From 2aa14d4c384b775c7a0433f122f358ff07e2b027 Mon Sep 17 00:00:00 2001 From: stebifan Date: Tue, 12 Apr 2016 22:46:27 +0200 Subject: [PATCH 01/11] Delete keepalive.sh --- files/keepalive.sh | 51 ---------------------------------------------- 1 file changed, 51 deletions(-) delete mode 100644 files/keepalive.sh diff --git a/files/keepalive.sh b/files/keepalive.sh deleted file mode 100644 index 19c28dc..0000000 --- a/files/keepalive.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash -# Version 1.6 -# Parameter setzen -GATEWAY1ext=185.66.193.105 -GATEWAY2ext=185.66.193.106 -GATEWAY1=10.188.255.5 -GATEWAY2=10.188.255.6 -GATEWAY1v6=2a03:2260:121::255:5 -GATEWAY2v6=2a03:2260:121::255:6 -IP=/sbin/ip -PING=/bin/ping -BATCTL=/usr/local/sbin/batctl - -#if [ "hostname = troisdorf1 | troisdorf2" ] -if [ $(hostname) = "troisdorf1" ] || [ $(hostname) = "troisdorf2" ] - then - DEFAULT_GATEWAY=$GATEWAY1 - DEFAULT_GATEWAYext=$GATEWAY1ext - FALLBACK_GATEWAY=$GATEWAY2 - FALLBACK_GATEWAYext=$GATEWAY2ext - DEFAULT_GATEWAYv6=$GATEWAY1v6 - FALLBACK_GATEWAYv6=$GATEWAY2v6 - else - DEFAULT_GATEWAY=$GATEWAY2 - DEFAULT_GATEWAYext=$GATEWAY2ext - FALLBACK_GATEWAY=$GATEWAY1 - FALLBACK_GATEWAYext=$GATEWAY1ext - DEFAULT_GATEWAYv6=$GATEWAY2v6 - FALLBACK_GATEWAYv6=$GATEWAY1v6 - -fi - -if $PING -c 1 $DEFAULT_GATEWAYext - then - $IP route replace default via $DEFAULT_GATEWAY table 42 - $IP -6 route replace default via $DEFAULT_GATEWAYv6 table 42 - $BATCTL gw server 100Mbit/100Mbit - echo "Gateway erreichbar" - else - if $PING -c 1 $FALLBACK_GATEWAYext - then - $IP route replace default via $FALLBACK_GATEWAY table 42 - $IP -6 route replace default via $FALLBACK_GATEWAYv6 table 42 - $BATCTL gw server 80Mbit/80Mbit - echo "Nun FALLBACK_GATEWAY" - else - $BATCTL gw off - #Kein Gateway erreichbar, batctl gw off - fi -fi - From 074d419117e9c2b4e3d5b8589a0d40fec56a45f5 Mon Sep 17 00:00:00 2001 From: stebifan Date: Tue, 12 Apr 2016 22:46:49 +0200 Subject: [PATCH 02/11] Delete l2tp_backbone.sh.j2 --- files/l2tp_backbone.sh.j2 | 55 --------------------------------------- 1 file changed, 55 deletions(-) delete mode 100644 files/l2tp_backbone.sh.j2 diff --git a/files/l2tp_backbone.sh.j2 b/files/l2tp_backbone.sh.j2 deleted file mode 100644 index 82dd19c..0000000 --- a/files/l2tp_backbone.sh.j2 +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/sh -# Version 6 -# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!! -communityname="troisdorf" -server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9" -#server="troisdorf7 {{ sn_hostname }}" -domain="freifunk-troisdorf.de" -mtu={{ sn_mtu }} -# community MAC address, without the last Byte (:)! -communitymacaddress="a2:8c:ae:6f:f6" -tunnelPrefix=10 -sessionPrefix=1 -# Netzwerkteil des Netzes, ohne abschliessenden Punkt -communitynetwork="10.188" -# IPv6 network -#communitynetworkv6="fda0:747e:ab29:7405:255::" -communitynetworkv6="2a03:2260:121::" -# Drittes Octet des serverbereichs -octet3rd="255" -# CIDR muss /16 sein -localserver=$(/bin/hostname) -batadv=/usr/local/sbin/batadv-vis -batctl=/usr/local/sbin/batctl -ip=/sbin/ip -dig=/usr/bin/dig - -for i in $server; do -( - for j in $server; do - if [ $i != $j ]; then - if [ $i = $localserver ]; then - ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname} - ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname} - #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j - ip link set dev l2tp-$j mtu $mtu - ip link set up l2tp-$j - $batctl if add l2tp-$j - fi - fi - done -) -done - -# Rest starten -$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 -#$ip link set address $communitymacaddress:ff dev bat0 -$ip link set up dev bat0 -$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0 -$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0 - -/usr/bin/killall batadv-vis -/bin/sleep 15 -$batadv -i bat0 -s > /dev/null 2>&1 & -/usr/sbin/service bind9 restart -/usr/local/sbin/batctl gw server 100Mbit/100Mbit From 1a833872f1437628a468e26e7dca911a1b2836a9 Mon Sep 17 00:00:00 2001 From: stebifan Date: Tue, 12 Apr 2016 22:47:01 +0200 Subject: [PATCH 03/11] Delete l2tp_backbone_ffswitch.sh.j2 --- files/l2tp_backbone_ffswitch.sh.j2 | 56 ------------------------------ 1 file changed, 56 deletions(-) delete mode 100644 files/l2tp_backbone_ffswitch.sh.j2 diff --git a/files/l2tp_backbone_ffswitch.sh.j2 b/files/l2tp_backbone_ffswitch.sh.j2 deleted file mode 100644 index abb5702..0000000 --- a/files/l2tp_backbone_ffswitch.sh.j2 +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -# Version 5 -# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!! -communityname="troisdorf" -server="troisdorf0 troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9" -#server="troisdorf0 {{ sn_hostname }}" -domain="freifunk-troisdorf.de" -mtu={{ sn_mtu }} -# community MAC address, without the last Byte (:)! -communitymacaddress="a2:8c:ae:6f:f6" -tunnelPrefix=10 -sessionPrefix=1 -# Netzwerkteil des Netzes, ohne abschliessenden Punkt -communitynetwork="10.188" -# IPv6 network -communitynetworkv6="fda0:747e:ab29:7405:255::" -# Drittes Octet des serverbereichs -octet3rd="255" -# CIDR muss /16 sein -localserver=$(/bin/hostname) -batadv=/usr/local/sbin/batadv-vis -alfred=/usr/local/sbin/alfred -batctl=/usr/local/sbin/batctl -ip=/sbin/ip -dig=/usr/bin/dig - -for i in $server; do -( - for j in $server; do - if [ $i != $j ]; then - if [ $i = $localserver ]; then - ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname} - ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname} - #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j - ip link set dev l2tp-$j mtu $mtu - ip link set up l2tp-$j - $batctl if add l2tp-$j - fi - fi - done -) -done - -# Rest starten -$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0 -#$ip link set address $communitymacaddress:ff dev bat0 -$ip link set up dev bat0 -$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0 -$ip -6 addr add $communitynetworkv6${localserver#$communityname}/64 dev bat0 - -/usr/bin/killall alfred -/usr/bin/killall batadv-vis -/bin/sleep 5 -$alfred -i bat0 > /dev/null 2>&1 & -/bin/sleep 15 -$batadv -i bat0 -s > /dev/null 2>&1 & From cd7935df447104ac41c9d23ed36a39e0e97a8bf7 Mon Sep 17 00:00:00 2001 From: stebifan Date: Tue, 12 Apr 2016 22:47:23 +0200 Subject: [PATCH 04/11] Delete sn_startup.sh.j2 --- files/sn_startup.sh.j2 | 74 ------------------------------------------ 1 file changed, 74 deletions(-) delete mode 100644 files/sn_startup.sh.j2 diff --git a/files/sn_startup.sh.j2 b/files/sn_startup.sh.j2 deleted file mode 100644 index 276e10e..0000000 --- a/files/sn_startup.sh.j2 +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/sh -# Version 1.7 - -curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":floppy_disk:"}' https://hooks.slack.com/services/{{ slack_token }} - -# Block RFC1918 and APIPA destination via WAN -/sbin/iptables -P OUTPUT ACCEPT -for i in 10.0.0.0/8 172.16.0.0/12 169.254.0.0/16 192.168.0.0/16; do -/sbin/iptables -A OUTPUT -o eth0 -d $i -j DROP -done - -# Activate IP forwarding -/sbin/sysctl -w net.ipv6.conf.all.forwarding=1 -/sbin/sysctl -w net.ipv4.ip_forward=1 - -# restart when kernel panic -/sbin/sysctl kernel.panic=1 - -# Stop tunneldigger until bat0 is up -/usr/sbin/service tunneldigger stop - -# Routing table 42 -/bin/grep 42 /etc/iproute2/rt_tables || /bin/echo 42 ffrl >> /etc/iproute2/rt_tables - -# Set table for traffice with mark 4 -/bin/ip rule add fwmark 0x4 table 42 -/bin/ip -6 rule add fwmark 0x4 table 42 - -# Set mark 4 to Freifunk traffic -/sbin/iptables -t mangle -A PREROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4 -/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/48 ! -d 2a03:2260:121::/48 -j MARK --set-mark 4 -/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/64 ! -d 2a03:2260:121::/64 -j MARK --set-mark 4 - -# NAT on eth0 -/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE - -# All from FF IPv4 via routing table 42 -/bin/ip rule add from 185.66.193.104/30 lookup 42 -/bin/ip -6 rule add from 2a03:2260:121::/64 lookup 42 - -# Allow MAC address spoofing -/sbin/sysctl net.ipv4.conf.bat0.rp_filter=0 - -# Create Tunneldigger Bridge -/sbin/brctl addbr br-nodes -/sbin/ip link set dev br-nodes up -/sbin/ebtables -A FORWARD --logical-in br-nodes -j DROP -/usr/local/sbin/batctl if add br-nodes - -sleep 5 - -# Fixing the nf_conntrack … dropping packets error -# hashsize = nf_conntrack_max / 4 -sysctl -w net.netfilter.nf_conntrack_max=131072 -echo 32768 > /sys/module/nf_conntrack/parameters/hashsize - -# Against Denial of Service attacks from internal network -# Check with: sysctl -a | grep conntrack | grep timeout -sysctl -w net.ipv4.netfilter.ip_conntrack_generic_timeout=240 -sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=54000 - -# Start tunneldigger -/bin/systemctl restart tunneldigger -/bin/systemctl enable tunneldigger - -# radvd restart -/bin/systemctl restart radvd -/bin/systemctl enable radvd - -# restart DHCP -/bin/systemctl restart isc-dhcp-server -/bin/systemctl enable isc-dhcp-server - -exit 0 From ebd72910a198f0e8d6ad5bd31c30f6136a501c2e Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 17 Apr 2016 23:11:57 +0200 Subject: [PATCH 05/11] Update keepalive.exit.sh.j2 --- files/keepalive.exit.sh.j2 | 75 +++++++++++++++++++++++--------------- 1 file changed, 46 insertions(+), 29 deletions(-) diff --git a/files/keepalive.exit.sh.j2 b/files/keepalive.exit.sh.j2 index fead088..0e7ba1a 100644 --- a/files/keepalive.exit.sh.j2 +++ b/files/keepalive.exit.sh.j2 @@ -1,13 +1,13 @@ #!/bin/bash -echo 0 > /tmp/sn_online -$BATCTL gw off +/usr/local/sbin/batctl gw off /usr/sbin/service bird6 stop /usr/sbin/service bird stop /usr/sbin/service tunneldigger stop /usr/sbin/service radvd stop /usr/sbin/service isc-dhcp-server stop while [ true ] ; do - online=$(/bin/cat /tmp/sn_online) + online=$(/bin/cat /etc/supernode-status/supernode.status) + mode=$(/bin/cat /etc/supernode-status/supernode.mode) iam=$(/bin/hostname) day=$(date +%d) BATCTL=/usr/local/sbin/batctl @@ -15,10 +15,9 @@ while [ true ] ; do # Names of the 2 Supernodes # SN1=troisdorf5 SN2=troisdorf6 - # Default Supernode if loadbalance=0 or day > 15 # - active_SN=$SN2 + active_SN=$(/bin/hostname) # Turn loadbalance on/off # - loadbalance=1 + loadbalance=$(cat /etc/supernode-status/loadbalancing.mode) ################## # functions # # Supernode off # @@ -29,8 +28,12 @@ while [ true ] ; do /usr/sbin/service tunneldigger stop /usr/sbin/service radvd stop /usr/sbin/service isc-dhcp-server stop - echo 0 > /tmp/sn_online - echo "collectd.gateways.{{ sn_hostname }}.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 + if [ $loadbalance == 1 ] && [ $mode != 0 ]; then + echo 3 > /etc/supernode-status/supernode.status + else + echo 0 > /etc/supernode-status/supernode.status + fi + echo "collectd.gateways.troisdorf5.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } # Supernode on # supernode_on () { @@ -40,8 +43,12 @@ while [ true ] ; do /usr/sbin/service tunneldigger start /usr/sbin/service radvd start /usr/sbin/service isc-dhcp-server start - echo 1 > /tmp/sn_online - echo "collectd.gateways.{{ sn_hostname }}.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 + if [ $loadbalance == 1 ]; then + echo 1 > /etc/supernode-status/supernode.status + else + echo 2 > /etc/supernode-status/supernode.status + fi + echo "collectd.gateways.troisdorf5.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } # Restart Services # supernode_fail () { @@ -51,11 +58,11 @@ while [ true ] ; do /usr/sbin/service tunneldigger restart /usr/sbin/service radvd restart /usr/sbin/service isc-dhcp-server restart - echo 0 > /tmp/sn_online - echo "collectd.gateways.{{ sn_hostname }}.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 + echo 0 > /etc/supernode-status/supernode.status + echo "collectd.gateways.troisdorf5.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003 } # who am i ? # - if [ $iam == troisdorf5 ] + if [ $iam = "troisdorf5" ]; then my_SN_IP=185.66.193.105 other_SN_IP=185.66.193.106 @@ -65,20 +72,22 @@ while [ true ] ; do other_SN_IP=185.66.193.105 other_SN_IP_EXTERN=5.9.76.198 fi - if [ $loadbalance == 1 ] + if [ $loadbalance = "1" ] && [ $mode != "0" ]; then if [ $day -gt 15 ] then active_SN=$SN1 + else + active_SN=$SN2 fi fi #Check other Supernode - if [ $iam != $active_SN ] + if [ $iam != $active_SN ]; then ping -q -c5 $other_SN_IP -I eth0 > /dev/null if [ $? -eq 0 ] then - if [ $online == 1 ]; then + if [ $online ==1 ] || [ $online = 2 ]; then curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} fi supernode_off @@ -89,25 +98,33 @@ while [ true ] ; do fi else # Check this Supernode - ping -q -c5 $my_SN_IP -I eth0 > /dev/null - if [ $? -eq 0 ] - then - if [ $online == 0 ]; then - curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} - fi - supernode_on - else - supernode_fail - curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} + if [ $mode != "0" ]; then + ping -q -c5 $my_SN_IP -I eth0 > /dev/null + if [ $? -eq 0 ] + then + if [ $online = 0 ] || [ $online = 3 ]; then + curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }} + fi + supernode_on + else + supernode_fail + curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }} + fi fi fi + if [ $mode = "0" ]; then + supernode_off + + fi for service in bird bird6 isc-dhcp-server radvd python named do x=`pidof $service`; - if [ "$x" == "" ]; then - echo "collectd.gateways.{{ sn_hostname }}.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003 + if [ "$x" = "" ]; then + echo "collectd.gateways.troisdorf5.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003 + echo 0 > /etc/supernode-status/"$service".status else - echo "collectd.gateways.{{ sn_hostname }}.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003 + echo "collectd.gateways.troisdorf5.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003 + echo 1 > /etc/supernode-status/"$service".status fi done sleep 60 From a67930da0be75984eb74eb36f3a4770c3699fd75 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 17 Apr 2016 23:12:28 +0200 Subject: [PATCH 06/11] Create supernode --- files/supernode | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 files/supernode diff --git a/files/supernode b/files/supernode new file mode 100644 index 0000000..ae88e70 --- /dev/null +++ b/files/supernode @@ -0,0 +1,52 @@ +#!/bin/bash +help () { +echo "Supernode Settings:" +echo "status | off | loadbalance" +} + +status () { + supernode_status=$(/bin/cat /etc/supernode-status/supernode.status) + supernode_mode=$(/bin/cat /etc/supernode-status/supernode.mode) + loadbalancing=$(cat /etc/supernode-status/loadbalancing.mode) + + echo "Supernode Status: (Ist-Zustand)" + if [ $supernode_status == 0 ]; then + echo "Supernode ist Offline" + elif [ $supernode_status == 1 ]; then + echo "Supernode läuft (Loadbalancing)" + elif [ $supernode_status == 2 ]; then + echo "Supernode läuft (Dauer-Ein)" + elif [ $supernode_status == 3 ]; then + echo "Supernode Offline (Loadbalancing)" + fi + if [ $loadbalancing = 1 ]; then + echo "Loadbalancing ist Aktiv" + else + echo "Loadbalancing ist Deativiert" + fi +} + +off () { + echo 0 > /etc/supernode-status/supernode.mode + echo "Supernode Deaktiviert" +} + +on () { + echo 1 > /etc/supernode-status/supernode.mode + echo "Supernode Aktiviert" +} + +loadbalance () { + loadbalancing=$(cat /etc/supernode-status/loadbalancing.mode) + if ! [ -f /etc/supernode-status/loadbalancing.mode ]; then + echo 0 > /etc/supernode-status/loadbalancing.mode + fi + if [ $loadbalancing == 0 ]; then + echo 1 > /etc/supernode-status/loadbalancing.mode + else + echo 0 > /etc/supernode-status/loadbalancing.mode + fi + sleep 5 + status +} +$1 From 8ca5681bf6812cd8fedde771a355e24341116503 Mon Sep 17 00:00:00 2001 From: stebifan Date: Sun, 17 Apr 2016 23:17:26 +0200 Subject: [PATCH 07/11] Added Supernode Config Script --- install.sn.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install.sn.yml b/install.sn.yml index e4389dc..1482d14 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -58,6 +58,8 @@ - named.conf.fftdf check_gw_script: - keepalive.sh + supernode_config: + - supernode authorized_keys: - authorized_keys logrotate_config: @@ -196,6 +198,10 @@ - name: Add cron job with check gateway script cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" when: check_gw.changed + - name: Supernode Config script super- and exitnode + template: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500 + register: supernode_config + when: sn_exit is defined - name: Tunneldigger stats copy: src=./files/{{ item }} dest=/opt/freifunk owner=root group=root mode=0500 with_items: tunneld_stats_file From e2ebc87b4850e778140ba7daf5118a4a03dfd6b2 Mon Sep 17 00:00:00 2001 From: stebifan Date: Thu, 21 Apr 2016 10:34:12 +0200 Subject: [PATCH 08/11] Update interfaces-troisdorf5 --- files/interfaces-troisdorf5 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/files/interfaces-troisdorf5 b/files/interfaces-troisdorf5 index 37a0421..935d621 100644 --- a/files/interfaces-troisdorf5 +++ b/files/interfaces-troisdorf5 @@ -17,9 +17,9 @@ allow-hotplug eth0 iface eth0 inet dhcp allow-hotplug eth1 iface eth1 inet6 static - address 2a01:4f8:161:62a9::5 + address 2a01:4f8:172:f4b::5 netmask 64 - gateway 2a01:4f8:161:62a9::2 + gateway 2a01:4f8:172:f4b::2 # GRE Tunnel zum Rheinland Backbone # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen From ee8a41400f18fd8844250374c95c71ac5f0e81cb Mon Sep 17 00:00:00 2001 From: rojoka Date: Thu, 21 Apr 2016 21:58:38 +0200 Subject: [PATCH 09/11] conntrack_max = 65536 conntrack_max = 65536 --- install.sn.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install.sn.yml b/install.sn.yml index 1482d14..43ef455 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -280,7 +280,7 @@ with_items: - net.ipv4.netfilter.ip_conntrack_generic_timeout = 240 - net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 54000 - - net.netfilter.nf_conntrack_max = 262144 + - net.netfilter.nf_conntrack_max = 65536 - name: check modprobe.conf stat: path=/etc/modprobe.conf register: modprobe1 From 9aa1119d78c466dbbbeb18edd681ce0072f9e29e Mon Sep 17 00:00:00 2001 From: rojoka Date: Thu, 21 Apr 2016 22:05:16 +0200 Subject: [PATCH 10/11] small change to the active supernode file Changed "template:" to "copy:" because it is a single file for all server and not a template --- install.sn.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/install.sn.yml b/install.sn.yml index 43ef455..3fa3d9e 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -58,8 +58,6 @@ - named.conf.fftdf check_gw_script: - keepalive.sh - supernode_config: - - supernode authorized_keys: - authorized_keys logrotate_config: @@ -199,8 +197,7 @@ cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" when: check_gw.changed - name: Supernode Config script super- and exitnode - template: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500 - register: supernode_config + copy: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500 when: sn_exit is defined - name: Tunneldigger stats copy: src=./files/{{ item }} dest=/opt/freifunk owner=root group=root mode=0500 From 2079272746a6e27d285a0d3c33f56f53735693cc Mon Sep 17 00:00:00 2001 From: rojoka Date: Thu, 21 Apr 2016 22:07:56 +0200 Subject: [PATCH 11/11] new version v3.0.8 new version v3.0.8 --- install.sn.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install.sn.yml b/install.sn.yml index 3fa3d9e..4640316 100644 --- a/install.sn.yml +++ b/install.sn.yml @@ -9,7 +9,7 @@ user: root gather_facts: False vars: - snversion: master_v3.0.4 + snversion: master_v3.0.8 batmanversion: v2015.2 common_required_packages: - git