ffdo-infrastruktur
/
ffdo-ansible
zrkadlo https://github.com/ffdo/ffdo-ansible.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
							supernode_mesh_mac: 96:48:76:b5:a3:61
supernode_mesh_ipv4: 10.42.0.1/16
supernode_as: '65403'
supernode_bat_macaddress: f2:43:13:c0:d7:06
supernode_mesh_ipv6: 2a03:2260:50:5::8/64
supernode_local_ip: "{{ansible_default_ipv4.address}}"
supernode_other_nameserver: 10.42.0.23
supernode_other_ntp_server: 10.42.0.23
supernode_dhcp_range_start: 10.42.9.1
supernode_dhcp_range_end: 10.42.45.25

supernode_mesh_backbones:
  - name: node02
    comment: Non existant mesh backbone
    remote_ip: 192.168.0.43
    mesh_ip: 10.42.0.2
    address_v6: fd0a:1c06:d97c:e89d::2

supernode_uplinks:
  - name: uplink1
    comment: Non existant uplink
    address: 172.16.0.1
    dstaddr: 172.16.0.2
    netmask: 255.255.255.252
    endpoint: 192.168.0.23
    address_v6: fd0a:1c06:d97c:e88d::2/64
    #adress_v6_pure: fd0a:1c06:d97c:e88d::2
    as: '65079'

fastd_instances:
  - name: do00
    bind: any:10000 interface "eth0" default ipv4
    interface: tap00
    loglevel: info
    mode: tap
    method: salsa2012+umac
    peer_limit: 125
    mtu: 1280
    status_socket: /tmp/fastd00.sock
    on_up_script: |
      ip link set up $INTERFACE
      batctl if add $INTERFACE
    on_verify_script: |
      /etc/fastd/fastd-blacklist.sh $PEER_KEY
  - name: do01
    bind: any:10001 interface "eth0" default ipv4
    interface: tap01
    loglevel: info
    mode: tap
    method: salsa2012+umac
    peer_limit: 125
    mtu: 1280
    status_socket: /tmp/fastd01.sock
    on_up_script: |
      ip link set up $INTERFACE
      batctl if add $INTERFACE
    on_verify_script: |
      /etc/fastd/fastd-blacklist.sh $PEER_KEY

fastd_instances_secret:
  - name: do00
    secret: 280088c4263359417e9f2daf1771db820ab79eb4f79e3718719b2a976e8a8b5e
  - name: do01
    secret: 280088c4263359417e9f2daf1771db820ab79eb4f79e3718719b2a976e8a8b5e

bird_router_id: "{{supernode_mesh_ipv4}}"
bird_templates:
  - header: bgp ibgp
    content: |
      local as 65403;
      import all;
      export all;
      next hop self;
      multihop 64;

bird_protocols:
  - header: kernel
    content: |
      device routes;
      import all;
      export all;
      kernel table 42;
  - header: device
    content: scan time 8;
  - header: direct
    content: interface "*";
  - header: bgp ffrg11 from ibgp
    content: |
      source address 10.0.6.6;
      neighbor 10.0.6.5 as 65079;
      default bgp_med 2;
  - header: bgp ffrg25 from ibgp
    content: |
      source address 10.0.6.2;
      neighbor 10.0.6.1 as 65079;
      default bgp_med 1;
  - header: bgp node012 from ibgp
    content: |
      source address 10.233.8.1;
      neighbor 10.233.24.1 as 65403;
      default bgp_med 4;
  - header: bgp node021 from ibgp
    content: |
      source address 10.233.8.1;
      neighbor 10.233.16.1 as 65403;
      default bgp_med 3;
  - header: bgp node022 from ibgp
    content: |
      source address 10.233.8.1;
      neighbor 10.233.32.1 as 65403;
      default bgp_med 4;
  - header: bgp map from ibgp
    content: |
      source address 10.233.8.1;
      neighbor 10.233.0.1 as 65403;
      default bgp_med 4;


bird6_router_id: "{{supernode_mesh_ipv4}}"
bird6_templates:
  - header: bgp ibgp
    content: |
      source address 2a03:2260:50:5::8;
      local as 65403;
      import all;
      export all;
      next hop self;
      direct;
      gateway direct;
  - header: bgp uplink
    content: |
      local as 65403;
      import all;
      export all;
      next hop self;
      direct;
      multihop 64;

bird6_protocols:
  - header: static uplink_hostroute
    content: |
      import all;
      export all;
  - header: direct
    content: interface "*";
  - header: kernel
    content: |
      persist;
      device routes;
      scan time 20;
      import all;
      export all;
      kernel table 42;
  - header: device
    content: scan time 10;
  - header: bgp ffrg11 from uplink
    content: |
      neighbor 2a03:2260:50:5b::1 as 65079;
      default bgp_med 2;
  - header: bgp ffrg25 from uplink
    content: |
      neighbor 2a03:2260:50:5a::1 as 65079;
      default bgp_med 1;
  - header: bgp node012 from ibgp
    content: |
      neighbor 2a03:2260:50:5::24 as 65403;
      default bgp_med 4;
  - header: bgp node021 from ibgp
    content: |
      neighbor 2a03:2260:50:5::16 as 65403;
      default bgp_med 3;
  - header: bgp node022 from ibgp
    content: |
      neighbor 2a03:2260:50:5::32 as 65403;
      default bgp_med 4;
  - header: bgp map from ibgp
    content: |
      neighbor 2a03:2260:50:5::1 as 65403;
      default bgp_med 4;

supernode_interfaces:
  - name: eth0
    auto: true
    proto: inet
    type: dhcp

usermanage_usersdb:
  fritz:
    comment: "Fritz Brinkhoffs"
    state: "present"
    keys:
    - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCfO2TgNUMcY9K8N9SsAU/LfVtlloO50n6NRxDER8dCi+t1ydalTbNdEj52cIjqvIEn458cCxdCwsNYeWqSVggX7vT7a+DgYZlJcRteHcb0lPYZplPuiZe3AUE9rHH48W4xEopv7J8Wz6hLng6Gb0TQx9HeVybQ5dn6CGyt8sOCKQ== Fritz Brinkhoffs"