Support multiple fastd interfaces
This commit is contained in:
parent
36391a40d0
commit
f1b9e3f72c
@ -2,8 +2,7 @@ batman_interface: bat-{{ site_code }}
|
||||
|
||||
fastd_anonymous: true
|
||||
fastd_bind: any
|
||||
fastd_instance: "{{ site_code }}"
|
||||
fastd_interface: vpn-{{ site_code }}
|
||||
fastd_instances: 3
|
||||
fastd_mtu: 1312
|
||||
fastd_peers_limit: -1
|
||||
fastd_port: 10000
|
||||
|
@ -1,7 +1,8 @@
|
||||
---
|
||||
|
||||
- name: Restart fastd
|
||||
service: name=fastd@{{ site_code }} state=restarted
|
||||
service: name=fastd@{{ site_code }}{{ item }} state=restarted
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
||||
- name: Reload systemd
|
||||
command: systemctl daemon-reload
|
||||
|
@ -16,18 +16,32 @@
|
||||
service: name=fastd enabled=no
|
||||
|
||||
- name: Create directories
|
||||
file: path=/etc/fastd/{{ fastd_instance }}/peers state=directory
|
||||
file: path=/etc/fastd/{{ site_code }} state=directory
|
||||
|
||||
- name: Create directories
|
||||
file: path=/etc/fastd/{{ site_code }}{{ item }}/peers state=directory
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
||||
- name: Configure fastd
|
||||
template: src=fastd.conf.j2 dest=/etc/fastd/{{ fastd_instance }}/fastd.conf
|
||||
template: src=fastd.conf.j2 dest=/etc/fastd/{{ site_code }}{{ item }}/fastd.conf
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
notify: Restart fastd
|
||||
|
||||
- name: Generate fastd secret
|
||||
fastd_key: path=/etc/fastd/{{ fastd_instance }}/secret.conf
|
||||
fastd_key: path=/etc/fastd/{{ site_code }}/secret.conf
|
||||
notify: Restart fastd
|
||||
|
||||
- name: Make sure at least a dummy blacklist.sh is available
|
||||
copy: src=blacklist.sh dest=/etc/fastd/{{ fastd_instance }}/blacklist.sh mode=0755 force=no
|
||||
- name: Create symlinks (secret)
|
||||
file: src=/etc/fastd/{{ site_code }}/secret.conf dest=/etc/fastd/{{ site_code }}{{ item }}/secret.conf state=link
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
||||
- name: Enable fastd {{ fastd_instance }}
|
||||
service: name=fastd@{{ fastd_instance }} enabled=yes
|
||||
- name: Make sure at least a dummy blacklist.sh is available
|
||||
copy: src=blacklist.sh dest=/etc/fastd/{{ site_code }}/blacklist.sh mode=0755 force=no
|
||||
|
||||
- name: Create symlinks (blacklist)
|
||||
file: src=/etc/fastd/{{ site_code }}/blacklist.sh dest=/etc/fastd/{{ site_code }}{{ item }}/blacklist.sh state=link
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
||||
- name: Enable fastd {{ site_code }}
|
||||
service: name=fastd@{{ site_code }}{{ item }} enabled=yes
|
||||
with_sequence: start=0 count={{ fastd_instances }}
|
||||
|
@ -2,9 +2,9 @@
|
||||
|
||||
log to syslog level warn;
|
||||
hide ip addresses yes;
|
||||
status socket "/run/fastd-{{ fastd_instance }}.sock";
|
||||
status socket "/run/fastd-{{ site_code }}{{ item }}.sock";
|
||||
|
||||
interface "{{ fastd_interface }}";
|
||||
interface "vpn-{{ site_code }}{{ item }}";
|
||||
|
||||
method "null";
|
||||
method "salsa2012+umac";
|
||||
@ -12,7 +12,7 @@ method "xsalsa20-poly1305";
|
||||
|
||||
secure handshakes yes;
|
||||
|
||||
bind {{ fastd_bind }}:{{ fastd_port }};
|
||||
bind {{ fastd_bind }}:{{ fastd_port + item|int }};
|
||||
|
||||
include "secret.conf";
|
||||
|
||||
@ -24,7 +24,7 @@ peer limit {{ fastd_peers_limit }};
|
||||
|
||||
on up "
|
||||
ifconfig $INTERFACE down
|
||||
ip link set address f2:00:90:00:{{ gateway_id }}:10 dev $INTERFACE
|
||||
ip link set address f2:00:90:00:{{ gateway_id }}:{{ 10 + item|int }} dev $INTERFACE
|
||||
ifconfig $INTERFACE up
|
||||
|
||||
batctl -m {{ batman_interface }} if add $INTERFACE
|
||||
|
@ -19,7 +19,7 @@ iface bat-{{ site_code }}
|
||||
mtu 1500
|
||||
#
|
||||
batman-hop-penalty 5
|
||||
batman-ifaces dmy-{{ site_code }} vpn-{{ site_code }}
|
||||
batman-ifaces dmy-{{ site_code }}
|
||||
batman-ifaces-ignore-regex .*_.*
|
||||
#
|
||||
up /usr/sbin/batctl -m bat-{{ site_code }} gw_mode server 100000 100000
|
||||
|
@ -1,6 +1,7 @@
|
||||
---
|
||||
|
||||
batman_interface: bat-{{ site_code }}
|
||||
main_bridge: br-{{ site_code }}
|
||||
|
||||
respondd_announce_git_root: https://github.com/ffnord/mesh-announce/
|
||||
respondd_announce_git_version: 1d2182232c1de0956092f9509368cae045f23751
|
||||
batman_interface: bat-{{ site_code }}
|
||||
main_bridge: br-{{ site_code }}
|
||||
|
@ -5,7 +5,7 @@ Description=respondd
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=/opt/{{ site_code }}/respondd-announce/respondd.py -b {{ batman_interface }} -i {{ main_bridge }} -i vpn-{{ site_code }} -d /opt/{{ site_code }}/respondd-announce/
|
||||
ExecStart=/opt/{{ site_code }}/respondd-announce/respondd.py -b {{ batman_interface }} -i {{ main_bridge }} -d /opt/{{ site_code }}/respondd-announce/
|
||||
Restart=always
|
||||
Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
WorkingDirectory=/opt/{{ site_code }}/respondd-announce
|
||||
|
Loading…
Reference in New Issue
Block a user