diff --git a/roles/01-vpn-offloader-setup/tasks/main.yml b/roles/01-vpn-offloader-setup/tasks/main.yml index 04c020b..d798d10 100644 --- a/roles/01-vpn-offloader-setup/tasks/main.yml +++ b/roles/01-vpn-offloader-setup/tasks/main.yml @@ -60,4 +60,15 @@ - ndppd - iptables-persistent state: latest - update_cache: yes \ No newline at end of file + update_cache: yes + +- name: Copy Netplan Template for Internal Network + ansible.builtin.template: + src: netplan.j2 + dest: /etc/netplan/01-freifunk-internal.yaml + owner: root + group: root + mode: 755 + +- name: Apply Netplan + ansible.builtin.shell: netplan apply \ No newline at end of file diff --git a/roles/01-vpn-offloader-setup/templates/netplan.j2 b/roles/01-vpn-offloader-setup/templates/netplan.j2 new file mode 100644 index 0000000..2195bf2 --- /dev/null +++ b/roles/01-vpn-offloader-setup/templates/netplan.j2 @@ -0,0 +1,14 @@ +network: + ethernets: + ens19: + dhcp4: false + addresses: + - {{ freifunk_internal_ip }} + nameservers: + addresses: + - 1.1.1.1 + routes: + - to: default + via: {{ core_router }} + table: 42 + version: 2 \ No newline at end of file diff --git a/roles/vyos-config/templates/config.j2 b/roles/vyos-config/templates/config.j2 index 81ecba4..cd75dea 100644 --- a/roles/vyos-config/templates/config.j2 +++ b/roles/vyos-config/templates/config.j2 @@ -337,6 +337,24 @@ protocols { } } service { + dhcp-server { + listen-address 172.16.7.1 + shared-network-name freifunk { + subnet 172.16.7.0/24 { + default-router 172.16.7.1 + name-server 1.1.1.1 + name-server 1.0.0.1 + range dhcp { + start 172.16.7.10 + stop 172.16.7.200 + } + static-mapping vpn-01 { + ip-address 172.16.7.2 + mac-address 36:f3:82:18:9b:03 + } + } + } + } ntp { allow-client { address 0.0.0.0/0