9 年之前 · bc3af42472
--- a/roles/fastd/tasks/main.yml
+++ b/roles/fastd/tasks/main.yml
@@ -6,3 +6,18 @@
 
				 
			
 
				 - include: debian.yml
			
 
				   when: ansible_distribution == "Debian"
			
 
				+
			
 
				+- name: Create fastd config directories
			
 
				+  file: path=/etc/fastd/{{item.name}} state=directory recurse=yes
			
 
				+  with_items:
			
 
				+    - "{{fastd_instances}}"
			
 
				+
			
 
				+- name: Create fastd configs
			
 
				+  template: src=fastd.conf.j2 dest=/etc/fastd/{{item.name}}/fastd.conf
			
 
				+  with_items:
			
 
				+    - "{{fastd_instances}}"
			
 
				+
			
 
				+- name: Create fastd secrets
			
 
				+  template: src=secret.conf.j2 dest=/etc/fastd/{{item.name}}/secret.conf
			
 
				+  with_items:
			
 
				+    - "{{fastd_instances_secret}}"
			
--- a/roles/fastd/templates/fastd.conf.j2
+++ b/roles/fastd/templates/fastd.conf.j2
@@ -0,0 +1,22 @@
 
				+bind {{item.bind}};
			
 
				+include "secret.conf";
			
 
				+include peers from "dummy";
			
 
				+interface "{{item.interface}}";
			
 
				+log level {{item.loglevel}};
			
 
				+mode {{item.mode}};
			
 
				+method "{{item.method}}";
			
 
				+peer limit {{item.peer_limit}};
			
 
				+hide ip addresses yes;
			
 
				+mtu {{item.mtu}};
			
 
				+secure handshakes yes;
			
 
				+log to syslog level verbose;
			
 
				+status socket "{{item.status_socket}}";
			
 
				+user "{{fastd_user_name}}";
			
 
				+
			
 
				+on up "
			
 
				+  {{item.on_up_script}}
			
 
				+";
			
 
				+
			
 
				+on verify "
			
 
				+  {{item.on_verify_script}}
			
 
				+";
			
--- a/roles/fastd/templates/secret.conf.j2
+++ b/roles/fastd/templates/secret.conf.j2
@@ -0,0 +1 @@
 
				+secret "{{item.secret}}";
			
--- a/test/application/fastd_pkg_vars.yml
+++ b/test/application/fastd_pkg_vars.yml
@@ -1 +1,21 @@
 
				-fastd_install_from_source: false
			
 
				+fastd_install_from_source: false
			
 
				+
			
 
				+fastd_instances:
			
 
				+  - name: test
			
 
				+    bind: any:10000 interface "eth0" default ipv4
			
 
				+    interface: tap00
			
 
				+    loglevel: info
			
 
				+    mode: tap
			
 
				+    method: salsa2012+umac
			
 
				+    peer_limit: 125
			
 
				+    mtu: 1280
			
 
				+    status_socket: /tmp/fastd00.sock
			
 
				+    on_up_script: |
			
 
				+      ip link set up $INTERFACE
			
 
				+      batctl if add $INTERFACE
			
 
				+    on_verify_script: |
			
 
				+      /etc/fastd/fastd-blacklist.sh $PEER_KEY
			
 
				+
			
 
				+fastd_instances_secret:
			
 
				+  - name: test
			
 
				+    secret: some secret
			
--- a/test/integration/fastd/serverspec/test_spec.rb
+++ b/test/integration/fastd/serverspec/test_spec.rb
@@ -19,4 +19,20 @@ end
 
				 describe user('fastd') do
			
 
				   it { should exist }
			
 
				   it { should have_login_shell '/bin/false' }
			
 
				+end
			
 
				+
			
 
				+describe file('/etc/fastd/test') do
			
 
				+  it { should exist }
			
 
				+  it { should be_directory }
			
 
				+end
			
 
				+
			
 
				+describe file('/etc/fastd/test/fastd.conf') do
			
 
				+  it { should exist }
			
 
				+  it { should be_file }
			
 
				+end
			
 
				+
			
 
				+describe file('/etc/fastd/test/secret.conf') do
			
 
				+  it { should exist }
			
 
				+  it { should be_file }
			
 
				+  its(:content) { should contain 'secret "some secret";' }
			
 
				 end