Browse Source

supernode role now implements some more small stuff, like blacklist

Till Klocke 9 years ago
parent
commit
2241908df0

+ 6 - 1
roles/ff-supernode/tasks/debian.yml

@@ -1,4 +1,9 @@
 - name: Install network config
   when: supernode_interfaces is defined
   template: src=interfaces.j2 dest=/etc/network/interfaces
-  notify: Restart network
+  notify: Restart network
+
+- name: Make sure necessary tools are installed
+  apt: name={{item}} state=present
+  with_items:
+  - wget

+ 10 - 1
roles/ff-supernode/tasks/main.yml

@@ -5,4 +5,13 @@
   when: ansible_distribution == 'Debian'
 
 - include: debian.yml
-  when: ansible_distribution == 'Ubuntu'
+  when: ansible_distribution == 'Ubuntu'
+
+- name: Install crontab to update the blacklist
+  cron:
+    name: Update blacklist
+    minute: '*/5'
+    job: wget -q -O /etc/fastd/fastd-blacklist.json https://raw.githubusercontent.com/ffruhr/fastdbl/master/fastd-blacklist.json
+
+- name: Install verify shell script
+  template: src=fastd-blacklist.sh.j2 dest=/etc/fastd/fastd-blacklist.sh mode="u=rwx,g=rx,o=r"

+ 8 - 0
roles/ff-supernode/templates/fastd-blacklist.sh.j2

@@ -0,0 +1,8 @@
+#!/bin/bash
+PEER_KEY=$1
+
+if /bin/grep -Fq $PEER_KEY /etc/fastd/fastd-blacklist.json; then
+  exit 1
+else
+  exit 0
+fi