Compare commits

..

2 Commits

Author SHA1 Message Date
Niklas Yann Wettengel 71dadf3da4 ko1 niyawe1 -> uniko1 2 years ago
Niklas Yann Wettengel 82e6f06b6b ff-uniko1 2 years ago

@ -28,7 +28,7 @@ wireguard_vpn_address: 'fe80::d3:16ff:fee5:6239'
wireguard_vpn_client_range: '2a03:2260:1016:3000::/52'
tayga_ipv4: 10.3.0.1
tayga_pool: 10.3.0.0/16
ffrl_router_id: 10.222.0.16
ffrl_ip4: '185.66.194.105'
ffrl_peers:
- name: 'bbaakber'
remote: '185.66.195.0'

@ -116,44 +116,6 @@ sites:
wireguard_mesh_address: 'fe80::00ff:45ff:fe4d:5302'
wireguard_mesh_endpoint: '{{ ansible_host }}'
wireguard_mesh_mac: '02:ff:45:4d:53:02'
- name: 'ko'
net4: '10.222.16.0/21'
net6: '2a03:2260:1016:0001::/64'
site_net6: 'fd62:44e1:da::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
62303765323237376233313337343961663435363430646565616238356261646133326562363235
6639356166623437646664323236643161353837393330650a613565306362663932383436333635
63663832616334643939623835373731323835326361373266653331346530393462616364343633
3935316666653463370a653038313766383436303862306666356138353838386362363731663631
35313830346562643434393266393039336264663939363433336435653833323038363432623431
31636465666133633538633562323437333836376632343333306332356461663163396232626564
63393432373965323037656437313762383037363534343937303462393736666534653835633433
36656539623732333130
fastd_mesh_mac: '02:ff:4b:4f:00:10'
fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0001::1'
bat_ipv4: '10.222.16.1'
bat_ipv4_cidr: 21
dhcp_subnet: '10.222.16.0'
dhcp_netmask: '255.255.248.0'
dhcp_start: '10.222.16.50'
dhcp_end: '10.222.23.250'
vxlan_id: 10891866
wireguard_mesh_number: 1
wireguard_mesh_priv_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
34656161316639303136656263333135366332393530646366373463356164326466316239303936
3932353863383437636630613562303662326232663131640a393833386164666634633964626138
33336365373833316266353865633930346664613363633235346432326430326233396336316265
3230373439313932360a653139636530383331666265393135653239363936663430623436663566
66333332363636343865663234396134346531633066626138663533333735323837373532636531
3966323936353934633637633965656663333366363634636165
wireguard_mesh_pub_key: 'jEPb55U0LjcVb+3ekAIW2Tmn07AmrBwU9DwJHwWO7i4='
wireguard_mesh_port: 10011
wireguard_mesh_address: 'fe80::00ff:4bff:fe4f:1'
wireguard_mesh_endpoint: '{{ ansible_host }}'
wireguard_mesh_mac: '02:ff:4b:4f:00:01'
- name: 'my'
net4: '10.222.72.0/21'
net6: '2a03:2260:1016:0302::/64'

@ -0,0 +1,106 @@
---
ansible_host: 2001:4c80:50:14::c04
sites:
- name: 'ko'
net4: '10.222.16.0/21'
net6: '2a03:2260:1016:0001::/64'
site_net6: 'fd62:44e1:da::/64'
fastd_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
62303765323237376233313337343961663435363430646565616238356261646133326562363235
6639356166623437646664323236643161353837393330650a613565306362663932383436333635
63663832616334643939623835373731323835326361373266653331346530393462616364343633
3935316666653463370a653038313766383436303862306666356138353838386362363731663631
35313830346562643434393266393039336264663939363433336435653833323038363432623431
31636465666133633538633562323437333836376632343333306332356461663163396232626564
63393432373965323037656437313762383037363534343937303462393736666534653835633433
36656539623732333130
fastd_mesh_mac: '02:ff:4b:4f:00:10'
fastd_port1: 10010
bat_ipv6: '2a03:2260:1016:0001::1'
bat_ipv4: '10.222.16.1'
bat_ipv4_cidr: 21
dhcp_subnet: '10.222.16.0'
dhcp_netmask: '255.255.248.0'
dhcp_start: '10.222.16.50'
dhcp_end: '10.222.23.250'
vxlan_id: 10891866
wireguard_mesh_number: 1
wireguard_mesh_priv_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
34656161316639303136656263333135366332393530646366373463356164326466316239303936
3932353863383437636630613562303662326232663131640a393833386164666634633964626138
33336365373833316266353865633930346664613363633235346432326430326233396336316265
3230373439313932360a653139636530383331666265393135653239363936663430623436663566
66333332363636343865663234396134346531633066626138663533333735323837373532636531
3966323936353934633637633965656663333366363634636165
wireguard_mesh_pub_key: 'jEPb55U0LjcVb+3ekAIW2Tmn07AmrBwU9DwJHwWO7i4='
wireguard_mesh_port: 10011
wireguard_mesh_address: 'fe80::00ff:4bff:fe4f:1'
wireguard_mesh_endpoint: '{{ ansible_host }}'
wireguard_mesh_mac: '02:ff:4b:4f:00:01'
wireguard_bb_name: 'uniko1'
wireguard_bb_endpoint: '{{ ansible_host }}'
wireguard_bb_priv_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
33323865636533656363643734313137313933353762316661623164616232333730303032613736
6238353532643966316135323861393937623739656636650a343839373332343939316533363230
30333038643766663131316136373264343536343734356139393737303030383436616366336430
3762656635303866310a333930333034613963363562313930663932333237306462663364663762
39306631356330353035386164616164656339316362366366366532373065643034613561323233
6132653032393235336566363561323563666133306639376637
wireguard_bb_pub_key: 'skqPL/XGmezXsF/3L/AO+kVF6XPw8ioGoN5T76Ukc30='
wireguard_bb_ipv4: '10.222.0.13'
wireguard_bb_ipv6: 'fe80::ffbb:ffbb:13'
wireguard_bb_port: 10113
wireguard_vpn_port: 10010
wireguard_vpn_priv_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
32393830323730303332326634336466663262356131323333363936393431613137616462346662
6330386466393666626131303362633065393630323461380a373336633762643238643662663664
62383934616366373663653033353431633535393738393830363464303466313365373833306366
6533353438663861340a636638636265653136326130346133343332376663336161626234343136
39653135633037663766333863333063393635623937323139663063333863643637306630616565
6433343965626635393231646639366663393363363734623333
wireguard_vpn_address: 'fe80::58:c9ff:fe34:9785'
wireguard_vpn_client_range: '2a03:2260:1016:4000::/52'
tayga_ipv4: 10.4.0.1
tayga_pool: 10.4.0.0/16
ffrl_ip4: '185.66.194.104'
ffrl_peers:
- name: 'bbaakber'
remote: '185.66.195.0'
ip4: '100.64.11.81'
peer_ip4: '100.64.11.80'
ip6: '2a03:2260:0:5c1::2'
peer_ip6: '2a03:2260:0:5c1::1'
- name: 'bbafra2fra'
remote: '185.66.194.0'
ip4: '100.64.11.83'
peer_ip4: '100.64.11.82'
ip6: '2a03:2260:0:5c2::2'
peer_ip6: '2a03:2260:0:5c2::1'
- name: 'bbaixdus'
remote: '185.66.193.0'
ip4: '100.64.11.85'
peer_ip4: '100.64.11.84'
ip6: '2a03:2260:0:5c3::2'
peer_ip6: '2a03:2260:0:5c3::1'
- name: 'bbbakber'
remote: '185.66.195.1'
ip4: '100.64.11.87'
peer_ip4: '100.64.11.86'
ip6: '2a03:2260:0:5c4::2'
peer_ip6: '2a03:2260:0:5c4::1'
- name: 'bbbfra2fra'
remote: '185.66.194.1'
ip4: '100.64.11.89'
peer_ip4: '100.64.11.88'
ip6: '2a03:2260:0:5c5::2'
peer_ip6: '2a03:2260:0:5c5::1'
- name: 'bbbixdus'
remote: '185.66.193.1'
ip4: '100.64.11.91'
peer_ip4: '100.64.11.90'
ip6: '2a03:2260:0:5c6::2'
peer_ip6: '2a03:2260:0:5c6::1'

@ -2,3 +2,4 @@
ff-niyawe1
ff-niyawe2
ff-loppermann1
ff-uniko1

@ -4,7 +4,6 @@ options {
directory "/var/named";
pid-file "/run/named/named.pid";
dnssec-enable yes;
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
@ -29,9 +28,9 @@ options {
hostname none;
server-id none;
dns64 64:ff9b::/96 {
clients { any; };
};
//dns64 64:ff9b::/96 {
// clients { any; };
//};
max-cache-size 1024M;
};
@ -69,47 +68,47 @@ zone "ffaw" IN {
type slave;
file "bak/ffaw.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffcoc" IN {
type slave;
file "bak/ffcoc.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffems" IN {
type slave;
file "bak/ffems.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffko" IN {
type slave;
file "bak/ffko.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffmy" IN {
type slave;
file "bak/ffmy.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffmyk" IN {
type slave;
file "bak/ffmyk.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};
zone "ffsim" IN {
type slave;
file "bak/ffsim.zone";
allow-query { any; };
masters { 2a01:4f8:a0:826b:1::17; };
masters { 2a01:4f8:a0:6396:1::17; };
};

@ -3,6 +3,5 @@ cd /opt/ffmyk-influx
while : ;do
php -c ./php.ini -f dhcp.php
php -c ./php.ini -f traffic.php
php -c ./php.ini -f fastd.php
sleep 15
done

@ -21,7 +21,6 @@ function traffic($iface, $alias=false) {
{% endif %}
{% for site in sites %}
(traffic('bat{{ site.name }}'));
(traffic('vpn{{ site.name }}'));
(traffic('wg{{ site.name }}'));
{% endfor %}

@ -3,4 +3,3 @@ ipv4-addr {{ tayga_ipv4 }}
ipv6-addr 2a03:2260:1016::64
prefix 64:ff9b::/96
dynamic-pool {{ tayga_pool }}
data-dir /var/db/tayga

@ -5,5 +5,5 @@ ip -6 rule add from {{ wireguard_vpn_client_range }} table ffmyk priority 10
ip -6 rule add from all iif wgmyk type unreachable priority 200
ip -6 route add {{ wireguard_vpn_client_range }} table ffmyk dev wgmyk
ip -6 route add {{ wireguard_vpn_client_range }} table ffmyk dev wgmyk proto static
systemctl restart named.service

Loading…
Cancel
Save