Compare commits

...

2 Commits

Author SHA1 Message Date
Niklas Yann Wettengel eccc82a9cc reduce radvd interval 3 weeks ago
Niklas Yann Wettengel 0facfe0686 rm fastd stuff 3 weeks ago

@ -5,18 +5,6 @@ sites:
net4: '10.222.80.0/21'
net6: '2a03:2260:1016:0201::/64'
site_net6: 'fd62:44e1:da:0200::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
66613864623830333561306634656664623831613235336463353433393835623633313531636164
3132343936323530316438366530343336393366343735390a643862663163366661383963366461
63356536333162306635653863386430306463323963633066626336663837633762356632393163
3661353338313935330a303338343231393965333534633438396261633431613734646265373830
30623665633364343639646539616262666663333830396363336436343938613266333963363432
65303930366339626331356230316236396138653735666431633437313436303862363437313738
38626439626562386264623534646238666436656362633432666137666334643366303733396132
35396461636664396633
fastd_mesh_mac: '02:ff:41:57:00:10'
fastd_port1: 10014
bat_ipv6: '2a03:2260:1016:0201::1'
bat_ipv4: '10.222.80.1'
bat_ipv4_cidr: 21
@ -43,18 +31,6 @@ sites:
net4: '10.222.48.0/21'
net6: '2a03:2260:1016:0101::/64'
site_net6: 'fd62:44e1:da:0100::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
36343336633735316533356365663562633136316164346335613665343736643538613033323837
3163666137323238323535623663393466343061393432640a363838366533663135366665343137
64393938336636336230306333376365646631393432333934326631366666363266633631366636
3232396339613063360a356636623235333161633630363361653064626232386132393065363961
64653535613861636633303164353964393461376432646539656332373461626139333166343163
65376133646361616539303338373164623933633061663635353338643036396332656332643738
61626236323463623362613335653436643631356362343866333035623662336262323166616163
61303232626638303231
fastd_mesh_mac: '02:ff:43:4f:43:10'
fastd_port1: 10012
bat_ipv6: '2a03:2260:1016:0101::1'
bat_ipv4: '10.222.48.1'
bat_ipv4_cidr: 21
@ -81,18 +57,6 @@ sites:
net4: '10.222.184.0/21'
net6: '2a03:2260:1016:0402::/64'
site_net6: 'fd62:44e1:da:0400::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
39303135363836313137613238633137646235366637393463346132366361363465303531653565
3439336633396532303563613536333264373863663933650a653566626462346133363433333337
64333138353862613937653065613136323238666336363635643062643538363265323335643766
6465393863393630640a643531376464336334346530393764376139623033336139616138653534
64616531313665336365323331616263613336313938316663383437353532316631636138663661
37666538656533346365393435316630323065316336303138373962393038653831623339656634
37343837373965393866653965366335636563303931333465656539316563646162626261633535
34303934616666633764
fastd_mesh_mac: '02:ff:53:49:4d:20'
fastd_port1: 10018
bat_ipv6: '2a03:2260:1016:0402::1'
bat_ipv4: '10.222.184.1'
bat_ipv4_cidr: 21

@ -6,18 +6,6 @@ sites:
net4: '10.222.88.0/21'
net6: '2a03:2260:1016:0202::/64'
site_net6: 'fd62:44e1:da:0200::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
64316166303564616561623661653739386434373564646630396361366262303737346632656136
3164613138393838616235343936633162333032323563320a666235383763383766373761623533
36313135643830623363353966653138346364646639386339393664366565323265366630333362
6264633837626133300a373133353532656331623038346637643834613563383435366534393865
31343432663535653364643564306533383333303939656232336232306136663839376662656332
63396465303038396531653239323264346233313563636261613231343763306130316530386262
31316432383834323237386138336434663365643732643732323439313564303337636466393334
63613666333161366366
fastd_mesh_mac: '02:ff:41:57:00:20'
fastd_port1: 10014
bat_ipv6: '2a03:2260:1016:0202::1'
bat_ipv4: '10.222.88.1'
bat_ipv4_cidr: 21
@ -44,18 +32,6 @@ sites:
net4: '10.222.56.0/21'
net6: '2a03:2260:1016:0102::/64'
site_net6: 'fd62:44e1:da:0100::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
64346365626531663039636230633430613338336164623065393964313538633839346537356533
3363313832333561373134363136333663313864383466360a333533643462336533336433353030
64306535326562343964373931306366613365356335386163303062363663383264353566656438
3838323261303331380a613366306566623531323162373266663863393563323232626565346163
64333835356662643561373062393831303366656138356464326232363235373734663038316336
37313164306565643032373938353434393333653531623635663030613861306663373761336233
65373565653939663832353565656262306633306461316461343735336431393033316433313164
35346363653832386138
fastd_mesh_mac: '02:ff:43:4f:43:20'
fastd_port1: 10012
bat_ipv6: '2a03:2260:1016:0102::1'
bat_ipv4: '10.222.56.1'
bat_ipv4_cidr: 21
@ -82,18 +58,6 @@ sites:
net4: '10.222.176.0/21'
net6: '2a03:2260:1016:0401::/64'
site_net6: 'fd62:44e1:da:0400::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
36623461376163303538353865656462643537646265393461656337383936363634653063363938
3735616161636231633238323935313861346163636565620a353132303235636662366231393236
30323734313065356132623736633231326537626462366264653138666533633461393830336634
6530666637613164340a663133386134393235636362633833373531323132636138623163656638
34363637623331666335353464366539623936306437356538393034376232346566323431636231
32653236386632656633636438303130323065386635616462666631386361396233303965393332
63333233656336313633303166333638663335363035653230316633303233376131396135373462
34343163616561343163
fastd_mesh_mac: '02:ff:53:49:4d:10'
fastd_port1: 10018
bat_ipv6: '2a03:2260:1016:0401::1'
bat_ipv4: '10.222.176.1'
bat_ipv4_cidr: 21

@ -6,18 +6,6 @@ sites:
net4: '10.222.200.0/21'
net6: '2a03:2260:1016:0502::/64'
site_net6: 'fd62:44e1:da:0500::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
39643432623937346662666565393066356635346236313562376339373665653837376365326531
3366643661613065303837353830666566356266613036650a383531336266363036366664323439
64636330346166306464353564363266303836666134373739646566306337333666356231616364
3635616561323332340a323665353031653566646562393430666261363834353036663938636634
62363261663531383464646262306237353233346535623235643561633435623939646262313561
30656531313664326663666661636465303239353331356633353238363433336561316264613037
33636239303465623333316561653732653638633632343165383934313738303365633937373038
33396464306363333965
fastd_mesh_mac: '02:ff:45:4d:53:20'
fastd_port1: 10020
bat_ipv6: '2a03:2260:1016:0502::1'
bat_ipv4: '10.222.200.1'
bat_ipv4_cidr: 21
@ -44,18 +32,6 @@ sites:
net4: '10.222.24.0/21'
net6: '2a03:2260:1016:0002::/64'
site_net6: 'fd62:44e1:da::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
32616565386335373931326566326366306138386431303537386639373339306264613665613936
3630343838353631633832393265653666656164623434330a636537666266663835303561393437
61666665666162353665386434646439323730393839643464303237383034303066623731386638
6461303434383162300a303332333031396233383637653737393933636164653833303333633466
39336465616562613838646139303462306131326364356265366564356131343866313164356365
61623137653661633062613334633231633438626234303064363063396437666431353839313764
37313535646131393963353562353862363933373765316531656531353835653231643031383236
39633866633130373430
fastd_mesh_mac: '02:ff:4b:4f:00:20'
fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0002::1'
bat_ipv4: '10.222.24.1'
bat_ipv4_cidr: 21
@ -82,18 +58,6 @@ sites:
net4: '10.222.72.0/21'
net6: '2a03:2260:1016:0302::/64'
site_net6: 'fd62:44e1:da:300::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
36356665356465363064623732316337393137633133383133666330353238636432643232383534
3136386561663630633461653132626531666336663962650a363164343264623664316465663264
39336561346634623530636464646261313362383533363336383138663435346265626563646461
3231313735313266610a373663363966303961363039346137353132353864326639343732613032
33626665646364643036633662316234366666303364373434656137666233613030386562643662
37663232306135643461376435653263333834366163663634646164326236643730356135386464
31303439643035643732306162666261393735333334323433306633313635373363636364306663
36396363306537636164
fastd_mesh_mac: '02:ff:4d:59:00:20'
fastd_port1: 10016
bat_ipv6: '2a03:2260:1016:0302::1'
bat_ipv4: '10.222.72.1'
bat_ipv4_cidr: 21

@ -5,18 +5,6 @@ sites:
net4: '10.222.192.0/21'
net6: '2a03:2260:1016:0501::/64'
site_net6: 'fd62:44e1:da:0500::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
64366430303532336538633661343838386537316364613866623134663866643634633436316565
3764303032353633336662613430663961646535353262310a613238643666313033343438666235
36316438366137333430663235303237666132306362616366356439306162633430326366663862
6633353266376537640a623163646437396564666232316530616264346566633032393033616438
31313538363462633865376234363262653861656234333661613139383538643963646436396464
65613834396464613266383936326539623461646661666464623337343834326533303039623665
37386130306432313766306638343561653232656238313734396562653661376131653036353264
63646437393532356338
fastd_mesh_mac: '02:ff:45:4d:53:10'
fastd_port1: 10020
bat_ipv6: '2a03:2260:1016:0501::1'
bat_ipv4: '10.222.192.1'
bat_ipv4_cidr: 21
@ -43,18 +31,6 @@ sites:
net4: '10.222.16.0/21'
net6: '2a03:2260:1016:0001::/64'
site_net6: 'fd62:44e1:da::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
62303765323237376233313337343961663435363430646565616238356261646133326562363235
6639356166623437646664323236643161353837393330650a613565306362663932383436333635
63663832616334643939623835373731323835326361373266653331346530393462616364343633
3935316666653463370a653038313766383436303862306666356138353838386362363731663631
35313830346562643434393266393039336264663939363433336435653833323038363432623431
31636465666133633538633562323437333836376632343333306332356461663163396232626564
63393432373965323037656437313762383037363534343937303462393736666534653835633433
36656539623732333130
fastd_mesh_mac: '02:ff:4b:4f:00:10'
fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0001::1'
bat_ipv4: '10.222.16.1'
bat_ipv4_cidr: 21
@ -81,18 +57,6 @@ sites:
net4: '10.222.64.0/21'
net6: '2a03:2260:1016:0301::/64'
site_net6: 'fd62:44e1:da:300::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
38333436396361633136336561633864383663666439613335613534336339373366396231646333
6264303364616131313966306438333135353564366134330a353438343861666337646633383534
31366233346663316434316439346639666639653433323363366161313362376262646663396330
6362356563616535640a633130623433316165313238346165376337326364306262643139376130
39326531633631656665346239386133363833623263663162356161333562636437633333643338
32623535323934306164653535633463626234623935653262633739383137326461623731623536
30366431633431363164633833323466616637633135636538656332356434333564386165643736
36303333346530376134
fastd_mesh_mac: '02:ff:4d:59:00:10'
fastd_port1: 10016
bat_ipv6: '2a03:2260:1016:0301::1'
bat_ipv4: '10.222.64.1'
bat_ipv4_cidr: 21

@ -1,7 +0,0 @@
#!/bin/sh
for file in /run/ff*.socket
do
echo $file
nc -U $file | jq -r '.peers | keys[] as $k | "\(.[$k] | .connection.mac_addresses[]) \(.[$k] | .address) \($k)"' | grep $1
done

@ -1,6 +0,0 @@
#!/bin/sh
if grep -q $PEER_KEY /etc/fastd_blacklist; then
echo $PEER_KEY blacklisted
exit 1
fi
exit 0

@ -1,40 +0,0 @@
---
- name: reload fastd
systemd:
name: fastd@ffmyk.service
state: reloaded
- name: restart fastdaw
systemd:
name: fastd@ffaw.service
state: restarted
- name: restart fastdcoc
systemd:
name: fastd@ffcoc.service
state: restarted
- name: restart fastdems
systemd:
name: fastd@ffems.service
state: restarted
- name: restart fastdko
systemd:
name: fastd@ffko.service
state: restarted
- name: restart fastdmy
systemd:
name: fastd@ffmy.service
state: restarted
- name: restart fastdsim
systemd:
name: fastd@ffsim.service
state: restarted
- name: restart fastdww
systemd:
name: fastd@ffww.service
state: restarted

@ -1,61 +0,0 @@
---
- name: install fastd
pacman:
name: fastd
state: present
- name: create site folder
file:
path: /etc/fastd/ff{{ item.name }}
state: directory
with_items: "{{ sites }}"
- name: fastd.conf
template:
src: fastd.conf.j2
dest: /etc/fastd/ff{{ item.name }}/fastd.conf
mode: 0640
notify: restart fastd{{ item.name }}
with_items: "{{ sites }}"
- name: add fastd bin folder
file:
path: /etc/fastd/ff{{ item.name }}/bin
state: directory
with_items: "{{ sites }}"
- name: add fastd up script
template:
src: fastd_up.sh.j2
dest: /etc/fastd/ff{{ item.name }}/bin/up.sh
mode: 0744
notify: restart fastd{{ item.name }}
with_items: "{{ sites }}"
- name: add fastd verify script
copy:
src: verify.sh
dest: /etc/fastd/ff{{ item.name }}/bin/verify.sh
mode: 0744
with_items: "{{ sites }}"
- name: add fastd_grep script
copy:
src: fastd_grep.sh
dest: /root/fastd_grep.sh
mode: 0744
- name: install fastd_grep dependencies
pacman:
name:
- openbsd-netcat
- jq
state: present
- name: start and enable fastd service
systemd:
name: fastd@ff{{ item.name }}.service
enabled: yes
state: started
with_items: "{{ sites }}"

@ -1,45 +0,0 @@
#!/usr/bin/php -f
<?php
//$url = 'http://register.freifunk-myk.de/srvapi.php';
$url = 'https://www.freifunk-myk.de/node/keys';
$out = '/etc/fastd/ff{{ item.name }}/peers/';
if(!is_dir($out)) die('Output Dir missing');
if(!is_writable($out)) die('Output Dir perms');
if( ($data = file_get_contents($url)) === FALSE ) die('Error getting keys');
$data = unserialize($data);
$active=array();
foreach($data as $router) {
$router['MAC'] = trim($router['MAC']);
$router['PublicKey'] = trim($router['PublicKey']);
if(!preg_match('/^[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}:[A-F0-9]{2}$/', $router['MAC'])) {
//trigger_error('Router mit falscher MAC?!', E_USER_WARNING);
}elseif(!preg_match('/^[A-F0-9]{64}$/', $router['PublicKey'])) {
//trigger_error('Router mit falschem Key?!'.$router['MAC'], E_USER_WARNING);
}else{
$filename='client_'.str_replace(':', '-', $router['MAC']);
$fp=fopen($out.$filename, 'w');
fwrite($fp, 'key "'.$router['PublicKey'].'";'."\n");
fclose($fp);
$active[] = $filename;
}
}
//Check if we fscked up
if(count($active) < 10) die('Less than 10 nodes? Database broken?');
$dh = opendir($out);
while(($file = readdir($dh)) !== false) {
if($file != '.' && $file != '..') {
if(!in_array($file, $active) && (strpos($file, 'client_') !== false)) {
unlink($out.$file);
}
}
}
exec('killall -SIGHUP fastd');
?>

@ -1,13 +0,0 @@
log to syslog level info;
interface "vpn{{ item.name }}";
method "salsa2012+gmac";
method "salsa2012+umac";
secure handshakes yes;
bind any:{{ item.fastd_port1 }};
hide ip addresses yes;
hide mac addresses yes;
mtu 1280;
secret "{{ item.fastd_secret }}";
on up "/etc/fastd/ff{{ item.name }}/bin/up.sh $INTERFACE";
status socket "/run/ff{{ item.name }}1.socket";
on verify "/etc/fastd/ff{{ item.name }}/bin/verify.sh";

@ -1,11 +0,0 @@
#!/bin/bash
ip link set address {{ item.fastd_mesh_mac }} dev $1
ip link set up dev $1
batctl meshif bat{{ item.name }} if add $1
batctl meshif bat{{ item.name }} gw server 1000000/1000000
batctl meshif bat{{ item.name }} it 10000
batctl meshif bat{{ item.name }} mm 1
batctl meshif bat{{ item.name }} hop_penalty 64
netctl start bat{{ item.name }}
systemctl restart dhcpd4.service
systemctl restart named.service

@ -4,7 +4,7 @@ interface bat{{ site.name }}
AdvSendAdvert on;
IgnoreIfMissing on;
MinRtrAdvInterval 10;
MaxRtrAdvInterval 300;
MaxRtrAdvInterval 30;
AdvDefaultPreference low;
AdvHomeAgentFlag off;
@ -18,7 +18,7 @@ interface bat{{ site.name }}
RDNSS {{ site.bat_ipv6 }}
{
AdvRDNSSLifetime 900;
AdvRDNSSLifetime 300;
};
};

Loading…
Cancel
Save