From a596fa870f796f3a79ac1fa953b39ae00da0be7f Mon Sep 17 00:00:00 2001
From: Roman Katrincak <roman.katrincak@tstgmbh.com>
Date: Sun, 6 Dec 2015 21:41:30 +0100
Subject: [PATCH] - Switched to alfred v15.1 from git - Add logrotate config
 (only 1 day history)

---
 files/alfred.sh.j2     |  2 +-
 files/gre_backbone.sh  |  2 +-
 files/logrotate.conf   | 34 ++++++++++++++++++++++++++++++++
 files/sn_startup.sh.j2 | 25 ++++++++++++------------
 install.sn.yml         | 44 ++++++++++++++++++++++++++++--------------
 5 files changed, 79 insertions(+), 28 deletions(-)
 create mode 100644 files/logrotate.conf

diff --git a/files/alfred.sh.j2 b/files/alfred.sh.j2
index 7da0925..3d1d88e 100644
--- a/files/alfred.sh.j2
+++ b/files/alfred.sh.j2
@@ -37,7 +37,7 @@ EOF
 
 if [ -f $tempfile ]
  then
-  /bin/cat "$tempfile" | /bin/gzip | /usr/sbin/alfred -s 158
+  /bin/cat "$tempfile" | /bin/gzip | /usr/local/sbin/alfred -s 158
 fi
 
 if [ -f $tempfile ]
diff --git a/files/gre_backbone.sh b/files/gre_backbone.sh
index 940b248..0e0debc 100644
--- a/files/gre_backbone.sh
+++ b/files/gre_backbone.sh
@@ -40,6 +40,6 @@ done
 /sbin/ip link set up dev bat0
 /sbin/ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0
 /sbin/ip -6 addr add fda0:747e:ab29:7405:255::${localserver#$communityname}/64 dev bat0
-/usr/sbin/alfred -i bat0 > /dev/null 2>&1 &
+/usr/local/sbin/alfred -i bat0 > /dev/null 2>&1 &
 /usr/sbin/batadv-vis -i bat0 -s > /dev/null 2>&1 &
 /usr/sbin/service bind9 restart
diff --git a/files/logrotate.conf b/files/logrotate.conf
new file mode 100644
index 0000000..b31a038
--- /dev/null
+++ b/files/logrotate.conf
@@ -0,0 +1,34 @@
+# see "man logrotate" for details
+# rotate log files weekly
+#weekly
+daily
+
+# keep 4 weeks worth of backlogs
+#rotate 4
+rotate 0
+
+# create new (empty) log files after rotating old ones
+create
+
+# uncomment this if you want your log files compressed
+#compress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# no packages own wtmp, or btmp -- we'll rotate them here
+/var/log/wtmp {
+    missingok
+    monthly
+    create 0664 root utmp
+    rotate 1
+}
+
+/var/log/btmp {
+    missingok
+    monthly
+    create 0660 root utmp
+    rotate 1
+}
+
+# system-specific logs may be configured here
diff --git a/files/sn_startup.sh.j2 b/files/sn_startup.sh.j2
index 4eeb555..0025380 100644
--- a/files/sn_startup.sh.j2
+++ b/files/sn_startup.sh.j2
@@ -1,30 +1,31 @@
 #!/bin/sh
 
 # Stop tunneldigger until bat0 is up
-/usr/sbin/service tunneldigger stop
+#/usr/sbin/service tunneldigger stop
 
 # Set unreachable for table 200
-/bin/ip route add unreachable 0.0.0.0/0 table iffy
+#/bin/ip route add unreachable 0.0.0.0/0 table iffy
 
-while ! ping -c 1 -W 1 {{ sn_iffy_traffic }}; do
-    echo "Waiting for {{ sn_iffy_traffic }} - network interface might be down..."
-    sleep 5
-done
+#while ! ping -c 1 -W 1 {{ sn_iffy_traffic }}; do
+#    echo "Waiting for {{ sn_iffy_traffic }} - network interface might be down..."
+#    sleep 5
+#done
 
 
 # Activate IP forwarding
 /sbin/sysctl -w net.ipv6.conf.all.forwarding=1
 /sbin/sysctl -w net.ipv4.ip_forward=1
+/sbin/sysctl kernel.panic=10
 
 # Routing table 200 for traffic above port 1023
-/bin/grep 200 /etc/iproute2/rt_tables || /bin/echo 200	iffy >> /etc/iproute2/rt_tables
+#/bin/grep 200 /etc/iproute2/rt_tables || /bin/echo 200	iffy >> /etc/iproute2/rt_tables
 
 # Set table for traffice with mark 4
-/bin/ip rule add fwmark 0x4 table iffy
+#/bin/ip rule add fwmark 0x4 table iffy
 
 # Set mark 4 to traffic above port 1023
-/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 1024:65535 -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
-/sbin/iptables -t mangle -A PREROUTING -p udp --dport 1024:65535 -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
+#/sbin/iptables -t mangle -A PREROUTING -p tcp --dport 1024:65535 -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
+#/sbin/iptables -t mangle -A PREROUTING -p udp --dport 1024:65535 -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
 
 # NAT on eth0
 /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
@@ -33,9 +34,9 @@ done
 /sbin/sysctl net.ipv4.conf.bat0.rp_filter=0
 
 # Set gateway for table 200
-/bin/ip route replace default via {{ sn_iffy_traffic }} table iffy
+#/bin/ip route replace default via {{ sn_iffy_traffic }} table iffy
 
 # Start tunneldigger
-/usr/sbin/service tunneldigger start
+#/usr/sbin/service tunneldigger start
 
 exit 0
diff --git a/install.sn.yml b/install.sn.yml
index 57f6dab..98c5b85 100644
--- a/install.sn.yml
+++ b/install.sn.yml
@@ -65,6 +65,9 @@
       - gre_backbone.sh
     authorized_keys:
       - authorized_keys
+    logrotate_config:
+      - logrotate.conf
+
 
   tasks:
     - name: Remove cdrom in sources.list
@@ -157,26 +160,39 @@
       - systemctl daemon-reload
       - systemctl enable tunneldigger.service
       when: tunneldigger.changed
-    - name: Check if alfred is installed
-      command: dpkg-query -W alfred
-      register: alfred_check_deb
-      failed_when: alfred_check_deb.rc > 1
-      changed_when: alfred_check_deb.rc == 1
-    - name: Download alfred
-      get_url: 
-             url="https://firmware.freifunk-wuppertal.net/deb/alfred_2015.0_amd64.deb"
-             dest="/tmp/alfred_2015.0_amd64.deb"
-      when: alfred_check_deb.rc == 1
-    - name: Install alfred
-      apt: deb="/tmp/alfred_2015.0_amd64.deb"
-      sudo: False
-      when: alfred_check_deb.rc == 1
+    - name: Copy logrotate config
+      copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500
+      with_items: logrotate_config
+    - shell: test -f /usr/local/sbin/alfred
+      register: alfred_file
+      failed_when: alfred_file.rc > 1
+      changed_when: alfred_file.rc == 1
+    - name: Get alfred
+      git: repo=http://git.open-mesh.org/alfred.git
+           dest=/tmp/alfred
+      register: git_alfred
+      when: alfred_file.rc == 1
+    - name: make alfred
+      shell: cd /tmp/alfred && git checkout v2015.1 && make && make install
+      register: git_alfred
+      when: alfred_file.rc == 1
+
+#    - name: Download alfred
+#      get_url: 
+#             url="https://firmware.freifunk-wuppertal.net/deb/alfred_2015.0_amd64.deb"
+#             dest="/tmp/alfred_2015.0_amd64.deb"
+#      when: alfred_check_deb.rc == 1
+#    - name: Install alfred
+#      apt: deb="/tmp/alfred_2015.0_amd64.deb"
+#      sudo: False
+#      when: alfred_check_deb.rc == 1
 #    - name: copy openvpn files
 #      copy: src=./files/{{ item }} dest=/etc/openvpn owner=root group=root mode=0400
 #      with_items: openvpn_files
 #    - name: copy openvpn scripts
 #      copy: src=./files/{{ item }} dest=/etc/openvpn owner=root group=root mode=0500
 #      with_items: openvpn_scripts
+
     - name: Create freifunk directory
       file: path=/opt/freifunk state=directory mode=0755
     - name: Check gateway / keepalive script