added chaos-at-home access points

5 files changed, 65 insertions, 3 deletions

diff --git a/chaos-at-home/ch-ap.yml b/chaos-at-home/ch-ap.yml
new file mode 100644
index 00000000..9f2d442e
--- /dev/null
+++ b/chaos-at-home/ch-ap.yml
@@ -0,0 +1,6 @@
+---
+- hosts: chaos_at_home_ap
+  connection: local
+  roles:
+    - role: openwrt/image
+      delegate_to: localhost
diff --git a/inventory/group_vars/accesspoints/main.yml b/inventory/group_vars/accesspoints/main.yml
index 7961233e..150f640e 100644
--- a/inventory/group_vars/accesspoints/main.yml
+++ b/inventory/group_vars/accesspoints/main.yml
@@ -55,7 +55,7 @@ accesspoint_wireless_ifaces: {}
 
 
 openwrt_variant: openwrt
-openwrt_release: 18.06.1
+openwrt_release: 18.06.2
 openwrt_arch: ar71xx
 openwrt_target: generic
 openwrt_profile: ubnt-unifiac-lite
@@ -154,7 +154,7 @@ openwrt_uci:
       options:
         PasswordAuth: 'off'
         RootPasswordAuth: 'off'
-        Port: '22000'
+        Port: '{{ ansible_port }}'
 
   network: "{{ accesspoint_network_base + accesspoint_network_zones }}"
   wireless: "{{ accesspoint_wireless_devices + accesspoint_wireless_ifaces }}"
diff --git a/inventory/group_vars/chaos_at_home_ap/main.yml b/inventory/group_vars/chaos_at_home_ap/main.yml
new file mode 100644
index 00000000..eb05dfad
--- /dev/null
+++ b/inventory/group_vars/chaos_at_home_ap/main.yml
@@ -0,0 +1,48 @@
+---
+network_mgmt_zone: "{{ network_zones.mgmt }}"
+
+accesspoint_wifi_channels:
+  2g4:
+    ch-ap0: 5
+    ch-ap1: 13
+  5g:
+    ch-ap0: 36
+    ch-ap1: 48
+
+accesspoint_zones:
+  lan: "{{ network_zones.lan.wifi }}"
+  iot: "{{ network_zones.iot.wifi }}"
+
+
+accesspoint_network_zones: "{{ accesspoint_network_zones_yaml | from_yaml }}"
+accesspoint_network_zones_yaml: |
+  {% for zone_name in accesspoint_zones.keys() %}
+  - name: "interface '{{ zone_name }}'"
+    options:
+      type: bridge
+      ifname: "{{ accesspoint_wired_interface }}.{{ network_zones[zone_name].vlan }}"
+      accept_ra: 0
+      proto: none
+  {% endfor %}
+
+
+## TODO: set up 802.11r see:
+##        * https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/
+##        * https://gist.github.com/lg/998d3e908d547bd9972a6bb604df377b
+accesspoint_wireless_ifaces: "{{ accesspoint_wireless_ifaces_yaml | from_yaml }}"
+accesspoint_wireless_ifaces_yaml: |
+  {% for zone in accesspoint_zones.keys() %}
+  {%   for freq in accesspoint_wireless_frequencies %}
+  - name: wifi-iface '{{ zone }}{{ freq }}'
+    options:
+      device: 'radio{{ freq }}'
+      network: '{{ zone }}'
+      mode: 'ap'
+      disassoc_low_ack: '1'
+      rsn_preauth: '1'
+      ssid: '{{ accesspoint_zones[zone].ssid }}'
+      encryption: '{{ accesspoint_zones[zone].encryption }}'
+      key: '{{ accesspoint_zones[zone].key }}'
+  {%   endfor %}
+  {% endfor %}
+
diff --git a/inventory/hosts.ini b/inventory/hosts.ini
index 8ff02b4c..b343ef98 100644
--- a/inventory/hosts.ini
+++ b/inventory/hosts.ini
@@ -23,6 +23,7 @@ mimas2 ansible_host=ch-mimas2 ansible_port=222
 [chaos_at_home:children]
 mz_chaos_at_home
 chaos_at_home_switches
+chaos_at_home_ap
 
 [mz_chaos_at_home:vars]
 ansible_port=222
@@ -39,6 +40,13 @@ ansible_port=22
 ch-sw0 host_name=sw0 ansible_host=192.168.42.200
 ch-sw1 host_name=sw1
 
+[chaos_at_home_ap:vars]
+ansible_port=222
+
+[chaos_at_home_ap]
+ch-ap0 host_name=ap0
+ch-ap1 host_name=ap1
+
 
 [k8s_test:vars]
 env_group=chaos-at-home
@@ -182,7 +190,7 @@ scaleway_kernel
 
 [accesspoints:children]
 ele_ap
-
+chaos_at_home_ap
 
 [dolmetsch_ctl:children]
 ele_dolmetsch_ctl
diff --git a/roles/openwrt/image/openwrt-keyring.gpg b/roles/openwrt/image/openwrt-keyring.gpg
index e8a3e8b9..040ab57f 100644
--- a/roles/openwrt/image/openwrt-keyring.gpg
+++ b/roles/openwrt/image/openwrt-keyring.gpg