/debian jessie-backports main' state=present - name: Update apt cache apt: update_cache=yes - name: Gathering facts @@ -130,17 +127,14 @@ shell: > apt-get install linux-headers-$(uname -r) -y when: aptupdates.changed +# Install Batman-adv and batctl # - name: Get batman-adv git: repo=https://git.open-mesh.org/batman-adv.git dest=/tmp/batman-adv when: aptupdates.changed register: getbatman -# - name: Get batman-adv no rebrotcast patch -# get_url: url=http://map.freifunk-moehne.de/stuff/1001-batman-adv-introduce-no_rebroadcast-option.patch dest=/tmp/batman-adv/1001-batman-adv-introduce-no_rebroadcast-option.patch -# when: getbatman.changed - name: Install batman-adv shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && make && make install -# shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && git apply 1001-batman-adv-introduce-no_rebroadcast-option.patch && make && make install when: getbatman.changed - name: Get batctl git: repo=http://git.open-mesh.org/batctl.git @@ -150,8 +144,8 @@ - name: Install batctl shell: cd /tmp/batctl && git checkout {{ batmanversion }} && make && make install when: getbatctl.changed +# Install Tunneldigger # - name: Get Tunneldigger -# git: repo=https://github.com/wlanslovenija/tunneldigger.git git: repo=https://github.com/ffrl/tunneldigger.git dest=/srv/tunneldigger register: tunneldigger @@ -165,7 +159,7 @@ pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/ when: tunneldigger.changed - name: Copy l2tp broker config template - template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444 + template: src=./files/{{ item }} dest=/srv/ owner=root group=root mode=0444 with_items: broker_cfg when: tunneldigger.changed - name: Copy tunneldigger script template @@ -175,8 +169,8 @@ copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500 with_items: tunneldigger_scripts when: tunneldigger.changed - - name: Copy tunneldigger service template - copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444 + - name: Copy tunneldigger service file + copy: src=./files/{{ item }} dest=/etc/systemd/system/ owner=root group=root mode=0444 with_items: tunneldigger_service when: tunneldigger.changed - name: Tunneldigger reload @@ -184,7 +178,6 @@ with_items: - systemctl daemon-reload - systemctl enable tunneldigger.service - - systemctl enable tunneldigger-backup.service when: tunneldigger.changed - name: Copy logrotate config copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500 @@ -253,13 +246,17 @@ - name: SSH authorized_keys copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400 with_items: authorized_keys -# - name: Copy secondary zone file -# copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644 -# with_items: bind_zone_fftdf - name: Bind9, activate fftdf zone - lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/named.conf.fftdf";' state=present + lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/fftdf/fftdf.conf";' state=present - name: Copy option template template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644 + - name: Create fftdf directory + file: path=/etc/bind/fftdf state=directory + - name: Copy FFTDF Zones + copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644 + with_items: + - fftdf.conf + - db.fftdf - name: Copy radvd config template template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444 - name: Interface configuration with ffrl gre tunnel From 57e6976ca9aa106714b521b6c7be55d40130471d Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 12:27:49 +0200 Subject: [PATCH 10/36] Removed Old DNS Files --- files/fftdf/db.188.10 | 22 ------------------- ...b.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa | 20 ----------------- 2 files changed, 42 deletions(-) delete mode 100644 files/fftdf/db.188.10 delete mode 100644 files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa diff --git a/files/fftdf/db.188.10 b/files/fftdf/db.188.10 deleted file mode 100644 index 2d6dad7..0000000 --- a/files/fftdf/db.188.10 +++ /dev/null @@ -1,22 +0,0 @@ -;; db.188.10 -;; Reverse lookup zone for fftdf -;; -$TTL 2D -@ IN SOA fftdf. root.fftdf. ( - 2014071300 ; Serial - 8H ; Refresh - 2H ; Retry - 4W ; Expire - 2D ) ; TTL Negative Cache - -@ IN NS dns1.infra.fftdf. - -1.0 IN PTR nextnode.fftdf. -;; Update Servers -22.1 IN PTR update1.infra.fftdf. -23.1 IN PTR update2.infra.fftdf. -24.1 IN PTR update3.infra.fftdf. -25.1 IN PTR update4.infra.fftdf. -;; Map Server -21.1 IN PTR map.infa.fftdf. -1.1 IN PTR gateway1.infra.fftdf. \ No newline at end of file diff --git a/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa b/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa deleted file mode 100644 index 49903e0..0000000 --- a/files/fftdf/db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa +++ /dev/null @@ -1,20 +0,0 @@ -;; db.5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa -;; IPv6 reverse lookup zone for fftdf -;; -$TTL 2D -$ORIGIN 5.0.4.7.9.2.b.a.e.7.4.7.0.a.d.f.ip6.arpa. -@ IN SOA fftdf. root.fftdf. ( - 2014071301 ; Serial - 8H ; Refresh - 2H ; Retry - 4W ; Expire - 2D ) ; TTL Negative Cache -@ NS dns1.infra.fftdf. - -1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR nextnode.fftdf. -2.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. -3.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. -4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. -5.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR update1.infra.fftdf. -1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR map.infra.fftdf. -1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0 PTR gateway1.infra.fftdf. \ No newline at end of file From 0c1c3a3620b497093e434e6814574b8d68c3d620 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 13:26:53 +0200 Subject: [PATCH 11/36] Keepalive for new-new-net --- files/keepalive.exit.sh.j2 | 91 ++++++++++++++++++-------------------- 1 file changed, 42 insertions(+), 49 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index ebd7049..dee2798 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -6,44 +6,33 @@ while [ true ] ; do iam=$(/bin/hostname) day=$(date +%d) BATCTL=/usr/local/sbin/batctl - active_SN=$iam #### Settings #### # Names of the 2 Supernodes # - loadbalance=$(cat /etc/supernode-status/loadbalancing.mode) - if [ $iam = "troisdorf5" ]; then + if [ $iam = "troisdorf4" ]; then + my_SN_IP=185.66.193.104 + other_SN_IP=185.66.193.105 + meship=10.188.0.4 + SN1=troisdorf4 + SN2=troisdorf5 + elif [ $iam = "troisdorf5" ]; then my_SN_IP=185.66.193.105 other_SN_IP=185.66.193.106 - meship=10.188.255.5 + meship=10.188.32.5 SN1=troisdorf5 SN2=troisdorf6 elif [ $iam = "troisdorf6" ]; then my_SN_IP=185.66.193.106 - other_SN_IP=185.66.193.105 - meship=10.188.255.6 - SN1=troisdorf5 - SN2=troisdorf6 - elif [ $iam = "troisdorf1" ]; then - my_SN_IP=185.66.193.101 - other_SN_IP=185.66.193.102 - meship=10.188.255.1 - SN1=troisdorf1 - SN2=troisdorf2 - elif [ $iam = "troisdorf2" ]; then - my_SN_IP=185.66.193.102 - other_SN_IP=185.66.193.101 - meship=10.188.255.2 - SN1=troisdorf1 - SN2=troisdorf2 + other_SN_IP=185.66.193.107 + meship=10.188.64.6 + SN1=troisdorf6 + SN2=troisdorf7 + elif [ $iam = "troisdorf7" ]; then + my_SN_IP=185.66.193.107 + other_SN_IP=185.66.193.104 + meship=10.188.92.7 + SN1=troisdorf7 + SN2=troisdorf4 fi - if [ $loadbalance = "1" ] && [ $mode != "0" ]; then - if [ $day -gt 15 ]; then - active_SN=$SN1 - else - active_SN=$SN2 - fi - fi - - ################## # functions # # Supernode off # @@ -54,11 +43,7 @@ while [ true ] ; do /usr/sbin/service tunneldigger stop /usr/sbin/service radvd stop /usr/sbin/service isc-dhcp-server stop - if [ $loadbalance == 1 ] && [ $mode != 0 ]; then - echo 3 > /etc/supernode-status/supernode.status - else - echo 0 > /etc/supernode-status/supernode.status - fi + echo 0 > /etc/supernode-status/supernode.status echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } # Supernode on # @@ -67,13 +52,22 @@ while [ true ] ; do /usr/sbin/service bird6 start /usr/sbin/service bird start /usr/sbin/service tunneldigger start + /usr/sbin/service tunneldigger-backup stop /usr/sbin/service radvd start /usr/sbin/service isc-dhcp-server start - if [ $loadbalance == 1 ]; then - echo 1 > /etc/supernode-status/supernode.status - else - echo 2 > /etc/supernode-status/supernode.status - fi + echo 1 > /etc/supernode-status/supernode.status + echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 + } +# Supernode Backup Mode + supernode_backup () { + $BATCTL gw server 100Mbit/100Mbit + /usr/sbin/service bird6 start + /usr/sbin/service bird start + /usr/sbin/service tunneldigger start + /usr/sbin/service tunneldigger-backup start + /usr/sbin/service radvd start + /usr/sbin/service isc-dhcp-server start + echo 2 > /etc/supernode-status/supernode.status echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } # Restart Services # @@ -88,36 +82,35 @@ while [ true ] ; do echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } #Check other Supernode - if [ $iam != $active_SN ]; - then - ping -q -c5 $other_SN_IP -I eth0 > /dev/null + nc -zvu $other_SN_IP 53842 if [ $? -eq 0 ] then - if [ $online ==1 ] || [ $online = 2 ]; then + if [ $online = 2 ]; then curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} fi supernode_off else - supernode_on + supernode_backup curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode offline. Ich habe mich eingeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} - sleep 300 fi - else # Check this Supernode if [ $mode != "0" ]; then ping -q -c5 $my_SN_IP -I eth0 > /dev/null if [ $? -eq 0 ] then - if [ $online = 0 ] || [ $online = 3 ]; then + if [ $online = 0 ]; then curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} fi - supernode_on + if [ mode == 1 ]; then + supernode_on + else + supernode_backup + fi else supernode_fail curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} fi fi - fi # Supernode off if [ $mode = "0" ]; then supernode_off From 00a715c1a72ebde3f4c9ec780b6f9e85632bc46d Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 14:56:57 +0200 Subject: [PATCH 12/36] Supernode Tool Update --- files/supernode | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/files/supernode b/files/supernode index 43f0413..69e3a31 100644 --- a/files/supernode +++ b/files/supernode @@ -13,11 +13,9 @@ status () { if [ $supernode_status == 0 ]; then echo "Supernode ist Offline" elif [ $supernode_status == 1 ]; then - echo "Supernode läuft (Loadbalancing)" + echo "Supernode läuft" elif [ $supernode_status == 2 ]; then - echo "Supernode läuft (Dauer-Ein)" - elif [ $supernode_status == 3 ]; then - echo "Supernode Offline (Loadbalancing)" + echo "Supernode läuft (Backup)" fi for service in bird bird6 dhcpd radvd python named do @@ -31,20 +29,16 @@ status () { off () { echo 0 > /etc/supernode-status/supernode.mode - echo 0 > /etc/supernode-status/loadbalancing.mode - echo "Supernode Aus" } on () { echo 1 > /etc/supernode-status/supernode.mode - echo 0 > /etc/supernode-status/loadbalancing.mode - echo "Supernode Dauer-An" + echo "Supernode An" } -auto () { - echo 1 > /etc/supernode-status/loadbalancing.mode - echo 1 > /etc/supernode-status/supernode.mode - echo "Supernode Aktiviert inkl. Loadbalance" +backup () { + echo 2 > /etc/supernode-status/supernode.mode + echo "Supernode Aktiviert inkl. Backup" } $1 From 4622899970ac8987f87cafe6195d7dd34ac82146 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sat, 28 May 2016 15:34:57 +0200 Subject: [PATCH 13/36] Interfaces Config for online.net Server (#13) * Interfaces Config for online.net Server * Tdf7 IP --- files/interfaces-troisdorf4 | 22 +++++++++++++--------- files/interfaces-troisdorf5 | 16 ++++++++++------ files/interfaces-troisdorf6 | 23 +++++++++++------------ files/interfaces-troisdorf7 | 22 +++++++++++++--------- 4 files changed, 47 insertions(+), 36 deletions(-) diff --git a/files/interfaces-troisdorf4 b/files/interfaces-troisdorf4 index f045727..995ae25 100644 --- a/files/interfaces-troisdorf4 +++ b/files/interfaces-troisdorf4 @@ -14,7 +14,11 @@ iface lo inet6 loopback # The primary network interface allow-hotplug eth0 -iface eth0 inet dhcp +iface eth0 inet static + address 212.129.50.141 + netmask 255.255.255.255 + gateway 163.172.210.1 + pointopoint 163.172.210.1 post-up iptables -P OUTPUT ACCEPT post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP @@ -22,8 +26,8 @@ iface eth0 inet dhcp post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE auto 6to4 - iface 6to4 inet6 6to4 - local 163.172.27.8 + iface 6to4 inet6 6to4 + local 212.129.50.141 # GRE Tunnel zum Rheinland Backbone # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen @@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber iface gre-bb-a.ak.ber inet static address 100.64.6.13 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber iface gre-bb-b.ak.ber inet static address 100.64.6.19 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus iface gre-bb-a.ix.dus inet static address 100.64.6.17 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus iface gre-bb-b.ix.dus inet static address 100.64.6.23 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f iface gre-bb-a.fra3.f inet static address 100.64.6.15 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f iface gre-bb-b.fra3.f inet static address 100.64.6.21 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 diff --git a/files/interfaces-troisdorf5 b/files/interfaces-troisdorf5 index 6a296de..7f1c8eb 100644 --- a/files/interfaces-troisdorf5 +++ b/files/interfaces-troisdorf5 @@ -14,7 +14,11 @@ iface lo inet6 loopback # The primary network interface allow-hotplug eth0 -iface eth0 inet dhcp +iface eth0 inet static + address 62.210.5.90 + netmask 255.255.255.255 + gateway 163.172.210.1 + pointopoint 163.172.210.1 post-up iptables -P OUTPUT ACCEPT post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP @@ -23,7 +27,7 @@ iface eth0 inet dhcp post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE auto 6to4 iface 6to4 inet6 6to4 - local 138.201.54.123 + local 62.210.5.90 # GRE Tunnel zum Rheinland Backbone # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen @@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber iface gre-bb-a.ak.ber inet static address 100.64.2.151 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber iface gre-bb-b.ak.ber inet static address 100.64.2.153 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus iface gre-bb-a.ix.dus inet static address 100.64.2.155 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus iface gre-bb-b.ix.dus inet static address 100.64.2.157 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 diff --git a/files/interfaces-troisdorf6 b/files/interfaces-troisdorf6 index 9b12f50..2cfdec5 100644 --- a/files/interfaces-troisdorf6 +++ b/files/interfaces-troisdorf6 @@ -16,10 +16,10 @@ iface lo inet6 loopback allow-hotplug eth0 #iface eth0 inet dhcp iface eth0 inet static - address 46.4.138.189 - netmask 255.255.255.192 - gateway 46.4.138.129 - dns-nameserver 213.133.100.100 213.133.99.99 213.133.98.98 + address 62.210.12.122 + netmask 255.255.255.255 + gateway 163.172.210.1 + pointopoint 163.172.210.1 post-up iptables -P OUTPUT ACCEPT post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP @@ -27,10 +27,9 @@ iface eth0 inet static post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE -iface eth0 inet6 static - address 2a01:4f8:11d:600::189 - netmask 59 - gateway 2a01:4f8:11d:600::1 +auto 6to4 + iface 6to4 inet6 6to4 + local 62.210.12.122 post-up ip6tables -P OUTPUT ACCEPT post-up ip6tables -A OUTPUT -o eth0 -d fc00::/7 -j DROP @@ -42,7 +41,7 @@ auto gre-bb-a.ak.ber iface gre-bb-a.ak.ber inet static address 100.64.2.159 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -59,7 +58,7 @@ auto gre-bb-b.ak.ber iface gre-bb-b.ak.ber inet static address 100.64.2.161 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -77,7 +76,7 @@ auto gre-bb-a.ix.dus iface gre-bb-a.ix.dus inet static address 100.64.2.163 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -95,7 +94,7 @@ auto gre-bb-b.ix.dus iface gre-bb-b.ix.dus inet static address 100.64.2.165 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 diff --git a/files/interfaces-troisdorf7 b/files/interfaces-troisdorf7 index cafe075..eb8e58b 100644 --- a/files/interfaces-troisdorf7 +++ b/files/interfaces-troisdorf7 @@ -14,7 +14,11 @@ iface lo inet6 loopback # The primary network interface allow-hotplug eth0 -iface eth0 inet dhcp +iface eth0 inet static + address 163.172.194.197 + netmask 255.255.255.255 + gateway 163.172.210.1 + pointopoint 163.172.210.1 post-up iptables -P OUTPUT ACCEPT post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP @@ -22,8 +26,8 @@ iface eth0 inet dhcp post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE auto 6to4 - iface 6to4 inet6 6to4 - local 163.172.28.228 + iface 6to4 inet6 6to4 + local 163.172.194.197 # GRE Tunnel zum Rheinland Backbone # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen @@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber iface gre-bb-a.ak.ber inet static address 100.64.6.25 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.195.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber iface gre-bb-b.ak.ber inet static address 100.64.6.31 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.195.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus iface gre-bb-a.ix.dus inet static address 100.64.6.29 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.193.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus iface gre-bb-b.ix.dus inet static address 100.64.6.35 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.193.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f iface gre-bb-a.fra3.f inet static address 100.64.6.27 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.194.0 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.0 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 @@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f iface gre-bb-b.fra3.f inet static address 100.64.6.33 netmask 255.255.255.254 - pre-up ip tunnel add $IFACE mode gre local 163.172.28.228 remote 185.66.194.1 ttl 255 + pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.1 ttl 255 post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107 post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312 post-up ip link set $IFACE mtu 1400 From c23881fbe7f067fa572fec5d77da98d89b413602 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 28 May 2016 15:47:29 +0200 Subject: [PATCH 14/36] Bugfix --- install.sn.yml | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/install.sn.yml b/install.sn.yml index 5a8e20d..67360d1 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -3,12 +3,13 @@ # ansible troisdorf4 -u root -m raw -a "apt-get update && apt-get install python -y" - name: Install Freifunk Troisdorf super node +# hosts: FreifunkSupernodesL2TP hosts: '{{ target }}' sudo: False user: root gather_facts: False vars: - snversion: master_v3.0.14 + snversion: master_v3.0.15 batmanversion: v2015.2 common_required_packages: - git @@ -56,10 +57,10 @@ - tunneldigger.service - tunneldigger-backup.service broker_cfg: - - l2tp_broker.cfg-backup.j2 - - l2tp_broker.cfg.j2 - bind_zone_fftdf: - - named.conf.fftdf + - l2tp_broker-backup.cfg + - l2tp_broker.cfg +# bind_zone_fftdf: +# - named.conf.fftdf check_gw_script: - keepalive.sh authorized_keys: @@ -75,6 +76,8 @@ raw: "sed -i '/deb cdrom/c\\#' /etc/apt/sources.list" - name: Make this server ansible compatible raw: "apt-get update && apt-get install python -y" +# - name: Add backport repo to source list #target: /etc/apt/sources.list.d +# apt_repository: repo='deb http://http.debian.net/debian jessie-backports main' state=present - name: Update apt cache apt: update_cache=yes - name: Gathering facts @@ -127,14 +130,17 @@ shell: > apt-get install linux-headers-$(uname -r) -y when: aptupdates.changed -# Install Batman-adv and batctl # - name: Get batman-adv git: repo=https://git.open-mesh.org/batman-adv.git dest=/tmp/batman-adv when: aptupdates.changed register: getbatman +# - name: Get batman-adv no rebrotcast patch +# get_url: url=http://map.freifunk-moehne.de/stuff/1001-batman-adv-introduce-no_rebroadcast-option.patch dest=/tmp/batman-adv/1001-batman-adv-introduce-no_rebroadcast-option.patch +# when: getbatman.changed - name: Install batman-adv shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && make && make install +# shell: cd /tmp/batman-adv && git checkout {{ batmanversion }} && git apply 1001-batman-adv-introduce-no_rebroadcast-option.patch && make && make install when: getbatman.changed - name: Get batctl git: repo=http://git.open-mesh.org/batctl.git @@ -144,8 +150,8 @@ - name: Install batctl shell: cd /tmp/batctl && git checkout {{ batmanversion }} && make && make install when: getbatctl.changed -# Install Tunneldigger # - name: Get Tunneldigger +# git: repo=https://github.com/wlanslovenija/tunneldigger.git git: repo=https://github.com/ffrl/tunneldigger.git dest=/srv/tunneldigger register: tunneldigger @@ -159,7 +165,7 @@ pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/ when: tunneldigger.changed - name: Copy l2tp broker config template - template: src=./files/{{ item }} dest=/srv/ owner=root group=root mode=0444 + template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444 with_items: broker_cfg when: tunneldigger.changed - name: Copy tunneldigger script template @@ -169,8 +175,8 @@ copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500 with_items: tunneldigger_scripts when: tunneldigger.changed - - name: Copy tunneldigger service file - copy: src=./files/{{ item }} dest=/etc/systemd/system/ owner=root group=root mode=0444 + - name: Copy tunneldigger service template + copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444 with_items: tunneldigger_service when: tunneldigger.changed - name: Tunneldigger reload @@ -178,6 +184,7 @@ with_items: - systemctl daemon-reload - systemctl enable tunneldigger.service + - systemctl enable tunneldigger-backup.service when: tunneldigger.changed - name: Copy logrotate config copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500 @@ -313,4 +320,4 @@ msg: "{{ inventory_hostname }} completed with {{ snversion }}" channel: "#technik" username: "Ansible on {{ inventory_hostname }}" - parse: 'none' + parse: 'none' \ No newline at end of file From 6766dce13c84ce2eb321ab6e5042d44dffd03261 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 29 May 2016 12:22:19 +0200 Subject: [PATCH 15/36] Rename db.fftdf to db.fftdf.j2 --- files/fftdf/{db.fftdf => db.fftdf.j2} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename files/fftdf/{db.fftdf => db.fftdf.j2} (100%) diff --git a/files/fftdf/db.fftdf b/files/fftdf/db.fftdf.j2 similarity index 100% rename from files/fftdf/db.fftdf rename to files/fftdf/db.fftdf.j2 From 3845e78b64e073d86021b263e89b5271b08a5758 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 29 May 2016 12:24:33 +0200 Subject: [PATCH 16/36] Template for fftdf.db --- install.sn.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/install.sn.yml b/install.sn.yml index 67360d1..fa35b42 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -263,7 +263,8 @@ copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644 with_items: - fftdf.conf - - db.fftdf + - name: Copy fftdf Zone config template + template: src=./files/fftdf/db.fftdf.j2 dest=/etc/bind/fftdf/db.fftdf owner=radvd group=root mode=0444 - name: Copy radvd config template template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444 - name: Interface configuration with ffrl gre tunnel @@ -320,4 +321,4 @@ msg: "{{ inventory_hostname }} completed with {{ snversion }}" channel: "#technik" username: "Ansible on {{ inventory_hostname }}" - parse: 'none' \ No newline at end of file + parse: 'none' From 174d05f8aa3793bb5c42edbd89ea34bf73b11157 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 29 May 2016 12:30:30 +0200 Subject: [PATCH 17/36] Update keepalive.exit.sh.j2 --- files/keepalive.exit.sh.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index dee2798..ad89d5b 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -41,6 +41,7 @@ while [ true ] ; do /usr/sbin/service bird6 stop /usr/sbin/service bird stop /usr/sbin/service tunneldigger stop + /usr/sbin/service tunneldigger-backup stop /usr/sbin/service radvd stop /usr/sbin/service isc-dhcp-server stop echo 0 > /etc/supernode-status/supernode.status From e27851e7945208da92bcd4ff1f19671ca6f6a934 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Sun, 29 May 2016 21:10:24 +0200 Subject: [PATCH 18/36] Variable fixed --- files/fftdf/db.fftdf.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/files/fftdf/db.fftdf.j2 b/files/fftdf/db.fftdf.j2 index 56b405d..c9da56e 100644 --- a/files/fftdf/db.fftdf.j2 +++ b/files/fftdf/db.fftdf.j2 @@ -10,8 +10,8 @@ $TTL 600 3H ) ; NX (TTL Negativ Cache) @ IN NS {{ sn_hostname }}.infra.fftdf. - IN A {{ sn_mesh_ipv4 }} - IN AAAA {{ sn_mesh_ipv6 }} + IN A {{ sn_mesh_IPv4 }} + IN AAAA {{ sn_mesh_IPv6 }} localhost IN A 127.0.0.1 IN AAAA ::1 nextnode IN A 10.188.0.1 From c3e4e87f2b2f2b07acdf3d59f39f924af8064bf6 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 29 May 2016 21:19:14 +0200 Subject: [PATCH 19/36] Update db.fftdf.j2 --- files/fftdf/db.fftdf.j2 | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/files/fftdf/db.fftdf.j2 b/files/fftdf/db.fftdf.j2 index c9da56e..a4e2764 100644 --- a/files/fftdf/db.fftdf.j2 +++ b/files/fftdf/db.fftdf.j2 @@ -12,10 +12,13 @@ $TTL 600 @ IN NS {{ sn_hostname }}.infra.fftdf. IN A {{ sn_mesh_IPv4 }} IN AAAA {{ sn_mesh_IPv6 }} -localhost IN A 127.0.0.1 - IN AAAA ::1 -nextnode IN A 10.188.0.1 - IN AAAA 2a03:2260:121::1 +localhost IN A 127.0.0.1 + IN AAAA ::1 +nextnode IN A 10.188.0.1 + IN AAAA 2a03:2260:121::1 +;;This Supernode +{{ sn_hostname }}.infra.fftdf IN A {{ sn_mesh_IPv4 }} + IN AAAA {{ sn_mesh_IPv6 }} ;; Update Servers update1.infra IN AAAA 2a03:2260:121::22 update2.infra IN AAAA 2a03:2260:121::23 From c321821855f6d6f04885df374df2e4a7a44fd19c Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Thu, 2 Jun 2016 23:21:02 +0200 Subject: [PATCH 20/36] bugfix keepalive,sh --- files/keepalive.exit.sh.j2 | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index ad89d5b..2218f9b 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -11,24 +11,28 @@ while [ true ] ; do if [ $iam = "troisdorf4" ]; then my_SN_IP=185.66.193.104 other_SN_IP=185.66.193.105 + other_SN_DNS=5.fftdf.de meship=10.188.0.4 SN1=troisdorf4 SN2=troisdorf5 elif [ $iam = "troisdorf5" ]; then my_SN_IP=185.66.193.105 other_SN_IP=185.66.193.106 + other_SN_DNS=6.fftdf.de meship=10.188.32.5 SN1=troisdorf5 SN2=troisdorf6 elif [ $iam = "troisdorf6" ]; then my_SN_IP=185.66.193.106 - other_SN_IP=185.66.193.107 + other_SN_IP=185.66.193.104 + other_SN_DNS=4.fftdf.de meship=10.188.64.6 SN1=troisdorf6 - SN2=troisdorf7 + SN2=troisdorf4 elif [ $iam = "troisdorf7" ]; then my_SN_IP=185.66.193.107 other_SN_IP=185.66.193.104 + other_SN_DNS=4.fftdf.de meship=10.188.92.7 SN1=troisdorf7 SN2=troisdorf4 @@ -83,13 +87,13 @@ while [ true ] ; do echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } #Check other Supernode - nc -zvu $other_SN_IP 53842 + nc -zvu $other_SN_DNS 53842 if [ $? -eq 0 ] then if [ $online = 2 ]; then curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} + supernode_on fi - supernode_off else supernode_backup curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode offline. Ich habe mich eingeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} @@ -104,7 +108,7 @@ while [ true ] ; do fi if [ mode == 1 ]; then supernode_on - else + elif [ mode == 2 ]; then supernode_backup fi else From 16dc662a8141068a3c3bacc00b74ee79ff74ae4a Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 4 Jun 2016 02:01:34 +0200 Subject: [PATCH 21/36] Supernode Script Changes --- files/supernode | 35 ++++++++++++++++++++++++++--------- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/files/supernode b/files/supernode index 69e3a31..3f01968 100644 --- a/files/supernode +++ b/files/supernode @@ -1,28 +1,40 @@ #!/bin/bash help () { echo "Supernode Settings:" -echo "status | off | on | auto" +echo "status | off | on | backup | backup_off" } status () { supernode_status=$(/bin/cat /etc/supernode-status/supernode.status) supernode_mode=$(/bin/cat /etc/supernode-status/supernode.mode) - loadbalancing=$(cat /etc/supernode-status/loadbalancing.mode) - echo "Supernode Status: (Ist-Zustand)" + echo -e "\nSupernode Status: (Ist-Zustand)" if [ $supernode_status == 0 ]; then - echo "Supernode ist Offline" + echo "Supernode ist Abgeschaltet" elif [ $supernode_status == 1 ]; then - echo "Supernode läuft" + echo "Supernode läuft (Automatik inkl. Backup)" elif [ $supernode_status == 2 ]; then - echo "Supernode läuft (Backup)" + echo "Supernode läuft (Backup Netz Aktiv)" + elif [ $supernode_status == 3 ]; then + echo "Supernode läuft (Backup deaktiviert)" fi + echo -e "\nSupernode Status: (Soll-Zustand)" + if [ $supernode_mode == 0 ]; then + echo "Supernode ist Abgeschaltet" + elif [ $supernode_mode == 1 ]; then + echo "Supernode läuft (Automatik inkl. Backup)" + elif [ $supernode_mode == 2 ]; then + echo "Supernode läuft (Backup Netz Aktiv)" + elif [ $supernode_mode == 3 ]; then + echo "Supernode läuft (Backup deaktiviert)" + fi + echo -e "\nService Status" for service in bird bird6 dhcpd radvd python named do if [ "$(/bin/cat /etc/supernode-status/$service.status)" = "1" ]; then - echo -e "$service \e[1;4;93mläuft\e[0m" + echo -e "$service läuft" else - echo -e "$service \e[1;4;91mläuft nicht\e[0m" + echo -e "$service aus" fi done } @@ -41,4 +53,9 @@ backup () { echo 2 > /etc/supernode-status/supernode.mode echo "Supernode Aktiviert inkl. Backup" } -$1 + +backup_off () { + echo 3 > /etc/supernode-status/supernode.mode + echo "Supernode Aktiviert (Backup deaktiviert)" +} +$1 \ No newline at end of file From 1a2ac9d01697e28b85317f588c50faca5675ff94 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 4 Jun 2016 18:39:59 +0200 Subject: [PATCH 22/36] New Slack Push --- files/keepalive.exit.sh.j2 | 66 +++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 30 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index 2218f9b..1e0c767 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -15,6 +15,7 @@ while [ true ] ; do meship=10.188.0.4 SN1=troisdorf4 SN2=troisdorf5 + slack="/usr/local/bin/slacktee.sh -u troisdorf4" elif [ $iam = "troisdorf5" ]; then my_SN_IP=185.66.193.105 other_SN_IP=185.66.193.106 @@ -22,6 +23,7 @@ while [ true ] ; do meship=10.188.32.5 SN1=troisdorf5 SN2=troisdorf6 + slack="/usr/local/bin/slacktee.sh -u troisdorf5" elif [ $iam = "troisdorf6" ]; then my_SN_IP=185.66.193.106 other_SN_IP=185.66.193.104 @@ -29,6 +31,7 @@ while [ true ] ; do meship=10.188.64.6 SN1=troisdorf6 SN2=troisdorf4 + slack="/usr/local/bin/slacktee.sh -u troisdorf6" elif [ $iam = "troisdorf7" ]; then my_SN_IP=185.66.193.107 other_SN_IP=185.66.193.104 @@ -36,6 +39,7 @@ while [ true ] ; do meship=10.188.92.7 SN1=troisdorf7 SN2=troisdorf4 + slack="/usr/local/bin/slacktee.sh -u troisdorf7" fi ################## # functions # @@ -87,35 +91,34 @@ while [ true ] ; do echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } #Check other Supernode - nc -zvu $other_SN_DNS 53842 - if [ $? -eq 0 ] - then - if [ $online = 2 ]; then - curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} - supernode_on - fi - else - supernode_backup - curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode offline. Ich habe mich eingeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} - fi -# Check this Supernode - if [ $mode != "0" ]; then - ping -q -c5 $my_SN_IP -I eth0 > /dev/null - if [ $? -eq 0 ] - then - if [ $online = 0 ]; then - curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} - fi - if [ mode == 1 ]; then - supernode_on - elif [ mode == 2 ]; then - supernode_backup - fi + if [ $mode != "0" ]; then + if [ $mode == "1" ]; then + nc -zvu $other_SN_DNS 53842 + if [ $? -eq 0 ]; then + if [ $online = 2 ]; then + echo "Supernode wieder online. Backup Modus abgeschaltet" | $slack + supernode_on + fi else - supernode_fail - curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} + supernode_backup + echo "Supernode offline. Backup modus eingeschaltet" | $slack fi fi +# Check this Supernode + ping -q -c5 $my_SN_IP -I eth0 > /dev/null + if [ $? -eq 0 ]; then + if [ $online = 0 ]; then + echo "Ich bin jetzt Supernode!" | $slack + elif [ $mode == 1 ]; then + supernode_on + elif [ $mode == 2 ]; then + supernode_backup + fi + else + supernode_fail + echo "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten" | $slack + fi + fi # Supernode off if [ $mode = "0" ]; then supernode_off @@ -125,17 +128,20 @@ while [ true ] ; do do x=`pidof $service`; if [ "$x" = "" ]; then - echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003 - echo 0 > /etc/supernode-status/"$service".status + echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003 + echo 0 > /etc/supernode-status/"$service".status else - echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003 - echo 1 > /etc/supernode-status/"$service".status + echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003 + echo 1 > /etc/supernode-status/"$service".status fi done # Check DNS Server host google.de $meship if [ "$?" != "0" ]; then service bind9 restart + if [ $mode != "0" ]; then + echo "DNS Server läuft nicht! Versuche neu zu starten!" | $slack + fi fi #Check Tunneldigger Connections if ! [ -d /opt/freifunk/tunneldigger_interfaces ]; then From d9fc50c65a44c84f9d4daeba1884fde4fd1630df Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 4 Jun 2016 18:52:43 +0200 Subject: [PATCH 23/36] Slacktee added --- files/slacktee.conf | 13 + files/slacktee.conf.j2 | 13 + files/slacktee.sh | 605 +++++++++++++++++++++++++++++++++++++++++ install.sn.yml | 4 + 4 files changed, 635 insertions(+) create mode 100644 files/slacktee.conf create mode 100644 files/slacktee.conf.j2 create mode 100644 files/slacktee.sh diff --git a/files/slacktee.conf b/files/slacktee.conf new file mode 100644 index 0000000..375e2ac --- /dev/null +++ b/files/slacktee.conf @@ -0,0 +1,13 @@ +# ---------- +# Configuration +# Describes the Incoming Webhook allowing you to post messages into Slack. +# After the configuration, copy this file to /etc or your home directory. +# NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory. +# ---------- +webhook_url="https://hooks.slack.com/services/{{ slack_token }}" # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook +upload_token="" # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth +channel="technik" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'. +tmp_dir="/tmp" # Temporary file is created in this directory. +username="slacktee" # Default username to post messages. +icon="ghost" # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com. +attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used. diff --git a/files/slacktee.conf.j2 b/files/slacktee.conf.j2 new file mode 100644 index 0000000..375e2ac --- /dev/null +++ b/files/slacktee.conf.j2 @@ -0,0 +1,13 @@ +# ---------- +# Configuration +# Describes the Incoming Webhook allowing you to post messages into Slack. +# After the configuration, copy this file to /etc or your home directory. +# NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory. +# ---------- +webhook_url="https://hooks.slack.com/services/{{ slack_token }}" # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook +upload_token="" # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth +channel="technik" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'. +tmp_dir="/tmp" # Temporary file is created in this directory. +username="slacktee" # Default username to post messages. +icon="ghost" # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com. +attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used. diff --git a/files/slacktee.sh b/files/slacktee.sh new file mode 100644 index 0000000..bb71a90 --- /dev/null +++ b/files/slacktee.sh @@ -0,0 +1,605 @@ +#!/usr/bin/env bash + +# ---------- +# Default Configuration +# ---------- +webhook_url="" # Incoming Webhooks integration URL +upload_token="" # The user's API authentication token, only used for file uploads +channel="general" # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'. +tmp_dir="/tmp" # Temporary file is created in this directory. +username="slacktee" # Default username to post messages. +icon="ghost" # Default emoji to post messages. Don't wrap it with ':'. See http://www.emoji-cheat-sheet.com; can be a url too. +attachment="" # Default color of the attachments. If an empty string is specified, the attachments are not used. + +# ---------- +# Initialization +# ---------- +me=$(basename "$0") +title="" +mode="buffering" +link="" +textWrapper="\`\`\`" +parseMode="" +fields=() +# Since bash 3 doesn't support the associative array, we store colors and patterns separately +cond_color_colors=() +cond_color_patterns=() +found_pattern_color="" +# This color is used when 'attachment' is used without color specification +internal_default_color="#C0C0C0" + +# Since bash 3 doesn't support the associative array, we store prefixes and patterns separately +cond_prefix_prefixes=() +cond_prefix_patterns=() +found_title_prefix="" + +function show_help() +{ + echo "usage: $me [options]" + echo " options:" + echo " -h, --help Show this help." + echo " -n, --no-buffering Post input values without buffering." + echo " -f, --file Post input values as a file." + echo " -l, --link Add a URL link to the message." + echo " -c, --channel channel_name Post input values to specified channel or user." + echo " -u, --username user_name This username is used for posting." + echo " -i, --icon emoji_name|url This icon is used for posting. You can use a word" + echo " from http://www.emoji-cheat-sheet.com or a direct url to an image." + echo " -t, --title title_string This title is added to posts." + echo " -m, --message-formatting format Switch message formatting (none|link_names|full)." + echo " See https://api.slack.com/docs/formatting for more details." + echo " -p, --plain-text Don't surround the post with triple backticks." + echo " -a, --attachment [color] Use attachment (richly-formatted message)" + echo " Color can be 'good','warning','danger' or any hex color code (eg. #439FE0)" + echo " See https://api.slack.com/docs/attachments for more details." + echo " -e, --field title value Add a field to the attachment. You can specify this multiple times." + echo " -s, --short-field title value Add a short field to the attachment. You can specify this multiple times." + echo " -o, --cond-color color pattern Change the attachment color if the specified Regex pattern matches the input." + echo " You can specify this multile times." + echo " If more than one pattern matches, the latest matched pattern is used." + echo " -d, --cond-prefix prefix pattern This prefix is added to the message, if the specified Regex pattern matches the input." + echo " You can specify this multile times." + echo " If more than one pattern matches, the latest matched pattern is used." + echo " --config config_file Specify the location of the config file." + echo " --setup Setup slacktee interactively." +} + + + +function send_message() +{ + message="$1" + + # Prepend the prefix to the message, if it's set + if [[ -z $attachment && -n $found_pattern_prefix ]]; then + message="$found_pattern_prefix$message" + # Clear conditional prefix for the nest send + found_pattern_prefix="" + fi + + escaped_message=$(echo "$textWrapper\n$message\n$textWrapper" | sed 's/"/\\"/g' | sed "s/'/\\'/g" ) + message_attr="" + if [[ $message != "" ]]; then + if [[ -n $attachment ]]; then + + # Set message color + message_color="$attachment" + if [[ -n $found_pattern_color ]]; then + message_color="$found_pattern_color" + # Reset with the default color for the next send + found_pattern_color="$attachment" + fi + + message_attr="\"attachments\": [{ \"color\": \"$message_color\", \"mrkdwn_in\": [\"text\", \"fields\"], \"text\": \"$escaped_message\" " + + if [[ -n $found_pattern_prefix ]]; then + title="$found_pattern_prefix $title" + # Clear conditional prefix for the nest send + found_pattern_prefix="" + fi + + if [[ -n $title ]]; then + message_attr="$message_attr, \"title\": \"$title\" " + fi + + if [[ -n $link ]]; then + message_attr="$message_attr, \"title_link\": \"$link\" " + fi + + if [[ $mode == "file" ]]; then + fields+=("{\"title\": \"Access URL\", \"value\": \"$access_url\" }") + fields+=("{\"title\": \"Download URL\", \"value\": \"$download_url\"}") + fi + + if [[ ${#fields[@]} != 0 ]]; then + message_attr="$message_attr, \"fields\": [" + for field in "${fields[@]}"; do + message_attr="$message_attr $field," + done + message_attr=${message_attr%?} # Remove last comma + message_attr="$message_attr ]" + fi + + # Close attachment + message_attr="$message_attr }], " + else + message_attr="\"text\": \"$escaped_message\"," + fi + + icon_url="" + icon_emoji="" + if echo "$icon" | grep -q "^https\?://.*"; then + icon_url="$icon" + else + icon_emoji=":$icon:" + fi + + json="{\"channel\": \"$channel\", \"username\": \"$username\", $message_attr \"icon_emoji\": \"$icon_emoji\", \"icon_url\": \"$icon_url\" $parseMode}" + post_result=$(curl -X POST --data-urlencode "payload=$json" "$webhook_url" 2> /dev/null) + exit_code=1 + if [[ $post_result == "ok" ]]; then + exit_code=0 + fi + fi +} + +function process_line() +{ + echo "$1" + line="$(echo "$1" | sed $'s/\t/ /g')" + + # Check the patterns of the conditional colors + # If more than one pattern matches, the latest pattern is used + if [[ ${#cond_color_patterns[@]} != 0 ]]; then + for i in "${!cond_color_patterns[@]}"; do + if [[ $line =~ ${cond_color_patterns[$i]} ]]; then + found_pattern_color=${cond_color_colors[$i]} + fi + done + fi + + # Check the patterns of the conditional titles + # If more than one pattern matches, the latest pattern is used + if [[ ${#cond_prefix_patterns[@]} != 0 ]]; then + for i in "${!cond_prefix_patterns[@]}"; do + if [[ $line =~ ${cond_prefix_patterns[$i]} ]]; then + found_pattern_prefix=${cond_prefix_prefixes[$i]} + if [[ -n $attachment || $mode != "no-buffering" ]]; then + # Append a line break to the prefix for better formatting + found_pattern_prefix="$found_pattern_prefix\n" + else + # Append a space to the prefix for better formatting + found_pattern_prefix="$found_pattern_prefix " + fi + fi + done + fi + + if [[ $mode == "no-buffering" ]]; then + prefix='' + if [[ -z $attachment ]]; then + prefix=$title + fi + send_message "$prefix$line" + elif [[ $mode == "file" ]]; then + echo "$line" >> "$filename" + else + if [[ -z "$text" ]]; then + text="$line" + else + text="$text\n$line" + fi + fi +} + +function setup() +{ + if [[ -z "$HOME" ]]; then + echo "\$HOME is not defined. Please set it first." + exit 1 + fi + + local_conf="$HOME/.slacktee" + + if [[ -e "$local_conf" ]]; then + echo ".slacktee is found in your home directory." + read -p "Are you sure to overwrite it? [y/n] :" choice + case "$choice" in + y|Y ) + # Continue + ;; + * ) + exit 0 # Abort + ;; + esac + fi + + # Load current local config + . $local_conf + + # Start setup + read -p "Incoming Webhook URL [$webhook_url]: " input_webhook_url + if [[ -z "$input_webhook_url" ]]; then + input_webhook_url=$webhook_url + fi + read -p "Upload Token [$upload_token]: " input_upload_token + if [[ -z "$input_upload_token" ]]; then + input_upload_token=$upload_token + fi + read -p "Temporary Directory [$tmp_dir]: " input_tmp_dir + if [[ -z "$input_tmp_dir" ]]; then + input_tmp_dir=$tmp_dir + fi + read -p "Default Channel [$channel]: " input_channel + if [[ -z "$input_channel" ]]; then + input_channel=$channel + fi + read -p "Default Username [$username]: " input_username + if [[ -z "$input_username" ]]; then + input_username=$username + fi + read -p "Default Icon: [$icon]: " input_icon + if [[ -z "$input_icon" ]]; then + input_icon=$icon + fi + read -p "Default color of the attachment. (empty string disables attachment) [$attachment]: " input_attachment + if [[ -z "$input_attachment" ]]; then + input_attachment=$attachment + elif [[ $input_attachment == '""' || $input_attachment == "''" ]]; then + input_attachment="" + fi + + cat <<- EOF | sed 's/^[[:space:]]*//' > "$local_conf" + webhook_url="$input_webhook_url" + upload_token="$input_upload_token" + tmp_dir="$input_tmp_dir" + channel="$input_channel" + username="$input_username" + icon="$input_icon" + attachment="$input_attachment" + EOF +} + +# ---------- +# Parse command line options +# ---------- +OPTIND=1 + +while [[ $# -gt 0 ]]; do + opt="$1" + shift + + case "$opt" in + -h|\?|--help) + show_help + exit 0 + ;; + -n|--no-buffering) + mode="no-buffering" + ;; + -f|--file) + mode="file" + ;; + -l|--link) + link="$1" + shift + ;; + -c|--channel) + opt_channel="$1" + shift + ;; + -u|--username) + opt_username="$1" + shift + ;; + -i|--icon) + opt_icon="$1" + shift + ;; + -t|--title) + title="$1" + shift + ;; + -d|--cond-prefix) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "a prefix of the conditional title was not specified" + show_help + exit 1 + ;; + *) + # Prefix should be found + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "a pattern of the conditional title was not specified" + show_help + exit 1 + ;; + *) + # Set the prefix and the pattern to arrays + cond_prefix_prefixes+=("$1") + cond_prefix_patterns+=("$2") + shift + shift + ;; + esac + ;; + esac + ;; + -m|--message-formatting) + case "$1" in + none) + parseMode=', "parse": "none"' + ;; + link_names) + parseMode=', "link_names": "1"' + ;; + full) + parseMode=', "parse": "full"' + ;; + *) + echo "unknown message formatting option" + show_help + exit 1 + ;; + esac + shift + ;; + -p|--plain-text) + textWrapper="" + ;; + + -a|--attachment) + case "$1" in + -*|'') + # Found next command line option + opt_attachment="$internal_default_color" # Use default color + ;; + \#*|good|warning|danger) + # Found hex color code or predefined colors + opt_attachment="$1" + shift + ;; + *) + echo "unknown attachment color" + show_help + exit 1 + ;; + esac + ;; + -o|--cond-color) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "a color of the conditional color was not specified" + show_help + exit 1 + ;; + \#*|good|warning|danger) + # Found hex color code or predefined colors + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "a pattern of the conditional color was not specified" + show_help + exit 1 + ;; + *) + # Set the color and the pattern to arrays + cond_color_colors+=("$1") + cond_color_patterns+=("$2") + shift + shift + ;; + esac + ;; + *) + echo "unknown attachment color $1" + show_help + exit 1 + ;; + esac + ;; + -e|-s|--field|--short-field) + case "$1" in + -*|'') + # Found next command line option or empty. Error. + echo "field title was not specified" + show_help + exit 1 + ;; + *) + case "$2" in + -*|'') + # Found next command line option or empty. Error. + echo "field value was not specified" + show_help + exit 1 + ;; + *) + if [[ $opt == "-s" || $opt == "--short-field" ]]; then + fields+=("{\"title\": \"$1\", \"value\": \"$2\", \"short\": true}") + else + fields+=("{\"title\": \"$1\", \"value\": \"$2\"}") + fi + shift + shift + ;; + esac + esac + ;; + --config) + CUSTOM_CONFIG=$1 + shift + ;; + --setup) + setup + exit 1 + ;; + *) + echo "illegal option $opt" + show_help + exit 1 + ;; + esac +done + +# --------- +# Read in our configurations +# --------- +if [[ -e "/etc/slacktee.conf" ]]; then + . /etc/slacktee.conf +fi + +if [[ -n "$HOME" && -e "$HOME/.slacktee" ]]; then + . "$HOME/.slacktee" +fi + +if [[ -e "$CUSTOM_CONFIG" ]]; then + . $CUSTOM_CONFIG +fi + +# Overwrite webhook_url if the environment variable SLACKTEE_WEBHOOK is set +if [[ "$SLACKTEE_WEBHOOK" != "" ]]; then + webhook_url="$SLACKTEE_WEBHOOK" +fi + +# Overwrite upload_token if the environment variable SLACKTEE_TOKEN is set +if [[ "$SLACKTEE_TOKEN" != "" ]]; then + upload_token="$SLACKTEE_TOKEN" +fi + +# Overwrite channel if it's specified in the command line option +if [[ "$opt_channel" != "" ]]; then + channel="$opt_channel" +fi + +# Overwrite username if it's specified in the command line option +if [[ "$opt_username" != "" ]]; then + username="$opt_username" +fi + +# Overwrite icon if it's specified in the command line option +if [[ "$opt_icon" != "" ]]; then + icon="$opt_icon" +fi + +# Overwrite attachment if it's specified in the command line option +if [[ "$opt_attachment" != "" ]]; then + attachment="$opt_attachment" +fi + +# Set the default color to attachment if it's still empty and the length of the cond_color_patterns is not 0 +if [[ -z $attachment ]] && [[ ${#cond_color_patterns[@]} != 0 ]]; then + attachment="$internal_default_color" +fi + +# ---------- +# Validate configurations +# ---------- + +if [[ $webhook_url == "" ]]; then + echo "Please setup the webhook url of this incoming webhook integration." + exit 1 +fi + +if [[ $upload_token == "" && $mode == "file" ]]; then + echo "Please provide the authentication token for file uploads." + exit 1 +fi + +if [[ $channel == "" ]]; then + echo "Please specify a channel." + exit 1 +elif [[ ( "$channel" != "#"* ) && ( "$channel" != "@"* ) ]]; then + channel="#$channel" +fi + +if [[ -n "$icon" ]]; then + icon=${icon#:} # remove leading ':' + icon=${icon%:} # remove trailing ':' +fi + +# ---------- +# Start script +# ---------- + +text="" +if [[ -n "$title" || -n "$link" ]]; then + # Use link as title, if title is not specified + if [[ -z "$title" ]]; then + title="$link" + fi + + # Add title to filename in the file mode + if [[ "$mode" == "file" ]]; then + filetitle=$(echo "$title"|sed 's/[ /:.]//g') + filetitle="$filetitle-" + fi + + if [[ -z "$attachment" ]]; then + if [[ "$mode" == "no-buffering" ]]; then + if [[ -n "$link" ]]; then + title="<$link|$title>: " + else + title="$title: " + fi + elif [[ "$mode" == "file" ]]; then + if [[ -n "$link" ]]; then + title="<$link|$title>" + fi + else + if [[ -n "$link" ]]; then + text="-- <$link|$title> --\n" + else + text="-- $title --\n" + fi + fi + fi +fi + +timestamp="$(date +'%m%d%Y-%H%M%S')" +filename="$tmp_dir/$filetitle$$-$timestamp.log" + +if [[ "$mode" == "file" ]]; then + touch $filename +fi + +exit_code=0 + +while IFS='' read line; do + process_line "$line" +done +if [[ -n $line ]]; then + process_line "$line" +fi + +if [[ "$mode" == "buffering" ]]; then + send_message "$text" +elif [[ "$mode" == "file" ]]; then + if [[ -s "$filename" ]]; then + channels_param="" + if [[ ( "$channel" == "#"* ) ]]; then + # Set channels for making the file public + channels_param="-F channels=$channel" + fi + result="$(curl -F file=@"$filename" -F token="$upload_token" $channels_param https://slack.com/api/files.upload 2> /dev/null)" + access_url="$(echo "$result" | awk 'match($0, /url_private":"([^"]*)"/) {print substr($0, RSTART+14, RLENGTH-15)}'|sed 's/\\//g')" + download_url="$(echo "$result" | awk 'match($0, /url_private_download":"([^"]*)"/) {print substr($0, RSTART+23, RLENGTH-24)}'|sed 's/\\//g')" + if [[ -n "$attachment" ]]; then + text="Input file has been uploaded" + else + if [[ "$title" != "" ]]; then + title=" of $title" + fi + text="Input file$title has been uploaded.\n$access_url\n\nYou can download it from the link below.\n$download_url" + fi + send_message "$text" + fi + # Clean up the temp file + rm "$filename" +fi + +exit $exit_code \ No newline at end of file diff --git a/install.sn.yml b/install.sn.yml index fa35b42..11d091f 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -284,6 +284,10 @@ get_url: url=https://raw.githubusercontent.com/MightySCollins/speedtest-cli/master/speedtest_cli.py dest=/usr/bin/speedtest-cli - name: Change rights speedtest-cli file: path=/usr/bin/speedtest-cli owner=root group=root mode=0755 + - name: Copy Slacktee Config + template: src=./files/slacktee.conf.j2 dest=/etc/slacktee.conf owner=root group=root mode=0544 + - name: Copy Slacktee + copy: src=./files/slacktee.sh dest=/usr/local/bin/slacktee.sh owner=root group=root mode=0744 - name: set netfilter rules lineinfile: dest=/etc/sysctl.conf line="{{ item }}" with_items: From f820cea8387764dfc9e1452410a333652690afb2 Mon Sep 17 00:00:00 2001 From: stebifan Date: Mon, 6 Jun 2016 22:10:52 +0200 Subject: [PATCH 24/36] Update keepalive.exit.sh.j2 --- files/keepalive.exit.sh.j2 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index 1e0c767..55514ec 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -45,7 +45,7 @@ while [ true ] ; do # functions # # Supernode off # supernode_off () { - $BATCTL gw off + /usr/local/sbin/batctl gw off /usr/sbin/service bird6 stop /usr/sbin/service bird stop /usr/sbin/service tunneldigger stop @@ -57,7 +57,7 @@ while [ true ] ; do } # Supernode on # supernode_on () { - $BATCTL gw server 100Mbit/100Mbit + /usr/local/sbin/batctl gw server 100Mbit/100Mbit /usr/sbin/service bird6 start /usr/sbin/service bird start /usr/sbin/service tunneldigger start @@ -69,7 +69,7 @@ while [ true ] ; do } # Supernode Backup Mode supernode_backup () { - $BATCTL gw server 100Mbit/100Mbit + /usr/local/sbin/batctl gw server 100Mbit/100Mbit /usr/sbin/service bird6 start /usr/sbin/service bird start /usr/sbin/service tunneldigger start @@ -81,7 +81,7 @@ while [ true ] ; do } # Restart Services # supernode_fail () { - $BATCTL gw off + /usr/local/sbin/batctl gw off /usr/sbin/service bird6 restart /usr/sbin/service bird restart /usr/sbin/service tunneldigger restart @@ -92,7 +92,7 @@ while [ true ] ; do } #Check other Supernode if [ $mode != "0" ]; then - if [ $mode == "1" ]; then + if [ $mode = "1" ]; then nc -zvu $other_SN_DNS 53842 if [ $? -eq 0 ]; then if [ $online = 2 ]; then @@ -109,9 +109,9 @@ while [ true ] ; do if [ $? -eq 0 ]; then if [ $online = 0 ]; then echo "Ich bin jetzt Supernode!" | $slack - elif [ $mode == 1 ]; then + elif [ $mode = 1 ]; then supernode_on - elif [ $mode == 2 ]; then + elif [ $mode = 2 ]; then supernode_backup fi else From b463cdaec69766eaefbd1fb472ab5d8ae05a9166 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sat, 11 Jun 2016 13:57:07 +0200 Subject: [PATCH 25/36] New L2tp Tunnels to Map Server --- files/l2tp_backbone.sh.exit.j2 | 54 +++++++--------------------------- 1 file changed, 11 insertions(+), 43 deletions(-) diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index f56d720..5b2e818 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -1,50 +1,19 @@ #!/bin/sh -# Version 8 - -sleep 120 - -# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!! -communityname="troisdorf" -server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9" -#server="troisdorf7 {{ sn_hostname }}" -domain="freifunk-troisdorf.de" -mtu={{ sn_mtu }} -# community MAC address, without the last Byte (:)! -communitymacaddress="a2:8c:ae:6f:f6" -tunnelPrefix=10 -sessionPrefix=1 -# Netzwerkteil des Netzes, ohne abschliessenden Punkt -#communitynetwork="10.188" -# IPv6 network -#communitynetworkv6="fda0:747e:ab29:7405:255::" -#communitynetworkv6="2a03:2260:121::" -# Drittes Octet des serverbereichs -#octet3rd="255" -# CIDR muss /16 sein -localserver=$(/bin/hostname) -batadv=/usr/local/sbin/batadv-vis +# Version 9 +sleep 60 batctl=/usr/local/sbin/batctl ip=/sbin/ip -dig=/usr/bin/dig +communitymacaddress="a2:8c:ae:6f:f6" +localserver=$(/bin/hostname) -#for i in $server; do -#( -# for j in $server; do -# if [ $i != $j ]; then -# if [ $i = $localserver ]; then -# ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname} -# ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname} -# #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j -# ip link set dev l2tp-$j mtu $mtu -# ip link set up l2tp-$j -# $batctl if add l2tp-$j -# fi -# fi -# done -#) -#done +# L2tp to Map +$ip l2tp add tunnel remote 138.201.70.103 local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id {{ sn_number }}0 peer_tunnel_id 0{{ sn_number }} encap udp udp_sport 300{{ sn_number }}0 udp_dport 3000{{ sn_number }} +$ip l2tp add session name l2tp-map tunnel_id {{ sn_number }}0 session_id 1{{ sn_number }}0 peer_session_id 2{{ sn_number }}0 +$ip link set dev l2tp-map mtu 1312 +$ip link set up l2tp-map +$batctl if add l2tp-map -# Rest starten +# Rest Starten $ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 $ip link set up dev bat0 $ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0 @@ -57,4 +26,3 @@ $ip -6 route add 2a03:2260:121::/56 via {{ sn_mesh_IPv6_xfer }} /usr/bin/killall batadv-vis /bin/sleep 15 $batadv -i bat0 -s > /dev/null 2>&1 & - From 9b0ce65402829d00849d9477dacabe0e1694830c Mon Sep 17 00:00:00 2001 From: stebifan Date: Sat, 11 Jun 2016 17:55:25 +0200 Subject: [PATCH 26/36] Update l2tp_backbone.sh.exit.j2 --- files/l2tp_backbone.sh.exit.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index 5b2e818..00512c6 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -5,6 +5,7 @@ batctl=/usr/local/sbin/batctl ip=/sbin/ip communitymacaddress="a2:8c:ae:6f:f6" localserver=$(/bin/hostname) +communityname=troisdorf # L2tp to Map $ip l2tp add tunnel remote 138.201.70.103 local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id {{ sn_number }}0 peer_tunnel_id 0{{ sn_number }} encap udp udp_sport 300{{ sn_number }}0 udp_dport 3000{{ sn_number }} From fb3113837a526bd462befef897e266f9ce7ed762 Mon Sep 17 00:00:00 2001 From: Stefan Hoffmann Date: Sat, 2 Jul 2016 20:29:43 +0200 Subject: [PATCH 27/36] DHCP Bugfix --- files/dhcpd.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/dhcpd.conf.j2 b/files/dhcpd.conf.j2 index 8cd5205..899c9fd 100644 --- a/files/dhcpd.conf.j2 +++ b/files/dhcpd.conf.j2 @@ -4,7 +4,7 @@ option domain-name "fftdf"; default-lease-time 300; max-lease-time 3600; log-facility local7; -subnet {{ sn_mesh_IPv4_net }} netmask 255.255.224.0 { +subnet 10.188.0.0 netmask 255.255.0.0 { authoritative; range {{ sn_dhcp_range }}; option domain-name-servers {{ sn_mesh_IPv4 }}; From a8ec5b477c58dfc444cbd2c3b0602e7fc3ab0fc7 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Sat, 2 Jul 2016 23:11:08 +0200 Subject: [PATCH 28/36] IPv6 address changing --- files/bird6-troisdorf5.conf | 2 +- files/interfaces-troisdorf5 | 2 +- files/interfaces-troisdorf7 | 2 +- files/l2tp_backbone.sh.exit.j2 | 7 +++++-- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/files/bird6-troisdorf5.conf b/files/bird6-troisdorf5.conf index 37d46b5..d2cc760 100644 --- a/files/bird6-troisdorf5.conf +++ b/files/bird6-troisdorf5.conf @@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64}, } filter hostroute { - if net ~ 2a03:2260:121::/48 then accept; + if net ~ 2a03:2260:121:5000::/52 then accept; reject; } diff --git a/files/interfaces-troisdorf5 b/files/interfaces-troisdorf5 index 7f1c8eb..fea611f 100644 --- a/files/interfaces-troisdorf5 +++ b/files/interfaces-troisdorf5 @@ -9,7 +9,7 @@ iface lo inet loopback up ip address add 185.66.193.105/32 dev lo iface lo inet6 loopback - up ip address add 2a03:2260:121::105/48 dev lo + up ip address add 203:2260:121:5000::105/52 dev lo # The primary network interface diff --git a/files/interfaces-troisdorf7 b/files/interfaces-troisdorf7 index eb8e58b..f15278e 100644 --- a/files/interfaces-troisdorf7 +++ b/files/interfaces-troisdorf7 @@ -15,7 +15,7 @@ iface lo inet6 loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static - address 163.172.194.197 + address 212.83.154.70 netmask 255.255.255.255 gateway 163.172.210.1 pointopoint 163.172.210.1 diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index f56d720..de6813f 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -51,8 +51,11 @@ $ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0 $ip -6 addr add {{ sn_mesh_IPv6 }}/64 dev bat0 $ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} table 42 $ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} -$ip -6 route add 2a03:2260:121::/56 via {{ sn_mesh_IPv6_xfer }} table 42 -$ip -6 route add 2a03:2260:121::/56 via {{ sn_mesh_IPv6_xfer }} + +$ip -6 route add 2a03:2260:121:4000::/52 via {{ sn_mesh_IPv6_xfer }} table 42 +$ip -6 route add 2a03:2260:121:5000::/52 via {{ sn_mesh_IPv6_xfer }} table 42 +$ip -6 route add 2a03:2260:121:6000::/52 via {{ sn_mesh_IPv6_xfer }} table 42 +$ip -6 route add 2a03:2260:121:7000::/52 via {{ sn_mesh_IPv6_xfer }} table 42 /usr/bin/killall batadv-vis /bin/sleep 15 From 8142813fb877ba6518329c6eac7e159f27e042db Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 10 Jul 2016 23:01:11 +0200 Subject: [PATCH 29/36] Update collectd.conf.j2 --- files/collectd.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/collectd.conf.j2 b/files/collectd.conf.j2 index 9090e4d..de68c08 100644 --- a/files/collectd.conf.j2 +++ b/files/collectd.conf.j2 @@ -36,7 +36,7 @@ LoadPlugin filecount - Host "10.188.1.27" + Host "10.188.0.10" Port "2003" Prefix "collectd.gateways." StoreRates true From 20d9e60f5f632b6534c7ce863b1d3ef5ed3f29ea Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 10 Jul 2016 23:01:56 +0200 Subject: [PATCH 30/36] Update db.fftdf.j2 --- files/fftdf/db.fftdf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/fftdf/db.fftdf.j2 b/files/fftdf/db.fftdf.j2 index a4e2764..da6b5b6 100644 --- a/files/fftdf/db.fftdf.j2 +++ b/files/fftdf/db.fftdf.j2 @@ -17,7 +17,7 @@ localhost IN A 127.0.0.1 nextnode IN A 10.188.0.1 IN AAAA 2a03:2260:121::1 ;;This Supernode -{{ sn_hostname }}.infra.fftdf IN A {{ sn_mesh_IPv4 }} +{{ sn_hostname }}.infra IN A {{ sn_mesh_IPv4 }} IN AAAA {{ sn_mesh_IPv6 }} ;; Update Servers update1.infra IN AAAA 2a03:2260:121::22 From 41f7457a0e65e44ef5f63ee3cc332b36573981f8 Mon Sep 17 00:00:00 2001 From: stebifan Date: Mon, 11 Jul 2016 19:35:03 +0200 Subject: [PATCH 31/36] Update keepalive.exit.sh.j2 --- files/keepalive.exit.sh.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index 55514ec..bf54618 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -93,7 +93,7 @@ while [ true ] ; do #Check other Supernode if [ $mode != "0" ]; then if [ $mode = "1" ]; then - nc -zvu $other_SN_DNS 53842 + /bin/nc -zvu $other_SN_DNS 53842 if [ $? -eq 0 ]; then if [ $online = 2 ]; then echo "Supernode wieder online. Backup Modus abgeschaltet" | $slack @@ -105,7 +105,7 @@ while [ true ] ; do fi fi # Check this Supernode - ping -q -c5 $my_SN_IP -I eth0 > /dev/null + /bin/ping -q -c5 $my_SN_IP -I eth0 > /dev/null if [ $? -eq 0 ]; then if [ $online = 0 ]; then echo "Ich bin jetzt Supernode!" | $slack @@ -136,7 +136,7 @@ while [ true ] ; do fi done # Check DNS Server - host google.de $meship + /usr/bin/host google.de $meship if [ "$?" != "0" ]; then service bind9 restart if [ $mode != "0" ]; then From eb4e17b27178aa3d145496a3cf60eaab8c2a2714 Mon Sep 17 00:00:00 2001 From: Ansible Admin Date: Mon, 11 Jul 2016 19:44:11 +0200 Subject: [PATCH 32/36] New IPv6 net to SN #4,#5,#7 --- files/bird6-troisdorf4.conf | 2 +- files/bird6-troisdorf6.conf | 2 +- files/bird6-troisdorf7.conf | 2 +- files/interfaces-troisdorf4 | 2 +- files/interfaces-troisdorf6 | 2 +- files/interfaces-troisdorf7 | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/files/bird6-troisdorf4.conf b/files/bird6-troisdorf4.conf index 08566f9..570e6fa 100644 --- a/files/bird6-troisdorf4.conf +++ b/files/bird6-troisdorf4.conf @@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64}, } filter hostroute { - if net ~ 2a03:2260:121::/48 then accept; + if net ~ 2a03:2260:121:4000::/52 then accept; reject; } diff --git a/files/bird6-troisdorf6.conf b/files/bird6-troisdorf6.conf index 944c19d..2ad3a69 100644 --- a/files/bird6-troisdorf6.conf +++ b/files/bird6-troisdorf6.conf @@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64}, } filter hostroute { - if net ~ 2a03:2260:121::/48 then accept; + if net ~ 03:2260:121:6000::/52 then accept; reject; } diff --git a/files/bird6-troisdorf7.conf b/files/bird6-troisdorf7.conf index b2c0aa0..05f087f 100644 --- a/files/bird6-troisdorf7.conf +++ b/files/bird6-troisdorf7.conf @@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64}, } filter hostroute { - if net ~ 2a03:2260:121::/48 then accept; + if net ~ 2a03:2260:121:7000::/52 then accept; reject; } diff --git a/files/interfaces-troisdorf4 b/files/interfaces-troisdorf4 index 995ae25..3784e32 100644 --- a/files/interfaces-troisdorf4 +++ b/files/interfaces-troisdorf4 @@ -9,7 +9,7 @@ iface lo inet loopback up ip address add 185.66.193.104/32 dev lo iface lo inet6 loopback - up ip address add 2a03:2260:121::104/48 dev lo + up ip address add 2a03:2260:121:4000::105/52 dev lo # The primary network interface diff --git a/files/interfaces-troisdorf6 b/files/interfaces-troisdorf6 index 2cfdec5..ceb6352 100644 --- a/files/interfaces-troisdorf6 +++ b/files/interfaces-troisdorf6 @@ -9,7 +9,7 @@ iface lo inet loopback up ip address add 185.66.193.106/32 dev lo iface lo inet6 loopback - up ip address add 2a03:2260:121::106/48 dev lo + up ip address add 2a03:2260:121:6000::105/52 dev lo # The primary network interface diff --git a/files/interfaces-troisdorf7 b/files/interfaces-troisdorf7 index f15278e..a17ba81 100644 --- a/files/interfaces-troisdorf7 +++ b/files/interfaces-troisdorf7 @@ -9,7 +9,7 @@ iface lo inet loopback up ip address add 185.66.193.107/32 dev lo iface lo inet6 loopback - up ip address add 2a03:2260:121::107/48 dev lo + up ip address add 2a03:2260:121:7000::105/52 dev lo # The primary network interface From f8f2e469dd2728f13c947c8a081167c39989a168 Mon Sep 17 00:00:00 2001 From: stebifan Date: Mon, 11 Jul 2016 20:25:11 +0200 Subject: [PATCH 33/36] Update bird6-troisdorf6.conf --- files/bird6-troisdorf6.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/bird6-troisdorf6.conf b/files/bird6-troisdorf6.conf index 2ad3a69..0864ac2 100644 --- a/files/bird6-troisdorf6.conf +++ b/files/bird6-troisdorf6.conf @@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64}, } filter hostroute { - if net ~ 03:2260:121:6000::/52 then accept; + if net ~ 2a03:2260:121:6000::/52 then accept; reject; } From 19a17cc97fade2f9a0e8a83685d4fe7e2ccd2702 Mon Sep 17 00:00:00 2001 From: stebifan Date: Wed, 20 Jul 2016 21:14:37 +0200 Subject: [PATCH 34/36] Update l2tp_backbone.sh.exit.j2 --- files/l2tp_backbone.sh.exit.j2 | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index ff7c7fd..6f98526 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -30,3 +30,12 @@ $ip -6 route add 2a03:2260:121:7000::/52 via {{ sn_mesh_IPv6_xfer }} table 42 /usr/bin/killall batadv-vis /bin/sleep 15 $batadv -i bat0 -s > /dev/null 2>&1 & +/bin/sleep 15 +/usr/sbin/service tunneldigger restart +/usr/sbin/service bind9 restart +/usr/sbin/service bird restart +/usr/sbin/service bird6 restart +/usr/sbin/service isc-dhcp-server restart +/usr/sbin/service radvd restart +$batctl gw server + From 322874b4a506b5026e7a45d2a0c5b79314e42ceb Mon Sep 17 00:00:00 2001 From: stebifan Date: Wed, 20 Jul 2016 21:15:59 +0200 Subject: [PATCH 35/36] Update install.sn.yml --- install.sn.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/install.sn.yml b/install.sn.yml index 11d091f..30857f5 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -208,9 +208,9 @@ template: src=./files/keepalive.exit.sh.j2 dest=/opt/freifunk/keepalive.sh owner=root group=root mode=0500 register: check_gw when: sn_exit is defined - - name: Add cron job with check gateway script - cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" - when: check_gw.changed +# - name: Add cron job with check gateway script +# cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" +# when: check_gw.changed - name: Supernode Config script super- and exitnode copy: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500 when: sn_exit is defined From 9dc4de92b55468d58d275d1aa58092dae6bd30a0 Mon Sep 17 00:00:00 2001 From: stebifan Date: Fri, 29 Jul 2016 19:01:38 +0200 Subject: [PATCH 36/36] Update l2tp_backbone.sh.exit.j2 --- files/l2tp_backbone.sh.exit.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/l2tp_backbone.sh.exit.j2 b/files/l2tp_backbone.sh.exit.j2 index 6f98526..b304e52 100644 --- a/files/l2tp_backbone.sh.exit.j2 +++ b/files/l2tp_backbone.sh.exit.j2 @@ -37,5 +37,5 @@ $batadv -i bat0 -s > /dev/null 2>&1 & /usr/sbin/service bird6 restart /usr/sbin/service isc-dhcp-server restart /usr/sbin/service radvd restart -$batctl gw server +$batctl gw server 100Mbit/100Mbit